1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
|
package org.spongycastle.pqc.jcajce.provider.mceliece;
import java.io.IOException;
import java.security.PrivateKey;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.DERNull;
import org.spongycastle.asn1.pkcs.PrivateKeyInfo;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.pqc.asn1.McEliecePrivateKey;
import org.spongycastle.pqc.crypto.mceliece.McElieceKeyPairGenerator;
import org.spongycastle.pqc.crypto.mceliece.McElieceParameters;
import org.spongycastle.pqc.crypto.mceliece.McEliecePrivateKeyParameters;
import org.spongycastle.pqc.jcajce.spec.McEliecePrivateKeySpec;
import org.spongycastle.pqc.math.linearalgebra.GF2Matrix;
import org.spongycastle.pqc.math.linearalgebra.GF2mField;
import org.spongycastle.pqc.math.linearalgebra.Permutation;
import org.spongycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
/**
* This class implements a McEliece private key and is usually instantiated by
* the {@link McElieceKeyPairGenerator} or {@link McElieceKeyFactorySpi}.
*/
public class BCMcEliecePrivateKey
implements CipherParameters, PrivateKey
{
/**
*
*/
private static final long serialVersionUID = 1L;
// the OID of the algorithm
private String oid;
// the length of the code
private int n;
// the dimension of the code, where <tt>k >= n - mt</tt>
private int k;
// the underlying finite field
private GF2mField field;
// the irreducible Goppa polynomial
private PolynomialGF2mSmallM goppaPoly;
// the matrix S^-1
private GF2Matrix sInv;
// the permutation P1 used to generate the systematic check matrix
private Permutation p1;
// the permutation P2 used to compute the public generator matrix
private Permutation p2;
// the canonical check matrix of the code
private GF2Matrix h;
// the matrix used to compute square roots in <tt>(GF(2^m))^t</tt>
private PolynomialGF2mSmallM[] qInv;
private McElieceParameters mcElieceParams;
/**
* Constructor (used by the {@link McElieceKeyPairGenerator}).
*
* @param oid
* @param n the length of the code
* @param k the dimension of the code
* @param field the field polynomial defining the finite field
* <tt>GF(2<sup>m</sup>)</tt>
* @param goppaPoly the irreducible Goppa polynomial
* @param sInv the matrix <tt>S<sup>-1</sup></tt>
* @param p1 the permutation used to generate the systematic check
* matrix
* @param p2 the permutation used to compute the public generator
* matrix
* @param h the canonical check matrix
* @param qInv the matrix used to compute square roots in
* <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt>
*/
public BCMcEliecePrivateKey(String oid, int n, int k, GF2mField field,
PolynomialGF2mSmallM goppaPoly, GF2Matrix sInv, Permutation p1,
Permutation p2, GF2Matrix h, PolynomialGF2mSmallM[] qInv)
{
this.oid = oid;
this.n = n;
this.k = k;
this.field = field;
this.goppaPoly = goppaPoly;
this.sInv = sInv;
this.p1 = p1;
this.p2 = p2;
this.h = h;
this.qInv = qInv;
}
/**
* Constructor (used by the {@link McElieceKeyFactorySpi}).
*
* @param keySpec a {@link McEliecePrivateKeySpec}
*/
public BCMcEliecePrivateKey(McEliecePrivateKeySpec keySpec)
{
this(keySpec.getOIDString(), keySpec.getN(), keySpec.getK(), keySpec.getField(), keySpec
.getGoppaPoly(), keySpec.getSInv(), keySpec.getP1(), keySpec
.getP2(), keySpec.getH(), keySpec.getQInv());
}
public BCMcEliecePrivateKey(McEliecePrivateKeyParameters params)
{
this(params.getOIDString(), params.getN(), params.getK(), params.getField(), params.getGoppaPoly(),
params.getSInv(), params.getP1(), params.getP2(), params.getH(), params.getQInv());
this.mcElieceParams = params.getParameters();
}
/**
* Return the name of the algorithm.
*
* @return "McEliece"
*/
public String getAlgorithm()
{
return "McEliece";
}
/**
* @return the length of the code
*/
public int getN()
{
return n;
}
/**
* @return the dimension of the code
*/
public int getK()
{
return k;
}
/**
* @return the finite field
*/
public GF2mField getField()
{
return field;
}
/**
* @return the irreducible Goppa polynomial
*/
public PolynomialGF2mSmallM getGoppaPoly()
{
return goppaPoly;
}
/**
* @return the k x k random binary non-singular matrix S
*/
public GF2Matrix getSInv()
{
return sInv;
}
/**
* @return the permutation used to generate the systematic check matrix
*/
public Permutation getP1()
{
return p1;
}
/**
* @return the permutation used to compute the public generator matrix
*/
public Permutation getP2()
{
return p2;
}
/**
* @return the canonical check matrix
*/
public GF2Matrix getH()
{
return h;
}
/**
* @return the matrix for computing square roots in <tt>(GF(2^m))^t</tt>
*/
public PolynomialGF2mSmallM[] getQInv()
{
return qInv;
}
/**
* @return the OID of the algorithm
*/
public String getOIDString()
{
return oid;
}
/**
* @return a human readable form of the key
*/
public String toString()
{
String result = " length of the code : " + n + "\n";
result += " dimension of the code : " + k + "\n";
result += " irreducible Goppa polynomial: " + goppaPoly + "\n";
result += " (k x k)-matrix S^-1 : " + sInv + "\n";
result += " permutation P1 : " + p1 + "\n";
result += " permutation P2 : " + p2;
return result;
}
/**
* Compare this key with another object.
*
* @param other the other object
* @return the result of the comparison
*/
public boolean equals(Object other)
{
if (!(other instanceof BCMcEliecePrivateKey))
{
return false;
}
BCMcEliecePrivateKey otherKey = (BCMcEliecePrivateKey)other;
return (n == otherKey.n) && (k == otherKey.k)
&& field.equals(otherKey.field)
&& goppaPoly.equals(otherKey.goppaPoly)
&& sInv.equals(otherKey.sInv) && p1.equals(otherKey.p1)
&& p2.equals(otherKey.p2) && h.equals(otherKey.h);
}
/**
* @return the hash code of this key
*/
public int hashCode()
{
return k + n + field.hashCode() + goppaPoly.hashCode()
+ sInv.hashCode() + p1.hashCode() + p2.hashCode()
+ h.hashCode();
}
/**
* @return the OID to encode in the SubjectPublicKeyInfo structure
*/
protected ASN1ObjectIdentifier getOID()
{
return new ASN1ObjectIdentifier(McElieceKeyFactorySpi.OID);
}
/**
* @return the algorithm parameters to encode in the SubjectPublicKeyInfo
* structure
*/
protected ASN1Primitive getAlgParams()
{
return null; // FIXME: needed at all?
}
/**
* Return the key data to encode in the SubjectPublicKeyInfo structure.
* <p/>
* The ASN.1 definition of the key structure is
* <p/>
* <pre>
* McEliecePrivateKey ::= SEQUENCE {
* n INTEGER -- length of the code
* k INTEGER -- dimension of the code
* fieldPoly OCTET STRING -- field polynomial defining GF(2ˆm)
* goppaPoly OCTET STRING -- irreducible Goppa polynomial
* sInv OCTET STRING -- matrix Sˆ-1
* p1 OCTET STRING -- permutation P1
* p2 OCTET STRING -- permutation P2
* h OCTET STRING -- canonical check matrix
* qInv SEQUENCE OF OCTET STRING -- matrix used to compute square roots
* }
* </pre>
*
* @return the key data to encode in the SubjectPublicKeyInfo structure
*/
public byte[] getEncoded()
{
McEliecePrivateKey privateKey = new McEliecePrivateKey(new ASN1ObjectIdentifier(oid), n, k, field, goppaPoly, sInv, p1, p2, h, qInv);
PrivateKeyInfo pki;
try
{
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(this.getOID(), DERNull.INSTANCE);
pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
}
catch (IOException e)
{
e.printStackTrace();
return null;
}
try
{
byte[] encoded = pki.getEncoded();
return encoded;
}
catch (IOException e)
{
e.printStackTrace();
return null;
}
}
public String getFormat()
{
// TODO Auto-generated method stub
return null;
}
public McElieceParameters getMcElieceParameters()
{
return mcElieceParams;
}
}
|
