diff options
author | ng0 <ng0@n0.is> | 2019-09-08 12:33:09 +0000 |
---|---|---|
committer | ng0 <ng0@n0.is> | 2019-09-08 12:33:09 +0000 |
commit | d41ed82a4ea0cc8e1674b6d5d2c49fd6462610bb (patch) | |
tree | 9efd18ea7d425652085ed0bd5e8e45604bc5f6b9 /src/util/crypto_paillier.c | |
parent | a0fce305c565c0937d917a92712f15e9c5736260 (diff) | |
download | gnunet-d41ed82a4ea0cc8e1674b6d5d2c49fd6462610bb.tar.gz gnunet-d41ed82a4ea0cc8e1674b6d5d2c49fd6462610bb.zip |
uncrustify as demanded.
Diffstat (limited to 'src/util/crypto_paillier.c')
-rw-r--r-- | src/util/crypto_paillier.c | 423 |
1 files changed, 213 insertions, 210 deletions
diff --git a/src/util/crypto_paillier.c b/src/util/crypto_paillier.c index 622ce81fa..27a9af5de 100644 --- a/src/util/crypto_paillier.c +++ b/src/util/crypto_paillier.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | 17 | ||
@@ -36,8 +36,8 @@ | |||
36 | * @param[out] private_key Where to store the private key? | 36 | * @param[out] private_key Where to store the private key? |
37 | */ | 37 | */ |
38 | void | 38 | void |
39 | GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_key, | 39 | GNUNET_CRYPTO_paillier_create(struct GNUNET_CRYPTO_PaillierPublicKey *public_key, |
40 | struct GNUNET_CRYPTO_PaillierPrivateKey *private_key) | 40 | struct GNUNET_CRYPTO_PaillierPrivateKey *private_key) |
41 | { | 41 | { |
42 | gcry_mpi_t p; | 42 | gcry_mpi_t p; |
43 | gcry_mpi_t q; | 43 | gcry_mpi_t q; |
@@ -49,55 +49,56 @@ GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_ke | |||
49 | is executed more than once is very very low... */ | 49 | is executed more than once is very very low... */ |
50 | p = NULL; | 50 | p = NULL; |
51 | q = NULL; | 51 | q = NULL; |
52 | do { | 52 | do |
53 | if (NULL != p) | 53 | { |
54 | gcry_mpi_release (p); | 54 | if (NULL != p) |
55 | if (NULL != q) | 55 | gcry_mpi_release(p); |
56 | gcry_mpi_release (q); | 56 | if (NULL != q) |
57 | GNUNET_assert (0 == | 57 | gcry_mpi_release(q); |
58 | gcry_prime_generate (&p, | 58 | GNUNET_assert(0 == |
59 | gcry_prime_generate(&p, | ||
59 | GNUNET_CRYPTO_PAILLIER_BITS / 2, | 60 | GNUNET_CRYPTO_PAILLIER_BITS / 2, |
60 | 0, NULL, NULL, NULL, | 61 | 0, NULL, NULL, NULL, |
61 | GCRY_STRONG_RANDOM, 0)); | 62 | GCRY_STRONG_RANDOM, 0)); |
62 | GNUNET_assert (0 == | 63 | GNUNET_assert(0 == |
63 | gcry_prime_generate (&q, | 64 | gcry_prime_generate(&q, |
64 | GNUNET_CRYPTO_PAILLIER_BITS / 2, | 65 | GNUNET_CRYPTO_PAILLIER_BITS / 2, |
65 | 0, NULL, NULL, NULL, | 66 | 0, NULL, NULL, NULL, |
66 | GCRY_STRONG_RANDOM, 0)); | 67 | GCRY_STRONG_RANDOM, 0)); |
67 | } | 68 | } |
68 | while (0 == gcry_mpi_cmp (p, q)); | 69 | while (0 == gcry_mpi_cmp(p, q)); |
69 | /* n = p * q */ | 70 | /* n = p * q */ |
70 | GNUNET_assert (NULL != (n = gcry_mpi_new (0))); | 71 | GNUNET_assert(NULL != (n = gcry_mpi_new(0))); |
71 | gcry_mpi_mul (n, | 72 | gcry_mpi_mul(n, |
72 | p, | 73 | p, |
73 | q); | 74 | q); |
74 | GNUNET_CRYPTO_mpi_print_unsigned (public_key, | 75 | GNUNET_CRYPTO_mpi_print_unsigned(public_key, |
75 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey), | 76 | sizeof(struct GNUNET_CRYPTO_PaillierPublicKey), |
76 | n); | 77 | n); |
77 | 78 | ||
78 | /* compute phi(n) = (p-1)(q-1) */ | 79 | /* compute phi(n) = (p-1)(q-1) */ |
79 | GNUNET_assert (NULL != (phi = gcry_mpi_new (0))); | 80 | GNUNET_assert(NULL != (phi = gcry_mpi_new(0))); |
80 | gcry_mpi_sub_ui (p, p, 1); | 81 | gcry_mpi_sub_ui(p, p, 1); |
81 | gcry_mpi_sub_ui (q, q, 1); | 82 | gcry_mpi_sub_ui(q, q, 1); |
82 | gcry_mpi_mul (phi, p, q); | 83 | gcry_mpi_mul(phi, p, q); |
83 | gcry_mpi_release (p); | 84 | gcry_mpi_release(p); |
84 | gcry_mpi_release (q); | 85 | gcry_mpi_release(q); |
85 | 86 | ||
86 | /* lambda equals phi(n) in the simplified key generation */ | 87 | /* lambda equals phi(n) in the simplified key generation */ |
87 | GNUNET_CRYPTO_mpi_print_unsigned (private_key->lambda, | 88 | GNUNET_CRYPTO_mpi_print_unsigned(private_key->lambda, |
88 | GNUNET_CRYPTO_PAILLIER_BITS / 8, | 89 | GNUNET_CRYPTO_PAILLIER_BITS / 8, |
89 | phi); | 90 | phi); |
90 | /* mu = phi^{-1} mod n, as we use g = n + 1 */ | 91 | /* mu = phi^{-1} mod n, as we use g = n + 1 */ |
91 | GNUNET_assert (NULL != (mu = gcry_mpi_new (0))); | 92 | GNUNET_assert(NULL != (mu = gcry_mpi_new(0))); |
92 | GNUNET_assert (0 != gcry_mpi_invm (mu, | 93 | GNUNET_assert(0 != gcry_mpi_invm(mu, |
93 | phi, | 94 | phi, |
94 | n)); | 95 | n)); |
95 | gcry_mpi_release (phi); | 96 | gcry_mpi_release(phi); |
96 | gcry_mpi_release (n); | 97 | gcry_mpi_release(n); |
97 | GNUNET_CRYPTO_mpi_print_unsigned (private_key->mu, | 98 | GNUNET_CRYPTO_mpi_print_unsigned(private_key->mu, |
98 | GNUNET_CRYPTO_PAILLIER_BITS / 8, | 99 | GNUNET_CRYPTO_PAILLIER_BITS / 8, |
99 | mu); | 100 | mu); |
100 | gcry_mpi_release (mu); | 101 | gcry_mpi_release(mu); |
101 | } | 102 | } |
102 | 103 | ||
103 | 104 | ||
@@ -113,7 +114,7 @@ GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_ke | |||
113 | * or -1 if less than one homomorphic operation is possible | 114 | * or -1 if less than one homomorphic operation is possible |
114 | */ | 115 | */ |
115 | int | 116 | int |
116 | GNUNET_CRYPTO_paillier_encrypt1 (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, | 117 | GNUNET_CRYPTO_paillier_encrypt1(const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, |
117 | const gcry_mpi_t m, | 118 | const gcry_mpi_t m, |
118 | int desired_ops, | 119 | int desired_ops, |
119 | struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext) | 120 | struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext) |
@@ -129,69 +130,70 @@ GNUNET_CRYPTO_paillier_encrypt1 (const struct GNUNET_CRYPTO_PaillierPublicKey *p | |||
129 | 130 | ||
130 | /* determine how many operations we could allow, if the other number | 131 | /* determine how many operations we could allow, if the other number |
131 | has the same length. */ | 132 | has the same length. */ |
132 | GNUNET_assert (NULL != (tmp1 = gcry_mpi_set_ui (NULL, 1))); | 133 | GNUNET_assert(NULL != (tmp1 = gcry_mpi_set_ui(NULL, 1))); |
133 | GNUNET_assert (NULL != (tmp2 = gcry_mpi_set_ui (NULL, 2))); | 134 | GNUNET_assert(NULL != (tmp2 = gcry_mpi_set_ui(NULL, 2))); |
134 | gcry_mpi_mul_2exp (tmp1, tmp1, GNUNET_CRYPTO_PAILLIER_BITS); | 135 | gcry_mpi_mul_2exp(tmp1, tmp1, GNUNET_CRYPTO_PAILLIER_BITS); |
135 | 136 | ||
136 | /* count number of possible operations | 137 | /* count number of possible operations |
137 | this would be nicer with gcry_mpi_get_nbits, however it does not return | 138 | this would be nicer with gcry_mpi_get_nbits, however it does not return |
138 | the BITLENGTH of the given MPI's value, but the bits required | 139 | the BITLENGTH of the given MPI's value, but the bits required |
139 | to represent the number as MPI. */ | 140 | to represent the number as MPI. */ |
140 | for (possible_opts = -2; gcry_mpi_cmp (tmp1, m) > 0; possible_opts++) | 141 | for (possible_opts = -2; gcry_mpi_cmp(tmp1, m) > 0; possible_opts++) |
141 | gcry_mpi_div (tmp1, NULL, tmp1, tmp2, 0); | 142 | gcry_mpi_div(tmp1, NULL, tmp1, tmp2, 0); |
142 | gcry_mpi_release (tmp1); | 143 | gcry_mpi_release(tmp1); |
143 | gcry_mpi_release (tmp2); | 144 | gcry_mpi_release(tmp2); |
144 | 145 | ||
145 | if (possible_opts < 1) | 146 | if (possible_opts < 1) |
146 | possible_opts = 0; | 147 | possible_opts = 0; |
147 | /* soft-cap by caller */ | 148 | /* soft-cap by caller */ |
148 | possible_opts = (desired_ops < possible_opts)? desired_ops : possible_opts; | 149 | possible_opts = (desired_ops < possible_opts) ? desired_ops : possible_opts; |
149 | 150 | ||
150 | ciphertext->remaining_ops = htonl (possible_opts); | 151 | ciphertext->remaining_ops = htonl(possible_opts); |
151 | 152 | ||
152 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, | 153 | GNUNET_CRYPTO_mpi_scan_unsigned(&n, |
153 | public_key, | 154 | public_key, |
154 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 155 | sizeof(struct GNUNET_CRYPTO_PaillierPublicKey)); |
155 | highbit = GNUNET_CRYPTO_PAILLIER_BITS - 1; | 156 | highbit = GNUNET_CRYPTO_PAILLIER_BITS - 1; |
156 | while ( (! gcry_mpi_test_bit (n, highbit)) && | 157 | while ((!gcry_mpi_test_bit(n, highbit)) && |
157 | (0 != highbit) ) | 158 | (0 != highbit)) |
158 | highbit--; | 159 | highbit--; |
159 | if (0 == highbit) | 160 | if (0 == highbit) |
160 | { | 161 | { |
161 | /* invalid public key */ | 162 | /* invalid public key */ |
162 | GNUNET_break_op (0); | 163 | GNUNET_break_op(0); |
163 | gcry_mpi_release (n); | 164 | gcry_mpi_release(n); |
164 | return GNUNET_SYSERR; | 165 | return GNUNET_SYSERR; |
165 | } | 166 | } |
166 | GNUNET_assert (0 != (n_square = gcry_mpi_new (0))); | 167 | GNUNET_assert(0 != (n_square = gcry_mpi_new(0))); |
167 | GNUNET_assert (0 != (r = gcry_mpi_new (0))); | 168 | GNUNET_assert(0 != (r = gcry_mpi_new(0))); |
168 | GNUNET_assert (0 != (c = gcry_mpi_new (0))); | 169 | GNUNET_assert(0 != (c = gcry_mpi_new(0))); |
169 | gcry_mpi_mul (n_square, n, n); | 170 | gcry_mpi_mul(n_square, n, n); |
170 | 171 | ||
171 | /* generate r < n (without bias) */ | 172 | /* generate r < n (without bias) */ |
172 | do { | 173 | do |
173 | gcry_mpi_randomize (r, highbit + 1, GCRY_STRONG_RANDOM); | 174 | { |
174 | } | 175 | gcry_mpi_randomize(r, highbit + 1, GCRY_STRONG_RANDOM); |
175 | while (gcry_mpi_cmp (r, n) >= 0); | 176 | } |
177 | while (gcry_mpi_cmp(r, n) >= 0); | ||
176 | 178 | ||
177 | /* c = (n+1)^m mod n^2 */ | 179 | /* c = (n+1)^m mod n^2 */ |
178 | /* c = n + 1 */ | 180 | /* c = n + 1 */ |
179 | gcry_mpi_add_ui (c, n, 1); | 181 | gcry_mpi_add_ui(c, n, 1); |
180 | /* c = (n+1)^m mod n^2 */ | 182 | /* c = (n+1)^m mod n^2 */ |
181 | gcry_mpi_powm (c, c, m, n_square); | 183 | gcry_mpi_powm(c, c, m, n_square); |
182 | /* r <- r^n mod n^2 */ | 184 | /* r <- r^n mod n^2 */ |
183 | gcry_mpi_powm (r, r, n, n_square); | 185 | gcry_mpi_powm(r, r, n, n_square); |
184 | /* c <- r*c mod n^2 */ | 186 | /* c <- r*c mod n^2 */ |
185 | gcry_mpi_mulm (c, r, c, n_square); | 187 | gcry_mpi_mulm(c, r, c, n_square); |
186 | 188 | ||
187 | GNUNET_CRYPTO_mpi_print_unsigned (ciphertext->bits, | 189 | GNUNET_CRYPTO_mpi_print_unsigned(ciphertext->bits, |
188 | sizeof ciphertext->bits, | 190 | sizeof ciphertext->bits, |
189 | c); | 191 | c); |
190 | 192 | ||
191 | gcry_mpi_release (n_square); | 193 | gcry_mpi_release(n_square); |
192 | gcry_mpi_release (n); | 194 | gcry_mpi_release(n); |
193 | gcry_mpi_release (r); | 195 | gcry_mpi_release(r); |
194 | gcry_mpi_release (c); | 196 | gcry_mpi_release(c); |
195 | 197 | ||
196 | return possible_opts; | 198 | return possible_opts; |
197 | } | 199 | } |
@@ -209,10 +211,10 @@ GNUNET_CRYPTO_paillier_encrypt1 (const struct GNUNET_CRYPTO_PaillierPublicKey *p | |||
209 | * or -1 if less than one homomorphic operation is possible | 211 | * or -1 if less than one homomorphic operation is possible |
210 | */ | 212 | */ |
211 | int | 213 | int |
212 | GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, | 214 | GNUNET_CRYPTO_paillier_encrypt(const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, |
213 | const gcry_mpi_t m, | 215 | const gcry_mpi_t m, |
214 | int desired_ops, | 216 | int desired_ops, |
215 | struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext) | 217 | struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext) |
216 | { | 218 | { |
217 | int possible_opts; | 219 | int possible_opts; |
218 | gcry_mpi_t n_square; | 220 | gcry_mpi_t n_square; |
@@ -227,86 +229,87 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
227 | 229 | ||
228 | /* set max_num = 2^{GNUNET_CRYPTO_PAILLIER_BITS}, the largest | 230 | /* set max_num = 2^{GNUNET_CRYPTO_PAILLIER_BITS}, the largest |
229 | number we can have as a result */ | 231 | number we can have as a result */ |
230 | GNUNET_assert (NULL != (max_num = gcry_mpi_set_ui (NULL, 1))); | 232 | GNUNET_assert(NULL != (max_num = gcry_mpi_set_ui(NULL, 1))); |
231 | gcry_mpi_mul_2exp (max_num, | 233 | gcry_mpi_mul_2exp(max_num, |
232 | max_num, | 234 | max_num, |
233 | GNUNET_CRYPTO_PAILLIER_BITS); | 235 | GNUNET_CRYPTO_PAILLIER_BITS); |
234 | 236 | ||
235 | /* Determine how many operations we could allow, assuming the other | 237 | /* Determine how many operations we could allow, assuming the other |
236 | number has the same length (or is smaller), by counting the | 238 | number has the same length (or is smaller), by counting the |
237 | number of possible operations. We essentially divide max_num by | 239 | number of possible operations. We essentially divide max_num by |
238 | 2 until the result is no longer larger than 'm', incrementing the | 240 | 2 until the result is no longer larger than 'm', incrementing the |
239 | maximum number of operations in each round, starting at -2 */ | 241 | maximum number of operations in each round, starting at -2 */ |
240 | for (possible_opts = -2; gcry_mpi_cmp (max_num, m) > 0; possible_opts++) | 242 | for (possible_opts = -2; gcry_mpi_cmp(max_num, m) > 0; possible_opts++) |
241 | gcry_mpi_div (max_num, | 243 | gcry_mpi_div(max_num, |
242 | NULL, | 244 | NULL, |
243 | max_num, | 245 | max_num, |
244 | GCRYMPI_CONST_TWO, | 246 | GCRYMPI_CONST_TWO, |
245 | 0); | 247 | 0); |
246 | gcry_mpi_release (max_num); | 248 | gcry_mpi_release(max_num); |
247 | 249 | ||
248 | if (possible_opts < 1) | 250 | if (possible_opts < 1) |
249 | possible_opts = 0; | 251 | possible_opts = 0; |
250 | /* Enforce soft-cap by caller */ | 252 | /* Enforce soft-cap by caller */ |
251 | possible_opts = GNUNET_MIN (desired_ops, possible_opts); | 253 | possible_opts = GNUNET_MIN(desired_ops, possible_opts); |
252 | ciphertext->remaining_ops = htonl (possible_opts); | 254 | ciphertext->remaining_ops = htonl(possible_opts); |
253 | 255 | ||
254 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, | 256 | GNUNET_CRYPTO_mpi_scan_unsigned(&n, |
255 | public_key, | 257 | public_key, |
256 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 258 | sizeof(struct GNUNET_CRYPTO_PaillierPublicKey)); |
257 | 259 | ||
258 | /* check public key for number of bits, bail out if key is all zeros */ | 260 | /* check public key for number of bits, bail out if key is all zeros */ |
259 | highbit = GNUNET_CRYPTO_PAILLIER_BITS - 1; | 261 | highbit = GNUNET_CRYPTO_PAILLIER_BITS - 1; |
260 | while ( (! gcry_mpi_test_bit (n, highbit)) && | 262 | while ((!gcry_mpi_test_bit(n, highbit)) && |
261 | (0 != highbit) ) | 263 | (0 != highbit)) |
262 | highbit--; | 264 | highbit--; |
263 | if (0 == highbit) | 265 | if (0 == highbit) |
264 | { | 266 | { |
265 | /* invalid public key */ | 267 | /* invalid public key */ |
266 | GNUNET_break_op (0); | 268 | GNUNET_break_op(0); |
267 | gcry_mpi_release (n); | 269 | gcry_mpi_release(n); |
268 | return GNUNET_SYSERR; | 270 | return GNUNET_SYSERR; |
269 | } | 271 | } |
270 | 272 | ||
271 | /* generate r < n (without bias) */ | 273 | /* generate r < n (without bias) */ |
272 | GNUNET_assert (NULL != (r = gcry_mpi_new (0))); | 274 | GNUNET_assert(NULL != (r = gcry_mpi_new(0))); |
273 | do { | 275 | do |
274 | gcry_mpi_randomize (r, highbit + 1, GCRY_STRONG_RANDOM); | 276 | { |
275 | } | 277 | gcry_mpi_randomize(r, highbit + 1, GCRY_STRONG_RANDOM); |
276 | while (gcry_mpi_cmp (r, n) >= 0); | 278 | } |
279 | while (gcry_mpi_cmp(r, n) >= 0); | ||
277 | 280 | ||
278 | /* g = n + 1 */ | 281 | /* g = n + 1 */ |
279 | GNUNET_assert (0 != (g = gcry_mpi_new (0))); | 282 | GNUNET_assert(0 != (g = gcry_mpi_new(0))); |
280 | gcry_mpi_add_ui (g, n, 1); | 283 | gcry_mpi_add_ui(g, n, 1); |
281 | 284 | ||
282 | /* n_square = n^2 */ | 285 | /* n_square = n^2 */ |
283 | GNUNET_assert (0 != (n_square = gcry_mpi_new (0))); | 286 | GNUNET_assert(0 != (n_square = gcry_mpi_new(0))); |
284 | gcry_mpi_mul (n_square, | 287 | gcry_mpi_mul(n_square, |
285 | n, | 288 | n, |
286 | n); | 289 | n); |
287 | 290 | ||
288 | /* gm = g^m mod n^2 */ | 291 | /* gm = g^m mod n^2 */ |
289 | GNUNET_assert (0 != (gm = gcry_mpi_new (0))); | 292 | GNUNET_assert(0 != (gm = gcry_mpi_new(0))); |
290 | gcry_mpi_powm (gm, g, m, n_square); | 293 | gcry_mpi_powm(gm, g, m, n_square); |
291 | gcry_mpi_release (g); | 294 | gcry_mpi_release(g); |
292 | 295 | ||
293 | /* rn <- r^n mod n^2 */ | 296 | /* rn <- r^n mod n^2 */ |
294 | GNUNET_assert (0 != (rn = gcry_mpi_new (0))); | 297 | GNUNET_assert(0 != (rn = gcry_mpi_new(0))); |
295 | gcry_mpi_powm (rn, r, n, n_square); | 298 | gcry_mpi_powm(rn, r, n, n_square); |
296 | gcry_mpi_release (r); | 299 | gcry_mpi_release(r); |
297 | gcry_mpi_release (n); | 300 | gcry_mpi_release(n); |
298 | 301 | ||
299 | /* c <- rn * gm mod n^2 */ | 302 | /* c <- rn * gm mod n^2 */ |
300 | GNUNET_assert (0 != (c = gcry_mpi_new (0))); | 303 | GNUNET_assert(0 != (c = gcry_mpi_new(0))); |
301 | gcry_mpi_mulm (c, rn, gm, n_square); | 304 | gcry_mpi_mulm(c, rn, gm, n_square); |
302 | gcry_mpi_release (n_square); | 305 | gcry_mpi_release(n_square); |
303 | gcry_mpi_release (gm); | 306 | gcry_mpi_release(gm); |
304 | gcry_mpi_release (rn); | 307 | gcry_mpi_release(rn); |
305 | 308 | ||
306 | GNUNET_CRYPTO_mpi_print_unsigned (ciphertext->bits, | 309 | GNUNET_CRYPTO_mpi_print_unsigned(ciphertext->bits, |
307 | sizeof (ciphertext->bits), | 310 | sizeof(ciphertext->bits), |
308 | c); | 311 | c); |
309 | gcry_mpi_release (c); | 312 | gcry_mpi_release(c); |
310 | 313 | ||
311 | return possible_opts; | 314 | return possible_opts; |
312 | } | 315 | } |
@@ -321,10 +324,10 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
321 | * @param[out] m Decryption of @a ciphertext with @private_key. | 324 | * @param[out] m Decryption of @a ciphertext with @private_key. |
322 | */ | 325 | */ |
323 | void | 326 | void |
324 | GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key, | 327 | GNUNET_CRYPTO_paillier_decrypt(const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key, |
325 | const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, | 328 | const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, |
326 | const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext, | 329 | const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext, |
327 | gcry_mpi_t m) | 330 | gcry_mpi_t m) |
328 | { | 331 | { |
329 | gcry_mpi_t mu; | 332 | gcry_mpi_t mu; |
330 | gcry_mpi_t lambda; | 333 | gcry_mpi_t lambda; |
@@ -335,48 +338,48 @@ GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *p | |||
335 | gcry_mpi_t cmum1; | 338 | gcry_mpi_t cmum1; |
336 | gcry_mpi_t mod; | 339 | gcry_mpi_t mod; |
337 | 340 | ||
338 | GNUNET_CRYPTO_mpi_scan_unsigned (&lambda, | 341 | GNUNET_CRYPTO_mpi_scan_unsigned(&lambda, |
339 | private_key->lambda, | 342 | private_key->lambda, |
340 | sizeof (private_key->lambda)); | 343 | sizeof(private_key->lambda)); |
341 | GNUNET_CRYPTO_mpi_scan_unsigned (&mu, | 344 | GNUNET_CRYPTO_mpi_scan_unsigned(&mu, |
342 | private_key->mu, | 345 | private_key->mu, |
343 | sizeof (private_key->mu)); | 346 | sizeof(private_key->mu)); |
344 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, | 347 | GNUNET_CRYPTO_mpi_scan_unsigned(&n, |
345 | public_key, | 348 | public_key, |
346 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 349 | sizeof(struct GNUNET_CRYPTO_PaillierPublicKey)); |
347 | GNUNET_CRYPTO_mpi_scan_unsigned (&c, | 350 | GNUNET_CRYPTO_mpi_scan_unsigned(&c, |
348 | ciphertext->bits, | 351 | ciphertext->bits, |
349 | sizeof (ciphertext->bits)); | 352 | sizeof(ciphertext->bits)); |
350 | 353 | ||
351 | /* n_square = n * n */ | 354 | /* n_square = n * n */ |
352 | GNUNET_assert (0 != (n_square = gcry_mpi_new (0))); | 355 | GNUNET_assert(0 != (n_square = gcry_mpi_new(0))); |
353 | gcry_mpi_mul (n_square, n, n); | 356 | gcry_mpi_mul(n_square, n, n); |
354 | 357 | ||
355 | /* cmu = c^lambda mod n^2 */ | 358 | /* cmu = c^lambda mod n^2 */ |
356 | GNUNET_assert (0 != (cmu = gcry_mpi_new (0))); | 359 | GNUNET_assert(0 != (cmu = gcry_mpi_new(0))); |
357 | gcry_mpi_powm (cmu, | 360 | gcry_mpi_powm(cmu, |
358 | c, | 361 | c, |
359 | lambda, | 362 | lambda, |
360 | n_square); | 363 | n_square); |
361 | gcry_mpi_release (n_square); | 364 | gcry_mpi_release(n_square); |
362 | gcry_mpi_release (lambda); | 365 | gcry_mpi_release(lambda); |
363 | gcry_mpi_release (c); | 366 | gcry_mpi_release(c); |
364 | 367 | ||
365 | /* cmum1 = cmu - 1 */ | 368 | /* cmum1 = cmu - 1 */ |
366 | GNUNET_assert (0 != (cmum1 = gcry_mpi_new (0))); | 369 | GNUNET_assert(0 != (cmum1 = gcry_mpi_new(0))); |
367 | gcry_mpi_sub_ui (cmum1, cmu, 1); | 370 | gcry_mpi_sub_ui(cmum1, cmu, 1); |
368 | gcry_mpi_release (cmu); | 371 | gcry_mpi_release(cmu); |
369 | 372 | ||
370 | /* mod = cmum1 / n (mod n) */ | 373 | /* mod = cmum1 / n (mod n) */ |
371 | GNUNET_assert (0 != (mod = gcry_mpi_new (0))); | 374 | GNUNET_assert(0 != (mod = gcry_mpi_new(0))); |
372 | gcry_mpi_div (mod, NULL, cmum1, n, 0); | 375 | gcry_mpi_div(mod, NULL, cmum1, n, 0); |
373 | gcry_mpi_release (cmum1); | 376 | gcry_mpi_release(cmum1); |
374 | 377 | ||
375 | /* m = mod * mu mod n */ | 378 | /* m = mod * mu mod n */ |
376 | gcry_mpi_mulm (m, mod, mu, n); | 379 | gcry_mpi_mulm(m, mod, mu, n); |
377 | gcry_mpi_release (mod); | 380 | gcry_mpi_release(mod); |
378 | gcry_mpi_release (mu); | 381 | gcry_mpi_release(mu); |
379 | gcry_mpi_release (n); | 382 | gcry_mpi_release(n); |
380 | } | 383 | } |
381 | 384 | ||
382 | 385 | ||
@@ -395,10 +398,10 @@ GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *p | |||
395 | * #GNUNET_SYSERR if no more homomorphic operations are remaining. | 398 | * #GNUNET_SYSERR if no more homomorphic operations are remaining. |
396 | */ | 399 | */ |
397 | int | 400 | int |
398 | GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, | 401 | GNUNET_CRYPTO_paillier_hom_add(const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, |
399 | const struct GNUNET_CRYPTO_PaillierCiphertext *c1, | 402 | const struct GNUNET_CRYPTO_PaillierCiphertext *c1, |
400 | const struct GNUNET_CRYPTO_PaillierCiphertext *c2, | 403 | const struct GNUNET_CRYPTO_PaillierCiphertext *c2, |
401 | struct GNUNET_CRYPTO_PaillierCiphertext *result) | 404 | struct GNUNET_CRYPTO_PaillierCiphertext *result) |
402 | { | 405 | { |
403 | gcry_mpi_t a; | 406 | gcry_mpi_t a; |
404 | gcry_mpi_t b; | 407 | gcry_mpi_t b; |
@@ -408,42 +411,42 @@ GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
408 | int32_t o1; | 411 | int32_t o1; |
409 | int32_t o2; | 412 | int32_t o2; |
410 | 413 | ||
411 | o1 = (int32_t) ntohl (c1->remaining_ops); | 414 | o1 = (int32_t)ntohl(c1->remaining_ops); |
412 | o2 = (int32_t) ntohl (c2->remaining_ops); | 415 | o2 = (int32_t)ntohl(c2->remaining_ops); |
413 | if ( (0 >= o1) || (0 >= o2) ) | 416 | if ((0 >= o1) || (0 >= o2)) |
414 | { | 417 | { |
415 | GNUNET_break_op (0); | 418 | GNUNET_break_op(0); |
416 | return GNUNET_SYSERR; | 419 | return GNUNET_SYSERR; |
417 | } | 420 | } |
418 | 421 | ||
419 | GNUNET_CRYPTO_mpi_scan_unsigned (&a, | 422 | GNUNET_CRYPTO_mpi_scan_unsigned(&a, |
420 | c1->bits, | 423 | c1->bits, |
421 | sizeof (c1->bits)); | 424 | sizeof(c1->bits)); |
422 | GNUNET_CRYPTO_mpi_scan_unsigned (&b, | 425 | GNUNET_CRYPTO_mpi_scan_unsigned(&b, |
423 | c2->bits, | 426 | c2->bits, |
424 | sizeof (c2->bits)); | 427 | sizeof(c2->bits)); |
425 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, | 428 | GNUNET_CRYPTO_mpi_scan_unsigned(&n, |
426 | public_key, | 429 | public_key, |
427 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 430 | sizeof(struct GNUNET_CRYPTO_PaillierPublicKey)); |
428 | 431 | ||
429 | /* n_square = n * n */ | 432 | /* n_square = n * n */ |
430 | GNUNET_assert (0 != (n_square = gcry_mpi_new (0))); | 433 | GNUNET_assert(0 != (n_square = gcry_mpi_new(0))); |
431 | gcry_mpi_mul (n_square, n, n); | 434 | gcry_mpi_mul(n_square, n, n); |
432 | gcry_mpi_release (n); | 435 | gcry_mpi_release(n); |
433 | 436 | ||
434 | /* c = a * b mod n_square */ | 437 | /* c = a * b mod n_square */ |
435 | GNUNET_assert (0 != (c = gcry_mpi_new (0))); | 438 | GNUNET_assert(0 != (c = gcry_mpi_new(0))); |
436 | gcry_mpi_mulm (c, a, b, n_square); | 439 | gcry_mpi_mulm(c, a, b, n_square); |
437 | gcry_mpi_release (n_square); | 440 | gcry_mpi_release(n_square); |
438 | gcry_mpi_release (a); | 441 | gcry_mpi_release(a); |
439 | gcry_mpi_release (b); | 442 | gcry_mpi_release(b); |
440 | 443 | ||
441 | result->remaining_ops = htonl (GNUNET_MIN (o1, o2) - 1); | 444 | result->remaining_ops = htonl(GNUNET_MIN(o1, o2) - 1); |
442 | GNUNET_CRYPTO_mpi_print_unsigned (result->bits, | 445 | GNUNET_CRYPTO_mpi_print_unsigned(result->bits, |
443 | sizeof (result->bits), | 446 | sizeof(result->bits), |
444 | c); | 447 | c); |
445 | gcry_mpi_release (c); | 448 | gcry_mpi_release(c); |
446 | return ntohl (result->remaining_ops); | 449 | return ntohl(result->remaining_ops); |
447 | } | 450 | } |
448 | 451 | ||
449 | 452 | ||
@@ -454,10 +457,10 @@ GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
454 | * @return the number of remaining homomorphic operations | 457 | * @return the number of remaining homomorphic operations |
455 | */ | 458 | */ |
456 | int | 459 | int |
457 | GNUNET_CRYPTO_paillier_hom_get_remaining (const struct GNUNET_CRYPTO_PaillierCiphertext *c) | 460 | GNUNET_CRYPTO_paillier_hom_get_remaining(const struct GNUNET_CRYPTO_PaillierCiphertext *c) |
458 | { | 461 | { |
459 | GNUNET_assert (NULL != c); | 462 | GNUNET_assert(NULL != c); |
460 | return ntohl (c->remaining_ops); | 463 | return ntohl(c->remaining_ops); |
461 | } | 464 | } |
462 | 465 | ||
463 | /* end of crypto_paillier.c */ | 466 | /* end of crypto_paillier.c */ |