Skip to content

Commit

Permalink
Remove NTRU_RNG_IGF2, replace it with NTRU_RNG_CTR_DRBG
Browse files Browse the repository at this point in the history
  • Loading branch information
@tbuktu
tbuktu committed Mar 10, 2016
1 parent 190c552 commit ea30df5
Show file tree
Hide file tree
Showing 4 changed files with 60 additions and 87 deletions.
10 changes: 5 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,11 +42,11 @@ Windows default is no SSSE3.
/* deterministic key generation from password */
uint8_t seed[17];
strcpy(seed, "my test password");
NtruRandGen rng_igf2 = NTRU_RNG_IGF2;
NtruRandContext rand_ctx_igf2;
if (ntru_rand_init_det(&rand_ctx_igf2, &rng_igf2, seed, strlen(seed)) != NTRU_SUCCESS)
NtruRandGen rng_ctr_drbg = NTRU_RNG_CTR_DRBG;
NtruRandContext rand_ctx_ctr_drbg;
if (ntru_rand_init_det(&rand_ctx_ctr_drbg, &rng_ctr_drbg, seed, strlen(seed)) != NTRU_SUCCESS)
printf("rng fail\n");
if (ntru_gen_key_pair(&params, &kp, &rand_ctx_igf2) != NTRU_SUCCESS)
if (ntru_gen_key_pair(&params, &kp, &rand_ctx_ctr_drbg) != NTRU_SUCCESS)
printf("keygen fail\n");

/* encryption */
Expand All @@ -70,7 +70,7 @@ Windows default is no SSSE3.
/* release RNG resources */
if (ntru_rand_release(&rand_ctx_def) != NTRU_SUCCESS)
printf("rng fail\n");
if (ntru_rand_release(&rand_ctx_igf2) != NTRU_SUCCESS)
if (ntru_rand_release(&rand_ctx_ctr_drbg) != NTRU_SUCCESS)
printf("rng fail\n");

/* export key to uint8_t array */
Expand Down
45 changes: 9 additions & 36 deletions src/rand.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,36 +5,13 @@
#include "rand.h"
#include "err.h"
#include "encparams.h"
#include "idxgen.h"
#include "nist_ctr_drbg.h"
#ifdef WIN32
#define WIN32_LEAN_AND_MEAN
#include <Windows.h>
#include <Wincrypt.h>
#endif

const NtruEncParams NTRU_IGF2_RAND_PARAMS = {\
"IGF2_RNG", /* name */\
256, /* N=256 because we want to generate bytes */\
2048, /* q */\
0, /* prod_flag */\
0, /* df */\
0,\
0,\
0, /* dg */\
0, /* dm0 */\
0, /* db */\
11, /* c */\
0, /* min_calls_r */\
0, /* min_calls_mask */\
1, /* hash_seed */\
{0, 0, 0}, /* oid */\
ntru_sha1, /* hash */\
ntru_sha1_4way, /* hash_4way */\
20, /* hlen */\
0 /* pklen */\
};

const char NTRU_PERS_STRING[] = "libntru"; /* personalization string for CTR-DRBG */

uint8_t ntru_rand_init(NtruRandContext *rand_ctx, struct NtruRandGen *rand_gen) {
Expand Down Expand Up @@ -141,27 +118,23 @@ uint8_t ntru_rand_devrandom_release(NtruRandContext *rand_ctx) {
}
#endif /* !WIN32 */

uint8_t ntru_rand_igf2_init(NtruRandContext *rand_ctx, struct NtruRandGen *rand_gen) {
rand_ctx->state = malloc(sizeof(struct NtruIGFState));
uint8_t ntru_rand_ctr_drbg_init(NtruRandContext *rand_ctx, struct NtruRandGen *rand_gen) {
rand_ctx->state = malloc(sizeof(NIST_CTR_DRBG));
if (!rand_ctx->state)
return 0;
ntru_IGF_init(rand_ctx->seed, rand_ctx->seed_len, &NTRU_IGF2_RAND_PARAMS, rand_ctx->state);
return 1;
uint16_t pers_string_size = strlen(NTRU_PERS_STRING) * sizeof(NTRU_PERS_STRING[0]);
return nist_ctr_drbg_instantiate(rand_ctx->state, rand_ctx->seed, rand_ctx->seed_len, NULL, 0, NTRU_PERS_STRING, pers_string_size) == 0;
}

uint8_t ntru_rand_igf2_generate(uint8_t rand_data[], uint16_t len, NtruRandContext *rand_ctx) {
uint16_t i;
for (i=0; i<len; i++) {
uint16_t idx;
ntru_IGF_next(rand_ctx->state, &idx);
rand_data[i] = idx;
}
uint8_t ntru_rand_ctr_drbg_generate(uint8_t rand_data[], uint16_t len, NtruRandContext *rand_ctx) {
nist_ctr_drbg_generate(rand_ctx->state, rand_data, len, NULL, 0);
return 1;
}

uint8_t ntru_rand_igf2_release(NtruRandContext *rand_ctx) {
uint8_t ntru_rand_ctr_drbg_release(NtruRandContext *rand_ctx) {
uint8_t result = nist_ctr_drbg_destroy(rand_ctx->state);
free(rand_ctx->state);
return 1;
return result;
}

uint8_t ntru_get_entropy(uint8_t *buffer, uint16_t len) {
Expand Down
10 changes: 5 additions & 5 deletions src/rand.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,10 +62,10 @@ uint8_t ntru_rand_default_generate(uint8_t rand_data[], uint16_t len, NtruRandCo
uint8_t ntru_rand_default_release(NtruRandContext *rand_ctx);
#define NTRU_RNG_DEFAULT {ntru_rand_default_init, ntru_rand_default_generate, ntru_rand_default_release}

/* deterministic RNG based on IGF-2 */
uint8_t ntru_rand_igf2_init(NtruRandContext *rand_ctx, struct NtruRandGen *rand_gen);
uint8_t ntru_rand_igf2_generate(uint8_t rand_data[], uint16_t len, NtruRandContext *rand_ctx);
uint8_t ntru_rand_igf2_release(NtruRandContext *rand_ctx);
#define NTRU_RNG_IGF2 {ntru_rand_igf2_init, ntru_rand_igf2_generate, ntru_rand_igf2_release}
/* deterministic RNG based on CTR_DRBG */
uint8_t ntru_rand_ctr_drbg_init(NtruRandContext *rand_ctx, struct NtruRandGen *rand_gen);
uint8_t ntru_rand_ctr_drbg_generate(uint8_t rand_data[], uint16_t len, NtruRandContext *rand_ctx);
uint8_t ntru_rand_ctr_drbg_release(NtruRandContext *rand_ctx);
#define NTRU_RNG_CTR_DRBG {ntru_rand_ctr_drbg_init, ntru_rand_ctr_drbg_generate, ntru_rand_ctr_drbg_release}

#endif /* NTRU_RAND_H */
82 changes: 41 additions & 41 deletions tests/test_ntru.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ uint8_t gen_key_pair(char *seed, NtruEncParams *params, NtruEncKeyPair *kp) {
uint8_t seed_uint8[seed_len];
str_to_uint8(seed, seed_uint8);
NtruRandContext rand_ctx;
NtruRandGen rng = NTRU_RNG_IGF2;
NtruRandGen rng = NTRU_RNG_CTR_DRBG;
ntru_rand_init_det(&rand_ctx, &rng, seed_uint8, seed_len);
rand_ctx.seed = seed_uint8;
rand_ctx.seed_len = seed_len;
Expand Down Expand Up @@ -81,7 +81,7 @@ uint8_t test_keygen() {
uint8_t seed2[strlen(seed2_char)];
str_to_uint8(seed2_char, seed2);
NtruEncKeyPair kp2;
NtruRandGen rng = NTRU_RNG_IGF2;
NtruRandGen rng = NTRU_RNG_CTR_DRBG;
NtruRandContext rand_ctx2;
ntru_rand_init_det(&rand_ctx2, &rng, seed2, strlen(seed2_char));
valid &= ntru_gen_key_pair(&params, &kp2, &rand_ctx2) == NTRU_SUCCESS;
Expand Down Expand Up @@ -176,7 +176,7 @@ uint8_t test_encr_decr_det(NtruEncParams *params, uint8_t *digest_expected) {
NtruRandContext rand_ctx_plaintext;
uint16_t max_len = ntru_max_msg_len(params);
uint8_t plain[max_len];
NtruRandGen rng_plaintext = NTRU_RNG_IGF2;
NtruRandGen rng_plaintext = NTRU_RNG_CTR_DRBG;
char plain_seed_char[25];
strcpy(plain_seed_char, "seed value for plaintext");
uint8_t plain_seed[25];
Expand All @@ -200,10 +200,10 @@ uint8_t test_encr_decr_det(NtruEncParams *params, uint8_t *digest_expected) {
str_to_uint8(seed2_char, seed2);

NtruRandContext rand_ctx;
NtruRandGen rng = NTRU_RNG_IGF2;
NtruRandGen rng = NTRU_RNG_CTR_DRBG;
valid &= ntru_rand_init_det(&rand_ctx, &rng, seed, strlen(seed_char)) == NTRU_SUCCESS;
NtruRandContext rand_ctx2;
NtruRandGen rng2 = NTRU_RNG_IGF2;
NtruRandGen rng2 = NTRU_RNG_CTR_DRBG;
valid &= ntru_rand_init_det(&rand_ctx2, &rng2, seed2, strlen(seed2_char)) == NTRU_SUCCESS;

uint8_t decrypted[max_len];
Expand Down Expand Up @@ -235,42 +235,42 @@ uint8_t test_encr_decr() {

/* SHA-1 digests of deterministic ciphertexts */
uint8_t digests_expected[][20] = {
{0xf8, 0x39, 0xbf, 0xb6, 0xa4, 0x99, 0x50, 0xde, 0xd0, 0x9f, /* EES401EP1 */
0xce, 0x55, 0xac, 0x23, 0xf1, 0x8e, 0x11, 0x0f, 0x76, 0x3d},
{0x01, 0x6a, 0xbe, 0xae, 0x79, 0xdd, 0xf7, 0x9c, 0x90, 0x70, /* EES449EP1 */
0x02, 0x2e, 0x7e, 0x70, 0x05, 0xc4, 0xcb, 0x87, 0x8c, 0x60},
{0xff, 0x5a, 0xfb, 0x06, 0xe0, 0xbe, 0xf9, 0x96, 0x7b, 0x2f, /* EES677EP1 */
0x6c, 0xde, 0x43, 0x8f, 0x2f, 0x48, 0xf3, 0x2b, 0x90, 0x8b},
{0xc1, 0xbe, 0x9a, 0x9b, 0x85, 0xba, 0xa4, 0x0a, 0xc9, 0x45, /* EES1087EP2 */
0xa4, 0x92, 0xdf, 0xd3, 0x34, 0x03, 0x6b, 0x1b, 0x77, 0x29},
{0xdb, 0xa4, 0x6f, 0xb2, 0xb1, 0xf0, 0x8d, 0xb1, 0xe3, 0x07, /* EES541EP1 */
0xf9, 0xb4, 0x4b, 0x96, 0x9e, 0xa9, 0x83, 0x56, 0x77, 0x69},
{0x0c, 0x70, 0xf6, 0x40, 0x96, 0xfa, 0xaf, 0x26, 0xb4, 0xc0, /* EES613EP1 */
0x2d, 0xcd, 0xe4, 0x16, 0xc0, 0x56, 0xda, 0xbd, 0xbd, 0x6f},
{0xb0, 0x39, 0xe6, 0xa3, 0xb7, 0x08, 0x60, 0x90, 0x5e, 0x39, /* EES887EP1 */
0xdb, 0xac, 0x9b, 0xba, 0xa2, 0xb8, 0xd9, 0x68, 0x91, 0x5a},
{0x3d, 0x98, 0x20, 0xc1, 0xcf, 0xdf, 0x59, 0x77, 0x5a, 0x4a, /* EES1171EP1 */
0x1a, 0x1a, 0xb7, 0xed, 0xa0, 0x4b, 0x6c, 0xfa, 0x67, 0x72},
{0x5d, 0x45, 0x53, 0xed, 0xb8, 0xce, 0xff, 0x84, 0x4f, 0x09, /* EES659EP1 */
0x49, 0x82, 0x5c, 0x06, 0x35, 0x2a, 0xc9, 0x71, 0xfa, 0x17},
{0x85, 0xb9, 0xbe, 0x9b, 0x89, 0x64, 0x24, 0x06, 0x6b, 0x38, /* EES761EP1 */
0x76, 0x7c, 0x7e, 0x2a, 0xc6, 0x12, 0x48, 0x7a, 0x36, 0x62},
{0x07, 0x6f, 0x5f, 0x62, 0x7f, 0x81, 0xdb, 0xd8, 0x0d, 0x26, /* EES1087EP1 */
0x2e, 0x1a, 0x64, 0x8c, 0x68, 0x02, 0xb3, 0xaf, 0x18, 0xa7},
{0xf3, 0x16, 0xdf, 0x16, 0xe9, 0xa3, 0x4c, 0x40, 0x30, 0xff, /* EES1499EP1 */
0x5d, 0x66, 0xd8, 0x53, 0x2b, 0x07, 0x8a, 0x17, 0x48, 0xb4},
{0xb0, 0x50, 0x79, 0xd8, 0x43, 0x8b, 0xaf, 0x42, 0x74, 0x21, /* EES401EP2 */
0x45, 0x7b, 0x7a, 0xc6, 0x35, 0x0a, 0x85, 0xfa, 0x92, 0xdf},
{0x54, 0x5b, 0x8e, 0x77, 0x5d, 0x75, 0x33, 0x9d, 0xc4, 0x41, /* EES439EP1 */
0x47, 0xa7, 0x1a, 0x1e, 0x77, 0x20, 0xa0, 0x22, 0xeb, 0xc6},
{0x91, 0xe8, 0x84, 0xd7, 0xc0, 0xec, 0xc2, 0x65, 0x94, 0x80, /* EES443EP1 */
0x4b, 0xf3, 0x1b, 0x51, 0x68, 0x8d, 0xb4, 0x0f, 0xc2, 0x69},
{0xc3, 0x24, 0xc2, 0xe8, 0x31, 0xdb, 0xdf, 0x43, 0xdf, 0x0f, /* EES593EP1 */
0xc7, 0x45, 0x58, 0x23, 0x8a, 0x25, 0x3e, 0x0e, 0xce, 0xce},
{0x03, 0x64, 0x39, 0xf6, 0x63, 0xd7, 0xd6, 0x4c, 0x4c, 0xe0, /* EES587EP1 */
0x35, 0x4a, 0xcb, 0x45, 0xf4, 0xfd, 0x86, 0xd2, 0xa2, 0xe0},
{0x8d, 0xc2, 0x6a, 0x90, 0x0b, 0x6c, 0x32, 0xe0, 0x9d, 0x02, /* EES743EP1 */
0x30, 0xaf, 0xe4, 0xe7, 0x2a, 0x74, 0xaa, 0xf8, 0x3d, 0xb1}
{0x57, 0x73, 0xd6, 0x3e, 0x2e, 0x77, 0xdd, 0x9d, 0xcc, 0xa3, /* EES401EP1 */
0xdb, 0x66, 0xff, 0xd5, 0x4d, 0x19, 0xba, 0xed, 0x6b, 0x31},
{0x66, 0xe0, 0x14, 0x46, 0xe6, 0x65, 0x3d, 0x56, 0x8d, 0x1b, /* EES449EP1 */
0xb5, 0x0c, 0xde, 0x69, 0x8e, 0xcd, 0xb7, 0xce, 0xf5, 0x24},
{0xb6, 0x22, 0x91, 0xac, 0x0a, 0x45, 0xb9, 0xbe, 0xc7, 0x2c, /* EES677EP1 */
0x87, 0x17, 0xe8, 0xa3, 0xcd, 0xb2, 0xd0, 0x52, 0x9f, 0x62},
{0xea, 0x00, 0x48, 0x44, 0x92, 0x36, 0x3a, 0xc7, 0xf6, 0x7f, /* EES1087EP2 */
0xbd, 0x2e, 0x47, 0xcb, 0xf3, 0x9c, 0x05, 0x2a, 0xf8, 0xa0},
{0x2e, 0xe0, 0x43, 0x63, 0xf2, 0xbe, 0x74, 0xf8, 0xcd, 0x68, /* EES541EP1 */
0xd4, 0x32, 0x96, 0xb5, 0x0c, 0x8c, 0x17, 0xb8, 0x43, 0x67},
{0xf1, 0xd4, 0x92, 0xb8, 0x93, 0xa5, 0xdf, 0xa2, 0x9e, 0xef, /* EES613EP1 */
0x9f, 0xcc, 0x4c, 0x09, 0x9a, 0x32, 0x5f, 0xa6, 0x9a, 0x1c},
{0x22, 0x66, 0xc4, 0x24, 0x1f, 0xc7, 0xd0, 0x5d, 0x0e, 0x37, /* EES887EP1 */
0x1a, 0x1e, 0xfa, 0xe9, 0x98, 0xea, 0x8e, 0x5c, 0xaf, 0xc0},
{0xeb, 0x3d, 0x03, 0xca, 0xf9, 0xf7, 0x46, 0xeb, 0xbe, 0x13, /* EES1171EP1 */
0xaa, 0x1f, 0x3b, 0xb5, 0x62, 0x5b, 0x70, 0x53, 0xa6, 0x57},
{0xc2, 0xad, 0x7e, 0x9d, 0xb1, 0x32, 0x33, 0xc9, 0x39, 0x56, /* EES659EP1 */
0xa5, 0x7e, 0x32, 0x55, 0x29, 0x25, 0xb8, 0x64, 0x05, 0xcd},
{0x9b, 0xfe, 0xde, 0xe7, 0x36, 0x44, 0x17, 0xb6, 0x71, 0xa3, /* EES761EP1 */
0xdf, 0xc8, 0x40, 0x89, 0xde, 0x9c, 0x12, 0x72, 0xff, 0xfd},
{0xba, 0xda, 0x5b, 0xb1, 0x43, 0x4a, 0x3a, 0x94, 0x3d, 0xaf, /* EES1087EP1 */
0x34, 0xa4, 0xe3, 0x5b, 0x0d, 0x50, 0x3c, 0x97, 0xc9, 0x73},
{0xbe, 0x7f, 0x85, 0xdf, 0x8c, 0x9e, 0xc2, 0x8c, 0x94, 0xbe, /* EES1499EP1 */
0xee, 0xab, 0x0e, 0x0b, 0x27, 0x48, 0xb8, 0x6e, 0xfe, 0x78},
{0xae, 0xe3, 0x60, 0x4d, 0x21, 0x7b, 0xaf, 0x83, 0x06, 0x28, /* EES401EP2 */
0xb3, 0xf8, 0xa3, 0xea, 0x51, 0x7d, 0x0e, 0xf6, 0x61, 0xe2},
{0x52, 0x30, 0x00, 0xb7, 0xc3, 0x09, 0x0b, 0xf5, 0xb0, 0xc1, /* EES439EP1 */
0x23, 0x94, 0xc2, 0x50, 0x7f, 0x6a, 0x09, 0x6b, 0xce, 0x77},
{0xb7, 0x2d, 0xc0, 0xd5, 0x69, 0xb5, 0x9d, 0x8c, 0xe0, 0xdf, /* EES443EP1 */
0x6d, 0x86, 0xd8, 0x0f, 0x8f, 0xef, 0xbd, 0x6b, 0x85, 0x85},
{0x08, 0xe4, 0x1a, 0x41, 0x8c, 0x46, 0x92, 0xcf, 0xaf, 0xf7, /* EES593EP1 */
0xd9, 0x73, 0xee, 0x25, 0x63, 0xeb, 0x42, 0x17, 0xed, 0xcd},
{0x87, 0x46, 0x03, 0xf5, 0x1b, 0xaa, 0xed, 0xe9, 0xfc, 0x8f, /* EES587EP1 */
0x28, 0x0f, 0xed, 0xf4, 0x59, 0xe2, 0x3a, 0x68, 0x53, 0x30},
{0xb4, 0x39, 0x0d, 0x54, 0x9a, 0x21, 0xf3, 0x27, 0x4f, 0xa7, /* EES743EP1 */
0xe7, 0x46, 0xd8, 0x03, 0x68, 0x46, 0x7d, 0x96, 0xee, 0xee}
};

for (i=0; i<sizeof(param_arr)/sizeof(param_arr[0]); i++) {
Expand Down

0 comments on commit ea30df5

Please sign in to comment.