/*
* Create a RSA private key
*/
RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng,
size_t bits, size_t exp)
{
if(bits < 1024)
throw Invalid_Argument(algo_name() + ": Can't make a key that is only " +
std::to_string(bits) + " bits long");
if(exp < 3 || exp % 2 == 0)
throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
e = exp;
do
{
p = random_prime(rng, (bits + 1) / 2, e);
q = random_prime(rng, bits - p.bits(), e);
n = p * q;
} while(n.bits() != bits);
d = inverse_mod(e, lcm(p - 1, q - 1));
d1 = d % (p - 1);
d2 = d % (q - 1);
c = inverse_mod(q, p);
gen_check(rng);
}
void fuzz(const uint8_t in[], size_t len)
{
// Ressol is mostly used for ECC point decompression so best to test smaller sizes
static const size_t p_bits = 256;
static const BigInt p = random_prime(fuzzer_rng(), p_bits);
static const Modular_Reducer mod_p(p);
if(len > p_bits / 8)
return;
try
{
const BigInt a = BigInt::decode(in, len);
BigInt a_sqrt = Botan::ressol(a, p);
if(a_sqrt > 0)
{
const BigInt a_redc = mod_p.reduce(a);
const BigInt z = mod_p.square(a_sqrt);
if(z != a_redc)
{
std::cout << "A = " << a << "\n";
std::cout << "P = " << p << "\n";
std::cout << "R = " << a_sqrt << "\n";
std::cout << "Z = " << z << "\n";
abort();
}
}
}
catch(Botan::Exception& e) {}
return;
}
int main(int argc, char **argv) {
static struct gengetopt_args_info args_info;
assert(cmdline_parser(argc, argv, &args_info) == 0);
char* pattern = args_info.pattern_orig;
char* text = read_text(args_info.text_arg);
uint32_t n = strlen(text);
uint32_t m = strlen(pattern);
/* occ[] stores if a position is an occurrence */
uint32_t* occ = calloc(n, sizeof(*occ));
assert(occ != NULL);
/* Initialize random number generator */
gsl_rng *rng = gsl_rng_alloc(gsl_rng_mt19937);
uint32_t num_rounds = (size_t) args_info.rounds_arg;
for (size_t i = 0; i < num_rounds; i++) {
uint32_t mod = random_prime(rng);
for (size_t j = 0; j < m; j++)
for (size_t c = 0; c < 4; c++)
corrections[c] = (j == 0) ? c : (corrections[c] << 2) % mod;
uint32_t pattern_h = init_h(pattern, m, mod);
uint32_t pos = m;
for (uint32_t text_h = init_h(text, m, mod); pos < n;
text_h = next_h(text_h, text[pos - m], text[pos], mod), pos++)
if (pattern_h == text_h)
occ[pos - m]++;
}
for (uint32_t pos = 0; pos < n; pos++)
if (occ[pos] >= num_rounds) {
char* x = strndupa(text + pos, m);
printf("Occurrence %s at position %d\n", x, pos);
}
free(occ);
}
paillier_priv
paillier_skeygen (size_t nbits, u_int iter)
{
assert (nbits > 0);
random_init ();
bigint p, q;
// Not fast
p = random_prime ((nbits/2 + (nbits & 1)), odd_sieve, 2, iter);
q = random_prime ((nbits/2 + 1), odd_sieve, 2, iter);
if (p > q)
swap (p, q);
return paillier_priv (p, q);
}
/*
* Generate a random safe prime
*/
BigInt random_safe_prime(RandomNumberGenerator& rng, u32bit bits)
{
if(bits <= 64)
throw Invalid_Argument("random_safe_prime: Can't make a prime of " +
to_string(bits) + " bits");
BigInt p;
do
p = (random_prime(rng, bits - 1) << 1) + 1;
while(!is_prime(p, rng));
return p;
}
void *dretva()
{
int i;
for(i=0;i<ttime;i++)
{
printf("\nDretva tid=%i broj=%i",pthread_self(),random_prime());
fflush(stdout);
usleep(1000000);
fflush(stdout);
}
printf("\nDretva tid=%i zavrsila",pthread_self());
}
int
bmz_bm_pack_mask32x2(const void *src, size_t in_len, void *dst,
size_t *out_len_p, size_t offset, size_t fp_len,
void *work_mem, size_t b1, size_t b2) {
size_t pow_n_b1, pow_n_b2;
BM_ENCODE_BODY(hash = r_hash_mask32x2(in + i, fp_len, b1, b2);
pow_n_b1 = pow_mask(b1, fp_len, BM_MASK32);
pow_n_b2 = pow_mask(b2, fp_len, BM_MASK32),
update_hash_mask32x2(hash, in[i + fp_len], in[i],
pow_n_b1, pow_n_b2, b1, b2),
b1 = random_prime(0);
b2 = random_prime(b1));
}
/*
* DL_Group Constructor
*/
DL_Group::DL_Group(RandomNumberGenerator& rng,
PrimeType type, size_t pbits, size_t qbits)
{
if(pbits < 1024)
throw Invalid_Argument("DL_Group: prime size " + std::to_string(pbits) +
" is too small");
if(type == Strong)
{
m_p = random_safe_prime(rng, pbits);
m_q = (m_p - 1) / 2;
m_g = 2;
}
else if(type == Prime_Subgroup)
{
if(!qbits)
qbits = dl_exponent_size(pbits);
m_q = random_prime(rng, qbits);
BigInt X;
while(m_p.bits() != pbits || !is_prime(m_p, rng))
{
X.randomize(rng, pbits);
m_p = X - (X % (2*m_q) - 1);
}
m_g = make_dsa_generator(m_p, m_q);
}
else if(type == DSA_Kosherizer)
{
qbits = qbits ? qbits : ((pbits <= 1024) ? 160 : 256);
generate_dsa_primes(rng, m_p, m_q, pbits, qbits);
m_g = make_dsa_generator(m_p, m_q);
}
m_initialized = true;
}
paillier_priv
paillier_keygen (size_t nbits, size_t abits, u_int iter)
{
// Fast decryption
assert (nbits > 0);
assert (abits > 0);
assert (abits <= nbits);
random_init ();
size_t sbits = nbits - (2 * abits);
bigint n, p, q, a, g, k;
do {
a = random_prime (abits, odd_sieve, 2, iter);
bigint cp = random_bigint (sbits/2 + (sbits & 1));
bigint cq = random_bigint (sbits/2 + 1);
p = a * cp + 1;
while (!prime_test (p))
// p1 = a * (++c1) + 1
p += a;
q = a * cq + 1;
while (!prime_test (q))
// p2 = a * (++c2) + 1
q += a;
n = p * q;
} while (n.nbits () != nbits && n.nbits () != (nbits+1) || p == q);
paillier_gen (p, q, n, a, g, k);
if (p > q)
swap (p, q);
return paillier_priv (p, q, a, g, k, &n);
}
