diff --git a/Makefile b/Makefile index 464b285..0a39809 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ CC = gcc CFLAGS = -Wall -Wextra -std=c99 -LIBS = -lssl -lcrypto -LIBS_STATIC = -static -lssl -lcrypto -ldl -lpthread +LIBS = +LIBS_STATIC = -static TARGET = otp SOURCE = otp.c VERSION_SOURCE = src/version.c diff --git a/README.md b/README.md index 7e64982..fb71dee 100644 --- a/README.md +++ b/README.md @@ -25,10 +25,11 @@ Current version can be viewed with: `./otp --help` or by running the interactive ### Prerequisites - GCC compiler -- OpenSSL development libraries (`libssl-dev` on Ubuntu/Debian) - Git (for version tracking) - Make +**Note: OpenSSL is no longer required! This implementation is now completely self-contained.** + ### Build Commands Use the included build script for automatic versioning: @@ -125,10 +126,11 @@ These files are excluded from git (.gitignore) and regenerated on each build. ## Security Features - Uses `/dev/urandom` for cryptographically secure random number generation -- Optional keyboard entropy mixing using HKDF (Hash-based Key Derivation Function) -- SHA-256 pad integrity verification +- Optional keyboard entropy mixing using simple XOR operations +- Custom 256-bit XOR checksum for pad identification (encrypted with pad data) - Read-only pad files to prevent accidental modification - State tracking to prevent pad reuse +- **Zero external crypto dependencies** - completely self-contained implementation ## File Structure diff --git a/otp b/otp index fda1b7f..204e135 100755 Binary files a/otp and b/otp differ diff --git a/otp.c b/otp.c index 7d9fb70..47941ee 100644 --- a/otp.c +++ b/otp.c @@ -12,14 +12,29 @@ #include #include #include -#include -#include -#include -#include -#include -#include #include "src/version.h" +// Custom base64 character set +static const char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; +static const int base64_decode_table[256] = { + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63, + 52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14, + 15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1, + -1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40, + 41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, + -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1 +}; + #define MAX_INPUT_SIZE 4096 #define MAX_LINE_LENGTH 1024 #define MAX_HASH_LENGTH 65 @@ -42,9 +57,8 @@ int decrypt_text(const char* pad_identifier); int setup_raw_terminal(struct termios* original_termios); void restore_terminal(struct termios* original_termios); int collect_keyboard_entropy(unsigned char* entropy_buffer, size_t max_size, size_t* collected); -int hkdf_expand(const unsigned char* prk, size_t prk_len, - const unsigned char* info, size_t info_len, - unsigned char* okm, size_t okm_len); +void simple_entropy_mix(unsigned char* urandom_buffer, size_t buffer_size, + const unsigned char* entropy_data, size_t entropy_size); // Directory management int ensure_pads_directory(void); @@ -62,8 +76,9 @@ void show_progress(uint64_t current, uint64_t total, time_t start_time); int read_state_offset(const char* pad_hash, uint64_t* offset); int write_state_offset(const char* pad_hash, uint64_t offset); int calculate_sha256(const char* filename, char* hash_hex); -char* base64_encode(const unsigned char* input, int length); -unsigned char* base64_decode(const char* input, int* output_length); +void xor_checksum_256(const unsigned char* data, size_t len, unsigned char checksum[32]); +char* custom_base64_encode(const unsigned char* input, int length); +unsigned char* custom_base64_decode(const char* input, int* output_length); // Menu functions void show_main_menu(void); @@ -671,35 +686,12 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use MAX_ENTROPY_BUFFER - entropy_collected, &chunk_entropy); entropy_collected += chunk_entropy; - if (entropy_collected > 1024) { // Have enough entropy to mix - // Create HKDF PRK (extract phase) - unsigned char prk[32]; - EVP_MD_CTX* hmac_ctx = EVP_MD_CTX_new(); - EVP_PKEY* hmac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, - entropy_buffer, entropy_collected); + if (entropy_collected > 512) { // Have enough entropy to mix + // Copy urandom data to output buffer + memcpy(output_buffer, urandom_buffer, chunk_size); - if (hmac_ctx && hmac_key) { - EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_key); - EVP_DigestSignUpdate(hmac_ctx, urandom_buffer, chunk_size); - size_t prk_len = sizeof(prk); - EVP_DigestSignFinal(hmac_ctx, prk, &prk_len); - - // HKDF Expand phase - const char* info = "OTP-PAD-CHUNK"; - if (hkdf_expand(prk, prk_len, (const unsigned char*)info, strlen(info), - output_buffer, chunk_size) == 0) { - // Successfully mixed entropy - } else { - // Fallback to urandom only - memcpy(output_buffer, urandom_buffer, chunk_size); - } - - EVP_PKEY_free(hmac_key); - EVP_MD_CTX_free(hmac_ctx); - } else { - // Fallback to urandom only - memcpy(output_buffer, urandom_buffer, chunk_size); - } + // Simple XOR mixing with keyboard entropy + simple_entropy_mix(output_buffer, chunk_size, entropy_buffer, entropy_collected); // Reset entropy buffer for next chunk entropy_collected = 0; @@ -902,7 +894,7 @@ int encrypt_text(const char* pad_identifier) { } // Encode as base64 - char* base64_cipher = base64_encode(ciphertext, input_len); + char* base64_cipher = custom_base64_encode(ciphertext, input_len); // Update state offset if (write_state_offset(pad_hash, current_offset + input_len) != 0) { @@ -1020,7 +1012,7 @@ int decrypt_text(const char* pad_identifier) { // Decode base64 int ciphertext_len; - unsigned char* ciphertext = base64_decode(base64_data, &ciphertext_len); + unsigned char* ciphertext = custom_base64_decode(base64_data, &ciphertext_len); if (!ciphertext) { printf("Error: Invalid base64 data\n"); return 1; @@ -1112,46 +1104,47 @@ int calculate_sha256(const char* filename, char* hash_hex) { return 1; } - EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); - if (!mdctx) { - fclose(file); - return 1; - } - - if (EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL) != 1) { - EVP_MD_CTX_free(mdctx); - fclose(file); - return 1; - } - + unsigned char checksum[32]; unsigned char buffer[64 * 1024]; // 64KB buffer for large files size_t bytes_read; + // Initialize checksum + memset(checksum, 0, 32); + size_t total_bytes = 0; + + // Calculate XOR checksum of entire file while ((bytes_read = fread(buffer, 1, sizeof(buffer), file)) > 0) { - if (EVP_DigestUpdate(mdctx, buffer, bytes_read) != 1) { - EVP_MD_CTX_free(mdctx); - fclose(file); - return 1; + // Process this chunk with XOR checksum + for (size_t i = 0; i < bytes_read; i++) { + unsigned char bucket = (total_bytes + i) % 32; + checksum[bucket] ^= buffer[i] ^ (((total_bytes + i) >> 8) & 0xFF) ^ + (((total_bytes + i) >> 16) & 0xFF) ^ (((total_bytes + i) >> 24) & 0xFF); } + total_bytes += bytes_read; } - unsigned char hash[EVP_MAX_MD_SIZE]; - unsigned int hash_len; + fclose(file); - if (EVP_DigestFinal_ex(mdctx, hash, &hash_len) != 1) { - EVP_MD_CTX_free(mdctx); + // Now encrypt the checksum with the first 32 bytes of the pad + fseek(file = fopen(filename, "rb"), 0, SEEK_SET); + unsigned char pad_key[32]; + if (fread(pad_key, 1, 32, file) != 32) { fclose(file); return 1; } - - EVP_MD_CTX_free(mdctx); fclose(file); - // Convert to hex string - for (unsigned int i = 0; i < hash_len; i++) { - sprintf(hash_hex + (i * 2), "%02x", hash[i]); + // XOR encrypt the checksum with pad data to create unique identifier + unsigned char encrypted_checksum[32]; + for (int i = 0; i < 32; i++) { + encrypted_checksum[i] = checksum[i] ^ pad_key[i]; } - hash_hex[hash_len * 2] = '\0'; + + // Convert to hex string (64 characters) + for (int i = 0; i < 32; i++) { + sprintf(hash_hex + (i * 2), "%02x", encrypted_checksum[i]); + } + hash_hex[64] = '\0'; return 0; } @@ -1226,49 +1219,6 @@ int collect_keyboard_entropy(unsigned char* entropy_buffer, size_t max_size, siz return 0; } -int hkdf_expand(const unsigned char* prk, size_t prk_len, - const unsigned char* info, size_t info_len, - unsigned char* okm, size_t okm_len) { - EVP_MD_CTX* ctx = EVP_MD_CTX_new(); - if (!ctx) return 1; - - unsigned char t[32]; // SHA-256 output size - unsigned char counter = 1; - size_t t_len = 32; - size_t pos = 0; - - while (pos < okm_len) { - if (EVP_DigestInit_ex(ctx, EVP_sha256(), NULL) != 1) { - EVP_MD_CTX_free(ctx); - return 1; - } - - if (pos > 0) { - EVP_DigestUpdate(ctx, t, t_len); - } - - EVP_DigestUpdate(ctx, prk, prk_len); - if (info && info_len > 0) { - EVP_DigestUpdate(ctx, info, info_len); - } - EVP_DigestUpdate(ctx, &counter, 1); - - unsigned int hash_len; - if (EVP_DigestFinal_ex(ctx, t, &hash_len) != 1) { - EVP_MD_CTX_free(ctx); - return 1; - } - - size_t copy_len = (okm_len - pos < hash_len) ? okm_len - pos : hash_len; - memcpy(okm + pos, t, copy_len); - - pos += copy_len; - counter++; - } - - EVP_MD_CTX_free(ctx); - return 0; -} // Directory management functions int ensure_pads_directory(void) { @@ -1286,49 +1236,91 @@ void get_pad_path(const char* hash, char* pad_path, char* state_path) { snprintf(state_path, MAX_HASH_LENGTH + 20, "%s/%s.state", PADS_DIR, hash); } -char* base64_encode(const unsigned char* input, int length) { - BIO *bio, *b64; - BUF_MEM *buffer_ptr; - - b64 = BIO_new(BIO_f_base64()); - bio = BIO_new(BIO_s_mem()); - bio = BIO_push(b64, bio); - - BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); - BIO_write(bio, input, length); - BIO_flush(bio); - - BIO_get_mem_ptr(bio, &buffer_ptr); - - char* result = malloc(buffer_ptr->length + 1); - memcpy(result, buffer_ptr->data, buffer_ptr->length); - result[buffer_ptr->length] = '\0'; - - BIO_free_all(bio); - return result; + +// Custom XOR checksum function +void xor_checksum_256(const unsigned char* data, size_t len, unsigned char checksum[32]) { + memset(checksum, 0, 32); + for (size_t i = 0; i < len; i++) { + unsigned char bucket = i % 32; + checksum[bucket] ^= data[i] ^ ((i >> 8) & 0xFF) ^ ((i >> 16) & 0xFF) ^ ((i >> 24) & 0xFF); + } } -unsigned char* base64_decode(const char* input, int* output_length) { - BIO *bio, *b64; - int decode_len = strlen(input); +// Custom base64 encode function +char* custom_base64_encode(const unsigned char* input, int length) { + int output_length = 4 * ((length + 2) / 3); + char* encoded = malloc(output_length + 1); + if (!encoded) return NULL; - unsigned char* buffer = malloc(decode_len); - - bio = BIO_new_mem_buf(input, -1); - b64 = BIO_new(BIO_f_base64()); - bio = BIO_push(b64, bio); - - BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); - *output_length = BIO_read(bio, buffer, decode_len); - - BIO_free_all(bio); - - if (*output_length <= 0) { - free(buffer); - return NULL; + int i, j; + for (i = 0, j = 0; i < length;) { + uint32_t octet_a = i < length ? input[i++] : 0; + uint32_t octet_b = i < length ? input[i++] : 0; + uint32_t octet_c = i < length ? input[i++] : 0; + + uint32_t triple = (octet_a << 16) + (octet_b << 8) + octet_c; + + encoded[j++] = base64_chars[(triple >> 18) & 63]; + encoded[j++] = base64_chars[(triple >> 12) & 63]; + encoded[j++] = base64_chars[(triple >> 6) & 63]; + encoded[j++] = base64_chars[triple & 63]; } - return buffer; + // Add padding + for (int pad = 0; pad < (3 - length % 3) % 3; pad++) { + encoded[output_length - 1 - pad] = '='; + } + + encoded[output_length] = '\0'; + return encoded; +} + +// Custom base64 decode function +unsigned char* custom_base64_decode(const char* input, int* output_length) { + int input_length = strlen(input); + if (input_length % 4 != 0) return NULL; + + *output_length = input_length / 4 * 3; + if (input[input_length - 1] == '=') (*output_length)--; + if (input[input_length - 2] == '=') (*output_length)--; + + unsigned char* decoded = malloc(*output_length); + if (!decoded) return NULL; + + int i, j; + for (i = 0, j = 0; i < input_length;) { + int sextet_a = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]]; + int sextet_b = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]]; + int sextet_c = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]]; + int sextet_d = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]]; + + if (sextet_a == -1 || sextet_b == -1 || sextet_c == -1 || sextet_d == -1) { + free(decoded); + return NULL; + } + + uint32_t triple = (sextet_a << 18) + (sextet_b << 12) + (sextet_c << 6) + sextet_d; + + if (j < *output_length) decoded[j++] = (triple >> 16) & 255; + if (j < *output_length) decoded[j++] = (triple >> 8) & 255; + if (j < *output_length) decoded[j++] = triple & 255; + } + + return decoded; +} + +// Simple keyboard entropy mixing function +void simple_entropy_mix(unsigned char* urandom_buffer, size_t buffer_size, + const unsigned char* entropy_data, size_t entropy_size) { + if (!entropy_data || entropy_size == 0) return; + + for (size_t i = 0; i < buffer_size; i++) { + // XOR with entropy data in a rotating pattern + unsigned char entropy_byte = entropy_data[i % entropy_size]; + // Mix position information + entropy_byte ^= (i & 0xFF) ^ ((i >> 8) & 0xFF); + urandom_buffer[i] ^= entropy_byte; + } } void print_usage(const char* program_name) {