aboutsummaryrefslogtreecommitdiff
path: root/src/util/test_anastasis_crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/test_anastasis_crypto.c')
-rw-r--r--src/util/test_anastasis_crypto.c346
1 files changed, 346 insertions, 0 deletions
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
new file mode 100644
index 0000000..9a6a98c
--- /dev/null
+++ b/src/util/test_anastasis_crypto.c
@@ -0,0 +1,346 @@
1/*
2 This file is part of TALER
3 Copyright (C) 2014-2020 Taler Systems SA
4
5 TALER is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as
7 published by the Free Software Foundation; either version 3, or
8 (at your option) any later version.
9
10 TALER is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public
16 License along with TALER; see the file COPYING. If not, see
17 <http://www.gnu.org/licenses/>
18*/
19
20/**
21 * @file lib/test_anastasis_api.c
22 * @brief testcase to test anastasis' HTTP API interface
23 * @author Christian Grothoff
24 * @author Dennis Neufeld
25 * @author Dominik Meister
26 */
27#include "platform.h"
28#include <taler/taler_util.h>
29#include <gnunet/gnunet_util_lib.h>
30#include "anastasis_crypto_lib.h"
31
32/**
33 * Testing derivation of the user identifier
34 */
35static int
36test_user_identifier_derive (void)
37{
38 json_t *id_data_1;
39 json_t *id_data_2;
40 json_t *id_data_3;
41 struct ANASTASIS_CRYPTO_UserIdentifierP id_1;
42 struct ANASTASIS_CRYPTO_UserIdentifierP id_2;
43 struct ANASTASIS_CRYPTO_UserIdentifierP id_3;
44 struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
45
46 char *salt_str = "Server-Salt-Test";
47
48 GNUNET_memcpy (&server_salt,
49 salt_str,
50 strlen (salt_str));
51 // sample data 1
52 id_data_1 = json_object ();
53 json_object_set_new (id_data_1, "arg1", json_string ("Hallo"));
54 // sample data 2, equal to sample data 1
55 id_data_2 = json_object ();
56 json_object_set_new (id_data_2, "arg1", json_string ("Hallo"));
57 // sample data 3, differs
58 id_data_3 = json_object ();
59 json_object_set_new (id_data_3, "arg1", json_string ("Hallo2"));
60
61 ANASTASIS_CRYPTO_user_identifier_derive (id_data_1,
62 &server_salt,
63 &id_1);
64 ANASTASIS_CRYPTO_user_identifier_derive (id_data_2,
65 &server_salt,
66 &id_2);
67 ANASTASIS_CRYPTO_user_identifier_derive (id_data_3,
68 &server_salt,
69 &id_3);
70 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
71 "UserIdentifier_1: %s\n",
72 TALER_B2S (&id_1));
73 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
74 "UserIdentifier_2: %s\n",
75 TALER_B2S (&id_2));
76 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
77 "UserIdentifier_3: %s\n",
78 TALER_B2S (&id_3));
79 GNUNET_assert (0 == GNUNET_memcmp (&id_1, &id_2));
80 GNUNET_assert (0 != GNUNET_memcmp (&id_1, &id_3));
81 json_decref (id_data_1);
82 json_decref (id_data_2);
83 json_decref (id_data_3);
84 return 0;
85}
86
87
88/**
89 * Testing the encryption of an recovery document and the
90 * decryption of the encrypted recovery document
91 */
92static int
93test_recovery_document (void)
94{
95 void *ciphertext;
96 size_t size_ciphertext;
97 void *plaintext;
98 size_t size_plaintext;
99 struct ANASTASIS_CRYPTO_UserIdentifierP id;
100 struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
101 int ret;
102
103 json_t *id_data = json_object ();
104 const char *test = "TEST_ERD";
105 char *salt_str = "Server-Salt-Test";
106
107 GNUNET_memcpy (&server_salt,
108 salt_str,
109 strlen (salt_str));
110 json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
111 ANASTASIS_CRYPTO_user_identifier_derive (id_data,
112 &server_salt,
113 &id);
114 ANASTASIS_CRYPTO_recovery_document_encrypt (&id,
115 test,
116 strlen (test),
117 &ciphertext,
118 &size_ciphertext);
119
120 ANASTASIS_CRYPTO_recovery_document_decrypt (&id,
121 ciphertext,
122 size_ciphertext,
123 &plaintext,
124 &size_plaintext);
125 GNUNET_assert (strlen (test) == size_plaintext);
126 ret = strncmp (plaintext, test, strlen (test));
127 json_decref (id_data);
128 GNUNET_free (ciphertext);
129 GNUNET_free (plaintext);
130 return ret;
131}
132
133
134static int
135test_key_share (void)
136{
137 struct ANASTASIS_CRYPTO_EncryptedKeyShareP ciphertext;
138 struct ANASTASIS_CRYPTO_KeyShareP plaintext;
139 struct ANASTASIS_CRYPTO_UserIdentifierP id;
140 struct ANASTASIS_CRYPTO_KeyShareP key_share;
141 struct ANASTASIS_CRYPTO_KeyShareP key_share_1;
142 struct ANASTASIS_CRYPTO_KeyShareP key_share_2;
143
144 // testing creation of keyshares
145 ANASTASIS_CRYPTO_keyshare_create (&key_share_1);
146 ANASTASIS_CRYPTO_keyshare_create (&key_share_2);
147 GNUNET_assert (0 !=
148 GNUNET_memcmp (&key_share_1,
149 &key_share_2));
150
151 // testing of enc-/decryption of a keyshare
152 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
153 &id,
154 sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP));
155 ANASTASIS_CRYPTO_keyshare_create (&key_share);
156 ANASTASIS_CRYPTO_keyshare_encrypt (&key_share,
157 &id,
158 NULL,
159 &ciphertext);
160 ANASTASIS_CRYPTO_keyshare_decrypt (&ciphertext,
161 &id,
162 NULL,
163 &plaintext);
164 return GNUNET_memcmp (&key_share,
165 &plaintext);
166}
167
168
169static int
170test_truth (void)
171{
172 const char *test = "TEST_TRUTH";
173 void *ciphertext;
174 size_t size_ciphertext;
175 void *plaintext;
176 size_t size_plaintext;
177 struct ANASTASIS_CRYPTO_TruthKeyP truth_enc_key;
178 int ret;
179 struct ANASTASIS_CRYPTO_NonceP nonce;
180
181 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
182 "TRUTH_BEFORE: %s\n",
183 TALER_b2s (test,
184 strlen (test)));
185 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
186 &truth_enc_key,
187 sizeof (struct ANASTASIS_CRYPTO_TruthKeyP));
188 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
189 &nonce,
190 sizeof (nonce));
191 ANASTASIS_CRYPTO_truth_encrypt (&nonce,
192 &truth_enc_key,
193 test,
194 strlen (test),
195 &ciphertext,
196 &size_ciphertext);
197
198 ANASTASIS_CRYPTO_truth_decrypt (&truth_enc_key,
199 ciphertext,
200 size_ciphertext,
201 &plaintext,
202 &size_plaintext);
203 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
204 "TRUTH_AFTER: %s\n",
205 TALER_b2s (plaintext, size_plaintext));
206 GNUNET_assert (strlen (test) == size_plaintext);
207 ret = strncmp (plaintext, test, strlen (test));
208 GNUNET_free (ciphertext);
209 GNUNET_free (plaintext);
210 return ret;
211}
212
213
214static int
215test_core_secret (void)
216{
217 const char *test = "TEST_CORE_SECRET";
218 const char *test_wrong = "TEST_CORE_WRONG";
219 void *enc_core_secret;
220 unsigned int policy_keys_length = 5;
221 struct ANASTASIS_CRYPTO_MasterSaltP salt;
222 struct ANASTASIS_CRYPTO_EncryptedMasterKeyP
223 encrypted_master_keys[policy_keys_length];
224
225 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
226 &salt,
227 sizeof (salt));
228
229 // construction of PolicyKey-array
230 struct ANASTASIS_CRYPTO_PolicyKeyP policy_keys[policy_keys_length];
231 for (unsigned int i = 0; i < policy_keys_length; i++)
232 {
233 // construction of KeyShare-array
234 unsigned int keyshare_length = 5;
235 struct ANASTASIS_CRYPTO_KeyShareP keyshares[keyshare_length];
236 for (unsigned int j = 0; j < keyshare_length; j++)
237 {
238 ANASTASIS_CRYPTO_keyshare_create (&keyshares[j]);
239 if (j > 0)
240 GNUNET_assert (0 !=
241 GNUNET_memcmp (&keyshares[j - 1], &keyshares[j]));
242 }
243
244 // derive policy-keys
245 ANASTASIS_CRYPTO_policy_key_derive ((struct
246 ANASTASIS_CRYPTO_KeyShareP *)
247 keyshares,
248 keyshare_length,
249 &salt,
250 &policy_keys[i]);
251 if (i > 0)
252 GNUNET_assert (0 !=
253 GNUNET_memcmp (&policy_keys[i - 1], &policy_keys[i]));
254 }
255
256 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
257 "CORE_SECRET_BEFORE: %s\n",
258 TALER_b2s (test, strlen (test)));
259
260 // test encryption of core_secret
261 ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys,
262 policy_keys_length,
263 test,
264 strlen (test),
265 &enc_core_secret,
266 (struct
267 ANASTASIS_CRYPTO_EncryptedMasterKeyP *)
268 &encrypted_master_keys);
269
270 // test recover of core secret
271 for (unsigned int k = 0; k < policy_keys_length; k++)
272 {
273 void *dec_core_secret;
274 size_t core_secret_size;
275
276 ANASTASIS_CRYPTO_core_secret_recover (&encrypted_master_keys[k],
277 &policy_keys[k],
278 enc_core_secret,
279 strlen (test),
280 &dec_core_secret,
281 &core_secret_size);
282 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
283 "CORE_SECRET_AFTER_%i: %s\n",
284 k,
285 TALER_b2s (dec_core_secret, strlen (test)));
286 GNUNET_assert (strlen (test) == core_secret_size);
287 GNUNET_assert (0 ==
288 strncmp (dec_core_secret, test, strlen (test)));
289 GNUNET_assert (0 !=
290 strncmp (dec_core_secret, test_wrong, strlen (
291 test)));
292 GNUNET_free (dec_core_secret);
293 }
294 GNUNET_free (enc_core_secret);
295 return 0;
296}
297
298
299static int
300test_public_key_derive (void)
301{
302 struct ANASTASIS_CRYPTO_UserIdentifierP id;
303 struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
304 struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
305 json_t *id_data = json_object ();
306 const char *salt_str = "Server-Salt-Test";
307
308 GNUNET_memcpy (&server_salt,
309 salt_str,
310 strlen (salt_str));
311
312 json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
313 ANASTASIS_CRYPTO_user_identifier_derive (id_data,
314 &server_salt,
315 &id);
316
317 ANASTASIS_CRYPTO_account_public_key_derive (&id,
318 &pub_key);
319 // FIXME: write a real test, e.g. signing and verification
320 json_decref (id_data);
321 return 0;
322}
323
324
325int
326main (int argc,
327 const char *const argv[])
328{
329 GNUNET_log_setup (argv[0], "DEBUG", NULL);
330 if (0 != test_recovery_document ())
331 return 1;
332 if (0 != test_user_identifier_derive ())
333 return 1;
334 if (0 != test_key_share ())
335 return 1;
336 if (0 != test_truth ())
337 return 1;
338 if (0 != test_core_secret ())
339 return 1;
340 if (0 != test_public_key_derive ())
341 return 1;
342 return 0;
343}
344
345
346/* end of test_anastasis_crypto.c */