6704830136

Committed 31 Oct 2023 09:55AM UTC coverage: 91.722% (+0.001%) from 91.721%

Build # 6704830136

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #3752 from randombit/jack/allocator-helper

Split out allocator helpers to allocator.h

Run Details

80150 of 87384 relevant lines covered (91.72%)

8593301.14 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

96.61

/src/lib/pubkey/mce/mceliece.cpp

/*
 * (C) Copyright Projet SECRET, INRIA, Rocquencourt
 * (C) Bhaskar Biswas and  Nicolas Sendrier
 *
 * (C) 2014 cryptosource GmbH
 * (C) 2014 Falko Strenzke fstrenzke@cryptosource.de
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 *
 */

#include <botan/internal/mce_internal.h>

#include <botan/mceliece.h>
#include <botan/mem_ops.h>
#include <botan/internal/bit_ops.h>
#include <botan/internal/code_based_util.h>

namespace Botan {

namespace {

secure_vector<uint8_t> concat_vectors(const secure_vector<uint8_t>& a,
                                      const secure_vector<uint8_t>& b,
                                      size_t dimension,
                                      size_t codimension) {
   secure_vector<uint8_t> x(bit_size_to_byte_size(dimension) + bit_size_to_byte_size(codimension));

   const size_t final_bits = dimension % 8;

   if(final_bits == 0) {
      const size_t dim_bytes = bit_size_to_byte_size(dimension);
      copy_mem(&x[0], a.data(), dim_bytes);
      copy_mem(&x[dim_bytes], b.data(), bit_size_to_byte_size(codimension));
   } else {
      copy_mem(&x[0], a.data(), (dimension / 8));
      size_t l = dimension / 8;
      x[l] = static_cast<uint8_t>(a[l] & ((1 << final_bits) - 1));

      for(size_t k = 0; k < codimension / 8; ++k) {
         x[l] ^= static_cast<uint8_t>(b[k] << final_bits);
         ++l;
         x[l] = static_cast<uint8_t>(b[k] >> (8 - final_bits));
      }
      x[l] ^= static_cast<uint8_t>(b[codimension / 8] << final_bits);
   }

   return x;
}

secure_vector<uint8_t> mult_by_pubkey(const secure_vector<uint8_t>& cleartext,
                                      const std::vector<uint8_t>& public_matrix,
                                      size_t code_length,
                                      size_t t) {
   const size_t ext_deg = ceil_log2(code_length);
   const size_t codimension = ext_deg * t;
   const size_t dimension = code_length - codimension;
   secure_vector<uint8_t> cR(bit_size_to_32bit_size(codimension) * sizeof(uint32_t));

   const uint8_t* pt = public_matrix.data();

   for(size_t i = 0; i < dimension / 8; ++i) {
      for(size_t j = 0; j < 8; ++j) {
         if(cleartext[i] & (1 << j)) {
            xor_buf(cR.data(), pt, cR.size());
         }
         pt += cR.size();
      }
   }

   for(size_t i = 0; i < dimension % 8; ++i) {
      if(cleartext[dimension / 8] & (1 << i)) {
         xor_buf(cR.data(), pt, cR.size());
      }
      pt += cR.size();
   }

   secure_vector<uint8_t> ciphertext = concat_vectors(cleartext, cR, dimension, codimension);
   ciphertext.resize((code_length + 7) / 8);
   return ciphertext;
}

secure_vector<uint8_t> create_random_error_vector(size_t code_length, size_t error_weight, RandomNumberGenerator& rng) {
   secure_vector<uint8_t> result((code_length + 7) / 8);

   size_t bits_set = 0;

   while(bits_set < error_weight) {
      gf2m x = random_code_element(static_cast<uint16_t>(code_length), rng);

      const size_t byte_pos = x / 8;
      const size_t bit_pos = x % 8;

      const uint8_t mask = (1 << bit_pos);

      if(result[byte_pos] & mask) {
         continue;  // already set this bit
      }

      result[byte_pos] |= mask;
      bits_set++;
   }

   return result;
}

}  // namespace

void mceliece_encrypt(secure_vector<uint8_t>& ciphertext_out,
                      secure_vector<uint8_t>& error_mask_out,
                      const secure_vector<uint8_t>& plaintext,
                      const McEliece_PublicKey& key,
                      RandomNumberGenerator& rng) {
   const uint16_t code_length = static_cast<uint16_t>(key.get_code_length());

   secure_vector<uint8_t> error_mask = create_random_error_vector(code_length, key.get_t(), rng);

   secure_vector<uint8_t> ciphertext =
      mult_by_pubkey(plaintext, key.get_public_matrix(), key.get_code_length(), key.get_t());

   ciphertext ^= error_mask;

   ciphertext_out.swap(ciphertext);
   error_mask_out.swap(error_mask);
}

}  // namespace Botan

1	/*
2	* (C) Copyright Projet SECRET, INRIA, Rocquencourt
3	* (C) Bhaskar Biswas and Nicolas Sendrier
4	*
5	* (C) 2014 cryptosource GmbH
6	* (C) 2014 Falko Strenzke fstrenzke@cryptosource.de
7	*
8	* Botan is released under the Simplified BSD License (see license.txt)
9	*
10	*/
11
12	#include <botan/internal/mce_internal.h>
13
14	#include <botan/mceliece.h>
15	#include <botan/mem_ops.h>
16	#include <botan/internal/bit_ops.h>
17	#include <botan/internal/code_based_util.h>
18
19	namespace Botan {
20
21	namespace {
22
23	secure_vector<uint8_t> concat_vectors(const secure_vector<uint8_t>& a,	2,646✔
24	const secure_vector<uint8_t>& b,
25	size_t dimension,
26	size_t codimension) {
27	secure_vector<uint8_t> x(bit_size_to_byte_size(dimension) + bit_size_to_byte_size(codimension));	2,646✔
28
29	const size_t final_bits = dimension % 8;	2,646✔
30
31	if(final_bits == 0) {	2,646✔
32	const size_t dim_bytes = bit_size_to_byte_size(dimension);	713✔
33	copy_mem(&x[0], a.data(), dim_bytes);	713✔
34	copy_mem(&x[dim_bytes], b.data(), bit_size_to_byte_size(codimension));	713✔
35	} else {
36	copy_mem(&x[0], a.data(), (dimension / 8));	1,933✔
37	size_t l = dimension / 8;	1,933✔
38	x[l] = static_cast<uint8_t>(a[l] & ((1 << final_bits) - 1));	1,933✔
39
40	for(size_t k = 0; k < codimension / 8; ++k) {	90,737✔
41	x[l] ^= static_cast<uint8_t>(b[k] << final_bits);	88,804✔
42	++l;	88,804✔
43	x[l] = static_cast<uint8_t>(b[k] >> (8 - final_bits));	88,804✔
44	}
45	x[l] ^= static_cast<uint8_t>(b[codimension / 8] << final_bits);	1,933✔
46	}
47
48	return x;	2,646✔
49	}	×
50
51	secure_vector<uint8_t> mult_by_pubkey(const secure_vector<uint8_t>& cleartext,	2,646✔
52	const std::vector<uint8_t>& public_matrix,
53	size_t code_length,
54	size_t t) {
55	const size_t ext_deg = ceil_log2(code_length);	2,646✔
56	const size_t codimension = ext_deg * t;	2,646✔
57	const size_t dimension = code_length - codimension;	2,646✔
58	secure_vector<uint8_t> cR(bit_size_to_32bit_size(codimension) * sizeof(uint32_t));	2,646✔
59
60	const uint8_t* pt = public_matrix.data();	2,646✔
61
62	for(size_t i = 0; i < dimension / 8; ++i) {	345,526✔
63	for(size_t j = 0; j < 8; ++j) {	3,085,920✔
64	if(cleartext[i] & (1 << j)) {	2,743,040✔
65	xor_buf(cR.data(), pt, cR.size());	1,370,980✔
66	}
67	pt += cR.size();	2,743,040✔
68	}
69	}
70
71	for(size_t i = 0; i < dimension % 8; ++i) {	10,096✔
72	if(cleartext[dimension / 8] & (1 << i)) {	7,450✔
73	xor_buf(cR.data(), pt, cR.size());	3,720✔
74	}
75	pt += cR.size();	7,450✔
76	}
77
78	secure_vector<uint8_t> ciphertext = concat_vectors(cleartext, cR, dimension, codimension);	2,646✔
79	ciphertext.resize((code_length + 7) / 8);	2,646✔
80	return ciphertext;	2,646✔
81	}	2,646✔
82
83	secure_vector<uint8_t> create_random_error_vector(size_t code_length, size_t error_weight, RandomNumberGenerator& rng) {	2,646✔
84	secure_vector<uint8_t> result((code_length + 7) / 8);	2,646✔
85
86	size_t bits_set = 0;	2,646✔
87
88	while(bits_set < error_weight) {	85,383✔
89	gf2m x = random_code_element(static_cast<uint16_t>(code_length), rng);	82,737✔
90
91	const size_t byte_pos = x / 8;	82,737✔
92	const size_t bit_pos = x % 8;	82,737✔
93
94	const uint8_t mask = (1 << bit_pos);	82,737✔
95
96	if(result[byte_pos] & mask) {	82,737✔
97	continue; // already set this bit	1,098✔
98	}
99
100	result[byte_pos] \|= mask;	81,639✔
101	bits_set++;	81,639✔
102	}
103
104	return result;	2,646✔
105	}	×
106
107	} // namespace
108
109	void mceliece_encrypt(secure_vector<uint8_t>& ciphertext_out,	2,646✔
110	secure_vector<uint8_t>& error_mask_out,
111	const secure_vector<uint8_t>& plaintext,
112	const McEliece_PublicKey& key,
113	RandomNumberGenerator& rng) {
114	const uint16_t code_length = static_cast<uint16_t>(key.get_code_length());	2,646✔
115
116	secure_vector<uint8_t> error_mask = create_random_error_vector(code_length, key.get_t(), rng);	2,646✔
117
118	secure_vector<uint8_t> ciphertext =	2,646✔
119	mult_by_pubkey(plaintext, key.get_public_matrix(), key.get_code_length(), key.get_t());	2,646✔
120
121	ciphertext ^= error_mask;	2,646✔
122
123	ciphertext_out.swap(ciphertext);	2,646✔
124	error_mask_out.swap(error_mask);	2,646✔
125	}	2,646✔
126
127	} // namespace Botan

randombit / botan / 6704830136

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous