TODO: signDigestCore

Author: gefeili

core/src/main/java/org/bouncycastle/pqc/crypto/snova/GF16Matrix.java

@@ -1,105 +1,105 @@
-package org.bouncycastle.pqc.crypto.snova;
-
-class GF16Matrix
-{
-    private final byte[][] data;
-    private final int rank;
-
-    public GF16Matrix(int rank)
-    {
-        this.rank = rank;
-        this.data = new byte[rank][rank];
-    }
-
-    public void set(int x, int y, byte value)
-    {
-        data[x][y] = (byte)(value & 0xF);
-    }
-
-    public byte get(int x, int y)
-    {
-        return data[x][y];
-    }
-
-    public void add(GF16Matrix other)
-    {
-//        for (int i = 0; i < size; i++)
+//package org.bouncycastle.pqc.crypto.snova;
+//
+//class GF16Matrix
+//{
+//    private final byte[][] data;
+//    private final int rank;
+//
+//    public GF16Matrix(int rank)
+//    {
+//        this.rank = rank;
+//        this.data = new byte[rank][rank];
+//    }
+//
+//    public void set(int x, int y, byte value)
+//    {
+//        data[x][y] = (byte)(value & 0xF);
+//    }
+//
+//    public byte get(int x, int y)
+//    {
+//        return data[x][y];
+//    }
+//
+////    public void add(GF16Matrix other)
+////    {
+//////        for (int i = 0; i < size; i++)
+//////        {
+//////            for (int j = 0; j < size; j++)
+//////            {
+//////                data[i][j] = add(data[i][j], other.data[i][j]);
+//////            }
+//////        }
+////    }
+//
+//    public void mul(GF16Matrix a, GF16Matrix b)
+//    {
+//        byte[][] temp = new byte[rank][rank];
+//        for (int i = 0; i < rank; i++)
 //        {
-//            for (int j = 0; j < size; j++)
+//            for (int j = 0; j < rank; j++)
 //            {
-//                data[i][j] = add(data[i][j], other.data[i][j]);
+//                byte sum = 0;
+////                for (int k = 0; k < size; k++)
+////                {
+////                    sum = add(sum, mul(a.data[i][k], b.data[k][j]));
+////                }
+//                temp[i][j] = sum;
 //            }
 //        }
-    }
-
-    public void mul(GF16Matrix a, GF16Matrix b)
-    {
-        byte[][] temp = new byte[rank][rank];
-        for (int i = 0; i < rank; i++)
-        {
-            for (int j = 0; j < rank; j++)
-            {
-                byte sum = 0;
-//                for (int k = 0; k < size; k++)
-//                {
-//                    sum = add(sum, mul(a.data[i][k], b.data[k][j]));
-//                }
-                temp[i][j] = sum;
-            }
-        }
-        System.arraycopy(temp, 0, data, 0, temp.length);
-    }
-
-    public void scale(byte scalar)
-    {
-//        for (int i = 0; i < size; i++)
+//        System.arraycopy(temp, 0, data, 0, temp.length);
+//    }
+//
+//    public void scale(byte scalar)
+//    {
+////        for (int i = 0; i < size; i++)
+////        {
+////            for (int j = 0; j < size; j++)
+////            {
+////                data[i][j] = mul(data[i][j], scalar);
+////            }
+////        }
+//    }
+//
+//    public void transpose()
+//    {
+//        byte[][] temp = new byte[rank][rank];
+//        for (int i = 0; i < rank; i++)
 //        {
-//            for (int j = 0; j < size; j++)
+//            for (int j = 0; j < rank; j++)
 //            {
-//                data[i][j] = mul(data[i][j], scalar);
+//                temp[j][i] = data[i][j];
 //            }
 //        }
-    }
-
-    public void transpose()
-    {
-        byte[][] temp = new byte[rank][rank];
-        for (int i = 0; i < rank; i++)
-        {
-            for (int j = 0; j < rank; j++)
-            {
-                temp[j][i] = data[i][j];
-            }
-        }
-        System.arraycopy(temp, 0, data, 0, temp.length);
-    }
-
-    public void makeInvertible()
-    {
-        // Implementation of be_invertible_by_add_aS
-        GF16Matrix temp = new GF16Matrix(rank);
-        if (determinant() == 0)
-        {
-            for (byte a = 1; a < 16; a++)
-            {
-                temp.scale(a);
-                add(temp);
-                if (determinant() != 0)
-                {
-                    return;
-                }
-            }
-        }
-    }
-
-    private byte determinant()
-    {
-        // Simplified determinant calculation for small matrices
-//        if (rank == 2)
-//        {
-//            return add(mul(data[0][0], data[1][1]), mul(data[0][1], data[1][0]));
-//        }
-        // Add implementations for larger matrices as needed
-        throw new UnsupportedOperationException("Determinant for size " + rank + " not implemented");
-    }
-}
+//        System.arraycopy(temp, 0, data, 0, temp.length);
+//    }
+//
+////    public void makeInvertible()
+////    {
+////        // Implementation of be_invertible_by_add_aS
+////        GF16Matrix temp = new GF16Matrix(rank);
+////        if (determinant() == 0)
+////        {
+////            for (byte a = 1; a < 16; a++)
+////            {
+////                temp.scale(a);
+////                add(temp);
+////                if (determinant() != 0)
+////                {
+////                    return;
+////                }
+////            }
+////        }
+////    }
+//
+////    private byte determinant()
+////    {
+////        // Simplified determinant calculation for small matrices
+//////        if (rank == 2)
+//////        {
+//////            return add(mul(data[0][0], data[1][1]), mul(data[0][1], data[1][0]));
+//////        }
+////        // Add implementations for larger matrices as needed
+////        throw new UnsupportedOperationException("Determinant for size " + rank + " not implemented");
+////    }
+//}

core/src/main/java/org/bouncycastle/pqc/crypto/snova/GF16Utils.java

@@ -143,6 +143,21 @@ public static void decode(byte[] input, int inputOffset, byte[] output, int mdec
         }
     }
 
+    public static void decodeMergeInHalf(byte[] byteArray, byte[] gf16Array, int nGf16)
+    {
+        int i, half = (nGf16 + 1) >>> 1;
+        // Process pairs of 4-bit values
+        for (i = 0; i < half; i++)
+        {
+            gf16Array[i] = (byte)(byteArray[i] & 0x0F);
+        }
+        // If there is an extra nibble (odd number of nibbles), store it directly in lower 4 bits.
+        for (i = 0; i < nGf16 >>> 1; i++)
+        {
+            gf16Array[i + half] = (byte)((byteArray[i] >>> 4) & 0x0F);
+        }
+    }
+
     public static void gf16mMul(byte[] a, byte[] b, byte[] c, int rank)
     {
 
@@ -204,34 +219,34 @@ public static byte inv(byte a)
         return INV4B[a & 0xF];
     }
 
-    static GF16Matrix[][][] create3DArray(int d1, int d2, int d3, int rank)
-    {
-        GF16Matrix[][][] arr = new GF16Matrix[d1][d2][d3];
-        for (int i = 0; i < d1; i++)
-        {
-            for (int j = 0; j < d2; j++)
-            {
-                for (int k = 0; k < d3; k++)
-                {
-                    arr[i][j][k] = new GF16Matrix(rank);
-                }
-            }
-        }
-        return arr;
-    }
+//    static GF16Matrix[][][] create3DArray(int d1, int d2, int d3, int rank)
+//    {
+//        GF16Matrix[][][] arr = new GF16Matrix[d1][d2][d3];
+//        for (int i = 0; i < d1; i++)
+//        {
+//            for (int j = 0; j < d2; j++)
+//            {
+//                for (int k = 0; k < d3; k++)
+//                {
+//                    arr[i][j][k] = new GF16Matrix(rank);
+//                }
+//            }
+//        }
+//        return arr;
+//    }
 
-    static GF16Matrix[][] create2DArray(int d1, int d2, int rank)
-    {
-        GF16Matrix[][] arr = new GF16Matrix[d1][d2];
-        for (int i = 0; i < d1; i++)
-        {
-            for (int j = 0; j < d2; j++)
-            {
-                arr[i][j] = new GF16Matrix(rank);
-            }
-        }
-        return arr;
-    }
+//    static GF16Matrix[][] create2DArray(int d1, int d2, int rank)
+//    {
+//        GF16Matrix[][] arr = new GF16Matrix[d1][d2];
+//        for (int i = 0; i < d1; i++)
+//        {
+//            for (int j = 0; j < d2; j++)
+//            {
+//                arr[i][j] = new GF16Matrix(rank);
+//            }
+//        }
+//        return arr;
+//    }
 
     private static final int GF16_MASK = 0x249; // Mask for GF(2^4) reduction
 

core/src/main/java/org/bouncycastle/pqc/crypto/snova/PublicKeyExpanded.java

@@ -1,19 +1,19 @@
-package org.bouncycastle.pqc.crypto.snova;
-
-class PublicKeyExpanded
-{
-    public final byte[] publicKeySeed;
-    public final GF16Matrix[][][] P22;  // [m][o][o]
-    public final MapGroup1 map1;
-
-    public PublicKeyExpanded(SnovaParameters params)
-    {
-        int m = params.getM();
-        int o = params.getO();
-        int rank = params.getL();
-
-        publicKeySeed = new byte[SnovaKeyPairGenerator.publicSeedLength];
-        P22 = GF16Utils.create3DArray(m, o, o, rank);
-        map1 = new MapGroup1(params);
-    }
-}
+//package org.bouncycastle.pqc.crypto.snova;
+//
+//class PublicKeyExpanded
+//{
+//    public final byte[] publicKeySeed;
+//    public final GF16Matrix[][][] P22;  // [m][o][o]
+//    public final MapGroup1 map1;
+//
+//    public PublicKeyExpanded(SnovaParameters params)
+//    {
+//        int m = params.getM();
+//        int o = params.getO();
+//        int rank = params.getL();
+//
+//        publicKeySeed = new byte[SnovaKeyPairGenerator.publicSeedLength];
+//        P22 = GF16Utils.create3DArray(m, o, o, rank);
+//        map1 = new MapGroup1(params);
+//    }
+//}

core/src/main/java/org/bouncycastle/pqc/crypto/snova/SnovaKeyElements.java

@@ -8,6 +8,7 @@ class SnovaKeyElements
     public final byte[][][] T12;     // [v][o]
     public final MapGroup2 map2;
     public final PublicKey publicKey;
+    public byte[] ptPrivateKeySeed;
     private final int length;
     byte[] fixedAbq;
 
@@ -75,6 +76,25 @@ public void encodeMergerInHalf(byte[] output)
         GF16Utils.encodeMergeInHalf(input, length, output);
     }
 
+    public void skUnpack(byte[] input)
+    {
+        byte[] tmp = new byte[input.length << 1];
+        GF16Utils.decodeMergeInHalf(input, tmp, tmp.length);
+        int inOff = 0;
+        inOff = copy3d(tmp, inOff, map1.aAlpha);
+        inOff = copy3d(tmp, inOff, map1.bAlpha);
+        inOff = copy3d(tmp, inOff, map1.qAlpha1);
+        inOff = copy3d(tmp, inOff, map1.qAlpha2);
+        inOff = copy3d(tmp, inOff, T12);
+        inOff = copy4d(tmp, inOff, map2.f11);
+        inOff = copy4d(tmp, inOff, map2.f12);
+        inOff = copy4d(tmp, inOff, map2.f21);
+        System.arraycopy(tmp, inOff, publicKey.publicKeySeed, 0, publicKey.publicKeySeed.length);
+        inOff += publicKey.publicKeySeed.length;
+        ptPrivateKeySeed = new byte[SnovaKeyPairGenerator.privateSeedLength];
+        System.arraycopy(tmp, inOff, ptPrivateKeySeed, 0, ptPrivateKeySeed.length);
+    }
+
     public int copy3d(byte[][][] alpha, byte[] output, int outOff)
     {
         for (int i = 0; i < alpha.length; ++i)
@@ -96,4 +116,26 @@ public int copy4d(byte[][][][] alpha, byte[] output, int outOff)
         }
         return outOff;
     }
+
+    public int copy3d(byte[] input, int inOff, byte[][][] alpha)
+    {
+        for (int i = 0; i < alpha.length; ++i)
+        {
+            for (int j = 0; j < alpha[i].length; ++j)
+            {
+                System.arraycopy(input, inOff, alpha[i][j], 0, alpha[i][j].length);
+                inOff += alpha[i][j].length;
+            }
+        }
+        return inOff;
+    }
+
+    public int copy4d(byte[] input, int inOff, byte[][][][] alpha)
+    {
+        for (int i = 0; i < alpha.length; ++i)
+        {
+            inOff = copy3d(alpha[i], input, inOff);
+        }
+        return inOff;
+    }
 }