Refactoring in pqc.crypto.slhdsa (sphincsplus)

Author: peterdettman

core/src/main/java/org/bouncycastle/pqc/crypto/slhdsa/ADRS.java

@@ -5,14 +5,14 @@
 
 class ADRS
 {
-    public static final int WOTS_HASH = 0;
-    public static final int WOTS_PK = 1;
-    public static final int TREE = 2;
-    public static final int FORS_TREE = 3;
-    public static final int FORS_PK = 4;
-    public static final int WOTS_PRF = 5;
-    public static final int FORS_PRF = 6;
-    
+    static final int WOTS_HASH = 0;
+    static final int WOTS_PK = 1;
+    static final int TREE = 2;
+    static final int FORS_TREE = 3;
+    static final int FORS_PK = 4;
+    static final int WOTS_PRF = 5;
+    static final int FORS_PRF = 6;
+
     static final int OFFSET_LAYER = 0;
     static final int OFFSET_TREE = 4;
     static final int OFFSET_TREE_HGT = 24;
@@ -21,7 +21,7 @@ class ADRS
     static final int OFFSET_KP_ADDR = 20;
     static final int OFFSET_CHAIN_ADDR = 24;
     static final int OFFSET_HASH_ADDR = 28;
-    
+
     final byte[] value = new byte[32];
 
     ADRS()
@@ -59,11 +59,6 @@ public void setTreeHeight(int height)
         Pack.intToBigEndian(height, value, OFFSET_TREE_HGT);
     }
 
-    public int getTreeHeight()
-    {
-        return Pack.bigEndianToInt(value, OFFSET_TREE_HGT);
-    }
-
     public void setTreeIndex(int index)
     {
         Pack.intToBigEndian(index, value, OFFSET_TREE_INDEX);
@@ -87,11 +82,6 @@ public void changeType(int type)
         Pack.intToBigEndian(type, value, OFFSET_TYPE);
     }
 
-    public int getType()
-    {
-        return Pack.bigEndianToInt(value, OFFSET_TYPE);
-    }
-
     public void setKeyPairAddress(int keyPairAddr)
     {
         Pack.intToBigEndian(keyPairAddr, value, OFFSET_KP_ADDR);

core/src/main/java/org/bouncycastle/pqc/crypto/slhdsa/Fors.java

@@ -18,13 +18,12 @@ public Fors(SLHDSAEngine engine)
     // Output: n-byte root node - top node on Stack
     byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
     {
-        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
-
-        if (s % (1 << z) != 0)
+        if ((s >>> z) << z != s)
         {
             return null;
         }
 
+        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
         ADRS adrs = new ADRS(adrsParam);
 
         for (int idx = 0; idx < (1 << z); idx++)
@@ -42,19 +41,23 @@ byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
 
             adrs.setTreeHeight(1);
 
+            int adrsTreeHeight = 1;
+            int adrsTreeIndex = s + idx;
+
             // while ( Top node on Stack has same height as node )
-            while (!stack.isEmpty()
-                && ((NodeEntry)stack.get(0)).nodeHeight == adrs.getTreeHeight())
+            while (!stack.isEmpty() && ((NodeEntry)stack.get(0)).nodeHeight == adrsTreeHeight)
             {
-                adrs.setTreeIndex((adrs.getTreeIndex() - 1) / 2);
-                NodeEntry current = ((NodeEntry)stack.remove(0));
+                adrsTreeIndex = (adrsTreeIndex - 1) / 2;
+                adrs.setTreeIndex(adrsTreeIndex);
 
+                NodeEntry current = ((NodeEntry)stack.remove(0));
                 node = engine.H(pkSeed, adrs, current.nodeValue, node);
-                //topmost node is now one layer higher
-                adrs.setTreeHeight(adrs.getTreeHeight() + 1);
+
+                // topmost node is now one layer higher
+                adrs.setTreeHeight(++adrsTreeHeight);
             }
 
-            stack.add(0, new NodeEntry(node, adrs.getTreeHeight()));
+            stack.add(0, new NodeEntry(node, adrsTreeHeight));
         }
 
         return ((NodeEntry)stack.get(0)).nodeValue;

core/src/main/java/org/bouncycastle/pqc/crypto/slhdsa/HT.java

@@ -144,21 +144,18 @@ SIG_XMSS xmss_sign(byte[] M, byte[] skSeed, int idx, byte[] pkSeed, ADRS paramAd
         return new SIG_XMSS(sig, AUTH);
     }
 
-    //
-    // Input: Secret seed SK.seed, start index s, target node height z, public seed
-    //PK.seed, address ADRS
+    // Input: Secret seed SK.seed, start index s, target node height z, public seed PK.seed, address ADRS
     // Output: n-byte root node - top node on Stack
     byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
     {
-        ADRS adrs = new ADRS(adrsParam);
-
-        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
-
-        if (s % (1 << z) != 0)
+        if ((s >>> z) << z != s)
         {
             return null;
         }
 
+        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
+        ADRS adrs = new ADRS(adrsParam);
+
         for (int idx = 0; idx < (1 << z); idx++)
         {
             adrs.setTypeAndClear(ADRS.WOTS_HASH);
@@ -169,19 +166,23 @@ byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
             adrs.setTreeHeight(1);
             adrs.setTreeIndex(s + idx);
 
+            int adrsTreeHeight = 1;
+            int adrsTreeIndex = s + idx;
+
             // while ( Top node on Stack has same height as node )
-            while (!stack.isEmpty()
-                && ((NodeEntry)stack.get(0)).nodeHeight == adrs.getTreeHeight())
+            while (!stack.isEmpty() && ((NodeEntry)stack.get(0)).nodeHeight == adrsTreeHeight)
             {
-                adrs.setTreeIndex((adrs.getTreeIndex() - 1) / 2);
-                NodeEntry current = ((NodeEntry)stack.remove(0));
+                adrsTreeIndex = (adrsTreeIndex - 1) / 2;
+                adrs.setTreeIndex(adrsTreeIndex);
 
+                NodeEntry current = ((NodeEntry)stack.remove(0));
                 node = engine.H(pkSeed, adrs, current.nodeValue, node);
-                //topmost node is now one layer higher
-                adrs.setTreeHeight(adrs.getTreeHeight() + 1);
+
+                // topmost node is now one layer higher
+                adrs.setTreeHeight(++adrsTreeHeight);
             }
 
-            stack.add(0, new NodeEntry(node, adrs.getTreeHeight()));
+            stack.add(0, new NodeEntry(node, adrsTreeHeight));
         }
 
         return ((NodeEntry)stack.get(0)).nodeValue;

core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/ADRS.java

@@ -5,14 +5,14 @@
 
 class ADRS
 {
-    public static final int WOTS_HASH = 0;
-    public static final int WOTS_PK = 1;
-    public static final int TREE = 2;
-    public static final int FORS_TREE = 3;
-    public static final int FORS_PK = 4;
-    public static final int WOTS_PRF = 5;
-    public static final int FORS_PRF = 6;
-    
+    static final int WOTS_HASH = 0;
+    static final int WOTS_PK = 1;
+    static final int TREE = 2;
+    static final int FORS_TREE = 3;
+    static final int FORS_PK = 4;
+    static final int WOTS_PRF = 5;
+    static final int FORS_PRF = 6;
+
     static final int OFFSET_LAYER = 0;
     static final int OFFSET_TREE = 4;
     static final int OFFSET_TREE_HGT = 24;
@@ -21,7 +21,7 @@ class ADRS
     static final int OFFSET_KP_ADDR = 20;
     static final int OFFSET_CHAIN_ADDR = 24;
     static final int OFFSET_HASH_ADDR = 28;
-    
+
     final byte[] value = new byte[32];
 
     ADRS()
@@ -59,11 +59,6 @@ public void setTreeHeight(int height)
         Pack.intToBigEndian(height, value, OFFSET_TREE_HGT);
     }
 
-    public int getTreeHeight()
-    {
-        return Pack.bigEndianToInt(value, OFFSET_TREE_HGT);
-    }
-
     public void setTreeIndex(int index)
     {
         Pack.intToBigEndian(index, value, OFFSET_TREE_INDEX);
@@ -87,11 +82,6 @@ public void changeType(int type)
         Pack.intToBigEndian(type, value, OFFSET_TYPE);
     }
 
-    public int getType()
-    {
-        return Pack.bigEndianToInt(value, OFFSET_TYPE);
-    }
-
     public void setKeyPairAddress(int keyPairAddr)
     {
         Pack.intToBigEndian(keyPairAddr, value, OFFSET_KP_ADDR);

core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/Fors.java

@@ -17,13 +17,12 @@ public Fors(SPHINCSPlusEngine engine)
     // Output: n-byte root node - top node on Stack
     byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
     {
-        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
-
-        if (s % (1 << z) != 0)
+        if ((s >>> z) << z != s)
         {
             return null;
         }
 
+        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
         ADRS adrs = new ADRS(adrsParam);
 
         for (int idx = 0; idx < (1 << z); idx++)
@@ -41,19 +40,23 @@ byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
 
             adrs.setTreeHeight(1);
 
+            int adrsTreeHeight = 1;
+            int adrsTreeIndex = s + idx;
+
             // while ( Top node on Stack has same height as node )
-            while (!stack.isEmpty()
-                && ((NodeEntry)stack.get(0)).nodeHeight == adrs.getTreeHeight())
+            while (!stack.isEmpty() && ((NodeEntry)stack.get(0)).nodeHeight == adrsTreeHeight)
             {
-                adrs.setTreeIndex((adrs.getTreeIndex() - 1) / 2);
-                NodeEntry current = ((NodeEntry)stack.remove(0));
+                adrsTreeIndex = (adrsTreeIndex - 1) / 2;
+                adrs.setTreeIndex(adrsTreeIndex);
 
+                NodeEntry current = ((NodeEntry)stack.remove(0));
                 node = engine.H(pkSeed, adrs, current.nodeValue, node);
-                //topmost node is now one layer higher
-                adrs.setTreeHeight(adrs.getTreeHeight() + 1);
+
+                // topmost node is now one layer higher
+                adrs.setTreeHeight(++adrsTreeHeight);
             }
 
-            stack.add(0, new NodeEntry(node, adrs.getTreeHeight()));
+            stack.add(0, new NodeEntry(node, adrsTreeHeight));
         }
 
         return ((NodeEntry)stack.get(0)).nodeValue;

core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/HT.java

@@ -144,21 +144,18 @@ SIG_XMSS xmss_sign(byte[] M, byte[] skSeed, int idx, byte[] pkSeed, ADRS paramAd
         return new SIG_XMSS(sig, AUTH);
     }
 
-    //
-    // Input: Secret seed SK.seed, start index s, target node height z, public seed
-    //PK.seed, address ADRS
+    // Input: Secret seed SK.seed, start index s, target node height z, public seed PK.seed, address ADRS
     // Output: n-byte root node - top node on Stack
     byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
     {
-        ADRS adrs = new ADRS(adrsParam);
-
-        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
-
-        if (s % (1 << z) != 0)
+        if ((s >>> z) << z != s)
         {
             return null;
         }
 
+        LinkedList<NodeEntry> stack = new LinkedList<NodeEntry>();
+        ADRS adrs = new ADRS(adrsParam);
+
         for (int idx = 0; idx < (1 << z); idx++)
         {
             adrs.setTypeAndClear(ADRS.WOTS_HASH);
@@ -169,21 +166,25 @@ byte[] treehash(byte[] skSeed, int s, int z, byte[] pkSeed, ADRS adrsParam)
             adrs.setTreeHeight(1);
             adrs.setTreeIndex(s + idx);
 
+            int adrsTreeHeight = 1;
+            int adrsTreeIndex = s + idx;
+
             // while ( Top node on Stack has same height as node )
-            while (!stack.isEmpty()
-                && ((NodeEntry)stack.get(0)).nodeHeight == adrs.getTreeHeight())
+            while (!stack.isEmpty() && ((NodeEntry)stack.get(0)).nodeHeight == adrsTreeHeight)
             {
-                adrs.setTreeIndex((adrs.getTreeIndex() - 1) / 2);
-                NodeEntry current = ((NodeEntry)stack.remove(0));
+                adrsTreeIndex = (adrsTreeIndex - 1) / 2;
+                adrs.setTreeIndex(adrsTreeIndex);
 
+                NodeEntry current = ((NodeEntry)stack.remove(0));
                 node = engine.H(pkSeed, adrs, current.nodeValue, node);
-                //topmost node is now one layer higher
-                adrs.setTreeHeight(adrs.getTreeHeight() + 1);
+
+                // topmost node is now one layer higher
+                adrs.setTreeHeight(++adrsTreeHeight);
             }
 
-            stack.add(0, new NodeEntry(node, adrs.getTreeHeight()));
+            stack.add(0, new NodeEntry(node, adrsTreeHeight));
         }
- 
+
         return ((NodeEntry)stack.get(0)).nodeValue;
     }