def verify(self, m: bytes, sign: tuple, pk: int) -> bool:
r, s = sign
w = inverse(s, self._data['q'])
u1 = (self._hash(m) * w) % self._data['q']
u2 = (r * w) % self._data['q']
v = ((quick_power(self._data['g'], u1, self._data['p']) * quick_power(
pk, u2, self._data['p'])) % self._data['p']) % self._data['q']
return v == r
def miller_rabin(n):
q = n - 1
k = 0
while not q & 1:
q >>= 1
k += 1
a = random.randint(2, n - 2)
if quick_power(a, q, n) == 1:
return True
for j in range(k):
if quick_power(a, q << j, n) == (n - 1):
return True
return False
def _genParam(self, l: int, n: int, seedlen: int = None) -> tuple:
if seedlen is None:
seedlen = n
assert seedlen >= n
outlen = self._hashFunc().digest_size * 8
t = l // outlen - 1
b = l - 1 - t * outlen
q = None
dps = 0
while q is None:
dps = random.random()
u = self._hash(dps) % 2**(n - 1)
temp_q = 2**(n - 1) + u + 1 - (u % 2)
if primeTest(temp_q, prob=0.001, method='miller_rabin'):
q = temp_q
offset = 1
for counter in range(4 * l):
w = (self._hash(dps + offset + 0) % 2**seedlen) % 2**b
for j in range(1, t + 1):
w ^= self._hash(dps + offset + j) % 2**seedlen
w <<= outlen
x = w + 2**(l - 1)
c = x % (2 * q)
p = x - (c - 1)
if p >= 2**(l - 1) and primeTest(
p, prob=0.001, method='miller_rabin'):
e = (p - 1) // q
while True:
h = random.randint(2, p - 2)
g = quick_power(h, e, p)
if g > 1:
return {'p': p, 'q': q, 'g': g}
offset += t + 1
def fermat(n):
a = random.randint(2, n - 2)
d = gcd(a, n)
if d > 1:
return False
if quick_power(a, n - 1, n) != 1:
return False
return True
def solovay_stassen(n):
a = random.randint(2, n - 2)
r = quick_power(a, (n - 1) >> 1, n)
if r != 1 and r != n - 1:
return False
s = (jacobi(a, n) + n) % n
if r != s:
return False
return True
def sign(self, m: bytes, sk: int) -> tuple:
k = None
while k is None:
temp_k = random.randint(3, self._q - 2)
if gcd(temp_k, self._q - 1) == 1:
k = temp_k
s1 = quick_power(self._a, k, self._q)
s2 = (inverse(k, self._q - 1) *
((self._hash(m) % self._q) - sk * s1)) % (self._q - 1)
return (s1, s2)
def naive_pr(n):
if n == 2:
return [1]
if n == 4:
return [3]
phi = eular(n)
if not phi:
return None
res = list()
for i in range(2, n):
if not [j for j in range(2, phi) if quick_power(i, j, n) == 1]:
res.append(i)
return res
def advance_pr(n):
if n == 2:
return [1]
if n == 4:
return [3]
phi = eular(n)
if not phi:
return None
factors = naive_fact(phi)
res = list()
for i in range(2, n):
if not [x for x in factors if quick_power(i, phi // x, n) == 1]:
res.append(i)
return res
def verify(self, m: bytes, sign: tuple, pk: int) -> bool:
s1, s2 = sign
v1 = quick_power(self._a, (self._hash(m) % self._q), self._q)
v2 = (quick_power(pk, s1, self._q) *
quick_power(s1, s2, self._q)) % self._q
return v1 == v2
def _encrypt(data, keys):
e, n = keys
assert data < n
return quick_power(data, e, n)
def sign(self, m: bytes, sk: int) -> tuple:
k = random.randint(1, self._data['q'] - 1)
r = quick_power(self._data['g'], k, self._data['p']) % self._data['q']
s = (inverse(k, self._data['q']) *
(self._hash(m) + sk * r)) % self._data['q']
return (r, s)
def genKey(self) -> tuple:
sk = random.randint(1, self._data['q'] - 1)
pk = quick_power(self._data['g'], sk, self._data['p'])
return (sk, pk)
def verify(self, m:bytes, sign:tuple, pk:int) -> bool:
e, y = sign
x = (quick_power(self._data['g'], y, self._data['p']) * quick_power(pk, e, self._data['p'])) % self._data['p']
h = self._hash(m + x.to_bytes(self._byteLen, byteorder='big'))
return e == h
def sign(self, m:bytes, sk:int) -> tuple:
r = random.randint(1, self._data['q']-1)
x = quick_power(self._data['g'], r, self._data['p'])
e = self._hash(m + x.to_bytes(self._byteLen, byteorder='big'))
y = (r + sk*e) % self._data['q']
return (e, y)
def genKey(self) -> tuple:
sk = random.randint(2, self._q - 2)
pk = quick_power(self._a, sk, self._q)
return (sk, pk)
def _fast_decrypt(data, keys):
dp, dq, xp, xq, p, q, n = keys
vp = quick_power(data, dp, p)
vq = quick_power(data, dq, q)
return (vp*xp+vq*xq)%n
def _decrypt(data, keys):
d, n = keys
return quick_power(data, d, n)
