void rsa_key_clear(rsa_key *kp)
{
mp_int_clear(&(kp->p));
mp_int_clear(&(kp->q));
mp_int_clear(&(kp->n));
mp_int_clear(&(kp->e));
mp_int_clear(&(kp->d));
}
mp_result find_strong_prime(mp_int seed, FILE *fb)
{
mp_result res;
mpz_t t;
mp_int_init(&t);
for(;;) {
if ((res = find_prime(seed, fb)) != MP_TRUE)
break;
if ((res = mp_int_copy(seed, &t)) != MP_OK)
break;
if ((res = mp_int_mul_pow2(&t, 1, &t)) != MP_OK ||
(res = mp_int_add_value(&t, 1, &t)) != MP_OK)
break;
if ((res = mp_int_is_prime(&t)) == MP_TRUE) {
if (fb != NULL)
fputc('!', fb);
res = mp_int_copy(&t, seed);
break;
}
else if (res != MP_FALSE)
break;
if (fb != NULL)
fputc('x', fb);
if ((res = mp_int_add_value(seed, 2, seed)) != MP_OK)
break;
}
mp_int_clear(&t);
return res;
}
/*
Compute mul * atan(1/x) to prec digits of precision, and store the
result in sum.
Computes atan(1/x) using the formula:
1 1 1 1
atan(1/x) = --- - ---- + ---- - ---- + ...
x 3x^3 5x^5 7x^7
*/
mp_result arctan(mp_small radix, mp_small mul, mp_small x, mp_small prec,
mp_int sum) {
mpz_t t, v;
mp_result res;
mp_small rem, sign = 1, coeff = 1;
mp_int_init(&t);
mp_int_init(&v);
++prec;
/* Compute mul * radix^prec * x
The initial multiplication by x saves a special case in the loop for
the first term of the series.
*/
if ((res = mp_int_expt_value(radix, prec, &t)) != MP_OK ||
(res = mp_int_mul_value(&t, mul, &t)) != MP_OK ||
(res = mp_int_mul_value(&t, x, &t)) != MP_OK)
goto CLEANUP;
x *= x; /* assumes x <= sqrt(MP_SMALL_MAX) */
mp_int_zero(sum);
do {
if ((res = mp_int_div_value(&t, x, &t, &rem)) != MP_OK) goto CLEANUP;
if ((res = mp_int_div_value(&t, coeff, &v, &rem)) != MP_OK) goto CLEANUP;
/* Add or subtract the result depending on the current sign (1 = add) */
if (sign > 0)
res = mp_int_add(sum, &v, sum);
else
res = mp_int_sub(sum, &v, sum);
if (res != MP_OK) goto CLEANUP;
sign = -sign;
coeff += 2;
} while (mp_int_compare_zero(&t) != 0);
res = mp_int_div_value(sum, radix, sum, NULL);
CLEANUP:
mp_int_clear(&v);
mp_int_clear(&t);
return res;
}
static void done_testing(void)
{
int i;
for(i = 0; i < NUM_REGS; ++i) {
mp_int_clear(g_zreg + i);
mp_rat_clear(g_qreg + i);
}
}
void release_values(mp_int values, int nt)
{
int i;
for(i = 0; i < nt; ++i)
mp_int_clear(values + i);
free(values);
}
int main(int argc, char* argv[]) {
mpz_t a, b;
int result;
mp_int_init_value(&a, 1);
mp_int_init_value(&b, 16);
mp_int_swap(&a, &b);
result = (a.digits == &(a.single) &&
b.digits == &(b.single) &&
a.digits[0] == 16 &&
b.digits[0] == 1);
printf("REGRESSION: mp_int_swap() on self-stored values: %s\n",
result ? "OK" : "FAILED");
mp_int_clear(&b);
mp_int_clear(&a);
return !result;
}
/* Test whether z is likely to be prime:
MP_TRUE means it is probably prime
MP_FALSE means it is definitely composite
*/
mp_result mp_int_is_prime(mp_int z)
{
int i, rem;
mp_result res;
/* First check for divisibility by small primes; this eliminates a
large number of composite candidates quickly
*/
for(i = 0; i < s_ptab_size; ++i) {
if((res = mp_int_div_value(z, s_ptab[i], NULL, &rem)) != MP_OK)
return res;
if(rem == 0)
return MP_FALSE;
}
/* Now try Fermat's test for several prime witnesses (since we now
know from the above that z is not a multiple of any of them)
*/
{
mpz_t tmp;
if((res = mp_int_init(&tmp)) != MP_OK) return res;
for(i = 0; i < 10 && i < s_ptab_size; ++i) {
if((res = mp_int_exptmod_bvalue(s_ptab[i], z, z, &tmp)) != MP_OK)
return res;
if(mp_int_compare_value(&tmp, s_ptab[i]) != 0) {
mp_int_clear(&tmp);
return MP_FALSE;
}
}
mp_int_clear(&tmp);
}
return MP_TRUE;
}
/* Test the IMath internals assumed by the imath implementation of isl_int.
*
* In particular, we test the ranges of IMath-defined types.
*
* Also, isl uses the existence and function of imath's struct
* fields. The digits are stored with less significant digits at lower array
* indices. Where they are stored (on the heap or in the field 'single') does
* not matter.
*/
int test_imath_internals()
{
mpz_t val;
mp_result retval;
assert(sizeof(mp_small) == sizeof(long));
assert(MP_SMALL_MIN == LONG_MIN);
assert(MP_SMALL_MAX == LONG_MAX);
assert(sizeof(mp_usmall) == sizeof(unsigned long));
assert(MP_USMALL_MIN == ULONG_MIN);
assert(MP_USMALL_MAX == ULONG_MAX);
retval = mp_int_init_value(&val, 0);
assert(retval == MP_OK);
assert(val.alloc >= val.used);
assert(val.used == 1);
assert(val.sign == MP_ZPOS);
assert(val.digits[0] == 0);
retval = mp_int_set_value(&val, -1);
assert(retval == MP_OK);
assert(val.alloc >= val.used);
assert(val.used == 1);
assert(val.sign == MP_NEG);
assert(val.digits[0] == 1);
retval = mp_int_set_value(&val, 1);
assert(retval == MP_OK);
assert(val.alloc >= val.used);
assert(val.used == 1);
assert(val.sign == MP_ZPOS);
assert(val.digits[0] == 1);
retval = mp_int_mul_pow2(&val, sizeof(mp_digit) * CHAR_BIT, &val);
assert(retval == MP_OK);
assert(val.alloc >= val.used);
assert(val.used == 2);
assert(val.sign == MP_ZPOS);
assert(val.digits[0] == 0);
assert(val.digits[1] == 1);
mp_int_clear(&val);
return 0;
}
mp_int alloc_values(int nt, int prec)
{
mp_int out = malloc(nt * sizeof(mpz_t));
int i;
if(out == NULL)
return NULL;
for(i = 0; i < nt; ++i) {
if(mp_int_init_size(out + i, prec) != MP_OK) {
while(--i >= 0)
mp_int_clear(out + i);
return NULL;
}
}
return out;
}
int main(int argc, char *argv[])
{
int opt, modbits;
FILE *ofp = stdout;
mp_result res;
find_f find_func = find_prime;
char tag = 'p';
mpz_t value;
/* Process command-line arguments */
while((opt = getopt(argc, argv, "s")) != EOF) {
switch(opt) {
case 's':
find_func = find_strong_prime;
tag = 'P';
break;
default:
fprintf(stderr, "Usage: randprime [-s] <bits> [<outfile>]\n");
return 1;
}
}
if(optind >= argc) {
fprintf(stderr, "Error: You must specify the number of significant bits.\n");
fprintf(stderr, "Usage: randprime [-s] <bits> [<outfile>]\n");
return 1;
}
modbits = (int) strtol(argv[optind++], NULL, 0);
if(modbits < CHAR_BIT) {
fprintf(stderr, "Error: Invalid value for number of significant bits.\n");
return 1;
}
if(modbits % 2 == 1)
++modbits;
/* Check if output file is specified */
if(optind < argc) {
if((ofp = fopen(argv[optind], "wt")) == NULL) {
fprintf(stderr, "Error: Unable to open output file for writing.\n"
" - Filename: %s\n"
" - Error: %s\n", argv[optind], strerror(errno));
return 1;
}
}
mp_int_init(&value);
if ((res = mp_int_randomize(&value, modbits - 1)) != MP_OK) {
fprintf(stderr, "Error: Unable to generate random start value.\n"
" - %s (%d)\n", mp_error_string(res), res);
goto EXIT;
}
fprintf(stderr, "%c: ", tag);
find_func(&value, stderr);
fputc('\n', stderr);
/* Write the completed value to the specified output file */
{
int len;
char *obuf;
len = mp_int_string_len(&value, 10);
obuf = malloc(len);
mp_int_to_string(&value, 10, obuf, len);
fputs(obuf, ofp);
fputc('\n', ofp);
free(obuf);
}
EXIT:
fclose(ofp);
mp_int_clear(&value);
return 0;
}
int main(int argc, char *argv[]) {
mp_result res;
mpz_t sum1, sum2;
int ndigits, out = 0;
clock_t start, end;
if (argc < 2) {
fprintf(stderr, "Usage: %s <num-digits> [<radix>]\n", argv[0]);
return 1;
}
if ((ndigits = abs(atoi(argv[1]))) == 0) {
fprintf(stderr, "%s: you must request at least 1 digit\n", argv[0]);
return 1;
} else if ((mp_word)ndigits > MP_DIGIT_MAX) {
fprintf(stderr, "%s: you may request at most %u digits\n", argv[0],
(unsigned int)MP_DIGIT_MAX);
return 1;
}
if (argc > 2) {
int radix = atoi(argv[2]);
if (radix < MP_MIN_RADIX || radix > MP_MAX_RADIX) {
fprintf(stderr, "%s: you may only specify a radix between %d and %d\n",
argv[0], MP_MIN_RADIX, MP_MAX_RADIX);
return 1;
}
g_radix = radix;
}
mp_int_init(&sum1);
mp_int_init(&sum2);
start = clock();
/* sum1 = 16 * arctan(1/5) */
if ((res = arctan(g_radix, 16, 5, ndigits, &sum1)) != MP_OK) {
fprintf(stderr, "%s: error computing arctan: %d\n", argv[0], res);
out = 1;
goto CLEANUP;
}
/* sum2 = 4 * arctan(1/239) */
if ((res = arctan(g_radix, 4, 239, ndigits, &sum2)) != MP_OK) {
fprintf(stderr, "%s: error computing arctan: %d\n", argv[0], res);
out = 1;
goto CLEANUP;
}
/* pi = sum1 - sum2 */
if ((res = mp_int_sub(&sum1, &sum2, &sum1)) != MP_OK) {
fprintf(stderr, "%s: error computing pi: %d\n", argv[0], res);
out = 1;
goto CLEANUP;
}
end = clock();
mp_int_to_string(&sum1, g_radix, g_buf, sizeof(g_buf));
printf("%c.%s\n", g_buf[0], g_buf + 1);
fprintf(stderr, "Computation took %.2f sec.\n",
(double)(end - start) / CLOCKS_PER_SEC);
CLEANUP:
mp_int_clear(&sum1);
mp_int_clear(&sum2);
return out;
}
static int
gmp_rsa_public_decrypt(int flen, const unsigned char* from,
unsigned char* to, RSA* rsa, int padding)
{
unsigned char *p;
size_t size;
mpz_t s, us, n, e;
if (padding != RSA_PKCS1_PADDING)
return -1;
if (flen > RSA_size(rsa))
return -2;
BN2mpz(n, rsa->n);
BN2mpz(e, rsa->e);
#if 0
/* Check that the exponent is larger then 3 */
if (mp_int_compare_value(&e, 3) <= 0) {
mp_int_clear(&n);
mp_int_clear(&e);
return -3;
}
#endif
mpz_init(s);
mpz_init(us);
mpz_import(s, flen, 1, 1, 1, 0, rk_UNCONST(from));
if (mpz_cmp(s, n) >= 0) {
mpz_clear(n);
mpz_clear(e);
return -4;
}
mpz_powm(us, s, e, n);
mpz_clear(s);
mpz_clear(n);
mpz_clear(e);
p = to;
mpz_export(p, &size, 1, 1, 1, 0, us);
assert(size <= RSA_size(rsa));
mpz_clear(us);
/* head zero was skipped by mp_int_to_unsigned */
if (*p == 0)
return -6;
if (*p != 1)
return -7;
size--; p++;
while (size && *p == 0xff) {
size--; p++;
}
if (size == 0 || *p != 0)
return -8;
size--; p++;
memmove(to, p, size);
return size;
}
