int[] v = ((GF2Vector)vec).getVecArray(); int[] res = new int[(numRows + 31) >>> 5]; return new GF2Vector(res, numRows);
private GF2Vector computeMessageRepresentative(byte[] input) { byte[] data = new byte[maxPlainTextSize + ((k & 0x07) != 0 ? 1 : 0)]; System.arraycopy(input, 0, data, 0, input.length); data[input.length] = 0x01; return GF2Vector.OS2VP(k, data); }
private byte[] computeMessage(GF2Vector mr) throws Exception { byte[] mrBytes = mr.getEncoded(); // find first non-zero byte int index; for (index = mrBytes.length - 1; index >= 0 && mrBytes[index] == 0; index--) { ; } // check if padding byte is valid if (index<0 || mrBytes[index] != 0x01) { throw new Exception("Bad Padding: invalid ciphertext"); } // extract and return message byte[] mBytes = new byte[index]; System.arraycopy(mrBytes, 0, mBytes, 0, index); return mBytes; }
if ((vec.getLength() != n) || (vec.getHammingWeight() != t)) int[] vecArray = vec.getVecArray();
public static GF2Vector[] decryptionPrimitive( McElieceCCA2PrivateKeyParameters privKey, GF2Vector c) { // obtain values from private key int k = privKey.getK(); Permutation p = privKey.getP(); GF2mField field = privKey.getField(); PolynomialGF2mSmallM gp = privKey.getGoppaPoly(); GF2Matrix h = privKey.getH(); PolynomialGF2mSmallM[] q = privKey.getQInv(); // compute inverse permutation P^-1 Permutation pInv = p.computeInverse(); // multiply c with permutation P^-1 GF2Vector cPInv = (GF2Vector)c.multiply(pInv); // compute syndrome of cP^-1 GF2Vector syndVec = (GF2Vector)h.rightMultiply(cPInv); // decode syndrome GF2Vector errors = GoppaCode.syndromeDecode(syndVec, field, gp, q); GF2Vector mG = (GF2Vector)cPInv.add(errors); // multiply codeword and error vector with P mG = (GF2Vector)mG.multiply(p); errors = (GF2Vector)errors.multiply(p); // extract plaintext vector (last k columns of mG) GF2Vector m = mG.extractRightVector(k); // return vectors return new GF2Vector[]{m, errors}; }
GF2Vector c1Vec = GF2Vector.OS2VP(n, c1); GF2Vector[] c1Dec = McElieceCCA2Primitives.decryptionPrimitive((McElieceCCA2PrivateKeyParameters)key, c1Vec); byte[] rPrimeBytes = c1Dec[0].getEncoded(); if (!c1Vec.equals(z))
GF2Vector errors = new GF2Vector(n); if (!syndVec.isZero()) .toExtensionFieldVector(field)); errors.setBit(i);
GF2Vector vec = GF2Vector.OS2VP(n, input); McEliecePrivateKeyParameters privKey = (McEliecePrivateKeyParameters)key; GF2mField field = privKey.getField(); GF2Vector cPInv = (GF2Vector)vec.multiply(pInv); GF2Vector mSG = (GF2Vector)cPInv.add(z); mSG = (GF2Vector)mSG.multiply(p1); z = (GF2Vector)z.multiply(p); GF2Vector mS = mSG.extractRightVector(k);
/** * Encrypt a plain text. * * @param input the plain text * @return the cipher text */ public byte[] messageEncrypt(byte[] input) { GF2Vector m = computeMessageRepresentative(input); GF2Vector z = new GF2Vector(n, t, sr); GF2Matrix g = ((McEliecePublicKeyParameters)key).getG(); Vector mG = g.leftMultiply(m); GF2Vector mGZ = (GF2Vector)mG.add(z); return mGZ.getEncoded(); }
/** * Return a new vector consisting of the elements of this vector with the * indices given by the set <tt>setJ</tt>. * * @param setJ the set of indices of elements to extract * @return the new {@link GF2Vector} * <tt>[this_setJ[0], this_setJ[1], ..., this_setJ[#setJ-1]]</tt> */ public GF2Vector extractVector(int[] setJ) { int k = setJ.length; if (setJ[k - 1] > length) { throw new ArithmeticException("invalid index set"); } GF2Vector result = new GF2Vector(k); for (int i = 0; i < k; i++) { int e = v[setJ[i] >> 5] & (1 << (setJ[i] & 0x1f)); if (e != 0) { result.v[i >> 5] |= 1 << (i & 0x1f); } } return result; }
GF2Vector c4Vec = GF2Vector.OS2VP(k, c4); c4Vec, z).getEncoded();
GF2Vector cPInv = (GF2Vector)c.multiply(pInv); GF2Vector mG = (GF2Vector)cPInv.add(errors); mG = (GF2Vector)mG.multiply(p); errors = (GF2Vector)errors.multiply(p); GF2Vector m = mG.extractRightVector(k);
GF2Vector hrmVec = GF2Vector.OS2VP(n, c1); GF2Vector[] decC1 = McElieceCCA2Primitives.decryptionPrimitive((McElieceCCA2PrivateKeyParameters)key, hrmVec); byte[] rBytes = decC1[0].getEncoded(); if (!hrmVec.equals(z))
GF2Vector errors = new GF2Vector(n); if (!syndVec.isZero()) .toExtensionFieldVector(field)); errors.setBit(i);
throws Exception GF2Vector vec = GF2Vector.OS2VP(n, input); McEliecePrivateKeyParameters privKey = (McEliecePrivateKeyParameters)key; GF2mField field = privKey.getField(); GF2Vector cPInv = (GF2Vector)vec.multiply(pInv); GF2Vector mSG = (GF2Vector)cPInv.add(z); mSG = (GF2Vector)mSG.multiply(p1); z = (GF2Vector)z.multiply(p); GF2Vector mS = mSG.extractRightVector(k);
/** * Encrypt a plain text. * * @param input the plain text * @return the cipher text */ public byte[] messageEncrypt(byte[] input) { if (!forEncryption) { throw new IllegalStateException("cipher initialised for decryption"); } GF2Vector m = computeMessageRepresentative(input); GF2Vector z = new GF2Vector(n, t, sr); GF2Matrix g = ((McEliecePublicKeyParameters)key).getG(); Vector mG = g.leftMultiply(m); GF2Vector mGZ = (GF2Vector)mG.add(z); return mGZ.getEncoded(); }
if ((vec.getLength() != n) || (vec.getHammingWeight() != t)) int[] vecArray = vec.getVecArray();
/** * Return a new vector consisting of the elements of this vector with the * indices given by the set <tt>setJ</tt>. * * @param setJ the set of indices of elements to extract * @return the new {@link GF2Vector} * <tt>[this_setJ[0], this_setJ[1], ..., this_setJ[#setJ-1]]</tt> */ public GF2Vector extractVector(int[] setJ) { int k = setJ.length; if (setJ[k - 1] > length) { throw new ArithmeticException("invalid index set"); } GF2Vector result = new GF2Vector(k); for (int i = 0; i < k; i++) { int e = v[setJ[i] >> 5] & (1 << (setJ[i] & 0x1f)); if (e != 0) { result.v[i >> 5] |= 1 << (i & 0x1f); } } return result; }
GF2Vector c4Vec = GF2Vector.OS2VP(k, c4); c4Vec, z).getEncoded();