initial commit

.gitignore

@@ -0,0 +1,2 @@
+tests/*
+build/*

LICENSE

@@ -0,0 +1,13 @@
+Copyright (c) 2016
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.

Makefile

@@ -0,0 +1,33 @@
+CC = clang
+INCPATHS = -I/usr/local/include
+CFLAGS = -g -Wall -O3 $(INCPATHS)
+LDLIBS = -lgmp -lssl -lcrypto
+LDPATH = -L/usr/local/lib
+
+BUILD = build
+TESTS = tests
+
+SRC = crypto.c ore.c
+TESTPROGS = test_ore
+
+OBJPATHS = $(patsubst %.c,$(BUILD)/%.o, $(SRC))
+TESTPATHS = $(addprefix $(TESTS)/, $(TESTPROGS))
+
+all: $(OBJPATHS) $(TESTPATHS)
+
+obj: $(OBJPATHS)
+
+$(BUILD):
+	mkdir -p $(BUILD)
+
+$(TESTS):
+	mkdir -p $(TESTS)
+
+$(BUILD)/%.o: %.c | $(BUILD)
+	$(CC) $(CFLAGS) -o $@ -c $<
+
+$(TESTS)/%: %.c $(OBJPATHS) $(TESTS)
+	$(CC) $(CFLAGS) -o $@ $< $(LDPATH) $(OBJPATHS) $(LDLIBS)
+
+clean:
+	rm -rf $(BUILD) $(TESTS) *~

README.md

@@ -0,0 +1,32 @@
+# FastORE
+
+This is an implementation of the order-revealing encryption (ORE) scheme
+described here: https://eprint.iacr.org/2015/1125.pdf
+
+This implementation is a research prototype mainly as a proof of concept, and is
+not intended to be used in production-level code as it has not been carefully
+analyzed for potential security flaws.
+
+Authors:
+ * David J. Wu, Stanford University
+ * Kevin Lewi, Stanford University
+
+Contact David for questions about the code:
+  dwu4@cs.stanford.edu
+
+## Prerequisites ##
+
+Make sure you have the following installed:
+ * [GMP 5.x](http://gmplib.org/)
+ * [OpenSSL](http://www.openssl.org/source/)
+
+## Installation ##
+
+    git clone --recursive https://github.com/kevinlewi/fastore.git
+    cd fastore
+    make
+
+## Running a Test ##
+
+  ./tests/test_ore
+

crypto.c

@@ -0,0 +1,61 @@
+/**
+ * Copyright (c) 2016, David J. Wu, Kevin Lewi
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "crypto.h"
+#include "errors.h"
+
+#include <assert.h>
+#include <openssl/hmac.h>
+#include <openssl/sha.h>
+#include <stdint.h>
+
+int generate_prf_key(byte* dst, uint32_t dstlen) {
+  if (dstlen != PRF_KEY_BYTES) {
+    return ERROR_PRF_KEYLEN_INVALID;
+  }
+
+  FILE* f = fopen("/dev/urandom", "r");
+  if (f == NULL) {
+    return ERROR_RANDOMNESS;
+  }
+
+  int bytes_read = fread(dst, 1, PRF_KEY_BYTES, f);
+  if (bytes_read != PRF_KEY_BYTES) {
+    return ERROR_RANDOMNESS;
+  }
+
+  fclose(f);
+
+  return ERROR_NONE;
+}
+
+int prf_eval(byte* dst, uint32_t dstlen, byte* key, uint32_t keylen, byte* src,
+    uint32_t srclen) {
+  if (dstlen != PRF_OUTPUT_BYTES) {
+    return ERROR_DSTLEN_INVALID;
+  }
+
+  if (keylen != PRF_KEY_BYTES) {
+    return ERROR_PRF_KEYLEN_INVALID;
+  }
+
+  uint32_t outlen;
+  HMAC(EVP_sha256(), key, keylen, src, srclen, dst, &outlen);
+  assert(outlen == dstlen);
+
+  return ERROR_NONE;
+}
+

crypto.h

@@ -0,0 +1,56 @@
+/**
+ * Copyright (c) 2016, David J. Wu, Kevin Lewi
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef __CRYPTO_H__
+#define __CRYPTO_H__
+
+#include <openssl/evp.h>
+#include <openssl/aes.h>
+#include <stdint.h>
+
+typedef unsigned char byte;
+
+static const int PRF_KEY_BYTES    = 32;
+static const int PRF_OUTPUT_BYTES = 32;
+
+/**
+ * Reads from /dev/urandom to sample a PRF key.
+ *
+ * @param dst Byte array which will store the PRF key
+ * @param dstlen Length of the destination byte array. Must match PRF_KEY_BYTES.
+ * @return ERROR_NONE on success, ERROR_PRF_KEYLEN_INVALID if the destination
+ * length is invalid, and ERROR_RANDOMNESS if reading from /dev/urandom failed.
+ */
+int generate_prf_key(byte* dst, uint32_t dstlen);
+
+/**
+ * Uses SHA256 to evaluate a PRF given a key and input (as byte arrays), storing
+ * the result in a destination byte array.
+ *
+ * @param dst The destination byte array that will contain the output of the PRF
+ * @param dstlen The size of the destination byte array
+ * @param key The byte array containing the key for the PRF
+ * @param keylen The size of the key byte array
+ * @param src The byte array containing the input to the PRF
+ * @param srclen The size of the input byte array
+ * @return ERROR_NONE on success, ERROR_DSTLEN_INVALID if the destination size
+ * is invalid, and ERROR_PRF_KEYLEN_INVALID if the key size is invalid.
+ */
+int prf_eval(byte* dst, uint32_t dstlen, byte* key, uint32_t keylen, byte* src,
+  uint32_t srclen);
+
+#endif /* __CRYPTO_H__ */
+

errors.h

@@ -0,0 +1,41 @@
+/**
+ * Copyright (c) 2016, David J. Wu, Kevin Lewi
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef __ERRORS_H__
+#define __ERRORS_H__
+
+enum error_codes {
+  ERROR_NONE,
+
+  ERROR_RANDOMNESS,
+
+  ERROR_SRCLEN_INVALID,
+  ERROR_DSTLEN_INVALID,
+
+  ERROR_PRF_KEYLEN_INVALID,
+
+  ERROR_NULL_POINTER,
+  ERROR_MEMORY_ALLOCATION,
+
+  ERROR_PARAMS_MISMATCH,
+  ERROR_PARAMS_INVALID,
+
+  ERROR_SK_NOT_INITIALIZED,
+  ERROR_CTXT_NOT_INITIALIZED,
+};
+
+#endif /* __ERRORS_H__ */
+