/** * @brief Seed generation * * Generates a seed for the Blinding Polynomial Generation Function. * * @param msg the plain-text message * @param msg_len number of characters in msg * @param h the public key * @param b db bits of random data * @param params encryption parameters * @param seed output parameter; an array to write the seed value to */ void ntru_get_seed(uint8_t *msg, uint16_t msg_len, NtruIntPoly *h, uint8_t *b, const NtruEncParams *params, uint8_t *seed) { uint16_t oid_len = sizeof params->oid; uint16_t pklen = params->pklen; uint8_t bh[ntru_enc_len(params)]; ntru_to_arr(h, params->q, (uint8_t*)&bh); uint8_t htrunc[pklen/8]; memcpy(&htrunc, &bh, pklen/8); /* seed = OID|m|b|htrunc */ uint16_t blen = params->db/8; memcpy(seed, ¶ms->oid, oid_len); seed += oid_len; memcpy(seed, msg, msg_len); seed += msg_len; memcpy(seed, b, blen); seed += blen; memcpy(seed, &htrunc, pklen/8); }
/* tests ntru_encrypt() with a non-deterministic RNG */ uint8_t test_encr_decr_nondet(NtruEncParams *params) { NtruEncKeyPair kp; NtruRandGen rng = NTRU_RNG_DEFAULT; NtruRandContext rand_ctx; uint8_t valid = ntru_rand_init(&rand_ctx, &rng) == NTRU_SUCCESS; valid &= ntru_gen_key_pair(params, &kp, &rand_ctx) == NTRU_SUCCESS; uint16_t max_len = ntru_max_msg_len(params); uint8_t plain[max_len]; valid &= ntru_rand_generate(plain, max_len, &rand_ctx) == NTRU_SUCCESS; uint16_t enc_len = ntru_enc_len(params); uint8_t encrypted[enc_len]; uint8_t decrypted[max_len]; uint16_t plain_len; for (plain_len=0; plain_len<=max_len; plain_len++) { valid &= ntru_encrypt((uint8_t*)&plain, plain_len, &kp.pub, params, &rand_ctx, (uint8_t*)&encrypted) == NTRU_SUCCESS; uint16_t dec_len; valid &= ntru_decrypt((uint8_t*)&encrypted, &kp, params, (uint8_t*)&decrypted, &dec_len) == NTRU_SUCCESS; valid &= equals_arr((uint8_t*)&plain, (uint8_t*)&decrypted, plain_len); } valid &= ntru_rand_release(&rand_ctx) == NTRU_SUCCESS; return valid; }
/* tests ntru_encrypt() with a deterministic RNG */ uint8_t test_encr_decr_det(NtruEncParams *params, uint8_t *digest_expected) { NtruEncKeyPair kp; uint8_t valid = gen_key_pair("seed value for key generation", params, &kp) == NTRU_SUCCESS; uint8_t pub_arr[ntru_pub_len(params)]; ntru_export_pub(&kp.pub, pub_arr); NtruEncPubKey pub2; ntru_import_pub(pub_arr, &pub2); valid &= ntru_equals_int(&kp.pub.h, &pub2.h); NtruRandContext rand_ctx_plaintext; uint16_t max_len = ntru_max_msg_len(params); uint8_t plain[max_len]; NtruRandGen rng_plaintext = NTRU_RNG_IGF2; char plain_seed_char[25]; strcpy(plain_seed_char, "seed value for plaintext"); uint8_t plain_seed[25]; str_to_uint8(plain_seed_char, plain_seed); valid &= ntru_rand_init_det(&rand_ctx_plaintext, &rng_plaintext, plain_seed, strlen(plain_seed_char)) == NTRU_SUCCESS; valid &= ntru_rand_generate(plain, max_len, &rand_ctx_plaintext) == NTRU_SUCCESS; valid &= ntru_rand_release(&rand_ctx_plaintext) == NTRU_SUCCESS; uint8_t plain2[max_len]; memcpy(plain2, plain, max_len); uint16_t enc_len = ntru_enc_len(params); uint8_t encrypted[enc_len]; uint8_t encrypted2[enc_len]; char seed_char[11]; strcpy(seed_char, "seed value"); uint8_t seed[11]; str_to_uint8(seed_char, seed); char seed2_char[11]; strcpy(seed2_char, "seed value"); uint8_t seed2[11]; str_to_uint8(seed2_char, seed2); NtruRandContext rand_ctx; NtruRandGen rng = NTRU_RNG_IGF2; valid &= ntru_rand_init_det(&rand_ctx, &rng, seed, strlen(seed_char)) == NTRU_SUCCESS; NtruRandContext rand_ctx2; NtruRandGen rng2 = NTRU_RNG_IGF2; valid &= ntru_rand_init_det(&rand_ctx2, &rng2, seed2, strlen(seed2_char)) == NTRU_SUCCESS; uint8_t decrypted[max_len]; uint16_t plain_len; uint16_t dec_len; for (plain_len=0; plain_len<=max_len; plain_len++) { valid &= ntru_encrypt((uint8_t*)&plain, plain_len, &kp.pub, params, &rand_ctx, (uint8_t*)&encrypted) == NTRU_SUCCESS; valid &= ntru_encrypt((uint8_t*)&plain2, plain_len, &pub2, params, &rand_ctx2, (uint8_t*)&encrypted2) == NTRU_SUCCESS; valid &= memcmp(encrypted, encrypted2, enc_len) == 0; valid &= ntru_decrypt((uint8_t*)&encrypted, &kp, params, (uint8_t*)&decrypted, &dec_len) == NTRU_SUCCESS; valid &= equals_arr((uint8_t*)&plain, (uint8_t*)&decrypted, plain_len); } uint8_t digest[20]; ntru_sha1(encrypted, enc_len, digest); valid &= memcmp(digest, digest_expected, 20) == 0; valid &= ntru_rand_release(&rand_ctx) == NTRU_SUCCESS; valid &= ntru_rand_release(&rand_ctx2) == NTRU_SUCCESS; return valid; }
int main(int argc, const char * argv[]) { // printf("The argument supplied is %s\n", argv[1]); struct NtruEncParams params = NTRU_DEFAULT_PARAMS_128_BITS; /*see encparams.h for more*/ NtruRandGen rng_def = NTRU_RNG_DEFAULT; NtruRandContext rand_ctx_def; if (ntru_rand_init(&rand_ctx_def, &rng_def) != NTRU_SUCCESS) printf("rng fail\n"); NtruEncKeyPair kp; if (ntru_gen_key_pair(¶ms, &kp, &rand_ctx_def) != NTRU_SUCCESS) printf("keygen fail\n"); /* deterministic key generation from password */ // uint8_t seed[sizeof(argv[1])]; // strcpy(seed, argv[1]); uint8_t seed[sizeof("testttsdsdfsfdfsdfsrrttrwwerwerwer34536")]; strcpy(seed, "testttsdsdfsfdfsdfsrrttrwwerwerwer34536"); NtruRandGen rng_igf2 = NTRU_RNG_IGF2; NtruRandContext rand_ctx_igf2; if (ntru_rand_init_det(&rand_ctx_igf2, &rng_igf2, seed, strlen(seed)) != NTRU_SUCCESS) printf("rng fail\n"); if (ntru_gen_key_pair(¶ms, &kp, &rand_ctx_igf2) != NTRU_SUCCESS) printf("keygen fail\n"); uint16_t pub_len=ntru_pub_len(¶ms); uint16_t priv_len=ntru_priv_len(¶ms); printf("pub len: %i\n",pub_len); printf("priv len: %i\n",priv_len); uint8_t pubK[pub_len]; uint8_t privK[priv_len]; // ntru_export_pub(&kp.pub, pubK); ntru_export_priv(&kp.priv, privK); // printf("----------------------------\n"); // pubK[0]; // printf("%u\n",pubK[0]); // printf("%u\n",privK[1]); // printf("%u\n",pubK[2]); // printf("----------------------------\n"); /* encryption */ uint8_t msg[60]; strcpy(msg, "whateverr12345whateverr12345whateverr12345whateverr12345"); uint8_t enc[ntru_enc_len(¶ms)]; if (ntru_encrypt(msg, strlen(msg), &kp.pub, ¶ms, &rand_ctx_def, enc) != NTRU_SUCCESS) printf("encrypt fail\n"); // printf(enc); /* release RNG resources */ if (ntru_rand_release(&rand_ctx_def) != NTRU_SUCCESS) printf("rng fail\n"); if (ntru_rand_release(&rand_ctx_igf2) != NTRU_SUCCESS) printf("rng fail\n"); /* decryption */ uint8_t dec[ntru_max_msg_len(¶ms)]; uint16_t dec_len; if (ntru_decrypt((uint8_t*)&enc, &kp, ¶ms, (uint8_t*)&dec, &dec_len) != NTRU_SUCCESS) printf("decrypt fail\n"); // // /* export key to uint8_t array */ // uint8_t pub_arr[ntru_pub_len(¶ms)]; // ntru_export_pub(&kp.pub, pub_arr); // // /* import key from uint8_t array */ // NtruEncPubKey pub; // ntru_import_pub(pub_arr, &pub); FILE *privFile = fopen("priv.key", "w"); for(int i;i<priv_len;i++){ fprintf(privFile, "%d", privK[i]); } fclose(privFile); FILE *pubFile = fopen("pub.key", "w"); for(int i;i<pub_len;i++){ fprintf(pubFile, "%d", pubK[i]); } fclose(pubFile); return 0; }