int main (int argc, char **argv) { random_update (); bigint m, r, s1, s2; barrett b; for (int i = 120; i < 162; i++) { m = random_bigint (i); m.setbit (0, 1); b.set (m); for (int j = i - 33; j <= 2 * i; j++) { r = random_bigint (j); s1 = mod (r, m); s2 = b.reduce (r); if (s1 != s2) panic << "r = " << r << "\n" << " " << s1 << "\n != " << s2 << "\n" << " [" << strbuf ("%*s", mpz_sizeinbase (&s1, 16), bigint (abs (s1 - s2)).cstr ()) << "]\n"; } } return 0; }
paillier_priv paillier_keygen (size_t nbits, size_t abits, u_int iter) { // Fast decryption assert (nbits > 0); assert (abits > 0); assert (abits <= nbits); random_init (); size_t sbits = nbits - (2 * abits); bigint n, p, q, a, g, k; do { a = random_prime (abits, odd_sieve, 2, iter); bigint cp = random_bigint (sbits/2 + (sbits & 1)); bigint cq = random_bigint (sbits/2 + 1); p = a * cp + 1; while (!prime_test (p)) // p1 = a * (++c1) + 1 p += a; q = a * cq + 1; while (!prime_test (q)) // p2 = a * (++c2) + 1 q += a; n = p * q; } while (n.nbits () != nbits && n.nbits () != (nbits+1) || p == q); paillier_gen (p, q, n, a, g, k); if (p > q) swap (p, q); return paillier_priv (p, q, a, g, k, &n); }
static dckey * rw_keygen (size_t nbits, const char *extra) { rw_priv *sk = malloc (sizeof (*sk)); int bit2; if (!sk) return NULL; mpz_init (sk->n); mpz_init (sk->p); mpz_init (sk->q); mpz_init (sk->u); mpz_init (sk->kp); mpz_init (sk->kq); do { random_bigint (sk->p, (nbits+1)/2); mpz_setbit (sk->p, 0); mpz_setbit (sk->p, 1); } while (!primecheck (sk->p)); bit2 = ~mpz_get_ui (sk->p) & 4; do { random_bigint (sk->q, nbits/2); mpz_setbit (sk->q, 0); mpz_setbit (sk->q, 1); if (bit2) mpz_setbit (sk->q, 2); else mpz_clrbit (sk->q, 2); } while (!primecheck (sk->q)); rw_precompute (sk); return &sk->key; }
int main (int argc, char **argv) { random_update (); bigint r, s1, s2; for (int i = 0; i < 1024; i++) { r = random_bigint (rnd.getword () % 2048); s1 = r * r; mpz_square (&s2, &r); if (s1 != s2) panic << "r = " << r << "\n" << " " << s1 << "\n != " << s2 << "\n" << " [" << strbuf ("%*s", int (mpz_sizeinbase (&s1, 16)), bigint (abs (s1 - s2)).cstr ()) << "]\n"; } return 0; }
int main (int argc, char **argv) { random_update (); #define HMAC(k, m) \ do { \ u_char digest[sha1::hashsize]; \ sha1_hmac (digest, k, sizeof (k) - 1, m, sizeof (m) - 1); \ warn << "k = " << k << "\nm = " << m << "\n" \ << hexdump (digest, sizeof (digest)) << "\n"; \ } while (0) #define HMAC2(k, k2, m) \ do { \ u_char digest[sha1::hashsize]; \ sha1_hmac_2 (digest, k, sizeof (k) - 1, k2, sizeof (k2) - 1, \ m, sizeof (m) - 1); \ warn << "k = " << k << "\nm = " << m << "\n" \ << hexdump (digest, sizeof (digest)) << "\n"; \ } while (0) #if 0 HMAC ("Jefe", "what do ya want for nothing?"); HMAC ("\014\014\014\014\014\014\014\014\014\014\014\014\014\014\014\014\014\014\014\014", "Test With Truncation"); //HMAC2 ("Je", "fe", "what do ya want for nothing?"); #endif bigint p ("c81698301db5fdba3c5fecfdd97ca952c1f0df3500740a567ecdb561555c8a34d0affcc99ae7a38b42d144373ae2f68b48064373b5baef7d25782fd07dc4b35f", 16); bigint q ("d32d977062a62dccfc4a37a21b03fca098973b72860002a3c05084060fbaa81b5c0fc636902a2959fb5ffd3d8a4969fbe9e15037c35477c9789da0b74ef32e3f", 16); bigint n ("a50e41c593b3b866bc4c72d0476611baab9bd54a22c62e11f536f87861ce592e7a101aea8652d3b949e66271b4497f91a861404eb5f3cba23f22b9b46fadda6cd327e3773eb23795e73ee06c16e5df18cf12e812fcd1bdbf3a4d7cca4fecd95fcbf248ac0534a3ebc67ebb06f9ca77d3ce1a5c4920da6d211b5f242e80d03661", 16); rsa_pub rsapub (n); str m ("a random string"); bigint c = rsapub.encrypt (m); rsa_priv rsapriv (p, q); m = rsapriv.decrypt (c, m.len ()); warn << "m " << m << "\n"; rsa_priv x (rsa_keygen (1024)); bigint pt (random_bigint (1019)); bigint ct, pt2; BENCH (100000, ct = x.encrypt (pt)); BENCH (1000, pt = x.decrypt (ct)); #if 0 warn << pt.getstr (10) << "\n"; ct = x.encrypt (pt); warn << ct.getstr (10) << "\n";; pt2 = x.decrypt (ct); warn << pt2.getstr (10) << "\n"; #endif rabin_priv xx (rabin_keygen (1280, 2)); str pt3 ("plaintext message"); BENCH (100000, ct = xx.encrypt (pt3)); BENCH (1000, pt3 = xx.decrypt (ct, sizeof (pt3))); #if 0 BENCH (100, ct = x.sign (pt3)); BENCH (1000, x.verify (pt3, ct)); BENCH (1000, ct = x.encrypt (pt3)); #endif return 0; }
int main (int argc, char **argv) { random_update (); bigint m, m2, r, r2, ri, s1, s2; montgom b; for (int i = 120; i < 162; i++) { int res = 0; m = random_bigint (i); m.setbit (0, 1); b.set (m); m2 = m * b.getr (); for (int j = i - 33; j <= 2 * i; j++) { r = random_zn (m2); r.trunc (j); s1 = mod (r * b.getri (), m); //s2 = b.mreduce (r); b.mpz_mreduce (&s2, &r); if (s1 != s2) { res |= 1; int sz = mpz_sizeinbase (&s1, 16); panic << "mreduce failed\n" << " m = " << m << "\n" << " r = " << r << "\n" << " " << s1 << "\n != " << s2 << "\n" << " [" << strbuf ("%*s", sz, bigint (abs (s1 - s2)).cstr ()) << "]\n"; } } // r = s1; r = random_zn (m); r2 = random_zn (m); assert (r < m && r2 < m); s1 = mod (r * r2 * b.getri (), m); b.mpz_mmul (&s2, &r, &r2); if (s1 != s2) { res |= 2; int sz = mpz_sizeinbase (&s1, 16); panic << "mmul failed\n" << " m = " << m << "\n" << " r = " << r << "\n" << " " << s1 << "\n != " << s2 << "\n" << " [" << strbuf ("%*s", sz, bigint (abs (s1 - s2)).cstr ()) << "]\n"; } s1 = powm (r, r2, m); b.mpz_powm (&s2, &r, &r2); if (s1 != s2) { res |= 4; int sz = mpz_sizeinbase (&s1, 16); panic << "powm failed\n" << " m = " << m << "\n" << " r = " << r << "\n" << " " << s1 << "\n != " << s2 << "\n" << " [" << strbuf ("%*s", sz, bigint (abs (s1 - s2)).cstr ()) << "]\n"; } #if 0 warn ("%s mreduce.. %d\n", (res&1) ? "fail" : "ok", i); warn ("%s mmul.. %d\n", (res&2) ? "fail" : "ok", i); warn ("%s powm.. %d\n", (res&4) ? "fail" : "ok", i); #endif } return 0; }