diff options
Diffstat (limited to 'src/util/test_anastasis_crypto.c')
-rw-r--r-- | src/util/test_anastasis_crypto.c | 346 |
1 files changed, 346 insertions, 0 deletions
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c new file mode 100644 index 0000000..9a6a98c --- /dev/null +++ b/src/util/test_anastasis_crypto.c | |||
@@ -0,0 +1,346 @@ | |||
1 | /* | ||
2 | This file is part of TALER | ||
3 | Copyright (C) 2014-2020 Taler Systems SA | ||
4 | |||
5 | TALER is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as | ||
7 | published by the Free Software Foundation; either version 3, or | ||
8 | (at your option) any later version. | ||
9 | |||
10 | TALER is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | GNU General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public | ||
16 | License along with TALER; see the file COPYING. If not, see | ||
17 | <http://www.gnu.org/licenses/> | ||
18 | */ | ||
19 | |||
20 | /** | ||
21 | * @file lib/test_anastasis_api.c | ||
22 | * @brief testcase to test anastasis' HTTP API interface | ||
23 | * @author Christian Grothoff | ||
24 | * @author Dennis Neufeld | ||
25 | * @author Dominik Meister | ||
26 | */ | ||
27 | #include "platform.h" | ||
28 | #include <taler/taler_util.h> | ||
29 | #include <gnunet/gnunet_util_lib.h> | ||
30 | #include "anastasis_crypto_lib.h" | ||
31 | |||
32 | /** | ||
33 | * Testing derivation of the user identifier | ||
34 | */ | ||
35 | static int | ||
36 | test_user_identifier_derive (void) | ||
37 | { | ||
38 | json_t *id_data_1; | ||
39 | json_t *id_data_2; | ||
40 | json_t *id_data_3; | ||
41 | struct ANASTASIS_CRYPTO_UserIdentifierP id_1; | ||
42 | struct ANASTASIS_CRYPTO_UserIdentifierP id_2; | ||
43 | struct ANASTASIS_CRYPTO_UserIdentifierP id_3; | ||
44 | struct ANASTASIS_CRYPTO_ProviderSaltP server_salt; | ||
45 | |||
46 | char *salt_str = "Server-Salt-Test"; | ||
47 | |||
48 | GNUNET_memcpy (&server_salt, | ||
49 | salt_str, | ||
50 | strlen (salt_str)); | ||
51 | // sample data 1 | ||
52 | id_data_1 = json_object (); | ||
53 | json_object_set_new (id_data_1, "arg1", json_string ("Hallo")); | ||
54 | // sample data 2, equal to sample data 1 | ||
55 | id_data_2 = json_object (); | ||
56 | json_object_set_new (id_data_2, "arg1", json_string ("Hallo")); | ||
57 | // sample data 3, differs | ||
58 | id_data_3 = json_object (); | ||
59 | json_object_set_new (id_data_3, "arg1", json_string ("Hallo2")); | ||
60 | |||
61 | ANASTASIS_CRYPTO_user_identifier_derive (id_data_1, | ||
62 | &server_salt, | ||
63 | &id_1); | ||
64 | ANASTASIS_CRYPTO_user_identifier_derive (id_data_2, | ||
65 | &server_salt, | ||
66 | &id_2); | ||
67 | ANASTASIS_CRYPTO_user_identifier_derive (id_data_3, | ||
68 | &server_salt, | ||
69 | &id_3); | ||
70 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
71 | "UserIdentifier_1: %s\n", | ||
72 | TALER_B2S (&id_1)); | ||
73 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
74 | "UserIdentifier_2: %s\n", | ||
75 | TALER_B2S (&id_2)); | ||
76 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
77 | "UserIdentifier_3: %s\n", | ||
78 | TALER_B2S (&id_3)); | ||
79 | GNUNET_assert (0 == GNUNET_memcmp (&id_1, &id_2)); | ||
80 | GNUNET_assert (0 != GNUNET_memcmp (&id_1, &id_3)); | ||
81 | json_decref (id_data_1); | ||
82 | json_decref (id_data_2); | ||
83 | json_decref (id_data_3); | ||
84 | return 0; | ||
85 | } | ||
86 | |||
87 | |||
88 | /** | ||
89 | * Testing the encryption of an recovery document and the | ||
90 | * decryption of the encrypted recovery document | ||
91 | */ | ||
92 | static int | ||
93 | test_recovery_document (void) | ||
94 | { | ||
95 | void *ciphertext; | ||
96 | size_t size_ciphertext; | ||
97 | void *plaintext; | ||
98 | size_t size_plaintext; | ||
99 | struct ANASTASIS_CRYPTO_UserIdentifierP id; | ||
100 | struct ANASTASIS_CRYPTO_ProviderSaltP server_salt; | ||
101 | int ret; | ||
102 | |||
103 | json_t *id_data = json_object (); | ||
104 | const char *test = "TEST_ERD"; | ||
105 | char *salt_str = "Server-Salt-Test"; | ||
106 | |||
107 | GNUNET_memcpy (&server_salt, | ||
108 | salt_str, | ||
109 | strlen (salt_str)); | ||
110 | json_object_set_new (id_data, "arg1", json_string ("ID_DATA")); | ||
111 | ANASTASIS_CRYPTO_user_identifier_derive (id_data, | ||
112 | &server_salt, | ||
113 | &id); | ||
114 | ANASTASIS_CRYPTO_recovery_document_encrypt (&id, | ||
115 | test, | ||
116 | strlen (test), | ||
117 | &ciphertext, | ||
118 | &size_ciphertext); | ||
119 | |||
120 | ANASTASIS_CRYPTO_recovery_document_decrypt (&id, | ||
121 | ciphertext, | ||
122 | size_ciphertext, | ||
123 | &plaintext, | ||
124 | &size_plaintext); | ||
125 | GNUNET_assert (strlen (test) == size_plaintext); | ||
126 | ret = strncmp (plaintext, test, strlen (test)); | ||
127 | json_decref (id_data); | ||
128 | GNUNET_free (ciphertext); | ||
129 | GNUNET_free (plaintext); | ||
130 | return ret; | ||
131 | } | ||
132 | |||
133 | |||
134 | static int | ||
135 | test_key_share (void) | ||
136 | { | ||
137 | struct ANASTASIS_CRYPTO_EncryptedKeyShareP ciphertext; | ||
138 | struct ANASTASIS_CRYPTO_KeyShareP plaintext; | ||
139 | struct ANASTASIS_CRYPTO_UserIdentifierP id; | ||
140 | struct ANASTASIS_CRYPTO_KeyShareP key_share; | ||
141 | struct ANASTASIS_CRYPTO_KeyShareP key_share_1; | ||
142 | struct ANASTASIS_CRYPTO_KeyShareP key_share_2; | ||
143 | |||
144 | // testing creation of keyshares | ||
145 | ANASTASIS_CRYPTO_keyshare_create (&key_share_1); | ||
146 | ANASTASIS_CRYPTO_keyshare_create (&key_share_2); | ||
147 | GNUNET_assert (0 != | ||
148 | GNUNET_memcmp (&key_share_1, | ||
149 | &key_share_2)); | ||
150 | |||
151 | // testing of enc-/decryption of a keyshare | ||
152 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, | ||
153 | &id, | ||
154 | sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP)); | ||
155 | ANASTASIS_CRYPTO_keyshare_create (&key_share); | ||
156 | ANASTASIS_CRYPTO_keyshare_encrypt (&key_share, | ||
157 | &id, | ||
158 | NULL, | ||
159 | &ciphertext); | ||
160 | ANASTASIS_CRYPTO_keyshare_decrypt (&ciphertext, | ||
161 | &id, | ||
162 | NULL, | ||
163 | &plaintext); | ||
164 | return GNUNET_memcmp (&key_share, | ||
165 | &plaintext); | ||
166 | } | ||
167 | |||
168 | |||
169 | static int | ||
170 | test_truth (void) | ||
171 | { | ||
172 | const char *test = "TEST_TRUTH"; | ||
173 | void *ciphertext; | ||
174 | size_t size_ciphertext; | ||
175 | void *plaintext; | ||
176 | size_t size_plaintext; | ||
177 | struct ANASTASIS_CRYPTO_TruthKeyP truth_enc_key; | ||
178 | int ret; | ||
179 | struct ANASTASIS_CRYPTO_NonceP nonce; | ||
180 | |||
181 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
182 | "TRUTH_BEFORE: %s\n", | ||
183 | TALER_b2s (test, | ||
184 | strlen (test))); | ||
185 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, | ||
186 | &truth_enc_key, | ||
187 | sizeof (struct ANASTASIS_CRYPTO_TruthKeyP)); | ||
188 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, | ||
189 | &nonce, | ||
190 | sizeof (nonce)); | ||
191 | ANASTASIS_CRYPTO_truth_encrypt (&nonce, | ||
192 | &truth_enc_key, | ||
193 | test, | ||
194 | strlen (test), | ||
195 | &ciphertext, | ||
196 | &size_ciphertext); | ||
197 | |||
198 | ANASTASIS_CRYPTO_truth_decrypt (&truth_enc_key, | ||
199 | ciphertext, | ||
200 | size_ciphertext, | ||
201 | &plaintext, | ||
202 | &size_plaintext); | ||
203 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
204 | "TRUTH_AFTER: %s\n", | ||
205 | TALER_b2s (plaintext, size_plaintext)); | ||
206 | GNUNET_assert (strlen (test) == size_plaintext); | ||
207 | ret = strncmp (plaintext, test, strlen (test)); | ||
208 | GNUNET_free (ciphertext); | ||
209 | GNUNET_free (plaintext); | ||
210 | return ret; | ||
211 | } | ||
212 | |||
213 | |||
214 | static int | ||
215 | test_core_secret (void) | ||
216 | { | ||
217 | const char *test = "TEST_CORE_SECRET"; | ||
218 | const char *test_wrong = "TEST_CORE_WRONG"; | ||
219 | void *enc_core_secret; | ||
220 | unsigned int policy_keys_length = 5; | ||
221 | struct ANASTASIS_CRYPTO_MasterSaltP salt; | ||
222 | struct ANASTASIS_CRYPTO_EncryptedMasterKeyP | ||
223 | encrypted_master_keys[policy_keys_length]; | ||
224 | |||
225 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, | ||
226 | &salt, | ||
227 | sizeof (salt)); | ||
228 | |||
229 | // construction of PolicyKey-array | ||
230 | struct ANASTASIS_CRYPTO_PolicyKeyP policy_keys[policy_keys_length]; | ||
231 | for (unsigned int i = 0; i < policy_keys_length; i++) | ||
232 | { | ||
233 | // construction of KeyShare-array | ||
234 | unsigned int keyshare_length = 5; | ||
235 | struct ANASTASIS_CRYPTO_KeyShareP keyshares[keyshare_length]; | ||
236 | for (unsigned int j = 0; j < keyshare_length; j++) | ||
237 | { | ||
238 | ANASTASIS_CRYPTO_keyshare_create (&keyshares[j]); | ||
239 | if (j > 0) | ||
240 | GNUNET_assert (0 != | ||
241 | GNUNET_memcmp (&keyshares[j - 1], &keyshares[j])); | ||
242 | } | ||
243 | |||
244 | // derive policy-keys | ||
245 | ANASTASIS_CRYPTO_policy_key_derive ((struct | ||
246 | ANASTASIS_CRYPTO_KeyShareP *) | ||
247 | keyshares, | ||
248 | keyshare_length, | ||
249 | &salt, | ||
250 | &policy_keys[i]); | ||
251 | if (i > 0) | ||
252 | GNUNET_assert (0 != | ||
253 | GNUNET_memcmp (&policy_keys[i - 1], &policy_keys[i])); | ||
254 | } | ||
255 | |||
256 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
257 | "CORE_SECRET_BEFORE: %s\n", | ||
258 | TALER_b2s (test, strlen (test))); | ||
259 | |||
260 | // test encryption of core_secret | ||
261 | ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys, | ||
262 | policy_keys_length, | ||
263 | test, | ||
264 | strlen (test), | ||
265 | &enc_core_secret, | ||
266 | (struct | ||
267 | ANASTASIS_CRYPTO_EncryptedMasterKeyP *) | ||
268 | &encrypted_master_keys); | ||
269 | |||
270 | // test recover of core secret | ||
271 | for (unsigned int k = 0; k < policy_keys_length; k++) | ||
272 | { | ||
273 | void *dec_core_secret; | ||
274 | size_t core_secret_size; | ||
275 | |||
276 | ANASTASIS_CRYPTO_core_secret_recover (&encrypted_master_keys[k], | ||
277 | &policy_keys[k], | ||
278 | enc_core_secret, | ||
279 | strlen (test), | ||
280 | &dec_core_secret, | ||
281 | &core_secret_size); | ||
282 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
283 | "CORE_SECRET_AFTER_%i: %s\n", | ||
284 | k, | ||
285 | TALER_b2s (dec_core_secret, strlen (test))); | ||
286 | GNUNET_assert (strlen (test) == core_secret_size); | ||
287 | GNUNET_assert (0 == | ||
288 | strncmp (dec_core_secret, test, strlen (test))); | ||
289 | GNUNET_assert (0 != | ||
290 | strncmp (dec_core_secret, test_wrong, strlen ( | ||
291 | test))); | ||
292 | GNUNET_free (dec_core_secret); | ||
293 | } | ||
294 | GNUNET_free (enc_core_secret); | ||
295 | return 0; | ||
296 | } | ||
297 | |||
298 | |||
299 | static int | ||
300 | test_public_key_derive (void) | ||
301 | { | ||
302 | struct ANASTASIS_CRYPTO_UserIdentifierP id; | ||
303 | struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key; | ||
304 | struct ANASTASIS_CRYPTO_ProviderSaltP server_salt; | ||
305 | json_t *id_data = json_object (); | ||
306 | const char *salt_str = "Server-Salt-Test"; | ||
307 | |||
308 | GNUNET_memcpy (&server_salt, | ||
309 | salt_str, | ||
310 | strlen (salt_str)); | ||
311 | |||
312 | json_object_set_new (id_data, "arg1", json_string ("ID_DATA")); | ||
313 | ANASTASIS_CRYPTO_user_identifier_derive (id_data, | ||
314 | &server_salt, | ||
315 | &id); | ||
316 | |||
317 | ANASTASIS_CRYPTO_account_public_key_derive (&id, | ||
318 | &pub_key); | ||
319 | // FIXME: write a real test, e.g. signing and verification | ||
320 | json_decref (id_data); | ||
321 | return 0; | ||
322 | } | ||
323 | |||
324 | |||
325 | int | ||
326 | main (int argc, | ||
327 | const char *const argv[]) | ||
328 | { | ||
329 | GNUNET_log_setup (argv[0], "DEBUG", NULL); | ||
330 | if (0 != test_recovery_document ()) | ||
331 | return 1; | ||
332 | if (0 != test_user_identifier_derive ()) | ||
333 | return 1; | ||
334 | if (0 != test_key_share ()) | ||
335 | return 1; | ||
336 | if (0 != test_truth ()) | ||
337 | return 1; | ||
338 | if (0 != test_core_secret ()) | ||
339 | return 1; | ||
340 | if (0 != test_public_key_derive ()) | ||
341 | return 1; | ||
342 | return 0; | ||
343 | } | ||
344 | |||
345 | |||
346 | /* end of test_anastasis_crypto.c */ | ||