mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-07-16 05:51:55 +00:00
LibCrypto: Remove unused big numbers random and primality functions
Remove `random_number`, `is_probably_prime` and `random_big_prime` as they are unused.
This commit is contained in:
devgianlu
Jelle Raaijmakers
parent
dd0cced92f
commit
14387e5411
Notes:
github-actions[bot]
2025-04-28 10:07:00 +00:00
Author: https://github.com/devgianlu
Commit: 14387e5411
Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/4482
Reviewed-by: https://github.com/gmta ✅
3 changed files with 0 additions and 185 deletions
|
|
@ -114,122 +114,4 @@ UnsignedBigInteger LCM(UnsignedBigInteger const& a, UnsignedBigInteger const& b)
|
|||
return output;
|
||||
}
|
||||
|
||||
static bool MR_primality_test(UnsignedBigInteger n, Vector<UnsignedBigInteger, 256> const& tests)
|
||||
{
|
||||
// Written using Wikipedia:
|
||||
// https://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test#Miller%E2%80%93Rabin_test
|
||||
VERIFY(!(n < 4));
|
||||
auto predecessor = n.minus({ 1 });
|
||||
auto d = predecessor;
|
||||
size_t r = 0;
|
||||
|
||||
{
|
||||
auto div_result = d.divided_by(2);
|
||||
while (div_result.remainder == 0) {
|
||||
d = div_result.quotient;
|
||||
div_result = d.divided_by(2);
|
||||
++r;
|
||||
}
|
||||
}
|
||||
if (r == 0) {
|
||||
// n - 1 is odd, so n was even. But there is only one even prime:
|
||||
return n == 2;
|
||||
}
|
||||
|
||||
for (auto& a : tests) {
|
||||
// Technically: VERIFY(2 <= a && a <= n - 2)
|
||||
VERIFY(a < n);
|
||||
auto x = ModularPower(a, d, n);
|
||||
if (x == 1 || x == predecessor)
|
||||
continue;
|
||||
bool skip_this_witness = false;
|
||||
// r − 1 iterations.
|
||||
for (size_t i = 0; i < r - 1; ++i) {
|
||||
x = ModularPower(x, 2, n);
|
||||
if (x == predecessor) {
|
||||
skip_this_witness = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (skip_this_witness)
|
||||
continue;
|
||||
return false; // "composite"
|
||||
}
|
||||
|
||||
return true; // "probably prime"
|
||||
}
|
||||
|
||||
UnsignedBigInteger random_number(UnsignedBigInteger const& min, UnsignedBigInteger const& max_excluded)
|
||||
{
|
||||
VERIFY(min < max_excluded);
|
||||
auto range = max_excluded.minus(min);
|
||||
UnsignedBigInteger base;
|
||||
auto size = range.trimmed_length() * sizeof(u32) + 2;
|
||||
// "+2" is intentional (see below).
|
||||
auto buffer = ByteBuffer::create_uninitialized(size).release_value_but_fixme_should_propagate_errors(); // FIXME: Handle possible OOM situation.
|
||||
auto* buf = buffer.data();
|
||||
|
||||
fill_with_secure_random(buffer);
|
||||
UnsignedBigInteger random { buf, size };
|
||||
// At this point, `random` is a large number, in the range [0, 256^size).
|
||||
// To get down to the actual range, we could just compute random % range.
|
||||
// This introduces "modulo bias". However, since we added 2 to `size`,
|
||||
// we know that the generated range is at least 65536 times as large as the
|
||||
// required range! This means that the modulo bias is only 0.0015%, if all
|
||||
// inputs are chosen adversarially. Let's hope this is good enough.
|
||||
auto divmod = random.divided_by(range);
|
||||
// The proper way to fix this is to restart if `divmod.quotient` is maximal.
|
||||
return divmod.remainder.plus(min);
|
||||
}
|
||||
|
||||
bool is_probably_prime(UnsignedBigInteger const& p)
|
||||
{
|
||||
// Is it a small number?
|
||||
if (p < 49) {
|
||||
u32 p_value = p.words()[0];
|
||||
// Is it a very small prime?
|
||||
if (p_value == 2 || p_value == 3 || p_value == 5 || p_value == 7)
|
||||
return true;
|
||||
// Is it the multiple of a very small prime?
|
||||
if (p_value % 2 == 0 || p_value % 3 == 0 || p_value % 5 == 0 || p_value % 7 == 0)
|
||||
return false;
|
||||
// Then it must be a prime, but not a very small prime, like 37.
|
||||
return true;
|
||||
}
|
||||
|
||||
Vector<UnsignedBigInteger, 256> tests;
|
||||
// Make some good initial guesses that are guaranteed to find all primes < 2^64.
|
||||
tests.append(UnsignedBigInteger(2));
|
||||
tests.append(UnsignedBigInteger(3));
|
||||
tests.append(UnsignedBigInteger(5));
|
||||
tests.append(UnsignedBigInteger(7));
|
||||
tests.append(UnsignedBigInteger(11));
|
||||
tests.append(UnsignedBigInteger(13));
|
||||
UnsignedBigInteger seventeen { 17 };
|
||||
for (size_t i = tests.size(); i < 256; ++i) {
|
||||
tests.append(random_number(seventeen, p.minus(2)));
|
||||
}
|
||||
// Miller-Rabin's "error" is 8^-k. In adversarial cases, it's 4^-k.
|
||||
// With 200 random numbers, this would mean an error of about 2^-400.
|
||||
// So we don't need to worry too much about the quality of the random numbers.
|
||||
|
||||
return MR_primality_test(p, tests);
|
||||
}
|
||||
|
||||
UnsignedBigInteger random_big_prime(size_t bits)
|
||||
{
|
||||
VERIFY(bits >= 33);
|
||||
UnsignedBigInteger min = "6074001000"_bigint.shift_left(bits - 33);
|
||||
UnsignedBigInteger max = UnsignedBigInteger { 1 }.shift_left(bits).minus(1);
|
||||
for (;;) {
|
||||
auto p = random_number(min, max);
|
||||
if ((p.words()[0] & 1) == 0) {
|
||||
// An even number is definitely not a large prime.
|
||||
continue;
|
||||
}
|
||||
if (is_probably_prime(p))
|
||||
return p;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue