def calculate_keys(p, q, nbits): '''Calculates an encryption and a decryption key given p and q, and returns them as a tuple (e, d) ''' phi_n = (p - 1) * (q - 1) # A very common choice for e is 65537 e = 65537 try: d = common.inverse(e, phi_n) except ValueError: raise ValueError("e (%d) and phi_n (%d) are not relatively prime" % (e, phi_n)) if (e * d) % phi_n != 1: raise ValueError("e (%d) and d (%d) are not mult. inv. modulo " "phi_n (%d)" % (e, d, phi_n)) return (e, d)
def __init__(self, n, e, d, p, q, exp1=None, exp2=None, coef=None): self.n = n self.e = e self.d = d self.p = p self.q = q # Calculate the other values if they aren't supplied if exp1 is None: self.exp1 = int(d % (p - 1)) else: self.exp1 = exp1 if exp1 is None: self.exp2 = int(d % (q - 1)) else: self.exp2 = exp2 if coef is None: self.coef = common.inverse(q, p) else: self.coef = coef
def make_test(a, b, modulus): assert (0 <= a < modulus) assert (0 <= b < modulus) assert (modulus & 1) R = 1 nw = 0 B = 1 << 64 while modulus >= R: R <<= 64 nw += 1 n0 = modulus & (B - 1) m0 = -inverse(n0, B) % B assert (0 < m0 < B) a_m = (a * R) % modulus b_m = (b * R) % modulus # What we expect the function to compute result_m = (a * b * R) % modulus # Turn data into arrays of 64-bit words a_m_s = split64(a_m) b_m_s = split64(b_m) modulus_s = split64(modulus) result_m_s = split64(result_m) # Everything must have nw words for ds in (a_m_s, b_m_s, modulus_s, result_m_s): ds += ["0"] * (nw - len(ds)) # Modulus also byte encoded, big endian modulus_b = [] while modulus > 0: modulus_b.insert(0, hex(modulus % 256)) modulus >>= 8 test_nr = counter.next() print "" print "void test_%d() {" % test_nr print " const uint64_t a[] = {" + ", ".join(a_m_s) + "};" print " const uint64_t b[] = {" + ", ".join(b_m_s) + "};" print " const uint64_t n[] = {" + ", ".join(modulus_s) + "};" print " const uint64_t expected[] = {" + ", ".join(result_m_s) + "};" print " uint64_t out[%d];" % (nw + 1) print " uint64_t scratch[%d];" % (3 * nw + 1) print "" print " memset(out, 0xAA, sizeof out);" print " mont_mult_internal(out, a, b, n, %dUL, scratch, %d);" % (m0, nw) print " assert(memcmp(out, expected, 8*%d) == 0);" % nw print " assert(out[%d] == 0xAAAAAAAAAAAAAAAAUL);" % nw print "}" print "" test_nr = counter.next() print "" print "void test_%d() {" % test_nr print " const uint64_t a[] = {" + ", ".join(a_m_s) + "};" print " const uint64_t b[] = {" + ", ".join(b_m_s) + "};" print " const uint8_t modulus[] = {" + ", ".join(modulus_b) + "};" print " const uint64_t expected[] = {" + ", ".join(result_m_s) + "};" print " uint64_t out[%d];" % (nw + 1) print " MontContext *ctx;" print " int res;" print " uint64_t scratch[%d];" % (3 * nw + 1) print "" print print " res = mont_context_init(&ctx, modulus, sizeof modulus);" print " assert(res == 0);" print " memset(out, 0xAA, sizeof out);" print " res = mont_mult(out, a, b, scratch, ctx);" print " assert(res == 0);" print " assert(out[%d] == 0xAAAAAAAAAAAAAAAAUL);" % nw print " assert(memcmp(out, expected, 8*%d) == 0);" % nw print " mont_context_free(ctx);" print "}" print ""