Skip to content

Commit 8fe3792

Browse files
author
gefeili
committed
TODO: fix the line 216 of SnovaKeyPairGenerator
1 parent a22c827 commit 8fe3792

File tree

4 files changed

+192
-165
lines changed

4 files changed

+192
-165
lines changed

core/src/main/java/org/bouncycastle/pqc/crypto/snova/MapGroup1.java

Lines changed: 25 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ static int fillP(byte[] input, int inOff, byte[][][][] p, int len)
5959
return rlt;
6060
}
6161

62-
private static int fillAlpha(byte[] input, int inOff, byte[][][] alpha, int len)
62+
static int fillAlpha(byte[] input, int inOff, byte[][][] alpha, int len)
6363
{
6464
int rlt = 0;
6565
for (int i = 0; i < alpha.length; ++i)
@@ -117,30 +117,30 @@ static void copyTo(byte[][][][] alpha, byte[] output)
117117
// return rlt;
118118
// }
119119

120-
static int encodeP(byte[][][][] p, byte[] output, int outOff, int len)
121-
{
122-
int rlt = 0;
123-
for (int i = 0; i < p.length; ++i)
124-
{
125-
rlt += encodeAlpha(p[i], output, outOff + rlt, len - rlt);
126-
}
127-
return rlt;
128-
}
120+
// static int encodeP(byte[][][][] p, byte[] output, int outOff, int len)
121+
// {
122+
// int rlt = 0;
123+
// for (int i = 0; i < p.length; ++i)
124+
// {
125+
// rlt += encodeAlpha(p[i], output, outOff + rlt, len - rlt);
126+
// }
127+
// return rlt;
128+
// }
129129

130-
static int encodeAlpha(byte[][][] alpha, byte[] output, int outOff, int len)
131-
{
132-
int rlt = 0;
133-
for (int i = 0; i < alpha.length; ++i)
134-
{
135-
for (int j = 0; j < alpha[i].length; ++j)
136-
{
137-
int tmp = Math.min(alpha[i][j].length, len << 1);
138-
GF16Utils.encode(alpha[i][j], output, outOff + rlt, tmp);
139-
rlt += (tmp + 1) >> 1;
140-
len -= (tmp + 1) >> 1;
141-
}
142-
}
143-
return rlt;
144-
}
130+
// static int encodeAlpha(byte[][][] alpha, byte[] output, int outOff, int len)
131+
// {
132+
// int rlt = 0;
133+
// for (int i = 0; i < alpha.length; ++i)
134+
// {
135+
// for (int j = 0; j < alpha[i].length; ++j)
136+
// {
137+
// int tmp = Math.min(alpha[i][j].length, len << 1);
138+
// GF16Utils.encode(alpha[i][j], output, outOff + rlt, tmp);
139+
// rlt += (tmp + 1) >> 1;
140+
// len -= (tmp + 1) >> 1;
141+
// }
142+
// }
143+
// return rlt;
144+
// }
145145

146146
}

core/src/main/java/org/bouncycastle/pqc/crypto/snova/SnovaEngine.java

Lines changed: 92 additions & 112 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ public SnovaEngine(SnovaParameters params)
1717
this.lsq = l * l;
1818
S = new byte[l][lsq];
1919
xS = new int[l][lsq];
20-
be_aI(S[0], (byte)1);
20+
be_aI(S[0], 0, (byte)1);
2121
beTheS(S[1]);
2222
for (int index = 2; index < l; ++index)
2323
{
@@ -43,7 +43,7 @@ public void setGF16m(byte[] gf16m, int x, int y, byte value)
4343
gf16m[x * l + y] = value;
4444
}
4545

46-
public void be_aI(byte[] target, byte a)
46+
public void be_aI(byte[] target, int off, byte a)
4747
{
4848
// Mask 'a' to ensure it's a valid 4-bit GF16 element
4949
a = (byte)(a & 0x0F);
@@ -52,7 +52,7 @@ public void be_aI(byte[] target, byte a)
5252
{
5353
for (int j = 0; j < l; ++j)
5454
{
55-
int index = i * l + j;
55+
int index = i * l + j + off;
5656
target[index] = (i == j) ? a : (byte)0;
5757
}
5858
}
@@ -118,9 +118,9 @@ public void genAFqSCT(byte[] c, int cOff, byte[] ptMatrix)
118118
Arrays.fill(xTemp, 0); // Secure clear
119119
}
120120

121-
public void makeInvertibleByAddingAS(byte[] source)
121+
public void makeInvertibleByAddingAS(byte[] source, int off)
122122
{
123-
if (gf16Determinant(source) != 0)
123+
if (gf16Determinant(source, off) != 0)
124124
{
125125
return;
126126
}
@@ -131,160 +131,140 @@ public void makeInvertibleByAddingAS(byte[] source)
131131
for (int a = 1; a < 16; a++)
132132
{
133133
generateASMatrix(temp, (byte)a);
134-
addMatrices(temp, source, source);
134+
addMatrices(temp, 0, source, off, source, off);
135135

136-
if (gf16Determinant(source) != 0)
136+
if (gf16Determinant(source, off) != 0)
137137
{
138138
return;
139139
}
140140
}
141-
throw new IllegalStateException("Failed to make matrix invertible");
141+
//throw new IllegalStateException("Failed to make matrix invertible");
142142
}
143143

144-
private byte gf16Determinant(byte[] matrix)
144+
private byte gf16Determinant(byte[] matrix, int off)
145145
{
146146
switch (l)
147147
{
148148
case 2:
149-
return determinant2x2(matrix);
149+
return determinant2x2(matrix, off);
150150
case 3:
151-
return determinant3x3(matrix);
151+
return determinant3x3(matrix, off, 0, 1, 2, 0, 1, 2);
152152
case 4:
153-
return determinant4x4(matrix);
153+
return determinant4x4(matrix, off);
154154
case 5:
155-
return determinant5x5(matrix);
155+
return determinant5x5(matrix, off);
156156
default:
157157
throw new IllegalStateException();
158158
}
159159
}
160160

161-
private byte determinant2x2(byte[] m)
161+
private byte determinant2x2(byte[] m, int off)
162162
{
163163
return gf16Add(
164-
gf16Mul(getGF16m(m, 0, 0), getGF16m(m, 1, 1)),
165-
gf16Mul(getGF16m(m, 0, 1), getGF16m(m, 1, 0)));
164+
gf16Mul(getGF16m(m, 0, off), getGF16m(m, 1, off + 1)),
165+
gf16Mul(getGF16m(m, 0, off + 1), getGF16m(m, 1, off)));
166166
}
167167

168-
private byte determinant3x3(byte[] m)
168+
private byte determinant3x3(byte[] m, int off, int i0, int i1, int i2, int j0, int j1, int j2)
169169
{
170170
return gf16Add(
171171
gf16Add(
172-
gf16Mul(getGF16m(m, 0, 0), gf16Add(
173-
gf16Mul(getGF16m(m, 1, 1), getGF16m(m, 2, 2)),
174-
gf16Mul(getGF16m(m, 1, 2), getGF16m(m, 2, 1))
172+
gf16Mul(getGF16m(m, j0, off + i0), gf16Add(
173+
gf16Mul(getGF16m(m, j1, off + i1), getGF16m(m, j2, off + i2)),
174+
gf16Mul(getGF16m(m, j1, off + i2), getGF16m(m, j2, off + i1))
175175
)),
176-
gf16Mul(getGF16m(m, 0, 1), gf16Add(
177-
gf16Mul(getGF16m(m, 1, 0), getGF16m(m, 2, 2)),
178-
gf16Mul(getGF16m(m, 1, 2), getGF16m(m, 2, 0))
176+
gf16Mul(getGF16m(m, j0, off + i1), gf16Add(
177+
gf16Mul(getGF16m(m, j1, off + i0), getGF16m(m, j2, off + i2)),
178+
gf16Mul(getGF16m(m, j1, off + i2), getGF16m(m, j2, off + i0))
179179
))
180180
),
181-
gf16Mul(getGF16m(m, 0, 2), gf16Add(
182-
gf16Mul(getGF16m(m, 1, 0), getGF16m(m, 2, 1)),
183-
gf16Mul(getGF16m(m, 1, 1), getGF16m(m, 2, 0))
181+
gf16Mul(getGF16m(m, j0, off + i2), gf16Add(
182+
gf16Mul(getGF16m(m, j1, off + i0), getGF16m(m, j2, off + i1)),
183+
gf16Mul(getGF16m(m, j1, off + i1), getGF16m(m, j2, off + i0))
184184
))
185185
);
186186
}
187187

188-
private byte determinant3x3(byte[] m, int i0, int i1, int i2, int j0, int j1, int j2)
188+
private byte determinant4x4(byte[] m, int off)
189189
{
190-
return gf16Add(
191-
gf16Add(
192-
gf16Mul(getGF16m(m, j0, i0), gf16Add(
193-
gf16Mul(getGF16m(m, j1, i1), getGF16m(m, j2, i2)),
194-
gf16Mul(getGF16m(m, j1, i2), getGF16m(m, j2, i1))
195-
)),
196-
gf16Mul(getGF16m(m, j0, i1), gf16Add(
197-
gf16Mul(getGF16m(m, j1, i0), getGF16m(m, j2, i2)),
198-
gf16Mul(getGF16m(m, j1, i2), getGF16m(m, j2, i0))
199-
))
200-
),
201-
gf16Mul(getGF16m(m, j0, i2), gf16Add(
202-
gf16Mul(getGF16m(m, j1, i0), getGF16m(m, j2, i1)),
203-
gf16Mul(getGF16m(m, j1, i1), getGF16m(m, j2, i0))
204-
))
205-
);
206-
}
207-
208-
private byte determinant4x4(byte[] m)
209-
{
210-
byte d0 = gf16Mul(getGF16m(m, 0, 0), gf16Add(
190+
byte d0 = gf16Mul(getGF16m(m, 0, off), gf16Add(
211191
gf16Add(
212-
pod(m, 1, 1, 2, 2, 3, 3, 2, 3, 3, 2),
213-
pod(m, 1, 2, 2, 1, 3, 3, 2, 3, 3, 1)
192+
pod(m, off, 1, 1, 2, 2, 3, 3, 2, 3, 3, 2),
193+
pod(m, off, 1, 2, 2, 1, 3, 3, 2, 3, 3, 1)
214194
),
215-
pod(m, 1, 3, 2, 1, 3, 2, 2, 2, 3, 1)
195+
pod(m, off, 1, 3, 2, 1, 3, 2, 2, 2, 3, 1)
216196
));
217197

218-
byte d1 = gf16Mul(getGF16m(m, 0, 1), gf16Add(
198+
byte d1 = gf16Mul(getGF16m(m, 0, off + 1), gf16Add(
219199
gf16Add(
220-
pod(m, 1, 0, 2, 2, 3, 3, 2, 3, 3, 2),
221-
pod(m, 1, 2, 2, 0, 3, 3, 2, 3, 3, 0)
200+
pod(m, off, 1, 0, 2, 2, 3, 3, 2, 3, 3, 2),
201+
pod(m, off, 1, 2, 2, 0, 3, 3, 2, 3, 3, 0)
222202
),
223-
pod(m, 1, 3, 2, 0, 3, 2, 2, 2, 3, 0)
203+
pod(m, off, 1, 3, 2, 0, 3, 2, 2, 2, 3, 0)
224204
));
225205

226-
byte d2 = gf16Mul(getGF16m(m, 0, 2), gf16Add(
206+
byte d2 = gf16Mul(getGF16m(m, 0, off + 2), gf16Add(
227207
gf16Add(
228-
pod(m, 1, 0, 2, 1, 3, 3, 2, 3, 3, 1),
229-
pod(m, 1, 1, 2, 0, 3, 3, 2, 3, 3, 0)
208+
pod(m, off, 1, 0, 2, 1, 3, 3, 2, 3, 3, 1),
209+
pod(m, off, 1, 1, 2, 0, 3, 3, 2, 3, 3, 0)
230210
),
231-
pod(m, 1, 3, 2, 0, 3, 1, 2, 1, 3, 0)
211+
pod(m, off, 1, 3, 2, 0, 3, 1, 2, 1, 3, 0)
232212
));
233213

234-
byte d3 = gf16Mul(getGF16m(m, 0, 3), gf16Add(
214+
byte d3 = gf16Mul(getGF16m(m, 0, off + 3), gf16Add(
235215
gf16Add(
236-
pod(m, 1, 0, 2, 1, 3, 2, 2, 2, 3, 1),
237-
pod(m, 1, 1, 2, 0, 3, 2, 2, 2, 3, 0)
216+
pod(m, off, 1, 0, 2, 1, 3, 2, 2, 2, 3, 1),
217+
pod(m, off, 1, 1, 2, 0, 3, 2, 2, 2, 3, 0)
238218
),
239-
pod(m, 1, 2, 2, 0, 3, 1, 2, 1, 3, 0)
219+
pod(m, off, 1, 2, 2, 0, 3, 1, 2, 1, 3, 0)
240220
));
241221

242222
return (byte)(d0 ^ d1 ^ d2 ^ d3);
243223
}
244224

245-
private byte determinant5x5(byte[] m)
225+
private byte determinant5x5(byte[] m, int off)
246226
{
247-
byte result = gf16Mul(determinant3x3(m, 0, 1, 2, 0, 1, 2),
248-
gf16Add(gf16Mul(getGF16m(m, 3,3), getGF16m(m, 4,4)), gf16Mul(getGF16m(m, 3,4),getGF16m(m, 4,3))));
249-
result ^= gf16Mul(determinant3x3(m, 0, 1, 3, 0, 1, 2),
250-
gf16Add(gf16Mul(getGF16m(m, 3,2), getGF16m(m, 4,4)), gf16Mul(getGF16m(m, 3,4),getGF16m(m, 4,2))));
251-
result ^= gf16Mul(determinant3x3(m, 0, 1, 4, 0, 1, 2),
252-
gf16Add(gf16Mul(getGF16m(m, 3,2), getGF16m(m, 4,3)), gf16Mul(getGF16m(m, 3,3),getGF16m(m, 4,2))));
253-
result ^= gf16Mul(determinant3x3(m, 0, 2, 3, 0, 1, 2),
254-
gf16Add(gf16Mul(getGF16m(m, 3,1), getGF16m(m, 4,4)), gf16Mul(getGF16m(m, 3,4),getGF16m(m, 4,1))));
255-
result ^= gf16Mul(determinant3x3(m, 0, 2, 4, 0, 1, 2),
256-
gf16Add(gf16Mul(getGF16m(m, 3,1), getGF16m(m, 4,3)), gf16Mul(getGF16m(m, 3,3),getGF16m(m, 4,1))));
257-
result ^= gf16Mul(determinant3x3(m, 0, 3, 4, 0, 1, 2),
258-
gf16Add(gf16Mul(getGF16m(m, 3,1), getGF16m(m, 4,2)), gf16Mul(getGF16m(m, 3,2),getGF16m(m, 4,1))));
259-
result ^= gf16Mul(determinant3x3(m, 1, 2, 3, 0, 1, 2),
260-
gf16Add(gf16Mul(getGF16m(m, 3,0), getGF16m(m, 4,4)), gf16Mul(getGF16m(m, 3,4),getGF16m(m, 4,0))));
261-
result ^= gf16Mul(determinant3x3(m, 1, 2, 4, 0, 1, 2),
262-
gf16Add(gf16Mul(getGF16m(m, 3,0), getGF16m(m, 4,3)), gf16Mul(getGF16m(m, 3,3),getGF16m(m, 4,0))));
263-
result ^= gf16Mul(determinant3x3(m, 1, 3, 4, 0, 1, 2),
264-
gf16Add(gf16Mul(getGF16m(m, 3,0), getGF16m(m, 4,2)), gf16Mul(getGF16m(m, 3,2),getGF16m(m, 4,0))));
265-
result ^= gf16Mul(determinant3x3(m, 2, 3, 4, 0, 1, 2),
266-
gf16Add(gf16Mul(getGF16m(m, 3,0), getGF16m(m, 4,1)), gf16Mul(getGF16m(m, 3,1),getGF16m(m, 4,0))));
227+
byte result = gf16Mul(determinant3x3(m, off, 0, 1, 2, 0, 1, 2),
228+
gf16Add(gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 3))));
229+
result ^= gf16Mul(determinant3x3(m, off, 0, 1, 3, 0, 1, 2),
230+
gf16Add(gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 2))));
231+
result ^= gf16Mul(determinant3x3(m, off, 0, 1, 4, 0, 1, 2),
232+
gf16Add(gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 3)), gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 2))));
233+
result ^= gf16Mul(determinant3x3(m, off, 0, 2, 3, 0, 1, 2),
234+
gf16Add(gf16Mul(getGF16m(m, 3,off + 1), getGF16m(m, 4,off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4,off + 1))));
235+
result ^= gf16Mul(determinant3x3(m, off, 0, 2, 4, 0, 1, 2),
236+
gf16Add(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 3)), gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4,off + 1))));
237+
result ^= gf16Mul(determinant3x3(m, off, 0, 3, 4, 0, 1, 2),
238+
gf16Add(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 2)), gf16Mul(getGF16m(m, 3,off + 2), getGF16m(m, 4, off + 1))));
239+
result ^= gf16Mul(determinant3x3(m, off, 1, 2, 3, 0, 1, 2),
240+
gf16Add(gf16Mul(getGF16m(m, 3, off + 0), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 0))));
241+
result ^= gf16Mul(determinant3x3(m, off, 1, 2, 4, 0, 1, 2),
242+
gf16Add(gf16Mul(getGF16m(m, 3, off + 0), getGF16m(m, 4, off + 3)), gf16Mul(getGF16m(m, 3,off + 3), getGF16m(m, 4, off + 0))));
243+
result ^= gf16Mul(determinant3x3(m, off, 1, 3, 4, 0, 1, 2),
244+
gf16Add(gf16Mul(getGF16m(m, 3, off + 0), getGF16m(m, 4, off + 2)), gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4,off + 0))));
245+
result ^= gf16Mul(determinant3x3(m, off, 2, 3, 4, 0, 1, 2),
246+
gf16Add(gf16Mul(getGF16m(m, 3, off + 0), getGF16m(m, 4, off + 1)), gf16Mul(getGF16m(m, 3,off + 1), getGF16m(m, 4,off + 0))));
267247
// return result;
268-
byte a012 = determinant3x3(m, 0, 1, 2, 0, 1, 2);
269-
byte b012 = gf16Add(gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 3)));
270-
byte a013 = determinant3x3(m, 0, 1, 3, 0, 1, 2);
271-
byte b013 = gf16Add(gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 2)));
272-
byte a014 = determinant3x3(m, 0, 1, 4, 0, 1, 2);
273-
byte b014 = gf16Add(gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 3)), gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 2)));
274-
byte a023 = determinant3x3(m, 0, 2, 3, 0, 1, 2);
275-
byte b023 = gf16Add(gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 1)));
276-
byte a024 = determinant3x3(m, 0, 2, 4, 0, 1, 2);
277-
byte b024 = gf16Add(gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 3)), gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 1)));
278-
byte a034 = determinant3x3(m, 0, 3, 4, 0, 1, 2);
279-
byte b034 = gf16Add(gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 2)), gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 1)));
280-
byte a123 = determinant3x3(m, 1, 2, 3, 0, 1, 2);
281-
byte b123 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 0)));
282-
byte a124 = determinant3x3(m, 1, 2, 4, 0, 1, 2);
283-
byte b124 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 3)), gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 0)));
284-
byte a134 = determinant3x3(m, 1, 3, 4, 0, 1, 2);
285-
byte b134 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 2)), gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 0)));
286-
byte a234 = determinant3x3(m, 2, 3, 4, 0, 1, 2);
287-
byte b234 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 1)), gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 0)));
248+
// byte a012 = determinant3x3(m, 0, 1, 2, 0, 1, 2);
249+
// byte b012 = gf16Add(gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 3)));
250+
// byte a013 = determinant3x3(m, 0, 1, 3, 0, 1, 2);
251+
// byte b013 = gf16Add(gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 2)));
252+
// byte a014 = determinant3x3(m, 0, 1, 4, 0, 1, 2);
253+
// byte b014 = gf16Add(gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 3)), gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 2)));
254+
// byte a023 = determinant3x3(m, 0, 2, 3, 0, 1, 2);
255+
// byte b023 = gf16Add(gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 1)));
256+
// byte a024 = determinant3x3(m, 0, 2, 4, 0, 1, 2);
257+
// byte b024 = gf16Add(gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 3)), gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 1)));
258+
// byte a034 = determinant3x3(m, 0, 3, 4, 0, 1, 2);
259+
// byte b034 = gf16Add(gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 2)), gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 1)));
260+
// byte a123 = determinant3x3(m, 1, 2, 3, 0, 1, 2);
261+
// byte b123 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 4)), gf16Mul(getGF16m(m, 3, 4), getGF16m(m, 4, 0)));
262+
// byte a124 = determinant3x3(m, 1, 2, 4, 0, 1, 2);
263+
// byte b124 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 3)), gf16Mul(getGF16m(m, 3, 3), getGF16m(m, 4, 0)));
264+
// byte a134 = determinant3x3(m, 1, 3, 4, 0, 1, 2);
265+
// byte b134 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 2)), gf16Mul(getGF16m(m, 3, 2), getGF16m(m, 4, 0)));
266+
// byte a234 = determinant3x3(m, 2, 3, 4, 0, 1, 2);
267+
// byte b234 = gf16Add(gf16Mul(getGF16m(m, 3, 0), getGF16m(m, 4, 1)), gf16Mul(getGF16m(m, 3, 1), getGF16m(m, 4, 0)));
288268
return result;
289269
}
290270

@@ -305,18 +285,18 @@ private void generateASMatrix(byte[] target, byte a)
305285
}
306286

307287
// POD -> entry[a][b] * (entry[c][d] * entry[e][f] + entry[g][h] * entry[i][j])
308-
private byte pod(byte[] m, int a, int b, int c, int d, int e, int f, int g, int h, int i, int j)
288+
private byte pod(byte[] m, int off, int a, int b, int c, int d, int e, int f, int g, int h, int i, int j)
309289
{
310-
return gf16Mul(getGF16m(m, a, b), (byte)(gf16Mul(getGF16m(m, c, d), getGF16m(m, e, f)) ^ gf16Mul(getGF16m(m, g, h), getGF16m(m, i, j))));
290+
return gf16Mul(getGF16m(m, a, off + b), (byte)(gf16Mul(getGF16m(m, c, off + d), getGF16m(m, e, off + f)) ^ gf16Mul(getGF16m(m, g, off + h), getGF16m(m, i, off + j))));
311291
}
312292

313-
private void addMatrices(byte[] a, byte[] b, byte[] c)
293+
private void addMatrices(byte[] a, int aOff, byte[] b, int bOff, byte[] c, int cOff)
314294
{
315295
for (int i = 0; i < l; i++)
316296
{
317297
for (int j = 0; j < l; j++)
318298
{
319-
setGF16m(c, i, j, gf16Add(getGF16m(a, i, j), getGF16m(b, i, j)));
299+
setGF16m(c, i, cOff + j, gf16Add(getGF16m(a, i, aOff + j), getGF16m(b, i, bOff + j)));
320300
}
321301
}
322302
}
@@ -333,24 +313,24 @@ private static byte gf16Mul(byte a, byte b)
333313
return GF16Utils.mul(a, b);
334314
}
335315

336-
public void genAFqS(byte[] c, int cOff, byte[] ptMatrix)
316+
public void genAFqS(byte[] c, int cOff, byte[] ptMatrix, int off)
337317
{
338318
byte[] temp = new byte[l * l];
339319

340320
// Initialize with be_aI
341-
be_aI(ptMatrix, c[cOff]);
321+
be_aI(ptMatrix, off, c[cOff]);
342322

343323
// Process middle terms
344324
for (int i = 1; i < l - 1; ++i)
345325
{
346326
gf16mScale(S[i], c[cOff + i], temp);
347-
addMatrices(ptMatrix, temp, ptMatrix);
327+
addMatrices(ptMatrix, off, temp, 0, ptMatrix, off);
348328
}
349329

350330
// Handle last term with special case
351331
byte lastScalar = (byte)((c[cOff + l - 1] != 0) ? c[cOff + l - 1] : 16 - (c[cOff] + (c[cOff] == 0 ? 1 : 0)));
352332
gf16mScale(S[l - 1], lastScalar, temp);
353-
addMatrices(ptMatrix, temp, ptMatrix);
333+
addMatrices(ptMatrix, off, temp, 0, ptMatrix, off);
354334

355335
// Clear temporary matrix
356336
//clearMatrix(temp);

0 commit comments

Comments
 (0)