Version v0.2.7 - Automatic version increment

Version v0.2.5 - Automatic version increment
remove all external crypto libraries
2025-08-10 09:06:53 -04:00 · 2025-08-10 08:56:56 -04:00 · 2025-08-10 08:47:17 -04:00 · 2025-08-10 08:21:41 -04:00
6 changed files with 596 additions and 414 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,7 @@
 pads/
 Gemini.md
 # Auto-generated version files
 src/version.h
 src/version.c
 VERSION
--- a/14
+++ b/14
@@ -1,14 +1,22 @@
 CC = gcc
 CFLAGS = -Wall -Wextra -std=c99
-LIBS = -lssl -lcrypto
+LIBS = 
 LIBS_STATIC = -static
 TARGET = otp
 SOURCE = otp.c
 VERSION_SOURCE = src/version.c
 # Default build target
 $(TARGET): $(SOURCE)
-	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(LIBS)
+	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(VERSION_SOURCE) $(LIBS)
 # Static linking target
 static: $(SOURCE)
 	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(VERSION_SOURCE) $(LIBS_STATIC)
 clean:
 	rm -f $(TARGET) *.pad *.state
 	rm -f src/version.h src/version.c VERSION
 install:
 	sudo cp $(TARGET) /usr/local/bin/
@@ -16,4 +24,4 @@ install:
 uninstall:
 	sudo rm -f /usr/local/bin/$(TARGET)
-.PHONY: clean install uninstall
+.PHONY: clean install uninstall static
--- a/README.md
+++ b/README.md
@@ -1,59 +1,166 @@
-# OTP Cipher v2.0 - Enhanced One Time Pad Implementation
+r# OTP Cipher - One Time Pad Implementation
-A comprehensive and user-friendly One Time Pad (OTP) cryptographic system implemented in C for Linux, supporting massive pad sizes up to 10TB+ with both interactive and command-line interfaces.
+A secure one-time pad (OTP) cipher implementation in C with automatic versioning system.
 ## New in Version 2.0 🚀
 - **Interactive Menu System** - User-friendly menu-driven interface
 - **Smart Size Parsing** - Supports K/KB/M/MB/G/GB/T/TB units
 - **Partial Hash Matching** - Use hash prefixes or pad numbers for selection
 - **Progress Indicators** - Real-time progress for large pad generation
 - **10TB+ Support** - Generate massive pads for external drives
 - **Enhanced Pad Management** - List, info, and usage statistics
 ## Features
- **Cryptographically secure** random pad generation using `/dev/urandom`
+- **Perfect Security**: Implements true one-time pad encryption with information-theoretic security
- **ASCII armor format** similar to PGP for encrypted messages
+- **Keyboard Entropy**: Optional keyboard entropy collection for enhanced randomness
- **Integrity verification** using SHA-256 hashing of pad files
+- **Automatic Versioning**: Built-in semantic versioning with automatic patch increment
- **State management** to prevent pad reuse
+- **Multiple Build Options**: Standard and static linking builds
- **Interactive text encryption/decryption**
+- **Cross-Platform**: Works on Linux and other UNIX-like systems
 - **Hash-based file naming** for content verification
 - **Read-only pad protection** prevents accidental corruption
-## Dependencies
+## Version Information
- OpenSSL development libraries (`libssl-dev` on Ubuntu/Debian)
+This project uses an automatic versioning system that:
- GCC compiler
+- Automatically increments the patch version on each build
 - Embeds build timestamp, git commit hash, and branch information
 - Creates git tags for version tracking
 - Generates version header files with detailed build metadata
-### Install dependencies on Ubuntu/Debian:
+Current version can be viewed with: `./otp --help` or by running the interactive mode.
 ```bash
 sudo apt update
 sudo apt install libssl-dev build-essential
 ```
 ## Building
 ### Prerequisites
 - GCC compiler
 - Git (for version tracking)
 - Make
 **Note: OpenSSL is no longer required! This implementation is now completely self-contained.**
 ### Build Commands
 Use the included build script for automatic versioning:
 ```bash
-make
+# Standard build (default)
 ./build.sh build
 # Static linking build
 ./build.sh static
 # Clean build artifacts
 ./build.sh clean
 # Generate version files only
 ./build.sh version
 # Install to system
 ./build.sh install
 # Remove from system
 ./build.sh uninstall
 # Show usage
 ./build.sh help
 ```
-This will create the `otp` executable.
+### Traditional Make
-## Usage Modes
+You can also use make directly (without automatic versioning):
-### Interactive Mode (Recommended)
+```bash
 make            # Standard build
 make static     # Static linking
 make clean      # Clean artifacts
 make install    # Install to /usr/local/bin/
 make uninstall  # Remove from system
 ```
-Simply run the program without arguments:
+## Usage
 ### Interactive Mode
 ```bash
 ./otp
 ```
-This launches a menu-driven interface:
+### Command Line Mode
 ```bash
 # Generate a new pad
 ./otp generate 1GB
 # Encrypt text (interactive input)
 ./otp encrypt <pad_hash_or_prefix>
 # Decrypt message (interactive input)  
 ./otp decrypt <pad_hash_or_prefix>
 # List available pads
 ./otp list
 ```
-=== OTP Cipher Interactive Mode ===
+
-Version: OTP-CIPHER 2.0
+## Version System Details
 ### Automatic Version Increment
 Every build automatically increments the patch version:
 - v0.1.0 → v0.1.1 → v0.1.2, etc.
 - Creates git tags for each version
 - Embeds detailed build information
 ### Manual Version Control
 For major/minor releases, create tags manually:
 ```bash
 # Feature release (minor bump)
 git tag v0.2.0    # Next build: v0.2.1
 # Breaking change (major bump)  
 git tag v1.0.0    # Next build: v1.0.1
 ```
 ### Version Information Available
 - Version number (major.minor.patch)
 - Git commit hash and branch
 - Build date and time
 - Full version display with metadata
 ### Generated Files
 The build system automatically generates:
 - `src/version.h` - Version constants and macros
 - `src/version.c` - Version API functions  
 - `VERSION` - Plain text version number
 These files are excluded from git (.gitignore) and regenerated on each build.
 ## Security Features
 - Uses `/dev/urandom` for cryptographically secure random number generation
 - Optional keyboard entropy mixing using simple XOR operations
 - Custom 256-bit XOR checksum for pad identification (encrypted with pad data)
 - Read-only pad files to prevent accidental modification
 - State tracking to prevent pad reuse
 - **Zero external crypto dependencies** - completely self-contained implementation
 ## File Structure
 ```
 otp/
 ├── build.sh          # Build script with automatic versioning
 ├── Makefile         # Traditional make build system  
 ├── otp.c            # Main source code
 ├── README.md        # This file
 ├── .gitignore       # Git ignore rules
 ├── src/             # Generated version files (auto-created)
 │   ├── version.h    # Version header (generated)
 │   └── version.c    # Version implementation (generated)
 ├── pads/            # OTP pad storage directory (created at runtime)
 └── VERSION          # Plain text version (generated)
 ```
 ## Examples
 ### Build and Version Tracking
 ```bash
 $ ./build.sh build
 [INFO] Incrementing version...
 [INFO] Current version: v0.1.4  
 [INFO] New version: v0.1.5
 [SUCCESS] Created new version tag: v0.1.5
 [SUCCESS] Build completed successfully
 $ ./otp
 === OTP Cipher v0.1.5 ===
 === Main Menu ===
 1. Generate new pad
@@ -62,212 +169,33 @@ Version: OTP-CIPHER 2.0
 4. List available pads
 5. Show pad information
 6. Exit
 $ ./otp --help
 OTP Cipher - One Time Pad Implementation v0.1.5
 Built on 2025-08-10 at 08:17:47 from commit 9edfa5f on branch master
 Usage:
  ./otp                              - Interactive mode
  ...
 ```
-### Command Line Mode
+### Version History
 For automation and scripting:
 ```bash
-./otp generate <size>              # Generate new pad
+$ git tag --list
-./otp encrypt <pad_hash_prefix>    # Encrypt text
+v0.1.0
-./otp decrypt <pad_hash_prefix>    # Decrypt message
+v0.1.1  
-./otp list                         # List available pads
+v0.1.2
 v0.1.3
 v0.1.4
 v0.1.5
 ```
-## Smart Size Parsing
+## License
-The system intelligently parses size specifications:
+This project includes automatic versioning system based on the Generic Automatic Version Increment System.
-```bash
+## Contributing
 ./otp generate 1024        # 1024 bytes
 ./otp generate 5MB         # 5 megabytes
 ./otp generate 2GB         # 2 gigabytes  
 ./otp generate 10TB        # 10 terabytes
 ./otp generate 1.5GB       # 1.5 gigabytes (decimal supported)
 ```
-**Supported units:** K, KB, M, MB, G, GB, T, TB (case insensitive)
+When contributing:
-
+1. The version will automatically increment on builds
-## Pad Selection
+2. For major features, consider manually creating minor version tags
-
+3. Generated version files (`src/version.*`, `VERSION`) should not be committed
 Multiple convenient ways to select pads:
 1. **Full hash**: `./otp encrypt a1b2c3d4e5f6789012345678901234567890abcdef...`
 2. **Hash prefix**: `./otp encrypt a1b2c3d4`
 3. **Pad number**: `./otp encrypt 1` (from list output)
 ## Example Workflows
 ### Basic Usage
 ```bash
 # Generate a 1GB pad
 ./otp generate 1GB
 Generated pad: a1b2c3d4e5f6789...123456.pad (1.00 GB)
 Pad hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456
 # List available pads
 ./otp list
 Available pads:
 No.  Hash (first 16 chars) Size         Used
 ---  -------------------  ----------   ----------
 1    a1b2c3d4e5f67890     1.00GB       0.0MB
 # Encrypt using hash prefix
 ./otp encrypt a1b2
 Enter text to encrypt: Secret message
 -----BEGIN OTP MESSAGE-----
 Version: OTP-CIPHER 2.0
 Pad-Hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456
 Pad-Offset: 0
 U2VjcmV0IG1lc3NhZ2U=
 -----END OTP MESSAGE-----
 ```
 ### Large Scale Usage
 ```bash
 # Generate a 5TB pad for external drive
 ./otp generate 5TB
 Progress: 100.0% (85.2 MB/s, ETA: 0s)
 Generated pad: f9e8d7c6b5a4932...654321.pad (5.00 TB)
 # Use pad number for quick selection
 ./otp encrypt 1
 Enter text to encrypt: Classified information
 ```
 ### Interactive Mode Workflow
 ```bash
 ./otp
 # Select option 1 to generate
 # Enter size: 10GB
 # Select option 2 to encrypt
 # Choose pad from list
 # Enter your message
 ```
 ## Security Features
 ### Perfect Forward Secrecy
 Each message uses a unique portion of the pad that is never reused, ensuring perfect forward secrecy.
 ### Content-Based Integrity
 - **SHA-256 file naming**: Pad files named by their hash ensure content verification
 - **Integrity checking**: Embedded hashes detect pad corruption/tampering
 - **Read-only protection**: Pad files automatically set to read-only after creation
 ### ASCII Armor Format
 Messages use a PGP-like ASCII armor format:
 ```
 -----BEGIN OTP MESSAGE-----
 Version: OTP-CIPHER 2.0
 Pad-Hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456
 Pad-Offset: 0
 U2VjcmV0IG1lc3NhZ2U=
 -----END OTP MESSAGE-----
 ```
 ### State Management
 - **Automatic tracking**: Prevents pad reuse through state files
 - **Portable state**: State stored separately from immutable pad data
 - **Usage statistics**: Track pad consumption and remaining capacity
 ## File Structure
 **Source Files:**
 - `otp.c` - Complete implementation (850+ lines)
 - `Makefile` - Build configuration
 - `README.md` - This documentation
 **Generated Files:**
 - `otp` - Compiled executable
 - `<hash>.pad` - Pad files (read-only, hash-named)
 - `<hash>.state` - State files (writable, tracks usage)
 ## Advanced Features
 ### Progress Indicators
 For large pads, see real-time generation progress:
 ```
 Generating pad...
 Progress: 45.2% (78.5 MB/s, ETA: 125s)
 ```
 ### Pad Information
 Detailed statistics for each pad:
 ```bash
 ./otp list
 No.  Hash (first 16 chars) Size         Used
 ---  -------------------  ----------   ----------
 1    a1b2c3d4e5f67890     5.00TB       2.1GB
 2    f9e8d7c6b5a49321     1.00GB       0.5GB
 ```
 ### Multiple Pad Management
 - List all available pads
 - Show detailed information per pad
 - Track usage across multiple pads
 - Quick selection by number or prefix
 ## Performance
 ### Size Limits
 - **Theoretical maximum**: 18 exabytes (uint64_t limit)
 - **Practical maximum**: Limited by available disk space
 - **Tested up to**: 10TB+ on modern systems
 - **Generation speed**: ~80-120 MB/s (system dependent)
 ### Memory Efficiency
 - **Streaming operation**: Constant memory usage regardless of pad size
 - **64KB buffers**: Efficient I/O without excessive memory consumption
 - **Large file support**: Handles multi-terabyte pads efficiently
 ## Security Notes
 ⚠️ **Critical Security Requirements:**
 1. **Never reuse pad data** - Automatic prevention through state tracking
 2. **Secure pad distribution** - Use secure channels for pad sharing
 3. **Physical security** - Protect pad files like encryption keys
 4. **Verify integrity** - Always check pad hash verification during decryption
 5. **Secure systems** - Generate pads on trusted systems with good entropy
 ## Installation
 ### Local Installation
 ```bash
 make install          # Install to /usr/local/bin
 make uninstall        # Remove from system
 ```
 ### Clean Up
 ```bash
 make clean           # Remove compiled files and generated pads
 ```
 ## Technical Specifications
 - **Entropy source**: `/dev/urandom` (cryptographically secure)
 - **Hash algorithm**: SHA-256 for integrity verification
 - **Encoding**: Base64 for ciphertext representation
 - **File format**: ASCII armor with embedded metadata
 - **Architecture**: Single C file, ~850 lines
 - **Dependencies**: OpenSSL libcrypto
 - **Platform**: Linux (easily portable)
 ## Theory
 A One Time Pad is theoretically unbreakable when implemented correctly with:
 - **Perfect randomness**: Cryptographically secure entropy
 - **Key length**: Equal to or greater than message length  
 - **Single use**: Each pad portion used exactly once
 - **Secure distribution**: Pads shared through secure channels
 This implementation satisfies all requirements for perfect cryptographic security while providing modern usability features for practical deployment.
 ## Version History
 - **v2.0**: Interactive mode, smart parsing, 10TB+ support, enhanced UX
 - **v1.0**: Basic command-line implementation with hash-based naming
--- a/build.sh
+++ b/build.sh
@@ -0,0 +1,241 @@
 #!/bin/bash
 set -e
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 BLUE='\033[0;34m'
 NC='\033[0m'
 print_status() { echo -e "${BLUE}[INFO]${NC} $1"; }
 print_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
 print_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; }
 print_error() { echo -e "${RED}[ERROR]${NC} $1"; }
 # Function to automatically increment version
 increment_version() {
    print_status "Incrementing version..."
    # Check if we're in a git repository
    if ! git rev-parse --git-dir > /dev/null 2>&1; then
        print_warning "Not in a git repository - skipping version increment"
        return 0
    fi
    # Get the highest version tag (not chronologically latest)
    LATEST_TAG=$(git tag -l 'v*.*.*' | sort -V | tail -n 1 || echo "v0.1.0")
    if [[ -z "$LATEST_TAG" ]]; then
        LATEST_TAG="v0.1.0"
    fi
    # Extract version components (remove 'v' prefix)
    VERSION=${LATEST_TAG#v}
    # Parse major.minor.patch using regex
    if [[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
        MAJOR=${BASH_REMATCH[1]}
        MINOR=${BASH_REMATCH[2]}
        PATCH=${BASH_REMATCH[3]}
    else
        print_error "Invalid version format in tag: $LATEST_TAG"
        print_error "Expected format: v0.1.0"
        return 1
    fi
    # Increment patch version
    NEW_PATCH=$((PATCH + 1))
    NEW_VERSION="v${MAJOR}.${MINOR}.${NEW_PATCH}"
    print_status "Current version: $LATEST_TAG"
    print_status "New version: $NEW_VERSION"
    # Stage all changes
    if git add . 2>/dev/null; then
        print_success "Staged all changes"
    else
        print_warning "Failed to stage changes (maybe not a git repository)"
    fi
    # Commit changes with version message
    if git commit -m "Version $NEW_VERSION - Automatic version increment" 2>/dev/null; then
        print_success "Committed changes for version $NEW_VERSION"
    else
        print_warning "Failed to commit changes (maybe no changes to commit or not a git repository)"
    fi
    # Create new git tag
    if git tag "$NEW_VERSION" 2>/dev/null; then
        print_success "Created new version tag: $NEW_VERSION"
    else
        print_warning "Tag $NEW_VERSION already exists - using existing version"
        NEW_VERSION=$LATEST_TAG
        # Re-extract version components for existing tag
        VERSION=${NEW_VERSION#v}
        if [[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
            MAJOR=${BASH_REMATCH[1]}
            MINOR=${BASH_REMATCH[2]}
            NEW_PATCH=${BASH_REMATCH[3]}
        fi
    fi
    # Update VERSION file for compatibility
    echo "${NEW_VERSION#v}" > VERSION
    print_success "Updated VERSION file to ${NEW_VERSION#v}"
    # Generate version.h header file
    mkdir -p src
    cat > src/version.h << EOF
 /*
 * Auto-Generated Version Header
 * DO NOT EDIT THIS FILE MANUALLY - Generated by build script
 */
 #ifndef VERSION_H
 #define VERSION_H
 #define VERSION_MAJOR ${MAJOR}
 #define VERSION_MINOR ${MINOR}
 #define VERSION_PATCH ${NEW_PATCH}
 #define VERSION_STRING "${MAJOR}.${MINOR}.${NEW_PATCH}"
 #define VERSION_TAG "${NEW_VERSION}"
 /* Build information */
 #define BUILD_DATE "$(date +%Y-%m-%d)"
 #define BUILD_TIME "$(date +%H:%M:%S)"
 #define BUILD_TIMESTAMP "$(date '+%Y-%m-%d %H:%M:%S')"
 /* Git information */
 #define GIT_HASH "$(git rev-parse --short HEAD 2>/dev/null || echo 'unknown')"
 #define GIT_BRANCH "$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo 'unknown')"
 /* Display versions */
 #define VERSION_DISPLAY "${NEW_VERSION}"
 #define VERSION_FULL_DISPLAY "${NEW_VERSION} ($(date '+%Y-%m-%d %H:%M:%S'), $(git rev-parse --short HEAD 2>/dev/null || echo 'unknown'))"
 /* Version API functions */
 const char* get_version(void);
 const char* get_version_full(void);
 const char* get_build_info(void);
 #endif /* VERSION_H */
 EOF
    # Generate version.c implementation file
    cat > src/version.c << EOF
 /*
 * Auto-Generated Version Implementation
 * DO NOT EDIT THIS FILE MANUALLY - Generated by build script
 */
 #include "version.h"
 const char* get_version(void) {
    return VERSION_TAG;
 }
 const char* get_version_full(void) {
    return VERSION_FULL_DISPLAY;
 }
 const char* get_build_info(void) {
    return "Built on " BUILD_DATE " at " BUILD_TIME " from commit " GIT_HASH " on branch " GIT_BRANCH;
 }
 EOF
    print_success "Generated version header files"
 }
 # Build functions
 build_project() {
    print_status "Cleaning previous build..."
    make clean
    increment_version
    print_status "Building OTP project..."
    make
    if [ $? -eq 0 ]; then
        print_success "Build completed successfully"
    else
        print_error "Build failed"
        return 1
    fi
 }
 build_static() {
    print_status "Cleaning previous build..."
    make clean
    increment_version
    print_status "Building OTP project with static linking..."
    make static
    if [ $? -eq 0 ]; then
        print_success "Static build completed successfully"
    else
        print_error "Static build failed"
        return 1
    fi
 }
 clean_project() {
    print_status "Cleaning build artifacts..."
    make clean
    rm -f VERSION src/version.h src/version.c
    print_success "Clean completed"
 }
 install_project() {
    print_status "Installing OTP project..."
    make install
    if [ $? -eq 0 ]; then
        print_success "Installation completed"
    else
        print_error "Installation failed"
        return 1
    fi
 }
 uninstall_project() {
    print_status "Uninstalling OTP project..."
    make uninstall
    if [ $? -eq 0 ]; then
        print_success "Uninstallation completed"
    else
        print_error "Uninstallation failed"
        return 1
    fi
 }
 # Main script logic
 case "${1:-build}" in
    build)
        build_project
        ;;
    static)
        build_static
        ;;
    clean)
        clean_project
        ;;
    install)
        install_project
        ;;
    uninstall)
        uninstall_project
        ;;
    version)
        increment_version
        print_status "Version information generated"
        ;;
    *)
        echo "OTP Cipher Build Script"
        echo "Usage: $0 {build|static|clean|install|uninstall|version}"
        echo ""
        echo "Commands:"
        echo "  build     - Build project with automatic version increment (default)"
        echo "  static    - Build with static linking"
        echo "  clean     - Clean build artifacts and generated files"
        echo "  install   - Install to system (requires build first)"
        echo "  uninstall - Remove from system"
        echo "  version   - Generate version files only"
        exit 1
        ;;
 esac
--- a/BIN
+++ b/BIN
--- a/otp.c
+++ b/otp.c
@@ -1,4 +1,5 @@
 #define _POSIX_C_SOURCE 200809L
 #define _DEFAULT_SOURCE
 #include <stdio.h>
 #include <stdlib.h>
@@ -11,17 +12,32 @@
 #include <ctype.h>
 #include <termios.h>
 #include <fcntl.h>
-#include <openssl/sha.h>
+#include "src/version.h"
-#include <openssl/evp.h>
+
-#include <openssl/bio.h>
+// Custom base64 character set
-#include <openssl/buffer.h>
+static const char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-#include <openssl/kdf.h>
+static const int base64_decode_table[256] = {
-#include <openssl/hmac.h>
+    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,
    52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,
    -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,
    15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,
    -1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,
    41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
    -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
 };
 #define MAX_INPUT_SIZE 4096
 #define MAX_LINE_LENGTH 1024
 #define MAX_HASH_LENGTH 65
 #define VERSION_STRING "OTP-CIPHER 2.0"
 #define PROGRESS_UPDATE_INTERVAL (64 * 1024 * 1024)  // 64MB intervals
 #define PADS_DIR "pads"
 #define MAX_ENTROPY_BUFFER 32768  // 32KB entropy buffer
@@ -41,9 +57,8 @@ int decrypt_text(const char* pad_identifier);
 int setup_raw_terminal(struct termios* original_termios);
 void restore_terminal(struct termios* original_termios);
 int collect_keyboard_entropy(unsigned char* entropy_buffer, size_t max_size, size_t* collected);
-int hkdf_expand(const unsigned char* prk, size_t prk_len, 
+void simple_entropy_mix(unsigned char* urandom_buffer, size_t buffer_size, 
-                const unsigned char* info, size_t info_len,
+                         const unsigned char* entropy_data, size_t entropy_size);
                unsigned char* okm, size_t okm_len);
 // Directory management
 int ensure_pads_directory(void);
@@ -60,9 +75,10 @@ void show_progress(uint64_t current, uint64_t total, time_t start_time);
 // File operations
 int read_state_offset(const char* pad_hash, uint64_t* offset);
 int write_state_offset(const char* pad_hash, uint64_t offset);
-int calculate_sha256(const char* filename, char* hash_hex);
+int calculate_checksum(const char* filename, char* checksum_hex);
-char* base64_encode(const unsigned char* input, int length);
+void xor_checksum_256(const unsigned char* data, size_t len, unsigned char checksum[32]);
-unsigned char* base64_decode(const char* input, int* output_length);
+char* custom_base64_encode(const unsigned char* input, int length);
 unsigned char* custom_base64_decode(const char* input, int* output_length);
 // Menu functions
 void show_main_menu(void);
@@ -81,8 +97,7 @@ int main(int argc, char* argv[]) {
 }
 int interactive_mode(void) {
-    printf("=== OTP Cipher Interactive Mode ===\n");
+    printf("=== OTP Cipher %s ===\n\n", get_version());
    printf("Version: %s\n\n", VERSION_STRING);
    while (1) {
        show_main_menu();
@@ -102,7 +117,7 @@ int interactive_mode(void) {
                list_available_pads();
                break;
            case 5: {
-                printf("Enter pad hash (or prefix): ");
+                printf("Enter pad checksum (or prefix): ");
                char input[MAX_HASH_LENGTH];
                if (fgets(input, sizeof(input), stdin)) {
                    input[strcspn(input, "\n")] = 0;
@@ -364,7 +379,7 @@ int list_available_pads(void) {
            hash[64] = '\0';
            // Get pad file size
-            char full_path[MAX_HASH_LENGTH + 20];
+            char full_path[300]; // Increased buffer size to accommodate longer paths
            snprintf(full_path, sizeof(full_path), "%s/%s", PADS_DIR, entry->d_name);
            struct stat st;
            if (stat(full_path, &st) == 0) {
@@ -544,9 +559,9 @@ int generate_pad(uint64_t size_bytes, int display_progress) {
    fclose(urandom);
    fclose(pad_file);
-    // Calculate SHA-256 of the pad file
+    // Calculate XOR checksum of the pad file
-    if (calculate_sha256(temp_filename, hash_hex) != 0) {
+    if (calculate_checksum(temp_filename, hash_hex) != 0) {
-        printf("Error: Cannot calculate pad hash\n");
+        printf("Error: Cannot calculate pad checksum\n");
        unlink(temp_filename);
        return 1;
    }
@@ -639,7 +654,6 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
    unsigned char urandom_buffer[64 * 1024]; // 64KB buffer
    unsigned char output_buffer[64 * 1024];
    uint64_t bytes_written = 0;
    time_t start_time = time(NULL);
    if (display_progress) {
        printf("Generating pad...\n");
@@ -672,35 +686,12 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
                                   MAX_ENTROPY_BUFFER - entropy_collected, &chunk_entropy);
            entropy_collected += chunk_entropy;
-            if (entropy_collected > 1024) { // Have enough entropy to mix
+            if (entropy_collected > 512) { // Have enough entropy to mix
-                // Create HKDF PRK (extract phase)
+                // Copy urandom data to output buffer
                unsigned char prk[32];
                EVP_MD_CTX* hmac_ctx = EVP_MD_CTX_new();
                EVP_PKEY* hmac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, 
                                                                  entropy_buffer, entropy_collected);
                if (hmac_ctx && hmac_key) {
                    EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_key);
                    EVP_DigestSignUpdate(hmac_ctx, urandom_buffer, chunk_size);
                    size_t prk_len = sizeof(prk);
                    EVP_DigestSignFinal(hmac_ctx, prk, &prk_len);
                    // HKDF Expand phase
                    const char* info = "OTP-PAD-CHUNK";
                    if (hkdf_expand(prk, prk_len, (const unsigned char*)info, strlen(info),
                                   output_buffer, chunk_size) == 0) {
                        // Successfully mixed entropy
                    } else {
                        // Fallback to urandom only
                memcpy(output_buffer, urandom_buffer, chunk_size);
                    }
-                    EVP_PKEY_free(hmac_key);
+                // Simple XOR mixing with keyboard entropy
-                    EVP_MD_CTX_free(hmac_ctx);
+                simple_entropy_mix(output_buffer, chunk_size, entropy_buffer, entropy_collected);
                } else {
                    // Fallback to urandom only
                    memcpy(output_buffer, urandom_buffer, chunk_size);
                }
                // Reset entropy buffer for next chunk
                entropy_collected = 0;
@@ -752,9 +743,9 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
    fclose(urandom);
    fclose(pad_file);
-    // Calculate SHA-256 of the pad file
+    // Calculate XOR checksum of the pad file
-    if (calculate_sha256(temp_filename, hash_hex) != 0) {
+    if (calculate_checksum(temp_filename, hash_hex) != 0) {
-        printf("Error: Cannot calculate pad hash\n");
+        printf("Error: Cannot calculate pad checksum\n");
        unlink(temp_filename);
        return 1;
    }
@@ -773,11 +764,11 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
        printf("Warning: Cannot set pad file to read-only\n");
    }
-    // Initialize state file with offset 0
+    // Initialize state file with offset 32 (first 32 bytes used for checksum encryption)
    FILE* state_file = fopen(state_path, "wb");
    if (state_file) {
-        uint64_t zero = 0;
+        uint64_t reserved_bytes = 32;
-        fwrite(&zero, sizeof(uint64_t), 1, state_file);
+        fwrite(&reserved_bytes, sizeof(uint64_t), 1, state_file);
        fclose(state_file);
    } else {
        printf("Error: Failed to create state file\n");
@@ -787,7 +778,7 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
    double size_gb = (double)size_bytes / (1024.0 * 1024.0 * 1024.0);
    printf("Generated pad: %s (%.2f GB)\n", pad_path, size_gb);
-    printf("Pad hash: %s\n", hash_hex);
+    printf("Pad checksum: %s\n", hash_hex);
    printf("State file: %s\n", state_path);
    if (use_keyboard_entropy) {
        printf("Enhanced with keyboard entropy!\n");
@@ -803,7 +794,6 @@ int encrypt_text(const char* pad_identifier) {
        return 1;
    }
    char pad_filename[MAX_HASH_LENGTH + 10];
    char input_text[MAX_INPUT_SIZE];
    char hash_hex[MAX_HASH_LENGTH];
    uint64_t current_offset;
@@ -826,9 +816,18 @@ int encrypt_text(const char* pad_identifier) {
        return 1;
    }
-    // Calculate SHA-256 of pad file
+    // Ensure we never encrypt before offset 32 (reserved for checksum encryption)
-    if (calculate_sha256(pad_path, hash_hex) != 0) {
+    if (current_offset < 32) {
-        printf("Error: Cannot calculate pad hash\n");
+        printf("Warning: State offset below reserved area, adjusting to 32\n");
        current_offset = 32;
        if (write_state_offset(pad_hash, current_offset) != 0) {
            printf("Warning: Failed to update state file\n");
        }
    }
    // Calculate XOR checksum of pad file
    if (calculate_checksum(pad_path, hash_hex) != 0) {
        printf("Error: Cannot calculate pad checksum\n");
        free(pad_hash);
        return 1;
    }
@@ -904,7 +903,7 @@ int encrypt_text(const char* pad_identifier) {
    }
    // Encode as base64
-    char* base64_cipher = base64_encode(ciphertext, input_len);
+    char* base64_cipher = custom_base64_encode(ciphertext, input_len);
    // Update state offset
    if (write_state_offset(pad_hash, current_offset + input_len) != 0) {
@@ -913,7 +912,7 @@ int encrypt_text(const char* pad_identifier) {
    // Output in ASCII armor format
    printf("\n-----BEGIN OTP MESSAGE-----\n");
-    printf("Version: %s\n", VERSION_STRING);
+    printf("Version: %s\n", get_version());
    printf("Pad-Hash: %s\n", hash_hex);
    printf("Pad-Offset: %lu\n", current_offset);
    printf("\n");
@@ -998,8 +997,8 @@ int decrypt_text(const char* pad_identifier) {
    }
    // Verify pad integrity
-    if (calculate_sha256(pad_path, current_hash) != 0) {
+    if (calculate_checksum(pad_path, current_hash) != 0) {
-        printf("Error: Cannot calculate current pad hash\n");
+        printf("Error: Cannot calculate current pad checksum\n");
        return 1;
    }
@@ -1022,7 +1021,7 @@ int decrypt_text(const char* pad_identifier) {
    // Decode base64
    int ciphertext_len;
-    unsigned char* ciphertext = base64_decode(base64_data, &ciphertext_len);
+    unsigned char* ciphertext = custom_base64_decode(base64_data, &ciphertext_len);
    if (!ciphertext) {
        printf("Error: Invalid base64 data\n");
        return 1;
@@ -1108,52 +1107,53 @@ int write_state_offset(const char* pad_hash, uint64_t offset) {
    return 0;
 }
-int calculate_sha256(const char* filename, char* hash_hex) {
+int calculate_checksum(const char* filename, char* checksum_hex) {
    FILE* file = fopen(filename, "rb");
    if (!file) {
        return 1;
    }
-    EVP_MD_CTX* mdctx = EVP_MD_CTX_new();
+    unsigned char checksum[32];
    if (!mdctx) {
        fclose(file);
        return 1;
    }
    if (EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL) != 1) {
        EVP_MD_CTX_free(mdctx);
        fclose(file);
        return 1;
    }
    unsigned char buffer[64 * 1024];  // 64KB buffer for large files
    size_t bytes_read;
    // Initialize checksum
    memset(checksum, 0, 32);
    size_t total_bytes = 0;
    // Calculate XOR checksum of entire file
    while ((bytes_read = fread(buffer, 1, sizeof(buffer), file)) > 0) {
-        if (EVP_DigestUpdate(mdctx, buffer, bytes_read) != 1) {
+        // Process this chunk with XOR checksum
-            EVP_MD_CTX_free(mdctx);
+        for (size_t i = 0; i < bytes_read; i++) {
            unsigned char bucket = (total_bytes + i) % 32;
            checksum[bucket] ^= buffer[i] ^ (((total_bytes + i) >> 8) & 0xFF) ^ 
                               (((total_bytes + i) >> 16) & 0xFF) ^ (((total_bytes + i) >> 24) & 0xFF);
        }
        total_bytes += bytes_read;
    }
    fclose(file);
    // Now encrypt the checksum with the first 32 bytes of the pad
    fseek(file = fopen(filename, "rb"), 0, SEEK_SET);
    unsigned char pad_key[32];
    if (fread(pad_key, 1, 32, file) != 32) {
        fclose(file);
        return 1;
    }
    }
    unsigned char hash[EVP_MAX_MD_SIZE];
    unsigned int hash_len;
    if (EVP_DigestFinal_ex(mdctx, hash, &hash_len) != 1) {
        EVP_MD_CTX_free(mdctx);
        fclose(file);
        return 1;
    }
    EVP_MD_CTX_free(mdctx);
    fclose(file);
-    // Convert to hex string
+    // XOR encrypt the checksum with pad data to create unique identifier
-    for (unsigned int i = 0; i < hash_len; i++) {
+    unsigned char encrypted_checksum[32];
-        sprintf(hash_hex + (i * 2), "%02x", hash[i]);
+    for (int i = 0; i < 32; i++) {
        encrypted_checksum[i] = checksum[i] ^ pad_key[i];
    }
-    hash_hex[hash_len * 2] = '\0';
+    
    // Convert to hex string (64 characters)
    for (int i = 0; i < 32; i++) {
        sprintf(checksum_hex + (i * 2), "%02x", encrypted_checksum[i]);
    }
    checksum_hex[64] = '\0';
    return 0;
 }
@@ -1228,49 +1228,6 @@ int collect_keyboard_entropy(unsigned char* entropy_buffer, size_t max_size, siz
    return 0;
 }
 int hkdf_expand(const unsigned char* prk, size_t prk_len, 
                const unsigned char* info, size_t info_len,
                unsigned char* okm, size_t okm_len) {
    EVP_MD_CTX* ctx = EVP_MD_CTX_new();
    if (!ctx) return 1;
    unsigned char t[32]; // SHA-256 output size
    unsigned char counter = 1;
    size_t t_len = 32;
    size_t pos = 0;
    while (pos < okm_len) {
        if (EVP_DigestInit_ex(ctx, EVP_sha256(), NULL) != 1) {
            EVP_MD_CTX_free(ctx);
            return 1;
        }
        if (pos > 0) {
            EVP_DigestUpdate(ctx, t, t_len);
        }
        EVP_DigestUpdate(ctx, prk, prk_len);
        if (info && info_len > 0) {
            EVP_DigestUpdate(ctx, info, info_len);
        }
        EVP_DigestUpdate(ctx, &counter, 1);
        unsigned int hash_len;
        if (EVP_DigestFinal_ex(ctx, t, &hash_len) != 1) {
            EVP_MD_CTX_free(ctx);
            return 1;
        }
        size_t copy_len = (okm_len - pos < hash_len) ? okm_len - pos : hash_len;
        memcpy(okm + pos, t, copy_len);
        pos += copy_len;
        counter++;
    }
    EVP_MD_CTX_free(ctx);
    return 0;
 }
 // Directory management functions
 int ensure_pads_directory(void) {
@@ -1288,58 +1245,101 @@ void get_pad_path(const char* hash, char* pad_path, char* state_path) {
    snprintf(state_path, MAX_HASH_LENGTH + 20, "%s/%s.state", PADS_DIR, hash);
 }
 char* base64_encode(const unsigned char* input, int length) {
    BIO *bio, *b64;
    BUF_MEM *buffer_ptr;
-    b64 = BIO_new(BIO_f_base64());
+// Custom XOR checksum function
-    bio = BIO_new(BIO_s_mem());
+void xor_checksum_256(const unsigned char* data, size_t len, unsigned char checksum[32]) {
-    bio = BIO_push(b64, bio);
+    memset(checksum, 0, 32);
-    
+    for (size_t i = 0; i < len; i++) {
-    BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
+        unsigned char bucket = i % 32;
-    BIO_write(bio, input, length);
+        checksum[bucket] ^= data[i] ^ ((i >> 8) & 0xFF) ^ ((i >> 16) & 0xFF) ^ ((i >> 24) & 0xFF);
-    BIO_flush(bio);
+    }
    BIO_get_mem_ptr(bio, &buffer_ptr);
    char* result = malloc(buffer_ptr->length + 1);
    memcpy(result, buffer_ptr->data, buffer_ptr->length);
    result[buffer_ptr->length] = '\0';
    BIO_free_all(bio);
    return result;
 }
-unsigned char* base64_decode(const char* input, int* output_length) {
+// Custom base64 encode function
-    BIO *bio, *b64;
+char* custom_base64_encode(const unsigned char* input, int length) {
-    int decode_len = strlen(input);
+    int output_length = 4 * ((length + 2) / 3);
    char* encoded = malloc(output_length + 1);
    if (!encoded) return NULL;
-    unsigned char* buffer = malloc(decode_len);
+    int i, j;
    for (i = 0, j = 0; i < length;) {
        uint32_t octet_a = i < length ? input[i++] : 0;
        uint32_t octet_b = i < length ? input[i++] : 0;
        uint32_t octet_c = i < length ? input[i++] : 0;
-    bio = BIO_new_mem_buf(input, -1);
+        uint32_t triple = (octet_a << 16) + (octet_b << 8) + octet_c;
    b64 = BIO_new(BIO_f_base64());
    bio = BIO_push(b64, bio);
-    BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
+        encoded[j++] = base64_chars[(triple >> 18) & 63];
-    *output_length = BIO_read(bio, buffer, decode_len);
+        encoded[j++] = base64_chars[(triple >> 12) & 63];
        encoded[j++] = base64_chars[(triple >> 6) & 63];
        encoded[j++] = base64_chars[triple & 63];
    }
-    BIO_free_all(bio);
+    // Add padding
    for (int pad = 0; pad < (3 - length % 3) % 3; pad++) {
        encoded[output_length - 1 - pad] = '=';
    }
-    if (*output_length <= 0) {
+    encoded[output_length] = '\0';
-        free(buffer);
+    return encoded;
 }
 // Custom base64 decode function
 unsigned char* custom_base64_decode(const char* input, int* output_length) {
    int input_length = strlen(input);
    if (input_length % 4 != 0) return NULL;
    *output_length = input_length / 4 * 3;
    if (input[input_length - 1] == '=') (*output_length)--;
    if (input[input_length - 2] == '=') (*output_length)--;
    unsigned char* decoded = malloc(*output_length);
    if (!decoded) return NULL;
    int i, j;
    for (i = 0, j = 0; i < input_length;) {
        int sextet_a = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
        int sextet_b = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
        int sextet_c = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
        int sextet_d = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
        if (sextet_a == -1 || sextet_b == -1 || sextet_c == -1 || sextet_d == -1) {
            free(decoded);
            return NULL;
        }
-    return buffer;
+        uint32_t triple = (sextet_a << 18) + (sextet_b << 12) + (sextet_c << 6) + sextet_d;
        if (j < *output_length) decoded[j++] = (triple >> 16) & 255;
        if (j < *output_length) decoded[j++] = (triple >> 8) & 255;
        if (j < *output_length) decoded[j++] = triple & 255;
    }
    return decoded;
 }
 // Simple keyboard entropy mixing function
 void simple_entropy_mix(unsigned char* urandom_buffer, size_t buffer_size, 
                        const unsigned char* entropy_data, size_t entropy_size) {
    if (!entropy_data || entropy_size == 0) return;
    for (size_t i = 0; i < buffer_size; i++) {
        // XOR with entropy data in a rotating pattern
        unsigned char entropy_byte = entropy_data[i % entropy_size];
        // Mix position information
        entropy_byte ^= (i & 0xFF) ^ ((i >> 8) & 0xFF);
        urandom_buffer[i] ^= entropy_byte;
    }
 }
 void print_usage(const char* program_name) {
-    printf("OTP Cipher - One Time Pad Implementation v2.0\n");
+    printf("OTP Cipher - One Time Pad Implementation %s\n", get_version());
    printf("%s\n", get_build_info());
    printf("Usage:\n");
    printf("  %s                              - Interactive mode\n", program_name);
    printf("  %s generate <size>              - Generate new pad\n", program_name);
-    printf("  %s encrypt <pad_hash_prefix>    - Encrypt text\n", program_name);
+    printf("  %s encrypt <pad_checksum_prefix> - Encrypt text\n", program_name);
-    printf("  %s decrypt <pad_hash_prefix>    - Decrypt message\n", program_name);
+    printf("  %s decrypt <pad_checksum_prefix> - Decrypt message\n", program_name);
    printf("  %s list                         - List available pads\n", program_name);
    printf("\nSize examples: 1GB, 5TB, 512MB, 2048 (bytes)\n");
    printf("Pad selection: Full hash, prefix, or number from list\n");
Author	SHA1	Message	Date
Laan Tungir	bb17b0a7be	Version v0.2.7 - Automatic version increment	2025-08-10 09:06:53 -04:00
Laan Tungir	487432c399	Version v0.2.5 - Automatic version increment	2025-08-10 08:56:56 -04:00
Laan Tungir	f521349cc0	remove all external crypto libraries	2025-08-10 08:47:17 -04:00
Laan Tungir	4b822962bb	build.sh created	2025-08-10 08:21:41 -04:00