public void TestSetBit() { Assert.AreEqual(one, zero.SetBit(0)); Assert.AreEqual(one, one.SetBit(0)); Assert.AreEqual(three, two.SetBit(0)); Assert.AreEqual(two, zero.SetBit(1)); Assert.AreEqual(three, one.SetBit(1)); Assert.AreEqual(two, two.SetBit(1)); // TODO Tests for setting bits in negative numbers // TODO Tests for setting extended bits for (int i = 0; i < 10; ++i) { BigInteger n = new BigInteger(128, random); for (int j = 0; j < 10; ++j) { int pos = random.Next(128); BigInteger m = n.SetBit(pos); bool test = m.ShiftRight(pos).Remainder(two).Equals(one); Assert.IsTrue(test); } } for (int i = 0; i < 100; ++i) { BigInteger pow2 = one.ShiftLeft(i); BigInteger minusPow2 = pow2.Negate(); Assert.AreEqual(pow2, pow2.SetBit(i)); Assert.AreEqual(minusPow2, minusPow2.SetBit(i)); BigInteger bigI = BigInteger.ValueOf(i); BigInteger negI = bigI.Negate(); for (int j = 0; j < 10; ++j) { string data = "i=" + i + ", j=" + j; Assert.AreEqual(bigI.Or(one.ShiftLeft(j)), bigI.SetBit(j), data); Assert.AreEqual(negI.Or(one.ShiftLeft(j)), negI.SetBit(j), data); } } }
/** * generate suitable parameters for DSA, in line with * <i>FIPS 186-3 A.1 Generation of the FFC Primes p and q</i>. */ protected virtual DsaParameters GenerateParameters_FIPS186_3() { // A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function IDigest d = digest; int outlen = d.GetDigestSize() * 8; // 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If // the pair is not in the list, then return INVALID. // Note: checked at initialisation // 2. If (seedlen < N), then return INVALID. // FIXME This should be configurable (must be >= N) int seedlen = N; byte[] seed = new byte[seedlen / 8]; // 3. n = ceiling(L ⁄ outlen) – 1. int n = (L - 1) / outlen; // 4. b = L – 1 – (n ∗ outlen). int b = (L - 1) % outlen; byte[] output = new byte[d.GetDigestSize()]; for (;;) { // 5. Get an arbitrary sequence of seedlen bits as the domain_parameter_seed. random.NextBytes(seed); // 6. U = Hash (domain_parameter_seed) mod 2^(N–1). Hash(d, seed, output); BigInteger U = new BigInteger(1, output).Mod(BigInteger.One.ShiftLeft(N - 1)); // 7. q = 2^(N–1) + U + 1 – ( U mod 2). BigInteger q = U.SetBit(0).SetBit(N - 1); // 8. Test whether or not q is prime as specified in Appendix C.3. // TODO Review C.3 for primality checking if (!q.IsProbablePrime(certainty)) { // 9. If q is not a prime, then go to step 5. continue; } // 10. offset = 1. // Note: 'offset' value managed incrementally byte[] offset = Arrays.Clone(seed); // 11. For counter = 0 to (4L – 1) do int counterLimit = 4 * L; for (int counter = 0; counter < counterLimit; ++counter) { // 11.1 For j = 0 to n do // Vj = Hash ((domain_parameter_seed + offset + j) mod 2^seedlen). // 11.2 W = V0 + (V1 ∗ 2^outlen) + ... + (V^(n–1) ∗ 2^((n–1) ∗ outlen)) + ((Vn mod 2^b) ∗ 2^(n ∗ outlen)). // TODO Assemble w as a byte array BigInteger W = BigInteger.Zero; for (int j = 0, exp = 0; j <= n; ++j, exp += outlen) { Inc(offset); Hash(d, offset, output); BigInteger Vj = new BigInteger(1, output); if (j == n) { Vj = Vj.Mod(BigInteger.One.ShiftLeft(b)); } W = W.Add(Vj.ShiftLeft(exp)); } // 11.3 X = W + 2^(L–1). Comment: 0 ≤ W < 2L–1; hence, 2L–1 ≤ X < 2L. BigInteger X = W.Add(BigInteger.One.ShiftLeft(L - 1)); // 11.4 c = X mod 2q. BigInteger c = X.Mod(q.ShiftLeft(1)); // 11.5 p = X - (c - 1). Comment: p ≡ 1 (mod 2q). BigInteger p = X.Subtract(c.Subtract(BigInteger.One)); // 11.6 If (p < 2^(L - 1)), then go to step 11.9 if (p.BitLength != L) continue; // 11.7 Test whether or not p is prime as specified in Appendix C.3. // TODO Review C.3 for primality checking if (p.IsProbablePrime(certainty)) { // 11.8 If p is determined to be prime, then return VALID and the values of p, q and // (optionally) the values of domain_parameter_seed and counter. // TODO Make configurable (8-bit unsigned)? if (usageIndex >= 0) { BigInteger g = CalculateGenerator_FIPS186_3_Verifiable(d, p, q, seed, usageIndex); if (g != null) return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter, usageIndex)); } { BigInteger g = CalculateGenerator_FIPS186_3_Unverifiable(p, q, random); return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter)); } } // 11.9 offset = offset + n + 1. Comment: Increment offset; then, as part of // the loop in step 11, increment counter; if // counter < 4L, repeat steps 11.1 through 11.8. // Note: 'offset' value already incremented in inner loop } // 12. Go to step 5. } }