Skip to content
Snippets Groups Projects
Commit 42896695 authored by avc's avatar avc
Browse files

add functions for generate new, encode/decode, delete, free keys

parent fb0fa9b8
No related branches found
No related tags found
1 merge request!24Support 3689
Hide whitespace changes
Inline Side-by-side
crypto/dap_enc_sidh16.c
+ 301
82
View file @ 42896695
...@@ -7,114 +7,330 @@ ...@@ -7,114 +7,330 @@
#include "dap_common.h" #include "dap_common.h"
#include "dap_enc_sidh16.h" #include "dap_enc_sidh16.h"
#include "kex_sidh_cln16.h"
#include "dap_enc_key.h" #include "dap_enc_key.h"
#include "liboqs/kex/kex.h" #include "SIDH.h"
#include "liboqs/crypto/rand/rand.h"
#include "liboqs/kex_sidh_cln16/kex_sidh_cln16.h"
OQS_KEX *k = NULL; static const char *P751 = "p751";
int gen; static const char *CompressedP751 = "compressedp751";
void *alignce_priv = NULL; static int isCompressed(void *_inheritor) {
uint8_t *alice_msg = NULL; if (_inheritor != NULL && strcmp(_inheritor, CompressedP751) == 0) {
size_t alice_msg_len; return 1;
uint8_t *alice_key = NULL; }
size_t alice_key_len; return 0;
}
uint8_t *bob_msg = NULL;
size_t bob_msg_len;
uint8_t *bob_key = NULL;
size_t bob_key_len;
extern bool dap_sidh16_CurveIsogenyStruct_isnull(PCurveIsogenyStruct pCurveIsogeny);
dap_enc_key_t *dap_enc_sidh16_key_new_generate(OQS_RAND *rand, struct dap_enc_key *a_key, size_t a_size) {
dap_enc_key_t *k = malloc(sizeof (dap_enc_key_t));
dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
if(k == NULL)
return NULL;
// инициализация системы изогенных кривых
PCurveIsogenyStruct curveIsogeny = oqs_sidh_cln16_curve_allocate(&CurveIsogeny_SIDHp751);
if(curveIsogeny == NULL || dap_sidh16_CurveIsogenyStruct_isnull(curveIsogeny)) {
free(k);
// освобождаем память для изогении
oqs_sidh_cln16_curve_free(curveIsogeny);
return NULL;
}
// Инициализировать изогенную структуру кривой pCurveIsogeny со статическими данными, извлеченными из pCurveIsogenyData.
// Это нужно вызвать после выделения памяти для pCurveIsogeny с помощью SIDH_curve_allocate()
if(oqs_sidh_cln16_curve_initialize(curveIsogeny, &CurveIsogeny_SIDHp751) != SIDH_CRYPTO_SUCCESS) {
free(k);
oqs_sidh_cln16_curve_free(curveIsogeny);
return NULL;
}
k->data ;
k->data_size;
k->type = DAP_ENC_KEY_TYPE_SIDH_CLN16;
k->last_used_timestamp;
k->enc = &dap_enc_sidh16_encode;
k->dec = &dap_enc_sidh16_decode;
k->delete_callback = &dap_enc_sidh16_key_delete;
sidh_a_key->rand = rand;
sidh_a_key->user_curveIsogeny;
return k;
struct dap_enc_param{ }
enum OQS_KEX_alg_name alg_name;
char *named_parameters;
char *id;
};
typedef struct dap_enc_sidh16_key{
} dap_enc_sidh16_key_t;
void dap_enc_sidh16_key_new_from_data(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size) {
}
#define PRINT_HEX_STRING(label, str, len) \ void dap_enc_sidh16_key_delete(struct dap_enc_key *a_key) {
{ size_t i; \ dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
printf("%-20s (%4zu bytes): ", (label), (size_t)(len)); \ (void) a_key;
for (i = 0; i < (len); i++) { \ if(!a_key){
printf("%02X", ((unsigned char *) (str))[i]); \ return;
} \
printf("\n"); \
} }
oqs_sidh_cln16_curve_free((PCurveIsogenyStruct)sidh_a_key->user_curveIsogeny);
sidh_a_key->user_curveIsogeny = NULL;
free(a_key);
}
int dap_enc_sidh16_key_new_generate(OQS_RAND *rand, const char *named_parameters) {
k = OQS_KEX_sidh_cln16_new(rand, named_parameters); // alice_0
if(k == NULL) { size_t dap_enc_sidh16_encode(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size, void *a_out) {
printf("новая пара не сгенерирована \n"); int ret;
gen = 0; dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
// non-compressed public key
uint8_t *key_a_tmp_pub = NULL;
if(!a_key || !a_in || !a_in_size || !a_out)
return 0;
int compressed = isCompressed(a_key->_inheritor);
if(compressed) {
key_a_tmp_pub = malloc(SIDH_PUBKEY_LEN);
a_key->data = malloc(SIDH_COMPRESSED_PUBKEY_LEN);
if(key_a_tmp_pub == NULL || a_in == NULL) {
ret = 0;
free(a_key->data);
a_in = NULL;
a_key->data = NULL;
}
}
else {
// non-compressed key
a_key->data = malloc(SIDH_PUBKEY_LEN);
if(a_key->data == NULL) {
ret = 0;
free(a_key->data = NULL);
a_key->data = NULL;
a_in = NULL;
}
key_a_tmp_pub = a_key->data;
}
a_in = malloc(SIDH_SECRETKEY_LEN);
if(a_in == NULL) {
ret = 0;
free(a_key->data = NULL);
a_key->data = NULL;
a_in = NULL;
} }
printf("расчёт для обмена ключами методом %s\n", k->method_name);
}
/* Alice's initial message */
size_t dap_enc_sidh16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len) {
gen = OQS_KEX_sidh_cln16_alice_0(k, &alice_priv, &alice_msg, &alice_msg_len);
if(gen != 1) {
printf("OQS_KEX_sidh_cln16_alice_0 lose..\n");
gen = 0;
}
PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);
}
/* Bob's response */ // generate A key pair
size_t dap_enc_sidh16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **bob_key, size_t *bob_key_len) { if(oqs_sidh_cln16_EphemeralKeyGeneration_A((unsigned char *)a_in, (unsigned char *)key_a_tmp_pub, sidh_a_key->user_curveIsogeny, sidh_a_key->rand) != SIDH_CRYPTO_SUCCESS) {
gen = OQS_KEX_sidh_cln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len); ret = 0;
if(gen != 1){ free(a_key->data = NULL);
printf("OQS_KEX_sidh_cln16_bob lose..\n"); a_key->data = NULL;
gen = 0; a_in = NULL;
}
if (compressed) {
// compress Alice's public key
oqs_sidh_cln16_PublicKeyCompression_A(key_a_tmp_pub, (unsigned char *) a_in, sidh_a_key->user_curveIsogeny);
a_in_size = SIDH_COMPRESSED_PUBKEY_LEN;
} else {
a_in_size = SIDH_PUBKEY_LEN;
key_a_tmp_pub = NULL;
} }
PRINT_HEX_STRING("Bob message", bob_msg, bob_msg_len);
PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len); ret = 1;
free(key_a_tmp_pub);
return ret;
} }
/* Alice processes Bob's response */
void dap_enc_sidh16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len) {
gen = OQS_KEX_sidh_cln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
if(gen != 1) {
printf("OQS_KEX_sidh_cln16_alice_1 lose..\n");
gen = 0;
}
PRINT_HEX_STRING("Alice session key", alice_key, alice_key_len)
/*compare session key lengths and values*/ // int OQS_KEX_sidh_cln16_bob(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len)
if(alice_key_len != bob_key_len) { size_t dap_enc_sidh16_decode(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size, void *a_out) {
printf("ERROR: Alice's session key and Bob's session key are different lengths (%zu vs %zu)\n", alice_key_len, bob_key_len); int ret;
gen = 0; dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
uint8_t *bob_priv = NULL;
// non-compressed public key
uint8_t *bob_tmp_pub = NULL;
// decompession values
unsigned char *R = NULL, *A = NULL;
if(!a_key || !a_in || !a_out){
return 0;
} }
gen = memcmp(alice_key, bob_key, alice_key_len);
if(gen != 0){
printf("ERROR: Alice's session key and Bob's session key are not equal\n");
PRINT_HEX_STRING("Alice session key", alice_key, alice_key_len);
PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
// здесь сделать запись ключа в файл a_out = NULL;
a_key->data = NULL;
int compressed = isCompressed(a_key->_inheritor);
if(compressed) {
if(sidh_a_key->alice_msg_len != SIDH_COMPRESSED_PUBKEY_LEN) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
bob_tmp_pub = malloc(SIDH_PUBKEY_LEN);
a_out = malloc(SIDH_COMPRESSED_PUBKEY_LEN);
if(bob_tmp_pub == NULL || a_out == NULL) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
A = malloc(SIDH_COMPRESSED_A_LEN);
if(A == NULL) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
R = malloc(SIDH_COMPRESSED_R_LEN);
if(R == NULL) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
}
else {
if(sidh_a_key->alice_msg_len != SIDH_PUBKEY_LEN) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
// non-compressed
a_out = malloc(SIDH_PUBKEY_LEN);
if(a_out == NULL) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
bob_tmp_pub = a_out; // point to the pub key
}
gen = 0; bob_priv = malloc(SIDH_SECRETKEY_LEN);
if(bob_priv == NULL){
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
a_key->data = malloc(SIDH_SHAREDKEY_LEN);
if(a_key->data == NULL) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
} }
printf("Alice and Bob's session keys match.\n");
printf("\n\n");
gen = 1; // generate Bob's key pair
if(oqs_sidh_cln16_EphemeralKeyGeneration_B((unsigned char *) bob_priv, (unsigned char *) bob_tmp_pub, sidh_a_key->user_curveIsogeny, sidh_a_key->rand) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
if(compressed) {
// compress Bob's public key
oqs_sidh_cln16_PublicKeyCompression_B(bob_tmp_pub, (unsigned char *) a_out, sidh_a_key->user_curveIsogeny);
sidh_a_key->bob_msg_len = SIDH_COMPRESSED_PUBKEY_LEN;
// decompress Alice's public key
oqs_sidh_cln16_PublicKeyADecompression_B((unsigned char *) bob_priv, (unsigned char *) a_in, R, A, sidh_a_key->user_curveIsogeny);
// compute Bob's shared secret
if(oqs_sidh_cln16_EphemeralSecretAgreement_Compression_B((unsigned char *) bob_priv, R, A, (unsigned char *) a_key->data, sidh_a_key->user_curveIsogeny) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
} else {
sidh_a_key->bob_msg_len = SIDH_PUBKEY_LEN;
bob_tmp_pub = NULL; // we do not want to double-free it
// compute Bob's shared secret
if(oqs_sidh_cln16_EphemeralSecretAgreement_B((unsigned char *) bob_priv, (unsigned char *) a_in, (unsigned char *) a_key->data, sidh_a_key->user_curveIsogeny) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
free(a_out);
a_out = NULL;
free(a_key->data);
a_key->data = NULL;
}
}
sidh_a_key->key_len = SIDH_SHAREDKEY_LEN;
ret = 1;
free(bob_tmp_pub);
free(bob_priv);
free(A);
free(R);
return ret;
} }
void dap_enc_sidh16_key_delete() {
free(alice_msg); int OQS_KEX_sidh_cln16_alice_1(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len) {
free(alice_key);
free(bob_msg); int ret;
free(bob_key); // decompression values
OQS_KEX_sidh_cln16_alice_priv_free(k, alignce_priv); unsigned char *R = NULL, *A = NULL;
OQS_KEX_sidh_cln16_free(k);
if (!k || !alice_priv || !bob_msg || !key || !key_len) {
return 0;
}
*key = NULL;
int compressed = isCompressed(k->named_parameters);
*key = malloc(SIDH_SHAREDKEY_LEN);
if (*key == NULL) {
goto err;
}
*key_len = SIDH_SHAREDKEY_LEN;
if (compressed) {
if (bob_msg_len != SIDH_COMPRESSED_PUBKEY_LEN) {
goto err;
}
A = malloc(SIDH_COMPRESSED_A_LEN);
if (A == NULL) {
goto err;
}
R = malloc(SIDH_COMPRESSED_R_LEN);
if (R == NULL) {
goto err;
}
// compute Alice's shared secret
oqs_sidh_cln16_PublicKeyBDecompression_A((unsigned char *) alice_priv, (unsigned char *) bob_msg, R, A, k->ctx);
if (oqs_sidh_cln16_EphemeralSecretAgreement_Compression_A((unsigned char *) alice_priv, R, A, (unsigned char *) *key, k->ctx) != SIDH_CRYPTO_SUCCESS) {
goto err;
}
} else {
if (bob_msg_len != SIDH_PUBKEY_LEN) {
goto err;
}
if (oqs_sidh_cln16_EphemeralSecretAgreement_A((unsigned char *) alice_priv, (unsigned char *) bob_msg, (unsigned char *) *key, k->ctx) != SIDH_CRYPTO_SUCCESS) {
goto err;
}
}
ret = 1;
goto cleanup;
err:
ret = 0;
free(*key);
*key = NULL;
cleanup:
free(A);
free(R);
return ret;
} }
...@@ -146,6 +362,9 @@ void dap_enc_sidh16_key_delete() { ...@@ -146,6 +362,9 @@ void dap_enc_sidh16_key_delete() {
......
crypto/dap_enc_sidh16.h
+ 22
14
View file @ 42896695
#ifndef _DAP_ENC_SIDH16_H_ #ifndef _DAP_ENC_SIDH16_H_
#define _DAP_ENC_SIDH16_H_ #define _DAP_ENC_SIDH16_H_
#include <stdlib.h>
#include <stdio.h>
#include <stddef.h> #include <stddef.h>
#include "liboqs/kex/kex.h" #include <stdint.h>
#include "liboqs/crypto/rand/rand.h" #include <string.h>
#include <stdbool.h>
struct dap_enc_key; #include "dap_common.h"
#include "dap_enc_key.h"
// OQS_KEX_sidh_cln16_new #include "SIDH.h"
int dap_enc_sidh16_key_new_generate(OQS_RAND *rand, const char *named_parameters);
// OQS_KEX_sidh_cln16_alice_1 struct dap_enc_key;
void dap_enc_sidh16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len);
// OQS_KEX_sidh_cln16_alice_priv_free typedef struct dap_enc_sidh16_key{
// OQS_KEX_sidh_cln16_free OQS_RAND *rand;
void dap_enc_sidh16_key_delete(); void * user_curveIsogeny;
unsigned int alice_msg_len;
unsigned int bob_msg_len;
unsigned int key_len;
} dap_enc_sidh16_key_t;
// OQS_KEX_sidh_cln16_alice_0 #define DAP_ENC_SIDH16_KEY(a) ((dap_enc_sidh16_key_t *)((a)->_inheritor))
size_t dap_enc_sidh16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len);
// OQS_KEX_sidh_cln16_bob dap_enc_key_t *dap_enc_sidh16_key_new_generate(OQS_RAND *rand, struct dap_enc_key* a_key, size_t a_size); // new
size_t dap_enc_sidh16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len); void dap_enc_sidh16_key_new_from_data(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size); // alice_1
void dap_enc_sidh16_key_delete(struct dap_enc_key* a_key); // sidh_cln16_alice_priv_free // sidh_cln16_free
size_t dap_enc_sidh16_encode(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size, void* a_out); // alice_0
size_t dap_enc_sidh16_decode(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size, void* a_out); // bob
#endif #endif
http/dap_http_client_simple.c
+ 1
1
View file @ 42896695
...@@ -287,7 +287,7 @@ static void* dap_http_client_thread(void * arg) ...@@ -287,7 +287,7 @@ static void* dap_http_client_thread(void * arg)
case CURLE_COULDNT_RESOLVE_HOST: l_err_code = 3 ; log_it(L_ERROR, "Couldn't resolve destination address"); break; case CURLE_COULDNT_RESOLVE_HOST: l_err_code = 3 ; log_it(L_ERROR, "Couldn't resolve destination address"); break;
case CURLE_OPERATION_TIMEDOUT: l_err_code = 4 ; log_it(L_ERROR, "HTTP request timeout"); break; case CURLE_OPERATION_TIMEDOUT: l_err_code = 4 ; log_it(L_ERROR, "HTTP request timeout"); break;
case CURLE_URL_MALFORMAT: l_err_code = 5 ; log_it(L_ERROR, "Wrong URL format in the outgoing request"); break; case CURLE_URL_MALFORMAT: l_err_code = 5 ; log_it(L_ERROR, "Wrong URL format in the outgoing request"); break;
case CURLE_WEIRD_SERVER_REPLY: l_err_code = 6 ; log_it(L_WARNING, "Weird server reply"); break; //case CURLE_WEIRD_SERVER_REPLY: l_err_code = 6 ; log_it(L_WARNING, "Weird server reply"); break;
case CURLE_OK:{ case CURLE_OK:{
l_is_ok = true; l_is_ok = true;
log_it(L_DEBUG, "Response size %u",l_client_internal->response_size); log_it(L_DEBUG, "Response size %u",l_client_internal->response_size);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment