diff --git a/include/dap_enc_bf_cbc.h b/include/dap_enc_bf.h
similarity index 52%
rename from include/dap_enc_bf_cbc.h
rename to include/dap_enc_bf.h
index 2bf8826a4508dc7d5046f7087641fa82471058c2..cfc314a62b377d1925c9a6d26de6c16fcaf80911 100644
--- a/include/dap_enc_bf_cbc.h
+++ b/include/dap_enc_bf.h
@@ -8,11 +8,11 @@
#ifdef __cplusplus
extern "C" {
#endif
-
-void dap_enc_bf_cbc_key_new(struct dap_enc_key * a_key);
-void dap_enc_bf_cbc_key_delete(struct dap_enc_key *a_key);
-void dap_enc_bf_cbc_key_generate(struct dap_enc_key * a_key, const void *kex_buf,
+void dap_enc_bf_key_delete(struct dap_enc_key *a_key);
+void dap_enc_bf_key_generate(struct dap_enc_key * a_key, const void *kex_buf,
size_t kex_size, const void * seed, size_t seed_size, size_t key_size);
+//-----CBC----------
+void dap_enc_bf_cbc_key_new(struct dap_enc_key * a_key);
size_t dap_enc_bf_cbc_calc_decode_size(const size_t size_in);
size_t dap_enc_bf_cbc_calc_encode_size(const size_t size_in);
@@ -27,6 +27,22 @@ size_t dap_enc_bf_cbc_decrypt_fast(struct dap_enc_key * a_key, const void * a_in
size_t dap_enc_bf_cbc_encrypt_fast(struct dap_enc_key * a_key, const void * a_in,
size_t a_in_size, void * buf_out, size_t buf_out_size);
+//------OFB---------
+void dap_enc_bf_ofb_key_new(struct dap_enc_key * a_key);
+
+size_t dap_enc_bf_ofb_calc_decode_size(const size_t size_in);
+size_t dap_enc_bf_ofb_calc_encode_size(const size_t size_in);
+
+size_t dap_enc_bf_ofb_decrypt(struct dap_enc_key * a_key, const void * a_in, size_t a_in_size, void ** a_out);
+size_t dap_enc_bf_ofb_encrypt(struct dap_enc_key * a_key, const void * a_in, size_t a_in_size, void ** a_out);
+
+// Writes result ( out ) in already allocated buffer
+size_t dap_enc_bf_ofb_decrypt_fast(struct dap_enc_key * a_key, const void * a_in,
+ size_t a_in_size, void * buf_out, size_t buf_out_size);
+// Writes result ( out ) in already allocated buffer
+size_t dap_enc_bf_ofb_encrypt_fast(struct dap_enc_key * a_key, const void * a_in,
+ size_t a_in_size, void * buf_out, size_t buf_out_size);
+
#ifdef __cplusplus
}
#endif
diff --git a/include/dap_enc_key.h b/include/dap_enc_key.h
index 873c82c8d13d181612f9ed3efb739a7b0228bac5..138a7d5af2e3dd95349332723a7854c2304c3ac9 100755
--- a/include/dap_enc_key.h
+++ b/include/dap_enc_key.h
@@ -44,11 +44,16 @@ typedef enum dap_enc_data_type{DAP_ENC_DATA_TYPE_RAW,
-typedef enum dap_enc_key_type{ DAP_ENC_KEY_TYPE_IAES, // Symmetric AES
+typedef enum dap_enc_key_type{
+
+ DAP_ENC_KEY_TYPE_IAES, // Symmetric AES
DAP_ENC_KEY_TYPE_OAES,// from https://github.com/monero-project/monero/tree/master/src/crypto
DAP_ENC_KEY_TYPE_BF_CBC,// BlowFish CBCmode
+ DAP_ENC_KEY_TYPE_BF_OFB,//BlowFish OFBmode
+
+
DAP_ENC_KEY_TYPE_RLWE_NEWHOPE, // "NewHope": key exchange from the ring learning with errors problem
// (Alkim, Ducas, Pöppelmann, Schwabe, USENIX Security 2016 )
diff --git a/src/dap_enc_bf_cbc.c b/src/dap_enc_bf.c
similarity index 58%
rename from src/dap_enc_bf_cbc.c
rename to src/dap_enc_bf.c
index 287718265511459bbde8244565b78cd5beb1d265..704e5241fef6b9e924d8571cc67ed8509c5e27a6 100644
--- a/src/dap_enc_bf_cbc.c
+++ b/src/dap_enc_bf.c
@@ -4,15 +4,43 @@
#include <stddef.h>
#include <string.h>
-//#include "oaes_lib.h"
-#include "dap_enc_bf_cbc.h"
+#include "dap_enc_bf.h"
#include "dap_common.h"
#include "rand/dap_rand.h"
#include"sha3/KeccakHash.h"
#define LOG_TAG "dap_enc_bf_cbc"
-//todo clear l/8 and iv things
+
+void dap_enc_bf_key_generate(struct dap_enc_key * a_key, const void *kex_buf,
+ size_t kex_size, const void * seed, size_t seed_size, size_t key_size)
+{
+ a_key->last_used_timestamp = time(NULL);
+
+
+ a_key->priv_key_data_size = sizeof(BF_KEY);
+ a_key->priv_key_data = DAP_NEW_SIZE(uint8_t, sizeof(BF_KEY));
+
+ uint8_t *tmp_buf = DAP_NEW_SIZE(uint8_t, (BF_ROUNDS + 2)*4);
+ Keccak_HashInstance Keccak_ctx;
+ Keccak_HashInitialize(&Keccak_ctx, 1088, 512, (BF_ROUNDS + 2)*4*8, 0x06);
+ Keccak_HashUpdate(&Keccak_ctx, kex_buf, kex_size*8);
+ if(seed_size)
+ Keccak_HashUpdate(&Keccak_ctx, seed, seed_size*8);
+ Keccak_HashFinal(&Keccak_ctx, tmp_buf);
+
+ BF_set_key(a_key->priv_key_data, (BF_ROUNDS + 2)*4, tmp_buf);
+ }
+void dap_enc_bf_key_delete(struct dap_enc_key *a_key)
+{
+ if(a_key->priv_key_data != NULL)
+ {
+ randombytes(a_key->priv_key_data,a_key->priv_key_data_size);
+ DAP_DELETE(a_key->priv_key_data);
+ }
+ a_key->priv_key_data_size = 0;
+}
+//------CBC-----------
size_t dap_enc_bf_cbc_decrypt(struct dap_enc_key *a_key, const void * a_in,
size_t a_in_size, void ** a_out) {
uint8_t iv[8];
@@ -131,31 +159,114 @@ void dap_enc_bf_cbc_key_new(struct dap_enc_key * a_key)
a_key->dec_na = dap_enc_bf_cbc_decrypt_fast;
}
-void dap_enc_bf_cbc_key_generate(struct dap_enc_key * a_key, const void *kex_buf,
- size_t kex_size, const void * seed, size_t seed_size, size_t key_size)
+//------OFB-----------
+
+size_t dap_enc_bf_ofb_decrypt(struct dap_enc_key *a_key, const void * a_in,
+ size_t a_in_size, void ** a_out) {
+ uint8_t iv[8];
+
+ if(a_in_size <= 8) {
+ log_it(L_ERROR, "blowfish_cbc decryption ct with iv must be more than 8 bytes and equal to 8*k");
+ return 0;
+ }
+
+
+ *a_out = DAP_NEW_SIZE(uint8_t, a_in_size - 8);
+ memcpy(iv, a_in, 8);
+ int num = 0;//need for concatenate encryptions or decryptions
+ BF_ofb64_encrypt((unsigned char *)(a_in + 8), *a_out, a_in_size - 8,
+ a_key->priv_key_data, iv, &num);
+ size_t a_out_size = a_in_size - 8;
+ return a_out_size;
+}
+
+
+
+size_t dap_enc_bf_ofb_encrypt(struct dap_enc_key * a_key, const void * a_in, size_t a_in_size, void ** a_out)
{
- a_key->last_used_timestamp = time(NULL);
+ //generate iv and put it in *a_out first bytes
+ uint8_t iv[8];
+ randombytes(iv, 8);
+ if(a_in_size <= 0) {
+ log_it(L_ERROR, "blowfish_cbc encryption pt cannot be 0 bytes");
+ return 0;
+ }
- a_key->priv_key_data_size = sizeof(BF_KEY);
- a_key->priv_key_data = DAP_NEW_SIZE(uint8_t, sizeof(BF_KEY));
- uint8_t *tmp_buf = DAP_NEW_SIZE(uint8_t, (BF_ROUNDS + 2)*4);
- Keccak_HashInstance Keccak_ctx;
- Keccak_HashInitialize(&Keccak_ctx, 1088, 512, (BF_ROUNDS + 2)*4*8, 0x06);
- Keccak_HashUpdate(&Keccak_ctx, kex_buf, kex_size*8);
- if(seed_size)
- Keccak_HashUpdate(&Keccak_ctx, seed, seed_size*8);
- Keccak_HashFinal(&Keccak_ctx, tmp_buf);
- BF_set_key(a_key->priv_key_data, (BF_ROUNDS + 2)*4, tmp_buf);
- }
-void dap_enc_bf_cbc_key_delete(struct dap_enc_key *a_key)
+
+ size_t a_out_size = a_in_size + 8;
+ *a_out = DAP_NEW_SIZE(uint8_t, a_out_size);
+ memcpy(*a_out, iv, 8);
+ int num = 0;//need for concatenate encryptions or decryptions
+ BF_ofb64_encrypt((unsigned char *)(a_in), *a_out + 8, a_in_size,
+ a_key->priv_key_data, iv, &num);
+ return a_out_size;
+}
+
+size_t dap_enc_bf_ofb_calc_encode_size(const size_t size_in)
{
- if(a_key->priv_key_data != NULL)
- {
- randombytes(a_key->priv_key_data,a_key->priv_key_data_size);
- DAP_DELETE(a_key->priv_key_data);
+ return size_in + 8;
+}
+
+size_t dap_enc_bf_ofb_calc_decode_size(const size_t size_in)
+{
+ if(size_in <= 8) {
+ log_it(L_ERROR, "blowfish_cbc decryption size_in ct with iv must be more than 8 bytes");
+ return 0;
}
- a_key->priv_key_data_size = 0;
+ return size_in - 8;
+}
+
+size_t dap_enc_bf_ofb_decrypt_fast(struct dap_enc_key *a_key, const void * a_in,
+ size_t a_in_size, void * a_out, size_t buf_out_size) {
+ if(a_in_size - 8 > buf_out_size) {
+ log_it(L_ERROR, "blowfish_cbc fast_decryption too small buf_out_size or not 8*k");
+ return 0;
+ }
+ uint8_t iv[8];
+ //BF_KEY *key=a_key->priv_key_data;
+
+ memcpy(iv, a_in, 8);
+ int num = 0;//need for concatenate encryptions or decryptions
+
+ BF_ofb64_encrypt((unsigned char *)(a_in + 8), a_out, a_in_size - 8,
+ a_key->priv_key_data, iv, &num);
+
+ size_t a_out_size = a_in_size - 8;
+ return a_out_size;
}
+
+
+
+size_t dap_enc_bf_ofb_encrypt_fast(struct dap_enc_key * a_key, const void * a_in, size_t a_in_size, void * a_out,size_t buf_out_size)
+{
+ //generate iv and put it in *a_out first bytes
+ size_t a_out_size = a_in_size + 8;
+ if(a_out_size > buf_out_size) {
+ log_it(L_ERROR, "blowfish_cbc fast_encryption too small buf_out_size");
+ return 0;
+ }
+
+ uint8_t iv[8];
+ randombytes(iv, 8);
+
+ memcpy(a_out, iv, 8);
+ int num = 0;//need for concatenate encryptions or decryptions
+ BF_ofb64_encrypt((unsigned char *)(a_in), a_out + 8, a_in_size,
+ a_key->priv_key_data, iv, &num);
+ return a_out_size;
+ }
+void dap_enc_bf_ofb_key_new(struct dap_enc_key * a_key)
+{
+ a_key->_inheritor = NULL;//(uint8_t *) bf_cbc_alloc();
+ a_key->_inheritor_size = 0;//sizeof(bf_cbc_ctx);
+ a_key->type = DAP_ENC_KEY_TYPE_BF_OFB;
+ a_key->enc = dap_enc_bf_ofb_encrypt;
+ a_key->dec = dap_enc_bf_ofb_decrypt;
+ a_key->enc_na = dap_enc_bf_ofb_encrypt_fast;
+ a_key->dec_na = dap_enc_bf_ofb_decrypt_fast;
+}
+
+
diff --git a/src/dap_enc_key.c b/src/dap_enc_key.c
index c90d8136810fb0ee3e73ab78d4ea208339170525..6298a516d6ccd68f27fff78dc93c5a39733c820b 100755
--- a/src/dap_enc_key.c
+++ b/src/dap_enc_key.c
@@ -25,7 +25,7 @@
#include "dap_enc_iaes.h"
#include "dap_enc_oaes.h"
-#include "dap_enc_bf_cbc.h"
+#include "dap_enc_bf.h"
#include "dap_enc_msrln.h"
#include "dap_enc_defeo.h"
#include "dap_enc_picnic.h"
@@ -105,8 +105,8 @@ struct dap_enc_key_callbacks{
.dec = dap_enc_bf_cbc_decrypt,
.dec_na = dap_enc_bf_cbc_decrypt_fast ,
.new_callback = dap_enc_bf_cbc_key_new,
- .delete_callback = dap_enc_bf_cbc_key_delete,
- .new_generate_callback = dap_enc_bf_cbc_key_generate,
+ .delete_callback = dap_enc_bf_key_delete,
+ .new_generate_callback = dap_enc_bf_key_generate,
.gen_key_public = NULL,
.gen_key_public_size = NULL,
.enc_out_size = dap_enc_bf_cbc_calc_encode_size,
@@ -114,6 +114,22 @@ struct dap_enc_key_callbacks{
.sign_get = NULL,
.sign_verify = NULL
},
+ [DAP_ENC_KEY_TYPE_BF_OFB]={
+ .name = "BF_OFB",
+ .enc = dap_enc_bf_ofb_encrypt,
+ .enc_na = dap_enc_bf_ofb_encrypt_fast ,
+ .dec = dap_enc_bf_ofb_decrypt,
+ .dec_na = dap_enc_bf_ofb_decrypt_fast ,
+ .new_callback = dap_enc_bf_ofb_key_new,
+ .delete_callback = dap_enc_bf_key_delete,
+ .new_generate_callback = dap_enc_bf_key_generate,
+ .gen_key_public = NULL,
+ .gen_key_public_size = NULL,
+ .enc_out_size = dap_enc_bf_ofb_calc_encode_size,
+ .dec_out_size = dap_enc_bf_ofb_calc_decode_size,
+ .sign_get = NULL,
+ .sign_verify = NULL
+ },
[DAP_ENC_KEY_TYPE_MSRLN] = {
.name = "MSRLN",
.enc = NULL,
diff --git a/src/rand/dap_rand.c b/src/rand/dap_rand.c
index e730ee27d76c4c879cb7bf4740f696cf0d71def5..145f1466e998af2caf3472fb1a6ccc3119e7f920 100755
--- a/src/rand/dap_rand.c
+++ b/src/rand/dap_rand.c
@@ -28,12 +28,12 @@ uint32_t random_uint32_t(const uint32_t MAX_NUMBER)
int randombase64(void*random_array, unsigned int size)
{
- int off = size - (size*8/32)*24;
- int odd_signs = size - ((size*8/32)*24)*32;
+ int off = size - (size/4)*3;
+ int odd_signs = size - ((size/4)*4);
if(odd_signs < size)
{
- randombytes(random_array + off, (size*6)/8);
- dap_enc_base64_encode(random_array + off, (size*6)/8,random_array,DAP_ENC_DATA_TYPE_B64);
+ randombytes(random_array + off, (size/4)*3);
+ dap_enc_base64_encode(random_array + off, (size/4)*3,random_array,DAP_ENC_DATA_TYPE_B64);
}
if(odd_signs)
{
diff --git a/test/crypto/dap_enc_bf_cbc_test.c b/test/crypto/dap_enc_bf_test.c
similarity index 62%
rename from test/crypto/dap_enc_bf_cbc_test.c
rename to test/crypto/dap_enc_bf_test.c
index 63d62a4ce9e5c9d93d8041d79f58ecd66ac13751..e4afad6f3ec2ac38e32e7eff6148380814fafa59 100644
--- a/test/crypto/dap_enc_bf_cbc_test.c
+++ b/test/crypto/dap_enc_bf_test.c
@@ -3,12 +3,12 @@
#include"dap_test.h"
//#include"blowfish/blowfish.h"
-static void test_encode_decode(int count_steps)
+static void test_encode_decode(int count_steps, const dap_enc_key_type_t key_type)
{
size_t source_size = 0;
for(int i = 0; i < count_steps; i++) {
- source_size = 1 + random_uint32_t(20000);
+ source_size = 1 + random_uint32_t(10000);
// printf("src_size = %d\n", source_size);fflush(stdout);
const size_t seed_size = 16;
uint8_t seed[seed_size];
@@ -19,44 +19,43 @@ static void test_encode_decode(int count_steps)
randombytes(seed, seed_size);
randombytes(kex, kex_size);
- dap_enc_key_t* key = dap_enc_key_new_generate(DAP_ENC_KEY_TYPE_BF_CBC, kex, kex_size, seed, seed_size, 32);
+ dap_enc_key_t* key = dap_enc_key_new_generate(key_type, kex, kex_size, seed, seed_size, 32);
+
+ const int verb = 0;
+ uint8_t *source = DAP_NEW_SIZE(uint8_t, source_size+verb);
- uint8_t *source = DAP_NEW_SIZE(uint8_t, source_size+0);
- memset(source, 0xff, source_size + 0);
-// for(int i = 0; i < 16; ++i)
-// printf("%.2x ", source[i]);
-// printf("\n");fflush(stdout);
randombase64(source, source_size);
-// for(int i = 0; i < 16; ++i)
+// for(int i = 0; i < source_size; ++i)
// printf("%.2x ", source[i]);
-// printf("\n");fflush(stdout);
+// printf(" = len(%d)\n", source_size);fflush(stdout);
uint8_t * buf_encrypted = NULL;
uint8_t * buf_decrypted = NULL;
size_t encrypted_size = key->enc(key, source, source_size, (void**) &buf_encrypted);
-// for(int i = 0; i < 16; ++i)
-// printf("%.2x ", source[i]);
-// printf("\n");fflush(stdout);
- //buf_encrypted[encrypted_size-1]=0;
-// DAP_DELETE(source);
-
+ if(verb)
+ {
+ for(int i = 0; i < 24; ++i)
+ printf("%.2x ", source[i]);
+ printf("\n");fflush(stdout);
+ }
size_t result_size = key->dec(key, buf_encrypted, encrypted_size, (void**) &buf_decrypted);
- // DAP_DELETE(source);
-
-// printf("pt_size = %d, decr_size = %d, encrypted_size = %d\n", source_size, result_size,encrypted_size);
-// fflush(stdout);
-// source[source_size] = 0;
-// //printf("pt = %s\n", source);
-// fflush(stdout);
-// // printf("pt2 = %s\n", buf_decrypted);
-// fflush(stdout);
-
+ if(verb)
+ {
+ printf("pt_size = %d, decr_size = %d, encrypted_size = %d\n", source_size, result_size,encrypted_size);
+ fflush(stdout);
+ source[source_size] = 0;
+ printf("pt = %s\n", source);
+ fflush(stdout);
+ printf("pt2 = %s\n", buf_decrypted);
+ fflush(stdout);
+ }
dap_assert_PIF(source_size == result_size, "Check result decode size");
dap_assert_PIF(memcmp(source, buf_decrypted, source_size) == 0,
"Check source and encode->decode data");
+ DAP_DELETE(source);
free(buf_encrypted);
free(buf_decrypted);
dap_enc_key_delete(key);
@@ -65,7 +64,7 @@ static void test_encode_decode(int count_steps)
dap_pass_msg("Encode and decode");
}
-static void test_encode_decode_fast(int count_steps)
+static void test_encode_decode_fast(int count_steps, const dap_enc_key_type_t key_type)
{
const size_t buf_size = 4096;
char buf_encrypt_out[buf_size];
@@ -81,7 +80,7 @@ static void test_encode_decode_fast(int count_steps)
randombytes(seed, seed_size);
randombytes(kex, kex_size);
- dap_enc_key_t* key = dap_enc_key_new_generate(DAP_ENC_KEY_TYPE_BF_CBC, kex, kex_size, NULL, 0, 32);
+ dap_enc_key_t* key = dap_enc_key_new_generate(key_type, kex, kex_size, NULL, 0, 32);
size_t source_size = 0;
@@ -119,14 +118,20 @@ static void cleanup_test_case()
{
dap_enc_key_deinit();
}
-
-void dap_enc_bf_cbc_tests_run()
+#include"blowfish/blowfish.h"
+void dap_enc_bf_tests_run()
{
dap_print_module_name("dap_enc_bf_cbc");
init_test_case();
+ test_encode_decode(100, DAP_ENC_KEY_TYPE_BF_CBC);
+ test_encode_decode_fast(100, DAP_ENC_KEY_TYPE_BF_CBC);
+ cleanup_test_case();
- test_encode_decode(100);
- test_encode_decode_fast(100);
-
+ dap_print_module_name("dap_enc_bf_ofb");
+ init_test_case();
+ test_encode_decode(100, DAP_ENC_KEY_TYPE_BF_OFB);
+ test_encode_decode_fast(100, DAP_ENC_KEY_TYPE_BF_OFB);
cleanup_test_case();
+
+
}
diff --git a/test/crypto/main.c b/test/crypto/main.c
index 436ef8f547fa341de9c5fe328cef87c75619e57a..37a2c59d0972f456aa905fd83d095ae0b18bfe83 100755
--- a/test/crypto/main.c
+++ b/test/crypto/main.c
@@ -14,7 +14,7 @@
#include "rand/dap_rand.h"
#include "dap_common.h"
-void dap_enc_bf_cbc_tests_run();
+void dap_enc_bf_tests_run();
int main(void)
{
@@ -22,7 +22,7 @@ int main(void)
dap_log_level_set(L_CRITICAL);
//
- dap_enc_bf_cbc_tests_run();
+ dap_enc_bf_tests_run();
//dap_enc_ringct20_tests_run(100);
return 0;
dap_enc_picnic_tests_run();