diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec')
12 files changed, 1535 insertions, 0 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/ECCKeyGenParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/ECCKeyGenParameterSpec.java new file mode 100644 index 0000000..517d9a0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/ECCKeyGenParameterSpec.java @@ -0,0 +1,192 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.InvalidParameterException; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2; + +/** + * This class provides a specification for the parameters that are used by the + * McEliece, McElieceCCA2, and Niederreiter key pair generators. + * + * @see org.bouncycastle.pqc.ecc.mceliece.McElieceKeyPairGenerator + * @see org.bouncycastle.pqc.ecc.mceliece.McElieceCCA2KeyPairGenerator + * @see org.bouncycastle.pqc.ecc.niederreiter.NiederreiterKeyPairGenerator + */ +public class ECCKeyGenParameterSpec + implements AlgorithmParameterSpec +{ + + /** + * The default extension degree + */ + public static final int DEFAULT_M = 11; + + /** + * The default error correcting capability. + */ + public static final int DEFAULT_T = 50; + + /** + * extension degree of the finite field GF(2^m) + */ + private int m; + + /** + * error correction capability of the code + */ + private int t; + + /** + * length of the code + */ + private int n; + + /** + * the field polynomial + */ + private int fieldPoly; + + /** + * Constructor. Set the default parameters: extension degree. + */ + public ECCKeyGenParameterSpec() + { + this(DEFAULT_M, DEFAULT_T); + } + + /** + * Constructor. + * + * @param keysize the length of a Goppa code + * @throws InvalidParameterException if <tt>keysize < 1</tt>. + */ + public ECCKeyGenParameterSpec(int keysize) + throws InvalidParameterException + { + if (keysize < 1) + { + throw new InvalidParameterException("key size must be positive"); + } + m = 0; + n = 1; + while (n < keysize) + { + n <<= 1; + m++; + } + t = n >>> 1; + t /= m; + fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m); + } + + /** + * Constructor. + * + * @param m degree of the finite field GF(2^m) + * @param t error correction capability of the code + * @throws InvalidParameterException if <tt>m < 1</tt> or <tt>m > 32</tt> or + * <tt>t < 0</tt> or <tt>t > n</tt>. + */ + public ECCKeyGenParameterSpec(int m, int t) + throws InvalidParameterException + { + if (m < 1) + { + throw new InvalidParameterException("m must be positive"); + } + if (m > 32) + { + throw new InvalidParameterException("m is too large"); + } + this.m = m; + n = 1 << m; + if (t < 0) + { + throw new InvalidParameterException("t must be positive"); + } + if (t > n) + { + throw new InvalidParameterException("t must be less than n = 2^m"); + } + this.t = t; + fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m); + } + + /** + * Constructor. + * + * @param m degree of the finite field GF(2^m) + * @param t error correction capability of the code + * @param poly the field polynomial + * @throws InvalidParameterException if <tt>m < 1</tt> or <tt>m > 32</tt> or + * <tt>t < 0</tt> or <tt>t > n</tt> or + * <tt>poly</tt> is not an irreducible field polynomial. + */ + public ECCKeyGenParameterSpec(int m, int t, int poly) + throws InvalidParameterException + { + this.m = m; + if (m < 1) + { + throw new InvalidParameterException("m must be positive"); + } + if (m > 32) + { + throw new InvalidParameterException(" m is too large"); + } + this.n = 1 << m; + this.t = t; + if (t < 0) + { + throw new InvalidParameterException("t must be positive"); + } + if (t > n) + { + throw new InvalidParameterException("t must be less than n = 2^m"); + } + if ((PolynomialRingGF2.degree(poly) == m) + && (PolynomialRingGF2.isIrreducible(poly))) + { + this.fieldPoly = poly; + } + else + { + throw new InvalidParameterException( + "polynomial is not a field polynomial for GF(2^m)"); + } + } + + /** + * @return the extension degree of the finite field GF(2^m) + */ + public int getM() + { + return m; + } + + /** + * @return the length of the code + */ + public int getN() + { + return n; + } + + /** + * @return the error correction capability of the code + */ + public int getT() + { + return t; + } + + /** + * @return the field polynomial + */ + public int getFieldPoly() + { + return fieldPoly; + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSKeySpec.java new file mode 100644 index 0000000..7e469f0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSKeySpec.java @@ -0,0 +1,29 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.spec.KeySpec; + +import org.bouncycastle.pqc.crypto.gmss.GMSSParameters; + +public class GMSSKeySpec + implements KeySpec +{ + /** + * The GMSSParameterSet + */ + private GMSSParameters gmssParameterSet; + + protected GMSSKeySpec(GMSSParameters gmssParameterSet) + { + this.gmssParameterSet = gmssParameterSet; + } + + /** + * Returns the GMSS parameter set + * + * @return The GMSS parameter set + */ + public GMSSParameters getParameters() + { + return gmssParameterSet; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSPrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSPrivateKeySpec.java new file mode 100644 index 0000000..150e9dc --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSPrivateKeySpec.java @@ -0,0 +1,353 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.spec.KeySpec; +import java.util.Vector; + +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.pqc.crypto.gmss.GMSSLeaf; +import org.bouncycastle.pqc.crypto.gmss.GMSSParameters; +import org.bouncycastle.pqc.crypto.gmss.GMSSRootCalc; +import org.bouncycastle.pqc.crypto.gmss.GMSSRootSig; +import org.bouncycastle.pqc.crypto.gmss.Treehash; +import org.bouncycastle.util.Arrays; + + +/** + * This class provides a specification for a GMSS private key. + */ +public class GMSSPrivateKeySpec + implements KeySpec +{ + + private int[] index; + + private byte[][] currentSeed; + private byte[][] nextNextSeed; + + private byte[][][] currentAuthPath; + private byte[][][] nextAuthPath; + + private Treehash[][] currentTreehash; + private Treehash[][] nextTreehash; + + private Vector[] currentStack; + private Vector[] nextStack; + + private Vector[][] currentRetain; + private Vector[][] nextRetain; + + private byte[][][] keep; + + private GMSSLeaf[] nextNextLeaf; + private GMSSLeaf[] upperLeaf; + private GMSSLeaf[] upperTreehashLeaf; + + private int[] minTreehash; + + private GMSSParameters gmssPS; + + private byte[][] nextRoot; + private GMSSRootCalc[] nextNextRoot; + + private byte[][] currentRootSig; + private GMSSRootSig[] nextRootSig; + + /** + * @param index tree indices + * @param currentSeed seed for the generation of private OTS keys for the + * current subtrees (TREE) + * @param nextNextSeed seed for the generation of private OTS keys for the + * subtrees after next (TREE++) + * @param currentAuthPath array of current authentication paths (AUTHPATH) + * @param nextAuthPath array of next authentication paths (AUTHPATH+) + * @param keep keep array for the authPath algorithm + * @param currentTreehash treehash for authPath algorithm of current tree + * @param nextTreehash treehash for authPath algorithm of next tree (TREE+) + * @param currentStack shared stack for authPath algorithm of current tree + * @param nextStack shared stack for authPath algorithm of next tree (TREE+) + * @param currentRetain retain stack for authPath algorithm of current tree + * @param nextRetain retain stack for authPath algorithm of next tree (TREE+) + * @param nextNextLeaf array of upcoming leafs of the tree after next (LEAF++) of + * each layer + * @param upperLeaf needed for precomputation of upper nodes + * @param upperTreehashLeaf needed for precomputation of upper treehash nodes + * @param minTreehash index of next treehash instance to receive an update + * @param nextRoot the roots of the next trees (ROOT+) + * @param nextNextRoot the roots of the tree after next (ROOT++) + * @param currentRootSig array of signatures of the roots of the current subtrees + * (SIG) + * @param nextRootSig array of signatures of the roots of the next subtree + * (SIG+) + * @param gmssParameterset the GMSS Parameterset + */ + public GMSSPrivateKeySpec(int[] index, byte[][] currentSeed, + byte[][] nextNextSeed, byte[][][] currentAuthPath, + byte[][][] nextAuthPath, Treehash[][] currentTreehash, + Treehash[][] nextTreehash, Vector[] currentStack, + Vector[] nextStack, Vector[][] currentRetain, + Vector[][] nextRetain, byte[][][] keep, GMSSLeaf[] nextNextLeaf, + GMSSLeaf[] upperLeaf, GMSSLeaf[] upperTreehashLeaf, + int[] minTreehash, byte[][] nextRoot, GMSSRootCalc[] nextNextRoot, + byte[][] currentRootSig, GMSSRootSig[] nextRootSig, + GMSSParameters gmssParameterset) + { + this.index = index; + this.currentSeed = currentSeed; + this.nextNextSeed = nextNextSeed; + this.currentAuthPath = currentAuthPath; + this.nextAuthPath = nextAuthPath; + this.currentTreehash = currentTreehash; + this.nextTreehash = nextTreehash; + this.currentStack = currentStack; + this.nextStack = nextStack; + this.currentRetain = currentRetain; + this.nextRetain = nextRetain; + this.keep = keep; + this.nextNextLeaf = nextNextLeaf; + this.upperLeaf = upperLeaf; + this.upperTreehashLeaf = upperTreehashLeaf; + this.minTreehash = minTreehash; + this.nextRoot = nextRoot; + this.nextNextRoot = nextNextRoot; + this.currentRootSig = currentRootSig; + this.nextRootSig = nextRootSig; + this.gmssPS = gmssParameterset; + } + + public int[] getIndex() + { + return Arrays.clone(index); + } + + public byte[][] getCurrentSeed() + { + return clone(currentSeed); + } + + public byte[][] getNextNextSeed() + { + return clone(nextNextSeed); + } + + public byte[][][] getCurrentAuthPath() + { + return clone(currentAuthPath); + } + + public byte[][][] getNextAuthPath() + { + return clone(nextAuthPath); + } + + public Treehash[][] getCurrentTreehash() + { + return clone(currentTreehash); + } + + public Treehash[][] getNextTreehash() + { + return clone(nextTreehash); + } + + public byte[][][] getKeep() + { + return clone(keep); + } + + public Vector[] getCurrentStack() + { + return clone(currentStack); + } + + public Vector[] getNextStack() + { + return clone(nextStack); + } + + public Vector[][] getCurrentRetain() + { + return clone(currentRetain); + } + + public Vector[][] getNextRetain() + { + return clone(nextRetain); + } + + public GMSSLeaf[] getNextNextLeaf() + { + return clone(nextNextLeaf); + } + + public GMSSLeaf[] getUpperLeaf() + { + return clone(upperLeaf); + } + + public GMSSLeaf[] getUpperTreehashLeaf() + { + return clone(upperTreehashLeaf); + } + + public int[] getMinTreehash() + { + return Arrays.clone(minTreehash); + } + + public GMSSRootSig[] getNextRootSig() + { + return clone(nextRootSig); + } + + public GMSSParameters getGmssPS() + { + return gmssPS; + } + + public byte[][] getNextRoot() + { + return clone(nextRoot); + } + + public GMSSRootCalc[] getNextNextRoot() + { + return clone(nextNextRoot); + } + + public byte[][] getCurrentRootSig() + { + return clone(currentRootSig); + } + + private static GMSSLeaf[] clone(GMSSLeaf[] data) + { + if (data == null) + { + return null; + } + GMSSLeaf[] copy = new GMSSLeaf[data.length]; + + System.arraycopy(data, 0, copy, 0, data.length); + + return copy; + } + + private static GMSSRootCalc[] clone(GMSSRootCalc[] data) + { + if (data == null) + { + return null; + } + GMSSRootCalc[] copy = new GMSSRootCalc[data.length]; + + System.arraycopy(data, 0, copy, 0, data.length); + + return copy; + } + + private static GMSSRootSig[] clone(GMSSRootSig[] data) + { + if (data == null) + { + return null; + } + GMSSRootSig[] copy = new GMSSRootSig[data.length]; + + System.arraycopy(data, 0, copy, 0, data.length); + + return copy; + } + + private static byte[][] clone(byte[][] data) + { + if (data == null) + { + return null; + } + byte[][] copy = new byte[data.length][]; + + for (int i = 0; i != data.length; i++) + { + copy[i] = Arrays.clone(data[i]); + } + + return copy; + } + + private static byte[][][] clone(byte[][][] data) + { + if (data == null) + { + return null; + } + byte[][][] copy = new byte[data.length][][]; + + for (int i = 0; i != data.length; i++) + { + copy[i] = clone(data[i]); + } + + return copy; + } + + private static Treehash[] clone(Treehash[] data) + { + if (data == null) + { + return null; + } + Treehash[] copy = new Treehash[data.length]; + + System.arraycopy(data, 0, copy, 0, data.length); + + return copy; + } + + private static Treehash[][] clone(Treehash[][] data) + { + if (data == null) + { + return null; + } + Treehash[][] copy = new Treehash[data.length][]; + + for (int i = 0; i != data.length; i++) + { + copy[i] = clone(data[i]); + } + + return copy; + } + + private static Vector[] clone(Vector[] data) + { + if (data == null) + { + return null; + } + Vector[] copy = new Vector[data.length]; + + for (int i = 0; i != data.length; i++) + { + copy[i] = new Vector(data[i]); + } + + return copy; + } + + private static Vector[][] clone(Vector[][] data) + { + if (data == null) + { + return null; + } + Vector[][] copy = new Vector[data.length][]; + + for (int i = 0; i != data.length; i++) + { + copy[i] = clone(data[i]); + } + + return copy; + } +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSPublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSPublicKeySpec.java new file mode 100644 index 0000000..441febd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/GMSSPublicKeySpec.java @@ -0,0 +1,40 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import org.bouncycastle.pqc.crypto.gmss.GMSSParameters; + +/** + * This class provides a specification for a GMSS public key. + * + * @see org.bouncycastle.pqc.jcajce.provider.gmss.BCGMSSPublicKey + */ +public class GMSSPublicKeySpec + extends GMSSKeySpec +{ + /** + * The GMSS public key + */ + private byte[] gmssPublicKey; + + /** + * The constructor. + * + * @param key a raw GMSS public key + * @param gmssParameterSet an instance of GMSSParameterSet + */ + public GMSSPublicKeySpec(byte[] key, GMSSParameters gmssParameterSet) + { + super(gmssParameterSet); + + this.gmssPublicKey = key; + } + + /** + * Returns the GMSS public key + * + * @return The GMSS public key + */ + public byte[] getPublicKey() + { + return gmssPublicKey; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2ParameterSpec.java new file mode 100644 index 0000000..d98a8f5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2ParameterSpec.java @@ -0,0 +1,63 @@ +package org.bouncycastle.pqc.jcajce.spec; + + +import java.security.spec.AlgorithmParameterSpec; + +/** + * This class provides a specification for the parameters of the CCA2-secure + * variants of the McEliece PKCS that are used with + * {@link McElieceFujisakiCipher}, {@link McElieceKobaraImaiCipher}, and + * {@link McEliecePointchevalCipher}. + * + * @see McElieceFujisakiCipher + * @see McElieceKobaraImaiCipher + * @see McEliecePointchevalCipher + */ +public class McElieceCCA2ParameterSpec + implements AlgorithmParameterSpec +{ + + /** + * The default message digest ("SHA256"). + */ + public static final String DEFAULT_MD = "SHA256"; + + private String mdName; + + /** + * Construct the default parameters. Choose the + */ + public McElieceCCA2ParameterSpec() + { + this(DEFAULT_MD); + } + + /** + * Constructor. + * + * @param mdName the name of the hash function + */ + public McElieceCCA2ParameterSpec(String mdName) + { + // check whether message digest is available + // TODO: this method not used! +// try { +// Registry.getMessageDigest(mdName); +// } catch (NoSuchAlgorithmException nsae) { +// throw new InvalidParameterException("Message digest '" + mdName +// + "' not found'."); +// } + + // assign message digest name + this.mdName = mdName; + } + + /** + * @return the name of the hash function + */ + public String getMDName() + { + return mdName; + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2PrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2PrivateKeySpec.java new file mode 100644 index 0000000..efb27b5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2PrivateKeySpec.java @@ -0,0 +1,161 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.spec.KeySpec; + +import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix; +import org.bouncycastle.pqc.math.linearalgebra.GF2mField; +import org.bouncycastle.pqc.math.linearalgebra.Permutation; +import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM; + +/** + * This class provides a specification for a McEliece CCA2 private key. + * + * @see JDKMcElieceCCA2PrivateKey + */ +public class McElieceCCA2PrivateKeySpec + implements KeySpec +{ + + // the OID of the algorithm + private String oid; + + // the length of the code + private int n; + + // the dimension of the code + private int k; + + // the finte field GF(2^m) + private GF2mField field; + + // the irreducible Goppa polynomial + private PolynomialGF2mSmallM goppaPoly; + + // the permutation + private Permutation p; + + // the canonical check matrix + private GF2Matrix h; + + // the matrix used to compute square roots in (GF(2^m))^t + private PolynomialGF2mSmallM[] qInv; + + /** + * Constructor. + * + * @param n the length of the code + * @param k the dimension of the code + * @param field the finite field <tt>GF(2<sup>m</sup>)</tt> + * @param gp the irreducible Goppa polynomial + * @param p the permutation + * @param h the canonical check matrix + * @param qInv the matrix used to compute square roots in + * <tt>(GF(2^m))^t</tt> + */ + public McElieceCCA2PrivateKeySpec(String oid, int n, int k, GF2mField field, + PolynomialGF2mSmallM gp, Permutation p, GF2Matrix h, + PolynomialGF2mSmallM[] qInv) + { + this.oid = oid; + this.n = n; + this.k = k; + this.field = field; + this.goppaPoly = gp; + this.p = p; + this.h = h; + this.qInv = qInv; + } + + /** + * Constructor used by the {@link McElieceKeyFactory}. + * + * @param n the length of the code + * @param k the dimension of the code + * @param encFieldPoly the encoded field polynomial defining the finite field + * <tt>GF(2<sup>m</sup>)</tt> + * @param encGoppaPoly the encoded irreducible Goppa polynomial + * @param encP the encoded permutation + * @param encH the encoded canonical check matrix + * @param encQInv the encoded matrix used to compute square roots in + * <tt>(GF(2^m))^t</tt> + */ + public McElieceCCA2PrivateKeySpec(String oid, int n, int k, byte[] encFieldPoly, + byte[] encGoppaPoly, byte[] encP, byte[] encH, byte[][] encQInv) + { + this.oid = oid; + this.n = n; + this.k = k; + field = new GF2mField(encFieldPoly); + goppaPoly = new PolynomialGF2mSmallM(field, encGoppaPoly); + p = new Permutation(encP); + h = new GF2Matrix(encH); + qInv = new PolynomialGF2mSmallM[encQInv.length]; + for (int i = 0; i < encQInv.length; i++) + { + qInv[i] = new PolynomialGF2mSmallM(field, encQInv[i]); + } + } + + /** + * @return the length of the code + */ + public int getN() + { + return n; + } + + /** + * @return the dimension of the code + */ + public int getK() + { + return k; + } + + /** + * @return the finite field + */ + public GF2mField getField() + { + return field; + } + + /** + * @return the irreducible Goppa polynomial + */ + public PolynomialGF2mSmallM getGoppaPoly() + { + return goppaPoly; + } + + /** + * @return the permutation P + */ + public Permutation getP() + { + return p; + } + + /** + * @return the canonical check matrix H + */ + public GF2Matrix getH() + { + return h; + } + + /** + * @return the matrix used to compute square roots in <tt>(GF(2^m))^t</tt> + */ + public PolynomialGF2mSmallM[] getQInv() + { + return qInv; + } + + public String getOIDString() + { + return oid; + + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2PublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2PublicKeySpec.java new file mode 100644 index 0000000..88a60b9 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2PublicKeySpec.java @@ -0,0 +1,88 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.spec.KeySpec; + +import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix; + + +/** + * This class provides a specification for a McEliece CCA2 public key. + * + * @see org.bouncycastle.pqc.jcajce.provider.mceliece.BCMcElieceCCA2PublicKey + */ +public class McElieceCCA2PublicKeySpec + implements KeySpec +{ + + // the OID of the algorithm + private String oid; + + // the length of the code + private int n; + + // the error correction capability of the code + private int t; + + // the generator matrix + private GF2Matrix matrixG; + + /** + * Constructor. + * + * @param n length of the code + * @param t error correction capability + * @param matrix generator matrix + */ + public McElieceCCA2PublicKeySpec(String oid, int n, int t, GF2Matrix matrix) + { + this.oid = oid; + this.n = n; + this.t = t; + this.matrixG = new GF2Matrix(matrix); + } + + /** + * Constructor (used by {@link org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceKeyFactorySpi}). + * + * @param n length of the code + * @param t error correction capability of the code + * @param encMatrix encoded generator matrix + */ + public McElieceCCA2PublicKeySpec(String oid, int n, int t, byte[] encMatrix) + { + this.oid = oid; + this.n = n; + this.t = t; + this.matrixG = new GF2Matrix(encMatrix); + } + + /** + * @return the length of the code + */ + public int getN() + { + return n; + } + + /** + * @return the error correction capability of the code + */ + public int getT() + { + return t; + } + + /** + * @return the generator matrix + */ + public GF2Matrix getMatrixG() + { + return matrixG; + } + + public String getOIDString() + { + return oid; + + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McEliecePrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McEliecePrivateKeySpec.java new file mode 100644 index 0000000..099fc2b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McEliecePrivateKeySpec.java @@ -0,0 +1,201 @@ +package org.bouncycastle.pqc.jcajce.spec; + + +import java.security.spec.KeySpec; + +import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix; +import org.bouncycastle.pqc.math.linearalgebra.GF2mField; +import org.bouncycastle.pqc.math.linearalgebra.Permutation; +import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM; + +/** + * This class provides a specification for a McEliece private key. + * + * @see org.bouncycastle.pqc.ecc.JDKMcEliecePrivateKey.McEliecePrivateKey + * @see KeySpec + */ +public class McEliecePrivateKeySpec + implements KeySpec +{ + + // the OID of the algorithm + private String oid; + + // the length of the code + private int n; + + // the dimension of the code, where <tt>k >= n - mt</tt> + private int k; + + // the underlying finite field + private GF2mField field; + + // the irreducible Goppa polynomial + private PolynomialGF2mSmallM goppaPoly; + + // a k x k random binary non-singular matrix + private GF2Matrix sInv; + + // the permutation used to generate the systematic check matrix + private Permutation p1; + + // the permutation used to compute the public generator matrix + private Permutation p2; + + // the canonical check matrix of the code + private GF2Matrix h; + + // the matrix used to compute square roots in <tt>(GF(2^m))^t</tt> + private PolynomialGF2mSmallM[] qInv; + + /** + * Constructor. + * + * @param oid + * @param n the length of the code + * @param k the dimension of the code + * @param field the field polynomial defining the finite field + * <tt>GF(2<sup>m</sup>)</tt> + * @param goppaPoly the irreducible Goppa polynomial + * @param sInv the matrix <tt>S<sup>-1</sup></tt> + * @param p1 the permutation used to generate the systematic check + * matrix + * @param p2 the permutation used to compute the public generator + * matrix + * @param h the canonical check matrix + * @param qInv the matrix used to compute square roots in + * <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt> + */ + public McEliecePrivateKeySpec(String oid, int n, int k, GF2mField field, + PolynomialGF2mSmallM goppaPoly, GF2Matrix sInv, Permutation p1, + Permutation p2, GF2Matrix h, PolynomialGF2mSmallM[] qInv) + { + this.oid = oid; + this.k = k; + this.n = n; + this.field = field; + this.goppaPoly = goppaPoly; + this.sInv = sInv; + this.p1 = p1; + this.p2 = p2; + this.h = h; + this.qInv = qInv; + } + + /** + * Constructor (used by the {@link McElieceKeyFactory}). + * + * @param oid + * @param n the length of the code + * @param k the dimension of the code + * @param encField the encoded field polynomial defining the finite field + * <tt>GF(2<sup>m</sup>)</tt> + * @param encGoppaPoly the encoded irreducible Goppa polynomial + * @param encSInv the encoded matrix <tt>S<sup>-1</sup></tt> + * @param encP1 the encoded permutation used to generate the systematic + * check matrix + * @param encP2 the encoded permutation used to compute the public + * generator matrix + * @param encH the encoded canonical check matrix + * @param encQInv the encoded matrix used to compute square roots in + * <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt> + */ + public McEliecePrivateKeySpec(String oid, int n, int k, byte[] encField, + byte[] encGoppaPoly, byte[] encSInv, byte[] encP1, byte[] encP2, + byte[] encH, byte[][] encQInv) + { + this.oid = oid; + this.n = n; + this.k = k; + field = new GF2mField(encField); + goppaPoly = new PolynomialGF2mSmallM(field, encGoppaPoly); + sInv = new GF2Matrix(encSInv); + p1 = new Permutation(encP1); + p2 = new Permutation(encP2); + h = new GF2Matrix(encH); + qInv = new PolynomialGF2mSmallM[encQInv.length]; + for (int i = 0; i < encQInv.length; i++) + { + qInv[i] = new PolynomialGF2mSmallM(field, encQInv[i]); + } + } + + /** + * @return the length of the code + */ + public int getN() + { + return n; + } + + /** + * @return the dimension of the code + */ + public int getK() + { + return k; + } + + /** + * @return the finite field <tt>GF(2<sup>m</sup>)</tt> + */ + public GF2mField getField() + { + return field; + } + + /** + * @return the irreducible Goppa polynomial + */ + public PolynomialGF2mSmallM getGoppaPoly() + { + return goppaPoly; + } + + /** + * @return the k x k random binary non-singular matrix S^-1 + */ + public GF2Matrix getSInv() + { + return sInv; + } + + /** + * @return the permutation used to generate the systematic check matrix + */ + public Permutation getP1() + { + return p1; + } + + /** + * @return the permutation used to compute the public generator matrix + */ + public Permutation getP2() + { + return p2; + } + + /** + * @return the canonical check matrix H + */ + public GF2Matrix getH() + { + return h; + } + + /** + * @return the matrix used to compute square roots in + * <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt> + */ + public PolynomialGF2mSmallM[] getQInv() + { + return qInv; + } + + public String getOIDString() + { + return oid; + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McEliecePublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McEliecePublicKeySpec.java new file mode 100644 index 0000000..f5f1876 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McEliecePublicKeySpec.java @@ -0,0 +1,91 @@ +package org.bouncycastle.pqc.jcajce.spec; + + +import java.security.spec.KeySpec; + +import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix; + +/** + * This class provides a specification for a McEliece public key. + * + * @see org.bouncycastle.pqc.jcajce.provider.mceliece.BCMcEliecePublicKey + */ +public class McEliecePublicKeySpec + implements KeySpec +{ + + // the OID of the algorithm + private String oid; + + // the length of the code + private int n; + + // the error correction capability of the code + private int t; + + // the generator matrix + private GF2Matrix g; + + /** + * Constructor (used by {@link org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceKeyFactorySpi}). + * + * @param oid + * @param n the length of the code + * @param t the error correction capability of the code + * @param g the generator matrix + */ + public McEliecePublicKeySpec(String oid, int n, int t, GF2Matrix g) + { + this.oid = oid; + this.n = n; + this.t = t; + this.g = new GF2Matrix(g); + } + + /** + * Constructor (used by {@link org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceKeyFactorySpi}). + * + * @param oid + * @param n the length of the code + * @param t the error correction capability of the code + * @param encG the encoded generator matrix + */ + public McEliecePublicKeySpec(String oid, int t, int n, byte[] encG) + { + this.oid = oid; + this.n = n; + this.t = t; + this.g = new GF2Matrix(encG); + } + + /** + * @return the length of the code + */ + public int getN() + { + return n; + } + + /** + * @return the error correction capability of the code + */ + public int getT() + { + return t; + } + + /** + * @return the generator matrix + */ + public GF2Matrix getG() + { + return g; + } + + public String getOIDString() + { + return oid; + + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowParameterSpec.java new file mode 100644 index 0000000..9da1e45 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowParameterSpec.java @@ -0,0 +1,124 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.util.Arrays; + +/** + * This class provides methods for setting and getting the Rainbow-parameters + * like number of Vinegar-variables in the layers, number of layers and so on. + * <p> + * More detailed information about the needed parameters for the Rainbow + * Signature Scheme is to be found in the paper of Jintai Ding, Dieter Schmidt: + * Rainbow, a New Multivariable Polynomial Signature Scheme. ACNS 2005: 164-175 + * (http://dx.doi.org/10.1007/11496137_12) + * </p> + */ +public class RainbowParameterSpec + implements AlgorithmParameterSpec +{ + + /** + * DEFAULT PARAMS + */ + /* + * Vi = vinegars per layer whereas n is vu (vu = 33 = n) such that + * + * v1 = 6; o1 = 12-6 = 6 + * + * v2 = 12; o2 = 17-12 = 5 + * + * v3 = 17; o3 = 22-17 = 5 + * + * v4 = 22; o4 = 33-22 = 11 + * + * v5 = 33; (o5 = 0) + */ + private static final int[] DEFAULT_VI = {6, 12, 17, 22, 33}; + + private int[] vi;// set of vinegar vars per layer. + + /** + * Default Constructor The elements of the array containing the number of + * Vinegar variables in each layer are set to the default values here. + */ + public RainbowParameterSpec() + { + this.vi = DEFAULT_VI; + } + + /** + * Constructor with parameters + * + * @param vi The elements of the array containing the number of Vinegar + * variables per layer are set to the values of the input array. + * @throws IllegalArgumentException if the variables are invalid. + */ + public RainbowParameterSpec(int[] vi) + { + this.vi = vi; + try + { + checkParams(); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + private void checkParams() + throws Exception + { + if (vi == null) + { + throw new IllegalArgumentException("no layers defined."); + } + if (vi.length > 1) + { + for (int i = 0; i < vi.length - 1; i++) + { + if (vi[i] >= vi[i + 1]) + { + throw new IllegalArgumentException( + "v[i] has to be smaller than v[i+1]"); + } + } + } + else + { + throw new IllegalArgumentException( + "Rainbow needs at least 1 layer, such that v1 < v2."); + } + } + + /** + * Getter for the number of layers + * + * @return the number of layers + */ + public int getNumOfLayers() + { + return this.vi.length - 1; + } + + /** + * Getter for the number of all the polynomials in Rainbow + * + * @return the number of the polynomials + */ + public int getDocumentLength() + { + return vi[vi.length - 1] - vi[0]; + } + + /** + * Getter for the array containing the number of Vinegar-variables per layer + * + * @return the numbers of vinegars per layer + */ + public int[] getVi() + { + return Arrays.clone(this.vi); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPrivateKeySpec.java new file mode 100644 index 0000000..5a10199 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPrivateKeySpec.java @@ -0,0 +1,125 @@ +package org.bouncycastle.pqc.jcajce.spec; + +import java.security.spec.KeySpec; + +import org.bouncycastle.pqc.crypto.rainbow.Layer; + +/** + * This class provides a specification for a RainbowSignature private key. + * + * @see KeySpec + */ +public class RainbowPrivateKeySpec + implements KeySpec +{ + /* + * invertible affine linear map L1 + */ + // the inverse of A1, (n-v1 x n-v1 matrix) + private short[][] A1inv; + + // translation vector of L1 + private short[] b1; + + /* + * invertible affine linear map L2 + */ + // the inverse of A2, (n x n matrix) + private short[][] A2inv; + + // translation vector of L2 + private short[] b2; + + /* + * components of F + */ + // the number of Vinegar-variables per layer. + private int[] vi; + + // contains the polynomials with their coefficients of private map F + private Layer[] layers; + + /** + * Constructor + * + * @param A1inv the inverse of A1(the matrix part of the affine linear map L1) + * (n-v1 x n-v1 matrix) + * @param b1 translation vector, part of the linear affine map L1 + * @param A2inv the inverse of A2(the matrix part of the affine linear map L2) + * (n x n matrix) + * @param b2 translation vector, part of the linear affine map L2 + * @param vi the number of Vinegar-variables per layer + * @param layers the polynomials with their coefficients of private map F + */ + public RainbowPrivateKeySpec(short[][] A1inv, short[] b1, + short[][] A2inv, short[] b2, int[] vi, Layer[] layers) + { + this.A1inv = A1inv; + this.b1 = b1; + this.A2inv = A2inv; + this.b2 = b2; + this.vi = vi; + this.layers = layers; + } + + /** + * Getter for the translation part of the private quadratic map L1. + * + * @return b1 the translation part of L1 + */ + public short[] getB1() + { + return this.b1; + } + + /** + * Getter for the inverse matrix of A1. + * + * @return the A1inv inverse + */ + public short[][] getInvA1() + { + return this.A1inv; + } + + /** + * Getter for the translation part of the private quadratic map L2. + * + * @return b2 the translation part of L2 + */ + public short[] getB2() + { + return this.b2; + } + + /** + * Getter for the inverse matrix of A2 + * + * @return the A2inv + */ + public short[][] getInvA2() + { + return this.A2inv; + } + + /** + * Returns the layers contained in the private key + * + * @return layers + */ + public Layer[] getLayers() + { + return this.layers; + } + + /** + * /** Returns the array of vi-s + * + * @return the vi + */ + public int[] getVi() + { + return vi; + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPublicKeySpec.java new file mode 100644 index 0000000..dbcf3e7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPublicKeySpec.java @@ -0,0 +1,68 @@ +package org.bouncycastle.pqc.jcajce.spec; + + +import java.security.spec.KeySpec; + +/** + * This class provides a specification for a RainbowSignature public key. + * + * @see KeySpec + */ +public class RainbowPublicKeySpec + implements KeySpec +{ + private short[][] coeffquadratic; + private short[][] coeffsingular; + private short[] coeffscalar; + private int docLength; // length of possible document to sign + + /** + * Constructor + * + * @param docLength + * @param coeffquadratic + * @param coeffSingular + * @param coeffScalar + */ + public RainbowPublicKeySpec(int docLength, + short[][] coeffquadratic, short[][] coeffSingular, + short[] coeffScalar) + { + this.docLength = docLength; + this.coeffquadratic = coeffquadratic; + this.coeffsingular = coeffSingular; + this.coeffscalar = coeffScalar; + } + + /** + * @return the docLength + */ + public int getDocLength() + { + return this.docLength; + } + + /** + * @return the coeffquadratic + */ + public short[][] getCoeffQuadratic() + { + return coeffquadratic; + } + + /** + * @return the coeffsingular + */ + public short[][] getCoeffSingular() + { + return coeffsingular; + } + + /** + * @return the coeffscalar + */ + public short[] getCoeffScalar() + { + return coeffscalar; + } +} |