test_anastasis_crypto.c (11416B)
1 /* 2 This file is part of Anastasis 3 Copyright (C) 2014-2020 Anastasis SARL 4 5 Anastasis is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License as 7 published by the Free Software Foundation; either version 3, or 8 (at your option) any later version. 9 10 Anastasis is distributed in the hope that it will be useful, but 11 WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 GNU General Public License for more details. 14 15 You should have received a copy of the GNU General Public 16 License along with Anastasis; see the file COPYING. If not, see 17 <http://www.gnu.org/licenses/> 18 */ 19 20 /** 21 * @file lib/test_anastasis_api.c 22 * @brief testcase to test anastasis' HTTP API interface 23 * @author Christian Grothoff 24 * @author Dennis Neufeld 25 * @author Dominik Meister 26 */ 27 #include "platform.h" 28 #include <taler/taler_util.h> 29 #include <gnunet/gnunet_util_lib.h> 30 #include "anastasis_crypto_lib.h" 31 32 /** 33 * Testing derivation of the user identifier 34 */ 35 static int 36 test_user_identifier_derive (void) 37 { 38 json_t *id_data_1; 39 json_t *id_data_2; 40 json_t *id_data_3; 41 struct ANASTASIS_CRYPTO_UserIdentifierP id_1; 42 struct ANASTASIS_CRYPTO_UserIdentifierP id_2; 43 struct ANASTASIS_CRYPTO_UserIdentifierP id_3; 44 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt; 45 46 const char *salt_str = "Server-Salt-Test"; 47 48 GNUNET_memcpy (&provider_salt, 49 salt_str, 50 strlen (salt_str)); 51 // sample data 1 52 id_data_1 = json_object (); 53 json_object_set_new (id_data_1, "arg1", json_string ("Hallo")); 54 // sample data 2, equal to sample data 1 55 id_data_2 = json_object (); 56 json_object_set_new (id_data_2, "arg1", json_string ("Hallo")); 57 // sample data 3, differs 58 id_data_3 = json_object (); 59 json_object_set_new (id_data_3, "arg1", json_string ("Hallo2")); 60 61 ANASTASIS_CRYPTO_user_identifier_derive (id_data_1, 62 &provider_salt, 63 &id_1); 64 ANASTASIS_CRYPTO_user_identifier_derive (id_data_2, 65 &provider_salt, 66 &id_2); 67 ANASTASIS_CRYPTO_user_identifier_derive (id_data_3, 68 &provider_salt, 69 &id_3); 70 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 71 "UserIdentifier_1: %s\n", 72 TALER_B2S (&id_1)); 73 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 74 "UserIdentifier_2: %s\n", 75 TALER_B2S (&id_2)); 76 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 77 "UserIdentifier_3: %s\n", 78 TALER_B2S (&id_3)); 79 GNUNET_assert (0 == GNUNET_memcmp (&id_1, &id_2)); 80 GNUNET_assert (0 != GNUNET_memcmp (&id_1, &id_3)); 81 json_decref (id_data_1); 82 json_decref (id_data_2); 83 json_decref (id_data_3); 84 return 0; 85 } 86 87 88 /** 89 * Testing the encryption of an recovery document and the 90 * decryption of the encrypted recovery document 91 */ 92 static int 93 test_recovery_document (void) 94 { 95 void *ciphertext; 96 size_t size_ciphertext; 97 void *plaintext; 98 size_t size_plaintext; 99 struct ANASTASIS_CRYPTO_UserIdentifierP id; 100 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt; 101 int ret; 102 103 json_t *id_data = json_object (); 104 const char *test = "TEST_ERD"; 105 const char *salt_str = "Server-Salt-Test"; 106 107 GNUNET_memcpy (&provider_salt, 108 salt_str, 109 strlen (salt_str)); 110 json_object_set_new (id_data, "arg1", json_string ("ID_DATA")); 111 ANASTASIS_CRYPTO_user_identifier_derive (id_data, 112 &provider_salt, 113 &id); 114 ANASTASIS_CRYPTO_recovery_document_encrypt (&id, 115 test, 116 strlen (test), 117 &ciphertext, 118 &size_ciphertext); 119 120 ANASTASIS_CRYPTO_recovery_document_decrypt (&id, 121 ciphertext, 122 size_ciphertext, 123 &plaintext, 124 &size_plaintext); 125 GNUNET_assert (strlen (test) == size_plaintext); 126 ret = strncmp (plaintext, test, strlen (test)); 127 json_decref (id_data); 128 GNUNET_free (ciphertext); 129 GNUNET_free (plaintext); 130 return ret; 131 } 132 133 134 static int 135 test_key_share (void) 136 { 137 struct ANASTASIS_CRYPTO_EncryptedKeyShareP ciphertext; 138 struct ANASTASIS_CRYPTO_KeyShareP plaintext; 139 struct ANASTASIS_CRYPTO_UserIdentifierP id; 140 struct ANASTASIS_CRYPTO_KeyShareP key_share; 141 struct ANASTASIS_CRYPTO_KeyShareP key_share_1; 142 struct ANASTASIS_CRYPTO_KeyShareP key_share_2; 143 144 // testing creation of keyshares 145 ANASTASIS_CRYPTO_keyshare_create (&key_share_1); 146 ANASTASIS_CRYPTO_keyshare_create (&key_share_2); 147 GNUNET_assert (0 != 148 GNUNET_memcmp (&key_share_1, 149 &key_share_2)); 150 151 // testing of enc-/decryption of a keyshare 152 GNUNET_CRYPTO_random_block (&id, 153 sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP)); 154 ANASTASIS_CRYPTO_keyshare_create (&key_share); 155 ANASTASIS_CRYPTO_keyshare_encrypt (&key_share, 156 &id, 157 NULL, 158 &ciphertext); 159 ANASTASIS_CRYPTO_keyshare_decrypt (&ciphertext, 160 &id, 161 NULL, 162 &plaintext); 163 return GNUNET_memcmp (&key_share, 164 &plaintext); 165 } 166 167 168 static int 169 test_truth (void) 170 { 171 const char *test = "TEST_TRUTH"; 172 void *ciphertext; 173 size_t size_ciphertext; 174 void *plaintext; 175 size_t size_plaintext; 176 struct ANASTASIS_CRYPTO_TruthKeyP truth_enc_key; 177 int ret; 178 struct ANASTASIS_CRYPTO_NonceP nonce; 179 180 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 181 "TRUTH_BEFORE: %s\n", 182 TALER_b2s (test, 183 strlen (test))); 184 GNUNET_CRYPTO_random_block (&truth_enc_key, 185 sizeof (struct ANASTASIS_CRYPTO_TruthKeyP)); 186 GNUNET_CRYPTO_random_block (&nonce, 187 sizeof (nonce)); 188 ANASTASIS_CRYPTO_truth_encrypt (&nonce, 189 &truth_enc_key, 190 test, 191 strlen (test), 192 &ciphertext, 193 &size_ciphertext); 194 195 ANASTASIS_CRYPTO_truth_decrypt (&truth_enc_key, 196 ciphertext, 197 size_ciphertext, 198 &plaintext, 199 &size_plaintext); 200 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 201 "TRUTH_AFTER: %s\n", 202 TALER_b2s (plaintext, size_plaintext)); 203 GNUNET_assert (strlen (test) == size_plaintext); 204 ret = strncmp (plaintext, test, strlen (test)); 205 GNUNET_free (ciphertext); 206 GNUNET_free (plaintext); 207 return ret; 208 } 209 210 211 static int 212 test_core_secret (void) 213 { 214 const char *test = "TEST_CORE_SECRET"; 215 const char *test_wrong = "TEST_CORE_WRONG"; 216 unsigned int policy_keys_length = 5; 217 struct ANASTASIS_CRYPTO_MasterSaltP salt; 218 struct ANASTASIS_CoreSecretEncryptionResult *cser; 219 struct ANASTASIS_CRYPTO_PolicyKeyP policy_keys[policy_keys_length]; 220 221 GNUNET_CRYPTO_random_block (&salt, 222 sizeof (salt)); 223 // construction of PolicyKey-array 224 for (unsigned int i = 0; i < policy_keys_length; i++) 225 { 226 // construction of KeyShare-array 227 unsigned int keyshare_length = 5; 228 struct ANASTASIS_CRYPTO_KeyShareP keyshares[keyshare_length]; 229 for (unsigned int j = 0; j < keyshare_length; j++) 230 { 231 ANASTASIS_CRYPTO_keyshare_create (&keyshares[j]); 232 if (j > 0) 233 GNUNET_assert (0 != 234 GNUNET_memcmp (&keyshares[j - 1], &keyshares[j])); 235 } 236 237 // derive policy-keys 238 ANASTASIS_CRYPTO_policy_key_derive ((struct 239 ANASTASIS_CRYPTO_KeyShareP *) 240 keyshares, 241 keyshare_length, 242 &salt, 243 &policy_keys[i]); 244 if (i > 0) 245 GNUNET_assert (0 != 246 GNUNET_memcmp (&policy_keys[i - 1], &policy_keys[i])); 247 } 248 249 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 250 "CORE_SECRET_BEFORE: %s\n", 251 TALER_b2s (test, strlen (test))); 252 253 // test encryption of core_secret 254 cser = ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys, 255 policy_keys_length, 256 test, 257 strlen (test)); 258 259 // test recover of core secret 260 for (unsigned int k = 0; k < policy_keys_length; k++) 261 { 262 void *dec_core_secret; 263 size_t core_secret_size; 264 265 ANASTASIS_CRYPTO_core_secret_recover (cser->enc_master_keys[k], 266 cser->enc_master_key_sizes[k], 267 &policy_keys[k], 268 cser->enc_core_secret, 269 cser->enc_core_secret_size, 270 &dec_core_secret, 271 &core_secret_size); 272 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 273 "CORE_SECRET_AFTER_%i: %s\n", 274 k, 275 TALER_b2s (dec_core_secret, strlen (test))); 276 GNUNET_assert (strlen (test) == core_secret_size); 277 GNUNET_assert (0 == 278 strncmp (dec_core_secret, test, strlen (test))); 279 GNUNET_assert (0 != 280 strncmp (dec_core_secret, test_wrong, strlen ( 281 test))); 282 GNUNET_free (dec_core_secret); 283 } 284 ANASTASIS_CRYPTO_destroy_encrypted_core_secret (cser); 285 return 0; 286 } 287 288 289 static int 290 test_public_key_derive (void) 291 { 292 struct ANASTASIS_CRYPTO_UserIdentifierP id; 293 struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key; 294 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt; 295 json_t *id_data = json_object (); 296 const char *salt_str = "Server-Salt-Test"; 297 298 GNUNET_memcpy (&provider_salt, 299 salt_str, 300 strlen (salt_str)); 301 302 json_object_set_new (id_data, "arg1", json_string ("ID_DATA")); 303 ANASTASIS_CRYPTO_user_identifier_derive (id_data, 304 &provider_salt, 305 &id); 306 307 ANASTASIS_CRYPTO_account_public_key_derive (&id, 308 &pub_key); 309 // FIXME: write a real test, e.g. signing and verification 310 json_decref (id_data); 311 return 0; 312 } 313 314 315 int 316 main (int argc, 317 const char *const argv[]) 318 { 319 GNUNET_log_setup (argv[0], "DEBUG", NULL); 320 if (0 != test_recovery_document ()) 321 return 1; 322 if (0 != test_user_identifier_derive ()) 323 return 1; 324 if (0 != test_key_share ()) 325 return 1; 326 if (0 != test_truth ()) 327 return 1; 328 if (0 != test_core_secret ()) 329 return 1; 330 if (0 != test_public_key_derive ()) 331 return 1; 332 return 0; 333 } 334 335 336 /* end of test_anastasis_crypto.c */