Beispiel #1
0
// p256FromBig sets out = R*in.
func p256FromBig(out *[p256Limbs]uint32, in *big.Int) {
	tmp := new(big.Int).Lsh(in, 257)
	tmp.Mod(tmp, p256.P)

	for i := 0; i < p256Limbs; i++ {
		if bits := tmp.Bits(); len(bits) > 0 {
			out[i] = uint32(bits[0]) & bottom29Bits
		} else {
			out[i] = 0
		}
		tmp.Rsh(tmp, 29)

		i++
		if i == p256Limbs {
			break
		}

		if bits := tmp.Bits(); len(bits) > 0 {
			out[i] = uint32(bits[0]) & bottom28Bits
		} else {
			out[i] = 0
		}
		tmp.Rsh(tmp, 28)
	}
}
Beispiel #2
0
func BigAbsCmp(x, y big.Int) int {
	// SetBits sets to |v|, thus giving an absolute comparison.
	var x0, y0 big.Int
	x0.SetBits(x.Bits())
	y0.SetBits(y.Bits())
	return x0.Cmp(&y0)
}
Beispiel #3
0
func CountInt(x *big.Int) int {
	total := 0
	for _, w := range x.Bits() {
		total += Count64(uint64(w))
	}
	return total
}
Beispiel #4
0
// SmallPrimeTest determins if N is a small prime
// or divisible by a small prime.
func SmallPrimeTest(N *big.Int) int {
	if N.Sign() <= 0 {
		panic("SmallPrimeTest for positive integers only")
	}
	if N.BitLen() <= 10 {
		n := uint16(N.Uint64())
		i := sort.Search(len(primes10), func(i int) bool {
			return primes10[i] >= n
		})
		if i >= len(primes10) || n != primes10[i] {
			return IsComposite
		}
		return IsPrime
	}
	// quick test for N even
	if N.Bits()[0]&1 == 0 {
		return IsComposite
	}
	// compare several small gcds for efficency
	z := new(big.Int)
	if z.GCD(nil, nil, N, prodPrimes10A).Cmp(one) == 1 {
		return IsComposite
	}
	if z.GCD(nil, nil, N, prodPrimes10B).Cmp(one) == 1 {
		return IsComposite
	}
	if z.GCD(nil, nil, N, prodPrimes10C).Cmp(one) == 1 {
		return IsComposite
	}
	if z.GCD(nil, nil, N, prodPrimes10D).Cmp(one) == 1 {
		return IsComposite
	}
	return Undetermined
}
Beispiel #5
0
// Bytes returns the bytes for the absolute value of x in little-
// endian binary representation; x must be an Int.
func Bytes(x Value) []byte {
	var val *big.Int
	switch x := x.(type) {
	case int64Val:
		val = new(big.Int).SetInt64(int64(x))
	case intVal:
		val = x.val
	default:
		panic(fmt.Sprintf("%v not an Int", x))
	}

	words := val.Bits()
	bytes := make([]byte, len(words)*wordSize)

	i := 0
	for _, w := range words {
		for j := 0; j < wordSize; j++ {
			bytes[i] = byte(w)
			w >>= 8
			i++
		}
	}
	// remove leading 0's
	for i > 0 && bytes[i-1] == 0 {
		i--
	}

	return bytes[:i]
}
Beispiel #6
0
// BigInt sets all bytes in the passed big int to zero and then sets the
// value to 0.  This differs from simply setting the value in that it
// specifically clears the underlying bytes whereas simply setting the value
// does not.  This is mostly useful to forcefully clear private keys.
func BigInt(x *big.Int) {
	b := x.Bits()
	for i := range b {
		b[i] = 0
	}
	x.SetInt64(0)
}
Beispiel #7
0
// TrailingZerosBig returns the number of trailing 0 bits in v.
//
// If v is 0, it returns 0.
func TrailingZerosBig(v *big.Int) int {
	for i, b := range v.Bits() {
		if b != 0 {
			return i*wordBits + tzw(b)
		}
	}
	return 0
}
Beispiel #8
0
// TrailingOnesBig returns the number of trailing 1 bits in v.
func TrailingOnesBig(v *big.Int) int {
	words := v.Bits()
	for i, b := range words {
		if b != ^big.Word(0) {
			return i*wordBits + tzw(^b)
		}
	}
	return len(words) * wordBits
}
Beispiel #9
0
// BigInt sets all bytes in the passed big int to zero and then sets the
// value to 0.  This differs from simply setting the value in that it
// specifically clears the underlying bytes whereas simply setting the value
// does not.  This is mostly useful to forcefully clear private keys.
func BigInt(x *big.Int) {
	b := x.Bits()
	z := [16]big.Word{}
	n := uint(copy(b, z[:]))
	for n < uint(len(b)) {
		copy(b[n:], b[:n])
		n <<= 1
	}
	x.SetInt64(0)
}
Beispiel #10
0
func big2scalar(out *[4]C.ulonglong, in *big.Int) error {
	b := in.Bits()
	if len(b) > 4 {
		return fmt.Errorf("big.Int needs %d words, cannot be converted to scalar_t", len(b))
	}
	for i, w := range b {
		out[i] = C.ulonglong(w)
	}
	return nil
}
Beispiel #11
0
// reads num into buf as big-endian bytes.
func readBits(buf []byte, num *big.Int) {
	const wordLen = int(unsafe.Sizeof(big.Word(0)))
	i := len(buf)
	for _, d := range num.Bits() {
		for j := 0; j < wordLen && i > 0; j++ {
			i--
			buf[i] = byte(d)
			d >>= 8
		}
	}
}
Beispiel #12
0
// Uint64FromBigInt returns (uint64 value of n, true) if 0 <= n <=
// math.MaxUint64.  Otherwise it returns  (undefined value, false).
//
// NOTE: This function is DEPRECATED with Go release 1.1 and will be REMOVED
// with Go release 1.1+1, b/c of
// http://code.google.com/p/go/source/detail?r=954a79ee3ea8
func Uint64FromBigInt(n *big.Int) (uint64, bool) {
	switch bits := n.BitLen(); {
	case bits == 0:
		return 0, true
	case n.Sign() < 0 || bits > 64:
		return 0, false
	case bits <= UintptrBits():
		return uint64(n.Bits()[0]), true
	default:
		b := n.Bits()
		return uint64(b[1])<<uint(uintptrBits) | uint64(b[0]), true
	}
}
Beispiel #13
0
func big2scalar(out *[4]C.ulonglong, in *big.Int) error {
	b := in.Bits()
	if len(b) > 8 {
		return fmt.Errorf("big.Int needs %d words, cannot be converted to scalar_t", len(b))
	}
	max := len(b) >> 1
	for i := 0; i < max; i++ {
		out[i] = C.ulonglong(b[i<<1]) | (C.ulonglong(b[i<<1+1]) << 32)
	}
	if len(b)&0x1 == 1 {
		out[max] = C.ulonglong(b[len(b)-1])
	}
	return nil
}
Beispiel #14
0
func TestBigInt(t *testing.T) {
	tests := []string{
		// 16 0xFFFFFFFF 32-bit uintptrs
		strings.Repeat("FFFFFFFF", 16),

		// 17 32-bit uintptrs, minimum value which enters loop on 32-bit
		"01" + strings.Repeat("00000000", 16),

		// 32 0xFFFFFFFF 32-bit uintptrs, maximum value which enters loop exactly once on 32-bit
		strings.Repeat("FFFFFFFF", 32),

		// 33 32-bit uintptrs, minimum value which enters loop twice on 32-bit
		"01" + strings.Repeat("00000000", 32),

		// 16 0xFFFFFFFFFFFFFFFF 64-bit uintptrs
		strings.Repeat("FFFFFFFFFFFFFFFF", 16),

		// 17 64-bit uintptrs, minimum value which enters loop on 64-bit
		"01" + strings.Repeat("0000000000000000", 16),

		// 32 0xFFFFFFFFFFFFFFFF 64-bit uintptrs, maximum value which enters loop exactly once on 64-bit
		strings.Repeat("FFFFFFFFFFFFFFFF", 32),

		// 33 64-bit uintptrs, minimum value which enters loop twice on 64-bit
		"01" + strings.Repeat("0000000000000000", 32),
	}

	for i, s := range tests {
		v, ok := new(big.Int).SetString(s, 16)
		if !ok {
			t.Errorf("Test %d includes invalid hex number %s", i, s)
			continue
		}

		BigInt(v)
		err := checkZeroWords(v.Bits())
		if err != nil {
			t.Errorf("Test %d (s=%s) failed: %v", i, s, err)
			continue
		}
		if v.Cmp(bigZero) != 0 {
			t.Errorf("Test %d (s=%s) zeroed big.Int represents non-zero number %v", i, s, v)
			continue
		}
	}
}
Beispiel #15
0
// fromBig converts a *big.Int into a format used by this code.
func fromBig(out []uint64, big *big.Int) {
	for i := range out {
		out[i] = 0
	}

	for i, v := range big.Bits() {
		out[i] = uint64(v)
	}
}
Beispiel #16
0
// XXX: I don't like this code. I _think_ it matches BN_ext_count_low_zero_bits
// in the C++ exactfloat.cc version. Needs more testing.
func count_low_zero_bits(bn *big.Int) int {
	count := 0
	words := bn.Bits()
	for i := 0; i < len(words); i++ {
		if words[i] == 0 {
			count += 64 //8 * int(unsafe.Sizeof(&words[i]))
		} else {
			for j := 0; j < bn.BitLen(); j++ {
				if bn.Bit(j) == 0 {
					count++
				} else {
					break
				}
			}
			break
		}
	}
	return count
}
Beispiel #17
0
// BigToCompact converts a whole number N to a compact representation using
// an unsigned 32-bit number.  The compact representation only provides 23 bits
// of precision, so values larger than (2^23 - 1) only encode the most
// significant digits of the number.  See CompactToBig for details.
func BigToCompact(n *big.Int) uint32 {
	// No need to do any work if it's zero.
	if n.Sign() == 0 {
		return 0
	}

	// Since the base for the exponent is 256, the exponent can be treated
	// as the number of bytes.  So, shift the number right or left
	// accordingly.  This is equivalent to:
	// mantissa = mantissa / 256^(exponent-3)
	var mantissa uint32
	exponent := uint(len(n.Bytes()))
	if exponent <= 3 {
		mantissa = uint32(n.Bits()[0])
		mantissa <<= 8 * (3 - exponent)
	} else {
		// Use a copy to avoid modifying the caller's original number.
		tn := new(big.Int).Set(n)
		mantissa = uint32(tn.Rsh(tn, 8*(exponent-3)).Bits()[0])
	}

	// When the mantissa already has the sign bit set, the number is too
	// large to fit into the available 23-bits, so divide the number by 256
	// and increment the exponent accordingly.
	if mantissa&0x00800000 != 0 {
		mantissa >>= 8
		exponent++
	}

	// Pack the exponent, sign bit, and mantissa into an unsigned 32-bit
	// int and return it.
	compact := uint32(exponent<<24) | mantissa
	if n.Sign() < 0 {
		compact |= 0x00800000
	}
	return compact
}
Beispiel #18
0
// Compute the Jacobi symbol of (x/y) using Euclid's algorithm.
// This is usually much faster modular multiplication via Euler's criterion.
func Jacobi(x, y *big.Int) int {

	// We use the formulation described in chapter 2, section 2.4,
	// "The Yacas Book of Algorithms":
	// http://yacas.sourceforge.net/Algo.book.pdf

	var a, b, c big.Int
	a.Set(x)
	b.Set(y)
	j := 1
	for {
		if a.Cmp(zero) == 0 {
			return 0
		}
		if b.Cmp(one) == 0 {
			return j
		}
		a.Mod(&a, &b)

		// Handle factors of 2 in a
		s := 0
		for a.Bit(s) == 0 {
			s++
		}
		if s&1 != 0 {
			bmod8 := b.Bits()[0] & 7
			if bmod8 == 3 || bmod8 == 5 {
				j = -j
			}
		}
		c.Rsh(&a, uint(s)) // a = 2^s*c

		// Swap numerator and denominator
		if b.Bits()[0]&3 == 3 && c.Bits()[0]&3 == 3 {
			j = -j
		}
		a.Set(&b)
		b.Set(&c)
	}
}
Beispiel #19
0
// PopCountBigInt returns population count of |n| (number of bits set in |n|).
func PopCountBigInt(n *big.Int) (r int) {
	for _, v := range n.Bits() {
		r += PopCountUintptr(uintptr(v))
	}
	return
}
Beispiel #20
0
// JacobiSymbol returns the jacobi symbol ( N / D ) of
// N (numerator) over D (denominator).
// See http://en.wikipedia.org/wiki/Jacobi_symbol
func JacobiSymbol(N *big.Int, D *big.Int) int {
	//Step 0: parse input / easy cases
	if D.Sign() <= 0 || D.Bit(0) == 0 {
		// we will assume D is positive
		// wolfram is ok with negative denominator
		// im not sure what is standard though
		panic("JacobiSymbol defined for positive odd denominator only")
	}
	var n, d, tmp big.Int
	n.Set(N)
	d.Set(D)
	j := 1
	for {
		// Step 1: Reduce the numerator mod the denominator
		n.Mod(&n, &d)
		if n.Sign() == 0 {
			// if n,d not relatively prime
			return 0
		}
		if len(n.Bits()) >= len(d.Bits())-1 {
			// n > d/2 so swap n with d-n
			// and multiply j by JacobiSymbol(-1 / d)
			n.Sub(&d, &n)
			if d.Bits()[0]&3 == 3 {
				// if d = 3 mod 4
				j = -1 * j
			}
		}

		// Step 2: extract factors of 2
		s := trailingZeroBits(&n)
		n.Rsh(&n, s)
		if s&1 == 1 {
			switch d.Bits()[0] & 7 {
			case 3, 5: // d = 3,5 mod 8
				j = -1 * j
			}
		}

		// Step 3: check numerator
		if len(n.Bits()) == 1 && n.Bits()[0] == 1 {
			// if n = 1 were done
			return j
		}

		// Step 4: flip and go back to step 1
		if n.Bits()[0]&3 != 1 { // n = 3 mod 4
			if d.Bits()[0]&3 != 1 { // d = 3 mod 4
				j = -1 * j
			}
		}
		tmp.Set(&n)
		n.Set(&d)
		d.Set(&tmp)
	}
}
Beispiel #21
0
func toA(x *big.Int) (r BigIntArray) {
	for i, v := range x.Bits() {
		r[i] = v
	}
	return
}
Beispiel #22
0
// PreallocInt preallocates 128-bits of storage for an existing
// big.Int value. Will not perform the pre-allocation if the given
// pointer is nil, or if the storage has already been allocated.
//
// This function serves very little purpose as it provides no benefits
// whatsoever, and is only included for completeness.
func PreallocInt(i *big.Int) {
	var mem [pS]big.Word
	if i != nil && cap(i.Bits()) == 0 {
		i.SetBits(mem[0:0])
	}
}
Beispiel #23
0
func BigAbs(x *big.Int) *big.Int {
	m := make([]big.Word, len(x.Bits()))
	copy(m, x.Bits())
	return new(big.Int).SetBits(m)
}
Beispiel #24
0
func cmpBigAbs(x, y big.Int) int {
	// SetBits sets the absolute value, thus causing an absolute comparison.
	x0 := new(big.Int).SetBits(x.Bits())
	y0 := new(big.Int).SetBits(y.Bits())
	return x0.Cmp(y0)
}
Beispiel #25
0
// bigAbsAlias returns a big.Int set to |x| whose inner slices
// alias each other. Do not use unless the return value will not be
// modified.
func bigAbsAlias(x *big.Int) *big.Int {
	return new(big.Int).SetBits(x.Bits())
}