int pseudoprime( type n)
{
if (mod_exp(2, n-1, n) == 1){
if(n > 16) {
if (mod_exp(rand()%n,n-1, n) == 1)
return 1;
} else {
return 1;
}
}
return 0;
}
int rabin_miller_test(mpz_t n, mpz_t a) {
mpz_t n_minus, d, a_power;
int j, s = 0;
/* d(n_minus) = n - 1 */
mpz_init(n_minus);
mpz_sub_ui(n_minus,n,1);
mpz_init_set(d,n_minus);
while(mpz_even_p(d)) {
mpz_fdiv_q_2exp(d, d, 1);
s++;
}
/* a_power = a^d mod n */
mpz_init(a_power);
mod_exp(a,d,n,a_power);
if(mpz_cmp_ui(a_power,1) == 0) {
mpz_clear(n_minus);
mpz_clear(d);
mpz_clear(a_power);
return PRIME;
}
for (j = 0; j < s - 1; ++j) {
if(mpz_cmp(a_power,n_minus) == 0) {
mpz_clear(n_minus);
mpz_clear(d);
mpz_clear(a_power);
return PRIME;
}
mod_exp_ui(a_power,2,n,a_power);
/*mpz_powm_ui (a_power, a_power, 2, n);*/
}
if(mpz_cmp(a_power,n_minus) == 0) {
mpz_clear(n_minus);
mpz_clear(d);
mpz_clear(a_power);
return PRIME;
}
mpz_clear(n_minus);
mpz_clear(d);
mpz_clear(a_power);
return COMPOSITE;
}
int main()
{
int z, n;
ll m, a, b;
scanf("%d", &z);
while(z--){
scanf("%d", &m);
scanf("%d", &n);
ll ans = 0;
for(int i=0; i<n; ++i){
scanf("%d %d", &a, &b);
ans = (ans+mod_exp(a, b, m)) % m;
}
printf("%d\n", ans);
}
}
int main()
{
long long int sum, n, m;
while (1) {
scanf("%lld %lld", &n, &m);
if ( n == 0 && m == 0) break;
sum = 0;
while (m > 0) {
sum = sum + mod_exp(n,m);
m--;
}
sum = sum % 1000000007;
printf("%lld\n", sum);
}
return 0;
}
int main()
{
unsigned long long a;
unsigned long long p;
while(scanf("%lld %lld",&p,&a) != EOF)
{
if(p == 0 && a == 0)
break;
if(is_prime(p))
printf("no\n");
else
{
if(mod_exp(a,p,p) == a)
printf("yes\n");
else
printf("no\n");
}
}
return 0;
}
//miller-rabin
bool miller_rabin(bint n, int times) {
if(n==2)return 1;
if(n<2||!(n&1))return 0;
bint a, u=n-1, x, y;
int t=0;
while(u%2==0) {
t++;
u/=2;
}
srand(time(0));
for(int i=0; i<times; i++) {
a = rand() % (n-1) + 1;
x = mod_exp(a, u, n);
for(int j=0; j<t; j++) {
y = muti_mod(x, x, n);
if ( y == 1 && x != 1 && x != n-1 )
return false; //must not
x = y;
}
if( y!=1) return false;
}
return true;
}
int witness(type a,type n)
{
type i;
type t;
type u;
type x;
type y;
t = power2(n-1, &u);
y = mod_exp(a, u, n);
for (i = 0; i < t; i++) {
x = mulmod(y,y,n) ;
if (x == 1 && y != 1 && y != n-1) {
return 1;
}
y = x;
}
if ( y != 1 ) {
return 1;
}
return 0;
}
int rsa_default_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
size_t len) {
BIGNUM *f, *result;
BN_CTX *ctx = NULL;
unsigned blinding_index = 0;
BN_BLINDING *blinding = NULL;
int ret = 0;
ctx = BN_CTX_new();
if (ctx == NULL) {
goto err;
}
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
result = BN_CTX_get(ctx);
if (f == NULL || result == NULL) {
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
goto err;
}
if (BN_bin2bn(in, len, f) == NULL) {
goto err;
}
if (BN_ucmp(f, rsa->n) >= 0) {
/* Usually the padding functions would catch this. */
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
/* We cannot do blinding or verification without |e|, and continuing without
* those countermeasures is dangerous. However, the Java/Android RSA API
* requires support for keys where only |d| and |n| (and not |e|) are known.
* The callers that require that bad behavior set |RSA_FLAG_NO_BLINDING|. */
int disable_security = (rsa->flags & RSA_FLAG_NO_BLINDING) && rsa->e == NULL;
if (!disable_security) {
/* Keys without public exponents must have blinding explicitly disabled to
* be used. */
if (rsa->e == NULL) {
OPENSSL_PUT_ERROR(RSA, RSA_R_NO_PUBLIC_EXPONENT);
goto err;
}
blinding = rsa_blinding_get(rsa, &blinding_index, ctx);
if (blinding == NULL) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
if (!BN_BLINDING_convert(f, blinding, rsa->e, rsa->mont_n, ctx)) {
goto err;
}
}
if (rsa->p != NULL && rsa->q != NULL && rsa->e != NULL && rsa->dmp1 != NULL &&
rsa->dmq1 != NULL && rsa->iqmp != NULL) {
if (!mod_exp(result, f, rsa, ctx)) {
goto err;
}
} else {
BIGNUM local_d;
BIGNUM *d = NULL;
BN_init(&local_d);
d = &local_d;
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
if (!BN_mod_exp_mont_consttime(result, f, d, rsa->n, ctx, rsa->mont_n)) {
goto err;
}
}
/* Verify the result to protect against fault attacks as described in the
* 1997 paper "On the Importance of Checking Cryptographic Protocols for
* Faults" by Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. Some
* implementations do this only when the CRT is used, but we do it in all
* cases. Section 6 of the aforementioned paper describes an attack that
* works when the CRT isn't used. That attack is much less likely to succeed
* than the CRT attack, but there have likely been improvements since 1997.
*
* This check is cheap assuming |e| is small; it almost always is. */
if (!disable_security) {
BIGNUM *vrfy = BN_CTX_get(ctx);
if (vrfy == NULL ||
!BN_mod_exp_mont(vrfy, result, rsa->e, rsa->n, ctx, rsa->mont_n) ||
!BN_equal_consttime(vrfy, f)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
if (!BN_BLINDING_invert(result, blinding, rsa->mont_n, ctx)) {
goto err;
}
}
if (!BN_bn2bin_padded(out, len, result)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
ret = 1;
err:
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
if (blinding != NULL) {
rsa_blinding_release(rsa, blinding, blinding_index);
}
return ret;
}
int rsa_default_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
size_t len) {
if (rsa->n == NULL || rsa->d == NULL) {
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
return 0;
}
BIGNUM *f, *result;
BN_CTX *ctx = NULL;
unsigned blinding_index = 0;
BN_BLINDING *blinding = NULL;
int ret = 0;
ctx = BN_CTX_new();
if (ctx == NULL) {
goto err;
}
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
result = BN_CTX_get(ctx);
if (f == NULL || result == NULL) {
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
goto err;
}
if (BN_bin2bn(in, len, f) == NULL) {
goto err;
}
if (BN_ucmp(f, rsa->n) >= 0) {
// Usually the padding functions would catch this.
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
goto err;
}
if (!freeze_private_key(rsa, ctx)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
const int do_blinding = (rsa->flags & RSA_FLAG_NO_BLINDING) == 0;
if (rsa->e == NULL && do_blinding) {
// We cannot do blinding or verification without |e|, and continuing without
// those countermeasures is dangerous. However, the Java/Android RSA API
// requires support for keys where only |d| and |n| (and not |e|) are known.
// The callers that require that bad behavior set |RSA_FLAG_NO_BLINDING|.
OPENSSL_PUT_ERROR(RSA, RSA_R_NO_PUBLIC_EXPONENT);
goto err;
}
if (do_blinding) {
blinding = rsa_blinding_get(rsa, &blinding_index, ctx);
if (blinding == NULL) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
if (!BN_BLINDING_convert(f, blinding, rsa->e, rsa->mont_n, ctx)) {
goto err;
}
}
if (rsa->p != NULL && rsa->q != NULL && rsa->e != NULL && rsa->dmp1 != NULL &&
rsa->dmq1 != NULL && rsa->iqmp != NULL) {
if (!mod_exp(result, f, rsa, ctx)) {
goto err;
}
} else if (!BN_mod_exp_mont_consttime(result, f, rsa->d_fixed, rsa->n, ctx,
rsa->mont_n)) {
goto err;
}
// Verify the result to protect against fault attacks as described in the
// 1997 paper "On the Importance of Checking Cryptographic Protocols for
// Faults" by Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. Some
// implementations do this only when the CRT is used, but we do it in all
// cases. Section 6 of the aforementioned paper describes an attack that
// works when the CRT isn't used. That attack is much less likely to succeed
// than the CRT attack, but there have likely been improvements since 1997.
//
// This check is cheap assuming |e| is small; it almost always is.
if (rsa->e != NULL) {
BIGNUM *vrfy = BN_CTX_get(ctx);
if (vrfy == NULL ||
!BN_mod_exp_mont(vrfy, result, rsa->e, rsa->n, ctx, rsa->mont_n) ||
!BN_equal_consttime(vrfy, f)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
}
if (do_blinding &&
!BN_BLINDING_invert(result, blinding, rsa->mont_n, ctx)) {
goto err;
}
// The computation should have left |result| as a maximally-wide number, so
// that it and serializing does not leak information about the magnitude of
// the result.
//
// See Falko Stenzke, "Manger's Attack revisited", ICICS 2010.
assert(result->width == rsa->mont_n->N.width);
if (!BN_bn2bin_padded(out, len, result)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
ret = 1;
err:
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
if (blinding != NULL) {
rsa_blinding_release(rsa, blinding, blinding_index);
}
return ret;
}
int main(){
int x = mod_mul(2, 5, 7);
int y = mod_exp(2, 5, 7);
printf("%d, %d\n", x, y);
return 0;
}
