TODO: fix the bug for l = 3

gefeili · gefeili · commit 1afbabdda545 · 2025-03-19T17:01:46.000+10:30
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/snova/MapGroup1.java b/core/src/main/java/org/bouncycastle/pqc/crypto/snova/MapGroup1.java
@@ -74,7 +74,21 @@ private static int fillAlpha(byte[] input, int inOff, byte[][][] alpha, int len)
         return rlt;
     }
 
-    //private static void copyTo(byte[][][] al)
+    static void copyTo(byte[][][][] alpha, byte[] output)
+    {
+        int outOff = 0;
+        for (int i = 0; i < alpha.length; ++i)
+        {
+            for (int j = 0; j < alpha[i].length; ++j)
+            {
+                for (int k = 0; k < alpha[i][j].length; ++k)
+                {
+                    System.arraycopy(alpha[i][j][k], 0, output, outOff, alpha[i][j][k].length);
+                    outOff += alpha[i][j][k].length;
+                }
+            }
+        }
+    }
 
 
 //    static int decodeP(byte[] input, int inOff, byte[][][][] p, int len)
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/snova/SnovaEngine.java b/core/src/main/java/org/bouncycastle/pqc/crypto/snova/SnovaEngine.java
@@ -479,7 +479,9 @@ public void genP22(byte[] outP22, byte[][][] T12, byte[][][][] P21, byte[][][][]
             }
 
             // Convert GF16 elements to packed bytes
-            MapGroup1.encodeP(P22, outP22, 0, outP22.length);
+            byte[] tmp = new byte[outP22.length << 1];
+            MapGroup1.copyTo(P22, tmp);
+            GF16Utils.encode(tmp, outP22, 0, tmp.length);
         }
         finally
         {
diff --git a/core/src/test/java/org/bouncycastle/pqc/crypto/test/SnovaTest.java b/core/src/test/java/org/bouncycastle/pqc/crypto/test/SnovaTest.java
@@ -31,10 +31,10 @@ public static void main(String[] args)
 //            SnovaParameters.SNOVA_24_5_16_4_SHAKE_ESK,
 //            SnovaParameters.SNOVA_24_5_16_4_SHAKE_SSK,
 //            SnovaParameters.SNOVA_24_5_16_4_SSK,
-            SnovaParameters.SNOVA_24_5_16_5_ESK,
-            SnovaParameters.SNOVA_24_5_16_5_SHAKE_ESK,
-            SnovaParameters.SNOVA_24_5_16_5_SHAKE_SSK,
-            SnovaParameters.SNOVA_24_5_16_5_SSK,
+//            SnovaParameters.SNOVA_24_5_16_5_ESK,
+//            SnovaParameters.SNOVA_24_5_16_5_SHAKE_ESK,
+//            SnovaParameters.SNOVA_24_5_16_5_SHAKE_SSK,
+//            SnovaParameters.SNOVA_24_5_16_5_SSK,
             SnovaParameters.SNOVA_25_8_16_3_ESK,
             SnovaParameters.SNOVA_25_8_16_3_SHAKE_ESK,
             SnovaParameters.SNOVA_25_8_16_3_SHAKE_SSK,
@@ -78,10 +78,10 @@ public static void main(String[] args)
 //        "PQCsignKAT_SNOVA_24_5_4_SHAKE_ESK.rsp",
 //        "PQCsignKAT_SNOVA_24_5_4_SHAKE_SSK.rsp",
 //        "PQCsignKAT_SNOVA_24_5_4_SSK.rsp",
-        "PQCsignKAT_SNOVA_24_5_5_ESK.rsp",
-        "PQCsignKAT_SNOVA_24_5_5_SHAKE_ESK.rsp",
-        "PQCsignKAT_SNOVA_24_5_5_SHAKE_SSK.rsp",
-        "PQCsignKAT_SNOVA_24_5_5_SSK.rsp",
+//        "PQCsignKAT_SNOVA_24_5_5_ESK.rsp",
+//        "PQCsignKAT_SNOVA_24_5_5_SHAKE_ESK.rsp",
+//        "PQCsignKAT_SNOVA_24_5_5_SHAKE_SSK.rsp",
+//        "PQCsignKAT_SNOVA_24_5_5_SSK.rsp",
         "PQCsignKAT_SNOVA_25_8_3_ESK.rsp",
         "PQCsignKAT_SNOVA_25_8_3_SHAKE_ESK.rsp",
         "PQCsignKAT_SNOVA_25_8_3_SHAKE_SSK.rsp",

Original file line number	Diff line number	Diff line change
`@@ -479,7 +479,9 @@ public void genP22(byte[] outP22, byte[][][] T12, byte[][][][] P21, byte[][][][]`
`479`	`479`	`}`
`480`	`480`
`481`	`481`	`// Convert GF16 elements to packed bytes`
`482`		`- MapGroup1.encodeP(P22, outP22, 0, outP22.length);`
	`482`	`+ byte[] tmp = new byte[outP22.length << 1];`
	`483`	`+ MapGroup1.copyTo(P22, tmp);`
	`484`	`+ GF16Utils.encode(tmp, outP22, 0, tmp.length);`
`483`	`485`	`}`
`484`	`486`	`finally`
`485`	`487`	`{`