This library provides a way to easily handle arbitrary large integers.

This library provides the following operations :

  • addition, substraction, multiplication, division and modulo
  • bits operators (AND, OR, XOR, left and right shifts)
  • boolean operators
  • modular exponentiation (using montgomery algorithm)
  • modular inverse


In this example, we use a 1024 bits long RSA key to encrypt and decrypt a message. We first encrypt the value 0x41 (65 in decimal) and then decrypt it. At the end, m should be equal to 0x41. The encryption is fast (0, 4 second) while the decryption is really slow. This code will take between 30 seconds and 2 minutes to execute depending on the compiler and optimization flags.


#include "mbed.h"
#include "BigInt.h"
#include <stdlib.h>
#include <stdio.h>

uint8_t modbits[] = {
0xd9, 0x4d, 0x88, 0x9e, 0x88, 0x85, 0x3d, 0xd8, 0x97, 0x69, 0xa1, 0x80, 0x15, 0xa0, 0xa2, 0xe6,
0xbf, 0x82, 0xbf, 0x35, 0x6f, 0xe1, 0x4f, 0x25, 0x1f, 0xb4, 0xf5, 0xe2, 0xdf, 0x0d, 0x9f, 0x9a,
0x94, 0xa6, 0x8a, 0x30, 0xc4, 0x28, 0xb3, 0x9e, 0x33, 0x62, 0xfb, 0x37, 0x79, 0xa4, 0x97, 0xec,
0xea, 0xea, 0x37, 0x10, 0x0f, 0x26, 0x4d, 0x7f, 0xb9, 0xfb, 0x1a, 0x97, 0xfb, 0xf6, 0x21, 0x13,
0x3d, 0xe5, 0x5f, 0xdc, 0xb9, 0xb1, 0xad, 0x0d, 0x7a, 0x31, 0xb3, 0x79, 0x21, 0x6d, 0x79, 0x25,
0x2f, 0x5c, 0x52, 0x7b, 0x9b, 0xc6, 0x3d, 0x83, 0xd4, 0xec, 0xf4, 0xd1, 0xd4, 0x5c, 0xbf, 0x84,
0x3e, 0x84, 0x74, 0xba, 0xbc, 0x65, 0x5e, 0x9b, 0xb6, 0x79, 0x9c, 0xba, 0x77, 0xa4, 0x7e, 0xaf,
0xa8, 0x38, 0x29, 0x64, 0x74, 0xaf, 0xc2, 0x4b, 0xeb, 0x9c, 0x82, 0x5b, 0x73, 0xeb, 0xf5, 0x49

uint8_t dbits[] = {
0x04, 0x7b, 0x9c, 0xfd, 0xe8, 0x43, 0x17, 0x6b, 0x88, 0x74, 0x1d, 0x68, 0xcf, 0x09, 0x69, 0x52,
0xe9, 0x50, 0x81, 0x31, 0x51, 0x05, 0x8c, 0xe4, 0x6f, 0x2b, 0x04, 0x87, 0x91, 0xa2, 0x6e, 0x50,
0x7a, 0x10, 0x95, 0x79, 0x3c, 0x12, 0xba, 0xe1, 0xe0, 0x9d, 0x82, 0x21, 0x3a, 0xd9, 0x32, 0x69,
0x28, 0xcf, 0x7c, 0x23, 0x50, 0xac, 0xb1, 0x9c, 0x98, 0xf1, 0x9d, 0x32, 0xd5, 0x77, 0xd6, 0x66,
0xcd, 0x7b, 0xb8, 0xb2, 0xb5, 0xba, 0x62, 0x9d, 0x25, 0xcc, 0xf7, 0x2a, 0x5c, 0xeb, 0x8a, 0x8d,
0xa0, 0x38, 0x90, 0x6c, 0x84, 0xdc, 0xdb, 0x1f, 0xe6, 0x77, 0xdf, 0xfb, 0x2c, 0x02, 0x9f, 0xd8,
0x92, 0x63, 0x18, 0xee, 0xde, 0x1b, 0x58, 0x27, 0x2a, 0xf2, 0x2b, 0xda, 0x5c, 0x52, 0x32, 0xbe,
0x06, 0x68, 0x39, 0x39, 0x8e, 0x42, 0xf5, 0x35, 0x2d, 0xf5, 0x88, 0x48, 0xad, 0xad, 0x11, 0xa1

int main() 
    BigInt e = 65537, mod, d;
    mod.importData(modbits, sizeof(modbits));
    d.importData(dbits, sizeof(dbits));

    BigInt c = modPow(0x41,e,mod);
    BigInt m = modPow(c,d,mod);
    return 0;



File content as of revision 17:9811d859dc83:

#include "BigInt.h"
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <iostream>
#include <climits>
#include <cassert>
#include <algorithm>

static uint32_t BITS[] = 
    0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080,   
    0x00000100, 0x00000200, 0x00000400, 0x00000800, 0x00001000, 0x00002000, 0x00004000, 0x00008000,   
    0x00010000, 0x00020000, 0x00040000, 0x00080000, 0x00100000, 0x00200000, 0x00400000, 0x00800000,   
    0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000

static uint32_t num(const uint32_t a)
    return a/4 + (a%4 ? 1:0); 


BigInt::BigInt(const uint32_t a)
    if(a >> 24)
        size = 4;
    else if(a >> 16)
        size = 3;
    else if(a >> 8)
        size = 2;
        size = 1;
    bits = new uint32_t[1];
    bits[0] = a;

BigInt::BigInt(const BigInt &a):
    uint32_t l = num(size);
    bits = new uint32_t[l];
    for(int i = 0; i < l; ++i)
        bits[i] = a.bits[i];

        delete[] bits;

BigInt& BigInt::operator=(const BigInt& a)
    size = a.size;
    uint32_t l = num(size);
        delete[] bits;
    bits = new uint32_t[l];
    for(int i = 0; i < l; ++i)
        bits[i] = a.bits[i];    
    return *this;

void BigInt::importData(uint8_t *data, uint32_t length)
    size = length;
    size_t l = size/4;
    if(size % 4 != 0)
        delete[] bits;
    bits = new uint32_t[l];
    memset(bits, 0, sizeof(uint32_t)*l);
    for(int i = length-1; i >=0; --i)
        bits[i/4] |= data[i] << ((i%4)*8);

void BigInt::exportData(uint8_t *data, uint32_t length)
    assert(isValid() && data != 0);
    if(length < size)
    uint32_t offset = length-size;
    memset(data, 0, offset);
    for(int i = size-1; i >= 0; --i)
        data[offset+size-1-i] = bits[i/4] >> ((i%4)*8);

BigInt operator+(const BigInt &a, const BigInt& b)
    assert(a.isValid() && b.isValid());

    BigInt result;
    result.size = a.size > b.size ? a.size : b.size;
    size_t l = result.size/4;
    if(result.size % 4 != 0)
    result.bits = new uint32_t[l];
    memset(result.bits, 0, sizeof(uint32_t)*l);
    uint32_t al = num(a.size);
    uint32_t bl = num(b.size);
    uint32_t carry = 0;
    for(int i = 0; i < l; ++i)
        uint32_t tmpA = 0, tmpB = 0;
        if(i < al)
            tmpA = a.bits[i];
        if(i < bl)
            tmpB = b.bits[i];
        result.bits[i] = tmpA + tmpB + carry;
        carry = result.bits[i] < std::max(tmpA, tmpB);
        if(result.size > l*4)
            result.bits = (uint32_t*)realloc(result.bits, l * sizeof(uint32_t));
            result.bits[l-1] = 0x00000001;
            result.bits[l-1] += 1 << (8 *((result.size-1)%4));
    return result;

BigInt& BigInt::operator+=(const BigInt &b)
    return (*this = (*this) + b);

BigInt& BigInt::operator++()
    return (*this += 1);

BigInt BigInt::operator++(int)
    BigInt t = *this;
    *this += 1;
    return t;

// a - b, if b >= a, returns 0
// No negative number allowed
BigInt operator-(const BigInt &a, const BigInt& b)
    assert(a.isValid() && b.isValid());

    BigInt result;

    if(b >= a)
        return result = 0;
        result.size = a.size;
        uint32_t l = num(a.size);
        result.bits = new uint32_t[l];
        memset(result.bits, 0, sizeof(uint32_t)*l);
        uint32_t bl = num(b.size);
        uint8_t borrow = 0;
        for(uint32_t i = 0; i < l; ++i)
            uint32_t tmpA = a.bits[i], tmpB = 0;
            if(i < bl)
                tmpB = b.bits[i];
                if(tmpA == 0)
                    tmpA = ULONG_MAX;
                if(tmpA < tmpB)            
                    result.bits[i] = tmpA + 1 + (ULONG_MAX - tmpB);
                    result.bits[i] = tmpA - tmpB;

                if(a.bits[i] != 0 && tmpA > tmpB)
                    borrow = 0;
                if(tmpA < tmpB)            
                    result.bits[i] = tmpA + 1 + (ULONG_MAX - tmpB);
                    result.bits[i] = tmpA - tmpB;
                borrow = tmpA < tmpB;
        return result;

BigInt& BigInt::operator-=(const BigInt &b)
    return (*this = (*this) - b);

BigInt& BigInt::operator--()
    return (*this -= 1);

BigInt BigInt::operator--(int)
    BigInt t = *this;
    *this -= 1;
    return t;

BigInt operator*(const BigInt &a, const BigInt& b)
    assert(a.isValid() && b.isValid());

    // if a == 0 or b == 0 then result = 0
    if(!a || !b)
        return 0;
    // if a == 1, then result = b
    if(a == 1)
        return b;
    // if b == 1, then result = a
    if(b == 1)
        return a;
    BigInt result;          
    result.size = a.size + b.size;
    result.bits = new uint32_t[num(result.size)];
    memset(result.bits, 0, sizeof(uint32_t)*num(result.size));
    for(int i = 0; i < num(a.size); ++i)
        uint64_t carry = 0;
        for(int j = 0; j < num(b.size); ++j)
            uint64_t tmp = (uint64_t)a.bits[i] * (uint64_t)b.bits[j] + carry;        
            uint32_t t = result.bits[i+j];
            result.bits[i+j] += tmp;
            carry = tmp >> 32;     
            if(t > result.bits[i+j])
        if(carry != 0)
            result.bits[i+num(b.size)] += carry;
    return result;

BigInt& BigInt::operator*=(const BigInt &b)
    return (*this = (*this) * b);

BigInt operator/(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid() && b != 0);
    if(b == 1)
        return a;
    if(a < b)
        return 0;
    if(a == b)
        return 1;
    BigInt u = a; 
    int m = a.numBits() - b.numBits();
    BigInt q;
    q.size = m/8 + ((m%8 != 0) ? 1 : 0);
    q.bits = new uint32_t[num(q.size)];
    memset(q.bits, 0, num(q.size)*sizeof(uint32_t));
    BigInt tmp = b;
    tmp <<= m;
    for(int j = m; j >= 0; --j)
        if(tmp <= u)
            u -= tmp;
            q.bits[j/32] |= BITS[j%32]; 
        tmp >>= 1;
    return q;

BigInt& BigInt::operator/=(const BigInt &b)
    return (*this = (*this) / b);

BigInt operator>>(const BigInt &a, const uint32_t m)

    if(m == 0)
        return a;
    if(m/8 >= a.size)
        return 0;
    BigInt result;
    result.size = a.size - m/8;
    result.bits = new uint32_t[num(result.size)];
    uint8_t s = m%32;
    for(uint32_t i = 0; i < num(result.size); ++i)
        if(m/32+i+1 < num(a.size))
            result.bits[i] =  (a.bits[m/32+i+1] << (32-s)) |  (a.bits[m/32+i] >> s);
            result.bits[i] = (a.bits[m/32+i] >> s);
    return result;

BigInt& BigInt::operator>>=(const uint32_t m)
    return *this = *this >> m;
BigInt operator<<(const BigInt &a, const uint32_t m)

    BigInt result;
    if(m == 0)
        return result = a;

    result.size = m/8 + a.size;
    uint32_t h = a.bits[num(a.size)-1];
    if((m%32)%8 != 0)
    uint32_t l = num(result.size);
    result.bits = new uint32_t[l];
    memset(result.bits, 0, sizeof(uint32_t)*l);
    uint32_t s = m % 32;
    for(uint32_t i = 0; i < num(a.size); ++i)
        if(i == 0)
            result.bits[m/32+i] = a.bits[i] << s;
            result.bits[m/32+i] = (a.bits[i] << s) | (a.bits[i-1] >> (32-s));
    if(a.bits[num(a.size)-1] && s != 0)
        result.bits[m/32+num(result.size)-1] |= a.bits[num(a.size)-1] >> (32-s);

    return result;

BigInt& BigInt::operator<<=(const uint32_t m)
    return (*this = *this << m);

BigInt operator%(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid() && b > 0);
    return a - (a/b)*b;

BigInt& BigInt::operator%=(const BigInt &a)
    return (*this = *this % a);

bool operator==(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid());

    if(a.size != b.size)
        return false;
    uint32_t l = num(a.size);
    for(int i = 0; i < l; ++i)
        if(a.bits[i] != b.bits[i])
            return false;
    return true;

bool operator!=(const BigInt &a, const BigInt &b)
    return ! (a==b);

bool operator<(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid());

    if(a.size < b.size)
        return true;
    if(a.size > b.size)
        return false;
    uint32_t l = num(a.size);
    for(int i = l-1; i >= 0; --i)
        if(a.bits[i] < b.bits[i])
            return true;
        else if(a.bits[i] > b.bits[i])
            return false;
    return false;

bool operator<=(const BigInt &a, const BigInt &b)
    return !(a > b);

bool operator>(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid());

    if(a.size > b.size)
        return true;
    if(a.size < b.size)
        return false;
    uint32_t l = num(a.size);
    for(int i = l-1; i >= 0; --i)
        if(a.bits[i] > b.bits[i])
            return true;
        else if(a.bits[i] < b.bits[i])
            return false;       
    return false;

bool operator>=(const BigInt &a, const BigInt &b)
    return !(a < b);

bool operator!(const BigInt &a)

    if(a.size != 1)
        return false;
    return a.bits[0] == 0;
BigInt operator&(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid());

    BigInt result;

    result.size = a.size < b.size ? a.size : b.size;
    uint32_t l = num(result.size);
    result.bits = new uint32_t[l];
    memset(result.bits, 0, l);
    for(uint32_t i = 0; i < l; ++i)
        result.bits[i] = a.bits[i] & b.bits[i];

    return result;

BigInt& BigInt::operator&=(const BigInt &a)
    return (*this = *this & a);

BigInt operator|(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid());

    BigInt result;

    uint32_t na = num(a.size);
    uint32_t nb = num(b.size);
    uint32_t l = std::max(na,nb);
    result.size = std::max(a.size, b.size);
    result.bits = new uint32_t[l];
    memset(result.bits, 0, l);
    for(uint32_t i = 0; i < l; ++i)
        if(i < na && i < nb)
            result.bits[i] = a.bits[i] | b.bits[i];
        else if(i < na)
            result.bits[i] = a.bits[i];
            result.bits[i] = b.bits[i];
    return result;

BigInt& BigInt::operator|=(const BigInt &a)
    return (*this = *this | a);

BigInt operator^(const BigInt &a, const BigInt &b)
    assert(a.isValid() && b.isValid());

    BigInt result;

    uint32_t na = num(a.size);
    uint32_t nb = num(b.size);
    uint32_t l = std::max(na,nb);
    result.size = std::max(a.size, b.size);
    result.bits = new uint32_t[l];
    memset(result.bits, 0, l);
    for(uint32_t i = 0; i < l; ++i)
        if(i < na && i < nb)
            result.bits[i] = a.bits[i] ^ b.bits[i];
        else if(i < na)
            result.bits[i] = a.bits[i];
            result.bits[i] = b.bits[i];
    return result;

BigInt& BigInt::operator^=(const BigInt &a)      
    return (*this = *this ^ a);

BigInt montgomeryStep(const BigInt &a, const BigInt &b, const BigInt &m, uint32_t r)
    BigInt result = 0;
    uint32_t j = 0;
    while(r > 0)
        if(a.bits[j/32] & BITS[j%32])
            result += b;   
        if(result.bits[0] & 0x01)
            result += m;
        result >>= 1;    
    return result;
// Implementation using Montgomery algorithm
BigInt modPow(const BigInt &a, const BigInt &expn, const BigInt &modulus)
    assert(a.isValid() && expn.isValid() && modulus.isValid());
    uint32_t r = 8*modulus.size;

    // convert a in montgomery world
    BigInt montA = (a << r) % modulus;
    BigInt tmp;
    if(expn.bits[0] & 0x01)
        tmp = montA;
    uint32_t n = expn.numBits();
    uint32_t j = 1; 
    while(j < n)
        montA = montgomeryStep(montA, montA, modulus, r);

        if(expn.bits[j/32] & BITS[j%32])
                tmp = montgomeryStep(montA, tmp, modulus, r);
                tmp = montA;
    // convert a to normal world
    return montgomeryStep(tmp, 1, modulus, r);

bool BigInt::isValid() const
    return size != 0 && bits != 0;

void BigInt::print() const
    printf("size: %d bytes\n", size);
    uint32_t n = num(size);
    for(int i = n-1; i >= 0; --i)
        printf("%08x ", bits[i]);

void BigInt::trim()
    uint8_t *tmp = (uint8_t*)bits;
    uint32_t newSize = size;
    while(tmp[newSize-1] == 0 && newSize > 0)
    if(newSize == 0)
        newSize = 1;
    if(num(newSize) < num(size))
        bits = (uint32_t*)realloc(bits, sizeof(uint32_t)*num(newSize)); 
    size = newSize; 

uint32_t BigInt::numBits() const

    uint32_t n = (size-1)*8;
    uint8_t a = bits[num(size)-1] >> ((size-1)%4)*8;
    uint8_t tmp2 = 8;
    while(!(a & 0x80)) 
        a <<= 1;
    n += tmp2;

    return n;