Make {mp,gf}reduce_exp invert correctly.
33 files changed:
- * $Id: ec-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Point multiplication for elliptic curves
*
*
* Point multiplication for elliptic curves
*
t.x->f |= MP_BURN;
MP_SHRINK(n);
EC_SETINF(d);
t.x->f |= MP_BURN;
MP_SHRINK(n);
EC_SETINF(d);
EC_NEG(c, &t, &t);
if (MP_LEN(n) < EXP_THRESH)
EXP_SIMPLE(*d, t, n);
EC_NEG(c, &t, &t);
if (MP_LEN(n) < EXP_THRESH)
EXP_SIMPLE(*d, t, n);
for (i = 0; i < n; i++) {
MP_SHRINK(f[i].exp);
for (i = 0; i < n; i++) {
MP_SHRINK(f[i].exp);
- if (f[i].exp->f & MP_NEG)
EC_NEG(c, &f[i].base, &f[i].base);
if (f[i].base.x && f[i].exp->f & MP_BURN)
f[i].base.x->f |= MP_BURN;
EC_NEG(c, &f[i].base, &f[i].base);
if (f[i].base.x && f[i].exp->f & MP_BURN)
f[i].base.x->f |= MP_BURN;
- * $Id: ec-info.c,v 1.7 2004/04/17 09:58:37 mdw Exp $
*
* Elliptic curve information management
*
*
* Elliptic curve information management
*
static int primeeltp(mp *x, field *f)
{
static int primeeltp(mp *x, field *f)
{
- return (!MP_ISNEG(x) && MP_CMP(x, <, f->m));
+ return (!MP_NEGP(x) && MP_CMP(x, <, f->m));
}
static const char *primecheck(const ec_info *ei, grand *gr)
}
static const char *primecheck(const ec_info *ei, grand *gr)
- * $Id: f-binpoly.c,v 1.9 2004/04/08 01:36:15 mdw Exp $
*
* Binary fields with polynomial basis representation
*
*
* Binary fields with polynomial basis representation
*
static mp *frand(field *f, mp *d, grand *r)
{ return (mprand(d, f->nbits, r, 0)); }
static mp *frand(field *f, mp *d, grand *r)
{ return (mprand(d, f->nbits, r, 0)); }
-static int fzerop(field *ff, mp *x) { return (!MP_LEN(x)); }
+static int fzerop(field *ff, mp *x) { return (MP_ZEROP(x)); }
static mp *fadd(field *ff, mp *d, mp *x, mp *y) { return (gf_add(d, x, y)); }
static mp *fadd(field *ff, mp *d, mp *x, mp *y) { return (gf_add(d, x, y)); }
- * $Id: f-niceprime.c,v 1.6 2004/04/08 01:36:15 mdw Exp $
*
* Prime fields with efficient reduction for special-form primes
*
*
* Prime fields with efficient reduction for special-form primes
*
static mp *frand(field *ff, mp *d, grand *r)
{ fctx *f = (fctx *)ff; return (mprand_range(d, f->r.p, r, 0)); }
static mp *frand(field *ff, mp *d, grand *r)
{ fctx *f = (fctx *)ff; return (mprand_range(d, f->r.p, r, 0)); }
-static int fzerop(field *ff, mp *x) { return (!MP_LEN(x)); }
+static int fzerop(field *ff, mp *x) { return (MP_ZEROP(x)); }
static mp *fneg(field *ff, mp *d, mp *x)
{ fctx *f = (fctx *)ff; return (mp_sub(d, f->r.p, x)); }
static mp *fadd(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_add(d, x, y);
static mp *fneg(field *ff, mp *d, mp *x)
{ fctx *f = (fctx *)ff; return (mp_sub(d, f->r.p, x)); }
static mp *fadd(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_add(d, x, y);
- if (d->f & MP_NEG) d = mp_add(d, d, f->r.p);
+ if (MP_NEGP(d)) d = mp_add(d, d, f->r.p);
else if (MP_CMP(d, >, f->r.p)) d = mp_sub(d, d, f->r.p);
return (d);
}
static mp *fsub(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_sub(d, x, y);
else if (MP_CMP(d, >, f->r.p)) d = mp_sub(d, d, f->r.p);
return (d);
}
static mp *fsub(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_sub(d, x, y);
- if (d->f & MP_NEG) d = mp_add(d, d, f->r.p);
+ if (MP_NEGP(d)) d = mp_add(d, d, f->r.p);
else if (MP_CMP(d, >, f->r.p)) d = mp_sub(d, d, f->r.p);
return (d);
}
else if (MP_CMP(d, >, f->r.p)) d = mp_sub(d, d, f->r.p);
return (d);
}
static mp *fhlv(field *ff, mp *d, mp *x) {
fctx *f = (fctx *)ff;
static mp *fhlv(field *ff, mp *d, mp *x) {
fctx *f = (fctx *)ff;
- if (!MP_LEN(x)) { MP_COPY(x); MP_DROP(d); return (x); }
+ if (MP_ZEROP(x)) { MP_COPY(x); MP_DROP(d); return (x); }
if (x->v[0] & 1) { d = mp_add(d, x, f->r.p); x = d; }
return (mp_lsr(d, x, 1));
}
if (x->v[0] & 1) { d = mp_add(d, x, f->r.p); x = d; }
return (mp_lsr(d, x, 1));
}
- * $Id: f-prime.c,v 1.12 2004/04/08 01:36:15 mdw Exp $
*
* Prime fields with Montgomery arithmetic
*
*
* Prime fields with Montgomery arithmetic
*
static mp *fout(field *ff, mp *d, mp *x)
{ fctx *f = (fctx *)ff; return (mpmont_reduce(&f->mm, d, x)); }
static mp *fout(field *ff, mp *d, mp *x)
{ fctx *f = (fctx *)ff; return (mpmont_reduce(&f->mm, d, x)); }
-static int fzerop(field *ff, mp *x) { return (!MP_LEN(x)); }
+static int fzerop(field *ff, mp *x) { return (MP_ZEROP(x)); }
static mp *fneg(field *ff, mp *d, mp *x)
{ fctx *f = (fctx *)ff; return (mp_sub(d, f->mm.m, x)); }
static mp *fadd(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_add(d, x, y);
static mp *fneg(field *ff, mp *d, mp *x)
{ fctx *f = (fctx *)ff; return (mp_sub(d, f->mm.m, x)); }
static mp *fadd(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_add(d, x, y);
- if (d->f & MP_NEG) d = mp_add(d, d, f->mm.m);
+ if (MP_NEGP(d)) d = mp_add(d, d, f->mm.m);
else if (MP_CMP(d, >, f->mm.m)) d = mp_sub(d, d, f->mm.m);
return (d);
}
static mp *fsub(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_sub(d, x, y);
else if (MP_CMP(d, >, f->mm.m)) d = mp_sub(d, d, f->mm.m);
return (d);
}
static mp *fsub(field *ff, mp *d, mp *x, mp *y) {
fctx *f = (fctx *)ff; d = mp_sub(d, x, y);
- if (d->f & MP_NEG) d = mp_add(d, d, f->mm.m);
+ if (MP_NEGP(d)) d = mp_add(d, d, f->mm.m);
else if (MP_CMP(d, >, f->mm.m)) d = mp_sub(d, d, f->mm.m);
return (d);
}
else if (MP_CMP(d, >, f->mm.m)) d = mp_sub(d, d, f->mm.m);
return (d);
}
static mp *fhlv(field *ff, mp *d, mp *x) {
fctx *f = (fctx *)ff;
static mp *fhlv(field *ff, mp *d, mp *x) {
fctx *f = (fctx *)ff;
- if (!MP_LEN(x)) { MP_COPY(x); MP_DROP(d); return (x); }
+ if (MP_ZEROP(x)) { MP_COPY(x); MP_DROP(d); return (x); }
if (x->v[0] & 1) { d = mp_add(d, x, f->mm.m); x = d; }
return (mp_lsr(d, x, 1));
}
if (x->v[0] & 1) { d = mp_add(d, x, f->mm.m); x = d; }
return (mp_lsr(d, x, 1));
}
- if (!MP_ISPOS(p) || !MP_ISODD(p))
+ if (!MP_POSP(p) || !MP_ODDP(p))
return (0);
f = CREATE(fctx);
f->f.ops = &fops;
return (0);
f = CREATE(fctx);
f->f.ops = &fops;
- * $Id: g-prime.c,v 1.4 2004/04/08 01:36:15 mdw Exp $
*
* Abstraction for prime groups
*
*
* Abstraction for prime groups
*
- if (!MP_ISPOS(gp->p) || !MP_ISODD(gp->p))
+ if (!MP_POSP(gp->p) || !MP_ODDP(gp->p))
return (0);
g = CREATE(gctx);
g->g.ops = &gops;
return (0);
g = CREATE(gctx);
g->g.ops = &gops;
- * $Id: gdsa.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Generalized version of DSA
*
*
* Generalized version of DSA
*
new_k:
k = mprand_range(k, g->r, c->r, 0);
have_k:
new_k:
k = mprand_range(k, g->r, c->r, 0);
have_k:
- if (MP_ISZERO(k)) goto new_k;
+ if (MP_ZEROP(k)) goto new_k;
G_EXP(g, z, g->g, k);
sr = G_TOINT(g, sr, z); assert(sr);
G_EXP(g, z, g->g, k);
sr = G_TOINT(g, sr, z); assert(sr);
- if (MP_ISZERO(sr)) goto new_k;
+ if (MP_ZEROP(sr)) goto new_k;
mp_div(0, &sr, sr, g->r);
mpbarrett_create(&b, g->r);
mp_div(0, &sr, sr, g->r);
mpbarrett_create(&b, g->r);
- * $Id: gf-gcd.c,v 1.3 2004/04/08 01:36:15 mdw Exp $
*
* Euclidian algorithm on binary polynomials
*
*
* Euclidian algorithm on binary polynomials
*
u = MP_COPY(a);
v = MP_COPY(b);
u = MP_COPY(a);
v = MP_COPY(b);
mp *t;
gf_div(&q, &u, u, v);
if (f & f_ext) {
mp *t;
gf_div(&q, &u, u, v);
if (f & f_ext) {
- * $Id: gfreduce.c,v 1.5 2004/04/08 01:36:15 mdw Exp $
*
* Efficient reduction modulo sparse binary polynomials
*
*
* Efficient reduction modulo sparse binary polynomials
*
y = gfreduce_do(r, t, t);
y = gf_add(y, y, x);
}
y = gfreduce_do(r, t, t);
y = gf_add(y, y, x);
}
mp_drop(spare);
mp_drop(y);
return (rc);
mp_drop(spare);
mp_drop(y);
return (rc);
z = gf_add(z, z, t);
w = gf_add(w, w, rho);
}
z = gf_add(z, z, t);
w = gf_add(w, w, rho);
}
break;
MP_DROP(z);
MP_DROP(w);
break;
MP_DROP(z);
MP_DROP(w);
mp *spare = (e->f & MP_BURN) ? MP_NEWSEC : MP_NEW;
MP_SHRINK(e);
mp *spare = (e->f & MP_BURN) ? MP_NEWSEC : MP_NEW;
MP_SHRINK(e);
+ MP_COPY(a);
+ if (MP_ZEROP(e))
- else if (MP_LEN(e) < EXP_THRESH)
- EXP_SIMPLE(x, a, e);
- else
- EXP_WINDOW(x, a, e);
+ else {
+ if (MP_NEGP(e))
+ a = gf_modinv(a, a, gr->p);
+ if (MP_LEN(e) < EXP_THRESH)
+ EXP_SIMPLE(x, a, e);
+ else
+ EXP_WINDOW(x, a, e);
+ }
mp_drop(spare);
return (x);
}
mp_drop(spare);
return (x);
}
- * $Id: gkcdsa.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Generalized version of KCDSA
*
*
* Generalized version of KCDSA
*
new_k:
k = mprand_range(k, g->r, c->r, 0);
have_k:
new_k:
k = mprand_range(k, g->r, c->r, 0);
have_k:
- if (MP_ISZERO(k)) goto new_k;
+ if (MP_ZEROP(k)) goto new_k;
G_EXP(g, z, g->g, k);
if (!s->r) s->r = xmalloc(hsz);
h = hashge(g, c->h, z); GH_DONE(h, s->r);
G_EXP(g, z, g->g, k);
if (!s->r) s->r = xmalloc(hsz);
h = hashge(g, c->h, z); GH_DONE(h, s->r);
- * $Id: group-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Exponentiation for abstract groups
*
*
* Exponentiation for abstract groups
*
G_COPY(gg, d, gg->i);
if (n->f & MP_BURN)
G_BURN(gg, t);
G_COPY(gg, d, gg->i);
if (n->f & MP_BURN)
G_BURN(gg, t);
G_INV(gg, t, t);
if (MP_LEN(n) < EXP_THRESH)
EXP_SIMPLE(d, t, n);
G_INV(gg, t, t);
if (MP_LEN(n) < EXP_THRESH)
EXP_SIMPLE(d, t, n);
for (i = 0; i < n; i++) {
ff[i].base = G_CREATE(gg);
MP_SHRINK(f[i].exp);
for (i = 0; i < n; i++) {
ff[i].base = G_CREATE(gg);
MP_SHRINK(f[i].exp);
- if (f[i].exp->f & MP_NEG)
G_INV(gg, ff[i].base, f[i].base);
else
G_COPY(gg, ff[i].base, f[i].base);
G_INV(gg, ff[i].base, f[i].base);
else
G_COPY(gg, ff[i].base, f[i].base);
- * $Id: mp-arith.c,v 1.18 2004/04/08 01:36:15 mdw Exp $
*
* Basic arithmetic on multiprecision integers
*
*
* Basic arithmetic on multiprecision integers
*
mp *mp_lsl2c(mp *d, mp *a, size_t n)
{
mp *mp_lsl2c(mp *d, mp *a, size_t n)
{
return (mp_lsl(d, a, n));
d = mp_not2c(d, a);
d = mp_lslc(d, d, n);
return (mp_lsl(d, a, n));
d = mp_not2c(d, a);
d = mp_lslc(d, d, n);
mp *mp_lsr2c(mp *d, mp *a, size_t n)
{
mp *mp_lsr2c(mp *d, mp *a, size_t n)
{
return (mp_lsr(d, a, n));
d = mp_not2c(d, a);
d = mp_lsr(d, d, n);
return (mp_lsr(d, a, n));
d = mp_not2c(d, a);
d = mp_lsr(d, d, n);
int mp_testbit2c(mp *x, unsigned long n)
{
int r;
int mp_testbit2c(mp *x, unsigned long n)
{
int r;
return (mp_testbit(x, n));
x = mp_not2c(MP_NEW, x);
r = !mp_testbit(x, n);
return (mp_testbit(x, n));
x = mp_not2c(MP_NEW, x);
r = !mp_testbit(x, n);
mp *mp_setbit2c(mp *d, mp *x, unsigned long n)
{
mp *mp_setbit2c(mp *d, mp *x, unsigned long n)
{
return mp_setbit(d, x, n);
d = mp_not2c(d, x);
d = mp_clearbit(d, d, n);
return mp_setbit(d, x, n);
d = mp_not2c(d, x);
d = mp_clearbit(d, d, n);
mp *mp_clearbit2c(mp *d, mp *x, unsigned long n)
{
mp *mp_clearbit2c(mp *d, mp *x, unsigned long n)
{
return mp_clearbit(d, x, n);
d = mp_not2c(d, x);
d = mp_setbit(d, d, n);
return mp_clearbit(d, x, n);
d = mp_not2c(d, x);
d = mp_setbit(d, d, n);
MP_DEST(d, MP_LEN(a) + 1, a->f);
if (d == a) {
MP_DEST(d, MP_LEN(a) + 1, a->f);
if (d == a) {
MPX_USUBN(d->v, d->vl, 1);
else
MPX_UADDN(d->v, d->vl, 1);
} else {
MPX_USUBN(d->v, d->vl, 1);
else
MPX_UADDN(d->v, d->vl, 1);
} else {
mpx_usub(d->v, d->vl, a->v, a->vl, &one, &one + 1);
else
mpx_uadd(d->v, d->vl, a->v, a->vl, &one, &one + 1);
mpx_usub(d->v, d->vl, a->v, a->vl, &one, &one + 1);
else
mpx_uadd(d->v, d->vl, a->v, a->vl, &one, &one + 1);
*/
q->f = ((r->f | b->f) & MP_BURN) | ((r->f ^ b->f) & MP_NEG);
*/
q->f = ((r->f | b->f) & MP_BURN) | ((r->f ^ b->f) & MP_NEG);
mpw *v;
for (v = r->v; v < r->vl; v++) {
if (*v) {
mpw *v;
for (v = r->v; v < r->vl; v++) {
if (*v) {
- * $Id: mp-gcd.c,v 1.7 2004/04/08 01:36:15 mdw Exp $
*
* Extended GCD calculation
*
*
* Extended GCD calculation
*
if (xx || yy)
f |= f_ext;
if (xx || yy)
f |= f_ext;
f |= f_bneg;
/* --- Ensure that @a@ is larger than @b@ --- *
f |= f_bneg;
/* --- Ensure that @a@ is larger than @b@ --- *
if (gcd) {
if (*gcd) MP_DROP(*gcd);
a = MP_COPY(a);
if (gcd) {
if (*gcd) MP_DROP(*gcd);
a = MP_COPY(a);
MP_SPLIT(a);
a->f &= ~MP_NEG;
f |= f_aneg;
MP_SPLIT(a);
a->f &= ~MP_NEG;
f |= f_aneg;
u = MP_COPY(a);
v = MP_COPY(b);
u = MP_COPY(a);
v = MP_COPY(b);
mp *t;
mp_div(&q, &u, u, v);
if (f & f_ext) {
mp *t;
mp_div(&q, &u, u, v);
if (f & f_ext) {
do {
y = mp_add(y, y, a);
x = mp_sub(x, x, b);
do {
y = mp_add(y, y, a);
x = mp_sub(x, x, b);
- } while (y->f & MP_NEG);
} else {
while (MP_CMP(y, >=, a)) {
y = mp_sub(y, y, a);
} else {
while (MP_CMP(y, >=, a)) {
y = mp_sub(y, y, a);
} else {
while (MP_CMP(x, >=, b))
x = mp_sub(x, x, b);
} else {
while (MP_CMP(x, >=, b))
x = mp_sub(x, x, b);
- * $Id: mp-io.c,v 1.7 2004/04/08 01:36:15 mdw Exp $
*
* Loading and storing of multiprecision integers
*
*
* Loading and storing of multiprecision integers
*
void mp_storel2c(const mp *m, void *pv, size_t sz)
{
void mp_storel2c(const mp *m, void *pv, size_t sz)
{
mpx_storel2cn(m->v, m->vl, pv, sz);
else
mpx_storel(m->v, m->vl, pv, sz);
mpx_storel2cn(m->v, m->vl, pv, sz);
else
mpx_storel(m->v, m->vl, pv, sz);
void mp_storeb2c(const mp *m, void *pv, size_t sz)
{
void mp_storeb2c(const mp *m, void *pv, size_t sz)
{
mpx_storeb2cn(m->v, m->vl, pv, sz);
else
mpx_storeb(m->v, m->vl, pv, sz);
mpx_storeb2cn(m->v, m->vl, pv, sz);
else
mpx_storeb(m->v, m->vl, pv, sz);
- * $Id: mp-jacobi.c,v 1.5 2004/04/08 01:36:15 mdw Exp $
*
* Compute Jacobi symbol
*
*
* Compute Jacobi symbol
*
- assert(((void)"n must be odd in mp_jacobi", MP_LEN(n) && (n->v[0] & 1)));
/* --- Take copies of the arguments --- */
/* --- Take copies of the arguments --- */
/* --- Some simple special cases --- */
MP_SHRINK(a);
/* --- Some simple special cases --- */
MP_SHRINK(a);
- * $Id: mp-sqrt.c,v 1.5 2004/04/08 01:36:15 mdw Exp $
*
* Compute integer square roots
*
*
* Compute integer square roots
*
/* --- Sanity preservation --- */
/* --- Sanity preservation --- */
- assert(((void)"imaginary root in mp_sqrt", !(a->f & MP_NEG)));
/* --- Deal with trivial cases --- */
/* --- Deal with trivial cases --- */
q = mp_sub(q, q, a);
if (q->v == q->vl)
break;
q = mp_sub(q, q, a);
if (q->v == q->vl)
break;
r = mp_lsl(r, d, 1);
r->f |= MP_NEG;
if (MP_CMP(q, <=, r))
r = mp_lsl(r, d, 1);
r->f |= MP_NEG;
if (MP_CMP(q, <=, r))
- * $Id: mp.h,v 1.19 2004/04/08 01:36:15 mdw Exp $
*
* Simple multiprecision arithmetic
*
*
* Simple multiprecision arithmetic
*
#define MP_SHRINK(m) do { \
mp *_mm = (m); \
MPX_SHRINK(_mm->v, _mm->vl); \
#define MP_SHRINK(m) do { \
mp *_mm = (m); \
MPX_SHRINK(_mm->v, _mm->vl); \
_mm->f &= ~MP_NEG; \
} while (0)
_mm->f &= ~MP_NEG; \
} while (0)
/* --- Other handy macros --- */
/* --- Other handy macros --- */
-#define MP_ISNEG(x) ((x)->f & MP_NEG)
-#define MP_ISZERO(x) (!MP_LEN(x))
-#define MP_ISPOS(x) (!MP_ISNEG(x) && !MP_ISZERO(x))
-#define MP_ISODD(x) (!MP_ISZERO(x) && ((x)->v[0] & 1u))
-#define MP_ISEVEN(x) (!MP_ISODD(x))
+#define MP_NEGP(x) ((x)->f & MP_NEG)
+#define MP_ZEROP(x) (!MP_LEN(x))
+#define MP_POSP(x) (!MP_NEGP(x) && !MP_ZEROP(x))
+#define MP_ODDP(x) (!MP_ZEROP(x) && ((x)->v[0] & 1u))
+#define MP_EVENP(x) (!MP_ODDP(x))
/*----- Arithmetic operations ---------------------------------------------*/
/*----- Arithmetic operations ---------------------------------------------*/
- * $Id: mpbarrett-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Modular exponentiation using Barrett reduction
*
*
* Modular exponentiation using Barrett reduction
*
MP_COPY(a);
MP_SHRINK(e);
MP_COPY(a);
MP_SHRINK(e);
- if (e->f & MP_NEG)
- a = mp_modinv(a, a, mb->m);
- if (!MP_LEN(e))
- else if (MP_LEN(e) < EXP_THRESH)
- EXP_SIMPLE(x, a, e);
- else
- EXP_WINDOW(x, a, e);
+ else {
+ if (MP_NEGP(e))
+ a = mp_modinv(a, a, mb->m);
+ if (MP_LEN(e) < EXP_THRESH)
+ EXP_SIMPLE(x, a, e);
+ else
+ EXP_WINDOW(x, a, e);
+ }
mp_drop(d);
mp_drop(spare);
mp_drop(a);
mp_drop(d);
mp_drop(spare);
mp_drop(a);
- * $Id: mpbarrett-mexp.c,v 1.3 2004/04/08 01:36:15 mdw Exp $
*
* Multiple simultaneous exponentiations
*
*
* Multiple simultaneous exponentiations
*
for (i = 0; i < n; i++) {
if (f[i].exp->f & MP_BURN)
spare = MP_NEWSEC;
for (i = 0; i < n; i++) {
if (f[i].exp->f & MP_BURN)
spare = MP_NEWSEC;
- if (!(f[i].exp->f & MP_NEG))
- ff[i].base = MP_COPY(f[i].base);
- else
ff[i].base = mp_modinv(MP_NEW, f[i].base, mb->m);
ff[i].base = mp_modinv(MP_NEW, f[i].base, mb->m);
+ else
+ ff[i].base = MP_COPY(f[i].base);
ff[i].exp = f[i].exp;
}
mp_drop(g);
ff[i].exp = f[i].exp;
}
mp_drop(g);
- * $Id: mpint.h,v 1.6 2004/04/08 01:36:15 mdw Exp $
*
* Conversion between MPs and standard C integers
*
*
* Conversion between MPs and standard C integers
*
_v++; \
_max /= (mpd)MPW_MAX + 1; \
} \
_v++; \
_max /= (mpd)MPW_MAX + 1; \
} \
- if (!(_m->f & MP_NEG)) \
_i = -_i; \
(i) = _i; \
} while (0)
_i = -_i; \
(i) = _i; \
} while (0)
- * $Id: mpmont-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Modular exponentiation with Montgomery reduction
*
*
* Modular exponentiation with Montgomery reduction
*
MP_COPY(a);
MP_SHRINK(e);
MP_COPY(a);
MP_SHRINK(e);
- if (e->f & MP_NEG) {
- a = mpmont_reduce(mm, a, a);
- a = mp_modinv(a, a, mm->m);
- a = mpmont_mul(mm, a, a, mm->r2);
- }
- if (MP_LEN(e) == 0)
- else if (MP_LEN(e) < EXP_THRESH)
- EXP_SIMPLE(x, a, e);
- else
- EXP_WINDOW(x, a, e);
+ else {
+ if (MP_NEGP(e)) {
+ a = mpmont_reduce(mm, a, a);
+ a = mp_modinv(a, a, mm->m);
+ a = mpmont_mul(mm, a, a, mm->r2);
+ }
+ if (MP_LEN(e) < EXP_THRESH)
+ EXP_SIMPLE(x, a, e);
+ else
+ EXP_WINDOW(x, a, e);
+ }
mp_drop(d);
mp_drop(spare);
mp_drop(a);
mp_drop(d);
mp_drop(spare);
mp_drop(a);
- * $Id: mpmont-mexp.c,v 1.9 2004/04/08 01:36:15 mdw Exp $
*
* Multiple simultaneous exponentiations
*
*
* Multiple simultaneous exponentiations
*
mp *t;
if (f[i].exp->f & MP_BURN)
spare = MP_NEWSEC;
mp *t;
if (f[i].exp->f & MP_BURN)
spare = MP_NEWSEC;
- if (f[i].exp->f & MP_NEG) {
+ if (MP_NEGP(f[i].exp)) {
t = mpmont_reduce(mm, f[i].base, f[i].base);
t = mp_modinv(t, t, mm->m);
f[i].base = mpmont_mul(mm, t, t, mm->r2);
t = mpmont_reduce(mm, f[i].base, f[i].base);
t = mp_modinv(t, t, mm->m);
f[i].base = mpmont_mul(mm, t, t, mm->r2);
- * $Id: mpmont.c,v 1.19 2004/04/08 01:36:15 mdw Exp $
*
* Montgomery reduction
*
*
* Montgomery reduction
*
/* --- Take a copy of the modulus --- */
/* --- Take a copy of the modulus --- */
- assert(MP_ISPOS(m) && MP_ISODD(m));
+ assert(MP_POSP(m) && MP_ODDP(m));
mm->m = MP_COPY(m);
/* --- Determine %$R^2$% --- */
mm->m = MP_COPY(m);
/* --- Determine %$R^2$% --- */
- * $Id: mpreduce.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Efficient reduction modulo nice primes
*
*
* Efficient reduction modulo nice primes
*
/* --- Fill in the easy stuff --- */
/* --- Fill in the easy stuff --- */
d = mp_bits(p);
r->lim = d/MPW_BITS;
r->s = d%MPW_BITS;
d = mp_bits(p);
r->lim = d/MPW_BITS;
r->s = d%MPW_BITS;
/* --- If source is negative, divide --- */
/* --- If source is negative, divide --- */
mp_div(0, &d, x, r->p);
return (d);
}
mp_div(0, &d, x, r->p);
return (d);
}
mp *spare = (e->f & MP_BURN) ? MP_NEWSEC : MP_NEW;
MP_SHRINK(e);
mp *spare = (e->f & MP_BURN) ? MP_NEWSEC : MP_NEW;
MP_SHRINK(e);
+ MP_COPY(a);
+ if (MP_ZEROP(e))
- else if (MP_LEN(e) < EXP_THRESH)
- EXP_SIMPLE(x, a, e);
- else
- EXP_WINDOW(x, a, e);
+ else {
+ if (MP_NEGP(e))
+ a = mp_modinv(a, a, mr->p);
+ if (MP_LEN(e) < EXP_THRESH)
+ EXP_SIMPLE(x, a, e);
+ else
+ EXP_WINDOW(x, a, e);
+ }
+ mp_drop(a);
mp_drop(d);
mp_drop(spare);
return (x);
mp_drop(d);
mp_drop(spare);
return (x);
- * $Id: mptext-len.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
*
* Work out length of a number's string representation
*
*
* Work out length of a number's string representation
*
*
* Returns: The number of digits needed to represent the number in the
* given base. This will not include space for a leading sign
*
* Returns: The number of digits needed to represent the number in the
* given base. This will not include space for a leading sign
- * (use @MP_ISNEG@ to check that, or just add one on for luck);
+ * (use @MP_NEGP@ to check that, or just add one on for luck);
* neither will it add space for a terminating null. In general
* the answer will be an overestimate.
*/
* neither will it add space for a terminating null. In general
* the answer will be an overestimate.
*/
- * $Id: mptext.c,v 1.18 2004/04/08 01:36:15 mdw Exp $
*
* Textual representation of multiprecision numbers
*
*
* Textual representation of multiprecision numbers
*
assert(i);
mp_div(&q, &m, m, pr[i]);
assert(i);
mp_div(&q, &m, m, pr[i]);
/* --- If the number is negative, sort that out --- */
/* --- If the number is negative, sort that out --- */
if (ops->put("-", 1, p))
return (EOF);
m->f &= ~MP_NEG;
if (ops->put("-", 1, p))
return (EOF);
m->f &= ~MP_NEG;
- * $Id: mptext.h,v 1.7 2004/04/08 01:36:15 mdw Exp $
*
* Textual representation of multiprecision numbers
*
*
* Textual representation of multiprecision numbers
*
*
* Returns: The number of digits needed to represent the number in the
* given base. This will not include space for a leading sign
*
* Returns: The number of digits needed to represent the number in the
* given base. This will not include space for a leading sign
- * (use @MP_ISNEG@ to check that, or just add one on for luck);
+ * (use @MP_NEGP@ to check that, or just add one on for luck);
* neither will it add space for a terminating null. In general
* the answer will be an overestimate.
*/
* neither will it add space for a terminating null. In general
* the answer will be an overestimate.
*/
- * $Id: pgen.c,v 1.10 2004/04/08 01:36:15 mdw Exp $
*
* Prime generation glue
*
*
* Prime generation glue
*
- if (MP_ISNEG(p)) return (0);
+ if (MP_NEGP(p)) return (0);
switch (pfilt_smallfactor(p)) {
case PGEN_DONE: return (1);
case PGEN_FAIL: return (0);
switch (pfilt_smallfactor(p)) {
case PGEN_DONE: return (1);
case PGEN_FAIL: return (0);
- * $Id: rsa-gen.c,v 1.5 2004/04/08 01:36:15 mdw Exp $
*
* RSA parameter generation
*
*
* RSA parameter generation
*
mp *z = rp->p;
rp->p = rp->q;
rp->q = z;
mp *z = rp->p;
rp->p = rp->q;
rp->q = z;
-# $Id: gfreduce,v 1.4 2004/03/27 17:54:12 mdw Exp $
#
# Test efficient polynomial reduction
#
# Test efficient polynomial reduction
modexp {
0x20000000000000000000000000000000000000000000000000000000000001001
modexp {
0x20000000000000000000000000000000000000000000000000000000000001001
+ 0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ 0
+ 1;
+ 0x20000000000000000000000000000000000000000000000000000000000001001
0x02
0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
1;
0x02
0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
1;
0x34235950984598345900983409845690805680985
0x0fffffffffffffffffffffffffffffffffffffffffff
1;
0x34235950984598345900983409845690805680985
0x0fffffffffffffffffffffffffffffffffffffffffff
1;
+
+ 0x800000000000000000000000000000000000000c9
+ 0x3f0eba16286a2d57ea0991168d4994637e8343e36
+ -1
+ 0x3c8c172e24598e90b9542e6b8f6571f54be572b50;
+ 0x800000000000000000000000000000000000000c9
+ 0x3c8c172e24598e90b9542e6b8f6571f54be572b50
+ 342345
+ 0x3521fe2666efe92ca4eb160a286e0fd9427b84a62;
+ 0x800000000000000000000000000000000000000c9
+ 0x3f0eba16286a2d57ea0991168d4994637e8343e36
+ -342345
+ 0x3521fe2666efe92ca4eb160a286e0fd9427b84a62;
# Test vectors for Barrett modular reduction
#
# Test vectors for Barrett modular reduction
#
-# $Id: mpbarrett,v 1.4 2004/04/01 12:50:41 mdw Exp $
mpbarrett-reduce {
17 11 6;
mpbarrett-reduce {
17 11 6;
# --- Negative exponents ---
# --- Negative exponents ---
+ 0xfffffffdffffffffffffffffffffffff 0xfffffffdfffffffffffffffffffffffe 0 1;
8939489893434234331 1804289383 -8939035539979879765 6139425926295484741;
# --- DSA public key derivation ---
8939489893434234331 1804289383 -8939035539979879765 6139425926295484741;
# --- DSA public key derivation ---
# Test vectors for Montgomery reduction
#
# Test vectors for Montgomery reduction
#
-# $Id: mpmont,v 1.7 2004/04/01 12:50:41 mdw Exp $
create {
340809809850981098423498794792349 # m
create {
340809809850981098423498794792349 # m
8939489893434234331 1804289383 454353454354565 6139425926295484741;
8939489893434234331 1804289383 8939489893434234330 1;
8939489893434234331 1804289383 454353454354565 6139425926295484741;
8939489893434234331 1804289383 8939489893434234330 1;
- # --- Negative exponents ---
+ # --- Negative and zero exponents ---
+ 0xfffffffdffffffffffffffffffffffff 0xfffffffdfffffffffffffffffffffffe 0 1;
8939489893434234331 1804289383 -8939035539979879765 6139425926295484741;
# --- DSA public key derivation ---
8939489893434234331 1804289383 -8939035539979879765 6139425926295484741;
# --- DSA public key derivation ---
-# $Id: mpreduce,v 1.1 2004/03/27 00:04:46 mdw Exp $
#
# Tests for efficient reduction
#
# Tests for efficient reduction
+ 0xfffffffdffffffffffffffffffffffff 0xfffffffdfffffffffffffffffffffffe 0 1;
0xfffffffdffffffffffffffffffffffff 2
0xfffffffdfffffffffffffffffffffffe 1;
0xfffffffdffffffffffffffffffffffff 2
0xfffffffdfffffffffffffffffffffffd
0x7fffffff000000000000000000000000;
0xfffffffdffffffffffffffffffffffff 2
0xfffffffdfffffffffffffffffffffffe 1;
0xfffffffdffffffffffffffffffffffff 2
0xfffffffdfffffffffffffffffffffffd
0x7fffffff000000000000000000000000;
+ 8939489893434234331 1804289383
+ -8939035539979879765 6139425926295484741;
projects / u / mdw / catacomb / commitdiff