/****************************************************************************** PYTHON BINDINGS ******************************************************************************/ static PyObject * _ecdsa_sign(PyObject *self, PyObject *args) { char * msg, * d, * k, * p, * a, * b, * q, * gx, * gy; if (!PyArg_ParseTuple(args, "sssssssss", &msg, &d, &k, &p, &a, &b, &q, &gx, &gy)) { return NULL; } mpz_t privKey, nonce; CurveZZ_p * curve = buildCurveZZ_p(p, a, b, q, gx, gy, 10); Sig sig; mpz_init_set_str(privKey, d, 10); mpz_init_set_str(nonce, k, 10); signZZ_p(&sig, msg, privKey, nonce, curve); destroyCurveZZ_p(curve); char * resultR = mpz_get_str(NULL, 10, sig.r); char * resultS = mpz_get_str(NULL, 10, sig.s); mpz_clears(sig.r, sig.s, privKey, NULL); PyObject * ret = Py_BuildValue("ss", resultR, resultS); free(resultR); free(resultS); return ret; }
/* void RSA_decrypt_chunk(string, mpz_t, RSA_PRIVATE) * decrypts cipher using one's private key */ void RSA_decrypt_chunk(string &message, mpz_t &cipher, RSA_PRIVATE &priv) { mpz_t m, m1, m2, h; mpz_inits(m, m1, m2, h, NULL); mpz_powm(m1, cipher, priv.dP, priv.p); mpz_powm(m2, cipher, priv.dQ, priv.q); if (mpz_cmp(m1, m2) < 0) mpz_add(m1, m1, priv.p); mpz_sub(m1, m1, m2); mpz_mul(h, priv.qInv, m1); mpz_mod(h, h, priv.p); mpz_mul(h, h, priv.q); mpz_add(m, m2, h); // now we have m decrypted, but we still need to unhask // the message from it // EB = 00 || 02 || PS || 00 || D message = mpz_get_str(NULL, 16, m); int msg_start = message.rfind("00") + 2; message = message.substr(msg_start); // message now contains decrypted text but in numbers in base 16 // below code converts number from base 16 into chars string msg(message.length() / 2, ' '); for (unsigned int i=0; i<message.length(); i+=2) { msg[0.5*i] = (unsigned char) hex2decbyte(message[i], message[i+1]); } message = msg; mpz_clears(m, m1, m2, h, NULL); // tidying }
// sign a hash using ECDSA, hash must be a string in base used during initialisation. // private key and a generator point are required for it to work (look SetDomain // and SetKeys) void ECDSA::Sign( char *hash, char *&r, char *&s ) { mpz_t z,k,rr,ss,t,u; ECPoint kG; mpz_init_set_str(z, hash, m_base); mpz_inits(k, rr, ss, t, u, NULL); do { mpz_urandomm(k, m_st, ecc->m_n); ecc->MultiplePoint(k, ecc->m_G, kG); mpz_set(rr, kG.x); mpz_mod(rr, rr, ecc->m_n); } while (!mpz_cmp_ui(rr, 0)); do { mpz_set(t,z); mpz_addmul(t,rr,ecc->m_dA); mpz_set(u,k); mpz_invert(u,u,ecc->m_n); mpz_mul(ss, t, u); mpz_mod(ss, ss, ecc->m_n); } while (!mpz_cmp_ui(ss, 0)); mpz_get_str(r, m_base, rr); mpz_get_str(s, m_base, ss); mpz_clears(z,k,rr,ss,t,u,NULL); return; }
int main(int argc, char **argv) { mp_bitcnt_t bit_width = 0; int base = kDefaultBase; static const struct option long_options[] = { { "help", no_argument, NULL, 'h' }, { "use-random", no_argument, NULL, 'r' }, { "base", required_argument, NULL, 'b' }, { "bit-width", required_argument, NULL, 's' }, { NULL, 0, NULL, 0 } }; for (;;) { int opt = getopt_long(argc, argv, "hrb:s:", long_options, NULL); if (opt == -1) break; switch (opt) { case 'r': gRNGFilename = "/dev/random"; break; case 'b': if (simple_strtoi(&base, optarg, 10) < 0 || (base > -2 && base < 2) || base < -36 || base > 62) fatal("invalid base: '%s'", optarg); break; case 's': if (simple_strtoul(&bit_width, optarg, 10) < 0 || bit_width == 0) fatal("invalid bit width: '%s'", optarg); break; case 'h': print_usage(); return EXIT_SUCCESS; default: return EXIT_FAILURE; } } argv += optind; argc -= optind; if (argc > 2 || (bit_width != 0 && argc > 0)) fatal("too many arguments"); mpz_t low, high, result; mpz_inits(low, high, result, NULL); if (argc == 2) { arg_to_mpz(low, argv[0]); arg_to_mpz(high, argv[1]); } else if (argc == 1) { arg_to_mpz(high, argv[0]); } else if (bit_width != 0) { mpz_setbit(high, bit_width); } else { mpz_set_ui(high, kDefaultUpperBound); } get_random_mpz(result, low, high); mpz_out_str(stdout, base, result); putchar('\n'); mpz_clears(low, high, result, NULL); return EXIT_SUCCESS; }
static void dm_ddh_setup_dec(struct dm_ddh_crs *crs, struct params *p) { mpz_t x, y; int file; unsigned long seed; mpz_inits(x, y, NULL); /* fix seed of random number generator */ gmp_randseed_ui(p->rnd, 0UL); find_generator(crs->g0, p); random_element(y, p); mpz_powm(crs->g1, crs->g0, y, p->p); mpz_powm(crs->h0, crs->g0, x, p->p); mpz_powm(crs->h1, crs->g1, x, p->p); mpz_clears(x, y, NULL); /* re-seed random number generator */ if ((file = open("/dev/urandom", O_RDONLY)) == -1) { (void) fprintf(stderr, "Error opening /dev/urandom\n"); } else { if (read(file, &seed, sizeof seed) == -1) { (void) fprintf(stderr, "Error reading from /dev/urandom\n"); (void) close(file); } } gmp_randseed_ui(p->rnd, seed); (void) close(file); }
static void randomize(mpz_t u, mpz_t v, const mpz_t g, const mpz_t h, const mpz_t gp, const mpz_t hp, struct params *p) { mpz_t s, t, tmp; mpz_inits(s, t, tmp, NULL); random_element(s, p); random_element(t, p); /* compute g^s h^t */ mpz_powm(tmp, g, s, p->p); mpz_powm(u, h, t, p->p); mpz_mul(u, u, tmp); mpz_mod(u, u, p->p); /* compute gp^s hp^t */ mpz_powm(tmp, gp, s, p->p); mpz_powm(v, hp, t, p->p); mpz_mul(v, v, tmp); mpz_mod(v, v, p->p); mpz_clears(s, t, tmp, NULL); }
/* Test operands from a table of seed data. This variant creates the operands using a division chain. This is a hack for better coverage of the gcd code, which depends on that the random number generators give the exact numbers we expect. */ void check_kolmo2 (void) { static const struct { unsigned int seed; int nb, chain_len; } data[] = { { 917, 15, 5 }, { 1032, 18, 6 }, { 1167, 18, 6 }, { 1174, 18, 6 }, { 1192, 18, 6 }, }; gmp_randstate_t rs; mpz_t bs, a, b, want; int i; gmp_randinit_default (rs); mpz_inits (bs, a, b, want, NULL); for (i = 0; i < numberof (data); i++) { gmp_randseed_ui (rs, data[i].seed); make_chain_operands (want, a, b, rs, data[i].nb, data[i].nb, data[i].chain_len); one_test (a, b, want, -1); } mpz_clears (bs, a, b, want, NULL); gmp_randclear (rs); }
int is_on_curve_jac(JacPoint *jp, const mpz_t a, const mpz_t b){ int rep; mpz_t c, d, e; mpz_inits (c, d, e, NULL); //~ c= Z^2 mpz_mul (c, jp->Z, jp->Z); mpz_mod (c, c, p); //~ d= Z^4 mpz_mul (d, c, c); mpz_mod (d, d, p); //~ c = bZ^6 mpz_mul (c, c, d); mpz_mul (c, c, b); mpz_mod (c, c, p); //~ d=aXZ^4 (p) mpz_mul (d, d, a); mpz_mul (d, d, jp->X); mpz_mod (d, d, p); //~ e= X^3 (p) mpz_mul (e, jp->X, jp->X); mpz_mul (e, e, jp->X); mpz_mod (e, e, p); //~ e = X^3 +aXZ^4 +bZ^6 (p) mpz_add (e, e, c); mpz_add (e, e, d); mpz_mod (e, e, p); //~ c= Y^2 (p) mpz_mul (c, jp->Y, jp->Y); mpz_mod (c, c, p); rep = mpz_cmp (c, e); mpz_clears(c, d, e, NULL); return (rep==0); }
//~ eq : (a*X^2 + Y^2)*Z^2 = Z^4 + d*(X^2)*(Y^2) int is_on_curve_extProj(ExtProjPoint *op){ int rep; mpz_t leq, req, lx, ly, lz; mpz_inits (leq, req, lx, ly, lz, NULL); mpz_mul (lx, op->X, op->X); mpz_mod (lx, lx, p); mpz_mul (ly, op->Y, op->Y); mpz_mod (ly, ly, p); mpz_mul (lz, op->Z, op->Z); mpz_mod (lz, lz, p); mpz_mul (leq, lx, curve_a); mpz_add (leq, leq, ly); mpz_mul (leq, leq, lz); mpz_mod (leq, leq, p); // leq <-- (a*X^2 + Y^2)*Z^2 mpz_mul (lz, lz, lz); mpz_mod (lz, lz, p); // lz <-- Z^4 mpz_mul (req, lx, ly); mpz_mul (req, req, curve_d); mpz_add (req, req, lz); mpz_mod (req, req, p); // req <-- Z^4 + d*(X^2)*(Y^2) rep = mpz_cmp (leq, req); mpz_clears (leq, req, lx, ly, lz, NULL); return (rep==0); }
/** * Private encrypt methode. * Params : * - paillier_pubkey* pub : Paillier public key pointer ; * - mpz_t m : data to encrypt ; * - unsigned int s : recursion level ; * - mpz_t c : result operande . **/ void PaillierAdapter::enc( paillier_pubkey* pub, mpz_t m, unsigned int s, mpz_t c ) { mpz_t gm, rns, r; mpz_inits( gm, rns, r, NULL); unsigned int modulusbits = publicParameters.getKeyBitsize(); do { mpz_urandomb(r, rand, (s+1)*modulusbits); } while( mpz_cmp(r, *pub->getnj(s+1)) >= 0 ); mpz_powm(gm, *pub->getg(), m, *pub->getnj(s+1)); mpz_powm(rns, r, *pub->getnj(s), *pub->getnj(s+1)); mpz_mul(c, gm, rns); mpz_mod(c,c, *pub->getnj(s+1)); #ifdef DEBUG_ENCRYPT mpz_t test; mpz_init(test); dec(pub, privateParameters.getPrvKey(), c, s, test); gmp_printf("Decrypting %Zd into %Zd\n\n", c, test); #endif mpz_clears(gm, rns, r, NULL); }
void PaillierAdapter::keygen( unsigned int modulusbits, paillier_pubkey* pub, paillier_prvkey* prv, unsigned int init_s) { mpz_t p, q; mpz_inits(p, q, NULL); /* pick random (modulusbits/2)-bit primes p and q */ do { get_prime_of_size(p, modulusbits / 2); get_prime_of_size(q, modulusbits / 2); mpz_mul(*pub->getnj(1), p, q); }while(mpz_sizeinbase(*pub->getnj(1), 2) != modulusbits); pub->setbits(modulusbits); pub->setinit_s(init_s); pub->complete_key(init_s+1); /*we don't know if it will be used beyond one level*/ /* compute the private key lambda = lcm(p-1,q-1) */ mpz_sub_ui(p, p, 1); mpz_sub_ui(q, q, 1); mpz_lcm(prv->d, p, q); mpz_invert(prv->inv_d, prv->d ,*pub->getnj(init_s)); /* clear temporary integers */ mpz_clears(p, q, NULL); }
/** * Encrypt an unsigned int and return the encrypted bytes in char* * Params : * - unsigned int ui : the value to encrypt ; * - unsigned int s : the exponent (recursion lvl). * * Return : * - char* : an allocated pointer to the encrypted data. **/ char* PaillierAdapter::encrypt(unsigned int ui, unsigned int s) { unsigned int ciph_size = publicParameters.getKeyBitsize()*(s+1)/8; char *tmp, *request = (char*) calloc((ciph_size + 1), sizeof(char)); size_t n; mpz_t pt, ct; mpz_init(ct); mpz_init_set_ui( pt, ui); // convert the 0 or the 1 to an mpz_t enc( this->publicParameters.getPubKey(), pt, s, ct ); #ifdef CRYPTO_DEBUG gmp_printf("Created query element: %Zd with args %Zd and %d\n",ct, pt, s); #endif tmp = (char*)mpz_export(NULL, &n, 1, sizeof(char), 0, 0, ct); //Padding memcpy(request+sizeof(char)*((ciph_size) - n), tmp, n); //Free memory mpz_clears(ct, pt, NULL); free(tmp); return request; }
void signZZ_p(Sig * sig, char * msg, mpz_t d, mpz_t k, const CurveZZ_p * curve) { mpz_t e, kinv; // R = k * G, r = R[x] PointZZ_p R; pointZZ_pMul(&R, curve->g, k, curve); mpz_init_set(sig->r, R.x); mpz_mod(sig->r, sig->r, curve->q); // convert digest to integer (digest is computed as hex in ecdsa.py) mpz_init_set_str(e, msg, 16); int orderBits = mpz_sizeinbase(curve->q, 2); int digestBits = strlen(msg) * 4; if(digestBits > orderBits) { mpz_fdiv_q_2exp(e, e, digestBits - orderBits); } // s = (k^-1 * (e + d * r)) mod n mpz_inits(kinv, sig->s, NULL); mpz_invert(kinv, k, curve->q); mpz_mul(sig->s, d, sig->r); mpz_add(sig->s, sig->s, e); mpz_mul(sig->s, sig->s, kinv); mpz_mod(sig->s, sig->s, curve->q); mpz_clears(R.x, R.y, e, kinv, NULL); }
int verifyZZ_p(Sig * sig, char * msg, PointZZ_p * Q, const CurveZZ_p * curve) { mpz_t e, w, u1, u2; PointZZ_p tmp; mpz_inits(w, u1, u2, tmp.x, tmp.y, NULL); // convert digest to integer (digest is computed as hex in ecdsa.py) mpz_init_set_str(e, msg, 16); int orderBits = mpz_sizeinbase(curve->q, 2); int digestBits = strlen(msg) * 4; if(digestBits > orderBits) { mpz_fdiv_q_2exp(e, e, digestBits - orderBits); } mpz_invert(w, sig->s, curve->q); mpz_mul(u1, e, w); mpz_mod(u1, u1, curve->q); mpz_mul(u2, sig->r, w); mpz_mod(u2, u2, curve->q); pointZZ_pShamirsTrick(&tmp, curve->g, u1, Q, u2, curve); mpz_mod(tmp.x, tmp.x, curve->q); int equal = (mpz_cmp(tmp.x, sig->r) == 0); mpz_clears(e, w, u1, u2, tmp.x, tmp.y, NULL); return equal; }
void ecc_doubling(ecc_jcb_t *ROP, ecc_jcb_t *P, ecc_curve *curve) { mpz_t alfa, alfa1, alfa2, beta, x3_2, y3_2, y2, z3_2; if((strcmp(mpz_get_str(NULL, 10, P->x), "0") == 0) && (strcmp(mpz_get_str(NULL, 10, P->y), "0") == 0) && (strcmp(mpz_get_str(NULL, 10, P->z), "0") == 0)) { ecc_cp_jcb(ROP, P); } else { mpz_inits(alfa, alfa1, alfa2, beta, x3_2, y3_2, z3_2, y2, NULL); // alfa = 3*(x1)**2 + a * (z1**4) fp_mul_mpz(alfa1, P->x, P->x, curve->p); fp_mul_mpz(alfa2, P->z, P->z, curve->p); fp_mul_mpz(alfa2, alfa2, alfa2, curve->p); fp_mul_si(alfa1, alfa1, 3, curve->p); fp_mul_mpz(alfa2, alfa2, curve->a, curve->p); fp_add_mpz(alfa, alfa1, alfa2, curve->p); // y2 = y1**2 fp_mul_mpz(y2, P->y, P->y, curve->p); // beta = 4*x1*(y1**2) fp_mul_mpz(beta, y2, P->x, curve->p); fp_mul_si(beta, beta, 4, curve->p); mpz_set(ROP->z, P->z); // z3 = y1*z1 fp_mul_mpz(ROP->z, P->z, P->y, curve->p); // z3 = 2*y1*z1 fp_mul_si(ROP->z, ROP->z, 2, curve->p); mpz_init_set(x3_2, beta); // x3_2 = 2*beta fp_mul_si(x3_2, x3_2, 2, curve->p); mpz_set(ROP->x, alfa); // x3 = alfa**2 - 2*beta fp_mul_mpz(ROP->x, ROP->x, ROP->x, curve->p); fp_sub_mpz(ROP->x, ROP->x, x3_2, curve->p); mpz_init_set(y3_2, P->y); mpz_set(ROP->y, beta); // y3 = alfa(beta -x3) fp_sub_mpz(ROP->y, ROP->y, ROP->x, curve->p); fp_mul_mpz(ROP->y, ROP->y, alfa, curve->p); // y3_2 = 8*y1**4 fp_mul_mpz(y3_2, y2, y2, curve->p); fp_mul_si(y3_2, y3_2, 8, curve->p); // y3 = alfa(beta -x3) - 8*y1**4 fp_sub_mpz(ROP->y, ROP->y, y3_2, curve->p); mpz_clears(alfa, alfa1, alfa2, beta, x3_2, y3_2, z3_2, y2, NULL); } }
int main(int argc, char **argv) { char line[INTEGER_LIMIT]; if (argc > 1) strncpy(&line[0], argv[1], INTEGER_LIMIT); else if (scanf("%s\n", &line[0]) != 1) { fprintf(stderr, "factor: unable to read number from stdin\n"); return 1; } mpz_t n; mpz_init(n); if (mpz_set_str(n, &line[0], 0) == -1 || mpz_cmp_ui(n, 1) < 0) { fprintf(stderr, "factor: input must be a positive integer\n"); mpz_clear(n); return 1; } if (mpz_cmp_ui(n, 1) == 0 || mpz_probab_prime_p(n, MILLERRABIN_REPEATS) > 0) { gmp_printf("%Zd: %Zd\n", n, n); mpz_clear(n); return 0; } mpz_t t; mpz_init(t); mpz_sqrt(t, n); struct factors *f = factors_create(); struct prime_sieve *ps = prime_sieve_create(MIN(TRIALDIVISION_LIMIT, mpz_get_ui(t))); if (mpz_perfect_square_p(n)) { factors_push(f, t); factors_push(f, t); } else { mpz_set(t, n); factors_push(f, t); } /* run trial division to find find small factors */ while (factors_remove_composite(f, t) && trial_division(t, f, ps)); prime_sieve_destroy(ps); /* run quadratic sieve until factorized into only prime numbers */ while (factors_remove_composite(f, t) && quadratic_sieve(t, f, QUADRATIC_SIEVE_SIZE)); factors_sort(f); print_result(n, f); mpz_clears(n, t, NULL); factors_destroy(f); return 0; }
// Calculate euler's totient of n, assuming n = p*q. Then, // phi(n) = phi(p)phi(q) = (p-1)(q-1) void rsa_phi(mpz_t phi_n, const mpz_t p, const mpz_t q) { mpz_t p_minus_one, q_minus_one; mpz_inits(p_minus_one, q_minus_one, '\0'); mpz_sub_ui(p_minus_one, p, 1); mpz_sub_ui(q_minus_one, q, 1); mpz_mul(phi_n, p_minus_one, q_minus_one); mpz_clears(p_minus_one, q_minus_one, '\0'); }
int main (int argc, char *argv[]) { mpz_t c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2, key1, key2; FILE *fp, *fp1; char chars[3]; //initializations mpz_inits(c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2, key1, key2, NULL); //Welcome! printf("Begin task 4 / 5...\n"); printf("*******************************\n"); printf("Welcome to fun with big numbers\n"); printf("Lets do some decryption\n"); printf("*******************************\n"); //Get needed input from file fp = fopen("p4in.txt", "r"); gmp_fscanf(fp, "%Zd\n%Zd\n%Zd\n%Zd", &key1, &key2, &pc, &c); gmp_printf("key1=%Zd\n\nkey2=%Zd\n\nCommon factor=%Zd\n\ncipher=%Zd\n\n", key1, key2, pc, c); fclose(fp); //setup calculating needed values mpz_cdiv_q(q1, key1, pc); mpz_cdiv_q(q2, key2, pc); mpz_set_ui(e, 65537); mpz_sub_ui(tmp1, pc, 1); mpz_sub_ui(tmp2, q1, 1); mpz_mul(phi1, tmp1, tmp2); mpz_sub_ui(tmp2, q2, 1); mpz_mul(phi2, tmp1, tmp2); mpz_invert(d1, e, phi1); mpz_invert(d2, e, phi2); //Lets try and decrypt decrypt(&m1, c, d1, key1); decrypt(&m2, c, d2, key2); fp = fopen("p4out.txt", "w"); gmp_fprintf(fp, "%Zx\n%Zx\n", m1, m2); fclose(fp); mpz_clears(c, m1, m2, pc, q1, q2, e, d1, d2, phi1, phi2, tmp1, tmp2, key1, key2, NULL); fp = fopen("p4out.txt", "r"); chars[2] = 0; while (fscanf(fp, "%c%c", chars, chars + 1) > 0){ printf("%c", (int)strtol(chars, NULL, 16)); } fclose(fp); return 0; }
//~ Note : PP contains P, (-P + PHI_P), PHI_P and (P + PHI_P) resp. void point_from_GLVScalar(ExtProjPoint *rop, GLVScalar *k, ExtAffPoint *pp){ int j,u; mpz_t tmpX, tmpT; mpz_inits (tmpX, tmpT, NULL); j = k->j; u = k->tk1[j] + 3 * k->tk2[j]; if (u < 0){ mpz_set_ui (rop->Z, 1); mpz_set (rop->Y, pp[-u-1].y); mpz_neg (rop->X, pp[-u-1].x); mpz_neg (rop->T, pp[-u-1].t); } else{ mpz_set_ui (rop->Z, 1); mpz_set (rop->Y, pp[u-1].y); mpz_set (rop->X, pp[u-1].x); mpz_set (rop->T, pp[u-1].t); } j = j - 1; while (j > 0){ double_proj_to_extProj(rop); u = k->tk1[j] + 3 * k->tk2[j]; if (u < 0){ mpz_neg (tmpX, pp[-u-1].x); mpz_neg (tmpT, pp[-u-1].t); add_extProj_extAff_to_Proj(rop, tmpX, pp[-u-1].y, tmpT); } else if (u > 0){ add_extProj_extAff_to_Proj(rop, pp[u-1].x, pp[u-1].y, pp[u-1].t); } j = j - 1; } //~ For the last turn, it is preferable to calculate 'rop->T', if u != 0. double_proj_to_extProj(rop); u = k->tk1[j] + 3 * k->tk2[j]; if (u < 0){ mpz_neg (tmpX, pp[-u-1].x); mpz_neg (tmpT, pp[-u-1].t); add_extProj_extAff_to_extProj(rop, tmpX, pp[-u-1].y, tmpT); } else if (u > 0){ add_extProj_extAff_to_extProj(rop, pp[u-1].x, pp[u-1].y, pp[u-1].t); } mpz_clears (tmpX, tmpT, NULL); }
static void state_destructor(PyObject *self) { struct state *s; s = (struct state *) PyCapsule_GetPointer(self, NULL); if (s) { clt_mlm_cleanup(&s->mlm); mpz_clears(s->nev, s->nchk, NULL); } }
/* void RSA_encrypt_chunk(mpz_t, string, RSA_PUBLIC) * encrypts one part of message using one's public key, part fits the * requirements for itself, so that |part| <= k - 11 */ void RSA_encrypt_chunk(mpz_t &cipher, string &message, RSA_PUBLIC &pub) { // encrypting chunk has below format: // EB = 00 || 02 || PS || 00 || D // where k = |n| (it's in bytes) // D = message, |D|<=k-11 long long k = mpz_sizeinbase(pub.n, 2) / 8; // PS = random octets, |PS|=k-|D|-3 long long ps_len = k - 3 - message.length(); string EB("0002"); // EB = 00 || 02 EB.reserve(k*2); string PS_tab; PS_tab.reserve(2*ps_len); for (int i=0; i<ps_len; i++) { PS_tab.append( decbyte2hex( random(255)+1 ) ); } EB.append(PS_tab); // EB = 00 || 02 || PS EB.append("00"); // EB = 00 || 02 || PS || 00 for (unsigned int i=0; i<message.length(); i++) { EB.append( decbyte2hex((unsigned int)message[i]) ); } // EB = 00 || 02 || PS || 00 || D // now we have EB generated // algorithm for faster computing y = x^e (mod n) // e = e(k-1)e(k-2)...e(1)e(0) // e has the value of 11, 10001 or 10000000000000001 (3, 17, 65537) string e_str = mpz_get_str(NULL, 2, pub.e); int k_e = e_str.length(); mpz_t y, x; mpz_inits(y, x, NULL); mpz_set_str(x, EB.c_str(), 16); // x == EB mpz_set(y, x); // y == x for (long long i=1; i<k_e; i++) { mpz_powm_ui(y, y, 2, pub.n); if (e_str[i]=='1') { mpz_mul(y, y, x); mpz_mod(y, y, pub.n); } } mpz_set(cipher, y); // cipher is now encrypted EB mpz_clears(y, x, NULL); // tidying }
// Compute private key d, given n, p, and q. Assume e = 2^16+1 int rsa_compute_d(mpz_t d, const mpz_t n, const mpz_t p, const mpz_t q) { mpz_t e, phi_n, gcd; mpz_inits(e, phi_n, gcd, '\0'); rsa_phi(phi_n, p, q); mpz_set_ui(e, 65537); if (mpz_invert(d, e, phi_n) == 0) exit(EXIT_FAILURE); mpz_clears(phi_n, gcd, '\0'); return 0; }
void QtGMP::fac() { QString s(""); mpz_t aa,bb; char *str=0; mpz_init(bb); mpz_init_set_str(aa,qPrintable(this->lineEdit2->text()),10); mpz_fac_ui(bb,mpz_get_ui(aa)); // gmp_printf("B!:\t%Zd\nA!:\t%Zd\n\n\n",aa,bb); s.sprintf("B:\t%s\nB!:\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb)); this->textEdit->setText(s); mpz_clears(aa,bb,'\0'); }
void QtGMP::nprime() { QString s(""); mpz_t aa,bb; char *str=0; mpz_init(bb); mpz_init_set_str(aa,qPrintable(this->lineEdit1->text()),10); mpz_nextprime(bb,aa); //gmp_printf("A:\t%Zd\nNextPrime(A):\t%Zd\n\n\n",aa,bb); s.sprintf("A:\t%s\nNextPrime(A):\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb)); this->textEdit->setText(s); mpz_clears(aa,bb,'\0'); }
void QtGMP::powAB() { QString s(""); mpz_t aa,bb,cc; char *str=0; mpz_init(cc); mpz_init_set_str(aa,qPrintable(this->lineEdit1->text()),10); mpz_init_set_str(bb,qPrintable(this->lineEdit2->text()),10); mpz_pow_ui(cc,aa,mpz_get_ui(bb)); // gmp_printf("A:\t%Zd\n\B:\t%ZdnA^B:\t%Zd\n\n\n",aa,bb,cc); s.sprintf("A:\t%s\nB:\t%s\nA^B:\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb),mpz_get_str(str,10,cc)); this->textEdit->setText(s); mpz_clears(aa,bb,cc,'\0'); }
void QtGMP::lcm() { //QApplication::aboutQt(); QString s(""); mpz_t aa,bb,cc; char *str=0; mpz_init(cc); mpz_init_set_str(aa,qPrintable(this->lineEdit1->text()),10); mpz_init_set_str(bb,qPrintable(this->lineEdit2->text()),10); mpz_lcm(cc,aa,bb); // gmp_printf("A:\t%Zd\nB:\t%Zd\nLCM(A,B):\t%Zd\n\n\n",aa,bb,cc); s.sprintf("A:\t%s\nB:\t%s\nLCM(A,B):\t%s\n",mpz_get_str(str,10,aa),mpz_get_str(str,10,bb),mpz_get_str(str,10,cc)); this->textEdit->setText(s); mpz_clears(aa,bb,cc,'\0'); }
void ecc_jcb_to_afn(ecc_afn_t *ROP, ecc_jcb_t *P, ecc_curve *curve) { mpz_t g, s, inv, tmp; mpz_inits(g, s, inv, tmp, NULL); mpz_gcdext(g, s, inv, curve->p, P->z); // inv = Z^1 fp_mul_mpz(tmp, inv, inv, curve->p); // (Z^1)^2 fp_mul_mpz(ROP->x, P->x, tmp, curve->p); // X*((Z^1)^2) fp_mul_mpz(tmp, tmp, inv, curve->p); // (Z^1)^3 fp_mul_mpz(ROP->y, P->y, tmp, curve->p); // Y*((Z^1)^3) mpz_clears(g, s, inv, tmp, NULL); }
int main (void) { unsigned int i; mpz_t n, m; mpz_init (n); mpz_init_set_ui (m, 0); for (i = 1; i <= 1000; i++) { mpz_ui_pow_ui (n, i, i); mpz_add (m, m, n); /* gmp_printf ("%lu\t%Zd\n", i, n); */ /* gmp_printf ("%Zd\n", m); */ } gmp_printf ("%Zd\n", m); mpz_clears (n, m, NULL); }
int main(int argc, const char * argv[]) { mpz_t a[7], mod, n; mpz_inits(a[0], a[1], a[2], a[3], a[4], a[5], a[6], n, NULL); mpz_init_set_si(mod, 5); mpz_set_si(a[4], 1); mpz_set_si(n, 5); PointRef g = PointCreateFromInt(0,1); PointRef p = PointCreateFromInt(2,4); PointRef q = PointCreateFromInt(3,1); PointRef pTeta = PointCreateTeta(); PointRef qTeta = PointCreateTeta(); PointRef p2 = PointCreateFromInt(3,2); PointRef p2Inv = PointCreateFromInt(3,3); CurveRef curve = CurveCreate(mod, n, a, g); assert(curve != NULL); assert(curve->a[4] != NULL); assert(curve->a[6] != NULL); assert(curve->g != NULL); assert(curve->mod != NULL); addPoints(p, q, curve); addDoublePoint(p2, p2, curve); addPteta(pTeta, q, curve); addQteta(p, qTeta, curve); addResultTeta(p2, p2Inv, curve); mpz_clears(mod, a[0], a[1], a[2], a[3], a[4], a[5], a[6], NULL); PointDestroy(g); PointDestroy(p); PointDestroy(q); PointDestroy(pTeta); PointDestroy(qTeta); PointDestroy(p2); PointDestroy(p2Inv); CurveDestroy(curve); return 0; }
void gen_shared_secret(mpz_t shared_secret, keys* key_ptr, mpz_t other_party_secret, mpz_t other_party_signed_digest, mpz_t dhe_rand_sec, mpz_t dhe_prime) { mpz_t other_party_digest, verified_other_party_signed_digest; mpz_inits(other_party_digest, verified_other_party_signed_digest, NULL); rsa_verify_signature(verified_other_party_signed_digest, other_party_signed_digest, key_ptr->o_pub_exp, key_ptr->o_n); hash_payload(other_party_digest, other_party_secret); if (!mpz_cmp(verified_other_party_signed_digest, other_party_digest)) { dhe_compute_shared_secret(shared_secret, dhe_rand_sec, other_party_secret, dhe_prime); } else { perror("Error: Invalid signature"); exit(-1); } mpz_clears(other_party_digest, verified_other_party_signed_digest, NULL); }