Remove GF16Utils.add

Author: gefeili

core/src/main/java/org/bouncycastle/pqc/crypto/snova/GF16Utils.java

@@ -207,11 +207,6 @@ public static byte mul(byte a, byte b)
         return MT4B[(a & 0xF) << 4 | (b & 0xF)];
     }
 
-    public static byte add(byte a, byte b)
-    {
-        return (byte)((a ^ b) & 0xF);
-    }
-
     public static byte inv(byte a)
     {
         return INV4B[a & 0xF];

core/src/main/java/org/bouncycastle/pqc/crypto/snova/SnovaEngine.java

@@ -186,63 +186,51 @@ private byte determinant3x3(byte[] m, int off, int i0, int i1, int i2)
 
     private byte determinant4x4(byte[] m, int off)
     {
-        byte d0 = gf16Mul(getGF16m(m, 0, off), gf16Add(
-            gf16Add(
-                pod(m, off, 1, 2, 3, 3, 2),
-                pod(m, off, 2, 1, 3, 3, 1)
-            ),
-            pod(m, off, 3, 1, 2, 2, 1)
-        ));
-
-        byte d1 = gf16Mul(getGF16m(m, 0, off + 1), gf16Add(
-            gf16Add(
-                pod(m, off, 0, 2, 3, 3, 2),
-                pod(m, off, 2, 0, 3, 3, 0)
-            ),
-            pod(m, off, 3, 0, 2, 2, 0)
-        ));
-
-        byte d2 = gf16Mul(getGF16m(m, 0, off + 2), gf16Add(
-            gf16Add(
-                pod(m, off, 0, 1, 3, 3, 1),
-                pod(m, off, 1, 0, 3, 3, 0)
-            ),
-            pod(m, off, 3, 0, 1, 1, 0)
-        ));
-
-        byte d3 = gf16Mul(getGF16m(m, 0, off + 3), gf16Add(
-            gf16Add(
-                pod(m, off, 0, 1, 2, 2, 1),
-                pod(m, off, 1, 0, 2, 2, 0)
-            ),
-            pod(m, off, 2, 0, 1, 1, 0)
-        ));
+        byte d0 = gf16Mul(getGF16m(m, 0, off), (byte)(
+            pod(m, off, 1, 2, 3, 3, 2) ^
+                pod(m, off, 2, 1, 3, 3, 1) ^
+                pod(m, off, 3, 1, 2, 2, 1)));
+
+        byte d1 = gf16Mul(getGF16m(m, 0, off + 1), (byte)(
+            pod(m, off, 0, 2, 3, 3, 2) ^
+                pod(m, off, 2, 0, 3, 3, 0) ^
+                pod(m, off, 3, 0, 2, 2, 0)));
+
+        byte d2 = gf16Mul(getGF16m(m, 0, off + 2), (byte)(
+            pod(m, off, 0, 1, 3, 3, 1) ^
+                pod(m, off, 1, 0, 3, 3, 0) ^
+                pod(m, off, 3, 0, 1, 1, 0)));
+
+        byte d3 = gf16Mul(getGF16m(m, 0, off + 3), (byte)(
+            pod(m, off, 0, 1, 2, 2, 1) ^
+                pod(m, off, 1, 0, 2, 2, 0) ^
+                pod(m, off, 2, 0, 1, 1, 0)));
 
         return (byte)(d0 ^ d1 ^ d2 ^ d3);
     }
 
     private byte determinant5x5(byte[] m, int off)
     {
         byte result = gf16Mul(determinant3x3(m, off, 0, 1, 2),
-            gf16Add(gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 3))));
+            (byte)(gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 4)) ^ gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 3))));
         result ^= gf16Mul(determinant3x3(m, off, 0, 1, 3),
-            gf16Add(gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 2))));
+            (byte)(gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 4)) ^ gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 2))));
         result ^= gf16Mul(determinant3x3(m, off, 0, 1, 4),
-            gf16Add(gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 3)), gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 2))));
+            (byte)(gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 3)) ^ gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 2))));
         result ^= gf16Mul(determinant3x3(m, off, 0, 2, 3),
-            gf16Add(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 1))));
+            (byte)(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 4)) ^ gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off + 1))));
         result ^= gf16Mul(determinant3x3(m, off, 0, 2, 4),
-            gf16Add(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 3)), gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 1))));
+            (byte)(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 3)) ^ gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off + 1))));
         result ^= gf16Mul(determinant3x3(m, off, 0, 3, 4),
-            gf16Add(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 2)), gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 1))));
+            (byte)(gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off + 2)) ^ gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off + 1))));
         result ^= gf16Mul(determinant3x3(m, off, 1, 2, 3),
-            gf16Add(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 4)), gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off))));
+            (byte)(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 4)) ^ gf16Mul(getGF16m(m, 3, off + 4), getGF16m(m, 4, off))));
         result ^= gf16Mul(determinant3x3(m, off, 1, 2, 4),
-            gf16Add(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 3)), gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off))));
+            (byte)(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 3)) ^ gf16Mul(getGF16m(m, 3, off + 3), getGF16m(m, 4, off))));
         result ^= gf16Mul(determinant3x3(m, off, 1, 3, 4),
-            gf16Add(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 2)), gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off))));
+            (byte)(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 2)) ^ gf16Mul(getGF16m(m, 3, off + 2), getGF16m(m, 4, off))));
         result ^= gf16Mul(determinant3x3(m, off, 2, 3, 4),
-            gf16Add(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 1)), gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off))));
+            (byte)(gf16Mul(getGF16m(m, 3, off), getGF16m(m, 4, off + 1)) ^ gf16Mul(getGF16m(m, 3, off + 1), getGF16m(m, 4, off))));
         return result;
     }
 
@@ -274,17 +262,11 @@ private void addMatrices(byte[] a, int aOff, byte[] b, int bOff, byte[] c, int c
         {
             for (int j = 0; j < l; j++)
             {
-                setGF16m(c, i, cOff + j, gf16Add(getGF16m(a, i, aOff + j), getGF16m(b, i, bOff + j)));
+                setGF16m(c, i, cOff + j, (byte)(getGF16m(a, i, aOff + j) ^ getGF16m(b, i, bOff + j)));
             }
         }
     }
 
-    // GF(16) arithmetic
-    private static byte gf16Add(byte a, byte b)
-    {
-        return (byte)(a ^ b);
-    }
-
     // GF(16) multiplication using lookup table
     private static byte gf16Mul(byte a, byte b)
     {

core/src/main/java/org/bouncycastle/pqc/crypto/snova/SnovaSigner.java

@@ -300,7 +300,7 @@ public void signDigestCore(byte[] ptSignature, byte[] digest, byte[] arraySalt,
                                     int colRight = ti % l;
                                     byte valRight = rightXtmp[rowRight][colRight];
                                     byte product = GF16Utils.mul(valA, valRight);
-                                    Temp[ti][tj] = GF16Utils.add(Temp[ti][tj], product);
+                                    Temp[ti][tj] ^= product;
                                 }
                             }
                         }
@@ -311,7 +311,7 @@ public void signDigestCore(byte[] ptSignature, byte[] digest, byte[] arraySalt,
                             {
                                 int gaussRow = mi * lsq + ti;
                                 int gaussCol = index * lsq + tj;
-                                Gauss[gaussRow][gaussCol] = GF16Utils.add(Gauss[gaussRow][gaussCol], Temp[ti][tj]);
+                                Gauss[gaussRow][gaussCol] ^= Temp[ti][tj];
                             }
                         }
                     }
@@ -548,10 +548,10 @@ private void multiplyGF16Matrices(byte[][] a, byte[][] b, byte[][] result)
                 byte sum = 0;
                 for (int k = 0; k < params.getL(); k++)
                 {
-                    sum = GF16Utils.add(sum, GF16Utils.mul(
+                    sum ^= GF16Utils.mul(
                         a[i][k],
                         b[k][j]
-                    ));
+                    );
                 }
                 result[i][j] = sum;
             }
@@ -568,10 +568,9 @@ private void multiplyGF16Matrices(byte[][] a, byte[] b, byte[][] result)
                 byte sum = 0;
                 for (int k = 0; k < params.getL(); k++)
                 {
-                    sum = GF16Utils.add(sum, GF16Utils.mul(
+                    sum ^= GF16Utils.mul(
                         a[i][k],
-                        engine.getGF16m(b, k, j)
-                    ));
+                        engine.getGF16m(b, k, j));
                 }
                 result[i][j] = sum;
             }
@@ -588,10 +587,9 @@ private void multiplyGF16Matrices(byte[] a, byte[][] b, byte[][] result)
                 byte sum = 0;
                 for (int k = 0; k < params.getL(); k++)
                 {
-                    sum = GF16Utils.add(sum, GF16Utils.mul(
+                    sum ^= GF16Utils.mul(
                         engine.getGF16m(a, i, k),
-                        b[k][j]
-                    ));
+                        b[k][j]);
                 }
                 result[i][j] = sum;
             }
@@ -608,10 +606,9 @@ private void multiplyGF16Matrices(byte[] a, byte[] b, byte[][] result)
                 byte sum = 0;
                 for (int k = 0; k < params.getL(); k++)
                 {
-                    sum = GF16Utils.add(sum, GF16Utils.mul(
+                    sum ^= GF16Utils.mul(
                         engine.getGF16m(a, i, k),
-                        engine.getGF16m(b, k, j)
-                    ));
+                        engine.getGF16m(b, k, j));
                 }
                 result[i][j] = sum;
             }
@@ -660,7 +657,7 @@ private int performGaussianElimination(byte[][] Gauss, byte[] solution, int size
                 {
                     for (int k = i; k < cols; k++)
                     {
-                        Gauss[j][k] = GF16Utils.add(Gauss[j][k], GF16Utils.mul(Gauss[i][k], factor));
+                        Gauss[j][k] ^= GF16Utils.mul(Gauss[i][k], factor);
                     }
                 }
             }
@@ -672,7 +669,7 @@ private int performGaussianElimination(byte[][] Gauss, byte[] solution, int size
             solution[i] = Gauss[i][size];
             for (int j = i + 1; j < size; j++)
             {
-                solution[i] = GF16Utils.add(solution[i], GF16Utils.mul(Gauss[i][j], solution[j]));
+                solution[i] ^= GF16Utils.mul(Gauss[i][j], solution[j]);
             }
         }
 
@@ -685,7 +682,7 @@ private void addGF16Matrices(byte[] a, byte[][] b, byte[] result)
         {
             for (int j = 0; j < b[i].length; ++j)
             {
-                engine.setGF16m(result, i, j, GF16Utils.add(engine.getGF16m(a, i, j), b[i][j]));
+                engine.setGF16m(result, i, j, (byte)(engine.getGF16m(a, i, j) ^ b[i][j]));
             }
         }
     }
@@ -696,7 +693,7 @@ private void addGF16Matrices(byte[][] a, byte[][] b, byte[][] result)
         {
             for (int j = 0; j < b[i].length; ++j)
             {
-                result[i][j] = GF16Utils.add(a[i][j], b[i][j]);
+                result[i][j] = (byte)(a[i][j] ^ b[i][j]);
             }
         }
     }

core/src/test/java/org/bouncycastle/pqc/crypto/test/TestUtils.java

@@ -53,7 +53,7 @@ public static void testTestVector(boolean enableFactory, boolean isSigner, Strin
             String name = files[fileIndex];
             InputStream src = TestResourceFinder.findTestResource(homeDir, name);
             BufferedReader bin = new BufferedReader(new InputStreamReader(src));
-
+            //System.out.println(files[fileIndex]);
             String line;
             HashMap<String, String> buf = new HashMap<String, String>();
             while ((line = bin.readLine()) != null)
@@ -101,24 +101,7 @@ public static void testTestVector(boolean enableFactory, boolean isSigner, Strin
                             pubParams = kp.getPublic();
                             privParams = kp.getPrivate();
                         }
-//                        byte[] pk2 = operation.getPublicKeyEncoded(pubParams);
-//                        for (int i = 0; i < pk2.length; ++i)
-//                        {
-//                            if (pk[i] != pk2[i])
-//                            {
-//                                System.out.println(i + " " + pk[i] + " " + pk2[i]);
-//                            }
-//                        }
-//
-//                        byte[] sk2 = operation.getPrivateKeyEncoded(privParams);
-//                        System.out.println(new String(Hex.encode(sk2)));
-//                        for (int i = 0; i < sk2.length; ++i)
-//                        {
-//                            if (sk[i] != sk2[i])
-//                            {
-//                                System.out.println(i + " " + sk[i] + " " + sk2[i]);
-//                            }
-//                        }
+
                         Assert.assertTrue(name + ": public key", Arrays.areEqual(pk, operation.getPublicKeyEncoded(pubParams)));
                         Assert.assertTrue(name + ": secret key", Arrays.areEqual(sk, operation.getPrivateKeyEncoded(privParams)));
 
@@ -140,20 +123,20 @@ public static void testTestVector(boolean enableFactory, boolean isSigner, Strin
 
                         Assert.assertTrue(Arrays.areEqual(sigGenerated, signature));
 
-//                        if (isSigner)
-//                        {
-//                            Signer signer = operation.getSigner();
-//                            signer.init(false, pubParams);
-//                            signer.update(message, 0, message.length);
-//                            Assert.assertTrue(signer.verifySignature(sigGenerated));
-//                        }
-//                        else
-//                        {
-//                            MessageSigner signer = operation.getMessageSigner();
-//                            signer.init(false, pubParams);
-//                            Assert.assertTrue(signer.verifySignature(message, sigGenerated));
-//                        }
-//                        System.out.println("Count " + count + " pass");
+                        if (isSigner)
+                        {
+                            Signer signer = operation.getSigner();
+                            signer.init(false, pubParams);
+                            signer.update(message, 0, message.length);
+                            Assert.assertTrue(signer.verifySignature(sigGenerated));
+                        }
+                        else
+                        {
+                            MessageSigner signer = operation.getMessageSigner();
+                            signer.init(false, pubParams);
+                            Assert.assertTrue(signer.verifySignature(message, sigGenerated));
+                        }
+                        System.out.println("Count " + count + " pass");
                     }
                     buf.clear();
                     continue;