aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--aes.cpp33
-rw-r--r--aes.h2
-rw-r--r--base64.cpp13
-rw-r--r--bigint.cpp110
-rw-r--r--envelope.cpp31
-rw-r--r--gf28.cpp2
-rw-r--r--numalgo.cpp8
-rw-r--r--primes.cpp22
-rw-r--r--rng.cpp3
-rw-r--r--rsa.cpp2
10 files changed, 37 insertions, 189 deletions
diff --git a/aes.cpp b/aes.cpp
index 7048b17..29fc7fc 100644
--- a/aes.cpp
+++ b/aes.cpp
@@ -145,13 +145,11 @@ namespace AES{
addRoundKey(state,keysched);
for(int round=0;round<numrounds-1;round++){
- //cout<<"round["<<setw(2)<<setfill(' ')<<round+1<<"].start "; printstate(state);
subBytes(state);
shiftRows(state);
mixColumns(state);
addRoundKey(state,keysched+16*(round+1));
}
- //cout<<"round["<<setw(2)<<setfill(' ')<<numrounds<<"].start "; printstate(state);
subBytes(state);
shiftRows(state);
addRoundKey(state,keysched+16*numrounds);
@@ -162,13 +160,11 @@ namespace AES{
addRoundKey(state,keysched+16*numrounds);
for(int round=numrounds-2;round>=0;round--){
- //cout<<"round["<<setw(2)<<setfill(' ')<<round+1<<"].start "; printstate(state);
invShiftRows(state);
invSubBytes(state);
addRoundKey(state,keysched+16*(round+1));
invMixColumns(state);
}
- //cout<<"round["<<setw(2)<<setfill(' ')<<numrounds<<"].start "; printstate(state);
invShiftRows(state);
invSubBytes(state);
addRoundKey(state,keysched);
@@ -256,33 +252,4 @@ namespace AES{
return decryptCBC(data,key,10+2*increment);
}
- void test(){
- #if 0
- // Test encryption
- initTables();
- const int numrounds=10;
- uint8_t keysched[16*(numrounds+1)];
- uint8_t plaintext[16]={0x32,0x43,0xf6,0xa8,0x88,0x5a,0x30,0x8d,0x31,0x31,0x98,0xa2,0xe0,0x37,0x07,0x34};
- const int keylen=4;
- uint8_t key[4*keylen]={0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c};
- keyExpand(keysched,key,keylen,numrounds);
- uint8_t dest[16];
- encryptBlock(dest,keysched,plaintext,numrounds);
- printstate(dest);
- #endif
- #if 1
- // Test decryption
- initTables();
- const int numrounds=14;
- uint8_t keysched[16*(numrounds+1)];
- uint8_t plaintext[16]={0x8e,0xa2,0xb7,0xca,0x51,0x67,0x45,0xbf,0xea,0xfc,0x49,0x90,0x4b,0x49,0x60,0x89};
- const int keylen=8;
- uint8_t key[4*keylen]={0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f};
- keyExpand(keysched,key,keylen,numrounds);
- uint8_t dest[16];
- decryptBlock(dest,keysched,plaintext,numrounds);
- printstate(dest);
- #endif
- }
-
}
diff --git a/aes.h b/aes.h
index 0532a62..f531395 100644
--- a/aes.h
+++ b/aes.h
@@ -15,6 +15,4 @@ namespace AES{
//throws invalid_argument for an invalid ciphertext (length not a multiple of block size, or padding malformed)
std::string decrypt(const std::string &data,const std::string &key,Algorithm algo);
- void test();
-
}
diff --git a/base64.cpp b/base64.cpp
index 80640f2..7e0524a 100644
--- a/base64.cpp
+++ b/base64.cpp
@@ -1,3 +1,4 @@
+#include <cstdint>
#include "base64.h"
using namespace std;
@@ -25,7 +26,7 @@ namespace Base64{
string res(4*blocks+4*(sz%3!=0),'\0');
int x;
for(int i=0;i<blocks;i++){
- x=((unsigned char)data[3*i]<<16)|((unsigned char)data[3*i+1]<<8)|(unsigned char)data[3*i+2];
+ x=((uint8_t)data[3*i]<<16)|((uint8_t)data[3*i+1]<<8)|(uint8_t)data[3*i+2];
res[4*i+3]=alphabet[x&0x3f]; x>>=6;
res[4*i+2]=alphabet[x&0x3f]; x>>=6;
res[4*i+1]=alphabet[x&0x3f]; x>>=6;
@@ -33,16 +34,16 @@ namespace Base64{
}
switch(sz%3){
case 1:
- res[4*blocks+0]=alphabet[(unsigned char)data[3*blocks]>>2];
- res[4*blocks+1]=alphabet[((unsigned char)data[3*blocks]&0x3)<<4];
+ res[4*blocks+0]=alphabet[(uint8_t)data[3*blocks]>>2];
+ res[4*blocks+1]=alphabet[((uint8_t)data[3*blocks]&0x3)<<4];
res[4*blocks+2]='=';
res[4*blocks+3]='=';
break;
case 2:
- res[4*blocks+0]=alphabet[(unsigned char)data[3*blocks]>>2];
- res[4*blocks+1]=alphabet[(((unsigned char)data[3*blocks]&0x3)<<4)|((unsigned char)data[3*blocks+1]>>4)];
- res[4*blocks+2]=alphabet[(((unsigned char)data[3*blocks+1]&0xf)<<2)];
+ res[4*blocks+0]=alphabet[(uint8_t)data[3*blocks]>>2];
+ res[4*blocks+1]=alphabet[(((uint8_t)data[3*blocks]&0x3)<<4)|((uint8_t)data[3*blocks+1]>>4)];
+ res[4*blocks+2]=alphabet[(((uint8_t)data[3*blocks+1]&0xf)<<2)];
res[4*blocks+3]='=';
break;
}
diff --git a/bigint.cpp b/bigint.cpp
index 3a36f12..a9763dd 100644
--- a/bigint.cpp
+++ b/bigint.cpp
@@ -63,7 +63,6 @@ void Bigint::add(Bigint &a,const Bigint &b){
longdigit_t bdig=i<(int)b.digits.size()?b.digits[i]:0;
longdigit_t sum=a.digits[i]+bdig+carry;
a.digits[i]=sum;
- // carry=sum>=((longdigit_t)1<<digit_bits);
carry=sum>>digit_bits;
}
if(carry)a.digits.push_back(1);
@@ -88,12 +87,10 @@ void Bigint::subtract(Bigint &a,const Bigint &b){
digit_t adig=a.digits[i];
digit_t bdig=i<(int)b.digits.size()?b.digits[i]:0;
digit_t res=adig-(bdig+carry);
- // cerr<<"carry="<<carry<<" res="<<res<<" adig="<<adig<<" bdig="<<bdig<<endl;
carry=(bdig||carry)&&res>=adig;
a.digits[i]=res;
}
if(carry){
- // cerr<<"2s complement"<<endl;
//we do a fake 2s complement, sort of
carry=0;
for(int i=0;i<sz;i++){
@@ -120,14 +117,12 @@ Bigint Bigint::product(const Bigint &a,const Bigint &b){
longdigit_t newd=pr+res.digits[i+j]; //this always fits, I checked
res.digits[i+j]=(digit_t)newd;
carry=newd>>digit_bits;
- // cerr<<"carry="<<carry<<endl;
}
for(int j=bsz;carry;j++){
assert(i+j<(int)res.digits.size());
longdigit_t newd=res.digits[i+j]+carry;
res.digits[i+j]=newd;
carry=newd>>digit_bits;
- // cerr<<"(2) carry="<<carry<<endl;
}
}
res.sign=a.sign*b.sign;
@@ -322,63 +317,24 @@ Bigint Bigint::operator>>(int sh) const {
return Bigint(*this)>>=sh;
}
-int depthrecord;
-
pair<Bigint,Bigint> Bigint::divmod(const Bigint &div) const {
// cerr<<"divmod("<<hex<<*this<<','<<div<<dec<<')'<<endl;
int bitcdiff=bitcount()-div.bitcount();
if(bitcdiff<0)bitcdiff=0;
- pair<Bigint,Bigint> res=divmod(div,1,bitcdiff/29+10);
- //cerr<<hex<<*this<<' '<<div<<' ';
- //cerr<<dec<<depthrecord<<endl;
- //cerr<<" -> "<<hex<<res.first<<' '<<res.second<<dec<<endl;
- return res;
-}
-
-inline void record(int depth){
- depthrecord=depth;
+ return divmod(div,1,bitcdiff/29+10);
}
pair<Bigint,Bigint> Bigint::divmod(const Bigint &div,int depth,int maxdepth) const {
if(depth>maxdepth)assert(false);
// cerr<<"divmod("<<hex<<*this<<','<<div<<dec<<") depth="<<depth<<" maxdepth="<<maxdepth<<endl;
if(div.digits.size()==0)throw domain_error("Bigint divide by zero");
- if(digits.size()==0){record(depth); return make_pair(Bigint::zero,Bigint::zero);}
+ if(digits.size()==0)return make_pair(Bigint::zero,Bigint::zero);
int cmp=compareAbs(div);
- if(cmp==0){record(depth); return make_pair(Bigint(sign*div.sign),Bigint::zero);}
- if(cmp<0){record(depth); return make_pair(Bigint::zero,*this);}
+ if(cmp==0)return make_pair(Bigint(sign*div.sign),Bigint::zero);
+ if(cmp<0)return make_pair(Bigint::zero,*this);
//now *this is greater in magnitude than the divisor
-#if 0
- int twoexp=bitcount()-div.bitcount();
- if(twoexp<0)twoexp=0;
- Bigint quotient(sign*div.sign);
- quotient<<=twoexp;
- Bigint guess(div); //guess == quotient * div
- guess<<=twoexp;
- //cerr<<"guess="<<hex<<guess<<endl;
- //twoexp now becomes irrelevant
-#else
-#if 0
- Bigint guess,quotient;
- if(digits.size()==div.digits.size()){
- quotient=digits.back()/div.digits.back();
- quotient.sign=sign*div.sign;
- guess=quotient;
- guess*=div;
- } else {
- assert(digits.size()>div.digits.size());
- assert(digits.size()>=2&&div.digits.size()>=1);
- longdigit_t factor=((longdigit_t)1<<digit_bits)*digits.back()+digits[digits.size()-2];
- factor/=div.digits.back()+1;
- quotient=factor;
- quotient<<=(digits.size()-1-div.digits.size())*digit_bits;
- quotient.sign=sign*div.sign;
- guess=quotient*div;
- }
- cerr<<"guess="<<hex<<guess<<" quotient="<<quotient<<dec<<endl;
-#else
int thisbtc=bitcount(),divbtc=div.bitcount();
assert(divbtc<=thisbtc);
Bigint quotient,guess;
@@ -386,80 +342,47 @@ pair<Bigint,Bigint> Bigint::divmod(const Bigint &div,int depth,int maxdepth) con
//simple integral division
longdigit_t thisnum=(digits.size()==2?((longdigit_t)1<<digit_bits)*digits[1]:0)+digits[0];
longdigit_t divnum=(div.digits.size()==2?((longdigit_t)1<<digit_bits)*div.digits[1]:0)+div.digits[0];
- if(divnum==1){record(depth); return make_pair(*this,Bigint::zero);}
- record(depth); return make_pair(
+ if(divnum==1)return make_pair(*this,Bigint::zero);
+ return make_pair(
Bigint(sign*div.sign*(slongdigit_t)(thisnum/divnum)),
Bigint(sign*div.sign*(slongdigit_t)(thisnum%divnum)));
} else if(divbtc>=digit_bits){ //the large case
//take 2 digits of *this and 1 digit of div; quotient gives a good guess
int spill=__builtin_clz(digits.back());
- //cerr<<"spill="<<spill<<endl;
longdigit_t thishead2=((longdigit_t)digits.back()<<(spill+digit_bits))|((longdigit_t)digits[digits.size()-2]<<spill);
if(spill>0)thishead2|=digits[digits.size()-3]>>(digit_bits-spill);
- //cerr<<"thishead2="<<hex<<thishead2<<dec<<endl;
longdigit_t divhead=((longdigit_t)div.digits.back()<<digit_bits)|div.digits[div.digits.size()-2];
divhead>>=digit_bits-__builtin_clz(div.digits.back());
- //cerr<<"divhead="<<hex<<divhead<<dec<<endl;
longdigit_t factor=thishead2/(divhead+1); //+1 to make sure the quotient guess is <= the actual quotient
- // cerr<<"factor="<<factor<<" thishead2="<<thishead2<<" divhead="<<divhead<<endl;
quotient=factor;
quotient<<=thisbtc-digit_bits-divbtc; //shift amount may be negative if thisbtc and divbtc are less than digit_bits apart
if(quotient==0)quotient=1; //prevents against (HUGE+1)/HUGE where HUGE==HUGE
quotient.sign=sign*div.sign;
guess=quotient*div;
- // cerr<<"quotient = "<<hex<<quotient<<dec<<endl;
- // cerr<<"guess = "<<hex<<guess<<dec<<endl;
} else { //divbtc<digit_bits, but *this is large
//take 2 digits of *this and all of div
int spill=__builtin_clz(digits.back());
longdigit_t thishead2=((longdigit_t)digits.back()<<(spill+digit_bits))|((longdigit_t)digits[digits.size()-2]<<spill);
if(spill>0)thishead2|=digits[digits.size()-3]>>(digit_bits-spill);
longdigit_t factor=thishead2/div.digits[0];
- //cerr<<"factor="<<factor<<endl;
quotient=factor;
quotient<<=thisbtc-2*digit_bits;
quotient.sign=sign*div.sign;
- //cerr<<"quotient="<<hex<<quotient<<dec<<endl;
guess=quotient*div;
- //cerr<<"guess= "<<hex<<guess<<dec<<endl;
}
- //cerr<<"guess= "<<hex<<guess<<" quotient="<<quotient<<dec<<endl;
-#endif
-#endif
+
+ //Now actually subtract out our guess
cmp=guess.compareAbs(*this);
+ assert(cmp<=0); //we specifically made our guessed quotient to be <= the actual quotient
if(cmp<0){
- /*Bigint guess2(guess);
- while(true){
- guess2<<=1;
- int cmp=guess2.compareAbs(*this);
- if(cmp>0)break;
- guess<<=1;
- quotient<<=1;
- if(cmp==0){record(depth); return make_pair(quotient,Bigint::zero);}
- }*/
Bigint rest(*this);
rest-=guess; //also correct for *this and guess negative
pair<Bigint,Bigint> dm=rest.divmod(div,depth+1,maxdepth);
dm.first+=quotient;
return dm;
+ } else { //then cmp==0
+ return make_pair(quotient,Bigint::zero);
}
- if(cmp==0){record(depth); return make_pair(quotient,Bigint::zero);}
- //then cmp>0, so our guess is too large
- do {
- if(quotient.digits[0]&1){
- guess-=div;
- // quotient-=Bigint::one; // not necessary, since we shift the bit out anyway
- }
- guess>>=1;
- quotient>>=1;
- cmp=guess.compareAbs(*this);
- } while(cmp>0);
- if(cmp==0){record(depth); return make_pair(quotient,Bigint::zero);}
- Bigint rest(*this);
- rest-=guess;
- pair<Bigint,Bigint> dm=rest.divmod(div,depth+1,maxdepth);
- dm.first+=quotient;
- return dm;
}
bool Bigint::operator==(const Bigint &o) const {return compare(o)==0;}
@@ -619,7 +542,6 @@ istream& operator>>(istream &is,Bigint &b){
if(!is)break;
b*=ten;
b+=c-'0';
- // cerr<<"b="<<b<<endl;
}
if(!acted)is.setstate(ios_base::failbit);
b.normalise();
@@ -641,14 +563,7 @@ std::ostream& operator<<(std::ostream &os,Bigint b){
}
return os;
}
-#if 0
- assert(b.digits.size()<=2);
- if(b.sign==-1)os<<'-';
- if(b.digits.size()==2)os<<((uint64_t)b.digits[1]<<32)+b.digits[0];
- else if(b.digits.size()==1)os<<b.digits[0];
- else os<<'0';
- return os;
-#else
+
if(b==0)return os<<'0';
Bigint div((int64_t)1000000000000000000LL);
vector<Bigint::longdigit_t> outbuf;
@@ -667,5 +582,4 @@ std::ostream& operator<<(std::ostream &os,Bigint b){
(i==(int)outbuf.size()-1?os:os<<setfill('0')<<setw(18))<<outbuf[i];
}
return os;
-#endif
}
diff --git a/envelope.cpp b/envelope.cpp
index 9bb011e..4674121 100644
--- a/envelope.cpp
+++ b/envelope.cpp
@@ -24,28 +24,25 @@ namespace Envelope{
do {
for(int i=0;i<keylen;i++)*(uint32_t*)&key[4*i]=crng.get();
} while(!safeKey(key));
- //cerr<<"WARNING: using predetermined envelope key"<<endl;
- //key="kaasKAASkaasKAAShalloHALLOhallo!";
-
- cerr<<"decrkey="<<Base64::encode(key)<<endl;
+ // cerr<<"decrkey="<<Base64::encode(key)<<endl;
string payload(AES::encrypt(data,key,AES::AES_256_CBC));
- cerr<<"payload="<<Base64::encode(payload)<<endl;
+ // cerr<<"payload="<<Base64::encode(payload)<<endl;
Bigint rsadata;
for(int i=0;i<(int)key.size();i++){
if(i!=0)rsadata<<=8;
rsadata+=(uint8_t)key[i];
}
- cerr<<"rsadata="<<rsadata<<endl;
- // cerr<<"We encrypt:"<<endl<<" "<<rsadata<<endl;
+ // cerr<<"rsadata="<<rsadata<<endl;
Bigint res(RSA::encrypt(rsadata,pubkey));
- // cerr<<"to:"<<endl<<" "<<res<<endl;
+
vector<uint8_t> bytes; //bytes in little-endian order
while(res!=0){
bytes.push_back(res.lowdigits()&0xff);
res>>=8;
}
- cerr<<"encrkey="<<Base64::encode(string(bytes.rbegin(),bytes.rend()))<<endl;
+ // cerr<<"encrkey="<<Base64::encode(string(bytes.rbegin(),bytes.rend()))<<endl;
+
payload.reserve(payload.size()+bytes.size()+2);
for(int i=bytes.size()-1;i>=0;i--)payload.push_back(bytes[i]);
payload.push_back(bytes.size()>>8);
@@ -55,24 +52,27 @@ namespace Envelope{
}
string decrypt(const string &data,const RSA::PrivateKey &privkey){
- cerr<<"=== DECRYPT ==="<<endl;
+ // cerr<<"=== DECRYPT ==="<<endl;
if(data.size()<2)throw invalid_argument("Envelope data length invalid");
int encrkeylen=((uint16_t)(uint8_t)data[data.size()-2]<<8)+(uint8_t)data.back();
assert(encrkeylen<(1<<16));
- cerr<<"encrkeylen="<<encrkeylen<<endl;
+ // cerr<<"encrkeylen="<<encrkeylen<<endl;
if((int)data.size()<encrkeylen+2)throw invalid_argument("Envelope key format invalid");
+
string encrkey(encrkeylen,'\0');
for(int i=0;i<encrkeylen;i++){
encrkey[i]=data[data.size()-2-encrkeylen+i];
}
- cerr<<"encrkey="<<Base64::encode(encrkey)<<endl;
+ // cerr<<"encrkey="<<Base64::encode(encrkey)<<endl;
+
Bigint rsadata;
for(int i=0;i<encrkeylen;i++){
if(i!=0)rsadata<<=8;
rsadata+=(uint8_t)encrkey[i];
}
Bigint res(RSA::decrypt(rsadata,privkey));
- cerr<<"rsadata="<<res<<endl;
+ // cerr<<"rsadata="<<res<<endl;
+
vector<uint8_t> bytes; //bytes in little-endian order
while(res!=0){
bytes.push_back(res.lowdigits()&0xff);
@@ -80,8 +80,9 @@ namespace Envelope{
}
string decrkey(bytes.size(),'\0');
for(int i=0;i<(int)bytes.size();i++)decrkey[bytes.size()-1-i]=bytes[i];
- cerr<<"decrkey="<<Base64::encode(decrkey)<<endl;
- cerr<<"payload="<<Base64::encode(data.substr(0,data.size()-2-encrkeylen))<<endl;
+ // cerr<<"decrkey="<<Base64::encode(decrkey)<<endl;
+
+ // cerr<<"payload="<<Base64::encode(data.substr(0,data.size()-2-encrkeylen))<<endl;
return AES::decrypt(data.substr(0,data.size()-2-encrkeylen),decrkey,AES::AES_256_CBC);
}
diff --git a/gf28.cpp b/gf28.cpp
index e65c20a..61f47b1 100644
--- a/gf28.cpp
+++ b/gf28.cpp
@@ -47,7 +47,7 @@ GF28& GF28::operator-=(GF28 o){
return *this;
}
-GF28& GF28::operator<<=(int n){ //multiplication by x^n
+GF28& GF28::operator<<=(int n){
assert(n>=0);
value<<=n;
if(value&0x100)value^=modulus;
diff --git a/numalgo.cpp b/numalgo.cpp
index 38184b1..ee77afc 100644
--- a/numalgo.cpp
+++ b/numalgo.cpp
@@ -25,10 +25,8 @@ Bigint gcd(Bigint a,Bigint b){
Bigint egcd(const Bigint &a,const Bigint &b,Bigint &x,Bigint &y){
Bigint x2(0),y2(1),r(a),r2(b);
x=1; y=0;
- //cerr<<x<<"\t * "<<a<<"\t + "<<y<<"\t * "<<b<<"\t = "<<r<<endl;
while(r2!=0){
pair<Bigint,Bigint> dm=r.divmod(r2);
- //cerr<<x2<<"\t * "<<a<<"\t + "<<y2<<"\t * "<<b<<"\t = "<<r2<<" (q = "<<dm.first<<')'<<endl;
Bigint xn=x-dm.first*x2;
Bigint yn=y-dm.first*y2;
x=x2; x2=xn;
@@ -54,11 +52,9 @@ Bigint expmod(const Bigint &b,const Bigint &e,const Bigint &m){
int jacobiSymbol(Bigint a,Bigint n){
//https://en.wikipedia.org/wiki/Jacobi_symbol#Calculating_the_Jacobi_symbol
- // cerr<<"jacobiSymbol("<<a<<','<<n<<')'<<endl;
assert(n>0&&n.odd());
int res=1;
while(true){
- // cerr<<" a="<<a<<" n="<<n<<endl;
a=a.divmod(n).second;
if(a<0)a+=n;
int nmod8=n.divmod(Bigint(8)).second.lowdigits();
@@ -79,14 +75,10 @@ Bigint isqrt(const Bigint &n){
assert(n>=0);
if(n<=1)return n;
const int maxiter=20; //empirically, this should happen around 3.5 million bits in n. (niter ~= -1.87+1.45ln(bits))
- // __asm("int3\n\t");
- // cout<<"bitcount="<<n.bitcount()<<" maxiter="<<maxiter<<endl;
Bigint x(n);
x>>=n.bitcount()/2;
- // cerr<<"isqrt("<<hex<<n<<"); x = "<<x<<dec<<endl;
int iter;
for(iter=0;iter<maxiter;iter++){
- // cerr<<"x="<<hex<<x<<dec<<endl;
Bigint xnext(x*x); // xnext = x - (x*x-n)/(2*x) [Newton's method]
xnext-=n;
xnext>>=1;
diff --git a/primes.cpp b/primes.cpp
index ddb559c..0bda8f6 100644
--- a/primes.cpp
+++ b/primes.cpp
@@ -11,7 +11,6 @@ vector<int> smallprimes;
bool smallprimes_inited=false;
void fillsmallprimes(){
- // cerr<<"Filling small primes..."<<endl;
smallprimes_inited=true;
//TODO: reserve expected amount of space in smallprimes
smallprimes.push_back(2);
@@ -27,8 +26,6 @@ void fillsmallprimes(){
composite[j/2-1]=true;
}
}
- //for(int p : smallprimes)cerr<<p<<' ';
- //cerr<<endl;
}
pair<Bigint,Bigint> genprimepair(Rng &rng,int nbits){
@@ -56,15 +53,12 @@ Bigint randprime(Rng &rng,const Bigint &biglow,const Bigint &bighigh){
if(diff<=maxrangesize){
low=biglow;
high=bighigh;
- // cerr<<"low=biglow="<<low<<" high=bighigh="<<high<<endl;
} else {
high=low=bigrandom(rng,diff-maxrangesize);
high+=maxrangesize;
- // cerr<<"low="<<low<<" high="<<high<<endl;
}
if(low.even())low+=1;
if(high.even())high-=1;
- // cerr<<"low="<<low<<" high="<<high<<endl;
Bigint sizeb(high-low+1);
assert(sizeb>=0&&sizeb<=maxrangesize);
int nnums=(sizeb.lowdigits()+1)/2;
@@ -83,23 +77,18 @@ Bigint randprime(Rng &rng,const Bigint &biglow,const Bigint &bighigh){
if(lowoffset==0)startat=0;
else if((pr-lowoffset)%2==0)startat=(pr-lowoffset)/2;
else startat=(pr-lowoffset+pr)/2;
- // cerr<<"pr="<<pr<<" lowoffset="<<lowoffset<<" startat="<<startat<<endl;
for(int i=startat;i<nnums;i+=pr){ //skips ahead `2*pr` each time (so `pr` array elements)
- // cerr<<"sieving composite["<<i<<"]: "<<low+2*i<<endl;
nleft-=!composite[i];
composite[i]=true;
}
}
vector<int> maybeprimes;
maybeprimes.reserve(nleft);
- // cerr<<"Left ("<<nleft<<"):";
for(int i=0;i<nnums;i++){
if(!composite[i]){
- // cerr<<' '<<low+2*i;
maybeprimes.push_back(i);
}
}
- // cerr<<endl;
while(maybeprimes.size()){
int idx=rng.get_uniform(maybeprimes.size());
@@ -148,13 +137,10 @@ bool strongLucasPrime(const Bigint &n){
}
}
//now we have a D
- // cerr<<"D="<<D<<endl;
int P=1,iQ=(1-D)/4;
if(gcd(n,Bigint(P)).compareAbs(1)!=0||gcd(n,Bigint(iQ)).compareAbs(1)!=0)return false; //would be too easy to ignore
- // cerr<<"ok"<<endl;
//now begin the actual sequence algorithm
-#if 1
int s=0;
Bigint d(n);
d+=1;
@@ -162,11 +148,7 @@ bool strongLucasPrime(const Bigint &n){
d>>=1;
s++;
}
-#else
- Bigint d(n);
- d+=1;
-#endif
- // cerr<<"d="<<d<<endl;
+
vector<bool> dbits=d.bits();
assert(dbits.size()>0);
assert(dbits[dbits.size()-1]==true);
@@ -198,7 +180,6 @@ bool strongLucasPrime(const Bigint &n){
}
}
if(U==0)return true;
-#if 1
if(V==0)return true; //r=0 check
for(int r=1;r<s;r++){
V*=V;
@@ -207,7 +188,6 @@ bool strongLucasPrime(const Bigint &n){
Qk=(Qk*Qk).divmod(n).second;
if(V==0)return true;
}
-#endif
return false;
}
diff --git a/rng.cpp b/rng.cpp
index a6c61f5..e06b8be 100644
--- a/rng.cpp
+++ b/rng.cpp
@@ -1,5 +1,3 @@
-// #include <iostream>
-// #include <bitset>
#include <cstring>
#include <cassert>
#include "rng.h"
@@ -61,7 +59,6 @@ uint32_t KeyRng::get(){
state^=rotr64(state,11); //tempering
state^=rotl64(state,7)&0x9d2c5680;
state^=rotr64(state,18);
- // cerr<<bitset<64>(state)<<endl;
return state>>32;
}
diff --git a/rsa.cpp b/rsa.cpp
index cfa1fee..77e1350 100644
--- a/rsa.cpp
+++ b/rsa.cpp
@@ -11,8 +11,6 @@ using namespace std;
namespace RSA{
Bigint encrypt(Bigint msg,const PublicKey &pubkey){
- // cerr<<"msg="<<msg<<endl;
- // cerr<<"mod="<<pubkey.mod<<endl;
assert(msg>1&&msg<pubkey.mod);
return expmod(msg,pubkey.exp,pubkey.mod);
}