/**
* Compute the inverse of a mod m. Or, result = a^-1 mod m.
*/
void bignum_inverse(bignum* a, bignum* m, bignum* result) {
bignum *remprev = bignum_init(), *rem = bignum_init();
bignum *auxprev = bignum_init(), *aux = bignum_init();
bignum *rcur = bignum_init(), *qcur = bignum_init(), *acur = bignum_init();
bignum_copy(m, remprev);
bignum_copy(a, rem);
bignum_fromint(auxprev, 0);
bignum_fromint(aux, 1);
while(bignum_greater(rem, &NUMS[1])) {
bignum_divide(qcur, rcur, remprev, rem);
/* Observe we are finding the inverse in a finite field so we can use
* a modified algorithm that avoids negative numbers here */
bignum_subtract(acur, m, qcur);
bignum_imultiply(acur, aux);
bignum_iadd(acur, auxprev);
bignum_imodulate(acur, m);
bignum_copy(rem, remprev);
bignum_copy(aux, auxprev);
bignum_copy(rcur, rem);
bignum_copy(acur, aux);
}
bignum_copy(acur, result);
bignum_deinit(remprev);
bignum_deinit(rem);
bignum_deinit(auxprev);
bignum_deinit(aux);
bignum_deinit(rcur);
bignum_deinit(qcur);
bignum_deinit(acur);
}
/**
* Check whether a is a Euler witness for n. That is, if a^(n - 1)/2 != Ja(a, n) mod n
*/
int solovayPrime(int a, bignum* n) {
bignum *ab = bignum_init(), *res = bignum_init(), *pow = bignum_init();
bignum *modpow = bignum_init();
int x, result;
bignum_fromint(ab, a);
x = bignum_jacobi(ab, n);
if(x == -1) bignum_subtract(res, n, &NUMS[1]);
else bignum_fromint(res, x);
bignum_copy(n, pow);
bignum_isubtract(pow, &NUMS[1]);
bignum_idivide(pow, &NUMS[2]);
bignum_modpow(ab, pow, n, modpow);
result = !bignum_equal(res, &NUMS[0]) && bignum_equal(modpow, res);
bignum_deinit(ab);
bignum_deinit(res);
bignum_deinit(pow);
bignum_deinit(modpow);
return result;
}
int main(int argc, const char * argv[]) {
char *p=(char*)malloc(BUF_SIZE*sizeof(char));
printf("\n请输入选择的大素数p:\n");
scanf("%s",p);
bignum *p1 = bignum_init();
bignum_fromstring(p1, p);
free(p);
if(probablePrime(p1, ACCURACY))
{
printf("p合理");
bignum *yz = bignum_init();
bignum_fromint(yz, 3);
if (bignum_equal(yz,p1)) {
printf("但p太小不适用!\n");
return 1;
}
}else{
printf("p不是素数!\n");
return 1;
}
bignum *p2 = bignum_init();
bignum *temp = bignum_init();
bignum_fromint(temp, 1);
bignum_subtract(p2, p1, temp);
printf("\n请输入选择的本原元α:\n");
char *a=(char*)malloc(BUF_SIZE*sizeof(char));
scanf("%s",a);
bignum *a1 = bignum_init();
bignum_fromstring(a1, a);
free(a);
printf("\n请输入选择的随机整数d:(2<=d<=p-2)\n");
char *d=(char*)malloc(BUF_SIZE*sizeof(char));
scanf("%s",d);
bignum *d1 = bignum_init();
bignum_fromstring(d1, d);
free(d);
bignum *yz0 = bignum_init();
bignum_fromint(yz0, 2);
bignum *yz1 = bignum_init();
bignum_subtract(yz1, p1, yz0);
if( (bignum_greater(d1, yz0)||bignum_equal(d1, yz0))&&(bignum_greater(yz1,d1)||bignum_equal(yz1,d1)) )
{
printf("d合理");
}else{
printf("d不合要求!\n");
return 1;
}
printf("\n请输入您的消息x:\n");
char *x=(char*)malloc(BUF_SIZE*sizeof(char));
scanf("%s",x);
bignum *x1 = bignum_init();
bignum_fromstring(x1, x);
free(x);
printf("\n请输入您选择的k:(2<=k<=p-2且k应与p-1互质)\n");
char *k=(char*)malloc(BUF_SIZE*sizeof(char));
scanf("%s",k);
bignum *k1 = bignum_init();
bignum_fromstring(k1, k);
free(k);
if( (bignum_greater(k1, yz0)||bignum_equal(k1, yz0))&&(bignum_greater(yz1,k1)||bignum_equal(yz1,k1)) )
{
bignum *yz2 = bignum_init();
bignum_gcd(k1, p2, yz2);
if (!bignum_equal(yz2,temp)) {
printf("k不合要求!\n");
return 1;
}
printf("k合理");
}else{
printf("k不合要求!\n");
return 1;
}
bignum *b1 = bignum_init();
bignum_modpow(a1,d1,p1,b1);
printf("\n\n所以\n您生成的公钥(p,α,β)为:\t(");
bignum_print(p1);
printf(",");
bignum_print(a1);
printf(",");
bignum_print(b1);
printf(")\n");
printf("您的私钥为:");
bignum_print(d1);
printf("\n");
printf("您发出的消息(x(r,s))为:\t(");
bignum_print(x1);
printf(",(");
bignum *r1 = bignum_init();
bignum_modpow(a1,k1,p1,r1);
bignum_print(r1);
printf(",");
bignum *s1=bignum_init();
bignum_multiply(temp, d1, r1);
bignum *temp2 = bignum_init();
bignum *x2 = bignum_init();
bignum_copy(x1, x2);
while (bignum_less(x2, temp)) {
bignum *add = bignum_init();
bignum_copy(p2, add);
bignum_iadd(x2, add) ;
}
bignum_subtract(temp2, x2, temp);
// printf("\ntemp2:");
// bignum_print(temp2);
// printf("\t");
// bignum_print(x2);
// printf("\t");
// bignum_print(temp);
// printf("\n");
bignum_inverse(k1, p2, temp);//计算a的逆元result = a^-1 mod m
bignum_multiply(s1, temp, temp2);
bignum_imodulate(s1, p2);//source = source % modulus
bignum_print(s1);
printf("))\n");
bignum *t0 = bignum_init();
bignum_modpow(a1,x1,p1,t0);
bignum *t1 = bignum_init();
bignum_modpow(b1,r1,p1,t1);
bignum *t2 = bignum_init();
bignum_modpow(r1,s1,p1,t2);
bignum *t3 = bignum_init();
bignum_multiply(t3, t1, t2);
bignum_imodulate(t3, p1);
printf("按t=(α^x)mod p,结果为:");
bignum_print(t0);
printf("\n按t=(β^r*r^s)mod p,结果为:");
bignum_print(t3);
printf("\n");
if (bignum_equal(t0, t3)) {
printf("此签名正确有效~\n\n");
}else{
printf("此签名错误无效!\n\n");
}
}
/**
* Perform an in place subtract from the source bignum. That is, source -= sub
*/
void bignum_isubtract(bignum* source, bignum* sub) {
bignum* temp = bignum_init();
bignum_subtract(temp, source, sub);
bignum_copy(temp, source);
bignum_deinit(temp);
}
/**
* Main method to demostrate the system. Sets up primes p, q, and proceeds to encode and
* decode the message given in "text.txt"
*/
int main(void) {
int i, bytes, len;
bignum *p = bignum_init(), *q = bignum_init(), *n = bignum_init();
bignum *phi = bignum_init(), *e = bignum_init(), *d = bignum_init();
bignum *bbytes = bignum_init(), *shift = bignum_init();
bignum *temp1 = bignum_init(), *temp2 = bignum_init();
bignum *encoded;
int *decoded;
char *buffer;
FILE* f;
srand(time(NULL));
randPrime(FACTOR_DIGITS, p);
printf("Got first prime factor, p = ");
bignum_print(p);
printf(" ... ");
getchar();
randPrime(FACTOR_DIGITS, q);
printf("Got second prime factor, q = ");
bignum_print(q);
printf(" ... ");
getchar();
bignum_multiply(n, p, q);
printf("Got modulus, n = pq = ");
bignum_print(n);
printf(" ... ");
getchar();
bignum_subtract(temp1, p, &NUMS[1]);
bignum_subtract(temp2, q, &NUMS[1]);
bignum_multiply(phi, temp1, temp2); /* phi = (p - 1) * (q - 1) */
printf("Got totient, phi = ");
bignum_print(phi);
printf(" ... ");
getchar();
randExponent(phi, EXPONENT_MAX, e);
printf("Chose public exponent, e = ");
bignum_print(e);
printf("\nPublic key is (");
bignum_print(e);
printf(", ");
bignum_print(n);
printf(") ... ");
getchar();
bignum_inverse(e, phi, d);
printf("Calculated private exponent, d = ");
bignum_print(d);
printf("\nPrivate key is (");
bignum_print(d);
printf(", ");
bignum_print(n);
printf(") ... ");
getchar();
/* Compute maximum number of bytes that can be encoded in one encryption */
bytes = -1;
bignum_fromint(shift, 1 << 7); /* 7 bits per char */
bignum_fromint(bbytes, 1);
while(bignum_less(bbytes, n)) {
bignum_imultiply(bbytes, shift); /* Shift by one byte, NB: we use bitmask representative so this can actually be a shift... */
bytes++;
}
printf("Opening file \"text.txt\" for reading\n");
f = fopen("text.txt", "r");
if(f == NULL) {
printf("Failed to open file \"text.txt\". Does it exist?\n");
return EXIT_FAILURE;
}
len = readFile(f, &buffer, bytes); /* len will be a multiple of bytes, to send whole chunks */
printf("File \"text.txt\" read successfully, %d bytes read. Encoding byte stream in chunks of %d bytes ... ", len, bytes);
getchar();
printf("\n");
encoded = encodeMessage(len, bytes, buffer, e, n);
printf("\n\nEncoding finished successfully ... ");
getchar();
printf("Decoding encoded message ... ");
getchar();
printf("\n");
decoded = decodeMessage(len/bytes, bytes, encoded, d, n);
printf("\n\nFinished RSA demonstration!");
/* Eek! This is why we shouldn't of calloc'd those! */
for(i = 0; i < len/bytes; i++) free(encoded[i].data);
free(encoded);
free(decoded);
free(buffer);
bignum_deinit(p);
bignum_deinit(q);
bignum_deinit(n);
bignum_deinit(phi);
bignum_deinit(e);
bignum_deinit(d);
bignum_deinit(bbytes);
bignum_deinit(shift);
bignum_deinit(temp1);
bignum_deinit(temp2);
fclose(f);
return EXIT_SUCCESS;
}
