@@ -121,8 +121,16 @@ mp_err mp_prime_is_prime(const mp_int *a, int t, bool *result)
121121 }
122122#endif
123123
124- /* run at least one Miller-Rabin test with a random base */
124+
125125 if (t == 0 ) {
126+ #ifndef LTM_USE_ONLY_MR
127+ /* The BPSW version as used here has no counter-example below 2^64 */
128+ if (mp_count_bits (a ) < 64 ) {
129+ * result = true;
130+ goto LBL_B ;
131+ }
132+ #endif
133+ /* run at least one Miller-Rabin test with a random base if n > 2^64 */
126134 t = 1 ;
127135 }
128136
@@ -131,35 +139,82 @@ mp_err mp_prime_is_prime(const mp_int *a, int t, bool *result)
131139
132140 It uses the bases necessary for a deterministic M-R test if the input is
133141 smaller than 3317044064679887385961981
134- The caller has to check the size.
135- TODO: can be made a bit finer grained but comparing is not free.
142+ The caller has to check the maximum size.
136143 */
137144 if (t < 0 ) {
138- int p_max = 0 ;
145+ int p_max = 0 , bits ;
146+ bits = mp_count_bits (a );
139147
140- /*
141- Sorenson, Jonathan; Webster, Jonathan (2015).
142- "Strong Pseudoprimes to Twelve Prime Bases".
143- */
144- /* 0x437ae92817f9fc85b7e5 = 318665857834031151167461 */
145- if ((err = mp_read_radix (& b , "437ae92817f9fc85b7e5" , 16 )) != MP_OKAY ) {
148+ #ifndef LTM_USE_ONLY_MR
149+ if (bits < 64 ) {
150+ /* Just complete the BPSW test */
151+ if ((err = mp_prime_extra_strong_lucas (a , & res )) != MP_OKAY ) {
152+ goto LBL_B ;
153+ }
154+ * result = res ;
146155 goto LBL_B ;
147156 }
157+ #else
158+ /* Base 2 has been done already at this point */
148159
149- if (mp_cmp (a , & b ) == MP_LT ) {
150- p_max = 12 ;
151- } else {
160+ mp_digit bases32 = {7u , 61u };
161+ /* 2, 325, 9375, 28178, 450775, 9780504, 1795265022 found by Jim Sinclair 2011 */
162+ uint32_t bases64 = {325ull , 9375ull , 28178ull , 450775ull , 9780504ull , 1795265022ull };
163+ if (bits < 32 ) {
164+ for (ix = 0 ; ix < 2 ; ix ++ ) {
165+ mp_set (& b , bases32 [ix ]);
166+ if ((err = mp_prime_miller_rabin (a , & b , & res )) != MP_OKAY ) {
167+ goto LBL_B ;
168+ }
169+ if (!res ) {
170+ goto LBL_B ;
171+ }
172+ }
173+ * result = true;
174+ goto LBL_B ;
175+ } else if ((bits >= 32 ) && (bits < 64 )) {
176+ for (ix = 0 ; ix < 6 ; ix ++ ) {
177+ mp_set_u32 (& b , bases64 [ix ]);
178+ if ((err = mp_prime_miller_rabin (a , & b , & res )) != MP_OKAY ) {
179+ goto LBL_B ;
180+ }
181+ if (!res ) {
182+ goto LBL_B ;
183+ }
184+ }
185+ * result = true;
186+ goto LBL_B ;
187+ }
188+ #endif
189+ /*
190+ Sorenson, Jonathan; Webster, Jonathan, "Strong Pseudoprimes to Twelve Prime Bases". (2015) https://arxiv.org/abs/1509.00864
191+ Z. Zhang, "Finding strong pseudoprimes to several bases," Math. Comp., 70:234 (2001) 863--87
192+ Z. Zhang, "Finding C3-strong pseudoprimes," Math. Comp., 74:250 (2005) 1009--1024
193+ Zhang, Zhenxiang, "Two kinds of strong pseudoprimes up to 10^36," Math. Comp., 76:260 (2007) 2095--2107
194+ */
195+ /*
196+ Comparing bigints is not free, so give the magnitude of "n" a rough check
197+ before spending computing time.
198+ */
199+ if (bits <= 78 ) {
200+ /* 0x437ae92817f9fc85b7e5 = 318665857834031151167461 */
201+ if ((err = mp_read_radix (& b , "437ae92817f9fc85b7e5" , 16 )) != MP_OKAY ) {
202+ goto LBL_B ;
203+ }
204+ if (mp_cmp (a , & b ) == MP_LT ) {
205+ p_max = 12 ;
206+ }
207+ } else if ((bits > 78 ) && (bits < 82 )) {
152208 /* 0x2be6951adc5b22410a5fd = 3317044064679887385961981 */
153209 if ((err = mp_read_radix (& b , "2be6951adc5b22410a5fd" , 16 )) != MP_OKAY ) {
154210 goto LBL_B ;
155211 }
156-
157212 if (mp_cmp (a , & b ) == MP_LT ) {
158213 p_max = 13 ;
159- } else {
160- err = MP_VAL ;
161- goto LBL_B ;
162214 }
215+ } else {
216+ err = MP_VAL ;
217+ goto LBL_B ;
163218 }
164219
165220 /* we did bases 2 and 3 already, skip them */
0 commit comments