Commit | Line | Data |
---|---|---|
2c52abe6 | 1 | /* -*-c-*- |
2 | * | |
b817bfc6 | 3 | * $Id: bbs-gen.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ |
2c52abe6 | 4 | * |
5 | * Generate Blum integers | |
6 | * | |
7 | * (c) 1999 Straylight/Edgeware | |
8 | */ | |
9 | ||
45c0fd36 | 10 | /*----- Licensing notice --------------------------------------------------* |
2c52abe6 | 11 | * |
12 | * This file is part of Catacomb. | |
13 | * | |
14 | * Catacomb is free software; you can redistribute it and/or modify | |
15 | * it under the terms of the GNU Library General Public License as | |
16 | * published by the Free Software Foundation; either version 2 of the | |
17 | * License, or (at your option) any later version. | |
45c0fd36 | 18 | * |
2c52abe6 | 19 | * Catacomb is distributed in the hope that it will be useful, |
20 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
21 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
22 | * GNU Library General Public License for more details. | |
45c0fd36 | 23 | * |
2c52abe6 | 24 | * You should have received a copy of the GNU Library General Public |
25 | * License along with Catacomb; if not, write to the Free | |
26 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, | |
27 | * MA 02111-1307, USA. | |
28 | */ | |
29 | ||
2c52abe6 | 30 | /*----- Header files ------------------------------------------------------*/ |
31 | ||
32 | #include <stdio.h> | |
33 | #include <stdlib.h> | |
34 | #include <string.h> | |
35 | ||
36 | #include "bbs.h" | |
2c52abe6 | 37 | #include "mp.h" |
38 | #include "mprand.h" | |
39 | #include "pgen.h" | |
052b36d0 | 40 | #include "strongprime.h" |
b04a7659 | 41 | |
2c52abe6 | 42 | /*----- Main code ---------------------------------------------------------*/ |
43 | ||
44 | /* --- @bbs_gen@ --- * | |
45 | * | |
a22bbdf6 | 46 | * Arguments: @bbs_priv *bp@ = pointer to parameter block |
052b36d0 | 47 | * @unsigned nbits@ = number of bits in the modulus |
48 | * @grand *r@ = pointer to random number source | |
49 | * @unsigned n@ = number of attempts to make | |
b04a7659 | 50 | * @pgen_proc *event@ = event handler function |
51 | * @void *ectx@ = argument for event handler | |
2c52abe6 | 52 | * |
b04a7659 | 53 | * Returns: If it worked OK, @PGEN_DONE@, otherwise @PGEN_ABORT@. |
2c52abe6 | 54 | * |
55 | * Use: Finds two prime numbers %$p'$% and %$q'$% such that both are | |
45c0fd36 | 56 | * congruent to %$3 \bmod 4$%, and $(p - 1)/2$% and |
2c52abe6 | 57 | * %$(q - 1)/2$% have no common factors. The product %$n = pq$% |
58 | * is eminently suitable for use as a modulus in a Blum-Blum- | |
59 | * Shub pseudorandom bit generator. | |
60 | */ | |
61 | ||
a22bbdf6 | 62 | int bbs_gen(bbs_priv *bp, unsigned nbits, grand *r, unsigned n, |
b04a7659 | 63 | pgen_proc *event, void *ectx) |
2c52abe6 | 64 | { |
052b36d0 | 65 | rabin rb; |
cda5fe55 MW |
66 | pfilt jp; |
67 | pgen_jumpctx j; | |
02b1cf93 | 68 | pgen_gcdstepctx g; |
052b36d0 | 69 | unsigned nb = nbits/2; |
70 | mp *x = MP_NEW; | |
2c52abe6 | 71 | |
b04a7659 | 72 | /* --- Generate @p@ --- */ |
2c52abe6 | 73 | |
02b1cf93 | 74 | again: |
cda5fe55 | 75 | if ((x = strongprime_setup("p", x, &jp, nb, r, n, event, ectx)) == 0) |
052b36d0 | 76 | goto fail_x; |
cda5fe55 MW |
77 | j.j = &jp; |
78 | bp->p = pgen("p", MP_NEW, x, event, ectx, n, pgen_jump, &j, | |
052b36d0 | 79 | rabin_iters(nb), pgen_test, &rb); |
cda5fe55 | 80 | pfilt_destroy(&jp); |
02b1cf93 | 81 | if (!bp->p) { |
82 | if (n) | |
83 | goto fail_p; | |
84 | goto again; | |
85 | } | |
2c52abe6 | 86 | |
b04a7659 | 87 | /* --- Generate @q@ --- */ |
2c52abe6 | 88 | |
052b36d0 | 89 | nb = nbits - nb; |
90 | if ((x = strongprime_setup("q", x, &g.jp, nb, r, n, event, ectx)) == 0) | |
91 | goto fail_q; | |
02b1cf93 | 92 | if ((x->v[0] & 3) != 3) |
93 | x = mp_add(x, x, g.jp.m); | |
94 | pfilt_muladd(&g.jp, &g.jp, 2, 0); | |
b04a7659 | 95 | g.r = mp_lsr(MP_NEW, bp->p, 1); |
02b1cf93 | 96 | g.g = MP_NEW; |
97 | g.max = MP_ONE; | |
98 | bp->q = pgen("q", MP_NEW, x, event, ectx, n, pgen_gcdstep, &g, | |
052b36d0 | 99 | rabin_iters(nb), pgen_test, &rb); |
100 | pfilt_destroy(&g.jp); | |
101 | mp_drop(g.r); | |
02b1cf93 | 102 | mp_drop(g.g); |
103 | if (!bp->q) { | |
104 | if (n) | |
105 | goto fail_q; | |
106 | mp_drop(bp->p); | |
107 | goto again; | |
108 | } | |
2c52abe6 | 109 | |
b04a7659 | 110 | /* --- Compute @n@ --- */ |
2c52abe6 | 111 | |
b04a7659 | 112 | bp->n = mp_mul(MP_NEW, bp->p, bp->q); |
052b36d0 | 113 | mp_drop(x); |
b04a7659 | 114 | return (PGEN_DONE); |
2c52abe6 | 115 | |
b04a7659 | 116 | /* --- Tidy up if things went wrong --- */ |
2c52abe6 | 117 | |
b04a7659 | 118 | fail_q: |
b04a7659 | 119 | mp_drop(bp->p); |
120 | fail_p: | |
052b36d0 | 121 | mp_drop(x); |
122 | fail_x: | |
b04a7659 | 123 | return (PGEN_ABORT); |
2c52abe6 | 124 | } |
125 | ||
126 | /*----- That's all, folks -------------------------------------------------*/ |