aboutsummaryrefslogtreecommitdiff
path: root/src/util/gnunet-crypto-tvg.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/gnunet-crypto-tvg.c')
-rw-r--r--src/util/gnunet-crypto-tvg.c1092
1 files changed, 0 insertions, 1092 deletions
diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c
deleted file mode 100644
index 28e44e28b..000000000
--- a/src/util/gnunet-crypto-tvg.c
+++ /dev/null
@@ -1,1092 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2020 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
21/**
22 * @file util/gnunet-crypto-tgv.c
23 * @brief Generate test vectors for cryptographic operations.
24 * @author Florian Dold
25 *
26 * Note that this program shouldn't depend on code in src/json/,
27 * so we're using raw jansson and no GNUnet JSON helpers.
28 *
29 * Test vectors have the following format (TypeScript pseudo code):
30 *
31 * interface TestVectorFile {
32 * encoding: "base32crockford";
33 * producer?: string;
34 * vectors: TestVector[];
35 * }
36 *
37 * enum Operation {
38 * Hash("hash"),
39 * ...
40 * }
41 *
42 * interface TestVector {
43 * operation: Operation;
44 * // Inputs for the operation
45 * [ k: string]: string | number;
46 * };
47 *
48 *
49 */
50#include "platform.h"
51#include "gnunet_util_lib.h"
52#include "gnunet_signatures.h"
53#include "gnunet_testing_lib.h"
54#include <jansson.h>
55#include <gcrypt.h>
56
57GNUNET_NETWORK_STRUCT_BEGIN
58
59/**
60 * Sample signature struct.
61 *
62 * Purpose is #GNUNET_SIGNATURE_PURPOSE_TEST
63 */
64struct TestSignatureDataPS
65{
66 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
67 uint32_t testval;
68};
69
70GNUNET_NETWORK_STRUCT_END
71
72
73/**
74 * Should we verify or output test vectors?
75 */
76static int verify_flag = GNUNET_NO;
77
78
79/**
80 * Global exit code.
81 */
82static int global_ret = 0;
83
84
85/**
86 * Create a fresh test vector for a given operation label.
87 *
88 * @param vecs array of vectors to append the new vector to
89 * @param vecname label for the operation of the vector
90 * @returns the fresh test vector
91 */
92static json_t *
93vec_for (json_t *vecs, const char *vecname)
94{
95 json_t *t = json_object ();
96
97 json_object_set_new (t,
98 "operation",
99 json_string (vecname));
100 json_array_append_new (vecs, t);
101 return t;
102}
103
104
105/**
106 * Add a base32crockford encoded value
107 * to a test vector.
108 *
109 * @param vec test vector to add to
110 * @param label label for the value
111 * @param data data to add
112 * @param size size of data
113 */
114static void
115d2j (json_t *vec,
116 const char *label,
117 const void *data,
118 size_t size)
119{
120 char *buf;
121 json_t *json;
122
123 buf = GNUNET_STRINGS_data_to_string_alloc (data, size);
124 json = json_string (buf);
125 GNUNET_free (buf);
126 GNUNET_break (NULL != json);
127
128 json_object_set_new (vec, label, json);
129}
130
131
132/**
133 * Add a number to a test vector.
134 *
135 * @param vec test vector to add to
136 * @param label label for the value
137 * @param data data to add
138 * @param size size of data
139 */
140static void
141uint2j (json_t *vec,
142 const char *label,
143 unsigned int num)
144{
145 json_t *json = json_integer (num);
146
147 json_object_set_new (vec, label, json);
148}
149
150
151static int
152expect_data_fixed (json_t *vec,
153 const char *name,
154 void *data,
155 size_t expect_len)
156{
157 const char *s = json_string_value (json_object_get (vec, name));
158
159 if (NULL == s)
160 return GNUNET_NO;
161
162 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (s,
163 strlen (s),
164 data,
165 expect_len))
166 return GNUNET_NO;
167 return GNUNET_OK;
168}
169
170
171static int
172expect_data_dynamic (json_t *vec,
173 const char *name,
174 void **data,
175 size_t *ret_len)
176{
177 const char *s = json_string_value (json_object_get (vec, name));
178 char *tmp;
179 size_t len;
180
181 if (NULL == s)
182 return GNUNET_NO;
183
184 len = (strlen (s) * 5) / 8;
185 if (NULL != ret_len)
186 *ret_len = len;
187 tmp = GNUNET_malloc (len);
188
189 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (s, strlen (s), tmp, len))
190 {
191 GNUNET_free (tmp);
192 return GNUNET_NO;
193 }
194 *data = tmp;
195 return GNUNET_OK;
196}
197
198
199/**
200 * Check a single vector.
201 *
202 * @param operation operator of the vector
203 * @param vec the vector, a JSON object.
204 *
205 * @returns GNUNET_OK if the vector is okay
206 */
207static int
208checkvec (const char *operation,
209 json_t *vec)
210{
211 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
212 "checking %s\n", operation);
213
214 if (0 == strcmp (operation, "hash"))
215 {
216 void *data;
217 size_t data_len;
218 struct GNUNET_HashCode hash_out;
219 struct GNUNET_HashCode hc;
220
221 if (GNUNET_OK != expect_data_dynamic (vec,
222 "input",
223 &data,
224 &data_len))
225 {
226 GNUNET_break (0);
227 return GNUNET_SYSERR;
228 }
229 if (GNUNET_OK != expect_data_fixed (vec,
230 "output",
231 &hash_out,
232 sizeof (hash_out)))
233 {
234 GNUNET_free (data);
235 GNUNET_break (0);
236 return GNUNET_NO;
237 }
238
239 GNUNET_CRYPTO_hash (data, data_len, &hc);
240
241 if (0 != GNUNET_memcmp (&hc, &hash_out))
242 {
243 GNUNET_free (data);
244 GNUNET_break (0);
245 return GNUNET_NO;
246 }
247 GNUNET_free (data);
248 }
249 else if (0 == strcmp (operation, "ecc_ecdh"))
250 {
251 struct GNUNET_CRYPTO_EcdhePrivateKey priv1;
252 struct GNUNET_CRYPTO_EcdhePublicKey pub1;
253 struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
254 struct GNUNET_HashCode skm;
255 struct GNUNET_HashCode skm_comp;
256
257 if (GNUNET_OK != expect_data_fixed (vec,
258 "priv1",
259 &priv1,
260 sizeof (priv1)))
261 {
262 GNUNET_break (0);
263 return GNUNET_NO;
264 }
265 if (GNUNET_OK != expect_data_fixed (vec,
266 "priv2",
267 &priv2,
268 sizeof (priv2)))
269 {
270 GNUNET_break (0);
271 return GNUNET_NO;
272 }
273 if (GNUNET_OK != expect_data_fixed (vec,
274 "pub1",
275 &pub1,
276 sizeof (pub1)))
277 {
278 GNUNET_break (0);
279 return GNUNET_NO;
280 }
281 if (GNUNET_OK != expect_data_fixed (vec,
282 "skm",
283 &skm,
284 sizeof (skm)))
285 {
286 GNUNET_break (0);
287 return GNUNET_NO;
288 }
289 GNUNET_assert (GNUNET_OK ==
290 GNUNET_CRYPTO_ecc_ecdh (&priv2,
291 &pub1,
292 &skm_comp));
293 if (0 != GNUNET_memcmp (&skm, &skm_comp))
294 {
295 GNUNET_break (0);
296 return GNUNET_NO;
297 }
298 }
299 else if (0 == strcmp (operation, "eddsa_key_derivation"))
300 {
301 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
302 struct GNUNET_CRYPTO_EddsaPublicKey pub;
303 struct GNUNET_CRYPTO_EddsaPublicKey pub_comp;
304
305 if (GNUNET_OK != expect_data_fixed (vec,
306 "priv",
307 &priv,
308 sizeof (priv)))
309 {
310 GNUNET_break (0);
311 return GNUNET_NO;
312 }
313
314 if (GNUNET_OK != expect_data_fixed (vec,
315 "pub",
316 &pub,
317 sizeof (pub)))
318 {
319 GNUNET_break (0);
320 return GNUNET_NO;
321 }
322
323 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
324 &pub_comp);
325 if (0 != GNUNET_memcmp (&pub, &pub_comp))
326 {
327 GNUNET_break (0);
328 return GNUNET_NO;
329 }
330
331 }
332 else if (0 == strcmp (operation, "eddsa_signing"))
333 {
334 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
335 struct GNUNET_CRYPTO_EddsaPublicKey pub;
336 struct TestSignatureDataPS data = { 0 };
337 struct GNUNET_CRYPTO_EddsaSignature sig;
338 struct GNUNET_CRYPTO_EddsaSignature sig_comp;
339
340 if (GNUNET_OK != expect_data_fixed (vec,
341 "priv",
342 &priv,
343 sizeof (priv)))
344 {
345 GNUNET_break (0);
346 return GNUNET_NO;
347 }
348
349 if (GNUNET_OK != expect_data_fixed (vec,
350 "pub",
351 &pub,
352 sizeof (pub)))
353 {
354 GNUNET_break (0);
355 return GNUNET_NO;
356 }
357
358 if (GNUNET_OK != expect_data_fixed (vec,
359 "data",
360 &data,
361 sizeof (data)))
362 {
363 GNUNET_break (0);
364 return GNUNET_NO;
365 }
366
367 if (GNUNET_OK != expect_data_fixed (vec,
368 "sig",
369 &sig,
370 sizeof (sig)))
371 {
372 GNUNET_break (0);
373 return GNUNET_NO;
374 }
375
376 GNUNET_CRYPTO_eddsa_sign (&priv,
377 &data,
378 &sig_comp);
379 GNUNET_assert (GNUNET_OK ==
380 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TEST,
381 &data,
382 &sig,
383 &pub));
384 if (0 != GNUNET_memcmp (&sig, &sig_comp))
385 {
386 GNUNET_break (0);
387 return GNUNET_NO;
388 }
389 }
390 else if (0 == strcmp (operation, "kdf"))
391 {
392 size_t out_len;
393 void *out;
394 size_t out_len_comp;
395 void *out_comp;
396 void *ikm;
397 size_t ikm_len;
398 void *salt;
399 size_t salt_len;
400 void *ctx;
401 size_t ctx_len;
402
403 if (GNUNET_OK != expect_data_dynamic (vec,
404 "out",
405 &out,
406 &out_len))
407 {
408 GNUNET_break (0);
409 return GNUNET_SYSERR;
410 }
411
412 out_len_comp = out_len;
413 out_comp = GNUNET_malloc (out_len_comp);
414
415 if (GNUNET_OK != expect_data_dynamic (vec,
416 "ikm",
417 &ikm,
418 &ikm_len))
419 {
420 GNUNET_free (out);
421 GNUNET_free (out_comp);
422 GNUNET_break (0);
423 return GNUNET_SYSERR;
424 }
425
426 if (GNUNET_OK != expect_data_dynamic (vec,
427 "salt",
428 &salt,
429 &salt_len))
430 {
431 GNUNET_free (out);
432 GNUNET_free (out_comp);
433 GNUNET_free (ikm);
434 GNUNET_break (0);
435 return GNUNET_SYSERR;
436 }
437
438 if (GNUNET_OK != expect_data_dynamic (vec,
439 "ctx",
440 &ctx,
441 &ctx_len))
442 {
443 GNUNET_free (out);
444 GNUNET_free (out_comp);
445 GNUNET_free (ikm);
446 GNUNET_free (salt);
447 GNUNET_break (0);
448 return GNUNET_SYSERR;
449 }
450
451 GNUNET_assert (GNUNET_OK ==
452 GNUNET_CRYPTO_kdf (out_comp,
453 out_len_comp,
454 salt,
455 salt_len,
456 ikm,
457 ikm_len,
458 ctx,
459 ctx_len,
460 NULL));
461
462 if (0 != memcmp (out, out_comp, out_len))
463 {
464 GNUNET_free (out);
465 GNUNET_free (out_comp);
466 GNUNET_free (ikm);
467 GNUNET_free (salt);
468 GNUNET_free (ctx);
469 GNUNET_break (0);
470 return GNUNET_NO;
471 }
472 GNUNET_free (out);
473 GNUNET_free (out_comp);
474 GNUNET_free (ikm);
475 GNUNET_free (salt);
476 GNUNET_free (ctx);
477 }
478 else if (0 == strcmp (operation, "eddsa_ecdh"))
479 {
480 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdhe;
481 struct GNUNET_CRYPTO_EcdhePublicKey pub_ecdhe;
482 struct GNUNET_CRYPTO_EddsaPrivateKey priv_eddsa;
483 struct GNUNET_CRYPTO_EddsaPublicKey pub_eddsa;
484 struct GNUNET_HashCode key_material;
485 struct GNUNET_HashCode key_material_comp;
486
487 if (GNUNET_OK != expect_data_fixed (vec,
488 "priv_ecdhe",
489 &priv_ecdhe,
490 sizeof (priv_ecdhe)))
491 {
492 GNUNET_break (0);
493 return GNUNET_NO;
494 }
495
496 if (GNUNET_OK != expect_data_fixed (vec,
497 "pub_ecdhe",
498 &pub_ecdhe,
499 sizeof (pub_ecdhe)))
500 {
501 GNUNET_break (0);
502 return GNUNET_NO;
503 }
504
505 if (GNUNET_OK != expect_data_fixed (vec,
506 "priv_eddsa",
507 &priv_eddsa,
508 sizeof (priv_eddsa)))
509 {
510 GNUNET_break (0);
511 return GNUNET_NO;
512 }
513
514 if (GNUNET_OK != expect_data_fixed (vec,
515 "pub_eddsa",
516 &pub_eddsa,
517 sizeof (pub_eddsa)))
518 {
519 GNUNET_break (0);
520 return GNUNET_NO;
521 }
522
523 if (GNUNET_OK != expect_data_fixed (vec,
524 "key_material",
525 &key_material,
526 sizeof (key_material)))
527 {
528 GNUNET_break (0);
529 return GNUNET_NO;
530 }
531
532 GNUNET_CRYPTO_ecdh_eddsa (&priv_ecdhe, &pub_eddsa, &key_material_comp);
533
534 if (0 != GNUNET_memcmp (&key_material, &key_material_comp))
535 {
536 GNUNET_break (0);
537 return GNUNET_NO;
538 }
539 }
540 else if (0 == strcmp (operation, "rsa_blind_signing"))
541 {
542 struct GNUNET_CRYPTO_RsaPrivateKey *skey;
543 struct GNUNET_CRYPTO_RsaPublicKey *pkey;
544 struct GNUNET_HashCode message_hash;
545 struct GNUNET_CRYPTO_RsaBlindingKeySecret bks;
546 struct GNUNET_CRYPTO_RsaSignature *blinded_sig;
547 struct GNUNET_CRYPTO_RsaSignature *sig;
548 void *blinded_data;
549 size_t blinded_len;
550 void *blinded_data_comp;
551 size_t blinded_len_comp;
552 void *public_enc_data;
553 size_t public_enc_len;
554 void *secret_enc_data;
555 size_t secret_enc_len;
556 void *sig_enc_data;
557 size_t sig_enc_length;
558 void *sig_enc_data_comp;
559 size_t sig_enc_length_comp;
560
561 if (GNUNET_OK != expect_data_fixed (vec,
562 "message_hash",
563 &message_hash,
564 sizeof (message_hash)))
565 {
566 GNUNET_break (0);
567 return GNUNET_SYSERR;
568 }
569
570 if (GNUNET_OK != expect_data_fixed (vec,
571 "blinding_key_secret",
572 &bks,
573 sizeof (bks)))
574 {
575 GNUNET_break (0);
576 return GNUNET_SYSERR;
577 }
578
579 if (GNUNET_OK != expect_data_dynamic (vec,
580 "blinded_message",
581 &blinded_data,
582 &blinded_len))
583 {
584 GNUNET_break (0);
585 return GNUNET_SYSERR;
586 }
587
588 if (GNUNET_OK != expect_data_dynamic (vec,
589 "rsa_public_key",
590 &public_enc_data,
591 &public_enc_len))
592 {
593 GNUNET_free (blinded_data);
594 GNUNET_break (0);
595 return GNUNET_SYSERR;
596 }
597
598 if (GNUNET_OK != expect_data_dynamic (vec,
599 "rsa_private_key",
600 &secret_enc_data,
601 &secret_enc_len))
602 {
603 GNUNET_free (blinded_data);
604 GNUNET_free (public_enc_data);
605 GNUNET_break (0);
606 return GNUNET_SYSERR;
607 }
608
609 if (GNUNET_OK != expect_data_dynamic (vec,
610 "sig",
611 &sig_enc_data,
612 &sig_enc_length))
613 {
614 GNUNET_free (blinded_data);
615 GNUNET_free (public_enc_data);
616 GNUNET_free (secret_enc_data);
617 GNUNET_break (0);
618 return GNUNET_SYSERR;
619 }
620
621 pkey = GNUNET_CRYPTO_rsa_public_key_decode (public_enc_data,
622 public_enc_len);
623 GNUNET_assert (NULL != pkey);
624 skey = GNUNET_CRYPTO_rsa_private_key_decode (secret_enc_data,
625 secret_enc_len);
626 GNUNET_assert (NULL != skey);
627
628 GNUNET_assert (GNUNET_YES ==
629 GNUNET_CRYPTO_rsa_blind (&message_hash,
630 &bks,
631 pkey,
632 &blinded_data_comp,
633 &blinded_len_comp));
634 if ( (blinded_len != blinded_len_comp) || (0 != memcmp (blinded_data,
635 blinded_data_comp,
636 blinded_len)) )
637 {
638 GNUNET_free (blinded_data);
639 GNUNET_free (public_enc_data);
640 GNUNET_free (secret_enc_data);
641 GNUNET_free (sig_enc_data);
642 GNUNET_free (skey);
643 GNUNET_break (0);
644 return GNUNET_NO;
645 }
646 blinded_sig = GNUNET_CRYPTO_rsa_sign_blinded (skey, blinded_data,
647 blinded_len);
648 sig = GNUNET_CRYPTO_rsa_unblind (blinded_sig, &bks, pkey);
649 GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_rsa_verify (&message_hash, sig,
650 pkey));
651 public_enc_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey,
652 &public_enc_data);
653 sig_enc_length_comp = GNUNET_CRYPTO_rsa_signature_encode (sig,
654 &sig_enc_data_comp);
655
656 if ( (sig_enc_length != sig_enc_length_comp) ||
657 (0 != memcmp (sig_enc_data, sig_enc_data_comp, sig_enc_length) ))
658 {
659 GNUNET_free (blinded_sig);
660 GNUNET_free (blinded_data);
661 GNUNET_free (public_enc_data);
662 GNUNET_free (secret_enc_data);
663 GNUNET_free (sig_enc_data);
664 GNUNET_free (skey);
665 GNUNET_break (0);
666 return GNUNET_NO;
667 }
668 GNUNET_free (blinded_sig);
669 GNUNET_free (blinded_data);
670 GNUNET_free (public_enc_data);
671 GNUNET_free (secret_enc_data);
672 GNUNET_free (sig_enc_data);
673 GNUNET_free (skey);
674 }
675 else
676 {
677 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
678 "unsupported operation '%s'\n", operation);
679 }
680
681 return GNUNET_OK;
682}
683
684
685/**
686 * Check test vectors from stdin.
687 *
688 * @returns global exit code
689 */
690static int
691check_vectors ()
692{
693 json_error_t err;
694 json_t *vecfile = json_loadf (stdin, 0, &err);
695 const char *encoding;
696 json_t *vectors;
697
698 if (NULL == vecfile)
699 {
700 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "unable to parse JSON\n");
701 return 1;
702 }
703 encoding = json_string_value (json_object_get (vecfile,
704 "encoding"));
705 if ( (NULL == encoding) || (0 != strcmp (encoding, "base32crockford")) )
706 {
707 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "unsupported or missing encoding\n");
708 json_decref (vecfile);
709 return 1;
710 }
711 vectors = json_object_get (vecfile, "vectors");
712 if (! json_is_array (vectors))
713 {
714 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "bad vectors\n");
715 json_decref (vecfile);
716 return 1;
717 }
718 {
719 /* array is a JSON array */
720 size_t index;
721 json_t *value;
722 int ret;
723
724 json_array_foreach (vectors, index, value) {
725 const char *op = json_string_value (json_object_get (value,
726 "operation"));
727
728 if (NULL == op)
729 {
730 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
731 "missing operation\n");
732 ret = GNUNET_SYSERR;
733 break;
734 }
735 ret = checkvec (op, value);
736 if (GNUNET_OK != ret)
737 {
738 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
739 "bad vector %u\n",
740 (unsigned int) index);
741 break;
742 }
743 }
744 return (ret == GNUNET_OK) ? 0 : 1;
745 }
746}
747
748
749/**
750 * Output test vectors.
751 *
752 * @returns global exit code
753 */
754static int
755output_vectors ()
756{
757 json_t *vecfile = json_object ();
758 json_t *vecs = json_array ();
759
760 json_object_set_new (vecfile,
761 "encoding",
762 json_string ("base32crockford"));
763 json_object_set_new (vecfile,
764 "producer",
765 json_string ("GNUnet " PACKAGE_VERSION " " VCS_VERSION));
766 json_object_set_new (vecfile,
767 "vectors",
768 vecs);
769
770 {
771 json_t *vec = vec_for (vecs, "hash");
772 struct GNUNET_HashCode hc;
773 char *str = "Hello, GNUnet";
774
775 GNUNET_CRYPTO_hash (str, strlen (str), &hc);
776
777 d2j (vec, "input", str, strlen (str));
778 d2j (vec, "output", &hc, sizeof (struct GNUNET_HashCode));
779 }
780 {
781 json_t *vec = vec_for (vecs, "ecc_ecdh");
782 struct GNUNET_CRYPTO_EcdhePrivateKey priv1;
783 struct GNUNET_CRYPTO_EcdhePublicKey pub1;
784 struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
785 struct GNUNET_HashCode skm;
786
787 GNUNET_CRYPTO_ecdhe_key_create (&priv1);
788 GNUNET_CRYPTO_ecdhe_key_create (&priv2);
789 GNUNET_CRYPTO_ecdhe_key_get_public (&priv1,
790 &pub1);
791 GNUNET_assert (GNUNET_OK ==
792 GNUNET_CRYPTO_ecc_ecdh (&priv2,
793 &pub1,
794 &skm));
795
796 d2j (vec,
797 "priv1",
798 &priv1,
799 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
800 d2j (vec,
801 "pub1",
802 &pub1,
803 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
804 d2j (vec,
805 "priv2",
806 &priv2,
807 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
808 d2j (vec,
809 "skm",
810 &skm,
811 sizeof (struct GNUNET_HashCode));
812 }
813
814 {
815 json_t *vec = vec_for (vecs, "eddsa_key_derivation");
816 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
817 struct GNUNET_CRYPTO_EddsaPublicKey pub;
818
819 GNUNET_CRYPTO_eddsa_key_create (&priv);
820 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
821 &pub);
822
823 d2j (vec,
824 "priv",
825 &priv,
826 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
827 d2j (vec,
828 "pub",
829 &pub,
830 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
831 }
832 {
833 json_t *vec = vec_for (vecs, "eddsa_signing");
834 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
835 struct GNUNET_CRYPTO_EddsaPublicKey pub;
836 struct GNUNET_CRYPTO_EddsaSignature sig;
837 struct TestSignatureDataPS data = { 0 };
838
839 GNUNET_CRYPTO_eddsa_key_create (&priv);
840 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
841 &pub);
842 data.purpose.size = htonl (sizeof (data));
843 data.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
844 GNUNET_CRYPTO_eddsa_sign (&priv,
845 &data,
846 &sig);
847 GNUNET_assert (GNUNET_OK ==
848 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TEST,
849 &data,
850 &sig,
851 &pub));
852
853 d2j (vec,
854 "priv",
855 &priv,
856 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
857 d2j (vec,
858 "pub",
859 &pub,
860 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
861 d2j (vec,
862 "data",
863 &data,
864 sizeof (struct TestSignatureDataPS));
865 d2j (vec,
866 "sig",
867 &sig,
868 sizeof (struct GNUNET_CRYPTO_EddsaSignature));
869 }
870
871 {
872 json_t *vec = vec_for (vecs, "kdf");
873 size_t out_len = 64;
874 char out[out_len];
875 char *ikm = "I'm the secret input key material";
876 char *salt = "I'm very salty";
877 char *ctx = "I'm a context chunk, also known as 'info' in the RFC";
878
879 GNUNET_assert (GNUNET_OK ==
880 GNUNET_CRYPTO_kdf (&out,
881 out_len,
882 salt,
883 strlen (salt),
884 ikm,
885 strlen (ikm),
886 ctx,
887 strlen (ctx),
888 NULL));
889
890 d2j (vec,
891 "salt",
892 salt,
893 strlen (salt));
894 d2j (vec,
895 "ikm",
896 ikm,
897 strlen (ikm));
898 d2j (vec,
899 "ctx",
900 ctx,
901 strlen (ctx));
902 uint2j (vec,
903 "out_len",
904 (unsigned int) out_len);
905 d2j (vec,
906 "out",
907 out,
908 out_len);
909 }
910 {
911 json_t *vec = vec_for (vecs, "eddsa_ecdh");
912 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdhe;
913 struct GNUNET_CRYPTO_EcdhePublicKey pub_ecdhe;
914 struct GNUNET_CRYPTO_EddsaPrivateKey priv_eddsa;
915 struct GNUNET_CRYPTO_EddsaPublicKey pub_eddsa;
916 struct GNUNET_HashCode key_material;
917
918 GNUNET_CRYPTO_ecdhe_key_create (&priv_ecdhe);
919 GNUNET_CRYPTO_ecdhe_key_get_public (&priv_ecdhe, &pub_ecdhe);
920 GNUNET_CRYPTO_eddsa_key_create (&priv_eddsa);
921 GNUNET_CRYPTO_eddsa_key_get_public (&priv_eddsa, &pub_eddsa);
922 GNUNET_CRYPTO_ecdh_eddsa (&priv_ecdhe, &pub_eddsa, &key_material);
923
924 d2j (vec, "priv_ecdhe",
925 &priv_ecdhe,
926 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
927 d2j (vec, "pub_ecdhe",
928 &pub_ecdhe,
929 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
930 d2j (vec, "priv_eddsa",
931 &priv_eddsa,
932 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
933 d2j (vec, "pub_eddsa",
934 &pub_eddsa,
935 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
936 d2j (vec, "key_material",
937 &key_material,
938 sizeof (struct GNUNET_HashCode));
939 }
940
941 {
942 json_t *vec = vec_for (vecs, "rsa_blind_signing");
943
944 struct GNUNET_CRYPTO_RsaPrivateKey *skey;
945 struct GNUNET_CRYPTO_RsaPublicKey *pkey;
946 struct GNUNET_HashCode message_hash;
947 struct GNUNET_CRYPTO_RsaBlindingKeySecret bks;
948 struct GNUNET_CRYPTO_RsaSignature *blinded_sig;
949 struct GNUNET_CRYPTO_RsaSignature *sig;
950 void *blinded_data;
951 size_t blinded_len;
952 void *public_enc_data;
953 size_t public_enc_len;
954 void *secret_enc_data;
955 size_t secret_enc_len;
956 void *blinded_sig_enc_data;
957 size_t blinded_sig_enc_length;
958 void *sig_enc_data;
959 size_t sig_enc_length;
960
961 skey = GNUNET_CRYPTO_rsa_private_key_create (2048);
962 pkey = GNUNET_CRYPTO_rsa_private_key_get_public (skey);
963 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
964 &message_hash,
965 sizeof (struct GNUNET_HashCode));
966 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
967 &bks,
968 sizeof (struct
969 GNUNET_CRYPTO_RsaBlindingKeySecret));
970 GNUNET_assert (GNUNET_YES ==
971 GNUNET_CRYPTO_rsa_blind (&message_hash,
972 &bks,
973 pkey,
974 &blinded_data,
975 &blinded_len));
976 blinded_sig = GNUNET_CRYPTO_rsa_sign_blinded (skey, blinded_data,
977 blinded_len);
978 sig = GNUNET_CRYPTO_rsa_unblind (blinded_sig, &bks, pkey);
979 GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_rsa_verify (&message_hash, sig,
980 pkey));
981 public_enc_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey,
982 &public_enc_data);
983 secret_enc_len = GNUNET_CRYPTO_rsa_private_key_encode (skey,
984 &secret_enc_data);
985 blinded_sig_enc_length = GNUNET_CRYPTO_rsa_signature_encode (blinded_sig,
986 &
987 blinded_sig_enc_data);
988 sig_enc_length = GNUNET_CRYPTO_rsa_signature_encode (sig, &sig_enc_data);
989 d2j (vec,
990 "message_hash",
991 &message_hash,
992 sizeof (struct GNUNET_HashCode));
993 d2j (vec,
994 "rsa_public_key",
995 public_enc_data,
996 public_enc_len);
997 d2j (vec,
998 "rsa_private_key",
999 secret_enc_data,
1000 secret_enc_len);
1001 d2j (vec,
1002 "blinding_key_secret",
1003 &bks,
1004 sizeof (struct GNUNET_CRYPTO_RsaBlindingKeySecret));
1005 d2j (vec,
1006 "blinded_message",
1007 blinded_data,
1008 blinded_len);
1009 d2j (vec,
1010 "blinded_sig",
1011 blinded_sig_enc_data,
1012 blinded_sig_enc_length);
1013 d2j (vec,
1014 "sig",
1015 sig_enc_data,
1016 sig_enc_length);
1017 GNUNET_CRYPTO_rsa_private_key_free (skey);
1018 GNUNET_CRYPTO_rsa_public_key_free (pkey);
1019 GNUNET_CRYPTO_rsa_signature_free (sig);
1020 GNUNET_CRYPTO_rsa_signature_free (blinded_sig);
1021 GNUNET_free (public_enc_data);
1022 GNUNET_free (blinded_data);
1023 GNUNET_free (sig_enc_data);
1024 GNUNET_free (blinded_sig_enc_data);
1025 GNUNET_free (secret_enc_data);
1026 }
1027
1028 json_dumpf (vecfile, stdout, JSON_INDENT (2));
1029 json_decref (vecfile);
1030 printf ("\n");
1031
1032 return 0;
1033}
1034
1035
1036/**
1037 * Main function that will be run.
1038 *
1039 * @param cls closure
1040 * @param args remaining command-line arguments
1041 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
1042 * @param cfg configuration
1043 */
1044static void
1045run (void *cls,
1046 char *const *args,
1047 const char *cfgfile,
1048 const struct GNUNET_CONFIGURATION_Handle *cfg)
1049{
1050 if (GNUNET_YES == verify_flag)
1051 global_ret = check_vectors ();
1052 else
1053 global_ret = output_vectors ();
1054}
1055
1056
1057/**
1058 * The main function of the test vector generation tool.
1059 *
1060 * @param argc number of arguments from the command line
1061 * @param argv command line arguments
1062 * @return 0 ok, 1 on error
1063 */
1064int
1065main (int argc,
1066 char *const *argv)
1067{
1068 const struct GNUNET_GETOPT_CommandLineOption options[] = {
1069 GNUNET_GETOPT_option_flag ('V',
1070 "verify",
1071 gettext_noop (
1072 "verify a test vector from stdin"),
1073 &verify_flag),
1074 GNUNET_GETOPT_OPTION_END
1075 };
1076
1077 GNUNET_assert (GNUNET_OK ==
1078 GNUNET_log_setup ("gnunet-crypto-tvg",
1079 "INFO",
1080 NULL));
1081 if (GNUNET_OK !=
1082 GNUNET_PROGRAM_run (argc, argv,
1083 "gnunet-crypto-tvg",
1084 "Generate test vectors for cryptographic operations",
1085 options,
1086 &run, NULL))
1087 return 1;
1088 return global_ret;
1089}
1090
1091
1092/* end of gnunet-crypto-tvg.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-07 14:06:09 +0000