Example 1 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class CramerShoupCoreEngine method encryptBlock.
public CramerShoupCiphertext encryptBlock(BigInteger input) {
CramerShoupCiphertext result = null;
if (!key.isPrivate() && this.forEncryption && key instanceof CramerShoupPublicKeyParameters) {
CramerShoupPublicKeyParameters pk = (CramerShoupPublicKeyParameters) key;
BigInteger p = pk.getParameters().getP();
BigInteger g1 = pk.getParameters().getG1();
BigInteger g2 = pk.getParameters().getG2();
BigInteger h = pk.getH();
if (!isValidMessage(input, p)) {
return result;
}
BigInteger r = generateRandomElement(p, random);
BigInteger u1, u2, v, e, a;
u1 = g1.modPow(r, p);
u2 = g2.modPow(r, p);
e = h.modPow(r, p).multiply(input).mod(p);
Digest digest = pk.getParameters().getH();
byte[] u1Bytes = u1.toByteArray();
digest.update(u1Bytes, 0, u1Bytes.length);
byte[] u2Bytes = u2.toByteArray();
digest.update(u2Bytes, 0, u2Bytes.length);
byte[] eBytes = e.toByteArray();
digest.update(eBytes, 0, eBytes.length);
if (this.label != null) {
byte[] lBytes = this.label;
digest.update(lBytes, 0, lBytes.length);
}
byte[] out = new byte[digest.getDigestSize()];
digest.doFinal(out, 0);
a = new BigInteger(1, out);
v = pk.getC().modPow(r, p).multiply(pk.getD().modPow(r.multiply(a), p)).mod(p);
result = new CramerShoupCiphertext(u1, u2, e, v);
}
return result;
}
Also used :
CramerShoupPublicKeyParameters(com.github.zhenwei.core.crypto.params.CramerShoupPublicKeyParameters)
Digest(com.github.zhenwei.core.crypto.Digest)
BigInteger(java.math.BigInteger)
Example 2 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class EthereumIESEngine method encryptBlock.
private byte[] encryptBlock(byte[] in, int inOff, int inLen) throws InvalidCipherTextException {
byte[] C = null, K = null, K1 = null, K2 = null;
int len;
if (cipher == null) {
// Streaming mode.
K1 = new byte[inLen];
K2 = new byte[param.getMacKeySize() / 8];
K = new byte[K1.length + K2.length];
kdf.generateBytes(K, 0, K.length);
if (V.length != 0) {
System.arraycopy(K, 0, K2, 0, K2.length);
System.arraycopy(K, K2.length, K1, 0, K1.length);
} else {
System.arraycopy(K, 0, K1, 0, K1.length);
System.arraycopy(K, inLen, K2, 0, K2.length);
}
C = new byte[inLen];
for (int i = 0; i != inLen; i++) {
C[i] = (byte) (in[inOff + i] ^ K1[i]);
}
len = inLen;
} else {
// Block cipher mode.
K1 = new byte[((IESWithCipherParameters) param).getCipherKeySize() / 8];
K2 = new byte[param.getMacKeySize() / 8];
K = new byte[K1.length + K2.length];
kdf.generateBytes(K, 0, K.length);
System.arraycopy(K, 0, K1, 0, K1.length);
System.arraycopy(K, K1.length, K2, 0, K2.length);
// If iv provided use it to initialise the cipher
if (IV != null) {
cipher.init(true, new ParametersWithIV(new KeyParameter(K1), IV));
} else {
cipher.init(true, new KeyParameter(K1));
}
C = new byte[cipher.getOutputSize(inLen)];
len = cipher.processBytes(in, inOff, inLen, C, 0);
len += cipher.doFinal(C, len);
}
// Convert the length of the encoding vector into a byte array.
byte[] P2 = param.getEncodingV();
byte[] L2 = null;
if (V.length != 0) {
L2 = getLengthTag(P2);
}
// Apply the MAC.
byte[] T = new byte[mac.getMacSize()];
// Ethereum change:
// Instead of initializing the mac with the bytes, we initialize with the hash of the bytes.
// Old code: mac.init(new KeyParameter(K2));
Digest hash = new SHA256Digest();
byte[] K2hash = new byte[hash.getDigestSize()];
hash.reset();
hash.update(K2, 0, K2.length);
hash.doFinal(K2hash, 0);
mac.init(new KeyParameter(K2hash));
// we also update the mac with the IV:
mac.update(IV, 0, IV.length);
// end of Ethereum change.
mac.update(C, 0, C.length);
if (P2 != null) {
mac.update(P2, 0, P2.length);
}
if (V.length != 0) {
mac.update(L2, 0, L2.length);
}
// Ethereum change
mac.update(commonMac, 0, commonMac.length);
mac.doFinal(T, 0);
// Output the triple (V,C,T).
byte[] Output = new byte[V.length + len + T.length];
System.arraycopy(V, 0, Output, 0, V.length);
System.arraycopy(C, 0, Output, V.length, len);
System.arraycopy(T, 0, Output, V.length + len, T.length);
return Output;
}
Also used :
ParametersWithIV(com.github.zhenwei.core.crypto.params.ParametersWithIV)
SHA256Digest(com.github.zhenwei.core.crypto.digests.SHA256Digest)
Digest(com.github.zhenwei.core.crypto.Digest)
SHA256Digest(com.github.zhenwei.core.crypto.digests.SHA256Digest)
KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter)
AsymmetricKeyParameter(com.github.zhenwei.core.crypto.params.AsymmetricKeyParameter)
IESWithCipherParameters(com.github.zhenwei.core.crypto.params.IESWithCipherParameters)
Example 3 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class NTRUEngine method MGF.
/**
* An implementation of MGF-TP-1 from P1363.1 section 8.4.1.1.
*
* @param seed
* @param N
* @param minCallsR
* @param hashSeed whether to hash the seed
*/
private IntegerPolynomial MGF(byte[] seed, int N, int minCallsR, boolean hashSeed) {
Digest hashAlg = params.hashAlg;
int hashLen = hashAlg.getDigestSize();
byte[] buf = new byte[minCallsR * hashLen];
byte[] Z = hashSeed ? calcHash(hashAlg, seed) : seed;
int counter = 0;
while (counter < minCallsR) {
hashAlg.update(Z, 0, Z.length);
putInt(hashAlg, counter);
byte[] hash = calcHash(hashAlg);
System.arraycopy(hash, 0, buf, counter * hashLen, hashLen);
counter++;
}
IntegerPolynomial i = new IntegerPolynomial(N);
while (true) {
int cur = 0;
for (int index = 0; index != buf.length; index++) {
int O = (int) buf[index] & 0xFF;
if (// 243 = 3^5
O >= 243) {
continue;
}
for (int terIdx = 0; terIdx < 4; terIdx++) {
int rem3 = O % 3;
i.coeffs[cur] = rem3 - 1;
cur++;
if (cur == N) {
return i;
}
O = (O - rem3) / 3;
}
i.coeffs[cur] = O - 1;
cur++;
if (cur == N) {
return i;
}
}
if (cur >= N) {
return i;
}
hashAlg.update(Z, 0, Z.length);
putInt(hashAlg, counter);
byte[] hash = calcHash(hashAlg);
buf = hash;
counter++;
}
}
Also used :
Digest(com.github.zhenwei.core.crypto.Digest)
IntegerPolynomial(com.github.zhenwei.core.pqc.math.ntru.polynomial.IntegerPolynomial)
Example 4 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class LM_OTS method lm_ots_generate_signature.
public static LMOtsSignature lm_ots_generate_signature(LMOtsPrivateKey privateKey, byte[] Q, byte[] C) {
LMOtsParameters parameter = privateKey.getParameter();
int n = parameter.getN();
int p = parameter.getP();
int w = parameter.getW();
byte[] sigComposer = new byte[p * n];
Digest ctx = DigestUtil.getDigest(parameter.getDigestOID());
SeedDerive derive = privateKey.getDerivationFunction();
int cs = cksm(Q, n, parameter);
Q[n] = (byte) ((cs >>> 8) & 0xFF);
Q[n + 1] = (byte) cs;
byte[] tmp = Composer.compose().bytes(privateKey.getI()).u32str(privateKey.getQ()).padUntil(0, ITER_PREV + n).build();
derive.setJ(0);
for (int i = 0; i < p; i++) {
Pack.shortToBigEndian((short) i, tmp, ITER_K);
derive.deriveSeed(tmp, i < p - 1, ITER_PREV);
int a = coef(Q, i, w);
for (int j = 0; j < a; j++) {
tmp[ITER_J] = (byte) j;
ctx.update(tmp, 0, ITER_PREV + n);
ctx.doFinal(tmp, ITER_PREV);
}
System.arraycopy(tmp, ITER_PREV, sigComposer, n * i, n);
}
return new LMOtsSignature(parameter, C, sigComposer);
}
Also used :
Digest(com.github.zhenwei.core.crypto.Digest)
Example 5 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class LM_OTS method lms_ots_generatePublicKey.
static byte[] lms_ots_generatePublicKey(LMOtsParameters parameter, byte[] I, int q, byte[] masterSecret) {
//
// Start hash that computes the final value.
//
Digest publicContext = DigestUtil.getDigest(parameter.getDigestOID());
byte[] prehashPrefix = Composer.compose().bytes(I).u32str(q).u16str(D_PBLC).padUntil(0, 22).build();
publicContext.update(prehashPrefix, 0, prehashPrefix.length);
Digest ctx = DigestUtil.getDigest(parameter.getDigestOID());
byte[] buf = Composer.compose().bytes(I).u32str(q).padUntil(0, 23 + ctx.getDigestSize()).build();
SeedDerive derive = new SeedDerive(I, masterSecret, DigestUtil.getDigest(parameter.getDigestOID()));
derive.setQ(q);
derive.setJ(0);
int p = parameter.getP();
int n = parameter.getN();
final int twoToWminus1 = (1 << parameter.getW()) - 1;
for (int i = 0; i < p; i++) {
// Private Key!
derive.deriveSeed(buf, i < p - 1, ITER_PREV);
Pack.shortToBigEndian((short) i, buf, ITER_K);
for (int j = 0; j < twoToWminus1; j++) {
buf[ITER_J] = (byte) j;
ctx.update(buf, 0, buf.length);
ctx.doFinal(buf, ITER_PREV);
}
publicContext.update(buf, ITER_PREV, n);
}
byte[] K = new byte[publicContext.getDigestSize()];
publicContext.doFinal(K, 0);
return K;
}
Also used :
Digest(com.github.zhenwei.core.crypto.Digest)
Aggregations
Digest (com.github.zhenwei.core.crypto.Digest)30
MGF1ParameterSpec (java.security.spec.MGF1ParameterSpec)5
OAEPEncoding (com.github.zhenwei.core.crypto.encodings.OAEPEncoding)4
BigInteger (java.math.BigInteger)4
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)3
CipherParameters (com.github.zhenwei.core.crypto.CipherParameters)3
SHA256Digest (com.github.zhenwei.core.crypto.digests.SHA256Digest)3
SHA512Digest (com.github.zhenwei.core.crypto.digests.SHA512Digest)3
KeyParameter (com.github.zhenwei.core.crypto.params.KeyParameter)3
DSADigestSigner (com.github.zhenwei.core.crypto.signers.DSADigestSigner)3
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
ElGamalEngine (com.github.zhenwei.core.crypto.engines.ElGamalEngine)2
RSABlindedEngine (com.github.zhenwei.core.crypto.engines.RSABlindedEngine)2
AsymmetricKeyParameter (com.github.zhenwei.core.crypto.params.AsymmetricKeyParameter)2
IESWithCipherParameters (com.github.zhenwei.core.crypto.params.IESWithCipherParameters)2
ParametersWithIV (com.github.zhenwei.core.crypto.params.ParametersWithIV)2
ParametersWithRandom (com.github.zhenwei.core.crypto.params.ParametersWithRandom)2
ECDSASigner (com.github.zhenwei.core.crypto.signers.ECDSASigner)2
InvalidKeyException (java.security.InvalidKeyException)2
InvalidParameterException (java.security.InvalidParameterException)2
