/******************************************************************************
PYTHON BINDINGS
******************************************************************************/
static PyObject * _ecdsa_sign(PyObject *self, PyObject *args) {
char * msg, * d, * k, * p, * a, * b, * q, * gx, * gy;
if (!PyArg_ParseTuple(args, "sssssssss", &msg, &d, &k, &p, &a, &b, &q, &gx, &gy)) {
return NULL;
}
mpz_t privKey, nonce;
CurveZZ_p * curve = buildCurveZZ_p(p, a, b, q, gx, gy, 10);
Sig sig;
mpz_init_set_str(privKey, d, 10);
mpz_init_set_str(nonce, k, 10);
signZZ_p(&sig, msg, privKey, nonce, curve);
destroyCurveZZ_p(curve);
char * resultR = mpz_get_str(NULL, 10, sig.r);
char * resultS = mpz_get_str(NULL, 10, sig.s);
mpz_clears(sig.r, sig.s, privKey, NULL);
PyObject * ret = Py_BuildValue("ss", resultR, resultS);
free(resultR);
free(resultS);
return ret;
}
/* void RSA_decrypt_chunk(string, mpz_t, RSA_PRIVATE)
* decrypts cipher using one's private key
*/
void RSA_decrypt_chunk(string &message, mpz_t &cipher, RSA_PRIVATE &priv) {
mpz_t m, m1, m2, h;
mpz_inits(m, m1, m2, h, NULL);
mpz_powm(m1, cipher, priv.dP, priv.p);
mpz_powm(m2, cipher, priv.dQ, priv.q);
if (mpz_cmp(m1, m2) < 0)
mpz_add(m1, m1, priv.p);
mpz_sub(m1, m1, m2);
mpz_mul(h, priv.qInv, m1);
mpz_mod(h, h, priv.p);
mpz_mul(h, h, priv.q);
mpz_add(m, m2, h);
// now we have m decrypted, but we still need to unhask
// the message from it
// EB = 00 || 02 || PS || 00 || D
message = mpz_get_str(NULL, 16, m);
int msg_start = message.rfind("00") + 2;
message = message.substr(msg_start);
// message now contains decrypted text but in numbers in base 16
// below code converts number from base 16 into chars
string msg(message.length() / 2, ' ');
for (unsigned int i=0; i<message.length(); i+=2) {
msg[0.5*i] = (unsigned char) hex2decbyte(message[i], message[i+1]);
}
message = msg;
mpz_clears(m, m1, m2, h, NULL); // tidying
}
// sign a hash using ECDSA, hash must be a string in base used during initialisation.
// private key and a generator point are required for it to work (look SetDomain
// and SetKeys)
void ECDSA::Sign( char *hash, char *&r, char *&s )
{
mpz_t z,k,rr,ss,t,u;
ECPoint kG;
mpz_init_set_str(z, hash, m_base);
mpz_inits(k, rr, ss, t, u, NULL);
do
{
mpz_urandomm(k, m_st, ecc->m_n);
ecc->MultiplePoint(k, ecc->m_G, kG);
mpz_set(rr, kG.x);
mpz_mod(rr, rr, ecc->m_n);
} while (!mpz_cmp_ui(rr, 0));
do
{
mpz_set(t,z);
mpz_addmul(t,rr,ecc->m_dA);
mpz_set(u,k);
mpz_invert(u,u,ecc->m_n);
mpz_mul(ss, t, u);
mpz_mod(ss, ss, ecc->m_n);
} while (!mpz_cmp_ui(ss, 0));
mpz_get_str(r, m_base, rr);
mpz_get_str(s, m_base, ss);
mpz_clears(z,k,rr,ss,t,u,NULL);
return;
}
int main(int argc, char **argv) {
mp_bitcnt_t bit_width = 0;
int base = kDefaultBase;
static const struct option long_options[] = {
{ "help", no_argument, NULL, 'h' },
{ "use-random", no_argument, NULL, 'r' },
{ "base", required_argument, NULL, 'b' },
{ "bit-width", required_argument, NULL, 's' },
{ NULL, 0, NULL, 0 }
};
for (;;) {
int opt = getopt_long(argc, argv, "hrb:s:", long_options, NULL);
if (opt == -1)
break;
switch (opt) {
case 'r':
gRNGFilename = "/dev/random";
break;
case 'b':
if (simple_strtoi(&base, optarg, 10) < 0 ||
(base > -2 && base < 2) || base < -36 || base > 62)
fatal("invalid base: '%s'", optarg);
break;
case 's':
if (simple_strtoul(&bit_width, optarg, 10) < 0 || bit_width == 0)
fatal("invalid bit width: '%s'", optarg);
break;
case 'h':
print_usage();
return EXIT_SUCCESS;
default:
return EXIT_FAILURE;
}
}
argv += optind;
argc -= optind;
if (argc > 2 || (bit_width != 0 && argc > 0))
fatal("too many arguments");
mpz_t low, high, result;
mpz_inits(low, high, result, NULL);
if (argc == 2) {
arg_to_mpz(low, argv[0]);
arg_to_mpz(high, argv[1]);
} else if (argc == 1) {
arg_to_mpz(high, argv[0]);
} else if (bit_width != 0) {
mpz_setbit(high, bit_width);
} else {
mpz_set_ui(high, kDefaultUpperBound);
}
get_random_mpz(result, low, high);
mpz_out_str(stdout, base, result);
putchar('\n');
mpz_clears(low, high, result, NULL);
return EXIT_SUCCESS;
}
static void
dm_ddh_setup_dec(struct dm_ddh_crs *crs, struct params *p)
{
mpz_t x, y;
int file;
unsigned long seed;
mpz_inits(x, y, NULL);
/* fix seed of random number generator */
gmp_randseed_ui(p->rnd, 0UL);
find_generator(crs->g0, p);
random_element(y, p);
mpz_powm(crs->g1, crs->g0, y, p->p);
mpz_powm(crs->h0, crs->g0, x, p->p);
mpz_powm(crs->h1, crs->g1, x, p->p);
mpz_clears(x, y, NULL);
/* re-seed random number generator */
if ((file = open("/dev/urandom", O_RDONLY)) == -1) {
(void) fprintf(stderr, "Error opening /dev/urandom\n");
} else {
if (read(file, &seed, sizeof seed) == -1) {
(void) fprintf(stderr, "Error reading from /dev/urandom\n");
(void) close(file);
}
}
gmp_randseed_ui(p->rnd, seed);
(void) close(file);
}
static void
randomize(mpz_t u, mpz_t v, const mpz_t g, const mpz_t h, const mpz_t gp,
const mpz_t hp, struct params *p)
{
mpz_t s, t, tmp;
mpz_inits(s, t, tmp, NULL);
random_element(s, p);
random_element(t, p);
/* compute g^s h^t */
mpz_powm(tmp, g, s, p->p);
mpz_powm(u, h, t, p->p);
mpz_mul(u, u, tmp);
mpz_mod(u, u, p->p);
/* compute gp^s hp^t */
mpz_powm(tmp, gp, s, p->p);
mpz_powm(v, hp, t, p->p);
mpz_mul(v, v, tmp);
mpz_mod(v, v, p->p);
mpz_clears(s, t, tmp, NULL);
}
/* Test operands from a table of seed data. This variant creates the operands
using a division chain. This is a hack for better coverage of the gcd
code, which depends on that the random number generators give the exact
numbers we expect. */
void
check_kolmo2 (void)
{
static const struct {
unsigned int seed;
int nb, chain_len;
} data[] = {
{ 917, 15, 5 },
{ 1032, 18, 6 },
{ 1167, 18, 6 },
{ 1174, 18, 6 },
{ 1192, 18, 6 },
};
gmp_randstate_t rs;
mpz_t bs, a, b, want;
int i;
gmp_randinit_default (rs);
mpz_inits (bs, a, b, want, NULL);
for (i = 0; i < numberof (data); i++)
{
gmp_randseed_ui (rs, data[i].seed);
make_chain_operands (want, a, b, rs, data[i].nb, data[i].nb, data[i].chain_len);
one_test (a, b, want, -1);
}
mpz_clears (bs, a, b, want, NULL);
gmp_randclear (rs);
}
int is_on_curve_jac(JacPoint *jp, const mpz_t a, const mpz_t b){
int rep;
mpz_t c, d, e;
mpz_inits (c, d, e, NULL);
//~ c= Z^2
mpz_mul (c, jp->Z, jp->Z);
mpz_mod (c, c, p);
//~ d= Z^4
mpz_mul (d, c, c);
mpz_mod (d, d, p);
//~ c = bZ^6
mpz_mul (c, c, d);
mpz_mul (c, c, b);
mpz_mod (c, c, p);
//~ d=aXZ^4 (p)
mpz_mul (d, d, a);
mpz_mul (d, d, jp->X);
mpz_mod (d, d, p);
//~ e= X^3 (p)
mpz_mul (e, jp->X, jp->X);
mpz_mul (e, e, jp->X);
mpz_mod (e, e, p);
//~ e = X^3 +aXZ^4 +bZ^6 (p)
mpz_add (e, e, c);
mpz_add (e, e, d);
mpz_mod (e, e, p);
//~ c= Y^2 (p)
mpz_mul (c, jp->Y, jp->Y);
mpz_mod (c, c, p);
rep = mpz_cmp (c, e);
mpz_clears(c, d, e, NULL);
return (rep==0);
}
//~ eq : (a*X^2 + Y^2)*Z^2 = Z^4 + d*(X^2)*(Y^2)
int is_on_curve_extProj(ExtProjPoint *op){
int rep;
mpz_t leq, req, lx, ly, lz;
mpz_inits (leq, req, lx, ly, lz, NULL);
mpz_mul (lx, op->X, op->X);
mpz_mod (lx, lx, p);
mpz_mul (ly, op->Y, op->Y);
mpz_mod (ly, ly, p);
mpz_mul (lz, op->Z, op->Z);
mpz_mod (lz, lz, p);
mpz_mul (leq, lx, curve_a);
mpz_add (leq, leq, ly);
mpz_mul (leq, leq, lz);
mpz_mod (leq, leq, p); // leq <-- (a*X^2 + Y^2)*Z^2
mpz_mul (lz, lz, lz);
mpz_mod (lz, lz, p); // lz <-- Z^4
mpz_mul (req, lx, ly);
mpz_mul (req, req, curve_d);
mpz_add (req, req, lz);
mpz_mod (req, req, p); // req <-- Z^4 + d*(X^2)*(Y^2)
rep = mpz_cmp (leq, req);
mpz_clears (leq, req, lx, ly, lz, NULL);
return (rep==0);
}
/**
* Private encrypt methode.
* Params :
* - paillier_pubkey* pub : Paillier public key pointer ;
* - mpz_t m : data to encrypt ;
* - unsigned int s : recursion level ;
* - mpz_t c : result operande .
**/
void
PaillierAdapter::enc( paillier_pubkey* pub,
mpz_t m,
unsigned int s,
mpz_t c )
{
mpz_t gm, rns, r;
mpz_inits( gm, rns, r, NULL);
unsigned int modulusbits = publicParameters.getKeyBitsize();
do
{
mpz_urandomb(r, rand, (s+1)*modulusbits);
} while( mpz_cmp(r, *pub->getnj(s+1)) >= 0 );
mpz_powm(gm, *pub->getg(), m, *pub->getnj(s+1));
mpz_powm(rns, r, *pub->getnj(s), *pub->getnj(s+1));
mpz_mul(c, gm, rns);
mpz_mod(c,c, *pub->getnj(s+1));
#ifdef DEBUG_ENCRYPT
mpz_t test;
mpz_init(test);
dec(pub, privateParameters.getPrvKey(), c, s, test);
gmp_printf("Decrypting %Zd into %Zd\n\n", c, test);
#endif
mpz_clears(gm, rns, r, NULL);
}
void
PaillierAdapter::keygen( unsigned int modulusbits,
paillier_pubkey* pub,
paillier_prvkey* prv,
unsigned int init_s)
{
mpz_t p, q;
mpz_inits(p, q, NULL);
/* pick random (modulusbits/2)-bit primes p and q */
do
{
get_prime_of_size(p, modulusbits / 2);
get_prime_of_size(q, modulusbits / 2);
mpz_mul(*pub->getnj(1), p, q);
}while(mpz_sizeinbase(*pub->getnj(1), 2) != modulusbits);
pub->setbits(modulusbits);
pub->setinit_s(init_s);
pub->complete_key(init_s+1); /*we don't know if it will be used beyond one level*/
/* compute the private key lambda = lcm(p-1,q-1) */
mpz_sub_ui(p, p, 1);
mpz_sub_ui(q, q, 1);
mpz_lcm(prv->d, p, q);
mpz_invert(prv->inv_d, prv->d ,*pub->getnj(init_s));
/* clear temporary integers */
mpz_clears(p, q, NULL);
}
/**
* Encrypt an unsigned int and return the encrypted bytes in char*
* Params :
* - unsigned int ui : the value to encrypt ;
* - unsigned int s : the exponent (recursion lvl).
*
* Return :
* - char* : an allocated pointer to the encrypted data.
**/
char*
PaillierAdapter::encrypt(unsigned int ui, unsigned int s)
{
unsigned int ciph_size = publicParameters.getKeyBitsize()*(s+1)/8;
char *tmp, *request = (char*) calloc((ciph_size + 1), sizeof(char));
size_t n;
mpz_t pt, ct;
mpz_init(ct);
mpz_init_set_ui( pt, ui); // convert the 0 or the 1 to an mpz_t
enc( this->publicParameters.getPubKey(), pt, s, ct );
#ifdef CRYPTO_DEBUG
gmp_printf("Created query element: %Zd with args %Zd and %d\n",ct, pt, s);
#endif
tmp = (char*)mpz_export(NULL, &n, 1, sizeof(char), 0, 0, ct);
//Padding
memcpy(request+sizeof(char)*((ciph_size) - n), tmp, n);
//Free memory
mpz_clears(ct, pt, NULL);
free(tmp);
return request;
}
void signZZ_p(Sig * sig, char * msg, mpz_t d, mpz_t k, const CurveZZ_p * curve) {
mpz_t e, kinv;
// R = k * G, r = R[x]
PointZZ_p R;
pointZZ_pMul(&R, curve->g, k, curve);
mpz_init_set(sig->r, R.x);
mpz_mod(sig->r, sig->r, curve->q);
// convert digest to integer (digest is computed as hex in ecdsa.py)
mpz_init_set_str(e, msg, 16);
int orderBits = mpz_sizeinbase(curve->q, 2);
int digestBits = strlen(msg) * 4;
if(digestBits > orderBits) {
mpz_fdiv_q_2exp(e, e, digestBits - orderBits);
}
// s = (k^-1 * (e + d * r)) mod n
mpz_inits(kinv, sig->s, NULL);
mpz_invert(kinv, k, curve->q);
mpz_mul(sig->s, d, sig->r);
mpz_add(sig->s, sig->s, e);
mpz_mul(sig->s, sig->s, kinv);
mpz_mod(sig->s, sig->s, curve->q);
mpz_clears(R.x, R.y, e, kinv, NULL);
}
int verifyZZ_p(Sig * sig, char * msg, PointZZ_p * Q, const CurveZZ_p * curve) {
mpz_t e, w, u1, u2;
PointZZ_p tmp;
mpz_inits(w, u1, u2, tmp.x, tmp.y, NULL);
// convert digest to integer (digest is computed as hex in ecdsa.py)
mpz_init_set_str(e, msg, 16);
int orderBits = mpz_sizeinbase(curve->q, 2);
int digestBits = strlen(msg) * 4;
if(digestBits > orderBits) {
mpz_fdiv_q_2exp(e, e, digestBits - orderBits);
}
mpz_invert(w, sig->s, curve->q);
mpz_mul(u1, e, w);
mpz_mod(u1, u1, curve->q);
mpz_mul(u2, sig->r, w);
mpz_mod(u2, u2, curve->q);
pointZZ_pShamirsTrick(&tmp, curve->g, u1, Q, u2, curve);
mpz_mod(tmp.x, tmp.x, curve->q);
int equal = (mpz_cmp(tmp.x, sig->r) == 0);
mpz_clears(e, w, u1, u2, tmp.x, tmp.y, NULL);
return equal;
}
void ecc_doubling(ecc_jcb_t *ROP, ecc_jcb_t *P, ecc_curve *curve)
{
mpz_t alfa, alfa1, alfa2, beta, x3_2, y3_2, y2, z3_2;
if((strcmp(mpz_get_str(NULL, 10, P->x), "0") == 0) && (strcmp(mpz_get_str(NULL, 10, P->y), "0") == 0) && (strcmp(mpz_get_str(NULL, 10, P->z), "0") == 0))
{
ecc_cp_jcb(ROP, P);
}
else
{
mpz_inits(alfa, alfa1, alfa2, beta, x3_2, y3_2, z3_2, y2, NULL);
// alfa = 3*(x1)**2 + a * (z1**4)
fp_mul_mpz(alfa1, P->x, P->x, curve->p);
fp_mul_mpz(alfa2, P->z, P->z, curve->p);
fp_mul_mpz(alfa2, alfa2, alfa2, curve->p);
fp_mul_si(alfa1, alfa1, 3, curve->p);
fp_mul_mpz(alfa2, alfa2, curve->a, curve->p);
fp_add_mpz(alfa, alfa1, alfa2, curve->p);
// y2 = y1**2
fp_mul_mpz(y2, P->y, P->y, curve->p);
// beta = 4*x1*(y1**2)
fp_mul_mpz(beta, y2, P->x, curve->p);
fp_mul_si(beta, beta, 4, curve->p);
mpz_set(ROP->z, P->z);
// z3 = y1*z1
fp_mul_mpz(ROP->z, P->z, P->y, curve->p);
// z3 = 2*y1*z1
fp_mul_si(ROP->z, ROP->z, 2, curve->p);
mpz_init_set(x3_2, beta);
// x3_2 = 2*beta
fp_mul_si(x3_2, x3_2, 2, curve->p);
mpz_set(ROP->x, alfa);
// x3 = alfa**2 - 2*beta
fp_mul_mpz(ROP->x, ROP->x, ROP->x, curve->p);
fp_sub_mpz(ROP->x, ROP->x, x3_2, curve->p);
mpz_init_set(y3_2, P->y);
mpz_set(ROP->y, beta);
// y3 = alfa(beta -x3)
fp_sub_mpz(ROP->y, ROP->y, ROP->x, curve->p);
fp_mul_mpz(ROP->y, ROP->y, alfa, curve->p);
// y3_2 = 8*y1**4
fp_mul_mpz(y3_2, y2, y2, curve->p);
fp_mul_si(y3_2, y3_2, 8, curve->p);
// y3 = alfa(beta -x3) - 8*y1**4
fp_sub_mpz(ROP->y, ROP->y, y3_2, curve->p);
mpz_clears(alfa, alfa1, alfa2, beta, x3_2, y3_2, z3_2, y2, NULL);
}
}
int
main(int argc, char **argv)
{
char line[INTEGER_LIMIT];
if (argc > 1)
strncpy(&line[0], argv[1], INTEGER_LIMIT);
else if (scanf("%s\n", &line[0]) != 1) {
fprintf(stderr, "factor: unable to read number from stdin\n");
return 1;
}
mpz_t n;
mpz_init(n);
if (mpz_set_str(n, &line[0], 0) == -1 || mpz_cmp_ui(n, 1) < 0) {
fprintf(stderr, "factor: input must be a positive integer\n");
mpz_clear(n);
return 1;
}
if (mpz_cmp_ui(n, 1) == 0 || mpz_probab_prime_p(n, MILLERRABIN_REPEATS) > 0) {
gmp_printf("%Zd: %Zd\n", n, n);
mpz_clear(n);
return 0;
}
mpz_t t;
mpz_init(t);
mpz_sqrt(t, n);
struct factors *f = factors_create();
struct prime_sieve *ps = prime_sieve_create(MIN(TRIALDIVISION_LIMIT, mpz_get_ui(t)));
if (mpz_perfect_square_p(n)) {
factors_push(f, t);
factors_push(f, t);
} else {
mpz_set(t, n);
factors_push(f, t);
}
/* run trial division to find find small factors */
while (factors_remove_composite(f, t) && trial_division(t, f, ps));
prime_sieve_destroy(ps);
/* run quadratic sieve until factorized into only prime numbers */
while (factors_remove_composite(f, t) && quadratic_sieve(t, f, QUADRATIC_SIEVE_SIZE));
factors_sort(f);
print_result(n, f);
mpz_clears(n, t, NULL);
factors_destroy(f);
return 0;
}
// Calculate euler's totient of n, assuming n = p*q. Then,
// phi(n) = phi(p)phi(q) = (p-1)(q-1)
void rsa_phi(mpz_t phi_n, const mpz_t p, const mpz_t q) {
mpz_t p_minus_one, q_minus_one;
mpz_inits(p_minus_one, q_minus_one, '\0');
mpz_sub_ui(p_minus_one, p, 1);
mpz_sub_ui(q_minus_one, q, 1);
mpz_mul(phi_n, p_minus_one, q_minus_one);
mpz_clears(p_minus_one, q_minus_one, '\0');
}
int main (int argc, char *argv[]) {
mpz_t c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2,
key1, key2;
FILE *fp, *fp1;
char chars[3];
//initializations
mpz_inits(c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2,
key1, key2, NULL);
//Welcome!
printf("Begin task 4 / 5...\n");
printf("*******************************\n");
printf("Welcome to fun with big numbers\n");
printf("Lets do some decryption\n");
printf("*******************************\n");
//Get needed input from file
fp = fopen("p4in.txt", "r");
gmp_fscanf(fp, "%Zd\n%Zd\n%Zd\n%Zd", &key1, &key2, &pc, &c);
gmp_printf("key1=%Zd\n\nkey2=%Zd\n\nCommon factor=%Zd\n\ncipher=%Zd\n\n",
key1, key2, pc, c);
fclose(fp);
//setup calculating needed values
mpz_cdiv_q(q1, key1, pc);
mpz_cdiv_q(q2, key2, pc);
mpz_set_ui(e, 65537);
mpz_sub_ui(tmp1, pc, 1);
mpz_sub_ui(tmp2, q1, 1);
mpz_mul(phi1, tmp1, tmp2);
mpz_sub_ui(tmp2, q2, 1);
mpz_mul(phi2, tmp1, tmp2);
mpz_invert(d1, e, phi1);
mpz_invert(d2, e, phi2);
//Lets try and decrypt
decrypt(&m1, c, d1, key1);
decrypt(&m2, c, d2, key2);
fp = fopen("p4out.txt", "w");
gmp_fprintf(fp, "%Zx\n%Zx\n", m1, m2);
fclose(fp);
mpz_clears(c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2,
key1, key2, NULL);
fp = fopen("p4out.txt", "r");
chars[2] = 0;
while (fscanf(fp, "%c%c", chars, chars + 1) > 0){
printf("%c", (int)strtol(chars, NULL, 16));
}
fclose(fp);
return 0;
}
//~ Note : PP contains P, (-P + PHI_P), PHI_P and (P + PHI_P) resp.
void point_from_GLVScalar(ExtProjPoint *rop, GLVScalar *k, ExtAffPoint *pp){
int j,u;
mpz_t tmpX, tmpT;
mpz_inits (tmpX, tmpT, NULL);
j = k->j;
u = k->tk1[j] + 3 * k->tk2[j];
if (u < 0){
mpz_set_ui (rop->Z, 1);
mpz_set (rop->Y, pp[-u-1].y);
mpz_neg (rop->X, pp[-u-1].x);
mpz_neg (rop->T, pp[-u-1].t);
}
else{
mpz_set_ui (rop->Z, 1);
mpz_set (rop->Y, pp[u-1].y);
mpz_set (rop->X, pp[u-1].x);
mpz_set (rop->T, pp[u-1].t);
}
j = j - 1;
while (j > 0){
double_proj_to_extProj(rop);
u = k->tk1[j] + 3 * k->tk2[j];
if (u < 0){
mpz_neg (tmpX, pp[-u-1].x);
mpz_neg (tmpT, pp[-u-1].t);
add_extProj_extAff_to_Proj(rop, tmpX, pp[-u-1].y, tmpT);
}
else if (u > 0){
add_extProj_extAff_to_Proj(rop, pp[u-1].x, pp[u-1].y, pp[u-1].t);
}
j = j - 1;
}
//~ For the last turn, it is preferable to calculate 'rop->T', if u != 0.
double_proj_to_extProj(rop);
u = k->tk1[j] + 3 * k->tk2[j];
if (u < 0){
mpz_neg (tmpX, pp[-u-1].x);
mpz_neg (tmpT, pp[-u-1].t);
add_extProj_extAff_to_extProj(rop, tmpX, pp[-u-1].y, tmpT);
}
else if (u > 0){
add_extProj_extAff_to_extProj(rop, pp[u-1].x, pp[u-1].y, pp[u-1].t);
}
mpz_clears (tmpX, tmpT, NULL);
}
static void
state_destructor(PyObject *self)
{
struct state *s;
s = (struct state *) PyCapsule_GetPointer(self, NULL);
if (s) {
clt_mlm_cleanup(&s->mlm);
mpz_clears(s->nev, s->nchk, NULL);
}
}
/* void RSA_encrypt_chunk(mpz_t, string, RSA_PUBLIC)
* encrypts one part of message using one's public key, part fits the
* requirements for itself, so that |part| <= k - 11
*/
void RSA_encrypt_chunk(mpz_t &cipher, string &message, RSA_PUBLIC &pub) {
// encrypting chunk has below format:
// EB = 00 || 02 || PS || 00 || D
// where k = |n| (it's in bytes)
// D = message, |D|<=k-11
long long k = mpz_sizeinbase(pub.n, 2) / 8;
// PS = random octets, |PS|=k-|D|-3
long long ps_len = k - 3 - message.length();
string EB("0002"); // EB = 00 || 02
EB.reserve(k*2);
string PS_tab; PS_tab.reserve(2*ps_len);
for (int i=0; i<ps_len; i++) {
PS_tab.append( decbyte2hex( random(255)+1 ) );
}
EB.append(PS_tab); // EB = 00 || 02 || PS
EB.append("00"); // EB = 00 || 02 || PS || 00
for (unsigned int i=0; i<message.length(); i++) {
EB.append( decbyte2hex((unsigned int)message[i]) );
} // EB = 00 || 02 || PS || 00 || D
// now we have EB generated
// algorithm for faster computing y = x^e (mod n)
// e = e(k-1)e(k-2)...e(1)e(0)
// e has the value of 11, 10001 or 10000000000000001 (3, 17, 65537)
string e_str = mpz_get_str(NULL, 2, pub.e);
int k_e = e_str.length();
mpz_t y, x;
mpz_inits(y, x, NULL);
mpz_set_str(x, EB.c_str(), 16); // x == EB
mpz_set(y, x); // y == x
for (long long i=1; i<k_e; i++) {
mpz_powm_ui(y, y, 2, pub.n);
if (e_str[i]=='1') {
mpz_mul(y, y, x);
mpz_mod(y, y, pub.n);
}
}
mpz_set(cipher, y); // cipher is now encrypted EB
mpz_clears(y, x, NULL); // tidying
}
// Compute private key d, given n, p, and q. Assume e = 2^16+1
int rsa_compute_d(mpz_t d, const mpz_t n, const mpz_t p, const mpz_t q) {
mpz_t e, phi_n, gcd;
mpz_inits(e, phi_n, gcd, '\0');
rsa_phi(phi_n, p, q);
mpz_set_ui(e, 65537);
if (mpz_invert(d, e, phi_n) == 0)
exit(EXIT_FAILURE);
mpz_clears(phi_n, gcd, '\0');
return 0;
}
void QtGMP::fac()
{
QString s("");
mpz_t aa,bb;
char *str=0;
mpz_init(bb);
mpz_init_set_str(aa,qPrintable(this->lineEdit2->text()),10);
mpz_fac_ui(bb,mpz_get_ui(aa));
// gmp_printf("B!:\t%Zd\nA!:\t%Zd\n\n\n",aa,bb);
s.sprintf("B:\t%s\nB!:\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb));
this->textEdit->setText(s);
mpz_clears(aa,bb,'\0');
}
void QtGMP::nprime()
{
QString s("");
mpz_t aa,bb;
char *str=0;
mpz_init(bb);
mpz_init_set_str(aa,qPrintable(this->lineEdit1->text()),10);
mpz_nextprime(bb,aa);
//gmp_printf("A:\t%Zd\nNextPrime(A):\t%Zd\n\n\n",aa,bb);
s.sprintf("A:\t%s\nNextPrime(A):\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb));
this->textEdit->setText(s);
mpz_clears(aa,bb,'\0');
}
void QtGMP::powAB()
{
QString s("");
mpz_t aa,bb,cc;
char *str=0;
mpz_init(cc);
mpz_init_set_str(aa,qPrintable(this->lineEdit1->text()),10);
mpz_init_set_str(bb,qPrintable(this->lineEdit2->text()),10);
mpz_pow_ui(cc,aa,mpz_get_ui(bb));
// gmp_printf("A:\t%Zd\n\B:\t%ZdnA^B:\t%Zd\n\n\n",aa,bb,cc);
s.sprintf("A:\t%s\nB:\t%s\nA^B:\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb),mpz_get_str(str,10,cc));
this->textEdit->setText(s);
mpz_clears(aa,bb,cc,'\0');
}
void QtGMP::lcm()
{
//QApplication::aboutQt();
QString s("");
mpz_t aa,bb,cc;
char *str=0;
mpz_init(cc);
mpz_init_set_str(aa,qPrintable(this->lineEdit1->text()),10);
mpz_init_set_str(bb,qPrintable(this->lineEdit2->text()),10);
mpz_lcm(cc,aa,bb);
// gmp_printf("A:\t%Zd\nB:\t%Zd\nLCM(A,B):\t%Zd\n\n\n",aa,bb,cc);
s.sprintf("A:\t%s\nB:\t%s\nLCM(A,B):\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb),mpz_get_str(str,10,cc));
this->textEdit->setText(s);
mpz_clears(aa,bb,cc,'\0');
}
void ecc_jcb_to_afn(ecc_afn_t *ROP, ecc_jcb_t *P, ecc_curve *curve)
{
mpz_t g, s, inv, tmp;
mpz_inits(g, s, inv, tmp, NULL);
mpz_gcdext(g, s, inv, curve->p, P->z); // inv = Z^1
fp_mul_mpz(tmp, inv, inv, curve->p); // (Z^1)^2
fp_mul_mpz(ROP->x, P->x, tmp, curve->p); // X*((Z^1)^2)
fp_mul_mpz(tmp, tmp, inv, curve->p); // (Z^1)^3
fp_mul_mpz(ROP->y, P->y, tmp, curve->p); // Y*((Z^1)^3)
mpz_clears(g, s, inv, tmp, NULL);
}
int main (void) {
unsigned int i;
mpz_t n, m;
mpz_init (n);
mpz_init_set_ui (m, 0);
for (i = 1; i <= 1000; i++) {
mpz_ui_pow_ui (n, i, i);
mpz_add (m, m, n);
/* gmp_printf ("%lu\t%Zd\n", i, n); */
/* gmp_printf ("%Zd\n", m); */
}
gmp_printf ("%Zd\n", m);
mpz_clears (n, m, NULL);
}
int main(int argc, const char * argv[])
{
mpz_t a[7], mod, n;
mpz_inits(a[0], a[1], a[2], a[3], a[4], a[5], a[6], n, NULL);
mpz_init_set_si(mod, 5);
mpz_set_si(a[4], 1);
mpz_set_si(n, 5);
PointRef g = PointCreateFromInt(0,1);
PointRef p = PointCreateFromInt(2,4);
PointRef q = PointCreateFromInt(3,1);
PointRef pTeta = PointCreateTeta();
PointRef qTeta = PointCreateTeta();
PointRef p2 = PointCreateFromInt(3,2);
PointRef p2Inv = PointCreateFromInt(3,3);
CurveRef curve = CurveCreate(mod, n, a, g);
assert(curve != NULL);
assert(curve->a[4] != NULL);
assert(curve->a[6] != NULL);
assert(curve->g != NULL);
assert(curve->mod != NULL);
addPoints(p, q, curve);
addDoublePoint(p2, p2, curve);
addPteta(pTeta, q, curve);
addQteta(p, qTeta, curve);
addResultTeta(p2, p2Inv, curve);
mpz_clears(mod, a[0], a[1], a[2], a[3], a[4], a[5], a[6], NULL);
PointDestroy(g);
PointDestroy(p);
PointDestroy(q);
PointDestroy(pTeta);
PointDestroy(qTeta);
PointDestroy(p2);
PointDestroy(p2Inv);
CurveDestroy(curve);
return 0;
}
void gen_shared_secret(mpz_t shared_secret, keys* key_ptr, mpz_t other_party_secret, mpz_t other_party_signed_digest, mpz_t dhe_rand_sec, mpz_t dhe_prime) {
mpz_t other_party_digest, verified_other_party_signed_digest;
mpz_inits(other_party_digest, verified_other_party_signed_digest, NULL);
rsa_verify_signature(verified_other_party_signed_digest, other_party_signed_digest, key_ptr->o_pub_exp, key_ptr->o_n);
hash_payload(other_party_digest, other_party_secret);
if (!mpz_cmp(verified_other_party_signed_digest, other_party_digest)) {
dhe_compute_shared_secret(shared_secret, dhe_rand_sec, other_party_secret, dhe_prime);
} else {
perror("Error: Invalid signature");
exit(-1);
}
mpz_clears(other_party_digest, verified_other_party_signed_digest, NULL);
}
