Botan
1.11.15
|
00001 /** 00002 * (C) 2014 cryptosource GmbH 00003 * (C) 2014 Falko Strenzke fstrenzke@cryptosource.de 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 * 00007 */ 00008 00009 #include <botan/mce_kem.h> 00010 #include <botan/sha2_64.h> 00011 00012 namespace Botan { 00013 00014 McEliece_KEM_Encryptor::McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key) : 00015 m_raw_pub_op(public_key, public_key.get_code_length()) 00016 { 00017 } 00018 00019 std::pair<secure_vector<byte>, secure_vector<byte>> 00020 McEliece_KEM_Encryptor::encrypt(RandomNumberGenerator& rng) 00021 { 00022 const McEliece_PublicKey& key = m_raw_pub_op.get_key(); 00023 secure_vector<Botan::byte> plaintext((key.get_message_word_bit_length()+7)/8); 00024 rng.randomize(&plaintext[0], plaintext.size() ); 00025 00026 // unset unused bits in the last plaintext byte 00027 u32bit used = key.get_message_word_bit_length() % 8; 00028 if(used) 00029 { 00030 byte mask = (1 << used) - 1; 00031 plaintext[plaintext.size() - 1] &= mask; 00032 } 00033 00034 secure_vector<gf2m> err_pos = create_random_error_positions(key.get_code_length(), key.get_t(), rng); 00035 00036 mceliece_message_parts parts(err_pos, plaintext, key.get_code_length()); 00037 secure_vector<Botan::byte> message_and_error_input = parts.get_concat(); 00038 00039 SHA_512 hash; 00040 hash.update(message_and_error_input); 00041 secure_vector<byte> sym_key = hash.final(); 00042 secure_vector<byte> ciphertext = m_raw_pub_op.encrypt(&message_and_error_input[0], 00043 message_and_error_input.size(), rng); 00044 00045 return std::make_pair(ciphertext, sym_key); 00046 } 00047 00048 00049 McEliece_KEM_Decryptor::McEliece_KEM_Decryptor(const McEliece_PrivateKey& mce_key) : 00050 m_raw_priv_op(mce_key) 00051 { 00052 } 00053 00054 secure_vector<Botan::byte> McEliece_KEM_Decryptor::decrypt(const byte msg[], size_t msg_len) 00055 { 00056 secure_vector<Botan::byte> message_and_error = m_raw_priv_op.decrypt(&msg[0], msg_len ); 00057 00058 SHA_512 hash; 00059 hash.update(message_and_error); 00060 00061 secure_vector<byte> sym_key = hash.final(); 00062 return sym_key; 00063 } 00064 00065 }