// bigIntToNetIPv6 is a helper function that correctly returns a net.IP with the // correctly padded values. func bigIntToNetIPv6(bi *big.Int) *net.IP { x := make(net.IP, IPv6len) ipv6Bytes := bi.Bytes() // It's possibe for ipv6Bytes to be less than IPv6len bytes in size. If // they are different sizes we to pad the size of response. if len(ipv6Bytes) < IPv6len { buf := new(bytes.Buffer) buf.Grow(IPv6len) for i := len(ipv6Bytes); i < IPv6len; i++ { if err := binary.Write(buf, binary.BigEndian, byte(0)); err != nil { panic(fmt.Sprintf("Unable to pad byte %d of input %v: %v", i, bi, err)) } } for _, b := range ipv6Bytes { if err := binary.Write(buf, binary.BigEndian, b); err != nil { panic(fmt.Sprintf("Unable to preserve endianness of input %v: %v", bi, err)) } } ipv6Bytes = buf.Bytes() } i := copy(x, ipv6Bytes) if i != IPv6len { panic("IPv6 wrong size") } return &x }
// Creates a new STS session, ready to initiate or accept key exchanges. The group/generator pair defines the // cyclic group on which STS will operate. cipher and bits are used during the authentication token's symmetric // encryption, whilst hash is needed during RSA signing. func New(random io.Reader, group, generator *big.Int, cipher func([]byte) (cipher.Block, error), bits int, hash crypto.Hash) (*Session, error) { // Generate a random secret exponent expbits := group.BitLen() secret := make([]byte, (expbits+7)/8) n, err := io.ReadFull(random, secret) if n != len(secret) || err != nil { return nil, err } // Clear top bits if non-power was requested clear := uint(expbits % 8) if clear == 0 { clear = 8 } secret[0] &= uint8(int(1<<clear) - 1) exp := new(big.Int).SetBytes(secret) ses := new(Session) ses.group = group ses.generator = generator ses.exponent = exp ses.hash = hash ses.crypter = cipher ses.keybits = bits return ses, nil }
// BigIntToEncodedBytes converts a big integer into its corresponding // 32 byte little endian representation. func BigIntToEncodedBytes(a *big.Int) *[32]byte { s := new([32]byte) if a == nil { return s } // Caveat: a can be longer than 32 bytes. aB := a.Bytes() // If we have a short byte string, expand // it so that it's long enough. aBLen := len(aB) if aBLen < fieldIntSize { diff := fieldIntSize - aBLen for i := 0; i < diff; i++ { aB = append([]byte{0x00}, aB...) } } for i := 0; i < fieldIntSize; i++ { s[i] = aB[i] } // Reverse the byte string --> little endian after // encoding. reverse(s) return s }
// parseECPrivateKey parses an ASN.1 Elliptic Curve Private Key Structure. // The OID for the named curve may be provided from another source (such as // the PKCS8 container) - if it is provided then use this instead of the OID // that may exist in the EC private key structure. func parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte) (key *ecdsa.PrivateKey, err error) { var privKey ecPrivateKey if _, err := asn1.Unmarshal(der, &privKey); err != nil { return nil, errors.New("x509: failed to parse EC private key: " + err.Error()) } if privKey.Version != ecPrivKeyVersion { return nil, fmt.Errorf("x509: unknown EC private key version %d", privKey.Version) } var curve elliptic.Curve if namedCurveOID != nil { curve = namedCurveFromOID(*namedCurveOID) } else { curve = namedCurveFromOID(privKey.NamedCurveOID) } if curve == nil { return nil, errors.New("x509: unknown elliptic curve") } k := new(big.Int).SetBytes(privKey.PrivateKey) if k.Cmp(curve.Params().N) >= 0 { return nil, errors.New("x509: invalid elliptic curve private key value") } priv := new(ecdsa.PrivateKey) priv.Curve = curve priv.D = k priv.X, priv.Y = curve.ScalarBaseMult(privKey.PrivateKey) return priv, nil }
func factor2(n *big.Int) int { // could be improved for large factors f := 0 for ; n.Bit(f) == 0; f++ { } return f }
func factorial(x *big.Int) *big.Int { n := big.NewInt(1) if x.Cmp(big.NewInt(0)) == 0 { return n } return n.Mul(x, factorial(n.Sub(x, n))) }
// returns a formatted MIP mapped key by adding prefix, canonical number and level // // ex. fn(98, 1000) = (prefix || 1000 || 0) func mipmapKey(num, level uint64) []byte { lkey := make([]byte, 8) binary.BigEndian.PutUint64(lkey, level) key := new(big.Int).SetUint64(num / level * level) return append(mipmapPre, append(lkey, key.Bytes()...)...) }
// Big max // // Returns the maximum size big integer func BigMax(x, y *big.Int) *big.Int { if x.Cmp(y) < 0 { return y } return x }
func getWorkPackage(difficulty *big.Int) string { if currWork == nil { return getErrorResponse("Current work unavailable") } // Our response object response := &ResponseArray{ Id: currWork.Id, Jsonrpc: currWork.Jsonrpc, Result: currWork.Result[:], } // Calculte requested difficulty diff := new(big.Int).Div(pow256, difficulty) diffBytes := string(common.ToHex(diff.Bytes())) // Adjust the difficulty for the miner response.Result[2] = diffBytes // Convert respone object to JSON b, _ := json.Marshal(response) return string(b) }
func main() { out, _ := os.Create("485.out") defer out.Close() for !done { var one big.Int one.SetInt64(1) p = append(p, one) l := len(p) fmt.Fprint(out, &p[l-1]) for i := l - 2; i > 0; i-- { p[i].Add(&p[i], &p[i-1]) fmt.Fprintf(out, " %v", &p[i]) s = fmt.Sprint(&p[i]) if len(s) > MAX { done = true break } } if !done && l > 1 { fmt.Fprintf(out, " %v", &p[0]) } fmt.Fprintln(out) } }
// baseCheck checks for any stack error underflows func baseCheck(op OpCode, stack *stack, gas *big.Int) error { // PUSH and DUP are a bit special. They all cost the same but we do want to have checking on stack push limit // PUSH is also allowed to calculate the same price for all PUSHes // DUP requirements are handled elsewhere (except for the stack limit check) if op >= PUSH1 && op <= PUSH32 { op = PUSH1 } if op >= DUP1 && op <= DUP16 { op = DUP1 } if r, ok := _baseCheck[op]; ok { err := stack.require(r.stackPop) if err != nil { return err } if r.stackPush > 0 && stack.len()-r.stackPop+r.stackPush > int(params.StackLimit.Int64()) { return fmt.Errorf("stack limit reached %d (%d)", stack.len(), params.StackLimit.Int64()) } gas.Add(gas, r.gas) } return nil }
func bigAdd(IntSlice []big.Int) *big.Int { var sum *big.Int = big.NewInt(0) for i := 0; i < len(IntSlice); i++ { sum.Add(sum, &IntSlice[i]) } return sum }
func (v *Value) String() string { if v.IsZero() { return "0" } if v.Native && v.IsScientific() { value := strconv.FormatUint(v.Num, 10) offset := strconv.FormatInt(v.Offset, 10) if v.Negative { return "-" + value + "e" + offset } return value + "e" + offset } value := big.NewInt(int64(v.Num)) if v.Negative { value.Neg(value) } var offset *big.Int if v.Native { offset = big.NewInt(-6) } else { offset = big.NewInt(v.Offset) } exp := offset.Exp(bigTen, offset.Neg(offset), nil) rat := big.NewRat(0, 1).SetFrac(value, exp) left := rat.FloatString(0) if rat.IsInt() { return left } length := len(left) if v.Negative { length -= 1 } return strings.TrimRight(rat.FloatString(32-length), "0") }
func (c *StateObject) GetInstr(pc *big.Int) *common.Value { if int64(len(c.code)-1) < pc.Int64() { return common.NewValue(0) } return common.NewValueFromBytes([]byte{c.code[pc.Int64()]}) }
func (p *PrivateKeys) addRemoteKey(remote []byte, clientPacket []byte, serverPacket []byte) SharedKeys { remote_be := new(big.Int) remote_be.SetBytes(remote) shared_key := powm(remote_be, p.privateKey, p.prime) data := make([]byte, 0, 100) mac := hmac.New(sha1.New, shared_key.Bytes()) for i := 1; i < 6; i++ { mac.Write(clientPacket) mac.Write(serverPacket) mac.Write([]byte{uint8(i)}) data = append(data, mac.Sum(nil)...) mac.Reset() } mac = hmac.New(sha1.New, data[0:0x14]) mac.Write(clientPacket) mac.Write(serverPacket) return SharedKeys{ challenge: mac.Sum(nil), sendKey: data[0x14:0x34], recvKey: data[0x34:0x54], } }
func SumOfBigIntDigits(n *big.Int) int64 { sum := int64(0) for _, v := range n.String() { sum += int64(RuneToInt(v)) } return sum }
// CompactToBig converts a compact representation of a whole number N to an // unsigned 32-bit number. The representation is similar to IEEE754 floating // point numbers. // // Like IEEE754 floating point, there are three basic components: the sign, // the exponent, and the mantissa. They are broken out as follows: // // * the most significant 8 bits represent the unsigned base 256 exponent // * bit 23 (the 24th bit) represents the sign bit // * the least significant 23 bits represent the mantissa // // ------------------------------------------------- // | Exponent | Sign | Mantissa | // ------------------------------------------------- // | 8 bits [31-24] | 1 bit [23] | 23 bits [22-00] | // ------------------------------------------------- // // The formula to calculate N is: // N = (-1^sign) * mantissa * 256^(exponent-3) // // This compact form is only used in bitcoin to encode unsigned 256-bit numbers // which represent difficulty targets, thus there really is not a need for a // sign bit, but it is implemented here to stay consistent with bitcoind. func CompactToBig(compact uint32) *big.Int { // Extract the mantissa, sign bit, and exponent. mantissa := compact & 0x007fffff isNegative := compact&0x00800000 != 0 exponent := uint(compact >> 24) // Since the base for the exponent is 256, the exponent can be treated // as the number of bytes to represent the full 256-bit number. So, // treat the exponent as the number of bytes and shift the mantissa // right or left accordingly. This is equivalent to: // N = mantissa * 256^(exponent-3) var bn *big.Int if exponent <= 3 { mantissa >>= 8 * (3 - exponent) bn = big.NewInt(int64(mantissa)) } else { bn = big.NewInt(int64(mantissa)) bn.Lsh(bn, 8*(exponent-3)) } // Make it negative if the sign bit is set. if isNegative { bn = bn.Neg(bn) } return bn }
func TestDecodeBigNumber(t *testing.T) { var value big.Int value.SetUint64(^uint64(0)) value.Mul(&value, big.NewInt(32)) b := bytes.Buffer{} e := NewEncoder(&b) err := e.Encode(value) if err != nil { t.Fatal(err) } t.Log(hex.Dump(b.Bytes())) d := NewDecoder(&b) found, err := d.DecodeNext() if err != nil { t.Fatal(err) } i := found.(big.Int) if i.Cmp(&value) != 0 { t.Fatalf("expected %v but %v found", value, found) } }
// Big min // // Returns the minimum size big integer func BigMin(x, y *big.Int) *big.Int { if x.Cmp(y) > 0 { return y } return x }
// GenNV generates the signature blind/nonce. Copied from src/crypto/elliptic/elliptic.go GenerateKey func (curve Curve) GenNV() (nv []byte, err error) { var mask = []byte{0xff, 0x1, 0x3, 0x7, 0xf, 0x1f, 0x3f, 0x7f} var x *big.Int var loopcount int bitSize := curve.Curve.Params().BitSize byteLen := (bitSize + 7) >> 3 nv = make([]byte, byteLen) for x == nil { if loopcount > MaxLoopCount { return nil, ErrMaxLoop } loopcount++ _, err = io.ReadFull(curve.Rand, nv) if err != nil { return } // We have to mask off any excess bits in the case that the size of the // underlying field is not a whole number of bytes. nv[0] &= mask[bitSize%8] // This is because, in tests, rand will return all zeros and we don't // want to get the point at infinity and loop forever. nv[1] ^= 0x42 x, _ = curve.Curve.ScalarBaseMult(nv) if x.Cmp(big.NewInt(0)) == 0 { // This cannot really happen ever x = nil } } return }
// Precompute performs some calculations that speed up private key operations // in the future. func (priv *PrivateKey) Precompute() { if priv.Precomputed.Dp != nil { return } priv.Precomputed.Dp = new(big.Int).Sub(priv.Primes[0], bigOne) priv.Precomputed.Dp.Mod(priv.D, priv.Precomputed.Dp) priv.Precomputed.Dq = new(big.Int).Sub(priv.Primes[1], bigOne) priv.Precomputed.Dq.Mod(priv.D, priv.Precomputed.Dq) priv.Precomputed.Qinv = new(big.Int).ModInverse(priv.Primes[1], priv.Primes[0]) r := new(big.Int).Mul(priv.Primes[0], priv.Primes[1]) priv.Precomputed.CRTValues = make([]CRTValue, len(priv.Primes)-2) for i := 2; i < len(priv.Primes); i++ { prime := priv.Primes[i] values := &priv.Precomputed.CRTValues[i-2] values.Exp = new(big.Int).Sub(prime, bigOne) values.Exp.Mod(priv.D, values.Exp) values.R = new(big.Int).Set(r) values.Coeff = new(big.Int).ModInverse(r, prime) r.Mul(r, prime) } }
// Base58Encode encodes a byte slice to a modified base58 string. func Base58Encode(b []byte, alphabet string) string { x := new(big.Int) x.SetBytes(b) answer := make([]byte, 0) for x.Cmp(bigZero) > 0 { mod := new(big.Int) x.DivMod(x, bigRadix, mod) answer = append(answer, alphabet[mod.Int64()]) } // leading zero bytes for _, i := range b { if i != 0 { break } answer = append(answer, alphabet[0]) } // reverse alen := len(answer) for i := 0; i < alen/2; i++ { answer[i], answer[alen-1-i] = answer[alen-1-i], answer[i] } return string(answer) }
func (ka *dheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { var q *big.Int if p := config.Bugs.DHGroupPrime; p != nil { ka.p = p ka.g = big.NewInt(2) q = p } else { // 2048-bit MODP Group with 256-bit Prime Order Subgroup (RFC // 5114, Section 2.3) ka.p, _ = new(big.Int).SetString("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597", 16) ka.g, _ = new(big.Int).SetString("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659", 16) q, _ = new(big.Int).SetString("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3", 16) } var err error ka.xOurs, err = rand.Int(config.rand(), q) if err != nil { return nil, err } yOurs := new(big.Int).Exp(ka.g, ka.xOurs, ka.p) // http://tools.ietf.org/html/rfc5246#section-7.4.3 pBytes := ka.p.Bytes() gBytes := ka.g.Bytes() yBytes := yOurs.Bytes() serverDHParams := make([]byte, 0, 2+len(pBytes)+2+len(gBytes)+2+len(yBytes)) serverDHParams = append(serverDHParams, byte(len(pBytes)>>8), byte(len(pBytes))) serverDHParams = append(serverDHParams, pBytes...) serverDHParams = append(serverDHParams, byte(len(gBytes)>>8), byte(len(gBytes))) serverDHParams = append(serverDHParams, gBytes...) serverDHParams = append(serverDHParams, byte(len(yBytes)>>8), byte(len(yBytes))) serverDHParams = append(serverDHParams, yBytes...) return ka.auth.signParameters(config, cert, clientHello, hello, serverDHParams) }
// decBigInt2C sets the value of n to the big-endian two's complement // value stored in the given data. If data[0]&80 != 0, the number // is negative. If data is empty, the result will be 0. func decBigInt2C(data []byte) *big.Int { n := new(big.Int).SetBytes(data) if len(data) > 0 && data[0]&0x80 > 0 { n.Sub(n, new(big.Int).Lsh(bigOne, uint(len(data))*8)) } return n }
func (calc Calculator) threeValueCalculation(a, b, c *big.Int, operator string) *big.Int { switch operator { case "&": return a.Exp(a, b, c) } return nil }
// number = int_lit [ "p" int_lit ] . // func (p *gcParser) parseNumber() Const { // mantissa sign, val := p.parseInt() mant, ok := new(big.Int).SetString(sign+val, 10) assert(ok) if p.lit == "p" { // exponent (base 2) p.next() sign, val = p.parseInt() exp64, err := strconv.ParseUint(val, 10, 0) if err != nil { p.error(err) } exp := uint(exp64) if sign == "-" { denom := big.NewInt(1) denom.Lsh(denom, exp) return Const{new(big.Rat).SetFrac(mant, denom)} } if exp > 0 { mant.Lsh(mant, exp) } return Const{new(big.Rat).SetInt(mant)} } return Const{mant} }
// mulBigPow10 returns 10 * x ^ n func mulBigPow10(x *big.Int, n int64) *big.Int { if x.Sign() == 0 || n <= 0 { return x } b := bigPow10(n) return new(big.Int).Mul(x, &b) }
// Sign signs an arbitrary length hash (which should be the result of hashing a // larger message) using the private key, priv. It returns the signature as a // pair of integers. The security of the private key depends on the entropy of // rand. func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error) { // See [NSA] 3.4.1 c := priv.PublicKey.Curve N := c.Params().N var k, kInv *big.Int for { for { k, err = randFieldElement(c, rand) if err != nil { r = nil return } kInv = new(big.Int).ModInverse(k, N) r, _ = priv.Curve.ScalarBaseMult(k.Bytes()) r.Mod(r, N) if r.Sign() != 0 { break } } e := hashToInt(hash, c) s = new(big.Int).Mul(priv.D, r) s.Add(s, e) s.Mul(s, kInv) s.Mod(s, N) if s.Sign() != 0 { break } } return }
// Implements the heat.Callback.Dead method, monitoring the death events of // topic member nodes. func (o *Overlay) Dead(id *big.Int) { // Split the id into topic and node parts topic := new(big.Int).Rsh(id, uint(config.PastrySpace)) node := new(big.Int).Sub(id, new(big.Int).Lsh(topic, uint(config.PastrySpace))) log.Printf("scribe: %v topic member death report: %v.", o.pastry.Self(), node) o.lock.RLock() top, ok := o.topics[topic.String()] o.lock.RUnlock() if !ok { log.Printf("scribe: topic %v already dead.", topic) return } // Depending on whether it was the topic parent or a child reown or unsub parent := top.Parent() if parent != nil && parent.Cmp(node) == 0 { // Make sure it's out of the heartbeat mechanism if err := o.heart.Unmonitor(id); err != nil { log.Printf("scribe: failed to unmonitor dead parent: %v.", err) } // Reassign topic rendes-vous point top.Reown(nil) } else { if err := o.handleUnsubscribe(node, topic); err != nil { log.Printf("scribe: failed to unsubscribe dead node: %v.", err) } } }
func SumOfBigInts(nums []*big.Int) *big.Int { var sum *big.Int = big.NewInt(0) for _, i := range nums { sum.Add(sum, i) } return sum }