[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: Fixed testing problem
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: Fixed testing problem |
|
Date: |
Fri, 27 Mar 2020 19:14:14 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 5e7ce5d Fixed testing problem
5e7ce5d is described below
commit 5e7ce5d2aa96f340062886a414950e3b44394d21
Author: Dennis Neufeld <address@hidden>
AuthorDate: Fri Mar 27 18:14:07 2020 +0000
Fixed testing problem
---
src/include/anastasis_crypto_lib.h | 8 +++---
src/util/anastasis_crypto.c | 28 +++++++++++++++-----
src/util/test_anastasis_crypto.c | 52 +++++++++++++++++++++++++++++++++-----
3 files changed, 70 insertions(+), 18 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 34d26e9..18bde96 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -212,7 +212,7 @@ ANASTASIS_CRYPTO_key_share_decrypt (
* It is encrypted with AES256, the key is generated with the user
identification as
* entropy source and the salt "ect".
*
- * @param id Hashed User input, used for the generation of the encryption key
+ * @param truth_enc_key master key used for encryption of the truth (see
interface EscrowMethod)
* @param data truth which will be encrypted
* @param data_size size of the truth
* @param res return from the result, which contains the encrypted truth
@@ -221,7 +221,7 @@ ANASTASIS_CRYPTO_key_share_decrypt (
*/
void
ANASTASIS_CRYPTO_truth_encrypt (
- const struct ANASTASIS_CRYPTO_UserIdentifier *id,
+ const struct ANASTASIS_CRYPTO_TruthKey *truth_enc_key,
const void *data,
size_t data_size,
void **res,
@@ -232,7 +232,7 @@ ANASTASIS_CRYPTO_truth_encrypt (
* It is decrypted with AES256, the key is generated with the user
identification as
* entropy source and the salt "ect".
*
- * @param id Hashed User input, used for the generation of the decryption key
+ * @param truth_enc_key master key used for encryption of the truth (see
interface EscrowMethod)
* @param data truth holds the encrypted truth which will be decrypted
* @param data_size size of the data
* @param res return from the result, which contains the truth
@@ -240,7 +240,7 @@ ANASTASIS_CRYPTO_truth_encrypt (
*/
void
ANASTASIS_CRYPTO_truth_decrypt (
- const struct ANASTASIS_CRYPTO_UserIdentifier *id,
+ const struct ANASTASIS_CRYPTO_TruthKey *truth_enc_key,
const void *data,
size_t data_size,
void **res,
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 884cebc..2e01e92 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -251,7 +251,7 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
size_t *res_size)
{
char *salt = "erd";
- *res_size = sizeof (data_size) + sizeof(struct ANASTASIS_CRYPTO_Nonce)
+ *res_size = data_size + sizeof(struct ANASTASIS_CRYPTO_Nonce)
+ GCM_TAG_SIZE;
*res = GNUNET_malloc (*res_size);
encrypt (id, data, data_size, salt, res, res_size);
@@ -304,6 +304,10 @@ ANASTASIS_CRYPTO_key_share_encrypt (
+ sizeof (struct ANASTASIS_CRYPTO_Nonce)
+ GCM_TAG_SIZE;
*res = GNUNET_malloc (*res_size);
+ /* FIXME: the HKDF (in get_iv_key()) should be able to take additional
+ bits from the response (e.g. some hash over the answer to the
+ security question, see 12.6.-> interface EncryptedKeyShare in spec)
+ */
encrypt (id, key_share, sizeof (struct ANASTASIS_CRYPTO_KeyShare), salt, res,
res_size);
}
@@ -336,7 +340,7 @@ ANASTASIS_CRYPTO_key_share_decrypt (
* It is encrypted with AES256, the key is generated with the user
identification as
* entropy source and the salt "ect".
*
- * @param id Hashed User input, used for the generation of the encryption key
+ * @param truth_enc_key master key used for encryption of the truth
* @param data truth which will be encrypted
* @param data_size size of the truth
* @param res return from the result, which contains the encrypted truth
@@ -345,13 +349,18 @@ ANASTASIS_CRYPTO_key_share_decrypt (
*/
void
ANASTASIS_CRYPTO_truth_encrypt (
- const struct ANASTASIS_CRYPTO_UserIdentifier *id,
+ const struct ANASTASIS_CRYPTO_TruthKey *truth_enc_key,
const void *data,
size_t data_size,
void **res,
size_t *res_size)
{
-
+ char *salt = "ect";
+ *res_size = data_size
+ + sizeof (struct ANASTASIS_CRYPTO_Nonce)
+ + GCM_TAG_SIZE;
+ *res = GNUNET_malloc (*res_size);
+ encrypt (truth_enc_key, data, data_size, salt, res, res_size);
}
/**
@@ -359,7 +368,7 @@ ANASTASIS_CRYPTO_truth_encrypt (
* It is decrypted with AES256, the key is generated with the user
identification as
* entropy source and the salt "ect".
*
- * @param id Hashed User input, used for the generation of the decryption key
+ * @param truth_enc_key master key used for encryption of the truth
* @param data truth holds the encrypted truth which will be decrypted
* @param data_size size of the data
* @param res return from the result, which contains the truth
@@ -367,13 +376,18 @@ ANASTASIS_CRYPTO_truth_encrypt (
*/
void
ANASTASIS_CRYPTO_truth_decrypt (
- const struct ANASTASIS_CRYPTO_UserIdentifier *id,
+ const struct ANASTASIS_CRYPTO_TruthKey *truth_enc_key,
const void *data,
size_t data_size,
void **res,
size_t *res_size)
{
-
+ char *salt = "ect";
+ *res_size = data_size
+ - sizeof (struct ANASTASIS_CRYPTO_Nonce)
+ - GCM_TAG_SIZE;;
+ *res = GNUNET_malloc (*res_size);
+ decrypt (truth_enc_key, data, data_size, salt, res, res_size);
}
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index dd8eac4..2924c2b 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -81,6 +81,7 @@ test_recovery_document ()
void *plaintext;
size_t size_plaintext;
struct ANASTASIS_CRYPTO_UserIdentifier id;
+ const char *test = "TEST_ERD";
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
&id,
@@ -88,11 +89,11 @@ test_recovery_document ()
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"ERD_BEFORE: %s\n",
- TALER_B2S ("TestTest"));
+ TALER_b2s (test, strlen (test)));
ANASTASIS_CRYPTO_recovery_document_encrypt (&id,
- "TestTest",
- strlen ("TestTest"),
+ test,
+ strlen (test),
&ciphertext,
&size_ciphertext);
@@ -103,8 +104,8 @@ test_recovery_document ()
&size_plaintext);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"ERD_AFTER: %s\n",
- TALER_B2S (plaintext));
- return GNUNET_memcmp ("TestTest", plaintext);
+ TALER_b2s (plaintext, size_plaintext));
+ return GNUNET_memcmp (test, plaintext);
}
static int
@@ -140,10 +141,45 @@ test_key_share ()
&size_plaintext);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"KEYSHARE_AFTER: %s\n",
- TALER_B2S (plaintext));
+ TALER_b2s (plaintext, size_plaintext));
return GNUNET_memcmp (&key_share, plaintext);
}
+static int
+test_truth ()
+{
+ void *ciphertext;
+ size_t size_ciphertext;
+ void *plaintext;
+ size_t size_plaintext;
+ struct ANASTASIS_CRYPTO_TruthKey truth_enc_key;
+ const char *test = "TEST_TRUTH";
+
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &truth_enc_key,
+ sizeof (struct ANASTASIS_CRYPTO_TruthKey));
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "TRUTH_BEFORE: %s\n",
+ TALER_b2s (test, strlen (test)));
+
+ ANASTASIS_CRYPTO_truth_encrypt (&truth_enc_key,
+ "TEST_TRUTH",
+ strlen ("TEST_TRUTH"),
+ &ciphertext,
+ &size_ciphertext);
+
+ ANASTASIS_CRYPTO_truth_decrypt (&truth_enc_key,
+ ciphertext,
+ size_ciphertext,
+ &plaintext,
+ &size_plaintext);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "TRUTH_AFTER: %s\n",
+ TALER_b2s (plaintext, size_plaintext));
+ return GNUNET_memcmp ("TEST_TRUTH", plaintext);
+}
+
int
main (int argc,
const char *const argv[])
@@ -155,8 +191,10 @@ main (int argc,
return 1;
if (0 != test_key_share ())
return 1;
+ if (0 != test_truth ())
+ return 1;
- return 0;
+ return 1;
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: Fixed testing problem,
gnunet <=