private static bool millerRabin(BigInteger n, int t)
{
// PRE: n >= 0, t >= 0
BigInteger x; // x := UNIFORM{2...n-1}
BigInteger y; // y := x^(q * 2^j) mod n
BigInteger n_minus_1 = n.subtract(BigInteger.ONE); // n-1
int bitLength = n_minus_1.bitLength(); // ~ log2(n-1)
// (q,k) such that: n-1 = q * 2^k and q is odd
int k = n_minus_1.getLowestSetBit();
BigInteger q = n_minus_1.shiftRight(k);
Random rnd = new Random();
for (int i = 0; i < t; i++)
{
// To generate a witness 'x', first it use the primes of table
if (i < primes.Length)
{
x = BIprimes[i];
}
else /*
* It generates random witness only if it's necesssary. Note
* that all methods would call Miller-Rabin with t <= 50 so
* this part is only to do more robust the algorithm
*/
{
do
{
x = new BigInteger(bitLength, rnd);
} while ((x.compareTo(n) >= BigInteger.EQUALS) || (x.sign == 0) ||
x.isOne());
}
y = x.modPow(q, n);
if (y.isOne() || y.Equals(n_minus_1))
{
continue;
}
for (int j = 1; j < k; j++)
{
if (y.Equals(n_minus_1))
{
continue;
}
y = y.multiply(y).mod(n);
if (y.isOne())
{
return(false);
}
}
if (!y.Equals(n_minus_1))
{
return(false);
}
}
return(true);
}
internal static void completeInPlaceSubtract(BigInteger op1, BigInteger op2)
{
int resultSign = op1.compareTo(op2);
if (op1.sign == 0)
{
Array.Copy(op2.digits, op1.digits, op2.numberLength);
op1.sign = -op2.sign;
}
else if (op1.sign != op2.sign)
{
add(op1.digits, op1.digits, op1.numberLength, op2.digits,
op2.numberLength);
op1.sign = resultSign;
}
else
{
int sign = unsignedArraysCompare(op1.digits,
op2.digits, op1.numberLength, op2.numberLength);
if (sign > 0)
{
subtract(op1.digits, op1.digits, op1.numberLength, op2.digits,
op2.numberLength); // op1 = op1 - op2
// op1.sign remains equal
}
else
{
inverseSubtract(op1.digits, op1.digits, op1.numberLength,
op2.digits, op2.numberLength); // op1 = op2 - op1
op1.sign = -op1.sign;
}
}
op1.numberLength = Math.Max(op1.numberLength, op2.numberLength) + 1;
op1.cutOffLeadingZeroes();
op1.unCache();
}
private static bool millerRabin(BigInteger n, int t)
{
// PRE: n >= 0, t >= 0
BigInteger x; // x := UNIFORM{2...n-1}
BigInteger y; // y := x^(q * 2^j) mod n
BigInteger n_minus_1 = n.subtract(BigInteger.ONE); // n-1
int bitLength = n_minus_1.bitLength(); // ~ log2(n-1)
// (q,k) such that: n-1 = q * 2^k and q is odd
int k = n_minus_1.getLowestSetBit();
BigInteger q = n_minus_1.shiftRight(k);
Random rnd = new Random();
for (int i = 0; i < t; i++) {
// To generate a witness 'x', first it use the primes of table
if (i < primes.Length) {
x = BIprimes[i];
} else {/*
* It generates random witness only if it's necesssary. Note
* that all methods would call Miller-Rabin with t <= 50 so
* this part is only to do more robust the algorithm
*/
do {
x = new BigInteger(bitLength, rnd);
} while ((x.compareTo(n) >= BigInteger.EQUALS) || (x.sign == 0)
|| x.isOne());
}
y = x.modPow(q, n);
if (y.isOne() || y.Equals(n_minus_1)) {
continue;
}
for (int j = 1; j < k; j++) {
if (y.Equals(n_minus_1)) {
continue;
}
y = y.multiply(y).mod(n);
if (y.isOne()) {
return false;
}
}
if (!y.Equals(n_minus_1)) {
return false;
}
}
return true;
}
internal static BigInteger modInverseMontgomery(BigInteger a, BigInteger p)
{
if (a.sign == 0){
// ZERO hasn't inverse
throw new ArithmeticException("BigInteger not invertible");
}
if (!p.testBit(0)){
// montgomery inverse require even modulo
return modInverseLorencz(a, p);
}
int m = p.numberLength * 32;
// PRE: a \in [1, p - 1]
BigInteger u, v, r, s;
u = p.copy(); // make copy to use inplace method
v = a.copy();
int max = Math.Max(v.numberLength, u.numberLength);
r = new BigInteger(1, 1, new int[max + 1]);
s = new BigInteger(1, 1, new int[max + 1]);
s.digits[0] = 1;
// s == 1 && v == 0
int k = 0;
int lsbu = u.getLowestSetBit();
int lsbv = v.getLowestSetBit();
int toShift;
if (lsbu > lsbv) {
BitLevel.inplaceShiftRight(u, lsbu);
BitLevel.inplaceShiftRight(v, lsbv);
BitLevel.inplaceShiftLeft(r, lsbv);
k += lsbu - lsbv;
} else {
BitLevel.inplaceShiftRight(u, lsbu);
BitLevel.inplaceShiftRight(v, lsbv);
BitLevel.inplaceShiftLeft(s, lsbu);
k += lsbv - lsbu;
}
r.sign = 1;
while (v.signum() > 0) {
// INV v >= 0, u >= 0, v odd, u odd (except last iteration when v is even (0))
while (u.compareTo(v) > BigInteger.EQUALS) {
Elementary.inplaceSubtract(u, v);
toShift = u.getLowestSetBit();
BitLevel.inplaceShiftRight(u, toShift);
Elementary.inplaceAdd(r, s);
BitLevel.inplaceShiftLeft(s, toShift);
k += toShift;
}
while (u.compareTo(v) <= BigInteger.EQUALS) {
Elementary.inplaceSubtract(v, u);
if (v.signum() == 0)
break;
toShift = v.getLowestSetBit();
BitLevel.inplaceShiftRight(v, toShift);
Elementary.inplaceAdd(s, r);
BitLevel.inplaceShiftLeft(r, toShift);
k += toShift;
}
}
if (!u.isOne()){
// in u is stored the gcd
throw new ArithmeticException("BigInteger not invertible.");
}
if (r.compareTo(p) >= BigInteger.EQUALS) {
Elementary.inplaceSubtract(r, p);
}
r = p.subtract(r);
// Have pair: ((BigInteger)r, (Integer)k) where r == a^(-1) * 2^k mod (module)
int n1 = calcN(p);
if (k > m) {
r = monPro(r, BigInteger.ONE, p, n1);
k = k - m;
}
r = monPro(r, BigInteger.getPowerOfTwo(m - k), p, n1);
return r;
}
internal static BigInteger gcdBinary(BigInteger op1, BigInteger op2)
{
// PRE: (op1 > 0) and (op2 > 0)
/*
* Divide both number the maximal possible times by 2 without rounding
* gcd(2*a, 2*b) = 2 * gcd(a,b)
*/
int lsb1 = op1.getLowestSetBit();
int lsb2 = op2.getLowestSetBit();
int pow2Count = Math.Min(lsb1, lsb2);
BitLevel.inplaceShiftRight(op1, lsb1);
BitLevel.inplaceShiftRight(op2, lsb2);
BigInteger swap;
// I want op2 > op1
if (op1.compareTo(op2) == BigInteger.GREATER) {
swap = op1;
op1 = op2;
op2 = swap;
}
do { // INV: op2 >= op1 && both are odd unless op1 = 0
// Optimization for small operands
// (op2.bitLength() < 64) implies by INV (op1.bitLength() < 64)
if (( op2.numberLength == 1 )
|| ( ( op2.numberLength == 2 ) && ( op2.digits[1] > 0 ) )) {
op2 = BigInteger.valueOf(Division.gcdBinary(op1.longValue(),
op2.longValue()));
break;
}
// Implements one step of the Euclidean algorithm
// To reduce one operand if it's much smaller than the other one
if (op2.numberLength > op1.numberLength * 1.2) {
op2 = op2.remainder(op1);
if (op2.signum() != 0) {
BitLevel.inplaceShiftRight(op2, op2.getLowestSetBit());
}
} else {
// Use Knuth's algorithm of successive subtract and shifting
do {
Elementary.inplaceSubtract(op2, op1); // both are odd
BitLevel.inplaceShiftRight(op2, op2.getLowestSetBit()); // op2 is even
} while (op2.compareTo(op1) >= BigInteger.EQUALS);
}
// now op1 >= op2
swap = op2;
op2 = op1;
op1 = swap;
} while (op1.sign != 0);
return op2.shiftLeft(pow2Count);
}
internal static BigInteger modInverseMontgomery(BigInteger a, BigInteger p)
{
if (a.sign == 0)
{
// ZERO hasn't inverse
throw new ArithmeticException("BigInteger not invertible");
}
if (!p.testBit(0))
{
// montgomery inverse require even modulo
return(modInverseLorencz(a, p));
}
int m = p.numberLength * 32;
// PRE: a \in [1, p - 1]
BigInteger u, v, r, s;
u = p.copy(); // make copy to use inplace method
v = a.copy();
int max = Math.Max(v.numberLength, u.numberLength);
r = new BigInteger(1, 1, new int[max + 1]);
s = new BigInteger(1, 1, new int[max + 1]);
s.digits[0] = 1;
// s == 1 && v == 0
int k = 0;
int lsbu = u.getLowestSetBit();
int lsbv = v.getLowestSetBit();
int toShift;
if (lsbu > lsbv)
{
BitLevel.inplaceShiftRight(u, lsbu);
BitLevel.inplaceShiftRight(v, lsbv);
BitLevel.inplaceShiftLeft(r, lsbv);
k += lsbu - lsbv;
}
else
{
BitLevel.inplaceShiftRight(u, lsbu);
BitLevel.inplaceShiftRight(v, lsbv);
BitLevel.inplaceShiftLeft(s, lsbu);
k += lsbv - lsbu;
}
r.sign = 1;
while (v.signum() > 0)
{
// INV v >= 0, u >= 0, v odd, u odd (except last iteration when v is even (0))
while (u.compareTo(v) > BigInteger.EQUALS)
{
Elementary.inplaceSubtract(u, v);
toShift = u.getLowestSetBit();
BitLevel.inplaceShiftRight(u, toShift);
Elementary.inplaceAdd(r, s);
BitLevel.inplaceShiftLeft(s, toShift);
k += toShift;
}
while (u.compareTo(v) <= BigInteger.EQUALS)
{
Elementary.inplaceSubtract(v, u);
if (v.signum() == 0)
{
break;
}
toShift = v.getLowestSetBit();
BitLevel.inplaceShiftRight(v, toShift);
Elementary.inplaceAdd(s, r);
BitLevel.inplaceShiftLeft(r, toShift);
k += toShift;
}
}
if (!u.isOne())
{
// in u is stored the gcd
throw new ArithmeticException("BigInteger not invertible.");
}
if (r.compareTo(p) >= BigInteger.EQUALS)
{
Elementary.inplaceSubtract(r, p);
}
r = p.subtract(r);
// Have pair: ((BigInteger)r, (Integer)k) where r == a^(-1) * 2^k mod (module)
int n1 = calcN(p);
if (k > m)
{
r = monPro(r, BigInteger.ONE, p, n1);
k = k - m;
}
r = monPro(r, BigInteger.getPowerOfTwo(m - k), p, n1);
return(r);
}
internal static BigInteger gcdBinary(BigInteger op1, BigInteger op2)
{
// PRE: (op1 > 0) and (op2 > 0)
/*
* Divide both number the maximal possible times by 2 without rounding
* gcd(2*a, 2*b) = 2 * gcd(a,b)
*/
int lsb1 = op1.getLowestSetBit();
int lsb2 = op2.getLowestSetBit();
int pow2Count = Math.Min(lsb1, lsb2);
BitLevel.inplaceShiftRight(op1, lsb1);
BitLevel.inplaceShiftRight(op2, lsb2);
BigInteger swap;
// I want op2 > op1
if (op1.compareTo(op2) == BigInteger.GREATER)
{
swap = op1;
op1 = op2;
op2 = swap;
}
do // INV: op2 >= op1 && both are odd unless op1 = 0
// Optimization for small operands
// (op2.bitLength() < 64) implies by INV (op1.bitLength() < 64)
{
if ((op2.numberLength == 1) ||
((op2.numberLength == 2) && (op2.digits[1] > 0)))
{
op2 = BigInteger.valueOf(Division.gcdBinary(op1.longValue(),
op2.longValue()));
break;
}
// Implements one step of the Euclidean algorithm
// To reduce one operand if it's much smaller than the other one
if (op2.numberLength > op1.numberLength * 1.2)
{
op2 = op2.remainder(op1);
if (op2.signum() != 0)
{
BitLevel.inplaceShiftRight(op2, op2.getLowestSetBit());
}
}
else
{
// Use Knuth's algorithm of successive subtract and shifting
do
{
Elementary.inplaceSubtract(op2, op1); // both are odd
BitLevel.inplaceShiftRight(op2, op2.getLowestSetBit()); // op2 is even
} while (op2.compareTo(op1) >= BigInteger.EQUALS);
}
// now op1 >= op2
swap = op2;
op2 = op1;
op1 = swap;
} while (op1.sign != 0);
return(op2.shiftLeft(pow2Count));
}
internal static void completeInPlaceSubtract(BigInteger op1, BigInteger op2)
{
int resultSign = op1.compareTo (op2);
if (op1.sign == 0) {
Array.Copy(op2.digits, op1.digits, op2.numberLength);
op1.sign = -op2.sign;
} else if (op1.sign != op2.sign) {
add (op1.digits, op1.digits, op1.numberLength, op2.digits,
op2.numberLength);
op1.sign = resultSign;
} else {
int sign = unsignedArraysCompare (op1.digits,
op2.digits, op1.numberLength, op2.numberLength);
if (sign > 0) {
subtract (op1.digits, op1.digits, op1.numberLength, op2.digits,
op2.numberLength); // op1 = op1 - op2
// op1.sign remains equal
} else {
inverseSubtract (op1.digits, op1.digits, op1.numberLength,
op2.digits, op2.numberLength); // op1 = op2 - op1
op1.sign = -op1.sign;
}
}
op1.numberLength = Math.Max(op1.numberLength, op2.numberLength) + 1;
op1.cutOffLeadingZeroes ();
op1.unCache();
}
