示例#1
0
void RSA::decrypt(char* msg)
{
	std::lock_guard<std::recursive_mutex> lockClass(lock);

	mpz_t c, m;
	mpz_init2(c, 1024);
	mpz_init2(m, 1024);

	mpz_import(c, 128, 1, 1, 0, 0, msg);

	// m = c^d mod n
	mpz_powm(m, c, m_d, m_n);

	size_t count = (mpz_sizeinbase(m, 2) + 7)/8;
	memset(msg, 0, 128 - count);
	mpz_export(&msg[128 - count], nullptr, 1, 1, 0, 0, m);

	mpz_clear(c);
	mpz_clear(m);
}
示例#2
0
文件: rw.c 项目: agl/rwb0fuz1024
// -----------------------------------------------------------------------------
// Return non-zero iff @e is a quadratic residue mod @p
//
// power: (@p + 1) / 4
// -----------------------------------------------------------------------------
static int
is_quadratic_residue(mpz_t e, mpz_t p, mpz_t power) {
  mpz_t emod;

  mpz_init(emod);
  mpz_mod(emod, e, p);

  mpz_t r;
  mpz_init(r);

  mpz_powm(r, e, power, p);
  mpz_mul(r, r, r);
  mpz_mod(r, r, p);

  const int result = 0 == mpz_cmp(r, emod);
  mpz_clear(r);
  mpz_clear(emod);

  return result;
}
示例#3
0
paillier_plaintext_t*
paillier_dec( paillier_plaintext_t* res,
							paillier_pubkey_t* pub,
							paillier_prvkey_t* prv,
							paillier_ciphertext_t* ct )
{
	if( !res )
	{
		res = (paillier_plaintext_t*) malloc(sizeof(paillier_plaintext_t));
		mpz_init(res->m);
	}

	mpz_powm(res->m, ct->c, prv->lambda, pub->n_squared);
	mpz_sub_ui(res->m, res->m, 1);
	mpz_div(res->m, res->m, pub->n);
	mpz_mul(res->m, res->m, prv->x);
	mpz_mod(res->m, res->m, pub->n);

	return res;
}
示例#4
0
void encrypt(int msg/*To be extended to other types !*/){
	// generate r between 0 and n-1 inclusive 
	unsigned long int m = msg;
	gmp_randstate_t state;
	gmp_randinit_mt (state); // initiallize state with Mersenne Twister which is basically fast one !
	mpz_urandomm(r, state, n);
//66666666666666666666666666666666666
	//mpz_init_set_str(r,"23",10);
//6666666666666666666666666666666666	
	gmp_printf ("\nr = %Zd\n", r);
	mpz_powm_ui(tmpI, g/*base*/, m/*exp*/, nn/*mod*/); // tmp = base^exp modulo mod
	gmp_printf ("\ng^m = %Zd\n", tmpI);
	mpz_powm(tmpII, r/*base*/, n/*exp*/, nn/*mod*/); // tmp = base^exp modulo mod
	gmp_printf ("\nr^n = %Zd\n", tmpII);
	// Remember : a.b mod n = ((a mod n).(b mod n)) mod n
	mpz_mul(c, tmpI, tmpII);
	mpz_mod(c, c, nn);

	gmp_printf ("\nc = %Zd\n", c);
}
示例#5
0
文件: crypt.c 项目: MFreeze/m2moca
void egDecrypt(egpvk_t k, egem_t c, egdm_t *m) {
    int i;
    mpz_t tmp, inv;
    mpz_init(tmp);
    mpz_init(inv);

    mpz_powm(tmp, c.y1, k.a, k.p);
    mpz_invert(inv, tmp, k.p);

    for (i=0; i<c.size; i++) {
        // Decryption
        mpz_mul(c.y2[i], c.y2[i], inv);
        mpz_mod(c.y2[i], c.y2[i], k.p);
    }

    m->m = convertToChar(c.y2, c.size, k.k, &i);
    m->size = i;

    mpz_clear(tmp);
    mpz_clear(inv);
}
示例#6
0
文件: crypt.c 项目: MFreeze/m2moca
void dhGenPubKey(dhpvk_t *pvk, dhpbk_t *pbk) {
    // Integer used for random numbers
    if (!seed_initialized)
        rnInit();

    do {
        mpz_urandomb(pbk->p, seed, DH_KEY_SIZE);        
    } while (!mpz_probab_prime_p(pbk->p, NB_TURN));
    mpz_set(pvk->p, pbk->p);

    mpz_set_ui(pbk->g, 2);
    // Search alpha so that alpha is a generator
    while(!isGenerator(pbk->p, pbk->g))
        mpz_add_ui(pbk->g, pbk->g, 1);

    mpz_set(pvk->g, pbk->g);

    mpz_urandomm(pvk->a, seed, pvk->p);

    mpz_powm(pbk->pow, pbk->g, pvk->a, pbk->p);
}
示例#7
0
/*
  gmpをつかって Diffie Hellman 法を実装するルーチン
  
 */
static void
diffie_hellman( char *genstr, char *modstr, char *expstr ,
                char *out, int outlen )
{
    mpz_t gen, mod , exp , key;
    char *keystr;

    mpz_init_set_str( gen , genstr , 16 );
    mpz_init_set_str( mod , modstr , 16 );
    mpz_init_set_str( exp , expstr , 16 );
    mpz_init( key );

    mpz_powm( key, gen, exp, mod );
    keystr = mpz_get_str( NULL , 16 , key );
    snprintf( out, outlen , "%s" , keystr );

    mpz_clear( gen );
    mpz_clear( exp );
    mpz_clear( mod );
    mpz_clear( key );
}
示例#8
0
void srp_get_v(srp_t *srp, gchar *out, const gchar *salt)
{
    mpz_t g;
    mpz_t v;
    mpz_t x;
    size_t count;
    
    if (!srp)
        return;
    
    mpz_init_set_ui(g, SRP_VAR_g);
    mpz_init(v);
    srp_get_x(srp, x, salt);
    
    mpz_powm(v, g, x, srp->n);
    
    mpz_export(out, &count, -1, 1, 0, 0, v);
    mpz_clear(v);
    mpz_clear(g);
    mpz_clear(x);
}
示例#9
0
static int
millerrabin (mpz_srcptr n, mpz_srcptr nm1, mpz_ptr x, mpz_ptr y,
             mpz_srcptr q, unsigned long int k)
{
  unsigned long int i;

  mpz_powm (y, x, q, n);

  if (mpz_cmp_ui (y, 1L) == 0 || mpz_cmp (y, nm1) == 0)
    return 1;

  for (i = 1; i < k; i++)
    {
      mpz_powm_ui (y, y, 2L, n);
      if (mpz_cmp (y, nm1) == 0)
	return 1;
      if (mpz_cmp_ui (y, 1L) == 0)
	return 0;
    }
  return 0;
}
示例#10
0
static Variant HHVM_FUNCTION(gmp_powm,
                             const Variant& dataA,
                             const Variant& dataB,
                             const Variant& dataC) {
  mpz_t gmpDataA, gmpDataB, gmpDataC, gmpReturn;

  if (!variantToGMPData(cs_GMP_FUNC_NAME_GMP_POWM, gmpDataB, dataB)) {
    return false;
  }
  if (mpz_sgn(gmpDataB) < 0) {
    mpz_clear(gmpDataB);

    raise_warning(cs_GMP_INVALID_EXPONENT_MUST_BE_POSITIVE,
                  cs_GMP_FUNC_NAME_GMP_POWM);
    return false;
  }

  if (!variantToGMPData(cs_GMP_FUNC_NAME_GMP_POWM, gmpDataA, dataA)) {
    mpz_clear(gmpDataB);
    return false;
  }

  if (!variantToGMPData(cs_GMP_FUNC_NAME_GMP_POWM, gmpDataC, dataC)) {
    mpz_clear(gmpDataA);
    mpz_clear(gmpDataB);
    return false;
  }

  mpz_init(gmpReturn);
  mpz_powm(gmpReturn, gmpDataA, gmpDataB, gmpDataC);

  Variant ret = NEWOBJ(GMPResource)(gmpReturn);

  mpz_clear(gmpDataA);
  mpz_clear(gmpDataB);
  mpz_clear(gmpDataC);
  mpz_clear(gmpReturn);

  return ret;
}
示例#11
0
static void
dsa_find_generator(mpz_t g,
		   void *random_ctx, nettle_random_func random,
		   void *progress_ctx, nettle_progress_func progress,
		   const mpz_t p, const mpz_t q)
{
  mpz_t e;
  mpz_t n;
  
  /* e = (p-1)/q */
  mpz_init_set(e, p);
  mpz_sub_ui(e, e, 1);
  mpz_divexact(e, e, q);

  /* n = p-2 = |2, 3, ... p-1| */
  mpz_init_set(n, p);
  mpz_sub_ui(n, n, 2);

  for (;;)
    {
      nettle_mpz_random(g, random_ctx, random, n);
      mpz_add_ui(g, g, 2);

      if (progress)
	progress(progress_ctx, 'g');
      mpz_powm(g, g, e, p);
      
      if (mpz_cmp_ui(g, 1))
	{
	  /* g != 1. Finished. */
	  if (progress)
	    progress(progress_ctx, '\n');

	  mpz_clear(e);
	  mpz_clear(n);

	  return;
	}
    }
}
示例#12
0
damgard_jurik_plaintext_t* damgard_jurik::decrypt(damgard_jurik_ciphertext_t* ct) {
    damgard_jurik_plaintext_t *res = new damgard_jurik_plaintext_t();
    mpz_t c_r;
    mpz_init(c_r);

    mpz_powm(c_r, ct->text, prvkey->lambda, pubkey->n_j[ct->s + 1]);

    int i, j;
    mpz_t t1, t2, t3, i_lamda;
    mpz_init(t1);
    mpz_init(t2);
    mpz_init(t3);
    mpz_init(i_lamda);
    mpz_set_ui(i_lamda, 0);
    for (i = 1;i <= ct->s;++i) {
        mpz_mod(t1, c_r, pubkey->n_j[i + 1]);
        damgard_jurik_function_l(t1, t1, pubkey->n_j[1]);
        mpz_set(t2, i_lamda);
        for (j = 2;j <= i;j++) {
            mpz_sub_ui(i_lamda, i_lamda, 1);
            mpz_mul(t2, t2, i_lamda);
            mpz_mod(t2, t2, pubkey->n_j[i]);
            mpz_set(t3, pubkey->k_n[j]);
            mpz_invert(t3, t3, pubkey->n_j[i]);
            mpz_mul(t3, t2, t3);
            mpz_mod(t3, t3, pubkey->n_j[i]);
            mpz_mul(t3, t3, pubkey->n_j[j - 1]);
            mpz_mod(t3, t3, pubkey->n_j[i]);
            mpz_sub(t1, t1, t3);
            mpz_mod(t1, t1, pubkey->n_j[i]);
        }
        mpz_set(i_lamda, t1);
    }

    mpz_invert(t3, prvkey->lambda, pubkey->n_j[ct->s]);
    mpz_mul(res->text, i_lamda, t3);
    mpz_mod(res->text, res->text, pubkey->n_j[ct->s]);

    return res;
}
void init_data(SGLVData *op){
	//~ Note: 'op' is supposed to be already initialised (see main.c)
	mpz_t  X, Y, tmp_exp;
	mpz_inits (X, Y, tmp_exp, NULL);
	
	//~ p = 2^256-1539
	mpz_setbit (p, 256);
	mpz_sub_ui (p, p, 1539);
	//~ Curve is y^2 = x^3 + 5 
	//~ mpz_set_ui (ca, 0);  // Already set to ZERO through the initialisation
	mpz_set_ui (cb, 5);
	mpz_set_str (X, "66043340678279369258981193985450715448372246692524118399919799979198175326756", 10);
	mpz_set_str (Y, "52931614173969837860927627620185828149756459753631369661231760168280520196499", 10);
	//~ Point P
	mpz_set (op->PP[0].X , X);
	mpz_set (op->PP[0].Y , Y);
	//~ 5 is a generator of Fp and beta is an element of order 3
	mpz_set_ui (beta, 5);
	mpz_sub_ui (tmp_exp, p, 1); 
	mpz_divexact_ui (tmp_exp, tmp_exp, 3);
	mpz_powm (beta, beta, tmp_exp, p);
	
	//~ Order of P
	mpz_set_str (op->efp, "115792089237316195423570985008687907852920869663551026044856920202296625078603", 10);
	//~ Integer part of square root of efp
	mpz_set_str (op->refp, "340282366920938463463374607431768211455", 10);
	//~ Root of  phi^2+phi+1 = 0 mod #E(Fp)
	mpz_set_str (op->phi, "86115113571596370384202877098459685148505633832452548870570058599719872579953", 10);
	
	init_glvRData(op);
	 
	if (is_on_curve_aff(op->PP, ca, cb)) {
		printf("P OK\n");
		print_affPoint(op->PP);
	}
	else
		printf("P not OK\n");
	
	mpz_clears (X, Y, tmp_exp, NULL);
}
示例#14
0
void SRPCalcS(LPNLS nls, char *result) {
	mpz_t temp, s, v, a;

	mpz_init2(a, 256);
	mpz_init2(v, 256);
	mpz_init(temp);
	mpz_init(s);

	mpz_import(a, 32, -1, 1, 0, 0, nls->A);
	mpz_import(v, 32, -1, 1, 0, 0, nls->V);

	mpz_powm_ui(temp, v, SRPCalcU(nls->B), N);
	mpz_mul(temp, a, temp);
	mpz_powm(s, temp, nls->b_src, N);

	mpz_export(result, (size_t *)0, -1, 1, 0, 0, s);

	mpz_clear(temp);
	mpz_clear(s);
	mpz_clear(v);
	mpz_clear(a);
}
示例#15
0
/* Raise b to the e-th power, mod m
   Return: b^e (mod m)
 */
unsigned long int expt(unsigned long int b, unsigned long int e, unsigned long int m) {

	mpz_t base, exponent, modulus, result;
	unsigned long int r;

	mpz_init(result);
	mpz_init_set_ui(base, b);
	mpz_init_set_ui(exponent, e);
	mpz_init_set_ui(modulus, m);

	mpz_powm(result, base, exponent, modulus);

	r = mpz_get_ui(result);

	mpz_clear(result);
	mpz_clear(base);
	mpz_clear(exponent);
	mpz_clear(modulus);

	return r;

}
示例#16
0
文件: crypt.c 项目: MFreeze/m2moca
void egKeyGen(egpvk_t *pvk, egpbk_t *pbk) {
    // Useful for random generation
    if (!seed_initialized)
		rnInit();

    // Temporary variables
    mpz_t tmp;
    mpz_init(tmp);
    
    // p definition
    do {
        mpz_urandomb(pvk->p, seed, EG_KEY_SIZE);        
    } while (!mpz_probab_prime_p(pvk->p, NB_TURN));

    mpz_set(pbk->p, pvk->p);

    mpz_set_ui(pbk->alpha, 2);
    // Search alpha so that alpha is a generator
    while(!isGenerator(pbk->p, pbk->alpha))
        mpz_add_ui(pbk->alpha, pbk->alpha, 1);

    // Compute private key
    mpz_urandomb(pvk->a, seed, EG_KEY_SIZE);

    // Compute last part of public key
    mpz_powm(pbk->beta, pbk->alpha, pvk->a, pvk->p);

    // Compute k
    mpz_set_ui(tmp, NB_CHAR);
    pvk->k = 0;
    while (mpz_cmp(tmp, pbk->p) < 0) {
        mpz_mul_ui(tmp, tmp, NB_CHAR);
        pvk->k ++;
    }

    pbk->k = pvk->k;

    mpz_clear(tmp);
}
示例#17
0
文件: rsa.c 项目: indrabagus/RSA
void
rsa_encryptdata(const void* pdata, 
                unsigned long length,
                void* pbuffer,
                PRSAPUBKEY ppubkey){

    mpz_t M;
    mpz_t c;
    mpz_t k;
    mpz_t n;
    unsigned char* pdatain = (unsigned char*)pdata;
    char* pdataout = (char*)pbuffer;
    char* pstrin = (char*)malloc((length*2)+1);
    unsigned long idx;
    char strtmpval[4];
    memset(pstrin,0x00,(length*2)+1);

    for(idx = 0; idx < length ;++idx){
        sprintf(strtmpval,"%2.2X",pdatain[idx]);
        strcat(pstrin,strtmpval);
    }
    mpz_init(M);
    mpz_init(c);
    mpz_init(k);
    mpz_init(n);
    mpz_set_str(k,ppubkey->strkey_k,16);
    mpz_set_str(n,ppubkey->strkey_n,16);
    mpz_set_str(M,pstrin,16);
    free(pstrin);

    /* c = (M ^ k) mod n*/
    mpz_powm(c,M,k,n);
    mpz_get_str(pdataout,16,c);
    mpz_clear(M);
    mpz_clear(c);
    mpz_clear(k);
    mpz_clear(n);
}
示例#18
0
int
_rsa_verify(const struct rsa_public_key *key,
	    const mpz_t m,
	    const mpz_t s)
{
  int res;
  
  mpz_t m1;
  
  if ( (mpz_sgn(s) <= 0)
       || (mpz_cmp(s, key->n) >= 0) )
    return 0;
       
  mpz_init(m1);
  
  mpz_powm(m1, s, key->e, key->n);

  res = !mpz_cmp(m, m1);

  mpz_clear(m1);

  return res;
}
示例#19
0
bool RSA::decrypt(char* msg)
{
	boost::recursive_mutex::scoped_lock lockClass(rsaLock);

	mpz_t c, m;
	mpz_init2(c, 1024);
	mpz_init2(m, 1024);

	mpz_import(c, 128, 1, 1, 0, 0, msg);
	
	// m = c^d mod n
	mpz_powm(m, c, m_d, m_n);
	
	size_t count = (mpz_sizeinbase(m, 2) + 7)/8;
	
	memset(msg, 0, 128 - count);
	mpz_export(&msg[128 - count], NULL, 1, 1, 0, 0, m);

	mpz_clear(c);
	mpz_clear(m);

	return true;
}
示例#20
0
bool RSA::encrypt(char* msg)
{
	boost::recursive_mutex::scoped_lock lockClass(rsaLock);
	
	mpz_t plain, c;
	mpz_init2(plain, 1024);
	mpz_init2(c, 1024);

	mpz_import(plain, 128, 1, 1, 0, 0, msg);
	
	// c = m^e mod n
	mpz_powm(c, plain, m_e, m_n);
	
	size_t count = (mpz_sizeinbase(c, 2) + 7)/8;
	
	memset(msg, 0, 128 - count);
	mpz_export(&msg[128 - count], NULL, 1, 1, 0, 0, c);

	mpz_clear(c);
	mpz_clear(plain);

	return true;
}
示例#21
0
int
dsa_generate_keypair(struct dsa_public_key *pub,
		     struct dsa_private_key *key,
		     void *random_ctx, nettle_random_func random,
		     void *progress_ctx, nettle_progress_func progress,
		     /* Size of key, in bits.
		      * Use size = 512 + 64 * l for the official
		      * NIS key sizes. */
		     unsigned bits)
{
  mpz_t t;
  
  if (bits < DSA_MIN_P_BITS)
    return 0;
  
  dsa_nist_gen(pub->p, pub->q,
	       random_ctx, random,
	       progress_ctx, progress,
	       bits);
  
  dsa_find_generator(pub->g,
		     random_ctx, random,
		     progress_ctx, progress,
		     pub->p, pub->q);

  mpz_init_set(t, pub->q);
  mpz_sub_ui(t, t, 2);
  nettle_mpz_random(key->x, random_ctx, random, t);

  mpz_add_ui(key->x, key->x, 1);

  mpz_powm(pub->y, pub->g, key->x, pub->p);

  mpz_clear(t);

  return 1;
}
示例#22
0
/*
 * Initalize bleichenbacher useful variables
 */
int b98_init(struct bleichenbacher_98_t *b98, const size_t rsa_byte_len, const mpz_t c, const mpz_t e, const mpz_t n, int (*server_validation)(const mpz_t) )
{
	mpz_t B, two, B_exp;

	mpz_init_set(b98->c, c);
	mpz_init_set(b98->e, e);
	mpz_init_set(b98->n, n);

	/* B = 2**(8*(k-2)) */
	mpz_init(B);
	mpz_init_set_ui(two, 2);
	mpz_init_set_ui(B_exp, 8*(rsa_byte_len - 2));
	mpz_powm(B, two, B_exp, n);

	/* min_range = 2B */
	mpz_init(b98->min_range);
	mpz_mul_ui(b98->min_range, B, 2);	

	/* max_range = 3B - 1*/
	mpz_init(b98->max_range);
	mpz_mul_ui(b98->max_range, B, 3);
	mpz_sub_ui(b98->max_range, b98->max_range, 1);

	mpz_init_set(b98->a, b98->min_range);
	mpz_init_set(b98->b, b98->max_range);

	mpz_init_set_ui(b98->s, 1);
	mpz_init_set_ui(b98->r, 1);


	b98 -> server_padding_validate = server_validation;

	mpz_clear(B);
	mpz_clear(B_exp);
	mpz_clear(two);
	return 0x00;
}
示例#23
0
文件: dsa.c 项目: AltSysrq/praefectus
praef_signator* praef_signator_new(void) {
  unsigned char xbuf[PRAEF_SIGINT_SIZE];
  praef_signator* this = malloc(sizeof(praef_signator));
  if (!this) return NULL;

  /* Initialise constants */
  mpz_inits(this->p, this->q, this->g,
            this->y, this->x, this->k, this->r, this->s,
            this->kinv, NULL);
  if (mpz_set_str(this->p, PRAEF_DSA_P, 16) ||
      mpz_set_str(this->q, PRAEF_DSA_Q, 16) ||
      mpz_set_str(this->g, PRAEF_DSA_G, 16)) {
    praef_signator_delete(this);
    return NULL;
  }

  /* Generate private key */
  do {
    if (!praef_secure_random(xbuf, sizeof(xbuf))) {
      praef_signator_delete(this);
      return NULL;
    }

    mpz_import(this->x, sizeof(xbuf), -1, 1, 0, 0, xbuf);
  } while (mpz_cmp_ui(this->x, 0) <= 0 ||
           mpz_cmp(this->x, this->q) >= 0);

  /* Use the raw private key as the k-generation salt */
  memcpy(this->salt, xbuf, sizeof(this->salt));

  /* Derive the public key */
  mpz_powm(this->y, this->g, this->x, this->p);
  this->pubkey_hint = praef_calc_pubkey_hint(this->y);

  return this;
}
示例#24
0
文件: djcs.c 项目: tiehuis/libhcs
int djcs_import_private_key(djcs_private_key *vk, const char *json)
{
    JSON_Value *root = json_parse_string(json);
    JSON_Object *obj = json_value_get_object(root);
    vk->s = json_object_get_number(obj, "s");
    vk->n = malloc(sizeof(mpz_t) * (vk->s + 1));

    mpz_init(vk->n[0]);
    mpz_set_str(vk->n[0], json_object_get_string(obj, "n"), HCS_INTERNAL_BASE);
    mpz_set_str(vk->d, json_object_get_string(obj, "d"), HCS_INTERNAL_BASE);
    json_value_free(root);

    /* Calculate remaining values */
    for (unsigned long i = 1; i <= vk->s; ++i) {
        mpz_init_set(vk->n[i], vk->n[i-1]);
        mpz_mul(vk->n[i], vk->n[i], vk->n[0]);
    }

    mpz_add_ui(vk->mu, vk->n[0], 1);
    mpz_powm(vk->mu, vk->mu, vk->d, vk->n[vk->s]);
    dlog_s(vk, vk->mu, vk->mu);
    mpz_invert(vk->mu, vk->mu, vk->n[vk->s-1]);
    return 0;
}
示例#25
0
/*
*   It is a functions that performs Fermat Little Theoem
*   input: number(mpz_t) to be tested and number of iterations(int) to run the test
*   output: int 1 and 0 which represents pass and fail the test respectively
*/
int Fermat(mpz_t p, int iterations){
    mpz_t rand_Num; //use as base, a
    mpz_init(rand_Num);
    mpz_t ans; //ans = a^(p-1) mod p
    mpz_init(ans);
    mpz_t p2; //p2 = p - 1
    mpz_init(p2);
    mpz_sub_ui(p2, p, 1);
    if(mpz_cmp_ui(p,1)== 0) return 0;
    gmp_randstate_t state;
    srand(time(NULL));
    int seed = rand();
    gmp_randinit_default (state);
    gmp_randseed_ui(state, seed); //prepare random seed
    int i;
    for(i =0; i<iterations; i++){
        mpz_urandomb(rand_Num,state,64);
        mpz_mod(rand_Num, rand_Num, p2); //base must not be bigger than p
        mpz_add_ui(rand_Num, rand_Num, 1); //must be at least 1
        mpz_powm(ans, rand_Num, p2, p);
        if(mpz_cmp_ui(ans, 1) != 0) return 0;
    }
    return 1;
}
示例#26
0
static int rsa_public(rsa_public_key_t *key, 
                      uint8_t *in, size_t in_len, uint8_t *out)
{
  size_t t;
  mpz_t p, c;

  mpz_init2(p, key->size + GMP_NUMB_BITS);
  mpz_init2(c, key->size + GMP_NUMB_BITS);
  mpz_import(p, in_len, 1, 1, 0, 0, in);
  /* c = p ^ d mod n */
  mpz_powm(c, p, key->e, key->n);
  t = mpz_sizeinbase(c, 2);
  if (t > key->size) {
    mpz_clear(p);
    mpz_clear(c);
    return -1;
  }
  t = (key->size - t) >> 3;
  memset(out, 0, t);
  mpz_export(&out[t], &t, 1, 1, 0, 0, c);
  mpz_clear(p);
  mpz_clear(c);
  return 0;
}
int miller_rabin_pass(mpz_t a, mpz_t n) {
    int i, s, result;
    mpz_t a_to_power, d, n_minus_one;

    mpz_init(n_minus_one);
    mpz_sub_ui(n_minus_one, n, 1);

    s = 0;
    mpz_init_set(d, n_minus_one);
    while (mpz_even_p(d)) {
        mpz_fdiv_q_2exp(d, d, 1);
        s++;
    }

    mpz_init(a_to_power);
    mpz_powm(a_to_power, a, d, n);
    if (mpz_cmp_ui(a_to_power, 1) == 0)  {
        result=PROBABLE_PRIME; goto exit;
    }
    for(i=0; i < s-1; i++) {
        if (mpz_cmp(a_to_power, n_minus_one) == 0) {
            result=PROBABLE_PRIME; goto exit;
        }
        mpz_powm_ui (a_to_power, a_to_power, 2, n);
    }
    if (mpz_cmp(a_to_power, n_minus_one) == 0) {
        result=PROBABLE_PRIME; goto exit;
    }
    result = COMPOSITE;

exit:
    mpz_clear(a_to_power);
    mpz_clear(d);
    mpz_clear(n_minus_one);
    return result;
}
示例#28
0
/* *********************************************************************************************
 * mpz_sprp: (also called a Miller-Rabin pseudoprime)
 * A "strong pseudoprime" to the base a is an odd composite n = (2^r)*s+1 with s odd such that
 * either a^s == 1 mod n, or a^((2^t)*s) == -1 mod n, for some integer t, with 0 <= t < r.
 * *********************************************************************************************/
int mpz_sprp(mpz_t n, mpz_t a)
{
  mpz_t s;
  mpz_t nm1;
  mpz_t mpz_test;
  unsigned long int r = 0;

  if (mpz_cmp_ui(a, 2) < 0)
    return PRP_ERROR;

  if (mpz_cmp_ui(n, 2) < 0)
    return PRP_COMPOSITE;

  if (mpz_divisible_ui_p(n, 2))
  {
    if (mpz_cmp_ui(n, 2) == 0)
      return PRP_PRIME;
    else
      return PRP_COMPOSITE;
  }

  mpz_init_set_ui(mpz_test, 0);
  mpz_init_set_ui(s, 0);
  mpz_init_set(nm1, n);
  mpz_sub_ui(nm1, nm1, 1);

  /***********************************************/
  /* Find s and r satisfying: n-1=(2^r)*s, s odd */
  r = mpz_scan1(nm1, 0);
  mpz_fdiv_q_2exp(s, nm1, r);


  /******************************************/
  /* Check a^((2^t)*s) mod n for 0 <= t < r */
  mpz_powm(mpz_test, a, s, n);
  if ( (mpz_cmp_ui(mpz_test, 1) == 0) || (mpz_cmp(mpz_test, nm1) == 0) )
  {
    mpz_clear(s);
    mpz_clear(nm1);
    mpz_clear(mpz_test);
    return PRP_PRP;
  }

  while ( --r )
  {
    /* mpz_test = mpz_test^2%n */
    mpz_mul(mpz_test, mpz_test, mpz_test);
    mpz_mod(mpz_test, mpz_test, n);

    if (mpz_cmp(mpz_test, nm1) == 0)
    {
      mpz_clear(s);
      mpz_clear(nm1);
      mpz_clear(mpz_test);
      return PRP_PRP;
    }
  }

  mpz_clear(s);
  mpz_clear(nm1);
  mpz_clear(mpz_test);
  return PRP_COMPOSITE;

}/* method mpz_sprp */
示例#29
0
// USER JOIN PHASE 1 - user key generation (Join)
void xsgs_user_join_phase1(XSGS_PUBLIC_KEY* gpk, XSGS_USER_KEY* uk,
		XSGS_PAILLIER_PUBKEY* ppk, XSGS_JOIN_PHASE1* jpd1) {
	pairing_ptr pairing = gpk->pairing;
	field_ptr Fp = pairing->Zr;
	gmp_randstate_t rnd_state;
	mpz_t y, r, R1, h;
	element_t R2;

	// 1.choose y e Zp at random and
	element_init(uk->y, Fp);
	element_random(uk->y);
	// compute C <- H^y
	element_init_G1(jpd1->C, pairing);
	element_pow_naf(jpd1->C, gpk->H, uk->y);

	// 2. U = (c=ext-commit(y), NIZKPEqDL(c, C, H))
	// c = ext-commit(y) = g^y mod n^2
	mpz_init(y);
	mpz_init(jpd1->U.c);

	element_to_mpz(y, uk->y);
	mpz_powm(jpd1->U.c, ppk->g, y, ppk->n_squared);

	// zero-knowledge proof of c, C and H
	init_rand(rnd_state, PAILLIER_MODULO_BITS / 8 + 1);
	mpz_init(r);
	mpz_urandomb(r, rnd_state, PAILLIER_MODULO_BITS);
	gmp_randclear(rnd_state);

	// R1 = g^r mod n^2
	mpz_init(R1);
	mpz_powm(R1, ppk->g, r, ppk->n_squared);

	// R2 = H^r
	element_init_G1(R2, pairing);
	element_pow_naf_mpz(R2, gpk->H, r);

	// h = H(g, n, c, C, H, R1, R2)
	DWORD data_len = mpz_length_in_bytes(ppk->g)
			+ mpz_length_in_bytes(ppk->n_squared)
			+
			//mpz_length_in_bytes(ppk->n) +
			mpz_length_in_bytes(jpd1->U.c) + element_length_in_bytes(jpd1->C)
			+ element_length_in_bytes(gpk->H) + mpz_length_in_bytes(R1)
			+ element_length_in_bytes(R2);

	BYTE* data_buf = (BYTE*) malloc(data_len);

	data_buf += mpz_to_bytes(data_buf, ppk->g);
	data_buf += mpz_to_bytes(data_buf, ppk->n_squared);
	//data_buf += mpz_to_bytes(data_buf, ppk->n);
	data_buf += mpz_to_bytes(data_buf, jpd1->U.c);
	data_buf += element_to_bytes(data_buf, jpd1->C);
	data_buf += element_to_bytes(data_buf, gpk->H);
	data_buf += mpz_to_bytes(data_buf, R1);
	data_buf += element_to_bytes(data_buf, R2);
	data_buf -= data_len;

	jpd1->U.hash = (BYTE*) malloc(JOIN_HASH_BITS / 8);
	xsgs_hash(data_buf, data_len * 8, jpd1->U.hash, JOIN_HASH_BITS);

	free(data_buf);
	mpz_clear(R1);
	element_clear(R2);

	// s = r - h * y
	mpz_init(h);
	mpz_init(jpd1->U.s);
	mpz_from_hash(h, jpd1->U.hash, JOIN_HASH_BITS / 8);
	mpz_mul(jpd1->U.s, h, y);
	mpz_sub(jpd1->U.s, r, jpd1->U.s);

	mpz_clear(r);
	mpz_clear(y);
	mpz_clear(h);

	// return ( paillier = (pub, prv), C, U = (c, h, s) )
	return;
}
示例#30
0
void decrypt_char(mpz_t rop, int c, key k)
{
    mpz_set_ui(rop, c);
    mpz_powm(rop, rop, k.d, k.n);
}