test_anastasis_crypto.c (11651B)
1 /* 2 This file is part of Anastasis 3 Copyright (C) 2014-2020 Anastasis SARL 4 5 Anastasis is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License as 7 published by the Free Software Foundation; either version 3, or 8 (at your option) any later version. 9 10 Anastasis is distributed in the hope that it will be useful, but 11 WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 GNU General Public License for more details. 14 15 You should have received a copy of the GNU General Public 16 License along with Anastasis; see the file COPYING. If not, see 17 <http://www.gnu.org/licenses/> 18 */ 19 20 /** 21 * @file lib/test_anastasis_api.c 22 * @brief testcase to test anastasis' HTTP API interface 23 * @author Christian Grothoff 24 * @author Dennis Neufeld 25 * @author Dominik Meister 26 */ 27 #include "platform.h" 28 #include <taler/taler_util.h> 29 #include <gnunet/gnunet_util_lib.h> 30 #include "anastasis_crypto_lib.h" 31 32 /** 33 * Testing derivation of the user identifier 34 */ 35 static int 36 test_user_identifier_derive (void) 37 { 38 json_t *id_data_1; 39 json_t *id_data_2; 40 json_t *id_data_3; 41 struct ANASTASIS_CRYPTO_UserIdentifierP id_1; 42 struct ANASTASIS_CRYPTO_UserIdentifierP id_2; 43 struct ANASTASIS_CRYPTO_UserIdentifierP id_3; 44 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt; 45 46 const char *salt_str = "Server-Salt-Test"; 47 48 GNUNET_memcpy (&provider_salt, 49 salt_str, 50 strlen (salt_str)); 51 // sample data 1 52 id_data_1 = json_object (); 53 json_object_set_new (id_data_1, "arg1", json_string ("Hallo")); 54 // sample data 2, equal to sample data 1 55 id_data_2 = json_object (); 56 json_object_set_new (id_data_2, "arg1", json_string ("Hallo")); 57 // sample data 3, differs 58 id_data_3 = json_object (); 59 json_object_set_new (id_data_3, "arg1", json_string ("Hallo2")); 60 61 ANASTASIS_CRYPTO_user_identifier_derive (id_data_1, 62 &provider_salt, 63 &id_1); 64 ANASTASIS_CRYPTO_user_identifier_derive (id_data_2, 65 &provider_salt, 66 &id_2); 67 ANASTASIS_CRYPTO_user_identifier_derive (id_data_3, 68 &provider_salt, 69 &id_3); 70 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 71 "UserIdentifier_1: %s\n", 72 TALER_B2S (&id_1)); 73 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 74 "UserIdentifier_2: %s\n", 75 TALER_B2S (&id_2)); 76 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 77 "UserIdentifier_3: %s\n", 78 TALER_B2S (&id_3)); 79 GNUNET_assert (0 == GNUNET_memcmp (&id_1, &id_2)); 80 GNUNET_assert (0 != GNUNET_memcmp (&id_1, &id_3)); 81 json_decref (id_data_1); 82 json_decref (id_data_2); 83 json_decref (id_data_3); 84 return 0; 85 } 86 87 88 /** 89 * Testing the encryption of an recovery document and the 90 * decryption of the encrypted recovery document 91 */ 92 static int 93 test_recovery_document (void) 94 { 95 void *ciphertext; 96 size_t size_ciphertext; 97 void *plaintext; 98 size_t size_plaintext; 99 struct ANASTASIS_CRYPTO_UserIdentifierP id; 100 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt; 101 int ret; 102 103 json_t *id_data = json_object (); 104 const char *test = "TEST_ERD"; 105 const char *salt_str = "Server-Salt-Test"; 106 107 GNUNET_memcpy (&provider_salt, 108 salt_str, 109 strlen (salt_str)); 110 json_object_set_new (id_data, "arg1", json_string ("ID_DATA")); 111 ANASTASIS_CRYPTO_user_identifier_derive (id_data, 112 &provider_salt, 113 &id); 114 ANASTASIS_CRYPTO_recovery_document_encrypt (&id, 115 test, 116 strlen (test), 117 &ciphertext, 118 &size_ciphertext); 119 120 ANASTASIS_CRYPTO_recovery_document_decrypt (&id, 121 ciphertext, 122 size_ciphertext, 123 &plaintext, 124 &size_plaintext); 125 GNUNET_assert (strlen (test) == size_plaintext); 126 ret = strncmp (plaintext, test, strlen (test)); 127 json_decref (id_data); 128 GNUNET_free (ciphertext); 129 GNUNET_free (plaintext); 130 return ret; 131 } 132 133 134 static int 135 test_key_share (void) 136 { 137 struct ANASTASIS_CRYPTO_EncryptedKeyShareP ciphertext; 138 struct ANASTASIS_CRYPTO_KeyShareP plaintext; 139 struct ANASTASIS_CRYPTO_UserIdentifierP id; 140 struct ANASTASIS_CRYPTO_KeyShareP key_share; 141 struct ANASTASIS_CRYPTO_KeyShareP key_share_1; 142 struct ANASTASIS_CRYPTO_KeyShareP key_share_2; 143 144 // testing creation of keyshares 145 ANASTASIS_CRYPTO_keyshare_create (&key_share_1); 146 ANASTASIS_CRYPTO_keyshare_create (&key_share_2); 147 GNUNET_assert (0 != 148 GNUNET_memcmp (&key_share_1, 149 &key_share_2)); 150 151 // testing of enc-/decryption of a keyshare 152 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 153 &id, 154 sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP)); 155 ANASTASIS_CRYPTO_keyshare_create (&key_share); 156 ANASTASIS_CRYPTO_keyshare_encrypt (&key_share, 157 &id, 158 NULL, 159 &ciphertext); 160 ANASTASIS_CRYPTO_keyshare_decrypt (&ciphertext, 161 &id, 162 NULL, 163 &plaintext); 164 return GNUNET_memcmp (&key_share, 165 &plaintext); 166 } 167 168 169 static int 170 test_truth (void) 171 { 172 const char *test = "TEST_TRUTH"; 173 void *ciphertext; 174 size_t size_ciphertext; 175 void *plaintext; 176 size_t size_plaintext; 177 struct ANASTASIS_CRYPTO_TruthKeyP truth_enc_key; 178 int ret; 179 struct ANASTASIS_CRYPTO_NonceP nonce; 180 181 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 182 "TRUTH_BEFORE: %s\n", 183 TALER_b2s (test, 184 strlen (test))); 185 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 186 &truth_enc_key, 187 sizeof (struct ANASTASIS_CRYPTO_TruthKeyP)); 188 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 189 &nonce, 190 sizeof (nonce)); 191 ANASTASIS_CRYPTO_truth_encrypt (&nonce, 192 &truth_enc_key, 193 test, 194 strlen (test), 195 &ciphertext, 196 &size_ciphertext); 197 198 ANASTASIS_CRYPTO_truth_decrypt (&truth_enc_key, 199 ciphertext, 200 size_ciphertext, 201 &plaintext, 202 &size_plaintext); 203 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 204 "TRUTH_AFTER: %s\n", 205 TALER_b2s (plaintext, size_plaintext)); 206 GNUNET_assert (strlen (test) == size_plaintext); 207 ret = strncmp (plaintext, test, strlen (test)); 208 GNUNET_free (ciphertext); 209 GNUNET_free (plaintext); 210 return ret; 211 } 212 213 214 static int 215 test_core_secret (void) 216 { 217 const char *test = "TEST_CORE_SECRET"; 218 const char *test_wrong = "TEST_CORE_WRONG"; 219 unsigned int policy_keys_length = 5; 220 struct ANASTASIS_CRYPTO_MasterSaltP salt; 221 struct ANASTASIS_CoreSecretEncryptionResult *cser; 222 struct ANASTASIS_CRYPTO_PolicyKeyP policy_keys[policy_keys_length]; 223 224 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, 225 &salt, 226 sizeof (salt)); 227 // construction of PolicyKey-array 228 for (unsigned int i = 0; i < policy_keys_length; i++) 229 { 230 // construction of KeyShare-array 231 unsigned int keyshare_length = 5; 232 struct ANASTASIS_CRYPTO_KeyShareP keyshares[keyshare_length]; 233 for (unsigned int j = 0; j < keyshare_length; j++) 234 { 235 ANASTASIS_CRYPTO_keyshare_create (&keyshares[j]); 236 if (j > 0) 237 GNUNET_assert (0 != 238 GNUNET_memcmp (&keyshares[j - 1], &keyshares[j])); 239 } 240 241 // derive policy-keys 242 ANASTASIS_CRYPTO_policy_key_derive ((struct 243 ANASTASIS_CRYPTO_KeyShareP *) 244 keyshares, 245 keyshare_length, 246 &salt, 247 &policy_keys[i]); 248 if (i > 0) 249 GNUNET_assert (0 != 250 GNUNET_memcmp (&policy_keys[i - 1], &policy_keys[i])); 251 } 252 253 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 254 "CORE_SECRET_BEFORE: %s\n", 255 TALER_b2s (test, strlen (test))); 256 257 // test encryption of core_secret 258 cser = ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys, 259 policy_keys_length, 260 test, 261 strlen (test)); 262 263 // test recover of core secret 264 for (unsigned int k = 0; k < policy_keys_length; k++) 265 { 266 void *dec_core_secret; 267 size_t core_secret_size; 268 269 ANASTASIS_CRYPTO_core_secret_recover (cser->enc_master_keys[k], 270 cser->enc_master_key_sizes[k], 271 &policy_keys[k], 272 cser->enc_core_secret, 273 cser->enc_core_secret_size, 274 &dec_core_secret, 275 &core_secret_size); 276 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 277 "CORE_SECRET_AFTER_%i: %s\n", 278 k, 279 TALER_b2s (dec_core_secret, strlen (test))); 280 GNUNET_assert (strlen (test) == core_secret_size); 281 GNUNET_assert (0 == 282 strncmp (dec_core_secret, test, strlen (test))); 283 GNUNET_assert (0 != 284 strncmp (dec_core_secret, test_wrong, strlen ( 285 test))); 286 GNUNET_free (dec_core_secret); 287 } 288 ANASTASIS_CRYPTO_destroy_encrypted_core_secret (cser); 289 return 0; 290 } 291 292 293 static int 294 test_public_key_derive (void) 295 { 296 struct ANASTASIS_CRYPTO_UserIdentifierP id; 297 struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key; 298 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt; 299 json_t *id_data = json_object (); 300 const char *salt_str = "Server-Salt-Test"; 301 302 GNUNET_memcpy (&provider_salt, 303 salt_str, 304 strlen (salt_str)); 305 306 json_object_set_new (id_data, "arg1", json_string ("ID_DATA")); 307 ANASTASIS_CRYPTO_user_identifier_derive (id_data, 308 &provider_salt, 309 &id); 310 311 ANASTASIS_CRYPTO_account_public_key_derive (&id, 312 &pub_key); 313 // FIXME: write a real test, e.g. signing and verification 314 json_decref (id_data); 315 return 0; 316 } 317 318 319 int 320 main (int argc, 321 const char *const argv[]) 322 { 323 GNUNET_log_setup (argv[0], "DEBUG", NULL); 324 if (0 != test_recovery_document ()) 325 return 1; 326 if (0 != test_user_identifier_derive ()) 327 return 1; 328 if (0 != test_key_share ()) 329 return 1; 330 if (0 != test_truth ()) 331 return 1; 332 if (0 != test_core_secret ()) 333 return 1; 334 if (0 != test_public_key_derive ()) 335 return 1; 336 return 0; 337 } 338 339 340 /* end of test_anastasis_crypto.c */