MEXP(unsigned long) nls_account_create(nls_t* nls, char* buf, unsigned long bufSize) {
mpz_t s; /* salt */
mpz_t v;
mpz_t x;
if (!nls)
return 0;
if (bufSize < nls->username_len + 65)
return 0;
mpz_init2(s, 256);
mpz_urandomb(s, nls->rand, 256);
mpz_export(buf, (size_t*) 0, -1, 1, 0, 0, s);
/*memset(buf, 0, 32);*/
nls_get_x(nls, x, buf);
nls_get_v_mpz(nls, v, x);
mpz_export(buf + 32, (size_t*) 0, -1, 1, 0, 0, v);
mpz_clear(x);
mpz_clear(v);
mpz_clear(s);
strcpy(buf + 64, nls->username);
return nls->username_len + 65;
}
void calculate_rsa_ckaid(osw_public_key *pub)
{
if(pub->alg == PUBKEY_ALG_RSA) {
struct RSA_public_key *rsa = &pub->u.rsa;
if(rsa->key_rfc3110.len == 0) {
/* key has no 3110 representation, need to cons up one */
unsigned int e_size = mpz_sizeinbase(&rsa->e, 256);
unsigned int key3110len = rsa->k + 1 + e_size;
rsa->key_rfc3110.ptr = alloc_bytes(key3110len, "rfc3110 format of public key [created]");
rsa->key_rfc3110.len = key3110len;
unsigned char *here = rsa->key_rfc3110.ptr;
here[0] = e_size;
here++;
mpz_export(here, NULL, 1, 1, 1, 0, &rsa->e);
here += e_size;
mpz_export(here, NULL, 1, 1, 1, 0, &rsa->n);
}
/* maybe #ifdef SHA2 ? */
/* calculate the hash of the public key, using SHA-2 */
sha256_hash_buffer(rsa->key_rfc3110.ptr, rsa->key_rfc3110.len,
pub->key_ckaid, sizeof(pub->key_ckaid));
datatot(pub->key_ckaid, sizeof(pub->key_ckaid), 'G',
pub->key_ckaid_print_buf, sizeof(pub->key_ckaid_print_buf));
}
}
/* computes: epsilon = H(alpha|beta|z|message)
* result will be taken mod q
* this function uses work1 from workspace */
void gmp_pbs_hash_epsilon(mpz_t result, mpz_t alpha, mpz_t beta, mpz_t z,
char *message, gmp_pbs_parameters *parameters, gmp_pbs_workspace *workspace) {
int buffer_len, alpha_len, beta_len, z_len, msg_len;
char *buffer, *pos;
alpha_len = mpz_sizeinbase(alpha, 2);
beta_len = mpz_sizeinbase(beta, 2);
z_len = mpz_sizeinbase(z, 2);
msg_len = strlen(message);
/* need space for alpha,beta,z,message */
buffer_len = alpha_len + beta_len + z_len + msg_len + 1;
buffer = calloc(1, buffer_len);
pos = buffer;
mpz_export(pos, NULL, 1, alpha_len, 0, 0, alpha);
pos += alpha_len;
mpz_export(pos, NULL, 1, beta_len, 0, 0, beta);
pos += beta_len;
mpz_export(pos, NULL, 1, z_len, 0, 0, z);
pos += z_len;
memcpy(pos, message, strlen(message));
gmp_pbs_Hhash(result, buffer, parameters, workspace);
free(buffer);
}
/* Binary segmentation, using import/export method for processing p.
* Thanks to Dan Bernstein's 2007 Quartic paper.
*/
void poly_mod_mul(mpz_t* px, mpz_t* py, UV r, mpz_t mod, mpz_t p, mpz_t p2, mpz_t t)
{
UV i, bytes;
char* s;
mpz_mul(t, mod, mod);
mpz_mul_ui(t, t, r);
bytes = mpz_sizeinbase(t, 256);
mpz_set_ui(p, 0);
mpz_set_ui(p2, 0);
/* 1. Create big integers from px and py with padding. */
{
Newz(0, s, r*bytes, char);
for (i = 0; i < r; i++)
mpz_export(s + i*bytes, NULL, -1, 1, 0, 0, px[i]);
mpz_import(p, r*bytes, -1, 1, 0, 0, s);
Safefree(s);
}
if (px != py) {
Newz(0, s, r*bytes, char);
for (i = 0; i < r; i++)
mpz_export(s + i*bytes, NULL, -1, 1, 0, 0, py[i]);
mpz_import(p2, r*bytes, -1, 1, 0, 0, s);
Safefree(s);
}
guint32 srp_generate_salt_and_v(srp_t *srp, gchar *out)
{
mpz_t s; /* salt */
mpz_t v;
mpz_t x;
size_t count;
if (!srp)
return 0;
mpz_init2(s, 256);
mpz_urandomb(s, srp->rand, 256);
mpz_export(out, &count, -1, 1, 0, 0, s);
/*memset(buf, 0, 32);*/
srp_get_x(srp, x, out);
srp_get_v_mpz(srp, v, x);
mpz_export(out + 32, &count, -1, 1, 0, 0, v);
mpz_clear(x);
mpz_clear(v);
mpz_clear(s);
return 64;
}
// mpz_export does not fill leading zeros, thus a prepending of leading 0s is required
void mpz_export_padded(uint8_t* pBufIdx, uint32_t field_size_bytes, mpz_t to_export) {
size_t size = 0;
mpz_export(pBufIdx, &size, 1, sizeof(pBufIdx[0]), 0, 0, to_export);
if (size < field_size_bytes) {
for (int i = 0; i + size < field_size_bytes; i++) {
pBufIdx[i] = 0;
}
pBufIdx += (field_size_bytes - size);
mpz_export(pBufIdx, &size, 1, sizeof(pBufIdx[0]), 0, 0, to_export);
}
}
static int
ecdsa_verify(unsigned char signature[96], const unsigned char digest[48], const unsigned char pkey[96]){
unsigned char u1buf[48];
unsigned char u2buf[48];
unsigned char point[96];
mpz_t order;
mpz_t s;
mpz_t r;
mpz_t z;
mpz_t u1;
mpz_t u2;
mpz_t w;
int ret;
mpz_init(order);
mpz_init(s);
mpz_init(r);
mpz_init(z);
mpz_init(u1);
mpz_init(u2);
mpz_init(w);
mpz_set_str(order, "39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643", 10);
mpz_import(r, 48, -1, 1, 1, 0, signature);
mpz_import(s, 48, -1, 1, 1, 0, signature+48);
mpz_import(z, 48, -1, 1, 1, 0, digest);
mpz_invert(w, s, order);
mpz_mul(u2, r, w);
mpz_mul(u1, z, w);
mpz_mod(u2, u2, order);
mpz_mod(u1, u1, order);
for(int i=0; i<48; i++){
u1buf[i]=0;
u2buf[i]=0;
}
mpz_export(u1buf, NULL, -1, 1, 1, 0, u1);
mpz_export(u2buf, NULL, -1, 1, 1, 0, u2);
p384_32_double_scalarmult_base(point, pkey, u1buf, u2buf);
mpz_import(u1, 48, 1, 1, 1, 0, point);
mpz_sub(s, r, u1);
mpz_mod(s, s, order);
if(mpz_sgn(s)==0){
ret=1;
} else {
ret=0;
}
mpz_clear(order);
mpz_clear(s);
mpz_clear(r);
mpz_clear(z);
mpz_clear(u1);
mpz_clear(u2);
mpz_clear(w);
return ret;
}
// mpz_export does not fill leading zeros, thus a prepending of leading 0s is required
void BaseOT::mpz_export_padded(BYTE* pBufIdx, int field_size, mpz_t to_export) {
size_t size = 0;
mpz_export(pBufIdx, &size, 1, sizeof(pBufIdx[0]), 0, 0, to_export);
if (size < field_size) {
for (int i = 0; i + size < field_size; i++) {
pBufIdx[i] = 0;
}
pBufIdx += (field_size - size);
mpz_export(pBufIdx, &size, 1, sizeof(pBufIdx[0]), 0, 0, to_export);
}
}
void generateMultipliers(uint32_t *primesCombined,
uint32_t *isNewMultiplier,
uint32_t *multipliers,
uint32_t *offsets,
uint64_t *multipliers64,
uint32_t *offsets64,
uint64_t *combinedMultipliers,
uint32_t *combinedOffsets,
uint32_t *primes,
unsigned primesNum,
unsigned multipliersNum)
{
unsigned primeCombinedIdx = 0;
mpz_class divisor;
mpz_class inversedMultiplier;
mpz_class inversedMultiplier64;
mpz_class inversedCombinedMultiplier;
unsigned offset;
unsigned offset64;
unsigned combinedOffset;
unsigned primeCombined;
for (unsigned i = 0; i < multipliersNum; i++) {
findMultiplierForConstantDivision(31, primes[i], &inversedMultiplier, &offset);
if (offset < 32)
findMultiplierForConstantDivision(32, primes[i], &inversedMultiplier, &offset);
findMultiplierForConstantDivision(63, primes[i], &inversedMultiplier64, &offset64);
if (offset64 < 64)
findMultiplierForConstantDivision(64, primes[i], &inversedMultiplier64, &offset64);
if (primeCombinedIdx <= i) {
primeCombined = 1;
while (primeCombined < (1U << 31) / primes[primeCombinedIdx])
primeCombined *= primes[primeCombinedIdx++];
divisor = primeCombined;
findMultiplierForConstantDivision(63, divisor, &inversedCombinedMultiplier, &combinedOffset);
isNewMultiplier[i] = 1;
} else {
isNewMultiplier[i] = 0;
}
size_t size;
primesCombined[i] = primeCombined;
mpz_export(&multipliers[i], &size, -1, 4, 0, 0, inversedMultiplier.get_mpz_t());
mpz_export(&multipliers64[i], &size, -1, 4, 0, 0, inversedMultiplier64.get_mpz_t());
mpz_export(&combinedMultipliers[i], &size, -1, 4, 0, 0, inversedCombinedMultiplier.get_mpz_t());
offsets[i] = offset;
offsets64[i] = offset64;
combinedOffsets[i] = combinedOffset;
}
}
// Input: priv_key = buffer of 200 bytes
// pub_key = buffer of 200 bytes
// Output: priv_key = Your private key
// pub_key = Your public key
int DH1080_gen(char *priv_key, char *pub_key)
{
unsigned char raw_buf[256]; //, iniHash[33];
//unsigned long seed;
int iRet, i;
size_t len;
mpz_t b_privkey, b_pubkey, b_base;
unsigned char temp[DH1080_PRIME_BYTES];
//FILE *hRnd;
priv_key[0]='0';
priv_key[1]='\0';
pub_key[0]='0';
pub_key[1]='\0';
mpz_init(b_privkey);
mpz_init(b_pubkey);
mpz_init_set_ui(b_base, 2);
do
{
for(i=0; i < DH1080_PRIME_BYTES; i++)
temp[i] = (unsigned char)rand(&csprng);
mpz_import(b_privkey, DH1080_PRIME_BYTES, 1, 1, 0, 0, temp);
mpz_mod(b_privkey, b_privkey, b_prime1080); /* [2, prime1080-1] */
} while( mpz_cmp_ui(b_privkey, 1) != 1); /* while smaller than 2 */
mpz_powm(b_pubkey, b_base, b_privkey, b_prime1080);
if(DH_verifyPubKey(b_pubkey))
{
mpz_export(raw_buf, &len, 1, 1, 0, 0, b_privkey);
mpz_clear(b_privkey);
htob64((char *)raw_buf, priv_key, len);
mpz_export(raw_buf, &len, 1, 1, 0, 0, b_pubkey);
htob64((char *)raw_buf, pub_key, len);
iRet=1;
}
else iRet=0;
ZeroMemory(raw_buf, sizeof(raw_buf));
mpz_clear(b_pubkey);
mpz_clear(b_base);
return iRet;
}
list_t *
entry (char *host, int sock, int flags)
{
list_t *p = xmalloc (sizeof *p);
p->host = xstrdup (host);
#if WITH_SSL
p->ssl = flags & 1 ? SSL_new (client) : SSL_new (server);
SSL_set_fd (p->ssl, sock);
#else
p->sock = sock;
gc_cipher_open (GC_AES256, GC_STREAM, &p->cipher);
mpz_t my_num;
mpz_init (my_num);
char *key = xcalloc (len, sizeof *key);
pthread_cleanup_push (free, key);
gc_random (key, len);
mpz_import (my_num, len, 1, 1, 1, 0, key);
mpz_t sent;
mpz_init_set (sent, base);
mpz_powm (sent, sent, my_num, prime);
char *buff = xcalloc (len, sizeof *buff);
pthread_cleanup_push (free, buff);
mpz_export (buff, NULL, 1, 1, 1, 0, sent);
if (send (sock, buff, len, 0) < 0)
error (1, errno, "Failed to perform handshake");
if (recv (sock, buff, len, 0) < 0)
error (1, errno, "Failed to perform handshake");
mpz_import (sent, len, 1, 1, 1, 0, buff);
pthread_cleanup_pop (1);
mpz_powm (sent, sent, my_num, prime);
mpz_export (key, NULL, 1, 1, 1, 0, sent);
gc_cipher_setkey (p->cipher, len, key);
pthread_cleanup_pop (1);
#endif /* WITH_SSL */
return p;
}
void BnetSRP3::getServerPasswordProof( byte * result, mpz_t& A, const byte * M, mpz_t& K )
{
SHA1Context sha;
byte proofHash[20];
byte A_[32], K_[40];
SHA1Reset(&sha);
mpz_export(A_, NULL, -1, 1, 0, 0, A);
SHA1Input(&sha, (byte*) A_, 32);
SHA1Input(&sha, M, 20);
mpz_export(K_, NULL, -1, 1, 0, 0, K);
SHA1Input(&sha, (byte*) K_, 40);
SHA1Result(&sha, (byte*) proofHash);
memcpy(result, proofHash, 20);
}
cstring *bn_getvch(const mpz_t v)
{
/* get MPI format size */
size_t sz;
char *buf = mpz_export(NULL, &sz, -1, 1, 1, 0, v);
if (sz == 0) {
free(buf);
return cstr_new(NULL);
}
cstring *s_le = cstr_new_buf(buf, sz);
free(buf);
/* check if sign bit is available */
unsigned int msb = mpz_sizeinbase(v, 2);
if ((!(msb & 0x07) && msb > 0)) {
cstr_append_c(s_le, '\0');
sz++;
}
cstr_resize(s_le, sz);
/* set sign bit */
if (mpz_sgn(v) == -1) {
s_le->str[sz - 1] = (s_le->str[sz - 1] & 0xff) | 0x80;
}
return s_le;
}
static void
store_p_soa(uint64 p, uint32 num_roots, uint32 which_poly,
mpz_t *roots, void *extra)
{
lattice_fb_t *L = (lattice_fb_t *)extra;
p_soa_var_t *soa;
uint32 num;
uint128 tmp = {{0}};
if (num_roots != 1) {
printf("error: num_roots > 1\n");
exit(-1);
}
if (L->fill_p)
soa = (p_soa_var_t *)L->p_array;
else
soa = (p_soa_var_t *)L->q_array;
num = soa->num_p;
mpz_export(&tmp, NULL, -1, sizeof(uint32), 0, 0, roots[0]);
if (p != soa->last_p) {
soa->p[num] = p;
soa->num_p++;
soa->last_p = p;
soa->roots[which_poly][num] = tmp;
}
else {
soa->roots[which_poly][num - 1] = tmp;
}
}
void srp_get_A(srp_t *srp, gchar *out)
{
mpz_t g;
mpz_t A;
size_t o;
if (!srp)
return;
if (srp->A) {
g_memmove(out, srp->A, 32);
return;
}
mpz_init_set_ui(g, SRP_VAR_g);
mpz_init2(A, 256);
mpz_powm(A, g, srp->a, srp->n);
mpz_export(out, &o, -1, 1, 0, 0, A);
mpz_clear(A);
mpz_clear(g);
srp->A = (gchar *) g_malloc(32);
if (srp->A)
memcpy(srp->A, out, 32);
}
bool RSA::encrypt(char* msg, int32_t size, const char* key)
{
mpz_t plain, c;
mpz_init2(plain, 1024);
mpz_init2(c, 1024);
mpz_t e;
mpz_init(e);
mpz_set_ui(e,65537);
mpz_t mod;
mpz_init2(mod, 1024);
mpz_set_str(mod, key, 10);
mpz_import(plain, 128, 1, 1, 0, 0, msg);
mpz_powm(c, plain, e, mod);
size_t count = (mpz_sizeinbase(c, 2) + 7)/8;
memset(msg, 0, 128 - count);
mpz_export(&msg[128 - count], NULL, 1, 1, 0, 0, c);
mpz_clear(c);
mpz_clear(plain);
mpz_clear(e);
mpz_clear(mod);
return true;
}
void*
paillier_plaintext_to_bytes( int len,
paillier_plaintext_t* pt )
{
void* buf0;
void* buf1;
size_t written;
buf0 = mpz_export(0, &written, 1, 1, 0, 0, pt->m);
if( written == len )
return buf0;
buf1 = malloc(len);
memset(buf1, 0, len);
if( written == 0 )
/* no need to copy anything, pt->m = 0 and buf0 was not allocated */
return buf1;
else if( written < len )
/* pad with leading zeros */
memcpy(buf1 + (len - written), buf0, written);
else
/* truncate leading garbage */
memcpy(buf1, buf0 + (written - len), len);
free(buf0);
return buf1;
}
void BasicSizeHeaderSocket::send(const mpz_class& data) {
unsigned long int words;
void * toSend = mpz_export(NULL, (size_t*) &words, -1, MPZEXPORTWORDSIZE, -1, 0, data.get_mpz_t());
this->RawSocket::sendInteger(words);
this->RawSocket::sendData(toSend, words * MPZEXPORTWORDSIZE);
free(toSend);
}
static BIGNUM *
mpz2BN(mpz_t s)
{
size_t size;
BIGNUM *bn;
void *p;
mpz_export(NULL, &size, 1, 1, 1, 0, s);
p = malloc(size);
if (p == NULL && size != 0)
return NULL;
mpz_export(p, &size, 1, 1, 1, 0, s);
bn = BN_bin2bn(p, size, NULL);
free(p);
return bn;
}
/**
* Encrypt an unsigned int and return the encrypted bytes in char*
* Params :
* - unsigned int ui : the value to encrypt ;
* - unsigned int s : the exponent (recursion lvl).
*
* Return :
* - char* : an allocated pointer to the encrypted data.
**/
char*
PaillierAdapter::encrypt(unsigned int ui, unsigned int s)
{
unsigned int ciph_size = publicParameters.getKeyBitsize()*(s+1)/8;
char *tmp, *request = (char*) calloc((ciph_size + 1), sizeof(char));
size_t n;
mpz_t pt, ct;
mpz_init(ct);
mpz_init_set_ui( pt, ui); // convert the 0 or the 1 to an mpz_t
enc( this->publicParameters.getPubKey(), pt, s, ct );
#ifdef CRYPTO_DEBUG
gmp_printf("Created query element: %Zd with args %Zd and %d\n",ct, pt, s);
#endif
tmp = (char*)mpz_export(NULL, &n, 1, sizeof(char), 0, 0, ct);
//Padding
memcpy(request+sizeof(char)*((ciph_size) - n), tmp, n);
//Free memory
mpz_clears(ct, pt, NULL);
free(tmp);
return request;
}
/* store */
static int unsigned_write(void *a, unsigned char *b)
{
LTC_ARGCHK(a != NULL);
LTC_ARGCHK(b != NULL);
mpz_export(b, NULL, 1, 1, 1, 0, ((__mpz_struct*)a));
return CRYPT_OK;
}
MEXP(nls_t*) nls_account_change_proof(nls_t* nls, char* buf,
const char* new_password, const char* B, const char* salt)
{
nls_t* nouveau;
mpz_t s; /* salt */
if (!nls)
return (nls_t*) 0;
/* create new nls_t */
nouveau = nls_init_l(nls->username, nls->username_len, new_password,
(unsigned long) strlen(new_password));
if (!nouveau)
return (nls_t*) 0;
/* fill buf */
nls_get_M1(nls, buf, B, salt);
mpz_init2(s, 256);
mpz_urandomb(s, nouveau->rand, 256);
mpz_export(buf + 20, (size_t*) 0, -1, 1, 0, 0, s);
nls_get_v(nouveau, buf + 52, buf + 20);
mpz_clear(s);
return nouveau;
}
static void
store_p_soa(uint64 p, uint32 num_roots, uint32 which_poly,
mpz_t *roots, void *extra)
{
uint32 i;
lattice_fb_t *L = (lattice_fb_t *)extra;
p_soa_var_t *soa;
uint32 num;
if (which_poly != 0) {
printf("error: batched polynomials not allowed\n");
exit(-1);
}
if (L->fill_p)
soa = (p_soa_var_t *)L->p_array;
else
soa = (p_soa_var_t *)L->q_array;
num = soa->num_p;
soa->p[num] = p;
soa->num_roots[num] = num_roots;
for (i = 0; i < num_roots; i++) {
uint128 tmp = {{0}};
mpz_export(&tmp, NULL, -1, sizeof(uint32), 0, 0, roots[i]);
soa->roots[i][num] = tmp;
}
soa->num_p++;
}
void* damgard_jurik::export_prvkey(size_t *len) {
void *buff;
size_t written;
buff = mpz_export(NULL, &written, 1, 1, 0, 0, prvkey->lambda);
*len = written;
return buff;
}
MEXP(void) nls_get_A(nls_t* nls, char* out) {
mpz_t g;
mpz_t A;
size_t o;
if (!nls)
return;
if (nls->A) {
memcpy(out, nls->A, 32);
return;
}
mpz_init_set_ui(g, NLS_VAR_g);
mpz_init2(A, 256);
mpz_powm(A, g, nls->a, nls->n);
mpz_export(out, &o, -1, 1, 0, 0, A);
mpz_clear(A);
mpz_clear(g);
nls->A = (char*) malloc(32);
if (nls->A)
memcpy(nls->A, out, 32);
}
signed long long vanilla::int_object_to_signed_longlong(object::ptr const& obj)
{
#if LLONG_MAX == LONG_MAX
return int_object_to_signed_long(obj);
#endif
if(obj->type_id() != OBJECT_ID_INT)
{
BOOST_THROW_EXCEPTION(error::bad_cast_error()
<< error::first_operand(obj)
<< error::cast_target_name("int"));
}
mpz_t& mpz = static_cast<int_object const*>(obj.get())->value().mpz();
if(mpz_sizeinbase(mpz, 2) + 1 > sizeof(long long) * CHAR_BIT)
{
BOOST_THROW_EXCEPTION(error::integer_conversion_overflow_error()
<< error::first_operand(obj)
<< error::integer_conversion_target_type("signed long long"));
}
size_t count = 0;
long long result = 0;
mpz_export(&result, &count, -1, sizeof(result), 0, 0, mpz);
assert(count == 1);
return result;
}
char* damgard_jurik_text_t::to_str() {
char *buf;
size_t len;
buf = (char *)mpz_export(NULL, &len, 1, 1, 0, 0, text);
buf[len] = 0;
return buf;
}
static inline void from_mpz(element_ptr e, mpz_ptr z) {
fp_field_data_ptr p = e->field->data;
size_t count;
mpz_export(e->data, &count, -1, sizeof(mp_limb_t), 0, 0, z);
memset((void *) (((unsigned char *) e->data) + count * sizeof(mp_limb_t)), 0,
(p->limbs - count) * sizeof(mp_limb_t));
}
char* PaillierPublicParameters::getByteModulus() {
char *key = new char[(getKeyBitsize() / 8 ) + sizeof(int)]();
mpz_export(key, NULL, 1, sizeof(char) , 0, 0, *pubkey.getnj(1));
int init_s = pubkey.getinit_s();
memcpy(key+(getKeyBitsize()/8), &init_s, sizeof(int));
return key;
}
void printPlaintext(mpz_t plaintext) {
size_t count = 1024;
char *buffer = (char *)calloc(count, sizeof(char));
mpz_export((void*)buffer, &count, 1, sizeof( char), 1, 0, plaintext);
printf("%s\n", buffer);
}
