Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 68a2a0c252 | |||
| bb17b0a7be | |||
| 487432c399 | |||
| f521349cc0 | |||
| 4b822962bb |
5
.gitignore
vendored
5
.gitignore
vendored
@@ -1,2 +1,7 @@
|
||||
pads/
|
||||
Gemini.md
|
||||
|
||||
# Auto-generated version files
|
||||
src/version.h
|
||||
src/version.c
|
||||
VERSION
|
||||
|
||||
14
Makefile
14
Makefile
@@ -1,14 +1,22 @@
|
||||
CC = gcc
|
||||
CFLAGS = -Wall -Wextra -std=c99
|
||||
LIBS = -lssl -lcrypto
|
||||
LIBS =
|
||||
LIBS_STATIC = -static
|
||||
TARGET = otp
|
||||
SOURCE = otp.c
|
||||
VERSION_SOURCE = src/version.c
|
||||
|
||||
# Default build target
|
||||
$(TARGET): $(SOURCE)
|
||||
$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(LIBS)
|
||||
$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(VERSION_SOURCE) $(LIBS)
|
||||
|
||||
# Static linking target
|
||||
static: $(SOURCE)
|
||||
$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(VERSION_SOURCE) $(LIBS_STATIC)
|
||||
|
||||
clean:
|
||||
rm -f $(TARGET) *.pad *.state
|
||||
rm -f src/version.h src/version.c VERSION
|
||||
|
||||
install:
|
||||
sudo cp $(TARGET) /usr/local/bin/
|
||||
@@ -16,4 +24,4 @@ install:
|
||||
uninstall:
|
||||
sudo rm -f /usr/local/bin/$(TARGET)
|
||||
|
||||
.PHONY: clean install uninstall
|
||||
.PHONY: clean install uninstall static
|
||||
|
||||
398
README.md
398
README.md
@@ -1,59 +1,166 @@
|
||||
# OTP Cipher v2.0 - Enhanced One Time Pad Implementation
|
||||
r# OTP Cipher - One Time Pad Implementation
|
||||
|
||||
A comprehensive and user-friendly One Time Pad (OTP) cryptographic system implemented in C for Linux, supporting massive pad sizes up to 10TB+ with both interactive and command-line interfaces.
|
||||
|
||||
## New in Version 2.0 🚀
|
||||
|
||||
- **Interactive Menu System** - User-friendly menu-driven interface
|
||||
- **Smart Size Parsing** - Supports K/KB/M/MB/G/GB/T/TB units
|
||||
- **Partial Hash Matching** - Use hash prefixes or pad numbers for selection
|
||||
- **Progress Indicators** - Real-time progress for large pad generation
|
||||
- **10TB+ Support** - Generate massive pads for external drives
|
||||
- **Enhanced Pad Management** - List, info, and usage statistics
|
||||
A secure one-time pad (OTP) cipher implementation in C with automatic versioning system.
|
||||
|
||||
## Features
|
||||
|
||||
- **Cryptographically secure** random pad generation using `/dev/urandom`
|
||||
- **ASCII armor format** similar to PGP for encrypted messages
|
||||
- **Integrity verification** using SHA-256 hashing of pad files
|
||||
- **State management** to prevent pad reuse
|
||||
- **Interactive text encryption/decryption**
|
||||
- **Hash-based file naming** for content verification
|
||||
- **Read-only pad protection** prevents accidental corruption
|
||||
- **Perfect Security**: Implements true one-time pad encryption with information-theoretic security
|
||||
- **Keyboard Entropy**: Optional keyboard entropy collection for enhanced randomness
|
||||
- **Automatic Versioning**: Built-in semantic versioning with automatic patch increment
|
||||
- **Multiple Build Options**: Standard and static linking builds
|
||||
- **Cross-Platform**: Works on Linux and other UNIX-like systems
|
||||
|
||||
## Dependencies
|
||||
## Version Information
|
||||
|
||||
- OpenSSL development libraries (`libssl-dev` on Ubuntu/Debian)
|
||||
- GCC compiler
|
||||
This project uses an automatic versioning system that:
|
||||
- Automatically increments the patch version on each build
|
||||
- Embeds build timestamp, git commit hash, and branch information
|
||||
- Creates git tags for version tracking
|
||||
- Generates version header files with detailed build metadata
|
||||
|
||||
### Install dependencies on Ubuntu/Debian:
|
||||
```bash
|
||||
sudo apt update
|
||||
sudo apt install libssl-dev build-essential
|
||||
```
|
||||
Current version can be viewed with: `./otp --help` or by running the interactive mode.
|
||||
|
||||
## Building
|
||||
|
||||
### Prerequisites
|
||||
|
||||
- GCC compiler
|
||||
- Git (for version tracking)
|
||||
- Make
|
||||
|
||||
**Note: OpenSSL is no longer required! This implementation is now completely self-contained.**
|
||||
|
||||
### Build Commands
|
||||
|
||||
Use the included build script for automatic versioning:
|
||||
|
||||
```bash
|
||||
make
|
||||
# Standard build (default)
|
||||
./build.sh build
|
||||
|
||||
# Static linking build
|
||||
./build.sh static
|
||||
|
||||
# Clean build artifacts
|
||||
./build.sh clean
|
||||
|
||||
# Generate version files only
|
||||
./build.sh version
|
||||
|
||||
# Install to system
|
||||
./build.sh install
|
||||
|
||||
# Remove from system
|
||||
./build.sh uninstall
|
||||
|
||||
# Show usage
|
||||
./build.sh help
|
||||
```
|
||||
|
||||
This will create the `otp` executable.
|
||||
### Traditional Make
|
||||
|
||||
## Usage Modes
|
||||
You can also use make directly (without automatic versioning):
|
||||
|
||||
### Interactive Mode (Recommended)
|
||||
```bash
|
||||
make # Standard build
|
||||
make static # Static linking
|
||||
make clean # Clean artifacts
|
||||
make install # Install to /usr/local/bin/
|
||||
make uninstall # Remove from system
|
||||
```
|
||||
|
||||
Simply run the program without arguments:
|
||||
## Usage
|
||||
|
||||
### Interactive Mode
|
||||
```bash
|
||||
./otp
|
||||
```
|
||||
|
||||
This launches a menu-driven interface:
|
||||
### Command Line Mode
|
||||
```bash
|
||||
# Generate a new pad
|
||||
./otp generate 1GB
|
||||
|
||||
# Encrypt text (interactive input)
|
||||
./otp encrypt <pad_hash_or_prefix>
|
||||
|
||||
# Decrypt message (interactive input)
|
||||
./otp decrypt <pad_hash_or_prefix>
|
||||
|
||||
# List available pads
|
||||
./otp list
|
||||
```
|
||||
=== OTP Cipher Interactive Mode ===
|
||||
Version: OTP-CIPHER 2.0
|
||||
|
||||
## Version System Details
|
||||
|
||||
### Automatic Version Increment
|
||||
Every build automatically increments the patch version:
|
||||
- v0.1.0 → v0.1.1 → v0.1.2, etc.
|
||||
- Creates git tags for each version
|
||||
- Embeds detailed build information
|
||||
|
||||
### Manual Version Control
|
||||
For major/minor releases, create tags manually:
|
||||
```bash
|
||||
# Feature release (minor bump)
|
||||
git tag v0.2.0 # Next build: v0.2.1
|
||||
|
||||
# Breaking change (major bump)
|
||||
git tag v1.0.0 # Next build: v1.0.1
|
||||
```
|
||||
|
||||
### Version Information Available
|
||||
- Version number (major.minor.patch)
|
||||
- Git commit hash and branch
|
||||
- Build date and time
|
||||
- Full version display with metadata
|
||||
|
||||
### Generated Files
|
||||
The build system automatically generates:
|
||||
- `src/version.h` - Version constants and macros
|
||||
- `src/version.c` - Version API functions
|
||||
- `VERSION` - Plain text version number
|
||||
|
||||
These files are excluded from git (.gitignore) and regenerated on each build.
|
||||
|
||||
## Security Features
|
||||
|
||||
- Uses `/dev/urandom` for cryptographically secure random number generation
|
||||
- Optional keyboard entropy mixing using simple XOR operations
|
||||
- Custom 256-bit XOR checksum for pad identification (encrypted with pad data)
|
||||
- Read-only pad files to prevent accidental modification
|
||||
- State tracking to prevent pad reuse
|
||||
- **Zero external crypto dependencies** - completely self-contained implementation
|
||||
|
||||
## File Structure
|
||||
|
||||
```
|
||||
otp/
|
||||
├── build.sh # Build script with automatic versioning
|
||||
├── Makefile # Traditional make build system
|
||||
├── otp.c # Main source code
|
||||
├── README.md # This file
|
||||
├── .gitignore # Git ignore rules
|
||||
├── src/ # Generated version files (auto-created)
|
||||
│ ├── version.h # Version header (generated)
|
||||
│ └── version.c # Version implementation (generated)
|
||||
├── pads/ # OTP pad storage directory (created at runtime)
|
||||
└── VERSION # Plain text version (generated)
|
||||
```
|
||||
|
||||
## Examples
|
||||
|
||||
### Build and Version Tracking
|
||||
```bash
|
||||
$ ./build.sh build
|
||||
[INFO] Incrementing version...
|
||||
[INFO] Current version: v0.1.4
|
||||
[INFO] New version: v0.1.5
|
||||
[SUCCESS] Created new version tag: v0.1.5
|
||||
[SUCCESS] Build completed successfully
|
||||
|
||||
$ ./otp
|
||||
=== OTP Cipher v0.1.5 ===
|
||||
|
||||
=== Main Menu ===
|
||||
1. Generate new pad
|
||||
@@ -62,212 +169,33 @@ Version: OTP-CIPHER 2.0
|
||||
4. List available pads
|
||||
5. Show pad information
|
||||
6. Exit
|
||||
|
||||
$ ./otp --help
|
||||
OTP Cipher - One Time Pad Implementation v0.1.5
|
||||
Built on 2025-08-10 at 08:17:47 from commit 9edfa5f on branch master
|
||||
Usage:
|
||||
./otp - Interactive mode
|
||||
...
|
||||
```
|
||||
|
||||
### Command Line Mode
|
||||
|
||||
For automation and scripting:
|
||||
|
||||
### Version History
|
||||
```bash
|
||||
./otp generate <size> # Generate new pad
|
||||
./otp encrypt <pad_hash_prefix> # Encrypt text
|
||||
./otp decrypt <pad_hash_prefix> # Decrypt message
|
||||
./otp list # List available pads
|
||||
$ git tag --list
|
||||
v0.1.0
|
||||
v0.1.1
|
||||
v0.1.2
|
||||
v0.1.3
|
||||
v0.1.4
|
||||
v0.1.5
|
||||
```
|
||||
|
||||
## Smart Size Parsing
|
||||
## License
|
||||
|
||||
The system intelligently parses size specifications:
|
||||
This project includes automatic versioning system based on the Generic Automatic Version Increment System.
|
||||
|
||||
```bash
|
||||
./otp generate 1024 # 1024 bytes
|
||||
./otp generate 5MB # 5 megabytes
|
||||
./otp generate 2GB # 2 gigabytes
|
||||
./otp generate 10TB # 10 terabytes
|
||||
./otp generate 1.5GB # 1.5 gigabytes (decimal supported)
|
||||
```
|
||||
## Contributing
|
||||
|
||||
**Supported units:** K, KB, M, MB, G, GB, T, TB (case insensitive)
|
||||
|
||||
## Pad Selection
|
||||
|
||||
Multiple convenient ways to select pads:
|
||||
|
||||
1. **Full hash**: `./otp encrypt a1b2c3d4e5f6789012345678901234567890abcdef...`
|
||||
2. **Hash prefix**: `./otp encrypt a1b2c3d4`
|
||||
3. **Pad number**: `./otp encrypt 1` (from list output)
|
||||
|
||||
## Example Workflows
|
||||
|
||||
### Basic Usage
|
||||
```bash
|
||||
# Generate a 1GB pad
|
||||
./otp generate 1GB
|
||||
Generated pad: a1b2c3d4e5f6789...123456.pad (1.00 GB)
|
||||
Pad hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456
|
||||
|
||||
# List available pads
|
||||
./otp list
|
||||
Available pads:
|
||||
No. Hash (first 16 chars) Size Used
|
||||
--- ------------------- ---------- ----------
|
||||
1 a1b2c3d4e5f67890 1.00GB 0.0MB
|
||||
|
||||
# Encrypt using hash prefix
|
||||
./otp encrypt a1b2
|
||||
Enter text to encrypt: Secret message
|
||||
-----BEGIN OTP MESSAGE-----
|
||||
Version: OTP-CIPHER 2.0
|
||||
Pad-Hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456
|
||||
Pad-Offset: 0
|
||||
|
||||
U2VjcmV0IG1lc3NhZ2U=
|
||||
-----END OTP MESSAGE-----
|
||||
```
|
||||
|
||||
### Large Scale Usage
|
||||
```bash
|
||||
# Generate a 5TB pad for external drive
|
||||
./otp generate 5TB
|
||||
Progress: 100.0% (85.2 MB/s, ETA: 0s)
|
||||
Generated pad: f9e8d7c6b5a4932...654321.pad (5.00 TB)
|
||||
|
||||
# Use pad number for quick selection
|
||||
./otp encrypt 1
|
||||
Enter text to encrypt: Classified information
|
||||
```
|
||||
|
||||
### Interactive Mode Workflow
|
||||
```bash
|
||||
./otp
|
||||
# Select option 1 to generate
|
||||
# Enter size: 10GB
|
||||
# Select option 2 to encrypt
|
||||
# Choose pad from list
|
||||
# Enter your message
|
||||
```
|
||||
|
||||
## Security Features
|
||||
|
||||
### Perfect Forward Secrecy
|
||||
Each message uses a unique portion of the pad that is never reused, ensuring perfect forward secrecy.
|
||||
|
||||
### Content-Based Integrity
|
||||
- **SHA-256 file naming**: Pad files named by their hash ensure content verification
|
||||
- **Integrity checking**: Embedded hashes detect pad corruption/tampering
|
||||
- **Read-only protection**: Pad files automatically set to read-only after creation
|
||||
|
||||
### ASCII Armor Format
|
||||
Messages use a PGP-like ASCII armor format:
|
||||
```
|
||||
-----BEGIN OTP MESSAGE-----
|
||||
Version: OTP-CIPHER 2.0
|
||||
Pad-Hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456
|
||||
Pad-Offset: 0
|
||||
|
||||
U2VjcmV0IG1lc3NhZ2U=
|
||||
-----END OTP MESSAGE-----
|
||||
```
|
||||
|
||||
### State Management
|
||||
- **Automatic tracking**: Prevents pad reuse through state files
|
||||
- **Portable state**: State stored separately from immutable pad data
|
||||
- **Usage statistics**: Track pad consumption and remaining capacity
|
||||
|
||||
## File Structure
|
||||
|
||||
**Source Files:**
|
||||
- `otp.c` - Complete implementation (850+ lines)
|
||||
- `Makefile` - Build configuration
|
||||
- `README.md` - This documentation
|
||||
|
||||
**Generated Files:**
|
||||
- `otp` - Compiled executable
|
||||
- `<hash>.pad` - Pad files (read-only, hash-named)
|
||||
- `<hash>.state` - State files (writable, tracks usage)
|
||||
|
||||
## Advanced Features
|
||||
|
||||
### Progress Indicators
|
||||
For large pads, see real-time generation progress:
|
||||
```
|
||||
Generating pad...
|
||||
Progress: 45.2% (78.5 MB/s, ETA: 125s)
|
||||
```
|
||||
|
||||
### Pad Information
|
||||
Detailed statistics for each pad:
|
||||
```bash
|
||||
./otp list
|
||||
No. Hash (first 16 chars) Size Used
|
||||
--- ------------------- ---------- ----------
|
||||
1 a1b2c3d4e5f67890 5.00TB 2.1GB
|
||||
2 f9e8d7c6b5a49321 1.00GB 0.5GB
|
||||
```
|
||||
|
||||
### Multiple Pad Management
|
||||
- List all available pads
|
||||
- Show detailed information per pad
|
||||
- Track usage across multiple pads
|
||||
- Quick selection by number or prefix
|
||||
|
||||
## Performance
|
||||
|
||||
### Size Limits
|
||||
- **Theoretical maximum**: 18 exabytes (uint64_t limit)
|
||||
- **Practical maximum**: Limited by available disk space
|
||||
- **Tested up to**: 10TB+ on modern systems
|
||||
- **Generation speed**: ~80-120 MB/s (system dependent)
|
||||
|
||||
### Memory Efficiency
|
||||
- **Streaming operation**: Constant memory usage regardless of pad size
|
||||
- **64KB buffers**: Efficient I/O without excessive memory consumption
|
||||
- **Large file support**: Handles multi-terabyte pads efficiently
|
||||
|
||||
## Security Notes
|
||||
|
||||
⚠️ **Critical Security Requirements:**
|
||||
|
||||
1. **Never reuse pad data** - Automatic prevention through state tracking
|
||||
2. **Secure pad distribution** - Use secure channels for pad sharing
|
||||
3. **Physical security** - Protect pad files like encryption keys
|
||||
4. **Verify integrity** - Always check pad hash verification during decryption
|
||||
5. **Secure systems** - Generate pads on trusted systems with good entropy
|
||||
|
||||
## Installation
|
||||
|
||||
### Local Installation
|
||||
```bash
|
||||
make install # Install to /usr/local/bin
|
||||
make uninstall # Remove from system
|
||||
```
|
||||
|
||||
### Clean Up
|
||||
```bash
|
||||
make clean # Remove compiled files and generated pads
|
||||
```
|
||||
|
||||
## Technical Specifications
|
||||
|
||||
- **Entropy source**: `/dev/urandom` (cryptographically secure)
|
||||
- **Hash algorithm**: SHA-256 for integrity verification
|
||||
- **Encoding**: Base64 for ciphertext representation
|
||||
- **File format**: ASCII armor with embedded metadata
|
||||
- **Architecture**: Single C file, ~850 lines
|
||||
- **Dependencies**: OpenSSL libcrypto
|
||||
- **Platform**: Linux (easily portable)
|
||||
|
||||
## Theory
|
||||
|
||||
A One Time Pad is theoretically unbreakable when implemented correctly with:
|
||||
- **Perfect randomness**: Cryptographically secure entropy
|
||||
- **Key length**: Equal to or greater than message length
|
||||
- **Single use**: Each pad portion used exactly once
|
||||
- **Secure distribution**: Pads shared through secure channels
|
||||
|
||||
This implementation satisfies all requirements for perfect cryptographic security while providing modern usability features for practical deployment.
|
||||
|
||||
## Version History
|
||||
|
||||
- **v2.0**: Interactive mode, smart parsing, 10TB+ support, enhanced UX
|
||||
- **v1.0**: Basic command-line implementation with hash-based naming
|
||||
When contributing:
|
||||
1. The version will automatically increment on builds
|
||||
2. For major features, consider manually creating minor version tags
|
||||
3. Generated version files (`src/version.*`, `VERSION`) should not be committed
|
||||
|
||||
241
build.sh
Executable file
241
build.sh
Executable file
@@ -0,0 +1,241 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m'
|
||||
|
||||
print_status() { echo -e "${BLUE}[INFO]${NC} $1"; }
|
||||
print_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
|
||||
print_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; }
|
||||
print_error() { echo -e "${RED}[ERROR]${NC} $1"; }
|
||||
|
||||
# Function to automatically increment version
|
||||
increment_version() {
|
||||
print_status "Incrementing version..."
|
||||
|
||||
# Check if we're in a git repository
|
||||
if ! git rev-parse --git-dir > /dev/null 2>&1; then
|
||||
print_warning "Not in a git repository - skipping version increment"
|
||||
return 0
|
||||
fi
|
||||
|
||||
# Get the highest version tag (not chronologically latest)
|
||||
LATEST_TAG=$(git tag -l 'v*.*.*' | sort -V | tail -n 1 || echo "v0.1.0")
|
||||
if [[ -z "$LATEST_TAG" ]]; then
|
||||
LATEST_TAG="v0.1.0"
|
||||
fi
|
||||
|
||||
# Extract version components (remove 'v' prefix)
|
||||
VERSION=${LATEST_TAG#v}
|
||||
|
||||
# Parse major.minor.patch using regex
|
||||
if [[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
|
||||
MAJOR=${BASH_REMATCH[1]}
|
||||
MINOR=${BASH_REMATCH[2]}
|
||||
PATCH=${BASH_REMATCH[3]}
|
||||
else
|
||||
print_error "Invalid version format in tag: $LATEST_TAG"
|
||||
print_error "Expected format: v0.1.0"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Increment patch version
|
||||
NEW_PATCH=$((PATCH + 1))
|
||||
NEW_VERSION="v${MAJOR}.${MINOR}.${NEW_PATCH}"
|
||||
|
||||
print_status "Current version: $LATEST_TAG"
|
||||
print_status "New version: $NEW_VERSION"
|
||||
|
||||
# Stage all changes
|
||||
if git add . 2>/dev/null; then
|
||||
print_success "Staged all changes"
|
||||
else
|
||||
print_warning "Failed to stage changes (maybe not a git repository)"
|
||||
fi
|
||||
|
||||
# Commit changes with version message
|
||||
if git commit -m "Version $NEW_VERSION - Automatic version increment" 2>/dev/null; then
|
||||
print_success "Committed changes for version $NEW_VERSION"
|
||||
else
|
||||
print_warning "Failed to commit changes (maybe no changes to commit or not a git repository)"
|
||||
fi
|
||||
|
||||
# Create new git tag
|
||||
if git tag "$NEW_VERSION" 2>/dev/null; then
|
||||
print_success "Created new version tag: $NEW_VERSION"
|
||||
else
|
||||
print_warning "Tag $NEW_VERSION already exists - using existing version"
|
||||
NEW_VERSION=$LATEST_TAG
|
||||
# Re-extract version components for existing tag
|
||||
VERSION=${NEW_VERSION#v}
|
||||
if [[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
|
||||
MAJOR=${BASH_REMATCH[1]}
|
||||
MINOR=${BASH_REMATCH[2]}
|
||||
NEW_PATCH=${BASH_REMATCH[3]}
|
||||
fi
|
||||
fi
|
||||
|
||||
# Update VERSION file for compatibility
|
||||
echo "${NEW_VERSION#v}" > VERSION
|
||||
print_success "Updated VERSION file to ${NEW_VERSION#v}"
|
||||
|
||||
# Generate version.h header file
|
||||
mkdir -p src
|
||||
cat > src/version.h << EOF
|
||||
/*
|
||||
* Auto-Generated Version Header
|
||||
* DO NOT EDIT THIS FILE MANUALLY - Generated by build script
|
||||
*/
|
||||
|
||||
#ifndef VERSION_H
|
||||
#define VERSION_H
|
||||
|
||||
#define VERSION_MAJOR ${MAJOR}
|
||||
#define VERSION_MINOR ${MINOR}
|
||||
#define VERSION_PATCH ${NEW_PATCH}
|
||||
#define VERSION_STRING "${MAJOR}.${MINOR}.${NEW_PATCH}"
|
||||
#define VERSION_TAG "${NEW_VERSION}"
|
||||
|
||||
/* Build information */
|
||||
#define BUILD_DATE "$(date +%Y-%m-%d)"
|
||||
#define BUILD_TIME "$(date +%H:%M:%S)"
|
||||
#define BUILD_TIMESTAMP "$(date '+%Y-%m-%d %H:%M:%S')"
|
||||
|
||||
/* Git information */
|
||||
#define GIT_HASH "$(git rev-parse --short HEAD 2>/dev/null || echo 'unknown')"
|
||||
#define GIT_BRANCH "$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo 'unknown')"
|
||||
|
||||
/* Display versions */
|
||||
#define VERSION_DISPLAY "${NEW_VERSION}"
|
||||
#define VERSION_FULL_DISPLAY "${NEW_VERSION} ($(date '+%Y-%m-%d %H:%M:%S'), $(git rev-parse --short HEAD 2>/dev/null || echo 'unknown'))"
|
||||
|
||||
/* Version API functions */
|
||||
const char* get_version(void);
|
||||
const char* get_version_full(void);
|
||||
const char* get_build_info(void);
|
||||
|
||||
#endif /* VERSION_H */
|
||||
EOF
|
||||
|
||||
# Generate version.c implementation file
|
||||
cat > src/version.c << EOF
|
||||
/*
|
||||
* Auto-Generated Version Implementation
|
||||
* DO NOT EDIT THIS FILE MANUALLY - Generated by build script
|
||||
*/
|
||||
|
||||
#include "version.h"
|
||||
|
||||
const char* get_version(void) {
|
||||
return VERSION_TAG;
|
||||
}
|
||||
|
||||
const char* get_version_full(void) {
|
||||
return VERSION_FULL_DISPLAY;
|
||||
}
|
||||
|
||||
const char* get_build_info(void) {
|
||||
return "Built on " BUILD_DATE " at " BUILD_TIME " from commit " GIT_HASH " on branch " GIT_BRANCH;
|
||||
}
|
||||
EOF
|
||||
|
||||
print_success "Generated version header files"
|
||||
}
|
||||
|
||||
# Build functions
|
||||
build_project() {
|
||||
print_status "Cleaning previous build..."
|
||||
make clean
|
||||
increment_version
|
||||
print_status "Building OTP project..."
|
||||
make
|
||||
if [ $? -eq 0 ]; then
|
||||
print_success "Build completed successfully"
|
||||
else
|
||||
print_error "Build failed"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
build_static() {
|
||||
print_status "Cleaning previous build..."
|
||||
make clean
|
||||
increment_version
|
||||
print_status "Building OTP project with static linking..."
|
||||
make static
|
||||
if [ $? -eq 0 ]; then
|
||||
print_success "Static build completed successfully"
|
||||
else
|
||||
print_error "Static build failed"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
clean_project() {
|
||||
print_status "Cleaning build artifacts..."
|
||||
make clean
|
||||
rm -f VERSION src/version.h src/version.c
|
||||
print_success "Clean completed"
|
||||
}
|
||||
|
||||
install_project() {
|
||||
print_status "Installing OTP project..."
|
||||
make install
|
||||
if [ $? -eq 0 ]; then
|
||||
print_success "Installation completed"
|
||||
else
|
||||
print_error "Installation failed"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
uninstall_project() {
|
||||
print_status "Uninstalling OTP project..."
|
||||
make uninstall
|
||||
if [ $? -eq 0 ]; then
|
||||
print_success "Uninstallation completed"
|
||||
else
|
||||
print_error "Uninstallation failed"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Main script logic
|
||||
case "${1:-build}" in
|
||||
build)
|
||||
build_project
|
||||
;;
|
||||
static)
|
||||
build_static
|
||||
;;
|
||||
clean)
|
||||
clean_project
|
||||
;;
|
||||
install)
|
||||
install_project
|
||||
;;
|
||||
uninstall)
|
||||
uninstall_project
|
||||
;;
|
||||
version)
|
||||
increment_version
|
||||
print_status "Version information generated"
|
||||
;;
|
||||
*)
|
||||
echo "OTP Cipher Build Script"
|
||||
echo "Usage: $0 {build|static|clean|install|uninstall|version}"
|
||||
echo ""
|
||||
echo "Commands:"
|
||||
echo " build - Build project with automatic version increment (default)"
|
||||
echo " static - Build with static linking"
|
||||
echo " clean - Clean build artifacts and generated files"
|
||||
echo " install - Install to system (requires build first)"
|
||||
echo " uninstall - Remove from system"
|
||||
echo " version - Generate version files only"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
421
otp.c
421
otp.c
@@ -1,4 +1,5 @@
|
||||
#define _POSIX_C_SOURCE 200809L
|
||||
#define _DEFAULT_SOURCE
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@@ -11,17 +12,32 @@
|
||||
#include <ctype.h>
|
||||
#include <termios.h>
|
||||
#include <fcntl.h>
|
||||
#include <openssl/sha.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/kdf.h>
|
||||
#include <openssl/hmac.h>
|
||||
#include "src/version.h"
|
||||
|
||||
// Custom base64 character set
|
||||
static const char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
|
||||
static const int base64_decode_table[256] = {
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,
|
||||
52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,
|
||||
-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,
|
||||
15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,
|
||||
-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,
|
||||
41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
|
||||
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
|
||||
};
|
||||
|
||||
#define MAX_INPUT_SIZE 4096
|
||||
#define MAX_LINE_LENGTH 1024
|
||||
#define MAX_HASH_LENGTH 65
|
||||
#define VERSION_STRING "OTP-CIPHER 2.0"
|
||||
#define PROGRESS_UPDATE_INTERVAL (64 * 1024 * 1024) // 64MB intervals
|
||||
#define PADS_DIR "pads"
|
||||
#define MAX_ENTROPY_BUFFER 32768 // 32KB entropy buffer
|
||||
@@ -41,9 +57,8 @@ int decrypt_text(const char* pad_identifier);
|
||||
int setup_raw_terminal(struct termios* original_termios);
|
||||
void restore_terminal(struct termios* original_termios);
|
||||
int collect_keyboard_entropy(unsigned char* entropy_buffer, size_t max_size, size_t* collected);
|
||||
int hkdf_expand(const unsigned char* prk, size_t prk_len,
|
||||
const unsigned char* info, size_t info_len,
|
||||
unsigned char* okm, size_t okm_len);
|
||||
void simple_entropy_mix(unsigned char* urandom_buffer, size_t buffer_size,
|
||||
const unsigned char* entropy_data, size_t entropy_size);
|
||||
|
||||
// Directory management
|
||||
int ensure_pads_directory(void);
|
||||
@@ -60,9 +75,10 @@ void show_progress(uint64_t current, uint64_t total, time_t start_time);
|
||||
// File operations
|
||||
int read_state_offset(const char* pad_hash, uint64_t* offset);
|
||||
int write_state_offset(const char* pad_hash, uint64_t offset);
|
||||
int calculate_sha256(const char* filename, char* hash_hex);
|
||||
char* base64_encode(const unsigned char* input, int length);
|
||||
unsigned char* base64_decode(const char* input, int* output_length);
|
||||
int calculate_checksum(const char* filename, char* checksum_hex);
|
||||
void xor_checksum_256(const unsigned char* data, size_t len, unsigned char checksum[32]);
|
||||
char* custom_base64_encode(const unsigned char* input, int length);
|
||||
unsigned char* custom_base64_decode(const char* input, int* output_length);
|
||||
|
||||
// Menu functions
|
||||
void show_main_menu(void);
|
||||
@@ -81,42 +97,50 @@ int main(int argc, char* argv[]) {
|
||||
}
|
||||
|
||||
int interactive_mode(void) {
|
||||
printf("=== OTP Cipher Interactive Mode ===\n");
|
||||
printf("Version: %s\n\n", VERSION_STRING);
|
||||
printf("=== OTP Cipher %s ===\n\n", get_version());
|
||||
|
||||
while (1) {
|
||||
show_main_menu();
|
||||
int choice = get_user_choice(1, 6);
|
||||
char input[10];
|
||||
if (fgets(input, sizeof(input), stdin)) {
|
||||
char choice = toupper(input[0]);
|
||||
|
||||
switch (choice) {
|
||||
case 1:
|
||||
handle_generate_menu();
|
||||
break;
|
||||
case 2:
|
||||
handle_encrypt_menu();
|
||||
break;
|
||||
case 3:
|
||||
handle_decrypt_menu();
|
||||
break;
|
||||
case 4:
|
||||
list_available_pads();
|
||||
break;
|
||||
case 5: {
|
||||
printf("Enter pad hash (or prefix): ");
|
||||
char input[MAX_HASH_LENGTH];
|
||||
if (fgets(input, sizeof(input), stdin)) {
|
||||
input[strcspn(input, "\n")] = 0;
|
||||
char* hash = find_pad_by_prefix(input);
|
||||
if (hash) {
|
||||
show_pad_info(hash);
|
||||
free(hash);
|
||||
switch (choice) {
|
||||
case 'G':
|
||||
handle_generate_menu();
|
||||
break;
|
||||
case 'E':
|
||||
handle_encrypt_menu();
|
||||
break;
|
||||
case 'D':
|
||||
handle_decrypt_menu();
|
||||
break;
|
||||
case 'L':
|
||||
list_available_pads();
|
||||
break;
|
||||
case 'S': {
|
||||
printf("Enter pad checksum (or prefix): ");
|
||||
char input[MAX_HASH_LENGTH];
|
||||
if (fgets(input, sizeof(input), stdin)) {
|
||||
input[strcspn(input, "\n")] = 0;
|
||||
char* hash = find_pad_by_prefix(input);
|
||||
if (hash) {
|
||||
show_pad_info(hash);
|
||||
free(hash);
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'X':
|
||||
printf("Goodbye!\n");
|
||||
return 0;
|
||||
default:
|
||||
printf("Invalid option. Please select G, E, D, L, S, or X.\n");
|
||||
continue;
|
||||
}
|
||||
case 6:
|
||||
printf("Goodbye!\n");
|
||||
return 0;
|
||||
} else {
|
||||
printf("Error reading input. Please try again.\n");
|
||||
continue;
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
@@ -161,13 +185,13 @@ int command_line_mode(int argc, char* argv[]) {
|
||||
|
||||
void show_main_menu(void) {
|
||||
printf("=== Main Menu ===\n");
|
||||
printf("1. Generate new pad\n");
|
||||
printf("2. Encrypt message\n");
|
||||
printf("3. Decrypt message\n");
|
||||
printf("4. List available pads\n");
|
||||
printf("5. Show pad information\n");
|
||||
printf("6. Exit\n");
|
||||
printf("\nSelect option (1-6): ");
|
||||
printf("\033[4mG\033[0menerate new pad\n");
|
||||
printf("\033[4mE\033[0mncrypt message\n");
|
||||
printf("\033[4mD\033[0mecrypt message\n");
|
||||
printf("\033[4mL\033[0mist available pads\n");
|
||||
printf("\033[4mS\033[0mhow pad information\n");
|
||||
printf("E\033[4mx\033[0mit\n");
|
||||
printf("\nSelect option (G/E/D/L/S/X): ");
|
||||
}
|
||||
|
||||
int handle_generate_menu(void) {
|
||||
@@ -364,7 +388,7 @@ int list_available_pads(void) {
|
||||
hash[64] = '\0';
|
||||
|
||||
// Get pad file size
|
||||
char full_path[MAX_HASH_LENGTH + 20];
|
||||
char full_path[300]; // Increased buffer size to accommodate longer paths
|
||||
snprintf(full_path, sizeof(full_path), "%s/%s", PADS_DIR, entry->d_name);
|
||||
struct stat st;
|
||||
if (stat(full_path, &st) == 0) {
|
||||
@@ -544,9 +568,9 @@ int generate_pad(uint64_t size_bytes, int display_progress) {
|
||||
fclose(urandom);
|
||||
fclose(pad_file);
|
||||
|
||||
// Calculate SHA-256 of the pad file
|
||||
if (calculate_sha256(temp_filename, hash_hex) != 0) {
|
||||
printf("Error: Cannot calculate pad hash\n");
|
||||
// Calculate XOR checksum of the pad file
|
||||
if (calculate_checksum(temp_filename, hash_hex) != 0) {
|
||||
printf("Error: Cannot calculate pad checksum\n");
|
||||
unlink(temp_filename);
|
||||
return 1;
|
||||
}
|
||||
@@ -639,7 +663,6 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
|
||||
unsigned char urandom_buffer[64 * 1024]; // 64KB buffer
|
||||
unsigned char output_buffer[64 * 1024];
|
||||
uint64_t bytes_written = 0;
|
||||
time_t start_time = time(NULL);
|
||||
|
||||
if (display_progress) {
|
||||
printf("Generating pad...\n");
|
||||
@@ -672,35 +695,12 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
|
||||
MAX_ENTROPY_BUFFER - entropy_collected, &chunk_entropy);
|
||||
entropy_collected += chunk_entropy;
|
||||
|
||||
if (entropy_collected > 1024) { // Have enough entropy to mix
|
||||
// Create HKDF PRK (extract phase)
|
||||
unsigned char prk[32];
|
||||
EVP_MD_CTX* hmac_ctx = EVP_MD_CTX_new();
|
||||
EVP_PKEY* hmac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
|
||||
entropy_buffer, entropy_collected);
|
||||
if (entropy_collected > 512) { // Have enough entropy to mix
|
||||
// Copy urandom data to output buffer
|
||||
memcpy(output_buffer, urandom_buffer, chunk_size);
|
||||
|
||||
if (hmac_ctx && hmac_key) {
|
||||
EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_key);
|
||||
EVP_DigestSignUpdate(hmac_ctx, urandom_buffer, chunk_size);
|
||||
size_t prk_len = sizeof(prk);
|
||||
EVP_DigestSignFinal(hmac_ctx, prk, &prk_len);
|
||||
|
||||
// HKDF Expand phase
|
||||
const char* info = "OTP-PAD-CHUNK";
|
||||
if (hkdf_expand(prk, prk_len, (const unsigned char*)info, strlen(info),
|
||||
output_buffer, chunk_size) == 0) {
|
||||
// Successfully mixed entropy
|
||||
} else {
|
||||
// Fallback to urandom only
|
||||
memcpy(output_buffer, urandom_buffer, chunk_size);
|
||||
}
|
||||
|
||||
EVP_PKEY_free(hmac_key);
|
||||
EVP_MD_CTX_free(hmac_ctx);
|
||||
} else {
|
||||
// Fallback to urandom only
|
||||
memcpy(output_buffer, urandom_buffer, chunk_size);
|
||||
}
|
||||
// Simple XOR mixing with keyboard entropy
|
||||
simple_entropy_mix(output_buffer, chunk_size, entropy_buffer, entropy_collected);
|
||||
|
||||
// Reset entropy buffer for next chunk
|
||||
entropy_collected = 0;
|
||||
@@ -752,9 +752,9 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
|
||||
fclose(urandom);
|
||||
fclose(pad_file);
|
||||
|
||||
// Calculate SHA-256 of the pad file
|
||||
if (calculate_sha256(temp_filename, hash_hex) != 0) {
|
||||
printf("Error: Cannot calculate pad hash\n");
|
||||
// Calculate XOR checksum of the pad file
|
||||
if (calculate_checksum(temp_filename, hash_hex) != 0) {
|
||||
printf("Error: Cannot calculate pad checksum\n");
|
||||
unlink(temp_filename);
|
||||
return 1;
|
||||
}
|
||||
@@ -773,11 +773,11 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
|
||||
printf("Warning: Cannot set pad file to read-only\n");
|
||||
}
|
||||
|
||||
// Initialize state file with offset 0
|
||||
// Initialize state file with offset 32 (first 32 bytes used for checksum encryption)
|
||||
FILE* state_file = fopen(state_path, "wb");
|
||||
if (state_file) {
|
||||
uint64_t zero = 0;
|
||||
fwrite(&zero, sizeof(uint64_t), 1, state_file);
|
||||
uint64_t reserved_bytes = 32;
|
||||
fwrite(&reserved_bytes, sizeof(uint64_t), 1, state_file);
|
||||
fclose(state_file);
|
||||
} else {
|
||||
printf("Error: Failed to create state file\n");
|
||||
@@ -787,7 +787,7 @@ int generate_pad_with_entropy(uint64_t size_bytes, int display_progress, int use
|
||||
|
||||
double size_gb = (double)size_bytes / (1024.0 * 1024.0 * 1024.0);
|
||||
printf("Generated pad: %s (%.2f GB)\n", pad_path, size_gb);
|
||||
printf("Pad hash: %s\n", hash_hex);
|
||||
printf("Pad checksum: %s\n", hash_hex);
|
||||
printf("State file: %s\n", state_path);
|
||||
if (use_keyboard_entropy) {
|
||||
printf("Enhanced with keyboard entropy!\n");
|
||||
@@ -803,7 +803,6 @@ int encrypt_text(const char* pad_identifier) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
char pad_filename[MAX_HASH_LENGTH + 10];
|
||||
char input_text[MAX_INPUT_SIZE];
|
||||
char hash_hex[MAX_HASH_LENGTH];
|
||||
uint64_t current_offset;
|
||||
@@ -826,9 +825,18 @@ int encrypt_text(const char* pad_identifier) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
// Calculate SHA-256 of pad file
|
||||
if (calculate_sha256(pad_path, hash_hex) != 0) {
|
||||
printf("Error: Cannot calculate pad hash\n");
|
||||
// Ensure we never encrypt before offset 32 (reserved for checksum encryption)
|
||||
if (current_offset < 32) {
|
||||
printf("Warning: State offset below reserved area, adjusting to 32\n");
|
||||
current_offset = 32;
|
||||
if (write_state_offset(pad_hash, current_offset) != 0) {
|
||||
printf("Warning: Failed to update state file\n");
|
||||
}
|
||||
}
|
||||
|
||||
// Calculate XOR checksum of pad file
|
||||
if (calculate_checksum(pad_path, hash_hex) != 0) {
|
||||
printf("Error: Cannot calculate pad checksum\n");
|
||||
free(pad_hash);
|
||||
return 1;
|
||||
}
|
||||
@@ -904,7 +912,7 @@ int encrypt_text(const char* pad_identifier) {
|
||||
}
|
||||
|
||||
// Encode as base64
|
||||
char* base64_cipher = base64_encode(ciphertext, input_len);
|
||||
char* base64_cipher = custom_base64_encode(ciphertext, input_len);
|
||||
|
||||
// Update state offset
|
||||
if (write_state_offset(pad_hash, current_offset + input_len) != 0) {
|
||||
@@ -913,7 +921,7 @@ int encrypt_text(const char* pad_identifier) {
|
||||
|
||||
// Output in ASCII armor format
|
||||
printf("\n-----BEGIN OTP MESSAGE-----\n");
|
||||
printf("Version: %s\n", VERSION_STRING);
|
||||
printf("Version: %s\n", get_version());
|
||||
printf("Pad-Hash: %s\n", hash_hex);
|
||||
printf("Pad-Offset: %lu\n", current_offset);
|
||||
printf("\n");
|
||||
@@ -998,8 +1006,8 @@ int decrypt_text(const char* pad_identifier) {
|
||||
}
|
||||
|
||||
// Verify pad integrity
|
||||
if (calculate_sha256(pad_path, current_hash) != 0) {
|
||||
printf("Error: Cannot calculate current pad hash\n");
|
||||
if (calculate_checksum(pad_path, current_hash) != 0) {
|
||||
printf("Error: Cannot calculate current pad checksum\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -1022,7 +1030,7 @@ int decrypt_text(const char* pad_identifier) {
|
||||
|
||||
// Decode base64
|
||||
int ciphertext_len;
|
||||
unsigned char* ciphertext = base64_decode(base64_data, &ciphertext_len);
|
||||
unsigned char* ciphertext = custom_base64_decode(base64_data, &ciphertext_len);
|
||||
if (!ciphertext) {
|
||||
printf("Error: Invalid base64 data\n");
|
||||
return 1;
|
||||
@@ -1108,52 +1116,53 @@ int write_state_offset(const char* pad_hash, uint64_t offset) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int calculate_sha256(const char* filename, char* hash_hex) {
|
||||
int calculate_checksum(const char* filename, char* checksum_hex) {
|
||||
FILE* file = fopen(filename, "rb");
|
||||
if (!file) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
EVP_MD_CTX* mdctx = EVP_MD_CTX_new();
|
||||
if (!mdctx) {
|
||||
fclose(file);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL) != 1) {
|
||||
EVP_MD_CTX_free(mdctx);
|
||||
fclose(file);
|
||||
return 1;
|
||||
}
|
||||
|
||||
unsigned char checksum[32];
|
||||
unsigned char buffer[64 * 1024]; // 64KB buffer for large files
|
||||
size_t bytes_read;
|
||||
|
||||
// Initialize checksum
|
||||
memset(checksum, 0, 32);
|
||||
size_t total_bytes = 0;
|
||||
|
||||
// Calculate XOR checksum of entire file
|
||||
while ((bytes_read = fread(buffer, 1, sizeof(buffer), file)) > 0) {
|
||||
if (EVP_DigestUpdate(mdctx, buffer, bytes_read) != 1) {
|
||||
EVP_MD_CTX_free(mdctx);
|
||||
fclose(file);
|
||||
return 1;
|
||||
// Process this chunk with XOR checksum
|
||||
for (size_t i = 0; i < bytes_read; i++) {
|
||||
unsigned char bucket = (total_bytes + i) % 32;
|
||||
checksum[bucket] ^= buffer[i] ^ (((total_bytes + i) >> 8) & 0xFF) ^
|
||||
(((total_bytes + i) >> 16) & 0xFF) ^ (((total_bytes + i) >> 24) & 0xFF);
|
||||
}
|
||||
total_bytes += bytes_read;
|
||||
}
|
||||
|
||||
unsigned char hash[EVP_MAX_MD_SIZE];
|
||||
unsigned int hash_len;
|
||||
fclose(file);
|
||||
|
||||
if (EVP_DigestFinal_ex(mdctx, hash, &hash_len) != 1) {
|
||||
EVP_MD_CTX_free(mdctx);
|
||||
// Now encrypt the checksum with the first 32 bytes of the pad
|
||||
fseek(file = fopen(filename, "rb"), 0, SEEK_SET);
|
||||
unsigned char pad_key[32];
|
||||
if (fread(pad_key, 1, 32, file) != 32) {
|
||||
fclose(file);
|
||||
return 1;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_free(mdctx);
|
||||
fclose(file);
|
||||
|
||||
// Convert to hex string
|
||||
for (unsigned int i = 0; i < hash_len; i++) {
|
||||
sprintf(hash_hex + (i * 2), "%02x", hash[i]);
|
||||
// XOR encrypt the checksum with pad data to create unique identifier
|
||||
unsigned char encrypted_checksum[32];
|
||||
for (int i = 0; i < 32; i++) {
|
||||
encrypted_checksum[i] = checksum[i] ^ pad_key[i];
|
||||
}
|
||||
hash_hex[hash_len * 2] = '\0';
|
||||
|
||||
// Convert to hex string (64 characters)
|
||||
for (int i = 0; i < 32; i++) {
|
||||
sprintf(checksum_hex + (i * 2), "%02x", encrypted_checksum[i]);
|
||||
}
|
||||
checksum_hex[64] = '\0';
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -1228,49 +1237,6 @@ int collect_keyboard_entropy(unsigned char* entropy_buffer, size_t max_size, siz
|
||||
return 0;
|
||||
}
|
||||
|
||||
int hkdf_expand(const unsigned char* prk, size_t prk_len,
|
||||
const unsigned char* info, size_t info_len,
|
||||
unsigned char* okm, size_t okm_len) {
|
||||
EVP_MD_CTX* ctx = EVP_MD_CTX_new();
|
||||
if (!ctx) return 1;
|
||||
|
||||
unsigned char t[32]; // SHA-256 output size
|
||||
unsigned char counter = 1;
|
||||
size_t t_len = 32;
|
||||
size_t pos = 0;
|
||||
|
||||
while (pos < okm_len) {
|
||||
if (EVP_DigestInit_ex(ctx, EVP_sha256(), NULL) != 1) {
|
||||
EVP_MD_CTX_free(ctx);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (pos > 0) {
|
||||
EVP_DigestUpdate(ctx, t, t_len);
|
||||
}
|
||||
|
||||
EVP_DigestUpdate(ctx, prk, prk_len);
|
||||
if (info && info_len > 0) {
|
||||
EVP_DigestUpdate(ctx, info, info_len);
|
||||
}
|
||||
EVP_DigestUpdate(ctx, &counter, 1);
|
||||
|
||||
unsigned int hash_len;
|
||||
if (EVP_DigestFinal_ex(ctx, t, &hash_len) != 1) {
|
||||
EVP_MD_CTX_free(ctx);
|
||||
return 1;
|
||||
}
|
||||
|
||||
size_t copy_len = (okm_len - pos < hash_len) ? okm_len - pos : hash_len;
|
||||
memcpy(okm + pos, t, copy_len);
|
||||
|
||||
pos += copy_len;
|
||||
counter++;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_free(ctx);
|
||||
return 0;
|
||||
}
|
||||
|
||||
// Directory management functions
|
||||
int ensure_pads_directory(void) {
|
||||
@@ -1288,58 +1254,101 @@ void get_pad_path(const char* hash, char* pad_path, char* state_path) {
|
||||
snprintf(state_path, MAX_HASH_LENGTH + 20, "%s/%s.state", PADS_DIR, hash);
|
||||
}
|
||||
|
||||
char* base64_encode(const unsigned char* input, int length) {
|
||||
BIO *bio, *b64;
|
||||
BUF_MEM *buffer_ptr;
|
||||
|
||||
b64 = BIO_new(BIO_f_base64());
|
||||
bio = BIO_new(BIO_s_mem());
|
||||
bio = BIO_push(b64, bio);
|
||||
|
||||
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
|
||||
BIO_write(bio, input, length);
|
||||
BIO_flush(bio);
|
||||
|
||||
BIO_get_mem_ptr(bio, &buffer_ptr);
|
||||
|
||||
char* result = malloc(buffer_ptr->length + 1);
|
||||
memcpy(result, buffer_ptr->data, buffer_ptr->length);
|
||||
result[buffer_ptr->length] = '\0';
|
||||
|
||||
BIO_free_all(bio);
|
||||
return result;
|
||||
// Custom XOR checksum function
|
||||
void xor_checksum_256(const unsigned char* data, size_t len, unsigned char checksum[32]) {
|
||||
memset(checksum, 0, 32);
|
||||
for (size_t i = 0; i < len; i++) {
|
||||
unsigned char bucket = i % 32;
|
||||
checksum[bucket] ^= data[i] ^ ((i >> 8) & 0xFF) ^ ((i >> 16) & 0xFF) ^ ((i >> 24) & 0xFF);
|
||||
}
|
||||
}
|
||||
|
||||
unsigned char* base64_decode(const char* input, int* output_length) {
|
||||
BIO *bio, *b64;
|
||||
int decode_len = strlen(input);
|
||||
// Custom base64 encode function
|
||||
char* custom_base64_encode(const unsigned char* input, int length) {
|
||||
int output_length = 4 * ((length + 2) / 3);
|
||||
char* encoded = malloc(output_length + 1);
|
||||
if (!encoded) return NULL;
|
||||
|
||||
unsigned char* buffer = malloc(decode_len);
|
||||
int i, j;
|
||||
for (i = 0, j = 0; i < length;) {
|
||||
uint32_t octet_a = i < length ? input[i++] : 0;
|
||||
uint32_t octet_b = i < length ? input[i++] : 0;
|
||||
uint32_t octet_c = i < length ? input[i++] : 0;
|
||||
|
||||
bio = BIO_new_mem_buf(input, -1);
|
||||
b64 = BIO_new(BIO_f_base64());
|
||||
bio = BIO_push(b64, bio);
|
||||
uint32_t triple = (octet_a << 16) + (octet_b << 8) + octet_c;
|
||||
|
||||
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
|
||||
*output_length = BIO_read(bio, buffer, decode_len);
|
||||
|
||||
BIO_free_all(bio);
|
||||
|
||||
if (*output_length <= 0) {
|
||||
free(buffer);
|
||||
return NULL;
|
||||
encoded[j++] = base64_chars[(triple >> 18) & 63];
|
||||
encoded[j++] = base64_chars[(triple >> 12) & 63];
|
||||
encoded[j++] = base64_chars[(triple >> 6) & 63];
|
||||
encoded[j++] = base64_chars[triple & 63];
|
||||
}
|
||||
|
||||
return buffer;
|
||||
// Add padding
|
||||
for (int pad = 0; pad < (3 - length % 3) % 3; pad++) {
|
||||
encoded[output_length - 1 - pad] = '=';
|
||||
}
|
||||
|
||||
encoded[output_length] = '\0';
|
||||
return encoded;
|
||||
}
|
||||
|
||||
// Custom base64 decode function
|
||||
unsigned char* custom_base64_decode(const char* input, int* output_length) {
|
||||
int input_length = strlen(input);
|
||||
if (input_length % 4 != 0) return NULL;
|
||||
|
||||
*output_length = input_length / 4 * 3;
|
||||
if (input[input_length - 1] == '=') (*output_length)--;
|
||||
if (input[input_length - 2] == '=') (*output_length)--;
|
||||
|
||||
unsigned char* decoded = malloc(*output_length);
|
||||
if (!decoded) return NULL;
|
||||
|
||||
int i, j;
|
||||
for (i = 0, j = 0; i < input_length;) {
|
||||
int sextet_a = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
|
||||
int sextet_b = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
|
||||
int sextet_c = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
|
||||
int sextet_d = input[i] == '=' ? 0 & i++ : base64_decode_table[(unsigned char)input[i++]];
|
||||
|
||||
if (sextet_a == -1 || sextet_b == -1 || sextet_c == -1 || sextet_d == -1) {
|
||||
free(decoded);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
uint32_t triple = (sextet_a << 18) + (sextet_b << 12) + (sextet_c << 6) + sextet_d;
|
||||
|
||||
if (j < *output_length) decoded[j++] = (triple >> 16) & 255;
|
||||
if (j < *output_length) decoded[j++] = (triple >> 8) & 255;
|
||||
if (j < *output_length) decoded[j++] = triple & 255;
|
||||
}
|
||||
|
||||
return decoded;
|
||||
}
|
||||
|
||||
// Simple keyboard entropy mixing function
|
||||
void simple_entropy_mix(unsigned char* urandom_buffer, size_t buffer_size,
|
||||
const unsigned char* entropy_data, size_t entropy_size) {
|
||||
if (!entropy_data || entropy_size == 0) return;
|
||||
|
||||
for (size_t i = 0; i < buffer_size; i++) {
|
||||
// XOR with entropy data in a rotating pattern
|
||||
unsigned char entropy_byte = entropy_data[i % entropy_size];
|
||||
// Mix position information
|
||||
entropy_byte ^= (i & 0xFF) ^ ((i >> 8) & 0xFF);
|
||||
urandom_buffer[i] ^= entropy_byte;
|
||||
}
|
||||
}
|
||||
|
||||
void print_usage(const char* program_name) {
|
||||
printf("OTP Cipher - One Time Pad Implementation v2.0\n");
|
||||
printf("OTP Cipher - One Time Pad Implementation %s\n", get_version());
|
||||
printf("%s\n", get_build_info());
|
||||
printf("Usage:\n");
|
||||
printf(" %s - Interactive mode\n", program_name);
|
||||
printf(" %s generate <size> - Generate new pad\n", program_name);
|
||||
printf(" %s encrypt <pad_hash_prefix> - Encrypt text\n", program_name);
|
||||
printf(" %s decrypt <pad_hash_prefix> - Decrypt message\n", program_name);
|
||||
printf(" %s encrypt <pad_checksum_prefix> - Encrypt text\n", program_name);
|
||||
printf(" %s decrypt <pad_checksum_prefix> - Decrypt message\n", program_name);
|
||||
printf(" %s list - List available pads\n", program_name);
|
||||
printf("\nSize examples: 1GB, 5TB, 512MB, 2048 (bytes)\n");
|
||||
printf("Pad selection: Full hash, prefix, or number from list\n");
|
||||
|
||||
Reference in New Issue
Block a user