feat: RSA digital signature system (#21)

* feat: rsa api * docs: lib readme with rsa references * feat: [wip] rsa key generation * merge branch 'main' into 'feat/rsa-system' * feat: arithmetics math module * feat: random math module * feat: primes math module * chore: add math to the makefile build * feat: biguint define pow, is_even,div,mod * fix: math primes comparisons * feat: rsa key generation with biguints * fix: various on math * fix: biguint header * fix: various * fix: biguint pow operation * test: biguint new functions * feat: uint wrappers for new biguint functions * fix: math arithmetics algs * fix: biguint string representation null char * chore: references * test: math arithmetics and random * feat: ann variable macro * feat: random number up to certain bit size * feat: biguint pow_mod operation * feat: more primes for initial check * fix: is_prime solovay_strassen test * test: primes * feat: pow_mod wrapper in uint * feat: pow_mod unit tests * fix: is_prime minor details * feat: define mod operations for sum,sub and mod * feat: define mod operations for sum,sub and mod * test: biguint new mod operations * feat: define uint wrappers for new biguint functions * refactor: move mod arg to the end in pow_mod ops * feat: get modular inverse function * fix: init in random prime number * feat: include sign in euclidean algorithm to get modular values of sk and tk * feat: we have rsa key generation thou is super slow * chore: add digital-signature to makefile * chore: references and resources * chore: fix deps order when building
MarcosNicolau · Jan 26, 2025 · 1e3f23c · 1e3f23c
1 parent 6495906
commit 1e3f23c
Show file tree

Hide file tree

Showing 25 changed files with 1,527 additions and 8 deletions.
diff --git a/Makefile b/Makefile
@@ -1,7 +1,7 @@
 # Project settings
 PROJECT_NAME = almunecar
 BUILD_DIR = build
-LIBS = utils primitive-types hashes # List of libraries in dependency order
+LIBS = utils primitive-types math hashes digital-signature # List of libraries in dependency order
 SRC_DIR = src
 INCLUDE_DIR = include
 TEST_DIR = tests
@@ -34,12 +34,16 @@ help:
 
 build: headers $(patsubst %, $(LIB_BUILD_DIR)/lib%.so, $(LIBS)) ## Build all libraries
 
+build_%: 
+	@$(MAKE) headers_$*
+	@$(MAKE) $(LIB_BUILD_DIR)/lib$*.so
+
 install: headers_install $(patsubst %, $(INSTALL_LIB_DIR)/libalmunecar_%.so, $(LIBS)) ## Build all libraries
 
 # Build shared library for each lib into build directory
 $(LIB_BUILD_DIR)/lib%.so: $(OBJ_BUILD_DIR)/% | $(LIB_BUILD_DIR) $(OBJ_BUILD_DIR)
 	$(eval include libs/$*/deps.mk)
-	@$(CC) $(LDFLAGS) -L$(LIB_BUILD_DIR) $(patsubst %, -l%, $(DEPS)) -o $@ $(wildcard $(OBJ_BUILD_DIR)/$*/*.o)
+	@$(CC) $(LDFLAGS) $(wildcard $(OBJ_BUILD_DIR)/$*/*.o) -L$(LIB_BUILD_DIR) $(patsubst %, -l%, $(DEPS)) -o $@
 
 # Build objects of each library into build dir
 $(OBJ_BUILD_DIR)/%: 
@@ -51,7 +55,7 @@ $(OBJ_BUILD_DIR)/%:
 # Build shared library for each lib into INSTALL_LIB_DIR directory
 $(INSTALL_LIB_DIR)/libalmunecar_%.so: $(OBJ_BUILD_DIR)/%
 	$(eval include libs/$*/deps.mk)
-	@$(CC) $(LDFLAGS) -L$(INSTALL_LIB_DIR) $(patsubst %, -l%, $(DEPS)) -o $@ $(wildcard $(OBJ_BUILD_DIR)/$*/*.o)
+	@$(CC) $(LDFLAGS) $(wildcard $(OBJ_BUILD_DIR)/$*/*.o) -L$(INSTALL_LIB_DIR) $(patsubst %, -l%, $(DEPS)) -o $@ 
 
 # Create necessary directories
 $(LIB_BUILD_DIR) $(INCLUDE_BUILD_DIR) $(OBJ_BUILD_DIR) $(TESTS_BUILD_DIR):
@@ -60,10 +64,14 @@ $(LIB_BUILD_DIR) $(INCLUDE_BUILD_DIR) $(OBJ_BUILD_DIR) $(TESTS_BUILD_DIR):
 # Copy headers to the include directory
 headers: $(INCLUDE_BUILD_DIR)
 	@for lib in $(LIBS); do \
-		mkdir -p $(INCLUDE_BUILD_DIR)/$$lib; \
-		cp libs/$$lib/$(INCLUDE_DIR)/*.h $(INCLUDE_BUILD_DIR)/$$lib/; \
+		$(MAKE) headers_$$lib; \
 	done
 
+headers_%: $(INCLUDE_BUILD_DIR)
+	@mkdir -p $(INCLUDE_BUILD_DIR)/$*
+	@cp libs/$*/$(INCLUDE_DIR)/*.h $(INCLUDE_BUILD_DIR)/$*/
+
+
 # Copy headers to the include directory in /usr/local/include/almunecar
 headers_install:
 	@for lib in $(LIBS); do \
@@ -90,6 +98,9 @@ test_%: build $(TESTS_BUILD_DIR)
 		$(eval include libs/$*/deps.mk) \
 		$(CC) $(CFLAGS) -I$(INCLUDE_BUILD_DIR) -o $(TESTS_BUILD_DIR)/$*/$$(basename $$test .c) $$test -L$(LIB_BUILD_DIR) $(patsubst %, -l%, $(DEPS)) -l$*; \
 		FAIL_FAST=$(FAIL_FAST) LD_LIBRARY_PATH=$(LIB_BUILD_DIR) $(TESTS_BUILD_DIR)/$*/$$(basename $$test .c); \
+		if [ $$? -ne 0 ]; then \
+			exit 1; \
+		fi; \
 	done
 
 check_fmt: ## Checks formatting and outputs the diff

diff --git a/libs/digital-signature/deps.mk b/libs/digital-signature/deps.mk
@@ -0,0 +1 @@
+DEPS := utils primitive-types math
diff --git a/libs/digital-signature/include/rsa.h b/libs/digital-signature/include/rsa.h
@@ -0,0 +1,42 @@
+#ifndef RSA_H
+#define RSA_H
+
+#include <math/arithmetics.h>
+#include <math/primes.h>
+#include <primitive-types/biguint.h>
+
+typedef struct {
+    BigUint n;
+    BigUint e;
+} RSAPublicKey;
+
+typedef struct {
+    BigUint d;
+} RSAPrivateKey;
+
+typedef struct {
+    RSAPublicKey pub;
+    RSAPrivateKey priv;
+    unsigned int bit_size;
+} RSAKeyPair;
+
+#define rsa_key_pair_new(BIT_SIZE)                                                                                     \
+    (RSAKeyPair) {                                                                                                     \
+        .bit_size = BIT_SIZE, .pub = {.e = biguint_new(BIT_SIZE / 64), .n = biguint_new(BIT_SIZE / 64)}, .priv = {     \
+            .d = biguint_new(BIT_SIZE / 64)                                                                            \
+        }                                                                                                              \
+    }
+
+void rsa_gen_key_pair(RSAKeyPair *key_pair);
+void rsa_encrypt_msg_PKCS1v15(uint8_t *msg, RSAPrivateKey priv, uint8_t *buffer);
+void rsa_decrypt_msg_PKCS1v15(RSAPublicKey *pub, uint8_t *msg, uint8_t *buffer);
+void rsa_sign_PKCS1v15(RSAPrivateKey *priv, void *msg, uint8_t *buffer);
+/**
+ * @returns
+ *  - 1: valid signature
+ *
+ *  - 0: invalid signature
+ */
+int rsa_verify_signature_PKCS1v15(uint8_t *signature, uint8_t *msg, RSAPublicKey *pub);
+
+#endif
diff --git a/libs/digital-signature/readme.md b/libs/digital-signature/readme.md
@@ -0,0 +1,7 @@
+## Reference
+
+- RSA:
+  - [wikipedia](https://github.com/RustCrypto/RSA/)
+  - [FIPS 186-5](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf)
+  - [PKCS #1: RSA Cryptography Specifications Version 2.2](https://www.rfc-editor.org/rfc/rfc8017)
+  - [Rust implementation](https://github.com/RustCrypto/RSA/)
diff --git a/libs/digital-signature/src/rsa.c b/libs/digital-signature/src/rsa.c
@@ -0,0 +1,77 @@
+#include <rsa.h>
+
+#define e_const 65537
+
+/**
+ * Rsa builds upon the fact that it is easy to find three larger integers e,d,n such that for any another integer
+ * m 0 <= m < n:
+ *                                                  (m^e)^d = m (mod n)
+ *
+ * However, when given e and n, it is not feasible to derive d.
+ *
+ * e and n form the Public key and d defines the Private key.
+ * m is defined as the message.
+ *
+ * From this principle, rsa protocol defines the following operations:
+ * 1. Key generation
+ * 2. Encryption/Decryption of messages
+ * 3. Signing/Verifying messages recipients
+ */
+
+// Generating a key pair consists of:
+// 1. generating two random prime number p,q
+// 2. computing n as n = p*q
+// 3. computing Carmichael's totient of n (lambda_n)
+// 4. picking an e such that 1 < e < lambda_n and gcd(e, lambda_n) = 1
+// 5. finding d as the multiplicative inverse of e
+// 6. releasing the public key as n,e and the private key as n,d
+void rsa_gen_key_pair(RSAKeyPair *key_pair) {
+    int key_size_in_bytes = key_pair->bit_size / 64;
+
+    // prime numbers have to be half the size of the desired key to prevent multiplication overflows
+    BigUint p = biguint_new_heap(key_size_in_bytes / 2);
+    BigUint q = biguint_new_heap(key_size_in_bytes / 2);
+    biguint_random_prime(&p);
+    biguint_random_prime(&q);
+
+    BigUint n = biguint_new_heap(key_size_in_bytes);
+    biguint_cpy(&n, p);
+    biguint_mul(&n, q);
+
+    // Carmichael's totient (lambda) of n outputs the smallest integer m, such that for every integer coprime to n, it
+    // holds that:
+    //                                          (a^m = 1 (mod n))
+    // because n = p*q => lambda(n) = lcm(lambda(p) * lambda(q)), since p,q are prime then lambda(p) = p - 1 and
+    // lambda(q) = q - 1 hance lambda(n) = lcm(p - 1, q - 1)
+    //
+    // https://en.wikipedia.org/wiki/Carmichael_function
+    BigUint one = biguint_new_heap(key_size_in_bytes);
+    biguint_one(&one);
+    biguint_sub(&p, one);
+    biguint_sub(&q, one);
+
+    BigUint lambda_n = biguint_new_heap(key_size_in_bytes);
+    biguint_lcm(p, q, &lambda_n);
+
+    // Now we need to compute the private exponent d as
+    // d = e^(-1) (mod lambda_n)
+    // (i.e e is the multiplicative inverse of `d` in Z_{lambda_n} so d*e = 1 (mod lambda_n))
+    //
+    // Bezout identity states that given two integers a,b that are coprime then there exist two integers x, y such that:
+    //                             ax + by = gcd(a,b) or ax = gcd(a, b) (mod b)
+    //
+    // Because lambda_n and e are comprime => gcd(e, lambda_n) = 1, so ax = 1 (mod n)
+    // so if we can compute x we get d.
+    //
+    // Using the extended euclidean algorithm we can compute both x,y obtaining d
+    BigUint e = biguint_new_heap(key_size_in_bytes);
+    BigUint d = biguint_new_heap(key_size_in_bytes);
+    biguint_from_u64(e_const, &e);
+    biguint_inverse_mod(e, lambda_n, &d);
+
+    biguint_cpy(&key_pair->pub.n, n);
+    biguint_cpy(&key_pair->pub.e, e);
+    biguint_cpy(&key_pair->priv.d, d);
+
+    biguint_free(&p, &q, &n, &one, &lambda_n, &e, &d);
+}
diff --git a/libs/digital-signature/tests/rsa.c b/libs/digital-signature/tests/rsa.c
@@ -0,0 +1,19 @@
+#include <digital-signature/rsa.h>
+#include <utils/test.h>
+
+void test_key_generation() {
+    RSAKeyPair key_pair = rsa_key_pair_new(512);
+    rsa_gen_key_pair(&key_pair);
+
+    biguint_println(key_pair.pub.n);
+    biguint_println(key_pair.pub.e);
+    biguint_println(key_pair.priv.d);
+}
+
+int main() {
+    BEGIN_TEST()
+    test(test_key_generation);
+    END_TEST()
+
+    return 0;
+}
diff --git a/libs/math/deps.mk b/libs/math/deps.mk
@@ -0,0 +1 @@
+DEPS := utils primitive-types
diff --git a/libs/math/include/arithmetics.h b/libs/math/include/arithmetics.h
@@ -0,0 +1,64 @@
+#ifndef ARITHMETICS_H
+#define ARITHMETICS_H
+
+#include <primitive-types/biguint.h>
+
+/**
+ * Computes the least common multiple between two number via the euclidean algorithm
+ * and the relation lcm(a,b) = |ab|/gcd(a,b)
+ * https://en.wikipedia.org/wiki/Least_common_multiple
+ */
+void biguint_lcm(BigUint a, BigUint b, BigUint *out);
+
+// computes the greatest common divisor between a and b via the euclidean algorithm
+// https://en.wikipedia.org/wiki/Euclidean_algorithm
+void biguint_gcd(BigUint a, BigUint b, BigUint *out);
+
+typedef struct {
+    BigUint rk;
+    BigUint sk;
+    int sk_sign; // -1 if negative, 1 if positive
+    BigUint tk;
+    int tk_sign; // -1 if negative, 1 if positive
+} ExtendedEuclideanAlgorithm;
+
+#define extended_euclidean_algorithm_new_heap(SIZE)                                                                    \
+    (ExtendedEuclideanAlgorithm) {                                                                                     \
+        .rk = biguint_new_heap(SIZE), .sk = biguint_new_heap(SIZE), .tk = biguint_new_heap(SIZE)                       \
+    }
+
+#define extended_euclidean_algorithm_new(SIZE)                                                                         \
+    (ExtendedEuclideanAlgorithm) { .rk = biguint_new(SIZE), .sk = biguint_new(SIZE), .tk = biguint_new(SIZE) }
+
+#define extended_euclidean_algorithm_free(str) biguint_free(&str.rk, &str.sk, &str.tk)
+
+void biguint_extended_euclidean_algorithm(BigUint a, BigUint b, ExtendedEuclideanAlgorithm *out);
+
+/**
+ * Computes the modular inverse of a number `a` modulo `b` using the modular version of the Extended Euclidean
+ * Algorithm.
+ *
+ * If such an inverse exists, it is stored in `out`. If `a` does not have an inverse modulo `b` (i.e., if `a` and `n`
+ * are not coprime), `out` is set to zero.
+ *
+ * @param a The number for which the modular inverse is to be computed (BigUint).
+ * @param n The modulus (BigUint). The inverse is computed modulo this value.
+ * @param out Pointer to the BigUint where the result will be stored.
+ *
+ * @example
+ * ```
+ * BigUint a = biguint_new(3);
+ * BigUint b = biguint_new(11);
+ * BigUint inverse;
+ * biguint_inverse_mod(a, b, &inverse);  // `inverse` is now 4, since 3 * 4 ≡ 1 mod 11
+ *
+ * BigUint c = biguint_new(2);
+ * BigUint d = biguint_new(4);
+ * biguint_inverse_mod(c, d, &inverse);  // `inverse` is now 0, since 2 and 4 are not coprime
+ * ```
+ *
+ * https://en.wikipedia.org/wiki/Extended_Euclidean_algorithm#
+ */
+void biguint_inverse_mod(BigUint a, BigUint b, BigUint *out);
+
+#endif
diff --git a/libs/math/include/primes.h b/libs/math/include/primes.h
@@ -0,0 +1,70 @@
+
+#ifndef PRIMES_H
+#define PRIMES_H
+
+#include <primitive-types/biguint.h>
+
+#include <stddef.h>
+
+#define PRIMES_LENGTH 1000
+const unsigned int PRIMES[PRIMES_LENGTH] = {
+    2,    3,    5,    7,    11,   13,   17,   19,   23,   29,   31,   37,   41,   43,   47,   53,   59,   61,   67,
+    71,   73,   79,   83,   89,   97,   101,  103,  107,  109,  113,  127,  131,  137,  139,  149,  151,  157,  163,
+    167,  173,  179,  181,  191,  193,  197,  199,  211,  223,  227,  229,  233,  239,  241,  251,  257,  263,  269,
+    271,  277,  281,  283,  293,  307,  311,  313,  317,  331,  337,  347,  349,  353,  359,  367,  373,  379,  383,
+    389,  397,  401,  409,  419,  421,  431,  433,  439,  443,  449,  457,  461,  463,  467,  479,  487,  491,  499,
+    503,  509,  521,  523,  541,  547,  557,  563,  569,  571,  577,  587,  593,  599,  601,  607,  613,  617,  619,
+    631,  641,  643,  647,  653,  659,  661,  673,  677,  683,  691,  701,  709,  719,  727,  733,  739,  743,  751,
+    757,  761,  769,  773,  787,  797,  809,  811,  821,  823,  827,  829,  839,  853,  857,  859,  863,  877,  881,
+    883,  887,  907,  911,  919,  929,  937,  941,  947,  953,  967,  971,  977,  983,  991,  997,  1009, 1013, 1019,
+    1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151,
+    1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283, 1289,
+    1291, 1297, 1301, 1303, 1307, 1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423, 1427, 1429, 1433, 1439,
+    1447, 1451, 1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559, 1567,
+    1571, 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693, 1697, 1699,
+    1709, 1721, 1723, 1733, 1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811, 1823, 1831, 1847, 1861, 1867,
+    1871, 1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003,
+    2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129, 2131, 2137, 2141,
+    2143, 2153, 2161, 2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297,
+    2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423, 2437,
+    2441, 2447, 2459, 2467, 2473, 2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579, 2591, 2593, 2609, 2617,
+    2621, 2633, 2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729, 2731,
+    2741, 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861, 2879, 2887,
+    2897, 2903, 2909, 2917, 2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011, 3019, 3023, 3037, 3041, 3049,
+    3061, 3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221,
+    3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347, 3359, 3361, 3371,
+    3373, 3389, 3391, 3407, 3413, 3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533,
+    3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607, 3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671, 3673,
+    3677, 3691, 3697, 3701, 3709, 3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797, 3803, 3821, 3823, 3833,
+    3847, 3851, 3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989, 4001,
+    4003, 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129, 4133, 4139,
+    4153, 4157, 4159, 4177, 4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259, 4261, 4271, 4273, 4283, 4289,
+    4297, 4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409, 4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481,
+    4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621, 4637, 4639, 4643,
+    4649, 4651, 4657, 4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799,
+    4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967, 4969,
+    4973, 4987, 4993, 4999, 5003, 5009, 5011, 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087, 5099, 5101, 5107, 5113,
+    5119, 5147, 5153, 5167, 5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233, 5237, 5261, 5273, 5279, 5281, 5297, 5303,
+    5309, 5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399, 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443, 5449, 5471,
+    5477, 5479, 5483, 5501, 5503, 5507, 5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573, 5581, 5591, 5623, 5639, 5641,
+    5647, 5651, 5653, 5657, 5659, 5669, 5683, 5689, 5693, 5701, 5711, 5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
+    5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849, 5851, 5857, 5861, 5867, 5869, 5879, 5881, 5897, 5903, 5923, 5927,
+    5939, 5953, 5981, 5987, 6007, 6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073, 6079, 6089, 6091, 6101, 6113, 6121,
+    6131, 6133, 6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211, 6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271, 6277,
+    6287, 6299, 6301, 6311, 6317, 6323, 6329, 6337, 6343, 6353, 6359, 6361, 6367, 6373, 6379, 6389, 6397, 6421, 6427,
+    6449, 6451, 6469, 6473, 6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563, 6569, 6571, 6577, 6581, 6599, 6607, 6619,
+    6637, 6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701, 6703, 6709, 6719, 6733, 6737, 6761, 6763, 6779, 6781, 6791,
+    6793, 6803, 6823, 6827, 6829, 6833, 6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907, 6911, 6917, 6947, 6949, 6959,
+    6961, 6967, 6971, 6977, 6983, 6991, 6997, 7001, 7013, 7019, 7027, 7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121,
+    7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207, 7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253, 7283, 7297, 7307,
+    7309, 7321, 7331, 7333, 7349, 7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457, 7459, 7477, 7481, 7487, 7489, 7499,
+    7507, 7517, 7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561, 7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621, 7639,
+    7643, 7649, 7669, 7673, 7681, 7687, 7691, 7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757, 7759, 7789, 7793, 7817,
+    7823, 7829, 7841, 7853, 7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919};
+
+#define SOLOVAY_STRASSEN_TEST_SAMPLES 100
+
+void biguint_random_prime(BigUint *a);
+int biguint_is_prime(BigUint a);
+
+#endif
diff --git a/libs/math/include/random.h b/libs/math/include/random.h
@@ -0,0 +1,16 @@
+#ifndef RANDOM_H
+#define RANDOM_H
+
+#include <primitive-types/biguint.h>
+#include <stdint.h>
+#include <stdio.h>
+
+/**
+ * Generates a random number by reading bytes from /dev/urandom
+ * See https://en.wikipedia.org/wiki//dev/random
+ */
+uint64_t u64_random();
+void biguint_random(BigUint *a);
+void biguint_random_with_max_bits(BigUint *a, int max_bits);
+
+#endif
diff --git a/libs/math/readme.md b/libs/math/readme.md
@@ -1 +1,24 @@
-## Math
+## Resources/references
+
+- **arithmetics**:
+
+  - [Least common multiple](https://en.wikipedia.org/wiki/Least_common_multiple)
+  - [Greatest common divisor](https://en.wikipedia.org/wiki/Greatest_common_divisor)
+  - [Modular arithmetic](https://en.wikipedia.org/wiki/Modular_arithmetic)
+  - [Euclidean algorithm](https://en.wikipedia.org/wiki/Euclidean_algorithm)
+  - [Extended Euclidean algorithm](https://en.wikipedia.org/wiki/Extended_Euclidean_algorithm#)
+
+- **random**:
+
+  - [Wikipedia article on /dev/random](https://en.wikipedia.org/wiki//dev/random)
+  - [NIST SP 800-90Ar1](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf)
+  - [Random number generation: Computational methods](https://en.wikipedia.org/wiki/Random_number_generation#Computational_methods)
+  - [Sockpuppet blog: Safely generate random numbers](https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)
+
+- **primes**:
+
+  - [Solovay–Strassen primality test](https://en.wikipedia.org/wiki/Solovay%E2%80%93Strassen_primality_test)
+  - [RSA paper (page 9)](https://web.archive.org/web/20230127011251/http://people.csail.mit.edu/rivest/Rsapaper.pdf)
+  - [Jacobi symbol](https://en.wikipedia.org/wiki/Jacobi_symbol)
+  - [Legendre symbol](https://en.wikipedia.org/wiki/Legendre_symbol)
+  - [Quadratic residue](https://en.wikipedia.org/wiki/Quadratic_residue)