wultra · kasahiti · Dec 10, 2020 · Dec 10, 2020 · Dec 10, 2020 · Dec 11, 2020
diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/crypto/RandomGenerator.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/crypto/RandomGenerator.java
@@ -50,17 +50,13 @@ public RandomGenerator(SecureRandom secureRandom) {
      * @throws NoSuchProviderException Thrown in case Bouncy Castle provider is not available.
      * @throws NoSuchAlgorithmException Thrown in case random generator algorithm is not available.
      */
-    public byte[] generateRandomBytes(int length) throws NoSuchProviderException, NoSuchAlgorithmException {
+    public synchronized byte[] generateRandomBytes(int length) throws NoSuchProviderException, NoSuchAlgorithmException {
         if (secureRandom == null) {
-            synchronized (RandomGenerator.class) {
-                if (secureRandom == null) {
-                    // Use SecureRandom implementation from Bouncy Castle library, it is slower,
-                    // however it reseeds periodically and it is quantum safe. The initialization is lazy
-                    // to allow dynamic Bouncy Castle provider initialization and to allow instantiation
-                    // of this class in fields.
-                    secureRandom = SecureRandom.getInstance("DEFAULT", "BC");
-                }
-            }
+            // Use SecureRandom implementation from Bouncy Castle library, it is slower,
+            // however it reseeds periodically and it is quantum safe. The initialization is lazy
+            // to allow dynamic Bouncy Castle provider initialization and to allow instantiation
+            // of this class in fields.
+            secureRandom = SecureRandom.getInstance("DEFAULT", "BC");
         }
         byte[] randomBytes = new byte[length];
         secureRandom.nextBytes(randomBytes);

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/crypto/Sike.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/crypto/Sike.java
@@ -36,6 +36,8 @@ public class Sike {
     private final RandomGenerator randomGenerator;
     private final KeyGenerator keyGenerator;
     private final Sidh sidh;
+    private static final String INVALID_PUBLIC_KEY = "Invalid public key";
+
 
     /**
      * SIKE key encapsulation constructor.
@@ -68,7 +70,7 @@ public Sike(SikeParam sikeParam, SecureRandom secureRandom) {
      */
     public EncapsulationResult encapsulate(PublicKey pk3) throws GeneralSecurityException {
         if (!(pk3 instanceof SidhPublicKey)) {
-            throw new InvalidKeyException("Invalid public key");
+            throw new InvalidKeyException(INVALID_PUBLIC_KEY);
         }
         byte[] m = randomGenerator.generateRandomBytes(sikeParam.getMessageBytes());
         byte[] r = generateR(m, pk3.getEncoded());
@@ -91,7 +93,7 @@ public byte[] decapsulate(PrivateKey sk3, PublicKey pk3, EncryptedMessage encryp
             throw new InvalidKeyException("Invalid private key");
         }
         if (!(pk3 instanceof SidhPublicKey)) {
-            throw new InvalidKeyException("Invalid public key");
+            throw new InvalidKeyException(INVALID_PUBLIC_KEY);
         }
         if (encrypted == null) {
             throw new InvalidParameterException("Encrypted message is null");
@@ -143,7 +145,7 @@ public EncryptedMessage encrypt(PublicKey pk3, byte[] m) throws GeneralSecurityE
      */
     private EncryptedMessage encrypt(PublicKey pk3, byte[] m, byte[] r) throws GeneralSecurityException {
         if (!(pk3 instanceof SidhPublicKey)) {
-            throw new InvalidKeyException("Invalid public key");
+            throw new InvalidKeyException(INVALID_PUBLIC_KEY);
         }
         if (m == null || m.length != sikeParam.getMessageBytes()) {
             throw new InvalidParameterException("Invalid message");
@@ -184,7 +186,7 @@ public byte[] decrypt(PrivateKey sk3, EncryptedMessage encrypted) throws General
         }
         PublicKey c0 = encrypted.getC0();
         if (!(c0 instanceof SidhPublicKey)) {
-            throw new InvalidKeyException("Invalid public key");
+            throw new InvalidKeyException(INVALID_PUBLIC_KEY);
         }
         byte[] c1 = encrypted.getC1();
         if (c1 == null) {

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/Fp2PointProjective.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/Fp2PointProjective.java
@@ -87,12 +87,12 @@ public Fp2Point inverse() {
 
     @Override
     public Fp2Point negate() {
-        throw new RuntimeException("Not implemented yet");
+        throw new UnsupportedOperationException("Not implemented yet");
     }
 
     @Override
     public boolean isInfinite() {
-        throw new RuntimeException("Not implemented yet");
+        throw new UnsupportedOperationException("Not implemented yet");
     }
 
     @Override

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/fp/Fp2ElementOpti.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/fp/Fp2ElementOpti.java
@@ -83,10 +83,9 @@ public FpElement getX1() {
      */
     public Fp2Element add(Fp2Element y) {
         // y = (x0 + i*x1) + (y0 + i*y1) = x0 + y0 + i*(x1 + y1)
-        FpElement r, i;
+        FpElement r = x0.add(y.getX0());
+        FpElement i = x1.add(y.getX1());
 
-        r = x0.add(y.getX0());
-        i = x1.add(y.getX1());
         return new Fp2ElementOpti(sikeParam, r, i);
     }
 
@@ -97,10 +96,9 @@ public Fp2Element add(Fp2Element y) {
      */
     public Fp2Element subtract(Fp2Element y) {
         // y = (x0 + i*x1) - (y0 + i*y1) = x0 - y0 + i*(x1 - y1)
-        FpElement r, i;
+        FpElement r = x0.subtract(y.getX0());
+        FpElement i = x1.subtract(y.getX1());
 
-        r = x0.subtract(y.getX0());
-        i = x1.subtract(y.getX1());
         return new Fp2ElementOpti(sikeParam, r, i);
     }
 

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/fp/FpElementOpti.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/fp/FpElementOpti.java
@@ -40,9 +40,9 @@ public class FpElementOpti implements FpElement {
      * @param sikeParam SIKE parameters.
      */
     public FpElementOpti(SikeParam sikeParam) {
-        long[] value = new long[sikeParam.getFpWords()];
+        long[] val = new long[sikeParam.getFpWords()];
         this.sikeParam = sikeParam;
-        this.value = value;
+        this.value = val;
     }
 
     /**
@@ -63,15 +63,15 @@ public FpElementOpti(SikeParam sikeParam, long[] value) {
     public FpElementOpti(SikeParam sikeParam, BigInteger x) {
         this.sikeParam = sikeParam;
         // Convert element to Montgomery domain
-        long[] value = new long[sikeParam.getFpWords()];
+        long[] val = new long[sikeParam.getFpWords()];
         int primeSize = (sikeParam.getPrime().bitLength() + 7) / 8;
         byte[] encoded = ByteEncoding.toByteArray(x, primeSize);
         for (int i = 0; i < primeSize; i++) {
             int j = i / 8;
             int k = i % 8;
-            value[j] |= (Byte.toUnsignedLong(encoded[i]) << (8 * k));
+            val[j] |= (Byte.toUnsignedLong(encoded[i]) << (8 * k));
         }
-        FpElementOpti a = new FpElementOpti(sikeParam, value);
+        FpElementOpti a = new FpElementOpti(sikeParam, val);
         FpElementOpti b = (FpElementOpti) a.multiply(sikeParam.getPR2());
         FpElementOpti reduced = b.reduceMontgomery();
         this.value = new long[sikeParam.getFpWords()];

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/fp/UnsignedLong.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/math/optimized/fp/UnsignedLong.java
@@ -24,6 +24,13 @@
  */
 public class UnsignedLong {
 
+    /**
+     * Private constructor
+     */
+    private UnsignedLong() {
+
+    }
+
     /**
      * Add two unsigned long values with carry.
      * @param x First unsigned long value.

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/model/EncryptedMessage.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/model/EncryptedMessage.java
@@ -73,7 +73,7 @@ public EncryptedMessage(SikeParam sikeParam, byte[] bytes) {
      */
     public byte[] getEncoded() {
         if (c0 == null || c1 == null) {
-            return null;
+            return new byte[0];
         }
         byte[] pubKey = c0.getEncoded();
         byte[] encoded = new byte[pubKey.length + c1.length];

diff --git a/sike-java/src/main/java/com/wultra/security/pqc/sike/model/SidhPrivateKey.java b/sike-java/src/main/java/com/wultra/security/pqc/sike/model/SidhPrivateKey.java
@@ -69,13 +69,13 @@ public SidhPrivateKey(SikeParam sikeParam, Party party, byte[] bytes) {
         if (bytes == null || bytes.length != sLength + keyLength) {
             throw new InvalidParameterException("Invalid private key");
         }
-        byte[] s = new byte[sLength];
+        byte[] s1 = new byte[sLength];
         key = new byte[keyLength];
-        System.arraycopy(bytes, 0, s, 0, sLength);
+        System.arraycopy(bytes, 0, s1, 0, sLength);
         System.arraycopy(bytes, sLength, key, 0, keyLength);
         BigInteger secret = ByteEncoding.fromByteArray(key);
         validatePrivateKey(secret);
-        this.s = s;
+        this.s = s1;
     }
 
     /**
@@ -93,12 +93,12 @@ public SidhPrivateKey(SikeParam sikeParam, Party party, String octets) {
             throw new InvalidParameterException("Invalid private key");
         }
         byte[] bytes = octets.getBytes(StandardCharsets.UTF_8);
-        byte[] s = new byte[sLength * 2];
-        byte[] key = new byte[keyLength * 2];
-        System.arraycopy(bytes, 0, s, 0, sLength * 2);
-        System.arraycopy(bytes, sLength * 2, key, 0, keyLength * 2);
-        BigInteger sVal = OctetEncoding.fromOctetString(new String(s));
-        BigInteger secret = OctetEncoding.fromOctetString(new String(key));
+        byte[] s1 = new byte[sLength * 2];
+        byte[] key1 = new byte[keyLength * 2];
+        System.arraycopy(bytes, 0, s1, 0, sLength * 2);
+        System.arraycopy(bytes, sLength * 2, key1, 0, keyLength * 2);
+        BigInteger sVal = OctetEncoding.fromOctetString(new String(s1));
+        BigInteger secret = OctetEncoding.fromOctetString(new String(key1));
         validatePrivateKey(secret);
         this.s = ByteEncoding.toByteArray(sVal, sLength);
         int primeSize = (sikeParam.getPrime().bitLength() + 7) / 8;

diff --git a/sike-java/src/test/java/com/wultra/security/pqc/sike/KeyConversionTest.java b/sike-java/src/test/java/com/wultra/security/pqc/sike/KeyConversionTest.java
@@ -35,14 +35,14 @@
  *
  * @author Roman Strobl, [email protected]
  */
-public class KeyConversionTest {
+class KeyConversionTest {
 
     static {
         Security.addProvider(new BouncyCastleProvider());
     }
 
     @Test
-    public void testConversionToByteArray() throws GeneralSecurityException {
+    void testConversionToByteArray() throws GeneralSecurityException {
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         KeyGenerator keyGenerator = new KeyGenerator(sikeParam);
         KeyPair keyPairA = keyGenerator.generateKeyPair(Party.ALICE);
@@ -62,7 +62,7 @@ public void testConversionToByteArray() throws GeneralSecurityException {
     }
 
     @Test
-    public void testConversionToOctets() throws GeneralSecurityException {
+    void testConversionToOctets() throws GeneralSecurityException {
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         KeyGenerator keyGenerator = new KeyGenerator(sikeParam);
         KeyPair keyPairA = keyGenerator.generateKeyPair(Party.ALICE);

diff --git a/sike-java/src/test/java/com/wultra/security/pqc/sike/OctetEncodingTest.java b/sike-java/src/test/java/com/wultra/security/pqc/sike/OctetEncodingTest.java
@@ -33,10 +33,10 @@
  *
  * @author Roman Strobl, [email protected]
  */
-public class OctetEncodingTest {
+class OctetEncodingTest {
 
     @Test
-    public void testConversionToString() {
+    void testConversionToString() {
         assertEquals("000000", OctetEncoding.toOctetString(BigInteger.ZERO, 3));
         assertEquals("010000000000", OctetEncoding.toOctetString(BigInteger.ONE, 6));
         assertEquals("02010000000000000000", OctetEncoding.toOctetString(new BigInteger("258"), 10));
@@ -45,7 +45,7 @@ public void testConversionToString() {
     }
 
     @Test
-    public void testConversionFromString() {
+    void testConversionFromString() {
         assertEquals(BigInteger.ZERO, OctetEncoding.fromOctetString("000000"));
         assertEquals(BigInteger.ONE, OctetEncoding.fromOctetString("010000000000"));
         assertEquals(new BigInteger("258"), OctetEncoding.fromOctetString("02010000000000000000"));
@@ -54,7 +54,7 @@ public void testConversionFromString() {
     }
 
     @Test
-    public void testConversions() {
+    void testConversions() {
         SecureRandom secureRandom = new SecureRandom();
         for (int i = 0; i < 100; i++) {
             BigInteger r = new BigInteger(i, secureRandom);
@@ -64,7 +64,7 @@ public void testConversions() {
     }
 
     @Test
-    public void testConversionToMontgomeryP434One() {
+    void testConversionToMontgomeryP434One() {
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         FpElementOpti one = new FpElementOpti(sikeParam, new BigInteger("1"));
         assertArrayEquals(new long[]{
@@ -82,7 +82,7 @@ public void testConversionToMontgomeryP434One() {
     }
 
     @Test
-    public void testConversionFromMontgomeryP434() {
+    void testConversionFromMontgomeryP434() {
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         FpElementOpti six = new FpElementOpti(sikeParam, new long[]{
                 Long.parseUnsignedLong("000000000002B90A", 16),
@@ -99,7 +99,7 @@ public void testConversionFromMontgomeryP434() {
     }
 
     @Test
-    public void testConversionToMontgomeryP434Six() {
+    void testConversionToMontgomeryP434Six() {
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         FpElementOpti six = new FpElementOpti(sikeParam, new BigInteger("6"));
         assertArrayEquals(new long[]{
@@ -117,7 +117,7 @@ public void testConversionToMontgomeryP434Six() {
     }
 
     @Test
-    public void testConversionFromMontgomeryP503() {
+    void testConversionFromMontgomeryP503() {
         SikeParam sikeParam = new SikeParamP503(ImplementationType.OPTIMIZED);
         FpElementOpti six = new FpElementOpti(sikeParam, new long[]{
                 Long.parseUnsignedLong("00000000000017D8", 16),
@@ -135,7 +135,7 @@ public void testConversionFromMontgomeryP503() {
     }
 
     @Test
-    public void testConversionFromMontgomeryP610() {
+    void testConversionFromMontgomeryP610() {
         SikeParam sikeParam = new SikeParamP610(ImplementationType.OPTIMIZED);
         FpElementOpti one = new FpElementOpti(sikeParam, new long[]{
                 Long.parseUnsignedLong("00000000670CC8E6", 16),
@@ -155,7 +155,7 @@ public void testConversionFromMontgomeryP610() {
     }
 
     @Test
-    public void testConversionFromMontgomeryP751() {
+    void testConversionFromMontgomeryP751() {
         SikeParam sikeParam = new SikeParamP751(ImplementationType.OPTIMIZED);
         FpElementOpti one = new FpElementOpti(sikeParam, new long[]{
                 Long.parseUnsignedLong("00000000000249AD", 16),

diff --git a/sike-java/src/test/java/com/wultra/security/pqc/sike/SidhReferenceTest.java b/sike-java/src/test/java/com/wultra/security/pqc/sike/SidhReferenceTest.java
@@ -38,14 +38,14 @@
  *
  * @author Roman Strobl, [email protected]
  */
-public class SidhReferenceTest {
+class SidhReferenceTest {
 
     static {
         Security.addProvider(new BouncyCastleProvider());
     }
 
     @Test
-    public void testSidhReferenceVsOptimized() throws GeneralSecurityException {
+    void testSidhReferenceVsOptimized() throws GeneralSecurityException {
         SikeParam sikeParamReference = new SikeParamP434(ImplementationType.REFERENCE);
         SikeParam sikeParamOptimized = new SikeParamP434(ImplementationType.OPTIMIZED);
         System.out.println("Prime: " + sikeParamReference.getPrime());
@@ -119,7 +119,7 @@ public void testSidhReferenceVsOptimized() throws GeneralSecurityException {
     }
 
     @Test
-    public void testSidhReferenceServerOptimizedClient() throws GeneralSecurityException {
+    void testSidhReferenceServerOptimizedClient() throws GeneralSecurityException {
         SikeParam sikeParamReference = new SikeParamP434(ImplementationType.REFERENCE);
         SikeParam sikeParamOptimized = new SikeParamP434(ImplementationType.OPTIMIZED);
         System.out.println("Prime: " + sikeParamReference.getPrime());
@@ -156,7 +156,7 @@ public void testSidhReferenceServerOptimizedClient() throws GeneralSecurityExcep
     }
 
     @Test
-    public void testSidhOptimizedServerReferenceClient() throws GeneralSecurityException {
+    void testSidhOptimizedServerReferenceClient() throws GeneralSecurityException {
         SikeParam sikeParamReference = new SikeParamP434(ImplementationType.REFERENCE);
         SikeParam sikeParamOptimized = new SikeParamP434(ImplementationType.OPTIMIZED);
         System.out.println("Prime: " + sikeParamReference.getPrime());

diff --git a/sike-java/src/test/java/com/wultra/security/pqc/sike/SidhTest.java b/sike-java/src/test/java/com/wultra/security/pqc/sike/SidhTest.java
@@ -37,14 +37,14 @@
  *
  * @author Roman Strobl, [email protected]
  */
-public class SidhTest {
+class SidhTest {
 
     static {
         Security.addProvider(new BouncyCastleProvider());
     }
 
     @Test
-    public void testSidh() throws GeneralSecurityException {
+    void testSidh() throws GeneralSecurityException {
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         System.out.println("Prime: " + sikeParam.getPrime());
         KeyGenerator keyGenerator = new KeyGenerator(sikeParam);

diff --git a/sike-java/src/test/java/com/wultra/security/pqc/sike/SikeDeterministicTest.java b/sike-java/src/test/java/com/wultra/security/pqc/sike/SikeDeterministicTest.java
@@ -42,7 +42,7 @@
  *
  * @author Roman Strobl, [email protected]
  */
-public class SikeDeterministicTest {
+class SikeDeterministicTest {
 
     private static final String SEED = "061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1";
 
@@ -51,7 +51,7 @@ public class SikeDeterministicTest {
     }
 
     @Test
-    public void testDeterministicSike() throws GeneralSecurityException {
+    void testDeterministicSike() throws GeneralSecurityException {
         System.out.println("----------------------------------------");
         SikeParam sikeParam = new SikeParamP434(ImplementationType.OPTIMIZED);
         System.out.println("Prime: " + sikeParam.getPrime());