private static BigInteger FinalSubtraction(int[] Result, BigInteger Modulus) { // Performs the reduction of the Montgomery algorithm skipping leading zeros int modulusLen = Modulus.m_numberLength; bool doSub = Result[modulusLen] != 0; if (!doSub) { int[] modulusDigits = Modulus.m_digits; doSub = true; for (int i = modulusLen - 1; i >= 0; i--) { if (Result[i] != modulusDigits[i]) { doSub = (Result[i] != 0) && ((Result[i] & 0xFFFFFFFFL) > (modulusDigits[i] & 0xFFFFFFFFL)); break; } } } BigInteger result = new BigInteger(1, modulusLen + 1, Result); // if (res >= modulusDigits) compute (res - modulusDigits) if (doSub) { Elementary.InplaceSubtract(result, Modulus); } result.CutOffLeadingZeroes(); return(result); }
/// <summary> /// Return the greatest common divisor of X and Y /// </summary> /// /// <param name="X">Operand 1, must be greater than zero</param> /// <param name="Y">Operand 2, must be greater than zero</param> /// /// <returns>Returns <c>GCD(X, Y)</c></returns> internal static BigInteger GcdBinary(BigInteger X, BigInteger Y) { // Divide both number the maximal possible times by 2 without rounding * gcd(2*a, 2*b) = 2 * gcd(a,b) int lsb1 = X.LowestSetBit; int lsb2 = Y.LowestSetBit; int pow2Count = System.Math.Min(lsb1, lsb2); BitLevel.InplaceShiftRight(X, lsb1); BitLevel.InplaceShiftRight(Y, lsb2); BigInteger swap; // I want op2 > op1 if (X.CompareTo(Y) == BigInteger.GREATER) { swap = X; X = Y; Y = swap; } do { // INV: op2 >= op1 && both are odd unless op1 = 0 // Optimization for small operands (op2.bitLength() < 64) implies by INV (op1.bitLength() < 64) if ((Y.m_numberLength == 1) || ((Y.m_numberLength == 2) && (Y.m_digits[1] > 0))) { Y = BigInteger.ValueOf(Division.GcdBinary(X.ToInt64(), Y.ToInt64())); break; } // Implements one step of the Euclidean algorithm // To reduce one operand if it's much smaller than the other one if (Y.m_numberLength > X.m_numberLength * 1.2) { Y = Y.Remainder(X); if (Y.Signum() != 0) { BitLevel.InplaceShiftRight(Y, Y.LowestSetBit); } } else { // Use Knuth's algorithm of successive subtract and shifting do { Elementary.InplaceSubtract(Y, X); // both are odd BitLevel.InplaceShiftRight(Y, Y.LowestSetBit); // op2 is even } while (Y.CompareTo(X) >= BigInteger.EQUALS); } // now op1 >= op2 swap = Y; Y = X; X = swap; } while (X.m_sign != 0); return(Y.ShiftLeft(pow2Count)); }
/// <summary> /// Calculates x.modInverse(p) Based on: Savas, E; Koc, C "The Montgomery Modular Inverse - Revised" /// </summary> /// /// <param name="X">BigInteger X</param> /// <param name="P">BigInteger P</param> /// /// <returns>Returns <c>1/X Mod M</c></returns> internal static BigInteger ModInverseMontgomery(BigInteger X, BigInteger P) { // ZERO hasn't inverse if (X.m_sign == 0) { throw new ArithmeticException("BigInteger not invertible!"); } // montgomery inverse require even modulo if (!P.TestBit(0)) { return(ModInverseLorencz(X, P)); } int m = P.m_numberLength * 32; // PRE: a \in [1, p - 1] BigInteger u, v, r, s; u = P.Copy(); // make copy to use inplace method v = X.Copy(); int max = System.Math.Max(v.m_numberLength, u.m_numberLength); r = new BigInteger(1, 1, new int[max + 1]); s = new BigInteger(1, 1, new int[max + 1]); s.m_digits[0] = 1; int k = 0; int lsbu = u.LowestSetBit; int lsbv = v.LowestSetBit; int toShift; if (lsbu > lsbv) { BitLevel.InplaceShiftRight(u, lsbu); BitLevel.InplaceShiftRight(v, lsbv); BitLevel.InplaceShiftLeft(r, lsbv); k += lsbu - lsbv; } else { BitLevel.InplaceShiftRight(u, lsbu); BitLevel.InplaceShiftRight(v, lsbv); BitLevel.InplaceShiftLeft(s, lsbu); k += lsbv - lsbu; } r.m_sign = 1; while (v.Signum() > 0) { // INV v >= 0, u >= 0, v odd, u odd (except last iteration when v is even (0)) while (u.CompareTo(v) > BigInteger.EQUALS) { Elementary.InplaceSubtract(u, v); toShift = u.LowestSetBit; BitLevel.InplaceShiftRight(u, toShift); Elementary.InplaceAdd(r, s); BitLevel.InplaceShiftLeft(s, toShift); k += toShift; } while (u.CompareTo(v) <= BigInteger.EQUALS) { Elementary.InplaceSubtract(v, u); if (v.Signum() == 0) { break; } toShift = v.LowestSetBit; BitLevel.InplaceShiftRight(v, toShift); Elementary.InplaceAdd(s, r); BitLevel.InplaceShiftLeft(r, toShift); k += toShift; } } // in u is stored the gcd if (!u.IsOne()) { throw new ArithmeticException("BigInteger not invertible."); } if (r.CompareTo(P) >= BigInteger.EQUALS) { Elementary.InplaceSubtract(r, P); } r = P.Subtract(r); // Have pair: ((BigInteger)r, (Integer)k) where r == a^(-1) * 2^k mod (module) int n1 = CalcN(P); if (k > m) { r = MonPro(r, BigInteger.One, P, n1); k = k - m; } r = MonPro(r, BigInteger.GetPowerOfTwo(m - k), P, n1); return(r); }