Skip to content
Snippets Groups Projects
Commit dd893f0f authored by Maxim Krasylnikov's avatar Maxim Krasylnikov
Browse files

callbackdonotmatch

parent bc4ab985
No related branches found
No related tags found
1 merge request!24Support 3689
Hide whitespace changes
Inline Side-by-side
crypto/dap_enc_key.c
+ 10
0
View file @ dd893f0f
......@@ -69,6 +69,16 @@ struct dap_enc_key_callbacks{
.key_public_raw_callback = dap_enc_newhope_key_public_raw,
.new_from_data_public_callback = dap_enc_newhope_key_new_from_data_public
},
/* [DAP_ENC_KEY_TYPE_SIDH_CLN16]={
.name = "SIDHCLN16",
.size_max = 64,
.enc = dap_enc_sidh16_encode,
.dec = dap_enc_sidh16_decode,
.new_callback = NULL,
.delete_callback = NULL,
.new_generate_callback = dap_enc_sidh16_key_new_generate,
.new_from_data_callback = dap_enc_sidh16_key_new_from_data
},*/
//MSRLN16
[DAP_ENC_KEY_TYPE_RLWE_MSRLN16] = {
.name = "MSRLN16",
......
crypto/dap_enc_key.h
+ 4
3
View file @ dd893f0f
......@@ -30,7 +30,7 @@ typedef enum dap_enc_data_type{DAP_ENC_DATA_TYPE_RAW,
} dap_enc_data_type_t;
} dap_enc_data_type_t;
//} dap_enc_data_type_t;
typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_AES, // Symmetric AES
......@@ -46,7 +46,8 @@ typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_AES, // Symmetric AES
// from https://github.com/tpoeppelmann/newhop
// https://eprint.iacr.org/2015/1092
DAP_ENC_KEY_TYPE_RLWE_MSRLN16, // Microsoft Research implementation of Peikert's ring-LWE key exchange
DAP_ENC_KEY_TYPE_RLWE_MSRLN16,
//DAP_ENC_KEY_TYPE_RLWE_MSRLN16, // Microsoft Research implementation of Peikert's ring-LWE key exchange
// (Longa, Naehrig, CANS 2016, https://eprint.iacr.org/2016/504)
// based on the implementation of Alkim, Ducas, Pöppelmann, and Schwabe,
// with improvements from Longa and Naehrig,
......@@ -87,7 +88,7 @@ typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_AES, // Symmetric AES
// https://eprint.iacr.org/2017/279.pdf), using the optimized implemenation
// from https://github.com/IAIK/Picnic
DAP_ENC_KEY_TYPE_FNAM2 //ХЗ ЧТО, ДОБАВИЛ ЧТОБЫ БЫЛО И НА МЕНЯ КОМПИЛЯТОР НЕ РУГАЛСЯ:(
} dap_enc_key_type_t;
} dap_enc_key_type_t;
struct dap_enc_key;
......
crypto/dap_enc_msrln16.c
+ 53
14
View file @ dd893f0f
......@@ -20,14 +20,14 @@ size_t bob_msg_len;
uint8_t *bob_key = NULL;
size_t bob_key_len;
struct dap_enc_param{
/*struct dap_enc_param{
enum OQS_KEX_alg_name alg_name;
char *named_parameters;
char *id;
};
typedef struct dap_enc_sidh16_key{
} dap_enc_sidh16_key_t;
} dap_enc_sidh16_key_t;*/
#define PRINT_HEX_STRING(label, str, len) \
{ size_t i; \
......@@ -41,18 +41,57 @@ typedef struct dap_enc_sidh16_key{
/**
* @brief dap_enc_msrln16_key_new_generate
* @param a_key
* @param a_size
* @param rand
* @return
*/
void dap_enc_msrln16_key_new_generate(OQS_RAND *rand)
dap_enc_key_t* dap_enc_msrln16_key_new_generate(struct dap_enc_key* a_key, size_t a_size)//(OQS_RAND* rand)
//void dap_enc_msrln16_key_new_generate(OQS_RAND *rand)
{
dap_enc_key_t *k = DAP_NEW(dap_enc_key_t);
dap_enc_msrln16_key_t *msrln16_a_key = DAP_ENC_KEY_TYPE_RLWE_MSRLN16(a_key); //DAP_ENC_SIDH16_KEY(a_key);
// OQS_KEX *k = malloc(sizeof(OQS_KEX));
if (k == NULL) {
return NULL;
}
k->data;
k->data_size;
k->type = DAP_ENC_KEY_TYPE_RLWE_MSRLN16;
k->last_used_timestamp;
k->enc = &dap_enc_msrln16_encode;
k->dec = &dap_enc_msrln16_decode;
k->delete_callback = &dap_enc_msrln16_key_delete;
msrln16_a_key->rand;
/* k->ctx = NULL;
k->method_name = strdup("RLWE MSR LN16");
k->estimated_classical_security = 128;
k->estimated_quantum_security = 128;
k->seed = NULL;
k->seed_len = 0;
k->named_parameters = NULL;
k->rand = rand;
k->params = NULL;
k->alice_0 = &OQS_KEX_rlwe_msrln16_alice_0;
k->bob = &OQS_KEX_rlwe_msrln16_bob;
k->alice_1 = &OQS_KEX_rlwe_msrln16_alice_1;
k->alice_priv_free = &OQS_KEX_rlwe_msrln16_alice_priv_free;
k->free = &OQS_KEX_rlwe_msrln16_free;*/
dap_enc_key_t* key;
return k;
//dap_enc_key_t *k = DAP_NEW(dap_enc_key_t);
//rand = OQS_RAND_new(OQS_RAND_alg_default);
kex = OQS_KEX_rlwe_msrln16_new(rand);
/* kex = OQS_KEX_rlwe_msrln16_new(rand);
if(kex == NULL) {
printf("новая пара не сгенерирована \n");
//gen = 0;
}
printf("расчёт для обмена ключами методом %s\n", kex->method_name);
printf("расчёт для обмена ключами методом %s\n", kex->method_name);*/
}
......@@ -68,7 +107,7 @@ void dap_enc_msrln16_key_new_generate(OQS_RAND *rand)
void dap_enc_msrln16_key_new_from_data(OQS_KEX *k, const void * alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len)
{
gen = OQS_KEX_rlwe_msrln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
/*gen = OQS_KEX_rlwe_msrln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
if(gen != 1) {
printf("OQS_KEX_rlwe_msrln16_alice_1 lose..\n");
gen = 0;
......@@ -92,7 +131,7 @@ void dap_enc_msrln16_key_new_from_data(OQS_KEX *k, const void * alice_priv, cons
printf("Alice and Bob's session keys match.\n");
printf("\n\n");
gen = 1;
gen = 1;*/
}
......@@ -111,7 +150,7 @@ void dap_enc_msrln16_key_new_from_data_public(dap_enc_key_t * a_key, const void
* @brief dap_enc_msrln16_key_delete
* @param a_key
*/
void dap_enc_msrln16_key_delete()
void dap_enc_msrln16_key_delete(struct dap_enc_key* a_key)
{
// free();
free(alice_msg);
......@@ -157,14 +196,14 @@ size_t dap_enc_msrln16_key_public_raw(dap_enc_key_t *a_key, void ** a_key_public
//Боб отвечает на приветствие
size_t dap_enc_msrln16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len)
{
gen=OQS_KEX_rlwe_msrln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len);
/*gen=OQS_KEX_rlwe_msrln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len);
if (gen!=1){
//потеряли от боба
}
PRINT_HEX_STRING("Bob message", bob_msg, bob_msg_len);
PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);*/
}
......@@ -181,9 +220,9 @@ size_t dap_enc_msrln16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t
//Алиса приветствует
size_t dap_enc_msrln16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len)
{
gen=OQS_KEX_rlwe_msrln16_alice_0(k ,alice_priv, alice_msg, alice_msg_len);
/*gen=OQS_KEX_rlwe_msrln16_alice_0(k ,alice_priv, alice_msg, alice_msg_len);
if (gen!=1){
//потеряли от алисы
}
PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);
PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);*/
}
crypto/dap_enc_msrln16.h
+ 21
6
View file @ dd893f0f
......@@ -3,14 +3,28 @@
#include <stddef.h>
#include "liboqs/crypto/rand/rand.h"
#include "liboqs/kex/kex.h"
#include "dap_enc_key.h"
typedef struct dap_enc_key dap_enc_key_t;
//typedef struct dap_enc_key dap_enc_key_t;
//void dap_enc_msrln16_key_new_generate(dap_enc_key_t * a_key, size_t a_size);
//int OQS_KEX_rlwe_msrln16_bob(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len);
//int OQS_KEX_rlwe_msrln16_alice_0(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len);
typedef struct dap_enc_msrln16_key{
OQS_RAND* rand;
void dap_enc_msrln16_key_new_generate(OQS_RAND *rand);
unsigned int alice_msg_len;
unsigned int bob_msg_len;
unsigned int key_len;
uint16_t estimated_classical_security;
uint16_t estimated_quantum_security;
OQS_KEX* k;
} dap_enc_msrln16_key_t;
#define DAP_ENC_KEY_TYPE_RLWE_MSRLN16(a) ((dap_enc_msrln16_key_t *)((a)->_inheritor))
//void dap_enc_msrln16_key_new_generate(OQS_RAND *rand);
//dap_enc_key_t* dap_enc_msrln16_key_new_generate(struct dap_enc_key* a_key, size_t a_size);
dap_enc_key_t* dap_enc_msrln16_key_new_genrate(struct dap_enc_key* a_key, size_t a_size);//(OQS_RAND* rand);
// OQS_KEX_rlwe_msrln16_alice_1
void dap_enc_msrln16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len);
//void dap_enc_msrln16_key_new_from_data(dap_enc_key_t * a_key, const void * a_in, size_t a_in_size);
......@@ -19,7 +33,8 @@ void dap_enc_msrln16_key_new_from_data_public(dap_enc_key_t* a_key, const void *
// OQS_KEX_rlwe_msrln16_alice_priv_free
// OQS_KEX_rlwe_msrln16_free
void dap_enc_msrln16_key_delete();
void dap_enc_msrln16_key_delete(struct dap_enc_key* a_key);
//void dap_enc_msrln16_key_delete();
/*?*/size_t dap_enc_msrln16_key_public_raw(dap_enc_key_t *a_key, void ** a_key_public);
......
crypto/dap_enc_sidh16.c
+ 287
105
View file @ dd893f0f
......@@ -5,148 +5,330 @@
#include <string.h>
#include <stdbool.h>
#include "dap_common.h"
#include "dap_enc_sidh16.h"
#include "dap_enc_key.h"
#include "liboqs/kex/kex.h"
#include "liboqs/crypto/rand/rand.h"
#include "liboqs/kex_sidh_cln16/kex_sidh_cln16.h"
#include <../libdap/core/dap_common.h>
#include <../libdap/crypto/liboqs/kex_sidh_cln16/kex_sidh_cln16.h>
#include <../libdap/crypto/liboqs/kex_sidh_cln16/SIDH.h>
OQS_KEX *k = NULL;
int gen;
static const char *P751 = "p751";
static const char *CompressedP751 = "compressedp751";
void *alignce_priv = NULL;
uint8_t *alice_msg = NULL;
size_t alice_msg_len;
uint8_t *alice_key = NULL;
size_t alice_key_len;
static int isCompressed(void *_inheritor) {
if (_inheritor != NULL && strcmp(_inheritor, CompressedP751) == 0) {
return 1;
}
return 0;
}
uint8_t *bob_msg = NULL;
size_t bob_msg_len;
uint8_t *bob_key = NULL;
size_t bob_key_len;
extern bool dap_sidh16_CurveIsogenyStruct_isnull(PCurveIsogenyStruct pCurveIsogeny);
dap_enc_key_t *dap_enc_sidh16_key_new_generate(struct dap_enc_key *a_key, size_t a_size) {
dap_enc_key_t *k = DAP_NEW(dap_enc_key_t);
dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
if(k == NULL)
return NULL;
// инициализация системы изогенных кривых
PCurveIsogenyStruct curveIsogeny = oqs_sidh_cln16_curve_allocate(&CurveIsogeny_SIDHp751);
if(curveIsogeny == NULL || dap_sidh16_CurveIsogenyStruct_isnull(curveIsogeny)) {
DAP_DELETE(k);
// освобождаем память для изогении
oqs_sidh_cln16_curve_free(curveIsogeny);
return NULL;
}
// Инициализировать изогенную структуру кривой pCurveIsogeny со статическими данными, извлеченными из pCurveIsogenyData.
// Это нужно вызвать после выделения памяти для pCurveIsogeny с помощью SIDH_curve_allocate()
if(oqs_sidh_cln16_curve_initialize(curveIsogeny, &CurveIsogeny_SIDHp751) != SIDH_CRYPTO_SUCCESS) {
DAP_DELETE(k);
oqs_sidh_cln16_curve_free(curveIsogeny);
return NULL;
}
k->data;
k->data_size;
k->type = DAP_ENC_KEY_TYPE_SIDH_CLN16;
k->last_used_timestamp;
k->enc = &dap_enc_sidh16_encode;
k->dec = &dap_enc_sidh16_decode;
k->delete_callback = &dap_enc_sidh16_key_delete;
sidh_a_key->rand;
sidh_a_key->user_curveIsogeny;
return k;
}
struct dap_enc_param{
enum OQS_KEX_alg_name alg_name;
char *named_parameters;
char *id;
};
typedef struct dap_enc_sidh16_key{
} dap_enc_sidh16_key_t;
void dap_enc_sidh16_key_new_from_data(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size) {
}
#define PRINT_HEX_STRING(label, str, len) \
{ size_t i; \
printf("%-20s (%4zu bytes): ", (label), (size_t)(len)); \
for (i = 0; i < (len); i++) { \
printf("%02X", ((unsigned char *) (str))[i]); \
} \
printf("\n"); \
void dap_enc_sidh16_key_delete(struct dap_enc_key *a_key) {
dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
(void) a_key;
if(!a_key){
return;
}
oqs_sidh_cln16_curve_free((PCurveIsogenyStruct)sidh_a_key->user_curveIsogeny);
sidh_a_key->user_curveIsogeny = NULL;
DAP_DELETE(a_key);
}
int dap_enc_sidh16_key_new_generate(OQS_RAND *rand, const char *named_parameters) {
k = OQS_KEX_sidh_cln16_new(rand, named_parameters);
if(k == NULL) {
printf("новая пара не сгенерирована \n");
gen = 0;
// alice_0
size_t dap_enc_sidh16_encode(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size, void *a_out) {
int ret;
dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
// non-compressed public key
uint8_t *key_a_tmp_pub = NULL;
if(!a_key || !a_in || !a_in_size || !a_out)
return 0;
int compressed = isCompressed(a_key->_inheritor);
if(compressed) {
key_a_tmp_pub = malloc(SIDH_PUBKEY_LEN);
a_key->data = malloc(SIDH_COMPRESSED_PUBKEY_LEN);
if(key_a_tmp_pub == NULL || a_in == NULL) {
ret = 0;
DAP_DELETE(a_key->data);
a_in = NULL;
a_key->data = NULL;
}
}
printf("расчёт для обмена ключами методом %s\n", k->method_name);
}
/* Alice's initial message */
size_t dap_enc_sidh16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len) {
gen = OQS_KEX_sidh_cln16_alice_0(k, &alice_priv, &alice_msg, &alice_msg_len);
if(gen != 1) {
printf("OQS_KEX_sidh_cln16_alice_0 lose..\n");
gen = 0;
}
PRINT_HEX_STRING("Alice message", alice_msg, alice_msg_len);
}
/* Bob's response */
size_t dap_enc_sidh16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **bob_key, size_t *bob_key_len) {
gen = OQS_KEX_sidh_cln16_bob(k, alice_msg, alice_msg_len, &bob_msg, &bob_msg_len, &bob_key, &bob_key_len);
if(gen != 1){
printf("OQS_KEX_sidh_cln16_bob lose..\n");
gen = 0;
else {
// non-compressed key
a_key->data = malloc(SIDH_PUBKEY_LEN);
if(a_key->data == NULL) {
ret = 0;
DAP_DELETE(a_key->data = NULL);
a_key->data = NULL;
a_in = NULL;
}
key_a_tmp_pub = a_key->data;
}
PRINT_HEX_STRING("Bob message", bob_msg, bob_msg_len);
PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
}
/* Alice processes Bob's response */
void dap_enc_sidh16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len) {
gen = OQS_KEX_sidh_cln16_alice_1(k, alice_priv, bob_msg, bob_msg_len, &alice_key, &alice_key_len);
if(gen != 1) {
printf("OQS_KEX_sidh_cln16_alice_1 lose..\n");
gen = 0;
a_in = malloc(SIDH_SECRETKEY_LEN);
if(a_in == NULL) {
ret = 0;
DAP_DELETE(a_key->data = NULL);
a_key->data = NULL;
a_in = NULL;
}
PRINT_HEX_STRING("Alice session key", alice_key, alice_key_len)
/*compare session key lengths and values*/
if(alice_key_len != bob_key_len) {
printf("ERROR: Alice's session key and Bob's session key are different lengths (%zu vs %zu)\n", alice_key_len, bob_key_len);
gen = 0;
// generate A key pair
if(oqs_sidh_cln16_EphemeralKeyGeneration_A((unsigned char *)a_in, (unsigned char *)key_a_tmp_pub, sidh_a_key->user_curveIsogeny, sidh_a_key->rand) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
DAP_DELETE(a_key->data = NULL);
a_key->data = NULL;
a_in = NULL;
}
gen = memcmp(alice_key, bob_key, alice_key_len);
if(gen != 0){
printf("ERROR: Alice's session key and Bob's session key are not equal\n");
PRINT_HEX_STRING("Alice session key", alice_key, alice_key_len);
PRINT_HEX_STRING("Bob session key", bob_key, bob_key_len);
// здесь сделать запись ключа в файл
gen = 0;
if (compressed) {
// compress Alice's public key
oqs_sidh_cln16_PublicKeyCompression_A(key_a_tmp_pub, (unsigned char *) a_in, sidh_a_key->user_curveIsogeny);
a_in_size = SIDH_COMPRESSED_PUBKEY_LEN;
} else {
a_in_size = SIDH_PUBKEY_LEN;
key_a_tmp_pub = NULL;
}
printf("Alice and Bob's session keys match.\n");
printf("\n\n");
gen = 1;
ret = 1;
DAP_DELETE(key_a_tmp_pub);
return ret;
}
void dap_enc_sidh16_key_delete() {
free(alice_msg);
free(alice_key);
free(bob_msg);
free(bob_key);
OQS_KEX_sidh_cln16_alice_priv_free(k, alignce_priv);
OQS_KEX_sidh_cln16_free(k);
}
// int OQS_KEX_sidh_cln16_bob(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len)
size_t dap_enc_sidh16_decode(struct dap_enc_key *a_key, const void *a_in, size_t a_in_size, void *a_out) {
size_t ret;
dap_enc_sidh16_key_t *sidh_a_key = DAP_ENC_SIDH16_KEY(a_key);
uint8_t *bob_priv = NULL;
// non-compressed public key
uint8_t *bob_tmp_pub = NULL;
// decompession values
unsigned char *R = NULL, *A = NULL;
if(!a_key || !a_in || !a_out){
return 0;
}
a_out = NULL;
a_key->data = NULL;
int compressed = isCompressed(a_key->_inheritor);
if(compressed) {
if(sidh_a_key->alice_msg_len != SIDH_COMPRESSED_PUBKEY_LEN) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
bob_tmp_pub = malloc(SIDH_PUBKEY_LEN);
a_out = malloc(SIDH_COMPRESSED_PUBKEY_LEN);
if(bob_tmp_pub == NULL || a_out == NULL) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
A = malloc(SIDH_COMPRESSED_A_LEN);
if(A == NULL) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
R = malloc(SIDH_COMPRESSED_R_LEN);
if(R == NULL) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
}
else {
if(sidh_a_key->alice_msg_len != SIDH_PUBKEY_LEN) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
// non-compressed
a_out = malloc(SIDH_PUBKEY_LEN);
if(a_out == NULL) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
bob_tmp_pub = a_out; // point to the pub key
}
bob_priv = malloc(SIDH_SECRETKEY_LEN);
if(bob_priv == NULL){
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
a_key->data = malloc(SIDH_SHAREDKEY_LEN);
if(a_key->data == NULL) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
// generate Bob's key pair
if(oqs_sidh_cln16_EphemeralKeyGeneration_B((unsigned char *) bob_priv, (unsigned char *) bob_tmp_pub, sidh_a_key->user_curveIsogeny, sidh_a_key->rand) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
if(compressed) {
// compress Bob's public key
oqs_sidh_cln16_PublicKeyCompression_B(bob_tmp_pub, (unsigned char *) a_out, sidh_a_key->user_curveIsogeny);
sidh_a_key->bob_msg_len = SIDH_COMPRESSED_PUBKEY_LEN;
// decompress Alice's public key
oqs_sidh_cln16_PublicKeyADecompression_B((unsigned char *) bob_priv, (unsigned char *) a_in, R, A, sidh_a_key->user_curveIsogeny);
// compute Bob's shared secret
if(oqs_sidh_cln16_EphemeralSecretAgreement_Compression_B((unsigned char *) bob_priv, R, A, (unsigned char *) a_key->data, sidh_a_key->user_curveIsogeny) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
} else {
sidh_a_key->bob_msg_len = SIDH_PUBKEY_LEN;
bob_tmp_pub = NULL; // we do not want to double-free it
// compute Bob's shared secret
if(oqs_sidh_cln16_EphemeralSecretAgreement_B((unsigned char *) bob_priv, (unsigned char *) a_in, (unsigned char *) a_key->data, sidh_a_key->user_curveIsogeny) != SIDH_CRYPTO_SUCCESS) {
ret = 0;
DAP_DELETE(a_out);
a_out = NULL;
DAP_DELETE(a_key->data);
a_key->data = NULL;
}
}
sidh_a_key->key_len = SIDH_SHAREDKEY_LEN;
ret = 1;
DAP_DELETE(bob_tmp_pub);
DAP_DELETE(bob_priv);
DAP_DELETE(A);
DAP_DELETE(R);
return ret;
}
int OQS_KEX_sidh_cln16_alice_1(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len) {
int ret;
// decompression values
unsigned char *R = NULL, *A = NULL;
if (!k || !alice_priv || !bob_msg || !key || !key_len) {
return 0;
}
*key = NULL;
int compressed = isCompressed(k->named_parameters);
*key = malloc(SIDH_SHAREDKEY_LEN);
if (*key == NULL) {
goto err;
}
*key_len = SIDH_SHAREDKEY_LEN;
if (compressed) {
if (bob_msg_len != SIDH_COMPRESSED_PUBKEY_LEN) {
goto err;
}
A = malloc(SIDH_COMPRESSED_A_LEN);
if (A == NULL) {
goto err;
}
R = malloc(SIDH_COMPRESSED_R_LEN);
if (R == NULL) {
goto err;
}
// compute Alice's shared secret
oqs_sidh_cln16_PublicKeyBDecompression_A((unsigned char *) alice_priv, (unsigned char *) bob_msg, R, A, k->ctx);
if (oqs_sidh_cln16_EphemeralSecretAgreement_Compression_A((unsigned char *) alice_priv, R, A, (unsigned char *) *key, k->ctx) != SIDH_CRYPTO_SUCCESS) {
goto err;
}
} else {
if (bob_msg_len != SIDH_PUBKEY_LEN) {
goto err;
}
if (oqs_sidh_cln16_EphemeralSecretAgreement_A((unsigned char *) alice_priv, (unsigned char *) bob_msg, (unsigned char *) *key, k->ctx) != SIDH_CRYPTO_SUCCESS) {
goto err;
}
}
ret = 1;
goto cleanup;
err:
ret = 0;
DAP_DELETE(*key);
*key = NULL;
cleanup:
DAP_DELETE(A);
DAP_DELETE(R);
return ret;
}
crypto/dap_enc_sidh16.h
+ 40
16
View file @ dd893f0f
#ifndef _DAP_ENC_SIDH16_H_
#define _DAP_ENC_SIDH16_H_
#include <stdlib.h>
#include <stdio.h>
#include <stddef.h>
#include "liboqs/kex/kex.h"
#include "liboqs/crypto/rand/rand.h"
#include <stdint.h>
#include <string.h>
#include <stdbool.h>
struct dap_enc_key;
// OQS_KEX_sidh_cln16_new
int dap_enc_sidh16_key_new_generate(OQS_RAND *rand, const char *named_parameters);
#include "dap_common.h"
#include "dap_enc_key.h"
#include <../libdap/crypto/liboqs/kex_sidh_cln16/SIDH.h>
#include <../libdap/crypto/liboqs/kex/kex.h>
// OQS_KEX_sidh_cln16_alice_1
void dap_enc_sidh16_key_new_from_data(OQS_KEX *k, const void *alice_priv, const uint8_t *bob_msg, const size_t bob_msg_len, uint8_t **key, size_t *key_len);
// OQS_KEX_sidh_cln16_alice_priv_free
// OQS_KEX_sidh_cln16_free
void dap_enc_sidh16_key_delete();
// OQS_KEX_sidh_cln16_alice_0
size_t dap_enc_sidh16_encode(OQS_KEX *k, void **alice_priv, uint8_t **alice_msg, size_t *alice_msg_len);
// OQS_KEX_sidh_cln16_bob
size_t dap_enc_sidh16_decode(OQS_KEX *k, const uint8_t *alice_msg, const size_t alice_msg_len, uint8_t **bob_msg, size_t *bob_msg_len, uint8_t **key, size_t *key_len);
struct dap_enc_key;
extern bool dap_sidh16_CurveIsogenyStruct_isnull(PCurveIsogenyStruct pCurveIsogeny);
typedef struct dap_enc_sidh16_key{
OQS_RAND *rand;
void * user_curveIsogeny;
unsigned int alice_msg_len;
unsigned int bob_msg_len;
unsigned int key_len;
uint16_t estimated_classical_security;
uint16_t estimated_quantum_security;
} dap_enc_sidh16_key_t;
struct dapenc_testcase {
enum OQS_KEX_alg_name alg_name;
unsigned char *seed;
size_t seed_len;
char *named_parameters;
char *id;
int run;
int iter;
};
#define DAP_ENC_SIDH16_KEY(a) ((dap_enc_sidh16_key_t *)((a)->_inheritor))
dap_enc_key_t *dap_enc_sidh16_key_new_generate(struct dap_enc_key* a_key, size_t a_size); // new
void dap_enc_sidh16_key_new_from_data(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size); // alice_1
void dap_enc_sidh16_key_delete(struct dap_enc_key* a_key); // sidh_cln16_alice_priv_free // sidh_cln16_free
size_t dap_enc_sidh16_encode(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size, void* a_out); // alice_0
size_t dap_enc_sidh16_decode(struct dap_enc_key* a_key, const void* a_in, size_t a_in_size, void* a_out); // bob
#endif
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment