int
main()
{
mpl_int a;
int i;
if (mpl_init(&a) != MPL_OK) {
printf("can't init\n");
goto end;
}
a.top = 1;
a.dig[0] = 0x09090909;
a.dig[1] = 0x09090909;
for (i = 0; i < 8; i++)
printf("%i: %i\n", i, mpl_check_bit(&a, i));
for (i = 48; i < 64; i++)
printf("%i: %i\n", i, mpl_check_bit(&a, i));
mpl_clear(&a);
end:
return 0;
}
void
var_clear(struct variable *var)
{
assert(var != NULL);
mpl_clear(&var->bnum);
str_clear(&var->str);
octstr_clear(&var->octstr);
}
static void
rest_add_expr(void)
{
number op1, op2;
unsigned int tmp, rv, i;
while (token.type == TOKEN_PLUS || token.type == TOKEN_MINUS) {
tmp = token.type;
get_next_token();
mul_expr();
if (err == SYN_ERR) {
goto out;
}
rv = pop_item(&sp, &op2);
if (rv != OK) {
err = MEM_ERR;
goto out;
}
rv = pop_item(&sp, &op1);
if (rv != OK) {
err = MEM_ERR;
goto out;
}
if (op1.frac == op2.frac)
goto main_part;
if (op1.frac > op2.frac) {
for (i = 0; i < (op1.frac - op2.frac); i++)
rv = mpl_mul_dig(&op2.value, &op2.value, 10);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
op2.frac = op1.frac;
} else {
for (i = 0; i < (op2.frac - op1.frac); i++)
rv = mpl_mul_dig(&op1.value, &op1.value, 10);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
op1.frac = op2.frac;
}
main_part:
if (tmp == TOKEN_PLUS) {
rv = mpl_add(&op1.value, &op1.value, &op2.value);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
} else if (tmp == TOKEN_MINUS) {
rv = mpl_sub(&op1.value, &op1.value, &op2.value);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
}
rv = push_item(&sp, &op1);
if (rv != OK) {
err = MEM_ERR;
goto out;
}
mpl_clear(&op2.value);
}
if (token.type != TOKEN_EOL && token.type != TOKEN_RPARENTH) {
err = SYN_ERR;
goto out;
}
out:
return ;
}
static void
rest_mul_expr(void)
{
int tmp, rv, i;
number op1, op2;
while(token.type == TOKEN_ASTERISK || token.type == TOKEN_SLASH) {
tmp = token.type;
get_next_token();
pr_expr();
if (err == SYN_ERR) {
goto out;
}
rv = pop_item(&sp, &op2);
if (rv != OK) {
err = MEM_ERR;
goto out;
}
rv = pop_item(&sp, &op1);
if (rv != OK) {
err = MEM_ERR;
goto out;
}
if (tmp == TOKEN_ASTERISK) {
rv = mpl_mul(&op1.value, &op1.value, &op2.value);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
op1.frac += op2.frac;
} else if (tmp == TOKEN_SLASH) {
if (op1.frac == 0 && op2.frac == 0)
goto main_part;
op1.frac -= op2.frac;
for (i = 0; i < PRECISION; i++) {
rv = mpl_mul_dig(&op1.value, &op1.value, 10);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
op1.frac++;
}
main_part:
rv = mpl_div(&op1.value, NULL, &op1.value, &op2.value);
if (rv != MPL_OK) {
err = MEM_ERR;
goto out;
}
}
rv = push_item(&sp, &op1);
if (rv != OK) {
err = MEM_ERR;
goto out;
}
mpl_clear(&op2.value);
}
if (token.type != TOKEN_PLUS && token.type != TOKEN_MINUS &&
token.type != TOKEN_RPARENTH && token.type != TOKEN_EOL) {
err = SYN_ERR;
goto out;
}
out:
return ;
}
int
mpl_mod_exp(mpl_int *c, const mpl_int *a, const mpl_int *y, const mpl_int *b)
{
mpl_int w[MPL_MODEXP_STACK];
mpl_int e, s, mu, z;
_mpl_int_t *dp, buffer;
int i, k, nbits, rc;
int do_single;
unsigned int mask, x, n, tmp, cnt;
if ((rc = mpl_initv(&e, &s, &mu, &z, NULL)) != MPL_OK)
return rc;
if (mpl_isneg(y)) {
if ((rc = mpl_mod_inv(&z, a, b)) != MPL_OK)
goto end;
} else {
if ((rc = mpl_copy(&z, a)) != MPL_OK)
goto end;
}
n = mpl_nr_bits(y);
if (n <= 7)
k = 2;
else if (n <= 36)
k = 3;
else if (n <= 140)
k = 4;
else if (n <= 450)
k = 5;
else if (n <= 1303)
k = 6;
else if (n <= 3529)
k = 7;
else
k = 8;
cnt = 0;
for (i = 0; i < 1 << (k-1); i++) {
rc = mpl_init(&w[i]);
if (rc != MPL_OK) {
for (i = 0; i < cnt; i++)
mpl_clear(&w[i]);
goto end;
}
++cnt;
}
/* reduce Z */
rc = mpl_div(NULL, &z, &z, b);
if (rc != MPL_OK)
goto err;
/* e = a */
rc = mpl_copy(&e, &z);
if (rc != MPL_OK)
goto err;
/* c = 1 */
mpl_set_one(&s);
/* prepare reduction constant */
rc = mpl_reduce_barrett_setup(&mu, b);
if (rc != MPL_OK)
goto err;
/* e = a^{2^(k-1)} */
for (i = 0; i < k-1; i++) {
rc = mpl_sqr(&e, &e);
if (rc != MPL_OK)
goto err;
rc = mpl_reduce_barrett(&e, &e, b, &mu);
if (rc != MPL_OK)
goto err;
}
/* Now fill precomputed table. */
rc = mpl_copy(&w[0], &e);
if (rc != MPL_OK)
goto err;
for (i = 1; i < 1 << (k-1); i++) {
/* w[i] = (w[i-1] * a) mod b */
rc = mpl_mul(&w[i], &w[i-1], &z);
if (rc != MPL_OK)
goto err;
rc = mpl_reduce_barrett(&w[i], &w[i], b, &mu);
if (rc != MPL_OK)
goto err;
}
buffer = nbits = do_single = cnt = 0;
/* Count bits of the topmost MP integer digit. */
dp = y->dig + y->top;
tmp = *dp;
for (cnt = 0; tmp > 0; cnt++)
tmp >>= 1;
nbits = cnt;
buffer = *dp--;
/* Precalculated window mask. */
mask = (1 << k) - 1;
while (n > 0) {
unsigned int left, xmask;
if (nbits == 0) {
buffer = *dp--;
nbits = MPL_INT_BITS;
}
/* Check most significant bit of the bit buffer. */
if ((buffer & (1 << (nbits-1))) == 0) {
/* c = c^2 mod b */
rc = mpl_sqr(&s, &s);
if (rc != MPL_OK)
goto err;
rc = mpl_reduce_barrett(&s, &s, b, &mu);
if (rc != MPL_OK)
goto err;
--nbits;
--n;
continue;
}
if (nbits >= k) {
/* We have enough bits in the buffer to fill window. */
x = (buffer & (mask << (nbits-k))) >> (nbits-k);
nbits -= k;
n -= k;
} else {
