Round 4 modifications to BIKE

3 files changed, 33 insertions, 51 deletions

diff --git a/crypto/src/pqc/crypto/bike/BikeEngine.cs b/crypto/src/pqc/crypto/bike/BikeEngine.cs
index abf285494..896503c6d 100644
--- a/crypto/src/pqc/crypto/bike/BikeEngine.cs
+++ b/crypto/src/pqc/crypto/bike/BikeEngine.cs
@@ -56,9 +56,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
 
         private byte[] FunctionH(byte[] seed)
         {
+            byte[] res = new byte[r * 2];
             IXof digest = new ShakeDigest(256);
             digest.BlockUpdate(seed, 0, seed.Length);
-            return BikeUtilities.GenerateRandomByteArray(r * 2, 2 * R_BYTE, t, digest);
+            BikeUtilities.GenerateRandomByteArray(res, (uint)r * 2, (uint)t, digest);
+            return res;
         }
 
         private void FunctionL(byte[] e0, byte[] e1, byte[] result)
@@ -137,11 +139,13 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
 #endif
 
             // 1. Randomly generate h0, h1
-            ulong[] h0Element = bikeRing.GenerateRandom(hw, digest);
-            ulong[] h1Element = bikeRing.GenerateRandom(hw, digest);
+            BikeUtilities.GenerateRandomByteArray(h0, (uint)r, (uint)hw, digest);
+            BikeUtilities.GenerateRandomByteArray(h1, (uint)r, (uint)hw, digest);
 
-            bikeRing.EncodeBytes(h0Element, h0);
-            bikeRing.EncodeBytes(h1Element, h1);
+            ulong[] h0Element = bikeRing.Create();
+            ulong[] h1Element = bikeRing.Create();
+            bikeRing.DecodeBytes(h0, h0Element);
+            bikeRing.DecodeBytes(h1, h1Element);
 
             // 2. Compute h
             ulong[] hElement = bikeRing.Create();
@@ -248,7 +252,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
 
             // 3. Compute K
             byte[] wlist = FunctionH(mPrime);
-            if (Arrays.AreEqual(ePrimeBytes, wlist))
+            if (Arrays.AreEqual(ePrimeBytes, 0, ePrimeBytes.Length,
+                    wlist, 0, ePrimeBytes.Length))
             {
                 FunctionK(mPrime, c0, c1, k);
             }
diff --git a/crypto/src/pqc/crypto/bike/BikeRing.cs b/crypto/src/pqc/crypto/bike/BikeRing.cs
index 414a14544..b946b3f64 100644
--- a/crypto/src/pqc/crypto/bike/BikeRing.cs
+++ b/crypto/src/pqc/crypto/bike/BikeRing.cs
@@ -100,33 +100,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
             Pack.UInt64_To_LE(x[Size - 1], last);
             Array.Copy(last, 0, bs, (Size - 1) << 3, (partialBits + 7) >> 3);
         }
-
-        internal ulong[] GenerateRandom(int weight, IXof digest)
-        {
-            byte[] buf = new byte[4];
-            int highest = Integers.HighestOneBit(m_bits);
-            int mask = highest | (highest - 1);
-
-            ulong[] z = Create();
-            int count = 0;
-            while (count < weight)
-            {
-                digest.Output(buf, 0, 4);
-                int candidate = (int)Pack.LE_To_UInt32(buf) & mask;
-                if (candidate < m_bits)
-                {
-                    int pos = candidate >> 6;
-                    ulong bit = 1UL << (candidate & 63);
-                    if ((z[pos] & bit) == 0UL)
-                    {
-                        z[pos] |= bit;
-                        ++count;
-                    }
-                }
-            }
-            return z;
-        }
-
+        
         internal void Inv(ulong[] a, ulong[] z)
         {
             ulong[] f = Create();
diff --git a/crypto/src/pqc/crypto/bike/BikeUtilities.cs b/crypto/src/pqc/crypto/bike/BikeUtilities.cs
index c5689eaf6..0e60bc7b0 100644
--- a/crypto/src/pqc/crypto/bike/BikeUtilities.cs
+++ b/crypto/src/pqc/crypto/bike/BikeUtilities.cs
@@ -68,35 +68,38 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
             }
         }
 
-        internal static byte[] GenerateRandomByteArray(int mod, int size, int weight, IXof digest)
+        internal static void GenerateRandomByteArray(byte[] res, uint size, uint weight, IXof digest)
         {
             byte[] buf = new byte[4];
-            int highest = Integers.HighestOneBit(mod);
-            int mask = highest | (highest - 1);
+            uint rand_pos;
 
-            byte[] res = new byte[size];
-            int count = 0;
-            while (count < weight)
+            for (int i = (int)weight - 1; i >= 0; i--)
             {
                 digest.Output(buf, 0, 4);
-                int tmp = (int)Pack.LE_To_UInt32(buf) & mask;
+                ulong temp = (Pack.LE_To_UInt32(buf, 0)) & 0xFFFFFFFFUL;
+                temp = temp * (size - (uint)i) >> 32;
+                rand_pos = (uint) temp;
+
+                rand_pos += (uint)i;
 
-                if (tmp < mod && SetBit(res, tmp))
+                if(CHECK_BIT(res, rand_pos) != 0)
                 {
-                    ++count;
+                    rand_pos = (uint)i;
                 }
+                SET_BIT(res, rand_pos);
             }
-            return res;
         }
-
-        private static bool SetBit(byte[] a, int position)
+        protected static uint CHECK_BIT(byte[] tmp, uint position)
+        {
+            uint index = position / 8;
+            uint pos = position % 8;
+            return (((uint)tmp[index] >> (int)(pos))  & 0x01);
+        }
+        protected static void SET_BIT(byte[] tmp, uint position)
         {
-            int index = position / 8;
-            int pos = position % 8;
-            int selector = 1 << pos;
-            bool result = (a[index] & selector) == 0;
-            a[index] |= (byte)selector;
-            return result;
+            uint index = position/8;
+            uint pos = position%8;
+            tmp[index] |= (byte)(1UL << (int)pos);
         }
     }
 }