diff options
Diffstat (limited to 'core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util')
4 files changed, 0 insertions, 977 deletions
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSRandom.java b/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSRandom.java deleted file mode 100644 index c6d30227..00000000 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSRandom.java +++ /dev/null @@ -1,78 +0,0 @@ -package org.bouncycastle.pqc.crypto.gmss.util; - -import org.bouncycastle.crypto.Digest; - -/** - * This class provides a PRNG for GMSS - */ -public class GMSSRandom -{ - /** - * Hash function for the construction of the authentication trees - */ - private Digest messDigestTree; - - /** - * Constructor - * - * @param messDigestTree2 - */ - public GMSSRandom(Digest messDigestTree2) - { - - this.messDigestTree = messDigestTree2; - } - - /** - * computes the next seed value, returns a random byte array and sets - * outseed to the next value - * - * @param outseed byte array in which ((1 + SEEDin +RAND) mod 2^n) will be - * stored - * @return byte array of H(SEEDin) - */ - public byte[] nextSeed(byte[] outseed) - { - // RAND <-- H(SEEDin) - byte[] rand = new byte[outseed.length]; - messDigestTree.update(outseed, 0, outseed.length); - rand = new byte[messDigestTree.getDigestSize()]; - messDigestTree.doFinal(rand, 0); - - // SEEDout <-- (1 + SEEDin +RAND) mod 2^n - addByteArrays(outseed, rand); - addOne(outseed); - - // System.arraycopy(outseed, 0, outseed, 0, outseed.length); - - return rand; - } - - private void addByteArrays(byte[] a, byte[] b) - { - - byte overflow = 0; - int temp; - - for (int i = 0; i < a.length; i++) - { - temp = (0xFF & a[i]) + (0xFF & b[i]) + overflow; - a[i] = (byte)temp; - overflow = (byte)(temp >> 8); - } - } - - private void addOne(byte[] a) - { - - byte overflow = 1; - int temp; - - for (int i = 0; i < a.length; i++) - { - temp = (0xFF & a[i]) + overflow; - a[i] = (byte)temp; - overflow = (byte)(temp >> 8); - } - } -} diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSUtil.java b/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSUtil.java deleted file mode 100644 index 80f8828b..00000000 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSUtil.java +++ /dev/null @@ -1,151 +0,0 @@ -package org.bouncycastle.pqc.crypto.gmss.util; - -/** - * This class provides several methods that are required by the GMSS classes. - */ -public class GMSSUtil -{ - /** - * Converts a 32 bit integer into a byte array beginning at - * <code>offset</code> (little-endian representation) - * - * @param value the integer to convert - */ - public byte[] intToBytesLittleEndian(int value) - { - byte[] bytes = new byte[4]; - - bytes[0] = (byte)((value) & 0xff); - bytes[1] = (byte)((value >> 8) & 0xff); - bytes[2] = (byte)((value >> 16) & 0xff); - bytes[3] = (byte)((value >> 24) & 0xff); - return bytes; - } - - /** - * Converts a byte array beginning at <code>offset</code> into a 32 bit - * integer (little-endian representation) - * - * @param bytes the byte array - * @return The resulting integer - */ - public int bytesToIntLittleEndian(byte[] bytes) - { - - return ((bytes[0] & 0xff)) | ((bytes[1] & 0xff) << 8) - | ((bytes[2] & 0xff) << 16) | ((bytes[3] & 0xff)) << 24; - } - - /** - * Converts a byte array beginning at <code>offset</code> into a 32 bit - * integer (little-endian representation) - * - * @param bytes the byte array - * @param offset the integer offset into the byte array - * @return The resulting integer - */ - public int bytesToIntLittleEndian(byte[] bytes, int offset) - { - return ((bytes[offset++] & 0xff)) | ((bytes[offset++] & 0xff) << 8) - | ((bytes[offset++] & 0xff) << 16) - | ((bytes[offset] & 0xff)) << 24; - } - - /** - * This method concatenates a 2-dimensional byte array into a 1-dimensional - * byte array - * - * @param arraycp a 2-dimensional byte array. - * @return 1-dimensional byte array with concatenated input array - */ - public byte[] concatenateArray(byte[][] arraycp) - { - byte[] dest = new byte[arraycp.length * arraycp[0].length]; - int indx = 0; - for (int i = 0; i < arraycp.length; i++) - { - System.arraycopy(arraycp[i], 0, dest, indx, arraycp[i].length); - indx = indx + arraycp[i].length; - } - return dest; - } - - /** - * This method prints the values of a 2-dimensional byte array - * - * @param text a String - * @param array a 2-dimensional byte array - */ - public void printArray(String text, byte[][] array) - { - System.out.println(text); - int counter = 0; - for (int i = 0; i < array.length; i++) - { - for (int j = 0; j < array[0].length; j++) - { - System.out.println(counter + "; " + array[i][j]); - counter++; - } - } - } - - /** - * This method prints the values of a 1-dimensional byte array - * - * @param text a String - * @param array a 1-dimensional byte array. - */ - public void printArray(String text, byte[] array) - { - System.out.println(text); - int counter = 0; - for (int i = 0; i < array.length; i++) - { - System.out.println(counter + "; " + array[i]); - counter++; - } - } - - /** - * This method tests if an integer is a power of 2. - * - * @param testValue an integer - * @return <code>TRUE</code> if <code>testValue</code> is a power of 2, - * <code>FALSE</code> otherwise - */ - public boolean testPowerOfTwo(int testValue) - { - int a = 1; - while (a < testValue) - { - a <<= 1; - } - if (testValue == a) - { - return true; - } - - return false; - } - - /** - * This method returns the least integer that is greater or equal to the - * logarithm to the base 2 of an integer <code>intValue</code>. - * - * @param intValue an integer - * @return The least integer greater or equal to the logarithm to the base 2 - * of <code>intValue</code> - */ - public int getLog(int intValue) - { - int log = 1; - int i = 2; - while (i < intValue) - { - i <<= 1; - log++; - } - return log; - } -} diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSVerify.java b/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSVerify.java deleted file mode 100644 index d012ce7c..00000000 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSVerify.java +++ /dev/null @@ -1,344 +0,0 @@ -package org.bouncycastle.pqc.crypto.gmss.util; - -import org.bouncycastle.crypto.Digest; - -/** - * This class implements signature verification of the Winternitz one-time - * signature scheme (OTSS), described in C.Dods, N.P. Smart, and M. Stam, "Hash - * Based Digital Signature Schemes", LNCS 3796, pages 96–115, 2005. The - * class is used by the GMSS classes. - */ -public class WinternitzOTSVerify -{ - - private Digest messDigestOTS; - - /** - * The Winternitz parameter - */ - private int w; - - /** - * The constructor - * - * @param digest the name of the hash function used by the OTS and the provider - * name of the hash function - * @param w the Winternitz parameter - */ - public WinternitzOTSVerify(Digest digest, int w) - { - this.w = w; - - messDigestOTS = digest; - } - - /** - * @return The length of the one-time signature - */ - public int getSignatureLength() - { - int mdsize = messDigestOTS.getDigestSize(); - int size = ((mdsize << 3) + (w - 1)) / w; - int logs = getLog((size << w) + 1); - size += (logs + w - 1) / w; - - return mdsize * size; - } - - /** - * This method computes the public OTS key from the one-time signature of a - * message. This is *NOT* a complete OTS signature verification, but it - * suffices for usage with CMSS. - * - * @param message the message - * @param signature the one-time signature - * @return The public OTS key - */ - public byte[] Verify(byte[] message, byte[] signature) - { - - int mdsize = messDigestOTS.getDigestSize(); - byte[] hash = new byte[mdsize]; // hash of message m - - // create hash of message m - messDigestOTS.update(message, 0, message.length); - hash = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hash, 0); - - int size = ((mdsize << 3) + (w - 1)) / w; - int logs = getLog((size << w) + 1); - int keysize = size + (logs + w - 1) / w; - - int testKeySize = mdsize * keysize; - - if (testKeySize != signature.length) - { - return null; - } - - byte[] testKey = new byte[testKeySize]; - - int c = 0; - int counter = 0; - int test; - - if (8 % w == 0) - { - int d = 8 / w; - int k = (1 << w) - 1; - byte[] hlp = new byte[mdsize]; - - // verify signature - for (int i = 0; i < hash.length; i++) - { - for (int j = 0; j < d; j++) - { - test = hash[i] & k; - c += test; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - hash[i] = (byte)(hash[i] >>> w); - counter++; - } - } - - c = (size << w) - c; - for (int i = 0; i < logs; i += w) - { - test = c & k; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test++; - } - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - c >>>= w; - counter++; - } - } - else if (w < 8) - { - int d = mdsize / w; - int k = (1 << w) - 1; - byte[] hlp = new byte[mdsize]; - long big8; - int ii = 0; - // create signature - // first d*w bytes of hash - for (int i = 0; i < d; i++) - { - big8 = 0; - for (int j = 0; j < w; j++) - { - big8 ^= (hash[ii] & 0xff) << (j << 3); - ii++; - } - for (int j = 0; j < 8; j++) - { - test = (int)(big8 & k); - c += test; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - big8 >>>= w; - counter++; - } - } - // rest of hash - d = mdsize % w; - big8 = 0; - for (int j = 0; j < d; j++) - { - big8 ^= (hash[ii] & 0xff) << (j << 3); - ii++; - } - d <<= 3; - for (int j = 0; j < d; j += w) - { - test = (int)(big8 & k); - c += test; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - big8 >>>= w; - counter++; - } - - // check bytes - c = (size << w) - c; - for (int i = 0; i < logs; i += w) - { - test = c & k; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - c >>>= w; - counter++; - } - }// end if(w<8) - else if (w < 57) - { - int d = (mdsize << 3) - w; - int k = (1 << w) - 1; - byte[] hlp = new byte[mdsize]; - long big8, test8; - int r = 0; - int s, f, rest, ii; - // create signature - // first a*w bits of hash where a*w <= 8*mdsize < (a+1)*w - while (r <= d) - { - s = r >>> 3; - rest = r % 8; - r += w; - f = (r + 7) >>> 3; - big8 = 0; - ii = 0; - for (int j = s; j < f; j++) - { - big8 ^= (hash[j] & 0xff) << (ii << 3); - ii++; - } - - big8 >>>= rest; - test8 = (big8 & k); - c += test8; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test8 < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test8++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - counter++; - - } - // rest of hash - s = r >>> 3; - if (s < mdsize) - { - rest = r % 8; - big8 = 0; - ii = 0; - for (int j = s; j < mdsize; j++) - { - big8 ^= (hash[j] & 0xff) << (ii << 3); - ii++; - } - - big8 >>>= rest; - test8 = (big8 & k); - c += test8; - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test8 < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test8++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - counter++; - } - // check bytes - c = (size << w) - c; - for (int i = 0; i < logs; i += w) - { - test8 = (c & k); - - System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize); - - while (test8 < k) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test8++; - } - - System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize); - c >>>= w; - counter++; - } - }// end if(w<57) - - byte[] TKey = new byte[mdsize]; - messDigestOTS.update(testKey, 0, testKey.length); - TKey = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(TKey, 0); - - return TKey; - - } - - /** - * This method returns the least integer that is greater or equal to the - * logarithm to the base 2 of an integer <code>intValue</code>. - * - * @param intValue an integer - * @return The least integer greater or equal to the logarithm to the base - * 256 of <code>intValue</code> - */ - public int getLog(int intValue) - { - int log = 1; - int i = 2; - while (i < intValue) - { - i <<= 1; - log++; - } - return log; - } - -} diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSignature.java b/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSignature.java deleted file mode 100644 index 23bf3fab..00000000 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSignature.java +++ /dev/null @@ -1,404 +0,0 @@ -package org.bouncycastle.pqc.crypto.gmss.util; - -import org.bouncycastle.crypto.Digest; - -/** - * This class implements key pair generation and signature generation of the - * Winternitz one-time signature scheme (OTSS), described in C.Dods, N.P. Smart, - * and M. Stam, "Hash Based Digital Signature Schemes", LNCS 3796, pages - * 96–115, 2005. The class is used by the GMSS classes. - */ - -public class WinternitzOTSignature -{ - - /** - * The hash function used by the OTS - */ - private Digest messDigestOTS; - - /** - * The length of the message digest and private key - */ - private int mdsize, keysize; - - /** - * An array of strings, containing the name of the used hash function, the - * name of the PRGN and the names of the corresponding providers - */ - // private String[] name = new String[2]; - /** - * The private key - */ - private byte[][] privateKeyOTS; - - /** - * The Winternitz parameter - */ - private int w; - - /** - * The source of randomness for OTS private key generation - */ - private GMSSRandom gmssRandom; - - /** - * Sizes of the message and the checksum, both - */ - private int messagesize, checksumsize; - - /** - * The constructor generates an OTS key pair, using <code>seed0</code> and - * the PRNG - * - * @param seed0 the seed for the PRGN - * @param digest an array of strings, containing the name of the used hash - * function, the name of the PRGN and the names of the - * corresponding providers - * @param w the Winternitz parameter - */ - public WinternitzOTSignature(byte[] seed0, Digest digest, int w) - { - // this.name = name; - this.w = w; - - messDigestOTS = digest; - - gmssRandom = new GMSSRandom(messDigestOTS); - - // calulate keysize for private and public key and also the help - // array - - mdsize = messDigestOTS.getDigestSize(); - int mdsizeBit = mdsize << 3; - messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w); - - checksumsize = getLog((messagesize << w) + 1); - - keysize = messagesize - + (int)Math.ceil((double)checksumsize / (double)w); - - /* - * mdsize = messDigestOTS.getDigestLength(); messagesize = - * ((mdsize<<3)+(w-1))/w; - * - * checksumsize = getlog((messagesize<<w)+1); - * - * keysize = messagesize + (checksumsize+w-1)/w; - */ - // define the private key messagesize - privateKeyOTS = new byte[keysize][mdsize]; - - // gmssRandom.setSeed(seed0); - byte[] dummy = new byte[mdsize]; - System.arraycopy(seed0, 0, dummy, 0, dummy.length); - - // generate random bytes and - // assign them to the private key - for (int i = 0; i < keysize; i++) - { - privateKeyOTS[i] = gmssRandom.nextSeed(dummy); - } - } - - /** - * @return The private OTS key - */ - public byte[][] getPrivateKey() - { - return privateKeyOTS; - } - - /** - * @return The public OTS key - */ - public byte[] getPublicKey() - { - byte[] helppubKey = new byte[keysize * mdsize]; - - byte[] help = new byte[mdsize]; - int two_power_t = 1 << w; - - for (int i = 0; i < keysize; i++) - { - // hash w-1 time the private key and assign it to the public key - messDigestOTS.update(privateKeyOTS[i], 0, privateKeyOTS[i].length); - help = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(help, 0); - for (int j = 2; j < two_power_t; j++) - { - messDigestOTS.update(help, 0, help.length); - help = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(help, 0); - } - System.arraycopy(help, 0, helppubKey, mdsize * i, mdsize); - } - - messDigestOTS.update(helppubKey, 0, helppubKey.length); - byte[] tmp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(tmp, 0); - return tmp; - } - - /** - * @return The one-time signature of the message, generated with the private - * key - */ - public byte[] getSignature(byte[] message) - { - byte[] sign = new byte[keysize * mdsize]; - // byte [] message; // message m as input - byte[] hash = new byte[mdsize]; // hash of message m - int counter = 0; - int c = 0; - int test = 0; - // create hash of message m - messDigestOTS.update(message, 0, message.length); - hash = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hash, 0); - - if (8 % w == 0) - { - int d = 8 / w; - int k = (1 << w) - 1; - byte[] hlp = new byte[mdsize]; - - // create signature - for (int i = 0; i < hash.length; i++) - { - for (int j = 0; j < d; j++) - { - test = hash[i] & k; - c += test; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - - while (test > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - hash[i] = (byte)(hash[i] >>> w); - counter++; - } - } - - c = (messagesize << w) - c; - for (int i = 0; i < checksumsize; i += w) - { - test = c & k; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - - while (test > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - c >>>= w; - counter++; - } - } - else if (w < 8) - { - int d = mdsize / w; - int k = (1 << w) - 1; - byte[] hlp = new byte[mdsize]; - long big8; - int ii = 0; - // create signature - // first d*w bytes of hash - for (int i = 0; i < d; i++) - { - big8 = 0; - for (int j = 0; j < w; j++) - { - big8 ^= (hash[ii] & 0xff) << (j << 3); - ii++; - } - for (int j = 0; j < 8; j++) - { - test = (int)(big8 & k); - c += test; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - - while (test > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - big8 >>>= w; - counter++; - } - } - // rest of hash - d = mdsize % w; - big8 = 0; - for (int j = 0; j < d; j++) - { - big8 ^= (hash[ii] & 0xff) << (j << 3); - ii++; - } - d <<= 3; - for (int j = 0; j < d; j += w) - { - test = (int)(big8 & k); - c += test; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - - while (test > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - big8 >>>= w; - counter++; - } - - // check bytes - c = (messagesize << w) - c; - for (int i = 0; i < checksumsize; i += w) - { - test = c & k; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - - while (test > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - c >>>= w; - counter++; - } - }// end if(w<8) - else if (w < 57) - { - int d = (mdsize << 3) - w; - int k = (1 << w) - 1; - byte[] hlp = new byte[mdsize]; - long big8, test8; - int r = 0; - int s, f, rest, ii; - // create signature - // first a*w bits of hash where a*w <= 8*mdsize < (a+1)*w - while (r <= d) - { - s = r >>> 3; - rest = r % 8; - r += w; - f = (r + 7) >>> 3; - big8 = 0; - ii = 0; - for (int j = s; j < f; j++) - { - big8 ^= (hash[j] & 0xff) << (ii << 3); - ii++; - } - - big8 >>>= rest; - test8 = (big8 & k); - c += test8; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - while (test8 > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test8--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - counter++; - - } - // rest of hash - s = r >>> 3; - if (s < mdsize) - { - rest = r % 8; - big8 = 0; - ii = 0; - for (int j = s; j < mdsize; j++) - { - big8 ^= (hash[j] & 0xff) << (ii << 3); - ii++; - } - - big8 >>>= rest; - test8 = (big8 & k); - c += test8; - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - while (test8 > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test8--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - counter++; - } - // check bytes - c = (messagesize << w) - c; - for (int i = 0; i < checksumsize; i += w) - { - test8 = (c & k); - - System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize); - - while (test8 > 0) - { - messDigestOTS.update(hlp, 0, hlp.length); - hlp = new byte[messDigestOTS.getDigestSize()]; - messDigestOTS.doFinal(hlp, 0); - test8--; - } - System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize); - c >>>= w; - counter++; - } - }// end if(w<57) - - return sign; - } - - /** - * This method returns the least integer that is greater or equal to the - * logarithm to the base 2 of an integer <code>intValue</code>. - * - * @param intValue an integer - * @return The least integer greater or equal to the logarithm to the base 2 - * of <code>intValue</code> - */ - public int getLog(int intValue) - { - int log = 1; - int i = 2; - while (i < intValue) - { - i <<= 1; - log++; - } - return log; - } - -} |