int crypto_encrypt_keypair(unsigned char * pk, unsigned char * sk)
{
int i;
gf_t *L;
poly_t g,*sqrtmod,*F;
MAT R;
gf_init(EXT_DEGREE);
//pick the support.........
L = malloc(gf_card()*sizeof(gf_t));
for(i=0;i<gf_card();i++)
L[i]=i;
gop_supr(gf_card(),L);
do {
//pick the irreducible polynomial.....
g = poly_randgen_irred(NB_ERRORS, u8rnd);
R = key_genmat(L,g);
if (R == NULL)
poly_free(g);
} while (R == NULL);
sqrtmod = poly_sqrtmod_init(g);
F = poly_syndrome_init(g, L, LENGTH);
memcpy(sk, L, LENGTH * sizeof (gf_t));
sk += LENGTH * sizeof (gf_t);
free(L);
memcpy(sk, g->coeff, (NB_ERRORS + 1) * sizeof (gf_t));
sk += (NB_ERRORS + 1) * sizeof (gf_t);
poly_free(g);
for (i = 0; i < LENGTH; ++i) {
memcpy(sk, F[i]->coeff, NB_ERRORS * sizeof (gf_t));
sk += NB_ERRORS * sizeof (gf_t);
poly_free(F[i]);
}
free(F);
for (i = 0; i < NB_ERRORS; ++i) {
memcpy(sk, sqrtmod[i]->coeff, NB_ERRORS * sizeof (gf_t));
sk += NB_ERRORS * sizeof (gf_t);
poly_free(sqrtmod[i]);
}
free(sqrtmod);
memcpy(pk, R->elem, R->alloc_size);
mat_free(R);
return 0;
}
poly_t * poly_sqrtmod_init(poly_t g) {
int i, t;
poly_t * sqrt, aux, p, q, * sq_aux;
t = poly_deg(g);
sq_aux = malloc(t * sizeof (poly_t));
for (i = 0; i < t; ++i)
sq_aux[i] = poly_alloc(t - 1);
poly_sqmod_init(g, sq_aux);
q = poly_alloc(t - 1);
p = poly_alloc(t - 1);
poly_set_deg(p, 1);
poly_set_coeff(p, 1, gf_unit());
// q(z) = 0, p(z) = z
for (i = 0; i < t * gf_extd() - 1; ++i) {
// q(z) <- p(z)^2 mod g(z)
poly_sqmod(q, p, sq_aux, t);
// q(z) <-> p(z)
aux = q;
q = p;
p = aux;
}
// p(z) = z^(2^(tm-1)) mod g(z) = sqrt(z) mod g(z)
sqrt = malloc(t * sizeof (poly_t));
for (i = 0; i < t; ++i)
sqrt[i] = poly_alloc(t - 1);
poly_set(sqrt[1], p);
poly_calcule_deg(sqrt[1]);
for(i = 3; i < t; i += 2) {
poly_set(sqrt[i], sqrt[i - 2]);
poly_shiftmod(sqrt[i], g);
poly_calcule_deg(sqrt[i]);
}
for (i = 0; i < t; i += 2) {
poly_set_to_zero(sqrt[i]);
sqrt[i]->coeff[i / 2] = gf_unit();
sqrt[i]->deg = i / 2;
}
for (i = 0; i < t; ++i)
poly_free(sq_aux[i]);
free(sq_aux);
poly_free(p);
poly_free(q);
return sqrt;
}
poly_t poly_gcd(poly_t p1, poly_t p2) {
poly_t a, b, c;
a = poly_copy(p1);
b = poly_copy(p2);
if (poly_deg(a) < poly_deg(b))
c = poly_copy(poly_gcd_aux(b, a));
else
c = poly_copy(poly_gcd_aux(a, b));
poly_free(a);
poly_free(b);
return c;
}
/* Use Newton's method to find the root of a polynomial. The
* polynomial is represented by n coefficients. The coefficients are
* in order from low power to high power */
double poly_find_root(poly_t *p, double x0, double thres) {
/* Evaluate the polynomial at the current x */
int trials = 0;
double x_curr = x0;
double p_x;
// double roots[10];
poly_t *p_deriv = poly_deriv(p);
p_x = poly_eval(p, x_curr);
#define MAX_TRIALS 1024
/* Iterate until convergence */
while (fabs(p_x) > thres && trials < MAX_TRIALS) {
double dp_dx = poly_eval(p_deriv, x_curr);
x_curr = x_curr - p_x / dp_dx;
p_x = poly_eval(p, x_curr);
trials++;
}
#if 0
if (trials >= MAX_TRIALS) {
printf("[poly_find_root] Maximum number of trials exceeded.\n");
}
#endif
poly_free(p_deriv);
// find_roots(p->n, p->coeffs, roots);
return x_curr;
}
polygon_t *
poly_sub (polygon_t * a, polygon_t * b)
{
polygon_t *d = poly_clip (POLY_DIFFERENCE, 2, a, b);
polygon_t *r = poly_clip (POLY_INTERSECT, 2, a, d);
poly_free (d);
return r;
}
// retourne le degré du plus petit facteur
int poly_degppf(poly_t g) {
int i, d, res;
poly_t *u, p, r, s;
d = poly_deg(g);
u = malloc(d * sizeof (poly_t *));
for (i = 0; i < d; ++i)
u[i] = poly_alloc(d + 1);
poly_sqmod_init(g, u);
p = poly_alloc(d - 1);
poly_set_deg(p, 1);
poly_set_coeff(p, 1, gf_unit());
r = poly_alloc(d - 1);
res = d;
for (i = 1; i <= (d / 2) * gf_extd(); ++i) {
poly_sqmod(r, p, u, d);
// r = x^(2^i) mod g
if ((i % gf_extd()) == 0) { // donc 2^i = (2^m)^j (m deg d'extension)
poly_addto_coeff(r, 1, gf_unit());
poly_calcule_deg(r); // le degré peut changer
s = poly_gcd(g, r);
if (poly_deg(s) > 0) {
poly_free(s);
res = i / gf_extd();
break;
}
poly_free(s);
poly_addto_coeff(r, 1, gf_unit());
poly_calcule_deg(r); // le degré peut changer
}
// on se sert de s pour l'échange
s = p;
p = r;
r = s;
}
poly_free(p);
poly_free(r);
for (i = 0; i < d; ++i) {
poly_free(u[i]);
}
free(u);
return res;
}
// Returns the degree of the smallest factor
int poly_degppf(poly_t g) {
int i, d, res;
poly_t *u, p, r, s;
d = poly_deg(g);
u = malloc(d * sizeof (poly_t *));
for (i = 0; i < d; ++i)
u[i] = poly_alloc(d + 1);
poly_sqmod_init(g, u);
p = poly_alloc(d - 1);
poly_set_deg(p, 1);
poly_set_coeff(p, 1, gf_unit());
r = poly_alloc(d - 1);
res = d;
for (i = 1; i <= (d / 2) * gf_extd(); ++i) {
poly_sqmod(r, p, u, d);
// r = x^(2^i) mod g
if ((i % gf_extd()) == 0) { // so 2^i = (2^m)^j (m ext. degree)
poly_addto_coeff(r, 1, gf_unit());
poly_calcule_deg(r); // The degree may change
s = poly_gcd(g, r);
if (poly_deg(s) > 0) {
poly_free(s);
res = i / gf_extd();
break;
}
poly_free(s);
poly_addto_coeff(r, 1, gf_unit());
poly_calcule_deg(r); // The degree may change
}
// No need for the exchange s
s = p;
p = r;
r = s;
}
poly_free(p);
poly_free(r);
for (i = 0; i < d; ++i) {
poly_free(u[i]);
}
free(u);
return res;
}
int bls_verify(bls_ctxt_t *ctxt, ec_pqr_point_t *sig, bn_t *m)
{
int res = 0;
poly_t *a = poly_alloc(ctxt->ecg->p->degree - 1, ctxt->p, 1);
poly_t *b = poly_alloc(ctxt->ecg->p->degree - 1, ctxt->p, 1);
ec_pqr_point_t *P = ec_pqr_point_alloc(ctxt->ecg);
//e(H(m), P)
ec_pqr_point_mul(P, m, ctxt->G1, ctxt->ecg);
pairing_weil(a, P, ctxt->P, ctxt->r, ctxt->ecg);
//e(S, G)
pairing_weil(b, sig, ctxt->G2, ctxt->r, ctxt->ecg);
res = (poly_cmp(a, b) == POLY_CMP_E ? 1 : 0);
ec_pqr_point_free(P);
poly_free(b, 1);
poly_free(a, 1);
return res;
}
static poly poly_clip(poly sub, poly clip)
{
int i;
poly p1 = poly_new(), p2 = poly_new(), tmp;
int dir = poly_winding(clip);
poly_edge_clip(sub, clip->v + clip->len - 1, clip->v, dir, p2);
for (i = 0; i < clip->len - 1; i++) {
tmp = p2; p2 = p1; p1 = tmp;
if(p1->len == 0) {
p2->len = 0;
break;
}
poly_edge_clip(p1, clip->v + i, clip->v + i + 1, dir, p2);
}
poly_free(p1);
return p2;
}
poly_t poly_quo(poly_t p, poly_t d) {
int i, j, dd, dp;
gf_t a, b;
poly_t quo, rem;
dd = poly_calcule_deg(d);
dp = poly_calcule_deg(p);
rem = poly_copy(p);
quo = poly_alloc(dp - dd);
poly_set_deg(quo, dp - dd);
a = gf_inv(poly_coeff(d, dd));
for (i = dp; i >= dd; --i) {
b = gf_mul_fast(a, poly_coeff(rem, i));
poly_set_coeff(quo, i - dd, b);
if (b != gf_zero()) {
poly_set_coeff(rem, i, gf_zero());
for (j = i - 1; j >= i - dd; --j)
poly_addto_coeff(rem, j, gf_mul_fast(b, poly_coeff(d, dd - i + j)));
}
}
poly_free(rem);
return quo;
}
void galastrm_state::galastrm_exit()
{
poly_free(m_poly);
}
static void galastrm_exit(running_machine &machine)
{
galastrm_state *state = machine.driver_data<galastrm_state>();
poly_free(state->m_poly);
}
int main (void) {
poly *P0, *P1, *P2, *P3, *M1, *M2, *P4, *P5, *P6, *P7;
P0=poly_create(4,2,1,3,2,6,5,1,7); //4 terms: 1x^7 + 6x^5 + 3x^2 + 2x^1
P1=poly_create(3,3,2,1,4,6,5); //3 terms: 6x^5 + 1x^4 + 3x^2
P2=poly_create(1,16,2); //1 term: 16x^2
P3=poly_create(0); // no terms
printf("P0: "); poly_print(P0);
printf("P1: "); poly_print(P1);
printf("P2: "); poly_print(P2);
printf("P3: "); poly_print(P3);
M1=poly_scalar_mult(P1,2);
printf("M1 (P1*2): "); poly_print(M1);
M2=poly_scalar_mult(P3,4);
printf("M2 (P3*4): "); poly_print(M2);
P4=poly_duplicate(M1);
printf("P4 (dup M1): "); poly_print(P4);
P5=poly_add(P1,P0);
printf("P5 (P1+P0): "); poly_print(P5);
P6=poly_add(P3,P3);
printf("P6 (P3+P3): "); poly_print(P6);
P7=poly_add(P0,P3);
printf("P7 (P0+P3): "); poly_print(P7);
poly_free(&P1);
if (P1==NULL) printf("P1: was freed\n");
else printf("P1: is not null!!\n");
poly *test1=poly_create(4,2,1,3,2,6,5,1,7); //4 terms: 1x^7 + 6x^5 + 3x^2 + 2x^1
poly *test2=poly_duplicate(test1);
test2=poly_scalar_mult(test2, 5);
printf("test1: ");poly_print(test1);
printf("test2: ");poly_print(test2);
//printf("%p, %p\n", test1, test2);
poly_free(&test1);
poly *MM1 = poly_create(5,1,1,2,2,3,3,4,4,5,5);
poly *MM2 = poly_create(5,-1,1,-2,2,-3,3,-4,4,-5,5);
printf("MM1: ");poly_print(MM1);
printf("MM2: ");poly_print(MM2);
poly *MM1_Plus_MM2 = poly_add(MM1, MM2);
printf("(MM1+MM2): ");poly_print(MM1_Plus_MM2);
poly *MM1_Multiplied_By_5 = poly_scalar_mult(MM1, 5);
poly *MM2_Multiplied_By_10 = poly_scalar_mult(MM2, 10);
printf("MM1*5: ");poly_print(MM1_Multiplied_By_5);
printf("MM2*10: ");poly_print(MM2_Multiplied_By_10);
printf("MM1: ");poly_print(MM1);
printf("MM2: ");poly_print(MM2);
}
static void galastrm_exit(running_machine *machine)
{
poly_free(poly);
}
// On suppose deg(g) >= deg(p)
void poly_eeaux(poly_t * u, poly_t * v, poly_t p, poly_t g, int t) {
int i, j, dr, du, delta;
gf_t a;
poly_t aux, r0, r1, u0, u1;
// initialisation des variables locales
// r0 <- g, r1 <- p, u0 <- 0, u1 <- 1
dr = poly_deg(g);
r0 = poly_alloc(dr);
r1 = poly_alloc(dr - 1);
u0 = poly_alloc(dr - 1);
u1 = poly_alloc(dr - 1);
poly_set(r0, g);
poly_set(r1, p);
poly_set_to_zero(u0);
poly_set_to_zero(u1);
poly_set_coeff(u1, 0, gf_unit());
poly_set_deg(u1, 0);
// invariants:
// r1 = u1 * p + v1 * g
// r0 = u0 * p + v0 * g
// et deg(u1) = deg(g) - deg(r0)
// on s'arrête lorsque deg(r1) < t (et deg(r0) >= t)
// et donc deg(u1) = deg(g) - deg(r0) < deg(g) - t
du = 0;
dr = poly_deg(r1);
delta = poly_deg(r0) - dr;
while (dr >= t) {
for (j = delta; j >= 0; --j) {
a = gf_div(poly_coeff(r0, dr + j), poly_coeff(r1, dr));
if (a != gf_zero()) {
// u0(z) <- u0(z) + a * u1(z) * z^j
for (i = 0; i <= du; ++i) {
poly_addto_coeff(u0, i + j, gf_mul_fast(a, poly_coeff(u1, i)));
}
// r0(z) <- r0(z) + a * r1(z) * z^j
for (i = 0; i <= dr; ++i)
poly_addto_coeff(r0, i + j, gf_mul_fast(a, poly_coeff(r1, i)));
}
}
// échanges
aux = r0;
r0 = r1;
r1 = aux;
aux = u0;
u0 = u1;
u1 = aux;
du = du + delta;
delta = 1;
while (poly_coeff(r1, dr - delta) == gf_zero())
delta++;
dr -= delta;
}
poly_set_deg(u1, du);
poly_set_deg(r1, dr);
//return u1 and r1;
*u=u1;
*v=r1;
poly_free(r0);
poly_free(u0);
}
static void gaelco3d_exit(running_machine *machine)
{
poly_free(poly);
}
