algos_enc: fixup the padding for non-byte-aligned keys

2015-11-15 20:32:44 +01:00 · 2015-11-15 20:32:44 +01:00 · de4ee8aa39
parent 78a00ae3ce
commit de4ee8aa39
4 changed files with 10 additions and 6 deletions
--- a/src/algos_enc.cpp
+++ b/src/algos_enc.cpp
@ -259,6 +259,10 @@ static int fo_encrypt (const bvector&plain, bvector&cipher,
 	std::vector<byte> K;
 	K.resize (plainsize >> 3);
 	for (i = 0; i < K.size(); ++i) K[i] = rng.random (256);
+	if (plainsize & 7) { //the byte overlap
+		K.resize (1 + (plainsize >> 3), 0);
+		K[plainsize >> 3] = rng.random (256) % (1 << (uint) (plainsize & 7));
+	}

 	//create the base for error vector
 	std::vector<byte> H, M2;
@ -269,7 +273,7 @@ static int fo_encrypt (const bvector&plain, bvector&cipher,

 	//prepare the error vector (rotate the hash so we don't need ultralong hash functions)
 	bvector ev_rank;
-	ev_rank.resize (ranksize);
+	ev_rank.resize (ranksize, 0);
 	for (i = 0; i < ranksize; ++i)
 		ev_rank[i] = 1 & (H[ (i >> 3) % H.size()] >> (i & 0x7));

@ -279,7 +283,7 @@ static int fo_encrypt (const bvector&plain, bvector&cipher,
 	//prepare plaintext
 	bvector mce_plain;
 	mce_plain.from_bytes (K);
-	mce_plain.resize (plainsize, 0); //pad with 0's to exact size
+	mce_plain.resize (plainsize, 0); //fit to exact size (there shouldn't be overflow)

 	//run McEliece
 	if (Pub.encrypt (mce_plain, cipher, ev)) return 5;
@ -372,9 +376,7 @@ static int fo_decrypt (const bvector&cipher, bvector&plain,
 	//convert stuff to byte vectors
 	std::vector<byte> K, M;

-	bvector Kb;
-	mce_plain.get_block (0, plainsize, Kb);
-	Kb.to_bytes (K);
+	mce_plain.to_bytes (K);

 	bvector Mb;
 	cipher.get_block (ciphersize, msize, Mb);
--- a/src/iohelpers.h
+++ b/src/iohelpers.h
@ -33,6 +33,7 @@
 #define out_bin(x) std::cout << x
 #define outeol std::cout << std::endl
 #define err(x) std::cerr << x << std::endl
+#define err_bin(x) std::cerr << x
 #define erreol std::cerr << std::endl
 #define progerr(x) std::cerr << argv[0] << ": " << x << std::endl

--- a/src/main.cpp
+++ b/src/main.cpp
@ -92,6 +92,7 @@ void test()
 	/*
 	 * Dear hacker,
 	 * use this function for quicktesting your stuff.
+	 * It gets executed by the -T parameter.
 	 * Other places suck for that purpose.
 	 */
 }
--- a/src/mce_qcmdpc.cpp
+++ b/src/mce_qcmdpc.cpp
@ -258,7 +258,7 @@ int privkey::decrypt (const bvector & in_orig, bvector & out, bvector & errors)
 		for (i = 0; i < cs; ++i)
 			if (unsat[i] > max_unsat) max_unsat = unsat[i];
 		if (!max_unsat) break;
-		if(max_unsat>bs) out("EROR?!!!");
+		if (max_unsat > bs) err ("mce_qcmdpc: weird decryption error, expect failures");
 		//TODO do something about possible timing attacks

 		uint threshold = 0;