自学教程：C++ BN_init函数代码示例

vg_context_t *vg_prefix_context_new(int addrtype, int privtype, int caseinsensitive){	vg_prefix_context_t *vcpp;	vcpp = (vg_prefix_context_t *) malloc(sizeof(*vcpp));	if (vcpp) {		memset(vcpp, 0, sizeof(*vcpp));		vcpp->base.vc_addrtype = addrtype;		vcpp->base.vc_privtype = privtype;		vcpp->base.vc_npatterns = 0;		vcpp->base.vc_npatterns_start = 0;		vcpp->base.vc_found = 0;		vcpp->base.vc_chance = 0.0;		vcpp->base.vc_free = vg_prefix_context_free;		vcpp->base.vc_add_patterns = vg_prefix_context_add_patterns;		vcpp->base.vc_clear_all_patterns =			vg_prefix_context_clear_all_patterns;		vcpp->base.vc_test = vg_prefix_test;		vcpp->base.vc_hash160_sort = vg_prefix_hash160_sort;		avl_root_init(&vcpp->vcp_avlroot);		BN_init(&vcpp->vcp_difficulty);		vcpp->vcp_caseinsensitive = caseinsensitive;	}	return &vcpp->base;}

static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)	{	BN_CTX *ctx;	BIGNUM k,*kinv=NULL,*r=NULL;	int ret=0;	if (ctx_in == NULL)		{		if ((ctx=BN_CTX_new()) == NULL) goto err;		}	else		ctx=ctx_in;	BN_init(&k);	if ((r=BN_new()) == NULL) goto err;	kinv=NULL;	/* Get random k */	for (;;)		{		if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err;		if (BN_cmp(&k,dsa->q) >= 0)			BN_sub(&k,&k,dsa->q);		if (!BN_is_zero(&k)) break;		}	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))		{		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,				dsa->p,ctx)) goto err;		}	/* Compute r = (g^k mod p) mod q */	if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;	if (!BN_mod(r,r,dsa->q,ctx)) goto err;	/* Compute  part of 's = inv(k) (m + xr) mod q' */	if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;	if (*kinvp != NULL) BN_clear_free(*kinvp);	*kinvp=kinv;	kinv=NULL;	if (*rp != NULL) BN_clear_free(*rp);	*rp=r;	ret=1;err:	if (!ret)		{		DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);		if (kinv != NULL) BN_clear_free(kinv);		if (r != NULL) BN_clear_free(r);		}	if (ctx_in == NULL) BN_CTX_free(ctx);	if (kinv != NULL) BN_clear_free(kinv);	BN_clear_free(&k);	return(ret);	}

qint32 CryptoUtils::checkDHParams (BIGNUM *p, qint32 g) {    if (g < 2 || g > 7) { return -1; }    BIGNUM t;    BN_init (&t);    BIGNUM dh_g;    BN_init (&dh_g);    Utils::ensure (BN_set_word (&dh_g, 4 * g));    Utils::ensure (BN_mod (&t, p, &dh_g, BN_ctx));    qint32 x = BN_get_word (&t);    Q_ASSERT(x >= 0 && x < 4 * g);    BN_free (&dh_g);    switch (g) {    case 2:        if (x != 7) { return -1; }        break;    case 3:        if (x % 3 != 2 ) { return -1; }        break;    case 4:        break;    case 5:        if (x % 5 != 1 && x % 5 != 4) { return -1; }        break;    case 6:        if (x != 19 && x != 23) { return -1; }        break;    case 7:        if (x % 7 != 3 && x % 7 != 5 && x % 7 != 6) { return -1; }        break;    }    if (!checkPrime (p)) { return -1; }    BIGNUM b;    BN_init (&b);    Utils::ensure (BN_set_word (&b, 2));    Utils::ensure (BN_div (&t, 0, p, &b, BN_ctx));    if (!checkPrime (&t)) { return -1; }    BN_free (&b);    BN_free (&t);    return 0;}

/* signing */static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,	     unsigned char *to, RSA *rsa, int padding)	{	BIGNUM f,ret;	int i,j,k,num=0,r= -1;	unsigned char *buf=NULL;	BN_CTX *ctx=NULL;	int local_blinding = 0;	BN_BLINDING *blinding = NULL;	BN_init(&f);	BN_init(&ret);	if ((ctx=BN_CTX_new()) == NULL) goto err;	num=BN_num_bytes(rsa->n);	if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)		{		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);		goto err;		}	switch (padding)		{	case RSA_PKCS1_PADDING:		i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);		break;	case RSA_NO_PADDING:		i=RSA_padding_add_none(buf,num,from,flen);		break;	case RSA_SSLV23_PADDING:	default:		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);		goto err;		}	if (i <= 0) goto err;	if (BN_bin2bn(buf,num,&f) == NULL) goto err;		if (BN_ucmp(&f, rsa->n) >= 0)		{			/* usually the padding functions would catch this */		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);		goto err;		}	BLINDING_HELPER(rsa, ctx, goto err;);

void CECKey::SetSecretBytes(const unsigned char vch[32]){    BIGNUM bn;    BN_init(&bn);    assert(BN_bin2bn(vch, 32, &bn));    assert(EC_KEY_regenerate_key(pkey, &bn));    BN_clear_free(&bn);}

static int crypto_rsa_common(const BYTE* input, int length, UINT32 key_length, const BYTE* modulus, const BYTE* exponent, int exponent_size, BYTE* output){	BN_CTX* ctx;	int output_length;	BYTE* input_reverse;	BYTE* modulus_reverse;	BYTE* exponent_reverse;	BIGNUM mod, exp, x, y;	input_reverse = (BYTE*) malloc(2 * key_length + exponent_size);	modulus_reverse = input_reverse + key_length;	exponent_reverse = modulus_reverse + key_length;	memcpy(modulus_reverse, modulus, key_length);	crypto_reverse(modulus_reverse, key_length);	memcpy(exponent_reverse, exponent, exponent_size);	crypto_reverse(exponent_reverse, exponent_size);	memcpy(input_reverse, input, length);	crypto_reverse(input_reverse, length);	ctx = BN_CTX_new();	BN_init(&mod);	BN_init(&exp);	BN_init(&x);	BN_init(&y);	BN_bin2bn(modulus_reverse, key_length, &mod);	BN_bin2bn(exponent_reverse, exponent_size, &exp);	BN_bin2bn(input_reverse, length, &x);	BN_mod_exp(&y, &x, &exp, &mod, ctx);	output_length = BN_bn2bin(&y, output);	crypto_reverse(output, output_length);	if (output_length < (int) key_length)		memset(output + output_length, 0, key_length - output_length);	BN_free(&y);	BN_clear_free(&x);	BN_free(&exp);	BN_free(&mod);	BN_CTX_free(ctx);	free(input_reverse);	return output_length;}

EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)	{	EC_GROUP *ret;	if (meth == NULL)		{		ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);		return NULL;		}	if (meth->group_init == 0)		{		ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);		return NULL;		}	ret = clBnAlloc( "EC_GROUP_new",sizeof *ret);	/* pcg */	if (ret == NULL)		{		ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);		return NULL;		}	memset( ret, 0, sizeof( EC_GROUP ) );			/* pcg */	ret->meth = meth;	ret->extra_data = NULL;	ret->generator = NULL;	BN_init(&ret->order);	BN_init(&ret->cofactor);	ret->curve_name = 0;		ret->asn1_flag  = 0;	ret->asn1_form  = POINT_CONVERSION_UNCOMPRESSED;	ret->seed = NULL;	ret->seed_len = 0;	if (!meth->group_init(ret))		{		OPENSSL_free(ret);		return NULL;		}		return ret;	}

/** * Create shares depending on the provided parameters * * @param s Secret value to share * @param t Threshold needed to reconstruct the secret * @param n Total number of shares * @param prime Prime for finite field arithmetic * @param shares Pointer for storage of calculated shares (must be big enough to hold n shares) */static int createShares(const BIGNUM *s, const unsigned char t, const unsigned char n,	const BIGNUM prime, secret_share_t *shares) {	// Array representing the polynomial a(x) = s + a_1 * x + ... + a_n-1 * x^n-1 mod p	BIGNUM **polynomial = malloc(n * sizeof(BIGNUM *));	BIGNUM **pp;	unsigned long i;	secret_share_t *sp;	// Set the secret value as the constant part of the polynomial	pp = polynomial;	*pp = BN_new();	BN_init(*pp);	BN_copy(*pp, s);	pp++;	// Initialize and generate some random values for coefficients a_x in the remaining polynomial	for (i = 1; i < t; i++) {		*pp = BN_new();		BN_init(*pp);		BN_rand_range(*pp, &prime);		pp++;	}	sp = shares;	// Now calculate n secret shares	for (i = 1; i <= n; i++) {		BN_init(&(sp->x));		BN_init(&(sp->y));		BN_set_word(&(sp->x), i);		calculatePolynomialValue(sp->x, polynomial, t, prime, &(sp->y));		sp++;	}	// Deallocate the resource of the polynomial	pp = polynomial;	for (i = 0; i < t; i++) {		BN_clear_free(*pp);		pp++;	}	free(polynomial);	return 0;}

/** * Helper method to calculate the y-value * for a given x-value and a polynomial * * @param x X-value * @param polynomial The underlying polynomial * @param t Threshold (determines the degree of the polynomial) * @param prime Prime for finite field arithmetic * @param y Pointer for storage of calculated y-value */static void calculatePolynomialValue(const BIGNUM x, BIGNUM **polynomial, const unsigned char t, const BIGNUM prime, BIGNUM *y) {	BIGNUM **pp;	BIGNUM temp;	BIGNUM exponent;	unsigned long exp;	BN_CTX *ctx;	// Create context for temporary variables of OpenSSL engine	ctx = BN_CTX_new();	BN_CTX_init(ctx);	BN_init(&temp);	BN_init(&exponent);	// Set y to ZERO	BN_zero(y);	/* Initialize the result using the secret value at position 0 of the polynomial */	pp = polynomial;	BN_copy(y, *pp);	pp++;	for (exp = 1; exp < t; exp++) {		BN_copy(&temp, &x);		BN_set_word(&exponent, exp);		// temp = x^exponent mod prime		BN_mod_exp(&temp, &x, &exponent, &prime, ctx);		// exponent = temp * a = a * x^exponent mod prime		BN_mod_mul(&exponent, &temp, *pp, &prime, ctx);		// add the temp value from exponent to y		BN_copy(&temp, y);		BN_mod_add(y, &temp, &exponent, &prime, ctx);		pp++;	}	BN_clear_free(&temp);	BN_clear_free(&exponent);	BN_CTX_free(ctx);}

int VN_BN_lcm( BIGNUM * zr,const BIGNUM * za,const BIGNUM * zb,BN_CTX * ctx ){	BIGNUM gcd, n;	BN_init( &gcd );	BN_init( &n );	BN_mul( &n, za, zb, ctx );	BN_gcd( &gcd, za, zb, ctx );	BN_div( zr, NULL, &n, &gcd, ctx );	BN_free( &gcd );	BN_free( &n );	return 0;}

void crypto_rsa_encrypt(uint8* input, int length, uint32 key_length, uint8* modulus, uint8* exponent, uint8* output){	BN_CTX* ctx;	int output_length;	uint8* input_reverse;	uint8* modulus_reverse;	uint8* exponent_reverse;	BIGNUM mod, exp, x, y;	input_reverse = (uint8*) xmalloc(2 * MODULUS_MAX_SIZE + EXPONENT_MAX_SIZE);	modulus_reverse = input_reverse + MODULUS_MAX_SIZE;	exponent_reverse = modulus_reverse + MODULUS_MAX_SIZE;	memcpy(modulus_reverse, modulus, key_length);	crypto_reverse(modulus_reverse, key_length);	memcpy(exponent_reverse, exponent, EXPONENT_MAX_SIZE);	crypto_reverse(exponent_reverse, EXPONENT_MAX_SIZE);	memcpy(input_reverse, input, length);	crypto_reverse(input_reverse, length);	ctx = BN_CTX_new();	BN_init(&mod);	BN_init(&exp);	BN_init(&x);	BN_init(&y);	BN_bin2bn(modulus_reverse, key_length, &mod);	BN_bin2bn(exponent_reverse, EXPONENT_MAX_SIZE, &exp);	BN_bin2bn(input_reverse, length, &x);	BN_mod_exp(&y, &x, &exp, &mod, ctx);	output_length = BN_bn2bin(&y, output);	crypto_reverse(output, output_length);	if (output_length < (int) key_length)		memset(output + output_length, 0, key_length - output_length);	BN_free(&y);	BN_clear_free(&x);	BN_free(&exp);	BN_free(&mod);	BN_CTX_free(ctx);	xfree(input_reverse);}

void VN_BN_gcdext( const BIGNUM * za, const BIGNUM * zb,	BIGNUM * zx, BIGNUM * zy, BIGNUM * gcd, BN_CTX * ctx ){	BIGNUM zs, old_s, zt, old_t, zr, old_r, quot, tmp;	BN_init( &zs );	BN_init( &old_s );	BN_init( &zt );	BN_init( &old_t );	BN_init( &zr );	BN_init( &old_r );	BN_init( &quot );	BN_init( &tmp );	BN_set_word( &zs, 0 );	BN_set_word( &old_s, 1 );	BN_set_word( &zt, 1 );	BN_set_word( &old_t, 0 );	BN_copy( &zr, zb );	BN_copy( &old_r, za );	while( ! BN_is_zero( &zr ) )	{		BN_div( &quot, &tmp, &old_r, &zr, ctx );		BN_mul( &tmp, &quot, &zr, ctx );		BN_sub( &tmp, &old_r, &tmp );		BN_copy( &old_r, &zr );		BN_copy( &zr, &tmp );		BN_mul( &tmp, &quot, &zs, ctx );		BN_sub( &tmp, &old_s, &tmp );		BN_copy( &old_s, &zs );		BN_copy( &zs, &tmp );		BN_mul( &tmp, &quot, &zt, ctx );		BN_sub( &tmp, &old_t, &tmp );		BN_copy( &old_t, &zt );		BN_copy( &zt, &tmp );	}	BN_copy( zx, &old_s );	BN_copy( zy, &old_t );	BN_copy( gcd, &old_r );	BN_free( &zs );	BN_free( &old_s );	BN_free( &zt );	BN_free( &old_t );	BN_free( &zr );	BN_free( &old_r );	BN_free( &quot );	BN_free( &tmp );}

bool key_from_base58(secp256k1_context *secpctx,		     const char *base58, size_t base58_len,		     bool *test_net, struct privkey *priv, struct pubkey *key){	u8 keybuf[1 + 32 + 1 + 4];	u8 csum[4];	BIGNUM bn;	bool compressed;	size_t keylen;		BN_init(&bn);	if (!raw_decode_base58(&bn, base58, base58_len))		return false;	keylen = BN_num_bytes(&bn);	if (keylen == 1 + 32 + 4)		compressed = false;	else if (keylen == 1 + 32 + 1 + 4)		compressed = true;	else		goto fail_free_bn;	BN_bn2bin(&bn, keybuf);	base58_get_checksum(csum, keybuf, keylen - sizeof(csum));	if (memcmp(csum, keybuf + keylen - sizeof(csum), sizeof(csum)) != 0)		goto fail_free_bn;	/* Byte after key should be 1 to represent a compressed key. */	if (compressed && keybuf[1 + 32] != 1)		goto fail_free_bn;	if (keybuf[0] == 128)		*test_net = false;	else if (keybuf[0] == 239)		*test_net = true;	else		goto fail_free_bn;	/* Copy out secret. */	memcpy(priv->secret, keybuf + 1, sizeof(priv->secret));	if (!secp256k1_ec_seckey_verify(secpctx, priv->secret))		goto fail_free_bn;	/* Get public key, too, since we know if it's compressed. */	if (!pubkey_from_privkey(secpctx, priv, key,				 compressed ? SECP256K1_EC_COMPRESSED : 0))		goto fail_free_bn;	BN_free(&bn);	return true;fail_free_bn:	BN_free(&bn);	return false;}

void CECKey::SetSecretBytes(const unsigned char vch[32]) {    bool ret;    BIGNUM bn;    BN_init(&bn);    ret = BN_bin2bn(vch, 32, &bn) != NULL;    assert(ret);    ret = EC_KEY_regenerate_key(pkey, &bn) != 0;    assert(ret);    BN_clear_free(&bn);}

static bool bp_block_valid_target(struct bp_block *block){	BIGNUM target, sha256;	BN_init(&target);	BN_init(&sha256);	u256_from_compact(&target, block->nBits);	bu256_bn(&sha256, &block->sha256);	int cmp = BN_cmp(&sha256, &target);	BN_clear_free(&target);	BN_clear_free(&sha256);	if (cmp > 0)			/* sha256 > target */		return false;	return true;}

int test_add(BIO *bp)	{	BIGNUM a,b,c;	int i;	BN_init(&a);	BN_init(&b);	BN_init(&c);	BN_bntest_rand(&a,512,0,0);	for (i=0; i<num0; i++)		{		BN_bntest_rand(&b,450+i,0,0);		a.neg=rand_neg();		b.neg=rand_neg();		BN_add(&c,&a,&b);		if (bp != NULL)			{			if (!results)				{				BN_print(bp,&a);				BIO_puts(bp," + ");				BN_print(bp,&b);				BIO_puts(bp," - ");				}			BN_print(bp,&c);			BIO_puts(bp,"/n");			}		a.neg=!a.neg;		b.neg=!b.neg;		BN_add(&c,&c,&b);		BN_add(&c,&c,&a);		if(!BN_is_zero(&c))		    {		    fprintf(stderr,"Add test failed!/n");		    return 0;		    }		}	BN_free(&a);	BN_free(&b);	BN_free(&c);	return(1);	}

void BN_CTX_init(BN_CTX *ctx)	{	int i;	ctx->tos = 0;	ctx->flags = 0;	ctx->depth = 0;	ctx->too_many = 0;	for (i = 0; i < BN_CTX_NUM; i++)		BN_init(&(ctx->bn[i]));	}

int BN_cmp_word(const BIGNUM *a, BN_ULONG b) {  BIGNUM b_bn;  BN_init(&b_bn);  b_bn.d = &b;  b_bn.width = b > 0;  b_bn.dmax = 1;  b_bn.flags = BN_FLG_STATIC_DATA;  return BN_cmp(a, &b_bn);}

static intdsa_builtin_keygen(DSA *dsa){	int ok = 0;	BN_CTX *ctx = NULL;	BIGNUM *pub_key = NULL, *priv_key = NULL;	if ((ctx = BN_CTX_new()) == NULL)		goto err;	if (dsa->priv_key == NULL) {		if ((priv_key = BN_new()) == NULL)			goto err;	} else		priv_key=dsa->priv_key;	do {		if (!BN_rand_range(priv_key, dsa->q))			goto err;	} while (BN_is_zero(priv_key));	if (dsa->pub_key == NULL) {		if ((pub_key = BN_new()) == NULL)			goto err;	} else		pub_key=dsa->pub_key;		{		BIGNUM local_prk;		BIGNUM *prk;		if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {			BN_init(&local_prk);			prk = &local_prk;			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);		} else			prk = priv_key;		if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx))			goto err;	}	dsa->priv_key = priv_key;	dsa->pub_key = pub_key;	ok = 1;err:	if (pub_key != NULL && dsa->pub_key == NULL)		BN_free(pub_key);	if (priv_key != NULL && dsa->priv_key == NULL)		BN_free(priv_key);	if (ctx != NULL)		BN_CTX_free(ctx);	return ok;}

int main(int argc, char ** argv) {	/* Generate 2 big random numbers (512 bits) */	primitive_p = initialize("1011011");	initialize_rand(SEED);	BIGNUM *p = get_long_prime_number(RSA_KEY_LENGTH);	printf("p=%s/n", BN_bn2hex(p));	BIGNUM *q = get_long_prime_number(RSA_KEY_LENGTH);	printf("q=%s/n", BN_bn2hex(q));	/* Compute phi = (p-1)*(q-1) and n = p*q */	BIGNUM *phi, *n;	BN_CTX *tmp;	tmp = BN_CTX_new();	n = BN_new();	phi = BN_new();	BN_copy(n, p);	BN_mul(n, n, q, tmp);	printf("n=%s/n", BN_bn2dec(n));	BN_sub_word(p, 1);	printf("p-1=%s/n", BN_bn2dec(p));	BN_sub_word(q, 1);	printf("q-1=%s/n", BN_bn2dec(q));	phi = BN_new();	BN_init(tmp);	BN_mul(phi, p, q, tmp);	printf("(p-1)(q-1)=%s/n", BN_bn2dec(phi));	/* Find the smallest integer coprime with phi */	BIGNUM * e = BN_new();	BIGNUM *gcd = BN_new();	BN_add_word(e, 3);	for ( ; ; BN_add_word(e, 2)) {		tmp = BN_CTX_new();		BN_gcd(gcd, e, phi, tmp);		if (BN_is_one(gcd))			break;	}	printf("e=%s/n", BN_bn2dec(e));	/* Find d, the inverse of e in Z_phi */	BIGNUM * d = BN_new();	BIGNUM * i = BN_new();	BIGNUM * rem = BN_new();	BIGNUM * prod = BN_new();	BN_add_word(i, 1);	for ( ; ; BN_add_word(i, 1)) {		BN_copy(prod, phi);		tmp = BN_CTX_new();		BN_mul(prod, prod, i, tmp);		BN_add_word(prod, 1);		BN_div(d, rem, prod, e, tmp);		if (BN_is_zero(rem)) {			break;		}	}	printf("d=%s/n", BN_bn2dec(d));	return 0;}

voidcrypto_rsa_encrypt(int len, uint8 * in, uint8 * out, uint32 modulus_size, uint8 * modulus, uint8 * exponent){#ifdef CRYPTO_OPENSSL	BN_CTX *ctx;	BIGNUM mod, exp, x, y;	uint8 inr[SEC_MAX_MODULUS_SIZE];	int outlen;	reverse(modulus, modulus_size);	reverse(exponent, SEC_EXPONENT_SIZE);	memcpy(inr, in, len);	reverse(inr, len);	ctx = BN_CTX_new();	BN_init(&mod);	BN_init(&exp);	BN_init(&x);	BN_init(&y);	BN_bin2bn(modulus, modulus_size, &mod);	BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);	BN_bin2bn(inr, len, &x);	BN_mod_exp(&y, &x, &exp, &mod, ctx);	outlen = BN_bn2bin(&y, out);	reverse(out, outlen);	if (outlen < (int) modulus_size)		memset(out + outlen, 0, modulus_size - outlen);	BN_free(&y);	BN_clear_free(&x);	BN_free(&exp);	BN_free(&mod);	BN_CTX_free(ctx);	#else /* built-in crypto */	ssl_rsa_encrypt(out, in, len, modulus_size, modulus, exponent);	#endif	}

static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,                                DSA_SIG *sig, DSA *dsa)	{	int v_len, d_len;	int to_return = 0;	int fd;	BIGNUM v, *pv = &v;	BN_init(&v);	if(!bn_wexpand(pv, dsa->p->top)) {		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL);		goto err;	}	v_len = BN_num_bits(dsa->p);	d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len);	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {                const DSA_METHOD *meth;		fd = 0;		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_UNIT_FAILURE);                meth = DSA_OpenSSL();                to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);		goto err;	}	if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */		(unsigned char *)dgst, d_len,		(unsigned char *)dsa->p->d, BN_num_bits(dsa->p), 		(unsigned char *)dsa->q->d, BN_num_bits(dsa->q),		(unsigned char *)dsa->g->d, BN_num_bits(dsa->g),		(unsigned char *)dsa->pub_key->d, BN_num_bits(dsa->pub_key),		(unsigned char *)sig->r->d, BN_num_bits(sig->r),		(unsigned char *)sig->s->d, BN_num_bits(sig->s),		(unsigned char *)v.d, &v_len) != 0) {                const DSA_METHOD *meth;		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_REQUEST_FAILED);                p_UBSEC_ubsec_close(fd);                meth = DSA_OpenSSL();                to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);		goto err;	}	p_UBSEC_ubsec_close(fd);	to_return = 1;err:	BN_clear_free(&v);	return to_return;	}

int test_sqr(BIO *bp, BN_CTX *ctx)	{	BIGNUM a,c,d,e;	int i;	BN_init(&a);	BN_init(&c);	BN_init(&d);	BN_init(&e);	for (i=0; i<num0; i++)		{		BN_bntest_rand(&a,40+i*10,0,0);		a.neg=rand_neg();		BN_sqr(&c,&a,ctx);		if (bp != NULL)			{			if (!results)				{				BN_print(bp,&a);				BIO_puts(bp," * ");				BN_print(bp,&a);				BIO_puts(bp," - ");				}			BN_print(bp,&c);			BIO_puts(bp,"/n");			}		BN_div(&d,&e,&c,&a,ctx);		BN_sub(&d,&d,&a);		if(!BN_is_zero(&d) || !BN_is_zero(&e))		    {		    fprintf(stderr,"Square test failed!/n");		    return 0;		    }		}	BN_free(&a);	BN_free(&c);	BN_free(&d);	BN_free(&e);	return(1);	}

int main(){    BIGNUM *x, *y, *exp, *m;    BIGNUM t;    COMPLEX a, b, r;    BN_init( &t );    x = BN_new();    y = BN_new();    exp = BN_new();    m = BN_new();    COMP_init( &a );    COMP_init( &b );    COMP_init( &r );    if ( Context == NULL )    	Context = BN_CTX_new();    if(!BN_set_word(m, 43l))    	goto err;    BN_set_word(x, 38l);    BN_set_word(y, 13l);    BN_set_word(exp, 168l);    BN_copy( &t ,m );    if (!COMP_set(&a, x, y, m))    	goto err;    if (!COMP_pow(&r, &a, exp, m))    	goto err;    BN_free( &t );    BN_free( x );    BN_free( y );    BN_free( exp );    BN_free( m );    COMP_free( &a );    COMP_free( &b );    COMP_free( &r );	return 0;err:	BN_free( &t );	BN_free( x );	BN_free( y );	BN_free( exp );	BN_free( m );	COMP_free( &a );	COMP_free( &b );	COMP_free( &r );	return 0;}

void VN_BN_bin2hex( const unsigned char * bin, int length, struct vn_iovec * hex ){	BIGNUM tmp;	BN_init( &tmp );	BN_bin2bn( bin, length, &tmp );	VN_BN_dump_hex( &tmp, hex );	BN_free( &tmp );}

EC_POINT *GFp_suite_b_make_point(const EC_GROUP *group,                                 const uint8_t *peer_public_key_x,                                 size_t peer_public_key_x_len,                                 const uint8_t *peer_public_key_y,                                 size_t peer_public_key_y_len) {  BIGNUM x;  BN_init(&x);  BIGNUM y;  BN_init(&y);  int ok = 0;  EC_POINT *result = EC_POINT_new(group);  if (result == NULL) {    goto err;  }  /* |ec_GFp_simple_point_set_affine_coordinates| verifies that (x, y) is on   * the curve and that each coordinate is a valid field element (i.e.   * non-negative and less than `q`). The point cannot be the point at infinity   * because it was given as affine coordinates. */  if (BN_bin2bn(peer_public_key_x, peer_public_key_x_len, &x) == NULL ||      BN_bin2bn(peer_public_key_y, peer_public_key_y_len, &y) == NULL ||      !ec_GFp_simple_point_set_affine_coordinates(group, result, &x, &y,                                                  NULL)) {    goto err;  }  ok = 1;err:  BN_free(&x);  BN_free(&y);  if (!ok) {    EC_POINT_free(result);    result = NULL;  }  return result;}

doublevg_prefix_get_difficulty(int addrtype, const char *pattern){	BN_CTX *bnctx;	BIGNUM result, bntmp;	BIGNUM *ranges[4];	char *dbuf;	int ret;	double diffret = 0.0;	bnctx = BN_CTX_new();	BN_init(&result);	BN_init(&bntmp);	ret = get_prefix_ranges(addrtype,				pattern, ranges, bnctx);	if (ret == 0) {		BN_sub(&bntmp, ranges[1], ranges[0]);		BN_add(&result, &result, &bntmp);		if (ranges[2]) {			BN_sub(&bntmp, ranges[3], ranges[2]);			BN_add(&result, &result, &bntmp);		}		free_ranges(ranges);		BN_clear(&bntmp);		BN_set_bit(&bntmp, 192);		BN_div(&result, NULL, &bntmp, &result, bnctx);		dbuf = BN_bn2dec(&result);		diffret = strtod(dbuf, NULL);		OPENSSL_free(dbuf);	}	BN_clear_free(&result);	BN_clear_free(&bntmp);	BN_CTX_free(bnctx);	return diffret;}