/* function createF2mPoint : This function creates a point of elliptic curve over F2m according to the accepted values
* param m : pointer to mip
* param xVal : x value of the point
* param yVal : y value of the point
* param validity : indicates if the point is valid for the current curve or not
* return : A pointer to the created point.
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_ECF2mPointMiracl_createF2mPoint
(JNIEnv *env, jobject obj, jlong m, jbyteArray xVal, jbyteArray yVal){
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
/* create the point with x,y values */
epoint* p = epoint_init(mip);
big x = byteArrayToMiraclBig(env, mip, xVal);
big y = byteArrayToMiraclBig(env, mip, yVal);
bool valid = epoint2_set(mip, x, y, 0, p);
mirkill(x);
mirkill(y);
if (!valid) {
epoint_free(p);
return 0;
}
return (jlong) p; // return the point
}
int main()
{
int ia,ib;
time_t seed;
epoint *g,*ea,*eb;
big a,b,p,q,n,p1,q1,phi,pa,pb,key,e,d,dp,dq,t,m,c,x,y,k,inv;
big primes[2],pm[2];
big_chinese ch;
miracl *mip;
#ifndef MR_NOFULLWIDTH
mip=mirsys(500,0);
#else
mip=mirsys(500,MAXBASE);
#endif
a=mirvar(0);
b=mirvar(0);
p=mirvar(0);
q=mirvar(0);
n=mirvar(0);
p1=mirvar(0);
q1=mirvar(0);
phi=mirvar(0);
pa=mirvar(0);
pb=mirvar(0);
key=mirvar(0);
e=mirvar(0);
d=mirvar(0);
dp=mirvar(0);
dq=mirvar(0);
t=mirvar(0);
m=mirvar(0);
c=mirvar(0);
pm[0]=mirvar(0);
pm[1]=mirvar(0);
x=mirvar(0);
y=mirvar(0);
k=mirvar(0);
inv=mirvar(0);
time(&seed);
irand((unsigned long)seed); /* change parameter for different values */
printf("First Diffie-Hellman Key exchange .... \n");
cinstr(p,primetext);
/* offline calculations could be done quicker using Comb method
- See brick.c. Note use of "truncated exponent" of 160 bits -
could be output of hash function SHA (see mrshs.c) */
printf("\nAlice's offline calculation\n");
bigbits(160,a);
/* 3 generates the sub-group of prime order (p-1)/2 */
powltr(3,a,p,pa);
printf("Bob's offline calculation\n");
bigbits(160,b);
powltr(3,b,p,pb);
printf("Alice calculates Key=\n");
powmod(pb,a,p,key);
cotnum(key,stdout);
printf("Bob calculates Key=\n");
powmod(pa,b,p,key);
cotnum(key,stdout);
printf("Alice and Bob's keys should be the same!\n");
/*
Now Elliptic Curve version of the above.
Curve is y^2=x^3+Ax+B mod p, where A=-3, B and p as above
"Primitive root" is the point (x,y) above, which is of large prime order q.
In this case actually
q=FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831
*/
printf("\nLets try that again using elliptic curves .... \n");
convert(-3,a);
mip->IOBASE=16;
cinstr(b,ecb);
cinstr(p,ecp);
ecurve_init(a,b,p,MR_BEST); /* Use PROJECTIVE if possible, else AFFINE coordinates */
g=epoint_init();
cinstr(x,ecx);
cinstr(y,ecy);
mip->IOBASE=10;
epoint_set(x,y,0,g);
ea=epoint_init();
eb=epoint_init();
epoint_copy(g,ea);
epoint_copy(g,eb);
printf("Alice's offline calculation\n");
bigbits(160,a);
ecurve_mult(a,ea,ea);
ia=epoint_get(ea,pa,pa); /* <ia,pa> is compressed form of public key */
printf("Bob's offline calculation\n");
bigbits(160,b);
ecurve_mult(b,eb,eb);
ib=epoint_get(eb,pb,pb); /* <ib,pb> is compressed form of public key */
printf("Alice calculates Key=\n");
epoint_set(pb,pb,ib,eb); /* decompress eb */
ecurve_mult(a,eb,eb);
epoint_get(eb,key,key);
cotnum(key,stdout);
printf("Bob calculates Key=\n");
epoint_set(pa,pa,ia,ea); /* decompress ea */
ecurve_mult(b,ea,ea);
epoint_get(ea,key,key);
cotnum(key,stdout);
printf("Alice and Bob's keys should be the same! (but much smaller)\n");
epoint_free(g);
epoint_free(ea);
epoint_free(eb);
/* El Gamal's Method */
printf("\nTesting El Gamal's public key method\n");
cinstr(p,primetext);
bigbits(160,x); /* x<p */
powltr(3,x,p,y); /* y=3^x mod p*/
decr(p,1,p1);
mip->IOBASE=128;
cinstr(m,text);
mip->IOBASE=10;
do
{
bigbits(160,k);
} while (egcd(k,p1,t)!=1);
powltr(3,k,p,a); /* a=3^k mod p */
powmod(y,k,p,b);
mad(b,m,m,p,p,b); /* b=m*y^k mod p */
printf("Ciphertext= \n");
cotnum(a,stdout);
cotnum(b,stdout);
zero(m); /* proof of pudding... */
subtract(p1,x,t);
powmod(a,t,p,m);
mad(m,b,b,p,p,m); /* m=b/a^x mod p */
printf("Plaintext= \n");
mip->IOBASE=128;
cotnum(m,stdout);
mip->IOBASE=10;
/* RSA. Generate primes p & q. Use e=65537, and find d=1/e mod (p-1)(q-1) */
printf("\nNow generating 512-bit random primes p and q\n");
do
{
bigbits(512,p);
if (subdivisible(p,2)) incr(p,1,p);
while (!isprime(p)) incr(p,2,p);
bigbits(512,q);
if (subdivisible(q,2)) incr(q,1,q);
while (!isprime(q)) incr(q,2,q);
multiply(p,q,n); /* n=p.q */
lgconv(65537L,e);
decr(p,1,p1);
decr(q,1,q1);
multiply(p1,q1,phi); /* phi =(p-1)*(q-1) */
} while (xgcd(e,phi,d,d,t)!=1);
cotnum(p,stdout);
cotnum(q,stdout);
printf("n = p.q = \n");
cotnum(n,stdout);
/* set up for chinese remainder thereom */
/* primes[0]=p;
primes[1]=q;
crt_init(&ch,2,primes);
*/
/* use simple CRT as only two primes */
xgcd(p,q,inv,inv,inv); /* 1/p mod q */
copy(d,dp);
copy(d,dq);
divide(dp,p1,p1); /* dp=d mod p-1 */
divide(dq,q1,q1); /* dq=d mod q-1 */
mip->IOBASE=128;
cinstr(m,text);
mip->IOBASE=10;
printf("Encrypting test string\n");
powmod(m,e,n,c);
printf("Ciphertext= \n");
cotnum(c,stdout);
zero(m);
printf("Decrypting test string\n");
powmod(c,dp,p,pm[0]); /* get result mod p */
powmod(c,dq,q,pm[1]); /* get result mod q */
subtract(pm[1],pm[0],pm[1]); /* poor man's CRT */
mad(inv,pm[1],inv,q,q,m);
multiply(m,p,m);
add(m,pm[0],m);
/* crt(&ch,pm,m); combine them using CRT */
printf("Plaintext= \n");
mip->IOBASE=128;
cotnum(m,stdout);
/* crt_end(&ch); */
return 0;
}
/* function deletePointFp : This function deletes point of elliptic curve over Fp
* param p : pointer to elliptic curve point
*/
JNIEXPORT void JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_ECF2mPointMiracl_deletePointF2m
(JNIEnv *env, jobject obj, jlong p){
epoint_free((epoint*)p);
}
epoint* computeLL(miracl* mip, epoint** elements, big* exponents, int n, int field){
big bigExp = mirvar(mip, 0);
big two = mirvar(mip, 2);
big zero = mirvar(mip, 0);
int t = 0, w, h, i, j;
epoint*** preComp;
epoint* result;
//get the biggest exponent
for (i=0; i<n; i++)
if (mr_compare(bigExp, exponents[i]) < 0)
bigExp = exponents[i];
//num of bitf in the biggest exponent
t = logb2(mip, bigExp);
//choose w according to the value of t
w = getLLW(t);
//h = n/w
if ((n % w) == 0){
h = n / w;
} else{
h = ((int) (n / w)) + 1;
}
//printf("n is: %d\n", n);
//printf("t is: %d\n", t);
//printf("w is: %d\n", w);
//printf("h is: %d\n", h);
//creates pre computation table
preComp = createLLPreCompTable(mip, elements, w, h, n, field);
result = getIdentity(mip, field); //holds the computation result
//computes the loop of the computation
result = computeLoop(mip, exponents, w, h, preComp, result, t-1, n, field);
//third part of computation
for (j=t-2; j>=0; j--){
//operate y^2 differently. depends on the field type
if (field==1)
ecurve_mult(mip, two, result, result);
else
ecurve2_mult(mip, two, result, result);
//computes the loop of the computation
result = computeLoop(mip, exponents, w, h, preComp, result, j, n, field);
}
//free the allocated memeory
mirkill(two);
mirkill(zero);
for (i=0; i<h; i++){
for (j=0; j<pow((double)2, w); j++){
epoint_free(preComp[i][j]);
}
free(preComp[i]);
}
free(preComp);
return result;
}
