static AsnElt BuildInteger(string iv) { /* * If the string can be parsed as a 64-bit integer (signed * or unsigned) then we can encoded it right away. */ long v; if (Int64.TryParse(iv, out v)) { return(AsnElt.MakeInteger(v)); } ulong uv; if (UInt64.TryParse(iv, out uv)) { return(AsnElt.MakeInteger(uv)); } /* * For longer values we need ZInt. */ try { ZInt z = ZInt.Parse(iv); return(AsnElt.MakePrimitive( AsnElt.INTEGER, z.ToBytesBE())); } catch { throw new IOException( "could not convert value to integer: " + iv); } }
ZInt RunInner(ZInt a, ZInt r, byte[] data, int off, int len) { byte[] tmp = new byte[16]; while (len > 0) { if (len >= 16) { Array.Copy(data, off, tmp, 0, 16); } else { Array.Copy(data, off, tmp, 0, len); for (int i = len; i < 16; i++) { tmp[i] = 0; } } ByteSwap(tmp, 0, 16); ZInt v = ZInt.DecodeUnsignedBE(tmp) | ((ZInt)1 << 128); a = ((a + v) * r) % p; off += 16; len -= 16; } return(a); }
private ZValue ReadZValueFromBsonDocument(BsonReader bsonReader) { // { "_t" : "ZString", "value" : "" } bsonReader.ReadStartDocument(); BsonType type = bsonReader.ReadBsonType(); if (type != BsonType.String) { throw new PBException("error reading ZValue can't find ZValue type \"_t\""); } string name = bsonReader.ReadName(); if (name != "_t") { throw new PBException("error reading ZValue can't find ZValue type \"_t\""); } string typeName = bsonReader.ReadString(); type = bsonReader.ReadBsonType(); name = bsonReader.ReadName(); if (name != "value") { throw new PBException("error reading ZValue can't find ZValue value \"value\""); } ZValue value = null; switch (typeName) { case "ZString": if (type != BsonType.String) { throw new PBException("error reading ZString value is'nt a string ({0})", type); } value = new ZString(bsonReader.ReadString()); break; //case "ZStringArray": // if (type != BsonType.Array) // throw new PBException("error reading ZStringArray value is'nt an array ({0})", type); // value = new ZString(bsonReader.ReadString()); // break; case "ZInt": if (type != BsonType.Int32) { throw new PBException("error reading ZInt value is'nt an int32 ({0})", type); } value = new ZInt(bsonReader.ReadInt32()); break; default: throw new PBException("error reading ZValue type \"{0}\" is'nt a ZValue type", typeName); } type = bsonReader.ReadBsonType(); if (type != BsonType.EndOfDocument) { throw new PBException("error reading ZValue cant find end of document ({0})", type); } bsonReader.ReadEndDocument(); return(value); }
static void CheckEq(ZInt x, ZInt z) { if (x != z) { throw new Exception(String.Format( "mismatch: x={0} z={1}", x, z)); } }
static ZInt RandPrime(int k) { if (k < 2) { throw new ArgumentException(); } ZInt min = ZInt.One << (k - 1); ZInt max = ZInt.One << k; for (;;) { ZInt p = ZInt.MakeRand(min, max) | 1; if (p.IsPrime) { return(p); } } }
public void Run(byte[] iv, byte[] data, int off, int len, byte[] aad, int offAAD, int lenAAD, byte[] tag, bool encrypt) { byte[] pkey = new byte[32]; ChaCha.Run(iv, 0, pkey); if (encrypt) { ChaCha.Run(iv, 1, data, off, len); } ByteSwap(pkey, 0, 16); ZInt r = ZInt.DecodeUnsignedBE(pkey, 0, 16); r &= rmask; ZInt a = (ZInt)0; a = RunInner(a, r, aad, offAAD, lenAAD); a = RunInner(a, r, data, off, len); byte[] foot = new byte[16]; foot[0] = (byte)lenAAD; foot[1] = (byte)(lenAAD >> 8); foot[2] = (byte)(lenAAD >> 16); foot[3] = (byte)(lenAAD >> 24); foot[8] = (byte)len; foot[9] = (byte)(len >> 8); foot[10] = (byte)(len >> 16); foot[11] = (byte)(len >> 24); a = RunInner(a, r, foot, 0, 16); ByteSwap(pkey, 16, 16); ZInt s = ZInt.DecodeUnsignedBE(pkey, 16, 16); a += s; a.ToBytesLE(tag, 0, 16); if (!encrypt) { ChaCha.Run(iv, 1, data, off, len); } }
/* * Interpret a token as a constant value (numerical constant, * boolean, literal string). If the token is not such a constant, * the returned value is uninitialized. */ internal static XValue ParseConst(string t) { if (t.Length == 0) { return(new XValue((XObject)null)); } if (t == "true") { return(new XValue(XType.BOOL, 1)); } if (t == "false") { return(new XValue(XType.BOOL, 0)); } if (t[0] == '"') { return(new XValue(t.Substring(1))); } if (t[0] == '`') { int cp = t[1]; if (cp > 0x7F) { throw new Exception("non-ASCII character constant"); } return((byte)cp); } bool neg = false; if (t[0] == '+') { t = t.Substring(1); } else if (t[0] == '-') { neg = true; t = t.Substring(1); } if (t.Length == 0 || t[0] < '0' || t[0] > '9') { return(new XValue((XObject)null)); } XType bt = XType.INT; ZInt min = Int32.MinValue; ZInt max = Int32.MaxValue; if (t.EndsWith("u8") || t.EndsWith("U8")) { t = t.Substring(0, t.Length - 2); bt = XType.U8; min = 0; max = Byte.MaxValue; } else if (t.EndsWith("u16") || t.EndsWith("U16")) { t = t.Substring(0, t.Length - 3); bt = XType.U16; min = 0; max = UInt16.MaxValue; } else if (t.EndsWith("u32") || t.EndsWith("U32")) { t = t.Substring(0, t.Length - 3); bt = XType.U32; min = 0; max = UInt32.MaxValue; } else if (t.EndsWith("u64") || t.EndsWith("U64")) { t = t.Substring(0, t.Length - 3); bt = XType.U64; min = 0; max = UInt64.MaxValue; } else if (t.EndsWith("i8") || t.EndsWith("I8")) { t = t.Substring(0, t.Length - 2); bt = XType.I8; min = SByte.MinValue; max = SByte.MaxValue; } else if (t.EndsWith("i16") || t.EndsWith("I16")) { t = t.Substring(0, t.Length - 3); bt = XType.I16; min = Int16.MinValue; max = Int16.MaxValue; } else if (t.EndsWith("i32") || t.EndsWith("I32")) { t = t.Substring(0, t.Length - 3); bt = XType.I32; min = Int32.MinValue; max = Int32.MaxValue; } else if (t.EndsWith("i64") || t.EndsWith("I64")) { t = t.Substring(0, t.Length - 3); bt = XType.I64; min = Int64.MinValue; max = Int64.MaxValue; } ZInt x = ZInt.Parse(t); if (neg) { x = -x; } if (x < min || x > max) { throw new Exception(string.Format("value {0} is out of allowed range for type {1}", x, bt.Name)); } return(new XValue(bt, x.ToULong)); }
internal static void TestModInt() { Console.Write("Test ModInt: "); for (int k = 2; k <= 128; k++) { for (int i = 0; i < 10; i++) { int kwlen = (k + 30) / 31; int kwb = 31 * kwlen; ZInt p; if (k >= 9) { p = ZInt.DecodeUnsignedBE( BigInt.RandPrime(k)); if (p.BitLength != k) { throw new Exception( "wrong prime size"); } if (!p.IsPrime) { throw new Exception( "not prime"); } } else { p = RandPrime(k); } ZInt a = ZInt.MakeRand(p); ZInt b = ZInt.MakeRand(p); ZInt v = ZInt.MakeRand(k + 60); if (b == ZInt.Zero) { b = ZInt.One; } byte[] ea = a.ToBytesBE(); byte[] eb = b.ToBytesBE(); byte[] ev = v.ToBytesBE(); ModInt mz = new ModInt(p.ToBytesBE()); ModInt ma = mz.Dup(); ModInt mb = mz.Dup(); ma.Decode(ea); CheckEq(ma, a); ma.Decode(ea); mb.Decode(eb); ma.Add(mb); CheckEq(ma, (a + b).Mod(p)); ma.Decode(ea); mb.Decode(eb); ma.Sub(mb); CheckEq(ma, (a - b).Mod(p)); ma.Decode(ea); ma.Negate(); CheckEq(ma, (-a).Mod(p)); ma.Decode(ea); mb.Decode(eb); ma.MontyMul(mb); CheckEq((ZInt.DecodeUnsignedBE(ma.Encode()) << kwb).Mod(p), (a * b).Mod(p)); ma.Decode(ea); ma.ToMonty(); CheckEq(ma, (a << kwb).Mod(p)); ma.FromMonty(); CheckEq(ma, a); ma.Decode(ea); mb.Decode(eb); ma.ToMonty(); mb.ToMonty(); ma.MontyMul(mb); ma.FromMonty(); CheckEq(ma, (a * b).Mod(p)); mb.Decode(eb); mb.Invert(); ZInt r = ZInt.DecodeUnsignedBE(mb.Encode()); CheckEq(ZInt.One, (r * b).Mod(p)); ma.Decode(ea); ma.Pow(ev); CheckEq(ma, ZInt.ModPow(a, v, p)); ma.DecodeReduce(ev); CheckEq(ma, v.Mod(p)); mb.Decode(eb); ma.Set(mb); CheckEq(ma, b); ModInt mv = new ModInt( ((p << 61) + 1).ToBytesBE()); mv.Decode(ev); ma.Set(mv); CheckEq(ma, v.Mod(p)); if (k >= 9) { ma.Decode(ea); mb.Set(ma); mb.ToMonty(); mb.MontyMul(ma); if ((int)mb.SqrtBlum() != -1) { throw new CryptoException( "square root failed"); } if (!mb.Eq(ma)) { mb.Negate(); } CheckEq(mb, a); mb.Decode(eb); mb.ToMonty(); mb.MontySquare(); mb.FromMonty(); mb.Negate(); if (mb.SqrtBlum() != 0) { throw new CryptoException( "square root should" + " have failed"); } } } Console.Write("."); } Console.WriteLine(" done."); }
static void CheckEq(ModInt m, ZInt z) { CheckEq(ZInt.DecodeUnsignedBE(m.Encode()), z); }
private ZValue ReadZValueFromBsonDocument(BsonReader bsonReader) { // { "_t" : "ZString", "value" : "" } bsonReader.ReadStartDocument(); BsonType type = bsonReader.ReadBsonType(); if (type != BsonType.String) throw new PBException("error reading ZValue can't find ZValue type \"_t\""); string name = bsonReader.ReadName(); if (name != "_t") throw new PBException("error reading ZValue can't find ZValue type \"_t\""); string typeName = bsonReader.ReadString(); type = bsonReader.ReadBsonType(); name = bsonReader.ReadName(); if (name != "value") throw new PBException("error reading ZValue can't find ZValue value \"value\""); ZValue value = null; switch (typeName) { case "ZString": if (type != BsonType.String) throw new PBException("error reading ZString value is'nt a string ({0})", type); value = new ZString(bsonReader.ReadString()); break; //case "ZStringArray": // if (type != BsonType.Array) // throw new PBException("error reading ZStringArray value is'nt an array ({0})", type); // value = new ZString(bsonReader.ReadString()); // break; case "ZInt": if (type != BsonType.Int32) throw new PBException("error reading ZInt value is'nt an int32 ({0})", type); value = new ZInt(bsonReader.ReadInt32()); break; default: throw new PBException("error reading ZValue type \"{0}\" is'nt a ZValue type", typeName); } type = bsonReader.ReadBsonType(); if (type != BsonType.EndOfDocument) throw new PBException("error reading ZValue cant find end of document ({0})", type); bsonReader.ReadEndDocument(); return value; }