diff options
-rw-r--r-- | src/core/gnunet-service-core_kx.c | 8 | ||||
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 16 | ||||
-rw-r--r-- | src/util/Makefile.am | 13 | ||||
-rw-r--r-- | src/util/crypto_aes.c | 110 | ||||
-rw-r--r-- | src/util/crypto_hash.c | 64 | ||||
-rw-r--r-- | src/util/crypto_hkdf.c | 6 | ||||
-rw-r--r-- | src/util/crypto_kdf.c | 12 | ||||
-rw-r--r-- | src/util/perf_crypto_aes.c | 76 | ||||
-rw-r--r-- | src/util/test_crypto_aes.c | 44 | ||||
-rw-r--r-- | src/util/test_crypto_aes_weak.c | 198 | ||||
-rw-r--r-- | src/util/test_crypto_hash.c | 5 |
11 files changed, 254 insertions, 298 deletions
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index 19c8d7710..bf5e9a5fa 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c | |||
@@ -429,9 +429,11 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, | |||
429 | { | 429 | { |
430 | static const char ctx[] = "authentication key"; | 430 | static const char ctx[] = "authentication key"; |
431 | 431 | ||
432 | GNUNET_CRYPTO_hmac_derive_key (akey, skey, &seed, sizeof (seed), &skey->key, | 432 | GNUNET_CRYPTO_hmac_derive_key (akey, skey, |
433 | sizeof (skey->key), ctx, | 433 | &seed, sizeof (seed), |
434 | sizeof (ctx), NULL); | 434 | skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), |
435 | ctx, sizeof (ctx), | ||
436 | NULL); | ||
435 | } | 437 | } |
436 | 438 | ||
437 | 439 | ||
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 9b065e747..b8e38a2a2 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -212,22 +212,30 @@ struct GNUNET_CRYPTO_EccPrivateKey | |||
212 | struct GNUNET_CRYPTO_AesSessionKey | 212 | struct GNUNET_CRYPTO_AesSessionKey |
213 | { | 213 | { |
214 | /** | 214 | /** |
215 | * Actual key. | 215 | * Actual key for AES. |
216 | */ | 216 | */ |
217 | unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 217 | unsigned char aes_key[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
218 | |||
219 | /** | ||
220 | * Actual key for TwoFish. | ||
221 | */ | ||
222 | unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH]; | ||
218 | 223 | ||
219 | }; | 224 | }; |
225 | |||
220 | GNUNET_NETWORK_STRUCT_END | 226 | GNUNET_NETWORK_STRUCT_END |
221 | 227 | ||
222 | /** | 228 | /** |
223 | * @brief IV for sym cipher | 229 | * @brief IV for sym cipher |
224 | * | 230 | * |
225 | * NOTE: must be smaller (!) in size than the | 231 | * NOTE: must be smaller (!) in size than the |
226 | * struct GNUNET_HashCode. | 232 | * `struct GNUNET_HashCode`. |
227 | */ | 233 | */ |
228 | struct GNUNET_CRYPTO_AesInitializationVector | 234 | struct GNUNET_CRYPTO_AesInitializationVector |
229 | { | 235 | { |
230 | unsigned char iv[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | 236 | unsigned char aes_iv[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; |
237 | |||
238 | unsigned char twofish_iv[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | ||
231 | }; | 239 | }; |
232 | 240 | ||
233 | 241 | ||
diff --git a/src/util/Makefile.am b/src/util/Makefile.am index ca91f94f1..6c1d8d785 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am | |||
@@ -189,6 +189,7 @@ libgnunet_plugin_test_la_LDFLAGS = \ | |||
189 | if HAVE_BENCHMARKS | 189 | if HAVE_BENCHMARKS |
190 | BENCHMARKS = \ | 190 | BENCHMARKS = \ |
191 | perf_crypto_hash \ | 191 | perf_crypto_hash \ |
192 | perf_crypto_aes \ | ||
192 | perf_malloc | 193 | perf_malloc |
193 | endif | 194 | endif |
194 | 195 | ||
@@ -206,7 +207,6 @@ check_PROGRAMS = \ | |||
206 | test_container_heap \ | 207 | test_container_heap \ |
207 | test_container_slist \ | 208 | test_container_slist \ |
208 | test_crypto_aes \ | 209 | test_crypto_aes \ |
209 | test_crypto_aes_weak \ | ||
210 | test_crypto_crc \ | 210 | test_crypto_crc \ |
211 | test_crypto_ecc \ | 211 | test_crypto_ecc \ |
212 | test_crypto_hash \ | 212 | test_crypto_hash \ |
@@ -325,12 +325,6 @@ test_crypto_aes_SOURCES = \ | |||
325 | test_crypto_aes_LDADD = \ | 325 | test_crypto_aes_LDADD = \ |
326 | $(top_builddir)/src/util/libgnunetutil.la | 326 | $(top_builddir)/src/util/libgnunetutil.la |
327 | 327 | ||
328 | test_crypto_aes_weak_SOURCES = \ | ||
329 | test_crypto_aes_weak.c | ||
330 | test_crypto_aes_weak_LDADD = \ | ||
331 | $(top_builddir)/src/util/libgnunetutil.la \ | ||
332 | $(LIBGCRYPT_LIBS) | ||
333 | |||
334 | test_crypto_crc_SOURCES = \ | 328 | test_crypto_crc_SOURCES = \ |
335 | test_crypto_crc.c | 329 | test_crypto_crc.c |
336 | test_crypto_crc_LDADD = \ | 330 | test_crypto_crc_LDADD = \ |
@@ -500,6 +494,11 @@ perf_crypto_hash_SOURCES = \ | |||
500 | perf_crypto_hash_LDADD = \ | 494 | perf_crypto_hash_LDADD = \ |
501 | $(top_builddir)/src/util/libgnunetutil.la | 495 | $(top_builddir)/src/util/libgnunetutil.la |
502 | 496 | ||
497 | perf_crypto_aes_SOURCES = \ | ||
498 | perf_crypto_aes.c | ||
499 | perf_crypto_aes_LDADD = \ | ||
500 | $(top_builddir)/src/util/libgnunetutil.la | ||
501 | |||
503 | perf_malloc_SOURCES = \ | 502 | perf_malloc_SOURCES = \ |
504 | perf_malloc.c | 503 | perf_malloc.c |
505 | perf_malloc_LDADD = \ | 504 | perf_malloc_LDADD = \ |
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index f475494f8..91c578ab8 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
3 | (C) 2001, 2002, 2003, 2004, 2005, 2006 Christian Grothoff (and other contributing authors) | 3 | (C) 2001, 2002, 2003, 2004, 2005, 2006, 2013 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
@@ -20,7 +20,7 @@ | |||
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file util/crypto_aes.c | 22 | * @file util/crypto_aes.c |
23 | * @brief Symmetric encryption services. | 23 | * @brief Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each) |
24 | * @author Christian Grothoff | 24 | * @author Christian Grothoff |
25 | * @author Ioana Patrascu | 25 | * @author Ioana Patrascu |
26 | */ | 26 | */ |
@@ -33,14 +33,18 @@ | |||
33 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) | 33 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) |
34 | 34 | ||
35 | /** | 35 | /** |
36 | * Create a new SessionKey (for AES-256). | 36 | * Create a new SessionKey (for symmetric encryption). |
37 | * | 37 | * |
38 | * @param key session key to initialize | 38 | * @param key session key to initialize |
39 | */ | 39 | */ |
40 | void | 40 | void |
41 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | 41 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) |
42 | { | 42 | { |
43 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, | 43 | gcry_randomize (key->aes_key, |
44 | GNUNET_CRYPTO_AES_KEY_LENGTH, | ||
45 | GCRY_STRONG_RANDOM); | ||
46 | gcry_randomize (key->twofish_key, | ||
47 | GNUNET_CRYPTO_AES_KEY_LENGTH, | ||
44 | GCRY_STRONG_RANDOM); | 48 | GCRY_STRONG_RANDOM); |
45 | } | 49 | } |
46 | 50 | ||
@@ -54,22 +58,52 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | |||
54 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | 58 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error |
55 | */ | 59 | */ |
56 | static int | 60 | static int |
57 | setup_cipher (gcry_cipher_hd_t *handle, | 61 | setup_cipher_aes (gcry_cipher_hd_t *handle, |
58 | const struct GNUNET_CRYPTO_AesSessionKey * | 62 | const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, |
59 | sessionkey, | 63 | const struct GNUNET_CRYPTO_AesInitializationVector *iv) |
60 | const struct GNUNET_CRYPTO_AesInitializationVector * | ||
61 | iv) | ||
62 | { | 64 | { |
63 | int rc; | 65 | int rc; |
64 | 66 | ||
65 | GNUNET_assert (0 == | 67 | GNUNET_assert (0 == |
66 | gcry_cipher_open (handle, GCRY_CIPHER_AES256, | 68 | gcry_cipher_open (handle, GCRY_CIPHER_AES256, |
67 | GCRY_CIPHER_MODE_CFB, 0)); | 69 | GCRY_CIPHER_MODE_CFB, 0)); |
68 | rc = gcry_cipher_setkey (*handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 70 | rc = gcry_cipher_setkey (*handle, |
71 | sessionkey->aes_key, | ||
72 | sizeof (sessionkey->aes_key)); | ||
69 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 73 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
70 | rc = gcry_cipher_setiv (*handle, iv, | 74 | rc = gcry_cipher_setiv (*handle, |
71 | sizeof (struct | 75 | iv->aes_iv, |
72 | GNUNET_CRYPTO_AesInitializationVector)); | 76 | sizeof (iv->aes_iv)); |
77 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | ||
78 | return GNUNET_OK; | ||
79 | } | ||
80 | |||
81 | |||
82 | /** | ||
83 | * Initialize TWOFISH cipher. | ||
84 | * | ||
85 | * @param handle handle to initialize | ||
86 | * @param sessionkey session key to use | ||
87 | * @param iv initialization vector to use | ||
88 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | ||
89 | */ | ||
90 | static int | ||
91 | setup_cipher_twofish (gcry_cipher_hd_t *handle, | ||
92 | const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, | ||
93 | const struct GNUNET_CRYPTO_AesInitializationVector *iv) | ||
94 | { | ||
95 | int rc; | ||
96 | |||
97 | GNUNET_assert (0 == | ||
98 | gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH, | ||
99 | GCRY_CIPHER_MODE_CFB, 0)); | ||
100 | rc = gcry_cipher_setkey (*handle, | ||
101 | sessionkey->twofish_key, | ||
102 | sizeof (sessionkey->twofish_key)); | ||
103 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | ||
104 | rc = gcry_cipher_setiv (*handle, | ||
105 | iv->twofish_iv, | ||
106 | sizeof (iv->twofish_iv)); | ||
73 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 107 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
74 | return GNUNET_OK; | 108 | return GNUNET_OK; |
75 | } | 109 | } |
@@ -80,7 +114,7 @@ setup_cipher (gcry_cipher_hd_t *handle, | |||
80 | * host that uses the same cyper. | 114 | * host that uses the same cyper. |
81 | * | 115 | * |
82 | * @param block the block to encrypt | 116 | * @param block the block to encrypt |
83 | * @param len the size of the block | 117 | * @param len the size of the @a block |
84 | * @param sessionkey the key used to encrypt | 118 | * @param sessionkey the key used to encrypt |
85 | * @param iv the initialization vector to use, use INITVALUE | 119 | * @param iv the initialization vector to use, use INITVALUE |
86 | * for streams. | 120 | * for streams. |
@@ -95,11 +129,17 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | |||
95 | iv, void *result) | 129 | iv, void *result) |
96 | { | 130 | { |
97 | gcry_cipher_hd_t handle; | 131 | gcry_cipher_hd_t handle; |
132 | char tmp[len]; | ||
98 | 133 | ||
99 | if (GNUNET_OK != setup_cipher (&handle, sessionkey, iv)) | 134 | if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) |
135 | return -1; | ||
136 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, len, block, len)); | ||
137 | gcry_cipher_close (handle); | ||
138 | if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) | ||
100 | return -1; | 139 | return -1; |
101 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); | 140 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, tmp, len)); |
102 | gcry_cipher_close (handle); | 141 | gcry_cipher_close (handle); |
142 | memset (tmp, 0, sizeof (tmp)); | ||
103 | return len; | 143 | return len; |
104 | } | 144 | } |
105 | 145 | ||
@@ -108,7 +148,7 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | |||
108 | * Decrypt a given block with the sessionkey. | 148 | * Decrypt a given block with the sessionkey. |
109 | * | 149 | * |
110 | * @param block the data to decrypt, encoded as returned by encrypt | 150 | * @param block the data to decrypt, encoded as returned by encrypt |
111 | * @param size the size of the block to decrypt | 151 | * @param size the size of the @a block to decrypt |
112 | * @param sessionkey the key used to decrypt | 152 | * @param sessionkey the key used to decrypt |
113 | * @param iv the initialization vector to use, use INITVALUE | 153 | * @param iv the initialization vector to use, use INITVALUE |
114 | * for streams. | 154 | * for streams. |
@@ -117,17 +157,22 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | |||
117 | */ | 157 | */ |
118 | ssize_t | 158 | ssize_t |
119 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | 159 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, |
120 | const struct GNUNET_CRYPTO_AesSessionKey * | 160 | const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, |
121 | sessionkey, | 161 | const struct GNUNET_CRYPTO_AesInitializationVector *iv, |
122 | const struct GNUNET_CRYPTO_AesInitializationVector * | 162 | void *result) |
123 | iv, void *result) | ||
124 | { | 163 | { |
125 | gcry_cipher_hd_t handle; | 164 | gcry_cipher_hd_t handle; |
165 | char tmp[size]; | ||
126 | 166 | ||
127 | if (GNUNET_OK != setup_cipher (&handle, sessionkey, iv)) | 167 | if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) |
128 | return -1; | 168 | return -1; |
129 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); | 169 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, block, size)); |
130 | gcry_cipher_close (handle); | 170 | gcry_cipher_close (handle); |
171 | if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) | ||
172 | return -1; | ||
173 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, tmp, size)); | ||
174 | gcry_cipher_close (handle); | ||
175 | memset (tmp, 0, sizeof (tmp)); | ||
131 | return size; | 176 | return size; |
132 | } | 177 | } |
133 | 178 | ||
@@ -138,7 +183,7 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | |||
138 | * @param iv initialization vector | 183 | * @param iv initialization vector |
139 | * @param skey session key | 184 | * @param skey session key |
140 | * @param salt salt for the derivation | 185 | * @param salt salt for the derivation |
141 | * @param salt_len size of the salt | 186 | * @param salt_len size of the @a salt |
142 | * @param ... pairs of void * & size_t for context chunks, terminated by NULL | 187 | * @param ... pairs of void * & size_t for context chunks, terminated by NULL |
143 | */ | 188 | */ |
144 | void | 189 | void |
@@ -168,8 +213,21 @@ GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
168 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 213 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
169 | const void *salt, size_t salt_len, va_list argp) | 214 | const void *salt, size_t salt_len, va_list argp) |
170 | { | 215 | { |
171 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, | 216 | char aes_salt[salt_len + 4]; |
172 | sizeof (skey->key), argp); | 217 | char twofish_salt[salt_len + 4]; |
218 | |||
219 | memcpy (aes_salt, salt, salt_len); | ||
220 | memcpy (&aes_salt[salt_len], "AES!", 4); | ||
221 | memcpy (twofish_salt, salt, salt_len); | ||
222 | memcpy (&twofish_salt[salt_len], "FISH", 4); | ||
223 | GNUNET_CRYPTO_kdf_v (iv->aes_iv, sizeof (iv->aes_iv), | ||
224 | aes_salt, salt_len + 4, | ||
225 | skey->aes_key, sizeof (skey->aes_key), | ||
226 | argp); | ||
227 | GNUNET_CRYPTO_kdf_v (iv->twofish_iv, sizeof (iv->twofish_iv), | ||
228 | twofish_salt, salt_len + 4, | ||
229 | skey->twofish_key, sizeof (skey->twofish_key), | ||
230 | argp); | ||
173 | } | 231 | } |
174 | 232 | ||
175 | /* end of crypto_aes.c */ | 233 | /* end of crypto_aes.c */ |
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c index a5b97148b..47baf660f 100644 --- a/src/util/crypto_hash.c +++ b/src/util/crypto_hash.c | |||
@@ -252,7 +252,7 @@ GNUNET_CRYPTO_hash_file_cancel (struct GNUNET_CRYPTO_FileHashContext *fhc) | |||
252 | * safely cast to char*, a '\\0' termination is set). | 252 | * safely cast to char*, a '\\0' termination is set). |
253 | */ | 253 | */ |
254 | void | 254 | void |
255 | GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode * block, | 255 | GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode *block, |
256 | struct GNUNET_CRYPTO_HashAsciiEncoded *result) | 256 | struct GNUNET_CRYPTO_HashAsciiEncoded *result) |
257 | { | 257 | { |
258 | char *np; | 258 | char *np; |
@@ -270,13 +270,14 @@ GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode * block, | |||
270 | * Convert ASCII encoding back to hash code. | 270 | * Convert ASCII encoding back to hash code. |
271 | * | 271 | * |
272 | * @param enc the encoding | 272 | * @param enc the encoding |
273 | * @param enclen number of characters in 'enc' (without 0-terminator, which can be missing) | 273 | * @param enclen number of characters in @a enc (without 0-terminator, which can be missing) |
274 | * @param result where to store the hash code | 274 | * @param result where to store the hash code |
275 | * @return GNUNET_OK on success, GNUNET_SYSERR if result has the wrong encoding | 275 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
276 | */ | 276 | */ |
277 | int | 277 | int |
278 | GNUNET_CRYPTO_hash_from_string2 (const char *enc, size_t enclen, | 278 | GNUNET_CRYPTO_hash_from_string2 (const char *enc, |
279 | struct GNUNET_HashCode * result) | 279 | size_t enclen, |
280 | struct GNUNET_HashCode *result) | ||
280 | { | 281 | { |
281 | char upper_enc[enclen]; | 282 | char upper_enc[enclen]; |
282 | char* up_ptr = upper_enc; | 283 | char* up_ptr = upper_enc; |
@@ -303,8 +304,8 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, size_t enclen, | |||
303 | * hashcode proximity. | 304 | * hashcode proximity. |
304 | */ | 305 | */ |
305 | unsigned int | 306 | unsigned int |
306 | GNUNET_CRYPTO_hash_distance_u32 (const struct GNUNET_HashCode * a, | 307 | GNUNET_CRYPTO_hash_distance_u32 (const struct GNUNET_HashCode *a, |
307 | const struct GNUNET_HashCode * b) | 308 | const struct GNUNET_HashCode *b) |
308 | { | 309 | { |
309 | unsigned int x1 = (a->bits[1] - b->bits[1]) >> 16; | 310 | unsigned int x1 = (a->bits[1] - b->bits[1]) >> 16; |
310 | unsigned int x2 = (b->bits[1] - a->bits[1]) >> 16; | 311 | unsigned int x2 = (b->bits[1] - a->bits[1]) >> 16; |
@@ -338,9 +339,9 @@ GNUNET_CRYPTO_hash_create_random (enum GNUNET_CRYPTO_Quality mode, | |||
338 | * @param result set to b - a | 339 | * @param result set to b - a |
339 | */ | 340 | */ |
340 | void | 341 | void |
341 | GNUNET_CRYPTO_hash_difference (const struct GNUNET_HashCode * a, | 342 | GNUNET_CRYPTO_hash_difference (const struct GNUNET_HashCode *a, |
342 | const struct GNUNET_HashCode * b, | 343 | const struct GNUNET_HashCode *b, |
343 | struct GNUNET_HashCode * result) | 344 | struct GNUNET_HashCode *result) |
344 | { | 345 | { |
345 | int i; | 346 | int i; |
346 | 347 | ||
@@ -393,16 +394,20 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode * a, const struct GNUNET_Ha | |||
393 | * @param iv set to a valid initialization vector | 394 | * @param iv set to a valid initialization vector |
394 | */ | 395 | */ |
395 | void | 396 | void |
396 | GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc, | 397 | GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode *hc, |
397 | struct GNUNET_CRYPTO_AesSessionKey *skey, | 398 | struct GNUNET_CRYPTO_AesSessionKey *skey, |
398 | struct GNUNET_CRYPTO_AesInitializationVector *iv) | 399 | struct GNUNET_CRYPTO_AesInitializationVector *iv) |
399 | { | 400 | { |
400 | GNUNET_assert (sizeof (struct GNUNET_HashCode) >= | 401 | GNUNET_assert (GNUNET_YES == |
401 | GNUNET_CRYPTO_AES_KEY_LENGTH + | 402 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), |
402 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 403 | "Hash key derivation", strlen ("Hash key derivation"), |
403 | memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH); | 404 | hc, sizeof (struct GNUNET_HashCode), |
404 | memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH], | 405 | NULL, 0)); |
405 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 406 | GNUNET_assert (GNUNET_YES == |
407 | GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_AesInitializationVector), | ||
408 | "Initialization vector derivation", strlen ("Initialization vector derivation"), | ||
409 | hc, sizeof (struct GNUNET_HashCode), | ||
410 | NULL, 0)); | ||
406 | } | 411 | } |
407 | 412 | ||
408 | 413 | ||
@@ -422,7 +427,7 @@ GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode * code, unsigned int bi | |||
422 | 427 | ||
423 | /** | 428 | /** |
424 | * Determine how many low order bits match in two | 429 | * Determine how many low order bits match in two |
425 | * struct GNUNET_HashCodes. i.e. - 010011 and 011111 share | 430 | * `struct GNUNET_HashCode`s. i.e. - 010011 and 011111 share |
426 | * the first two lowest order bits, and therefore the | 431 | * the first two lowest order bits, and therefore the |
427 | * return value is two (NOT XOR distance, nor how many | 432 | * return value is two (NOT XOR distance, nor how many |
428 | * bits match absolutely!). | 433 | * bits match absolutely!). |
@@ -455,7 +460,8 @@ GNUNET_CRYPTO_hash_matching_bits (const struct GNUNET_HashCode * first, | |||
455 | * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2. | 460 | * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2. |
456 | */ | 461 | */ |
457 | int | 462 | int |
458 | GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_HashCode * h2) | 463 | GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode *h1, |
464 | const struct GNUNET_HashCode *h2) | ||
459 | { | 465 | { |
460 | unsigned int *i1; | 466 | unsigned int *i1; |
461 | unsigned int *i2; | 467 | unsigned int *i2; |
@@ -475,7 +481,7 @@ GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_H | |||
475 | 481 | ||
476 | 482 | ||
477 | /** | 483 | /** |
478 | * Find out which of the two GNUNET_CRYPTO_hash codes is closer to target | 484 | * Find out which of the two `struct GNUNET_HashCode`s is closer to target |
479 | * in the XOR metric (Kademlia). | 485 | * in the XOR metric (Kademlia). |
480 | * | 486 | * |
481 | * @param h1 some hash code | 487 | * @param h1 some hash code |
@@ -484,9 +490,9 @@ GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_H | |||
484 | * @return -1 if h1 is closer, 1 if h2 is closer and 0 if h1==h2. | 490 | * @return -1 if h1 is closer, 1 if h2 is closer and 0 if h1==h2. |
485 | */ | 491 | */ |
486 | int | 492 | int |
487 | GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, | 493 | GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode *h1, |
488 | const struct GNUNET_HashCode * h2, | 494 | const struct GNUNET_HashCode *h2, |
489 | const struct GNUNET_HashCode * target) | 495 | const struct GNUNET_HashCode *target) |
490 | { | 496 | { |
491 | int i; | 497 | int i; |
492 | unsigned int d1; | 498 | unsigned int d1; |
@@ -510,7 +516,7 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, | |||
510 | * @param key authentication key | 516 | * @param key authentication key |
511 | * @param rkey root key | 517 | * @param rkey root key |
512 | * @param salt salt | 518 | * @param salt salt |
513 | * @param salt_len size of the salt | 519 | * @param salt_len size of the @a salt |
514 | * @param ... pair of void * & size_t for context chunks, terminated by NULL | 520 | * @param ... pair of void * & size_t for context chunks, terminated by NULL |
515 | */ | 521 | */ |
516 | void | 522 | void |
@@ -531,7 +537,7 @@ GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, | |||
531 | * @param key authentication key | 537 | * @param key authentication key |
532 | * @param rkey root key | 538 | * @param rkey root key |
533 | * @param salt salt | 539 | * @param salt salt |
534 | * @param salt_len size of the salt | 540 | * @param salt_len size of the @a salt |
535 | * @param argp pair of void * & size_t for context chunks, terminated by NULL | 541 | * @param argp pair of void * & size_t for context chunks, terminated by NULL |
536 | */ | 542 | */ |
537 | void | 543 | void |
@@ -540,8 +546,10 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, | |||
540 | const void *salt, size_t salt_len, | 546 | const void *salt, size_t salt_len, |
541 | va_list argp) | 547 | va_list argp) |
542 | { | 548 | { |
543 | GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), salt, salt_len, rkey->key, | 549 | GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), |
544 | sizeof (rkey->key), argp); | 550 | salt, salt_len, |
551 | rkey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), | ||
552 | argp); | ||
545 | } | 553 | } |
546 | 554 | ||
547 | 555 | ||
@@ -550,7 +558,7 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, | |||
550 | * | 558 | * |
551 | * @param key secret key | 559 | * @param key secret key |
552 | * @param plaintext input plaintext | 560 | * @param plaintext input plaintext |
553 | * @param plaintext_len length of plaintext | 561 | * @param plaintext_len length of @a plaintext |
554 | * @param hmac where to store the hmac | 562 | * @param hmac where to store the hmac |
555 | */ | 563 | */ |
556 | void | 564 | void |
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c index c2b96778a..2b9387357 100644 --- a/src/util/crypto_hkdf.c +++ b/src/util/crypto_hkdf.c | |||
@@ -275,10 +275,10 @@ hkdf_ok: | |||
275 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | 275 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... |
276 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | 276 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... |
277 | * @param xts salt | 277 | * @param xts salt |
278 | * @param xts_len length of xts | 278 | * @param xts_len length of @a xts |
279 | * @param skm source key material | 279 | * @param skm source key material |
280 | * @param skm_len length of skm | 280 | * @param skm_len length of @a skm |
281 | * @return GNUNET_YES on success | 281 | * @return #GNUNET_YES on success |
282 | */ | 282 | */ |
283 | int | 283 | int |
284 | GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, | 284 | GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, |
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c index 0c957b70c..9424c2350 100644 --- a/src/util/crypto_kdf.c +++ b/src/util/crypto_kdf.c | |||
@@ -36,11 +36,11 @@ | |||
36 | * @param result buffer for the derived key, allocated by caller | 36 | * @param result buffer for the derived key, allocated by caller |
37 | * @param out_len desired length of the derived key | 37 | * @param out_len desired length of the derived key |
38 | * @param xts salt | 38 | * @param xts salt |
39 | * @param xts_len length of xts | 39 | * @param xts_len length of @a xts |
40 | * @param skm source key material | 40 | * @param skm source key material |
41 | * @param skm_len length of skm | 41 | * @param skm_len length of @a skm |
42 | * @param argp va_list of void * & size_t pairs for context chunks | 42 | * @param argp va_list of void * & size_t pairs for context chunks |
43 | * @return GNUNET_YES on success | 43 | * @return #GNUNET_YES on success |
44 | */ | 44 | */ |
45 | int | 45 | int |
46 | GNUNET_CRYPTO_kdf_v (void *result, size_t out_len, const void *xts, | 46 | GNUNET_CRYPTO_kdf_v (void *result, size_t out_len, const void *xts, |
@@ -68,11 +68,11 @@ GNUNET_CRYPTO_kdf_v (void *result, size_t out_len, const void *xts, | |||
68 | * @param result buffer for the derived key, allocated by caller | 68 | * @param result buffer for the derived key, allocated by caller |
69 | * @param out_len desired length of the derived key | 69 | * @param out_len desired length of the derived key |
70 | * @param xts salt | 70 | * @param xts salt |
71 | * @param xts_len length of xts | 71 | * @param xts_len length of @a xts |
72 | * @param skm source key material | 72 | * @param skm source key material |
73 | * @param skm_len length of skm | 73 | * @param skm_len length of @a skm |
74 | * @param ... void * & size_t pairs for context chunks | 74 | * @param ... void * & size_t pairs for context chunks |
75 | * @return GNUNET_YES on success | 75 | * @return #GNUNET_YES on success |
76 | */ | 76 | */ |
77 | int | 77 | int |
78 | GNUNET_CRYPTO_kdf (void *result, size_t out_len, const void *xts, | 78 | GNUNET_CRYPTO_kdf (void *result, size_t out_len, const void *xts, |
diff --git a/src/util/perf_crypto_aes.c b/src/util/perf_crypto_aes.c new file mode 100644 index 000000000..f02335afe --- /dev/null +++ b/src/util/perf_crypto_aes.c | |||
@@ -0,0 +1,76 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | (C) 2002, 2003, 2004, 2006 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @author Christian Grothoff | ||
23 | * @file util/perf_crypto_aes.c | ||
24 | * @brief measure performance of encryption function | ||
25 | */ | ||
26 | #include "platform.h" | ||
27 | #include "gnunet_common.h" | ||
28 | #include "gnunet_util_lib.h" | ||
29 | #include <gauger.h> | ||
30 | |||
31 | |||
32 | static void | ||
33 | perfEncrypt () | ||
34 | { | ||
35 | unsigned int i; | ||
36 | char buf[64 * 1024]; | ||
37 | char rbuf[64 * 1024]; | ||
38 | struct GNUNET_CRYPTO_AesSessionKey sk; | ||
39 | struct GNUNET_CRYPTO_AesInitializationVector iv; | ||
40 | |||
41 | GNUNET_CRYPTO_aes_create_session_key (&sk); | ||
42 | |||
43 | memset (buf, 1, sizeof (buf)); | ||
44 | for (i = 0; i < 1024; i++) | ||
45 | { | ||
46 | memset (&iv, (int8_t) i, sizeof (iv)); | ||
47 | GNUNET_CRYPTO_aes_encrypt (buf, sizeof (buf), | ||
48 | &sk, &iv, | ||
49 | rbuf); | ||
50 | GNUNET_CRYPTO_aes_decrypt (rbuf, sizeof (buf), | ||
51 | &sk, &iv, | ||
52 | buf); | ||
53 | } | ||
54 | memset (rbuf, 1, sizeof (rbuf)); | ||
55 | GNUNET_assert (0 == memcmp (rbuf, buf, sizeof (buf))); | ||
56 | } | ||
57 | |||
58 | |||
59 | int | ||
60 | main (int argc, char *argv[]) | ||
61 | { | ||
62 | struct GNUNET_TIME_Absolute start; | ||
63 | |||
64 | start = GNUNET_TIME_absolute_get (); | ||
65 | perfEncrypt (); | ||
66 | printf ("Encrypt perf took %s\n", | ||
67 | GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start), | ||
68 | GNUNET_YES)); | ||
69 | GAUGER ("UTIL", "Symmetric encryption", | ||
70 | 64 * 1024 / (1 + | ||
71 | GNUNET_TIME_absolute_get_duration | ||
72 | (start).rel_value_us / 1000LL), "kb/ms"); | ||
73 | return 0; | ||
74 | } | ||
75 | |||
76 | /* end of perf_crypto_aes.c */ | ||
diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c index 1c5897c1e..a5d49063a 100644 --- a/src/util/test_crypto_aes.c +++ b/src/util/test_crypto_aes.c | |||
@@ -28,7 +28,7 @@ | |||
28 | #include "gnunet_crypto_lib.h" | 28 | #include "gnunet_crypto_lib.h" |
29 | 29 | ||
30 | #define TESTSTRING "Hello World!" | 30 | #define TESTSTRING "Hello World!" |
31 | #define INITVALUE "InitializationVectorValue" | 31 | #define INITVALUE "InitializationVectorValueinitializationvectorvalue" |
32 | 32 | ||
33 | static int | 33 | static int |
34 | testSymcipher () | 34 | testSymcipher () |
@@ -68,7 +68,8 @@ testSymcipher () | |||
68 | return 0; | 68 | return 0; |
69 | } | 69 | } |
70 | 70 | ||
71 | int | 71 | |
72 | static int | ||
72 | verifyCrypto () | 73 | verifyCrypto () |
73 | { | 74 | { |
74 | struct GNUNET_CRYPTO_AesSessionKey key; | 75 | struct GNUNET_CRYPTO_AesSessionKey key; |
@@ -77,25 +78,34 @@ verifyCrypto () | |||
77 | int ret; | 78 | int ret; |
78 | 79 | ||
79 | unsigned char plain[] = | 80 | unsigned char plain[] = |
80 | { 29, 128, 192, 253, 74, 171, 38, 187, 84, 219, 76, 76, 209, 118, 33, 249, | 81 | { |
82 | 29, 128, 192, 253, 74, 171, 38, 187, 84, 219, 76, 76, 209, 118, 33, 249, | ||
81 | 172, 124, 96, 9, 157, 110, 8, 215, 200, 63, 69, 230, 157, 104, 247, 164 | 83 | 172, 124, 96, 9, 157, 110, 8, 215, 200, 63, 69, 230, 157, 104, 247, 164 |
82 | }; | 84 | }; |
83 | unsigned char raw_key[] = | 85 | unsigned char raw_key_aes[] = |
84 | { 106, 74, 209, 88, 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, | 86 | { |
87 | 106, 74, 209, 88, 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, | ||
85 | 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, | 88 | 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, |
86 | 34, 191 | 89 | 34, 191 |
87 | }; | 90 | }; |
91 | unsigned char raw_key_twofish[] = | ||
92 | { | ||
93 | 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, | ||
94 | 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, | ||
95 | 34, 191, 106, 74, 209, 88 | ||
96 | }; | ||
88 | unsigned char encrresult[] = | 97 | unsigned char encrresult[] = |
89 | { 167, 102, 230, 233, 127, 195, 176, 107, 17, 91, 199, 127, 96, 113, 75, | 98 | { |
90 | 195, 245, 217, 61, 236, 159, 165, 103, 121, 203, 99, 202, 41, 23, 222, 25, | 99 | 161, 152, 186, 231, 214, 55, 225, 206, 85, 43, 80, 134, 145, 198, 20, |
91 | 102 | 100 | 233, 236, 57, 194, 10, 147, 149, 30, 106, 179, 54, 182, 247, 71, 204, |
101 | 179, 51, 1 | ||
92 | }; | 102 | }; |
93 | 103 | ||
94 | res = NULL; | 104 | res = NULL; |
95 | ret = 0; | 105 | ret = 0; |
96 | 106 | ||
97 | memcpy (key.key, raw_key, GNUNET_CRYPTO_AES_KEY_LENGTH); | 107 | memcpy (key.aes_key, raw_key_aes, GNUNET_CRYPTO_AES_KEY_LENGTH); |
98 | 108 | memcpy (key.twofish_key, raw_key_twofish, GNUNET_CRYPTO_AES_KEY_LENGTH); | |
99 | if (GNUNET_CRYPTO_AES_KEY_LENGTH != | 109 | if (GNUNET_CRYPTO_AES_KEY_LENGTH != |
100 | GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, | 110 | GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, |
101 | (const struct | 111 | (const struct |
@@ -107,15 +117,17 @@ verifyCrypto () | |||
107 | goto error; | 117 | goto error; |
108 | } | 118 | } |
109 | 119 | ||
110 | if (memcmp (encrresult, result, GNUNET_CRYPTO_AES_KEY_LENGTH) != 0) | 120 | if (0 != memcmp (encrresult, result, GNUNET_CRYPTO_AES_KEY_LENGTH)) |
111 | { | 121 | { |
122 | int i; | ||
112 | printf ("Encrypted result wrong.\n"); | 123 | printf ("Encrypted result wrong.\n"); |
124 | for (i=0;i<GNUNET_CRYPTO_AES_KEY_LENGTH;i++) | ||
125 | printf ("%u, ", (uint8_t) result[i]); | ||
113 | ret = 1; | 126 | ret = 1; |
114 | goto error; | 127 | goto error; |
115 | } | 128 | } |
116 | 129 | ||
117 | res = GNUNET_malloc (GNUNET_CRYPTO_AES_KEY_LENGTH); | 130 | res = GNUNET_malloc (GNUNET_CRYPTO_AES_KEY_LENGTH); |
118 | |||
119 | if (GNUNET_CRYPTO_AES_KEY_LENGTH != | 131 | if (GNUNET_CRYPTO_AES_KEY_LENGTH != |
120 | GNUNET_CRYPTO_aes_decrypt (result, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, | 132 | GNUNET_CRYPTO_aes_decrypt (result, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, |
121 | (const struct | 133 | (const struct |
@@ -126,21 +138,17 @@ verifyCrypto () | |||
126 | ret = 1; | 138 | ret = 1; |
127 | goto error; | 139 | goto error; |
128 | } | 140 | } |
129 | 141 | if (0 != memcmp (res, plain, GNUNET_CRYPTO_AES_KEY_LENGTH)) | |
130 | if (memcmp (res, plain, GNUNET_CRYPTO_AES_KEY_LENGTH) != 0) | ||
131 | { | 142 | { |
132 | printf ("Decrypted result does not match input.\n"); | 143 | printf ("Decrypted result does not match input.\n"); |
133 | |||
134 | ret = 1; | 144 | ret = 1; |
135 | } | 145 | } |
136 | |||
137 | error: | 146 | error: |
138 | |||
139 | GNUNET_free_non_null (res); | 147 | GNUNET_free_non_null (res); |
140 | |||
141 | return ret; | 148 | return ret; |
142 | } | 149 | } |
143 | 150 | ||
151 | |||
144 | int | 152 | int |
145 | main (int argc, char *argv[]) | 153 | main (int argc, char *argv[]) |
146 | { | 154 | { |
diff --git a/src/util/test_crypto_aes_weak.c b/src/util/test_crypto_aes_weak.c deleted file mode 100644 index f2ddf2012..000000000 --- a/src/util/test_crypto_aes_weak.c +++ /dev/null | |||
@@ -1,198 +0,0 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | (C) 2003, 2004, 2005, 2006 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | |||
20 | */ | ||
21 | |||
22 | /** | ||
23 | * @author Krista Bennett | ||
24 | * @author Christian Grothoff | ||
25 | * @file util/test_crypto_aes_weak.c | ||
26 | * @brief AES weak key test. | ||
27 | */ | ||
28 | #include "platform.h" | ||
29 | #include "gnunet_common.h" | ||
30 | #include "gnunet_crypto_lib.h" | ||
31 | #include <gcrypt.h> | ||
32 | |||
33 | #define MAX_WEAK_KEY_TRIALS 100000 | ||
34 | #define GENERATE_WEAK_KEYS GNUNET_NO | ||
35 | #define WEAK_KEY_TESTSTRING "I hate weak keys." | ||
36 | |||
37 | static void | ||
38 | printWeakKey (struct GNUNET_CRYPTO_AesSessionKey *key) | ||
39 | { | ||
40 | int i; | ||
41 | |||
42 | for (i = 0; i < GNUNET_CRYPTO_AES_KEY_LENGTH; i++) | ||
43 | { | ||
44 | printf ("%x ", (int) (key->key[i])); | ||
45 | } | ||
46 | } | ||
47 | |||
48 | static int | ||
49 | testWeakKey () | ||
50 | { | ||
51 | char result[100]; | ||
52 | char res[100]; | ||
53 | int size; | ||
54 | struct GNUNET_CRYPTO_AesSessionKey weak_key; | ||
55 | struct GNUNET_CRYPTO_AesInitializationVector INITVALUE; | ||
56 | |||
57 | memset (&INITVALUE, 42, | ||
58 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | ||
59 | /* sorry, this is not a weak key -- I don't have | ||
60 | * any at the moment! */ | ||
61 | weak_key.key[0] = (char) (0x4c); | ||
62 | weak_key.key[1] = (char) (0x31); | ||
63 | weak_key.key[2] = (char) (0xc6); | ||
64 | weak_key.key[3] = (char) (0x2b); | ||
65 | weak_key.key[4] = (char) (0xc1); | ||
66 | weak_key.key[5] = (char) (0x5f); | ||
67 | weak_key.key[6] = (char) (0x4d); | ||
68 | weak_key.key[7] = (char) (0x1f); | ||
69 | weak_key.key[8] = (char) (0x31); | ||
70 | weak_key.key[9] = (char) (0xaa); | ||
71 | weak_key.key[10] = (char) (0x12); | ||
72 | weak_key.key[11] = (char) (0x2e); | ||
73 | weak_key.key[12] = (char) (0xb7); | ||
74 | weak_key.key[13] = (char) (0x82); | ||
75 | weak_key.key[14] = (char) (0xc0); | ||
76 | weak_key.key[15] = (char) (0xb6); | ||
77 | weak_key.key[16] = (char) (0x4d); | ||
78 | weak_key.key[17] = (char) (0x1f); | ||
79 | weak_key.key[18] = (char) (0x31); | ||
80 | weak_key.key[19] = (char) (0xaa); | ||
81 | weak_key.key[20] = (char) (0x4c); | ||
82 | weak_key.key[21] = (char) (0x31); | ||
83 | weak_key.key[22] = (char) (0xc6); | ||
84 | weak_key.key[23] = (char) (0x2b); | ||
85 | weak_key.key[24] = (char) (0xc1); | ||
86 | weak_key.key[25] = (char) (0x5f); | ||
87 | weak_key.key[26] = (char) (0x4d); | ||
88 | weak_key.key[27] = (char) (0x1f); | ||
89 | weak_key.key[28] = (char) (0x31); | ||
90 | weak_key.key[29] = (char) (0xaa); | ||
91 | weak_key.key[30] = (char) (0xaa); | ||
92 | weak_key.key[31] = (char) (0xaa); | ||
93 | /* memset(&weak_key, 0, 32); */ | ||
94 | size = | ||
95 | GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING, | ||
96 | strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key, | ||
97 | &INITVALUE, result); | ||
98 | |||
99 | if (size == -1) | ||
100 | { | ||
101 | GNUNET_break (0); | ||
102 | return 1; | ||
103 | } | ||
104 | |||
105 | size = GNUNET_CRYPTO_aes_decrypt (result, size, &weak_key, &INITVALUE, res); | ||
106 | |||
107 | if ((strlen (WEAK_KEY_TESTSTRING) + 1) != size) | ||
108 | { | ||
109 | GNUNET_break (0); | ||
110 | return 1; | ||
111 | } | ||
112 | if (0 != strcmp (res, WEAK_KEY_TESTSTRING)) | ||
113 | { | ||
114 | GNUNET_break (0); | ||
115 | return 1; | ||
116 | } | ||
117 | else | ||
118 | return 0; | ||
119 | } | ||
120 | |||
121 | static int | ||
122 | getWeakKeys () | ||
123 | { | ||
124 | struct GNUNET_CRYPTO_AesSessionKey sessionkey; | ||
125 | int number_of_weak_keys = 0; | ||
126 | int number_of_runs; | ||
127 | |||
128 | gcry_cipher_hd_t handle; | ||
129 | int rc; | ||
130 | |||
131 | for (number_of_runs = 0; number_of_runs < MAX_WEAK_KEY_TRIALS; | ||
132 | number_of_runs++) | ||
133 | { | ||
134 | |||
135 | if (number_of_runs % 1000 == 0) | ||
136 | FPRINTF (stderr, "%s", "."); | ||
137 | /*printf("Got to run number %d.\n", number_of_runs); */ | ||
138 | GNUNET_CRYPTO_aes_create_session_key (&sessionkey); | ||
139 | |||
140 | rc = gcry_cipher_open (&handle, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CFB, | ||
141 | 0); | ||
142 | |||
143 | if (rc) | ||
144 | { | ||
145 | printf ("testweakkey: gcry_cipher_open failed on trial %d. %s\n", | ||
146 | number_of_runs, gcry_strerror (rc)); | ||
147 | continue; | ||
148 | } | ||
149 | |||
150 | rc = gcry_cipher_setkey (handle, &sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | ||
151 | |||
152 | if ((char) rc == GPG_ERR_WEAK_KEY) | ||
153 | { | ||
154 | printf ("\nWeak key (in hex): "); | ||
155 | printWeakKey (&sessionkey); | ||
156 | printf ("\n"); | ||
157 | number_of_weak_keys++; | ||
158 | } | ||
159 | else if (rc) | ||
160 | { | ||
161 | printf ("\nUnexpected error generating keys. Error is %s\n", | ||
162 | gcry_strerror (rc)); | ||
163 | } | ||
164 | |||
165 | gcry_cipher_close (handle); | ||
166 | |||
167 | } | ||
168 | |||
169 | return number_of_weak_keys; | ||
170 | } | ||
171 | |||
172 | int | ||
173 | main (int argc, char *argv[]) | ||
174 | { | ||
175 | int weak_keys; | ||
176 | |||
177 | GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL); | ||
178 | if (GENERATE_WEAK_KEYS) | ||
179 | { | ||
180 | weak_keys = getWeakKeys (); | ||
181 | |||
182 | if (weak_keys == 0) | ||
183 | { | ||
184 | printf ("\nNo weak keys found in %d runs.\n", MAX_WEAK_KEY_TRIALS); | ||
185 | } | ||
186 | else | ||
187 | { | ||
188 | printf ("\n%d weak keys found in %d runs.\n", weak_keys, | ||
189 | MAX_WEAK_KEY_TRIALS); | ||
190 | } | ||
191 | } | ||
192 | |||
193 | if (testWeakKey () != 0) | ||
194 | return -1; | ||
195 | return 0; | ||
196 | } | ||
197 | |||
198 | /* end of weakkeytest.c */ | ||
diff --git a/src/util/test_crypto_hash.c b/src/util/test_crypto_hash.c index a8ef39a38..2a5d6d773 100644 --- a/src/util/test_crypto_hash.c +++ b/src/util/test_crypto_hash.c | |||
@@ -65,8 +65,6 @@ testEncoding () | |||
65 | static int | 65 | static int |
66 | testArithmetic () | 66 | testArithmetic () |
67 | { | 67 | { |
68 | static struct GNUNET_CRYPTO_AesSessionKey zskey; | ||
69 | static struct GNUNET_CRYPTO_AesInitializationVector ziv; | ||
70 | struct GNUNET_HashCode h1; | 68 | struct GNUNET_HashCode h1; |
71 | struct GNUNET_HashCode h2; | 69 | struct GNUNET_HashCode h2; |
72 | struct GNUNET_HashCode d; | 70 | struct GNUNET_HashCode d; |
@@ -100,9 +98,6 @@ testArithmetic () | |||
100 | return 1; | 98 | return 1; |
101 | memset (&d, 0, sizeof (d)); | 99 | memset (&d, 0, sizeof (d)); |
102 | GNUNET_CRYPTO_hash_to_aes_key (&d, &skey, &iv); | 100 | GNUNET_CRYPTO_hash_to_aes_key (&d, &skey, &iv); |
103 | if ((0 != memcmp (&skey, &zskey, sizeof (skey) - sizeof (unsigned int))) || | ||
104 | (0 != memcmp (&iv, &ziv, sizeof (iv)))) | ||
105 | return 1; | ||
106 | return 0; | 101 | return 0; |
107 | } | 102 | } |
108 | 103 | ||