Fraunhofer-AISEC · aewag · Mar 7, 2023 · Mar 7, 2023 · Mar 7, 2023 · Mar 7, 2023
diff --git a/.gitmodules b/.gitmodules
@@ -2,3 +2,6 @@
 	path = data-gui
 	url = https://github.com/IAIK/data-gui.git
 	branch = master
+[submodule "cryptolib/botan/botan"]
+	path = cryptolib/botan/botan
+	url = https://github.com/randombit/botan.git
diff --git a/cryptolib/botan/Makefile b/cryptolib/botan/Makefile
@@ -0,0 +1,22 @@
+all: fetch configure build
+
+fetch:
+	git submodule update --init --recursive
+
+configure:
+	cd botan &&                                                                     \
+	./configure.py --prefix=./build --cc=gcc --cc-bin=g++-11 --cc-abi=-fno-plt      \
+    --disable-modules tls,locking_allocator --disable-sse2 --disable-ssse3              \
+    --disable-sse4.1 --disable-sse4.2 --disable-avx2 --disable-bmi2 --disable-rdrand    \
+    --disable-rdseed --disable-aes-ni --disable-sha-ni --disable-altivec                \
+    --disable-neon --disable-armv8crypto --disable-powercrypto                          \
+    --without-os-feature=threads --with-debug-info --build-targets=static,cli
+
+build:
+	$(MAKE) -C botan botan
+	$(MAKE) -C algo_dilithium
+	$(MAKE) -C algo_kyber
+	$(MAKE) -C algo_xmss
+
+clean:
+	make -C botan clean
diff --git a/cryptolib/botan/algo_aes/.gitignore b/cryptolib/botan/algo_aes/.gitignore
@@ -0,0 +1 @@
+results/
diff --git a/cryptolib/botan/algo_aes/data_run.sh b/cryptolib/botan/algo_aes/data_run.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -e
+
+PINFLAGS="--phase1 --phase2 --export --parallel"
+export RESULTDIR=results
+
+
+pushd ${BASH_SOURCE%/*}
+
+if [[ $1 == "clean" || $2 == "clean" ]]; then
+    rm -rf results
+fi
+
+./framework.sh ${PINFLAGS} AES 128 CBC
+
+if [[ $1 == "test" || $2 == "test" ]]; then
+    popd
+    exit 0
+fi
+
+./framework.sh ${PINFLAGS} AES 192 CBC
+./framework.sh ${PINFLAGS} AES 256 CBC
+
+popd
diff --git a/cryptolib/botan/algo_aes/framework.sh b/cryptolib/botan/algo_aes/framework.sh
@@ -0,0 +1,139 @@
+
+
+#########################################################################
+# DO NOT CHANGE: Preparing DATA
+#------------------------------------------------------------------------
+source "${DATA_COMMON}/DATA_init.sh" || { echo "source data.sh first!" && exit 1; }
+#########################################################################
+
+#------------------------------------------------------------------------
+# Specify your framework settings used by DATA
+#------------------------------------------------------------------------
+
+# The name of the framework. Do not use spaces or special characters.
+export FRAMEWORK=botan
+
+# The file containing all supported algorithms
+export TARGETFILE=targets.txt
+
+# The number of measurements for difference detection (phase1)
+export PHASE1_TRACES=3
+
+# The number of constant keys for generic tests (phase2)
+# Make sure that PHASE2_FIXEDKEYS <= PHASE1_TRACES
+export PHASE2_FIXEDKEYS=3
+
+# The number of measurements per constant key for generic tests (phase2)
+export PHASE2_TRACES=100
+
+# The number of measurements for specific tests (phase3)
+export PHASE3_TRACES=300
+
+# (Optional) Additional flags for the pintool. Supported flags are:
+#  -main <main>    Start recording at function <main>. Note that the <main>
+#                  symbol must exist, otherwise this will yield empty traces!
+#  -heap           Trace heap allocations and replace heap addresses with 
+#                  relative offset
+export PINTOOL_ARGS="-heap"
+
+#------------------------------------------------------------------------
+# Implement your framework-specific callbacks
+#------------------------------------------------------------------------
+#
+# Globally available environment variables:
+#   $FRAMEWORK           The framework name
+#   $BASEDIR             The absolute directory path of this script
+#   $DATA_COMMON         The absolute directory for common DATA scripts
+#   $DATA_LEAKAGE_MODELS The absolute directory for DATA leakage models
+#
+# Available for cb_genkey, cb_pre_run, cb_run_command, cb_post_run
+#   $ALGO       The currently tested algo
+#
+# Available for cb_pre_run, cb_run_command, cb_post_run
+#   $ENVFILE
+
+export BINARY=${PWD}/../botan/botan
+
+# The leakage model of phase 3.
+# See ${DATA_LEAKAGE_MODELS} for all options.
+export SPECIFIC_LEAKAGE_CALLBACK=${DATA_LEAKAGE_MODELS}/sym_byte_value.py
+
+# DATA callback for setting up the framework to analyze. This callback
+# is invoked once inside the current directory before analysis starts.
+# Implement framework-specific tasks here like framework compilation.
+function cb_prepare_framework {
+  :
+}
+
+# DATA callback for generating keys. This callback is invoked every
+# time a new key is needed. Implement key generation according to
+# your algorithm and store the generated key inside a file named $2.
+#
+# $1 ... key file name
+function cb_genkey {
+  "${DATA_COMMON}"/genkey.py "${KEYBYTES}" > "$1"
+  RES=$((RES + $?))
+}
+
+# DATA callback for custom commands that are executed immediately before 
+# the algorithm is profiled. It is executed in a temporary directory 
+# which contains the keyfile $1 and ${ENVFILE}.
+#
+# If 'cb_run_command' needs any other files, copy them to ${PWD}. 
+#
+# $1 ... key file name
+function cb_pre_run {
+  log_verbose "running with key $1"
+  echo "hello" > input.bin
+  echo "LD_LIBRARY_PATH=${BINARY}" >> ${ENVFILE}
+}
+
+# DATA callback for the main invocation of the tested algorithm.
+# It shall return the bash command to execute as string. It is
+# executed inside a temporary directory with a clean environment.
+# If you need special files or environment variables set, specify
+# them in cb_pre_run.
+#
+# $1 ... key file name
+function cb_run_command {
+  HEXKEY=$(cat "$1")
+  echo "${BINARY} cipher --cipher=${ALGO}-${PARAM}/${MODE} --key=${HEXKEY} input.bin"
+}
+
+# DATA callback for custom commands that are executed immediately after 
+# the algorithm is profiled. It is executed in a temporary directory.
+# You can cleanup any custom files generated by your algorithm.
+#
+# $1 ... key file name
+function cb_post_run {
+  :
+}
+
+# DATA callback for preparing an individual algorithm. It shall:
+# 1. Parse the next algorithm from the commandline string of all algorithms
+#    and set up anything necessary for analyzing this algorithm.
+#    If the algorithm needs additional parameters (like key sizes), 
+#    increase $SHIFT accordingly.
+# 2. Configure $WORKDIR, which will create a subdirectory holding all
+#    intermediate files generated by the algorithm and the results.
+#    Do not use an absolute path!
+#
+# $* ... algorithm string from the commandline
+function cb_prepare_algo {
+  ALGO=$1
+  # key bits
+  PARAM=$2
+  MODE=$3
+  SHIFT=$((SHIFT+2))
+  KEYBYTES=$(( PARAM / 8 ))
+
+  WORKDIR="$ALGO-$MODE-$PARAM"
+}
+
+#########################################################################
+# DO NOT CHANGE: Running DATA's commandline parser
+#------------------------------------------------------------------------
+DATA_parse "$@"
+#------------------------------------------------------------------------
+# DO NOT ADD CODE AFTER THIS LINE
+#########################################################################
diff --git a/cryptolib/botan/algo_curve25519/.gitignore b/cryptolib/botan/algo_curve25519/.gitignore
@@ -0,0 +1,2 @@
+bin/
+results/
diff --git a/cryptolib/botan/algo_curve25519/Makefile b/cryptolib/botan/algo_curve25519/Makefile
@@ -0,0 +1,8 @@
+all: curve25519
+
+curve25519: curve25519.cpp
+	mkdir -p bin
+	g++-11 -std=c++20 -g -O0 -Wall -I ../botan/build/include -Wl,-rpath=../botan/ $^ -o bin/$@ -L ../botan/ -l:libbotan-3.a
+
+clean:
+	rm -rf bin/
diff --git a/cryptolib/botan/algo_curve25519/curve25519.cpp b/cryptolib/botan/algo_curve25519/curve25519.cpp
@@ -0,0 +1,113 @@
+#include <cassert>
+#include <fstream>
+#include <iostream>
+#include <string>
+#include <vector>
+using namespace std;
+
+
+
+#include <botan/auto_rng.h>
+#include <botan/curve25519.h>
+#include <botan/ecdh.h>
+#include <botan/hex.h>
+#include <botan/pubkey.h>
+
+vector<string> modes = {
+  "curve25519",
+};
+
+vector<string> operations = {
+  "keygen",
+  "ecdh"
+};
+
+int main(int argc, char* argv[]) {
+  Botan::AutoSeeded_RNG rng;
+
+  if (argc != 4) {
+    cout << "Usage:\n\n"
+              << "  ecdh <mode> <operation> <keyfile>\n\n"
+              << "    <mode> ..... asymmetric cipher mode\n"
+              << "    <operation> ..... operation to execute, e.g. keygen or kem\n"
+              << "    <keyfile> ... ecc key file, read as text\n"
+              << endl;
+    cout << "List of available modes:" << endl;
+    for(vector<string>::size_type i = 0; i != modes.size(); i++) {
+      cout << "  " << modes[i] << endl;
+    }
+    cout << endl;
+    cout << "List of available operations:" << endl;
+    for(vector<string>::size_type i = 0; i != operations.size(); i++) {
+      cout << "  " << operations[i] << endl;
+    }
+    cout << endl;
+    return (1);
+  }
+
+  string str_mode (argv[1]);
+  string str_operation (argv[2]);
+  string str_keyfile (argv[3]);
+
+  // ec domain and KDF
+  const std::string kdf = "KDF2(SHA-256)";
+
+  std::string keyfile_buffer_sk(str_keyfile);
+
+  if (str_operation == "keygen") {
+    // KeyGen
+    const Botan::Curve25519_PrivateKey key(rng);
+    const auto key_bits = key.private_key_bits();
+
+    // Store key pair
+    ofstream keyfile_sk;
+    keyfile_sk.open(keyfile_buffer_sk);
+    keyfile_sk << hex_encode(key_bits);
+    keyfile_sk.close();
+
+  } else if (str_operation == "ecdh") {
+        // std::vector<uint8_t> signature;
+        string line_sk;
+        ifstream keyfile_sk;
+
+        Botan::AlgorithmIdentifier aid;
+
+        // // Load server key
+        Botan::Curve25519_PrivateKey server_key(
+            aid,
+            Botan::hex_decode(
+                "042014F9395B906AD12E57E10E0CC0694A747322B6FFEF4B8FB3803F6F2AFE972B2C"
+            )
+        );
+        // keyfile_sk.open(keyfile_buffer_sk);
+        // getline(keyfile_sk, line_sk);
+        // keyfile_sk.close();
+        // const auto server_sk(Botan::hex_decode(line_sk));
+        // Botan::Curve25519_PrivateKey server_key(aid, server_sk);
+
+        // Load experiment key
+        keyfile_sk.open(keyfile_buffer_sk);
+        getline(keyfile_sk, line_sk);
+        keyfile_sk.close();
+        const auto sk(Botan::hex_decode(line_sk));
+        Botan::Curve25519_PrivateKey key(aid, sk);
+
+        // now they exchange their public values
+        const auto server_key_pub = server_key.public_value();
+        const auto key_pub = key.public_value();
+
+        // Construct key agreements and agree on a shared secret
+        Botan::PK_Key_Agreement ka_server(server_key, rng, kdf);
+        const auto sA = ka_server.derive_key(32, key_pub).bits_of();
+
+        Botan::PK_Key_Agreement ka_client(key, rng, kdf);
+        const auto sB = ka_client.derive_key(32, server_key_pub).bits_of();
+
+        assert(sA == sB);
+  } else {
+    cout << str_operation << " is no valid operation!" << endl;
+    assert(false);
+  }
+
+  return (0);
+}
diff --git a/cryptolib/botan/algo_curve25519/data_run.sh b/cryptolib/botan/algo_curve25519/data_run.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -e
+
+PINFLAGS="--phase1 --phase2 --export --parallel"
+export RESULTDIR=results
+
+
+pushd ${BASH_SOURCE%/*}
+
+if [[ $1 == "clean" || $2 == "clean" ]]; then
+    rm -rf results
+fi
+
+./framework.sh ${PINFLAGS} curve25519
+
+if [[ $1 == "test" || $2 == "test" ]]; then
+    popd
+    exit 0
+fi
+
+
+./framework.sh ${PINFLAGS} secp256r1
+
+popd