'safegcd' modular inversion

Author: peterdettman

crypto/src/bcpg/RsaSecretBcpgKey.cs

@@ -1,6 +1,7 @@
 using System;
 
 using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Bcpg
 {
@@ -21,7 +22,7 @@ public RsaSecretBcpgKey(
 
 			this.expP = d.Value.Remainder(p.Value.Subtract(BigInteger.One));
 			this.expQ = d.Value.Remainder(q.Value.Subtract(BigInteger.One));
-			this.crt = q.Value.ModInverse(p.Value);
+			this.crt = BigIntegers.ModOddInverse(p.Value, q.Value);
 		}
 
 		public RsaSecretBcpgKey(
@@ -44,11 +45,11 @@ public RsaSecretBcpgKey(
 			this.d = new MPInteger(d);
 			this.p = new MPInteger(p);
 			this.q = new MPInteger(q);
-			this.u = new MPInteger(p.ModInverse(q));
+			this.u = new MPInteger(BigIntegers.ModOddInverse(q, p));
 
 			this.expP = d.Remainder(p.Subtract(BigInteger.One));
 			this.expQ = d.Remainder(q.Subtract(BigInteger.One));
-			this.crt = q.ModInverse(p);
+			this.crt = BigIntegers.ModOddInverse(p, q);
 		}
 
 		public BigInteger Modulus

crypto/src/crypto/engines/RSABlindedEngine.cs

@@ -132,7 +132,7 @@ public virtual byte[] ProcessBlock(
                     BigInteger blindedInput = r.ModPow(e, m).Multiply(input).Mod(m);
                     BigInteger blindedResult = core.ProcessBlock(blindedInput);
 
-                    BigInteger rInv = r.ModInverse(m);
+                    BigInteger rInv = BigIntegers.ModOddInverse(m, r);
                     result = blindedResult.Multiply(rInv).Mod(m);
 
                     // defence against Arjen Lenstra’s CRT attack

crypto/src/crypto/engines/RSABlindingEngine.cs

@@ -2,6 +2,7 @@
 
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Engines
 {
@@ -139,7 +140,7 @@ private BigInteger UnblindMessage(
 		{
 			BigInteger m = key.Modulus;
 			BigInteger msg = blindedMsg;
-			BigInteger blindFactorInverse = blindingFactor.ModInverse(m);
+			BigInteger blindFactorInverse = BigIntegers.ModOddInverse(m, blindingFactor);
 			msg = msg.Multiply(blindFactorInverse);
 			msg = msg.Mod(m);
 

crypto/src/crypto/generators/RsaKeyPairGenerator.cs

@@ -127,7 +127,7 @@ public virtual AsymmetricCipherKeyPair GenerateKeyPair()
                 //
                 BigInteger dP = d.Remainder(pSub1);
                 BigInteger dQ = d.Remainder(qSub1);
-                BigInteger qInv = q.ModInverse(p);
+                BigInteger qInv = BigIntegers.ModOddInverse(p, q);
 
                 return new AsymmetricCipherKeyPair(
                     new RsaKeyParameters(false, n, e),

crypto/src/crypto/parameters/ECDomainParameters.cs

@@ -89,7 +89,7 @@ public BigInteger HInv
                 {
                     if (hInv == null)
                     {
-                        hInv = h.ModInverse(n);
+                        hInv = BigIntegers.ModOddInverseVar(n, h);
                     }
                     return hInv;
                 }

crypto/src/crypto/signers/DsaSigner.cs

@@ -1,9 +1,9 @@
 using System;
 
-using Org.BouncyCastle.Crypto.Digests;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Signers
 {
@@ -104,7 +104,7 @@ public virtual BigInteger[] GenerateSignature(byte[] message)
 
             BigInteger r = parameters.G.ModPow(k, parameters.P).Mod(q);
 
-            k = k.ModInverse(q).Multiply(m.Add(x.Multiply(r)));
+            k = BigIntegers.ModOddInverse(q, k).Multiply(m.Add(x.Multiply(r)));
 
             BigInteger s = k.Mod(q);
 
@@ -132,7 +132,7 @@ public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s)
                 return false;
             }
 
-            BigInteger w = s.ModInverse(q);
+            BigInteger w = BigIntegers.ModOddInverseVar(q, s);
 
             BigInteger u1 = m.Multiply(w).Mod(q);
             BigInteger u2 = r.Multiply(w).Mod(q);

crypto/src/crypto/signers/ECDsaSigner.cs

@@ -6,6 +6,7 @@
 using Org.BouncyCastle.Math.EC;
 using Org.BouncyCastle.Math.EC.Multiplier;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Signers
 {
@@ -123,7 +124,7 @@ public virtual BigInteger[] GenerateSignature(byte[] message)
                 }
                 while (r.SignValue == 0);
 
-                s = k.ModInverse(n).Multiply(e.Add(d.Multiply(r))).Mod(n);
+                s = BigIntegers.ModOddInverse(n, k).Multiply(e.Add(d.Multiply(r))).Mod(n);
             }
             while (s.SignValue == 0);
 
@@ -148,7 +149,7 @@ public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s)
             }
 
             BigInteger e = CalculateE(n, message);
-            BigInteger c = s.ModInverse(n);
+            BigInteger c = BigIntegers.ModOddInverseVar(n, s);
 
             BigInteger u1 = e.Multiply(c).Mod(n);
             BigInteger u2 = r.Multiply(c).Mod(n);

crypto/src/crypto/signers/ECGOST3410Signer.cs

@@ -145,7 +145,7 @@ public virtual bool VerifySignature(
                 return false;
             }
 
-            BigInteger v = e.ModInverse(n);
+            BigInteger v = BigIntegers.ModOddInverseVar(n, e);
 
             BigInteger z1 = s.Multiply(v).Mod(n);
             BigInteger z2 = (n.Subtract(r)).Multiply(v).Mod(n);

crypto/src/crypto/signers/SM2Signer.cs

@@ -6,6 +6,7 @@
 using Org.BouncyCastle.Math.EC;
 using Org.BouncyCastle.Math.EC.Multiplier;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 
 namespace Org.BouncyCastle.Crypto.Signers
@@ -164,7 +165,7 @@ public virtual byte[] GenerateSignature()
                 while (r.SignValue == 0 || r.Add(k).Equals(n));
 
                 // A6
-                BigInteger dPlus1ModN = d.Add(BigInteger.One).ModInverse(n);
+                BigInteger dPlus1ModN = BigIntegers.ModOddInverse(n, d.Add(BigIntegers.One));
 
                 s = k.Subtract(r.Multiply(d)).Mod(n);
                 s = dPlus1ModN.Multiply(s).Mod(n);

crypto/src/math/ec/ECFieldElement.cs

@@ -1,7 +1,6 @@
 using System;
 using System.Diagnostics;
 
-using Org.BouncyCastle.Math.Raw;
 using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Math.EC
@@ -434,13 +433,7 @@ protected virtual BigInteger ModHalfAbs(BigInteger x)
 
         protected virtual BigInteger ModInverse(BigInteger x)
         {
-            int bits = FieldSize;
-            int len = (bits + 31) >> 5;
-            uint[] p = Nat.FromBigInteger(bits, q);
-            uint[] n = Nat.FromBigInteger(bits, x);
-            uint[] z = Nat.Create(len);
-            Mod.Invert(p, n, z);
-            return Nat.ToBigInteger(len, z);
+            return BigIntegers.ModOddInverse(q, x);
         }
 
         protected virtual BigInteger ModMult(BigInteger x1, BigInteger x2)