Add secret sharing

[software/DIPE.git] / src / DIPE.cxx
diff --git a/src/DIPE.cxx b/src/DIPE.cxx

index f278f5008857d195d565a1b0b299735b33f66daf..9b8c91ec52c9f8495aa8f178072fd672674e9ec0 100644 (file)
--- a/src/DIPE.cxx
+++ b/src/DIPE.cxx
@@ -1,4 +1,5 @@
  #include "DIPE.h"
+#include "DIPE_Internal.h"
  
  #include <string.h>
  #include <nettle/hkdf.h>
@@ -13,36 +14,6 @@
  using std::min;
  using std::max;
  
-struct dipe_param {
-       pairing_t pairing;
-       element_t g1;
-       element_t g2;
-       element_t gt;
-};
-
-struct dipe_master_publickey {
-       size_t dimension;
-       element_t a;
-       element_t* k;
-};
-
-struct dipe_master_secretkey {
-       size_t dimension;
-       element_t a;
-       element_t* k;
-};
-
-struct dipe_secretkey {
-       size_t dimension;
-       element_t d;
-};
-
-struct dipe_ctxt {
-       size_t dimension;
-       element_t s;
-       element_t* cx;
-       element_t c;
-};
  
  
  namespace {
@@ -78,18 +49,14 @@ namespace {
  
         /* Data format is iv | enc(4 byte len | ptxt | 0 padding) | tag
          */
-       int dipe_aes_encrypt(uint8_t* key, size_t ptxt_len, uint8_t* ptxt, size_t ctxt_len, uint8_t* ctxt) {
+       int dipe_aes_encrypt(uint8_t* key, uint8_t* iv, size_t ptxt_len, uint8_t* ptxt, size_t ctxt_len, uint8_t* ctxt) {
                 struct gcm_aes128_ctx ctx;
-               uint8_t iv[12];
                 uint8_t block[16];
                 uint32_t coded_ptxtlen;
  
-               ctxt_len -= (12 + 16); /* IV + Tag */
-               if (ctxt_len < ptxt_len) return -1;
+               ctxt_len -= 16; /* Tag */
+               if (ctxt_len < ptxt_len + 4) return 0;
                 
-               getrandom(iv, 12, 0);
-               memcpy(ctxt, iv, 12);
-               ctxt += 12;
                 memset(block, 0, 16);
                 gcm_aes128_set_key(&ctx, key);
                 gcm_aes128_set_iv(&ctx, 12, iv);
@@ -123,13 +90,12 @@ namespace {
                 return 0;
         }
  
-       int dipe_aes_decrypt(uint8_t* key, size_t len, uint8_t* ctxt, uint8_t* ptxt) {
+       int dipe_aes_decrypt(uint8_t* key, uint8_t* iv, size_t len, uint8_t* ctxt, uint8_t* ptxt) {
                 struct gcm_aes128_ctx ctx;
                 uint8_t block[16];
  
                 gcm_aes128_set_key(&ctx, key);
-               gcm_aes128_set_iv(&ctx, 12, ctxt);
-               ctxt += 12; len -= 12;
+               gcm_aes128_set_iv(&ctx, 12, iv);
                 len -= 16; /* GCM tag */
  
                 
@@ -332,7 +298,7 @@ void dipe_encrypt(dipe_param_t param, dipe_master_publickey_t mpk, element_t* x,
         cap_len = dipe_serialize_ctxt(param, cap, (uint8_t*)ctxt);
         ctxt += cap_len; ctxt_len -= cap_len;
         
-       dipe_aes_encrypt(aes, ptxt_len, (uint8_t*)ptxt, ctxt_len, (uint8_t*)ctxt);
+       dipe_aes_encrypt(aes, aes+16, ptxt_len, (uint8_t*)ptxt, ctxt_len, (uint8_t*)ctxt);
  
         dipe_free_ctxt(cap);
         element_clear(key);
@@ -354,7 +320,7 @@ size_t dipe_decrypt(dipe_param_t param, dipe_secretkey_t sk, char* cid, element_
         dipe_free_ctxt(cap);
         element_clear(key);
  
-       return dipe_aes_decrypt(aes, ctxt_len, (uint8_t*)ctxt, (uint8_t*)ptxt);
+       return dipe_aes_decrypt(aes, aes+16, ctxt_len, (uint8_t*)ctxt, (uint8_t*)ptxt);
  }
  
  /* Note: we're generating random-looking bytes here. Therefore we
@@ -408,7 +374,7 @@ size_t dipe_deserialize_ctxt(dipe_param_t param, size_t dimension, dipe_ctxt_t*
  }
  
  size_t dipe_ciphertext_overhead(dipe_param_t param, size_t dimension) {
-       size_t overhead = 12 + 16 + 4 /* IV + Tag + Size */;
+       size_t overhead = 16 + 4 /* IV + Tag + Size */;
         element_t t;
  
         element_init_G1(t, param->pairing);