diff --git a/include/codecrypt.h b/include/codecrypt.h index 4c2a749..05c7346 100644 --- a/include/codecrypt.h +++ b/include/codecrypt.h @@ -215,6 +215,10 @@ public: void shift (uint); uint eval (uint, gf2m&) const; + uint head() { + if ( (t = degree() ) >= 0) return item (t); + else return 0; + } void add (const polynomial&, gf2m&); void mult (const polynomial&, gf2m&); void add_mult (const polynomial&, uint mult, gf2m&); @@ -228,6 +232,7 @@ public: void sqrt (vector&, gf2m&); polynomial gcd (polynomial, gf2m&); void mod_to_fracton (polynomial&, polynomial&, polynomial&, gf2m&); + void ext_euclid (polynomial&, polynomial&, polynomial&, gf2m&, int); bool is_irreducible (gf2m&) const; void generate_random_irreducible (uint s, gf2m&, prng&); diff --git a/lib/decoding.cpp b/lib/decoding.cpp index 7d6c6f0..cc5e5d5 100644 --- a/lib/decoding.cpp +++ b/lib/decoding.cpp @@ -1,8 +1,10 @@ #include "decoding.h" -void compute_error_locator (polynomial&syndrome, gf2m&fld, polynomial& goppa, - std::vector& sqInv, polynomial&out) +void compute_goppa_error_locator (polynomial&syndrome, gf2m&fld, + polynomial& goppa, + std::vector& sqInv, + polynomial&out) { if (syndrome.zero() ) { //ensure no roots @@ -30,6 +32,30 @@ void compute_error_locator (polynomial&syndrome, gf2m&fld, polynomial& goppa, out = a; } +void compute_alternant_error_locator (polynomial&syndrome, gf2m&fld, + uint t, polynomial&out) +{ + if (syndrome.zero() ) { + //ensure no roots + out.resize (1); + out[0] = 1; + return; + } + + polynomial a, b; + + polynomial x2t; //should be x^2t + x2t.clear(); + x2t.resize (1, 1); + x2t.shift (2 * t); + + syndrome.ext_euclid (a, b, x2t, fld, t - 1); + uint b0inv = fld.inv (b[0]); + for (uint i = 0; i < b.size(); ++i) b[i] = fld.mult (b[i], b0inv); + out = b; + //we don't care about error evaluator +} + bool evaluate_error_locator_dumb (polynomial&a, bvector&ev, gf2m&fld) { ev.clear(); diff --git a/lib/decoding.h b/lib/decoding.h index a88f5e1..199ced8 100644 --- a/lib/decoding.h +++ b/lib/decoding.h @@ -6,11 +6,16 @@ using namespace ccr; -void compute_error_locator (polynomial&syndrome, - gf2m&fld, - polynomial&goppa, - std::vector& sqInv, - polynomial&loc); +void compute_goppa_error_locator (polynomial&syndrome, + gf2m&fld, + polynomial&goppa, + std::vector& sqInv, + polynomial&loc); + +void compute_alternant_error_locator (polynomial&syndrome, + gf2m&fld, + uint tt, + polynomial&loc); bool evaluate_error_locator_dumb (polynomial&el, bvector&ev, gf2m&fld); bool evaluate_error_locator_trace (polynomial&el, bvector&ev, gf2m&fld); diff --git a/lib/mce.cpp b/lib/mce.cpp index adfd5e8..478f345 100644 --- a/lib/mce.cpp +++ b/lib/mce.cpp @@ -80,7 +80,7 @@ int privkey::decrypt (const bvector&in, bvector&out) //decode polynomial synd, loc; syndrome.to_poly (synd, fld); - compute_error_locator (synd, fld, g, sqInv, loc); + compute_goppa_error_locator (synd, fld, g, sqInv, loc); bvector ev; if (!evaluate_error_locator_trace (loc, ev, fld) ) @@ -144,7 +144,7 @@ int privkey::sign (const bvector&in, bvector&out, uint delta, uint attempts, prn } synd.to_poly (Synd, fld); - compute_error_locator (Synd, fld, g, sqInv, loc); + compute_goppa_error_locator (Synd, fld, g, sqInv, loc); if (evaluate_error_locator_trace (loc, e2, fld) ) { diff --git a/lib/mce_oc.cpp b/lib/mce_oc.cpp index 9aa9c1b..fe6ae07 100644 --- a/lib/mce_oc.cpp +++ b/lib/mce_oc.cpp @@ -124,9 +124,9 @@ int privkey::sign (const bvector&in, bvector&out, } synd.to_poly (Synd, fld); - compute_error_locator (Synd, fld, - codes[ci].g, - codes[ci].sqInv, loc); + compute_goppa_error_locator (Synd, fld, + codes[ci].g, + codes[ci].sqInv, loc); if (evaluate_error_locator_trace (loc, e2, fld) ) { cwc.add (e); diff --git a/lib/nd.cpp b/lib/nd.cpp index 41fe8ba..2f8aea8 100644 --- a/lib/nd.cpp +++ b/lib/nd.cpp @@ -59,7 +59,7 @@ int privkey::decrypt (const bvector&in, bvector&out) polynomial loc, synd; unsc.to_poly (synd, fld); - compute_error_locator (synd, fld, g, sqInv, loc); + compute_goppa_error_locator (synd, fld, g, sqInv, loc); bvector ev; if (!evaluate_error_locator_trace (loc, ev, fld) ) @@ -93,7 +93,7 @@ int privkey::sign (const bvector&in, bvector&out, uint delta, uint attempts, prn Sinv.mult_vec_right (synd, synd_unsc); synd_unsc.to_poly (Synd, fld); - compute_error_locator (Synd, fld, g, sqInv, loc); + compute_goppa_error_locator (Synd, fld, g, sqInv, loc); if (evaluate_error_locator_trace (loc, e, fld) ) { diff --git a/lib/polynomial.cpp b/lib/polynomial.cpp index 3d0ab79..664b28b 100644 --- a/lib/polynomial.cpp +++ b/lib/polynomial.cpp @@ -339,9 +339,45 @@ void polynomial::inv (polynomial&m, gf2m&fld) div (a, m, fld); } +void polynomial::ext_euclid (polynomial&a_out, polynomial&b_out, + polynomial&m, gf2m&fld, int deg) +{ + //TODO: speed this up (spare degree calculations) + polynomial A, B, a, b, tmp; + int j; + uint h; + + A = *this; + a = m; + B.clear(); + B.resize (1, 1); + b.clear(); + + while (a.degree() > deg) { + if (A.degree() < 0) + break; + + A.swap (a); + B.swap (b); + while ( (j = A.degree() - a.degree() ) >= 0) { + h = fld.mult (A.head(), fld.inv (a.head() ) ); + tmp = a; + tmp.shift (j); + A.add_mult (tmp, h, fld); + tmp = b; + tmp.shift (j); + B.add_mult (tmp, h, fld); + } + } + + a.swap (a_out); + b.swap (b_out); +} + void polynomial::mod_to_fracton (polynomial&a, polynomial&b, polynomial&m, gf2m&fld) { + //TODO: replace with ext_euclid int deg = m.degree() / 2; polynomial a0, a1, b0, b1, q, r; a0 = m;