NTRUSignerPrng.java example

Explorer
irma_future_id-master
package org.bouncycastle.pqc.crypto.ntru;

import java.nio.ByteBuffer;

import org.bouncycastle.crypto.Digest;

/**
 * An implementation of the deterministic pseudo-random generator in EESS section 3.7.3.1
 */
public class NTRUSignerPrng
{
    private int counter;
    private byte[] seed;
    private Digest hashAlg;

    /**
     * Constructs a new PRNG and seeds it with a byte array.
     *
     * @param seed    a seed
     * @param hashAlg the hash algorithm to use
     */
    NTRUSignerPrng(byte[] seed, Digest hashAlg)
    {
        counter = 0;
        this.seed = seed;
        this.hashAlg = hashAlg;
    }

    /**
     * Returns <code>n</code> random bytes
     *
     * @param n number of bytes to return
     * @return the next <code>n</code> random bytes
     */
    byte[] nextBytes(int n)
    {
        ByteBuffer buf = ByteBuffer.allocate(n);

        while (buf.hasRemaining())
        {
            ByteBuffer cbuf = ByteBuffer.allocate(seed.length + 4);
            cbuf.put(seed);
            cbuf.putInt(counter);
            byte[] array = cbuf.array();
            byte[] hash = new byte[hashAlg.getDigestSize()];

            hashAlg.update(array, 0, array.length);

            hashAlg.doFinal(hash, 0);

            if (buf.remaining() < hash.length)
            {
                buf.put(hash, 0, buf.remaining());
            }
            else
            {
                buf.put(hash);
            }
            counter++;
        }

        return buf.array();
    }
}