mce: key generator

include/codecrypt.h

@@ -75,8 +75,8 @@ public:
 	bool get_left_square (matrix&);
 	bool strip_left_square (matrix&);
 	void extend_left_compact (matrix&);
-	bool goppa_systematic_form (matrix&, permutation&, prng&);
-	bool goppa_systematic_form (matrix&, const permutation&);
+	bool create_goppa_generator (matrix&, permutation&, prng&);
+	bool create_goppa_generator (matrix&, const permutation&);
 };
 
 /*
@@ -148,12 +148,14 @@ public:
 	matrix Sinv;
 	permutation Pinv;
 	polynomial g;
+	permutation hperm;
+	gf2m fld;
 
 	// derivable things not needed in actual key
 	matrix h;
-	permutation hperm;
-	matrix sqInv;
+	std::vector<polynomial> sqInv;
 
+	int prepare();
 	int decrypt (const bvector&, bvector&);
 	int sign (const bvector&, bvector&, uint, uint, prng&);
 };
@@ -163,11 +165,12 @@ class pubkey
 public:
 	matrix G;
 	uint t;
+
 	int encrypt (const bvector&, bvector&, prng&);
 	int verify (const bvector&, const bvector&, uint, uint);
 };
 
-int generate (pubkey&, privkey&, prng&);
+int generate (pubkey&, privkey&, prng&, uint m, uint t);
 }
 
 /*

lib/matrix.cpp

@@ -141,13 +141,13 @@ void matrix::extend_left_compact (matrix&r)
 	}
 }
 
-bool matrix::goppa_systematic_form (matrix&g, permutation&p, prng&rng)
+bool matrix::create_goppa_generator (matrix&g, permutation&p, prng&rng)
 {
 	p.generate_random (width(), rng);
-	return goppa_systematic_form (g, p);
+	return create_goppa_generator (g, p);
 }
 
-bool matrix::goppa_systematic_form (matrix&g, const permutation&p)
+bool matrix::create_goppa_generator (matrix&g, const permutation&p)
 {
 	matrix t, sinv, s;
 

lib/mce.cpp

@@ -4,10 +4,44 @@
 using namespace ccr;
 using namespace ccr::mce;
 
-int generate (pubkey&pub, privkey&priv, prng&rng)
+int ccr::mce::generate (pubkey&pub, privkey&priv, prng&rng, uint m, uint t)
 {
+	//finite field
+	priv.fld.create (m);
 
-	return -1; //TODO
+	//goppa polynomial
+	priv.g.generate_random_irreducible (t, priv.fld, rng);
+
+	//check and generator matrix
+	matrix generator;
+	permutation hp;
+	priv.g.compute_goppa_check_matrix (priv.h, priv.fld);
+
+	int attempts_left = 1 << m;
+	for (;;) {
+		if (priv.h.create_goppa_generator (generator, hp, rng) ) break;
+		--attempts_left;
+	}
+	if (!attempts_left) return 1;
+
+	hp.compute_inversion (priv.hperm);
+
+	//scramble matrix
+	matrix S;
+	S.generate_random_invertible (generator.height(), rng);
+	S.compute_inversion (priv.Sinv);
+
+	//scramble permutation
+	permutation P;
+	P.generate_random (generator.width(), rng);
+	P.compute_inversion (priv.Pinv);
+
+	//public key
+	pub.t = t;
+	S.mult (generator);
+	P.permute (S, pub.G);
+
+	return 0;
 }
 
 int pubkey::encrypt (const bvector& in, bvector&out, prng&rng)
@@ -22,6 +56,13 @@ int privkey::decrypt (const bvector&in, bvector&out)
 	return -1; //TODO
 }
 
+int privkey::prepare ()
+{
+	g.compute_goppa_check_matrix (h, fld);
+	g.compute_square_root_matrix (sqInv, fld);
+	return 0;
+}
+
 int privkey::sign (const bvector&in, bvector&out, uint delta, uint h, prng&rng)
 {
 

lib/nd.cpp

@@ -4,7 +4,7 @@
 using namespace ccr;
 using namespace ccr::nd;
 
-int generate (pubkey&pub, privkey&priv, prng&rng)
+int nd::generate (pubkey&pub, privkey&priv, prng&rng)
 {
 
 	return -1; //TODO

src/main.cpp

@@ -1,8 +1,34 @@
 
 #include "codecrypt.h"
 
+#include <stdlib.h>
+#include <time.h>
+
+#include <iostream>
+using namespace std;
+
+class primitiverng : public ccr::prng
+{
+public:
+	uint random (uint n) {
+		return rand() % n;
+	}
+
+	void seed (uint n) {
+		srand (time (NULL) + n);
+	}
+};
+
 int main()
 {
+	uint i, j;
+	primitiverng r;
+	r.seed (0);
+
+	ccr::mce::privkey priv;
+	ccr::mce::pubkey pub;
+	ccr::mce::generate (pub, priv, r, 8, 4);
+
 	return 0;
 }