Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
iang
/
circuit-oram-docker
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Strom: 4e530cd7df
Branche Tagy
circuit-oram...
/
src
/
crypto
/
PRF.java

PRF.java 2.5 KB
História Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. package crypto;
    2. 

  2. 

  3. import java.security.InvalidKeyException;
    4. 

  4. import java.security.NoSuchAlgorithmException;
    5. 

  5. 

  6. import javax.crypto.BadPaddingException;
    7. 

  7. import javax.crypto.Cipher;
    8. 

  8. import javax.crypto.IllegalBlockSizeException;
    9. 

  9. import javax.crypto.NoSuchPaddingException;
    10. 

  10. import javax.crypto.spec.SecretKeySpec;
    11. 

  11. 

  12. import org.bouncycastle.util.Arrays;
    13. 

  13. 

  14. import exceptions.IllegalInputException;
    15. 

  15. import exceptions.LengthNotMatchException;
    16. 

  16. import util.Util;
    17. 

  17. 

  18. public class PRF {
    19. 

  19. 

  20. 	private Cipher cipher;
    21. 

  21. 	private int l; // output bit length
    22. 

  22. 

  23. 	private int maxInputBytes = 12;
    24. 

  24. 

  25. 	public PRF(int l) {
    26. 

  26. 		try {
    27. 

  27. 			cipher = Cipher.getInstance("AES/ECB/NoPadding");
    28. 

  28. 		} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
    29. 

  29. 			e.printStackTrace();
    30. 

  30. 		}
    31. 

  31. 		this.l = l;
    32. 

  32. 	}
    33. 

  33. 

  34. 	public void init(byte[] key) {
    35. 

  35. 		if (key.length != 16)
    36. 

  36. 			throw new LengthNotMatchException(key.length + " != 16");
    37. 

  37. 

  38. 		SecretKeySpec skey = new SecretKeySpec(key, "AES");
    39. 

  39. 		try {
    40. 

  40. 			cipher.init(Cipher.ENCRYPT_MODE, skey);
    41. 

  41. 		} catch (InvalidKeyException e) {
    42. 

  42. 			e.printStackTrace();
    43. 

  43. 		}
    44. 

  44. 	}
    45. 

  45. 

  46. 	public byte[] compute(byte[] input) {
    47. 

  47. 		if (input.length > maxInputBytes)
    48. 

  48. 			throw new IllegalInputException(input.length + " > " + maxInputBytes);
    49. 

  49. 

  50. 		byte[] in = new byte[16];
    51. 

  51. 		System.arraycopy(input, 0, in, in.length - input.length, input.length);
    52. 

  52. 		byte[] output = null;
    53. 

  53. 		if (l <= 128)
    54. 

  54. 			output = leq128(in, l);
    55. 

  55. 		else
    56. 

  56. 			output = g128(in);
    57. 

  57. 

  58. 		return output;
    59. 

  59. 	}
    60. 

  60. 

  61. 	private byte[] leq128(byte[] input, int np) {
    62. 

  62. 		byte[] ctext = null;
    63. 

  63. 		try {
    64. 

  64. 			ctext = cipher.doFinal(input);
    65. 

  65. 		} catch (IllegalBlockSizeException | BadPaddingException e) {
    66. 

  66. 			e.printStackTrace();
    67. 

  67. 		}
    68. 

  68. 

  69. 		int outBytes = (np + 7) / 8;
    70. 

  70. 		if (ctext.length == outBytes)
    71. 

  71. 			return ctext;
    72. 

  72. 		else
    73. 

  73. 			return Arrays.copyOfRange(ctext, ctext.length - outBytes, ctext.length);
    74. 

  74. 	}
    75. 

  75. 

  76. 	private byte[] g128(byte[] input) {
    77. 

  77. 		int n = l / 128;
    78. 

  78. 		int outBytes = (l + 7) / 8;
    79. 

  79. 		byte[] output = new byte[outBytes];
    80. 

  80. 

  81. 		int len = Math.min(16 - maxInputBytes, 4);
    82. 

  82. 		for (int i = 0; i < n; i++) {
    83. 

  83. 			byte[] index = Util.intToBytes(i + 1);
    84. 

  84. 			System.arraycopy(index, 4 - len, input, 16 - maxInputBytes - len, len);
    85. 

  85. 			byte[] seg = leq128(input, 128);
    86. 

  86. 			System.arraycopy(seg, 0, output, i * seg.length, seg.length);
    87. 

  87. 		}
    88. 

  88. 		int np = l % 128;
    89. 

  89. 		if (np == 0)
    90. 

  90. 			return output;
    91. 

  91. 

  92. 		byte[] index = Util.intToBytes(n + 1);
    93. 

  93. 		System.arraycopy(index, 4 - len, input, 16 - maxInputBytes - len, len);
    94. 

  94. 		byte[] last = leq128(input, np);
    95. 

  95. 		System.arraycopy(last, 0, output, outBytes - last.length, last.length);
    96. 

  96. 		return output;
    97. 

  97. 	}
    98. 

  98. }
    99.