using Org.BouncyCastle.Utilities.IO.Compression; using System.Collections.Generic; using System.IO; namespace Org.BouncyCastle.Pqc.Crypto.Sike { internal class P503 : Internal { internal P503(bool isCompressed) { COMPRESS = isCompressed; CRYPTO_SECRETKEYBYTES = 434; CRYPTO_PUBLICKEYBYTES = 378; CRYPTO_BYTES = 24; CRYPTO_CIPHERTEXTBYTES = 402; if (isCompressed) { CRYPTO_SECRETKEYBYTES = 407; CRYPTO_PUBLICKEYBYTES = 225; CRYPTO_CIPHERTEXTBYTES = 280; } NWORDS_FIELD = 8; PRIME_ZERO_WORDS = 3; NBITS_FIELD = 503; MAXBITS_FIELD = 512; MAXWORDS_FIELD = (MAXBITS_FIELD + Internal.RADIX - 1) / Internal.RADIX; NWORDS64_FIELD = (NBITS_FIELD + 63) / 64; NBITS_ORDER = 256; NWORDS_ORDER = (NBITS_ORDER + Internal.RADIX - 1) / Internal.RADIX; NWORDS64_ORDER = (NBITS_ORDER + 63) / 64; MAXBITS_ORDER = NBITS_ORDER; ALICE = 0; BOB = 1; OALICE_BITS = 250; OBOB_BITS = 253; OBOB_EXPON = 159; MASK_ALICE = 3; MASK_BOB = 15; PARAM_A = 6; PARAM_C = 1; MAX_INT_POINTS_ALICE = 7; MAX_INT_POINTS_BOB = 8; MAX_Alice = 125; MAX_Bob = 159; MSG_BYTES = 24; SECRETKEY_A_BYTES = (OALICE_BITS + 7) / 8; SECRETKEY_B_BYTES = (OBOB_BITS - 1 + 7) / 8; FP2_ENCODED_BYTES = 2 * ((NBITS_FIELD + 7) / 8); PRIME = new ulong[8] { ulong.MaxValue, ulong.MaxValue, ulong.MaxValue, 12393906174523604991, 1371447078966912928, 1989455001339985327, 6937169319750509776, 18127602061483550 }; PRIMEx2 = new ulong[8] { 18446744073709551614, ulong.MaxValue, ulong.MaxValue, 6341068275337658367, 2742894157933825857, 3978910002679970654, 13874338639501019552, 36255204122967100 }; PRIMEx4 = new ulong[8] { 18446744073709551612, ulong.MaxValue, ulong.MaxValue, 12682136550675316735, 5485788315867651714, 7957820005359941308, 9301933205292487488, 72510408245934201 }; PRIMEp1 = new ulong[8] { 0, 0, 0, 12393906174523604992, 1371447078966912928, 1989455001339985327, 6937169319750509776, 18127602061483550 }; PRIMEp1x64 = new ulong[4] { 13985636759044220971, 16644655643501751236, 1256978695003386886, 1160166531934947224 }; PRIMEx16p = new ulong[16] { 16, 0, 0, 9223372036854775808, 11453925694187441130, 10124416251958675997, 17818254726207858172, 3527199594194418739, 1469206208402633719, 16125476666494931876, 3713841762384630283, 5732158007287747578, 16015846162495051931, 13616710210549735357, 5867348778409282426, 285023702989702 }; Alice_order = new ulong[4] { 0, 0, 0, 288230376151711744 }; Bob_order = new ulong[4] { 13985636759044220971, 16644655643501751236, 1256978695003386886, 1160166531934947224 }; A_gen = new ulong[48] { 6703660896400103571, 12537332160849053239, 3678485159306027873, 17353623398657820066, 2873992082182551772, 7171536194148839865, 10181624625838804804, 16352189888232255, 9094247284453741849, 15253039841833755244, 13880693959290797529, 18392215330245950546, 15398807590945265407, 1922054504381246808, 17050426384711021178, 7612225463883843, 5585423759613901741, 2458739554285137871, 8711841994324700402, 7897112202292909028, 5786141083180541608, 17280526905686863908, 14661266504429629391, 4594121609494003, 969679319129173575, 16094612563470158573, 13288942754001159038, 9883757633938792291, 11495715571241890913, 9379070488088296136, 16918015978071401965, 1716330900454016, 2133917679667870743, 6131595433662066731, 4132892201466249495, 4243264721812232392, 6868906156409292872, 17926026206927608938, 15578721314078959076, 12061138545445877, 14152221740469333595, 8869864843183837084, 9745375904961687712, 13481433594105150145, 11621254945640950360, 9850236505881797121, 3990273888349394775, 1829864135412729 }; B_gen = new ulong[48] { 16096726836148725979, 14054702278015845390, 4385548945328509436, 17675320158140042461, 4241169154243281967, 9391123633589229008, 7121043649763917783, 8110065236168021, 0, 0, 0, 0, 0, 0, 0, 0, 3329382374260773473, 3539711558809017592, 6589269349358072822, 3923158083819410753, 13173389878972436303, 1859160943325703733, 17652416194769656287, 15124960556656395, 0, 0, 0, 0, 0, 0, 0, 0, 3317107392457288018, 15204737728010292594, 2378317285299659333, 2752067541212454492, 5401008318620329606, 14961513289750612371, 17521159050955881097, 3869545957505286, 279293490929988356, 11042087747279613526, 9241719920557877023, 1152299110578731394, 16538596947068471601, 1402013848611896279, 564564276466162271, 16163713578947404 }; Montgomery_R2 = new ulong[8] { 5947461595517747487, 11207248842288190137, 11795883816894656890, 6612826553991653612, 11408068157014623267, 13801731633100576405, 5109635575176285622, 17852757024708465 }; Montgomery_one = new ulong[8] { 1017, 0, 0, 12970366926827028480, 7190870292575474356, 5866111745285600125, 10001782044489826626, 10972777180780883 }; strat_Alice = new uint[124] { 61, 32, 16, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 16, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 29, 16, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 13, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 5, 4, 2, 1, 1, 2, 1, 1, 2, 1, 1, 1 }; strat_Bob = new uint[158] { 71, 38, 21, 13, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 5, 4, 2, 1, 1, 2, 1, 1, 2, 1, 1, 1, 9, 5, 3, 2, 1, 1, 1, 1, 2, 1, 1, 1, 4, 2, 1, 1, 1, 2, 1, 1, 17, 9, 5, 3, 2, 1, 1, 1, 1, 2, 1, 1, 1, 4, 2, 1, 1, 1, 2, 1, 1, 8, 4, 2, 1, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 33, 17, 9, 5, 3, 2, 1, 1, 1, 1, 2, 1, 1, 1, 4, 2, 1, 1, 1, 2, 1, 1, 8, 4, 2, 1, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 16, 8, 4, 2, 1, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1, 8, 4, 2, 1, 1, 2, 1, 1, 4, 2, 1, 1, 2, 1, 1 }; if (COMPRESS) { MASK2_BOB = 3; MASK3_BOB = 255; ORDER_A_ENCODED_BYTES = SECRETKEY_A_BYTES; ORDER_B_ENCODED_BYTES = SECRETKEY_B_BYTES; PARTIALLY_COMPRESSED_CHUNK_CT = 4 * ORDER_A_ENCODED_BYTES + FP2_ENCODED_BYTES + 2; COMPRESSED_CHUNK_CT = 3 * ORDER_A_ENCODED_BYTES + FP2_ENCODED_BYTES + 2; UNCOMPRESSEDPK_BYTES = 378; TABLE_R_LEN = 17; TABLE_V_LEN = 34; TABLE_V3_LEN = 20; W_2 = 5; W_3 = 3; ELL2_W = (uint)(1 << (int)W_2); ELL3_W = 27; ELL2_EMODW = (uint)(1 << (int)(OALICE_BITS % W_2)); ELL3_EMODW = 1; DLEN_2 = (OALICE_BITS + W_2 - 1) / W_2; DLEN_3 = (OBOB_EXPON + W_3 - 1) / W_3; PLEN_2 = 51; PLEN_3 = 54; Dictionary<string, string> dictionary = new Dictionary<string, string>(); using (Stream stream = typeof(P503).Assembly.GetManifestResourceStream("Org.BouncyCastle.pqc.crypto.sike.p503.bz2")) using (StreamReader streamReader = new StreamReader(Bzip2.DecompressInput(stream, false))) { string text = streamReader.ReadLine(); int num = 0; while (text != null) { string text2 = text; if (text2 != "") { if (num > 1) text2 = text2.Replace(",", ""); int num2 = text2.IndexOf('='); string key = text2.Substring(0, num2).Trim(); string value = text2.Substring(num2 + 1).Trim(); dictionary.Add(key, value); num++; } text = streamReader.ReadLine(); } } ph2_path = Internal.ReadIntsFromProperty(dictionary, "ph2_path", PLEN_2); ph3_path = Internal.ReadIntsFromProperty(dictionary, "ph3_path", PLEN_3); A_gen = Internal.ReadFromProperty(dictionary, "A_gen", 6 * NWORDS64_FIELD); B_gen = Internal.ReadFromProperty(dictionary, "B_gen", 6 * NWORDS64_FIELD); XQB3 = Internal.ReadFromProperty(dictionary, "XQB3", 2 * NWORDS64_FIELD); A_basis_zero = Internal.ReadFromProperty(dictionary, "A_basis_zero", 8 * NWORDS64_FIELD); B_basis_zero = Internal.ReadFromProperty(dictionary, "B_basis_zero", 8 * NWORDS64_FIELD); B_gen_3_tors = Internal.ReadFromProperty(dictionary, "B_gen_3_tors", 16 * NWORDS64_FIELD); g_R_S_im = Internal.ReadFromProperty(dictionary, "g_R_S_im", NWORDS64_FIELD); Montgomery_R2 = Internal.ReadFromProperty(dictionary, "Montgomery_R2", NWORDS64_FIELD); Montgomery_RB1 = Internal.ReadFromProperty(dictionary, "Montgomery_RB1", NWORDS64_FIELD); Montgomery_RB2 = Internal.ReadFromProperty(dictionary, "Montgomery_RB2", NWORDS64_FIELD); Montgomery_one = Internal.ReadFromProperty(dictionary, "Montgomery_one", NWORDS64_FIELD); threeinv = Internal.ReadFromProperty(dictionary, "threeinv", NWORDS64_FIELD); u_entang = Internal.ReadFromProperty(dictionary, "u_entang", 2 * NWORDS64_FIELD); u0_entang = Internal.ReadFromProperty(dictionary, "u0_entang", 2 * NWORDS64_FIELD); table_r_qr = Internal.ReadFromProperty(dictionary, "table_r_qr", TABLE_R_LEN, NWORDS64_FIELD); table_r_qnr = Internal.ReadFromProperty(dictionary, "table_r_qnr", TABLE_R_LEN, NWORDS64_FIELD); table_v_qr = Internal.ReadFromProperty(dictionary, "table_v_qr", TABLE_V_LEN, NWORDS64_FIELD); table_v_qnr = Internal.ReadFromProperty(dictionary, "table_v_qnr", TABLE_V_LEN, NWORDS64_FIELD); v_3_torsion = Internal.ReadFromProperty(dictionary, "v_3_torsion", TABLE_V3_LEN, 2, NWORDS64_FIELD); T_tate3 = Internal.ReadFromProperty(dictionary, "T_tate3", (6 * (OBOB_EXPON - 1) + 4) * NWORDS64_FIELD); T_tate2_firststep_P = Internal.ReadFromProperty(dictionary, "T_tate2_firststep_P", 4 * NWORDS64_FIELD); T_tate2_P = Internal.ReadFromProperty(dictionary, "T_tate2_P", 3 * (OALICE_BITS - 2) * NWORDS64_FIELD); T_tate2_firststep_Q = Internal.ReadFromProperty(dictionary, "T_tate2_firststep_Q", 4 * NWORDS64_FIELD); T_tate2_Q = Internal.ReadFromProperty(dictionary, "T_tate2_Q", 3 * (OALICE_BITS - 2) * NWORDS64_FIELD); ph2_T = Internal.ReadFromProperty(dictionary, "ph2_T", DLEN_2 * (ELL2_W >> 1) * 2 * NWORDS64_FIELD); ph3_T = Internal.ReadFromProperty(dictionary, "ph3_T", DLEN_3 * (ELL3_W >> 1) * 2 * NWORDS64_FIELD); Montgomery_R = new ulong[NWORDS64_FIELD]; ph3_T1 = new ulong[DLEN_3 * (ELL3_W >> 1) * 2 * NWORDS64_FIELD]; ph3_T2 = new ulong[DLEN_3 * (ELL3_W >> 1) * 2 * NWORDS64_FIELD]; ph2_T1 = new ulong[2 * ((DLEN_2 - 1) * (ELL2_W / 2) + (ph2_path[PLEN_2 - 1] - 1))]; ph2_T2 = new ulong[2 * ((DLEN_2 - 1) * (ELL2_W / 2) + (ph2_path[PLEN_2 - 1] - 1))]; } } } }