コード例 #1
0
ファイル: dldp.c プロジェクト: codeguru85/keygen
int dldp_pgonMake(dldp_p* dp, randomGeneratorContext* rgc, size_t pbits, size_t qbits)
{
	/*
	 * Generate parameters with a prime p such that p = qr+1, with q prime, and r = 2s, with s prime
	 */

	register size_t psize = MP_BITS_TO_WORDS(pbits + MP_WBITS - 1);
	register mpw* temp = (mpw*) malloc((8*psize+2) * sizeof(mpw));

	if (temp)
	{
		/* generate q */
		mpprnd_w(&dp->q, rgc, qbits, mpptrials(qbits), (const mpnumber*) 0, temp);

		/* generate p with the appropriate congruences */
		mpprndconone_w(&dp->p, rgc, pbits, mpptrials(pbits), &dp->q, (const mpnumber*) 0, &dp->r, 2, temp);

		/* set n */
		mpbsubone(&dp->p, temp);
		mpbset(&dp->n, psize, temp);

		dldp_pgonGenerator_w(dp, rgc, temp);

		free(temp);

		return 0;
	}
	return -1;
}
コード例 #2
0
ファイル: dldp.c プロジェクト: codeguru85/keygen
int dldp_pgoqMake(dldp_p* dp, randomGeneratorContext* rgc, size_t pbits, size_t qbits, int cofactor)
{
	/*
	 * Generate parameters as described by IEEE P1363, A.16.1
	 */
	register size_t psize = MP_BITS_TO_WORDS(pbits + MP_WBITS - 1);
	register mpw* temp = (mpw*) malloc((8*psize+2) * sizeof(mpw));

	if (temp)
	{
		/* first generate q */
		mpprnd_w(&dp->q, rgc, qbits, mpptrials(qbits), (const mpnumber*) 0, temp);

		/* generate p with the appropriate congruences */
		mpprndconone_w(&dp->p, rgc, pbits, mpptrials(pbits), &dp->q, (const mpnumber*) 0, &dp->r, cofactor, temp);

		/* clear n */
		mpbzero(&dp->n);

		/* clear g */
		mpnzero(&dp->g);

		dldp_pgoqGenerator_w(dp, rgc, temp);

		free(temp);

		return 0;
	}

	return -1;
}
コード例 #3
0
ファイル: dldp.c プロジェクト: codeguru85/keygen
int dldp_pgonMakeSafe(dldp_p* dp, randomGeneratorContext* rgc, size_t pbits)
{
	/*
	 * Generate parameters with a safe prime; i.e. p = 2q+1, where q is prime
	 */

	register size_t psize = MP_BITS_TO_WORDS(pbits + MP_WBITS - 1);
	register mpw* temp = (mpw*) malloc((8*psize+2) * sizeof(mpw));

	if (temp)
	{
		/* generate safe p */
		mpprndsafe_w(&dp->p, rgc, pbits, mpptrials(pbits), temp);

		/* set n */
		mpbsubone(&dp->p, temp);
		mpbset(&dp->n, psize, temp);

		/* set q */
		mpcopy(psize, temp, dp->p.modl);
		mpdivtwo(psize, temp);
		mpbset(&dp->q, psize, temp);

		/* set r = 2 */
		mpnsetw(&dp->r, 2);

		dldp_pgonGenerator_w(dp, rgc, temp);

		free(temp);

		return 0;
	}
	return -1;
}
コード例 #4
0
ファイル: dldp.c プロジェクト: codeguru85/keygen
int dldp_pgoqMakeSafe(dldp_p* dp, randomGeneratorContext* rgc, size_t bits)
{
	/*
	 * Generate parameters with a safe prime; p = 2q+1 i.e. r=2
	 *
	 */

	register size_t size = MP_BITS_TO_WORDS(bits + MP_WBITS - 1);
	register mpw* temp = (mpw*) malloc((8*size+2) * sizeof(mpw));

	if (temp)
	{
		/* generate p */
		mpprndsafe_w(&dp->p, rgc, bits, mpptrials(bits), temp);

		/* set q */
		mpcopy(size, temp, dp->p.modl);
		mpdivtwo(size, temp);
		mpbset(&dp->q, size, temp);

		/* set r = 2 */
		mpnsetw(&dp->r, 2);

		/* clear n */
		mpbzero(&dp->n);

		dldp_pgoqGenerator_w(dp, rgc, temp);

		free(temp);

		return 0;
	}
	return -1;
}
コード例 #5
0
ファイル: mpprime.c プロジェクト: k2b3d/client_new
/*
 * needs workspace of (8*size+2) words
 */
void mpprndconone_w(mpbarrett* p, randomGeneratorContext* rc, size_t bits, int t, const mpbarrett* q, const mpnumber* f, mpnumber* r, int cofactor, mpw* wksp)
{
	/*
	 * Generate a prime p with n bits such that p mod q = 1, and p = qr+1 where r = 2s
	 *
	 * Conditions: q > 2 and size(q) < size(p) and size(f) <= size(p)
	 *
	 * Conditions: r must be chosen so that r is even, otherwise p will be even!
	 *
	 * if cofactor == 0, then s will be chosen randomly
	 * if cofactor == 1, then make sure that q does not divide r, i.e.:
	 *    q cannot be equal to r, since r is even, and q > 2; hence if q <= r make sure that GCD(q,r) == 1
	 * if cofactor == 2, then make sure that s is prime
	 * 
	 * Optional input f: if f is not null, then search p so that GCD(p-1,f) = 1
	 */

	mpbinit(p, MP_BITS_TO_WORDS(bits + MP_WBITS - 1));

	if (p->modl != (mpw*) 0)
	{
		size_t sbits = bits - mpbits(q->size, q->modl) - 1;
		mpbarrett s;

		mpbzero(&s);
		mpbinit(&s, MP_BITS_TO_WORDS(sbits + MP_WBITS - 1));

		while (1)
		{
			mpprndbits(&s, sbits, 0, (mpnumber*) 0, (mpnumber*) 0, rc, wksp);

			if (cofactor == 1)
			{
				mpsetlsb(s.size, s.modl);

				/* if (q <= s) check if GCD(q,s) != 1 */
				if (mplex(q->size, q->modl, s.size, s.modl))
				{
					/* we can find adequate storage for computing the gcd in s->wksp */
					mpsetx(s.size, wksp, q->size, q->modl);
					mpgcd_w(s.size, s.modl, wksp, wksp+s.size, wksp+2*s.size);

					if (!mpisone(s.size, wksp+s.size))
						continue;
				}
			}
			else if (cofactor == 2)
			{
				mpsetlsb(s.size, s.modl);
			}

			if (cofactor == 2)
			{
				/* do a small prime product trial division test on r */
				if (!mppsppdiv_w(&s, wksp))
					continue;
			}

			/* multiply q*s */
			mpmul(wksp, s.size, s.modl, q->size, q->modl);
			/* s.size + q.size may be greater than p.size by 1, but the product will fit exactly into p */
			mpsetx(p->size, p->modl, s.size+q->size, wksp);
			/* multiply by two and add 1 */
			mpmultwo(p->size, p->modl);
			mpaddw(p->size, p->modl, 1);
			/* test if the product actually contains enough bits */
			if (mpbits(p->size, p->modl) < bits)
				continue;

			/* do a small prime product trial division test on p */
			if (!mppsppdiv_w(p, wksp))
				continue;

			/* if we have an f, do the congruence test */
			if (f != (mpnumber*) 0)
			{
				mpcopy(p->size, wksp, p->modl);
				mpsubw(p->size, wksp, 1);
				mpsetx(p->size, wksp, f->size, f->data);
				mpgcd_w(p->size, wksp, wksp+p->size, wksp+2*p->size, wksp+3*p->size);
				if (!mpisone(p->size, wksp+2*p->size))
					continue;
			}

			/* if cofactor is two, test if s is prime */
			if (cofactor == 2)
			{
				mpbmu_w(&s, wksp);

				if (!mppmilrab_w(&s, rc, mpptrials(sbits), wksp))
					continue;
			}

			/* candidate has passed so far, now we do the probabilistic test on p */
			mpbmu_w(p, wksp);

			if (!mppmilrab_w(p, rc, t, wksp))
				continue;

			mpnset(r, s.size, s.modl);
			mpmultwo(r->size, r->data);
			mpbfree(&s);

			return;
		}
	}
}