From 71b8f4cbeb80a298e59e058f00db5b6e191909b4 Mon Sep 17 00:00:00 2001 From: Malte Date: Thu, 17 Apr 2014 18:26:18 +0200 Subject: [PATCH 01/58] Added static mp_digit get_rnd_int_small(int *sign) but it takes about ~40minutes to generate a x^500 polynom with /dev/random. --- src/Makefile | 2 +- src/rand.c | 48 +++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 44 insertions(+), 6 deletions(-) diff --git a/src/Makefile b/src/Makefile index 95b5320..fd3ce31 100644 --- a/src/Makefile +++ b/src/Makefile @@ -57,7 +57,7 @@ endif %.o: %.c $(CC) -fPIC $(CFLAGS) $(CPPFLAGS) $(INCS) -c $*.c -all: libpqc.a libpqc.so +all: libpqc.a libpqc.so main # test: $(CUNIT_OBJS) $(PQC_LIBS) diff --git a/src/rand.c b/src/rand.c index d698164..0f88a85 100644 --- a/src/rand.c +++ b/src/rand.c @@ -37,7 +37,45 @@ * static declarations */ static mp_digit get_urnd_int_small(int *sign); +static mp_digit get_rnd_int_small(int *sign); +/** + * Gets randomly a small integer + * from the set {-1, 0, 1} using /dev/random. + * + * @param sign stores the signness [out] + * @return random small integer + */ +static mp_digit get_rnd_int_small(int *sign) +{ + int random_data; + mp_digit random_int; + size_t randomDataLen = 0; + random_data = open("/dev/random", O_RDONLY); + + while (randomDataLen < sizeof(random_int)) { + ssize_t result = read(random_data, + ((char*) &random_int) + randomDataLen, + (sizeof(random_int)) - randomDataLen); + if (result < 0) { + NTRU_ABORT("Unable to read /dev/random"); + } + randomDataLen += result; + } + close(random_data); + + random_int = random_int % 3; + + if (random_int == 1) { + *sign = 0; + } else if (random_int == 2) { + random_int = 1; + *sign = 1; + } else { + *sign = 0; + } + return random_int; +} /** * Gets randomly a small integer @@ -57,14 +95,14 @@ static mp_digit get_urnd_int_small(int *sign) NTRU_ABORT("Unable to read /dev/urandom"); close(random_data); - if ((random_int % 2) == 0) { - random_int = 0; + random_int = random_int % 3; + + if (random_int == 1) { *sign = 0; - } else if (random_int % 3) { + } else if (random_int == 2) { random_int = 1; *sign = 1; } else { - random_int = 1; *sign = 0; } @@ -90,7 +128,7 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) int sign; int c = get_urnd_int_small(&sign); - mp_set(&(poly->terms[i]), (mp_digit)c); + mp_set(&(poly->terms[i]), (mp_digit) c); if (sign == 1) poly->terms[i].sign = 1; From 04d5d6d38f605249105f507fa26715f357e7dd07 Mon Sep 17 00:00:00 2001 From: Malte Date: Sat, 19 Apr 2014 18:35:51 +0200 Subject: [PATCH 02/58] rand:ntru_get_rnd_poly_small: written a function to generate a random polynom like get_urnd_int_small but with the random source from /dev/random instead of /dev/urandom --- src/Makefile | 2 +- src/rand.c | 36 ++++++++++++++++++++++++++++++++++-- src/rand.h | 1 + 3 files changed, 36 insertions(+), 3 deletions(-) diff --git a/src/Makefile b/src/Makefile index fd3ce31..95b5320 100644 --- a/src/Makefile +++ b/src/Makefile @@ -57,7 +57,7 @@ endif %.o: %.c $(CC) -fPIC $(CFLAGS) $(CPPFLAGS) $(INCS) -c $*.c -all: libpqc.a libpqc.so main +all: libpqc.a libpqc.so # test: $(CUNIT_OBJS) $(PQC_LIBS) diff --git a/src/rand.c b/src/rand.c index 0f88a85..956d9ad 100644 --- a/src/rand.c +++ b/src/rand.c @@ -42,6 +42,7 @@ static mp_digit get_rnd_int_small(int *sign); /** * Gets randomly a small integer * from the set {-1, 0, 1} using /dev/random. + * A zero is signed positiv. * * @param sign stores the signness [out] * @return random small integer @@ -77,9 +78,41 @@ static mp_digit get_rnd_int_small(int *sign) return random_int; } +/** + * Gets a random polynomial with coefficients + * from the set {-1 ,0 ,1} using /dev/random. + * + * + * @param ctx the NTRU context + * @return newly allocated polynomial, must be freed with delete_polynom() + */ +pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) +{ + mp_int chara; + init_integer(&chara); + pb_poly *poly = malloc(sizeof(pb_poly)); + init_polynom_size(poly, &chara, ctx->N); + mp_clear(&chara); + + for (int i = 0; i < ctx->N; i++) { + int sign; + int c = get_rnd_int_small(&sign); + + mp_set(&(poly->terms[i]), (mp_digit) c); + + if (sign == 1) + poly->terms[i].sign = 1; + } + poly->used = ctx->N; + //pb_clamp(poly); + + return poly; +} + /** * Gets randomly a small integer * from the set {-1, 0, 1} using /dev/urandom. + * A zero is signed positiv. * * @param sign stores the signness [out] * @return random small integer @@ -134,8 +167,7 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) poly->terms[i].sign = 1; } poly->used = ctx->N; - pb_clamp(poly); + //pb_clamp(poly); return poly; } - diff --git a/src/rand.h b/src/rand.h index adafdf8..6db9c7d 100644 --- a/src/rand.h +++ b/src/rand.h @@ -29,5 +29,6 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx); +pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx); #endif /* NTRU_RAND_H */ From 22f713fa987a3a8ed44f74ad5f7af64c59921c82 Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 16:56:38 +0200 Subject: [PATCH 03/58] DOC: improve memory handling instructions --- src/poly.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/poly.c b/src/poly.c index b6dfe14..01dade9 100644 --- a/src/poly.c +++ b/src/poly.c @@ -27,7 +27,7 @@ /** * Initialize a mp_int and check if this was successful, the - * caller must free new_int. + * caller must free new_int with mp_clear(). * * @param new_int a pointer to the mp_int you want to initialize */ @@ -42,7 +42,8 @@ void init_integer(mp_int *new_int) /** * Initialize a Polynom with a pb_poly and a mp_int as characteristic. - * Checks if everything went fine. The caller must free new_poly. + * Checks if everything went fine. The caller must free new_poly + * with pb_clear(). * * @param new_poly the pb_poly you want to initialize * @param chara the characteristic @@ -59,7 +60,7 @@ void init_polynom(pb_poly *new_poly, mp_int *chara) /** * Initialize a Polynom with a pb_poly adn a mp_int as characteristic * with size. Checks if everything went fine. The caller must free - * new_poly. + * new_poly with pb_clear(). * * @param new_poly the pb_poly you want to initialize * @param chara the characteristic From 0470a5fa6e0dd9b0a004d5b787f15e40a4a4f956 Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 18:20:08 +0200 Subject: [PATCH 04/58] POLY: use size_t --- src/poly.c | 2 +- src/poly.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/poly.c b/src/poly.c index 01dade9..8625a13 100644 --- a/src/poly.c +++ b/src/poly.c @@ -66,7 +66,7 @@ void init_polynom(pb_poly *new_poly, mp_int *chara) * @param chara the characteristic * @param size the size of the polynomial */ -void init_polynom_size(pb_poly *new_poly, mp_int *chara, int size) +void init_polynom_size(pb_poly *new_poly, mp_int *chara, size_t size) { int result; if ((result = pb_init_size(new_poly, chara, size)) != MP_OKAY) { diff --git a/src/poly.h b/src/poly.h index 6bca69d..7b534ba 100644 --- a/src/poly.h +++ b/src/poly.h @@ -31,7 +31,7 @@ void init_integer(mp_int *new_int); void init_polynom(pb_poly *new_poly, mp_int *chara); -void init_polynom_size(pb_poly *new_poly, mp_int *chara, int size); +void init_polynom_size(pb_poly *new_poly, mp_int *chara, size_t size); void delete_polynom(pb_poly *new_poly); From 417ce9c0f23e89d6e8fe5e0677f9bb112fd44ed4 Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 18:21:42 +0200 Subject: [PATCH 05/58] RAND: use unsigned long instead of mp_digit if we use mp_set_int() instead of mp_set(), then we can use full unsigned long integers instead of single digits. This seems a lot safer, especially for future versions of the random algorithm. RAND: merged a conflict --- src/rand.c | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/src/rand.c b/src/rand.c index 956d9ad..f535c54 100644 --- a/src/rand.c +++ b/src/rand.c @@ -36,8 +36,7 @@ /* * static declarations */ -static mp_digit get_urnd_int_small(int *sign); -static mp_digit get_rnd_int_small(int *sign); +static unsigned long get_urnd_int_small(int *sign); /** * Gets randomly a small integer @@ -112,12 +111,11 @@ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) /** * Gets randomly a small integer * from the set {-1, 0, 1} using /dev/urandom. - * A zero is signed positiv. * * @param sign stores the signness [out] * @return random small integer */ -static mp_digit get_urnd_int_small(int *sign) +static unsigned long get_urnd_int_small(int *sign) { int random_data; mp_digit random_int; @@ -128,14 +126,14 @@ static mp_digit get_urnd_int_small(int *sign) NTRU_ABORT("Unable to read /dev/urandom"); close(random_data); - random_int = random_int % 3; - - if (random_int == 1) { + if ((random_int % 2) == 0) { + random_int = 0; *sign = 0; - } else if (random_int == 2) { + } else if (random_int % 3) { random_int = 1; *sign = 1; } else { + random_int = 1; *sign = 0; } @@ -157,17 +155,18 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) init_polynom_size(poly, &chara, ctx->N); mp_clear(&chara); - for (int i = 0; i < ctx->N; i++) { + for (unsigned int i = 0; i < ctx->N; i++) { int sign; - int c = get_urnd_int_small(&sign); + unsigned long c = get_urnd_int_small(&sign); - mp_set(&(poly->terms[i]), (mp_digit) c); + mp_set_int(&(poly->terms[i]), c); if (sign == 1) poly->terms[i].sign = 1; } poly->used = ctx->N; - //pb_clamp(poly); + pb_clamp(poly); return poly; } + From 66da54b3a3c1eeb6d23c430f5fa8b2c28284b0cd Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 18:47:39 +0200 Subject: [PATCH 06/58] BUILD: ignore -Wunused-parameter Can happen in callback functions and so forth. --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index 95b5320..4632fcc 100644 --- a/src/Makefile +++ b/src/Makefile @@ -4,7 +4,7 @@ PKG_CONFIG ?= pkg-config # flags CFLAGS ?= -march=native -O2 -pipe -CFLAGS += -std=c99 -pedantic -Wall -Wextra -Werror -Wno-unused-variable +CFLAGS += -std=c99 -pedantic -Wall -Wextra -Werror -Wno-unused-variable -Wno-unused-parameter ifeq ($(shell $(CC) -v 2>&1 | grep 'gcc version' &>/dev/null && echo 1),1) CFLAGS += -Wno-unused-but-set-variable endif From be28e18cfbdfbe39a4845dd44582f1aac78cfa99 Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 18:47:58 +0200 Subject: [PATCH 07/58] DOC: fix typo --- src/poly.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/poly.c b/src/poly.c index 8625a13..18ca829 100644 --- a/src/poly.c +++ b/src/poly.c @@ -58,7 +58,7 @@ void init_polynom(pb_poly *new_poly, mp_int *chara) } /** - * Initialize a Polynom with a pb_poly adn a mp_int as characteristic + * Initialize a Polynom with a pb_poly and an mp_int as characteristic * with size. Checks if everything went fine. The caller must free * new_poly with pb_clear(). * From fc4ee3b70b02e71c2a6644858031d875c7dddd3c Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 18:49:17 +0200 Subject: [PATCH 08/58] POLY: add build_polynom() method We can build a polynom via an array of integers or just an empty one, so that it is initialized and properly allocated. --- src/poly.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/poly.h | 6 ++++++ 2 files changed, 57 insertions(+) diff --git a/src/poly.c b/src/poly.c index 18ca829..d6efb4c 100644 --- a/src/poly.c +++ b/src/poly.c @@ -19,8 +19,10 @@ * MA 02110-1301 USA */ +#include "context.h" #include "err.h" +#include #include #include #include @@ -75,6 +77,55 @@ void init_polynom_size(pb_poly *new_poly, mp_int *chara, size_t size) } } +/** + * Initializes and builds a polynomial with the + * coefficient values of c[] of size len within NTRU + * context ctx and returns a newly allocated polynomial + * pointer. + * + * @param c array of polynomial coefficients, can be NULL + * @param len size of the coefficient array, can be 0 + * @param ctx NTRU context + * @return newly allocated polynomial pointer, must be freed + * with delete_polynom() + */ +pb_poly *build_polynom(int const * const c, + const size_t len, + ntru_context *ctx) +{ + pb_poly *new_poly; + mp_int chara; + + new_poly = malloc(sizeof(*new_poly)); + init_integer(&chara); + init_polynom_size(new_poly, &chara, len); + mp_clear(&chara); + + /* fill the polynom if c is not NULL */ + if (c) { + for (unsigned int i = 0; i < len; i++) { + bool sign = false; + unsigned long unsigned_c; + + if (c[i] < 0) { + unsigned_c = 0 - c[i]; + sign = true; + } else { + unsigned_c = c[i]; + } + + mp_set_int(&(new_poly->terms[i]), unsigned_c); + + if (sign == true) + new_poly->terms[i].sign = 1; + } + new_poly->used = len; + pb_clamp(new_poly); + } + + return new_poly; +} + /** * This deletes the internal structure of a polynomial, * and frees the pointer. Don't call this on stack variables, diff --git a/src/poly.h b/src/poly.h index 7b534ba..37cf639 100644 --- a/src/poly.h +++ b/src/poly.h @@ -23,6 +23,8 @@ #ifndef NTRU_POLY_H #define NTRU_POLY_H +#include "context.h" + #include #include @@ -33,6 +35,10 @@ void init_polynom(pb_poly *new_poly, mp_int *chara); void init_polynom_size(pb_poly *new_poly, mp_int *chara, size_t size); +pb_poly *build_polynom(int const * const c, + const size_t len, + ntru_context *ctx); + void delete_polynom(pb_poly *new_poly); void draw_polynom(pb_poly * const poly); From f8cac1553f9271e8b28ba2078ce722bea6af698f Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 18:49:33 +0200 Subject: [PATCH 09/58] ALL: set context members to unsigned int --- src/context.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/context.h b/src/context.h index ecc94f1..e0e0883 100644 --- a/src/context.h +++ b/src/context.h @@ -32,15 +32,15 @@ typedef struct { * maximal degree N - 1 for * all polynomials */ - int N; + unsigned int N; /** * large modulus */ - int q; + unsigned int q; /** * small modulus */ - int p; + unsigned int p; } ntru_context; #endif /* NTRU_CONTEXT_H */ From 0d179a0e7d237e9c1be00fa58f8f4216100dcb1a Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 22:50:11 +0200 Subject: [PATCH 10/58] POLY: don't clamp polyonmial in build_polynom() Otherwise we might hit problems when using this as an out-polynom in a arithmetic functions. The caller can clamp it himself, if he needs so. --- src/poly.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/poly.c b/src/poly.c index d6efb4c..01b03ff 100644 --- a/src/poly.c +++ b/src/poly.c @@ -81,7 +81,10 @@ void init_polynom_size(pb_poly *new_poly, mp_int *chara, size_t size) * Initializes and builds a polynomial with the * coefficient values of c[] of size len within NTRU * context ctx and returns a newly allocated polynomial - * pointer. + * pointer which is not clamped. + * + * If you want to fill a polyonmial of length 11 with zeros, + * call build_polynom(NULL, 11, ctx). * * @param c array of polynomial coefficients, can be NULL * @param len size of the coefficient array, can be 0 @@ -119,10 +122,13 @@ pb_poly *build_polynom(int const * const c, if (sign == true) new_poly->terms[i].sign = 1; } - new_poly->used = len; - pb_clamp(new_poly); + } else { /* fill with zeros */ + for (unsigned int i = 0; i < len; i++) + mp_set(&(new_poly->terms[i]), 0); } + new_poly->used = len; + return new_poly; } From 2d2ccfbf3fd3fb7a2bd0df4abf60512a3b0046d8 Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 22:50:42 +0200 Subject: [PATCH 11/58] POLY: first try of pb_starmultiply() --- src/poly.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/poly.h | 6 ++++++ 2 files changed, 60 insertions(+) diff --git a/src/poly.c b/src/poly.c index 01b03ff..2a999dd 100644 --- a/src/poly.c +++ b/src/poly.c @@ -146,6 +146,60 @@ void delete_polynom(pb_poly *poly) free(poly); } +/** + * Starmultiplication, as follows: + * c = a * b mod x^(N − 1) + * + * @param a polynom to multiply + * @param b polynom to multiply + * @param c polynom [out] + * @param ctx NTRU context + * @param modulus whether we use p or q + */ +void pb_starmultiply(pb_poly *a, + pb_poly *b, + pb_poly *c, + ntru_context *ctx, + unsigned int modulus) +{ + for (int k = ctx->N - 1; k >= 0; k--) { + int j; + j = k + 1; + + for (int i = ctx->N - 1; i >= 0; i--) { + if (j == (int)(ctx->N)) + j = 0; + if (mp_cmp_d(&(a->terms[i]), (mp_digit)0) != MP_EQ && + mp_cmp_d(&(b->terms[j]), (mp_digit)0) != MP_EQ) { + int result; + mp_int mp_modulus; + mp_int mp_tmp; + + init_integer(&mp_tmp); + init_integer(&mp_modulus); + mp_set_int(&mp_modulus, (unsigned long)(modulus)); + + if ((result = mp_mul(&(a->terms[i]), + &(b->terms[j]), &mp_tmp)) != MP_OKAY) + NTRU_ABORT("Error multiplying terms. %s", + mp_error_to_string(result)); + if ((result = mp_add(&(c->terms[k]), + &mp_tmp, &(c->terms[k]))) != MP_OKAY) + NTRU_ABORT("Error multiplying terms. %s", + mp_error_to_string(result)); + if ((result = mp_mod(&(c->terms[k]), + &mp_modulus, &(c->terms[k]))) != MP_OKAY) + NTRU_ABORT("Error multiplying terms. %s", + mp_error_to_string(result)); + + mp_clear(&mp_modulus); + mp_clear(&mp_tmp); + } + j++; + } + } +} + /** * Print the polynomial in a human readable format to stdout. * diff --git a/src/poly.h b/src/poly.h index 37cf639..ef9700d 100644 --- a/src/poly.h +++ b/src/poly.h @@ -41,6 +41,12 @@ pb_poly *build_polynom(int const * const c, void delete_polynom(pb_poly *new_poly); +void pb_starmultiply(pb_poly *a, + pb_poly *b, + pb_poly *c, + ntru_context *ctx, + unsigned int modulus); + void draw_polynom(pb_poly * const poly); #endif /* NTRU_POLY_H */ From c4f6ad4504d306d34247de8b946779b3380c0e58 Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 22:54:11 +0200 Subject: [PATCH 12/58] POLY: fix error messages --- src/poly.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/poly.c b/src/poly.c index 2a999dd..16d8fe1 100644 --- a/src/poly.c +++ b/src/poly.c @@ -185,11 +185,11 @@ void pb_starmultiply(pb_poly *a, mp_error_to_string(result)); if ((result = mp_add(&(c->terms[k]), &mp_tmp, &(c->terms[k]))) != MP_OKAY) - NTRU_ABORT("Error multiplying terms. %s", + NTRU_ABORT("Error adding terms. %s", mp_error_to_string(result)); if ((result = mp_mod(&(c->terms[k]), &mp_modulus, &(c->terms[k]))) != MP_OKAY) - NTRU_ABORT("Error multiplying terms. %s", + NTRU_ABORT("Error redrucing term by modulo. %s", mp_error_to_string(result)); mp_clear(&mp_modulus); From 739feea0fea929a11e31ebe6b191a66a43ea572e Mon Sep 17 00:00:00 2001 From: hasufell Date: Tue, 15 Apr 2014 23:11:55 +0200 Subject: [PATCH 13/58] BUILD: fix linker errors when playing in main.c --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index 4632fcc..07299e0 100644 --- a/src/Makefile +++ b/src/Makefile @@ -80,7 +80,7 @@ libpqc.so: libpqc.a $(PQC_HEADERS) $(LIBTOMMATH) $(LIBTOMPOLY) main: main.o libpqc.a $(LIBTOMMATH) $(LIBTOMPOLY) $(CC) $(CFLAGS) -o $@ $(LDFLAGS) \ - main.o libpqc.a $(LIBTOMMATH) $(LIBTOMPOLY) $(LIBS) + main.o $(LIBTOMPOLY) libpqc.a $(LIBTOMMATH) $(LIBS) install: $(INSTALL_DIR) "$(DESTDIR)$(INSTALL_BINDIR)" From 3e6345cd479ec2277ccee49e38fb382dd376565f Mon Sep 17 00:00:00 2001 From: hasufell Date: Wed, 16 Apr 2014 23:17:48 +0200 Subject: [PATCH 14/58] POLY: fix typo --- src/poly.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/poly.c b/src/poly.c index 16d8fe1..ac7d4d4 100644 --- a/src/poly.c +++ b/src/poly.c @@ -189,7 +189,7 @@ void pb_starmultiply(pb_poly *a, mp_error_to_string(result)); if ((result = mp_mod(&(c->terms[k]), &mp_modulus, &(c->terms[k]))) != MP_OKAY) - NTRU_ABORT("Error redrucing term by modulo. %s", + NTRU_ABORT("Error reducing term by modulo. %s", mp_error_to_string(result)); mp_clear(&mp_modulus); From 3184e9093fe19355a2abf1e53762ee5e9bdc35b2 Mon Sep 17 00:00:00 2001 From: hasufell Date: Wed, 16 Apr 2014 23:18:38 +0200 Subject: [PATCH 15/58] POLY: rm unnecessary cast --- src/poly.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/poly.c b/src/poly.c index ac7d4d4..56ad436 100644 --- a/src/poly.c +++ b/src/poly.c @@ -169,8 +169,8 @@ void pb_starmultiply(pb_poly *a, for (int i = ctx->N - 1; i >= 0; i--) { if (j == (int)(ctx->N)) j = 0; - if (mp_cmp_d(&(a->terms[i]), (mp_digit)0) != MP_EQ && - mp_cmp_d(&(b->terms[j]), (mp_digit)0) != MP_EQ) { + if (mp_cmp_d(&(a->terms[i]), 0) != MP_EQ && + mp_cmp_d(&(b->terms[j]), 0) != MP_EQ) { int result; mp_int mp_modulus; mp_int mp_tmp; From 85ba70a9c598fee379720274c5ed430bdf8bce39 Mon Sep 17 00:00:00 2001 From: hasufell Date: Wed, 16 Apr 2014 23:23:41 +0200 Subject: [PATCH 16/58] POLY: first try of inverting polynomials --- src/poly.c | 134 +++++++++++++++++++++++++++++++++++++++++++++++++++++ src/poly.h | 10 ++++ 2 files changed, 144 insertions(+) diff --git a/src/poly.c b/src/poly.c index 56ad436..b1d98ec 100644 --- a/src/poly.c +++ b/src/poly.c @@ -21,11 +21,13 @@ #include "context.h" #include "err.h" +#include "poly.h" #include #include #include #include +#include /** * Initialize a mp_int and check if this was successful, the @@ -201,6 +203,138 @@ void pb_starmultiply(pb_poly *a, } /** + * c = a XOR b + * + * @param a polynom (is allowed to be the same as param c) + * @param b polynom + * @param c polynom [out] + * @param len max size of the polynoms, make sure all are + * properly allocated + */ +void pb_xor(pb_poly *a, + pb_poly *b, + pb_poly *c, + const size_t len) +{ + for (unsigned int i = 0; i < len; i++) + mp_xor(&(a->terms[i]), &(b->terms[i]), &(c->terms[i])); +} + +/** + * Invert the polynomial a modulo q. + * + * @param a polynomial to invert (is allowed to be the same as param Fq) + * @param Fq polynomial [out] + * @param ctx NTRU context + * @return true/false for success/failure + */ +bool pb_inverse_poly_q(pb_poly * const a, + pb_poly *Fq, + ntru_context *ctx) +{ + int k = 0, + j = 0, + v = 2; + int zero_poly_val = 1; + pb_poly *a_tmp, *b, *c, *f, *g, *degree_zero_poly; + + degree_zero_poly = build_polynom(&zero_poly_val, 1, ctx); + b = build_polynom(NULL, ctx->N, ctx); + mp_set(&(b->terms[0]), 1); + c = build_polynom(NULL, ctx->N, ctx); + f = build_polynom(NULL, ctx->N, ctx); + pb_copy(a, f); + a_tmp = build_polynom(NULL, ctx->N, ctx); + pb_copy(a, a_tmp); + g = build_polynom(NULL, ctx->N, ctx); + mp_set(&(g->terms[0]), 1); + g->terms[0].sign = 1; + mp_set(&(g->terms[ctx->N]), 1); + + while (1) { + while (mp_cmp_d(&(f->terms[0]), 0) == MP_EQ) { + for (unsigned int i = 1; i <= ctx->N; i++) { + mp_copy(&(f->terms[i]), &(f->terms[i - 1])); + mp_copy(&(c->terms[ctx->N - i]), &(c->terms[ctx->N + 1 - i])); + } + mp_set(&(f->terms[ctx->N]), 0); + mp_set(&(c->terms[0]), 0); + k++; + } + + /* hope this does not blow up in our face */ + pb_clamp(degree_zero_poly); + pb_clamp(f); + if (pb_cmp(f, degree_zero_poly) == PB_DEG_EQ) + goto OUT_OF_LOOP; + + pb_clamp(g); + if (pb_cmp(f, g) == PB_DEG_LT) { + pb_exch(f, g); + pb_exch(b, c); + } + + /* draw_polynom(f); */ + /* draw_polynom(b); */ + pb_xor(f, g, f, ctx->N); + pb_xor(b, c, b, ctx->N); + /* draw_polynom(f); */ + /* draw_polynom(b); */ + } + +OUT_OF_LOOP: + k = k % ctx->N; + + for (int i = ctx->N - 1; i >= 0; i--) { + j = i - k; + if (j < 0) + j = j + ctx->N; + mp_copy(&(b->terms[i]), &(Fq->terms[j])); + } + draw_polynom(Fq); + + while (v < (int)(ctx->q)) { + pb_poly *pb_tmp, + *pb_tmp_v, + *pb_tmp2; + pb_tmp = build_polynom(NULL, ctx->N, ctx); + v = v * 2; + pb_tmp_v = build_polynom(NULL, ctx->N, ctx); + mp_set_int(&(pb_tmp_v->terms[0]), v); + pb_tmp2 = build_polynom(NULL, ctx->N, ctx); + mp_set_int(&(pb_tmp2->terms[0]), 2); + + /* hope this does not blow up in our face */ + pb_starmultiply(a_tmp, Fq, pb_tmp, ctx, v); + pb_sub(pb_tmp2, pb_tmp, pb_tmp); + pb_mod(pb_tmp, pb_tmp_v, pb_tmp); + pb_starmultiply(Fq, pb_tmp, Fq, ctx, v); + + delete_polynom(pb_tmp); + delete_polynom(pb_tmp_v); + delete_polynom(pb_tmp2); + } + + for (int i = ctx->N - 1; i >= 0; i--) + if (mp_cmp_d(&(Fq->terms[i]), 0) == MP_LT) { + mp_int mp_tmp; + init_integer(&mp_tmp); + mp_set_int(&mp_tmp, ctx->q); + mp_add(&(Fq->terms[i]), &mp_tmp, &(Fq->terms[i])); + mp_clear(&mp_tmp); + } + + delete_polynom(a_tmp); + delete_polynom(b); + delete_polynom(c); + delete_polynom(f); + delete_polynom(g); + delete_polynom(degree_zero_poly); + + /* TODO: check if the f * Fq = 1 (mod p) condition holds true */ + + return true; +} * Print the polynomial in a human readable format to stdout. * * @param poly to draw diff --git a/src/poly.h b/src/poly.h index ef9700d..cdef091 100644 --- a/src/poly.h +++ b/src/poly.h @@ -27,6 +27,7 @@ #include #include +#include void init_integer(mp_int *new_int); @@ -47,6 +48,15 @@ void pb_starmultiply(pb_poly *a, ntru_context *ctx, unsigned int modulus); +void pb_xor(pb_poly *a, + pb_poly *b, + pb_poly *c, + const size_t len); + +bool pb_inverse_poly_q(pb_poly *a, + pb_poly *Fq, + ntru_context *ctx); + void draw_polynom(pb_poly * const poly); #endif /* NTRU_POLY_H */ From 5c85862d1211317216e662c3e98519873664d17f Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 02:09:49 +0200 Subject: [PATCH 17/58] POLY: improve error handling Use MP_ADD, MP_MUL, PB_ADD, PB_MUL etc instead of the mp_add,... functions to make use of error handling. --- src/poly.c | 41 ++++++++++---------------- src/poly.h | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 25 deletions(-) diff --git a/src/poly.c b/src/poly.c index b1d98ec..03668e5 100644 --- a/src/poly.c +++ b/src/poly.c @@ -181,18 +181,9 @@ void pb_starmultiply(pb_poly *a, init_integer(&mp_modulus); mp_set_int(&mp_modulus, (unsigned long)(modulus)); - if ((result = mp_mul(&(a->terms[i]), - &(b->terms[j]), &mp_tmp)) != MP_OKAY) - NTRU_ABORT("Error multiplying terms. %s", - mp_error_to_string(result)); - if ((result = mp_add(&(c->terms[k]), - &mp_tmp, &(c->terms[k]))) != MP_OKAY) - NTRU_ABORT("Error adding terms. %s", - mp_error_to_string(result)); - if ((result = mp_mod(&(c->terms[k]), - &mp_modulus, &(c->terms[k]))) != MP_OKAY) - NTRU_ABORT("Error reducing term by modulo. %s", - mp_error_to_string(result)); + MP_MUL(&(a->terms[i]), &(b->terms[j]), &mp_tmp); + MP_ADD(&(c->terms[k]), &mp_tmp, &(c->terms[k])); + MP_MOD(&(c->terms[k]), &mp_modulus, &(c->terms[k])); mp_clear(&mp_modulus); mp_clear(&mp_tmp); @@ -217,7 +208,7 @@ void pb_xor(pb_poly *a, const size_t len) { for (unsigned int i = 0; i < len; i++) - mp_xor(&(a->terms[i]), &(b->terms[i]), &(c->terms[i])); + MP_XOR(&(a->terms[i]), &(b->terms[i]), &(c->terms[i])); } /** @@ -243,9 +234,9 @@ bool pb_inverse_poly_q(pb_poly * const a, mp_set(&(b->terms[0]), 1); c = build_polynom(NULL, ctx->N, ctx); f = build_polynom(NULL, ctx->N, ctx); - pb_copy(a, f); + PB_COPY(a, f); a_tmp = build_polynom(NULL, ctx->N, ctx); - pb_copy(a, a_tmp); + PB_COPY(a, a_tmp); g = build_polynom(NULL, ctx->N, ctx); mp_set(&(g->terms[0]), 1); g->terms[0].sign = 1; @@ -254,8 +245,8 @@ bool pb_inverse_poly_q(pb_poly * const a, while (1) { while (mp_cmp_d(&(f->terms[0]), 0) == MP_EQ) { for (unsigned int i = 1; i <= ctx->N; i++) { - mp_copy(&(f->terms[i]), &(f->terms[i - 1])); - mp_copy(&(c->terms[ctx->N - i]), &(c->terms[ctx->N + 1 - i])); + MP_COPY(&(f->terms[i]), &(f->terms[i - 1])); + MP_COPY(&(c->terms[ctx->N - i]), &(c->terms[ctx->N + 1 - i])); } mp_set(&(f->terms[ctx->N]), 0); mp_set(&(c->terms[0]), 0); @@ -289,29 +280,29 @@ OUT_OF_LOOP: j = i - k; if (j < 0) j = j + ctx->N; - mp_copy(&(b->terms[i]), &(Fq->terms[j])); + MP_COPY(&(b->terms[i]), &(Fq->terms[j])); } draw_polynom(Fq); while (v < (int)(ctx->q)) { pb_poly *pb_tmp, - *pb_tmp_v, *pb_tmp2; + mp_int tmp_v; pb_tmp = build_polynom(NULL, ctx->N, ctx); v = v * 2; - pb_tmp_v = build_polynom(NULL, ctx->N, ctx); - mp_set_int(&(pb_tmp_v->terms[0]), v); + init_integer(&tmp_v); + mp_set_int(&tmp_v, v); pb_tmp2 = build_polynom(NULL, ctx->N, ctx); mp_set_int(&(pb_tmp2->terms[0]), 2); /* hope this does not blow up in our face */ pb_starmultiply(a_tmp, Fq, pb_tmp, ctx, v); - pb_sub(pb_tmp2, pb_tmp, pb_tmp); - pb_mod(pb_tmp, pb_tmp_v, pb_tmp); + PB_SUB(pb_tmp2, pb_tmp, pb_tmp); + PB_MOD(pb_tmp, &tmp_v, pb_tmp, ctx); pb_starmultiply(Fq, pb_tmp, Fq, ctx, v); + mp_clear(&tmp_v); delete_polynom(pb_tmp); - delete_polynom(pb_tmp_v); delete_polynom(pb_tmp2); } @@ -320,7 +311,7 @@ OUT_OF_LOOP: mp_int mp_tmp; init_integer(&mp_tmp); mp_set_int(&mp_tmp, ctx->q); - mp_add(&(Fq->terms[i]), &mp_tmp, &(Fq->terms[i])); + MP_ADD(&(Fq->terms[i]), &mp_tmp, &(Fq->terms[i])); mp_clear(&mp_tmp); } diff --git a/src/poly.h b/src/poly.h index cdef091..c3edab1 100644 --- a/src/poly.h +++ b/src/poly.h @@ -24,11 +24,97 @@ #define NTRU_POLY_H #include "context.h" +#include "err.h" #include #include #include +#define MP_MUL(...) \ +{ \ + int result; \ + if ((result = mp_mul(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error multiplying terms. %s", \ + mp_error_to_string(result)); \ +} + +#define MP_ADD(...) \ +{ \ + int result; \ + if ((result = mp_add(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error adding terms. %s", \ + mp_error_to_string(result)); \ +} + +#define MP_SUB(...) \ +{ \ + int result; \ + if ((result = mp_sub(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error substracting terms. %s", \ + mp_error_to_string(result)); \ +} + +#define MP_MOD(...) \ +{ \ + int result; \ + if ((result = mp_mod(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error reducing term by modulo. %s", \ + mp_error_to_string(result)); \ +} + +#define MP_COPY(...) \ +{ \ + int result; \ + if ((result = mp_copy(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error copying terms. %s", \ + mp_error_to_string(result)); \ +} + +#define MP_XOR(...) \ +{ \ + int result; \ + if ((result = mp_xor(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error XORing terms. %s", \ + mp_error_to_string(result)); \ +} + +#define PB_MUL(...) \ +{ \ + int result; \ + if ((result = pb_mul(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error multiplying polynomials. %s", \ + mp_error_to_string(result)); \ +} + +#define PB_ADD(...) \ +{ \ + int result; \ + if ((result = pb_add(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error adding polynomials. %s", \ + mp_error_to_string(result)); \ +} + +#define PB_SUB(...) \ +{ \ + int result; \ + if ((result = pb_sub(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error substracting polynomials. %s", \ + mp_error_to_string(result)); \ +} + +#define PB_MOD(poly_a, mp_int, poly_out, context) \ +{ \ + for (unsigned int i = 0; i < context->N; i++) \ + MP_MOD(&(poly_a->terms[i]), mp_int, &(poly_out->terms[i])); \ +} + +#define PB_COPY(...) \ +{ \ + int result; \ + if ((result = pb_copy(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error copying polynomial. %s", \ + mp_error_to_string(result)); \ +} void init_integer(mp_int *new_int); From f8b164927996b9af0038c4f883775e33e1d232dc Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 17:33:05 +0200 Subject: [PATCH 18/58] POLY: use mp_neg() instead of directly modifying struct --- src/poly.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/poly.c b/src/poly.c index 03668e5..a1894a0 100644 --- a/src/poly.c +++ b/src/poly.c @@ -122,7 +122,7 @@ pb_poly *build_polynom(int const * const c, mp_set_int(&(new_poly->terms[i]), unsigned_c); if (sign == true) - new_poly->terms[i].sign = 1; + mp_neg(&(new_poly->terms[i]), &(new_poly->terms[i])); } } else { /* fill with zeros */ for (unsigned int i = 0; i < len; i++) @@ -239,7 +239,7 @@ bool pb_inverse_poly_q(pb_poly * const a, PB_COPY(a, a_tmp); g = build_polynom(NULL, ctx->N, ctx); mp_set(&(g->terms[0]), 1); - g->terms[0].sign = 1; + mp_neg(&(g->terms[0]), &(g->terms[0])); mp_set(&(g->terms[ctx->N]), 1); while (1) { From ed1fb0f0a9aaa1030c68090680b638fc50caa964 Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 17:34:48 +0200 Subject: [PATCH 19/58] POLY: add erase_polynom() function --- src/poly.c | 14 ++++++++++++++ src/poly.h | 2 ++ 2 files changed, 16 insertions(+) diff --git a/src/poly.c b/src/poly.c index a1894a0..7d5934c 100644 --- a/src/poly.c +++ b/src/poly.c @@ -134,6 +134,20 @@ pb_poly *build_polynom(int const * const c, return new_poly; } +/** + * Sets all the polynomial coefficients to +0. + * + * @param poly the polynomial + * @param len the length of the polynomial + */ +void erase_polynom(pb_poly *poly, size_t len) +{ + for (unsigned int i = 0; i < len ; i++) { + mp_set(&(poly->terms[i]), 0); + mp_abs(&(poly->terms[i]), &(poly->terms[i])); + } +} + /** * This deletes the internal structure of a polynomial, * and frees the pointer. Don't call this on stack variables, diff --git a/src/poly.h b/src/poly.h index c3edab1..3f95e37 100644 --- a/src/poly.h +++ b/src/poly.h @@ -126,6 +126,8 @@ pb_poly *build_polynom(int const * const c, const size_t len, ntru_context *ctx); +void erase_polynom(pb_poly *poly, size_t len); + void delete_polynom(pb_poly *new_poly); void pb_starmultiply(pb_poly *a, From 01785678f0b3b0103a0f674385c40e9d53f41c15 Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 17:35:20 +0200 Subject: [PATCH 20/58] DOC: fix doxygen comment in delete_polynom() --- src/poly.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/poly.c b/src/poly.c index 7d5934c..6131d7a 100644 --- a/src/poly.c +++ b/src/poly.c @@ -164,9 +164,9 @@ void delete_polynom(pb_poly *poly) /** * Starmultiplication, as follows: - * c = a * b mod x^(N − 1) + * c = a * b mod (x^N − 1) * - * @param a polynom to multiply + * @param a polynom to multiply (can be the same as c) * @param b polynom to multiply * @param c polynom [out] * @param ctx NTRU context From 6990193dcdc6f45f759535d3ef337b34d8f16b63 Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 17:36:57 +0200 Subject: [PATCH 21/58] POLY: cleanup pb_starmultiply() * avoid side effects * use MP_DIV instead of MP_MOD * move mp_modulus initialization to outer scope --- src/poly.c | 24 ++++++++++++++++-------- src/poly.h | 8 ++++++++ 2 files changed, 24 insertions(+), 8 deletions(-) diff --git a/src/poly.c b/src/poly.c index 6131d7a..7bf5eb2 100644 --- a/src/poly.c +++ b/src/poly.c @@ -178,6 +178,17 @@ void pb_starmultiply(pb_poly *a, ntru_context *ctx, unsigned int modulus) { + pb_poly *a_tmp; + mp_int mp_modulus; + + init_integer(&mp_modulus); + mp_set_int(&mp_modulus, (unsigned long)(modulus)); + + /* avoid side effects */ + a_tmp = build_polynom(NULL, ctx->N, ctx); + PB_COPY(a, a_tmp); + erase_polynom(c, ctx->N); + for (int k = ctx->N - 1; k >= 0; k--) { int j; j = k + 1; @@ -185,26 +196,23 @@ void pb_starmultiply(pb_poly *a, for (int i = ctx->N - 1; i >= 0; i--) { if (j == (int)(ctx->N)) j = 0; - if (mp_cmp_d(&(a->terms[i]), 0) != MP_EQ && + if (mp_cmp_d(&(a_tmp->terms[i]), 0) != MP_EQ && mp_cmp_d(&(b->terms[j]), 0) != MP_EQ) { - int result; - mp_int mp_modulus; mp_int mp_tmp; init_integer(&mp_tmp); - init_integer(&mp_modulus); - mp_set_int(&mp_modulus, (unsigned long)(modulus)); - MP_MUL(&(a->terms[i]), &(b->terms[j]), &mp_tmp); + MP_MUL(&(a_tmp->terms[i]), &(b->terms[j]), &mp_tmp); MP_ADD(&(c->terms[k]), &mp_tmp, &(c->terms[k])); - MP_MOD(&(c->terms[k]), &mp_modulus, &(c->terms[k])); + MP_DIV(&(c->terms[k]), &mp_modulus, NULL, &(c->terms[k])); - mp_clear(&mp_modulus); mp_clear(&mp_tmp); } j++; } } + mp_clear(&mp_modulus); + delete_polynom(a_tmp); } /** diff --git a/src/poly.h b/src/poly.h index 3f95e37..9eb7a40 100644 --- a/src/poly.h +++ b/src/poly.h @@ -38,6 +38,14 @@ mp_error_to_string(result)); \ } +#define MP_DIV(...) \ +{ \ + int result; \ + if ((result = mp_div(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error dividing terms. %s", \ + mp_error_to_string(result)); \ +} + #define MP_ADD(...) \ { \ int result; \ From 85c48647f57203f14a3e74553eaf1f21910ef24e Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 17:37:30 +0200 Subject: [PATCH 22/58] POLY: cleanup pb_inverse_poly_q() Also avoid side effects. --- src/poly.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/src/poly.c b/src/poly.c index 7bf5eb2..d78b379 100644 --- a/src/poly.c +++ b/src/poly.c @@ -257,13 +257,16 @@ bool pb_inverse_poly_q(pb_poly * const a, c = build_polynom(NULL, ctx->N, ctx); f = build_polynom(NULL, ctx->N, ctx); PB_COPY(a, f); - a_tmp = build_polynom(NULL, ctx->N, ctx); - PB_COPY(a, a_tmp); g = build_polynom(NULL, ctx->N, ctx); mp_set(&(g->terms[0]), 1); mp_neg(&(g->terms[0]), &(g->terms[0])); mp_set(&(g->terms[ctx->N]), 1); + /* avoid side effects */ + a_tmp = build_polynom(NULL, ctx->N, ctx); + PB_COPY(a, a_tmp); + erase_polynom(Fq, ctx->N); + while (1) { while (mp_cmp_d(&(f->terms[0]), 0) == MP_EQ) { for (unsigned int i = 1; i <= ctx->N; i++) { @@ -287,12 +290,8 @@ bool pb_inverse_poly_q(pb_poly * const a, pb_exch(b, c); } - /* draw_polynom(f); */ - /* draw_polynom(b); */ pb_xor(f, g, f, ctx->N); pb_xor(b, c, b, ctx->N); - /* draw_polynom(f); */ - /* draw_polynom(b); */ } OUT_OF_LOOP: @@ -304,7 +303,6 @@ OUT_OF_LOOP: j = j + ctx->N; MP_COPY(&(b->terms[i]), &(Fq->terms[j])); } - draw_polynom(Fq); while (v < (int)(ctx->q)) { pb_poly *pb_tmp, From f98be67dd30c992f3723d3e3e76700027ed83e13 Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 17:37:44 +0200 Subject: [PATCH 23/58] BUILD: fix possible linker errors --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index 07299e0..9d0df37 100644 --- a/src/Makefile +++ b/src/Makefile @@ -80,7 +80,7 @@ libpqc.so: libpqc.a $(PQC_HEADERS) $(LIBTOMMATH) $(LIBTOMPOLY) main: main.o libpqc.a $(LIBTOMMATH) $(LIBTOMPOLY) $(CC) $(CFLAGS) -o $@ $(LDFLAGS) \ - main.o $(LIBTOMPOLY) libpqc.a $(LIBTOMMATH) $(LIBS) + main.o $(LIBTOMPOLY) libpqc.a $(LIBTOMPOLY) $(LIBTOMMATH) $(LIBS) install: $(INSTALL_DIR) "$(DESTDIR)$(INSTALL_BINDIR)" From 99ebda181a3f7c2d8cd688886ca06cda722276f5 Mon Sep 17 00:00:00 2001 From: hasufell Date: Thu, 17 Apr 2014 23:43:29 +0200 Subject: [PATCH 24/58] POLY: fix pb_inverse_poly_q() Should be correct now. Had to add get_degree(), because pb_clamp() in conjunction with pb_cmp() does not give expected results, see https://github.com/libtom/libtompoly/issues/3 ...so don't use it. --- src/poly.c | 48 ++++++++++++++++++++++++++++++++---------------- src/poly.h | 6 +++--- 2 files changed, 35 insertions(+), 19 deletions(-) diff --git a/src/poly.c b/src/poly.c index d78b379..e4c1d43 100644 --- a/src/poly.c +++ b/src/poly.c @@ -29,6 +29,13 @@ #include #include + +/* + * static declarations + */ +static unsigned int get_degree(pb_poly const * const poly); + + /** * Initialize a mp_int and check if this was successful, the * caller must free new_int with mp_clear(). @@ -233,6 +240,23 @@ void pb_xor(pb_poly *a, MP_XOR(&(a->terms[i]), &(b->terms[i]), &(c->terms[i])); } +/** + * Get the degree of the polynomial. + * + * @param poly the polynomial + * @return the degree + */ +static unsigned int get_degree(pb_poly const * const poly) +{ + unsigned int count = 0; + + for (int i = 0; i < poly->alloc; i++) + if (mp_iszero(&(poly->terms[i])) == MP_NO) + count = i; + + return count; +} + /** * Invert the polynomial a modulo q. * @@ -248,20 +272,17 @@ bool pb_inverse_poly_q(pb_poly * const a, int k = 0, j = 0, v = 2; - int zero_poly_val = 1; - pb_poly *a_tmp, *b, *c, *f, *g, *degree_zero_poly; + pb_poly *a_tmp, *b, *c, *f, *g; - degree_zero_poly = build_polynom(&zero_poly_val, 1, ctx); - b = build_polynom(NULL, ctx->N, ctx); + b = build_polynom(NULL, ctx->N + 1, ctx); mp_set(&(b->terms[0]), 1); - c = build_polynom(NULL, ctx->N, ctx); - f = build_polynom(NULL, ctx->N, ctx); + c = build_polynom(NULL, ctx->N + 1, ctx); + f = build_polynom(NULL, ctx->N + 1, ctx); PB_COPY(a, f); - g = build_polynom(NULL, ctx->N, ctx); + g = build_polynom(NULL, ctx->N + 1, ctx); mp_set(&(g->terms[0]), 1); mp_neg(&(g->terms[0]), &(g->terms[0])); mp_set(&(g->terms[ctx->N]), 1); - /* avoid side effects */ a_tmp = build_polynom(NULL, ctx->N, ctx); PB_COPY(a, a_tmp); @@ -278,14 +299,10 @@ bool pb_inverse_poly_q(pb_poly * const a, k++; } - /* hope this does not blow up in our face */ - pb_clamp(degree_zero_poly); - pb_clamp(f); - if (pb_cmp(f, degree_zero_poly) == PB_DEG_EQ) + if (get_degree(f) == 0) goto OUT_OF_LOOP; - pb_clamp(g); - if (pb_cmp(f, g) == PB_DEG_LT) { + if (get_degree(f) < get_degree(g)) { pb_exch(f, g); pb_exch(b, c); } @@ -318,7 +335,7 @@ OUT_OF_LOOP: /* hope this does not blow up in our face */ pb_starmultiply(a_tmp, Fq, pb_tmp, ctx, v); PB_SUB(pb_tmp2, pb_tmp, pb_tmp); - PB_MOD(pb_tmp, &tmp_v, pb_tmp, ctx); + PB_MOD(pb_tmp, &tmp_v, pb_tmp, ctx->N); pb_starmultiply(Fq, pb_tmp, Fq, ctx, v); mp_clear(&tmp_v); @@ -340,7 +357,6 @@ OUT_OF_LOOP: delete_polynom(c); delete_polynom(f); delete_polynom(g); - delete_polynom(degree_zero_poly); /* TODO: check if the f * Fq = 1 (mod p) condition holds true */ diff --git a/src/poly.h b/src/poly.h index 9eb7a40..f60ab26 100644 --- a/src/poly.h +++ b/src/poly.h @@ -110,10 +110,10 @@ mp_error_to_string(result)); \ } -#define PB_MOD(poly_a, mp_int, poly_out, context) \ +#define PB_MOD(poly_a, mp_int, poly_out, len) \ { \ - for (unsigned int i = 0; i < context->N; i++) \ - MP_MOD(&(poly_a->terms[i]), mp_int, &(poly_out->terms[i])); \ + for (unsigned int i = 0; i < len; i++) \ + MP_DIV(&(poly_a->terms[i]), mp_int, NULL, &(poly_out->terms[i])); \ } #define PB_COPY(...) \ From 90a01a03eca9bc01b79f220c2595bcb0e797ddf9 Mon Sep 17 00:00:00 2001 From: Malte Date: Sun, 20 Apr 2014 16:42:33 +0200 Subject: [PATCH 25/58] rand: getting small and big polynoms is working pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx) pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) are written but the testing isen working and i think it is a bad idea to not use function poniters at the moment we have about 4 functions that do all the same thing and differ only in the subfunction call. But at the moment i cat decide of we shold use function pinter RAND: merged conflict --- src/poly.c | 2 +- src/rand.c | 28 +++++++++++++++++----------- src/rand.h | 14 +++++++++++++- 3 files changed, 31 insertions(+), 13 deletions(-) diff --git a/src/poly.c b/src/poly.c index e4c1d43..8e84534 100644 --- a/src/poly.c +++ b/src/poly.c @@ -362,7 +362,7 @@ OUT_OF_LOOP: return true; } - * Print the polynomial in a human readable format to stdout. + /* Print the polynomial in a human readable format to stdout. * * @param poly to draw */ diff --git a/src/rand.c b/src/rand.c index f535c54..f75ac87 100644 --- a/src/rand.c +++ b/src/rand.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #include #include @@ -36,12 +37,14 @@ /* * static declarations */ -static unsigned long get_urnd_int_small(int *sign); +static mp_digit get_urnd_int_small(int *sign); +static mp_digit get_rnd_int_small(int *sign); /** - * Gets randomly a small integer + * Gets a random small integer * from the set {-1, 0, 1} using /dev/random. * A zero is signed positiv. + * *sig == 1 means positiv integer. * * @param sign stores the signness [out] * @return random small integer @@ -58,7 +61,7 @@ static mp_digit get_rnd_int_small(int *sign) ((char*) &random_int) + randomDataLen, (sizeof(random_int)) - randomDataLen); if (result < 0) { - NTRU_ABORT("Unable to read /dev/random"); + NTRU_ABORT("Unable to read /dev/random.\n"); } randomDataLen += result; } @@ -93,7 +96,7 @@ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) init_polynom_size(poly, &chara, ctx->N); mp_clear(&chara); - for (int i = 0; i < ctx->N; i++) { + for (unsigned int i = 0; i < ctx->N; i++) { int sign; int c = get_rnd_int_small(&sign); @@ -109,13 +112,15 @@ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) } /** - * Gets randomly a small integer + * Gets a random small integer * from the set {-1, 0, 1} using /dev/urandom. + * A zero is signed positiv. + * *sig == 1 means positiv integer. * * @param sign stores the signness [out] * @return random small integer */ -static unsigned long get_urnd_int_small(int *sign) +static mp_digit get_urnd_int_small(int *sign) { int random_data; mp_digit random_int; @@ -123,13 +128,14 @@ static unsigned long get_urnd_int_small(int *sign) random_data = open("/dev/urandom", O_RDONLY); if ((result = read(random_data, &random_int, sizeof(random_int))) < 0) - NTRU_ABORT("Unable to read /dev/urandom"); + NTRU_ABORT("Unable to read /dev/urandom.\n"); close(random_data); - if ((random_int % 2) == 0) { - random_int = 0; + random_int = random_int % 3; + + if (random_int == 1) { *sign = 0; - } else if (random_int % 3) { + } else if (random_int == 2) { random_int = 1; *sign = 1; } else { @@ -159,7 +165,7 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) int sign; unsigned long c = get_urnd_int_small(&sign); - mp_set_int(&(poly->terms[i]), c); + mp_set(&(poly->terms[i]), (mp_digit) c); if (sign == 1) poly->terms[i].sign = 1; diff --git a/src/rand.h b/src/rand.h index 6db9c7d..475830f 100644 --- a/src/rand.h +++ b/src/rand.h @@ -19,7 +19,6 @@ * MA 02110-1301 USA */ - #ifndef NTRU_RAND_H #define NTRU_RAND_H @@ -27,8 +26,21 @@ #include +/** + * The maximal integer that is given by + * ntru_get_urnd_poly_big and ntru_get_rnd_poly_big + */ +#define BIG_RAND_MAX 100 + +/** + * The minimal integer that is given by + * ntru_get_urnd_poly_big and ntru_get_rnd_poly_big + */ +#define BIG_RAND_MIN -100 pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx); pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx); +pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx); +pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx); #endif /* NTRU_RAND_H */ From 60dbab44f5c8363eb7ac6f11f09d99603a0b5dbf Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 16:45:05 +0200 Subject: [PATCH 26/58] POLY: fix syntax error within comment RAND: merged conflict --- src/poly.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/poly.c b/src/poly.c index 8e84534..6f00be2 100644 --- a/src/poly.c +++ b/src/poly.c @@ -362,7 +362,9 @@ OUT_OF_LOOP: return true; } - /* Print the polynomial in a human readable format to stdout. + +/** + * Print the polynomial in a human readable format to stdout. * * @param poly to draw */ From 21022c9ff8cca9b5c22fc7771dbfde9d4abcb2ab Mon Sep 17 00:00:00 2001 From: Malte Date: Sun, 20 Apr 2014 20:08:42 +0200 Subject: [PATCH 27/58] rand: extractet some double code into new functions this is the first step, in the next one i a going to remove static mp_digit get_urnd_int_small(int *sign); static mp_digit get_rnd_int_small(int *sign); static mp_digit get_urnd_int_big(int *sign); static mp_digit get_rnd_int_big(int *sign); RAND: merged a conflict --- src/rand.c | 215 +++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 183 insertions(+), 32 deletions(-) diff --git a/src/rand.c b/src/rand.c index f75ac87..4fc301c 100644 --- a/src/rand.c +++ b/src/rand.c @@ -39,17 +39,18 @@ */ static mp_digit get_urnd_int_small(int *sign); static mp_digit get_rnd_int_small(int *sign); +static mp_digit get_urnd_int_big(int *sign); +static mp_digit get_rnd_int_big(int *sign); +static mp_digit read_int_dev_random(); +static mp_digit make_small_int(mp_digit random_int, int* sign); +static mp_digit make_big_int(mp_digit random_int, int* sign); /** - * Gets a random small integer - * from the set {-1, 0, 1} using /dev/random. - * A zero is signed positiv. - * *sig == 1 means positiv integer. - * - * @param sign stores the signness [out] - * @return random small integer + * Reads a single mp_digit out of /dev/random and returns this mp_digit + * + * @return the randomly chosen integer */ -static mp_digit get_rnd_int_small(int *sign) +static mp_digit read_int_dev_random() { int random_data; mp_digit random_int; @@ -66,7 +67,19 @@ static mp_digit get_rnd_int_small(int *sign) randomDataLen += result; } close(random_data); + return random_int; +} +/** + * Makes a small integer from the set {-1, 0, 1} + * out of a randomly chosen integer. + * + * @param random_int a randomly chosen mp_digit + * @param sign a integer to store the sign (1==positiv) + * @return random small integer from the set {-1, 0, 1} + */ +static mp_digit make_small_int(mp_digit random_int, int* sign) +{ random_int = random_int % 3; if (random_int == 1) { @@ -77,6 +90,23 @@ static mp_digit get_rnd_int_small(int *sign) } else { *sign = 0; } + + return random_int; +} + +/** + * Gets a random small integer + * from the set {-1, 0, 1} using /dev/random. + * A zero is signed positiv. + * *sig == 1 means positiv integer. + * + * @param sign stores the signness [out] + * @return random small integer + */ +static mp_digit get_rnd_int_small(int *sign) +{ + mp_digit random_int = read_int_dev_random(); + random_int = make_small_int(random_int, sign); return random_int; } @@ -84,7 +114,6 @@ static mp_digit get_rnd_int_small(int *sign) * Gets a random polynomial with coefficients * from the set {-1 ,0 ,1} using /dev/random. * - * * @param ctx the NTRU context * @return newly allocated polynomial, must be freed with delete_polynom() */ @@ -106,11 +135,29 @@ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) poly->terms[i].sign = 1; } poly->used = ctx->N; - //pb_clamp(poly); + pb_clamp(poly); return poly; } +/** + * Reads a single mp_digit out of /dev/urandom and returns this mp_digit + * + * @return the randomly chosen integer + */ +static mp_digit read_int_dev_urandom() +{ + int random_data; + mp_digit random_int; + ssize_t result; + + random_data = open("/dev/urandom", O_RDONLY); + if ((result = read(random_data, &random_int, sizeof(random_int))) < 0) + NTRU_ABORT("Unable to read /dev/urandom.\n"); + close(random_data); + return random_int; +} + /** * Gets a random small integer * from the set {-1, 0, 1} using /dev/urandom. @@ -122,27 +169,8 @@ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) */ static mp_digit get_urnd_int_small(int *sign) { - int random_data; - mp_digit random_int; - ssize_t result; - - random_data = open("/dev/urandom", O_RDONLY); - if ((result = read(random_data, &random_int, sizeof(random_int))) < 0) - NTRU_ABORT("Unable to read /dev/urandom.\n"); - close(random_data); - - random_int = random_int % 3; - - if (random_int == 1) { - *sign = 0; - } else if (random_int == 2) { - random_int = 1; - *sign = 1; - } else { - random_int = 1; - *sign = 0; - } - + mp_digit random_int = read_int_dev_urandom(); + random_int = make_small_int(random_int, sign); return random_int; } @@ -163,7 +191,7 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) for (unsigned int i = 0; i < ctx->N; i++) { int sign; - unsigned long c = get_urnd_int_small(&sign); + int c = get_urnd_int_small(&sign); mp_set(&(poly->terms[i]), (mp_digit) c); @@ -176,3 +204,126 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) return poly; } +/** + * Makes a big integer from the borders of BIG_RAND_MAX + * and BIG_RAND_MIN out of a randomly chosen integer. + * + * @param random_int a randomly chosen mp_digit + * @param sign a integer to store the sign (1==positiv) + * @return random small integer from the set {-1, 0, 1} + */ +static mp_digit make_big_int(mp_digit random_int, int* sign) +{ + random_int = random_int % abs(BIG_RAND_MAX - BIG_RAND_MIN); + + if (random_int < BIG_RAND_MAX) { + *sign = 1; + } else if (random_int > BIG_RAND_MAX) { + *sign = 0; + random_int -= BIG_RAND_MAX; + } else if (random_int == BIG_RAND_MAX) { + random_int = abs(BIG_RAND_MIN); + *sign = 0; + } else { + NTRU_ABORT("Error while parsing big random Integer.\n"); + } + + return random_int; +} + +/** + * Gets a random big integer + * from the borders of BIG_RAND_MAX and + * BIG_RAND_MIN using /dev/random. + * A zero is signed positiv. + * *sig == 1 means positiv integer. + * + * @param sign stores the signness [out] + * @return random small integer + */ +static mp_digit get_rnd_int_big(int *sign) +{ + mp_digit random_int = read_int_dev_random(); + random_int = make_big_int(random_int, sign); + return random_int; +} + +/** + * Gets a random polynomial with coefficients + * from the borders of BIG_RAND_MAX and + * BIG_RAND_MIN using /dev/random. + * + * @param ctx the NTRU context + * @return newly allocated polynomial, must be freed with delete_polynom() + */ +pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) +{ + mp_int chara; + init_integer(&chara); + pb_poly *poly = malloc(sizeof(pb_poly)); + init_polynom_size(poly, &chara, ctx->N); + mp_clear(&chara); + + for (unsigned int i = 0; i < ctx->N; i++) { + int sign; + int c = get_rnd_int_big(&sign); + + mp_set(&(poly->terms[i]), (mp_digit) c); + + if (sign == 1) + poly->terms[i].sign = 1; + } + poly->used = ctx->N; + pb_clamp(poly); + + return poly; +} + +/** + * Gets a random big integer + * from the borders of BIG_RAND_MAX and + * BIG_RAND_MIN using /dev/urandom. + * A zero is signed positiv. + * *sig == 1 means positiv integer. + * + * @param sign stores the signness [out] + * @return random small integer + */ +static mp_digit get_urnd_int_big(int *sign) +{ + mp_digit random_int = read_int_dev_urandom(); + random_int = random_int % abs(BIG_RAND_MAX - BIG_RAND_MIN); + random_int = make_big_int(random_int, sign); + return random_int; +} + +/** + * Gets a random polynomial with coefficients + * from the borders of BIG_RAND_MAX and + * BIG_RAND_MIN using /dev/urandom. + * + * @param ctx the NTRU context + * @return newly allocated polynomial, must be freed with delete_polynom() + */ +pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx) +{ + mp_int chara; + init_integer(&chara); + pb_poly *poly = malloc(sizeof(pb_poly)); + init_polynom_size(poly, &chara, ctx->N); + mp_clear(&chara); + + for (unsigned int i = 0; i < ctx->N; i++) { + int sign; + int c = get_urnd_int_big(&sign); + + mp_set(&(poly->terms[i]), (mp_digit) c); + + if (sign == 1) + poly->terms[i].sign = 1; + } + poly->used = ctx->N; + pb_clamp(poly); + + return poly; +} From 0bdddc12e7d588d88efee515e3cfc5bf4f832117 Mon Sep 17 00:00:00 2001 From: Malte Date: Sun, 20 Apr 2014 20:27:16 +0200 Subject: [PATCH 28/58] rand: Refactoring finished now there are only 4 static functions left: static mp_digit read_int_dev_random(); static mp_digit read_int_dev_urandom(); static mp_digit make_small_int(mp_digit random_int, int* sign); static mp_digit make_big_int(mp_digit random_int, int* sign); Every function is used twice. the next goal to copy free code is to make a single function with function pointer out of these 4: pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx); pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx); pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx); pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx); But this need to be checkt by a other group member --- src/rand.c | 232 +++++++++++++++++++---------------------------------- 1 file changed, 81 insertions(+), 151 deletions(-) diff --git a/src/rand.c b/src/rand.c index 4fc301c..e183b32 100644 --- a/src/rand.c +++ b/src/rand.c @@ -37,11 +37,9 @@ /* * static declarations */ -static mp_digit get_urnd_int_small(int *sign); -static mp_digit get_rnd_int_small(int *sign); -static mp_digit get_urnd_int_big(int *sign); -static mp_digit get_rnd_int_big(int *sign); static mp_digit read_int_dev_random(); +static mp_digit read_int_dev_urandom(); + static mp_digit make_small_int(mp_digit random_int, int* sign); static mp_digit make_big_int(mp_digit random_int, int* sign); @@ -70,9 +68,28 @@ static mp_digit read_int_dev_random() return random_int; } +/** + * Reads a single mp_digit out of /dev/urandom and returns this mp_digit + * + * @return the randomly chosen integer + */ +static mp_digit read_int_dev_urandom() +{ + int random_data; + mp_digit random_int; + ssize_t result; + random_data = open("/dev/urandom", O_RDONLY); + + if ((result = read(random_data, &random_int, sizeof(random_int))) < 0) + NTRU_ABORT("Unable to read /dev/urandom.\n"); + close(random_data); + return random_int; +} + /** * Makes a small integer from the set {-1, 0, 1} * out of a randomly chosen integer. + * A zero is signed positiv. * * @param random_int a randomly chosen mp_digit * @param sign a integer to store the sign (1==positiv) @@ -90,127 +107,16 @@ static mp_digit make_small_int(mp_digit random_int, int* sign) } else { *sign = 0; } - return random_int; } -/** - * Gets a random small integer - * from the set {-1, 0, 1} using /dev/random. - * A zero is signed positiv. - * *sig == 1 means positiv integer. - * - * @param sign stores the signness [out] - * @return random small integer - */ -static mp_digit get_rnd_int_small(int *sign) -{ - mp_digit random_int = read_int_dev_random(); - random_int = make_small_int(random_int, sign); - return random_int; -} - -/** - * Gets a random polynomial with coefficients - * from the set {-1 ,0 ,1} using /dev/random. - * - * @param ctx the NTRU context - * @return newly allocated polynomial, must be freed with delete_polynom() - */ -pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) -{ - mp_int chara; - init_integer(&chara); - pb_poly *poly = malloc(sizeof(pb_poly)); - init_polynom_size(poly, &chara, ctx->N); - mp_clear(&chara); - - for (unsigned int i = 0; i < ctx->N; i++) { - int sign; - int c = get_rnd_int_small(&sign); - - mp_set(&(poly->terms[i]), (mp_digit) c); - - if (sign == 1) - poly->terms[i].sign = 1; - } - poly->used = ctx->N; - pb_clamp(poly); - - return poly; -} - -/** - * Reads a single mp_digit out of /dev/urandom and returns this mp_digit - * - * @return the randomly chosen integer - */ -static mp_digit read_int_dev_urandom() -{ - int random_data; - mp_digit random_int; - ssize_t result; - - random_data = open("/dev/urandom", O_RDONLY); - if ((result = read(random_data, &random_int, sizeof(random_int))) < 0) - NTRU_ABORT("Unable to read /dev/urandom.\n"); - close(random_data); - return random_int; -} - -/** - * Gets a random small integer - * from the set {-1, 0, 1} using /dev/urandom. - * A zero is signed positiv. - * *sig == 1 means positiv integer. - * - * @param sign stores the signness [out] - * @return random small integer - */ -static mp_digit get_urnd_int_small(int *sign) -{ - mp_digit random_int = read_int_dev_urandom(); - random_int = make_small_int(random_int, sign); - return random_int; -} - -/** - * Gets a random polynomial with coefficients - * from the set {-1 ,0 ,1} using /dev/urandom. - * - * @param ctx the NTRU context - * @return newly allocated polynomial, must be freed with delete_polynom() - */ -pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) -{ - mp_int chara; - init_integer(&chara); - pb_poly *poly = malloc(sizeof(pb_poly)); - init_polynom_size(poly, &chara, ctx->N); - mp_clear(&chara); - - for (unsigned int i = 0; i < ctx->N; i++) { - int sign; - int c = get_urnd_int_small(&sign); - - mp_set(&(poly->terms[i]), (mp_digit) c); - - if (sign == 1) - poly->terms[i].sign = 1; - } - poly->used = ctx->N; - pb_clamp(poly); - - return poly; -} - /** * Makes a big integer from the borders of BIG_RAND_MAX * and BIG_RAND_MIN out of a randomly chosen integer. * * @param random_int a randomly chosen mp_digit * @param sign a integer to store the sign (1==positiv) - * @return random small integer from the set {-1, 0, 1} + * @return random big integer from the borders of BIG_RAND_MAX and BIG_RAND_MIN */ static mp_digit make_big_int(mp_digit random_int, int* sign) { @@ -232,20 +138,62 @@ static mp_digit make_big_int(mp_digit random_int, int* sign) } /** - * Gets a random big integer - * from the borders of BIG_RAND_MAX and - * BIG_RAND_MIN using /dev/random. - * A zero is signed positiv. - * *sig == 1 means positiv integer. + * Gets a random polynomial with coefficients + * from the set {-1 ,0 ,1} using /dev/random. * - * @param sign stores the signness [out] - * @return random small integer + * @param ctx the NTRU context + * @return newly allocated polynomial, must be freed with delete_polynom() */ -static mp_digit get_rnd_int_big(int *sign) +pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) { - mp_digit random_int = read_int_dev_random(); - random_int = make_big_int(random_int, sign); - return random_int; + mp_int chara; + init_integer(&chara); + pb_poly *poly = malloc(sizeof(pb_poly)); + init_polynom_size(poly, &chara, ctx->N); + mp_clear(&chara); + + for (unsigned int i = 0; i < ctx->N; i++) { + int sign; + mp_digit c = read_int_dev_random(); + c = make_small_int(c, &sign); + mp_set(&(poly->terms[i]), c); + if (sign == 1) + poly->terms[i].sign = 1; + } + poly->used = ctx->N; + pb_clamp(poly); + + return poly; +} + +/** + * Gets a random polynomial with coefficients + * from the set {-1 ,0 ,1} using /dev/urandom. + * + * @param ctx the NTRU context + * @return newly allocated polynomial, must be freed with delete_polynom() + */ +pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) +{ + mp_int chara; + init_integer(&chara); + pb_poly *poly = malloc(sizeof(pb_poly)); + init_polynom_size(poly, &chara, ctx->N); + mp_clear(&chara); + + for (unsigned int i = 0; i < ctx->N; i++) { + int sign; + mp_digit c = read_int_dev_urandom(); + c = make_small_int(c, &sign); + mp_set(&(poly->terms[i]), c); + + if (sign == 1) + poly->terms[i].sign = 1; + } + poly->used = ctx->N; + pb_clamp(poly); + + return poly; } /** @@ -266,9 +214,9 @@ pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) for (unsigned int i = 0; i < ctx->N; i++) { int sign; - int c = get_rnd_int_big(&sign); - - mp_set(&(poly->terms[i]), (mp_digit) c); + mp_digit c = read_int_dev_random(); + c = make_big_int(c, &sign); + mp_set(&(poly->terms[i]), c); if (sign == 1) poly->terms[i].sign = 1; @@ -279,24 +227,6 @@ pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) return poly; } -/** - * Gets a random big integer - * from the borders of BIG_RAND_MAX and - * BIG_RAND_MIN using /dev/urandom. - * A zero is signed positiv. - * *sig == 1 means positiv integer. - * - * @param sign stores the signness [out] - * @return random small integer - */ -static mp_digit get_urnd_int_big(int *sign) -{ - mp_digit random_int = read_int_dev_urandom(); - random_int = random_int % abs(BIG_RAND_MAX - BIG_RAND_MIN); - random_int = make_big_int(random_int, sign); - return random_int; -} - /** * Gets a random polynomial with coefficients * from the borders of BIG_RAND_MAX and @@ -315,9 +245,9 @@ pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx) for (unsigned int i = 0; i < ctx->N; i++) { int sign; - int c = get_urnd_int_big(&sign); - - mp_set(&(poly->terms[i]), (mp_digit) c); + mp_digit c = read_int_dev_urandom(); + c = make_big_int(c, &sign); + mp_set(&(poly->terms[i]), c); if (sign == 1) poly->terms[i].sign = 1; From 626e2fc27a66bae3780d9abeb7d0a5c5cfeb849d Mon Sep 17 00:00:00 2001 From: Malte Date: Mon, 21 Apr 2014 09:37:46 +0200 Subject: [PATCH 29/58] rand: added a nessary but missing comment on the big int min/max --- src/rand.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/rand.h b/src/rand.h index 475830f..e062d18 100644 --- a/src/rand.h +++ b/src/rand.h @@ -29,12 +29,14 @@ /** * The maximal integer that is given by * ntru_get_urnd_poly_big and ntru_get_rnd_poly_big + * this number must be positiv */ #define BIG_RAND_MAX 100 /** * The minimal integer that is given by * ntru_get_urnd_poly_big and ntru_get_rnd_poly_big + * this number must be negativ */ #define BIG_RAND_MIN -100 From 1e586c178c298ac51af72b29709d0ca6fe40e663 Mon Sep 17 00:00:00 2001 From: Malte Date: Mon, 21 Apr 2014 10:07:18 +0200 Subject: [PATCH 30/58] rand: added some missing void parameter --- src/rand.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/rand.c b/src/rand.c index e183b32..0874a1e 100644 --- a/src/rand.c +++ b/src/rand.c @@ -33,12 +33,13 @@ #include #include #include +#include "../include/rdrand.h" /* * static declarations */ -static mp_digit read_int_dev_random(); -static mp_digit read_int_dev_urandom(); +static mp_digit read_int_dev_random(void); +static mp_digit read_int_dev_urandom(void); static mp_digit make_small_int(mp_digit random_int, int* sign); static mp_digit make_big_int(mp_digit random_int, int* sign); @@ -48,7 +49,7 @@ static mp_digit make_big_int(mp_digit random_int, int* sign); * * @return the randomly chosen integer */ -static mp_digit read_int_dev_random() +static mp_digit read_int_dev_random(void) { int random_data; mp_digit random_int; @@ -73,7 +74,7 @@ static mp_digit read_int_dev_random() * * @return the randomly chosen integer */ -static mp_digit read_int_dev_urandom() +static mp_digit read_int_dev_urandom(void) { int random_data; mp_digit random_int; From d871a9104f4afefb54836de3936d52ae30764fd6 Mon Sep 17 00:00:00 2001 From: Malte Date: Mon, 21 Apr 2014 10:10:11 +0200 Subject: [PATCH 31/58] RAND: fixed some unnecessary import --- src/rand.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/rand.c b/src/rand.c index 0874a1e..89efe62 100644 --- a/src/rand.c +++ b/src/rand.c @@ -33,7 +33,6 @@ #include #include #include -#include "../include/rdrand.h" /* * static declarations From 4df4a37f9ad794a2ea30b5fa10b11a4b5930b77e Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 22 Apr 2014 08:30:01 +0200 Subject: [PATCH 32/58] RAND: added the missing function declaration and comments. static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, mp_digit randim_int) static int check_polynom(pb_poly *polynom) needs to be filled with code. --- src/rand.c | 101 +++++++++++++++++++++++++++++++++++++---------------- src/rand.h | 14 -------- 2 files changed, 70 insertions(+), 45 deletions(-) diff --git a/src/rand.c b/src/rand.c index 89efe62..414e617 100644 --- a/src/rand.c +++ b/src/rand.c @@ -21,17 +21,16 @@ #include "context.h" #include "err.h" +#include #include "rand.h" +#include #include "poly.h" - #include #include +#include +#include #include #include -#include -#include -#include -#include #include /* @@ -41,7 +40,10 @@ static mp_digit read_int_dev_random(void); static mp_digit read_int_dev_urandom(void); static mp_digit make_small_int(mp_digit random_int, int* sign); -static mp_digit make_big_int(mp_digit random_int, int* sign); + +static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, + mp_digit randim_int); +static int check_polynom(pb_poly *polynom); /** * Reads a single mp_digit out of /dev/random and returns this mp_digit @@ -91,8 +93,8 @@ static mp_digit read_int_dev_urandom(void) * out of a randomly chosen integer. * A zero is signed positiv. * - * @param random_int a randomly chosen mp_digit - * @param sign a integer to store the sign (1==positiv) + * @param random_int a randomly chosen mp_digit [out] + * @param sign a integer to store the sign (1==positiv) [out] * @return random small integer from the set {-1, 0, 1} */ static mp_digit make_small_int(mp_digit random_int, int* sign) @@ -111,37 +113,74 @@ static mp_digit make_small_int(mp_digit random_int, int* sign) } /** - * Makes a big integer from the borders of BIG_RAND_MAX - * and BIG_RAND_MIN out of a randomly chosen integer. + * Makes a big integer from the borders of upper_bound + * and lower_bound out of a randomly chosen integer. * - * @param random_int a randomly chosen mp_digit - * @param sign a integer to store the sign (1==positiv) - * @return random big integer from the borders of BIG_RAND_MAX and BIG_RAND_MIN + * @param upper_bound the maximal upper border of the resulting mp_int [out] + * @param lower_bound the minimal lower border of the resulting mp_int [out] + * @param randim_int TODO + * @return a mp_int with the random number */ -static mp_digit make_big_int(mp_digit random_int, int* sign) +static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, + mp_digit randim_int) { - random_int = random_int % abs(BIG_RAND_MAX - BIG_RAND_MIN); + mp_int result; + init_integer(&result); - if (random_int < BIG_RAND_MAX) { - *sign = 1; - } else if (random_int > BIG_RAND_MAX) { - *sign = 0; - random_int -= BIG_RAND_MAX; - } else if (random_int == BIG_RAND_MAX) { - random_int = abs(BIG_RAND_MIN); - *sign = 0; - } else { - NTRU_ABORT("Error while parsing big random Integer.\n"); - } + //TODO - return random_int; + return result; } +/** + * Checks if the coefficients of a polynom are less then + * PERCENTAGE_OF_ZERO_ALLOWED zero + * + * @param polynom a pointer to the polynom you want to test [out] + * @return 0 if the polynom zero coefficients are under + * PERCENTAGE_OF_ZERO_ALLOWED percent + * -1 if the polynom zero coefficients are over + * PERCENTAGE_OF_ZERO_ALLOWED percent + */ +static int check_polynom(pb_poly *polynom) +{ + int result = -1; + //TODO + return result; +} + +///** +// * Makes a big integer from the borders of BIG_RAND_MAX +// * and BIG_RAND_MIN out of a randomly chosen integer. +// * +// * @param random_int a randomly chosen mp_digit [out] +// * @param sign a integer to store the sign (1==positiv) [out] +// * @return random big integer from the borders of BIG_RAND_MAX and BIG_RAND_MIN +// */ +//static mp_digit make_big_int(mp_digit random_int, int* sign) +//{ +// random_int = random_int % abs(BIG_RAND_MAX - BIG_RAND_MIN); +// +// if (random_int < BIG_RAND_MAX) { +// *sign = 1; +// } else if (random_int > BIG_RAND_MAX) { +// *sign = 0; +// random_int -= BIG_RAND_MAX; +// } else if (random_int == BIG_RAND_MAX) { +// random_int = abs(BIG_RAND_MIN); +// *sign = 0; +// } else { +// NTRU_ABORT("Error while parsing big random Integer.\n"); +// } +// +// return random_int; +//} + /** * Gets a random polynomial with coefficients * from the set {-1 ,0 ,1} using /dev/random. * - * @param ctx the NTRU context + * @param ctx the NTRU context [out] * @return newly allocated polynomial, must be freed with delete_polynom() */ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) @@ -170,7 +209,7 @@ pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) * Gets a random polynomial with coefficients * from the set {-1 ,0 ,1} using /dev/urandom. * - * @param ctx the NTRU context + * @param ctx the NTRU context [out] * @return newly allocated polynomial, must be freed with delete_polynom() */ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) @@ -201,7 +240,7 @@ pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) * from the borders of BIG_RAND_MAX and * BIG_RAND_MIN using /dev/random. * - * @param ctx the NTRU context + * @param ctx the NTRU context [out] * @return newly allocated polynomial, must be freed with delete_polynom() */ pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) @@ -232,7 +271,7 @@ pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) * from the borders of BIG_RAND_MAX and * BIG_RAND_MIN using /dev/urandom. * - * @param ctx the NTRU context + * @param ctx the NTRU context [out] * @return newly allocated polynomial, must be freed with delete_polynom() */ pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx) diff --git a/src/rand.h b/src/rand.h index e062d18..d10226a 100644 --- a/src/rand.h +++ b/src/rand.h @@ -26,20 +26,6 @@ #include -/** - * The maximal integer that is given by - * ntru_get_urnd_poly_big and ntru_get_rnd_poly_big - * this number must be positiv - */ -#define BIG_RAND_MAX 100 - -/** - * The minimal integer that is given by - * ntru_get_urnd_poly_big and ntru_get_rnd_poly_big - * this number must be negativ - */ -#define BIG_RAND_MIN -100 - pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx); pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx); pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx); From cb69ea8689edc25e13e066fa46acec32f357c8aa Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 22 Apr 2014 09:04:34 +0200 Subject: [PATCH 33/58] RAND: changed the function declaration to fit the the given needs better. --- src/rand.c | 153 ++++++++++------------------------------------------- src/rand.h | 17 ++++-- 2 files changed, 41 insertions(+), 129 deletions(-) diff --git a/src/rand.c b/src/rand.c index 414e617..ccde9d7 100644 --- a/src/rand.c +++ b/src/rand.c @@ -38,11 +38,9 @@ */ static mp_digit read_int_dev_random(void); static mp_digit read_int_dev_urandom(void); - static mp_digit make_small_int(mp_digit random_int, int* sign); - static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, - mp_digit randim_int); + int entropy_source); static int check_polynom(pb_poly *polynom); /** @@ -118,11 +116,11 @@ static mp_digit make_small_int(mp_digit random_int, int* sign) * * @param upper_bound the maximal upper border of the resulting mp_int [out] * @param lower_bound the minimal lower border of the resulting mp_int [out] - * @param randim_int TODO + * entropy_source random_int TODO * @return a mp_int with the random number */ static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, - mp_digit randim_int) + int entropy_source) { mp_int result; init_integer(&result); @@ -145,154 +143,59 @@ static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, static int check_polynom(pb_poly *polynom) { int result = -1; + //TODO + return result; } -///** -// * Makes a big integer from the borders of BIG_RAND_MAX -// * and BIG_RAND_MIN out of a randomly chosen integer. -// * -// * @param random_int a randomly chosen mp_digit [out] -// * @param sign a integer to store the sign (1==positiv) [out] -// * @return random big integer from the borders of BIG_RAND_MAX and BIG_RAND_MIN -// */ -//static mp_digit make_big_int(mp_digit random_int, int* sign) -//{ -// random_int = random_int % abs(BIG_RAND_MAX - BIG_RAND_MIN); -// -// if (random_int < BIG_RAND_MAX) { -// *sign = 1; -// } else if (random_int > BIG_RAND_MAX) { -// *sign = 0; -// random_int -= BIG_RAND_MAX; -// } else if (random_int == BIG_RAND_MAX) { -// random_int = abs(BIG_RAND_MIN); -// *sign = 0; -// } else { -// NTRU_ABORT("Error while parsing big random Integer.\n"); -// } -// -// return random_int; -//} - /** * Gets a random polynomial with coefficients - * from the set {-1 ,0 ,1} using /dev/random. + * from the set {-1 ,0 ,1} using the given entropy source * - * @param ctx the NTRU context [out] + * @param length the amount of coefficients + * @param entropy_source the source of entropy you want * @return newly allocated polynomial, must be freed with delete_polynom() */ -pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx) +pb_poly *ntru_get_poly_small(int length, int entropy_source) { mp_int chara; init_integer(&chara); + + mp_digit c; pb_poly *poly = malloc(sizeof(pb_poly)); - init_polynom_size(poly, &chara, ctx->N); + + init_polynom_size(poly, &chara, length); mp_clear(&chara); - for (unsigned int i = 0; i < ctx->N; i++) { + for (unsigned int i = 0; i < length; i++) { int sign; - mp_digit c = read_int_dev_random(); + if (entropy_source == GET_INT_FROM_RRAND) { + c = read_int_dev_random(); + } else if (entropy_source == GET_INT_FROM_URAND) { + c = read_int_dev_urandom(); + } else { + NTRU_ABORT("No suitable entropy source selectetd.\n"); + } c = make_small_int(c, &sign); mp_set(&(poly->terms[i]), c); if (sign == 1) poly->terms[i].sign = 1; } - poly->used = ctx->N; - pb_clamp(poly); - + poly->used = length; return poly; } /** * Gets a random polynomial with coefficients - * from the set {-1 ,0 ,1} using /dev/urandom. + * from the the borders of lower_bound to upper_bound using the given entropy source * - * @param ctx the NTRU context [out] + * @param length the amount of coefficients + * @param entropy_source the source of entropy you want * @return newly allocated polynomial, must be freed with delete_polynom() */ -pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx) +pb_poly *ntru_get_poly_big(int length, int entropy_source, mp_int *upper_bound, + mp_int *lower_bound) { - mp_int chara; - init_integer(&chara); - pb_poly *poly = malloc(sizeof(pb_poly)); - init_polynom_size(poly, &chara, ctx->N); - mp_clear(&chara); - - for (unsigned int i = 0; i < ctx->N; i++) { - int sign; - mp_digit c = read_int_dev_urandom(); - c = make_small_int(c, &sign); - mp_set(&(poly->terms[i]), c); - - if (sign == 1) - poly->terms[i].sign = 1; - } - poly->used = ctx->N; - pb_clamp(poly); - - return poly; -} - -/** - * Gets a random polynomial with coefficients - * from the borders of BIG_RAND_MAX and - * BIG_RAND_MIN using /dev/random. - * - * @param ctx the NTRU context [out] - * @return newly allocated polynomial, must be freed with delete_polynom() - */ -pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx) -{ - mp_int chara; - init_integer(&chara); - pb_poly *poly = malloc(sizeof(pb_poly)); - init_polynom_size(poly, &chara, ctx->N); - mp_clear(&chara); - - for (unsigned int i = 0; i < ctx->N; i++) { - int sign; - mp_digit c = read_int_dev_random(); - c = make_big_int(c, &sign); - mp_set(&(poly->terms[i]), c); - - if (sign == 1) - poly->terms[i].sign = 1; - } - poly->used = ctx->N; - pb_clamp(poly); - - return poly; -} - -/** - * Gets a random polynomial with coefficients - * from the borders of BIG_RAND_MAX and - * BIG_RAND_MIN using /dev/urandom. - * - * @param ctx the NTRU context [out] - * @return newly allocated polynomial, must be freed with delete_polynom() - */ -pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx) -{ - mp_int chara; - init_integer(&chara); - pb_poly *poly = malloc(sizeof(pb_poly)); - init_polynom_size(poly, &chara, ctx->N); - mp_clear(&chara); - - for (unsigned int i = 0; i < ctx->N; i++) { - int sign; - mp_digit c = read_int_dev_urandom(); - c = make_big_int(c, &sign); - mp_set(&(poly->terms[i]), c); - - if (sign == 1) - poly->terms[i].sign = 1; - } - poly->used = ctx->N; - pb_clamp(poly); - - return poly; + //TODO } diff --git a/src/rand.h b/src/rand.h index d10226a..6dc08c3 100644 --- a/src/rand.h +++ b/src/rand.h @@ -26,9 +26,18 @@ #include -pb_poly *ntru_get_urnd_poly_small(ntru_context *ctx); -pb_poly *ntru_get_rnd_poly_small(ntru_context *ctx); -pb_poly *ntru_get_urnd_poly_big(ntru_context *ctx); -pb_poly *ntru_get_rnd_poly_big(ntru_context *ctx); +/** + * Use the /dev/urandom device as entropy source. + */ +#define GET_INT_FROM_URAND 2 + +/** + * Use the /dev/random device as entropy source. + */ +#define GET_INT_FROM_RRAND 3 + +pb_poly *ntru_get_poly_small(int length, int entropy_source); +pb_poly *ntru_get_poly_big(int length, int entropy_source, mp_int *upper_bound, + mp_int *lower_bound); #endif /* NTRU_RAND_H */ From 01c301afdd07ece8cb24cf85641354da60c0aab4 Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 19:50:49 +0200 Subject: [PATCH 34/58] MEM: introduce our own ntru_malloc() function Use this instead of malloc(). --- src/mem.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ src/mem.h | 29 +++++++++++++++++++++++++++++ src/poly.c | 3 ++- 3 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 src/mem.c create mode 100644 src/mem.h diff --git a/src/mem.c b/src/mem.c new file mode 100644 index 0000000..7a63f58 --- /dev/null +++ b/src/mem.c @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2014 FH Bielefeld + * + * This file is part of a FH Bielefeld project. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "mem.h" + +#include +#include + + +/** + * Allocate memory of size and return + * a void pointer. + * + * @param size of the memory to allocate in bytes + * @return void pointer to the beginning of the allocated memory block + */ +void *ntru_malloc(size_t size) +{ + void *ptr; + + ptr = malloc(size); + + if (size) + if (!ptr) { + fprintf(stderr, "failed to allocate memory, aborting!"); + abort(); + } + + return ptr; +} diff --git a/src/mem.h b/src/mem.h new file mode 100644 index 0000000..eabe1e9 --- /dev/null +++ b/src/mem.h @@ -0,0 +1,29 @@ +/* + * Copyright (C) 2014 FH Bielefeld + * + * This file is part of a FH Bielefeld project. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef NTRU_MEM_H +#define NTRU_MEM_H + +#include + +void *ntru_malloc(size_t size); + +#endif /* NTRU_MEM_H */ diff --git a/src/poly.c b/src/poly.c index 6f00be2..72a5345 100644 --- a/src/poly.c +++ b/src/poly.c @@ -21,6 +21,7 @@ #include "context.h" #include "err.h" +#include "mem.h" #include "poly.h" #include @@ -108,7 +109,7 @@ pb_poly *build_polynom(int const * const c, pb_poly *new_poly; mp_int chara; - new_poly = malloc(sizeof(*new_poly)); + new_poly = ntru_malloc(sizeof(*new_poly)); init_integer(&chara); init_polynom_size(new_poly, &chara, len); mp_clear(&chara); From a4603877f91439ce2987bbf01ac0ac1a91067413 Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 19:51:45 +0200 Subject: [PATCH 35/58] BUILD: update Makefile for mem.o --- src/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Makefile b/src/Makefile index 9d0df37..6fc357d 100644 --- a/src/Makefile +++ b/src/Makefile @@ -37,8 +37,8 @@ endif LIBS += -L. # objects -PQC_OBJS = rand.o poly.o -PQC_HEADERS = err.h rand.h poly.h context.h +PQC_OBJS = rand.o poly.o keypair.o mem.o +PQC_HEADERS = err.h rand.h poly.h context.h keypair.h # CUNIT_OBJS = cunit.o # includes From 476379b67515d746060b4de1dd2759eeddcac23e Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 19:53:30 +0200 Subject: [PATCH 36/58] POLY: use our MACROS for error handling All mp_* and pb_* functions that return an error code should only be called via a MACRO which handles the error. --- src/poly.c | 20 ++++++++++---------- src/poly.h | 26 ++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/src/poly.c b/src/poly.c index 72a5345..1380942 100644 --- a/src/poly.c +++ b/src/poly.c @@ -127,14 +127,14 @@ pb_poly *build_polynom(int const * const c, unsigned_c = c[i]; } - mp_set_int(&(new_poly->terms[i]), unsigned_c); + MP_SET_INT(&(new_poly->terms[i]), unsigned_c); if (sign == true) mp_neg(&(new_poly->terms[i]), &(new_poly->terms[i])); } } else { /* fill with zeros */ for (unsigned int i = 0; i < len; i++) - mp_set(&(new_poly->terms[i]), 0); + MP_SET(&(new_poly->terms[i]), 0); } new_poly->used = len; @@ -151,7 +151,7 @@ pb_poly *build_polynom(int const * const c, void erase_polynom(pb_poly *poly, size_t len) { for (unsigned int i = 0; i < len ; i++) { - mp_set(&(poly->terms[i]), 0); + MP_SET(&(poly->terms[i]), 0); mp_abs(&(poly->terms[i]), &(poly->terms[i])); } } @@ -190,7 +190,7 @@ void pb_starmultiply(pb_poly *a, mp_int mp_modulus; init_integer(&mp_modulus); - mp_set_int(&mp_modulus, (unsigned long)(modulus)); + MP_SET_INT(&mp_modulus, (unsigned long)(modulus)); /* avoid side effects */ a_tmp = build_polynom(NULL, ctx->N, ctx); @@ -276,14 +276,14 @@ bool pb_inverse_poly_q(pb_poly * const a, pb_poly *a_tmp, *b, *c, *f, *g; b = build_polynom(NULL, ctx->N + 1, ctx); - mp_set(&(b->terms[0]), 1); + MP_SET(&(b->terms[0]), 1); c = build_polynom(NULL, ctx->N + 1, ctx); f = build_polynom(NULL, ctx->N + 1, ctx); PB_COPY(a, f); g = build_polynom(NULL, ctx->N + 1, ctx); - mp_set(&(g->terms[0]), 1); + MP_SET(&(g->terms[0]), 1); mp_neg(&(g->terms[0]), &(g->terms[0])); - mp_set(&(g->terms[ctx->N]), 1); + MP_SET(&(g->terms[ctx->N]), 1); /* avoid side effects */ a_tmp = build_polynom(NULL, ctx->N, ctx); PB_COPY(a, a_tmp); @@ -295,8 +295,8 @@ bool pb_inverse_poly_q(pb_poly * const a, MP_COPY(&(f->terms[i]), &(f->terms[i - 1])); MP_COPY(&(c->terms[ctx->N - i]), &(c->terms[ctx->N + 1 - i])); } - mp_set(&(f->terms[ctx->N]), 0); - mp_set(&(c->terms[0]), 0); + MP_SET(&(f->terms[ctx->N]), 0); + MP_SET(&(c->terms[0]), 0); k++; } @@ -348,7 +348,7 @@ OUT_OF_LOOP: if (mp_cmp_d(&(Fq->terms[i]), 0) == MP_LT) { mp_int mp_tmp; init_integer(&mp_tmp); - mp_set_int(&mp_tmp, ctx->q); + MP_SET_INT(&mp_tmp, ctx->q); MP_ADD(&(Fq->terms[i]), &mp_tmp, &(Fq->terms[i])); mp_clear(&mp_tmp); } diff --git a/src/poly.h b/src/poly.h index f60ab26..4d9aa04 100644 --- a/src/poly.h +++ b/src/poly.h @@ -30,6 +30,16 @@ #include #include +#define MP_SET(...) mp_set(__VA_ARGS__) + +#define MP_SET_INT(...) \ +{ \ + int result; \ + if ((result = mp_set_int(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error setting long constant. %s", \ + mp_error_to_string(result)); \ +} + #define MP_MUL(...) \ { \ int result; \ @@ -86,6 +96,22 @@ mp_error_to_string(result)); \ } +#define MP_EXPTMOD(...) \ +{ \ + int result; \ + if ((result = mp_exptmod(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error computing modular exponentiation. %s", \ + mp_error_to_string(result)); \ +} + +#define MP_EXPT_D(...) \ +{ \ + int result; \ + if ((result = mp_expt_d(__VA_ARGS__)) != MP_OKAY) \ + NTRU_ABORT("Error computing modular exponentiation. %s", \ + mp_error_to_string(result)); \ +} + #define PB_MUL(...) \ { \ int result; \ From d9584b2e174ceabdd7cd4aa875c6e0d56c6f3c80 Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 19:55:30 +0200 Subject: [PATCH 37/58] POLY: introduce delete_polynom_multi() Just a wrapper around delete_polynom() to handle multiple args. Must be called with NULL as last argument! --- src/poly.c | 31 ++++++++++++++++++++++++++----- src/poly.h | 3 +++ 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/src/poly.c b/src/poly.c index 1380942..2c42b5f 100644 --- a/src/poly.c +++ b/src/poly.c @@ -24,6 +24,7 @@ #include "mem.h" #include "poly.h" +#include #include #include #include @@ -170,6 +171,30 @@ void delete_polynom(pb_poly *poly) free(poly); } +/** + * This deletes the internal structure of all polynomials, + * and frees the pointers. Don't call this on stack variables, + * this is intended for use after ntru_ functions, that + * return a polynomial pointer. + * You must call this with NULL as last argument! + * + * @param poly the polynomial to delete + * @param ... follow up polynomials + */ +void delete_polynom_multi(pb_poly *poly, ...) +{ + pb_poly *next_poly; + va_list args; + + next_poly = poly; + va_start(args, poly); + while (next_poly != NULL) { + delete_polynom(next_poly); + next_poly = va_arg(args, pb_poly*); + } + va_end(args); +} + /** * Starmultiplication, as follows: * c = a * b mod (x^N − 1) @@ -353,11 +378,7 @@ OUT_OF_LOOP: mp_clear(&mp_tmp); } - delete_polynom(a_tmp); - delete_polynom(b); - delete_polynom(c); - delete_polynom(f); - delete_polynom(g); + delete_polynom_multi(a_tmp, b, c, f, g, NULL); /* TODO: check if the f * Fq = 1 (mod p) condition holds true */ diff --git a/src/poly.h b/src/poly.h index 4d9aa04..77a9b54 100644 --- a/src/poly.h +++ b/src/poly.h @@ -28,6 +28,7 @@ #include #include +#include #include #define MP_SET(...) mp_set(__VA_ARGS__) @@ -164,6 +165,8 @@ void erase_polynom(pb_poly *poly, size_t len); void delete_polynom(pb_poly *new_poly); +void delete_polynom_multi(pb_poly *poly, ...); + void pb_starmultiply(pb_poly *a, pb_poly *b, pb_poly *c, From 9ddf9709e26ebd969aed7a8c2d898784ac4b5925 Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 19:57:45 +0200 Subject: [PATCH 38/58] POLY: add pb_mod2_to_modq() This should make pb_inverse_poly_q() a bit more readable. TODO: make the algorithm more descriptive in general. --- src/poly.c | 65 +++++++++++++++++++++++++++++++++++------------------- 1 file changed, 42 insertions(+), 23 deletions(-) diff --git a/src/poly.c b/src/poly.c index 2c42b5f..de7eaa0 100644 --- a/src/poly.c +++ b/src/poly.c @@ -36,6 +36,9 @@ * static declarations */ static unsigned int get_degree(pb_poly const * const poly); +static void pb_mod2_to_modq(pb_poly * const a, + pb_poly *Fq, + ntru_context *ctx); /** @@ -283,6 +286,43 @@ static unsigned int get_degree(pb_poly const * const poly) return count; } +/** + * Find the inverse polynomial modulo a power of 2, + * which is q. + * + * @param a polynomial to invert (is allowed to be the same as param Fq) + * @param Fq polynomial [out] + * @param ctx NTRU context + * @return true/false for success/failure + */ +static void pb_mod2_to_modq(pb_poly * const a, + pb_poly *Fq, + ntru_context *ctx) +{ + int v = 2; + + while (v < (int)(ctx->q)) { + pb_poly *pb_tmp, + *pb_tmp2; + mp_int tmp_v; + pb_tmp = build_polynom(NULL, ctx->N, ctx); + v = v * 2; + init_integer(&tmp_v); + MP_SET_INT(&tmp_v, v); + pb_tmp2 = build_polynom(NULL, ctx->N, ctx); + MP_SET_INT(&(pb_tmp2->terms[0]), 2); + + /* mod after sub or before? */ + pb_starmultiply(a, Fq, pb_tmp, ctx, v); + PB_SUB(pb_tmp2, pb_tmp, pb_tmp); + PB_MOD(pb_tmp, &tmp_v, pb_tmp, ctx->N); + pb_starmultiply(Fq, pb_tmp, Fq, ctx, v); + + mp_clear(&tmp_v); + delete_polynom_multi(pb_tmp, pb_tmp2, NULL); + } +} + /** * Invert the polynomial a modulo q. * @@ -296,8 +336,7 @@ bool pb_inverse_poly_q(pb_poly * const a, ntru_context *ctx) { int k = 0, - j = 0, - v = 2; + j = 0; pb_poly *a_tmp, *b, *c, *f, *g; b = build_polynom(NULL, ctx->N + 1, ctx); @@ -347,27 +386,7 @@ OUT_OF_LOOP: MP_COPY(&(b->terms[i]), &(Fq->terms[j])); } - while (v < (int)(ctx->q)) { - pb_poly *pb_tmp, - *pb_tmp2; - mp_int tmp_v; - pb_tmp = build_polynom(NULL, ctx->N, ctx); - v = v * 2; - init_integer(&tmp_v); - mp_set_int(&tmp_v, v); - pb_tmp2 = build_polynom(NULL, ctx->N, ctx); - mp_set_int(&(pb_tmp2->terms[0]), 2); - - /* hope this does not blow up in our face */ - pb_starmultiply(a_tmp, Fq, pb_tmp, ctx, v); - PB_SUB(pb_tmp2, pb_tmp, pb_tmp); - PB_MOD(pb_tmp, &tmp_v, pb_tmp, ctx->N); - pb_starmultiply(Fq, pb_tmp, Fq, ctx, v); - - mp_clear(&tmp_v); - delete_polynom(pb_tmp); - delete_polynom(pb_tmp2); - } + pb_mod2_to_modq(a_tmp, Fq, ctx); for (int i = ctx->N - 1; i >= 0; i--) if (mp_cmp_d(&(Fq->terms[i]), 0) == MP_LT) { From 9520003db1f3e98044fe2292d889a278845ebb84 Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 20:06:49 +0200 Subject: [PATCH 39/58] BUILD: ignore -Wunused-function... this is a library --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index 6fc357d..1f2182f 100644 --- a/src/Makefile +++ b/src/Makefile @@ -4,7 +4,7 @@ PKG_CONFIG ?= pkg-config # flags CFLAGS ?= -march=native -O2 -pipe -CFLAGS += -std=c99 -pedantic -Wall -Wextra -Werror -Wno-unused-variable -Wno-unused-parameter +CFLAGS += -std=c99 -pedantic -Wall -Wextra -Werror -Wno-unused-variable -Wno-unused-parameter -Wno-unused-function ifeq ($(shell $(CC) -v 2>&1 | grep 'gcc version' &>/dev/null && echo 1),1) CFLAGS += -Wno-unused-but-set-variable endif From 23573d07c8a7cc831140866900087708de451943 Mon Sep 17 00:00:00 2001 From: hasufell Date: Sun, 20 Apr 2014 20:58:02 +0200 Subject: [PATCH 40/58] DOC: fix doxygen comment in pb_mod2_to_modq() --- src/poly.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/poly.c b/src/poly.c index de7eaa0..c6f77f5 100644 --- a/src/poly.c +++ b/src/poly.c @@ -290,10 +290,9 @@ static unsigned int get_degree(pb_poly const * const poly) * Find the inverse polynomial modulo a power of 2, * which is q. * - * @param a polynomial to invert (is allowed to be the same as param Fq) + * @param a polynomial to invert * @param Fq polynomial [out] * @param ctx NTRU context - * @return true/false for success/failure */ static void pb_mod2_to_modq(pb_poly * const a, pb_poly *Fq, From f01210e1f2cb4b329f015a9f5ede92e4e99a4ba3 Mon Sep 17 00:00:00 2001 From: hasufell Date: Mon, 28 Apr 2014 12:18:14 +0200 Subject: [PATCH 41/58] BUILD: add missing include --- external/libtompoly-0.04/makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/external/libtompoly-0.04/makefile b/external/libtompoly-0.04/makefile index af2503e..c14f34d 100644 --- a/external/libtompoly-0.04/makefile +++ b/external/libtompoly-0.04/makefile @@ -1,5 +1,5 @@ #Makefile for GCC by Tom St Denis -CFLAGS += -fPIC -I. -Os -Wall -W +CFLAGS += -fPIC -I. -Os -Wall -W -I../libtommath-0.42.0 VERSION=0.04 From 456dff26e0eadb23af1e094c8fe8ddfada837325 Mon Sep 17 00:00:00 2001 From: hasufell Date: Mon, 28 Apr 2014 12:19:26 +0200 Subject: [PATCH 42/58] BUILD: remove non-existing header from build --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index 1f2182f..d7335a7 100644 --- a/src/Makefile +++ b/src/Makefile @@ -38,7 +38,7 @@ LIBS += -L. # objects PQC_OBJS = rand.o poly.o keypair.o mem.o -PQC_HEADERS = err.h rand.h poly.h context.h keypair.h +PQC_HEADERS = err.h rand.h poly.h context.h # CUNIT_OBJS = cunit.o # includes From 3109d2aec7c7da464e25f541646c2a7919dba5ac Mon Sep 17 00:00:00 2001 From: hasufell Date: Mon, 28 Apr 2014 12:21:20 +0200 Subject: [PATCH 43/58] BUILD: remove obsolete object --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index d7335a7..30f657e 100644 --- a/src/Makefile +++ b/src/Makefile @@ -37,7 +37,7 @@ endif LIBS += -L. # objects -PQC_OBJS = rand.o poly.o keypair.o mem.o +PQC_OBJS = rand.o poly.o mem.o PQC_HEADERS = err.h rand.h poly.h context.h # CUNIT_OBJS = cunit.o From 3fc925c396ddf3422803f35966b38067390e5886 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:32:54 +0200 Subject: [PATCH 44/58] RAND: removed camelCase changed from randomDataLen to random_DataLen --- src/rand.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/rand.c b/src/rand.c index ccde9d7..d8f0291 100644 --- a/src/rand.c +++ b/src/rand.c @@ -52,17 +52,17 @@ static mp_digit read_int_dev_random(void) { int random_data; mp_digit random_int; - size_t randomDataLen = 0; + size_t random_DataLen = 0; random_data = open("/dev/random", O_RDONLY); - while (randomDataLen < sizeof(random_int)) { + while (random_DataLen < sizeof(random_int)) { ssize_t result = read(random_data, - ((char*) &random_int) + randomDataLen, - (sizeof(random_int)) - randomDataLen); + ((char*) &random_int) + random_DataLen, + (sizeof(random_int)) - random_DataLen); if (result < 0) { NTRU_ABORT("Unable to read /dev/random.\n"); } - randomDataLen += result; + random_DataLen += result; } close(random_data); return random_int; From f459f09e57e41242cb69fea2bbe5361bb2b65391 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:34:35 +0200 Subject: [PATCH 45/58] RAND: changed from make_small_int() to get_random_ternary() --- src/rand.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/rand.c b/src/rand.c index d8f0291..e26f27a 100644 --- a/src/rand.c +++ b/src/rand.c @@ -38,7 +38,7 @@ */ static mp_digit read_int_dev_random(void); static mp_digit read_int_dev_urandom(void); -static mp_digit make_small_int(mp_digit random_int, int* sign); +static mp_digit get_random_ternary(mp_digit random_int, int* sign); static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, int entropy_source); static int check_polynom(pb_poly *polynom); @@ -95,7 +95,7 @@ static mp_digit read_int_dev_urandom(void) * @param sign a integer to store the sign (1==positiv) [out] * @return random small integer from the set {-1, 0, 1} */ -static mp_digit make_small_int(mp_digit random_int, int* sign) +static mp_digit get_random_ternary(mp_digit random_int, int* sign) { random_int = random_int % 3; @@ -177,7 +177,7 @@ pb_poly *ntru_get_poly_small(int length, int entropy_source) } else { NTRU_ABORT("No suitable entropy source selectetd.\n"); } - c = make_small_int(c, &sign); + c = get_random_ternary(c, &sign); mp_set(&(poly->terms[i]), c); if (sign == 1) poly->terms[i].sign = 1; From 2e589f4be72802457ffa658c53bd0aea68b1bb97 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:43:22 +0200 Subject: [PATCH 46/58] RAND: removed some doxycomment --- src/rand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rand.c b/src/rand.c index e26f27a..42675a9 100644 --- a/src/rand.c +++ b/src/rand.c @@ -91,7 +91,7 @@ static mp_digit read_int_dev_urandom(void) * out of a randomly chosen integer. * A zero is signed positiv. * - * @param random_int a randomly chosen mp_digit [out] + * @param random_int a randomly chosen mp_digit * @param sign a integer to store the sign (1==positiv) [out] * @return random small integer from the set {-1, 0, 1} */ From 8f9acfdb9df25282044aee7fe385b98a28116a74 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:44:49 +0200 Subject: [PATCH 47/58] RAND: changed from make_big_int() to get_random_bigint() --- src/rand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rand.c b/src/rand.c index 42675a9..105127d 100644 --- a/src/rand.c +++ b/src/rand.c @@ -39,7 +39,7 @@ static mp_digit read_int_dev_random(void); static mp_digit read_int_dev_urandom(void); static mp_digit get_random_ternary(mp_digit random_int, int* sign); -static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, +static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, int entropy_source); static int check_polynom(pb_poly *polynom); @@ -119,7 +119,7 @@ static mp_digit get_random_ternary(mp_digit random_int, int* sign) * entropy_source random_int TODO * @return a mp_int with the random number */ -static mp_int *make_big_int(mp_int *upper_bound, mp_int *lower_bound, +static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, int entropy_source) { mp_int result; From a706a2331938653ca1d1d2b50b74451859f610bd Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:45:51 +0200 Subject: [PATCH 48/58] RAND: corected spelling --- src/rand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rand.c b/src/rand.c index 105127d..a7b4b07 100644 --- a/src/rand.c +++ b/src/rand.c @@ -131,7 +131,7 @@ static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, } /** - * Checks if the coefficients of a polynom are less then + * Checks if the coefficients of a polynom are less than * PERCENTAGE_OF_ZERO_ALLOWED zero * * @param polynom a pointer to the polynom you want to test [out] From e072eb04e9fb5d74ab9bb069572db348a4b40b0d Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:47:02 +0200 Subject: [PATCH 49/58] RAND: chaged from int check_polynom() to unsigned int check_allowed_zeros() RAND: merged conflict --- src/rand.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/src/rand.c b/src/rand.c index a7b4b07..e90b8c1 100644 --- a/src/rand.c +++ b/src/rand.c @@ -41,7 +41,7 @@ static mp_digit read_int_dev_urandom(void); static mp_digit get_random_ternary(mp_digit random_int, int* sign); static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, int entropy_source); -static int check_polynom(pb_poly *polynom); +static unsigned int check_allowed_zeros(pb_poly *polynom); /** * Reads a single mp_digit out of /dev/random and returns this mp_digit @@ -140,12 +140,10 @@ static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, * -1 if the polynom zero coefficients are over * PERCENTAGE_OF_ZERO_ALLOWED percent */ -static int check_polynom(pb_poly *polynom) +static unsigned int check_allowed_zeros(pb_poly *polynom) { - int result = -1; - + unsigned int result = -1; //TODO - return result; } From 79a908de00b723a863965aac7a601c9be3c5cb50 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:48:25 +0200 Subject: [PATCH 50/58] RAND: changed from ntru_get_poly_small(int length... to ntru_get_random_poly_ternary(size_t length... --- src/rand.c | 2 +- src/rand.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/rand.c b/src/rand.c index e90b8c1..c315d01 100644 --- a/src/rand.c +++ b/src/rand.c @@ -155,7 +155,7 @@ static unsigned int check_allowed_zeros(pb_poly *polynom) * @param entropy_source the source of entropy you want * @return newly allocated polynomial, must be freed with delete_polynom() */ -pb_poly *ntru_get_poly_small(int length, int entropy_source) +pb_poly *ntru_get_random_poly_ternary(int length, int entropy_source) { mp_int chara; init_integer(&chara); diff --git a/src/rand.h b/src/rand.h index 6dc08c3..4e21c4a 100644 --- a/src/rand.h +++ b/src/rand.h @@ -36,8 +36,8 @@ */ #define GET_INT_FROM_RRAND 3 -pb_poly *ntru_get_poly_small(int length, int entropy_source); -pb_poly *ntru_get_poly_big(int length, int entropy_source, mp_int *upper_bound, +pb_poly *ntru_get_random_poly_ternary(int length, int entropy_source); +pb_poly *ntru_get_poly_big(size_t length, int entropy_source, mp_int *upper_bound, mp_int *lower_bound); #endif /* NTRU_RAND_H */ From 7c58d847e9999694640db91a8457ac08d48e7b82 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:49:37 +0200 Subject: [PATCH 51/58] RAND changed c to coefficient --- src/rand.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/rand.c b/src/rand.c index c315d01..820530b 100644 --- a/src/rand.c +++ b/src/rand.c @@ -155,12 +155,12 @@ static unsigned int check_allowed_zeros(pb_poly *polynom) * @param entropy_source the source of entropy you want * @return newly allocated polynomial, must be freed with delete_polynom() */ -pb_poly *ntru_get_random_poly_ternary(int length, int entropy_source) +pb_poly *ntru_get_random_poly_ternary(size_t length, int entropy_source) { mp_int chara; init_integer(&chara); - mp_digit c; + mp_digit coefficient; pb_poly *poly = malloc(sizeof(pb_poly)); init_polynom_size(poly, &chara, length); @@ -169,14 +169,14 @@ pb_poly *ntru_get_random_poly_ternary(int length, int entropy_source) for (unsigned int i = 0; i < length; i++) { int sign; if (entropy_source == GET_INT_FROM_RRAND) { - c = read_int_dev_random(); + coefficient = read_int_dev_random(); } else if (entropy_source == GET_INT_FROM_URAND) { - c = read_int_dev_urandom(); + coefficient = read_int_dev_urandom(); } else { NTRU_ABORT("No suitable entropy source selectetd.\n"); } - c = get_random_ternary(c, &sign); - mp_set(&(poly->terms[i]), c); + coefficient = get_random_ternary(coefficient, &sign); + mp_set(&(poly->terms[i]), coefficient); if (sign == 1) poly->terms[i].sign = 1; } From 979ae617261e17481575f5119e7bd8235e0526eb Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:50:22 +0200 Subject: [PATCH 52/58] RAND: changed ntru_get_poly_big() to ntru_get_random_poly() --- src/rand.c | 2 +- src/rand.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rand.c b/src/rand.c index 820530b..f503ff6 100644 --- a/src/rand.c +++ b/src/rand.c @@ -192,7 +192,7 @@ pb_poly *ntru_get_random_poly_ternary(size_t length, int entropy_source) * @param entropy_source the source of entropy you want * @return newly allocated polynomial, must be freed with delete_polynom() */ -pb_poly *ntru_get_poly_big(int length, int entropy_source, mp_int *upper_bound, +pb_poly *ntru_get_random_poly(int length, int entropy_source, mp_int *upper_bound, mp_int *lower_bound) { //TODO diff --git a/src/rand.h b/src/rand.h index 4e21c4a..b4b073f 100644 --- a/src/rand.h +++ b/src/rand.h @@ -37,7 +37,7 @@ #define GET_INT_FROM_RRAND 3 pb_poly *ntru_get_random_poly_ternary(int length, int entropy_source); -pb_poly *ntru_get_poly_big(size_t length, int entropy_source, mp_int *upper_bound, +pb_poly *ntru_get_random_poly(size_t length, int entropy_source, mp_int *upper_bound, mp_int *lower_bound); #endif /* NTRU_RAND_H */ From 2f9ebd52f86ca8f164e8fdc88a95e2957ead63b9 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:51:13 +0200 Subject: [PATCH 53/58] RAND: changed read_int_dev_urandom() to get_int_dev_urandom() --- src/rand.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/rand.c b/src/rand.c index f503ff6..453a681 100644 --- a/src/rand.c +++ b/src/rand.c @@ -36,7 +36,7 @@ /* * static declarations */ -static mp_digit read_int_dev_random(void); +static mp_digit get_int_dev_random(void); static mp_digit read_int_dev_urandom(void); static mp_digit get_random_ternary(mp_digit random_int, int* sign); static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, @@ -48,7 +48,7 @@ static unsigned int check_allowed_zeros(pb_poly *polynom); * * @return the randomly chosen integer */ -static mp_digit read_int_dev_random(void) +static mp_digit get_int_dev_random(void) { int random_data; mp_digit random_int; @@ -169,7 +169,7 @@ pb_poly *ntru_get_random_poly_ternary(size_t length, int entropy_source) for (unsigned int i = 0; i < length; i++) { int sign; if (entropy_source == GET_INT_FROM_RRAND) { - coefficient = read_int_dev_random(); + coefficient = get_int_dev_random(); } else if (entropy_source == GET_INT_FROM_URAND) { coefficient = read_int_dev_urandom(); } else { From 8db6a83ae3565cde5456a753e9c2fbb44605e7d6 Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:53:37 +0200 Subject: [PATCH 54/58] RAND: changed read_int_dev_urandom() to get_int_dev_urandom() --- src/rand.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/rand.c b/src/rand.c index 453a681..72643f4 100644 --- a/src/rand.c +++ b/src/rand.c @@ -37,7 +37,7 @@ * static declarations */ static mp_digit get_int_dev_random(void); -static mp_digit read_int_dev_urandom(void); +static mp_digit get_int_dev_urandom(void); static mp_digit get_random_ternary(mp_digit random_int, int* sign); static mp_int *get_random_bigint(mp_int *upper_bound, mp_int *lower_bound, int entropy_source); @@ -73,7 +73,7 @@ static mp_digit get_int_dev_random(void) * * @return the randomly chosen integer */ -static mp_digit read_int_dev_urandom(void) +static mp_digit get_int_dev_urandom(void) { int random_data; mp_digit random_int; @@ -171,7 +171,7 @@ pb_poly *ntru_get_random_poly_ternary(size_t length, int entropy_source) if (entropy_source == GET_INT_FROM_RRAND) { coefficient = get_int_dev_random(); } else if (entropy_source == GET_INT_FROM_URAND) { - coefficient = read_int_dev_urandom(); + coefficient = get_int_dev_urandom(); } else { NTRU_ABORT("No suitable entropy source selectetd.\n"); } From 7c5d89905568935c4ff39a40ea335b638a95fdbc Mon Sep 17 00:00:00 2001 From: Malte Date: Tue, 6 May 2014 07:55:04 +0200 Subject: [PATCH 55/58] RAND: improve some spelling --- src/rand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rand.c b/src/rand.c index 72643f4..a0ac33c 100644 --- a/src/rand.c +++ b/src/rand.c @@ -92,7 +92,7 @@ static mp_digit get_int_dev_urandom(void) * A zero is signed positiv. * * @param random_int a randomly chosen mp_digit - * @param sign a integer to store the sign (1==positiv) [out] + * @param sign an integer to store the sign (1==positiv) [out] * @return random small integer from the set {-1, 0, 1} */ static mp_digit get_random_ternary(mp_digit random_int, int* sign) From d498ddf1a85dd68bb1731a57f6dd08e390d0f4d7 Mon Sep 17 00:00:00 2001 From: malte Date: Sun, 18 May 2014 10:28:25 +0200 Subject: [PATCH 56/58] ASCII->POLY: written a function to convert a char* string into a polynom. The function returns a newly allocated poynom of the string size * 7 7 bits per ASCII symbol. the function need to be warped so the maximal poynom is corresponding to the NTRU context. --- src/ascii_poly.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++ src/ascii_poly.h | 27 ++++++++++++++++++ 2 files changed, 101 insertions(+) create mode 100644 src/ascii_poly.c create mode 100644 src/ascii_poly.h diff --git a/src/ascii_poly.c b/src/ascii_poly.c new file mode 100644 index 0000000..e33c54f --- /dev/null +++ b/src/ascii_poly.c @@ -0,0 +1,74 @@ +/* + * Copyright (C) 2014 FH Bielefeld + * + * This file is part of a FH Bielefeld project. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "mem.h" +#include "poly.h" +#include "ascii_poly.h" + +#include +#include +#include +#include +#include +#include + +#define ASCII_DIGIETS 7 + +/** + * Converts a string into a pb_poly of the size strlen(to_poly) * 7. + * 7 bit per ASCII symbol. + * + * @param to_poly the string + * @return the newly allocated polynom. + */ +pb_poly *ascii_to_poly(char *to_poly) +{ + size_t length = (strlen(to_poly) * ASCII_DIGIETS); + char *tmp_ptr = to_poly; + u_int8_t quotient, + i, + k, + binary_Number[ASCII_DIGIETS + 1]; + + mp_int *chara = ntru_malloc(sizeof(mp_int)); + init_integer(chara); + + pb_poly *poly = ntru_malloc(sizeof(pb_poly)); + init_polynom_size(poly, chara, length); + + for (u_int32_t j = 0; j < strlen(to_poly); j++) { + quotient = (u_int8_t) *tmp_ptr++; + k = ASCII_DIGIETS; + for (i = 1; i <= ASCII_DIGIETS; i++) { + binary_Number[k--] = quotient % 2; + quotient >>= 1; + } + for (i = 1; i <= ASCII_DIGIETS; i++) { + mp_set(&(poly->terms[((i - 1) + (j * ASCII_DIGIETS))]), + binary_Number[i]); + binary_Number[i] = 0; + poly->terms[i].sign = 0; + } + } + poly->used = (int) length; + mp_clear(chara); + return poly; +} \ No newline at end of file diff --git a/src/ascii_poly.h b/src/ascii_poly.h new file mode 100644 index 0000000..739801d --- /dev/null +++ b/src/ascii_poly.h @@ -0,0 +1,27 @@ +/* + * Copyright (C) 2014 FH Bielefeld + * + * This file is part of a FH Bielefeld project. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef ASCII_POLY_H_ +#define ASCII_POLY_H_ + +pb_poly *ascii_to_poly(char *to_poly); + +#endif /* ASCII_POLY_H_ */ From 3bf66ce2745cec3bb1a8ead2a6d3e2fe125bc365 Mon Sep 17 00:00:00 2001 From: malte Date: Sun, 18 May 2014 18:08:36 +0200 Subject: [PATCH 57/58] POLY->ASCII: Added a function to get a string out of a given polynom. --- src/ascii_poly.c | 81 ++++++++++++++++++++++++++++++++++++------------ src/ascii_poly.h | 1 + 2 files changed, 63 insertions(+), 19 deletions(-) diff --git a/src/ascii_poly.c b/src/ascii_poly.c index e33c54f..aefaac5 100644 --- a/src/ascii_poly.c +++ b/src/ascii_poly.c @@ -19,18 +19,21 @@ * MA 02110-1301 USA */ +#include "ascii_poly.h" +#include "context.h" +#include "err.h" #include "mem.h" #include "poly.h" -#include "ascii_poly.h" +#include #include #include #include #include -#include #include +#include -#define ASCII_DIGIETS 7 +#define ASCII_DIGITS 7 /** * Converts a string into a pb_poly of the size strlen(to_poly) * 7. @@ -41,34 +44,74 @@ */ pb_poly *ascii_to_poly(char *to_poly) { - size_t length = (strlen(to_poly) * ASCII_DIGIETS); + size_t length = (strlen(to_poly) * ASCII_DIGITS); char *tmp_ptr = to_poly; - u_int8_t quotient, - i, - k, - binary_Number[ASCII_DIGIETS + 1]; + u_int8_t binary_Number[ASCII_DIGITS + 1]; - mp_int *chara = ntru_malloc(sizeof(mp_int)); - init_integer(chara); + if (!to_poly) { + return NULL; + } + + mp_int chara; + init_integer(&chara); pb_poly *poly = ntru_malloc(sizeof(pb_poly)); - init_polynom_size(poly, chara, length); + init_polynom_size(poly, &chara, length); + /* for every char */ for (u_int32_t j = 0; j < strlen(to_poly); j++) { - quotient = (u_int8_t) *tmp_ptr++; - k = ASCII_DIGIETS; - for (i = 1; i <= ASCII_DIGIETS; i++) { + u_int8_t quotient = (u_int8_t) *tmp_ptr++; + u_int8_t k = ASCII_DIGITS; + for (u_int8_t i = 1; i <= ASCII_DIGITS; i++) { + /* gets the least significant bit in an array*/ binary_Number[k--] = quotient % 2; + /* bitshift so the next bit becomes the lsb*/ quotient >>= 1; } - for (i = 1; i <= ASCII_DIGIETS; i++) { - mp_set(&(poly->terms[((i - 1) + (j * ASCII_DIGIETS))]), - binary_Number[i]); + for (u_int8_t i = 1; i <= ASCII_DIGITS; i++) { + /* the actual position of the bit in the polynom */ + u_int32_t coefficient = (i - 1) + (j * ASCII_DIGITS); + MP_SET(&(poly->terms[coefficient]), binary_Number[i]); + /* set the array to 0 so the next run is garbage free */ binary_Number[i] = 0; poly->terms[i].sign = 0; } } poly->used = (int) length; - mp_clear(chara); + mp_clear(&chara); return poly; -} \ No newline at end of file +} + +/** + * Converts a polynom into a newly allocated string. + * + * @param to_ascii the polynom you want to make a string of. + * @return a pointer to the string ore a NULL pointer in the error case + */ +char *polynom_to_ascii(pb_poly *to_ascii) +{ + if (!to_ascii) { + return NULL; + } + + size_t length_poly = (size_t) to_ascii->used; + size_t length_string = (size_t) (length_poly / ASCII_DIGITS); + char *string = (char*) ntru_malloc(length_string); + char bit_buffer; + char *tmp_ptr = string; + u_int8_t ascii_value = 0; + + for (u_int32_t i = 0; i < length_poly; i += ASCII_DIGITS) { + for (u_int32_t j = 0; j < ASCII_DIGITS; j++) { + if (mp_toradix(&(to_ascii->terms[i + j]), &bit_buffer, 2)) { + return NULL; + } + u_int8_t bit = atoi(&bit_buffer); + ascii_value <<= 1; + ascii_value |= bit; + } + *tmp_ptr++ = ascii_value; + ascii_value = 0; + } + return string; +} diff --git a/src/ascii_poly.h b/src/ascii_poly.h index 739801d..ee8b9d2 100644 --- a/src/ascii_poly.h +++ b/src/ascii_poly.h @@ -23,5 +23,6 @@ #define ASCII_POLY_H_ pb_poly *ascii_to_poly(char *to_poly); +char *polynom_to_ascii(pb_poly *to_ascii); #endif /* ASCII_POLY_H_ */ From b997dc65fd770399018bb1ed6fe28a0101b5d4e0 Mon Sep 17 00:00:00 2001 From: malte Date: Sun, 18 May 2014 18:28:39 +0200 Subject: [PATCH 58/58] POLY->ASCII: added inline comments. --- src/ascii_poly.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/ascii_poly.c b/src/ascii_poly.c index aefaac5..105311a 100644 --- a/src/ascii_poly.c +++ b/src/ascii_poly.c @@ -19,11 +19,11 @@ * MA 02110-1301 USA */ -#include "ascii_poly.h" #include "context.h" #include "err.h" #include "mem.h" #include "poly.h" +#include "ascii_poly.h" #include #include @@ -101,16 +101,24 @@ char *polynom_to_ascii(pb_poly *to_ascii) char *tmp_ptr = string; u_int8_t ascii_value = 0; + /* every char */ for (u_int32_t i = 0; i < length_poly; i += ASCII_DIGITS) { + /* every bit*/ for (u_int32_t j = 0; j < ASCII_DIGITS; j++) { + /* get the bit */ if (mp_toradix(&(to_ascii->terms[i + j]), &bit_buffer, 2)) { return NULL; } + /* bit as integer */ u_int8_t bit = atoi(&bit_buffer); + /* bitshift to the left */ ascii_value <<= 1; + /* set the new bit and keep the other */ ascii_value |= bit; } - *tmp_ptr++ = ascii_value; + /* char into string */ + *tmp_ptr++ = (char) ascii_value; + /* reset for next char */ ascii_value = 0; } return string;