random_prime.py

1. from os import urandom
2. from functools import reduce
3. from gmpy2 import gcd, mpz, xmpz, is_strong_prp, is_strong_selfridge_prp
4.  
5. SMALL_PRIMES = [ # the smallest 100 primes
6.       2,   3,   5,   7,  11,  13,  17,  19,  23,  29,
7.      31,  37,  41,  43,  47,  53,  59,  61,  67,  71,
8.      73,  79,  83,  89,  97, 101, 103, 107, 109, 113,
9.     127, 131, 137, 139, 149, 151, 157, 163, 167, 173,
10.     179, 181, 191, 193, 197, 199, 211, 223, 227, 229,
11.     233, 239, 241, 251, 257, 263, 269, 271, 277, 281,
12.     283, 293, 307, 311, 313, 317, 331, 337, 347, 349,
13.     353, 359, 367, 373, 379, 383, 389, 397, 401, 409,
14.     419, 421, 431, 433, 439, 443, 449, 457, 461, 463,
15.     467, 479, 487, 491, 499, 503, 509, 521, 523, 541,
16. ]
17. SMALL_PRIMES_PRODUCT = reduce(lambda a, b: a*b, map(mpz, SMALL_PRIMES))
18.  
19.  
20. def random_prime(bits: int) -> mpz:
21.     q, r = divmod(bits, 8)
22.     initial_bytes = bytearray(urandom(q + (r > 0)))
23.  
24.     if r:
25.         initial_bytes[0] &= (1 << r) - 1   # clear top bits
26.         initial_bytes[0] |= (1 << (r - 1)) # ensure highest bit is set
27.     else:
28.         initial_bytes[0] |= 128
29.  
30.     initial_bytes[-1] |= 1 # ensure lowest bit is set
31.  
32.     p = xmpz(int.from_bytes(initial_bytes, 'big', signed=False))
33.     pmax = (1 << bits)
34.     while p < pmax:
35.         if gcd(p, SMALL_PRIMES_PRODUCT) > 1:
36.             p += 2
37.             continue
38.        
39.         if not all([is_strong_prp(p, m) for m in SMALL_PRIMES]):
40.             p += 2
41.             continue
42.  
43.         if not is_strong_selfridge_prp(p):
44.             p += 2
45.             continue
46.  
47.         return p.make_mpz()
48.  
49.     return mpz(-1)