3 * $Id: limlee.c,v 1.2 2000/07/26 18:00:00 mdw Exp $
5 * Generate Lim-Lee primes
7 * (c) 2000 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Catacomb.
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
30 /*----- Revision history --------------------------------------------------*
33 * Revision 1.2 2000/07/26 18:00:00 mdw
36 * Revision 1.1 2000/07/09 21:30:58 mdw
37 * Lim-Lee prime generation.
41 /*----- Header files ------------------------------------------------------*/
43 #include <mLib/alloc.h>
44 #include <mLib/dstr.h>
50 #include "primorial.h"
53 /*----- Main code ---------------------------------------------------------*/
57 * Arguments: @const char *name@ = pointer to name root
58 * @mp *d@ = pointer to destination integer
59 * @mp *newp@ = how to generate factor primes
60 * @unsigned ql@ = size of individual factors
61 * @unsigned pl@ = size of large prime
62 * @grand *r@ = a random number source
63 * @unsigned on@ = number of outer attempts to make
64 * @pgen_proc *oev@ = outer event handler function
65 * @void *oec@ = argument for the outer event handler
66 * @pgen_proc *iev@ = inner event handler function
67 * @void *iec@ = argument for the inner event handler
68 * @size_t *nf@, @mp ***f@ = output array for factors
70 * Returns: A Lim-Lee prime, or null if generation failed.
72 * Use: Generates Lim-Lee primes. A Lim-Lee prime %$p$% is one which
73 * satisfies %$p = 2 \prod_i q_i + 1$%, where all of the %$q_i$%
74 * are large enough to resist square-root discrete log
77 * If we succeed, and @f@ is non-null, we write the array of
78 * factors chosen to @f@ for the benefit of the caller.
81 static void comb_init(octet
*c
, unsigned n
, unsigned r
)
84 memset(c
+ (n
- r
), 1, r
);
87 static int comb_next(octet
*c
, unsigned n
, unsigned r
)
91 /* --- How the algorithm works --- *
93 * Set bits start at the end and work their way towards the start.
94 * Excepting bits already at the start, we scan for the lowest set bit, and
95 * move it one place nearer the start. A group of bits at the start are
96 * counted and reset just below the `moved' bit. If there is no moved bit
100 /* --- Count the group at the start --- */
109 /* --- Move the next bit down one --- *
111 * There must be one, because otherwise we'd have counted %$r$% bits
124 mp
*limlee(const char *name
, mp
*d
, mp
*newp
,
125 unsigned ql
, unsigned pl
, grand
*r
,
126 unsigned on
, pgen_proc
*oev
, void *oec
,
127 pgen_proc
*iev
, void *iec
,
138 unsigned long seq
= 0;
144 /* --- First of all, decide on a number of factors to make --- */
150 else if (qql
&& nn
> 1) {
155 /* --- Now decide on how many primes I'll actually generate --- *
157 * The formula %$m = \max(3 n + 5, 25)$% comes from GPG's prime generation
165 /* --- Now allocate the working memory --- */
168 v
= xmalloc(mm
* sizeof(mp
*));
171 /* --- Initialize everything and try to find a prime --- */
176 ev
.tests
= ntest
= rabin_iters(pl
);
179 if (oev
&& oev(PGEN_BEGIN
, &ev
, oec
) == PGEN_ABORT
)
183 dstr_putf(&dn
, "%s [+]", name
);
184 qq
= mprand(d
, qql
, r
, 1);
186 qq
= pgen(dn
.buf
, qq
, qq
, iev
, iec
,
187 0, pgen_filter
, &pf
, rabin_iters(qql
), pgen_test
, &rb
);
191 comb_init(c
, mm
, nn
);
192 for (i
= 0; i
< mm
; i
++)
195 /* --- The main combinations loop --- */
198 mpmul mmul
= MPMUL_INIT
;
200 /* --- Multiply a bunch of primes together --- */
203 mpmul_add(&mmul
, qq
);
205 for (i
= 0; i
< mm
; i
++) {
212 dstr_putf(&dn
, "%s [%lu] = ", name
, seq
++);
213 z
= mprand(newp
, ql
, ev
.r
, 1);
214 z
= pgen(dn
.buf
, z
, z
, iev
, iec
,
215 0, pgen_filter
, &pf
, rabin_iters(ql
), pgen_test
, &rb
);
218 mpmul_add(&mmul
, v
[i
]);
221 /* --- Now do some testing --- */
224 mp
*p
= mpmul_done(&mmul
);
228 /* --- Check for small factors --- */
231 p
= mp_add(p
, p
, MP_ONE
);
232 mp_gcd(&g
, 0, 0, p
, primorial
);
233 if (MP_CMP(g
, !=, MP_ONE
)) {
240 /* --- Send an event out --- */
243 if (oev
&& oev(PGEN_TRY
, &ev
, oec
) == PGEN_ABORT
) {
248 /* --- Do the Rabin testing --- */
250 rabin_create(&rb
, p
);
253 g
= mprand_range(g
, p
, ev
.r
, 1);
254 rc
= rabin_test(&rb
, g
);
255 if (rc
== PGEN_PASS
) {
260 if (oev
&&oev(rc
, &ev
, oec
) == PGEN_ABORT
)
262 } while (rc
== PGEN_PASS
);
270 if (rc
== PGEN_ABORT
)
277 } while (comb_next(c
, mm
, nn
));
279 /* --- That failed --- */
285 oev(PGEN_ABORT
, &ev
, &oec
);
290 for (i
= 0; i
< mm
; i
++)
294 /* --- We did it! --- */
302 *f
= vv
= xmalloc(nn
* sizeof(mp
*));
305 for (i
= 0; i
< mm
; i
++) {
323 /* --- We blew it --- */
326 for (i
= 0; i
< mm
; i
++)
336 /*----- That's all, folks -------------------------------------------------*/