rw.cpp

含有多种公开密钥算法、多种块加密、多种数据流加密、多种HASH函数、多种CheckSum校验、多种MAC校验等几十种加密算法的程序

/*************************************************
* Rabin-Williams Source File                     *
* (C) 1999-2002 The Botan Project                *
*************************************************/

#include <botan/rw.h>
#include <botan/numthry.h>

namespace Botan {

/*************************************************
* RW_PublicKey Constructor                       *
*************************************************/
RW_PublicKey::RW_PublicKey(const BigInt& mod, const BigInt& exp) :
   n(mod), e(exp), powermod_e_n(e, n)
   {
   if(e < 2 || e % 2 == 1)
      throw Invalid_Argument("RW_PublicKey: Invalid exponent");
   if(n < 21 || n % 2 == 0)
      throw Invalid_Argument("RW_PublicKey: Invalid modulus");
   }

/*************************************************
* Rabin-Williams Verification Function           *
*************************************************/
SecureVector<byte> RW_PublicKey::verify(const byte in[], u32bit len) const
   {
   BigInt temp(in, len);
   return encode(public_op(temp));
   }

/*************************************************
* Rabin-Williams Public Operation                *
*************************************************/
BigInt RW_PublicKey::public_op(const BigInt& i) const
   {
   if(i > n / 2 || i.is_negative())
      throw Invalid_Argument("Rabin-Williams::public_op: i > n / 2 || i < 0");

   BigInt t1 = powermod_e_n(i);
   if(t1 % 16 == 12)
      return t1;
   if(t1 % 8 == 6)
      return 2*t1;

   BigInt t2 = n - t1;
   if(t2 % 16 == 12)
      return t2;
   if(t2 % 8 == 6)
      return 2*t2;

   throw Invalid_Argument("Rabin-Williams::public_op: Invalid input");
   }

/*************************************************
* RW_PrivateKey Constructor                      *
*************************************************/
RW_PrivateKey::RW_PrivateKey(const BigInt& prime1, const BigInt& prime2,
                             const BigInt& exp, const BigInt& d_exp,
                             const BigInt& modulus)
   {
   if(exp.is_zero() || exp.is_odd())
      throw Invalid_Argument("RW_PrivateKey: Exponent is invalid");

   e = exp;
   p = prime1;
   q = prime2;
   n = (!modulus) ? p * q : modulus;
   d = (!d_exp) ? inverse_mod(e, lcm(p - 1, q - 1) / 2) : d_exp;
   precompute();
   }

/*************************************************
* Create a Rabin-Williams Key                    *
*************************************************/
RW_PrivateKey::RW_PrivateKey(u32bit bits, const BigInt& exp)
   {
   if(bits < 64)
      throw Invalid_Argument("Rabin-Williams: Can't make a key that is only " +
                             to_string(bits) + " bits long");
   if(exp < 2 || exp.is_odd())
      throw Invalid_Argument("Rabin-Williams: Invalid exponent");

   e = exp;
   do
      p = random_prime((bits + 1) / 2, e / 2);
   while(p % 8 != 3);
   do
      q = random_prime(bits - p.bits(), e / 2);
   while(q % 8 != 7);

   n = p * q;
   d = inverse_mod(e, lcm(p - 1, q - 1) / 2);

   precompute();
   }

/*************************************************
* Rabin-Williams Signature Operation             *
*************************************************/
SecureVector<byte> RW_PrivateKey::sign(const byte in[], u32bit len) const
   {
   BigInt temp(in, len);
   return encode(private_op(temp));
   }

/*************************************************
* IF Scheme Private Key Operation                *
*************************************************/
BigInt RW_PrivateKey::if_key_private_op(const BigInt& i) const
   {
   BigInt j1 = powermod_d1_p(i);
   BigInt j2 = powermod_d2_q(i);
   BigInt h = powermod_d1_p.reduce(sub_mul(j1, j2, c));
   return mul_add(h, q, j2);
   }

/*************************************************
* Rabin-Williams Private Key Operation           *
*************************************************/
BigInt RW_PrivateKey::private_op(const BigInt& i) const
   {
   if(i >= n || i.is_negative())
      throw Invalid_Argument("Rabin-Williams::private_op: i >= n || i < 0");
   if(i % 16 != 12)
      throw Invalid_Argument("Rabin-Williams::public_op: i % 16 != 12");

   BigInt t;
   if(jacobi(i, n) == 1)
      t = if_key_private_op(i);
   else
      t = if_key_private_op(i / 2);

   return std::min(t, n - t);
   }

/*************************************************
* Rabin-Williams precomputation                  *
*************************************************/
void RW_PrivateKey::precompute()
   {
   d1 = d % (p - 1);
   d2 = d % (q - 1);
   c = inverse_mod(q, p);
   powermod_d1_p = FixedExponent_Exp(d1, p);
   powermod_d2_q = FixedExponent_Exp(d2, q);
   if(!powermod_e_n.get_exponent())
      powermod_e_n = FixedExponent_Exp(e, n);
   }

/*************************************************
* Check Private Rabin-Williams Parameters        *
*************************************************/
bool RW_PrivateKey::check_params() const
   {
   if(!is_prime(p) || !is_prime(q))
      return false;
   if(p * q != n)
      return false;
   if((e * d) % (lcm(p - 1, q - 1) / 2) != 1)
      return false;
   if(gcd(e, ((p - 1) * (q - 1)) / 4) != 1)
      return false;
   return true;
   }

}