int main (int argc, char *argv[]) {
mpz_t c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2,
key1, key2;
FILE *fp, *fp1;
char chars[3];
//initializations
mpz_inits(c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2,
key1, key2, NULL);
//Welcome!
printf("Begin task 4 / 5...\n");
printf("*******************************\n");
printf("Welcome to fun with big numbers\n");
printf("Lets do some decryption\n");
printf("*******************************\n");
//Get needed input from file
fp = fopen("p4in.txt", "r");
gmp_fscanf(fp, "%Zd\n%Zd\n%Zd\n%Zd", &key1, &key2, &pc, &c);
gmp_printf("key1=%Zd\n\nkey2=%Zd\n\nCommon factor=%Zd\n\ncipher=%Zd\n\n",
key1, key2, pc, c);
fclose(fp);
//setup calculating needed values
mpz_cdiv_q(q1, key1, pc);
mpz_cdiv_q(q2, key2, pc);
mpz_set_ui(e, 65537);
mpz_sub_ui(tmp1, pc, 1);
mpz_sub_ui(tmp2, q1, 1);
mpz_mul(phi1, tmp1, tmp2);
mpz_sub_ui(tmp2, q2, 1);
mpz_mul(phi2, tmp1, tmp2);
mpz_invert(d1, e, phi1);
mpz_invert(d2, e, phi2);
//Lets try and decrypt
decrypt(&m1, c, d1, key1);
decrypt(&m2, c, d2, key2);
fp = fopen("p4out.txt", "w");
gmp_fprintf(fp, "%Zx\n%Zx\n", m1, m2);
fclose(fp);
mpz_clears(c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2,
key1, key2, NULL);
fp = fopen("p4out.txt", "r");
chars[2] = 0;
while (fscanf(fp, "%c%c", chars, chars + 1) > 0){
printf("%c", (int)strtol(chars, NULL, 16));
}
fclose(fp);
return 0;
}
/* See:
* (1) Kaltofen, Valente, Yui 1989
* (2) Valente 1992 (Thesis)
* (3) Konstantinou, Stamatiou, and Zaroliagis (CHES 2002)
* This code is performing table 1 of reference 3.
*/
static void weber_root_to_hilbert_root(mpz_t r, mpz_t N, long D)
{
mpz_t A, t;
if (D < 0) D = -D;
D = ((D % 4) == 0) ? D/4 : D;
if ( (D % 8) == 0 )
return;
mpz_init(A); mpz_init(t);
switch (D % 8) {
case 1: if ((D % 3) != 0) mpz_powm_ui(t, r, 12, N);
else mpz_powm_ui(t, r, 4, N);
mpz_mul_ui(A, t, 64);
mpz_sub_ui(t, A, 16);
break;
case 2:
case 6: if ((D % 3) != 0) mpz_powm_ui(t, r, 12, N);
else mpz_powm_ui(t, r, 4, N);
mpz_mul_ui(A, t, 64);
mpz_add_ui(t, A, 16);
break;
case 5: if ((D % 3) != 0) mpz_powm_ui(t, r, 6, N);
else mpz_powm_ui(t, r, 2, N);
mpz_mul_ui(A, t, 64);
mpz_sub_ui(t, A, 16);
break;
case 7: if (!mpz_invert(t, r, N)) mpz_set_ui(t, 0);
if ((D % 3) != 0) mpz_powm_ui(A, t, 24, N);
else mpz_powm_ui(A, t, 8, N);
mpz_sub_ui(t, A, 16);
break;
/* Results in degree 3x Hilbert, so typically not used */
case 3: if (!mpz_invert(t, r, N)) mpz_set_ui(t, 0);
if ((D % 3) != 0) {
mpz_powm_ui(t, t, 24, N);
mpz_mul_2exp(A, t, 12);
} else {
mpz_powm_ui(t, t, 8, N);
mpz_mul_2exp(A, t, 4);
}
mpz_sub_ui(t, A, 16);
break;
default: break;
}
/* r = t^3 / A */
mpz_powm_ui(t, t, 3, N);
if ( ! mpz_divmod(r, t, A, N, r) )
mpz_set_ui(r, 0);
mpz_clear(A); mpz_clear(t);
}
// Inversion is slower than in a naive Fp implementation because of an extra
// multiplication.
// Requires nonzero a.
static void fp_invert(element_ptr c, element_ptr a) {
eptr ad = (eptr)a->data;
eptr cd = (eptr)c->data;
fptr p = (fptr)a->field->data;
#ifdef _MSC_VER // for VC++ compatibility
mp_limb_t tmp[MAX_LIMBS];
#else
mp_limb_t tmp[p->limbs];
#endif
mpz_t z;
mpz_init(z);
// Copy the limbs into a regular mpz_t so we can invert using the standard
// mpz_invert().
mpz_import(z, p->limbs, -1, sizeof(mp_limb_t), 0, 0, ad->d);
mpz_invert(z, z, a->field->order);
set_limbs(tmp, z, p->limbs);
// Normalize.
mont_mul(cd->d, tmp, p->R3, p);
cd->flag = 2;
mpz_clear(z);
}
void damgard_jurik::compute_cache() {
mpz_t tmp;
mpz_init(tmp);
pubkey->n_j = new mpz_t[s_max + 2];
pubkey->k_n = new mpz_t[s_max + 2];
pubkey->nj_d_j = new mpz_t[s_max + 2];
pubkey->nj1_d_j = new mpz_t[s_max + 2];
mpz_init(pubkey->n_j[0]);
mpz_set_ui(pubkey->n_j[0], 1);
mpz_init(pubkey->k_n[0]);
mpz_set_ui(pubkey->k_n[0], 1);
for (int i = 1;i <= s_max + 1;i++) {
mpz_init(pubkey->n_j[i]);
mpz_mul(pubkey->n_j[i], pubkey->n_j[i - 1], pubkey->n);
mpz_init(pubkey->k_n[i]);
mpz_mul_ui(pubkey->k_n[i], pubkey->k_n[i - 1], i);
}
for (int i = 2;i <= s_max + 1;i++) {
mpz_init(pubkey->nj1_d_j[i]);
mpz_invert(tmp, pubkey->k_n[i], pubkey->n_j[s_max + 1]);
mpz_mul(pubkey->nj1_d_j[i], pubkey->n_j[i - 1], tmp);
mpz_mod(pubkey->nj1_d_j[i], pubkey->nj1_d_j[i], pubkey->n_j[s_max + 1]);
mpz_init(pubkey->nj_d_j[i]);
mpz_mul(pubkey->nj_d_j[i], pubkey->nj1_d_j[i], pubkey->n);
mpz_mod(pubkey->nj_d_j[i], pubkey->nj_d_j[i], pubkey->n_j[s_max + 1]);
}
}
struct Fq_poly *generateLagrangePoly(int n, int *delta_i, unsigned int i, mpz_t q)
{
struct Fq_poly **factors, **intermediates, *output;
mpz_t divFactor, divFactorInv;
int j;
intermediates = (struct Fq_poly **) calloc(n - 1, sizeof(struct Fq_poly*));
mpz_init(divFactorInv);
factors = getLagrangeFactorsDivProduct(divFactor, n, delta_i, i, q);
if(n > 1)
{
intermediates[0] = mulPolys(factors[0], factors[1], q);
for(j = 1; j < n - 1; j ++)
{
intermediates[j] = mulPolys(intermediates[j - 1], factors[j + 1], q);
}
}
else
{
intermediates[0] = factors[0];
}
mpz_invert(divFactorInv, divFactor, q);
output = scalarMulti(intermediates[n - 2], divFactorInv, q);
return output;
}
ecc_point* double_p(ecc_point p){
ecc_point* result;
result= malloc(sizeof(ecc_point));
mpz_init((*result).x);
mpz_init((*result).y);
printf("DP ");
if (mpz_cmp_ui(p.y,0)!=0){
mpz_t s,d_y,d_x,y;
mpz_init(d_y);
mpz_init(s);
mpz_init(y);
mpz_init(d_x);
mpz_pow_ui(s,p.x,2);
mpz_mul_si(s,s,3);
mpz_add(s,s,a);
mpz_mul_si(d_y,p.y,2);
mpz_mod(d_y,d_y,prime);
mpz_invert(d_y,d_y,prime);
mpz_mul(s,s,d_y);
mpz_mod(s,s,prime);
mpz_mul_ui(d_x,p.x,2);
mpz_pow_ui((*result).x,s,2);
mpz_sub((*result).x,(*result).x,d_x);
mpz_mod((*result).x,(*result).x,prime);
mpz_neg((*result).y,p.y);
mpz_sub(d_x,p.x,(*result).x);
mpz_mul(s,s,d_x);
mpz_add((*result).y,(*result).y,s);
mpz_mod((*result).y,(*result).y,prime);
}else
result=INFINITY_POINT;
return result;
}
inline void invMod(mpz_class& z, const mpz_class& x, const mpz_class& m) {
if (m != 0) {
mpz_invert(z.get_mpz_t(), x.get_mpz_t(), m.get_mpz_t());
} else {
throw std::runtime_error("Error: Divided by 0");
}
}
/***
* get Public and Private keys and save them in .txt
*/
void getPublicPrivatekey(mpz_t p, mpz_t q,mpz_t n ,mpz_t phi , mpz_t e, mpz_t d)
{
mpz_init(p);
mpz_init(q);
mpz_init(n);
mpz_init(phi);
mpz_init(d);
int seed=rand();
getNumberPremier(p,seed+1);
getNumberPremier(q,seed+2);
int e_int=65537;
mpz_set_ui(e,e_int);
mpz_mul(n,p,q); //n=p*q
mpz_sub_ui(p, p, 1); //p=p-1
mpz_sub_ui(q, q, 1); //q=q-1
mpz_mul(phi, p, q); //phi=(p-1)*(q-1)
mpz_invert(d, e, phi); //calcul d
char *str_d=malloc(KEY_LENGTH/4*sizeof(char));
char *str_n=malloc(KEY_LENGTH/2*sizeof(char));
mpz_get_str (str_n, 16, n);
mpz_get_str (str_d, 16, d);
WriteF(str_n,"publicKey_Modulo");
WriteF(str_d,"privateKey_d");
free(str_n);
free(str_d);
printf("\nClé ==>==>==>==>==> Gagné\n");
}
/*------------------------------------------------------------------------*/
static uint32
lift_roots(sieve_fb_t *s, curr_poly_t *c,
uint64 p, uint32 num_roots)
{
uint32 i;
uint32 degree = s->degree;
uint64_2gmp(p, s->p);
mpz_mul(s->p2, s->p, s->p);
mpz_tdiv_r(s->nmodp2, c->trans_N, s->p2);
mpz_sub(s->tmp1, c->trans_m0, c->mp_sieve_size);
mpz_tdiv_r(s->m0, s->tmp1, s->p2);
for (i = 0; i < num_roots; i++) {
mpz_powm_ui(s->tmp1, s->roots[i], (mp_limb_t)degree, s->p2);
mpz_sub(s->tmp1, s->nmodp2, s->tmp1);
if (mpz_cmp_ui(s->tmp1, (mp_limb_t)0) < 0)
mpz_add(s->tmp1, s->tmp1, s->p2);
mpz_tdiv_q(s->tmp1, s->tmp1, s->p);
mpz_powm_ui(s->tmp2, s->roots[i], (mp_limb_t)(degree-1), s->p);
mpz_mul_ui(s->tmp2, s->tmp2, (mp_limb_t)degree);
mpz_invert(s->tmp2, s->tmp2, s->p);
mpz_mul(s->tmp1, s->tmp1, s->tmp2);
mpz_tdiv_r(s->tmp1, s->tmp1, s->p);
mpz_addmul(s->roots[i], s->tmp1, s->p);
mpz_sub(s->roots[i], s->roots[i], s->m0);
if (mpz_cmp_ui(s->roots[i], (mp_limb_t)0) < 0)
mpz_add(s->roots[i], s->roots[i], s->p2);
}
return num_roots;
}
static int
wrap_nettle_pk_fixup (gnutls_pk_algorithm_t algo,
gnutls_direction_t direction,
gnutls_pk_params_st * params)
{
int result;
if (direction == GNUTLS_IMPORT && algo == GNUTLS_PK_RSA)
{
/* do not trust the generated values. Some old private keys
* generated by us have mess on the values. Those were very
* old but it seemed some of the shipped example private
* keys were as old.
*/
mpz_invert (TOMPZ (params->params[RSA_COEF]),
TOMPZ (params->params[RSA_PRIME2]), TOMPZ (params->params[RSA_PRIME1]));
/* calculate exp1 [6] and exp2 [7] */
_gnutls_mpi_release (¶ms->params[RSA_E1]);
_gnutls_mpi_release (¶ms->params[RSA_E2]);
result = calc_rsa_exp (params);
if (result < 0)
{
gnutls_assert ();
return result;
}
params->params_nr = RSA_PRIVATE_PARAMS;
}
return 0;
}
void signZZ_p(Sig * sig, char * msg, mpz_t d, mpz_t k, const CurveZZ_p * curve) {
mpz_t e, kinv;
// R = k * G, r = R[x]
PointZZ_p R;
pointZZ_pMul(&R, curve->g, k, curve);
mpz_init_set(sig->r, R.x);
mpz_mod(sig->r, sig->r, curve->q);
// convert digest to integer (digest is computed as hex in ecdsa.py)
mpz_init_set_str(e, msg, 16);
int orderBits = mpz_sizeinbase(curve->q, 2);
int digestBits = strlen(msg) * 4;
if(digestBits > orderBits) {
mpz_fdiv_q_2exp(e, e, digestBits - orderBits);
}
// s = (k^-1 * (e + d * r)) mod n
mpz_inits(kinv, sig->s, NULL);
mpz_invert(kinv, k, curve->q);
mpz_mul(sig->s, d, sig->r);
mpz_add(sig->s, sig->s, e);
mpz_mul(sig->s, sig->s, kinv);
mpz_mod(sig->s, sig->s, curve->q);
mpz_clears(R.x, R.y, e, kinv, NULL);
}
static Variant HHVM_FUNCTION(gmp_invert,
const Variant& dataA,
const Variant& dataB) {
mpz_t gmpDataA, gmpDataB, gmpReturn;
if (!variantToGMPData(cs_GMP_FUNC_NAME_GMP_INVERT, gmpDataA, dataA)) {
return false;
}
if (!variantToGMPData(cs_GMP_FUNC_NAME_GMP_INVERT, gmpDataB, dataB)) {
mpz_clear(gmpDataA);
return false;
}
mpz_init(gmpReturn);
if (!mpz_invert(gmpReturn, gmpDataA, gmpDataB)) {
mpz_clear(gmpDataA);
mpz_clear(gmpDataB);
mpz_clear(gmpReturn);
return false;
}
Variant ret = NEWOBJ(GMPResource)(gmpReturn);
mpz_clear(gmpDataA);
mpz_clear(gmpDataB);
mpz_clear(gmpReturn);
return ret;
}
void
PaillierAdapter::keygen( unsigned int modulusbits,
paillier_pubkey* pub,
paillier_prvkey* prv,
unsigned int init_s)
{
mpz_t p, q;
mpz_inits(p, q, NULL);
/* pick random (modulusbits/2)-bit primes p and q */
do
{
get_prime_of_size(p, modulusbits / 2);
get_prime_of_size(q, modulusbits / 2);
mpz_mul(*pub->getnj(1), p, q);
}while(mpz_sizeinbase(*pub->getnj(1), 2) != modulusbits);
pub->setbits(modulusbits);
pub->setinit_s(init_s);
pub->complete_key(init_s+1); /*we don't know if it will be used beyond one level*/
/* compute the private key lambda = lcm(p-1,q-1) */
mpz_sub_ui(p, p, 1);
mpz_sub_ui(q, q, 1);
mpz_lcm(prv->d, p, q);
mpz_invert(prv->inv_d, prv->d ,*pub->getnj(init_s));
/* clear temporary integers */
mpz_clears(p, q, NULL);
}
// sign a hash using ECDSA, hash must be a string in base used during initialisation.
// private key and a generator point are required for it to work (look SetDomain
// and SetKeys)
void ECDSA::Sign( char *hash, char *&r, char *&s )
{
mpz_t z,k,rr,ss,t,u;
ECPoint kG;
mpz_init_set_str(z, hash, m_base);
mpz_inits(k, rr, ss, t, u, NULL);
do
{
mpz_urandomm(k, m_st, ecc->m_n);
ecc->MultiplePoint(k, ecc->m_G, kG);
mpz_set(rr, kG.x);
mpz_mod(rr, rr, ecc->m_n);
} while (!mpz_cmp_ui(rr, 0));
do
{
mpz_set(t,z);
mpz_addmul(t,rr,ecc->m_dA);
mpz_set(u,k);
mpz_invert(u,u,ecc->m_n);
mpz_mul(ss, t, u);
mpz_mod(ss, ss, ecc->m_n);
} while (!mpz_cmp_ui(ss, 0));
mpz_get_str(r, m_base, rr);
mpz_get_str(s, m_base, ss);
mpz_clears(z,k,rr,ss,t,u,NULL);
return;
}
struct rsa_key new_rsa_key(int bits) {
init_rsa();
mpz_t* e = (mpz_t*)calloc(1, sizeof(mpz_t));
mpz_t* d = (mpz_t*)calloc(1, sizeof(mpz_t));
mpz_t* n = (mpz_t*)calloc(1, sizeof(mpz_t));
mpz_t p, q, et;
int r = 0;
mpz_init(*e); mpz_init(*d); mpz_init(*n);
mpz_init(p); mpz_init(q); mpz_init(et);
while (r == 0) {
mpz_urandomb(p, rsa_rand_state, bits/2);
mpz_nextprime(p, p);
mpz_urandomb(q, rsa_rand_state, bits/2);
mpz_nextprime(q, q);
mpz_mul(*n, p, q);
mpz_sub_ui(p, p, 1);
mpz_sub_ui(q, q, 1);
mpz_mul(et, p, q);
mpz_set_ui(*e, 3);
r = mpz_invert(*d, *e, et);
}
return (rsa_key) {.e = e, .d = d, .n = n};
}
/** \brief Fp域上多项式GCD.
\param f,g 域上多项式.
\param r 最大公因子.
\note Euclid算法.
*/
void UniGcdZp(poly_z & r,const poly_z & f,const poly_z & g,mpz_ptr p)
{
poly_z u,v;
poly_z q;
copy_poly_z(u,f);
copy_poly_z(v,g);
while(v.size()> 0){
UniDivModZp(q,r,u,v,p);
UniPolynomialMod(r,r,p);
u.resize(0);
u=v;v=r;
r=poly_z();
}
static mpz_t lc;
mpz_init_set(lc,u[u.size()-1]);
mpz_invert(lc,lc,p);
r.resize(u.size());
for(size_t i=0;i<u.size();i++)
{
mpz_mul(r[i],u[i],lc);
}
UniPolynomialMod(r,r,p);
mpz_clear(lc);
u.resize(0);v.resize(0);q.resize(0);
}
/* Blinds the c, by computing c *= r^e (mod n), for a random r. Also
returns the inverse (ri), for use by rsa_unblind. */
void
_rsa_blind (const struct rsa_public_key *pub,
void *random_ctx, nettle_random_func *random,
mpz_t c, mpz_t ri)
{
mpz_t r;
mpz_init(r);
/* c = c*(r^e)
* ri = r^(-1)
*/
do
{
nettle_mpz_random(r, random_ctx, random, pub->n);
/* invert r */
}
while (!mpz_invert (ri, r, pub->n));
/* c = c*(r^e) mod n */
mpz_powm_sec(r, r, pub->e, pub->n);
mpz_mul(c, c, r);
mpz_fdiv_r(c, c, pub->n);
mpz_clear(r);
}
ecc_point* sum(ecc_point p1,ecc_point p2){
ecc_point* result;
result = malloc(sizeof(ecc_point));
mpz_init((*result).x);
mpz_init((*result).y);
if (mpz_cmp(p1.x,p2.x)==0 && mpz_cmp(p1.y,p2.y)==0)
result=double_p(p1);
else
if( mpz_cmp(p1.x,p2.x)==0 && mpz_cmpabs(p2.y,p1.y)==0)
result=INFINITY_POINT;
else{
mpz_t delta_x,x,y,delta_y,s,s_2;
mpz_init(delta_x);
mpz_init(x); mpz_init(y);
mpz_init(s); mpz_init(s_2);
mpz_init(delta_y);
mpz_sub(delta_x,p1.x,p2.x);
mpz_sub(delta_y,p1.y,p2.y);
mpz_mod(delta_x,delta_x,prime);
mpz_invert(delta_x,delta_x,prime);
mpz_mul(s,delta_x,delta_y);
mpz_mod(s,s,prime);
mpz_pow_ui(s_2,s,2);
mpz_sub(x,s_2,p1.x);
mpz_sub(x,x,p2.x);
mpz_mod(x,x,prime);
mpz_set((*result).x,x);
mpz_sub(delta_x,p2.x,x);
mpz_neg(y,p2.y);
mpz_addmul(y,s,delta_x);
mpz_mod(y,y,prime);
mpz_set((*result).y,y);
};
return result;
}
int verifyZZ_p(Sig * sig, char * msg, PointZZ_p * Q, const CurveZZ_p * curve) {
mpz_t e, w, u1, u2;
PointZZ_p tmp;
mpz_inits(w, u1, u2, tmp.x, tmp.y, NULL);
// convert digest to integer (digest is computed as hex in ecdsa.py)
mpz_init_set_str(e, msg, 16);
int orderBits = mpz_sizeinbase(curve->q, 2);
int digestBits = strlen(msg) * 4;
if(digestBits > orderBits) {
mpz_fdiv_q_2exp(e, e, digestBits - orderBits);
}
mpz_invert(w, sig->s, curve->q);
mpz_mul(u1, e, w);
mpz_mod(u1, u1, curve->q);
mpz_mul(u2, sig->r, w);
mpz_mod(u2, u2, curve->q);
pointZZ_pShamirsTrick(&tmp, curve->g, u1, Q, u2, curve);
mpz_mod(tmp.x, tmp.x, curve->q);
int equal = (mpz_cmp(tmp.x, sig->r) == 0);
mpz_clears(e, w, u1, u2, tmp.x, tmp.y, NULL);
return equal;
}
int rsa_import_key(rsa_private_key_t *key, int endian,
uint8_t *n, size_t n_len, uint8_t *e, size_t e_len,
uint8_t *p, uint8_t *q)
{
mpz_t t1, t2, phi;
if (n == NULL || n_len == 0 || (p == NULL && q == NULL)) return -1;
/* init key */
key->size = n_len << 3;
if (e == NULL || e_len == 0) {
mpz_init_set_ui(key->e, 65537);
} else {
mpz_init2(key->e, (e_len << 3) + GMP_NUMB_BITS);
mpz_import(key->e, e_len, endian, 1, 0, 0, e);
}
mpz_init2(key->n, key->size + GMP_NUMB_BITS);
mpz_init2(key->p, key->size / 2 + GMP_NUMB_BITS);
mpz_init2(key->q, key->size / 2 + GMP_NUMB_BITS);
mpz_init2(key->d, key->size + GMP_NUMB_BITS);
mpz_init2(key->u, key->size / 2 + GMP_NUMB_BITS);
mpz_init2(t1, key->size / 2 + GMP_NUMB_BITS);
mpz_init2(t2, key->size / 2 + GMP_NUMB_BITS);
mpz_init2(phi, key->size + GMP_NUMB_BITS);
/* import values */
mpz_import(key->n, n_len, endian, 1, 0, 0, n);
if (p != NULL) mpz_import(key->p, n_len / 2, endian, 1, 0, 0, p);
if (q != NULL) mpz_import(key->q, n_len / 2, endian, 1, 0, 0, q);
if (p == NULL) mpz_tdiv_q(key->p, key->n, key->q);
if (q == NULL) mpz_tdiv_q(key->q, key->n, key->p);
/* p shall be smaller than q */
if (mpz_cmp(key->p, key->q) > 0) mpz_swap(key->p, key->q);
/* calculate missing values */
mpz_sub_ui(t1, key->p, 1);
mpz_sub_ui(t2, key->q, 1);
mpz_mul(phi, t1, t2);
mpz_invert(key->d, key->e, phi);
mpz_invert(key->u, key->p, key->q);
/* release helper variables */
mpz_clear(t1);
mpz_clear(t2);
mpz_clear(phi);
/* test key */
if (rsa_test_key(key) != 0) {
rsa_release_private_key(key);
return -1;
}
return 0;
}
//c_iとk_iをペアリングする関数
//¬記号で別々の処理する
//(v_i - x_t)も必要→とりあえず置いておこう……→一応できた?
Element *pairing_c_k(EC_PAIRING p, rho_i *rho, EC_POINT *c, EC_POINT *k, mpz_t *alpha_i) {
int i;
Element *result;
result = (Element*)malloc(sizeof(Element));
Element egg, tempegg1, tempegg2;
element_init(egg, p->g3);
element_init(tempegg1, p->g3);
element_init(tempegg2, p->g3);
element_init(*result, p->g3);
mpz_t temp1;
mpz_init(temp1);
mpz_t temp2;
mpz_init(temp2);
mpz_t order;
mpz_init(order);
mpz_set(order, *pairing_get_order(p));
element_set_one(*result);
if (alpha_i == NULL && rho == NULL) { //e(c_0, k_0)
for (i = 0; i < 5; i++) {
pairing_map(tempegg1, c[i], k[i], p);
element_mul(tempegg2, tempegg1, *result);
element_set(*result, tempegg2);
}
}
else if (mpz_cmp_ui(*alpha_i, 0) == 0) {//return 1
}
else if (rho->is_negated == FALSE) {
for (i = 0; i < 7; i++) {
pairing_map(tempegg1, c[i], k[i], p);
element_mul(tempegg2, tempegg1, *result);
element_set(*result, tempegg2);
}
element_pow(tempegg1, *result, *alpha_i);
element_set(*result, tempegg1);
}
else { //is_negated == TRUE
for (i = 0; i < 7; i++) {
pairing_map(tempegg1, c[i], k[i], p);
element_mul(tempegg2, tempegg1, *result);
element_set(*result, tempegg2);
}
mpz_set_ui(temp1, rho->v_t[0]); //v_i - x_t
mpz_invert(temp2, temp1, order);
mpz_mul(temp1, temp2, *alpha_i); // alpha_i / (v_i - x_t)
mpz_mod(*alpha_i, temp1, order);
element_pow(tempegg1, *result, *alpha_i);
element_set(*result, tempegg1);
}
mpz_clear(order);
mpz_clear(temp2);
mpz_clear(temp1);
element_clear(egg);
element_clear(tempegg1);
element_clear(tempegg2);
return result;
}
void
mpz_xinvert (mpz_ptr r, mpz_srcptr a, mpz_srcptr b)
{
int res;
res = mpz_invert (r, a, b);
if (res == 0)
mpz_set_ui (r, 0);
}
static void fp_invert(element_ptr e, element_ptr a) {
mpz_t z;
mpz_init(z);
fp_to_mpz(z, a);
mpz_invert(z, z, e->field->order);
from_mpz(e, z);
mpz_clear(z);
}
/* invmod */
static int invmod(void *a, void *b, void *c)
{
LTC_ARGCHK(a != NULL);
LTC_ARGCHK(b != NULL);
LTC_ARGCHK(c != NULL);
mpz_invert(c, a, b);
return CRYPT_OK;
}
int qsieve_getinvers(int x, int y)
{
if(x == 0) return y;
mpz_set_si(TB, x);
mpz_set_si(TC, y);
mpz_invert(TD, TB, TC);
return qsieve_getsize(TD);
}
void
complete_prvkey( paillier_prvkey_t* prv, paillier_pubkey_t* pub )
{
mpz_powm(prv->x, pub->n_plusone, prv->lambda, pub->n_squared);
mpz_sub_ui(prv->x, prv->x, 1);
mpz_div(prv->x, prv->x, pub->n);
mpz_invert(prv->x, prv->x, pub->n);
}
static Py_hash_t
Pympq_hash(PympqObject *self)
{
#ifdef _PyHASH_MODULUS
Py_hash_t hash = 0;
mpz_t temp, temp1, mask;
if (self->hash_cache != -1)
return self->hash_cache;
mpz_inoc(temp);
mpz_inoc(temp1);
mpz_inoc(mask);
mpz_set_si(mask, 1);
mpz_mul_2exp(mask, mask, _PyHASH_BITS);
mpz_sub_ui(mask, mask, 1);
if (!mpz_invert(temp, mpq_denref(self->q), mask)) {
mpz_cloc(temp);
mpz_cloc(temp1);
mpz_cloc(mask);
hash = _PyHASH_INF;
if (mpz_sgn(mpq_numref(self->q))<0)
hash = -hash;
self->hash_cache = hash;
return hash;
}
mpz_set(temp1, mask);
mpz_sub_ui(temp1, temp1, 2);
mpz_powm(temp, mpq_denref(self->q), temp1, mask);
mpz_tdiv_r(temp1, mpq_numref(self->q), mask);
mpz_mul(temp, temp, temp1);
hash = (Py_hash_t)mpn_mod_1(temp->_mp_d, mpz_size(temp), _PyHASH_MODULUS);
if (mpz_sgn(mpq_numref(self->q))<0)
hash = -hash;
if (hash==-1) hash = -2;
mpz_cloc(temp);
mpz_cloc(temp1);
mpz_cloc(mask);
self->hash_cache = hash;
return hash;
#else
PyObject *temp;
if (self->hash_cache != -1)
return self->hash_cache;
if (!(temp = Pympq_To_PyFloat(self))) {
SYSTEM_ERROR("Could not convert 'mpq' to float.");
return -1;
}
self->hash_cache = PyObject_Hash(temp);
Py_DECREF(temp);
return self->hash_cache;
#endif
}
static void fp_invert(element_ptr c, element_ptr a) {
pbc_mpui *r = c->data;
mpz_t z;
mpz_init(z);
fp_to_mpz(z, a);
mpz_invert(z, z, a->field->order);
*r = mpz_get_ui(z);
mpz_clear(z);
}
int mpz_divmod(mpz_t r, mpz_t a, mpz_t b, mpz_t n, mpz_t t)
{
int invertible;
invertible = mpz_invert(t, b, n);
if (!invertible)
return 0;
mpz_mulmod(r, t, a, n, t); /* mpz_mul(t,t,a); mpz_mod(r,t,n); */
return 1;
}
mpz_class
inverse_mod<mpz_class>(const mpz_class &x, const mpz_class &n)
{
mpz_class result;
mpz_invert(result.get_mpz_t(), x.get_mpz_t(), n.get_mpz_t());
return result;
}
