diff --git a/crypto/dap_enc_key.c b/crypto/dap_enc_key.c
index a52d115122a84fb1a16459058109ed5f5d22f7e4..df1a38a170d2f3b64fe409ed106c582a2de5ab64 100644
--- a/crypto/dap_enc_key.c
+++ b/crypto/dap_enc_key.c
@@ -69,6 +69,16 @@ struct dap_enc_key_callbacks{
.key_public_raw_callback = dap_enc_newhope_key_public_raw,
.new_from_data_public_callback = dap_enc_newhope_key_new_from_data_public
},
+ /* [DAP_ENC_KEY_TYPE_SIDH_CLN16]={
+ .name = "SIDHCLN16",
+ .size_max = 64,
+ .enc = dap_enc_sidh16_encode,
+ .dec = dap_enc_sidh16_decode,
+ .new_callback = NULL,
+ .delete_callback = NULL,
+ .new_generate_callback = dap_enc_sidh16_key_new_generate,
+ .new_from_data_callback = dap_enc_sidh16_key_new_from_data
+ },*/
//MSRLN16
[DAP_ENC_KEY_TYPE_RLWE_MSRLN16] = {
.name = "MSRLN16",
diff --git a/crypto/dap_enc_key.h b/crypto/dap_enc_key.h
index 7cf6d7313d40f9d0ae4d1d548715e1f2233347e5..1aa7c382e10934e8eda6523e39f3d0f96c30062e 100644
--- a/crypto/dap_enc_key.h
+++ b/crypto/dap_enc_key.h
@@ -30,7 +30,7 @@ typedef enum dap_enc_data_type{DAP_ENC_DATA_TYPE_RAW,
} dap_enc_data_type_t;
-} dap_enc_data_type_t;
+//} dap_enc_data_type_t;
typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_AES, // Symmetric AES
@@ -46,7 +46,8 @@ typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_AES, // Symmetric AES
// from https://github.com/tpoeppelmann/newhop
// https://eprint.iacr.org/2015/1092
- DAP_ENC_KEY_TYPE_RLWE_MSRLN16, // Microsoft Research implementation of Peikert's ring-LWE key exchange
+ DAP_ENC_KEY_TYPE_RLWE_MSRLN16,
+ //DAP_ENC_KEY_TYPE_RLWE_MSRLN16, // Microsoft Research implementation of Peikert's ring-LWE key exchange
// (Longa, Naehrig, CANS 2016, https://eprint.iacr.org/2016/504)
// based on the implementation of Alkim, Ducas, Pöppelmann, and Schwabe,
// with improvements from Longa and Naehrig,
@@ -87,7 +88,7 @@ typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_AES, // Symmetric AES
// https://eprint.iacr.org/2017/279.pdf), using the optimized implemenation
// from https://github.com/IAIK/Picnic
DAP_ENC_KEY_TYPE_FNAM2 //ХЗ ЧТО, ДОБÐВИЛ ЧТОБЫ БЫЛО И ÐРМЕÐЯ КОМПИЛЯТОРÐЕ РУГÐЛСЯ:(
- } dap_enc_key_type_t;
+ } dap_enc_key_type_t;
struct dap_enc_key;
diff --git a/crypto/dap_enc_msrln16.c b/crypto/dap_enc_msrln16.c
index c2d1bbda4b1da2323119820307b1d920ea8a87b9..a346c1fc87490a5ba3da0e1355e2dd35126423b4 100644
--- a/crypto/dap_enc_msrln16.c
+++ b/crypto/dap_enc_msrln16.c
@@ -20,14 +20,14 @@ size_t bob_msg_len;
uint8_t *bob_key = NULL;
size_t bob_key_len;
-struct dap_enc_param{
+/*struct dap_enc_param{
enum OQS_KEX_alg_name alg_name;
char *named_parameters;
char *id;
};
typedef struct dap_enc_sidh16_key{
-} dap_enc_sidh16_key_t;
+} dap_enc_sidh16_key_t;*/
#define PRINT_HEX_STRING(label, str, len) \
{ size_t i; \
@@ -41,18 +41,57 @@ typedef struct dap_enc_sidh16_key{
/**
* @brief dap_enc_msrln16_key_new_generate
- * @param a_key
- * @param a_size
+ * @param rand
+ * @return
*/
-void dap_enc_msrln16_key_new_generate(OQS_RAND *rand)
+
+dap_enc_key_t* dap_enc_msrln16_key_new_generate(struct dap_enc_key* a_key, size_t a_size)//(OQS_RAND* rand)
+//void dap_enc_msrln16_key_new_generate(OQS_RAND *rand)
{
+ dap_enc_key_t *k = DAP_NEW(dap_enc_key_t);
+ dap_enc_msrln16_key_t *msrln16_a_key = DAP_ENC_KEY_TYPE_RLWE_MSRLN16(a_key); //DAP_ENC_SIDH16_KEY(a_key);
+ // OQS_KEX *k = malloc(sizeof(OQS_KEX));
+ if (k == NULL) {
+ return NULL;
+ }
+
+ k->data;
+ k->data_size;
+ k->type = DAP_ENC_KEY_TYPE_RLWE_MSRLN16;
+ k->last_used_timestamp;
+ k->enc = &dap_enc_msrln16_encode;
+ k->dec = &dap_enc_msrln16_decode;
+ k->delete_callback = &dap_enc_msrln16_key_delete;
+
+ msrln16_a_key->rand;
+
+ /* k->ctx = NULL;
+ k->method_name = strdup("RLWE MSR LN16");
+ k->estimated_classical_security = 128;
+ k->estimated_quantum_security = 128;
+ k->seed = NULL;
+ k->seed_len = 0;
+ k->named_parameters = NULL;
+ k->rand = rand;
+ k->params = NULL;
+ k->alice_0 = &OQS_KEX_rlwe_msrln16_alice_0;
+ k->bob = &OQS_KEX_rlwe_msrln16_bob;
+ k->alice_1 = &OQS_KEX_rlwe_msrln16_alice_1;
+ k->alice_priv_free = &OQS_KEX_rlwe_msrln16_alice_priv_free;
+ k->free = &OQS_KEX_rlwe_msrln16_free;*/
+
+ dap_enc_key_t* key;
+
+
+ return k;
+//dap_enc_key_t *k = DAP_NEW(dap_enc_key_t);
//rand = OQS_RAND_new(OQS_RAND_alg_default);
- kex = OQS_KEX_rlwe_msrln16_new(rand);
+ /* kex = OQS_KEX_rlwe_msrln16_new(rand);
if(kex == NULL) {
printf("Ð½Ð¾Ð²Ð°Ñ Ð¿Ð°Ñ€Ð° не Ñгенерирована \n");
//gen = 0;
}
- printf("раÑчёт Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ключами методом %s\n", kex->method_name);
+ printf("раÑчёт Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ключами методом %s\n", kex->method_name);*/
}
@@ -68,7 +107,7 @@ void dap_enc_msrln16_key_new_generate(OQS_RAND *rand)
void dap_enc_msrln16_key_new_from_data(OQS_KEX *k, const void * alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len)
{
- gen = OQS_KEX_rlwe_msrln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
+ /*gen = OQS_KEX_rlwe_msrln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
if(gen != 1) {
printf("OQS_KEX_rlwe_msrln16_alice_1 lose..\n");
gen = 0;
@@ -92,7 +131,7 @@ void dap_enc_msrln16_key_new_from_data(OQS_KEX *k, const void * alice_priv, cons
printf("Alice and Bob's session keys match.\n");
printf("\n\n");
- gen = 1;
+ gen = 1;*/
}
@@ -111,7 +150,7 @@ void dap_enc_msrln16_key_new_from_data_public(dap_enc_key_t * a_key, const void
* @brief dap_enc_msrln16_key_delete
* @param a_key
*/
-void dap_enc_msrln16_key_delete()
+void dap_enc_msrln16_key_delete(struct dap_enc_key* a_key)
{
// free();
free(alice_msg);
@@ -157,14 +196,14 @@ size_t dap_enc_msrln16_key_public_raw(dap_enc_key_t *a_key, void ** a_key_public
//Боб отвечает на приветÑтвие
size_t dap_enc_msrln16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len)
{
- gen=OQS_KEX_rlwe_msrln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len);
+ /*gen=OQS_KEX_rlwe_msrln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len);
if (gen!=1){
//потерÑли от боба
}
PRINT_HEX_STRING("Bob message", bob_msg, bob_msg_len);
- PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
+ PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);*/
}
@@ -181,9 +220,9 @@ size_t dap_enc_msrln16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t
//ÐлиÑа приветÑтвует
size_t dap_enc_msrln16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len)
{
- gen=OQS_KEX_rlwe_msrln16_alice_0(k ,alice_priv, alice_msg, alice_msg_len);
+ /*gen=OQS_KEX_rlwe_msrln16_alice_0(k ,alice_priv, alice_msg, alice_msg_len);
if (gen!=1){
//потерÑли от алиÑÑ‹
}
- PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);
+ PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);*/
}
diff --git a/crypto/dap_enc_msrln16.h b/crypto/dap_enc_msrln16.h
index a0d0e4c8e3db592fd46b7e0cfcf9ccc86adbd466..0dac8ec8304bea2686295495d1a30ccf378bde72 100644
--- a/crypto/dap_enc_msrln16.h
+++ b/crypto/dap_enc_msrln16.h
@@ -3,14 +3,28 @@
#include <stddef.h>
#include "liboqs/crypto/rand/rand.h"
+#include "liboqs/kex/kex.h"
+#include "dap_enc_key.h"
-typedef struct dap_enc_key dap_enc_key_t;
+//typedef struct dap_enc_key dap_enc_key_t;
-//void dap_enc_msrln16_key_new_generate(dap_enc_key_t * a_key, size_t a_size);
-//int OQS_KEX_rlwe_msrln16_bob(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len);
-//int OQS_KEX_rlwe_msrln16_alice_0(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len);
+typedef struct dap_enc_msrln16_key{
+ OQS_RAND* rand;
-void dap_enc_msrln16_key_new_generate(OQS_RAND *rand);
+ unsigned int alice_msg_len;
+ unsigned int bob_msg_len;
+ unsigned int key_len;
+ uint16_t estimated_classical_security;
+ uint16_t estimated_quantum_security;
+ OQS_KEX* k;
+} dap_enc_msrln16_key_t;
+
+#define DAP_ENC_KEY_TYPE_RLWE_MSRLN16(a) ((dap_enc_msrln16_key_t *)((a)->_inheritor))
+
+
+//void dap_enc_msrln16_key_new_generate(OQS_RAND *rand);
+//dap_enc_key_t* dap_enc_msrln16_key_new_generate(struct dap_enc_key* a_key, size_t a_size);
+dap_enc_key_t* dap_enc_msrln16_key_new_genrate(struct dap_enc_key* a_key, size_t a_size);//(OQS_RAND* rand);
// OQS_KEX_rlwe_msrln16_alice_1
void dap_enc_msrln16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len);
//void dap_enc_msrln16_key_new_from_data(dap_enc_key_t * a_key, const void * a_in, size_t a_in_size);
@@ -19,7 +33,8 @@ void dap_enc_msrln16_key_new_from_data_public(dap_enc_key_t* a_key, const void *
// OQS_KEX_rlwe_msrln16_alice_priv_free
// OQS_KEX_rlwe_msrln16_free
-void dap_enc_msrln16_key_delete();
+void dap_enc_msrln16_key_delete(struct dap_enc_key* a_key);
+//void dap_enc_msrln16_key_delete();
/*?*/size_t dap_enc_msrln16_key_public_raw(dap_enc_key_t *a_key, void ** a_key_public);
diff --git a/crypto/dap_enc_sidh16.c b/crypto/dap_enc_sidh16.c
index 77a3dde30da695380e947edbaa0ac47100a68675..559e77e8aa6e93aaf0d852128531cc933ad361c0 100644
--- a/crypto/dap_enc_sidh16.c
+++ b/crypto/dap_enc_sidh16.c
@@ -5,148 +5,330 @@
#include <string.h>
#include <stdbool.h>
-#include "dap_common.h"
#include "dap_enc_sidh16.h"
#include "dap_enc_key.h"
-#include "liboqs/kex/kex.h"
-#include "liboqs/crypto/rand/rand.h"
-#include "liboqs/kex_sidh_cln16/kex_sidh_cln16.h"
+#include <../libdap/core/dap_common.h>
+#include <../libdap/crypto/liboqs/kex_sidh_cln16/kex_sidh_cln16.h>
+#include <../libdap/crypto/liboqs/kex_sidh_cln16/SIDH.h>
-OQS_KEX *k = NULL;
-int gen;
+static const char *P751 = "p751";
+static const char *CompressedP751 = "compressedp751";
-void *alignce_priv = NULL;
-uint8_t *alice_msg = NULL;
-size_t alice_msg_len;
-uint8_t *alice_key = NULL;
-size_t alice_key_len;
+static int isCompressed(void *_inheritor) {
+ if (_inheritor != NULL && strcmp(_inheritor, CompressedP751) == 0) {
+ return 1;
+ }
+ return 0;
+}
-uint8_t *bob_msg = NULL;
-size_t bob_msg_len;
-uint8_t *bob_key = NULL;
-size_t bob_key_len;
+extern bool dap_sidh16_CurveIsogenyStruct_isnull(PCurveIsogenyStruct pCurveIsogeny);
+
+dap_enc_key_t *dap_enc_sidh16_key_new_generate(struct dap_enc_key *a_key, size_t a_size) {
+ dap_enc_key_t *k = DAP_NEW(dap_enc_key_t);
+ dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
+ if(k == NULL)
+ return NULL;
+ // Ð¸Ð½Ð¸Ñ†Ð¸Ð°Ð»Ð¸Ð·Ð°Ñ†Ð¸Ñ ÑиÑтемы изогенных кривых
+ PCurveIsogenyStruct curveIsogeny = oqs_sidh_cln16_curve_allocate(&CurveIsogeny_SIDHp751);
+ if(curveIsogeny == NULL || dap_sidh16_CurveIsogenyStruct_isnull(curveIsogeny)) {
+ DAP_DELETE(k);
+ // оÑвобождаем памÑÑ‚ÑŒ Ð´Ð»Ñ Ð¸Ð·Ð¾Ð³ÐµÐ½Ð¸Ð¸
+ oqs_sidh_cln16_curve_free(curveIsogeny);
+ return NULL;
+ }
+ // Инициализировать изогенную Ñтруктуру кривой pCurveIsogeny Ñо ÑтатичеÑкими данными, извлеченными из pCurveIsogenyData.
+ // Ðто нужно вызвать поÑле Ð²Ñ‹Ð´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼Ñти Ð´Ð»Ñ pCurveIsogeny Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ SIDH_curve_allocate()
+ if(oqs_sidh_cln16_curve_initialize(curveIsogeny, &CurveIsogeny_SIDHp751) != SIDH_CRYPTO_SUCCESS) {
+ DAP_DELETE(k);
+ oqs_sidh_cln16_curve_free(curveIsogeny);
+ return NULL;
+ }
+ k->data;
+ k->data_size;
+ k->type = DAP_ENC_KEY_TYPE_SIDH_CLN16;
+ k->last_used_timestamp;
+ k->enc = &dap_enc_sidh16_encode;
+ k->dec = &dap_enc_sidh16_decode;
+ k->delete_callback = &dap_enc_sidh16_key_delete;
+
+ sidh_a_key->rand;
+ sidh_a_key->user_curveIsogeny;
+ return k;
+}
-struct dap_enc_param{
- enum OQS_KEX_alg_name alg_name;
- char *named_parameters;
- char *id;
-};
-typedef struct dap_enc_sidh16_key{
-} dap_enc_sidh16_key_t;
+void dap_enc_sidh16_key_new_from_data(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size) {
+}
-#define PRINT_HEX_STRING(label, str, len) \
- { size_t i; \
- printf("%-20s (%4zu bytes): ", (label), (size_t)(len)); \
- for (i = 0; i < (len); i++) { \
- printf("%02X", ((unsigned char *) (str))[i]); \
- } \
- printf("\n"); \
+void dap_enc_sidh16_key_delete(struct dap_enc_key *a_key) {
+ dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
+ (void) a_key;
+ if(!a_key){
+ return;
}
+ oqs_sidh_cln16_curve_free((PCurveIsogenyStruct)sidh_a_key->user_curveIsogeny);
+ sidh_a_key->user_curveIsogeny = NULL;
+ DAP_DELETE(a_key);
+}
-int dap_enc_sidh16_key_new_generate(OQS_RAND *rand, const char *named_parameters) {
- k = OQS_KEX_sidh_cln16_new(rand, named_parameters);
- if(k == NULL) {
- printf("Ð½Ð¾Ð²Ð°Ñ Ð¿Ð°Ñ€Ð° не Ñгенерирована \n");
- gen = 0;
+// alice_0
+size_t dap_enc_sidh16_encode(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size, void *a_out) {
+ int ret;
+ dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
+ // non-compressed public key
+ uint8_t *key_a_tmp_pub = NULL;
+ if(!a_key || !a_in || !a_in_size || !a_out)
+ return 0;
+
+ int compressed = isCompressed(a_key->_inheritor);
+ if(compressed) {
+ key_a_tmp_pub = malloc(SIDH_PUBKEY_LEN);
+ a_key->data = malloc(SIDH_COMPRESSED_PUBKEY_LEN);
+ if(key_a_tmp_pub == NULL || a_in == NULL) {
+ ret = 0;
+ DAP_DELETE(a_key->data);
+ a_in = NULL;
+ a_key->data = NULL;
+ }
}
- printf("раÑчёт Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ключами методом %s\n", k->method_name);
-}
- /* Alice's initial message */
-size_t dap_enc_sidh16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len) {
- gen = OQS_KEX_sidh_cln16_alice_0(k, &alice_priv, &alice_msg, &alice_msg_len);
- if(gen != 1) {
- printf("OQS_KEX_sidh_cln16_alice_0 lose..\n");
- gen = 0;
- }
- PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);
-}
-
- /* Bob's response */
-size_t dap_enc_sidh16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **bob_key, size_t *bob_key_len) {
- gen = OQS_KEX_sidh_cln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len);
- if(gen != 1){
- printf("OQS_KEX_sidh_cln16_bob lose..\n");
- gen = 0;
+ else {
+ // non-compressed key
+ a_key->data = malloc(SIDH_PUBKEY_LEN);
+ if(a_key->data == NULL) {
+ ret = 0;
+ DAP_DELETE(a_key->data = NULL);
+ a_key->data = NULL;
+ a_in = NULL;
+ }
+ key_a_tmp_pub = a_key->data;
}
- PRINT_HEX_STRING("Bob message", bob_msg, bob_msg_len);
- PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
-}
-
- /* Alice processes Bob's response */
-void dap_enc_sidh16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len) {
- gen = OQS_KEX_sidh_cln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
- if(gen != 1) {
- printf("OQS_KEX_sidh_cln16_alice_1 lose..\n");
- gen = 0;
+ a_in = malloc(SIDH_SECRETKEY_LEN);
+ if(a_in == NULL) {
+ ret = 0;
+ DAP_DELETE(a_key->data = NULL);
+ a_key->data = NULL;
+ a_in = NULL;
}
- PRINT_HEX_STRING("Alice session key", alice_key, alice_key_len)
-
- /*compare session key lengths and values*/
- if(alice_key_len != bob_key_len) {
- printf("ERROR: Alice's session key and Bob's session key are different lengths (%zu vs %zu)\n", alice_key_len, bob_key_len);
- gen = 0;
+ // generate A key pair
+ if(oqs_sidh_cln16_EphemeralKeyGeneration_A((unsigned char *)a_in, (unsigned char *)key_a_tmp_pub, sidh_a_key->user_curveIsogeny, sidh_a_key->rand) != SIDH_CRYPTO_SUCCESS) {
+ ret = 0;
+ DAP_DELETE(a_key->data = NULL);
+ a_key->data = NULL;
+ a_in = NULL;
}
- gen = memcmp(alice_key, bob_key, alice_key_len);
- if(gen != 0){
- printf("ERROR: Alice's session key and Bob's session key are not equal\n");
- PRINT_HEX_STRING("Alice session key", alice_key, alice_key_len);
- PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
-
- // здеÑÑŒ Ñделать запиÑÑŒ ключа в файл
-
- gen = 0;
+ if (compressed) {
+ // compress Alice's public key
+ oqs_sidh_cln16_PublicKeyCompression_A(key_a_tmp_pub, (unsigned char *) a_in, sidh_a_key->user_curveIsogeny);
+ a_in_size = SIDH_COMPRESSED_PUBKEY_LEN;
+ } else {
+ a_in_size = SIDH_PUBKEY_LEN;
+ key_a_tmp_pub = NULL;
}
- printf("Alice and Bob's session keys match.\n");
- printf("\n\n");
- gen = 1;
+ ret = 1;
+ DAP_DELETE(key_a_tmp_pub);
+ return ret;
}
-void dap_enc_sidh16_key_delete() {
- free(alice_msg);
- free(alice_key);
- free(bob_msg);
- free(bob_key);
- OQS_KEX_sidh_cln16_alice_priv_free(k, alignce_priv);
- OQS_KEX_sidh_cln16_free(k);
-}
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+// int OQS_KEX_sidh_cln16_bob(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len)
+size_t dap_enc_sidh16_decode(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size, void *a_out) {
+ size_t ret;
+ dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
+ uint8_t *bob_priv = NULL;
+ // non-compressed public key
+ uint8_t *bob_tmp_pub = NULL;
+ // decompession values
+ unsigned char *R = NULL, *A = NULL;
+ if(!a_key || !a_in || !a_out){
+ return 0;
+ }
+ a_out = NULL;
+ a_key->data = NULL;
+
+ int compressed = isCompressed(a_key->_inheritor);
+
+ if(compressed) {
+ if(sidh_a_key->alice_msg_len != SIDH_COMPRESSED_PUBKEY_LEN) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ bob_tmp_pub = malloc(SIDH_PUBKEY_LEN);
+ a_out = malloc(SIDH_COMPRESSED_PUBKEY_LEN);
+ if(bob_tmp_pub == NULL || a_out == NULL) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ A = malloc(SIDH_COMPRESSED_A_LEN);
+ if(A == NULL) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ R = malloc(SIDH_COMPRESSED_R_LEN);
+ if(R == NULL) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ }
+ else {
+ if(sidh_a_key->alice_msg_len != SIDH_PUBKEY_LEN) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ // non-compressed
+ a_out = malloc(SIDH_PUBKEY_LEN);
+ if(a_out == NULL) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ bob_tmp_pub = a_out; // point to the pub key
+ }
+ bob_priv = malloc(SIDH_SECRETKEY_LEN);
+ if(bob_priv == NULL){
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ a_key->data = malloc(SIDH_SHAREDKEY_LEN);
+ if(a_key->data == NULL) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ // generate Bob's key pair
+ if(oqs_sidh_cln16_EphemeralKeyGeneration_B((unsigned char *) bob_priv, (unsigned char *) bob_tmp_pub, sidh_a_key->user_curveIsogeny, sidh_a_key->rand) != SIDH_CRYPTO_SUCCESS) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ if(compressed) {
+ // compress Bob's public key
+ oqs_sidh_cln16_PublicKeyCompression_B(bob_tmp_pub, (unsigned char *) a_out, sidh_a_key->user_curveIsogeny);
+ sidh_a_key->bob_msg_len = SIDH_COMPRESSED_PUBKEY_LEN;
+ // decompress Alice's public key
+ oqs_sidh_cln16_PublicKeyADecompression_B((unsigned char *) bob_priv, (unsigned char *) a_in, R, A, sidh_a_key->user_curveIsogeny);
+ // compute Bob's shared secret
+ if(oqs_sidh_cln16_EphemeralSecretAgreement_Compression_B((unsigned char *) bob_priv, R, A, (unsigned char *) a_key->data, sidh_a_key->user_curveIsogeny) != SIDH_CRYPTO_SUCCESS) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ } else {
+ sidh_a_key->bob_msg_len = SIDH_PUBKEY_LEN;
+ bob_tmp_pub = NULL; // we do not want to double-free it
+ // compute Bob's shared secret
+ if(oqs_sidh_cln16_EphemeralSecretAgreement_B((unsigned char *) bob_priv, (unsigned char *) a_in, (unsigned char *) a_key->data, sidh_a_key->user_curveIsogeny) != SIDH_CRYPTO_SUCCESS) {
+ ret = 0;
+ DAP_DELETE(a_out);
+ a_out = NULL;
+ DAP_DELETE(a_key->data);
+ a_key->data = NULL;
+ }
+ }
+ sidh_a_key->key_len = SIDH_SHAREDKEY_LEN;
+ ret = 1;
+ DAP_DELETE(bob_tmp_pub);
+ DAP_DELETE(bob_priv);
+ DAP_DELETE(A);
+ DAP_DELETE(R);
+
+ return ret;
+}
+int OQS_KEX_sidh_cln16_alice_1(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len) {
+ int ret;
+ // decompression values
+ unsigned char *R = NULL, *A = NULL;
+ if (!k || !alice_priv || !bob_msg || !key || !key_len) {
+ return 0;
+ }
+ *key = NULL;
+ int compressed = isCompressed(k->named_parameters);
+ *key = malloc(SIDH_SHAREDKEY_LEN);
+ if (*key == NULL) {
+ goto err;
+ }
+ *key_len = SIDH_SHAREDKEY_LEN;
+
+ if (compressed) {
+ if (bob_msg_len != SIDH_COMPRESSED_PUBKEY_LEN) {
+ goto err;
+ }
+ A = malloc(SIDH_COMPRESSED_A_LEN);
+ if (A == NULL) {
+ goto err;
+ }
+ R = malloc(SIDH_COMPRESSED_R_LEN);
+ if (R == NULL) {
+ goto err;
+ }
+ // compute Alice's shared secret
+ oqs_sidh_cln16_PublicKeyBDecompression_A((unsigned char *) alice_priv, (unsigned char *) bob_msg, R, A, k->ctx);
+ if (oqs_sidh_cln16_EphemeralSecretAgreement_Compression_A((unsigned char *) alice_priv, R, A, (unsigned char *) *key, k->ctx) != SIDH_CRYPTO_SUCCESS) {
+ goto err;
+ }
+ } else {
+ if (bob_msg_len != SIDH_PUBKEY_LEN) {
+ goto err;
+ }
+ if (oqs_sidh_cln16_EphemeralSecretAgreement_A((unsigned char *) alice_priv, (unsigned char *) bob_msg, (unsigned char *) *key, k->ctx) != SIDH_CRYPTO_SUCCESS) {
+ goto err;
+ }
+ }
+ ret = 1;
+ goto cleanup;
+err:
+ ret = 0;
+ DAP_DELETE(*key);
+ *key = NULL;
+cleanup:
+ DAP_DELETE(A);
+ DAP_DELETE(R);
+ return ret;
+}
diff --git a/crypto/dap_enc_sidh16.h b/crypto/dap_enc_sidh16.h
index a3ee502a18d346b23ea954614aac80f18df8f490..169cea09bd92b0e12d1e0784f25c456431336bd6 100644
--- a/crypto/dap_enc_sidh16.h
+++ b/crypto/dap_enc_sidh16.h
@@ -1,27 +1,51 @@
#ifndef _DAP_ENC_SIDH16_H_
#define _DAP_ENC_SIDH16_H_
+#include <stdlib.h>
+#include <stdio.h>
#include <stddef.h>
-#include "liboqs/kex/kex.h"
-#include "liboqs/crypto/rand/rand.h"
+#include <stdint.h>
+#include <string.h>
+#include <stdbool.h>
-struct dap_enc_key;
-
-// OQS_KEX_sidh_cln16_new
-int dap_enc_sidh16_key_new_generate(OQS_RAND *rand, const char *named_parameters);
+#include "dap_common.h"
+#include "dap_enc_key.h"
+#include <../libdap/crypto/liboqs/kex_sidh_cln16/SIDH.h>
+#include <../libdap/crypto/liboqs/kex/kex.h>
-// OQS_KEX_sidh_cln16_alice_1
-void dap_enc_sidh16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len);
-// OQS_KEX_sidh_cln16_alice_priv_free
-// OQS_KEX_sidh_cln16_free
-void dap_enc_sidh16_key_delete();
-// OQS_KEX_sidh_cln16_alice_0
-size_t dap_enc_sidh16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len);
-
-// OQS_KEX_sidh_cln16_bob
-size_t dap_enc_sidh16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len);
+struct dap_enc_key;
+extern bool dap_sidh16_CurveIsogenyStruct_isnull(PCurveIsogenyStruct pCurveIsogeny);
+
+typedef struct dap_enc_sidh16_key{
+ OQS_RAND *rand;
+ void * user_curveIsogeny;
+ unsigned int alice_msg_len;
+ unsigned int bob_msg_len;
+ unsigned int key_len;
+ uint16_t estimated_classical_security;
+ uint16_t estimated_quantum_security;
+} dap_enc_sidh16_key_t;
+
+struct dapenc_testcase {
+ enum OQS_KEX_alg_name alg_name;
+ unsigned char *seed;
+ size_t seed_len;
+ char *named_parameters;
+ char *id;
+ int run;
+ int iter;
+};
+
+#define DAP_ENC_SIDH16_KEY(a) ((dap_enc_sidh16_key_t *)((a)->_inheritor))
+
+dap_enc_key_t *dap_enc_sidh16_key_new_generate(struct dap_enc_key* a_key, size_t a_size); // new
+void dap_enc_sidh16_key_new_from_data(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size); // alice_1
+void dap_enc_sidh16_key_delete(struct dap_enc_key* a_key); // sidh_cln16_alice_priv_free // sidh_cln16_free
+
+size_t dap_enc_sidh16_encode(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size, void* a_out); // alice_0
+size_t dap_enc_sidh16_decode(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size, void* a_out); // bob
#endif