void NNOBOTExtSnd::XORandOWF(uint8_t* idaptr, uint8_t* idbptr, uint64_t rowbytelen, uint8_t* tmpbuf,
uint8_t* resbuf, uint8_t* hash_buf) {
memset(tmpbuf, 0, rowbytelen);
for(uint64_t j = 0; j < rowbytelen/sizeof(uint64_t); j++) {
((uint64_t*) tmpbuf)[j] = ((uint64_t*) tmpbuf)[j] ^ ((uint64_t*) idaptr)[j] ^ ((uint64_t*) idbptr)[j];
}
#ifdef DEBUG_NNOB_CHECKS_INPUT
cout << "XOR-OWF Input:\t" << (hex);
for(uint32_t t = 0; t < rowbytelen; t++) {
cout << setw(2) << setfill('0') << (uint32_t) tmpbuf[t];
}
cout << (dec) << endl;
#endif
#ifdef AES_OWF
owf(&aesowfkey, rowbytelen, tmpbuf, resbuf);
#else
m_cCrypt->hash_buf(resbuf, OWF_BYTES, tmpbuf, rowbytelen, hash_buf);//hash_buf, rowbytelen, tmpbuf, resbuf, hash_buf);
#endif
#ifdef DEBUG_NNOB_CHECKS_OUTPUT
cout << "XOR-OWF Output:\t" << (hex);
for(uint32_t t = 0; t < OWF_BYTES; t++) {
cout << (uint32_t) resbuf[t];
}
cout << (dec) << endl;
#endif
}
void ALSZOTExtSnd::XORandOWF(uint8_t* idaptr, uint8_t* idbptr, uint64_t rowbytelen, uint8_t* tmpbuf,
uint8_t* resbuf, uint8_t* hash_buf) {
for(uint64_t j = 0; j < rowbytelen/sizeof(uint64_t); j++) {
((uint64_t*) tmpbuf)[j] = ((uint64_t*) tmpbuf)[j] ^ ((uint64_t*) idaptr)[j] ^ ((uint64_t*) idbptr)[j];
}
#ifdef DEBUG_ALSZ_CHECKS_INPUT
cout << "\t" << (hex);
for(uint32_t t = 0; t < rowbytelen; t++) {
cout << setw(2) << setfill('0') << (uint32_t) tmpbuf[t];
}
cout << (dec) << endl;
#endif
#ifdef AES_OWF
owf(&aesowfkey, rowbytelen, tmpbuf, resbuf);
#else
/*SHA512_CTX sha;
SHA512_Init(&sha);
SHA512_Update(&sha, tmpbuf, rowbytelen);
SHA512_Final(hash_buf, &sha);
memcpy(resbuf, hash_buf, OWF_BYTES);*/
sha512_hash(resbuf, OWF_BYTES, tmpbuf, rowbytelen, hash_buf);
//m_cCrypt->hash_buf(resbuf, OWF_BYTES, tmpbuf, rowbytelen, hash_buf);//hash_buf, rowbytelen, tmpbuf, resbuf, hash_buf);
#endif
#ifdef DEBUG_ALSZ_CHECKS_OUTPUT
cout << "\t" << (hex);
for(uint32_t t = 0; t < OWF_BYTES; t++) {
cout << (uint32_t) resbuf[t];
}
cout << (dec) << endl;
#endif
}
nnob_snd_check_t NNOBOTExtSnd::UpdateCheckBuf(uint8_t* tocheckseed, uint8_t* tocheckrcv, uint64_t otid, uint64_t numblocks, channel* check_chan) {
uint64_t rowbytelen = m_nBlockSizeBytes * numblocks;
uint64_t checkbytelen = min(rowbytelen, bits_in_bytes(m_nOTs - otid));
uint8_t* hash_buf = (uint8_t*) malloc(SHA512_DIGEST_LENGTH);
uint8_t* tmpbuf = (uint8_t*) malloc(rowbytelen);
uint8_t *idaptr, *idbptr;
nnob_snd_check_t check_buf;
//check_buf.rcv_chk_buf = (uint8_t*) malloc(m_nChecks * OWF_BYTES);
check_buf.chk_buf = (uint8_t*) malloc(m_nChecks * OWF_BYTES);
uint8_t *chk_buf_ptr = check_buf.chk_buf;
uint8_t *idatmpbuf = (BYTE*) malloc(sizeof(BYTE) * rowbytelen);
uint8_t *idbtmpbuf = (BYTE*) malloc(sizeof(BYTE) * rowbytelen);
uint8_t *seedptr, *rcvptr;
//uint32_t blockoffset = ceil_divide(otid, NUMOTBLOCKS * m_nBlockSizeBits);
uint32_t blockid = 0; //TODO bring in as soon as 3-step OT is implemented
check_buf.otid = otid;
check_buf.numblocks = numblocks;
check_buf.perm = (linking_t*) malloc(sizeof(linking_t*) * m_nChecks);
check_buf.permchoicebits = (BYTE*) malloc(sizeof(uint8_t) * m_nChecks);
genRandomMapping(check_buf.perm, m_nBaseOTs);
for(uint32_t i = 0; i < m_nChecks; i++) {
check_buf.permchoicebits[i] = m_vU.GetBit(blockid * m_nBaseOTs + check_buf.perm[i].ida) ^ m_vU.GetBit(blockid * m_nBaseOTs + check_buf.perm[i].idb);
}
//right now the checkbytelen needs to be a multiple of AES_BYTES
assert(ceil_divide(rowbytelen, OWF_BYTES) * OWF_BYTES == rowbytelen);
#ifdef DEBUG_NNOB_CHECKS
m_vU.PrintHex();
#endif
for(uint64_t i = 0; i < m_nChecks; i++, chk_buf_ptr+=OWF_BYTES) {
if(m_vU.GetBit(blockid * m_nBaseOTs + check_buf.perm[i].ida) == 0) {
memcpy(idatmpbuf, tocheckseed + check_buf.perm[i].ida * rowbytelen, rowbytelen);
} else {
seedptr = tocheckseed + check_buf.perm[i].ida * rowbytelen;
rcvptr = tocheckrcv + check_buf.perm[i].ida * rowbytelen;
for(int j = 0; j < rowbytelen/sizeof(uint64_t); j++) {
((uint64_t*) idatmpbuf)[j] = ((uint64_t*) seedptr)[j] ^ ((uint64_t*) rcvptr)[j];
}
}
if(m_vU.GetBit(blockid * m_nBaseOTs + check_buf.perm[i].idb) == 0) {
memcpy(idbtmpbuf, tocheckseed + check_buf.perm[i].idb * rowbytelen, rowbytelen);
} else {
seedptr = tocheckseed + check_buf.perm[i].idb * rowbytelen;
rcvptr = tocheckrcv + check_buf.perm[i].idb * rowbytelen;
for(int j = 0; j < rowbytelen/sizeof(uint64_t); j++) {
((uint64_t*) idbtmpbuf)[j] = ((uint64_t*) seedptr)[j] ^ ((uint64_t*) rcvptr)[j];
}
}
/*#ifdef DEBUG_NNOB_CHECKS
cout << "seedA: " << (hex) << ((uint64_t*) (tocheckseed + check_buf.perm[i].ida * rowbytelen))[0] <<
", rcvA: " << ((uint64_t*) (tocheckrcv + check_buf.perm[i].ida * rowbytelen))[0] << (dec) << endl;
cout << "seedB: " << (hex) << ((uint64_t*) (tocheckseed + check_buf.perm[i].idb * rowbytelen))[0] <<
", rcvB: " << ((uint64_t*) (tocheckrcv + check_buf.perm[i].idb * rowbytelen))[0] << (dec) << endl;
cout << "input to owf " << (hex) << ((uint64_t*) idatmpbuf)[0] << ", " << ((uint64_t*) idbtmpbuf)[0] << (dec) << endl;
#endif*/
memset(tmpbuf, 0, rowbytelen);
for(uint64_t j = 0; j < rowbytelen/sizeof(uint64_t); j++) {
((uint64_t*) tmpbuf)[j] = ((uint64_t*) tmpbuf)[j] ^ ((uint64_t*) idatmpbuf)[j] ^ ((uint64_t*) idbtmpbuf)[j];
}
#ifdef DEBUG_NNOB_CHECKS_INPUT
cout << "XOR-OWF Input:\t" << (hex);
for(uint32_t t = 0; t < checkbytelen; t++) {
cout << setw(2) << setfill('0') << (uint32_t) tmpbuf[t];
}
cout << (dec) << endl;
#endif
#ifdef AES_OWF
owf(&aesowfkey, rowbytelen, tmpbuf, resbuf);
#else
//m_cCrypt->hash_buf(chk_buf_ptr, OWF_BYTES, tmpbuf, checkbytelen, hash_buf);//hash_buf, rowbytelen, tmpbuf, resbuf, hash_buf);
sha512_hash(chk_buf_ptr, OWF_BYTES, tmpbuf, checkbytelen, hash_buf);
#endif
#ifdef DEBUG_NNOB_CHECKS_OUTPUT
cout << "XOR-OWF Output:\t" << (hex);
for(uint32_t t = 0; t < OWF_BYTES; t++) {
cout << (uint32_t) chk_buf_ptr[t];
}
cout << (dec) << endl;
#endif
//XORandOWF(idatmpbuf, idbtmpbuf, checkbytelen, tmpbuf, chk_buf_ptr, hash_buf);
}
/* for(uint64_t i = 0; i < m_nChecks; i++, seedcheckbufptr+=OWF_BYTES, rcvcheckbufptr+=OWF_BYTES) {
memset(tmpbuf, 0, rowbytelen);
#ifdef DEBUG_ALSZ_CHECKS
cout << i << "-th check between " << check_buf.perm[i].ida << " and " << check_buf.perm[i].idb << ": " << endl;
#endif
XORandOWF(tocheckseed + check_buf.perm[i].ida * rowbytelen, tocheckseed + check_buf.perm[i].idb * rowbytelen,
rowbytelen, tmpbuf, seedcheckbufptr, hash_buf);
XORandOWF(tocheckrcv + check_buf.perm[i].ida * rowbytelen, tocheckrcv + check_buf.perm[i].idb * rowbytelen,
rowbytelen, tmpbuf, rcvcheckbufptr, hash_buf);
}*/
free(tmpbuf);
free(hash_buf);
free(idatmpbuf);
free(idbtmpbuf);
//Send the permutation and the XORed bits over to the receiver
check_chan->send_id_len((uint8_t*) check_buf.perm, sizeof(linking_t) * m_nChecks, otid, numblocks);
check_chan->send(check_buf.permchoicebits, m_nChecks);
return check_buf;
}
void NNOBOTExtRec::ComputeOWF(std::queue<nnob_rcv_check_t>* check_buf_q, channel* check_chan) {//linking_t* permbits, int nchecks, int otid, int processedOTs, BYTE* outhashes) {
//Obtain T0 and T1 from the SeedPointers
uint32_t receiver_hashes = 1;
uint64_t tmpid, tmpnblocks;
linking_t* perm;
uint8_t* rcv_buf_perm = check_chan->blocking_receive_id_len((uint8_t**) &perm, &tmpid, &tmpnblocks);
uint8_t* rcv_buf_permchoices = check_chan->blocking_receive();
uint8_t* sender_permchoicebitptr = rcv_buf_permchoices;
nnob_rcv_check_t check_buf = check_buf_q->front();
check_buf_q->pop();
assert(tmpid == check_buf.otid);
assert(tmpnblocks == check_buf.numblocks);
//the bufsize has to be padded to a multiple of the PRF-size since we will omit boundary checks there
uint32_t i, j;
uint64_t bufrowbytelen = m_nBlockSizeBytes * check_buf.numblocks;//seedptr->expstrbitlen>>3;//(CEIL_DIVIDE(processedOTs, wd_size_bits) * wd_size_bits) >>3;
uint64_t checkbytelen = std::min(bufrowbytelen, bits_in_bytes(m_nOTs - check_buf.otid));
//contains the T-matrix
uint8_t* T0 = check_buf.T0;
//contains the T-matrix XOR the receive bits
//uint8_t* T1 = check_buf.T1;
uint32_t outhashbytelen = m_nChecks * OWF_BYTES * receiver_hashes;
uint8_t* outhashes = (uint8_t*) malloc(outhashbytelen);
#ifdef AES_OWF
AES_KEY_CTX aesowfkey;
MPC_AES_KEY_INIT(&aesowfkey);
#else
uint8_t* hash_buf = (uint8_t*) malloc(SHA512_DIGEST_LENGTH);
#endif
uint8_t* tmpbuf = (uint8_t*) malloc(bufrowbytelen);
uint8_t **ka = (uint8_t**) malloc(2 * sizeof(uint8_t*));
uint8_t **kb = (uint8_t**) malloc(2 * sizeof(uint8_t*));
uint8_t *kaptr, *kbptr;
uint8_t* outptr = outhashes;
uint8_t* receiver_choicebits = m_vChoices->GetArr() + ceil_divide(check_buf.otid, 8);
CBitVector tmp;
tmp.AttachBuf(tmpbuf, bufrowbytelen*8);
//Compute all hashes for the permutations given Ta, Tb and the choice bits
for(i = 0; i < m_nChecks; i++, sender_permchoicebitptr++) {
ka[0] = T0 + perm[i].ida * bufrowbytelen;
kb[0] = T0 + perm[i].idb * bufrowbytelen;
#ifdef DEBUG_MALICIOUS
std::cout << (std::dec) << i << "-th check: between " << perm[i].ida << ", and " << perm[i].idb << std::endl;
#endif
for(j = 0; j < receiver_hashes; j++, outptr+=OWF_BYTES) {
kaptr = ka[0];
kbptr = kb[0];
assert((*sender_permchoicebitptr) == 0 || (*sender_permchoicebitptr == 1));
tmp.SetXOR(kaptr, kbptr, 0, bufrowbytelen);
if(*sender_permchoicebitptr == 1) {
tmp.XORBytesReverse(receiver_choicebits, 0, checkbytelen);
}
#ifdef DEBUG_NNOB_CHECKS_INPUT
std::cout << "XOR-OWF Input:\t" << (std::hex);
for(uint32_t t = 0; t < checkbytelen; t++) {
std::cout << std::setw(2) << std::setfill('0') << (uint32_t) tmpbuf[t];
}
std::cout << (std::dec) << std::endl;
#endif
#ifdef AES_OWF
owf(&aesowfkey, rowbytelen, tmpbuf, outhashes);
#else
//m_cCrypt->hash_buf(outptr, OWF_BYTES, tmpbuf, checkbytelen, hash_buf);
sha512_hash(outptr, OWF_BYTES, tmpbuf, checkbytelen, hash_buf);
#endif
#ifdef DEBUG_NNOB_CHECKS_OUTPUT
std::cout << "XOR-OWF Output:\t" << (std::hex);
for(uint32_t t = 0; t < OWF_BYTES; t++) {
std::cout << (uint32_t) outptr[t];
}
std::cout << (std::dec) << std::endl;
#endif
}
}
check_chan->send_id_len(outhashes, outhashbytelen, check_buf.otid, check_buf.numblocks);
free(rcv_buf_perm);
free(rcv_buf_permchoices);
//free(tmpbuf);
free(ka);
free(kb);
free(check_buf.T0);
//free(check_buf.T1);
free(outhashes);
#ifndef AES_OWF
free(hash_buf);
#endif
}
