/Microsoft.Cryptography.Samples.RSAManaged/FlexInt.cs
C# | 1930 lines | 1356 code | 389 blank | 185 comment | 313 complexity | 87d6859776232ed71ee844d9e63c4085 MD5 | raw file
Possible License(s): CC-BY-SA-3.0
Large files files are truncated, but you can click here to view the full file
- using System;
- using System.Security.Cryptography;
-
- namespace Microsoft.Cryptography
- {
-
- internal class FlexInt
- {
-
- #region Data Storage
-
- /// <summary>
- /// The Length of this FlexInt
- /// </summary>
- uint length = 1;
-
- /// <summary>
- /// The data for this FlexInt
- /// </summary>
- uint[] data;
-
- #endregion
-
- #region Constants
-
- /// <summary>
- /// Default length of a FlexInt in bytes
- /// </summary>
- const uint DEFAULT_LEN = 20;
-
- /// <summary>
- /// Table of primes below 2000. The values were generated using Mathematica 4.1.
- /// </summary>
- public static readonly uint[] smallPrimes = {
- 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
- 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
- 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
- 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
- 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
- 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
- 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607,
- 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
- 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811,
- 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
- 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997,
-
- 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087,
- 1091, 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163, 1171, 1181,
- 1187, 1193, 1201, 1213, 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277, 1279,
- 1283, 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321, 1327, 1361, 1367, 1373,
- 1381, 1399, 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459, 1471,
- 1481, 1483, 1487, 1489, 1493, 1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559,
- 1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619, 1621, 1627, 1637,
- 1657, 1663, 1667, 1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747,
- 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811, 1823, 1831, 1847, 1861, 1867,
- 1871, 1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949, 1951, 1973,
- 1979, 1987, 1993, 1997, 1999,
-
- 2003, 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069, 2081, 2083, 2087, 2089,
- 2099, 2111, 2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203, 2207,
- 2213, 2221, 2237, 2239, 2243, 2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297,
- 2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377, 2381, 2383, 2389,
- 2393, 2399, 2411, 2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503,
- 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579, 2591, 2593, 2609, 2617, 2621,
- 2633, 2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693, 2699, 2707,
- 2711, 2713, 2719, 2729, 2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791, 2797,
- 2801, 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861, 2879, 2887, 2897, 2903,
- 2909, 2917, 2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999,
-
- 3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079, 3083, 3089, 3109,
- 3119, 3121, 3137, 3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221,
- 3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301, 3307, 3313, 3319, 3323, 3329,
- 3331, 3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413, 3433, 3449,
- 3457, 3461, 3463, 3467, 3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533, 3539,
- 3541, 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607, 3613, 3617, 3623, 3631,
- 3637, 3643, 3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727, 3733,
- 3739, 3761, 3767, 3769, 3779, 3793, 3797, 3803, 3821, 3823, 3833, 3847, 3851,
- 3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923, 3929, 3931, 3943,
- 3947, 3967, 3989,
-
- 4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057, 4073, 4079, 4091,
- 4093, 4099, 4111, 4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211,
- 4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259, 4261, 4271, 4273, 4283, 4289,
- 4297, 4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409, 4421, 4423,
- 4441, 4447, 4451, 4457, 4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519, 4523,
- 4547, 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621, 4637, 4639, 4643, 4649,
- 4651, 4657, 4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751, 4759,
- 4783, 4787, 4789, 4793, 4799, 4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889,
- 4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967, 4969, 4973, 4987,
- 4993, 4999,
-
- 5003, 5009, 5011, 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087, 5099, 5101,
- 5107, 5113, 5119, 5147, 5153, 5167, 5171, 5179, 5189, 5197, 5209, 5227, 5231,
- 5233, 5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309, 5323, 5333, 5347, 5351,
- 5381, 5387, 5393, 5399, 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443, 5449,
- 5471, 5477, 5479, 5483, 5501, 5503, 5507, 5519, 5521, 5527, 5531, 5557, 5563,
- 5569, 5573, 5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653, 5657, 5659, 5669,
- 5683, 5689, 5693, 5701, 5711, 5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
- 5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849, 5851, 5857, 5861, 5867, 5869,
- 5879, 5881, 5897, 5903, 5923, 5927, 5939, 5953, 5981, 5987
- };
-
- public enum Sign : int
- {
- Negative = -1,
- Zero = 0,
- Positive = 1
- };
-
- #region Exception Messages
- private const string ERR_VALUEISNEGATIVE = "This operation would return a negative value.";
- #endregion
-
- #endregion
-
- #region Constructors
-
- public FlexInt()
- {
- data = new uint[DEFAULT_LEN];
- this.length = DEFAULT_LEN;
- }
-
- public FlexInt(Sign sign, uint len)
- {
- this.data = new uint[len];
- this.length = len;
- }
-
- public FlexInt(FlexInt bi)
- {
- this.data = (uint[])bi.data.Clone();
- this.length = bi.length;
- }
-
- public FlexInt(FlexInt bi, uint len)
- {
-
- this.data = new uint[len];
-
- for (uint i = 0; i < bi.length; i++)
- this.data[i] = bi.data[i];
-
- this.length = bi.length;
- }
-
- #endregion
-
- #region Conversions
- public FlexInt(byte[] inData)
- {
- length = (uint)inData.Length >> 2;
- int leftOver = inData.Length & 0x3;
-
- // length not multiples of 4
- if (leftOver != 0) length++;
-
- data = new uint[length];
-
- for (int i = inData.Length - 1, j = 0; i >= 3; i -= 4, j++)
- {
- data[j] = (uint)(
- (inData[i - 3] << (3 * 8)) |
- (inData[i - 2] << (2 * 8)) |
- (inData[i - 1] << (1 * 8)) |
- (inData[i])
- );
- }
-
- switch (leftOver)
- {
- case 1: data[length - 1] = (uint)inData[0]; break;
- case 2: data[length - 1] = (uint)((inData[0] << 8) | inData[1]); break;
- case 3: data[length - 1] = (uint)((inData[0] << 16) | (inData[1] << 8) | inData[2]); break;
- }
-
- this.Normalize();
- }
-
- public FlexInt(uint[] inData)
- {
- length = (uint)inData.Length;
-
- data = new uint[length];
-
- for (int i = (int)length - 1, j = 0; i >= 0; i--, j++)
- data[j] = inData[i];
-
- this.Normalize();
- }
-
- public FlexInt(uint ui)
- {
- data = new uint[] { ui };
- }
-
- public FlexInt(ulong ul)
- {
- data = new uint[2] { (uint)ul, (uint)(ul >> 32) };
- length = 2;
-
- this.Normalize();
- }
-
- public static implicit operator FlexInt(uint value)
- {
- return (new FlexInt(value));
- }
-
- public static implicit operator FlexInt(int value)
- {
- if (value < 0) throw new ArgumentOutOfRangeException("value");
- return (new FlexInt((uint)value));
- }
-
- public static implicit operator FlexInt(ulong value)
- {
- return (new FlexInt(value));
- }
-
- /* This is the FlexInt.Parse method I use. This method works
- because FlexInt.ToString returns the input I gave to Parse. */
- public static FlexInt Parse(string number)
- {
- if (number == null)
- throw new ArgumentNullException("number");
-
- int i = 0, len = number.Length;
- char c;
- bool digits_seen = false;
- FlexInt val = new FlexInt(0);
- if (number[i] == '+')
- {
- i++;
- }
- else if (number[i] == '-')
- {
- throw new FormatException(ERR_VALUEISNEGATIVE);
- }
-
- for (; i < len; i++)
- {
- c = number[i];
- if (c == '\0')
- {
- i = len;
- continue;
- }
- if (c >= '0' && c <= '9')
- {
- val = val * 10 + (c - '0');
- digits_seen = true;
- }
- else
- {
- if (Char.IsWhiteSpace(c))
- {
- for (i++; i < len; i++)
- {
- if (!Char.IsWhiteSpace(number[i]))
- throw new FormatException();
- }
- break;
- }
- else
- throw new FormatException();
- }
- }
- if (!digits_seen)
- throw new FormatException();
- return val;
- }
-
- #endregion
-
- #region Operators
-
- public static FlexInt operator +(FlexInt bi1, FlexInt bi2)
- {
- if (bi1 == 0)
- return new FlexInt(bi2);
- else if (bi2 == 0)
- return new FlexInt(bi1);
- else
- return PrimitivesHelper.AddSameSign(bi1, bi2);
- }
-
- public static FlexInt operator -(FlexInt bi1, FlexInt bi2)
- {
- if (bi2 == 0)
- return new FlexInt(bi1);
-
- if (bi1 == 0)
- throw new ArithmeticException(ERR_VALUEISNEGATIVE);
-
- switch (PrimitivesHelper.Compare(bi1, bi2))
- {
-
- case Sign.Zero:
- return 0;
-
- case Sign.Positive:
- return PrimitivesHelper.Subtract(bi1, bi2);
-
- case Sign.Negative:
- throw new ArithmeticException(ERR_VALUEISNEGATIVE);
- default:
- throw new Exception();
- }
- }
-
- public static int operator %(FlexInt bi, int i)
- {
- if (i > 0)
- return (int)PrimitivesHelper.DwordMod(bi, (uint)i);
- else
- return -(int)PrimitivesHelper.DwordMod(bi, (uint)-i);
- }
-
- public static uint operator %(FlexInt bi, uint ui)
- {
- return PrimitivesHelper.DwordMod(bi, (uint)ui);
- }
-
- public static FlexInt operator %(FlexInt bi1, FlexInt bi2)
- {
- return PrimitivesHelper.multiByteDivide(bi1, bi2)[1];
- }
-
- public static FlexInt operator /(FlexInt bi, int i)
- {
- if (i > 0)
- return PrimitivesHelper.DwordDiv(bi, (uint)i);
-
- throw new ArithmeticException(ERR_VALUEISNEGATIVE);
- }
-
- public static FlexInt operator /(FlexInt bi1, FlexInt bi2)
- {
- return PrimitivesHelper.multiByteDivide(bi1, bi2)[0];
- }
-
- public static FlexInt operator *(FlexInt bi1, FlexInt bi2)
- {
- if (bi1 == 0 || bi2 == 0) return 0;
-
- //
- // Validate pointers
- //
- if (bi1.data.Length < bi1.length) throw new IndexOutOfRangeException("bi1 out of range");
- if (bi2.data.Length < bi2.length) throw new IndexOutOfRangeException("bi2 out of range");
-
- FlexInt ret = new FlexInt(Sign.Positive, bi1.length + bi2.length);
-
- PrimitivesHelper.Multiply(bi1.data, 0, bi1.length, bi2.data, 0, bi2.length, ret.data, 0);
-
- ret.Normalize();
- return ret;
- }
-
- public static FlexInt operator <<(FlexInt bi1, int shiftVal)
- {
- return PrimitivesHelper.LeftShift(bi1, shiftVal);
- }
-
- public static FlexInt operator >>(FlexInt bi1, int shiftVal)
- {
- return PrimitivesHelper.RightShift(bi1, shiftVal);
- }
-
- #endregion
-
- #region Friendly names for operators
-
- // with names suggested by FxCop 1.30
-
- public static FlexInt Add(FlexInt bi1, FlexInt bi2)
- {
- return (bi1 + bi2);
- }
-
- public static FlexInt Subtract(FlexInt bi1, FlexInt bi2)
- {
- return (bi1 - bi2);
- }
-
- public static FlexInt Modulus(FlexInt bi1, FlexInt bi2)
- {
- return (bi1 % bi2);
- }
-
- public static FlexInt Divid(FlexInt bi1, FlexInt bi2)
- {
- return (bi1 / bi2);
- }
-
- public static FlexInt Multiply(FlexInt bi1, FlexInt bi2)
- {
- return (bi1 * bi2);
- }
-
- #endregion
-
- #region Bitwise
-
- public int BitCount()
- {
- this.Normalize();
-
- uint value = data[length - 1];
- uint mask = 0x80000000;
- uint bits = 32;
-
- while (bits > 0 && (value & mask) == 0)
- {
- bits--;
- mask >>= 1;
- }
- bits += ((length - 1) << 5);
-
- return (int)bits;
- }
-
- /// <summary>
- /// Tests if the specified bit is 1.
- /// </summary>
- /// <param name="bitNum">The bit to test. The least significant bit is 0.</param>
- /// <returns>True if bitNum is set to 1, else false.</returns>
- public bool TestBit(uint bitNum)
- {
- uint bytePos = bitNum >> 5; // divide by 32
- byte bitPos = (byte)(bitNum & 0x1F); // get the lowest 5 bits
-
- uint mask = (uint)1 << bitPos;
- return ((this.data[bytePos] & mask) != 0);
- }
-
- public bool TestBit(int bitNum)
- {
- if (bitNum < 0) throw new IndexOutOfRangeException("bitNum out of range");
-
- uint bytePos = (uint)bitNum >> 5; // divide by 32
- byte bitPos = (byte)(bitNum & 0x1F); // get the lowest 5 bits
-
- uint mask = (uint)1 << bitPos;
- return ((this.data[bytePos] | mask) == this.data[bytePos]);
- }
-
- public void SetBit(uint bitNum)
- {
- SetBit(bitNum, true);
- }
-
- public void ClearBit(uint bitNum)
- {
- SetBit(bitNum, false);
- }
-
- public void SetBit(uint bitNum, bool value)
- {
- uint bytePos = bitNum >> 5; // divide by 32
-
- if (bytePos < this.length)
- {
- uint mask = (uint)1 << (int)(bitNum & 0x1F);
- if (value)
- this.data[bytePos] |= mask;
- else
- this.data[bytePos] &= ~mask;
- }
- }
-
- public int LowestSetBit()
- {
- if (this == 0) return -1;
- int i = 0;
- while (!TestBit(i)) i++;
- return i;
- }
-
- public byte[] GetBytes()
- {
- if (this == 0) return new byte[1];
-
- int numBits = BitCount();
- int numBytes = numBits >> 3;
- if ((numBits & 0x7) != 0)
- numBytes++;
-
- byte[] result = new byte[numBytes];
-
- int numBytesInWord = numBytes & 0x3;
- if (numBytesInWord == 0) numBytesInWord = 4;
-
- int pos = 0;
- for (int i = (int)length - 1; i >= 0; i--)
- {
- uint val = data[i];
- for (int j = numBytesInWord - 1; j >= 0; j--)
- {
- result[pos + j] = (byte)(val & 0xFF);
- val >>= 8;
- }
- pos += numBytesInWord;
- numBytesInWord = 4;
- }
- return result;
- }
-
- #endregion
-
- #region Compare
-
- public static bool operator ==(FlexInt bi1, FlexInt bi2)
- {
- // we need to compare with null
- if ((bi1 as object) == (bi2 as object))
- return true;
- if (null == bi1 || null == bi2)
- return false;
- return PrimitivesHelper.Compare(bi1, bi2) == 0;
- }
-
- public static bool operator !=(FlexInt bi1, FlexInt bi2)
- {
- // we need to compare with null
- if ((bi1 as object) == (bi2 as object))
- return false;
- if (null == bi1 || null == bi2)
- return true;
- return PrimitivesHelper.Compare(bi1, bi2) != 0;
- }
-
- public static bool operator >(FlexInt bi1, FlexInt bi2)
- {
- return PrimitivesHelper.Compare(bi1, bi2) > 0;
- }
-
- public static bool operator <(FlexInt bi1, FlexInt bi2)
- {
- return PrimitivesHelper.Compare(bi1, bi2) < 0;
- }
-
- public static bool operator >=(FlexInt bi1, FlexInt bi2)
- {
- return PrimitivesHelper.Compare(bi1, bi2) >= 0;
- }
-
- public static bool operator <=(FlexInt bi1, FlexInt bi2)
- {
- return PrimitivesHelper.Compare(bi1, bi2) <= 0;
- }
-
- public Sign Compare(FlexInt bi)
- {
- return PrimitivesHelper.Compare(this, bi);
- }
-
- #endregion
-
- #region Formatting
-
- public string ToString(uint radix)
- {
- return ToString(radix, "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ");
- }
-
- public string ToString(uint radix, string characterSet)
- {
- if (characterSet.Length < radix)
- throw new ArgumentException("characterSet length is less than radix!", "characterSet");
- if (radix == 1)
- throw new ArgumentException("Radix '1' is not supported. Radix must be greater or equal '2'", "radix");
-
- if (this == 0) return "0";
- if (this == 1) return "1";
-
- string result = "";
-
- FlexInt a = new FlexInt(this);
-
- while (a != 0)
- {
- uint rem = PrimitivesHelper.SingleByteDivideInPlace(a, radix);
- result = characterSet[(int)rem] + result;
- }
-
- return result;
- }
-
- #endregion
-
- #region Misc
-
- /// <summary>
- /// Normalizes this by setting the length to the actual number of
- /// uints used in data and by setting the sign to Sign.Zero if the
- /// value of this is 0.
- /// </summary>
- private void Normalize()
- {
- // Normalize length
- while (length > 0 && data[length - 1] == 0) length--;
-
- // Check for zero
- if (length == 0)
- length++;
- }
-
- public void Clear()
- {
- for (int i = 0; i < length; i++)
- data[i] = 0x00;
- }
-
- #endregion
-
- #region Object Impl
-
- public override int GetHashCode()
- {
- uint val = 0;
-
- for (uint i = 0; i < this.length; i++)
- val ^= this.data[i];
-
- return (int)val;
- }
-
- public override string ToString()
- {
- return ToString(10);
- }
-
- public override bool Equals(object o)
- {
- if (o == null) return false;
- if (o is int) return (int)o >= 0 && this == (uint)o;
-
- return PrimitivesHelper.Compare(this, (FlexInt)o) == 0;
- }
-
- #endregion
-
- #region Number Theory
-
- public FlexInt ModPow(FlexInt exp, FlexInt n)
- {
- ModulusHelper mr = new ModulusHelper(n);
- return mr.Pow(this, exp);
- }
-
- #endregion
-
- public class ModulusHelper
- {
- FlexInt mod, constant;
-
- public ModulusHelper(FlexInt modulus)
- {
- this.mod = modulus;
-
- // calculate constant = b^ (2k) / m
- uint i = mod.length << 1;
-
- constant = new FlexInt(Sign.Positive, i + 1);
- constant.data[i] = 0x00000001;
-
- constant = constant / mod;
- }
-
- public void BarrettReduction(FlexInt x)
- {
- FlexInt n = mod;
- uint k = n.length,
- kPlusOne = k + 1,
- kMinusOne = k - 1;
-
- // x < mod, so nothing to do.
- if (x.length < k) return;
-
- FlexInt q3;
-
- //
- // Validate pointers
- //
- if (x.data.Length < x.length) throw new IndexOutOfRangeException("x out of range");
-
- // q1 = x / b^ (k-1)
- // q2 = q1 * constant
- // q3 = q2 / b^ (k+1), Needs to be accessed with an offset of kPlusOne
-
- // TODO: We should the method in HAC p 604 to do this (14.45)
- q3 = new FlexInt(Sign.Positive, x.length - kMinusOne + constant.length);
- PrimitivesHelper.Multiply(x.data, kMinusOne, x.length - kMinusOne, constant.data, 0, constant.length, q3.data, 0);
-
- // r1 = x mod b^ (k+1)
- // i.e. keep the lowest (k+1) words
-
- uint lengthToCopy = (x.length > kPlusOne) ? kPlusOne : x.length;
-
- x.length = lengthToCopy;
- x.Normalize();
-
- // r2 = (q3 * n) mod b^ (k+1)
- // partial multiplication of q3 and n
-
- FlexInt r2 = new FlexInt(Sign.Positive, kPlusOne);
- PrimitivesHelper.MultiplyMod2p32pmod(q3.data, (int)kPlusOne, (int)q3.length - (int)kPlusOne, n.data, 0, (int)n.length, r2.data, 0, (int)kPlusOne);
-
- r2.Normalize();
-
- if (r2 <= x)
- {
- PrimitivesHelper.MinusEq(x, r2);
- }
- else
- {
- FlexInt val = new FlexInt(Sign.Positive, kPlusOne + 1);
- val.data[kPlusOne] = 0x00000001;
-
- PrimitivesHelper.MinusEq(val, r2);
- PrimitivesHelper.PlusEq(x, val);
- }
-
- while (x >= n)
- PrimitivesHelper.MinusEq(x, n);
- }
-
- public FlexInt Multiply(FlexInt a, FlexInt b)
- {
- if (a == 0 || b == 0) return 0;
-
- if (a.length >= mod.length << 1)
- a %= mod;
-
- if (b.length >= mod.length << 1)
- b %= mod;
-
- if (a.length >= mod.length)
- BarrettReduction(a);
-
- if (b.length >= mod.length)
- BarrettReduction(b);
-
- FlexInt ret = new FlexInt(a * b);
- BarrettReduction(ret);
-
- return ret;
- }
-
- public FlexInt Difference(FlexInt a, FlexInt b)
- {
- Sign cmp = PrimitivesHelper.Compare(a, b);
- FlexInt diff;
-
- switch (cmp)
- {
- case Sign.Zero:
- return 0;
- case Sign.Positive:
- diff = a - b; break;
- case Sign.Negative:
- diff = b - a; break;
- default:
- throw new Exception();
- }
-
- if (diff >= mod)
- {
- if (diff.length >= mod.length << 1)
- diff %= mod;
- else
- BarrettReduction(diff);
- }
- if (cmp == Sign.Negative)
- diff = mod - diff;
- return diff;
- }
-
- public FlexInt Pow(FlexInt b, FlexInt exp)
- {
- if ((mod.data[0] & 1) == 1) return OddPow(b, exp);
- else return EvenPow(b, exp);
- }
-
- public FlexInt EvenPow(FlexInt b, FlexInt exp)
- {
- FlexInt resultNum = new FlexInt((FlexInt)1, mod.length << 1);
- FlexInt tempNum = new FlexInt(b % mod, mod.length << 1); // ensures (tempNum * tempNum) < b^ (2k)
-
- uint totalBits = (uint)exp.BitCount();
-
- uint[] wkspace = new uint[mod.length << 1];
-
- // perform squaring and multiply exponentiation
- for (uint pos = 0; pos < totalBits; pos++)
- {
- if (exp.TestBit(pos))
- {
-
- Array.Clear(wkspace, 0, wkspace.Length);
- PrimitivesHelper.Multiply(resultNum.data, 0, resultNum.length, tempNum.data, 0, tempNum.length, wkspace, 0);
- resultNum.length += tempNum.length;
- uint[] t = wkspace;
- wkspace = resultNum.data;
- resultNum.data = t;
-
- BarrettReduction(resultNum);
- }
-
- PrimitivesHelper.SquarePositive(tempNum, ref wkspace);
- BarrettReduction(tempNum);
-
- if (tempNum == 1)
- {
- return resultNum;
- }
- }
-
- return resultNum;
- }
-
- private FlexInt OddPow(FlexInt b, FlexInt exp)
- {
- FlexInt resultNum = new FlexInt(Montgomery.ToMont(1, mod), mod.length << 1);
- FlexInt tempNum = new FlexInt(Montgomery.ToMont(b, mod), mod.length << 1); // ensures (tempNum * tempNum) < b^ (2k)
- uint mPrime = Montgomery.Inverse(mod.data[0]);
- uint totalBits = (uint)exp.BitCount();
-
- uint[] wkspace = new uint[mod.length << 1];
-
- // perform squaring and multiply exponentiation
- for (uint pos = 0; pos < totalBits; pos++)
- {
- if (exp.TestBit(pos))
- {
-
- Array.Clear(wkspace, 0, wkspace.Length);
- PrimitivesHelper.Multiply(resultNum.data, 0, resultNum.length, tempNum.data, 0, tempNum.length, wkspace, 0);
- resultNum.length += tempNum.length;
- uint[] t = wkspace;
- wkspace = resultNum.data;
- resultNum.data = t;
-
- Montgomery.Reduce(resultNum, mod, mPrime);
- }
-
- PrimitivesHelper.SquarePositive(tempNum, ref wkspace);
- Montgomery.Reduce(tempNum, mod, mPrime);
- }
-
- Montgomery.Reduce(resultNum, mod, mPrime);
- return resultNum;
- }
-
- #region Pow Small Base
-
- public FlexInt Pow(uint b, FlexInt exp)
- {
- if ((mod.data[0] & 1) == 1)
- return OddPow(b, exp);
- else
- return EvenPow(b, exp);
- }
-
- private unsafe FlexInt OddPow(uint b, FlexInt exp)
- {
- exp.Normalize();
- uint[] wkspace = new uint[mod.length << 1 + 1];
-
- FlexInt resultNum = Montgomery.ToMont((FlexInt)b, this.mod);
- resultNum = new FlexInt(resultNum, mod.length << 1 + 1);
-
- uint mPrime = Montgomery.Inverse(mod.data[0]);
-
- uint pos = (uint)exp.BitCount() - 2;
-
- //
- // We know that the first itr will make the val b
- //
-
- do
- {
- //
- // r = r ^ 2 % m
- //
- PrimitivesHelper.SquarePositive(resultNum, ref wkspace);
- resultNum = Montgomery.Reduce(resultNum, mod, mPrime);
-
- if (exp.TestBit(pos))
- {
-
- //
- // r = r * b % m
- //
-
- fixed (uint* u = resultNum.data)
- {
-
- uint i = 0;
- ulong mc = 0;
-
- do
- {
- mc += (ulong)u[i] * (ulong)b;
- u[i] = (uint)mc;
- mc >>= 32;
- } while (++i < resultNum.length);
-
- if (resultNum.length < mod.length)
- {
- if (mc != 0)
- {
- u[i] = (uint)mc;
- resultNum.length++;
- while (resultNum >= mod)
- PrimitivesHelper.MinusEq(resultNum, mod);
- }
- }
- else if (mc != 0)
- {
-
- //
- // First, we estimate the quotient by dividing
- // the first part of each of the numbers. Then
- // we correct this, if necessary, with a subtraction.
- //
-
- uint cc = (uint)mc;
-
- // We would rather have this estimate overshoot,
- // so we add one to the divisor
- uint divEstimate;
- if (mod.data[mod.length - 1] < UInt32.MaxValue)
- {
- divEstimate = (uint)((((ulong)cc << 32) | (ulong)u[i - 1]) /
- (mod.data[mod.length - 1] + 1));
- }
- else
- {
- // guess but don't divide by 0
- divEstimate = (uint)((((ulong)cc << 32) | (ulong)u[i - 1]) /
- (mod.data[mod.length - 1]));
- }
-
- uint t;
-
- i = 0;
- mc = 0;
- do
- {
- mc += (ulong)mod.data[i] * (ulong)divEstimate;
- t = u[i];
- u[i] -= (uint)mc;
- mc >>= 32;
- if (u[i] > t) mc++;
- i++;
- } while (i < resultNum.length);
- cc -= (uint)mc;
-
- if (cc != 0)
- {
-
- uint sc = 0, j = 0;
- uint[] s = mod.data;
- do
- {
- uint a = s[j];
- if (((a += sc) < sc) | ((u[j] -= a) > ~a)) sc = 1;
- else sc = 0;
- j++;
- } while (j < resultNum.length);
- cc -= sc;
- }
- while (resultNum >= mod)
- PrimitivesHelper.MinusEq(resultNum, mod);
- }
- else
- {
- while (resultNum >= mod)
- PrimitivesHelper.MinusEq(resultNum, mod);
- }
- }
- }
- } while (pos-- > 0);
-
- resultNum = Montgomery.Reduce(resultNum, mod, mPrime);
- return resultNum;
-
- }
-
- private unsafe FlexInt EvenPow(uint b, FlexInt exp)
- {
- exp.Normalize();
- uint[] wkspace = new uint[mod.length << 1 + 1];
- FlexInt resultNum = new FlexInt((FlexInt)b, mod.length << 1 + 1);
-
- uint pos = (uint)exp.BitCount() - 2;
-
- //
- // We know that the first itr will make the val b
- //
-
- do
- {
- //
- // r = r ^ 2 % m
- //
- PrimitivesHelper.SquarePositive(resultNum, ref wkspace);
- if (!(resultNum.length < mod.length))
- BarrettReduction(resultNum);
-
- if (exp.TestBit(pos))
- {
-
- //
- // r = r * b % m
- //
-
- fixed (uint* u = resultNum.data)
- {
-
- uint i = 0;
- ulong mc = 0;
-
- do
- {
- mc += (ulong)u[i] * (ulong)b;
- u[i] = (uint)mc;
- mc >>= 32;
- } while (++i < resultNum.length);
-
- if (resultNum.length < mod.length)
- {
- if (mc != 0)
- {
- u[i] = (uint)mc;
- resultNum.length++;
- while (resultNum >= mod)
- PrimitivesHelper.MinusEq(resultNum, mod);
- }
- }
- else if (mc != 0)
- {
-
- //
- // First, we estimate the quotient by dividing
- // the first part of each of the numbers. Then
- // we correct this, if necessary, with a subtraction.
- //
-
- uint cc = (uint)mc;
-
- // We would rather have this estimate overshoot,
- // so we add one to the divisor
- uint divEstimate = (uint)((((ulong)cc << 32) | (ulong)u[i - 1]) /
- (mod.data[mod.length - 1] + 1));
-
- uint t;
-
- i = 0;
- mc = 0;
- do
- {
- mc += (ulong)mod.data[i] * (ulong)divEstimate;
- t = u[i];
- u[i] -= (uint)mc;
- mc >>= 32;
- if (u[i] > t) mc++;
- i++;
- } while (i < resultNum.length);
- cc -= (uint)mc;
-
- if (cc != 0)
- {
-
- uint sc = 0, j = 0;
- uint[] s = mod.data;
- do
- {
- uint a = s[j];
- if (((a += sc) < sc) | ((u[j] -= a) > ~a)) sc = 1;
- else sc = 0;
- j++;
- } while (j < resultNum.length);
- cc -= sc;
- }
- while (resultNum >= mod)
- PrimitivesHelper.MinusEq(resultNum, mod);
- }
- else
- {
- while (resultNum >= mod)
- PrimitivesHelper.MinusEq(resultNum, mod);
- }
- }
- }
- } while (pos-- > 0);
-
- return resultNum;
- }
-
- #endregion
- }
-
- public class Montgomery
- {
-
- private Montgomery()
- {
- }
-
- public static uint Inverse(uint n)
- {
- uint y = n, z;
-
- while ((z = n * y) != 1)
- y *= 2 - z;
-
- return (uint)-y;
- }
-
- public static FlexInt ToMont(FlexInt n, FlexInt m)
- {
- n.Normalize(); m.Normalize();
-
- n <<= (int)m.length * 32;
- n %= m;
- return n;
- }
-
- public static unsafe FlexInt Reduce(FlexInt n, FlexInt m, uint mPrime)
- {
- FlexInt A = n;
- fixed (uint* a = A.data, mm = m.data)
- {
- for (uint i = 0; i < m.length; i++)
- {
- // The mod here is taken care of by the CPU,
- // since the multiply will overflow.
- uint u_i = a[0] * mPrime /* % 2^32 */;
-
- //
- // A += u_i * m;
- // A >>= 32
- //
-
- // mP = Position in mod
- // aSP = the source of bits from a
- // aDP = destination for bits
- uint* mP = mm, aSP = a, aDP = a;
-
- ulong c = (ulong)u_i * ((ulong)*(mP++)) + *(aSP++);
- c >>= 32;
- uint j = 1;
-
- // Multiply and add
- for (; j < m.length; j++)
- {
- c += (ulong)u_i * (ulong)*(mP++) + *(aSP++);
- *(aDP++) = (uint)c;
- c >>= 32;
- }
-
- // Account for carry
- // TODO: use a better loop here, we dont need the ulong stuff
- for (; j < A.length; j++)
- {
- c += *(aSP++);
- *(aDP++) = (uint)c;
- c >>= 32;
- if (c == 0) { j++; break; }
- }
- // Copy the rest
- for (; j < A.length; j++)
- {
- *(aDP++) = *(aSP++);
- }
-
- *(aDP++) = (uint)c;
- }
-
- while (A.length > 1 && a[A.length - 1] == 0) A.length--;
-
- }
- if (A >= m) PrimitivesHelper.MinusEq(A, m);
-
- return A;
- }
- }
-
- /// <summary>
- /// Low level functions for the FlexInt
- /// </summary>
- private sealed class PrimitivesHelper
- {
-
- #region Addition/Subtraction
-
- /// <summary>
- /// Adds two numbers with the same sign.
- /// </summary>
- /// <param name="bi1">A FlexInt</param>
- /// <param name="bi2">A FlexInt</param>
- /// <returns>bi1 + bi2</returns>
- public static FlexInt AddSameSign(FlexInt bi1, FlexInt bi2)
- {
- uint[] x, y;
- uint yMax, xMax, i = 0;
-
- // x should be bigger
- if (bi1.length < bi2.length)
- {
- x = bi2.data;
- xMax = bi2.length;
- y = bi1.data;
- yMax = bi1.length;
- }
- else
- {
- x = bi1.data;
- xMax = bi1.length;
- y = bi2.data;
- yMax = bi2.length;
- }
-
- FlexInt result = new FlexInt(Sign.Positive, xMax + 1);
-
- uint[] r = result.data;
-
- ulong sum = 0;
-
- // Add common parts of both numbers
- do
- {
- sum = ((ulong)x[i]) + ((ulong)y[i]) + sum;
- r[i] = (uint)sum;
- sum >>= 32;
- } while (++i < yMax);
-
- // Copy remainder of longer number while carry propagation is required
- bool carry = (sum != 0);
-
- if (carry)
- {
-
- if (i < xMax)
- {
- do
- carry = ((r[i] = x[i] + 1) == 0);
- while (++i < xMax && carry);
- }
-
- if (carry)
- {
- r[i] = 1;
- result.length = ++i;
- return result;
- }
- }
-
- // Copy the rest
- if (i < xMax)
- {
- do
- r[i] = x[i];
- while (++i < xMax);
- }
-
- result.Normalize();
- return result;
- }
-
- public static FlexInt Subtract(FlexInt big, FlexInt small)
- {
- FlexInt result = new FlexInt(Sign.Positive, big.length);
-
- uint[] r = result.data, b = big.data, s = small.data;
- uint i = 0, c = 0;
-
- do
- {
-
- uint x = s[i];
- if (((x += c) < c) | ((r[i] = b[i] - x) > ~x))
- c = 1;
- else
- c = 0;
-
- } while (++i < small.length);
-
- if (i == big.length) goto fixup;
-
- if (c == 1)
- {
- do
- r[i] = b[i] - 1;
- while (b[i++] == 0 && i < big.length);
-
- if (i == big.length) goto fixup;
- }
-
- do
- r[i] = b[i];
- while (++i < big.length);
-
- fixup:
-
- result.Normalize();
- return result;
- }
-
- public static void MinusEq(FlexInt big, FlexInt small)
- {
- uint[] b = big.data, s = small.data;
- uint i = 0, c = 0;
-
- do
- {
- uint x = s[i];
- if (((x += c) < c) | ((b[i] -= x) > ~x))
- c = 1;
- else
- c = 0;
- } while (++i < small.length);
-
- if (i == big.length) goto fixup;
-
- if (c == 1)
- {
- do
- b[i]--;
- while (b[i++] == 0 && i < big.length);
- }
-
- fixup:
-
- // Normalize length
- while (big.length > 0 && big.data[big.length - 1] == 0) big.length--;
-
- // Check for zero
- if (big.length == 0)
- big.length++;
-
- }
-
- public static void PlusEq(FlexInt bi1, FlexInt bi2)
- {
- uint[] x, y;
- uint yMax, xMax, i = 0;
- bool flag = false;
-
- // x should be bigger
- if (bi1.length < bi2.length)
- {
- flag = true;
- x = bi2.data;
- xMax = bi2.length;
- y = bi1.data;
- yMax = bi1.length;
- }
- else
- {
- x = bi1.data;
- xMax = bi1.length;
- y = bi2.data;
- yMax = bi2.length;
- }
-
- uint[] r = bi1.data;
-
- ulong sum = 0;
-
- // Add common parts of both numbers
- do
- {
- sum += ((ulong)x[i]) + ((ulong)y[i]);
- r[i] = (uint)sum;
- sum >>= 32;
- } while (++i < yMax);
-
- // Copy remainder of longer number while carry propagation is required
- bool carry = (sum != 0);
-
- if (carry)
- {
-
- if (i < xMax)
- {
- do
- carry = ((r[i] = x[i] + 1) == 0);
- while (++i < xMax && carry);
- }
-
- if (carry)
- {
- r[i] = 1;
- bi1.length = ++i;
- return;
- }
- }
-
- // Copy the rest
- if (flag && i < xMax - 1)
- {
- do
- r[i] = x[i];
- while (++i < xMax);
- }
-
- bi1.length = xMax + 1;
- bi1.Normalize();
- }
-
- #endregion
-
- #region Compare
-
- /// <summary>
- /// Compares two FlexInt
- /// </summary>
- /// <param name="bi1">A FlexInt</param>
- /// <param name="bi2">A FlexInt</param>
- /// <returns>The sign of bi1 - bi2</returns>
- public static Sign Compare(FlexInt bi1, FlexInt bi2)
- {
- //
- // Step 1. Compare the lengths
- //
- uint l1 = bi1.length, l2 = bi2.length;
-
- while (l1 > 0 && bi1.data[l1 - 1] == 0) l1--;
- while (l2 > 0 && bi2.data[l2 - 1] == 0) l2--;
-
- if (l1 == 0 && l2 == 0) return Sign.Zero;
-
- // bi1 len < bi2 len
- if (l1 < l2) return Sign.Negative;
- // bi1 len > bi2 len
- else if (l1 > l2) return Sign.Positive;
-
- //
- // Step 2. Compare the bits
- //
-
- uint pos = l1 - 1;
-
- while (pos != 0 && bi1.data[pos] == bi2.data[pos]) pos--;
-
- if (bi1.data[pos] < bi2.data[pos])
- return Sign.Negative;
- else if (bi1.data[pos] > bi2.data[pos])
- return Sign.Positive;
- else
- return Sign.Zero;
- }
-
- #endregion
-
- #region Division
-
- #region Dword
-
- /// <summary>
- /// Performs n / d and n % d in one operation.
- /// </summary>
- /// <param name="n">A FlexInt, upon exit this will hold n / d</param>
- /// <param name="d">The divisor</param>
- /// <returns>n % d</returns>
- public static uint SingleByteDivideInPlace(FlexInt n, uint d)
- {
- ulong r = 0;
- uint i = n.length;
-
- while (i-- > 0)
- {
- r <<= 32;
- r |= n.data[i];
- n.data[i] = (uint)(r / d);
- r %= d;
- }
- n.Normalize();
-
- return (uint)r;
- }
-
- public static uint Dword…
Large files files are truncated, but you can click here to view the full file