public void testFromToBinary3Sves()
{
sbyte[] signed = new sbyte[] { -112, -78, 19, 15, 99, -65, -56, -90, 44, -93, -109, 104, 40, 90, -84, -21, -124, 51, -33, 4, -51, -106, 33, 86, -76, 42, 41, -17, 47, 79, 81, -29, 15, 116, 101, 120, 116, 32, 116, 111, 32, 101, 110, 99, 114, 121, 112, 116, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] a = (byte[])(Array)signed;
IntegerPolynomial poly = IntegerPolynomial.FromBinary3Sves(a, 1499);
byte[] b = poly.ToBinary3Sves();
Assert.True(a.SequenceEqual(b));
}
private void FromToBinary3Sves()
{
byte[] a = ByteUtils.ToBytes(new sbyte[] { -112, -78, 19, 15, 99, -65, -56, -90, 44, -93, -109, 104, 40, 90, -84, -21, -124, 51, -33, 4, -51, -106, 33, 86, -76, 42, 41, -17, 47, 79, 81, -29, 15, 116, 101, 120, 116, 32, 116, 111, 32, 101, 110, 99, 114, 121, 112, 116, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 });
IntegerPolynomial poly = IntegerPolynomial.FromBinary3Sves(a, 1499, false);
byte[] b = poly.ToBinary3Sves(false);
if (!Compare.AreEqual(a, b))
{
throw new Exception("IntegerPolynomialTest FromToBinary3Sves test failed!");
}
}
/// <summary>
/// Encrypts a message
/// </summary>
///
/// <param name="Input">The message to encrypt</param>
///
/// <returns>The encrypted message</returns>
///
/// <exception cref="NTRUException">If not initialized, the specified hash algorithm is invalid, the encrypted data is invalid, or <c>maxLenBytes</c> is greater than 255</exception>
public byte[] Encrypt(byte[] Input)
{
if (!_isInitialized)
{
throw new NTRUException("NTRUEncrypt:Encrypt", "The cipher has not been initialized!", new InvalidOperationException());
}
IntegerPolynomial pub = ((NTRUPublicKey)_keyPair.PublicKey).H;
int N = _encParams.N;
int q = _encParams.Q;
int maxLenBytes = _encParams.MaxMsgLenBytes;
int db = _encParams.Db;
int bufferLenBits = _encParams.BufferLenBits;
int dm0 = _encParams.Dm0;
int maxM1 = _encParams.MaxM1;
int minCallsMask = _encParams.MinMGFHashCalls;
bool hashSeed = _encParams.HashSeed;
int msgLen = Input.Length;
//if (maxLenBytes > 255)
// throw new NTRUException("len values bigger than 255 are not supported");
if (msgLen > maxLenBytes)
{
throw new NTRUException("NTRUEncrypt:Encrypt", string.Format("Message too long: {0} > {1}!", msgLen, maxLenBytes), new InvalidDataException());
}
while (true)
{
// M = b|octL|m|p0
byte[] b = new byte[db / 8];
// forward padding
_rndEngine.GetBytes(b);
byte[] p0 = new byte[maxLenBytes + 1 - msgLen];
byte[] msgTmp;
using (BinaryWriter writer = new BinaryWriter(new MemoryStream((bufferLenBits + 7) / 8)))
{
writer.Write(b);
writer.Write((byte)msgLen);
writer.Write(Input);
writer.Write(p0);
msgTmp = ((MemoryStream)writer.BaseStream).ToArray();
}
// don't use the constant coeff if maxM1 is set; see below
IntegerPolynomial mTrin = IntegerPolynomial.FromBinary3Sves(msgTmp, N, maxM1 > 0);
byte[] sData = GetSeed(Input, pub, b);
IPolynomial r = GenerateBlindingPoly(sData);
IntegerPolynomial R = r.Multiply(pub, q);
byte[] oR4 = R.ToBinary4();
IntegerPolynomial mask = MGF(oR4, N, minCallsMask, hashSeed);
mTrin.Add(mask);
// If df and dr are close to N/3, and the absolute value of mTrin.sumCoeffs() is
// large enough, the message becomes vulnerable to a meet-in-the-middle attack.
// To prevent this, we set the constant coefficient to zero but first check to ensure
// sumCoeffs() is small enough to keep the likelihood of a decryption failure low.
if (maxM1 > 0)
{
if (mTrin.SumCoeffs() > maxM1)
{
continue;
}
mTrin.Coeffs[0] = 0;
}
mTrin.Mod3();
if (mTrin.Count(-1) < dm0)
{
continue;
}
if (mTrin.Count(0) < dm0)
{
continue;
}
if (mTrin.Count(1) < dm0)
{
continue;
}
R.Add(mTrin, q);
R.EnsurePositive(q);
return(R.ToBinary(q));
}
}
