switching to ECDHE cryptography f, implementation is incomplete and INSECURE, do not use for anything but testing

author: Christian Grothoff <christian@grothoff.org> 2013-02-05 20:49:21 +0000
committer: Christian Grothoff <christian@grothoff.org> 2013-02-05 20:49:21 +0000
commit: ca35f67faee8371fa763bdf49f04a8d5d4cdc021 (patch)
tree: 5535df5e5a2428ed838c6a0e60b2c6c68a7842c5 /src/util
parent: dd7cca21c5dbaef4d56f92bab3932f0f73d092d1 (diff)
download: gnunet-ca35f67faee8371fa763bdf49f04a8d5d4cdc021.tar.gz
gnunet-ca35f67faee8371fa763bdf49f04a8d5d4cdc021.zip
6 files changed, 20 insertions, 195 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c
index d5c36d703..11b894f69 100644
--- a/src/util/crypto_aes.c
+++ b/src/util/crypto_aes.c
@@ -42,29 +42,6 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
 {
  gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,
                  GCRY_STRONG_RANDOM);
-  key->crc32 =
-      htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH));
-}
-/**
- * Check that a new session key is well-formed.
- *
- * @return GNUNET_OK if the key is valid
- */
-int
-GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
-                                     *key)
-{
-  uint32_t crc;
-  crc = GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  if (ntohl (key->crc32) != crc)
-  {
-    GNUNET_break_op (0);
-    return GNUNET_SYSERR;
-  }
-  return GNUNET_OK;
 }
@@ -85,12 +62,6 @@ setup_cipher (gcry_cipher_hd_t *handle,
 {
  int rc;
-  if (GNUNET_OK !=
-      GNUNET_CRYPTO_aes_check_session_key (sessionkey))
-  {
-    GNUNET_break (0);
-    return GNUNET_SYSERR;
-  }
  GNUNET_assert (0 ==
                 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
                                   GCRY_CIPHER_MODE_CFB, 0));
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c
index 04225b3dc..fca66aed4 100644
--- a/src/util/crypto_hash.c
+++ b/src/util/crypto_hash.c
@@ -419,8 +419,6 @@ GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
                 GNUNET_CRYPTO_AES_KEY_LENGTH +
                 sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
  memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  skey->crc32 =
-      htonl (GNUNET_CRYPTO_crc32_n (skey, GNUNET_CRYPTO_AES_KEY_LENGTH));
  memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH],
          sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
 }
diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c
index b19fc1998..d7f1dd58d 100644
--- a/src/util/gnunet-ecc.c
+++ b/src/util/gnunet-ecc.c
@@ -65,38 +65,12 @@ struct GNUNET_CRYPTO_EccPrivateKey
 /**
- * Create a new private key. Caller must free return value.
- *
- * @return fresh private key
- */
-static struct GNUNET_CRYPTO_EccPrivateKey *
-ecc_key_create ()
-{
-  struct GNUNET_CRYPTO_EccPrivateKey *ret;
-  gcry_sexp_t s_key;
-  gcry_sexp_t s_keyparam;
-  GNUNET_assert (0 ==
-                 gcry_sexp_build (&s_keyparam, NULL,
-                                  "(genkey(ecc(nbits %d)(ecc-use-e 3:257)))",
-                                  2048));
-  GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
-  gcry_sexp_release (s_keyparam);
-#if EXTRA_CHECKS
-  GNUNET_assert (0 == gcry_pk_testkey (s_key));
-#endif
-  ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccPrivateKey));
-  ret->sexp = s_key;
-  return ret;
-}
-/**
 * Create a flat file with a large number of key pairs for testing.
 */
 static void
 create_keys (const char *fn)
 {
+  static char pad[GNUNET_TESTING_HOSTKEYFILESIZE];
  FILE *f;
  struct GNUNET_CRYPTO_EccPrivateKey *pk;
  struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *enc;
@@ -116,28 +90,34 @@ create_keys (const char *fn)
  {    
    fprintf (stderr,
             ".");
-    if (NULL == (pk = ecc_key_create ()))
+    if (NULL == (pk = GNUNET_CRYPTO_ecc_key_create ()))
    {
       GNUNET_break (0);
       break;
    }
    enc = GNUNET_CRYPTO_ecc_encode_key (pk);
-    if (htons (enc->size) != fwrite (enc, 1, htons (enc->size), f))
+    GNUNET_assert (ntohs (enc->size) <= GNUNET_TESTING_HOSTKEYFILESIZE);
-      {
+    if ( (ntohs (enc->size) != fwrite (enc, 1, ntohs (enc->size), f)) ||
-        fprintf (stderr,
+         (GNUNET_TESTING_HOSTKEYFILESIZE - ntohs (enc->size)
-                 _("\nFailed to write to `%s': %s\n"),
+          != fwrite (pad, 1, GNUNET_TESTING_HOSTKEYFILESIZE - ntohs (enc->size), f)) )
-                 fn,
+    {
-                 STRERROR (errno));
+      fprintf (stderr,
-        GNUNET_CRYPTO_ecc_key_free (pk);
+               _("\nFailed to write to `%s': %s\n"),
-        GNUNET_free (enc);
+               fn,
-        break;
+               STRERROR (errno));
-      }
+      GNUNET_CRYPTO_ecc_key_free (pk);
+      GNUNET_free (enc);
+      break;
+    }
    GNUNET_CRYPTO_ecc_key_free (pk);
    GNUNET_free (enc);
  }
-  if (0 == make_keys)
+  if (UINT_MAX == make_keys)
+    fprintf (stderr,
+             _("\nFinished!\n"));
+  else
    fprintf (stderr,
-             _("Finished!\n"));
+             _("\nError, %u keys not generated\n"), make_keys);
  fclose (f);
 }
diff --git a/src/util/gnunet-rsa.c b/src/util/gnunet-rsa.c
index 917ee50f4..1e7132d3f 100644
--- a/src/util/gnunet-rsa.c
+++ b/src/util/gnunet-rsa.c
@@ -25,7 +25,6 @@
 */
 #include "platform.h"
 #include "gnunet_util_lib.h"
-#include "gnunet_testing_lib.h"
 #include <gcrypt.h>
@@ -49,107 +48,6 @@ static int print_short_identity;
 */
 static int weak_random;
-/**
- * Option set to create a bunch of keys at once.
- */
-static unsigned int make_keys;
-/**
- * The private information of an RSA key pair.
- * NOTE: this must match the definition in crypto_ksk.c and crypto_rsa.c!
- */
-struct GNUNET_CRYPTO_RsaPrivateKey
-{
-  gcry_sexp_t sexp;
-};
-/**
- * Create a new private key. Caller must free return value.
- *
- * @return fresh private key
- */
-static struct GNUNET_CRYPTO_RsaPrivateKey *
-rsa_key_create ()
-{
-  struct GNUNET_CRYPTO_RsaPrivateKey *ret;
-  gcry_sexp_t s_key;
-  gcry_sexp_t s_keyparam;
-  GNUNET_assert (0 ==
-                 gcry_sexp_build (&s_keyparam, NULL,
-                                  "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
-                                  2048));
-  GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
-  gcry_sexp_release (s_keyparam);
-#if EXTRA_CHECKS
-  GNUNET_assert (0 == gcry_pk_testkey (s_key));
-#endif
-  ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
-  ret->sexp = s_key;
-  return ret;
-}
-/**
- * Create a flat file with a large number of key pairs for testing.
- */
-static void
-create_keys (const char *fn)
-{
-  FILE *f;
-  struct GNUNET_CRYPTO_RsaPrivateKey *pk;
-  struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
-  if (NULL == (f = fopen (fn, "w+")))
-    {
-      fprintf (stderr,
-               _("Failed to open `%s': %s\n"),
-               fn,
-               STRERROR (errno));
-      return;
-    }
-  fprintf (stderr,
-           _("Generating %u keys, please wait"),
-           make_keys);
-  while (0 < make_keys--)
-  {    
-    fprintf (stderr,
-             ".");
-    if (NULL == (pk = rsa_key_create ()))
-    {
-       GNUNET_break (0);
-       break;
-    }
-    enc = GNUNET_CRYPTO_rsa_encode_key (pk);
-    if (GNUNET_TESTING_HOSTKEYFILESIZE != htons (enc->len))
-    {
-      /* sometimes we get a different key length because 'd' or 'u' start
-         with leading bits; skip those... */
-      GNUNET_CRYPTO_rsa_key_free (pk);
-      GNUNET_free (enc);
-      make_keys++;
-      continue;
-    }
-    if (htons (enc->len) != fwrite (enc, 1, htons (enc->len), f))
-      {
-        fprintf (stderr,
-                 _("\nFailed to write to `%s': %s\n"),
-                 fn,
-                 STRERROR (errno));
-        GNUNET_CRYPTO_rsa_key_free (pk);
-        GNUNET_free (enc);
-        break;
-      }
-    GNUNET_CRYPTO_rsa_key_free (pk);
-    GNUNET_free (enc);
-  }
-  if (0 == make_keys)
-    fprintf (stderr,
-             _("Finished!\n"));
-  fclose (f);
-}
 /**
 * Main function that will be run by the scheduler.
@@ -174,11 +72,6 @@ run (void *cls, char *const *args, const char *cfgfile,
  }
  if (0 != weak_random)    
    GNUNET_CRYPTO_random_disable_entropy_gathering ();  
-  if (make_keys > 0)
-  {
-    create_keys (args[0]);
-    return;
-  }
  pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
  if (NULL == pk)
    return;
@@ -225,9 +118,6 @@ int
 main (int argc, char *const*argv)
 {
  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
-    { 'g', "generate-keys", "COUNT",
-      gettext_noop ("create COUNT public-private key pairs (for testing)"),
-      1, &GNUNET_GETOPT_set_uint, &make_keys },
    { 'p', "print-public-key", NULL,
      gettext_noop ("print the public key in ASCII format"),
      0, &GNUNET_GETOPT_set_one, &print_public_key },
diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c
index 971e9afbe..88b51188e 100644
--- a/src/util/test_crypto_aes.c
+++ b/src/util/test_crypto_aes.c
@@ -95,17 +95,6 @@ verifyCrypto ()
  ret = 0;
  memcpy (key.key, raw_key, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  key.crc32 =
-      htonl (GNUNET_CRYPTO_crc32_n (&key, GNUNET_CRYPTO_AES_KEY_LENGTH));
-  if (ntohl (key.crc32) != (unsigned int) 38125195LL)
-  {
-    printf ("Static key has different CRC: %u - %u\n", ntohl (key.crc32),
-            key.crc32);
-    ret = 1;
-    goto error;
-  }
  if (GNUNET_CRYPTO_AES_KEY_LENGTH !=
      GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key,
diff --git a/src/util/test_crypto_aes_weak.c b/src/util/test_crypto_aes_weak.c
index 0b7ba5c54..201bfeb5d 100644
--- a/src/util/test_crypto_aes_weak.c
+++ b/src/util/test_crypto_aes_weak.c
@@ -91,9 +91,6 @@ testWeakKey ()
  weak_key.key[30] = (char) (0xaa);
  weak_key.key[31] = (char) (0xaa);
  /* memset(&weak_key, 0, 32); */
-  weak_key.crc32 =
-      htonl (GNUNET_CRYPTO_crc32_n (&weak_key, GNUNET_CRYPTO_AES_KEY_LENGTH));
  size =
      GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING,
                                 strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key,
author	Christian Grothoff <christian@grothoff.org>	2013-02-05 20:49:21 +0000
committer	Christian Grothoff <christian@grothoff.org>	2013-02-05 20:49:21 +0000
commit	ca35f67faee8371fa763bdf49f04a8d5d4cdc021 (patch)
tree	5535df5e5a2428ed838c6a0e60b2c6c68a7842c5 /src/util
parent	dd7cca21c5dbaef4d56f92bab3932f0f73d092d1 (diff)
download	gnunet-ca35f67faee8371fa763bdf49f04a8d5d4cdc021.tar.gz gnunet-ca35f67faee8371fa763bdf49f04a8d5d4cdc021.zip

diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index d5c36d703..11b894f69 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c
@@ -42,29 +42,6 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
42	{	42	{
43	gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,	43	gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,
44	GCRY_STRONG_RANDOM);	44	GCRY_STRONG_RANDOM);
45	key->crc32 =
46	htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH));
47	}
48
49
50	/**
51	* Check that a new session key is well-formed.
52	*
53	* @return GNUNET_OK if the key is valid
54	*/
55	int
56	GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
57	*key)
58	{
59	uint32_t crc;
60
61	crc = GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH);
62	if (ntohl (key->crc32) != crc)
63	{
64	GNUNET_break_op (0);
65	return GNUNET_SYSERR;
66	}
67	return GNUNET_OK;
68	}	45	}
69		46
70		47
@@ -85,12 +62,6 @@ setup_cipher (gcry_cipher_hd_t *handle,
85	{	62	{
86	int rc;	63	int rc;
87		64
88	if (GNUNET_OK !=
89	GNUNET_CRYPTO_aes_check_session_key (sessionkey))
90	{
91	GNUNET_break (0);
92	return GNUNET_SYSERR;
93	}
94	GNUNET_assert (0 ==	65	GNUNET_assert (0 ==
95	gcry_cipher_open (handle, GCRY_CIPHER_AES256,	66	gcry_cipher_open (handle, GCRY_CIPHER_AES256,
96	GCRY_CIPHER_MODE_CFB, 0));	67	GCRY_CIPHER_MODE_CFB, 0));


diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c index 04225b3dc..fca66aed4 100644 --- a/src/util/crypto_hash.c +++ b/src/util/crypto_hash.c
@@ -419,8 +419,6 @@ GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
419	GNUNET_CRYPTO_AES_KEY_LENGTH +	419	GNUNET_CRYPTO_AES_KEY_LENGTH +
420	sizeof (struct GNUNET_CRYPTO_AesInitializationVector));	420	sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
421	memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH);	421	memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH);
422	skey->crc32 =
423	htonl (GNUNET_CRYPTO_crc32_n (skey, GNUNET_CRYPTO_AES_KEY_LENGTH));
424	memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH],	422	memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH],
425	sizeof (struct GNUNET_CRYPTO_AesInitializationVector));	423	sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
426	}	424	}


diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c index b19fc1998..d7f1dd58d 100644 --- a/src/util/gnunet-ecc.c +++ b/src/util/gnunet-ecc.c
@@ -65,38 +65,12 @@ struct GNUNET_CRYPTO_EccPrivateKey
65		65
66		66
67	/**	67	/**
68	* Create a new private key. Caller must free return value.
69	*
70	* @return fresh private key
71	*/
72	static struct GNUNET_CRYPTO_EccPrivateKey *
73	ecc_key_create ()
74	{
75	struct GNUNET_CRYPTO_EccPrivateKey *ret;
76	gcry_sexp_t s_key;
77	gcry_sexp_t s_keyparam;
78
79	GNUNET_assert (0 ==
80	gcry_sexp_build (&s_keyparam, NULL,
81	"(genkey(ecc(nbits %d)(ecc-use-e 3:257)))",
82	2048));
83	GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
84	gcry_sexp_release (s_keyparam);
85	#if EXTRA_CHECKS
86	GNUNET_assert (0 == gcry_pk_testkey (s_key));
87	#endif
88	ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccPrivateKey));
89	ret->sexp = s_key;
90	return ret;
91	}
92
93
94	/**
95	* Create a flat file with a large number of key pairs for testing.	68	* Create a flat file with a large number of key pairs for testing.
96	*/	69	*/
97	static void	70	static void
98	create_keys (const char *fn)	71	create_keys (const char *fn)
99	{	72	{
		73	static char pad[GNUNET_TESTING_HOSTKEYFILESIZE];
100	FILE *f;	74	FILE *f;
101	struct GNUNET_CRYPTO_EccPrivateKey *pk;	75	struct GNUNET_CRYPTO_EccPrivateKey *pk;
102	struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *enc;	76	struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *enc;
@@ -116,28 +90,34 @@ create_keys (const char *fn)
116	{	90	{
117	fprintf (stderr,	91	fprintf (stderr,
118	".");	92	".");
119	if (NULL == (pk = ecc_key_create ()))	93	if (NULL == (pk = GNUNET_CRYPTO_ecc_key_create ()))
120	{	94	{
121	GNUNET_break (0);	95	GNUNET_break (0);
122	break;	96	break;
123	}	97	}
124	enc = GNUNET_CRYPTO_ecc_encode_key (pk);	98	enc = GNUNET_CRYPTO_ecc_encode_key (pk);
125	if (htons (enc->size) != fwrite (enc, 1, htons (enc->size), f))	99	GNUNET_assert (ntohs (enc->size) <= GNUNET_TESTING_HOSTKEYFILESIZE);
126	{	100	if ( (ntohs (enc->size) != fwrite (enc, 1, ntohs (enc->size), f)) \|\|
127	fprintf (stderr,	101	(GNUNET_TESTING_HOSTKEYFILESIZE - ntohs (enc->size)
128	_("\nFailed to write to `%s': %s\n"),	102	!= fwrite (pad, 1, GNUNET_TESTING_HOSTKEYFILESIZE - ntohs (enc->size), f)) )
129	fn,	103	{
130	STRERROR (errno));	104	fprintf (stderr,
131	GNUNET_CRYPTO_ecc_key_free (pk);	105	_("\nFailed to write to `%s': %s\n"),
132	GNUNET_free (enc);	106	fn,
133	break;	107	STRERROR (errno));
134	}	108	GNUNET_CRYPTO_ecc_key_free (pk);
		109	GNUNET_free (enc);
		110	break;
		111	}
135	GNUNET_CRYPTO_ecc_key_free (pk);	112	GNUNET_CRYPTO_ecc_key_free (pk);
136	GNUNET_free (enc);	113	GNUNET_free (enc);
137	}	114	}
138	if (0 == make_keys)	115	if (UINT_MAX == make_keys)
		116	fprintf (stderr,
		117	_("\nFinished!\n"));
		118	else
139	fprintf (stderr,	119	fprintf (stderr,
140	_("Finished!\n"));	120	_("\nError, %u keys not generated\n"), make_keys);
141	fclose (f);	121	fclose (f);
142	}	122	}
143		123


diff --git a/src/util/gnunet-rsa.c b/src/util/gnunet-rsa.c index 917ee50f4..1e7132d3f 100644 --- a/src/util/gnunet-rsa.c +++ b/src/util/gnunet-rsa.c
@@ -25,7 +25,6 @@
25	*/	25	*/
26	#include "platform.h"	26	#include "platform.h"
27	#include "gnunet_util_lib.h"	27	#include "gnunet_util_lib.h"
28	#include "gnunet_testing_lib.h"
29	#include <gcrypt.h>	28	#include <gcrypt.h>
30		29
31		30
@@ -49,107 +48,6 @@ static int print_short_identity;
49	*/	48	*/
50	static int weak_random;	49	static int weak_random;
51		50
52	/**
53	* Option set to create a bunch of keys at once.
54	*/
55	static unsigned int make_keys;
56
57	/**
58	* The private information of an RSA key pair.
59	* NOTE: this must match the definition in crypto_ksk.c and crypto_rsa.c!
60	*/
61	struct GNUNET_CRYPTO_RsaPrivateKey
62	{
63	gcry_sexp_t sexp;
64	};
65
66
67	/**
68	* Create a new private key. Caller must free return value.
69	*
70	* @return fresh private key
71	*/
72	static struct GNUNET_CRYPTO_RsaPrivateKey *
73	rsa_key_create ()
74	{
75	struct GNUNET_CRYPTO_RsaPrivateKey *ret;
76	gcry_sexp_t s_key;
77	gcry_sexp_t s_keyparam;
78
79	GNUNET_assert (0 ==
80	gcry_sexp_build (&s_keyparam, NULL,
81	"(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
82	2048));
83	GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
84	gcry_sexp_release (s_keyparam);
85	#if EXTRA_CHECKS
86	GNUNET_assert (0 == gcry_pk_testkey (s_key));
87	#endif
88	ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
89	ret->sexp = s_key;
90	return ret;
91	}
92
93
94	/**
95	* Create a flat file with a large number of key pairs for testing.
96	*/
97	static void
98	create_keys (const char *fn)
99	{
100	FILE *f;
101	struct GNUNET_CRYPTO_RsaPrivateKey *pk;
102	struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
103
104	if (NULL == (f = fopen (fn, "w+")))
105	{
106	fprintf (stderr,
107	_("Failed to open `%s': %s\n"),
108	fn,
109	STRERROR (errno));
110	return;
111	}
112	fprintf (stderr,
113	_("Generating %u keys, please wait"),
114	make_keys);
115	while (0 < make_keys--)
116	{
117	fprintf (stderr,
118	".");
119	if (NULL == (pk = rsa_key_create ()))
120	{
121	GNUNET_break (0);
122	break;
123	}
124	enc = GNUNET_CRYPTO_rsa_encode_key (pk);
125	if (GNUNET_TESTING_HOSTKEYFILESIZE != htons (enc->len))
126	{
127	/* sometimes we get a different key length because 'd' or 'u' start
128	with leading bits; skip those... */
129	GNUNET_CRYPTO_rsa_key_free (pk);
130	GNUNET_free (enc);
131	make_keys++;
132	continue;
133	}
134	if (htons (enc->len) != fwrite (enc, 1, htons (enc->len), f))
135	{
136	fprintf (stderr,
137	_("\nFailed to write to `%s': %s\n"),
138	fn,
139	STRERROR (errno));
140	GNUNET_CRYPTO_rsa_key_free (pk);
141	GNUNET_free (enc);
142	break;
143	}
144	GNUNET_CRYPTO_rsa_key_free (pk);
145	GNUNET_free (enc);
146	}
147	if (0 == make_keys)
148	fprintf (stderr,
149	_("Finished!\n"));
150	fclose (f);
151	}
152
153		51
154	/**	52	/**
155	* Main function that will be run by the scheduler.	53	* Main function that will be run by the scheduler.
@@ -174,11 +72,6 @@ run (void cls, char const args, const char cfgfile,
174	}	72	}
175	if (0 != weak_random)	73	if (0 != weak_random)
176	GNUNET_CRYPTO_random_disable_entropy_gathering ();	74	GNUNET_CRYPTO_random_disable_entropy_gathering ();
177	if (make_keys > 0)
178	{
179	create_keys (args[0]);
180	return;
181	}
182	pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);	75	pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
183	if (NULL == pk)	76	if (NULL == pk)
184	return;	77	return;
@@ -225,9 +118,6 @@ int
225	main (int argc, char constargv)	118	main (int argc, char constargv)
226	{	119	{
227	static const struct GNUNET_GETOPT_CommandLineOption options[] = {	120	static const struct GNUNET_GETOPT_CommandLineOption options[] = {
228	{ 'g', "generate-keys", "COUNT",
229	gettext_noop ("create COUNT public-private key pairs (for testing)"),
230	1, &GNUNET_GETOPT_set_uint, &make_keys },
231	{ 'p', "print-public-key", NULL,	121	{ 'p', "print-public-key", NULL,
232	gettext_noop ("print the public key in ASCII format"),	122	gettext_noop ("print the public key in ASCII format"),
233	0, &GNUNET_GETOPT_set_one, &print_public_key },	123	0, &GNUNET_GETOPT_set_one, &print_public_key },


diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c index 971e9afbe..88b51188e 100644 --- a/src/util/test_crypto_aes.c +++ b/src/util/test_crypto_aes.c
@@ -95,17 +95,6 @@ verifyCrypto ()
95	ret = 0;	95	ret = 0;
96		96
97	memcpy (key.key, raw_key, GNUNET_CRYPTO_AES_KEY_LENGTH);	97	memcpy (key.key, raw_key, GNUNET_CRYPTO_AES_KEY_LENGTH);
98	key.crc32 =
99	htonl (GNUNET_CRYPTO_crc32_n (&key, GNUNET_CRYPTO_AES_KEY_LENGTH));
100
101	if (ntohl (key.crc32) != (unsigned int) 38125195LL)
102	{
103	printf ("Static key has different CRC: %u - %u\n", ntohl (key.crc32),
104	key.crc32);
105
106	ret = 1;
107	goto error;
108	}
109		98
110	if (GNUNET_CRYPTO_AES_KEY_LENGTH !=	99	if (GNUNET_CRYPTO_AES_KEY_LENGTH !=
111	GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key,	100	GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key,


diff --git a/src/util/test_crypto_aes_weak.c b/src/util/test_crypto_aes_weak.c index 0b7ba5c54..201bfeb5d 100644 --- a/src/util/test_crypto_aes_weak.c +++ b/src/util/test_crypto_aes_weak.c
@@ -91,9 +91,6 @@ testWeakKey ()
91	weak_key.key[30] = (char) (0xaa);	91	weak_key.key[30] = (char) (0xaa);
92	weak_key.key[31] = (char) (0xaa);	92	weak_key.key[31] = (char) (0xaa);
93	/* memset(&weak_key, 0, 32); */	93	/* memset(&weak_key, 0, 32); */
94	weak_key.crc32 =
95	htonl (GNUNET_CRYPTO_crc32_n (&weak_key, GNUNET_CRYPTO_AES_KEY_LENGTH));
96
97	size =	94	size =
98	GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING,	95	GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING,
99	strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key,	96	strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key,