diff --git a/CMakeLists.txt.user b/CMakeLists.txt.user
index 3d708f47ba113c67877250b5ab2dd289e3be9cf0..1a3295e2731d2ff1587db43601a33f08c1644366 100644
--- a/CMakeLists.txt.user
+++ b/CMakeLists.txt.user
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE QtCreatorProject>
-<!-- Written by QtCreator 4.11.2, 2020-04-24T10:38:37. -->
+<!-- Written by QtCreator 4.11.2, 2020-04-25T15:27:51. -->
<qtcreator>
<data>
<variable>EnvironmentId</variable>
diff --git a/src/blowfish/bf_enc.c b/src/blowfish/bf_enc.c
index 0d538d7e75e2600ecaf4b7f04fb0ce6f18ca3f3b..05576bf868ea6eaddaad0facfaf8740355384ebf 100644
--- a/src/blowfish/bf_enc.c
+++ b/src/blowfish/bf_enc.c
@@ -11,6 +11,7 @@
# error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
to modify the code.
#endif
+//#include<stdio.h>
void BF_encrypt(BF_LONG *data, const BF_KEY *key)
{
@@ -115,8 +116,24 @@ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
l2n(tout0, out);
l2n(tout1, out);
}
- if (l != -8) {
- n2ln(in, tin0, tin1, l + 8);
+ if (1||l != -8) {
+ unsigned char tmpin[16];
+ unsigned char *ptmpin = tmpin;
+ memcpy(tmpin, in, l + 8);
+ memcpy(tmpin + l + 8, &length, 4);
+ int pad_length = (8-(l + 8 + 4 + 1)%8)%8;
+ for(int i = 0; i < pad_length; ++i)
+ {
+ tmpin[l+8+4+i]=16;//prng better
+ }
+ tmpin[l+8+4+pad_length]=pad_length;
+// for(int i = 0; i < l + 8 + 4 +1 +pad_length; ++i)
+// {
+// printf("%.2x ", tmpin[i]);
+// }
+// printf("\n");fflush(stdout);
+ n2l(ptmpin, tin0);
+ n2l(ptmpin, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
@@ -126,6 +143,32 @@ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
+ if(l+8+4+pad_length + 1 == 16)
+ {
+ n2l(ptmpin, tin0);
+ n2l(ptmpin, tin1);
+ tin0 ^= tout0;
+ tin1 ^= tout1;
+ tin[0] = tin0;
+ tin[1] = tin1;
+ BF_encrypt(tin, schedule);
+ tout0 = tin[0];
+ tout1 = tin[1];
+ l2n(tout0, out);
+ l2n(tout1, out);
+ }
+
+
+// n2ln(in, tin0, tin1, l + 8);
+// tin0 ^= tout0;
+// tin1 ^= tout1;
+// tin[0] = tin0;
+// tin[1] = tin1;
+// BF_encrypt(tin, schedule);
+// tout0 = tin[0];
+// tout1 = tin[1];
+// l2n(tout0, out);
+// l2n(tout1, out);
}
l2n(tout0, ivec);
l2n(tout1, ivec);
diff --git a/src/dap_enc_bf_cbc.c b/src/dap_enc_bf_cbc.c
index 481dbcc4ec0b27d3b10d870e58bd7d4e4f9e369a..287718265511459bbde8244565b78cd5beb1d265 100644
--- a/src/dap_enc_bf_cbc.c
+++ b/src/dap_enc_bf_cbc.c
@@ -17,13 +17,25 @@ size_t dap_enc_bf_cbc_decrypt(struct dap_enc_key *a_key, const void * a_in,
size_t a_in_size, void ** a_out) {
uint8_t iv[8];
//BF_KEY *key=a_key->priv_key_data;
+ if(a_in_size <= 8 || a_in_size%8) {
+ log_it(L_ERROR, "blowfish_cbc decryption ct with iv must be more than 8 bytes and equal to 8*k");
+ return 0;
+ }
*a_out = DAP_NEW_SIZE(uint8_t, a_in_size - 8);
memcpy(iv, a_in, 8);
BF_cbc_encrypt((unsigned char *)(a_in + 8), *a_out, a_in_size - 8,
a_key->priv_key_data, iv, BF_DECRYPT);
- size_t a_out_size = a_in_size - 8;
+ int bf_cbc_padding_length = *(uint8_t*)(*a_out + a_in_size - 8 - 1);
+
+// for(int i=0;i < bf_cbc_padding_length + 4 + 1; ++i)
+// printf("%.2x ", *(uint8_t*)(*a_out + a_in_size - 8 - 1 - bf_cbc_padding_length - 4 + i));
+// for(int i=0;i < a_in_size - 8; ++i)
+// printf("%.2x ", *(uint8_t*)(*a_out + i));
+// printf("\n");
+// fflush(stdout);
+ size_t a_out_size = *(uint32_t*)(*a_out + a_in_size - 8 - 1 - bf_cbc_padding_length - 4);
return a_out_size;
}
@@ -35,37 +47,52 @@ size_t dap_enc_bf_cbc_encrypt(struct dap_enc_key * a_key, const void * a_in, siz
uint8_t iv[8];
randombytes(iv, 8);
+ if(a_in_size <= 0) {
+ log_it(L_ERROR, "blowfish_cbc encryption pt cannot be 0 bytes");
+ return 0;
+ }
+
// BF_KEY *key = a_key->priv_key_data;
- *a_out = DAP_NEW_SIZE(uint8_t, a_in_size + 8);
+ size_t a_out_size = (a_in_size + 4 + 1 + 7)/8*8 + 8;
+ *a_out = DAP_NEW_SIZE(uint8_t, a_out_size);
memcpy(*a_out, iv, 8);
BF_cbc_encrypt((unsigned char *)(a_in), *a_out + 8, a_in_size,
a_key->priv_key_data, iv, BF_ENCRYPT);
- size_t a_out_size = a_in_size + 8;
return a_out_size;
}
size_t dap_enc_bf_cbc_calc_encode_size(const size_t size_in)
{
- return size_in + 8;
+ return (size_in + 4 + 1 + 7)/8*8 + 8;
}
size_t dap_enc_bf_cbc_calc_decode_size(const size_t size_in)
{
+ if(size_in <= 8) {
+ log_it(L_ERROR, "blowfish_cbc decryption size_in ct with iv must be more than 8 bytes");
+ return 0;
+ }
return size_in - 8;
}
size_t dap_enc_bf_cbc_decrypt_fast(struct dap_enc_key *a_key, const void * a_in,
- size_t a_in_size, void * a_out,size_t buf_out_size) {
+ size_t a_in_size, void * a_out, size_t buf_out_size) {
+ if(a_in_size - 8 > buf_out_size || a_in_size %8) {
+ log_it(L_ERROR, "blowfish_cbc fast_decryption too small buf_out_size or not 8*k");
+ return 0;
+ }
uint8_t iv[8];
//BF_KEY *key=a_key->priv_key_data;
-
memcpy(iv, a_in, 8);
BF_cbc_encrypt((unsigned char *)(a_in + 8), a_out, a_in_size - 8,
a_key->priv_key_data, iv, BF_DECRYPT);
- size_t a_out_size = a_in_size - 8;
+
+ int bf_cbc_padding_length = *(uint8_t*)(a_out + a_in_size - 8 - 1);
+
+ size_t a_out_size = *(uint32_t*)(a_out + a_in_size - 8 - 1 - bf_cbc_padding_length - 4);
return a_out_size;
}
@@ -74,6 +101,12 @@ size_t dap_enc_bf_cbc_decrypt_fast(struct dap_enc_key *a_key, const void * a_in,
size_t dap_enc_bf_cbc_encrypt_fast(struct dap_enc_key * a_key, const void * a_in, size_t a_in_size, void * a_out,size_t buf_out_size)
{
//generate iv and put it in *a_out first bytes
+ size_t a_out_size = (a_in_size + 4 + 1 + 7)/8*8 + 8;
+ if(a_out_size > buf_out_size) {
+ log_it(L_ERROR, "blowfish_cbc fast_encryption too small buf_out_size");
+ return 0;
+ }
+
uint8_t iv[8];
randombytes(iv, 8);
@@ -83,7 +116,6 @@ size_t dap_enc_bf_cbc_encrypt_fast(struct dap_enc_key * a_key, const void * a_in
memcpy(a_out, iv, 8);
BF_cbc_encrypt((unsigned char *)(a_in), a_out + 8, a_in_size,
a_key->priv_key_data, iv, BF_ENCRYPT);
- size_t a_out_size = a_in_size + 8;
return a_out_size;
}
@@ -95,8 +127,8 @@ void dap_enc_bf_cbc_key_new(struct dap_enc_key * a_key)
a_key->type = DAP_ENC_KEY_TYPE_BF_CBC;
a_key->enc = dap_enc_bf_cbc_encrypt;
a_key->dec = dap_enc_bf_cbc_decrypt;
- a_key->enc_na = dap_enc_bf_cbc_encrypt_fast;//maybe exclude it
- a_key->dec_na = dap_enc_bf_cbc_decrypt_fast;//maybe exclude it
+ a_key->enc_na = dap_enc_bf_cbc_encrypt_fast;
+ a_key->dec_na = dap_enc_bf_cbc_decrypt_fast;
}
void dap_enc_bf_cbc_key_generate(struct dap_enc_key * a_key, const void *kex_buf,
@@ -127,43 +159,3 @@ void dap_enc_bf_cbc_key_delete(struct dap_enc_key *a_key)
}
a_key->priv_key_data_size = 0;
}
-
-#ifdef NOT_REVISED_YET
-
-
-
-
-
-
-
-// Writes result ( out ) in already allocated buffer
-size_t dap_enc_bf_cbc_decrypt_fast(struct dap_enc_key * a_key, const void * a_in, size_t a_in_size,
- void * buf_out, size_t buf_out_size)
-{
- OAES_CTX *ctx = get_bf_cbc_ctx(a_key);
- if(!ctx)
- return 0;
-
- OAES_RET ret = bf_cbc_decrypt(ctx, a_in, a_in_size, buf_out, &buf_out_size);
- if(ret != OAES_RET_SUCCESS) {
- buf_out_size = 0;
- }
- return buf_out_size;
-}
-
-// Writes result ( out ) in already allocated buffer
-size_t dap_enc_bf_cbc_encrypt_fast(struct dap_enc_key * a_key, const void * a_in,
- size_t a_in_size, void * buf_out, size_t buf_out_size)
-{
- OAES_CTX *ctx = get_bf_cbc_ctx(a_key);
- if(!ctx)
- return 0;
-
- OAES_RET ret = bf_cbc_encrypt(ctx, a_in, a_in_size, buf_out, &buf_out_size);
- if(ret != OAES_RET_SUCCESS) {
- buf_out_size = 0;
- }
- return buf_out_size;
-}
-
-#endif
diff --git a/src/rand/dap_rand.c b/src/rand/dap_rand.c
index cbdddadcb39c550c52b07ebad9b6d045f2439d9a..e730ee27d76c4c879cb7bf4740f696cf0d71def5 100755
--- a/src/rand/dap_rand.c
+++ b/src/rand/dap_rand.c
@@ -28,10 +28,13 @@ uint32_t random_uint32_t(const uint32_t MAX_NUMBER)
int randombase64(void*random_array, unsigned int size)
{
- int off = size - (size*6)/8;
- int odd_signs = size - ((size*6)/8)*8;
- randombytes(random_array + off, (size*6)/8);
- dap_enc_base64_encode(random_array + off, (size*6)/8,random_array,DAP_ENC_DATA_TYPE_B64);
+ int off = size - (size*8/32)*24;
+ int odd_signs = size - ((size*8/32)*24)*32;
+ if(odd_signs < size)
+ {
+ randombytes(random_array + off, (size*6)/8);
+ dap_enc_base64_encode(random_array + off, (size*6)/8,random_array,DAP_ENC_DATA_TYPE_B64);
+ }
if(odd_signs)
{
uint8_t tmpv[7];
diff --git a/test/crypto/dap_enc_bf_cbc_test.c b/test/crypto/dap_enc_bf_cbc_test.c
index 66b78e41d16a51fabea23cfd31cdaaa1745369a5..63d62a4ce9e5c9d93d8041d79f58ecd66ac13751 100644
--- a/test/crypto/dap_enc_bf_cbc_test.c
+++ b/test/crypto/dap_enc_bf_cbc_test.c
@@ -8,8 +8,8 @@ static void test_encode_decode(int count_steps)
size_t source_size = 0;
for(int i = 0; i < count_steps; i++) {
- source_size = 1 + random_uint32_t(20);
-
+ source_size = 1 + random_uint32_t(20000);
+// printf("src_size = %d\n", source_size);fflush(stdout);
const size_t seed_size = 16;
uint8_t seed[seed_size];
@@ -21,22 +21,35 @@ static void test_encode_decode(int count_steps)
dap_enc_key_t* key = dap_enc_key_new_generate(DAP_ENC_KEY_TYPE_BF_CBC, kex, kex_size, seed, seed_size, 32);
- uint8_t *source = DAP_NEW_SIZE(uint8_t, source_size + 1);
+ uint8_t *source = DAP_NEW_SIZE(uint8_t, source_size+0);
+ memset(source, 0xff, source_size + 0);
+// for(int i = 0; i < 16; ++i)
+// printf("%.2x ", source[i]);
+// printf("\n");fflush(stdout);
randombase64(source, source_size);
+// for(int i = 0; i < 16; ++i)
+// printf("%.2x ", source[i]);
+// printf("\n");fflush(stdout);
uint8_t * buf_encrypted = NULL;
uint8_t * buf_decrypted = NULL;
size_t encrypted_size = key->enc(key, source, source_size, (void**) &buf_encrypted);
+// for(int i = 0; i < 16; ++i)
+// printf("%.2x ", source[i]);
+// printf("\n");fflush(stdout);
+ //buf_encrypted[encrypted_size-1]=0;
+// DAP_DELETE(source);
size_t result_size = key->dec(key, buf_encrypted, encrypted_size, (void**) &buf_decrypted);
+ // DAP_DELETE(source);
-// printf("pt_size = %d, decr_size = %d\n", source_size, result_size);
+// printf("pt_size = %d, decr_size = %d, encrypted_size = %d\n", source_size, result_size,encrypted_size);
// fflush(stdout);
// source[source_size] = 0;
-// printf("pt = %s\n", source);
+// //printf("pt = %s\n", source);
// fflush(stdout);
-// printf("pt2 = %s\n", buf_decrypted);
+// // printf("pt2 = %s\n", buf_decrypted);
// fflush(stdout);
dap_assert_PIF(source_size == result_size, "Check result decode size");
@@ -44,7 +57,6 @@ static void test_encode_decode(int count_steps)
dap_assert_PIF(memcmp(source, buf_decrypted, source_size) == 0,
"Check source and encode->decode data");
- DAP_DELETE(source);
free(buf_encrypted);
free(buf_decrypted);
dap_enc_key_delete(key);
@@ -74,15 +86,15 @@ static void test_encode_decode_fast(int count_steps)
size_t source_size = 0;
for(int i = 0; i < count_steps; i++) {
- source_size = 1 + random_uint32_t(20);
+ source_size = 1 + random_uint32_t(2000);
- uint8_t *source = DAP_NEW_SIZE(uint8_t,source_size + 1);
+ uint8_t *source = DAP_NEW_SIZE(uint8_t,source_size + 0);
randombase64(source, source_size);
- size_t encrypted_size = key->enc_na(key, source, source_size, buf_encrypt_out, source_size + 8);
+ size_t encrypted_size = key->enc_na(key, source, source_size, buf_encrypt_out, buf_size);
- size_t result_size = key->dec_na(key, buf_encrypt_out, encrypted_size, buf_decrypt_out, encrypted_size - 8);
+ size_t result_size = key->dec_na(key, buf_encrypt_out, encrypted_size, buf_decrypt_out, buf_size);
@@ -113,7 +125,7 @@ void dap_enc_bf_cbc_tests_run()
dap_print_module_name("dap_enc_bf_cbc");
init_test_case();
- test_encode_decode(50);
+ test_encode_decode(100);
test_encode_decode_fast(100);
cleanup_test_case();
diff --git a/test/crypto/main.c b/test/crypto/main.c
index 71f0368ab27b1df1c3b5a55aeaf2cc8d0aa3a73d..436ef8f547fa341de9c5fe328cef87c75619e57a 100755
--- a/test/crypto/main.c
+++ b/test/crypto/main.c
@@ -20,6 +20,8 @@ int main(void)
{
// switch off debug info from library
dap_log_level_set(L_CRITICAL);
+ //
+
dap_enc_bf_cbc_tests_run();
//dap_enc_ringct20_tests_run(100);
return 0;
@@ -28,6 +30,7 @@ int main(void)
dap_enc_dilithium_tests_run();
dap_enc_aes_tests_run();
dap_enc_oaes_tests_run();
+
dap_enc_base64_tests_run();
dap_enc_base58_tests_run();
dap_enc_msrln_tests_run();