Examples with DigestRandomGenerator com.github.zhenwei.core.crypto.prng.DigestRandomGenerator used on opensource projects

Example 6 with DigestRandomGenerator

use of com.github.zhenwei.core.crypto.prng.DigestRandomGenerator in project LinLong-Java by zhenwei1108.

the class McElieceKobaraImaiCipher method messageEncrypt.

public byte[] messageEncrypt(byte[] input) {
    if (!forEncryption) {
        throw new IllegalStateException("cipher initialised for decryption");
    }
    int c2Len = messDigest.getDigestSize();
    int c4Len = k >> 3;
    int c5Len = (IntegerFunctions.binomial(n, t).bitLength() - 1) >> 3;
    int mLen = c4Len + c5Len - c2Len - PUBLIC_CONSTANT.length;
    if (input.length > mLen) {
        mLen = input.length;
    }
    int c1Len = mLen + PUBLIC_CONSTANT.length;
    int c6Len = c1Len + c2Len - c4Len - c5Len;
    // compute (m||const)
    byte[] mConst = new byte[c1Len];
    System.arraycopy(input, 0, mConst, 0, input.length);
    System.arraycopy(PUBLIC_CONSTANT, 0, mConst, mLen, PUBLIC_CONSTANT.length);
    // generate random r of length c2Len bytes
    byte[] r = new byte[c2Len];
    sr.nextBytes(r);
    // get PRNG object
    // get PRNG object
    DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
    // seed PRNG with r'
    sr0.addSeedMaterial(r);
    // generate random sequence ...
    byte[] c1 = new byte[c1Len];
    sr0.nextBytes(c1);
    // ... and XOR with (m||const) to obtain c1
    for (int i = c1Len - 1; i >= 0; i--) {
        c1[i] ^= mConst[i];
    }
    // compute H(c1) ...
    byte[] c2 = new byte[messDigest.getDigestSize()];
    messDigest.update(c1, 0, c1.length);
    messDigest.doFinal(c2, 0);
    // ... and XOR with r
    for (int i = c2Len - 1; i >= 0; i--) {
        c2[i] ^= r[i];
    }
    // compute (c2||c1)
    byte[] c2c1 = ByteUtils.concatenate(c2, c1);
    // split (c2||c1) into (c6||c5||c4), where c4Len is k/8 bytes, c5Len is
    // floor[log(n|t)]/8 bytes, and c6Len is c1Len+c2Len-c4Len-c5Len (may be
    // 0).
    byte[] c6 = new byte[0];
    if (c6Len > 0) {
        c6 = new byte[c6Len];
        System.arraycopy(c2c1, 0, c6, 0, c6Len);
    }
    byte[] c5 = new byte[c5Len];
    System.arraycopy(c2c1, c6Len, c5, 0, c5Len);
    byte[] c4 = new byte[c4Len];
    System.arraycopy(c2c1, c6Len + c5Len, c4, 0, c4Len);
    // convert c4 to vector over GF(2)
    GF2Vector c4Vec = GF2Vector.OS2VP(k, c4);
    // convert c5 to error vector z
    GF2Vector z = Conversions.encode(n, t, c5);
    // compute encC4 = E(c4, z)
    byte[] encC4 = McElieceCCA2Primitives.encryptionPrimitive((McElieceCCA2PublicKeyParameters) key, c4Vec, z).getEncoded();
    // if c6Len > 0
    if (c6Len > 0) {
        // return (c6||encC4)
        return ByteUtils.concatenate(c6, encC4);
    }
    // else, return encC4
    return encC4;
}