[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 03/03: Testing of core secret enc-/decryption
From: |
gnunet |
Subject: |
[taler-anastasis] 03/03: Testing of core secret enc-/decryption |
Date: |
Wed, 01 Apr 2020 23:37:00 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit f1315921ff9350a9f809311555d99de6c97e085d
Author: Dennis Neufeld <address@hidden>
AuthorDate: Wed Apr 1 21:36:52 2020 +0000
Testing of core secret enc-/decryption
---
src/include/anastasis_crypto_lib.h | 8 +++----
src/util/anastasis_crypto.c | 11 +++++-----
src/util/test_anastasis_crypto.c | 44 +++++++++++++++++++++++++++++---------
3 files changed, 42 insertions(+), 21 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 77bb1d0..6d9f7d3 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -75,7 +75,7 @@ struct ANASTASIS_CRYPTO_PolicyKey
*/
struct ANASTASIS_CRYPTO_EncryptedMasterKey
{
- uint32_t key[8];
+ struct GNUNET_HashCode key;
};
@@ -349,13 +349,11 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
* @param encrypted_core_secret the encrypted core secret from the user, will
be encrypted with the policy key
* @param encrypted_core_secret_size size of the encrypted core secret
* @param core_secret[out] decrypted core secret will be returned
- * @param core_secret_size[out] size of the returned core secret
*/
void
ANASTASIS_CRYPTO_core_secret_recover (
const struct ANASTASIS_CRYPTO_EncryptedMasterKey *encrypted_master_key,
- const struct ANASTASIS_CRYPTO_PolicyKey *policy_key,
+ const struct ANASTASIS_CRYPTO_PolicyKey policy_key,
const void *encrypted_core_secret,
size_t encrypted_core_secret_size,
- void **core_secret,
- size_t *core_secret_size);
\ No newline at end of file
+ void **core_secret);
\ No newline at end of file
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index b42ba7e..38cad04 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -579,6 +579,7 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
struct GNUNET_CRYPTO_SymmetricSessionKey i_sk;
struct GNUNET_CRYPTO_SymmetricInitializationVector i_iv;
+ GNUNET_CRYPTO_hash_to_aes_key (&policy_keys[i].key, &i_sk, &i_iv);
GNUNET_assert (GNUNET_SYSERR !=
GNUNET_CRYPTO_symmetric_encrypt (&master_key,
sizeof (struct
@@ -599,16 +600,14 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
* @param encrypted_core_secret the encrypted core secret from the user, will
be encrypted with the policy key
* @param encrypted_core_secret_size size of the encrypted core secret
* @param core_secret[out] decrypted core secret will be returned
- * @param core_secret_size[out] size of the returned core secret
*/
void
ANASTASIS_CRYPTO_core_secret_recover (
const struct ANASTASIS_CRYPTO_EncryptedMasterKey *encrypted_master_key,
- const struct ANASTASIS_CRYPTO_PolicyKey *policy_key,
+ const struct ANASTASIS_CRYPTO_PolicyKey policy_key,
const void *encrypted_core_secret,
size_t encrypted_core_secret_size,
- void **core_secret,
- size_t *core_secret_size)
+ void **core_secret)
{
struct GNUNET_CRYPTO_SymmetricSessionKey mk_sk;
struct GNUNET_CRYPTO_SymmetricInitializationVector mk_iv;
@@ -616,8 +615,8 @@ ANASTASIS_CRYPTO_core_secret_recover (
struct GNUNET_CRYPTO_SymmetricInitializationVector core_iv;
struct GNUNET_HashCode master_key;
- *core_secret = GNUNET_malloc (*core_secret_size);
- GNUNET_CRYPTO_hash_to_aes_key (&policy_key->key, &mk_sk, &mk_iv);
+ *core_secret = GNUNET_malloc (encrypted_core_secret_size);
+ GNUNET_CRYPTO_hash_to_aes_key (&policy_key.key, &mk_sk, &mk_iv);
GNUNET_assert (GNUNET_SYSERR !=
GNUNET_CRYPTO_symmetric_decrypt (encrypted_master_key,
sizeof (struct
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 0a5da10..41f573b 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -106,7 +106,7 @@ test_recovery_document (void)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"ERD_AFTER: %s\n",
TALER_b2s (plaintext, size_plaintext));
- return GNUNET_memcmp (test, plaintext);
+ return strncmp ((char *) plaintext, test, strlen (test));
}
@@ -152,12 +152,12 @@ test_key_share (void)
static int
test_truth (void)
{
+ const char *test = "TEST_TRUTH";
void *ciphertext;
size_t size_ciphertext;
void *plaintext;
size_t size_plaintext;
struct ANASTASIS_CRYPTO_TruthKey truth_enc_key;
- const char *test = "TEST_TRUTH";
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
&truth_enc_key,
@@ -168,8 +168,8 @@ test_truth (void)
TALER_b2s (test, strlen (test)));
ANASTASIS_CRYPTO_truth_encrypt (&truth_enc_key,
- "TEST_TRUTH",
- strlen ("TEST_TRUTH"),
+ test,
+ strlen (test),
&ciphertext,
&size_ciphertext);
@@ -181,13 +181,15 @@ test_truth (void)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"TRUTH_AFTER: %s\n",
TALER_b2s (plaintext, size_plaintext));
- return GNUNET_memcmp ("TEST_TRUTH", plaintext);
+ return strncmp ((char *) plaintext, test, strlen (test));
}
static int
test_core_secret (void)
{
+ const char *test = "TEST_CORE_SECRET";
+ const char *test_wrong = "TEST_CORE_WRONG";
void *enc_core_secret;
size_t enc_core_secret_size;
unsigned int policy_keys_length = 5;
@@ -226,16 +228,40 @@ test_core_secret (void)
GNUNET_memcmp (&policy_keys[i - 1], &policy_keys[i]));
}
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "CORE_SECRET_BEFORE: %s\n",
+ TALER_b2s (test, strlen (test)));
+
// test encryption of core_secret
ANASTASIS_CRYPTO_core_secret_encrypt ((struct
ANASTASIS_CRYPTO_PolicyKey *)
&policy_keys,
policy_keys_length,
- "TEST_CORE_SECRET",
- strlen ("TEST_CORE_SECRET"),
+ test,
+ strlen (test),
&enc_core_secret,
&encrypted_master_keys);
- return 1;
+
+ // test recover of core secret
+ for (unsigned int k = 0; k < policy_keys_length; k++)
+ {
+ void *dec_core_secret;
+ ANASTASIS_CRYPTO_core_secret_recover (&encrypted_master_keys[k],
+ policy_keys[k],
+ enc_core_secret,
+ strlen (test),
+ &dec_core_secret);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "CORE_SECRET_AFTER_%i: %s\n",
+ k,
+ TALER_b2s (dec_core_secret, strlen (test)));
+ GNUNET_assert (0 ==
+ strncmp ((char *) dec_core_secret, test, strlen (test)));
+ GNUNET_assert (0 !=
+ strncmp ((char *) dec_core_secret, test_wrong, strlen (
+ test)));
+ }
+ return 0;
}
@@ -244,7 +270,6 @@ main (int argc,
const char *const argv[])
{
GNUNET_log_setup (argv[0], "DEBUG", NULL);
- /*
if (0 != test_recovery_document ())
return 1;
if (0 != test_user_identifier_derive ())
@@ -253,7 +278,6 @@ main (int argc,
return 1;
if (0 != test_truth ())
return 1;
- */
if (0 != test_core_secret ())
return 1;
--
To stop receiving notification emails like this one, please contact
address@hidden.