Version v0.2.102 - Add entropy

Makefile

@@ -1,22 +1,21 @@
 CC = gcc
 CFLAGS = -Wall -Wextra -std=c99
-LIBS = 
+LIBS = -lm
-LIBS_STATIC = -static
+LIBS_STATIC = -static -lm
 TARGET = otp
 SOURCE = otp.c
-VERSION_SOURCE = src/version.c
+CHACHA20_SOURCE = nostr_chacha20.c
 
 # Default build target
 $(TARGET): $(SOURCE)
-	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(VERSION_SOURCE) $(LIBS)
+	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(CHACHA20_SOURCE) $(LIBS)
 
 # Static linking target
 static: $(SOURCE)
-	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(VERSION_SOURCE) $(LIBS_STATIC)
+	$(CC) $(CFLAGS) -o $(TARGET) $(SOURCE) $(CHACHA20_SOURCE) $(LIBS_STATIC)
 
 clean:
 	rm -f $(TARGET) *.pad *.state
-	rm -f src/version.h src/version.c VERSION
 
 install:
 	sudo cp $(TARGET) /usr/local/bin/

TODO.md

@@ -3,9 +3,6 @@
 
 ## Change technique for adding keyboard entropy.
 
-## Some of the processing seems similar, so maybe code could be more compact.
-
-## Command line otp -e should go to default pad, and then comment after the fact that it used the default pad.
 
 ## There is the problem of the location of the pad revealing metadata about how many messages have been sent in the past, or at least the size of the messsages.
 
@@ -15,10 +12,8 @@ Or, better yet, assume the offset is a very large size, and use the pad itself t
 
 ## Take a look at how the file header is being handled.
 
-## We have three different decrypt file functions
-
-## Preferences directory and files look off. Should probably have ~/.otp as the default directory, and then in there we can have otp.conf, pads/ 
 
 ## Setup for multiple USB drives
 
 
+

nostr_chacha20.c

@@ -0,0 +1,163 @@
+/*
+ * nostr_chacha20.c - ChaCha20 stream cipher implementation
+ * 
+ * Implementation based on RFC 8439 "ChaCha20 and Poly1305 for IETF Protocols"
+ * 
+ * This implementation is adapted from the RFC 8439 reference specification.
+ * It prioritizes correctness and clarity over performance optimization.
+ */
+
+#include "nostr_chacha20.h"
+#include <string.h>
+
+/*
+ * ============================================================================
+ * UTILITY MACROS AND FUNCTIONS
+ * ============================================================================
+ */
+
+/* Left rotate a 32-bit value by n bits */
+#define ROTLEFT(a, b) (((a) << (b)) | ((a) >> (32 - (b))))
+
+/* Convert 4 bytes to 32-bit little-endian */
+static uint32_t bytes_to_u32_le(const uint8_t *bytes) {
+    return ((uint32_t)bytes[0]) |
+           ((uint32_t)bytes[1] << 8) |
+           ((uint32_t)bytes[2] << 16) |
+           ((uint32_t)bytes[3] << 24);
+}
+
+/* Convert 32-bit to 4 bytes little-endian */
+static void u32_to_bytes_le(uint32_t val, uint8_t *bytes) {
+    bytes[0] = (uint8_t)(val & 0xff);
+    bytes[1] = (uint8_t)((val >> 8) & 0xff);
+    bytes[2] = (uint8_t)((val >> 16) & 0xff);
+    bytes[3] = (uint8_t)((val >> 24) & 0xff);
+}
+
+/*
+ * ============================================================================
+ * CHACHA20 CORE FUNCTIONS
+ * ============================================================================
+ */
+
+void chacha20_quarter_round(uint32_t state[16], int a, int b, int c, int d) {
+    state[a] += state[b]; 
+    state[d] ^= state[a]; 
+    state[d] = ROTLEFT(state[d], 16);
+    
+    state[c] += state[d]; 
+    state[b] ^= state[c]; 
+    state[b] = ROTLEFT(state[b], 12);
+    
+    state[a] += state[b]; 
+    state[d] ^= state[a]; 
+    state[d] = ROTLEFT(state[d], 8);
+    
+    state[c] += state[d]; 
+    state[b] ^= state[c]; 
+    state[b] = ROTLEFT(state[b], 7);
+}
+
+void chacha20_init_state(uint32_t state[16], const uint8_t key[32], 
+                         uint32_t counter, const uint8_t nonce[12]) {
+    /* ChaCha20 constants "expand 32-byte k" */
+    state[0] = 0x61707865;
+    state[1] = 0x3320646e;
+    state[2] = 0x79622d32;
+    state[3] = 0x6b206574;
+    
+    /* Key (8 words) */
+    state[4]  = bytes_to_u32_le(key + 0);
+    state[5]  = bytes_to_u32_le(key + 4);
+    state[6]  = bytes_to_u32_le(key + 8);
+    state[7]  = bytes_to_u32_le(key + 12);
+    state[8]  = bytes_to_u32_le(key + 16);
+    state[9]  = bytes_to_u32_le(key + 20);
+    state[10] = bytes_to_u32_le(key + 24);
+    state[11] = bytes_to_u32_le(key + 28);
+    
+    /* Counter (1 word) */
+    state[12] = counter;
+    
+    /* Nonce (3 words) */
+    state[13] = bytes_to_u32_le(nonce + 0);
+    state[14] = bytes_to_u32_le(nonce + 4);
+    state[15] = bytes_to_u32_le(nonce + 8);
+}
+
+void chacha20_serialize_state(const uint32_t state[16], uint8_t output[64]) {
+    for (int i = 0; i < 16; i++) {
+        u32_to_bytes_le(state[i], output + (i * 4));
+    }
+}
+
+int chacha20_block(const uint8_t key[32], uint32_t counter, 
+                   const uint8_t nonce[12], uint8_t output[64]) {
+    uint32_t state[16];
+    uint32_t initial_state[16];
+    
+    /* Initialize state */
+    chacha20_init_state(state, key, counter, nonce);
+    
+    /* Save initial state for later addition */
+    memcpy(initial_state, state, sizeof(initial_state));
+    
+    /* Perform 20 rounds (10 iterations of the 8 quarter rounds) */
+    for (int i = 0; i < 10; i++) {
+        /* Column rounds */
+        chacha20_quarter_round(state, 0, 4, 8,  12);
+        chacha20_quarter_round(state, 1, 5, 9,  13);
+        chacha20_quarter_round(state, 2, 6, 10, 14);
+        chacha20_quarter_round(state, 3, 7, 11, 15);
+        
+        /* Diagonal rounds */
+        chacha20_quarter_round(state, 0, 5, 10, 15);
+        chacha20_quarter_round(state, 1, 6, 11, 12);
+        chacha20_quarter_round(state, 2, 7, 8,  13);
+        chacha20_quarter_round(state, 3, 4, 9,  14);
+    }
+    
+    /* Add initial state back (prevents slide attacks) */
+    for (int i = 0; i < 16; i++) {
+        state[i] += initial_state[i];
+    }
+    
+    /* Serialize to output bytes */
+    chacha20_serialize_state(state, output);
+    
+    return 0;
+}
+
+int chacha20_encrypt(const uint8_t key[32], uint32_t counter, 
+                     const uint8_t nonce[12], const uint8_t* input, 
+                     uint8_t* output, size_t length) {
+    uint8_t keystream[CHACHA20_BLOCK_SIZE];
+    size_t offset = 0;
+    
+    while (length > 0) {
+        /* Generate keystream block */
+        int ret = chacha20_block(key, counter, nonce, keystream);
+        if (ret != 0) {
+            return ret;
+        }
+        
+        /* XOR with input to produce output */
+        size_t block_len = (length < CHACHA20_BLOCK_SIZE) ? length : CHACHA20_BLOCK_SIZE;
+        for (size_t i = 0; i < block_len; i++) {
+            output[offset + i] = input[offset + i] ^ keystream[i];
+        }
+        
+        /* Move to next block */
+        offset += block_len;
+        length -= block_len;
+        counter++;
+        
+        /* Check for counter overflow */
+        if (counter == 0) {
+            return -1; /* Counter wrapped around */
+        }
+    }
+    
+    return 0;
+}

nostr_chacha20.h

@@ -0,0 +1,115 @@
+/*
+ * nostr_chacha20.h - ChaCha20 stream cipher implementation
+ * 
+ * Implementation based on RFC 8439 "ChaCha20 and Poly1305 for IETF Protocols"
+ * 
+ * This is a small, portable implementation for NIP-44 support in the NOSTR library.
+ * The implementation prioritizes correctness and simplicity over performance.
+ */
+
+#ifndef NOSTR_CHACHA20_H
+#define NOSTR_CHACHA20_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * ============================================================================
+ * CONSTANTS AND DEFINITIONS
+ * ============================================================================
+ */
+
+#define CHACHA20_KEY_SIZE    32  /* 256 bits */
+#define CHACHA20_NONCE_SIZE  12  /* 96 bits */
+#define CHACHA20_BLOCK_SIZE  64  /* 512 bits */
+
+/*
+ * ============================================================================
+ * CORE CHACHA20 FUNCTIONS
+ * ============================================================================
+ */
+
+/**
+ * ChaCha20 quarter round operation
+ * 
+ * Operates on four 32-bit words performing the core ChaCha20 quarter round:
+ * a += b; d ^= a; d <<<= 16;
+ * c += d; b ^= c; b <<<= 12;
+ * a += b; d ^= a; d <<<= 8;
+ * c += d; b ^= c; b <<<= 7;
+ * 
+ * @param state[in,out] ChaCha state as 16 32-bit words
+ * @param a, b, c, d    Indices into state array for quarter round
+ */
+void chacha20_quarter_round(uint32_t state[16], int a, int b, int c, int d);
+
+/**
+ * ChaCha20 block function
+ * 
+ * Transforms a 64-byte input block using ChaCha20 algorithm with 20 rounds.
+ * 
+ * @param key[in]       32-byte key
+ * @param counter[in]   32-bit block counter
+ * @param nonce[in]     12-byte nonce
+ * @param output[out]   64-byte output buffer
+ * @return              0 on success, negative on error
+ */
+int chacha20_block(const uint8_t key[32], uint32_t counter, 
+                   const uint8_t nonce[12], uint8_t output[64]);
+
+/**
+ * ChaCha20 encryption/decryption
+ * 
+ * Encrypts or decrypts data using ChaCha20 stream cipher.
+ * Since ChaCha20 is a stream cipher, encryption and decryption are the same operation.
+ * 
+ * @param key[in]           32-byte key
+ * @param counter[in]       Initial 32-bit counter value
+ * @param nonce[in]         12-byte nonce
+ * @param input[in]         Input data to encrypt/decrypt
+ * @param output[out]       Output buffer (can be same as input)
+ * @param length[in]        Length of input data in bytes
+ * @return                  0 on success, negative on error
+ */
+int chacha20_encrypt(const uint8_t key[32], uint32_t counter, 
+                     const uint8_t nonce[12], const uint8_t* input, 
+                     uint8_t* output, size_t length);
+
+/*
+ * ============================================================================
+ * UTILITY FUNCTIONS
+ * ============================================================================
+ */
+
+/**
+ * Initialize ChaCha20 state matrix
+ * 
+ * Sets up the initial 16-word state matrix with constants, key, counter, and nonce.
+ * 
+ * @param state[out]    16-word state array to initialize
+ * @param key[in]       32-byte key
+ * @param counter[in]   32-bit block counter
+ * @param nonce[in]     12-byte nonce
+ */
+void chacha20_init_state(uint32_t state[16], const uint8_t key[32], 
+                         uint32_t counter, const uint8_t nonce[12]);
+
+/**
+ * Serialize ChaCha20 state to bytes
+ * 
+ * Converts 16 32-bit words to 64 bytes in little-endian format.
+ * 
+ * @param state[in]     16-word state array
+ * @param output[out]   64-byte output buffer
+ */
+void chacha20_serialize_state(const uint32_t state[16], uint8_t output[64]);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* NOSTR_CHACHA20_H */