line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
1
|
|
|
1
|
|
6
|
use strict; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
27
|
|
2
|
1
|
|
|
1
|
|
5
|
use warnings; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
53
|
|
3
|
|
|
|
|
|
|
package CDS::C; |
4
|
|
|
|
|
|
|
our $VERSION = '0.31'; |
5
|
1
|
|
|
1
|
|
6
|
use Exporter 'import'; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
1798
|
|
6
|
|
|
|
|
|
|
our @EXPORT = qw(); |
7
|
1
|
|
|
1
|
|
377
|
use CDS::C::Inline C => <
|
|
1
|
|
|
|
|
3
|
|
|
1
|
|
|
|
|
36
|
|
8
|
|
|
|
|
|
|
#include |
9
|
|
|
|
|
|
|
#include |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
|
12
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/configuration/default.inc.h" |
13
|
|
|
|
|
|
|
typedef uint32_t cdsLength; |
14
|
|
|
|
|
|
|
#define CDS_MAX_RECORD_DEPTH 64 |
15
|
|
|
|
|
|
|
|
16
|
|
|
|
|
|
|
#line 4 "Condensation/C.inc.c" |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/random/multi-os.inc.c" |
19
|
|
|
|
|
|
|
#if defined(WIN32) || defined(_WIN32) |
20
|
|
|
|
|
|
|
|
21
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/random/windows.inc.c" |
22
|
|
|
|
|
|
|
#define _CRT_RAND_S |
23
|
|
|
|
|
|
|
#include |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
static void fillRandom(uint8_t * buffer, uint32_t length) { |
26
|
|
|
|
|
|
|
unsigned int value; |
27
|
|
|
|
|
|
|
for (uint32_t i = 0; i < length; i++) { |
28
|
|
|
|
|
|
|
rand_s(&value); |
29
|
|
|
|
|
|
|
buffer[i] = value & 0xff; |
30
|
|
|
|
|
|
|
} |
31
|
|
|
|
|
|
|
} |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
#line 2 "Condensation/../../c/random/multi-os.inc.c" |
34
|
|
|
|
|
|
|
#else |
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/random/dev-urandom.inc.c" |
37
|
|
|
|
|
|
|
#include |
38
|
|
|
|
|
|
|
#include |
39
|
|
|
|
|
|
|
#include |
40
|
|
|
|
|
|
|
#include |
41
|
|
|
|
|
|
|
|
42
|
|
|
|
|
|
|
static void fillRandom(uint8_t * buffer, uint32_t length) { |
43
|
|
|
|
|
|
|
int fh = open("/dev/urandom", O_RDONLY | O_NONBLOCK); |
44
|
|
|
|
|
|
|
|
45
|
|
|
|
|
|
|
size_t count = 0; |
46
|
|
|
|
|
|
|
while (count < length) { |
47
|
|
|
|
|
|
|
ssize_t added = read(fh, buffer + count, length - count); |
48
|
|
|
|
|
|
|
if (added < 0) break; |
49
|
|
|
|
|
|
|
count += (size_t) added; |
50
|
|
|
|
|
|
|
} |
51
|
|
|
|
|
|
|
|
52
|
|
|
|
|
|
|
close(fh); |
53
|
|
|
|
|
|
|
} |
54
|
|
|
|
|
|
|
|
55
|
|
|
|
|
|
|
#line 4 "Condensation/../../c/random/multi-os.inc.c" |
56
|
|
|
|
|
|
|
#endif |
57
|
|
|
|
|
|
|
|
58
|
|
|
|
|
|
|
#line 5 "Condensation/C.inc.c" |
59
|
|
|
|
|
|
|
|
60
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/littleEndian.inc.c" |
61
|
|
|
|
|
|
|
static void copyReversed4(uint8_t * destination, const uint8_t * source) { |
62
|
|
|
|
|
|
|
destination[0] = source[3]; |
63
|
|
|
|
|
|
|
destination[1] = source[2]; |
64
|
|
|
|
|
|
|
destination[2] = source[1]; |
65
|
|
|
|
|
|
|
destination[3] = source[0]; |
66
|
|
|
|
|
|
|
} |
67
|
|
|
|
|
|
|
|
68
|
|
|
|
|
|
|
static void copyReversed8(uint8_t * destination, const uint8_t * source) { |
69
|
|
|
|
|
|
|
destination[0] = source[7]; |
70
|
|
|
|
|
|
|
destination[1] = source[6]; |
71
|
|
|
|
|
|
|
destination[2] = source[5]; |
72
|
|
|
|
|
|
|
destination[3] = source[4]; |
73
|
|
|
|
|
|
|
destination[4] = source[3]; |
74
|
|
|
|
|
|
|
destination[5] = source[2]; |
75
|
|
|
|
|
|
|
destination[6] = source[1]; |
76
|
|
|
|
|
|
|
destination[7] = source[0]; |
77
|
|
|
|
|
|
|
} |
78
|
|
|
|
|
|
|
|
79
|
|
|
|
|
|
|
void cdsSetUint32BE(uint8_t * bytes, uint32_t value) { |
80
|
|
|
|
|
|
|
union { |
81
|
|
|
|
|
|
|
uint8_t leBytes[4]; |
82
|
|
|
|
|
|
|
uint32_t value; |
83
|
|
|
|
|
|
|
} u; |
84
|
|
|
|
|
|
|
|
85
|
|
|
|
|
|
|
u.value = value; |
86
|
|
|
|
|
|
|
copyReversed4(bytes, u.leBytes); |
87
|
|
|
|
|
|
|
} |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
uint32_t cdsGetUint32BE(const uint8_t * bytes) { |
90
|
|
|
|
|
|
|
union { |
91
|
|
|
|
|
|
|
uint8_t leBytes[4]; |
92
|
|
|
|
|
|
|
uint32_t value; |
93
|
|
|
|
|
|
|
} u; |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
copyReversed4(u.leBytes, bytes); |
96
|
|
|
|
|
|
|
return u.value; |
97
|
|
|
|
|
|
|
} |
98
|
|
|
|
|
|
|
|
99
|
|
|
|
|
|
|
void cdsSetUint64BE(uint8_t * bytes, uint64_t value) { |
100
|
|
|
|
|
|
|
union { |
101
|
|
|
|
|
|
|
uint8_t leBytes[8]; |
102
|
|
|
|
|
|
|
uint64_t value; |
103
|
|
|
|
|
|
|
} u; |
104
|
|
|
|
|
|
|
|
105
|
|
|
|
|
|
|
u.value = value; |
106
|
|
|
|
|
|
|
copyReversed8(bytes, u.leBytes); |
107
|
|
|
|
|
|
|
} |
108
|
|
|
|
|
|
|
|
109
|
|
|
|
|
|
|
uint64_t cdsGetUint64BE(const uint8_t * bytes) { |
110
|
|
|
|
|
|
|
union { |
111
|
|
|
|
|
|
|
uint8_t leBytes[8]; |
112
|
|
|
|
|
|
|
uint64_t value; |
113
|
|
|
|
|
|
|
} u; |
114
|
|
|
|
|
|
|
|
115
|
|
|
|
|
|
|
copyReversed8(u.leBytes, bytes); |
116
|
|
|
|
|
|
|
return u.value; |
117
|
|
|
|
|
|
|
} |
118
|
|
|
|
|
|
|
|
119
|
|
|
|
|
|
|
void cdsSetFloat32BE(uint8_t * bytes, float value) { |
120
|
|
|
|
|
|
|
union { |
121
|
|
|
|
|
|
|
uint8_t leBytes[4]; |
122
|
|
|
|
|
|
|
float value; |
123
|
|
|
|
|
|
|
} u; |
124
|
|
|
|
|
|
|
|
125
|
|
|
|
|
|
|
u.value = value; |
126
|
|
|
|
|
|
|
copyReversed4(bytes, u.leBytes); |
127
|
|
|
|
|
|
|
} |
128
|
|
|
|
|
|
|
|
129
|
|
|
|
|
|
|
float cdsGetFloat32BE(const uint8_t * bytes) { |
130
|
|
|
|
|
|
|
union { |
131
|
|
|
|
|
|
|
uint8_t leBytes[4]; |
132
|
|
|
|
|
|
|
float value; |
133
|
|
|
|
|
|
|
} u; |
134
|
|
|
|
|
|
|
|
135
|
|
|
|
|
|
|
copyReversed4(u.leBytes, bytes); |
136
|
|
|
|
|
|
|
return u.value; |
137
|
|
|
|
|
|
|
} |
138
|
|
|
|
|
|
|
|
139
|
|
|
|
|
|
|
void cdsSetFloat64BE(uint8_t * bytes, double value) { |
140
|
|
|
|
|
|
|
union { |
141
|
|
|
|
|
|
|
uint8_t leBytes[4]; |
142
|
|
|
|
|
|
|
float value; |
143
|
|
|
|
|
|
|
} u; |
144
|
|
|
|
|
|
|
|
145
|
|
|
|
|
|
|
u.value = value; |
146
|
|
|
|
|
|
|
copyReversed8(bytes, u.leBytes); |
147
|
|
|
|
|
|
|
} |
148
|
|
|
|
|
|
|
|
149
|
|
|
|
|
|
|
double cdsGetFloat64BE(const uint8_t * bytes) { |
150
|
|
|
|
|
|
|
union { |
151
|
|
|
|
|
|
|
uint8_t leBytes[8]; |
152
|
|
|
|
|
|
|
double value; |
153
|
|
|
|
|
|
|
} u; |
154
|
|
|
|
|
|
|
|
155
|
|
|
|
|
|
|
copyReversed8(u.leBytes, bytes); |
156
|
|
|
|
|
|
|
return u.value; |
157
|
|
|
|
|
|
|
} |
158
|
|
|
|
|
|
|
|
159
|
|
|
|
|
|
|
#if defined(__BYTE_ORDER) && __BYTE_ORDER == __BIG_ENDIAN || defined(__BIG_ENDIAN__) || defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || defined(_MIBSEB) || defined(__MIBSEB) || defined(__MIBSEB__) |
160
|
|
|
|
|
|
|
#error "This library was prepared for little-endian processor architectures. Your compiler indicates that you are compiling for a big-endian architecture." |
161
|
|
|
|
|
|
|
#endif |
162
|
|
|
|
|
|
|
|
163
|
|
|
|
|
|
|
#line 6 "Condensation/C.inc.c" |
164
|
|
|
|
|
|
|
|
165
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/all.inc.h" |
166
|
|
|
|
|
|
|
#include |
167
|
|
|
|
|
|
|
#include |
168
|
|
|
|
|
|
|
|
169
|
|
|
|
|
|
|
|
170
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/public.h" |
171
|
|
|
|
|
|
|
#include |
172
|
|
|
|
|
|
|
#include |
173
|
|
|
|
|
|
|
|
174
|
|
|
|
|
|
|
struct cdsBytes { |
175
|
|
|
|
|
|
|
const uint8_t * data; |
176
|
|
|
|
|
|
|
cdsLength length; |
177
|
|
|
|
|
|
|
}; |
178
|
|
|
|
|
|
|
|
179
|
|
|
|
|
|
|
struct cdsMutableBytes { |
180
|
|
|
|
|
|
|
uint8_t * data; |
181
|
|
|
|
|
|
|
cdsLength length; |
182
|
|
|
|
|
|
|
}; |
183
|
|
|
|
|
|
|
|
184
|
|
|
|
|
|
|
extern const struct cdsBytes cdsEmpty; |
185
|
|
|
|
|
|
|
|
186
|
|
|
|
|
|
|
#line 4 "Condensation/../../c/Condensation/all.inc.h" |
187
|
|
|
|
|
|
|
|
188
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/AES256/public.h" |
189
|
|
|
|
|
|
|
extern const struct cdsBytes cdsZeroCtr; |
190
|
|
|
|
|
|
|
|
191
|
|
|
|
|
|
|
struct cdsAES256 { |
192
|
|
|
|
|
|
|
int key[240]; |
193
|
|
|
|
|
|
|
}; |
194
|
|
|
|
|
|
|
|
195
|
|
|
|
|
|
|
#line 5 "Condensation/../../c/Condensation/all.inc.h" |
196
|
|
|
|
|
|
|
|
197
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/SHA256/public.h" |
198
|
|
|
|
|
|
|
struct cdsSHA256 { |
199
|
|
|
|
|
|
|
uint32_t state[8]; |
200
|
|
|
|
|
|
|
uint8_t chunk[64]; |
201
|
|
|
|
|
|
|
uint8_t used; |
202
|
|
|
|
|
|
|
uint32_t length; |
203
|
|
|
|
|
|
|
}; |
204
|
|
|
|
|
|
|
|
205
|
|
|
|
|
|
|
#line 6 "Condensation/../../c/Condensation/all.inc.h" |
206
|
|
|
|
|
|
|
|
207
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/public.h" |
208
|
|
|
|
|
|
|
#define CDS_BIG_INTEGER_SIZE 132 // 2048 / 32 * 2 + 4 |
209
|
|
|
|
|
|
|
#define CDS_BIG_INTEGER_ZERO {} |
210
|
|
|
|
|
|
|
|
211
|
|
|
|
|
|
|
struct cdsBigInteger { |
212
|
|
|
|
|
|
|
int length; |
213
|
|
|
|
|
|
|
uint32_t values[CDS_BIG_INTEGER_SIZE]; |
214
|
|
|
|
|
|
|
}; |
215
|
|
|
|
|
|
|
|
216
|
|
|
|
|
|
|
struct cdsRSAModPowSmall { |
217
|
|
|
|
|
|
|
struct cdsBigInteger bigInteger1; |
218
|
|
|
|
|
|
|
struct cdsBigInteger bigInteger2; |
219
|
|
|
|
|
|
|
struct cdsBigInteger gR; |
220
|
|
|
|
|
|
|
struct cdsBigInteger * result; |
221
|
|
|
|
|
|
|
}; |
222
|
|
|
|
|
|
|
|
223
|
|
|
|
|
|
|
struct cdsRSAModPowBig { |
224
|
|
|
|
|
|
|
struct cdsBigInteger bigInteger1; |
225
|
|
|
|
|
|
|
struct cdsBigInteger bigInteger2; |
226
|
|
|
|
|
|
|
uint32_t mp; |
227
|
|
|
|
|
|
|
const struct cdsBigInteger * m; |
228
|
|
|
|
|
|
|
struct cdsBigInteger gR[64]; |
229
|
|
|
|
|
|
|
struct cdsBigInteger * aR; |
230
|
|
|
|
|
|
|
struct cdsBigInteger * tR; |
231
|
|
|
|
|
|
|
int selection; |
232
|
|
|
|
|
|
|
int usableSelection; |
233
|
|
|
|
|
|
|
int usableBits; |
234
|
|
|
|
|
|
|
int zeroBits; |
235
|
|
|
|
|
|
|
struct cdsBigInteger * result; |
236
|
|
|
|
|
|
|
}; |
237
|
|
|
|
|
|
|
|
238
|
|
|
|
|
|
|
struct cdsRSAPublicCryptMemory { |
239
|
|
|
|
|
|
|
struct cdsRSAModPowSmall modPowSmall; |
240
|
|
|
|
|
|
|
struct cdsBigInteger input; |
241
|
|
|
|
|
|
|
}; |
242
|
|
|
|
|
|
|
|
243
|
|
|
|
|
|
|
struct cdsRSAPrivateCryptMemory { |
244
|
|
|
|
|
|
|
struct cdsRSAModPowBig modPowBig; |
245
|
|
|
|
|
|
|
struct cdsBigInteger input; |
246
|
|
|
|
|
|
|
struct cdsBigInteger imodp; |
247
|
|
|
|
|
|
|
struct cdsBigInteger mP; |
248
|
|
|
|
|
|
|
struct cdsBigInteger imodq; |
249
|
|
|
|
|
|
|
struct cdsBigInteger mQ; |
250
|
|
|
|
|
|
|
struct cdsBigInteger result; |
251
|
|
|
|
|
|
|
struct cdsBigInteger difference; |
252
|
|
|
|
|
|
|
struct cdsBigInteger h; |
253
|
|
|
|
|
|
|
}; |
254
|
|
|
|
|
|
|
|
255
|
|
|
|
|
|
|
struct cdsRSAPublicKey { |
256
|
|
|
|
|
|
|
struct cdsBigInteger e; |
257
|
|
|
|
|
|
|
struct cdsBigInteger n; |
258
|
|
|
|
|
|
|
bool isValid; |
259
|
|
|
|
|
|
|
}; |
260
|
|
|
|
|
|
|
|
261
|
|
|
|
|
|
|
struct cdsRSAPrivateKey { |
262
|
|
|
|
|
|
|
struct cdsRSAPublicKey rsaPublicKey; |
263
|
|
|
|
|
|
|
struct cdsBigInteger p; |
264
|
|
|
|
|
|
|
struct cdsBigInteger q; |
265
|
|
|
|
|
|
|
struct cdsBigInteger d; |
266
|
|
|
|
|
|
|
struct cdsBigInteger dp; |
267
|
|
|
|
|
|
|
struct cdsBigInteger dq; |
268
|
|
|
|
|
|
|
struct cdsBigInteger pInv; |
269
|
|
|
|
|
|
|
struct cdsBigInteger qInv; |
270
|
|
|
|
|
|
|
bool isValid; |
271
|
|
|
|
|
|
|
}; |
272
|
|
|
|
|
|
|
|
273
|
|
|
|
|
|
|
#line 7 "Condensation/../../c/Condensation/all.inc.h" |
274
|
|
|
|
|
|
|
|
275
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/public.h" |
276
|
|
|
|
|
|
|
struct cdsHash { |
277
|
|
|
|
|
|
|
uint8_t bytes[32]; |
278
|
|
|
|
|
|
|
}; |
279
|
|
|
|
|
|
|
|
280
|
|
|
|
|
|
|
struct cdsHashAndKey { |
281
|
|
|
|
|
|
|
struct cdsHash hash; |
282
|
|
|
|
|
|
|
struct cdsBytes key; |
283
|
|
|
|
|
|
|
uint8_t keyBytes[32]; |
284
|
|
|
|
|
|
|
}; |
285
|
|
|
|
|
|
|
|
286
|
|
|
|
|
|
|
typedef void (*cdsHashCallback)(struct cdsHash hash); |
287
|
|
|
|
|
|
|
|
288
|
|
|
|
|
|
|
struct cdsObject { |
289
|
|
|
|
|
|
|
struct cdsBytes bytes; |
290
|
|
|
|
|
|
|
uint32_t hashesCount; |
291
|
|
|
|
|
|
|
struct cdsBytes header; |
292
|
|
|
|
|
|
|
struct cdsBytes data; |
293
|
|
|
|
|
|
|
}; |
294
|
|
|
|
|
|
|
|
295
|
|
|
|
|
|
|
struct cdsRecordBuilder { |
296
|
|
|
|
|
|
|
struct cdsMutableBytes bytes; |
297
|
|
|
|
|
|
|
cdsLength dataOffset; |
298
|
|
|
|
|
|
|
cdsLength used; |
299
|
|
|
|
|
|
|
cdsLength hashesUsed; |
300
|
|
|
|
|
|
|
cdsLength levelPositions[CDS_MAX_RECORD_DEPTH]; |
301
|
|
|
|
|
|
|
int level; |
302
|
|
|
|
|
|
|
int nextIsChild; |
303
|
|
|
|
|
|
|
}; |
304
|
|
|
|
|
|
|
|
305
|
|
|
|
|
|
|
struct cdsRecord { |
306
|
|
|
|
|
|
|
struct cdsBytes bytes; |
307
|
|
|
|
|
|
|
const uint8_t * hash; |
308
|
|
|
|
|
|
|
struct cdsRecord * nextSibling; |
309
|
|
|
|
|
|
|
struct cdsRecord * firstChild; |
310
|
|
|
|
|
|
|
}; |
311
|
|
|
|
|
|
|
|
312
|
|
|
|
|
|
|
#line 8 "Condensation/../../c/Condensation/all.inc.h" |
313
|
|
|
|
|
|
|
|
314
|
|
|
|
|
|
|
#line 7 "Condensation/C.inc.c" |
315
|
|
|
|
|
|
|
|
316
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/all.inc.c" |
317
|
|
|
|
|
|
|
#include |
318
|
|
|
|
|
|
|
#include |
319
|
|
|
|
|
|
|
#include |
320
|
|
|
|
|
|
|
|
321
|
|
|
|
|
|
|
|
322
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/minMax.inc.c" |
323
|
|
|
|
|
|
|
|
324
|
|
|
|
|
|
|
static cdsLength minLength(cdsLength a, cdsLength b) { return a < b ? a : b; } |
325
|
|
|
|
|
|
|
|
326
|
|
|
|
|
|
|
|
327
|
|
|
|
|
|
|
static size_t minSize(size_t a, size_t b) { return a < b ? a : b; } |
328
|
|
|
|
|
|
|
|
329
|
|
|
|
|
|
|
#line 5 "Condensation/../../c/Condensation/all.inc.c" |
330
|
|
|
|
|
|
|
|
331
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/bytes.inc.c" |
332
|
|
|
|
|
|
|
#include |
333
|
|
|
|
|
|
|
|
334
|
|
|
|
|
|
|
const struct cdsBytes cdsEmpty = {NULL, 0}; |
335
|
|
|
|
|
|
|
|
336
|
|
|
|
|
|
|
struct cdsBytes cdsBytes(const uint8_t * bytes, cdsLength length) { |
337
|
|
|
|
|
|
|
return (struct cdsBytes) { |
338
|
|
|
|
|
|
|
bytes, length |
339
|
|
|
|
|
|
|
}; |
340
|
|
|
|
|
|
|
} |
341
|
|
|
|
|
|
|
|
342
|
|
|
|
|
|
|
struct cdsBytes cdsByteSlice(const struct cdsBytes bytes, cdsLength offset, cdsLength length) { |
343
|
|
|
|
|
|
|
if (offset > bytes.length) return cdsEmpty; |
344
|
|
|
|
|
|
|
return (struct cdsBytes) { |
345
|
|
|
|
|
|
|
bytes.data + offset, minLength(length, bytes.length - offset) |
346
|
|
|
|
|
|
|
}; |
347
|
|
|
|
|
|
|
} |
348
|
|
|
|
|
|
|
|
349
|
|
|
|
|
|
|
struct cdsBytes cdsByteSliceFrom(const struct cdsBytes bytes, cdsLength offset) { |
350
|
|
|
|
|
|
|
return (struct cdsBytes) { |
351
|
|
|
|
|
|
|
bytes.data + offset, bytes.length - offset |
352
|
|
|
|
|
|
|
}; |
353
|
|
|
|
|
|
|
} |
354
|
|
|
|
|
|
|
|
355
|
|
|
|
|
|
|
struct cdsBytes cdsBytesFromText(const char * text) { |
356
|
|
|
|
|
|
|
return (struct cdsBytes) { |
357
|
|
|
|
|
|
|
(const uint8_t *) text, (cdsLength) strlen(text) |
358
|
|
|
|
|
|
|
}; |
359
|
|
|
|
|
|
|
} |
360
|
|
|
|
|
|
|
|
361
|
|
|
|
|
|
|
int cdsCompareBytes(const struct cdsBytes a, const struct cdsBytes b) { |
362
|
|
|
|
|
|
|
cdsLength length = minLength(a.length, b.length); |
363
|
|
|
|
|
|
|
for (cdsLength i = 0; i < length; i++) { |
364
|
|
|
|
|
|
|
if (a.data[i] < b.data[i]) return -1; |
365
|
|
|
|
|
|
|
if (a.data[i] > b.data[i]) return 1; |
366
|
|
|
|
|
|
|
} |
367
|
|
|
|
|
|
|
|
368
|
|
|
|
|
|
|
if (a.length < b.length) return -1; |
369
|
|
|
|
|
|
|
if (a.length > b.length) return 1; |
370
|
|
|
|
|
|
|
return 0; |
371
|
|
|
|
|
|
|
} |
372
|
|
|
|
|
|
|
|
373
|
|
|
|
|
|
|
bool cdsEqualBytes(const struct cdsBytes a, const struct cdsBytes b) { |
374
|
|
|
|
|
|
|
if (a.length != b.length) return false; |
375
|
|
|
|
|
|
|
for (cdsLength i = 0; i < a.length; i++) |
376
|
|
|
|
|
|
|
if (a.data[i] != b.data[i]) return false; |
377
|
|
|
|
|
|
|
return true; |
378
|
|
|
|
|
|
|
} |
379
|
|
|
|
|
|
|
|
380
|
|
|
|
|
|
|
struct cdsMutableBytes cdsMutableBytes(uint8_t * bytes, cdsLength length) { |
381
|
|
|
|
|
|
|
return (struct cdsMutableBytes) { |
382
|
|
|
|
|
|
|
bytes, length |
383
|
|
|
|
|
|
|
}; |
384
|
|
|
|
|
|
|
} |
385
|
|
|
|
|
|
|
|
386
|
|
|
|
|
|
|
struct cdsMutableBytes cdsMutableBytesFromText(char * text) { |
387
|
|
|
|
|
|
|
return (struct cdsMutableBytes) { |
388
|
|
|
|
|
|
|
(uint8_t *) text, (cdsLength) strlen(text) |
389
|
|
|
|
|
|
|
}; |
390
|
|
|
|
|
|
|
} |
391
|
|
|
|
|
|
|
|
392
|
|
|
|
|
|
|
struct cdsBytes cdsSeal(const struct cdsMutableBytes bytes) { |
393
|
|
|
|
|
|
|
return (struct cdsBytes) { |
394
|
|
|
|
|
|
|
bytes.data, bytes.length |
395
|
|
|
|
|
|
|
}; |
396
|
|
|
|
|
|
|
} |
397
|
|
|
|
|
|
|
|
398
|
|
|
|
|
|
|
struct cdsMutableBytes cdsMutableByteSlice(const struct cdsMutableBytes bytes, cdsLength offset, cdsLength length) { |
399
|
|
|
|
|
|
|
return (struct cdsMutableBytes) { |
400
|
|
|
|
|
|
|
bytes.data + offset, length |
401
|
|
|
|
|
|
|
}; |
402
|
|
|
|
|
|
|
} |
403
|
|
|
|
|
|
|
|
404
|
|
|
|
|
|
|
struct cdsMutableBytes cdsMutableByteSliceFrom(const struct cdsMutableBytes bytes, cdsLength offset) { |
405
|
|
|
|
|
|
|
return (struct cdsMutableBytes) { |
406
|
|
|
|
|
|
|
bytes.data + offset, bytes.length - offset |
407
|
|
|
|
|
|
|
}; |
408
|
|
|
|
|
|
|
} |
409
|
|
|
|
|
|
|
|
410
|
|
|
|
|
|
|
struct cdsMutableBytes cdsSetBytes(const struct cdsMutableBytes destination, cdsLength destinationOffset, const struct cdsBytes source) { |
411
|
|
|
|
|
|
|
cdsLength length = minLength(destination.length - destinationOffset, source.length); |
412
|
|
|
|
|
|
|
memcpy(destination.data + destinationOffset, source.data, length); |
413
|
|
|
|
|
|
|
return cdsMutableBytes(destination.data + destinationOffset, length); |
414
|
|
|
|
|
|
|
} |
415
|
|
|
|
|
|
|
|
416
|
|
|
|
|
|
|
#line 6 "Condensation/../../c/Condensation/all.inc.c" |
417
|
|
|
|
|
|
|
|
418
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/hex.inc.c" |
419
|
|
|
|
|
|
|
|
420
|
|
|
|
|
|
|
static char hexDigits[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'}; |
421
|
|
|
|
|
|
|
static uint8_t hexValues[] = {255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 255, 255, 255, 255, 255, 255, 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255}; |
422
|
|
|
|
|
|
|
|
423
|
|
|
|
|
|
|
char * cdsHexFromBytes(const struct cdsBytes bytes, char * buffer, cdsLength length) { |
424
|
|
|
|
|
|
|
if (length == 0) return buffer; |
425
|
|
|
|
|
|
|
|
426
|
|
|
|
|
|
|
cdsLength w = 0; |
427
|
|
|
|
|
|
|
cdsLength r = 0; |
428
|
|
|
|
|
|
|
while (r < bytes.length && w < length - 2) { |
429
|
|
|
|
|
|
|
buffer[w] = hexDigits[(bytes.data[r] >> 4) & 0xf]; |
430
|
|
|
|
|
|
|
w += 1; |
431
|
|
|
|
|
|
|
|
432
|
|
|
|
|
|
|
buffer[w] = hexDigits[bytes.data[r] & 0xf]; |
433
|
|
|
|
|
|
|
w += 1; |
434
|
|
|
|
|
|
|
|
435
|
|
|
|
|
|
|
r += 1; |
436
|
|
|
|
|
|
|
} |
437
|
|
|
|
|
|
|
|
438
|
|
|
|
|
|
|
buffer[w] = 0; |
439
|
|
|
|
|
|
|
return buffer; |
440
|
|
|
|
|
|
|
} |
441
|
|
|
|
|
|
|
|
442
|
|
|
|
|
|
|
struct cdsBytes cdsBytesFromHex(const char * hex, uint8_t * buffer, cdsLength length) { |
443
|
|
|
|
|
|
|
cdsLength i = 0; |
444
|
|
|
|
|
|
|
while (i < length) { |
445
|
|
|
|
|
|
|
uint8_t b1 = hexValues[(int)hex[i * 2]]; |
446
|
|
|
|
|
|
|
if (b1 >= 16) break; |
447
|
|
|
|
|
|
|
|
448
|
|
|
|
|
|
|
uint8_t b2 = hexValues[(int)hex[i * 2 + 1]]; |
449
|
|
|
|
|
|
|
if (b2 >= 16) break; |
450
|
|
|
|
|
|
|
|
451
|
|
|
|
|
|
|
buffer[i] = (b1 << 4) | b2; |
452
|
|
|
|
|
|
|
i += 1; |
453
|
|
|
|
|
|
|
} |
454
|
|
|
|
|
|
|
|
455
|
|
|
|
|
|
|
return cdsBytes(buffer, i); |
456
|
|
|
|
|
|
|
} |
457
|
|
|
|
|
|
|
|
458
|
|
|
|
|
|
|
#line 7 "Condensation/../../c/Condensation/all.inc.c" |
459
|
|
|
|
|
|
|
|
460
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/random.inc.c" |
461
|
|
|
|
|
|
|
struct cdsBytes cdsRandomBytes(uint8_t * buffer, cdsLength length) { |
462
|
|
|
|
|
|
|
fillRandom(buffer, length); |
463
|
|
|
|
|
|
|
return cdsBytes(buffer, length); |
464
|
|
|
|
|
|
|
} |
465
|
|
|
|
|
|
|
|
466
|
|
|
|
|
|
|
#line 8 "Condensation/../../c/Condensation/all.inc.c" |
467
|
|
|
|
|
|
|
|
468
|
|
|
|
|
|
|
|
469
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/AES256/AES256.inc.c" |
470
|
|
|
|
|
|
|
|
471
|
|
|
|
|
|
|
static int sbox[] = {99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22}; |
472
|
|
|
|
|
|
|
|
473
|
|
|
|
|
|
|
static int xtime[] = {0, 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, 64, 66, 68, 70, 72, 74, 76, 78, 80, 82, 84, 86, 88, 90, 92, 94, 96, 98, 100, 102, 104, 106, 108, 110, 112, 114, 116, 118, 120, 122, 124, 126, 128, 130, 132, 134, 136, 138, 140, 142, 144, 146, 148, 150, 152, 154, 156, 158, 160, 162, 164, 166, 168, 170, 172, 174, 176, 178, 180, 182, 184, 186, 188, 190, 192, 194, 196, 198, 200, 202, 204, 206, 208, 210, 212, 214, 216, 218, 220, 222, 224, 226, 228, 230, 232, 234, 236, 238, 240, 242, 244, 246, 248, 250, 252, 254, 27, 25, 31, 29, 19, 17, 23, 21, 11, 9, 15, 13, 3, 1, 7, 5, 59, 57, 63, 61, 51, 49, 55, 53, 43, 41, 47, 45, 35, 33, 39, 37, 91, 89, 95, 93, 83, 81, 87, 85, 75, 73, 79, 77, 67, 65, 71, 69, 123, 121, 127, 125, 115, 113, 119, 117, 107, 105, 111, 109, 99, 97, 103, 101, 155, 153, 159, 157, 147, 145, 151, 149, 139, 137, 143, 141, 131, 129, 135, 133, 187, 185, 191, 189, 179, 177, 183, 181, 171, 169, 175, 173, 163, 161, 167, 165, 219, 217, 223, 221, 211, 209, 215, 213, 203, 201, 207, 205, 195, 193, 199, 197, 251, 249, 255, 253, 243, 241, 247, 245, 235, 233, 239, 237, 227, 225, 231, 229}; |
474
|
|
|
|
|
|
|
|
475
|
|
|
|
|
|
|
static const int keyLength = 240; // 16 * (14 + 1) |
476
|
|
|
|
|
|
|
|
477
|
|
|
|
|
|
|
uint8_t zeroCtrBuffer[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; |
478
|
|
|
|
|
|
|
const struct cdsBytes cdsZeroCtr = {zeroCtrBuffer, 16}; |
479
|
|
|
|
|
|
|
|
480
|
|
|
|
|
|
|
void cdsInitializeEmptyAES256(struct cdsAES256 * this) { } |
481
|
|
|
|
|
|
|
|
482
|
|
|
|
|
|
|
void cdsInitializeAES256(struct cdsAES256 * this, struct cdsBytes key256) { |
483
|
|
|
|
|
|
|
int i = 0; |
484
|
|
|
|
|
|
|
int r = 1; |
485
|
|
|
|
|
|
|
while (i < 32) { |
486
|
|
|
|
|
|
|
this->key[i] = key256.data[i]; |
487
|
|
|
|
|
|
|
i++; |
488
|
|
|
|
|
|
|
} |
489
|
|
|
|
|
|
|
|
490
|
|
|
|
|
|
|
while (i < keyLength) { |
491
|
|
|
|
|
|
|
int mod = i % 32; |
492
|
|
|
|
|
|
|
if (mod == 0) { |
493
|
|
|
|
|
|
|
this->key[i + 0] = this->key[i + 0 - 32] ^ sbox[this->key[i - 3]] ^ r; |
494
|
|
|
|
|
|
|
this->key[i + 1] = this->key[i + 1 - 32] ^ sbox[this->key[i - 2]]; |
495
|
|
|
|
|
|
|
this->key[i + 2] = this->key[i + 2 - 32] ^ sbox[this->key[i - 1]]; |
496
|
|
|
|
|
|
|
this->key[i + 3] = this->key[i + 3 - 32] ^ sbox[this->key[i - 4]]; |
497
|
|
|
|
|
|
|
r <<= 1; |
498
|
|
|
|
|
|
|
} else if (mod == 16) { |
499
|
|
|
|
|
|
|
this->key[i + 0] = this->key[i + 0 - 32] ^ sbox[this->key[i - 4]]; |
500
|
|
|
|
|
|
|
this->key[i + 1] = this->key[i + 1 - 32] ^ sbox[this->key[i - 3]]; |
501
|
|
|
|
|
|
|
this->key[i + 2] = this->key[i + 2 - 32] ^ sbox[this->key[i - 2]]; |
502
|
|
|
|
|
|
|
this->key[i + 3] = this->key[i + 3 - 32] ^ sbox[this->key[i - 1]]; |
503
|
|
|
|
|
|
|
} else { |
504
|
|
|
|
|
|
|
this->key[i + 0] = this->key[i + 0 - 32] ^ this->key[i - 4]; |
505
|
|
|
|
|
|
|
this->key[i + 1] = this->key[i + 1 - 32] ^ this->key[i - 3]; |
506
|
|
|
|
|
|
|
this->key[i + 2] = this->key[i + 2 - 32] ^ this->key[i - 2]; |
507
|
|
|
|
|
|
|
this->key[i + 3] = this->key[i + 3 - 32] ^ this->key[i - 1]; |
508
|
|
|
|
|
|
|
} |
509
|
|
|
|
|
|
|
i += 4; |
510
|
|
|
|
|
|
|
} |
511
|
|
|
|
|
|
|
} |
512
|
|
|
|
|
|
|
|
513
|
|
|
|
|
|
|
static void subBytes(uint8_t * block) { |
514
|
|
|
|
|
|
|
for (int i = 0; i < 16; i++) block[i] = sbox[block[i]]; |
515
|
|
|
|
|
|
|
} |
516
|
|
|
|
|
|
|
|
517
|
|
|
|
|
|
|
static void addRoundKey(const int * key, uint8_t * block, int offset) { |
518
|
|
|
|
|
|
|
for (int i = 0; i < 16; i++) block[i] ^= key[offset + i]; |
519
|
|
|
|
|
|
|
} |
520
|
|
|
|
|
|
|
|
521
|
|
|
|
|
|
|
static void shiftRows(uint8_t * block) { |
522
|
|
|
|
|
|
|
int t1 = block[1]; |
523
|
|
|
|
|
|
|
block[1] = block[5]; |
524
|
|
|
|
|
|
|
block[5] = block[9]; |
525
|
|
|
|
|
|
|
block[9] = block[13]; |
526
|
|
|
|
|
|
|
block[13] = t1; |
527
|
|
|
|
|
|
|
int t2 = block[2]; |
528
|
|
|
|
|
|
|
block[2] = block[10]; |
529
|
|
|
|
|
|
|
block[10] = t2; |
530
|
|
|
|
|
|
|
int t3 = block[3]; |
531
|
|
|
|
|
|
|
block[3] = block[15]; |
532
|
|
|
|
|
|
|
block[15] = block[11]; |
533
|
|
|
|
|
|
|
block[11] = block[7]; |
534
|
|
|
|
|
|
|
block[7] = t3; |
535
|
|
|
|
|
|
|
int t6 = block[6]; |
536
|
|
|
|
|
|
|
block[6] = block[14]; |
537
|
|
|
|
|
|
|
block[14] = t6; |
538
|
|
|
|
|
|
|
} |
539
|
|
|
|
|
|
|
|
540
|
|
|
|
|
|
|
static void mixColumns(uint8_t * block) { |
541
|
|
|
|
|
|
|
for (int i = 0; i < 16; i += 4) { |
542
|
|
|
|
|
|
|
int s0 = block[i + 0]; |
543
|
|
|
|
|
|
|
int s1 = block[i + 1]; |
544
|
|
|
|
|
|
|
int s2 = block[i + 2]; |
545
|
|
|
|
|
|
|
int s3 = block[i + 3]; |
546
|
|
|
|
|
|
|
int h = s0 ^ s1 ^ s2 ^ s3; |
547
|
|
|
|
|
|
|
block[i + 0] ^= h ^ xtime[s0 ^ s1]; |
548
|
|
|
|
|
|
|
block[i + 1] ^= h ^ xtime[s1 ^ s2]; |
549
|
|
|
|
|
|
|
block[i + 2] ^= h ^ xtime[s2 ^ s3]; |
550
|
|
|
|
|
|
|
block[i + 3] ^= h ^ xtime[s3 ^ s0]; |
551
|
|
|
|
|
|
|
} |
552
|
|
|
|
|
|
|
} |
553
|
|
|
|
|
|
|
|
554
|
|
|
|
|
|
|
void cdsEncryptAES256Block(const struct cdsAES256 * this, uint8_t * block) { |
555
|
|
|
|
|
|
|
addRoundKey(this->key, block, 0); |
556
|
|
|
|
|
|
|
for (int i = 16; i < keyLength - 16; i += 16) { |
557
|
|
|
|
|
|
|
subBytes(block); |
558
|
|
|
|
|
|
|
shiftRows(block); |
559
|
|
|
|
|
|
|
mixColumns(block); |
560
|
|
|
|
|
|
|
addRoundKey(this->key, block, i); |
561
|
|
|
|
|
|
|
} |
562
|
|
|
|
|
|
|
subBytes(block); |
563
|
|
|
|
|
|
|
shiftRows(block); |
564
|
|
|
|
|
|
|
addRoundKey(this->key, block, keyLength - 16); |
565
|
|
|
|
|
|
|
} |
566
|
|
|
|
|
|
|
|
567
|
|
|
|
|
|
|
void cdsIncrementCtr(uint8_t * counter) { |
568
|
|
|
|
|
|
|
for (int n = 15; n >= 0; n--) { |
569
|
|
|
|
|
|
|
counter[n] += 1; |
570
|
|
|
|
|
|
|
if (counter[n] != 0) break; |
571
|
|
|
|
|
|
|
} |
572
|
|
|
|
|
|
|
} |
573
|
|
|
|
|
|
|
|
574
|
|
|
|
|
|
|
struct cdsBytes cdsCrypt(const struct cdsAES256 * aes, const struct cdsBytes bytes, const struct cdsBytes startCtr, uint8_t * buffer) { |
575
|
|
|
|
|
|
|
uint8_t counter[16]; |
576
|
|
|
|
|
|
|
memcpy(counter, startCtr.data, 16); |
577
|
|
|
|
|
|
|
uint8_t encryptedCounter[16]; |
578
|
|
|
|
|
|
|
|
579
|
|
|
|
|
|
|
cdsLength i = 0; |
580
|
|
|
|
|
|
|
for (; i + 16 < bytes.length; i += 16) { |
581
|
|
|
|
|
|
|
memcpy(encryptedCounter, counter, 16); |
582
|
|
|
|
|
|
|
cdsEncryptAES256Block(aes, encryptedCounter); |
583
|
|
|
|
|
|
|
for (cdsLength n = 0; n < 16; n++) buffer[i + n] = bytes.data[i + n] ^ encryptedCounter[n]; |
584
|
|
|
|
|
|
|
cdsIncrementCtr(counter); |
585
|
|
|
|
|
|
|
} |
586
|
|
|
|
|
|
|
|
587
|
|
|
|
|
|
|
cdsEncryptAES256Block(aes, counter); |
588
|
|
|
|
|
|
|
for (cdsLength n = 0; n < bytes.length - i; n++) buffer[i + n] = bytes.data[i + n] ^ counter[n]; |
589
|
|
|
|
|
|
|
|
590
|
|
|
|
|
|
|
return cdsBytes(buffer, bytes.length); |
591
|
|
|
|
|
|
|
} |
592
|
|
|
|
|
|
|
|
593
|
|
|
|
|
|
|
#line 10 "Condensation/../../c/Condensation/all.inc.c" |
594
|
|
|
|
|
|
|
|
595
|
|
|
|
|
|
|
|
596
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/SHA256/SHA256.inc.c" |
597
|
|
|
|
|
|
|
|
598
|
|
|
|
|
|
|
static uint32_t K[] = { |
599
|
|
|
|
|
|
|
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, |
600
|
|
|
|
|
|
|
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, |
601
|
|
|
|
|
|
|
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, |
602
|
|
|
|
|
|
|
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, |
603
|
|
|
|
|
|
|
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, |
604
|
|
|
|
|
|
|
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, |
605
|
|
|
|
|
|
|
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, |
606
|
|
|
|
|
|
|
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 |
607
|
|
|
|
|
|
|
}; |
608
|
|
|
|
|
|
|
|
609
|
|
|
|
|
|
|
|
610
|
|
|
|
|
|
|
static uint32_t getUint32(const uint8_t * bytes) { |
611
|
|
|
|
|
|
|
return (uint32_t)(bytes[0] << 24) | (uint32_t)(bytes[1] << 16) | (uint32_t)(bytes[2] << 8) | bytes[3]; |
612
|
|
|
|
|
|
|
} |
613
|
|
|
|
|
|
|
|
614
|
|
|
|
|
|
|
static void putUint32(uint8_t * bytes, uint32_t value) { |
615
|
|
|
|
|
|
|
bytes[0] = (value >> 24) & 0xff; |
616
|
|
|
|
|
|
|
bytes[1] = (value >> 16) & 0xff; |
617
|
|
|
|
|
|
|
bytes[2] = (value >> 8) & 0xff; |
618
|
|
|
|
|
|
|
bytes[3] = value & 0xff; |
619
|
|
|
|
|
|
|
} |
620
|
|
|
|
|
|
|
|
621
|
|
|
|
|
|
|
|
622
|
|
|
|
|
|
|
static uint32_t ROTR(uint32_t x, uint32_t n) { |
623
|
|
|
|
|
|
|
return (x >> n) | (x << (32 - n)); |
624
|
|
|
|
|
|
|
} |
625
|
|
|
|
|
|
|
|
626
|
|
|
|
|
|
|
static uint32_t prepareS0(uint32_t x) { |
627
|
|
|
|
|
|
|
return ROTR(x, 7) ^ ROTR(x, 18) ^ (x >> 3); |
628
|
|
|
|
|
|
|
} |
629
|
|
|
|
|
|
|
|
630
|
|
|
|
|
|
|
static uint32_t prepareS1(uint32_t x) { |
631
|
|
|
|
|
|
|
return ROTR(x, 17) ^ ROTR(x, 19) ^ (x >> 10); |
632
|
|
|
|
|
|
|
} |
633
|
|
|
|
|
|
|
|
634
|
|
|
|
|
|
|
static uint32_t roundS0(uint32_t x) { |
635
|
|
|
|
|
|
|
return ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22); |
636
|
|
|
|
|
|
|
} |
637
|
|
|
|
|
|
|
|
638
|
|
|
|
|
|
|
static uint32_t roundS1(uint32_t x) { |
639
|
|
|
|
|
|
|
return ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25); |
640
|
|
|
|
|
|
|
} |
641
|
|
|
|
|
|
|
|
642
|
|
|
|
|
|
|
static uint32_t ch(uint32_t x, uint32_t y, uint32_t z) { |
643
|
|
|
|
|
|
|
return (x & y) ^ (~x & z); |
644
|
|
|
|
|
|
|
} |
645
|
|
|
|
|
|
|
|
646
|
|
|
|
|
|
|
static uint32_t maj(uint32_t x, uint32_t y, uint32_t z) { |
647
|
|
|
|
|
|
|
return (x & y) ^ (x & z) ^ (y & z); |
648
|
|
|
|
|
|
|
} |
649
|
|
|
|
|
|
|
|
650
|
|
|
|
|
|
|
static void sha256AddChunk(struct cdsSHA256 * this, const uint8_t * bytes) { |
651
|
|
|
|
|
|
|
uint32_t w[64]; |
652
|
|
|
|
|
|
|
for (uint8_t i = 0; i < 16; i++) |
653
|
|
|
|
|
|
|
w[i] = getUint32(bytes + i * 4); |
654
|
|
|
|
|
|
|
for (uint8_t i = 16; i < 64; i++) |
655
|
|
|
|
|
|
|
w[i] = prepareS1(w[i - 2]) + w[i - 7] + prepareS0(w[i - 15]) + w[i - 16]; |
656
|
|
|
|
|
|
|
|
657
|
|
|
|
|
|
|
uint32_t s[8]; |
658
|
|
|
|
|
|
|
for (uint8_t i = 0; i < 8; i++) |
659
|
|
|
|
|
|
|
s[i] = this->state[i]; |
660
|
|
|
|
|
|
|
|
661
|
|
|
|
|
|
|
for (uint8_t i = 0; i < 64; i++) { |
662
|
|
|
|
|
|
|
uint32_t t1 = s[7] + roundS1(s[4]) + ch(s[4], s[5], s[6]) + K[i] + w[i]; |
663
|
|
|
|
|
|
|
uint32_t t2 = roundS0(s[0]) + maj(s[0], s[1], s[2]); |
664
|
|
|
|
|
|
|
s[7] = s[6]; |
665
|
|
|
|
|
|
|
s[6] = s[5]; |
666
|
|
|
|
|
|
|
s[5] = s[4]; |
667
|
|
|
|
|
|
|
s[4] = s[3] + t1; |
668
|
|
|
|
|
|
|
s[3] = s[2]; |
669
|
|
|
|
|
|
|
s[2] = s[1]; |
670
|
|
|
|
|
|
|
s[1] = s[0]; |
671
|
|
|
|
|
|
|
s[0] = t1 + t2; |
672
|
|
|
|
|
|
|
} |
673
|
|
|
|
|
|
|
|
674
|
|
|
|
|
|
|
for (uint8_t i = 0; i < 8; i++) |
675
|
|
|
|
|
|
|
this->state[i] += s[i]; |
676
|
|
|
|
|
|
|
} |
677
|
|
|
|
|
|
|
|
678
|
|
|
|
|
|
|
uint32_t sha256InitialHash[] = {0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19}; |
679
|
|
|
|
|
|
|
|
680
|
|
|
|
|
|
|
void cdsInitializeSHA256(struct cdsSHA256 * this) { |
681
|
|
|
|
|
|
|
for (int i = 0; i < 8; i++) |
682
|
|
|
|
|
|
|
this->state[i] = sha256InitialHash[i]; |
683
|
|
|
|
|
|
|
this->used = 0; |
684
|
|
|
|
|
|
|
this->length = 0; |
685
|
|
|
|
|
|
|
} |
686
|
|
|
|
|
|
|
|
687
|
|
|
|
|
|
|
static void sha256AddByte(struct cdsSHA256 * this, uint8_t byte) { |
688
|
|
|
|
|
|
|
this->chunk[this->used] = byte; |
689
|
|
|
|
|
|
|
this->used += 1; |
690
|
|
|
|
|
|
|
this->length += 1; |
691
|
|
|
|
|
|
|
if (this->used < 64) return; |
692
|
|
|
|
|
|
|
|
693
|
|
|
|
|
|
|
sha256AddChunk(this, this->chunk); |
694
|
|
|
|
|
|
|
this->used = 0; |
695
|
|
|
|
|
|
|
} |
696
|
|
|
|
|
|
|
|
697
|
|
|
|
|
|
|
void cdsAddBytesToSHA256(struct cdsSHA256 * this, struct cdsBytes bytes) { |
698
|
|
|
|
|
|
|
for (uint32_t i = 0; i < bytes.length; i++) |
699
|
|
|
|
|
|
|
sha256AddByte(this, bytes.data[i]); |
700
|
|
|
|
|
|
|
} |
701
|
|
|
|
|
|
|
|
702
|
|
|
|
|
|
|
void cdsFinalizeSHA256(struct cdsSHA256 * this, uint8_t * result) { |
703
|
|
|
|
|
|
|
uint32_t dataLength = this->length; |
704
|
|
|
|
|
|
|
|
705
|
|
|
|
|
|
|
sha256AddByte(this, 0x80); |
706
|
|
|
|
|
|
|
while (this->used != 56) |
707
|
|
|
|
|
|
|
sha256AddByte(this, 0); |
708
|
|
|
|
|
|
|
|
709
|
|
|
|
|
|
|
sha256AddByte(this, 0); |
710
|
|
|
|
|
|
|
sha256AddByte(this, 0); |
711
|
|
|
|
|
|
|
sha256AddByte(this, 0); |
712
|
|
|
|
|
|
|
sha256AddByte(this, (dataLength & 0xe0000000) >> 29); |
713
|
|
|
|
|
|
|
sha256AddByte(this, (dataLength & 0x1fe00000) >> 21); |
714
|
|
|
|
|
|
|
sha256AddByte(this, (dataLength & 0x001fe000) >> 13); |
715
|
|
|
|
|
|
|
sha256AddByte(this, (dataLength & 0x00001fe0) >> 5); |
716
|
|
|
|
|
|
|
sha256AddByte(this, (dataLength & 0x0000001f) << 3); |
717
|
|
|
|
|
|
|
|
718
|
|
|
|
|
|
|
for (uint8_t i = 0; i < 8; i++) |
719
|
|
|
|
|
|
|
putUint32(result + i * 4, this->state[i]); |
720
|
|
|
|
|
|
|
} |
721
|
|
|
|
|
|
|
|
722
|
|
|
|
|
|
|
struct cdsBytes cdsSHA256(const struct cdsBytes bytes, uint8_t * result) { |
723
|
|
|
|
|
|
|
struct cdsSHA256 sha; |
724
|
|
|
|
|
|
|
cdsInitializeSHA256(&sha); |
725
|
|
|
|
|
|
|
cdsAddBytesToSHA256(&sha, bytes); |
726
|
|
|
|
|
|
|
cdsFinalizeSHA256(&sha, result); |
727
|
|
|
|
|
|
|
return cdsBytes(result, 32); |
728
|
|
|
|
|
|
|
} |
729
|
|
|
|
|
|
|
|
730
|
|
|
|
|
|
|
#line 12 "Condensation/../../c/Condensation/all.inc.c" |
731
|
|
|
|
|
|
|
|
732
|
|
|
|
|
|
|
|
733
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/production.inc.c" |
734
|
|
|
|
|
|
|
|
735
|
|
|
|
|
|
|
#define ELEMENT(x, n) x->values[n] |
736
|
|
|
|
|
|
|
|
737
|
|
|
|
|
|
|
#define X(index) ELEMENT(x, index) |
738
|
|
|
|
|
|
|
#define Y(index) ELEMENT(y, index) |
739
|
|
|
|
|
|
|
#define M(index) ELEMENT(m, index) |
740
|
|
|
|
|
|
|
#define G(index) ELEMENT(g, index) |
741
|
|
|
|
|
|
|
#define E(index) ELEMENT(e, index) |
742
|
|
|
|
|
|
|
#define A(index) ELEMENT(a, index) |
743
|
|
|
|
|
|
|
|
744
|
|
|
|
|
|
|
#line 14 "Condensation/../../c/Condensation/all.inc.c" |
745
|
|
|
|
|
|
|
|
746
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/Math.inc.c" |
747
|
|
|
|
|
|
|
|
748
|
|
|
|
|
|
|
|
749
|
|
|
|
|
|
|
static void setZero(struct cdsBigInteger * x) { |
750
|
|
|
|
|
|
|
x->length = 0; |
751
|
|
|
|
|
|
|
} |
752
|
|
|
|
|
|
|
|
753
|
|
|
|
|
|
|
static void setUint32(struct cdsBigInteger * x, uint32_t value) { |
754
|
|
|
|
|
|
|
x->length = 1; |
755
|
|
|
|
|
|
|
X(0) = value; |
756
|
|
|
|
|
|
|
} |
757
|
|
|
|
|
|
|
|
758
|
|
|
|
|
|
|
static void setRandom(struct cdsBigInteger * x, int n) { |
759
|
|
|
|
|
|
|
assert(n >= 0); |
760
|
|
|
|
|
|
|
assert(n <= CDS_BIG_INTEGER_SIZE); |
761
|
|
|
|
|
|
|
cdsRandomBytes((uint8_t *) x->values, n * 4); |
762
|
|
|
|
|
|
|
x->length = n; |
763
|
|
|
|
|
|
|
} |
764
|
|
|
|
|
|
|
|
765
|
|
|
|
|
|
|
static int mostSignificantElement(const struct cdsBigInteger * x) { |
766
|
|
|
|
|
|
|
int i = x->length - 1; |
767
|
|
|
|
|
|
|
while (i >= 0 && X(i) == 0) i -= 1; |
768
|
|
|
|
|
|
|
return i; |
769
|
|
|
|
|
|
|
} |
770
|
|
|
|
|
|
|
|
771
|
|
|
|
|
|
|
static void trim(struct cdsBigInteger * x) { |
772
|
|
|
|
|
|
|
while (x->length > 0 && X(x->length - 1) == 0) x->length -= 1; |
773
|
|
|
|
|
|
|
} |
774
|
|
|
|
|
|
|
|
775
|
|
|
|
|
|
|
static void expand(struct cdsBigInteger * x, int n) { |
776
|
|
|
|
|
|
|
assert(n >= 0); |
777
|
|
|
|
|
|
|
assert(n <= CDS_BIG_INTEGER_SIZE); |
778
|
|
|
|
|
|
|
while (x->length < n) { |
779
|
|
|
|
|
|
|
x->length += 1; |
780
|
|
|
|
|
|
|
X(x->length - 1) = 0; |
781
|
|
|
|
|
|
|
} |
782
|
|
|
|
|
|
|
} |
783
|
|
|
|
|
|
|
|
784
|
|
|
|
|
|
|
static int maxLength(const struct cdsBigInteger * x, const struct cdsBigInteger * y) { |
785
|
|
|
|
|
|
|
return x->length > y->length ? x->length : y->length; |
786
|
|
|
|
|
|
|
} |
787
|
|
|
|
|
|
|
|
788
|
|
|
|
|
|
|
static void copyD(struct cdsBigInteger * a, const struct cdsBigInteger * x, int d) { |
789
|
|
|
|
|
|
|
a->length = x->length + d; |
790
|
|
|
|
|
|
|
for (int i = 0; i < x->length; i++) A(i + d) = X(i); |
791
|
|
|
|
|
|
|
for (int i = 0; i < d; i++) A(i) = 0; |
792
|
|
|
|
|
|
|
} |
793
|
|
|
|
|
|
|
|
794
|
|
|
|
|
|
|
|
795
|
|
|
|
|
|
|
void cdsBigIntegerFromBytes(struct cdsBigInteger * x, struct cdsBytes bytes) { |
796
|
|
|
|
|
|
|
x->length = CDS_BIG_INTEGER_SIZE; |
797
|
|
|
|
|
|
|
|
798
|
|
|
|
|
|
|
int w = 0; |
799
|
|
|
|
|
|
|
int n = (int)bytes.length; |
800
|
|
|
|
|
|
|
while (n > 3 && w < CDS_BIG_INTEGER_SIZE) { |
801
|
|
|
|
|
|
|
X(w) = ((uint32_t)bytes.data[n - 4] << 24) | ((uint32_t)bytes.data[n - 3] << 16) | ((uint32_t)bytes.data[n - 2] << 8) | (uint32_t)bytes.data[n - 1]; |
802
|
|
|
|
|
|
|
n -= 4; |
803
|
|
|
|
|
|
|
w += 1; |
804
|
|
|
|
|
|
|
} |
805
|
|
|
|
|
|
|
|
806
|
|
|
|
|
|
|
X(w) = 0; |
807
|
|
|
|
|
|
|
if (n > 0) X(w) |= (uint32_t)bytes.data[n - 1]; |
808
|
|
|
|
|
|
|
if (n > 1) X(w) |= (uint32_t)bytes.data[n - 2] << 8; |
809
|
|
|
|
|
|
|
if (n > 2) X(w) |= (uint32_t)bytes.data[n - 3] << 16; |
810
|
|
|
|
|
|
|
|
811
|
|
|
|
|
|
|
x->length = w + 1; |
812
|
|
|
|
|
|
|
trim(x); |
813
|
|
|
|
|
|
|
} |
814
|
|
|
|
|
|
|
|
815
|
|
|
|
|
|
|
struct cdsBytes cdsBytesFromBigInteger(struct cdsMutableBytes bytes, const struct cdsBigInteger * x) { |
816
|
|
|
|
|
|
|
uint32_t n = bytes.length; |
817
|
|
|
|
|
|
|
for (int r = 0; r < x->length; r++) { |
818
|
|
|
|
|
|
|
n -= 1; |
819
|
|
|
|
|
|
|
bytes.data[n] = X(r) & 0xff; |
820
|
|
|
|
|
|
|
if (n == 0) break; |
821
|
|
|
|
|
|
|
n -= 1; |
822
|
|
|
|
|
|
|
bytes.data[n] = (X(r) >> 8) & 0xff; |
823
|
|
|
|
|
|
|
if (n == 0) break; |
824
|
|
|
|
|
|
|
n -= 1; |
825
|
|
|
|
|
|
|
bytes.data[n] = (X(r) >> 16) & 0xff; |
826
|
|
|
|
|
|
|
if (n == 0) break; |
827
|
|
|
|
|
|
|
n -= 1; |
828
|
|
|
|
|
|
|
bytes.data[n] = (X(r) >> 24) & 0xff; |
829
|
|
|
|
|
|
|
if (n == 0) break; |
830
|
|
|
|
|
|
|
} |
831
|
|
|
|
|
|
|
memset(bytes.data, 0, n); |
832
|
|
|
|
|
|
|
while (n < bytes.length && bytes.data[n] == 0) n++; |
833
|
|
|
|
|
|
|
return cdsBytes(bytes.data + n, bytes.length - n); |
834
|
|
|
|
|
|
|
} |
835
|
|
|
|
|
|
|
|
836
|
|
|
|
|
|
|
|
837
|
|
|
|
|
|
|
static bool isEven(const struct cdsBigInteger * x) { |
838
|
|
|
|
|
|
|
return x->length == 0 || (X(0) & 1) == 0; |
839
|
|
|
|
|
|
|
} |
840
|
|
|
|
|
|
|
|
841
|
|
|
|
|
|
|
static bool isZero(const struct cdsBigInteger * x) { |
842
|
|
|
|
|
|
|
return mostSignificantElement(x) == -1; |
843
|
|
|
|
|
|
|
} |
844
|
|
|
|
|
|
|
|
845
|
|
|
|
|
|
|
static bool isOne(const struct cdsBigInteger * x) { |
846
|
|
|
|
|
|
|
return mostSignificantElement(x) == 0 && X(0) == 1; |
847
|
|
|
|
|
|
|
} |
848
|
|
|
|
|
|
|
|
849
|
|
|
|
|
|
|
static int compare(const struct cdsBigInteger * x, const struct cdsBigInteger * y) { |
850
|
|
|
|
|
|
|
int xk = mostSignificantElement(x); |
851
|
|
|
|
|
|
|
int yk = mostSignificantElement(y); |
852
|
|
|
|
|
|
|
if (xk < yk) return -1; |
853
|
|
|
|
|
|
|
if (xk > yk) return 1; |
854
|
|
|
|
|
|
|
for (int i = xk; i >= 0; i--) { |
855
|
|
|
|
|
|
|
if (X(i) < Y(i)) return -1; |
856
|
|
|
|
|
|
|
if (X(i) > Y(i)) return 1; |
857
|
|
|
|
|
|
|
} |
858
|
|
|
|
|
|
|
return 0; |
859
|
|
|
|
|
|
|
} |
860
|
|
|
|
|
|
|
|
861
|
|
|
|
|
|
|
static int compareShifted(const struct cdsBigInteger * x, const struct cdsBigInteger * y, int d) { |
862
|
|
|
|
|
|
|
int xk = mostSignificantElement(x); |
863
|
|
|
|
|
|
|
int yk = mostSignificantElement(y); |
864
|
|
|
|
|
|
|
if (xk < yk + d) return -1; |
865
|
|
|
|
|
|
|
if (xk > yk + d) return 1; |
866
|
|
|
|
|
|
|
for (int i = yk; i >= 0; i--) { |
867
|
|
|
|
|
|
|
if (X(i + d) < Y(i)) return -1; |
868
|
|
|
|
|
|
|
if (X(i + d) > Y(i)) return 1; |
869
|
|
|
|
|
|
|
} |
870
|
|
|
|
|
|
|
return 0; |
871
|
|
|
|
|
|
|
} |
872
|
|
|
|
|
|
|
|
873
|
|
|
|
|
|
|
|
874
|
|
|
|
|
|
|
static void smallShiftLeft(struct cdsBigInteger * a, const struct cdsBigInteger * x, int bits) { |
875
|
|
|
|
|
|
|
a->length = x->length; |
876
|
|
|
|
|
|
|
int i = 0; |
877
|
|
|
|
|
|
|
uint64_t cPrev = 0; |
878
|
|
|
|
|
|
|
for (; i < a->length; i++) { |
879
|
|
|
|
|
|
|
uint64_t cNext = (uint64_t)X(i) << bits; |
880
|
|
|
|
|
|
|
A(i) = (uint32_t) (cNext | cPrev); |
881
|
|
|
|
|
|
|
cPrev = cNext >> 32; |
882
|
|
|
|
|
|
|
} |
883
|
|
|
|
|
|
|
if (cPrev == 0) return; |
884
|
|
|
|
|
|
|
a->length += 1; |
885
|
|
|
|
|
|
|
A(i) = (uint32_t) cPrev; |
886
|
|
|
|
|
|
|
} |
887
|
|
|
|
|
|
|
|
888
|
|
|
|
|
|
|
static void smallShiftRight(struct cdsBigInteger * a, const struct cdsBigInteger * x, int bits) { |
889
|
|
|
|
|
|
|
a->length = x->length; |
890
|
|
|
|
|
|
|
int i = 0; |
891
|
|
|
|
|
|
|
for (; i + 1 < x->length; i++) |
892
|
|
|
|
|
|
|
A(i) = (uint32_t) (X(i) >> bits | (uint64_t)X(i + 1) << (32 - bits)); |
893
|
|
|
|
|
|
|
A(i) = X(i) >> bits; |
894
|
|
|
|
|
|
|
} |
895
|
|
|
|
|
|
|
|
896
|
|
|
|
|
|
|
|
897
|
|
|
|
|
|
|
static void addN(struct cdsBigInteger * x, uint32_t n, const struct cdsBigInteger * y, int d) { |
898
|
|
|
|
|
|
|
int yk = mostSignificantElement(y); |
899
|
|
|
|
|
|
|
|
900
|
|
|
|
|
|
|
if (x->length > 0 && X(x->length - 1) != 0) expand(x, x->length + 1); |
901
|
|
|
|
|
|
|
expand(x, y->length + d + 2); |
902
|
|
|
|
|
|
|
|
903
|
|
|
|
|
|
|
uint64_t c = 0; |
904
|
|
|
|
|
|
|
int i = 0; |
905
|
|
|
|
|
|
|
for (; i <= yk; i++, d++) { |
906
|
|
|
|
|
|
|
c += X(d) + (uint64_t)n * Y(i); |
907
|
|
|
|
|
|
|
X(d) = c & 0xffffffff; |
908
|
|
|
|
|
|
|
c >>= 32; |
909
|
|
|
|
|
|
|
} |
910
|
|
|
|
|
|
|
|
911
|
|
|
|
|
|
|
for (; c != 0; d++) { |
912
|
|
|
|
|
|
|
c += X(d); |
913
|
|
|
|
|
|
|
X(d) = c & 0xffffffff; |
914
|
|
|
|
|
|
|
c >>= 32; |
915
|
|
|
|
|
|
|
} |
916
|
|
|
|
|
|
|
} |
917
|
|
|
|
|
|
|
|
918
|
|
|
|
|
|
|
static void decrement(struct cdsBigInteger * x) { |
919
|
|
|
|
|
|
|
int64_t c = -1; |
920
|
|
|
|
|
|
|
for (int i = 0; c != 0; i++) { |
921
|
|
|
|
|
|
|
c += X(i); |
922
|
|
|
|
|
|
|
X(i) = c & 0xffffffff; |
923
|
|
|
|
|
|
|
c >>= 32; |
924
|
|
|
|
|
|
|
} |
925
|
|
|
|
|
|
|
} |
926
|
|
|
|
|
|
|
|
927
|
|
|
|
|
|
|
static void subD(struct cdsBigInteger * x, const struct cdsBigInteger * y, int d) { |
928
|
|
|
|
|
|
|
int64_t c = 0; |
929
|
|
|
|
|
|
|
int i = 0; |
930
|
|
|
|
|
|
|
for (; i < y->length && i < x->length; i++, d++) { |
931
|
|
|
|
|
|
|
c += (int64_t)X(d) - Y(i); |
932
|
|
|
|
|
|
|
X(d) = c & 0xffffffff; |
933
|
|
|
|
|
|
|
c >>= 32; |
934
|
|
|
|
|
|
|
} |
935
|
|
|
|
|
|
|
for (; c != 0; d++) { |
936
|
|
|
|
|
|
|
c += (int64_t)X(d); |
937
|
|
|
|
|
|
|
X(d) = c & 0xffffffff; |
938
|
|
|
|
|
|
|
c >>= 32; |
939
|
|
|
|
|
|
|
} |
940
|
|
|
|
|
|
|
} |
941
|
|
|
|
|
|
|
|
942
|
|
|
|
|
|
|
static void subN(struct cdsBigInteger * x, uint32_t n, const struct cdsBigInteger * y, int d) { |
943
|
|
|
|
|
|
|
uint32_t nNeg = (uint32_t) (0x100000000 - n); |
944
|
|
|
|
|
|
|
addN(x, nNeg, y, d); |
945
|
|
|
|
|
|
|
subD(x, y, d + 1); |
946
|
|
|
|
|
|
|
} |
947
|
|
|
|
|
|
|
|
948
|
|
|
|
|
|
|
|
949
|
|
|
|
|
|
|
static void mul(struct cdsBigInteger * a, const struct cdsBigInteger * x, const struct cdsBigInteger * y) { |
950
|
|
|
|
|
|
|
for (int i = 0; i < y->length; i++) |
951
|
|
|
|
|
|
|
if (Y(i) != 0) addN(a, Y(i), x, i); |
952
|
|
|
|
|
|
|
trim(a); |
953
|
|
|
|
|
|
|
} |
954
|
|
|
|
|
|
|
|
955
|
|
|
|
|
|
|
static void sqr(struct cdsBigInteger * a, const struct cdsBigInteger * x) { |
956
|
|
|
|
|
|
|
int xk = mostSignificantElement(x); |
957
|
|
|
|
|
|
|
expand(a, a->length + 1); |
958
|
|
|
|
|
|
|
expand(a, (xk + 1) << 1); |
959
|
|
|
|
|
|
|
for (int i = 0; i <= xk; i++) { |
960
|
|
|
|
|
|
|
if (X(i) == 0) continue; |
961
|
|
|
|
|
|
|
|
962
|
|
|
|
|
|
|
int r = i; |
963
|
|
|
|
|
|
|
int w = i + r; |
964
|
|
|
|
|
|
|
uint64_t cSum = A(w) + (uint64_t)X(r) * X(i); |
965
|
|
|
|
|
|
|
A(w) = cSum & 0xffffffff; |
966
|
|
|
|
|
|
|
cSum >>= 32; |
967
|
|
|
|
|
|
|
w++; |
968
|
|
|
|
|
|
|
r++; |
969
|
|
|
|
|
|
|
|
970
|
|
|
|
|
|
|
uint64_t cProduct = 0; |
971
|
|
|
|
|
|
|
for (; r <= xk; w++, r++) { |
972
|
|
|
|
|
|
|
cProduct += (uint64_t)X(r) * X(i); |
973
|
|
|
|
|
|
|
cSum += A(w) + ((cProduct & 0xffffffff) << 1); |
974
|
|
|
|
|
|
|
A(w) = cSum & 0xffffffff; |
975
|
|
|
|
|
|
|
cProduct >>= 32; |
976
|
|
|
|
|
|
|
cSum >>= 32; |
977
|
|
|
|
|
|
|
} |
978
|
|
|
|
|
|
|
for (; cSum != 0 || cProduct != 0; w++) { |
979
|
|
|
|
|
|
|
cSum += A(w) + ((cProduct & 0xffffffff) << 1); |
980
|
|
|
|
|
|
|
A(w) = cSum & 0xffffffff; |
981
|
|
|
|
|
|
|
cProduct >>= 32; |
982
|
|
|
|
|
|
|
cSum >>= 32; |
983
|
|
|
|
|
|
|
} |
984
|
|
|
|
|
|
|
} |
985
|
|
|
|
|
|
|
trim(a); |
986
|
|
|
|
|
|
|
} |
987
|
|
|
|
|
|
|
|
988
|
|
|
|
|
|
|
|
989
|
|
|
|
|
|
|
static void mod(struct cdsBigInteger * x, const struct cdsBigInteger * m) { |
990
|
|
|
|
|
|
|
int yk = mostSignificantElement(m); |
991
|
|
|
|
|
|
|
uint32_t mse = M(yk); |
992
|
|
|
|
|
|
|
int shift = 0; |
993
|
|
|
|
|
|
|
while ((mse & 0x80000000) == 0) { |
994
|
|
|
|
|
|
|
mse <<= 1; |
995
|
|
|
|
|
|
|
shift += 1; |
996
|
|
|
|
|
|
|
} |
997
|
|
|
|
|
|
|
|
998
|
|
|
|
|
|
|
struct cdsBigInteger bi = CDS_BIG_INTEGER_ZERO; |
999
|
|
|
|
|
|
|
struct cdsBigInteger * y = &bi; |
1000
|
|
|
|
|
|
|
smallShiftLeft(y, m, shift); |
1001
|
|
|
|
|
|
|
|
1002
|
|
|
|
|
|
|
if (shift > 0) smallShiftLeft(x, x, shift); |
1003
|
|
|
|
|
|
|
|
1004
|
|
|
|
|
|
|
int xk = mostSignificantElement(x); |
1005
|
|
|
|
|
|
|
expand(x, xk + 2); |
1006
|
|
|
|
|
|
|
|
1007
|
|
|
|
|
|
|
|
1008
|
|
|
|
|
|
|
uint64_t div = Y(yk) + 1; |
1009
|
|
|
|
|
|
|
for (int d = xk - yk; d >= 0; d--) { |
1010
|
|
|
|
|
|
|
|
1011
|
|
|
|
|
|
|
|
1012
|
|
|
|
|
|
|
uint64_t xmsb = ((uint64_t)X(yk + d + 1) << 32) + X(yk + d); |
1013
|
|
|
|
|
|
|
if (xmsb > div) { |
1014
|
|
|
|
|
|
|
uint64_t n = xmsb / div; |
1015
|
|
|
|
|
|
|
subN(x, (uint32_t) n, y, d); |
1016
|
|
|
|
|
|
|
} |
1017
|
|
|
|
|
|
|
|
1018
|
|
|
|
|
|
|
while (compareShifted(x, y, d) >= 0) { |
1019
|
|
|
|
|
|
|
subD(x, y, d); |
1020
|
|
|
|
|
|
|
} |
1021
|
|
|
|
|
|
|
|
1022
|
|
|
|
|
|
|
while (xk >= 0 && X(xk) == 0) xk -= 1; |
1023
|
|
|
|
|
|
|
x->length = xk + 2; |
1024
|
|
|
|
|
|
|
} |
1025
|
|
|
|
|
|
|
|
1026
|
|
|
|
|
|
|
if (shift > 0) smallShiftRight(x, x, shift); |
1027
|
|
|
|
|
|
|
trim(x); |
1028
|
|
|
|
|
|
|
} |
1029
|
|
|
|
|
|
|
|
1030
|
|
|
|
|
|
|
|
1031
|
|
|
|
|
|
|
static uint32_t montInverse(const struct cdsBigInteger * m) { |
1032
|
|
|
|
|
|
|
uint64_t q = M(0); |
1033
|
|
|
|
|
|
|
uint32_t mp = q & 0x3; // mp = q^-1 mod 2^2 (for odd q) |
1034
|
|
|
|
|
|
|
mp = (mp * (2 - (q & 0xf) * mp)) & 0xf; // mp = q^-1 mod 2^4 |
1035
|
|
|
|
|
|
|
mp = (mp * (2 - (q & 0xff) * mp)) & 0xff; // mp = q^-1 mod 2^8 |
1036
|
|
|
|
|
|
|
mp = (mp * (2 - (q & 0xffff) * mp)) & 0xffff; // mp = q^-1 mod 2^16 |
1037
|
|
|
|
|
|
|
mp = (mp * (2 - ((q * mp) & 0xffffffff))) & 0xffffffff; // mp = q^-1 mod 2^32 |
1038
|
|
|
|
|
|
|
return mp > 0 ? (uint32_t) (0x100000000 - mp) : -mp; |
1039
|
|
|
|
|
|
|
} |
1040
|
|
|
|
|
|
|
|
1041
|
|
|
|
|
|
|
static void montConversion(struct cdsBigInteger * a, const struct cdsBigInteger * x, const struct cdsBigInteger * m) { |
1042
|
|
|
|
|
|
|
int mk = mostSignificantElement(m); |
1043
|
|
|
|
|
|
|
copyD(a, x, mk + 1); |
1044
|
|
|
|
|
|
|
|
1045
|
|
|
|
|
|
|
mod(a, m); |
1046
|
|
|
|
|
|
|
} |
1047
|
|
|
|
|
|
|
|
1048
|
|
|
|
|
|
|
static void montConversionOne(struct cdsBigInteger * a, const struct cdsBigInteger * m) { |
1049
|
|
|
|
|
|
|
int mk = mostSignificantElement(m); |
1050
|
|
|
|
|
|
|
setZero(a); |
1051
|
|
|
|
|
|
|
expand(a, mk + 2); |
1052
|
|
|
|
|
|
|
A(mk + 1) = 1; |
1053
|
|
|
|
|
|
|
|
1054
|
|
|
|
|
|
|
mod(a, m); |
1055
|
|
|
|
|
|
|
} |
1056
|
|
|
|
|
|
|
|
1057
|
|
|
|
|
|
|
static void montReduction(struct cdsBigInteger * x, const struct cdsBigInteger * m, uint32_t mp) { |
1058
|
|
|
|
|
|
|
int mk = mostSignificantElement(m); |
1059
|
|
|
|
|
|
|
for (int i = 0; i <= mk; i++) { |
1060
|
|
|
|
|
|
|
uint32_t u = ((uint64_t)X(0) * mp) & 0xffffffff; |
1061
|
|
|
|
|
|
|
|
1062
|
|
|
|
|
|
|
addN(x, u, m, 0); |
1063
|
|
|
|
|
|
|
for (int n = 0; n + 1 < x->length; n++) X(n) = X(n + 1); |
1064
|
|
|
|
|
|
|
x->length -= 1; |
1065
|
|
|
|
|
|
|
} |
1066
|
|
|
|
|
|
|
|
1067
|
|
|
|
|
|
|
if (compare(x, m) >= 0) subD(x, m, 0); |
1068
|
|
|
|
|
|
|
assert(compare(x, m) < 0); |
1069
|
|
|
|
|
|
|
trim(x); |
1070
|
|
|
|
|
|
|
} |
1071
|
|
|
|
|
|
|
|
1072
|
|
|
|
|
|
|
static void montMul(struct cdsBigInteger * a, struct cdsBigInteger * x, struct cdsBigInteger * y, const struct cdsBigInteger * m, uint32_t mp) { |
1073
|
|
|
|
|
|
|
int mk = mostSignificantElement(m); |
1074
|
|
|
|
|
|
|
assert(mostSignificantElement(x) <= mk); |
1075
|
|
|
|
|
|
|
assert(mostSignificantElement(y) <= mk); |
1076
|
|
|
|
|
|
|
setZero(a); |
1077
|
|
|
|
|
|
|
expand(a, mk + 2); |
1078
|
|
|
|
|
|
|
expand(x, mk + 1); |
1079
|
|
|
|
|
|
|
expand(y, mk + 1); |
1080
|
|
|
|
|
|
|
for (int i = 0; i <= mk; i++) { |
1081
|
|
|
|
|
|
|
uint64_t cProduct = (uint64_t)X(i) * Y(0); |
1082
|
|
|
|
|
|
|
uint64_t u = (A(0) + cProduct) & 0xffffffff; |
1083
|
|
|
|
|
|
|
u = (u * mp) & 0xffffffff; |
1084
|
|
|
|
|
|
|
|
1085
|
|
|
|
|
|
|
uint64_t cSum = A(0) + (cProduct & 0xffffffff) + u * M(0); |
1086
|
|
|
|
|
|
|
cProduct >>= 32; |
1087
|
|
|
|
|
|
|
cSum >>= 32; |
1088
|
|
|
|
|
|
|
int n = 1; |
1089
|
|
|
|
|
|
|
for (; n <= mk; n++) { |
1090
|
|
|
|
|
|
|
cProduct += (uint64_t)X(i) * Y(n); |
1091
|
|
|
|
|
|
|
cSum += A(n) + (cProduct & 0xffffffff) + u * M(n); |
1092
|
|
|
|
|
|
|
A(n - 1) = cSum & 0xffffffff; |
1093
|
|
|
|
|
|
|
cProduct >>= 32; |
1094
|
|
|
|
|
|
|
cSum >>= 32; |
1095
|
|
|
|
|
|
|
} |
1096
|
|
|
|
|
|
|
cSum += A(n) + (cProduct & 0xffffffff); |
1097
|
|
|
|
|
|
|
A(n - 1) = cSum & 0xffffffff; |
1098
|
|
|
|
|
|
|
cProduct >>= 32; |
1099
|
|
|
|
|
|
|
cSum >>= 32; |
1100
|
|
|
|
|
|
|
cSum += cProduct & 0xffffffff; |
1101
|
|
|
|
|
|
|
A(n) = cSum & 0xffffffff; |
1102
|
|
|
|
|
|
|
} |
1103
|
|
|
|
|
|
|
|
1104
|
|
|
|
|
|
|
if (compare(a, m) >= 0) subD(a, m, 0); |
1105
|
|
|
|
|
|
|
trim(a); |
1106
|
|
|
|
|
|
|
} |
1107
|
|
|
|
|
|
|
|
1108
|
|
|
|
|
|
|
static void modPowSmallExp(struct cdsRSAModPowSmall * this, const struct cdsBigInteger * g, const struct cdsBigInteger * e, const struct cdsBigInteger * m) { |
1109
|
|
|
|
|
|
|
uint32_t mp = montInverse(m); |
1110
|
|
|
|
|
|
|
struct cdsBigInteger * gR = &this->gR; |
1111
|
|
|
|
|
|
|
montConversion(gR, g, m); |
1112
|
|
|
|
|
|
|
|
1113
|
|
|
|
|
|
|
int ek = mostSignificantElement(e); |
1114
|
|
|
|
|
|
|
uint32_t eMask = 0x80000000; |
1115
|
|
|
|
|
|
|
while ((E(ek) & eMask) == 0) eMask >>= 1; |
1116
|
|
|
|
|
|
|
|
1117
|
|
|
|
|
|
|
struct cdsBigInteger * aR = &this->bigInteger1; |
1118
|
|
|
|
|
|
|
copyD(aR, gR, 0); |
1119
|
|
|
|
|
|
|
|
1120
|
|
|
|
|
|
|
struct cdsBigInteger * tR = &this->bigInteger2; |
1121
|
|
|
|
|
|
|
while (true) { |
1122
|
|
|
|
|
|
|
eMask >>= 1; |
1123
|
|
|
|
|
|
|
if (eMask == 0) { |
1124
|
|
|
|
|
|
|
if (ek == 0) break; |
1125
|
|
|
|
|
|
|
ek -= 1; |
1126
|
|
|
|
|
|
|
eMask = 0x80000000; |
1127
|
|
|
|
|
|
|
} |
1128
|
|
|
|
|
|
|
|
1129
|
|
|
|
|
|
|
setZero(tR); |
1130
|
|
|
|
|
|
|
sqr(tR, aR); |
1131
|
|
|
|
|
|
|
montReduction(tR, m, mp); |
1132
|
|
|
|
|
|
|
|
1133
|
|
|
|
|
|
|
if (E(ek) & eMask) { |
1134
|
|
|
|
|
|
|
setZero(aR); |
1135
|
|
|
|
|
|
|
montMul(aR, tR, gR, m, mp); |
1136
|
|
|
|
|
|
|
} else { |
1137
|
|
|
|
|
|
|
struct cdsBigInteger * temp = aR; |
1138
|
|
|
|
|
|
|
aR = tR; |
1139
|
|
|
|
|
|
|
tR = temp; |
1140
|
|
|
|
|
|
|
} |
1141
|
|
|
|
|
|
|
} |
1142
|
|
|
|
|
|
|
|
1143
|
|
|
|
|
|
|
montReduction(aR, m, mp); |
1144
|
|
|
|
|
|
|
this->result = aR; |
1145
|
|
|
|
|
|
|
} |
1146
|
|
|
|
|
|
|
|
1147
|
|
|
|
|
|
|
static void modPowBigSwap(struct cdsRSAModPowBig * this) { |
1148
|
|
|
|
|
|
|
struct cdsBigInteger * temp = this->aR; |
1149
|
|
|
|
|
|
|
this->aR = this->tR; |
1150
|
|
|
|
|
|
|
this->tR = temp; |
1151
|
|
|
|
|
|
|
} |
1152
|
|
|
|
|
|
|
|
1153
|
|
|
|
|
|
|
static void modPowBigSqrAR(struct cdsRSAModPowBig * this) { |
1154
|
|
|
|
|
|
|
setZero(this->tR); |
1155
|
|
|
|
|
|
|
assert(mostSignificantElement(this->aR) < 64); |
1156
|
|
|
|
|
|
|
sqr(this->tR, this->aR); |
1157
|
|
|
|
|
|
|
montReduction(this->tR, this->m, this->mp); |
1158
|
|
|
|
|
|
|
assert(mostSignificantElement(this->tR) < 64); |
1159
|
|
|
|
|
|
|
modPowBigSwap(this); |
1160
|
|
|
|
|
|
|
} |
1161
|
|
|
|
|
|
|
|
1162
|
|
|
|
|
|
|
static void modPowBigFlushSelection(struct cdsRSAModPowBig * this) { |
1163
|
|
|
|
|
|
|
for (; this->usableBits > 0; this->usableBits--) modPowBigSqrAR(this); |
1164
|
|
|
|
|
|
|
setZero(this->tR); |
1165
|
|
|
|
|
|
|
montMul(this->tR, this->aR, this->gR + this->usableSelection, this->m, this->mp); |
1166
|
|
|
|
|
|
|
assert(mostSignificantElement(this->tR) < 64); |
1167
|
|
|
|
|
|
|
modPowBigSwap(this); |
1168
|
|
|
|
|
|
|
for (; this->zeroBits > 0; this->zeroBits--) modPowBigSqrAR(this); |
1169
|
|
|
|
|
|
|
|
1170
|
|
|
|
|
|
|
this->selection = 0; |
1171
|
|
|
|
|
|
|
this->usableSelection = 0; |
1172
|
|
|
|
|
|
|
} |
1173
|
|
|
|
|
|
|
|
1174
|
|
|
|
|
|
|
static void modPowBigResult(struct cdsRSAModPowBig * this) { |
1175
|
|
|
|
|
|
|
copyD(this->tR, this->aR, 0); |
1176
|
|
|
|
|
|
|
montReduction(this->tR, this->m, this->mp); |
1177
|
|
|
|
|
|
|
this->result = this->tR; |
1178
|
|
|
|
|
|
|
} |
1179
|
|
|
|
|
|
|
|
1180
|
|
|
|
|
|
|
static void modPowBigExp(struct cdsRSAModPowBig * this, const struct cdsBigInteger * g, const struct cdsBigInteger * e, const struct cdsBigInteger * m) { |
1181
|
|
|
|
|
|
|
this->m = m; |
1182
|
|
|
|
|
|
|
this->mp = montInverse(m); |
1183
|
|
|
|
|
|
|
|
1184
|
|
|
|
|
|
|
montConversion(this->gR + 1, g, m); |
1185
|
|
|
|
|
|
|
montMul(this->gR + 2, this->gR + 1, this->gR + 1, m, this->mp); |
1186
|
|
|
|
|
|
|
for (int i = 3; i < 64; i += 2) |
1187
|
|
|
|
|
|
|
montMul(this->gR + i, this->gR + (i - 2), this->gR + 2, m, this->mp); |
1188
|
|
|
|
|
|
|
|
1189
|
|
|
|
|
|
|
this->aR = &this->bigInteger1; |
1190
|
|
|
|
|
|
|
montConversionOne(this->aR, this->m); |
1191
|
|
|
|
|
|
|
assert(mostSignificantElement(this->aR) < 64); |
1192
|
|
|
|
|
|
|
|
1193
|
|
|
|
|
|
|
int ek = mostSignificantElement(e); |
1194
|
|
|
|
|
|
|
uint32_t eMask = 0x80000000; |
1195
|
|
|
|
|
|
|
while ((E(ek) & eMask) == 0) eMask >>= 1; |
1196
|
|
|
|
|
|
|
|
1197
|
|
|
|
|
|
|
this->selection = 1; // = usableSelection * 2 ^ zeroBits |
1198
|
|
|
|
|
|
|
this->usableSelection = 1; |
1199
|
|
|
|
|
|
|
this->usableBits = 1; |
1200
|
|
|
|
|
|
|
this->zeroBits = 0; |
1201
|
|
|
|
|
|
|
|
1202
|
|
|
|
|
|
|
this->tR = &this->bigInteger2; |
1203
|
|
|
|
|
|
|
while (true) { |
1204
|
|
|
|
|
|
|
eMask >>= 1; |
1205
|
|
|
|
|
|
|
if (eMask == 0) { |
1206
|
|
|
|
|
|
|
if (ek == 0) break; |
1207
|
|
|
|
|
|
|
ek -= 1; |
1208
|
|
|
|
|
|
|
eMask = 0x80000000; |
1209
|
|
|
|
|
|
|
} |
1210
|
|
|
|
|
|
|
|
1211
|
|
|
|
|
|
|
if (E(ek) & eMask) { |
1212
|
|
|
|
|
|
|
if (this->selection > 31) modPowBigFlushSelection(this); |
1213
|
|
|
|
|
|
|
this->selection = this->selection * 2 + 1; |
1214
|
|
|
|
|
|
|
this->usableSelection = this->selection; |
1215
|
|
|
|
|
|
|
this->usableBits += this->zeroBits + 1; |
1216
|
|
|
|
|
|
|
this->zeroBits = 0; |
1217
|
|
|
|
|
|
|
} else if (this->usableBits == 0) { |
1218
|
|
|
|
|
|
|
modPowBigSqrAR(this); |
1219
|
|
|
|
|
|
|
} else { |
1220
|
|
|
|
|
|
|
this->selection *= 2; |
1221
|
|
|
|
|
|
|
this->zeroBits += 1; |
1222
|
|
|
|
|
|
|
} |
1223
|
|
|
|
|
|
|
} |
1224
|
|
|
|
|
|
|
|
1225
|
|
|
|
|
|
|
if (this->usableBits > 0) modPowBigFlushSelection(this); |
1226
|
|
|
|
|
|
|
} |
1227
|
|
|
|
|
|
|
|
1228
|
|
|
|
|
|
|
|
1229
|
|
|
|
|
|
|
static uint32_t sign(const struct cdsBigInteger * x) { |
1230
|
|
|
|
|
|
|
return x->length > 0 && X(x->length - 1) & 0x80000000 ? 0xffffffff : 0; |
1231
|
|
|
|
|
|
|
} |
1232
|
|
|
|
|
|
|
|
1233
|
|
|
|
|
|
|
static void expandS(struct cdsBigInteger * x, int n) { |
1234
|
|
|
|
|
|
|
assert(n <= CDS_BIG_INTEGER_SIZE); |
1235
|
|
|
|
|
|
|
uint32_t filler = sign(x); |
1236
|
|
|
|
|
|
|
while (x->length < n) { |
1237
|
|
|
|
|
|
|
x->length += 1; |
1238
|
|
|
|
|
|
|
X(x->length - 1) = filler; |
1239
|
|
|
|
|
|
|
} |
1240
|
|
|
|
|
|
|
} |
1241
|
|
|
|
|
|
|
|
1242
|
|
|
|
|
|
|
static void trimS(struct cdsBigInteger * x) { |
1243
|
|
|
|
|
|
|
uint32_t filler = sign(x); |
1244
|
|
|
|
|
|
|
while (x->length > 1 && X(x->length - 1) == filler && ((X(x->length - 1) ^ X(x->length - 2)) & 0x80000000) == 0) x->length -= 1; |
1245
|
|
|
|
|
|
|
} |
1246
|
|
|
|
|
|
|
|
1247
|
|
|
|
|
|
|
static void addSU(struct cdsBigInteger * x, struct cdsBigInteger * y) { |
1248
|
|
|
|
|
|
|
expandS(x, maxLength(x, y) + 1); |
1249
|
|
|
|
|
|
|
uint64_t c = 0; |
1250
|
|
|
|
|
|
|
int i = 0; |
1251
|
|
|
|
|
|
|
for (; i < y->length; i++) { |
1252
|
|
|
|
|
|
|
c += (uint64_t)X(i) + Y(i); |
1253
|
|
|
|
|
|
|
X(i) = c & 0xffffffff; |
1254
|
|
|
|
|
|
|
c >>= 32; |
1255
|
|
|
|
|
|
|
} |
1256
|
|
|
|
|
|
|
for (; i < x->length && c != 0; i++) { |
1257
|
|
|
|
|
|
|
c += (uint64_t)X(i); |
1258
|
|
|
|
|
|
|
X(i) = c & 0xffffffff; |
1259
|
|
|
|
|
|
|
c >>= 32; |
1260
|
|
|
|
|
|
|
} |
1261
|
|
|
|
|
|
|
trimS(x); |
1262
|
|
|
|
|
|
|
} |
1263
|
|
|
|
|
|
|
|
1264
|
|
|
|
|
|
|
static void subSS(struct cdsBigInteger * x, struct cdsBigInteger * y) { |
1265
|
|
|
|
|
|
|
expandS(x, maxLength(x, y) + 1); |
1266
|
|
|
|
|
|
|
int64_t c = 0; |
1267
|
|
|
|
|
|
|
int i = 0; |
1268
|
|
|
|
|
|
|
for (; i < y->length; i++) { |
1269
|
|
|
|
|
|
|
c += (int64_t)X(i) - (int64_t)Y(i); |
1270
|
|
|
|
|
|
|
X(i) = c & 0xffffffff; |
1271
|
|
|
|
|
|
|
c >>= 32; |
1272
|
|
|
|
|
|
|
} |
1273
|
|
|
|
|
|
|
int64_t filler = (int64_t)sign(y); |
1274
|
|
|
|
|
|
|
for (; i < x->length; i++) { |
1275
|
|
|
|
|
|
|
c += (int64_t)X(i) - filler; |
1276
|
|
|
|
|
|
|
X(i) = c & 0xffffffff; |
1277
|
|
|
|
|
|
|
c >>= 32; |
1278
|
|
|
|
|
|
|
} |
1279
|
|
|
|
|
|
|
trimS(x); |
1280
|
|
|
|
|
|
|
} |
1281
|
|
|
|
|
|
|
|
1282
|
|
|
|
|
|
|
static void halveS(struct cdsBigInteger * x) { |
1283
|
|
|
|
|
|
|
int i = 0; |
1284
|
|
|
|
|
|
|
for (; i + 1 < x->length; i++) |
1285
|
|
|
|
|
|
|
X(i) = X(i) >> 1 | X(i + 1) << 31; |
1286
|
|
|
|
|
|
|
X(i) = (uint32_t)((int32_t)X(i) >> 1); |
1287
|
|
|
|
|
|
|
trimS(x); |
1288
|
|
|
|
|
|
|
} |
1289
|
|
|
|
|
|
|
|
1290
|
|
|
|
|
|
|
static void egcd(struct cdsBigInteger * x, struct cdsBigInteger * y, struct cdsBigInteger * a, struct cdsBigInteger * b, struct cdsBigInteger * gcd) { |
1291
|
|
|
|
|
|
|
struct cdsBigInteger * u = gcd; |
1292
|
|
|
|
|
|
|
struct cdsBigInteger v = CDS_BIG_INTEGER_ZERO; |
1293
|
|
|
|
|
|
|
|
1294
|
|
|
|
|
|
|
struct cdsBigInteger * A = a; |
1295
|
|
|
|
|
|
|
struct cdsBigInteger * B = b; |
1296
|
|
|
|
|
|
|
struct cdsBigInteger C = CDS_BIG_INTEGER_ZERO; |
1297
|
|
|
|
|
|
|
struct cdsBigInteger D = CDS_BIG_INTEGER_ZERO; |
1298
|
|
|
|
|
|
|
|
1299
|
|
|
|
|
|
|
copyD(u, x, 0); |
1300
|
|
|
|
|
|
|
copyD(&v, y, 0); |
1301
|
|
|
|
|
|
|
|
1302
|
|
|
|
|
|
|
setUint32(A, 1); |
1303
|
|
|
|
|
|
|
setZero(B); |
1304
|
|
|
|
|
|
|
setZero(&C); |
1305
|
|
|
|
|
|
|
setUint32(&D, 0xffffffff); |
1306
|
|
|
|
|
|
|
|
1307
|
|
|
|
|
|
|
while (true) { |
1308
|
|
|
|
|
|
|
while (isEven(u)) { |
1309
|
|
|
|
|
|
|
smallShiftRight(u, u, 1); |
1310
|
|
|
|
|
|
|
if (isEven(A) && isEven(B)) { |
1311
|
|
|
|
|
|
|
halveS(A); |
1312
|
|
|
|
|
|
|
halveS(B); |
1313
|
|
|
|
|
|
|
} else { |
1314
|
|
|
|
|
|
|
addSU(A, y); |
1315
|
|
|
|
|
|
|
halveS(A); |
1316
|
|
|
|
|
|
|
addSU(B, x); |
1317
|
|
|
|
|
|
|
halveS(B); |
1318
|
|
|
|
|
|
|
} |
1319
|
|
|
|
|
|
|
} |
1320
|
|
|
|
|
|
|
|
1321
|
|
|
|
|
|
|
while (isEven(&v)) { |
1322
|
|
|
|
|
|
|
smallShiftRight(&v, &v, 1); |
1323
|
|
|
|
|
|
|
if (isEven(&C) && isEven(&D)) { |
1324
|
|
|
|
|
|
|
halveS(&C); |
1325
|
|
|
|
|
|
|
halveS(&D); |
1326
|
|
|
|
|
|
|
} else { |
1327
|
|
|
|
|
|
|
addSU(&C, y); |
1328
|
|
|
|
|
|
|
halveS(&C); |
1329
|
|
|
|
|
|
|
addSU(&D, x); |
1330
|
|
|
|
|
|
|
halveS(&D); |
1331
|
|
|
|
|
|
|
} |
1332
|
|
|
|
|
|
|
} |
1333
|
|
|
|
|
|
|
|
1334
|
|
|
|
|
|
|
trim(u); |
1335
|
|
|
|
|
|
|
trim(&v); |
1336
|
|
|
|
|
|
|
int cmp = compare(u, &v); |
1337
|
|
|
|
|
|
|
if (cmp == 0) return; |
1338
|
|
|
|
|
|
|
|
1339
|
|
|
|
|
|
|
if (cmp > 0) { |
1340
|
|
|
|
|
|
|
subD(u, &v, 0); |
1341
|
|
|
|
|
|
|
trim(u); |
1342
|
|
|
|
|
|
|
subSS(A, &C); |
1343
|
|
|
|
|
|
|
subSS(B, &D); |
1344
|
|
|
|
|
|
|
} else { |
1345
|
|
|
|
|
|
|
subD(&v, u, 0); |
1346
|
|
|
|
|
|
|
trim(&v); |
1347
|
|
|
|
|
|
|
subSS(&C, A); |
1348
|
|
|
|
|
|
|
subSS(&D, B); |
1349
|
|
|
|
|
|
|
} |
1350
|
|
|
|
|
|
|
} |
1351
|
|
|
|
|
|
|
} |
1352
|
|
|
|
|
|
|
|
1353
|
|
|
|
|
|
|
static bool modInverse(struct cdsBigInteger * a, struct cdsBigInteger * x, struct cdsBigInteger * m) { |
1354
|
|
|
|
|
|
|
struct cdsBigInteger b = CDS_BIG_INTEGER_ZERO; |
1355
|
|
|
|
|
|
|
struct cdsBigInteger gcd = CDS_BIG_INTEGER_ZERO; |
1356
|
|
|
|
|
|
|
egcd(x, m, a, &b, &gcd); |
1357
|
|
|
|
|
|
|
|
1358
|
|
|
|
|
|
|
if (! isOne(&gcd)) return false; |
1359
|
|
|
|
|
|
|
|
1360
|
|
|
|
|
|
|
while (sign(a) != 0) addSU(a, m); |
1361
|
|
|
|
|
|
|
trim(a); |
1362
|
|
|
|
|
|
|
return true; |
1363
|
|
|
|
|
|
|
} |
1364
|
|
|
|
|
|
|
|
1365
|
|
|
|
|
|
|
|
1366
|
|
|
|
|
|
|
static int removeFactorsOf2(struct cdsBigInteger * x) { |
1367
|
|
|
|
|
|
|
int d = 0; |
1368
|
|
|
|
|
|
|
while (X(d) == 0) d += 1; |
1369
|
|
|
|
|
|
|
if (d > 0) { |
1370
|
|
|
|
|
|
|
for (int i = 0; i + d < x->length; i++) X(i) = X(i + d); |
1371
|
|
|
|
|
|
|
x->length = x->length - d; |
1372
|
|
|
|
|
|
|
} |
1373
|
|
|
|
|
|
|
|
1374
|
|
|
|
|
|
|
if (x->length == 0) return 0; |
1375
|
|
|
|
|
|
|
|
1376
|
|
|
|
|
|
|
int s = 0; |
1377
|
|
|
|
|
|
|
uint32_t x0 = X(0); |
1378
|
|
|
|
|
|
|
if ((x0 & 0xffff) == 0) { |
1379
|
|
|
|
|
|
|
s += 14; |
1380
|
|
|
|
|
|
|
x0 >>= 16; |
1381
|
|
|
|
|
|
|
} |
1382
|
|
|
|
|
|
|
if ((x0 & 0xff) == 0) { |
1383
|
|
|
|
|
|
|
s += 7; |
1384
|
|
|
|
|
|
|
x0 >>= 8; |
1385
|
|
|
|
|
|
|
} |
1386
|
|
|
|
|
|
|
if ((x0 & 0xf) == 0) { |
1387
|
|
|
|
|
|
|
s += 4; |
1388
|
|
|
|
|
|
|
x0 >>= 4; |
1389
|
|
|
|
|
|
|
} |
1390
|
|
|
|
|
|
|
if ((x0 & 0x3) == 0) { |
1391
|
|
|
|
|
|
|
s += 2; |
1392
|
|
|
|
|
|
|
x0 >>= 2; |
1393
|
|
|
|
|
|
|
} |
1394
|
|
|
|
|
|
|
if ((x0 & 0x1) == 0) s += 1; |
1395
|
|
|
|
|
|
|
if (s > 0) smallShiftRight(x, x, s); |
1396
|
|
|
|
|
|
|
trim(x); |
1397
|
|
|
|
|
|
|
return s + 32 * d; |
1398
|
|
|
|
|
|
|
} |
1399
|
|
|
|
|
|
|
|
1400
|
|
|
|
|
|
|
static bool millerRabin(struct cdsBigInteger * x, struct cdsRSAModPowBig * modPowBig) { |
1401
|
|
|
|
|
|
|
struct cdsBigInteger x1 = CDS_BIG_INTEGER_ZERO; |
1402
|
|
|
|
|
|
|
copyD(&x1, x, 0); |
1403
|
|
|
|
|
|
|
decrement(&x1); |
1404
|
|
|
|
|
|
|
|
1405
|
|
|
|
|
|
|
struct cdsBigInteger r = CDS_BIG_INTEGER_ZERO; |
1406
|
|
|
|
|
|
|
copyD(&r, &x1, 0); |
1407
|
|
|
|
|
|
|
int s = removeFactorsOf2(&r); |
1408
|
|
|
|
|
|
|
|
1409
|
|
|
|
|
|
|
int repeat = 2; |
1410
|
|
|
|
|
|
|
int xk = mostSignificantElement(x); |
1411
|
|
|
|
|
|
|
struct cdsBigInteger a = CDS_BIG_INTEGER_ZERO; |
1412
|
|
|
|
|
|
|
for (int i = 0; i < repeat; i++) { |
1413
|
|
|
|
|
|
|
setRandom(&a, xk - 1); |
1414
|
|
|
|
|
|
|
while (isZero(&a) || isOne(&a)) setRandom(&a, xk - 1); |
1415
|
|
|
|
|
|
|
|
1416
|
|
|
|
|
|
|
modPowBigExp(modPowBig, &a, &r, x); |
1417
|
|
|
|
|
|
|
modPowBigResult(modPowBig); |
1418
|
|
|
|
|
|
|
if (isOne(modPowBig->result) || compare(modPowBig->result, &x1) == 0) continue; |
1419
|
|
|
|
|
|
|
|
1420
|
|
|
|
|
|
|
int j = 1; |
1421
|
|
|
|
|
|
|
for (; j < s; j++) { |
1422
|
|
|
|
|
|
|
modPowBigSqrAR(modPowBig); |
1423
|
|
|
|
|
|
|
modPowBigResult(modPowBig); |
1424
|
|
|
|
|
|
|
if (isOne(modPowBig->result)) return false; |
1425
|
|
|
|
|
|
|
if (compare(modPowBig->result, &x1) == 0) break; |
1426
|
|
|
|
|
|
|
} |
1427
|
|
|
|
|
|
|
if (j == s) return false; |
1428
|
|
|
|
|
|
|
} |
1429
|
|
|
|
|
|
|
|
1430
|
|
|
|
|
|
|
return true; |
1431
|
|
|
|
|
|
|
} |
1432
|
|
|
|
|
|
|
|
1433
|
|
|
|
|
|
|
static uint32_t modInt(struct cdsBigInteger * x, uint32_t y) { |
1434
|
|
|
|
|
|
|
uint64_t c = 0; |
1435
|
|
|
|
|
|
|
for (int i = mostSignificantElement(x); i >= 0; i--) |
1436
|
|
|
|
|
|
|
c = ((c << 32) + X(i)) % y; |
1437
|
|
|
|
|
|
|
return (uint32_t)c; |
1438
|
|
|
|
|
|
|
} |
1439
|
|
|
|
|
|
|
|
1440
|
|
|
|
|
|
|
|
1441
|
|
|
|
|
|
|
#ifndef KEY_GENERATION_RESET_WATCHDOG |
1442
|
|
|
|
|
|
|
#define KEY_GENERATION_RESET_WATCHDOG() ; |
1443
|
|
|
|
|
|
|
#endif |
1444
|
|
|
|
|
|
|
|
1445
|
|
|
|
|
|
|
static const int elementsFor1024Bits = 32; |
1446
|
|
|
|
|
|
|
static const int elementsFor2048Bits = 64; |
1447
|
|
|
|
|
|
|
static int bitCount4[] = {0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4}; |
1448
|
|
|
|
|
|
|
|
1449
|
|
|
|
|
|
|
static int bitCount(uint32_t n) { |
1450
|
|
|
|
|
|
|
int count = 0; |
1451
|
|
|
|
|
|
|
for (; n != 0; n >>= 4) |
1452
|
|
|
|
|
|
|
count += bitCount4[n & 0xf]; |
1453
|
|
|
|
|
|
|
return count; |
1454
|
|
|
|
|
|
|
} |
1455
|
|
|
|
|
|
|
|
1456
|
|
|
|
|
|
|
static void gcd(struct cdsBigInteger * x, struct cdsBigInteger * y) { |
1457
|
|
|
|
|
|
|
removeFactorsOf2(x); |
1458
|
|
|
|
|
|
|
removeFactorsOf2(y); |
1459
|
|
|
|
|
|
|
while (true) { |
1460
|
|
|
|
|
|
|
int cmp = compare(x, y); |
1461
|
|
|
|
|
|
|
if (cmp == 0) return; |
1462
|
|
|
|
|
|
|
|
1463
|
|
|
|
|
|
|
if (cmp > 0) { |
1464
|
|
|
|
|
|
|
subD(x, y, 0); |
1465
|
|
|
|
|
|
|
removeFactorsOf2(x); |
1466
|
|
|
|
|
|
|
trim(x); |
1467
|
|
|
|
|
|
|
} else { |
1468
|
|
|
|
|
|
|
subD(y, x, 0); |
1469
|
|
|
|
|
|
|
removeFactorsOf2(y); |
1470
|
|
|
|
|
|
|
trim(y); |
1471
|
|
|
|
|
|
|
} |
1472
|
|
|
|
|
|
|
} |
1473
|
|
|
|
|
|
|
} |
1474
|
|
|
|
|
|
|
|
1475
|
|
|
|
|
|
|
static void markInSieve(uint8_t * sieve, uint16_t s, uint16_t interval) { |
1476
|
|
|
|
|
|
|
for (; s < 4096; s += interval) sieve[s] = 1; |
1477
|
|
|
|
|
|
|
} |
1478
|
|
|
|
|
|
|
|
1479
|
|
|
|
|
|
|
static void randomPrime1024(struct cdsBigInteger * x, struct cdsBigInteger * e, struct cdsRSAModPowBig * modPowBig) { |
1480
|
|
|
|
|
|
|
uint8_t sieve[4096]; |
1481
|
|
|
|
|
|
|
while (true) { |
1482
|
|
|
|
|
|
|
struct cdsBigInteger start = CDS_BIG_INTEGER_ZERO; |
1483
|
|
|
|
|
|
|
setRandom(&start, elementsFor1024Bits); |
1484
|
|
|
|
|
|
|
start.values[0] |= 1; |
1485
|
|
|
|
|
|
|
start.values[elementsFor1024Bits - 1] |= 0x80000000; |
1486
|
|
|
|
|
|
|
|
1487
|
|
|
|
|
|
|
KEY_GENERATION_RESET_WATCHDOG(); |
1488
|
|
|
|
|
|
|
memset(sieve, 0, 4096); |
1489
|
|
|
|
|
|
|
|
1490
|
|
|
|
|
|
|
for (uint16_t n = 0; n < 4096; n += 2) { |
1491
|
|
|
|
|
|
|
if (sieve[n]) continue; |
1492
|
|
|
|
|
|
|
|
1493
|
|
|
|
|
|
|
setUint32(x, n); |
1494
|
|
|
|
|
|
|
addN(x, 1, &start, 0); |
1495
|
|
|
|
|
|
|
trim(x); |
1496
|
|
|
|
|
|
|
|
1497
|
|
|
|
|
|
|
|
1498
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/primality.inc.c" |
1499
|
|
|
|
|
|
|
uint32_t m = modInt(x, 3234846615); |
1500
|
|
|
|
|
|
|
if (m % 3 == 0) { |
1501
|
|
|
|
|
|
|
markInSieve(sieve, n, 3); |
1502
|
|
|
|
|
|
|
continue; |
1503
|
|
|
|
|
|
|
} |
1504
|
|
|
|
|
|
|
if (m % 5 == 0) { |
1505
|
|
|
|
|
|
|
markInSieve(sieve, n, 5); |
1506
|
|
|
|
|
|
|
continue; |
1507
|
|
|
|
|
|
|
} |
1508
|
|
|
|
|
|
|
if (m % 7 == 0) { |
1509
|
|
|
|
|
|
|
markInSieve(sieve, n, 7); |
1510
|
|
|
|
|
|
|
continue; |
1511
|
|
|
|
|
|
|
} |
1512
|
|
|
|
|
|
|
if (m % 11 == 0) { |
1513
|
|
|
|
|
|
|
markInSieve(sieve, n, 11); |
1514
|
|
|
|
|
|
|
continue; |
1515
|
|
|
|
|
|
|
} |
1516
|
|
|
|
|
|
|
if (m % 13 == 0) { |
1517
|
|
|
|
|
|
|
markInSieve(sieve, n, 13); |
1518
|
|
|
|
|
|
|
continue; |
1519
|
|
|
|
|
|
|
} |
1520
|
|
|
|
|
|
|
if (m % 17 == 0) { |
1521
|
|
|
|
|
|
|
markInSieve(sieve, n, 17); |
1522
|
|
|
|
|
|
|
continue; |
1523
|
|
|
|
|
|
|
} |
1524
|
|
|
|
|
|
|
if (m % 19 == 0) { |
1525
|
|
|
|
|
|
|
markInSieve(sieve, n, 19); |
1526
|
|
|
|
|
|
|
continue; |
1527
|
|
|
|
|
|
|
} |
1528
|
|
|
|
|
|
|
if (m % 23 == 0) { |
1529
|
|
|
|
|
|
|
markInSieve(sieve, n, 23); |
1530
|
|
|
|
|
|
|
continue; |
1531
|
|
|
|
|
|
|
} |
1532
|
|
|
|
|
|
|
if (m % 29 == 0) { |
1533
|
|
|
|
|
|
|
markInSieve(sieve, n, 29); |
1534
|
|
|
|
|
|
|
continue; |
1535
|
|
|
|
|
|
|
} |
1536
|
|
|
|
|
|
|
m = modInt(x, 95041567); |
1537
|
|
|
|
|
|
|
if (m % 31 == 0) { |
1538
|
|
|
|
|
|
|
markInSieve(sieve, n, 31); |
1539
|
|
|
|
|
|
|
continue; |
1540
|
|
|
|
|
|
|
} |
1541
|
|
|
|
|
|
|
if (m % 37 == 0) { |
1542
|
|
|
|
|
|
|
markInSieve(sieve, n, 37); |
1543
|
|
|
|
|
|
|
continue; |
1544
|
|
|
|
|
|
|
} |
1545
|
|
|
|
|
|
|
if (m % 41 == 0) { |
1546
|
|
|
|
|
|
|
markInSieve(sieve, n, 41); |
1547
|
|
|
|
|
|
|
continue; |
1548
|
|
|
|
|
|
|
} |
1549
|
|
|
|
|
|
|
if (m % 43 == 0) { |
1550
|
|
|
|
|
|
|
markInSieve(sieve, n, 43); |
1551
|
|
|
|
|
|
|
continue; |
1552
|
|
|
|
|
|
|
} |
1553
|
|
|
|
|
|
|
if (m % 47 == 0) { |
1554
|
|
|
|
|
|
|
markInSieve(sieve, n, 47); |
1555
|
|
|
|
|
|
|
continue; |
1556
|
|
|
|
|
|
|
} |
1557
|
|
|
|
|
|
|
m = modInt(x, 907383479); |
1558
|
|
|
|
|
|
|
if (m % 53 == 0) { |
1559
|
|
|
|
|
|
|
markInSieve(sieve, n, 53); |
1560
|
|
|
|
|
|
|
continue; |
1561
|
|
|
|
|
|
|
} |
1562
|
|
|
|
|
|
|
if (m % 59 == 0) { |
1563
|
|
|
|
|
|
|
markInSieve(sieve, n, 59); |
1564
|
|
|
|
|
|
|
continue; |
1565
|
|
|
|
|
|
|
} |
1566
|
|
|
|
|
|
|
if (m % 61 == 0) { |
1567
|
|
|
|
|
|
|
markInSieve(sieve, n, 61); |
1568
|
|
|
|
|
|
|
continue; |
1569
|
|
|
|
|
|
|
} |
1570
|
|
|
|
|
|
|
if (m % 67 == 0) { |
1571
|
|
|
|
|
|
|
markInSieve(sieve, n, 67); |
1572
|
|
|
|
|
|
|
continue; |
1573
|
|
|
|
|
|
|
} |
1574
|
|
|
|
|
|
|
if (m % 71 == 0) { |
1575
|
|
|
|
|
|
|
markInSieve(sieve, n, 71); |
1576
|
|
|
|
|
|
|
continue; |
1577
|
|
|
|
|
|
|
} |
1578
|
|
|
|
|
|
|
m = modInt(x, 4132280413); |
1579
|
|
|
|
|
|
|
if (m % 73 == 0) { |
1580
|
|
|
|
|
|
|
markInSieve(sieve, n, 73); |
1581
|
|
|
|
|
|
|
continue; |
1582
|
|
|
|
|
|
|
} |
1583
|
|
|
|
|
|
|
if (m % 79 == 0) { |
1584
|
|
|
|
|
|
|
markInSieve(sieve, n, 79); |
1585
|
|
|
|
|
|
|
continue; |
1586
|
|
|
|
|
|
|
} |
1587
|
|
|
|
|
|
|
if (m % 83 == 0) { |
1588
|
|
|
|
|
|
|
markInSieve(sieve, n, 83); |
1589
|
|
|
|
|
|
|
continue; |
1590
|
|
|
|
|
|
|
} |
1591
|
|
|
|
|
|
|
if (m % 89 == 0) { |
1592
|
|
|
|
|
|
|
markInSieve(sieve, n, 89); |
1593
|
|
|
|
|
|
|
continue; |
1594
|
|
|
|
|
|
|
} |
1595
|
|
|
|
|
|
|
if (m % 97 == 0) { |
1596
|
|
|
|
|
|
|
markInSieve(sieve, n, 97); |
1597
|
|
|
|
|
|
|
continue; |
1598
|
|
|
|
|
|
|
} |
1599
|
|
|
|
|
|
|
m = modInt(x, 121330189); |
1600
|
|
|
|
|
|
|
if (m % 101 == 0) { |
1601
|
|
|
|
|
|
|
markInSieve(sieve, n, 101); |
1602
|
|
|
|
|
|
|
continue; |
1603
|
|
|
|
|
|
|
} |
1604
|
|
|
|
|
|
|
if (m % 103 == 0) { |
1605
|
|
|
|
|
|
|
markInSieve(sieve, n, 103); |
1606
|
|
|
|
|
|
|
continue; |
1607
|
|
|
|
|
|
|
} |
1608
|
|
|
|
|
|
|
if (m % 107 == 0) { |
1609
|
|
|
|
|
|
|
markInSieve(sieve, n, 107); |
1610
|
|
|
|
|
|
|
continue; |
1611
|
|
|
|
|
|
|
} |
1612
|
|
|
|
|
|
|
if (m % 109 == 0) { |
1613
|
|
|
|
|
|
|
markInSieve(sieve, n, 109); |
1614
|
|
|
|
|
|
|
continue; |
1615
|
|
|
|
|
|
|
} |
1616
|
|
|
|
|
|
|
m = modInt(x, 257557397); |
1617
|
|
|
|
|
|
|
if (m % 113 == 0) { |
1618
|
|
|
|
|
|
|
markInSieve(sieve, n, 113); |
1619
|
|
|
|
|
|
|
continue; |
1620
|
|
|
|
|
|
|
} |
1621
|
|
|
|
|
|
|
if (m % 127 == 0) { |
1622
|
|
|
|
|
|
|
markInSieve(sieve, n, 127); |
1623
|
|
|
|
|
|
|
continue; |
1624
|
|
|
|
|
|
|
} |
1625
|
|
|
|
|
|
|
if (m % 131 == 0) { |
1626
|
|
|
|
|
|
|
markInSieve(sieve, n, 131); |
1627
|
|
|
|
|
|
|
continue; |
1628
|
|
|
|
|
|
|
} |
1629
|
|
|
|
|
|
|
if (m % 137 == 0) { |
1630
|
|
|
|
|
|
|
markInSieve(sieve, n, 137); |
1631
|
|
|
|
|
|
|
continue; |
1632
|
|
|
|
|
|
|
} |
1633
|
|
|
|
|
|
|
m = modInt(x, 490995677); |
1634
|
|
|
|
|
|
|
if (m % 139 == 0) { |
1635
|
|
|
|
|
|
|
markInSieve(sieve, n, 139); |
1636
|
|
|
|
|
|
|
continue; |
1637
|
|
|
|
|
|
|
} |
1638
|
|
|
|
|
|
|
if (m % 149 == 0) { |
1639
|
|
|
|
|
|
|
markInSieve(sieve, n, 149); |
1640
|
|
|
|
|
|
|
continue; |
1641
|
|
|
|
|
|
|
} |
1642
|
|
|
|
|
|
|
if (m % 151 == 0) { |
1643
|
|
|
|
|
|
|
markInSieve(sieve, n, 151); |
1644
|
|
|
|
|
|
|
continue; |
1645
|
|
|
|
|
|
|
} |
1646
|
|
|
|
|
|
|
if (m % 157 == 0) { |
1647
|
|
|
|
|
|
|
markInSieve(sieve, n, 157); |
1648
|
|
|
|
|
|
|
continue; |
1649
|
|
|
|
|
|
|
} |
1650
|
|
|
|
|
|
|
m = modInt(x, 842952707); |
1651
|
|
|
|
|
|
|
if (m % 163 == 0) { |
1652
|
|
|
|
|
|
|
markInSieve(sieve, n, 163); |
1653
|
|
|
|
|
|
|
continue; |
1654
|
|
|
|
|
|
|
} |
1655
|
|
|
|
|
|
|
if (m % 167 == 0) { |
1656
|
|
|
|
|
|
|
markInSieve(sieve, n, 167); |
1657
|
|
|
|
|
|
|
continue; |
1658
|
|
|
|
|
|
|
} |
1659
|
|
|
|
|
|
|
if (m % 173 == 0) { |
1660
|
|
|
|
|
|
|
markInSieve(sieve, n, 173); |
1661
|
|
|
|
|
|
|
continue; |
1662
|
|
|
|
|
|
|
} |
1663
|
|
|
|
|
|
|
if (m % 179 == 0) { |
1664
|
|
|
|
|
|
|
markInSieve(sieve, n, 179); |
1665
|
|
|
|
|
|
|
continue; |
1666
|
|
|
|
|
|
|
} |
1667
|
|
|
|
|
|
|
m = modInt(x, 1314423991); |
1668
|
|
|
|
|
|
|
if (m % 181 == 0) { |
1669
|
|
|
|
|
|
|
markInSieve(sieve, n, 181); |
1670
|
|
|
|
|
|
|
continue; |
1671
|
|
|
|
|
|
|
} |
1672
|
|
|
|
|
|
|
if (m % 191 == 0) { |
1673
|
|
|
|
|
|
|
markInSieve(sieve, n, 191); |
1674
|
|
|
|
|
|
|
continue; |
1675
|
|
|
|
|
|
|
} |
1676
|
|
|
|
|
|
|
if (m % 193 == 0) { |
1677
|
|
|
|
|
|
|
markInSieve(sieve, n, 193); |
1678
|
|
|
|
|
|
|
continue; |
1679
|
|
|
|
|
|
|
} |
1680
|
|
|
|
|
|
|
if (m % 197 == 0) { |
1681
|
|
|
|
|
|
|
markInSieve(sieve, n, 197); |
1682
|
|
|
|
|
|
|
continue; |
1683
|
|
|
|
|
|
|
} |
1684
|
|
|
|
|
|
|
m = modInt(x, 2125525169); |
1685
|
|
|
|
|
|
|
if (m % 199 == 0) { |
1686
|
|
|
|
|
|
|
markInSieve(sieve, n, 199); |
1687
|
|
|
|
|
|
|
continue; |
1688
|
|
|
|
|
|
|
} |
1689
|
|
|
|
|
|
|
if (m % 211 == 0) { |
1690
|
|
|
|
|
|
|
markInSieve(sieve, n, 211); |
1691
|
|
|
|
|
|
|
continue; |
1692
|
|
|
|
|
|
|
} |
1693
|
|
|
|
|
|
|
if (m % 223 == 0) { |
1694
|
|
|
|
|
|
|
markInSieve(sieve, n, 223); |
1695
|
|
|
|
|
|
|
continue; |
1696
|
|
|
|
|
|
|
} |
1697
|
|
|
|
|
|
|
if (m % 227 == 0) { |
1698
|
|
|
|
|
|
|
markInSieve(sieve, n, 227); |
1699
|
|
|
|
|
|
|
continue; |
1700
|
|
|
|
|
|
|
} |
1701
|
|
|
|
|
|
|
m = modInt(x, 3073309843); |
1702
|
|
|
|
|
|
|
if (m % 229 == 0) { |
1703
|
|
|
|
|
|
|
markInSieve(sieve, n, 229); |
1704
|
|
|
|
|
|
|
continue; |
1705
|
|
|
|
|
|
|
} |
1706
|
|
|
|
|
|
|
if (m % 233 == 0) { |
1707
|
|
|
|
|
|
|
markInSieve(sieve, n, 233); |
1708
|
|
|
|
|
|
|
continue; |
1709
|
|
|
|
|
|
|
} |
1710
|
|
|
|
|
|
|
if (m % 239 == 0) { |
1711
|
|
|
|
|
|
|
markInSieve(sieve, n, 239); |
1712
|
|
|
|
|
|
|
continue; |
1713
|
|
|
|
|
|
|
} |
1714
|
|
|
|
|
|
|
if (m % 241 == 0) { |
1715
|
|
|
|
|
|
|
markInSieve(sieve, n, 241); |
1716
|
|
|
|
|
|
|
continue; |
1717
|
|
|
|
|
|
|
} |
1718
|
|
|
|
|
|
|
m = modInt(x, 16965341); |
1719
|
|
|
|
|
|
|
if (m % 251 == 0) { |
1720
|
|
|
|
|
|
|
markInSieve(sieve, n, 251); |
1721
|
|
|
|
|
|
|
continue; |
1722
|
|
|
|
|
|
|
} |
1723
|
|
|
|
|
|
|
if (m % 257 == 0) { |
1724
|
|
|
|
|
|
|
markInSieve(sieve, n, 257); |
1725
|
|
|
|
|
|
|
continue; |
1726
|
|
|
|
|
|
|
} |
1727
|
|
|
|
|
|
|
if (m % 263 == 0) { |
1728
|
|
|
|
|
|
|
markInSieve(sieve, n, 263); |
1729
|
|
|
|
|
|
|
continue; |
1730
|
|
|
|
|
|
|
} |
1731
|
|
|
|
|
|
|
m = modInt(x, 20193023); |
1732
|
|
|
|
|
|
|
if (m % 269 == 0) { |
1733
|
|
|
|
|
|
|
markInSieve(sieve, n, 269); |
1734
|
|
|
|
|
|
|
continue; |
1735
|
|
|
|
|
|
|
} |
1736
|
|
|
|
|
|
|
if (m % 271 == 0) { |
1737
|
|
|
|
|
|
|
markInSieve(sieve, n, 271); |
1738
|
|
|
|
|
|
|
continue; |
1739
|
|
|
|
|
|
|
} |
1740
|
|
|
|
|
|
|
if (m % 277 == 0) { |
1741
|
|
|
|
|
|
|
markInSieve(sieve, n, 277); |
1742
|
|
|
|
|
|
|
continue; |
1743
|
|
|
|
|
|
|
} |
1744
|
|
|
|
|
|
|
m = modInt(x, 23300239); |
1745
|
|
|
|
|
|
|
if (m % 281 == 0) { |
1746
|
|
|
|
|
|
|
markInSieve(sieve, n, 281); |
1747
|
|
|
|
|
|
|
continue; |
1748
|
|
|
|
|
|
|
} |
1749
|
|
|
|
|
|
|
if (m % 283 == 0) { |
1750
|
|
|
|
|
|
|
markInSieve(sieve, n, 283); |
1751
|
|
|
|
|
|
|
continue; |
1752
|
|
|
|
|
|
|
} |
1753
|
|
|
|
|
|
|
if (m % 293 == 0) { |
1754
|
|
|
|
|
|
|
markInSieve(sieve, n, 293); |
1755
|
|
|
|
|
|
|
continue; |
1756
|
|
|
|
|
|
|
} |
1757
|
|
|
|
|
|
|
m = modInt(x, 29884301); |
1758
|
|
|
|
|
|
|
if (m % 307 == 0) { |
1759
|
|
|
|
|
|
|
markInSieve(sieve, n, 307); |
1760
|
|
|
|
|
|
|
continue; |
1761
|
|
|
|
|
|
|
} |
1762
|
|
|
|
|
|
|
if (m % 311 == 0) { |
1763
|
|
|
|
|
|
|
markInSieve(sieve, n, 311); |
1764
|
|
|
|
|
|
|
continue; |
1765
|
|
|
|
|
|
|
} |
1766
|
|
|
|
|
|
|
if (m % 313 == 0) { |
1767
|
|
|
|
|
|
|
markInSieve(sieve, n, 313); |
1768
|
|
|
|
|
|
|
continue; |
1769
|
|
|
|
|
|
|
} |
1770
|
|
|
|
|
|
|
m = modInt(x, 35360399); |
1771
|
|
|
|
|
|
|
if (m % 317 == 0) { |
1772
|
|
|
|
|
|
|
markInSieve(sieve, n, 317); |
1773
|
|
|
|
|
|
|
continue; |
1774
|
|
|
|
|
|
|
} |
1775
|
|
|
|
|
|
|
if (m % 331 == 0) { |
1776
|
|
|
|
|
|
|
markInSieve(sieve, n, 331); |
1777
|
|
|
|
|
|
|
continue; |
1778
|
|
|
|
|
|
|
} |
1779
|
|
|
|
|
|
|
if (m % 337 == 0) { |
1780
|
|
|
|
|
|
|
markInSieve(sieve, n, 337); |
1781
|
|
|
|
|
|
|
continue; |
1782
|
|
|
|
|
|
|
} |
1783
|
|
|
|
|
|
|
m = modInt(x, 42749359); |
1784
|
|
|
|
|
|
|
if (m % 347 == 0) { |
1785
|
|
|
|
|
|
|
markInSieve(sieve, n, 347); |
1786
|
|
|
|
|
|
|
continue; |
1787
|
|
|
|
|
|
|
} |
1788
|
|
|
|
|
|
|
if (m % 349 == 0) { |
1789
|
|
|
|
|
|
|
markInSieve(sieve, n, 349); |
1790
|
|
|
|
|
|
|
continue; |
1791
|
|
|
|
|
|
|
} |
1792
|
|
|
|
|
|
|
if (m % 353 == 0) { |
1793
|
|
|
|
|
|
|
markInSieve(sieve, n, 353); |
1794
|
|
|
|
|
|
|
continue; |
1795
|
|
|
|
|
|
|
} |
1796
|
|
|
|
|
|
|
m = modInt(x, 49143869); |
1797
|
|
|
|
|
|
|
if (m % 359 == 0) { |
1798
|
|
|
|
|
|
|
markInSieve(sieve, n, 359); |
1799
|
|
|
|
|
|
|
continue; |
1800
|
|
|
|
|
|
|
} |
1801
|
|
|
|
|
|
|
if (m % 367 == 0) { |
1802
|
|
|
|
|
|
|
markInSieve(sieve, n, 367); |
1803
|
|
|
|
|
|
|
continue; |
1804
|
|
|
|
|
|
|
} |
1805
|
|
|
|
|
|
|
if (m % 373 == 0) { |
1806
|
|
|
|
|
|
|
markInSieve(sieve, n, 373); |
1807
|
|
|
|
|
|
|
continue; |
1808
|
|
|
|
|
|
|
} |
1809
|
|
|
|
|
|
|
m = modInt(x, 56466073); |
1810
|
|
|
|
|
|
|
if (m % 379 == 0) { |
1811
|
|
|
|
|
|
|
markInSieve(sieve, n, 379); |
1812
|
|
|
|
|
|
|
continue; |
1813
|
|
|
|
|
|
|
} |
1814
|
|
|
|
|
|
|
if (m % 383 == 0) { |
1815
|
|
|
|
|
|
|
markInSieve(sieve, n, 383); |
1816
|
|
|
|
|
|
|
continue; |
1817
|
|
|
|
|
|
|
} |
1818
|
|
|
|
|
|
|
if (m % 389 == 0) { |
1819
|
|
|
|
|
|
|
markInSieve(sieve, n, 389); |
1820
|
|
|
|
|
|
|
continue; |
1821
|
|
|
|
|
|
|
} |
1822
|
|
|
|
|
|
|
m = modInt(x, 65111573); |
1823
|
|
|
|
|
|
|
if (m % 397 == 0) { |
1824
|
|
|
|
|
|
|
markInSieve(sieve, n, 397); |
1825
|
|
|
|
|
|
|
continue; |
1826
|
|
|
|
|
|
|
} |
1827
|
|
|
|
|
|
|
if (m % 401 == 0) { |
1828
|
|
|
|
|
|
|
markInSieve(sieve, n, 401); |
1829
|
|
|
|
|
|
|
continue; |
1830
|
|
|
|
|
|
|
} |
1831
|
|
|
|
|
|
|
if (m % 409 == 0) { |
1832
|
|
|
|
|
|
|
markInSieve(sieve, n, 409); |
1833
|
|
|
|
|
|
|
continue; |
1834
|
|
|
|
|
|
|
} |
1835
|
|
|
|
|
|
|
m = modInt(x, 76027969); |
1836
|
|
|
|
|
|
|
if (m % 419 == 0) { |
1837
|
|
|
|
|
|
|
markInSieve(sieve, n, 419); |
1838
|
|
|
|
|
|
|
continue; |
1839
|
|
|
|
|
|
|
} |
1840
|
|
|
|
|
|
|
if (m % 421 == 0) { |
1841
|
|
|
|
|
|
|
markInSieve(sieve, n, 421); |
1842
|
|
|
|
|
|
|
continue; |
1843
|
|
|
|
|
|
|
} |
1844
|
|
|
|
|
|
|
if (m % 431 == 0) { |
1845
|
|
|
|
|
|
|
markInSieve(sieve, n, 431); |
1846
|
|
|
|
|
|
|
continue; |
1847
|
|
|
|
|
|
|
} |
1848
|
|
|
|
|
|
|
m = modInt(x, 84208541); |
1849
|
|
|
|
|
|
|
if (m % 433 == 0) { |
1850
|
|
|
|
|
|
|
markInSieve(sieve, n, 433); |
1851
|
|
|
|
|
|
|
continue; |
1852
|
|
|
|
|
|
|
} |
1853
|
|
|
|
|
|
|
if (m % 439 == 0) { |
1854
|
|
|
|
|
|
|
markInSieve(sieve, n, 439); |
1855
|
|
|
|
|
|
|
continue; |
1856
|
|
|
|
|
|
|
} |
1857
|
|
|
|
|
|
|
if (m % 443 == 0) { |
1858
|
|
|
|
|
|
|
markInSieve(sieve, n, 443); |
1859
|
|
|
|
|
|
|
continue; |
1860
|
|
|
|
|
|
|
} |
1861
|
|
|
|
|
|
|
m = modInt(x, 94593973); |
1862
|
|
|
|
|
|
|
if (m % 449 == 0) { |
1863
|
|
|
|
|
|
|
markInSieve(sieve, n, 449); |
1864
|
|
|
|
|
|
|
continue; |
1865
|
|
|
|
|
|
|
} |
1866
|
|
|
|
|
|
|
if (m % 457 == 0) { |
1867
|
|
|
|
|
|
|
markInSieve(sieve, n, 457); |
1868
|
|
|
|
|
|
|
continue; |
1869
|
|
|
|
|
|
|
} |
1870
|
|
|
|
|
|
|
if (m % 461 == 0) { |
1871
|
|
|
|
|
|
|
markInSieve(sieve, n, 461); |
1872
|
|
|
|
|
|
|
continue; |
1873
|
|
|
|
|
|
|
} |
1874
|
|
|
|
|
|
|
m = modInt(x, 103569859); |
1875
|
|
|
|
|
|
|
if (m % 463 == 0) { |
1876
|
|
|
|
|
|
|
markInSieve(sieve, n, 463); |
1877
|
|
|
|
|
|
|
continue; |
1878
|
|
|
|
|
|
|
} |
1879
|
|
|
|
|
|
|
if (m % 467 == 0) { |
1880
|
|
|
|
|
|
|
markInSieve(sieve, n, 467); |
1881
|
|
|
|
|
|
|
continue; |
1882
|
|
|
|
|
|
|
} |
1883
|
|
|
|
|
|
|
if (m % 479 == 0) { |
1884
|
|
|
|
|
|
|
markInSieve(sieve, n, 479); |
1885
|
|
|
|
|
|
|
continue; |
1886
|
|
|
|
|
|
|
} |
1887
|
|
|
|
|
|
|
m = modInt(x, 119319383); |
1888
|
|
|
|
|
|
|
if (m % 487 == 0) { |
1889
|
|
|
|
|
|
|
markInSieve(sieve, n, 487); |
1890
|
|
|
|
|
|
|
continue; |
1891
|
|
|
|
|
|
|
} |
1892
|
|
|
|
|
|
|
if (m % 491 == 0) { |
1893
|
|
|
|
|
|
|
markInSieve(sieve, n, 491); |
1894
|
|
|
|
|
|
|
continue; |
1895
|
|
|
|
|
|
|
} |
1896
|
|
|
|
|
|
|
if (m % 499 == 0) { |
1897
|
|
|
|
|
|
|
markInSieve(sieve, n, 499); |
1898
|
|
|
|
|
|
|
continue; |
1899
|
|
|
|
|
|
|
} |
1900
|
|
|
|
|
|
|
m = modInt(x, 133390067); |
1901
|
|
|
|
|
|
|
if (m % 503 == 0) { |
1902
|
|
|
|
|
|
|
markInSieve(sieve, n, 503); |
1903
|
|
|
|
|
|
|
continue; |
1904
|
|
|
|
|
|
|
} |
1905
|
|
|
|
|
|
|
if (m % 509 == 0) { |
1906
|
|
|
|
|
|
|
markInSieve(sieve, n, 509); |
1907
|
|
|
|
|
|
|
continue; |
1908
|
|
|
|
|
|
|
} |
1909
|
|
|
|
|
|
|
if (m % 521 == 0) { |
1910
|
|
|
|
|
|
|
markInSieve(sieve, n, 521); |
1911
|
|
|
|
|
|
|
continue; |
1912
|
|
|
|
|
|
|
} |
1913
|
|
|
|
|
|
|
m = modInt(x, 154769821); |
1914
|
|
|
|
|
|
|
if (m % 523 == 0) { |
1915
|
|
|
|
|
|
|
markInSieve(sieve, n, 523); |
1916
|
|
|
|
|
|
|
continue; |
1917
|
|
|
|
|
|
|
} |
1918
|
|
|
|
|
|
|
if (m % 541 == 0) { |
1919
|
|
|
|
|
|
|
markInSieve(sieve, n, 541); |
1920
|
|
|
|
|
|
|
continue; |
1921
|
|
|
|
|
|
|
} |
1922
|
|
|
|
|
|
|
if (m % 547 == 0) { |
1923
|
|
|
|
|
|
|
markInSieve(sieve, n, 547); |
1924
|
|
|
|
|
|
|
continue; |
1925
|
|
|
|
|
|
|
} |
1926
|
|
|
|
|
|
|
m = modInt(x, 178433279); |
1927
|
|
|
|
|
|
|
if (m % 557 == 0) { |
1928
|
|
|
|
|
|
|
markInSieve(sieve, n, 557); |
1929
|
|
|
|
|
|
|
continue; |
1930
|
|
|
|
|
|
|
} |
1931
|
|
|
|
|
|
|
if (m % 563 == 0) { |
1932
|
|
|
|
|
|
|
markInSieve(sieve, n, 563); |
1933
|
|
|
|
|
|
|
continue; |
1934
|
|
|
|
|
|
|
} |
1935
|
|
|
|
|
|
|
if (m % 569 == 0) { |
1936
|
|
|
|
|
|
|
markInSieve(sieve, n, 569); |
1937
|
|
|
|
|
|
|
continue; |
1938
|
|
|
|
|
|
|
} |
1939
|
|
|
|
|
|
|
m = modInt(x, 193397129); |
1940
|
|
|
|
|
|
|
if (m % 571 == 0) { |
1941
|
|
|
|
|
|
|
markInSieve(sieve, n, 571); |
1942
|
|
|
|
|
|
|
continue; |
1943
|
|
|
|
|
|
|
} |
1944
|
|
|
|
|
|
|
if (m % 577 == 0) { |
1945
|
|
|
|
|
|
|
markInSieve(sieve, n, 577); |
1946
|
|
|
|
|
|
|
continue; |
1947
|
|
|
|
|
|
|
} |
1948
|
|
|
|
|
|
|
if (m % 587 == 0) { |
1949
|
|
|
|
|
|
|
markInSieve(sieve, n, 587); |
1950
|
|
|
|
|
|
|
continue; |
1951
|
|
|
|
|
|
|
} |
1952
|
|
|
|
|
|
|
m = modInt(x, 213479407); |
1953
|
|
|
|
|
|
|
if (m % 593 == 0) { |
1954
|
|
|
|
|
|
|
markInSieve(sieve, n, 593); |
1955
|
|
|
|
|
|
|
continue; |
1956
|
|
|
|
|
|
|
} |
1957
|
|
|
|
|
|
|
if (m % 599 == 0) { |
1958
|
|
|
|
|
|
|
markInSieve(sieve, n, 599); |
1959
|
|
|
|
|
|
|
continue; |
1960
|
|
|
|
|
|
|
} |
1961
|
|
|
|
|
|
|
if (m % 601 == 0) { |
1962
|
|
|
|
|
|
|
markInSieve(sieve, n, 601); |
1963
|
|
|
|
|
|
|
continue; |
1964
|
|
|
|
|
|
|
} |
1965
|
|
|
|
|
|
|
m = modInt(x, 229580147); |
1966
|
|
|
|
|
|
|
if (m % 607 == 0) { |
1967
|
|
|
|
|
|
|
markInSieve(sieve, n, 607); |
1968
|
|
|
|
|
|
|
continue; |
1969
|
|
|
|
|
|
|
} |
1970
|
|
|
|
|
|
|
if (m % 613 == 0) { |
1971
|
|
|
|
|
|
|
markInSieve(sieve, n, 613); |
1972
|
|
|
|
|
|
|
continue; |
1973
|
|
|
|
|
|
|
} |
1974
|
|
|
|
|
|
|
if (m % 617 == 0) { |
1975
|
|
|
|
|
|
|
markInSieve(sieve, n, 617); |
1976
|
|
|
|
|
|
|
continue; |
1977
|
|
|
|
|
|
|
} |
1978
|
|
|
|
|
|
|
m = modInt(x, 250367549); |
1979
|
|
|
|
|
|
|
if (m % 619 == 0) { |
1980
|
|
|
|
|
|
|
markInSieve(sieve, n, 619); |
1981
|
|
|
|
|
|
|
continue; |
1982
|
|
|
|
|
|
|
} |
1983
|
|
|
|
|
|
|
if (m % 631 == 0) { |
1984
|
|
|
|
|
|
|
markInSieve(sieve, n, 631); |
1985
|
|
|
|
|
|
|
continue; |
1986
|
|
|
|
|
|
|
} |
1987
|
|
|
|
|
|
|
if (m % 641 == 0) { |
1988
|
|
|
|
|
|
|
markInSieve(sieve, n, 641); |
1989
|
|
|
|
|
|
|
continue; |
1990
|
|
|
|
|
|
|
} |
1991
|
|
|
|
|
|
|
m = modInt(x, 271661713); |
1992
|
|
|
|
|
|
|
if (m % 643 == 0) { |
1993
|
|
|
|
|
|
|
markInSieve(sieve, n, 643); |
1994
|
|
|
|
|
|
|
continue; |
1995
|
|
|
|
|
|
|
} |
1996
|
|
|
|
|
|
|
if (m % 647 == 0) { |
1997
|
|
|
|
|
|
|
markInSieve(sieve, n, 647); |
1998
|
|
|
|
|
|
|
continue; |
1999
|
|
|
|
|
|
|
} |
2000
|
|
|
|
|
|
|
if (m % 653 == 0) { |
2001
|
|
|
|
|
|
|
markInSieve(sieve, n, 653); |
2002
|
|
|
|
|
|
|
continue; |
2003
|
|
|
|
|
|
|
} |
2004
|
|
|
|
|
|
|
m = modInt(x, 293158127); |
2005
|
|
|
|
|
|
|
if (m % 659 == 0) { |
2006
|
|
|
|
|
|
|
markInSieve(sieve, n, 659); |
2007
|
|
|
|
|
|
|
continue; |
2008
|
|
|
|
|
|
|
} |
2009
|
|
|
|
|
|
|
if (m % 661 == 0) { |
2010
|
|
|
|
|
|
|
markInSieve(sieve, n, 661); |
2011
|
|
|
|
|
|
|
continue; |
2012
|
|
|
|
|
|
|
} |
2013
|
|
|
|
|
|
|
if (m % 673 == 0) { |
2014
|
|
|
|
|
|
|
markInSieve(sieve, n, 673); |
2015
|
|
|
|
|
|
|
continue; |
2016
|
|
|
|
|
|
|
} |
2017
|
|
|
|
|
|
|
m = modInt(x, 319512181); |
2018
|
|
|
|
|
|
|
if (m % 677 == 0) { |
2019
|
|
|
|
|
|
|
markInSieve(sieve, n, 677); |
2020
|
|
|
|
|
|
|
continue; |
2021
|
|
|
|
|
|
|
} |
2022
|
|
|
|
|
|
|
if (m % 683 == 0) { |
2023
|
|
|
|
|
|
|
markInSieve(sieve, n, 683); |
2024
|
|
|
|
|
|
|
continue; |
2025
|
|
|
|
|
|
|
} |
2026
|
|
|
|
|
|
|
if (m % 691 == 0) { |
2027
|
|
|
|
|
|
|
markInSieve(sieve, n, 691); |
2028
|
|
|
|
|
|
|
continue; |
2029
|
|
|
|
|
|
|
} |
2030
|
|
|
|
|
|
|
m = modInt(x, 357349471); |
2031
|
|
|
|
|
|
|
if (m % 701 == 0) { |
2032
|
|
|
|
|
|
|
markInSieve(sieve, n, 701); |
2033
|
|
|
|
|
|
|
continue; |
2034
|
|
|
|
|
|
|
} |
2035
|
|
|
|
|
|
|
if (m % 709 == 0) { |
2036
|
|
|
|
|
|
|
markInSieve(sieve, n, 709); |
2037
|
|
|
|
|
|
|
continue; |
2038
|
|
|
|
|
|
|
} |
2039
|
|
|
|
|
|
|
if (m % 719 == 0) { |
2040
|
|
|
|
|
|
|
markInSieve(sieve, n, 719); |
2041
|
|
|
|
|
|
|
continue; |
2042
|
|
|
|
|
|
|
} |
2043
|
|
|
|
|
|
|
m = modInt(x, 393806449); |
2044
|
|
|
|
|
|
|
if (m % 727 == 0) { |
2045
|
|
|
|
|
|
|
markInSieve(sieve, n, 727); |
2046
|
|
|
|
|
|
|
continue; |
2047
|
|
|
|
|
|
|
} |
2048
|
|
|
|
|
|
|
if (m % 733 == 0) { |
2049
|
|
|
|
|
|
|
markInSieve(sieve, n, 733); |
2050
|
|
|
|
|
|
|
continue; |
2051
|
|
|
|
|
|
|
} |
2052
|
|
|
|
|
|
|
if (m % 739 == 0) { |
2053
|
|
|
|
|
|
|
markInSieve(sieve, n, 739); |
2054
|
|
|
|
|
|
|
continue; |
2055
|
|
|
|
|
|
|
} |
2056
|
|
|
|
|
|
|
m = modInt(x, 422400701); |
2057
|
|
|
|
|
|
|
if (m % 743 == 0) { |
2058
|
|
|
|
|
|
|
markInSieve(sieve, n, 743); |
2059
|
|
|
|
|
|
|
continue; |
2060
|
|
|
|
|
|
|
} |
2061
|
|
|
|
|
|
|
if (m % 751 == 0) { |
2062
|
|
|
|
|
|
|
markInSieve(sieve, n, 751); |
2063
|
|
|
|
|
|
|
continue; |
2064
|
|
|
|
|
|
|
} |
2065
|
|
|
|
|
|
|
if (m % 757 == 0) { |
2066
|
|
|
|
|
|
|
markInSieve(sieve, n, 757); |
2067
|
|
|
|
|
|
|
continue; |
2068
|
|
|
|
|
|
|
} |
2069
|
|
|
|
|
|
|
m = modInt(x, 452366557); |
2070
|
|
|
|
|
|
|
if (m % 761 == 0) { |
2071
|
|
|
|
|
|
|
markInSieve(sieve, n, 761); |
2072
|
|
|
|
|
|
|
continue; |
2073
|
|
|
|
|
|
|
} |
2074
|
|
|
|
|
|
|
if (m % 769 == 0) { |
2075
|
|
|
|
|
|
|
markInSieve(sieve, n, 769); |
2076
|
|
|
|
|
|
|
continue; |
2077
|
|
|
|
|
|
|
} |
2078
|
|
|
|
|
|
|
if (m % 773 == 0) { |
2079
|
|
|
|
|
|
|
markInSieve(sieve, n, 773); |
2080
|
|
|
|
|
|
|
continue; |
2081
|
|
|
|
|
|
|
} |
2082
|
|
|
|
|
|
|
m = modInt(x, 507436351); |
2083
|
|
|
|
|
|
|
if (m % 787 == 0) { |
2084
|
|
|
|
|
|
|
markInSieve(sieve, n, 787); |
2085
|
|
|
|
|
|
|
continue; |
2086
|
|
|
|
|
|
|
} |
2087
|
|
|
|
|
|
|
if (m % 797 == 0) { |
2088
|
|
|
|
|
|
|
markInSieve(sieve, n, 797); |
2089
|
|
|
|
|
|
|
continue; |
2090
|
|
|
|
|
|
|
} |
2091
|
|
|
|
|
|
|
if (m % 809 == 0) { |
2092
|
|
|
|
|
|
|
markInSieve(sieve, n, 809); |
2093
|
|
|
|
|
|
|
continue; |
2094
|
|
|
|
|
|
|
} |
2095
|
|
|
|
|
|
|
m = modInt(x, 547978913); |
2096
|
|
|
|
|
|
|
if (m % 811 == 0) { |
2097
|
|
|
|
|
|
|
markInSieve(sieve, n, 811); |
2098
|
|
|
|
|
|
|
continue; |
2099
|
|
|
|
|
|
|
} |
2100
|
|
|
|
|
|
|
if (m % 821 == 0) { |
2101
|
|
|
|
|
|
|
markInSieve(sieve, n, 821); |
2102
|
|
|
|
|
|
|
continue; |
2103
|
|
|
|
|
|
|
} |
2104
|
|
|
|
|
|
|
if (m % 823 == 0) { |
2105
|
|
|
|
|
|
|
markInSieve(sieve, n, 823); |
2106
|
|
|
|
|
|
|
continue; |
2107
|
|
|
|
|
|
|
} |
2108
|
|
|
|
|
|
|
m = modInt(x, 575204137); |
2109
|
|
|
|
|
|
|
if (m % 827 == 0) { |
2110
|
|
|
|
|
|
|
markInSieve(sieve, n, 827); |
2111
|
|
|
|
|
|
|
continue; |
2112
|
|
|
|
|
|
|
} |
2113
|
|
|
|
|
|
|
if (m % 829 == 0) { |
2114
|
|
|
|
|
|
|
markInSieve(sieve, n, 829); |
2115
|
|
|
|
|
|
|
continue; |
2116
|
|
|
|
|
|
|
} |
2117
|
|
|
|
|
|
|
if (m % 839 == 0) { |
2118
|
|
|
|
|
|
|
markInSieve(sieve, n, 839); |
2119
|
|
|
|
|
|
|
continue; |
2120
|
|
|
|
|
|
|
} |
2121
|
|
|
|
|
|
|
m = modInt(x, 627947039); |
2122
|
|
|
|
|
|
|
if (m % 853 == 0) { |
2123
|
|
|
|
|
|
|
markInSieve(sieve, n, 853); |
2124
|
|
|
|
|
|
|
continue; |
2125
|
|
|
|
|
|
|
} |
2126
|
|
|
|
|
|
|
if (m % 857 == 0) { |
2127
|
|
|
|
|
|
|
markInSieve(sieve, n, 857); |
2128
|
|
|
|
|
|
|
continue; |
2129
|
|
|
|
|
|
|
} |
2130
|
|
|
|
|
|
|
if (m % 859 == 0) { |
2131
|
|
|
|
|
|
|
markInSieve(sieve, n, 859); |
2132
|
|
|
|
|
|
|
continue; |
2133
|
|
|
|
|
|
|
} |
2134
|
|
|
|
|
|
|
m = modInt(x, 666785731); |
2135
|
|
|
|
|
|
|
if (m % 863 == 0) { |
2136
|
|
|
|
|
|
|
markInSieve(sieve, n, 863); |
2137
|
|
|
|
|
|
|
continue; |
2138
|
|
|
|
|
|
|
} |
2139
|
|
|
|
|
|
|
if (m % 877 == 0) { |
2140
|
|
|
|
|
|
|
markInSieve(sieve, n, 877); |
2141
|
|
|
|
|
|
|
continue; |
2142
|
|
|
|
|
|
|
} |
2143
|
|
|
|
|
|
|
if (m % 881 == 0) { |
2144
|
|
|
|
|
|
|
markInSieve(sieve, n, 881); |
2145
|
|
|
|
|
|
|
continue; |
2146
|
|
|
|
|
|
|
} |
2147
|
|
|
|
|
|
|
m = modInt(x, 710381447); |
2148
|
|
|
|
|
|
|
if (m % 883 == 0) { |
2149
|
|
|
|
|
|
|
markInSieve(sieve, n, 883); |
2150
|
|
|
|
|
|
|
continue; |
2151
|
|
|
|
|
|
|
} |
2152
|
|
|
|
|
|
|
if (m % 887 == 0) { |
2153
|
|
|
|
|
|
|
markInSieve(sieve, n, 887); |
2154
|
|
|
|
|
|
|
continue; |
2155
|
|
|
|
|
|
|
} |
2156
|
|
|
|
|
|
|
if (m % 907 == 0) { |
2157
|
|
|
|
|
|
|
markInSieve(sieve, n, 907); |
2158
|
|
|
|
|
|
|
continue; |
2159
|
|
|
|
|
|
|
} |
2160
|
|
|
|
|
|
|
m = modInt(x, 777767161); |
2161
|
|
|
|
|
|
|
if (m % 911 == 0) { |
2162
|
|
|
|
|
|
|
markInSieve(sieve, n, 911); |
2163
|
|
|
|
|
|
|
continue; |
2164
|
|
|
|
|
|
|
} |
2165
|
|
|
|
|
|
|
if (m % 919 == 0) { |
2166
|
|
|
|
|
|
|
markInSieve(sieve, n, 919); |
2167
|
|
|
|
|
|
|
continue; |
2168
|
|
|
|
|
|
|
} |
2169
|
|
|
|
|
|
|
if (m % 929 == 0) { |
2170
|
|
|
|
|
|
|
markInSieve(sieve, n, 929); |
2171
|
|
|
|
|
|
|
continue; |
2172
|
|
|
|
|
|
|
} |
2173
|
|
|
|
|
|
|
m = modInt(x, 834985999); |
2174
|
|
|
|
|
|
|
if (m % 937 == 0) { |
2175
|
|
|
|
|
|
|
markInSieve(sieve, n, 937); |
2176
|
|
|
|
|
|
|
continue; |
2177
|
|
|
|
|
|
|
} |
2178
|
|
|
|
|
|
|
if (m % 941 == 0) { |
2179
|
|
|
|
|
|
|
markInSieve(sieve, n, 941); |
2180
|
|
|
|
|
|
|
continue; |
2181
|
|
|
|
|
|
|
} |
2182
|
|
|
|
|
|
|
if (m % 947 == 0) { |
2183
|
|
|
|
|
|
|
markInSieve(sieve, n, 947); |
2184
|
|
|
|
|
|
|
continue; |
2185
|
|
|
|
|
|
|
} |
2186
|
|
|
|
|
|
|
m = modInt(x, 894826021); |
2187
|
|
|
|
|
|
|
if (m % 953 == 0) { |
2188
|
|
|
|
|
|
|
markInSieve(sieve, n, 953); |
2189
|
|
|
|
|
|
|
continue; |
2190
|
|
|
|
|
|
|
} |
2191
|
|
|
|
|
|
|
if (m % 967 == 0) { |
2192
|
|
|
|
|
|
|
markInSieve(sieve, n, 967); |
2193
|
|
|
|
|
|
|
continue; |
2194
|
|
|
|
|
|
|
} |
2195
|
|
|
|
|
|
|
if (m % 971 == 0) { |
2196
|
|
|
|
|
|
|
markInSieve(sieve, n, 971); |
2197
|
|
|
|
|
|
|
continue; |
2198
|
|
|
|
|
|
|
} |
2199
|
|
|
|
|
|
|
m = modInt(x, 951747481); |
2200
|
|
|
|
|
|
|
if (m % 977 == 0) { |
2201
|
|
|
|
|
|
|
markInSieve(sieve, n, 977); |
2202
|
|
|
|
|
|
|
continue; |
2203
|
|
|
|
|
|
|
} |
2204
|
|
|
|
|
|
|
if (m % 983 == 0) { |
2205
|
|
|
|
|
|
|
markInSieve(sieve, n, 983); |
2206
|
|
|
|
|
|
|
continue; |
2207
|
|
|
|
|
|
|
} |
2208
|
|
|
|
|
|
|
if (m % 991 == 0) { |
2209
|
|
|
|
|
|
|
markInSieve(sieve, n, 991); |
2210
|
|
|
|
|
|
|
continue; |
2211
|
|
|
|
|
|
|
} |
2212
|
|
|
|
|
|
|
m = modInt(x, 1019050649); |
2213
|
|
|
|
|
|
|
if (m % 997 == 0) { |
2214
|
|
|
|
|
|
|
markInSieve(sieve, n, 997); |
2215
|
|
|
|
|
|
|
continue; |
2216
|
|
|
|
|
|
|
} |
2217
|
|
|
|
|
|
|
if (m % 1009 == 0) { |
2218
|
|
|
|
|
|
|
markInSieve(sieve, n, 1009); |
2219
|
|
|
|
|
|
|
continue; |
2220
|
|
|
|
|
|
|
} |
2221
|
|
|
|
|
|
|
if (m % 1013 == 0) { |
2222
|
|
|
|
|
|
|
markInSieve(sieve, n, 1013); |
2223
|
|
|
|
|
|
|
continue; |
2224
|
|
|
|
|
|
|
} |
2225
|
|
|
|
|
|
|
m = modInt(x, 1072651369); |
2226
|
|
|
|
|
|
|
if (m % 1019 == 0) continue; |
2227
|
|
|
|
|
|
|
if (m % 1021 == 0) continue; |
2228
|
|
|
|
|
|
|
if (m % 1031 == 0) continue; |
2229
|
|
|
|
|
|
|
m = modInt(x, 1125878063); |
2230
|
|
|
|
|
|
|
if (m % 1033 == 0) continue; |
2231
|
|
|
|
|
|
|
if (m % 1039 == 0) continue; |
2232
|
|
|
|
|
|
|
if (m % 1049 == 0) continue; |
2233
|
|
|
|
|
|
|
m = modInt(x, 1185362993); |
2234
|
|
|
|
|
|
|
if (m % 1051 == 0) continue; |
2235
|
|
|
|
|
|
|
if (m % 1061 == 0) continue; |
2236
|
|
|
|
|
|
|
if (m % 1063 == 0) continue; |
2237
|
|
|
|
|
|
|
m = modInt(x, 1267745273); |
2238
|
|
|
|
|
|
|
if (m % 1069 == 0) continue; |
2239
|
|
|
|
|
|
|
if (m % 1087 == 0) continue; |
2240
|
|
|
|
|
|
|
if (m % 1091 == 0) continue; |
2241
|
|
|
|
|
|
|
m = modInt(x, 1322520163); |
2242
|
|
|
|
|
|
|
if (m % 1093 == 0) continue; |
2243
|
|
|
|
|
|
|
if (m % 1097 == 0) continue; |
2244
|
|
|
|
|
|
|
if (m % 1103 == 0) continue; |
2245
|
|
|
|
|
|
|
m = modInt(x, 1391119619); |
2246
|
|
|
|
|
|
|
if (m % 1109 == 0) continue; |
2247
|
|
|
|
|
|
|
if (m % 1117 == 0) continue; |
2248
|
|
|
|
|
|
|
if (m % 1123 == 0) continue; |
2249
|
|
|
|
|
|
|
m = modInt(x, 1498299287); |
2250
|
|
|
|
|
|
|
if (m % 1129 == 0) continue; |
2251
|
|
|
|
|
|
|
if (m % 1151 == 0) continue; |
2252
|
|
|
|
|
|
|
if (m % 1153 == 0) continue; |
2253
|
|
|
|
|
|
|
m = modInt(x, 1608372013); |
2254
|
|
|
|
|
|
|
if (m % 1163 == 0) continue; |
2255
|
|
|
|
|
|
|
if (m % 1171 == 0) continue; |
2256
|
|
|
|
|
|
|
if (m % 1181 == 0) continue; |
2257
|
|
|
|
|
|
|
m = modInt(x, 1700725291); |
2258
|
|
|
|
|
|
|
if (m % 1187 == 0) continue; |
2259
|
|
|
|
|
|
|
if (m % 1193 == 0) continue; |
2260
|
|
|
|
|
|
|
if (m % 1201 == 0) continue; |
2261
|
|
|
|
|
|
|
m = modInt(x, 1805418283); |
2262
|
|
|
|
|
|
|
if (m % 1213 == 0) continue; |
2263
|
|
|
|
|
|
|
if (m % 1217 == 0) continue; |
2264
|
|
|
|
|
|
|
if (m % 1223 == 0) continue; |
2265
|
|
|
|
|
|
|
m = modInt(x, 1871456063); |
2266
|
|
|
|
|
|
|
if (m % 1229 == 0) continue; |
2267
|
|
|
|
|
|
|
if (m % 1231 == 0) continue; |
2268
|
|
|
|
|
|
|
if (m % 1237 == 0) continue; |
2269
|
|
|
|
|
|
|
m = modInt(x, 2008071007); |
2270
|
|
|
|
|
|
|
if (m % 1249 == 0) continue; |
2271
|
|
|
|
|
|
|
if (m % 1259 == 0) continue; |
2272
|
|
|
|
|
|
|
if (m % 1277 == 0) continue; |
2273
|
|
|
|
|
|
|
m = modInt(x, 2115193573); |
2274
|
|
|
|
|
|
|
if (m % 1279 == 0) continue; |
2275
|
|
|
|
|
|
|
if (m % 1283 == 0) continue; |
2276
|
|
|
|
|
|
|
if (m % 1289 == 0) continue; |
2277
|
|
|
|
|
|
|
m = modInt(x, 2178429527); |
2278
|
|
|
|
|
|
|
if (m % 1291 == 0) continue; |
2279
|
|
|
|
|
|
|
if (m % 1297 == 0) continue; |
2280
|
|
|
|
|
|
|
if (m % 1301 == 0) continue; |
2281
|
|
|
|
|
|
|
m = modInt(x, 2246284699); |
2282
|
|
|
|
|
|
|
if (m % 1303 == 0) continue; |
2283
|
|
|
|
|
|
|
if (m % 1307 == 0) continue; |
2284
|
|
|
|
|
|
|
if (m % 1319 == 0) continue; |
2285
|
|
|
|
|
|
|
m = modInt(x, 2385788087); |
2286
|
|
|
|
|
|
|
if (m % 1321 == 0) continue; |
2287
|
|
|
|
|
|
|
if (m % 1327 == 0) continue; |
2288
|
|
|
|
|
|
|
if (m % 1361 == 0) continue; |
2289
|
|
|
|
|
|
|
m = modInt(x, 2591986471); |
2290
|
|
|
|
|
|
|
if (m % 1367 == 0) continue; |
2291
|
|
|
|
|
|
|
if (m % 1373 == 0) continue; |
2292
|
|
|
|
|
|
|
if (m % 1381 == 0) continue; |
2293
|
|
|
|
|
|
|
m = modInt(x, 2805004793); |
2294
|
|
|
|
|
|
|
if (m % 1399 == 0) continue; |
2295
|
|
|
|
|
|
|
if (m % 1409 == 0) continue; |
2296
|
|
|
|
|
|
|
if (m % 1423 == 0) continue; |
2297
|
|
|
|
|
|
|
m = modInt(x, 2922149239); |
2298
|
|
|
|
|
|
|
if (m % 1427 == 0) continue; |
2299
|
|
|
|
|
|
|
if (m % 1429 == 0) continue; |
2300
|
|
|
|
|
|
|
if (m % 1433 == 0) continue; |
2301
|
|
|
|
|
|
|
m = modInt(x, 3021320083); |
2302
|
|
|
|
|
|
|
if (m % 1439 == 0) continue; |
2303
|
|
|
|
|
|
|
if (m % 1447 == 0) continue; |
2304
|
|
|
|
|
|
|
if (m % 1451 == 0) continue; |
2305
|
|
|
|
|
|
|
m = modInt(x, 3118412617); |
2306
|
|
|
|
|
|
|
if (m % 1453 == 0) continue; |
2307
|
|
|
|
|
|
|
if (m % 1459 == 0) continue; |
2308
|
|
|
|
|
|
|
if (m % 1471 == 0) continue; |
2309
|
|
|
|
|
|
|
m = modInt(x, 3265932301); |
2310
|
|
|
|
|
|
|
if (m % 1481 == 0) continue; |
2311
|
|
|
|
|
|
|
if (m % 1483 == 0) continue; |
2312
|
|
|
|
|
|
|
if (m % 1487 == 0) continue; |
2313
|
|
|
|
|
|
|
m = modInt(x, 3332392423); |
2314
|
|
|
|
|
|
|
if (m % 1489 == 0) continue; |
2315
|
|
|
|
|
|
|
if (m % 1493 == 0) continue; |
2316
|
|
|
|
|
|
|
if (m % 1499 == 0) continue; |
2317
|
|
|
|
|
|
|
m = modInt(x, 3523218343); |
2318
|
|
|
|
|
|
|
if (m % 1511 == 0) continue; |
2319
|
|
|
|
|
|
|
if (m % 1523 == 0) continue; |
2320
|
|
|
|
|
|
|
if (m % 1531 == 0) continue; |
2321
|
|
|
|
|
|
|
m = modInt(x, 3711836171); |
2322
|
|
|
|
|
|
|
if (m % 1543 == 0) continue; |
2323
|
|
|
|
|
|
|
if (m % 1549 == 0) continue; |
2324
|
|
|
|
|
|
|
if (m % 1553 == 0) continue; |
2325
|
|
|
|
|
|
|
m = modInt(x, 3837879163); |
2326
|
|
|
|
|
|
|
if (m % 1559 == 0) continue; |
2327
|
|
|
|
|
|
|
if (m % 1567 == 0) continue; |
2328
|
|
|
|
|
|
|
if (m % 1571 == 0) continue; |
2329
|
|
|
|
|
|
|
m = modInt(x, 3991792529); |
2330
|
|
|
|
|
|
|
if (m % 1579 == 0) continue; |
2331
|
|
|
|
|
|
|
if (m % 1583 == 0) continue; |
2332
|
|
|
|
|
|
|
if (m % 1597 == 0) continue; |
2333
|
|
|
|
|
|
|
m = modInt(x, 4139646463); |
2334
|
|
|
|
|
|
|
if (m % 1601 == 0) continue; |
2335
|
|
|
|
|
|
|
if (m % 1607 == 0) continue; |
2336
|
|
|
|
|
|
|
if (m % 1609 == 0) continue; |
2337
|
|
|
|
|
|
|
m = modInt(x, 4233155587); |
2338
|
|
|
|
|
|
|
if (m % 1613 == 0) continue; |
2339
|
|
|
|
|
|
|
if (m % 1619 == 0) continue; |
2340
|
|
|
|
|
|
|
if (m % 1621 == 0) continue; |
2341
|
|
|
|
|
|
|
m = modInt(x, 2663399); |
2342
|
|
|
|
|
|
|
if (m % 1627 == 0) continue; |
2343
|
|
|
|
|
|
|
if (m % 1637 == 0) continue; |
2344
|
|
|
|
|
|
|
m = modInt(x, 2755591); |
2345
|
|
|
|
|
|
|
if (m % 1657 == 0) continue; |
2346
|
|
|
|
|
|
|
if (m % 1663 == 0) continue; |
2347
|
|
|
|
|
|
|
m = modInt(x, 2782223); |
2348
|
|
|
|
|
|
|
if (m % 1667 == 0) continue; |
2349
|
|
|
|
|
|
|
if (m % 1669 == 0) continue; |
2350
|
|
|
|
|
|
|
m = modInt(x, 2873021); |
2351
|
|
|
|
|
|
|
if (m % 1693 == 0) continue; |
2352
|
|
|
|
|
|
|
if (m % 1697 == 0) continue; |
2353
|
|
|
|
|
|
|
m = modInt(x, 2903591); |
2354
|
|
|
|
|
|
|
if (m % 1699 == 0) continue; |
2355
|
|
|
|
|
|
|
if (m % 1709 == 0) continue; |
2356
|
|
|
|
|
|
|
m = modInt(x, 2965283); |
2357
|
|
|
|
|
|
|
if (m % 1721 == 0) continue; |
2358
|
|
|
|
|
|
|
if (m % 1723 == 0) continue; |
2359
|
|
|
|
|
|
|
m = modInt(x, 3017153); |
2360
|
|
|
|
|
|
|
if (m % 1733 == 0) continue; |
2361
|
|
|
|
|
|
|
if (m % 1741 == 0) continue; |
2362
|
|
|
|
|
|
|
m = modInt(x, 3062491); |
2363
|
|
|
|
|
|
|
if (m % 1747 == 0) continue; |
2364
|
|
|
|
|
|
|
if (m % 1753 == 0) continue; |
2365
|
|
|
|
|
|
|
m = modInt(x, 3125743); |
2366
|
|
|
|
|
|
|
if (m % 1759 == 0) continue; |
2367
|
|
|
|
|
|
|
if (m % 1777 == 0) continue; |
2368
|
|
|
|
|
|
|
m = modInt(x, 3186221); |
2369
|
|
|
|
|
|
|
if (m % 1783 == 0) continue; |
2370
|
|
|
|
|
|
|
if (m % 1787 == 0) continue; |
2371
|
|
|
|
|
|
|
m = modInt(x, 3221989); |
2372
|
|
|
|
|
|
|
if (m % 1789 == 0) continue; |
2373
|
|
|
|
|
|
|
if (m % 1801 == 0) continue; |
2374
|
|
|
|
|
|
|
m = modInt(x, 3301453); |
2375
|
|
|
|
|
|
|
if (m % 1811 == 0) continue; |
2376
|
|
|
|
|
|
|
if (m % 1823 == 0) continue; |
2377
|
|
|
|
|
|
|
m = modInt(x, 3381857); |
2378
|
|
|
|
|
|
|
if (m % 1831 == 0) continue; |
2379
|
|
|
|
|
|
|
if (m % 1847 == 0) continue; |
2380
|
|
|
|
|
|
|
m = modInt(x, 3474487); |
2381
|
|
|
|
|
|
|
if (m % 1861 == 0) continue; |
2382
|
|
|
|
|
|
|
if (m % 1867 == 0) continue; |
2383
|
|
|
|
|
|
|
m = modInt(x, 3504383); |
2384
|
|
|
|
|
|
|
if (m % 1871 == 0) continue; |
2385
|
|
|
|
|
|
|
if (m % 1873 == 0) continue; |
2386
|
|
|
|
|
|
|
m = modInt(x, 3526883); |
2387
|
|
|
|
|
|
|
if (m % 1877 == 0) continue; |
2388
|
|
|
|
|
|
|
if (m % 1879 == 0) continue; |
2389
|
|
|
|
|
|
|
m = modInt(x, 3590989); |
2390
|
|
|
|
|
|
|
if (m % 1889 == 0) continue; |
2391
|
|
|
|
|
|
|
if (m % 1901 == 0) continue; |
2392
|
|
|
|
|
|
|
m = modInt(x, 3648091); |
2393
|
|
|
|
|
|
|
if (m % 1907 == 0) continue; |
2394
|
|
|
|
|
|
|
if (m % 1913 == 0) continue; |
2395
|
|
|
|
|
|
|
m = modInt(x, 3732623); |
2396
|
|
|
|
|
|
|
if (m % 1931 == 0) continue; |
2397
|
|
|
|
|
|
|
if (m % 1933 == 0) continue; |
2398
|
|
|
|
|
|
|
m = modInt(x, 3802499); |
2399
|
|
|
|
|
|
|
if (m % 1949 == 0) continue; |
2400
|
|
|
|
|
|
|
if (m % 1951 == 0) continue; |
2401
|
|
|
|
|
|
|
m = modInt(x, 3904567); |
2402
|
|
|
|
|
|
|
if (m % 1973 == 0) continue; |
2403
|
|
|
|
|
|
|
if (m % 1979 == 0) continue; |
2404
|
|
|
|
|
|
|
m = modInt(x, 3960091); |
2405
|
|
|
|
|
|
|
if (m % 1987 == 0) continue; |
2406
|
|
|
|
|
|
|
if (m % 1993 == 0) continue; |
2407
|
|
|
|
|
|
|
m = modInt(x, 3992003); |
2408
|
|
|
|
|
|
|
if (m % 1997 == 0) continue; |
2409
|
|
|
|
|
|
|
if (m % 1999 == 0) continue; |
2410
|
|
|
|
|
|
|
|
2411
|
|
|
|
|
|
|
#line 955 "Condensation/../../c/Condensation/RSA64/Math.inc.c" |
2412
|
|
|
|
|
|
|
KEY_GENERATION_RESET_WATCHDOG(); |
2413
|
|
|
|
|
|
|
if (! millerRabin(x, modPowBig)) continue; |
2414
|
|
|
|
|
|
|
|
2415
|
|
|
|
|
|
|
struct cdsBigInteger xme = CDS_BIG_INTEGER_ZERO; |
2416
|
|
|
|
|
|
|
copyD(&xme, x, 0); |
2417
|
|
|
|
|
|
|
mod(&xme, e); |
2418
|
|
|
|
|
|
|
if (isOne(&xme)) continue; |
2419
|
|
|
|
|
|
|
|
2420
|
|
|
|
|
|
|
struct cdsBigInteger x1 = CDS_BIG_INTEGER_ZERO; |
2421
|
|
|
|
|
|
|
copyD(&x1, x, 0); |
2422
|
|
|
|
|
|
|
decrement(&x1); |
2423
|
|
|
|
|
|
|
struct cdsBigInteger e1 = CDS_BIG_INTEGER_ZERO; |
2424
|
|
|
|
|
|
|
copyD(&e1, e, 0); |
2425
|
|
|
|
|
|
|
gcd(&x1, &e1); |
2426
|
|
|
|
|
|
|
if (isOne(&x1)) return; |
2427
|
|
|
|
|
|
|
} |
2428
|
|
|
|
|
|
|
} |
2429
|
|
|
|
|
|
|
} |
2430
|
|
|
|
|
|
|
|
2431
|
|
|
|
|
|
|
static void generateKey(struct cdsRSAPrivateKey * this, struct cdsRSAModPowBig * modPowBig) { |
2432
|
|
|
|
|
|
|
struct cdsBigInteger * e = &this->rsaPublicKey.e; |
2433
|
|
|
|
|
|
|
struct cdsBigInteger * p = &this->p; |
2434
|
|
|
|
|
|
|
struct cdsBigInteger * q = &this->q; |
2435
|
|
|
|
|
|
|
struct cdsBigInteger n = CDS_BIG_INTEGER_ZERO; |
2436
|
|
|
|
|
|
|
struct cdsBigInteger n3 = CDS_BIG_INTEGER_ZERO; |
2437
|
|
|
|
|
|
|
|
2438
|
|
|
|
|
|
|
setUint32(e, 0x10001); |
2439
|
|
|
|
|
|
|
while (true) { |
2440
|
|
|
|
|
|
|
randomPrime1024(p, e, modPowBig); |
2441
|
|
|
|
|
|
|
|
2442
|
|
|
|
|
|
|
while (true) { |
2443
|
|
|
|
|
|
|
randomPrime1024(q, e, modPowBig); |
2444
|
|
|
|
|
|
|
|
2445
|
|
|
|
|
|
|
if (compare(p, q) < 0) { |
2446
|
|
|
|
|
|
|
struct cdsBigInteger * temp = p; |
2447
|
|
|
|
|
|
|
p = q; |
2448
|
|
|
|
|
|
|
q = temp; |
2449
|
|
|
|
|
|
|
} |
2450
|
|
|
|
|
|
|
|
2451
|
|
|
|
|
|
|
|
2452
|
|
|
|
|
|
|
setZero(&n); |
2453
|
|
|
|
|
|
|
mul(&n, p, q); |
2454
|
|
|
|
|
|
|
|
2455
|
|
|
|
|
|
|
if (mostSignificantElement(&n) != elementsFor2048Bits - 1 || (n.values[elementsFor2048Bits - 1] & 0x80000000) == 0) continue; |
2456
|
|
|
|
|
|
|
|
2457
|
|
|
|
|
|
|
break; |
2458
|
|
|
|
|
|
|
} |
2459
|
|
|
|
|
|
|
|
2460
|
|
|
|
|
|
|
setZero(&n3); |
2461
|
|
|
|
|
|
|
addN(&n3, 3, &n, 0); |
2462
|
|
|
|
|
|
|
int nk = elementsFor2048Bits - 1; // == mostSignificantElement(n), a condition for quitting the while loop above |
2463
|
|
|
|
|
|
|
int nafCount = 0; |
2464
|
|
|
|
|
|
|
for (int i = 0; i <= nk; i++) nafCount += bitCount(n.values[i] ^ n3.values[i]); |
2465
|
|
|
|
|
|
|
if (nk + 1 < n3.length) nafCount += bitCount(n3.values[nk + 1]); |
2466
|
|
|
|
|
|
|
if (nafCount < 512) continue; |
2467
|
|
|
|
|
|
|
|
2468
|
|
|
|
|
|
|
break; |
2469
|
|
|
|
|
|
|
} |
2470
|
|
|
|
|
|
|
} |
2471
|
|
|
|
|
|
|
|
2472
|
|
|
|
|
|
|
#line 15 "Condensation/../../c/Condensation/all.inc.c" |
2473
|
|
|
|
|
|
|
|
2474
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/Encoding.inc.c" |
2475
|
|
|
|
|
|
|
#include |
2476
|
|
|
|
|
|
|
|
2477
|
|
|
|
|
|
|
static const uint16_t emLength = 256; // = 2048 / 8 |
2478
|
|
|
|
|
|
|
static const uint16_t hashLength = 32; |
2479
|
|
|
|
|
|
|
static const uint8_t OAEPZeroLabelHash[] = {0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55}; |
2480
|
|
|
|
|
|
|
|
2481
|
|
|
|
|
|
|
static void maskGenerationFunction1(struct cdsBytes seed, struct cdsMutableBytes mask) { |
2482
|
|
|
|
|
|
|
struct cdsSHA256 sha256; |
2483
|
|
|
|
|
|
|
uint8_t counter[4] = {0, 0, 0, 0}; |
2484
|
|
|
|
|
|
|
cdsLength blocks = mask.length / 32; |
2485
|
|
|
|
|
|
|
for (cdsLength i = 0; i < blocks; i++) { |
2486
|
|
|
|
|
|
|
counter[3] = i; |
2487
|
|
|
|
|
|
|
cdsInitializeSHA256(&sha256); |
2488
|
|
|
|
|
|
|
cdsAddBytesToSHA256(&sha256, seed); |
2489
|
|
|
|
|
|
|
cdsAddBytesToSHA256(&sha256, cdsBytes(counter, 4)); |
2490
|
|
|
|
|
|
|
cdsFinalizeSHA256(&sha256, mask.data + i * 32); |
2491
|
|
|
|
|
|
|
} |
2492
|
|
|
|
|
|
|
} |
2493
|
|
|
|
|
|
|
|
2494
|
|
|
|
|
|
|
static void pssHash(struct cdsBytes digest, struct cdsBytes salt, uint8_t * h) { |
2495
|
|
|
|
|
|
|
uint8_t sequence[8 + 256 + 222]; |
2496
|
|
|
|
|
|
|
cdsLength sequenceLength = 8 + digest.length + salt.length; |
2497
|
|
|
|
|
|
|
memset(sequence, 0, 8); |
2498
|
|
|
|
|
|
|
memcpy(sequence + 8, digest.data, digest.length); |
2499
|
|
|
|
|
|
|
memcpy(sequence + 8 + digest.length, salt.data, salt.length); |
2500
|
|
|
|
|
|
|
cdsSHA256(cdsBytes(sequence, sequenceLength), h); |
2501
|
|
|
|
|
|
|
} |
2502
|
|
|
|
|
|
|
|
2503
|
|
|
|
|
|
|
static bool verifyPSS(struct cdsBytes digest, struct cdsBytes pss) { |
2504
|
|
|
|
|
|
|
assert(digest.length <= 256); |
2505
|
|
|
|
|
|
|
assert(pss.length == 256); |
2506
|
|
|
|
|
|
|
const uint8_t * em = pss.data; |
2507
|
|
|
|
|
|
|
|
2508
|
|
|
|
|
|
|
if (em[emLength - 1] != 0xbc) return false; |
2509
|
|
|
|
|
|
|
|
2510
|
|
|
|
|
|
|
uint16_t dbLength = emLength - hashLength - 1; // 223 |
2511
|
|
|
|
|
|
|
uint8_t mask[224]; // rounded up to the next multiple of 32 |
2512
|
|
|
|
|
|
|
maskGenerationFunction1(cdsBytes(em + (emLength - hashLength - 1), hashLength), cdsMutableBytes(mask, 224)); |
2513
|
|
|
|
|
|
|
uint8_t unmasked[224]; |
2514
|
|
|
|
|
|
|
for (uint16_t i = 0; i < dbLength; i++) unmasked[i] = em[i] ^ mask[i]; |
2515
|
|
|
|
|
|
|
|
2516
|
|
|
|
|
|
|
unmasked[0] &= 0x7f; |
2517
|
|
|
|
|
|
|
|
2518
|
|
|
|
|
|
|
uint16_t n = 0; |
2519
|
|
|
|
|
|
|
while (unmasked[n] == 0 && n < dbLength) n++; |
2520
|
|
|
|
|
|
|
|
2521
|
|
|
|
|
|
|
if (unmasked[n] != 0x01) return false; |
2522
|
|
|
|
|
|
|
n++; |
2523
|
|
|
|
|
|
|
|
2524
|
|
|
|
|
|
|
struct cdsBytes salt = cdsBytes(unmasked + n, dbLength - n); |
2525
|
|
|
|
|
|
|
|
2526
|
|
|
|
|
|
|
uint8_t h[hashLength]; |
2527
|
|
|
|
|
|
|
pssHash(digest, salt, h); |
2528
|
|
|
|
|
|
|
|
2529
|
|
|
|
|
|
|
for (uint16_t i = 0; i < 32; i++) |
2530
|
|
|
|
|
|
|
if (h[i] != em[dbLength + i]) return false; |
2531
|
|
|
|
|
|
|
|
2532
|
|
|
|
|
|
|
return true; |
2533
|
|
|
|
|
|
|
} |
2534
|
|
|
|
|
|
|
|
2535
|
|
|
|
|
|
|
static struct cdsBytes generatePSS(struct cdsBytes digest, uint8_t * em) { |
2536
|
|
|
|
|
|
|
assert(digest.length <= 256); |
2537
|
|
|
|
|
|
|
uint16_t dbLength = emLength - hashLength - 1; // 223 |
2538
|
|
|
|
|
|
|
|
2539
|
|
|
|
|
|
|
uint8_t saltBuffer[32]; |
2540
|
|
|
|
|
|
|
struct cdsBytes salt = cdsRandomBytes(saltBuffer, 32); |
2541
|
|
|
|
|
|
|
|
2542
|
|
|
|
|
|
|
em[emLength - 1] = 0xbc; |
2543
|
|
|
|
|
|
|
pssHash(digest, salt, em + dbLength); |
2544
|
|
|
|
|
|
|
|
2545
|
|
|
|
|
|
|
uint8_t mask[224]; |
2546
|
|
|
|
|
|
|
maskGenerationFunction1(cdsBytes(em + dbLength, hashLength), cdsMutableBytes(mask, 224)); |
2547
|
|
|
|
|
|
|
|
2548
|
|
|
|
|
|
|
uint16_t n = 0; |
2549
|
|
|
|
|
|
|
for (; n < dbLength - salt.length - 1; n++) |
2550
|
|
|
|
|
|
|
em[n] = mask[n]; |
2551
|
|
|
|
|
|
|
|
2552
|
|
|
|
|
|
|
em[n] = 0x01 ^ mask[n]; |
2553
|
|
|
|
|
|
|
n++; |
2554
|
|
|
|
|
|
|
|
2555
|
|
|
|
|
|
|
for (uint16_t i = 0; i < salt.length; i++, n++) |
2556
|
|
|
|
|
|
|
em[n] = salt.data[i] ^ mask[n]; |
2557
|
|
|
|
|
|
|
|
2558
|
|
|
|
|
|
|
em[0] &= 0x7f; |
2559
|
|
|
|
|
|
|
|
2560
|
|
|
|
|
|
|
return cdsBytes(em, emLength); |
2561
|
|
|
|
|
|
|
} |
2562
|
|
|
|
|
|
|
|
2563
|
|
|
|
|
|
|
static struct cdsBytes encodeOAEP(struct cdsBytes message, uint8_t * em) { |
2564
|
|
|
|
|
|
|
uint16_t dbLength = emLength - hashLength - 1; // 223 |
2565
|
|
|
|
|
|
|
uint8_t db[dbLength]; |
2566
|
|
|
|
|
|
|
memcpy(db, OAEPZeroLabelHash, 32); |
2567
|
|
|
|
|
|
|
memset(db + 32, 0, dbLength - 32 - message.length - 1); |
2568
|
|
|
|
|
|
|
db[dbLength - message.length - 1] = 0x01; |
2569
|
|
|
|
|
|
|
memcpy(db + (dbLength - message.length), message.data, message.length); |
2570
|
|
|
|
|
|
|
|
2571
|
|
|
|
|
|
|
uint8_t seedBuffer[hashLength]; |
2572
|
|
|
|
|
|
|
struct cdsBytes seed = cdsRandomBytes(seedBuffer, hashLength); |
2573
|
|
|
|
|
|
|
|
2574
|
|
|
|
|
|
|
uint8_t dbMask[224]; |
2575
|
|
|
|
|
|
|
maskGenerationFunction1(seed, cdsMutableBytes(dbMask, 224)); |
2576
|
|
|
|
|
|
|
uint16_t n = hashLength + 1; |
2577
|
|
|
|
|
|
|
for (uint16_t i = 0; i < dbLength; i++, n++) |
2578
|
|
|
|
|
|
|
em[n] = db[i] ^ dbMask[i]; |
2579
|
|
|
|
|
|
|
|
2580
|
|
|
|
|
|
|
uint8_t seedMask[hashLength]; |
2581
|
|
|
|
|
|
|
maskGenerationFunction1(cdsBytes(em + hashLength + 1, dbLength), cdsMutableBytes(seedMask, hashLength)); |
2582
|
|
|
|
|
|
|
em[0] = 0; |
2583
|
|
|
|
|
|
|
n = 1; |
2584
|
|
|
|
|
|
|
for (uint16_t i = 0; i < hashLength; i++, n++) |
2585
|
|
|
|
|
|
|
em[n] = seed.data[i] ^ seedMask[i]; |
2586
|
|
|
|
|
|
|
|
2587
|
|
|
|
|
|
|
return cdsBytes(em, emLength); |
2588
|
|
|
|
|
|
|
} |
2589
|
|
|
|
|
|
|
|
2590
|
|
|
|
|
|
|
static struct cdsBytes decodeOAEP(struct cdsBytes oaep, uint8_t * message) { |
2591
|
|
|
|
|
|
|
assert(oaep.length == 256); |
2592
|
|
|
|
|
|
|
const uint8_t * em = oaep.data; |
2593
|
|
|
|
|
|
|
|
2594
|
|
|
|
|
|
|
uint16_t dbLength = emLength - hashLength - 1; // 223 |
2595
|
|
|
|
|
|
|
uint8_t seedMask[hashLength]; |
2596
|
|
|
|
|
|
|
maskGenerationFunction1(cdsBytes(em + hashLength + 1, dbLength), cdsMutableBytes(seedMask, hashLength)); |
2597
|
|
|
|
|
|
|
uint8_t seed[hashLength]; |
2598
|
|
|
|
|
|
|
uint16_t n = 1; |
2599
|
|
|
|
|
|
|
for (uint16_t i = 0; i < hashLength; i++, n++) |
2600
|
|
|
|
|
|
|
seed[i] = em[n] ^ seedMask[i]; |
2601
|
|
|
|
|
|
|
|
2602
|
|
|
|
|
|
|
uint8_t dbMask[224]; |
2603
|
|
|
|
|
|
|
maskGenerationFunction1(cdsBytes(seed, hashLength), cdsMutableBytes(dbMask, 224)); |
2604
|
|
|
|
|
|
|
|
2605
|
|
|
|
|
|
|
bool correct = true; |
2606
|
|
|
|
|
|
|
|
2607
|
|
|
|
|
|
|
uint16_t i = 0; |
2608
|
|
|
|
|
|
|
for (; i < 32; n++, i++) { |
2609
|
|
|
|
|
|
|
if (OAEPZeroLabelHash[i] != (em[n] ^ dbMask[i])) correct = false; |
2610
|
|
|
|
|
|
|
} |
2611
|
|
|
|
|
|
|
|
2612
|
|
|
|
|
|
|
for (; em[n] == dbMask[i] && n < emLength; n++) i++; |
2613
|
|
|
|
|
|
|
|
2614
|
|
|
|
|
|
|
if (n >= emLength || (em[n] ^ dbMask[i]) != 0x01) correct = false; |
2615
|
|
|
|
|
|
|
n++; |
2616
|
|
|
|
|
|
|
i++; |
2617
|
|
|
|
|
|
|
|
2618
|
|
|
|
|
|
|
uint16_t messageLength = emLength - n; |
2619
|
|
|
|
|
|
|
for (uint16_t k = 0; n < emLength; n++, i++, k++) |
2620
|
|
|
|
|
|
|
message[k] = em[n] ^ dbMask[i]; |
2621
|
|
|
|
|
|
|
|
2622
|
|
|
|
|
|
|
return correct ? cdsBytes(message, messageLength) : cdsEmpty; |
2623
|
|
|
|
|
|
|
} |
2624
|
|
|
|
|
|
|
|
2625
|
|
|
|
|
|
|
#line 16 "Condensation/../../c/Condensation/all.inc.c" |
2626
|
|
|
|
|
|
|
|
2627
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/PrivateKey.inc.c" |
2628
|
|
|
|
|
|
|
|
2629
|
|
|
|
|
|
|
static void precalculateCrtParameters(struct cdsRSAPrivateKey * this) { |
2630
|
|
|
|
|
|
|
setZero(&this->rsaPublicKey.n); |
2631
|
|
|
|
|
|
|
mul(&this->rsaPublicKey.n, &this->p, &this->q); |
2632
|
|
|
|
|
|
|
|
2633
|
|
|
|
|
|
|
struct cdsBigInteger p1 = CDS_BIG_INTEGER_ZERO; |
2634
|
|
|
|
|
|
|
copyD(&p1, &this->p, 0); |
2635
|
|
|
|
|
|
|
decrement(&p1); |
2636
|
|
|
|
|
|
|
|
2637
|
|
|
|
|
|
|
struct cdsBigInteger q1 = CDS_BIG_INTEGER_ZERO; |
2638
|
|
|
|
|
|
|
copyD(&q1, &this->q, 0); |
2639
|
|
|
|
|
|
|
decrement(&q1); |
2640
|
|
|
|
|
|
|
|
2641
|
|
|
|
|
|
|
struct cdsBigInteger phi = CDS_BIG_INTEGER_ZERO; |
2642
|
|
|
|
|
|
|
mul(&phi, &p1, &q1); |
2643
|
|
|
|
|
|
|
|
2644
|
|
|
|
|
|
|
modInverse(&this->d, &this->rsaPublicKey.e, &phi); |
2645
|
|
|
|
|
|
|
|
2646
|
|
|
|
|
|
|
copyD(&this->dp, &this->d, 0); |
2647
|
|
|
|
|
|
|
mod(&this->dp, &p1); |
2648
|
|
|
|
|
|
|
|
2649
|
|
|
|
|
|
|
copyD(&this->dq, &this->d, 0); |
2650
|
|
|
|
|
|
|
mod(&this->dq, &q1); |
2651
|
|
|
|
|
|
|
|
2652
|
|
|
|
|
|
|
modInverse(&this->pInv, &this->p, &this->q); |
2653
|
|
|
|
|
|
|
|
2654
|
|
|
|
|
|
|
modInverse(&this->qInv, &this->q, &this->p); |
2655
|
|
|
|
|
|
|
} |
2656
|
|
|
|
|
|
|
|
2657
|
|
|
|
|
|
|
void cdsGeneratePrivateKeyWithMemory(struct cdsRSAPrivateKey * this, struct cdsRSAModPowBig * modPowBig) { |
2658
|
|
|
|
|
|
|
generateKey(this, modPowBig); |
2659
|
|
|
|
|
|
|
this->isValid = true; |
2660
|
|
|
|
|
|
|
this->rsaPublicKey.isValid = true; |
2661
|
|
|
|
|
|
|
precalculateCrtParameters(this); |
2662
|
|
|
|
|
|
|
} |
2663
|
|
|
|
|
|
|
|
2664
|
|
|
|
|
|
|
void cdsGeneratePrivateKey(struct cdsRSAPrivateKey * this) { |
2665
|
|
|
|
|
|
|
struct cdsRSAModPowBig modPowBig; |
2666
|
|
|
|
|
|
|
cdsGeneratePrivateKeyWithMemory(this, &modPowBig); |
2667
|
|
|
|
|
|
|
} |
2668
|
|
|
|
|
|
|
|
2669
|
|
|
|
|
|
|
void cdsInitializeEmptyPrivateKey(struct cdsRSAPrivateKey * this) { |
2670
|
|
|
|
|
|
|
this->isValid = false; |
2671
|
|
|
|
|
|
|
this->rsaPublicKey.isValid = false; |
2672
|
|
|
|
|
|
|
} |
2673
|
|
|
|
|
|
|
|
2674
|
|
|
|
|
|
|
void cdsInitializePrivateKey(struct cdsRSAPrivateKey * this, const struct cdsBytes e, const struct cdsBytes p, const struct cdsBytes q) { |
2675
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&this->rsaPublicKey.e, e); |
2676
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&this->p, p); |
2677
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&this->q, q); |
2678
|
|
|
|
|
|
|
this->isValid = ! isZero(&this->rsaPublicKey.e) && mostSignificantElement(&this->p) + 1 == elementsFor1024Bits && mostSignificantElement(&this->q) + 1 == elementsFor1024Bits; |
2679
|
|
|
|
|
|
|
this->rsaPublicKey.isValid = this->isValid; |
2680
|
|
|
|
|
|
|
if (this->isValid) precalculateCrtParameters(this); |
2681
|
|
|
|
|
|
|
} |
2682
|
|
|
|
|
|
|
|
2683
|
|
|
|
|
|
|
static struct cdsBytes privateCrypt(const struct cdsRSAPrivateKey * this, const struct cdsBytes inputBytes, uint8_t * resultBuffer, struct cdsRSAPrivateCryptMemory * memory) { |
2684
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&memory->input, inputBytes); |
2685
|
|
|
|
|
|
|
|
2686
|
|
|
|
|
|
|
copyD(&memory->imodp, &memory->input, 0); |
2687
|
|
|
|
|
|
|
mod(&memory->imodp, &this->p); |
2688
|
|
|
|
|
|
|
modPowBigExp(&memory->modPowBig, &memory->imodp, &this->dp, &this->p); |
2689
|
|
|
|
|
|
|
modPowBigResult(&memory->modPowBig); |
2690
|
|
|
|
|
|
|
copyD(&memory->mP, memory->modPowBig.result, 0); |
2691
|
|
|
|
|
|
|
|
2692
|
|
|
|
|
|
|
copyD(&memory->imodq, &memory->input, 0); |
2693
|
|
|
|
|
|
|
mod(&memory->imodq, &this->q); |
2694
|
|
|
|
|
|
|
modPowBigExp(&memory->modPowBig, &memory->imodq, &this->dq, &this->q); |
2695
|
|
|
|
|
|
|
modPowBigResult(&memory->modPowBig); |
2696
|
|
|
|
|
|
|
copyD(&memory->mQ, memory->modPowBig.result, 0); |
2697
|
|
|
|
|
|
|
|
2698
|
|
|
|
|
|
|
if (compare(&memory->mP, &memory->mQ) > 0) { |
2699
|
|
|
|
|
|
|
copyD(&memory->difference, &memory->mP, 0); |
2700
|
|
|
|
|
|
|
subD(&memory->difference, &memory->mQ, 0); |
2701
|
|
|
|
|
|
|
setZero(&memory->h); |
2702
|
|
|
|
|
|
|
mul(&memory->h, &this->qInv, &memory->difference); |
2703
|
|
|
|
|
|
|
mod(&memory->h, &this->p); |
2704
|
|
|
|
|
|
|
|
2705
|
|
|
|
|
|
|
copyD(&memory->result, &memory->mQ, 0); |
2706
|
|
|
|
|
|
|
mul(&memory->result, &memory->h, &this->q); |
2707
|
|
|
|
|
|
|
} else { |
2708
|
|
|
|
|
|
|
copyD(&memory->difference, &memory->mQ, 0); |
2709
|
|
|
|
|
|
|
subD(&memory->difference, &memory->mP, 0); |
2710
|
|
|
|
|
|
|
setZero(&memory->h); |
2711
|
|
|
|
|
|
|
mul(&memory->h, &this->pInv, &memory->difference); |
2712
|
|
|
|
|
|
|
mod(&memory->h, &this->q); |
2713
|
|
|
|
|
|
|
|
2714
|
|
|
|
|
|
|
copyD(&memory->result, &memory->mP, 0); |
2715
|
|
|
|
|
|
|
mul(&memory->result, &memory->h, &this->p); |
2716
|
|
|
|
|
|
|
} |
2717
|
|
|
|
|
|
|
|
2718
|
|
|
|
|
|
|
cdsBytesFromBigInteger(cdsMutableBytes(resultBuffer, 256), &memory->result); |
2719
|
|
|
|
|
|
|
return cdsBytes(resultBuffer, 256); |
2720
|
|
|
|
|
|
|
}; |
2721
|
|
|
|
|
|
|
|
2722
|
|
|
|
|
|
|
struct cdsBytes cdsSignWithMemory(const struct cdsRSAPrivateKey * this, const struct cdsBytes digest, uint8_t * resultBuffer, struct cdsRSAPrivateCryptMemory * memory) { |
2723
|
|
|
|
|
|
|
uint8_t buffer[256]; |
2724
|
|
|
|
|
|
|
struct cdsBytes pss = generatePSS(digest, buffer); |
2725
|
|
|
|
|
|
|
|
2726
|
|
|
|
|
|
|
return privateCrypt(this, pss, resultBuffer, memory); |
2727
|
|
|
|
|
|
|
}; |
2728
|
|
|
|
|
|
|
|
2729
|
|
|
|
|
|
|
struct cdsBytes cdsSign(const struct cdsRSAPrivateKey * this, const struct cdsBytes digest, uint8_t * resultBuffer) { |
2730
|
|
|
|
|
|
|
struct cdsRSAPrivateCryptMemory memory; |
2731
|
|
|
|
|
|
|
return cdsSignWithMemory(this, digest, resultBuffer, &memory); |
2732
|
|
|
|
|
|
|
} |
2733
|
|
|
|
|
|
|
|
2734
|
|
|
|
|
|
|
struct cdsBytes cdsDecryptWithMemory(const struct cdsRSAPrivateKey * this, const struct cdsBytes encrypted, uint8_t * resultBuffer, struct cdsRSAPrivateCryptMemory * memory) { |
2735
|
|
|
|
|
|
|
uint8_t buffer[256]; |
2736
|
|
|
|
|
|
|
struct cdsBytes oaep = privateCrypt(this, encrypted, buffer, memory); |
2737
|
|
|
|
|
|
|
|
2738
|
|
|
|
|
|
|
return decodeOAEP(oaep, resultBuffer); |
2739
|
|
|
|
|
|
|
}; |
2740
|
|
|
|
|
|
|
|
2741
|
|
|
|
|
|
|
struct cdsBytes cdsDecrypt(const struct cdsRSAPrivateKey * this, const struct cdsBytes encrypted, uint8_t * resultBuffer) { |
2742
|
|
|
|
|
|
|
struct cdsRSAPrivateCryptMemory memory; |
2743
|
|
|
|
|
|
|
return cdsDecryptWithMemory(this, encrypted, resultBuffer, &memory); |
2744
|
|
|
|
|
|
|
} |
2745
|
|
|
|
|
|
|
|
2746
|
|
|
|
|
|
|
|
2747
|
|
|
|
|
|
|
#line 17 "Condensation/../../c/Condensation/all.inc.c" |
2748
|
|
|
|
|
|
|
|
2749
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/RSA64/PublicKey.inc.c" |
2750
|
|
|
|
|
|
|
|
2751
|
|
|
|
|
|
|
void cdsInitializeEmptyPublicKey(struct cdsRSAPublicKey * this) { |
2752
|
|
|
|
|
|
|
this->isValid = false; |
2753
|
|
|
|
|
|
|
} |
2754
|
|
|
|
|
|
|
|
2755
|
|
|
|
|
|
|
void cdsInitializePublicKey(struct cdsRSAPublicKey * this, const struct cdsBytes e, const struct cdsBytes n) { |
2756
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&this->e, e); |
2757
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&this->n, n); |
2758
|
|
|
|
|
|
|
this->isValid = ! isZero(&this->e) && mostSignificantElement(&this->n) + 1 == elementsFor2048Bits; |
2759
|
|
|
|
|
|
|
} |
2760
|
|
|
|
|
|
|
|
2761
|
|
|
|
|
|
|
static struct cdsBytes publicCrypt(const struct cdsRSAPublicKey * this, const struct cdsBytes inputBytes, uint8_t * resultBuffer, struct cdsRSAPublicCryptMemory * memory) { |
2762
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(&memory->input, inputBytes); |
2763
|
|
|
|
|
|
|
|
2764
|
|
|
|
|
|
|
modPowSmallExp(&memory->modPowSmall, &memory->input, &this->e, &this->n); |
2765
|
|
|
|
|
|
|
|
2766
|
|
|
|
|
|
|
cdsBytesFromBigInteger(cdsMutableBytes(resultBuffer, 256), memory->modPowSmall.result); |
2767
|
|
|
|
|
|
|
return cdsBytes(resultBuffer, 256); |
2768
|
|
|
|
|
|
|
} |
2769
|
|
|
|
|
|
|
|
2770
|
|
|
|
|
|
|
bool cdsVerifyWithMemory(const struct cdsRSAPublicKey * this, const struct cdsBytes digest, const struct cdsBytes signature, struct cdsRSAPublicCryptMemory * memory) { |
2771
|
|
|
|
|
|
|
uint8_t buffer[256]; |
2772
|
|
|
|
|
|
|
struct cdsBytes pss = publicCrypt(this, signature, buffer, memory); |
2773
|
|
|
|
|
|
|
|
2774
|
|
|
|
|
|
|
return verifyPSS(digest, pss); |
2775
|
|
|
|
|
|
|
} |
2776
|
|
|
|
|
|
|
|
2777
|
|
|
|
|
|
|
bool cdsVerify(const struct cdsRSAPublicKey * this, const struct cdsBytes digest, const struct cdsBytes signature) { |
2778
|
|
|
|
|
|
|
struct cdsRSAPublicCryptMemory memory; |
2779
|
|
|
|
|
|
|
return cdsVerifyWithMemory(this, digest, signature, &memory); |
2780
|
|
|
|
|
|
|
} |
2781
|
|
|
|
|
|
|
|
2782
|
|
|
|
|
|
|
struct cdsBytes cdsEncryptWithMemory(const struct cdsRSAPublicKey * this, const struct cdsBytes message, uint8_t * resultBuffer, struct cdsRSAPublicCryptMemory * memory) { |
2783
|
|
|
|
|
|
|
uint8_t buffer[256]; |
2784
|
|
|
|
|
|
|
struct cdsBytes oaep = encodeOAEP(message, buffer); |
2785
|
|
|
|
|
|
|
|
2786
|
|
|
|
|
|
|
return publicCrypt(this, oaep, resultBuffer, memory); |
2787
|
|
|
|
|
|
|
} |
2788
|
|
|
|
|
|
|
|
2789
|
|
|
|
|
|
|
struct cdsBytes cdsEncrypt(const struct cdsRSAPublicKey * this, const struct cdsBytes message, uint8_t * resultBuffer) { |
2790
|
|
|
|
|
|
|
struct cdsRSAPublicCryptMemory memory; |
2791
|
|
|
|
|
|
|
return cdsEncryptWithMemory(this, message, resultBuffer, &memory); |
2792
|
|
|
|
|
|
|
} |
2793
|
|
|
|
|
|
|
|
2794
|
|
|
|
|
|
|
#line 18 "Condensation/../../c/Condensation/all.inc.c" |
2795
|
|
|
|
|
|
|
|
2796
|
|
|
|
|
|
|
|
2797
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/Hash.inc.c" |
2798
|
|
|
|
|
|
|
struct cdsHash invalidHashForDebugging = {{0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, 0x44, 0x20, 0x48, 0x41, 0x53, 0x48, 0x20, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x20, 0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, 0x44, 0x20, 0x48, 0x41, 0x53, 0x48, 0x20}}; |
2799
|
|
|
|
|
|
|
|
2800
|
|
|
|
|
|
|
struct cdsHash cdsHash(const uint8_t * bytes) { |
2801
|
|
|
|
|
|
|
struct cdsHash hash; |
2802
|
|
|
|
|
|
|
memcpy(hash.bytes, bytes, 32); |
2803
|
|
|
|
|
|
|
return hash; |
2804
|
|
|
|
|
|
|
} |
2805
|
|
|
|
|
|
|
|
2806
|
|
|
|
|
|
|
struct cdsHash cdsHashFromBytes(const struct cdsBytes hashBytes) { |
2807
|
|
|
|
|
|
|
struct cdsHash hash; |
2808
|
|
|
|
|
|
|
if (hashBytes.length >= 32) |
2809
|
|
|
|
|
|
|
memcpy(hash.bytes, hashBytes.data, 32); |
2810
|
|
|
|
|
|
|
else |
2811
|
|
|
|
|
|
|
memset(hash.bytes, 0, 32); |
2812
|
|
|
|
|
|
|
return hash; |
2813
|
|
|
|
|
|
|
} |
2814
|
|
|
|
|
|
|
|
2815
|
|
|
|
|
|
|
struct cdsHash cdsHashFromBytesAtOffset(const struct cdsBytes hashBytes, cdsLength offset) { |
2816
|
|
|
|
|
|
|
struct cdsHash hash; |
2817
|
|
|
|
|
|
|
if (hashBytes.length >= offset + 32) |
2818
|
|
|
|
|
|
|
memcpy(hash.bytes, hashBytes.data + offset, 32); |
2819
|
|
|
|
|
|
|
else |
2820
|
|
|
|
|
|
|
memset(hash.bytes, 0, 32); |
2821
|
|
|
|
|
|
|
return hash; |
2822
|
|
|
|
|
|
|
} |
2823
|
|
|
|
|
|
|
|
2824
|
|
|
|
|
|
|
struct cdsHash cdsHashFromHex(const char * hashHex) { |
2825
|
|
|
|
|
|
|
struct cdsHash hash; |
2826
|
|
|
|
|
|
|
cdsBytesFromHex(hashHex, hash.bytes, 32); |
2827
|
|
|
|
|
|
|
return hash; |
2828
|
|
|
|
|
|
|
} |
2829
|
|
|
|
|
|
|
|
2830
|
|
|
|
|
|
|
struct cdsHash cdsCalculateHash(const struct cdsBytes bytes) { |
2831
|
|
|
|
|
|
|
struct cdsHash hash; |
2832
|
|
|
|
|
|
|
cdsSHA256(bytes, hash.bytes); |
2833
|
|
|
|
|
|
|
return hash; |
2834
|
|
|
|
|
|
|
} |
2835
|
|
|
|
|
|
|
|
2836
|
|
|
|
|
|
|
char * cdsToHex(struct cdsHash * this, char * buffer, cdsLength length) { |
2837
|
|
|
|
|
|
|
return cdsHexFromBytes(cdsBytes(this->bytes, 32), buffer, length); |
2838
|
|
|
|
|
|
|
} |
2839
|
|
|
|
|
|
|
|
2840
|
|
|
|
|
|
|
char * cdsToShortHex(struct cdsHash * this, char * buffer, cdsLength length) { |
2841
|
|
|
|
|
|
|
cdsHexFromBytes(cdsBytes(this->bytes, 4), buffer, length); |
2842
|
|
|
|
|
|
|
if (length < 12) return buffer; |
2843
|
|
|
|
|
|
|
buffer[8] = 0xe2; |
2844
|
|
|
|
|
|
|
buffer[9] = 0x80; |
2845
|
|
|
|
|
|
|
buffer[10] = 0xa6; |
2846
|
|
|
|
|
|
|
buffer[11] = 0; |
2847
|
|
|
|
|
|
|
return buffer; |
2848
|
|
|
|
|
|
|
} |
2849
|
|
|
|
|
|
|
|
2850
|
|
|
|
|
|
|
struct cdsBytes cdsHashBytes(struct cdsHash * this) { |
2851
|
|
|
|
|
|
|
return cdsBytes(this->bytes, 32); |
2852
|
|
|
|
|
|
|
} |
2853
|
|
|
|
|
|
|
|
2854
|
|
|
|
|
|
|
bool cdsEqualHashes(const struct cdsHash * this, const struct cdsHash * that) { |
2855
|
|
|
|
|
|
|
return memcmp(this->bytes, that->bytes, 32) == 0; |
2856
|
|
|
|
|
|
|
} |
2857
|
|
|
|
|
|
|
|
2858
|
|
|
|
|
|
|
int cdsCompareHashes(const struct cdsHash * this, const struct cdsHash * that) { |
2859
|
|
|
|
|
|
|
return memcmp(this->bytes, that->bytes, 32); |
2860
|
|
|
|
|
|
|
} |
2861
|
|
|
|
|
|
|
|
2862
|
|
|
|
|
|
|
#line 20 "Condensation/../../c/Condensation/all.inc.c" |
2863
|
|
|
|
|
|
|
|
2864
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/HashAndKey.inc.c" |
2865
|
|
|
|
|
|
|
void cdsInitializeEmptyHashAndKey(struct cdsHashAndKey * this) { |
2866
|
|
|
|
|
|
|
this->key = cdsEmpty; |
2867
|
|
|
|
|
|
|
} |
2868
|
|
|
|
|
|
|
|
2869
|
|
|
|
|
|
|
void cdsInitializeHashAndKey(struct cdsHashAndKey * this, struct cdsHash * hash, struct cdsBytes key) { |
2870
|
|
|
|
|
|
|
memcpy(this->hash.bytes, hash->bytes, 32); |
2871
|
|
|
|
|
|
|
if (key.length >= 32) |
2872
|
|
|
|
|
|
|
memcpy(this->keyBytes, key.data, 32); |
2873
|
|
|
|
|
|
|
else |
2874
|
|
|
|
|
|
|
memset(this->keyBytes, 0, 32); |
2875
|
|
|
|
|
|
|
this->key = cdsBytes(this->keyBytes, 32); |
2876
|
|
|
|
|
|
|
} |
2877
|
|
|
|
|
|
|
|
2878
|
|
|
|
|
|
|
#line 21 "Condensation/../../c/Condensation/all.inc.c" |
2879
|
|
|
|
|
|
|
|
2880
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/Object.inc.c" |
2881
|
|
|
|
|
|
|
void cdsInitializeEmptyObject(struct cdsObject * this) { |
2882
|
|
|
|
|
|
|
this->bytes = cdsEmpty; |
2883
|
|
|
|
|
|
|
this->hashesCount = 0; |
2884
|
|
|
|
|
|
|
this->header = cdsEmpty; |
2885
|
|
|
|
|
|
|
this->data = cdsEmpty; |
2886
|
|
|
|
|
|
|
} |
2887
|
|
|
|
|
|
|
|
2888
|
|
|
|
|
|
|
void cdsInitializeObject(struct cdsObject * this, const struct cdsBytes bytes) { |
2889
|
|
|
|
|
|
|
if (bytes.length < 4) return cdsInitializeEmptyObject(this); |
2890
|
|
|
|
|
|
|
|
2891
|
|
|
|
|
|
|
this->hashesCount = cdsGetUint32BE(bytes.data); |
2892
|
|
|
|
|
|
|
cdsLength dataStart = (cdsLength) this->hashesCount * 32 + 4; |
2893
|
|
|
|
|
|
|
if (dataStart > bytes.length) return cdsInitializeEmptyObject(this); |
2894
|
|
|
|
|
|
|
|
2895
|
|
|
|
|
|
|
this->bytes = bytes; |
2896
|
|
|
|
|
|
|
this->header = cdsByteSlice(bytes, 0, dataStart); |
2897
|
|
|
|
|
|
|
this->data = cdsByteSlice(bytes, dataStart, bytes.length - dataStart); |
2898
|
|
|
|
|
|
|
} |
2899
|
|
|
|
|
|
|
|
2900
|
|
|
|
|
|
|
bool cdsIsValidObject(struct cdsObject * this) { |
2901
|
|
|
|
|
|
|
return this->bytes.length >= 4; |
2902
|
|
|
|
|
|
|
} |
2903
|
|
|
|
|
|
|
|
2904
|
|
|
|
|
|
|
void cdsInitializeCryptedObject(struct cdsObject * this, const struct cdsMutableBytes bytes, const struct cdsBytes key) { |
2905
|
|
|
|
|
|
|
cdsInitializeObject(this, cdsSeal(bytes)); |
2906
|
|
|
|
|
|
|
if (! cdsIsValidObject(this)) return; |
2907
|
|
|
|
|
|
|
|
2908
|
|
|
|
|
|
|
struct cdsAES256 aes; |
2909
|
|
|
|
|
|
|
cdsInitializeAES256(&aes, key); |
2910
|
|
|
|
|
|
|
cdsLength dataStart = (cdsLength) this->hashesCount * 32 + 4; |
2911
|
|
|
|
|
|
|
cdsCrypt(&aes, this->data, cdsZeroCtr, bytes.data + dataStart); |
2912
|
|
|
|
|
|
|
} |
2913
|
|
|
|
|
|
|
|
2914
|
|
|
|
|
|
|
cdsLength cdsObjectByteLength(const struct cdsObject * this) { |
2915
|
|
|
|
|
|
|
return this->bytes.length; |
2916
|
|
|
|
|
|
|
} |
2917
|
|
|
|
|
|
|
|
2918
|
|
|
|
|
|
|
struct cdsHash cdsCalculateObjectHash(const struct cdsObject * this) { |
2919
|
|
|
|
|
|
|
return cdsCalculateHash(this->bytes); |
2920
|
|
|
|
|
|
|
} |
2921
|
|
|
|
|
|
|
|
2922
|
|
|
|
|
|
|
struct cdsHash cdsHashAtIndex(const struct cdsObject * this, uint32_t index) { |
2923
|
|
|
|
|
|
|
if (index >= this->hashesCount) return invalidHashForDebugging; |
2924
|
|
|
|
|
|
|
return cdsHashFromBytesAtOffset(this->bytes, (cdsLength) index * 32 + 4); |
2925
|
|
|
|
|
|
|
} |
2926
|
|
|
|
|
|
|
|
2927
|
|
|
|
|
|
|
void withObjectHashes(const struct cdsObject * this, cdsHashCallback hashCallback) { |
2928
|
|
|
|
|
|
|
for (uint32_t i = 0; i < this->hashesCount; i++) |
2929
|
|
|
|
|
|
|
hashCallback(cdsHashAtIndex(this, i)); |
2930
|
|
|
|
|
|
|
} |
2931
|
|
|
|
|
|
|
|
2932
|
|
|
|
|
|
|
#line 22 "Condensation/../../c/Condensation/all.inc.c" |
2933
|
|
|
|
|
|
|
|
2934
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/Record.inc.c" |
2935
|
|
|
|
|
|
|
struct cdsRecord cdsEmptyRecord = {{NULL, 0}, NULL, NULL, NULL}; |
2936
|
|
|
|
|
|
|
|
2937
|
|
|
|
|
|
|
struct cdsRecord * cdsChild(struct cdsRecord * this, struct cdsBytes bytes) { |
2938
|
|
|
|
|
|
|
struct cdsRecord * child = this->firstChild; |
2939
|
|
|
|
|
|
|
while (child) { |
2940
|
|
|
|
|
|
|
if (cdsEqualBytes(child->bytes, bytes)) return child; |
2941
|
|
|
|
|
|
|
child = child->nextSibling; |
2942
|
|
|
|
|
|
|
} |
2943
|
|
|
|
|
|
|
|
2944
|
|
|
|
|
|
|
return &cdsEmptyRecord; |
2945
|
|
|
|
|
|
|
} |
2946
|
|
|
|
|
|
|
|
2947
|
|
|
|
|
|
|
struct cdsRecord * cdsChildWithText(struct cdsRecord * this, const char * text) { |
2948
|
|
|
|
|
|
|
return cdsChild(this, cdsBytesFromText(text)); |
2949
|
|
|
|
|
|
|
} |
2950
|
|
|
|
|
|
|
|
2951
|
|
|
|
|
|
|
bool cdsContainsChild(struct cdsRecord * this, struct cdsBytes bytes) { |
2952
|
|
|
|
|
|
|
struct cdsRecord * child = this->firstChild; |
2953
|
|
|
|
|
|
|
while (child) { |
2954
|
|
|
|
|
|
|
if (cdsEqualBytes(child->bytes, bytes)) return true; |
2955
|
|
|
|
|
|
|
child = child->nextSibling; |
2956
|
|
|
|
|
|
|
} |
2957
|
|
|
|
|
|
|
|
2958
|
|
|
|
|
|
|
return false; |
2959
|
|
|
|
|
|
|
} |
2960
|
|
|
|
|
|
|
|
2961
|
|
|
|
|
|
|
bool cdsContainsChildWithText(struct cdsRecord * this, char * text) { |
2962
|
|
|
|
|
|
|
return cdsContainsChild(this, cdsBytesFromText(text)); |
2963
|
|
|
|
|
|
|
} |
2964
|
|
|
|
|
|
|
|
2965
|
|
|
|
|
|
|
struct cdsRecord * cdsFirstChild(struct cdsRecord * this) { |
2966
|
|
|
|
|
|
|
if (this->firstChild) return this->firstChild; |
2967
|
|
|
|
|
|
|
return &cdsEmptyRecord; |
2968
|
|
|
|
|
|
|
} |
2969
|
|
|
|
|
|
|
|
2970
|
|
|
|
|
|
|
int cdsAsText(struct cdsRecord * this, char * buffer, int length) { |
2971
|
|
|
|
|
|
|
if (length <= 0) return 0; |
2972
|
|
|
|
|
|
|
size_t textLength = minSize(this->bytes.length, (size_t) length - 1); |
2973
|
|
|
|
|
|
|
memcpy(buffer, this->bytes.data, textLength); |
2974
|
|
|
|
|
|
|
buffer[textLength] = 0; |
2975
|
|
|
|
|
|
|
return textLength; |
2976
|
|
|
|
|
|
|
} |
2977
|
|
|
|
|
|
|
|
2978
|
|
|
|
|
|
|
bool cdsAsBoolean(struct cdsRecord * this) { |
2979
|
|
|
|
|
|
|
return this->bytes.length > 0; |
2980
|
|
|
|
|
|
|
} |
2981
|
|
|
|
|
|
|
|
2982
|
|
|
|
|
|
|
int64_t cdsAsInteger64(struct cdsRecord * this) { |
2983
|
|
|
|
|
|
|
if (this->bytes.length == 0) return 0; |
2984
|
|
|
|
|
|
|
|
2985
|
|
|
|
|
|
|
int64_t value = (int64_t) this->bytes.data[0]; |
2986
|
|
|
|
|
|
|
if ((value & 0x80) > 0) value -= 256; |
2987
|
|
|
|
|
|
|
for (cdsLength i = 1; i < this->bytes.length; i++) |
2988
|
|
|
|
|
|
|
value = (value << 8) + ((int64_t) this->bytes.data[i]); |
2989
|
|
|
|
|
|
|
|
2990
|
|
|
|
|
|
|
return value; |
2991
|
|
|
|
|
|
|
} |
2992
|
|
|
|
|
|
|
|
2993
|
|
|
|
|
|
|
uint64_t cdsAsUnsigned64(struct cdsRecord * this) { |
2994
|
|
|
|
|
|
|
uint64_t value = 0; |
2995
|
|
|
|
|
|
|
for (cdsLength i = 0; i < this->bytes.length; i++) |
2996
|
|
|
|
|
|
|
value = (value << 8) + ((uint64_t) this->bytes.data[i]); |
2997
|
|
|
|
|
|
|
return value; |
2998
|
|
|
|
|
|
|
} |
2999
|
|
|
|
|
|
|
|
3000
|
|
|
|
|
|
|
int32_t cdsAsInteger(struct cdsRecord * this) { |
3001
|
|
|
|
|
|
|
int64_t value = cdsAsInteger64(this); |
3002
|
|
|
|
|
|
|
if (value < -2147483648) return -2147483648; |
3003
|
|
|
|
|
|
|
if (value > 2147483647) return 2147483647; |
3004
|
|
|
|
|
|
|
return (int32_t) value; |
3005
|
|
|
|
|
|
|
} |
3006
|
|
|
|
|
|
|
|
3007
|
|
|
|
|
|
|
uint32_t cdsAsUnsigned(struct cdsRecord * this) { |
3008
|
|
|
|
|
|
|
uint64_t value = cdsAsUnsigned64(this); |
3009
|
|
|
|
|
|
|
if (value > 0xffffffff) return 0xffffffff; |
3010
|
|
|
|
|
|
|
return (uint32_t) value; |
3011
|
|
|
|
|
|
|
} |
3012
|
|
|
|
|
|
|
|
3013
|
|
|
|
|
|
|
bool cdsAsHash(struct cdsRecord * this, struct cdsHash * hash) { |
3014
|
|
|
|
|
|
|
if (this->hash == NULL) return false; |
3015
|
|
|
|
|
|
|
memcpy(hash->bytes, this->hash, 32); |
3016
|
|
|
|
|
|
|
return true; |
3017
|
|
|
|
|
|
|
} |
3018
|
|
|
|
|
|
|
|
3019
|
|
|
|
|
|
|
bool cdsAsHashAndKey(struct cdsRecord * this, struct cdsHashAndKey * hashAndKey) { |
3020
|
|
|
|
|
|
|
if (this->bytes.length != 32) return false; |
3021
|
|
|
|
|
|
|
if (this->hash == NULL) return false; |
3022
|
|
|
|
|
|
|
|
3023
|
|
|
|
|
|
|
memcpy(hashAndKey->hash.bytes, this->hash, 32); |
3024
|
|
|
|
|
|
|
memcpy(hashAndKey->keyBytes, this->bytes.data, 32); |
3025
|
|
|
|
|
|
|
hashAndKey->key = cdsBytes(hashAndKey->keyBytes, 32); |
3026
|
|
|
|
|
|
|
return true; |
3027
|
|
|
|
|
|
|
} |
3028
|
|
|
|
|
|
|
|
3029
|
|
|
|
|
|
|
void cdsAsBigInteger(struct cdsRecord * this, struct cdsBigInteger * bigInteger) { |
3030
|
|
|
|
|
|
|
cdsBigIntegerFromBytes(bigInteger, this->bytes); |
3031
|
|
|
|
|
|
|
} |
3032
|
|
|
|
|
|
|
|
3033
|
|
|
|
|
|
|
struct cdsBytes cdsBytesValue(struct cdsRecord * this) { |
3034
|
|
|
|
|
|
|
if (! this->firstChild) return cdsEmpty; |
3035
|
|
|
|
|
|
|
return this->firstChild->bytes; |
3036
|
|
|
|
|
|
|
} |
3037
|
|
|
|
|
|
|
|
3038
|
|
|
|
|
|
|
int cdsTextValue(struct cdsRecord * this, char * buffer, int length) { |
3039
|
|
|
|
|
|
|
if (! this->firstChild) { |
3040
|
|
|
|
|
|
|
if (length > 0) buffer[0] = 0; |
3041
|
|
|
|
|
|
|
return 0; |
3042
|
|
|
|
|
|
|
} |
3043
|
|
|
|
|
|
|
|
3044
|
|
|
|
|
|
|
return cdsAsText(this->firstChild, buffer, length); |
3045
|
|
|
|
|
|
|
} |
3046
|
|
|
|
|
|
|
|
3047
|
|
|
|
|
|
|
bool cdsBooleanValue(struct cdsRecord * this) { |
3048
|
|
|
|
|
|
|
if (! this->firstChild) return false; |
3049
|
|
|
|
|
|
|
return cdsAsBoolean(this->firstChild); |
3050
|
|
|
|
|
|
|
} |
3051
|
|
|
|
|
|
|
|
3052
|
|
|
|
|
|
|
int32_t cdsIntegerValue(struct cdsRecord * this) { |
3053
|
|
|
|
|
|
|
if (! this->firstChild) return 0; |
3054
|
|
|
|
|
|
|
return cdsAsInteger(this->firstChild); |
3055
|
|
|
|
|
|
|
} |
3056
|
|
|
|
|
|
|
|
3057
|
|
|
|
|
|
|
uint32_t cdsUnsignedValue(struct cdsRecord * this) { |
3058
|
|
|
|
|
|
|
if (! this->firstChild) return 0U; |
3059
|
|
|
|
|
|
|
return cdsAsUnsigned(this->firstChild); |
3060
|
|
|
|
|
|
|
} |
3061
|
|
|
|
|
|
|
|
3062
|
|
|
|
|
|
|
int64_t cdsInteger64Value(struct cdsRecord * this) { |
3063
|
|
|
|
|
|
|
if (! this->firstChild) return 0L; |
3064
|
|
|
|
|
|
|
return cdsAsInteger64(this->firstChild); |
3065
|
|
|
|
|
|
|
} |
3066
|
|
|
|
|
|
|
|
3067
|
|
|
|
|
|
|
uint64_t cdsUnsigned64Value(struct cdsRecord * this) { |
3068
|
|
|
|
|
|
|
if (! this->firstChild) return 0UL; |
3069
|
|
|
|
|
|
|
return cdsAsUnsigned64(this->firstChild); |
3070
|
|
|
|
|
|
|
} |
3071
|
|
|
|
|
|
|
|
3072
|
|
|
|
|
|
|
bool cdsHashValue(struct cdsRecord * this, struct cdsHash * hash) { |
3073
|
|
|
|
|
|
|
if (! this->firstChild) return false; |
3074
|
|
|
|
|
|
|
return cdsAsHash(this->firstChild, hash); |
3075
|
|
|
|
|
|
|
} |
3076
|
|
|
|
|
|
|
|
3077
|
|
|
|
|
|
|
bool cdsHashAndKeyValue(struct cdsRecord * this, struct cdsHashAndKey * hashAndKey) { |
3078
|
|
|
|
|
|
|
if (! this->firstChild) return false; |
3079
|
|
|
|
|
|
|
return cdsAsHashAndKey(this->firstChild, hashAndKey); |
3080
|
|
|
|
|
|
|
} |
3081
|
|
|
|
|
|
|
|
3082
|
|
|
|
|
|
|
void cdsBigIntegerValue(struct cdsRecord * this, struct cdsBigInteger * bigInteger) { |
3083
|
|
|
|
|
|
|
if (! this->firstChild) cdsBigIntegerFromBytes(bigInteger, cdsEmpty); |
3084
|
|
|
|
|
|
|
cdsAsBigInteger(this->firstChild, bigInteger); |
3085
|
|
|
|
|
|
|
} |
3086
|
|
|
|
|
|
|
|
3087
|
|
|
|
|
|
|
#line 23 "Condensation/../../c/Condensation/all.inc.c" |
3088
|
|
|
|
|
|
|
|
3089
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/RecordBuilder.inc.c" |
3090
|
|
|
|
|
|
|
void cdsInitializeEmptyRecordBuilder(struct cdsRecordBuilder * this) { |
3091
|
|
|
|
|
|
|
this->bytes = cdsMutableBytes(NULL, 0); |
3092
|
|
|
|
|
|
|
this->dataOffset = 0; |
3093
|
|
|
|
|
|
|
this->used = 0; |
3094
|
|
|
|
|
|
|
this->hashesUsed = 0; |
3095
|
|
|
|
|
|
|
this->levelPositions[0] = 0; |
3096
|
|
|
|
|
|
|
this->level = 0; |
3097
|
|
|
|
|
|
|
this->nextIsChild = 0; |
3098
|
|
|
|
|
|
|
} |
3099
|
|
|
|
|
|
|
|
3100
|
|
|
|
|
|
|
void cdsInitializeRecordBuilder(struct cdsRecordBuilder * this, struct cdsMutableBytes bytes, uint32_t hashesCount) { |
3101
|
|
|
|
|
|
|
this->bytes = bytes; |
3102
|
|
|
|
|
|
|
cdsSetUint32BE(bytes.data, hashesCount); |
3103
|
|
|
|
|
|
|
this->dataOffset = 4 + hashesCount * 32; |
3104
|
|
|
|
|
|
|
this->used = this->dataOffset; |
3105
|
|
|
|
|
|
|
this->hashesUsed = 0; |
3106
|
|
|
|
|
|
|
this->levelPositions[0] = 0; |
3107
|
|
|
|
|
|
|
this->level = 0; |
3108
|
|
|
|
|
|
|
this->nextIsChild = 0; |
3109
|
|
|
|
|
|
|
} |
3110
|
|
|
|
|
|
|
|
3111
|
|
|
|
|
|
|
cdsLength cdsRecordLength(cdsLength length) { |
3112
|
|
|
|
|
|
|
return (length < 30 ? 1 : length < 255 + 30 ? 2 : 9) + length; |
3113
|
|
|
|
|
|
|
} |
3114
|
|
|
|
|
|
|
|
3115
|
|
|
|
|
|
|
cdsLength cdsRecordWithHashLength(cdsLength length) { |
3116
|
|
|
|
|
|
|
return cdsRecordLength(length) + 36; |
3117
|
|
|
|
|
|
|
} |
3118
|
|
|
|
|
|
|
|
3119
|
|
|
|
|
|
|
struct cdsMutableBytes cdsAddRecord(struct cdsRecordBuilder * this, cdsLength length) { |
3120
|
|
|
|
|
|
|
if (this->used + 9 + length > this->bytes.length) return cdsMutableBytes(NULL, 0); |
3121
|
|
|
|
|
|
|
|
3122
|
|
|
|
|
|
|
if (this->nextIsChild && this->level < CDS_MAX_RECORD_DEPTH - 1) { |
3123
|
|
|
|
|
|
|
this->nextIsChild -= 1; |
3124
|
|
|
|
|
|
|
this->bytes.data[this->levelPositions[this->level]] |= 0b01000000; |
3125
|
|
|
|
|
|
|
this->level += 1; |
3126
|
|
|
|
|
|
|
} else if (this->level == 0) { |
3127
|
|
|
|
|
|
|
this->level = 1; |
3128
|
|
|
|
|
|
|
} else { |
3129
|
|
|
|
|
|
|
this->bytes.data[this->levelPositions[this->level]] |= 0b10000000; |
3130
|
|
|
|
|
|
|
} |
3131
|
|
|
|
|
|
|
|
3132
|
|
|
|
|
|
|
this->levelPositions[this->level] = this->used; |
3133
|
|
|
|
|
|
|
|
3134
|
|
|
|
|
|
|
if (length < 30) { |
3135
|
|
|
|
|
|
|
this->bytes.data[this->used] = length; |
3136
|
|
|
|
|
|
|
this->used += 1; |
3137
|
|
|
|
|
|
|
} else if (length < 255 + 30) { |
3138
|
|
|
|
|
|
|
this->bytes.data[this->used] = 30; |
3139
|
|
|
|
|
|
|
this->used += 1; |
3140
|
|
|
|
|
|
|
this->bytes.data[this->used] = length - 30; |
3141
|
|
|
|
|
|
|
this->used += 1; |
3142
|
|
|
|
|
|
|
} else { |
3143
|
|
|
|
|
|
|
this->bytes.data[this->used] = 31; |
3144
|
|
|
|
|
|
|
|
3145
|
|
|
|
|
|
|
cdsLength value = length; |
3146
|
|
|
|
|
|
|
for (cdsLength i = 0; i < 8; i++) { |
3147
|
|
|
|
|
|
|
this->bytes.data[this->used + 8 - i] = value & 0xff; |
3148
|
|
|
|
|
|
|
value >>= 8; |
3149
|
|
|
|
|
|
|
} |
3150
|
|
|
|
|
|
|
|
3151
|
|
|
|
|
|
|
this->used += 9; |
3152
|
|
|
|
|
|
|
} |
3153
|
|
|
|
|
|
|
|
3154
|
|
|
|
|
|
|
struct cdsMutableBytes slice = cdsMutableByteSlice(this->bytes, this->used, length); |
3155
|
|
|
|
|
|
|
this->used += length; |
3156
|
|
|
|
|
|
|
return slice; |
3157
|
|
|
|
|
|
|
} |
3158
|
|
|
|
|
|
|
|
3159
|
|
|
|
|
|
|
void cdsStartChildren(struct cdsRecordBuilder * this) { |
3160
|
|
|
|
|
|
|
this->nextIsChild += 1; |
3161
|
|
|
|
|
|
|
} |
3162
|
|
|
|
|
|
|
|
3163
|
|
|
|
|
|
|
void cdsEndChildren(struct cdsRecordBuilder * this) { |
3164
|
|
|
|
|
|
|
if (this->nextIsChild) { |
3165
|
|
|
|
|
|
|
this->nextIsChild -= 1; |
3166
|
|
|
|
|
|
|
return; |
3167
|
|
|
|
|
|
|
} |
3168
|
|
|
|
|
|
|
|
3169
|
|
|
|
|
|
|
if (this->level) |
3170
|
|
|
|
|
|
|
this->level -= 1; |
3171
|
|
|
|
|
|
|
} |
3172
|
|
|
|
|
|
|
|
3173
|
|
|
|
|
|
|
void cdsEndRecord(struct cdsRecordBuilder * this) { |
3174
|
|
|
|
|
|
|
this->nextIsChild = 0; |
3175
|
|
|
|
|
|
|
this->level = 0; |
3176
|
|
|
|
|
|
|
} |
3177
|
|
|
|
|
|
|
|
3178
|
|
|
|
|
|
|
void cdsAppendHash(struct cdsRecordBuilder * this, struct cdsHash hash) { |
3179
|
|
|
|
|
|
|
if (this->used + 4 > this->bytes.length) return; |
3180
|
|
|
|
|
|
|
if (this->level < 0) return; |
3181
|
|
|
|
|
|
|
this->bytes.data[this->levelPositions[this->level]] |= 0b00100000; |
3182
|
|
|
|
|
|
|
cdsSetUint32BE(this->bytes.data + this->used, this->hashesUsed); |
3183
|
|
|
|
|
|
|
this->used += 4; |
3184
|
|
|
|
|
|
|
cdsSetBytes(this->bytes, 4 + 32 * this->hashesUsed, cdsBytes(hash.bytes, 32)); |
3185
|
|
|
|
|
|
|
this->hashesUsed += 1; |
3186
|
|
|
|
|
|
|
} |
3187
|
|
|
|
|
|
|
|
3188
|
|
|
|
|
|
|
struct cdsMutableBytes cdsAddBytes(struct cdsRecordBuilder * this, struct cdsBytes bytes) { |
3189
|
|
|
|
|
|
|
struct cdsMutableBytes slice = cdsAddRecord(this, bytes.length); |
3190
|
|
|
|
|
|
|
cdsSetBytes(slice, 0, bytes); |
3191
|
|
|
|
|
|
|
return slice; |
3192
|
|
|
|
|
|
|
} |
3193
|
|
|
|
|
|
|
|
3194
|
|
|
|
|
|
|
struct cdsMutableBytes cdsAddText(struct cdsRecordBuilder * this, const char * text) { |
3195
|
|
|
|
|
|
|
struct cdsBytes bytes = cdsBytesFromText(text); |
3196
|
|
|
|
|
|
|
struct cdsMutableBytes slice = cdsAddRecord(this, bytes.length); |
3197
|
|
|
|
|
|
|
cdsSetBytes(slice, 0, bytes); |
3198
|
|
|
|
|
|
|
return slice; |
3199
|
|
|
|
|
|
|
} |
3200
|
|
|
|
|
|
|
|
3201
|
|
|
|
|
|
|
struct cdsMutableBytes cdsAddText2(struct cdsRecordBuilder * this, const char * text1, const char * text2) { |
3202
|
|
|
|
|
|
|
struct cdsBytes bytes1 = cdsBytesFromText(text1); |
3203
|
|
|
|
|
|
|
struct cdsBytes bytes2 = cdsBytesFromText(text2); |
3204
|
|
|
|
|
|
|
|
3205
|
|
|
|
|
|
|
struct cdsMutableBytes slice = cdsAddRecord(this, bytes1.length + bytes2.length); |
3206
|
|
|
|
|
|
|
cdsSetBytes(slice, 0, bytes1); |
3207
|
|
|
|
|
|
|
cdsSetBytes(slice, bytes1.length, bytes2); |
3208
|
|
|
|
|
|
|
return slice; |
3209
|
|
|
|
|
|
|
} |
3210
|
|
|
|
|
|
|
|
3211
|
|
|
|
|
|
|
void cdsAddInteger(struct cdsRecordBuilder * this, int32_t value) { |
3212
|
|
|
|
|
|
|
uint8_t bytes[4]; |
3213
|
|
|
|
|
|
|
cdsLength length = 0; |
3214
|
|
|
|
|
|
|
|
3215
|
|
|
|
|
|
|
if (value < 0) { |
3216
|
|
|
|
|
|
|
while (length < 4) { |
3217
|
|
|
|
|
|
|
bytes[3 - length] = value & 0xff; |
3218
|
|
|
|
|
|
|
length++; |
3219
|
|
|
|
|
|
|
if (value >= -128) break; |
3220
|
|
|
|
|
|
|
value >>= 8; |
3221
|
|
|
|
|
|
|
} |
3222
|
|
|
|
|
|
|
} else { |
3223
|
|
|
|
|
|
|
while (length < 4) { |
3224
|
|
|
|
|
|
|
bytes[3 - length] = value & 0xff; |
3225
|
|
|
|
|
|
|
length++; |
3226
|
|
|
|
|
|
|
if (value <= 127) break; |
3227
|
|
|
|
|
|
|
value >>= 8; |
3228
|
|
|
|
|
|
|
} |
3229
|
|
|
|
|
|
|
} |
3230
|
|
|
|
|
|
|
|
3231
|
|
|
|
|
|
|
cdsAddBytes(this, cdsBytes(bytes + 4 - length, length)); |
3232
|
|
|
|
|
|
|
} |
3233
|
|
|
|
|
|
|
|
3234
|
|
|
|
|
|
|
void cdsAddUnsigned(struct cdsRecordBuilder * this, uint32_t value) { |
3235
|
|
|
|
|
|
|
uint8_t bytes[4]; |
3236
|
|
|
|
|
|
|
cdsLength length = 0; |
3237
|
|
|
|
|
|
|
|
3238
|
|
|
|
|
|
|
while (length < 4) { |
3239
|
|
|
|
|
|
|
if (value == 0) break; |
3240
|
|
|
|
|
|
|
bytes[3 - length] = value & 0xff; |
3241
|
|
|
|
|
|
|
length++; |
3242
|
|
|
|
|
|
|
value >>= 8; |
3243
|
|
|
|
|
|
|
} |
3244
|
|
|
|
|
|
|
|
3245
|
|
|
|
|
|
|
cdsAddBytes(this, cdsBytes(bytes + 4 - length, length)); |
3246
|
|
|
|
|
|
|
} |
3247
|
|
|
|
|
|
|
|
3248
|
|
|
|
|
|
|
void cdsAddInteger64(struct cdsRecordBuilder * this, int64_t value) { |
3249
|
|
|
|
|
|
|
uint8_t bytes[8]; |
3250
|
|
|
|
|
|
|
cdsLength length = 0; |
3251
|
|
|
|
|
|
|
|
3252
|
|
|
|
|
|
|
if (value < 0) { |
3253
|
|
|
|
|
|
|
while (length < 8) { |
3254
|
|
|
|
|
|
|
bytes[7 - length] = value & 0xff; |
3255
|
|
|
|
|
|
|
length++; |
3256
|
|
|
|
|
|
|
if (value >= -128) break; |
3257
|
|
|
|
|
|
|
value >>= 8; |
3258
|
|
|
|
|
|
|
} |
3259
|
|
|
|
|
|
|
} else { |
3260
|
|
|
|
|
|
|
while (length < 8) { |
3261
|
|
|
|
|
|
|
bytes[7 - length] = value & 0xff; |
3262
|
|
|
|
|
|
|
length++; |
3263
|
|
|
|
|
|
|
if (value <= 127) break; |
3264
|
|
|
|
|
|
|
value >>= 8; |
3265
|
|
|
|
|
|
|
} |
3266
|
|
|
|
|
|
|
} |
3267
|
|
|
|
|
|
|
|
3268
|
|
|
|
|
|
|
cdsAddBytes(this, cdsBytes(bytes + 8 - length, length)); |
3269
|
|
|
|
|
|
|
} |
3270
|
|
|
|
|
|
|
|
3271
|
|
|
|
|
|
|
void cdsAddUnsigned64(struct cdsRecordBuilder * this, uint64_t value) { |
3272
|
|
|
|
|
|
|
uint8_t bytes[8]; |
3273
|
|
|
|
|
|
|
cdsLength length = 0; |
3274
|
|
|
|
|
|
|
|
3275
|
|
|
|
|
|
|
while (length < 8) { |
3276
|
|
|
|
|
|
|
if (value == 0) break; |
3277
|
|
|
|
|
|
|
bytes[7 - length] = value & 0xff; |
3278
|
|
|
|
|
|
|
length++; |
3279
|
|
|
|
|
|
|
value >>= 8; |
3280
|
|
|
|
|
|
|
} |
3281
|
|
|
|
|
|
|
|
3282
|
|
|
|
|
|
|
cdsAddBytes(this, cdsBytes(bytes + 8 - length, length)); |
3283
|
|
|
|
|
|
|
} |
3284
|
|
|
|
|
|
|
|
3285
|
|
|
|
|
|
|
void cdsAddBigInteger(struct cdsRecordBuilder * this, struct cdsBigInteger * value) { |
3286
|
|
|
|
|
|
|
uint8_t bytes[256]; |
3287
|
|
|
|
|
|
|
cdsAddBytes(this, cdsBytesFromBigInteger(cdsMutableBytes(bytes, 256), value)); |
3288
|
|
|
|
|
|
|
} |
3289
|
|
|
|
|
|
|
|
3290
|
|
|
|
|
|
|
void cdsAddFloat32(struct cdsRecordBuilder * this, float value) { |
3291
|
|
|
|
|
|
|
struct cdsMutableBytes slice = cdsAddRecord(this, 4); |
3292
|
|
|
|
|
|
|
cdsSetFloat32BE(slice.data, value); |
3293
|
|
|
|
|
|
|
} |
3294
|
|
|
|
|
|
|
|
3295
|
|
|
|
|
|
|
void cdsAddFloat64(struct cdsRecordBuilder * this, double value) { |
3296
|
|
|
|
|
|
|
struct cdsMutableBytes slice = cdsAddRecord(this, 8); |
3297
|
|
|
|
|
|
|
cdsSetFloat64BE(slice.data, value); |
3298
|
|
|
|
|
|
|
} |
3299
|
|
|
|
|
|
|
|
3300
|
|
|
|
|
|
|
struct cdsBytes cdsToObject(struct cdsRecordBuilder * this) { |
3301
|
|
|
|
|
|
|
return cdsByteSlice(cdsSeal(this->bytes), 0, this->used); |
3302
|
|
|
|
|
|
|
} |
3303
|
|
|
|
|
|
|
|
3304
|
|
|
|
|
|
|
struct cdsMutableBytes cdsUsedBytes(struct cdsRecordBuilder * this) { |
3305
|
|
|
|
|
|
|
return cdsMutableByteSlice(this->bytes, 0, this->used); |
3306
|
|
|
|
|
|
|
} |
3307
|
|
|
|
|
|
|
|
3308
|
|
|
|
|
|
|
struct cdsBytes cdsToCryptedObject(struct cdsRecordBuilder * this, struct cdsBytes key) { |
3309
|
|
|
|
|
|
|
struct cdsAES256 aes; |
3310
|
|
|
|
|
|
|
cdsInitializeAES256(&aes, key); |
3311
|
|
|
|
|
|
|
cdsCrypt(&aes, cdsByteSlice(cdsSeal(this->bytes), this->dataOffset, this->used - this->dataOffset), cdsZeroCtr, this->bytes.data + this->dataOffset); |
3312
|
|
|
|
|
|
|
return cdsByteSlice(cdsSeal(this->bytes), 0, this->used); |
3313
|
|
|
|
|
|
|
} |
3314
|
|
|
|
|
|
|
|
3315
|
|
|
|
|
|
|
#line 24 "Condensation/../../c/Condensation/all.inc.c" |
3316
|
|
|
|
|
|
|
|
3317
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Serialization/RecordParser.inc.c" |
3318
|
|
|
|
|
|
|
struct cdsRecord * cdsParseRecord(const struct cdsBytes bytes, struct cdsRecord * records, int length) { |
3319
|
|
|
|
|
|
|
records[0].bytes = cdsEmpty; |
3320
|
|
|
|
|
|
|
records[0].hash = NULL; |
3321
|
|
|
|
|
|
|
records[0].nextSibling = NULL; |
3322
|
|
|
|
|
|
|
records[0].firstChild = NULL; |
3323
|
|
|
|
|
|
|
|
3324
|
|
|
|
|
|
|
uint32_t hashesCount = cdsGetUint32BE(bytes.data); |
3325
|
|
|
|
|
|
|
cdsLength pos = 4 + (cdsLength) hashesCount * 32; |
3326
|
|
|
|
|
|
|
if (pos > bytes.length) return records; |
3327
|
|
|
|
|
|
|
|
3328
|
|
|
|
|
|
|
int usedRecords = 1; |
3329
|
|
|
|
|
|
|
int level = 1; |
3330
|
|
|
|
|
|
|
struct cdsRecord * lastSibling[CDS_MAX_RECORD_DEPTH] = {records, NULL, }; |
3331
|
|
|
|
|
|
|
bool hasMoreSiblings[CDS_MAX_RECORD_DEPTH] = {true, }; |
3332
|
|
|
|
|
|
|
|
3333
|
|
|
|
|
|
|
while (pos < bytes.length) { |
3334
|
|
|
|
|
|
|
int flags = bytes.data[pos]; |
3335
|
|
|
|
|
|
|
pos += 1; |
3336
|
|
|
|
|
|
|
|
3337
|
|
|
|
|
|
|
uint64_t byteLength = flags & 0x1f; |
3338
|
|
|
|
|
|
|
if (byteLength == 30) { |
3339
|
|
|
|
|
|
|
if (pos + 1 > bytes.length) break; |
3340
|
|
|
|
|
|
|
byteLength = 30U + bytes.data[pos]; |
3341
|
|
|
|
|
|
|
pos += 1; |
3342
|
|
|
|
|
|
|
} else if (byteLength == 31) { |
3343
|
|
|
|
|
|
|
if (pos + 8 > bytes.length) break; |
3344
|
|
|
|
|
|
|
byteLength = cdsGetUint64BE(bytes.data + pos); |
3345
|
|
|
|
|
|
|
pos += 8; |
3346
|
|
|
|
|
|
|
} |
3347
|
|
|
|
|
|
|
|
3348
|
|
|
|
|
|
|
if (pos + byteLength > bytes.length) break; |
3349
|
|
|
|
|
|
|
records[usedRecords].bytes = cdsByteSlice(bytes, pos, byteLength); |
3350
|
|
|
|
|
|
|
pos += byteLength; |
3351
|
|
|
|
|
|
|
|
3352
|
|
|
|
|
|
|
if (flags & 0x20) { |
3353
|
|
|
|
|
|
|
if (pos + 4 > bytes.length) break; |
3354
|
|
|
|
|
|
|
uint32_t hashIndex = cdsGetUint32BE(bytes.data + pos); |
3355
|
|
|
|
|
|
|
pos += 4; |
3356
|
|
|
|
|
|
|
if (hashIndex > hashesCount) break; |
3357
|
|
|
|
|
|
|
records[usedRecords].hash = bytes.data + 4 + hashIndex * 32; |
3358
|
|
|
|
|
|
|
} else { |
3359
|
|
|
|
|
|
|
records[usedRecords].hash = NULL; |
3360
|
|
|
|
|
|
|
} |
3361
|
|
|
|
|
|
|
|
3362
|
|
|
|
|
|
|
records[usedRecords].firstChild = NULL; |
3363
|
|
|
|
|
|
|
records[usedRecords].nextSibling = NULL; |
3364
|
|
|
|
|
|
|
|
3365
|
|
|
|
|
|
|
if (lastSibling[level]) |
3366
|
|
|
|
|
|
|
lastSibling[level]->nextSibling = records + usedRecords; |
3367
|
|
|
|
|
|
|
else |
3368
|
|
|
|
|
|
|
lastSibling[level - 1]->firstChild = records + usedRecords; |
3369
|
|
|
|
|
|
|
|
3370
|
|
|
|
|
|
|
lastSibling[level] = records + usedRecords; |
3371
|
|
|
|
|
|
|
hasMoreSiblings[level] = flags & 0x80 ? true : false; |
3372
|
|
|
|
|
|
|
|
3373
|
|
|
|
|
|
|
if (flags & 0x40) { |
3374
|
|
|
|
|
|
|
level += 1; |
3375
|
|
|
|
|
|
|
if (level >= 64) break; |
3376
|
|
|
|
|
|
|
lastSibling[level] = NULL; |
3377
|
|
|
|
|
|
|
} else { |
3378
|
|
|
|
|
|
|
while (! hasMoreSiblings[level]) |
3379
|
|
|
|
|
|
|
level -= 1; |
3380
|
|
|
|
|
|
|
} |
3381
|
|
|
|
|
|
|
|
3382
|
|
|
|
|
|
|
usedRecords += 1; |
3383
|
|
|
|
|
|
|
if (usedRecords >= length) break; |
3384
|
|
|
|
|
|
|
|
3385
|
|
|
|
|
|
|
if (level == 0) break; |
3386
|
|
|
|
|
|
|
} |
3387
|
|
|
|
|
|
|
|
3388
|
|
|
|
|
|
|
return records; |
3389
|
|
|
|
|
|
|
} |
3390
|
|
|
|
|
|
|
|
3391
|
|
|
|
|
|
|
#line 25 "Condensation/../../c/Condensation/all.inc.c" |
3392
|
|
|
|
|
|
|
|
3393
|
|
|
|
|
|
|
|
3394
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Actors/PrivateKey.inc.c" |
3395
|
|
|
|
|
|
|
struct cdsBytes cdsPrivateKeyFromBytes(struct cdsRSAPrivateKey * this, const struct cdsBytes bytes) { |
3396
|
|
|
|
|
|
|
this->isValid = false; |
3397
|
|
|
|
|
|
|
|
3398
|
|
|
|
|
|
|
struct cdsRecord records[16]; |
3399
|
|
|
|
|
|
|
struct cdsRecord * root = cdsParseRecord(bytes, records, 16); |
3400
|
|
|
|
|
|
|
|
3401
|
|
|
|
|
|
|
struct cdsRecord * rsaKey = cdsChildWithText(root, "rsa key"); |
3402
|
|
|
|
|
|
|
struct cdsBytes e = cdsBytesValue(cdsChildWithText(rsaKey, "e")); |
3403
|
|
|
|
|
|
|
struct cdsBytes p = cdsBytesValue(cdsChildWithText(rsaKey, "p")); |
3404
|
|
|
|
|
|
|
struct cdsBytes q = cdsBytesValue(cdsChildWithText(rsaKey, "q")); |
3405
|
|
|
|
|
|
|
cdsInitializePrivateKey(this, e, p, q); |
3406
|
|
|
|
|
|
|
if (! this->isValid) return cdsEmpty; |
3407
|
|
|
|
|
|
|
|
3408
|
|
|
|
|
|
|
struct cdsBytes publicKeyObjectBytes = cdsBytesValue(cdsChildWithText(root, "public key object")); |
3409
|
|
|
|
|
|
|
if (publicKeyObjectBytes.length > 500) return cdsEmpty; |
3410
|
|
|
|
|
|
|
if (publicKeyObjectBytes.length < 100) return cdsEmpty; |
3411
|
|
|
|
|
|
|
|
3412
|
|
|
|
|
|
|
struct cdsObject publicKeyObject; |
3413
|
|
|
|
|
|
|
cdsInitializeObject(&publicKeyObject, publicKeyObjectBytes); |
3414
|
|
|
|
|
|
|
if (publicKeyObject.bytes.length == 0) return cdsEmpty; |
3415
|
|
|
|
|
|
|
|
3416
|
|
|
|
|
|
|
return publicKeyObjectBytes; |
3417
|
|
|
|
|
|
|
} |
3418
|
|
|
|
|
|
|
|
3419
|
|
|
|
|
|
|
struct cdsBytes cdsSerializePrivateKey(struct cdsRSAPrivateKey * this, struct cdsBytes publicKeyObjectBytes, struct cdsMutableBytes bytes) { |
3420
|
|
|
|
|
|
|
struct cdsRecordBuilder builder; |
3421
|
|
|
|
|
|
|
cdsInitializeRecordBuilder(&builder, bytes, 0); |
3422
|
|
|
|
|
|
|
|
3423
|
|
|
|
|
|
|
cdsAddText(&builder, "public key object"); |
3424
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3425
|
|
|
|
|
|
|
cdsAddBytes(&builder, publicKeyObjectBytes); |
3426
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3427
|
|
|
|
|
|
|
|
3428
|
|
|
|
|
|
|
cdsAddText(&builder, "rsa key"); |
3429
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3430
|
|
|
|
|
|
|
|
3431
|
|
|
|
|
|
|
cdsAddText(&builder, "e"); |
3432
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3433
|
|
|
|
|
|
|
cdsAddBigInteger(&builder, &this->rsaPublicKey.e); |
3434
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3435
|
|
|
|
|
|
|
|
3436
|
|
|
|
|
|
|
cdsAddText(&builder, "p"); |
3437
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3438
|
|
|
|
|
|
|
cdsAddBigInteger(&builder, &this->p); |
3439
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3440
|
|
|
|
|
|
|
|
3441
|
|
|
|
|
|
|
cdsAddText(&builder, "q"); |
3442
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3443
|
|
|
|
|
|
|
cdsAddBigInteger(&builder, &this->q); |
3444
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3445
|
|
|
|
|
|
|
|
3446
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3447
|
|
|
|
|
|
|
return cdsToObject(&builder); |
3448
|
|
|
|
|
|
|
} |
3449
|
|
|
|
|
|
|
|
3450
|
|
|
|
|
|
|
#line 27 "Condensation/../../c/Condensation/all.inc.c" |
3451
|
|
|
|
|
|
|
|
3452
|
|
|
|
|
|
|
#line 1 "Condensation/../../c/Condensation/Actors/PublicKey.inc.c" |
3453
|
|
|
|
|
|
|
bool cdsPublicKeyFromBytes(struct cdsRSAPublicKey * this, const struct cdsBytes bytes) { |
3454
|
|
|
|
|
|
|
if (bytes.length > 500) return false; |
3455
|
|
|
|
|
|
|
if (bytes.length < 100) return false; |
3456
|
|
|
|
|
|
|
|
3457
|
|
|
|
|
|
|
struct cdsRecord records[16]; |
3458
|
|
|
|
|
|
|
struct cdsRecord * root = cdsParseRecord(bytes, records, 16); |
3459
|
|
|
|
|
|
|
struct cdsBytes e = cdsBytesValue(cdsChildWithText(root, "e")); |
3460
|
|
|
|
|
|
|
struct cdsBytes n = cdsBytesValue(cdsChildWithText(root, "n")); |
3461
|
|
|
|
|
|
|
cdsInitializePublicKey(this, e, n); |
3462
|
|
|
|
|
|
|
return this->isValid; |
3463
|
|
|
|
|
|
|
} |
3464
|
|
|
|
|
|
|
|
3465
|
|
|
|
|
|
|
struct cdsBytes cdsSerializePublicKey(struct cdsRSAPublicKey * this, struct cdsMutableBytes bytes) { |
3466
|
|
|
|
|
|
|
struct cdsRecordBuilder builder; |
3467
|
|
|
|
|
|
|
cdsInitializeRecordBuilder(&builder, bytes, 0); |
3468
|
|
|
|
|
|
|
|
3469
|
|
|
|
|
|
|
cdsAddText(&builder, "e"); |
3470
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3471
|
|
|
|
|
|
|
cdsAddBigInteger(&builder, &this->e); |
3472
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3473
|
|
|
|
|
|
|
|
3474
|
|
|
|
|
|
|
cdsAddText(&builder, "n"); |
3475
|
|
|
|
|
|
|
cdsStartChildren(&builder); |
3476
|
|
|
|
|
|
|
cdsAddBigInteger(&builder, &this->n); |
3477
|
|
|
|
|
|
|
cdsEndChildren(&builder); |
3478
|
|
|
|
|
|
|
|
3479
|
|
|
|
|
|
|
return cdsToObject(&builder); |
3480
|
|
|
|
|
|
|
} |
3481
|
|
|
|
|
|
|
|
3482
|
|
|
|
|
|
|
#line 28 "Condensation/../../c/Condensation/all.inc.c" |
3483
|
|
|
|
|
|
|
|
3484
|
|
|
|
|
|
|
#line 8 "Condensation/C.inc.c" |
3485
|
|
|
|
|
|
|
|
3486
|
|
|
|
|
|
|
static struct cdsBytes bytesFromSV(SV * sv) { |
3487
|
|
|
|
|
|
|
if (! SvPOK(sv)) return cdsEmpty; |
3488
|
|
|
|
|
|
|
return cdsBytes((const uint8_t *) SvPVX(sv), SvCUR(sv)); |
3489
|
|
|
|
|
|
|
} |
3490
|
|
|
|
|
|
|
|
3491
|
|
|
|
|
|
|
static SV * svFromBytes(struct cdsBytes bytes) { |
3492
|
|
|
|
|
|
|
return newSVpvn((const char *) bytes.data, bytes.length); |
3493
|
|
|
|
|
|
|
} |
3494
|
|
|
|
|
|
|
|
3495
|
|
|
|
|
|
|
static SV * svFromBigInteger(struct cdsBigInteger * bigInteger) { |
3496
|
|
|
|
|
|
|
uint8_t buffer[256]; |
3497
|
|
|
|
|
|
|
struct cdsBytes bytes = cdsBytesFromBigInteger(cdsMutableBytes(buffer, 256), bigInteger); |
3498
|
|
|
|
|
|
|
return newSVpvn((const char *) bytes.data, bytes.length); |
3499
|
|
|
|
|
|
|
} |
3500
|
|
|
|
|
|
|
|
3501
|
|
|
|
|
|
|
|
3502
|
|
|
|
|
|
|
SV * randomBytes(SV * svCount) { |
3503
|
|
|
|
|
|
|
int count = SvIV(svCount); |
3504
|
|
|
|
|
|
|
if (count > 256) count = 256; |
3505
|
|
|
|
|
|
|
if (count < 0) count = 0; |
3506
|
|
|
|
|
|
|
uint8_t buffer[256]; |
3507
|
|
|
|
|
|
|
return svFromBytes(cdsRandomBytes(buffer, count)); |
3508
|
|
|
|
|
|
|
} |
3509
|
|
|
|
|
|
|
|
3510
|
|
|
|
|
|
|
|
3511
|
|
|
|
|
|
|
SV * sha256(SV * svBytes) { |
3512
|
|
|
|
|
|
|
uint8_t buffer[32]; |
3513
|
|
|
|
|
|
|
struct cdsBytes hash = cdsSHA256(bytesFromSV(svBytes), buffer); |
3514
|
|
|
|
|
|
|
return svFromBytes(hash); |
3515
|
|
|
|
|
|
|
} |
3516
|
|
|
|
|
|
|
|
3517
|
|
|
|
|
|
|
|
3518
|
|
|
|
|
|
|
SV * aesCrypt(SV * svBytes, SV * svKey, SV * svStartCounter) { |
3519
|
|
|
|
|
|
|
struct cdsBytes bytes = bytesFromSV(svBytes); |
3520
|
|
|
|
|
|
|
struct cdsBytes key = bytesFromSV(svKey); |
3521
|
|
|
|
|
|
|
if (key.length != 32) return &PL_sv_undef; |
3522
|
|
|
|
|
|
|
struct cdsBytes startCounter = bytesFromSV(svStartCounter); |
3523
|
|
|
|
|
|
|
if (startCounter.length != 16) return &PL_sv_undef; |
3524
|
|
|
|
|
|
|
|
3525
|
|
|
|
|
|
|
SV * svResult = newSV(bytes.length < 1 ? 1 : bytes.length); // newSV(0) has different semantics |
3526
|
|
|
|
|
|
|
struct cdsAES256 aes; |
3527
|
|
|
|
|
|
|
cdsInitializeAES256(&aes, key); |
3528
|
|
|
|
|
|
|
cdsCrypt(&aes, bytes, startCounter, (uint8_t *) SvPVX(svResult)); |
3529
|
|
|
|
|
|
|
|
3530
|
|
|
|
|
|
|
SvPOK_only(svResult); |
3531
|
|
|
|
|
|
|
SvCUR_set(svResult, bytes.length); |
3532
|
|
|
|
|
|
|
return svResult; |
3533
|
|
|
|
|
|
|
} |
3534
|
|
|
|
|
|
|
|
3535
|
|
|
|
|
|
|
SV * counterPlusInt(SV * svCounter, SV * svAdd) { |
3536
|
|
|
|
|
|
|
struct cdsBytes counter = bytesFromSV(svCounter); |
3537
|
|
|
|
|
|
|
if (counter.length != 16) return &PL_sv_undef; |
3538
|
|
|
|
|
|
|
int add = SvIV(svAdd); |
3539
|
|
|
|
|
|
|
|
3540
|
|
|
|
|
|
|
uint8_t buffer[16]; |
3541
|
|
|
|
|
|
|
struct cdsMutableBytes result = cdsMutableBytes(buffer, 16); |
3542
|
|
|
|
|
|
|
for (int i = 15; i >= 0; i--) { |
3543
|
|
|
|
|
|
|
add += counter.data[i]; |
3544
|
|
|
|
|
|
|
result.data[i] = add & 0xff; |
3545
|
|
|
|
|
|
|
add = add >> 8; |
3546
|
|
|
|
|
|
|
} |
3547
|
|
|
|
|
|
|
|
3548
|
|
|
|
|
|
|
return svFromBytes(cdsSeal(result)); |
3549
|
|
|
|
|
|
|
} |
3550
|
|
|
|
|
|
|
|
3551
|
|
|
|
|
|
|
|
3552
|
|
|
|
|
|
|
static struct cdsRSAPrivateKey * privateKeyFromSV(SV * sv) { |
3553
|
|
|
|
|
|
|
if (! SvPOK(sv)) return NULL; |
3554
|
|
|
|
|
|
|
STRLEN length; |
3555
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * key = (struct cdsRSAPrivateKey *) SvPV(sv, length); |
3556
|
|
|
|
|
|
|
return length == sizeof(struct cdsRSAPrivateKey) ? key : NULL; |
3557
|
|
|
|
|
|
|
} |
3558
|
|
|
|
|
|
|
|
3559
|
|
|
|
|
|
|
SV * privateKeyGenerate() { |
3560
|
|
|
|
|
|
|
struct cdsRSAPrivateKey key; |
3561
|
|
|
|
|
|
|
cdsGeneratePrivateKey(&key); |
3562
|
|
|
|
|
|
|
SV * obj = newSVpvn((char *) &key, sizeof(struct cdsRSAPrivateKey)); |
3563
|
|
|
|
|
|
|
SvREADONLY_on(obj); |
3564
|
|
|
|
|
|
|
return obj; |
3565
|
|
|
|
|
|
|
} |
3566
|
|
|
|
|
|
|
|
3567
|
|
|
|
|
|
|
SV * privateKeyNew(SV * svE, SV * svP, SV * svQ) { |
3568
|
|
|
|
|
|
|
struct cdsRSAPrivateKey key; |
3569
|
|
|
|
|
|
|
cdsInitializePrivateKey(&key, bytesFromSV(svE), bytesFromSV(svP), bytesFromSV(svQ)); |
3570
|
|
|
|
|
|
|
if (! key.isValid) return &PL_sv_undef; |
3571
|
|
|
|
|
|
|
SV * obj = newSVpvn((char *) &key, sizeof(struct cdsRSAPrivateKey)); |
3572
|
|
|
|
|
|
|
SvREADONLY_on(obj); |
3573
|
|
|
|
|
|
|
return obj; |
3574
|
|
|
|
|
|
|
} |
3575
|
|
|
|
|
|
|
|
3576
|
|
|
|
|
|
|
SV * privateKeyE(SV * svThis) { |
3577
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3578
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3579
|
|
|
|
|
|
|
return svFromBigInteger(&this->rsaPublicKey.e); |
3580
|
|
|
|
|
|
|
} |
3581
|
|
|
|
|
|
|
|
3582
|
|
|
|
|
|
|
SV * privateKeyP(SV * svThis) { |
3583
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3584
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3585
|
|
|
|
|
|
|
return svFromBigInteger(&this->p); |
3586
|
|
|
|
|
|
|
} |
3587
|
|
|
|
|
|
|
|
3588
|
|
|
|
|
|
|
SV * privateKeyQ(SV * svThis) { |
3589
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3590
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3591
|
|
|
|
|
|
|
return svFromBigInteger(&this->q); |
3592
|
|
|
|
|
|
|
} |
3593
|
|
|
|
|
|
|
|
3594
|
|
|
|
|
|
|
SV * privateKeyD(SV * svThis) { |
3595
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3596
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3597
|
|
|
|
|
|
|
return svFromBigInteger(&this->d); |
3598
|
|
|
|
|
|
|
} |
3599
|
|
|
|
|
|
|
|
3600
|
|
|
|
|
|
|
SV * privateKeySign(SV * svThis, SV * svDigest) { |
3601
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3602
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3603
|
|
|
|
|
|
|
|
3604
|
|
|
|
|
|
|
uint8_t buffer[256]; |
3605
|
|
|
|
|
|
|
struct cdsBytes signature = cdsSign(this, bytesFromSV(svDigest), buffer); |
3606
|
|
|
|
|
|
|
return svFromBytes(signature); |
3607
|
|
|
|
|
|
|
} |
3608
|
|
|
|
|
|
|
|
3609
|
|
|
|
|
|
|
SV * privateKeyVerify(SV * svThis, SV * svDigest, SV * svSignature) { |
3610
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3611
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3612
|
|
|
|
|
|
|
|
3613
|
|
|
|
|
|
|
bool ok = cdsVerify(&this->rsaPublicKey, bytesFromSV(svDigest), bytesFromSV(svSignature)); |
3614
|
|
|
|
|
|
|
return ok ? &PL_sv_yes : &PL_sv_no; |
3615
|
|
|
|
|
|
|
} |
3616
|
|
|
|
|
|
|
|
3617
|
|
|
|
|
|
|
SV * privateKeyEncrypt(SV * svThis, SV * svMessage) { |
3618
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3619
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3620
|
|
|
|
|
|
|
|
3621
|
|
|
|
|
|
|
uint8_t buffer[256]; |
3622
|
|
|
|
|
|
|
struct cdsBytes encrypted = cdsEncrypt(&this->rsaPublicKey, bytesFromSV(svMessage), buffer); |
3623
|
|
|
|
|
|
|
return svFromBytes(encrypted); |
3624
|
|
|
|
|
|
|
} |
3625
|
|
|
|
|
|
|
|
3626
|
|
|
|
|
|
|
SV * privateKeyDecrypt(SV * svThis, SV * svMessage) { |
3627
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * this = privateKeyFromSV(svThis); |
3628
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3629
|
|
|
|
|
|
|
|
3630
|
|
|
|
|
|
|
uint8_t buffer[256]; |
3631
|
|
|
|
|
|
|
struct cdsBytes decrypted = cdsDecrypt(this, bytesFromSV(svMessage), buffer); |
3632
|
|
|
|
|
|
|
return svFromBytes(decrypted); |
3633
|
|
|
|
|
|
|
} |
3634
|
|
|
|
|
|
|
|
3635
|
|
|
|
|
|
|
|
3636
|
|
|
|
|
|
|
static struct cdsRSAPublicKey * publicKeyFromSV(SV * sv) { |
3637
|
|
|
|
|
|
|
if (! SvPOK(sv)) return NULL; |
3638
|
|
|
|
|
|
|
STRLEN length; |
3639
|
|
|
|
|
|
|
struct cdsRSAPublicKey * key = (struct cdsRSAPublicKey *) SvPV(sv, length); |
3640
|
|
|
|
|
|
|
return length == sizeof(struct cdsRSAPublicKey) ? key : NULL; |
3641
|
|
|
|
|
|
|
} |
3642
|
|
|
|
|
|
|
|
3643
|
|
|
|
|
|
|
SV * publicKeyFromPrivateKey(SV * svPrivateKey) { |
3644
|
|
|
|
|
|
|
struct cdsRSAPrivateKey * key = privateKeyFromSV(svPrivateKey); |
3645
|
|
|
|
|
|
|
|
3646
|
|
|
|
|
|
|
struct cdsRSAPublicKey publicKey; |
3647
|
|
|
|
|
|
|
memcpy(&publicKey.e, &key->rsaPublicKey.e, sizeof(struct cdsBigInteger)); |
3648
|
|
|
|
|
|
|
memcpy(&publicKey.n, &key->rsaPublicKey.n, sizeof(struct cdsBigInteger)); |
3649
|
|
|
|
|
|
|
|
3650
|
|
|
|
|
|
|
SV * obj = newSVpvn((char *) &publicKey, sizeof(struct cdsRSAPublicKey)); |
3651
|
|
|
|
|
|
|
SvREADONLY_on(obj); |
3652
|
|
|
|
|
|
|
return obj; |
3653
|
|
|
|
|
|
|
} |
3654
|
|
|
|
|
|
|
|
3655
|
|
|
|
|
|
|
SV * publicKeyNew(SV * svE, SV * svN) { |
3656
|
|
|
|
|
|
|
struct cdsRSAPublicKey key; |
3657
|
|
|
|
|
|
|
cdsInitializePublicKey(&key, bytesFromSV(svE), bytesFromSV(svN)); |
3658
|
|
|
|
|
|
|
if (! key.isValid) return &PL_sv_undef; |
3659
|
|
|
|
|
|
|
SV * obj = newSVpvn((char *) &key, sizeof(struct cdsRSAPublicKey)); |
3660
|
|
|
|
|
|
|
SvREADONLY_on(obj); |
3661
|
|
|
|
|
|
|
return obj; |
3662
|
|
|
|
|
|
|
} |
3663
|
|
|
|
|
|
|
|
3664
|
|
|
|
|
|
|
SV * publicKeyE(SV * svThis) { |
3665
|
|
|
|
|
|
|
struct cdsRSAPublicKey * this = publicKeyFromSV(svThis); |
3666
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3667
|
|
|
|
|
|
|
return svFromBigInteger(&this->e); |
3668
|
|
|
|
|
|
|
} |
3669
|
|
|
|
|
|
|
|
3670
|
|
|
|
|
|
|
SV * publicKeyN(SV * svThis) { |
3671
|
|
|
|
|
|
|
struct cdsRSAPublicKey * this = publicKeyFromSV(svThis); |
3672
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3673
|
|
|
|
|
|
|
return svFromBigInteger(&this->n); |
3674
|
|
|
|
|
|
|
} |
3675
|
|
|
|
|
|
|
|
3676
|
|
|
|
|
|
|
SV * publicKeyVerify(SV * svThis, SV * svDigest, SV * svSignature) { |
3677
|
|
|
|
|
|
|
struct cdsRSAPublicKey * this = publicKeyFromSV(svThis); |
3678
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3679
|
|
|
|
|
|
|
|
3680
|
|
|
|
|
|
|
bool ok = cdsVerify(this, bytesFromSV(svDigest), bytesFromSV(svSignature)); |
3681
|
|
|
|
|
|
|
return ok ? &PL_sv_yes : &PL_sv_no; |
3682
|
|
|
|
|
|
|
} |
3683
|
|
|
|
|
|
|
|
3684
|
|
|
|
|
|
|
SV * publicKeyEncrypt(SV * svThis, SV * svMessage) { |
3685
|
|
|
|
|
|
|
struct cdsRSAPublicKey * this = publicKeyFromSV(svThis); |
3686
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3687
|
|
|
|
|
|
|
|
3688
|
|
|
|
|
|
|
uint8_t buffer[256]; |
3689
|
|
|
|
|
|
|
struct cdsBytes encrypted = cdsEncrypt(this, bytesFromSV(svMessage), buffer); |
3690
|
|
|
|
|
|
|
return svFromBytes(encrypted); |
3691
|
|
|
|
|
|
|
} |
3692
|
|
|
|
|
|
|
|
3693
|
|
|
|
|
|
|
|
3694
|
|
|
|
|
|
|
SV * performanceStart() { |
3695
|
|
|
|
|
|
|
struct timespec ts; |
3696
|
|
|
|
|
|
|
clock_gettime(CLOCK_MONOTONIC, &ts); |
3697
|
|
|
|
|
|
|
SV * obj = newSVpvn((char *) &ts, sizeof(struct timespec)); |
3698
|
|
|
|
|
|
|
SvREADONLY_on(obj); |
3699
|
|
|
|
|
|
|
return obj; |
3700
|
|
|
|
|
|
|
} |
3701
|
|
|
|
|
|
|
|
3702
|
|
|
|
|
|
|
static struct timespec * timerFromSV(SV * sv) { |
3703
|
|
|
|
|
|
|
if (! SvPOK(sv)) return NULL; |
3704
|
|
|
|
|
|
|
STRLEN length; |
3705
|
|
|
|
|
|
|
struct timespec * ts = (struct timespec *) SvPV(sv, length); |
3706
|
|
|
|
|
|
|
return length == sizeof(struct timespec) ? ts : NULL; |
3707
|
|
|
|
|
|
|
} |
3708
|
|
|
|
|
|
|
|
3709
|
|
|
|
|
|
|
SV * performanceElapsed(SV * svThis) { |
3710
|
|
|
|
|
|
|
struct timespec * this = timerFromSV(svThis); |
3711
|
|
|
|
|
|
|
if (this == NULL) return &PL_sv_undef; |
3712
|
|
|
|
|
|
|
|
3713
|
|
|
|
|
|
|
struct timespec ts; |
3714
|
|
|
|
|
|
|
clock_gettime(CLOCK_MONOTONIC, &ts); |
3715
|
|
|
|
|
|
|
time_t dsec = ts.tv_sec - this->tv_sec; |
3716
|
|
|
|
|
|
|
long dnano = ts.tv_nsec - this->tv_nsec; |
3717
|
|
|
|
|
|
|
|
3718
|
|
|
|
|
|
|
long diff = (long) dsec * 1000 * 1000 + dnano / 1000; |
3719
|
|
|
|
|
|
|
return newSViv(diff); |
3720
|
|
|
|
|
|
|
} |
3721
|
|
|
|
|
|
|
ENDOFCODE |
3722
|
|
|
|
|
|
|
1; |