Changeset 480
- Timestamp:
- 08/09/07 16:30:18
- Files:
-
- openpgpsdk/trunk/Makefile (modified) (1 diff)
- openpgpsdk/trunk/include/openpgpsdk/create.h (modified) (1 diff)
- openpgpsdk/trunk/include/openpgpsdk/crypto.h (modified) (3 diffs)
- openpgpsdk/trunk/include/openpgpsdk/keyring.h (modified) (1 diff)
- openpgpsdk/trunk/include/openpgpsdk/packet.h (modified) (6 diffs)
- openpgpsdk/trunk/include/openpgpsdk/readerwriter.h (added)
- openpgpsdk/trunk/src/advanced/adv_create.c (modified) (7 diffs)
- openpgpsdk/trunk/src/advanced/adv_packet-parse.c (modified) (9 diffs)
- openpgpsdk/trunk/src/advanced/adv_symmetric.c (modified) (7 diffs)
- openpgpsdk/trunk/src/standard/Makefile.template (modified) (1 diff)
- openpgpsdk/trunk/src/standard/std_keyring.c (modified) (1 diff)
- openpgpsdk/trunk/src/standard/std_print.c (modified) (2 diffs)
- openpgpsdk/trunk/src/standard/std_readerwriter.c (added)
- openpgpsdk/trunk/tests/Makefile.template (modified) (1 diff)
- openpgpsdk/trunk/tests/test_packet_types.c (modified) (12 diffs)
- openpgpsdk/trunk/tests/tests.c (modified) (4 diffs)
- openpgpsdk/trunk/tests/tests.h (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
openpgpsdk/trunk/Makefile
r403 r480 27 27 find . -name '*.core' | xargs rm -f 28 28 rm -rf oink-links 29 -rm lib/* 29 30 30 31 Makefiles: openpgpsdk/trunk/include/openpgpsdk/create.h
r477 r480 100 100 const int len, 101 101 ops_create_info_t *info); 102 103 ops_boolean_t ops_write_mdc(const unsigned char *date, 104 const unsigned int len, 105 ops_create_info_t *info); 106 107 ops_boolean_t ops_write_se_ip_data(const unsigned char *data, 108 const unsigned int len, 109 ops_crypt_t *crypt, 110 ops_create_info_t *info); 111 ops_boolean_t ops_write_pk_session_key(ops_create_info_t *info, 112 ops_pk_session_key_t *pksk); 113 102 114 #endif openpgpsdk/trunk/include/openpgpsdk/crypto.h
r479 r480 57 57 unsigned char siv[OPS_MAX_BLOCK_SIZE]; /* Needed for weird v3 resync */ 58 58 unsigned char key[OPS_MAX_KEY_SIZE]; 59 size_t num; /* Count of characters encrypted so far*/59 size_t num; /* Offset - see openssl _encrypt doco */ 60 60 void *data; 61 61 }; … … 97 97 void ops_decrypt_init(ops_crypt_t *decrypt); 98 98 void ops_encrypt_init(ops_crypt_t *encrypt); 99 size_t ops_decrypt (ops_crypt_t *decrypt,void *out,const void *in,99 size_t ops_decrypt_se(ops_crypt_t *decrypt,void *out,const void *in, 100 100 size_t count); 101 size_t ops_encrypt(ops_crypt_t *encrypt,void *out,const void *in, 101 size_t ops_encrypt_se(ops_crypt_t *encrypt,void *out,const void *in, 102 size_t count); 103 size_t ops_decrypt_se_ip(ops_crypt_t *decrypt,void *out,const void *in, 104 size_t count); 105 size_t ops_encrypt_se_ip(ops_crypt_t *encrypt,void *out,const void *in, 102 106 size_t count); 103 107 … … 120 124 struct ops_key_data; 121 125 void ops_writer_push_encrypt(ops_create_info_t *info, 122 //ops_crypt_t *encrypt,123 126 ops_crypt_t *encrypt, 127 const struct ops_key_data *key); 124 128 125 129 #endif openpgpsdk/trunk/include/openpgpsdk/keyring.h
r466 r480 45 45 46 46 void ops_set_secret_key(ops_parser_content_union_t* content,const ops_key_data_t *key); 47 48 unsigned char* ops_get_key_id(ops_key_data_t *key); 49 47 50 #endif openpgpsdk/trunk/include/openpgpsdk/packet.h
r473 r480 10 10 #include <time.h> 11 11 #include <openssl/bn.h> 12 #include <openssl/sha.h> 12 13 #include "types.h" 13 14 #include "errors.h" … … 429 430 #define OPS_CHECKHASH_SIZE 20 430 431 432 // SHA1 Hash Size \todo is this the same as OPS_CHECKHASH_SIZE?? 433 #define OPS_SHA1_HASH_SIZE SHA_DIGEST_LENGTH 434 431 435 // Max hash size 432 436 #define OPS_MAX_HASH_SIZE 64 … … 754 758 } ops_literal_data_body_t; 755 759 760 /** ops_mdc_t */ 761 typedef struct 762 { 763 unsigned char data[20]; // size of SHA1 hash 764 } ops_mdc_t; 765 756 766 /** ops_armoured_header_value_t */ 757 767 typedef struct … … 863 873 } ops_se_ip_data_header_t; 864 874 875 /** ops_se_ip_data_body_t */ 876 typedef struct 877 { 878 unsigned length; 879 unsigned char* data; // \todo remember to free this 880 } ops_se_ip_data_body_t; 881 865 882 /** ops_se_data_body_t */ 866 883 typedef struct 867 884 { 868 885 unsigned length; 869 unsigned char data[8192]; 886 unsigned char data[8192]; // \todo parameterise this! 870 887 } ops_se_data_body_t; 871 888 … … 911 928 ops_literal_data_header_t literal_data_header; 912 929 ops_literal_data_body_t literal_data_body; 930 ops_mdc_t mdc; 913 931 ops_ss_features_t ss_features; 914 932 ops_ss_revocation_reason_t ss_revocation_reason; … … 924 942 ops_secret_key_passphrase_t secret_key_passphrase; 925 943 ops_se_ip_data_header_t se_ip_data_header; 944 ops_se_ip_data_body_t se_ip_data_body; 926 945 ops_se_data_body_t se_data_body; 927 946 ops_get_secret_key_t get_secret_key; openpgpsdk/trunk/src/advanced/adv_create.c
r478 r480 4 4 #include <openpgpsdk/create.h> 5 5 #include <openpgpsdk/keyring.h> 6 #include <openpgpsdk/memory.h> 6 7 #include <openpgpsdk/random.h> 8 #include <openpgpsdk/readerwriter.h> 7 9 #include "keyring_local.h" 8 10 #include <openpgpsdk/packet.h> … … 816 818 } 817 819 818 static ops_boolean_t encrypted_writer(const unsigned char *src ATTRIBUTE_UNUSED,820 static ops_boolean_t encrypted_writer(const unsigned char *src, 819 821 unsigned length, 820 ops_error_t **errors ATTRIBUTE_UNUSED,821 ops_writer_info_t *winfo ATTRIBUTE_UNUSED)822 ops_error_t **errors, 823 ops_writer_info_t *winfo) 822 824 { 823 825 encrypted_arg_t *arg=ops_writer_get_arg(winfo); … … 831 833 unsigned len = remaining < BUFSZ ? remaining : BUFSZ; 832 834 memcpy(buf,src,len); 833 unsigned done = ops_encrypt(arg->encrypter, 834 encbuf, 835 buf, 836 len); 835 836 size_t done; 837 done=ops_encrypt_se_ip(arg->encrypter, 838 encbuf, 839 buf, 840 len); 841 837 842 assert(done==len); 838 843 if (!ops_stacked_write(encbuf,len,errors,winfo)) … … 849 854 850 855 /* \todo */ 851 assert(0);852 853 return ops_ false;856 // assert(0); 857 // return ops_false; 858 return ops_true; 854 859 } 855 860 … … 858 863 { 859 864 /* \todo */ 860 assert(0);865 // assert(0); 861 866 } 862 867 863 868 /* end of dummy code */ 864 869 865 ops_boolean_t ops_write_se_ip_data(ops_create_info_t *info,ops_crypt_t *crypt) 866 { 870 ops_boolean_t ops_write_mdc(const unsigned char* data, 871 const unsigned int len, 872 ops_create_info_t* info) 873 { 874 // calculate the hash 875 ops_hash_t hash; 876 unsigned char hashed[SHA_DIGEST_LENGTH]; 877 unsigned char c[0]; 878 879 ops_hash_any(&hash, OPS_HASH_SHA1); 880 hash.init(&hash); 881 hash.add(&hash,data,len); // preamble + plaintext 882 c[0]=0xD3; 883 hash.add(&hash,&c[0],1); // MDC packet tag 884 c[0]=0x14; 885 hash.add(&hash,&c[0],1); // MDC packet len 886 hash.finish(&hash,&hashed[0]); 887 888 // and write it out 889 return ops_write_ptag(OPS_PTAG_CT_MDC, info) 890 && ops_write_length(OPS_SHA1_HASH_SIZE,info) 891 && ops_write(hashed, OPS_SHA1_HASH_SIZE, info); 892 } 893 894 ops_boolean_t ops_write_se_ip_data(const unsigned char *data, 895 const unsigned int len, 896 ops_crypt_t *crypt, 897 ops_create_info_t *info) 898 { 899 const size_t sz_mdc=1+1+SHA_DIGEST_LENGTH; 867 900 encrypted_arg_t *arg=ops_mallocz(sizeof *arg); 868 901 902 size_t sz_preamble=crypt->blocksize+2; 903 unsigned char* preamble=ops_mallocz(sz_preamble); 904 905 size_t sz_buf=sz_preamble+len+sz_mdc; 906 869 907 #define SE_IP_DATA_VERSION 1 //\todo move this 870 if (!ops_write_ptag(OPS_PTAG_CT_SE_IP_DATA,info)) 908 909 if (!ops_write_ptag(OPS_PTAG_CT_SE_IP_DATA,info) 910 || !ops_write_length(1+sz_buf,info) 911 || !ops_write_scalar(SE_IP_DATA_VERSION,1,info)) 871 912 return 0; 872 if (!ops_write_scalar(SE_IP_DATA_VERSION,1,info)) 873 return 0; 874 875 // need any equivalent of base_init? 876 // encrypt.set_iv(&encrypt,session_key->symmetric_algorithm.iv); 877 // encrypt.set_key(&encrypt,mykey); // should be sym_alg.key? 878 913 914 ops_random(preamble, crypt->blocksize); 915 preamble[crypt->blocksize]=preamble[crypt->blocksize-2]; 916 preamble[crypt->blocksize+1]=preamble[crypt->blocksize-1]; 917 918 // now construct MDC packet and add to the end of the buffer 919 920 ops_memory_t *mem_mdc; 921 ops_create_info_t *cinfo_mdc; 922 923 ops_setup_memory_write(&cinfo_mdc, &mem_mdc,sz_mdc); 924 ops_write_mdc(data, len, cinfo_mdc); 925 926 // and write it out 927 879 928 arg->encrypter=crypt; 880 881 929 ops_writer_push(info,encrypted_writer,encrypted_finaliser, 882 930 encrypted_destroyer,arg); 883 931 932 if (!ops_write(preamble, sz_preamble,info) 933 || !ops_write(data, len, info) 934 || ops_write(ops_memory_get_data(mem_mdc), ops_memory_get_length(mem_mdc), info)) 935 return 0; 936 937 ops_writer_pop(info); 938 939 // cleanup 940 ops_teardown_memory_write(cinfo_mdc, mem_mdc); 941 free (preamble); 942 884 943 return 1; 885 944 } 886 945 887 void ops_writer_push_encrypt(ops_create_info_t *info, 888 // ops_crypt_t *encrypt, 889 const ops_key_data_t *key) 890 { 891 946 void ops_writer_push_encrypt(ops_create_info_t *info __attribute__((__unused__)), 947 ops_crypt_t *encrypt __attribute__((__unused__)), 948 const ops_key_data_t *key __attribute__((__unused__))) 949 { 950 assert(0); 951 #ifdef NOTYETUSED 892 952 // has ops_key_data_t * key 893 953 // needs ops_crypt_t * crypt … … 902 962 ops_encrypt_init(&crypt); 903 963 ops_write_se_ip_data(info,&crypt); 904 964 #endif 905 965 } 906 966 … … 936 996 encrypted=ops_mallocz(encrypted_sz); 937 997 938 int done=ops_encrypt (&crypt_info, encrypted, data, len);998 int done=ops_encrypt_se(&crypt_info, encrypted, data, len); 939 999 printf("len=%d, done: %d\n", len, done); 940 1000 openpgpsdk/trunk/src/advanced/adv_packet-parse.c
r473 r480 9 9 #include <openpgpsdk/compress.h> 10 10 #include <openpgpsdk/errors.h> 11 #include <openpgpsdk/readerwriter.h> 11 12 #include "parse_local.h" 12 13 … … 20 21 21 22 #include <openpgpsdk/final.h> 23 24 typedef struct 25 { 26 // boolean: false once we've done the preamble/MDC checks 27 // and are reading from the plaintext 28 int passed_checks; 29 unsigned char *plaintext; 30 size_t plaintext_available; 31 size_t plaintext_offset; 32 ops_region_t *region; 33 ops_crypt_t *decrypt; 34 } decrypt_se_ip_arg_t; 22 35 23 36 /** … … 711 724 case OPS_PTAG_CT_SE_IP_DATA_HEADER: 712 725 case OPS_PTAG_CT_SE_IP_DATA_BODY: 726 case OPS_PTAG_CT_MDC: 713 727 case OPS_PARSER_CMD_GET_SECRET_KEY: 714 728 break; … … 2245 2259 } 2246 2260 2261 static int se_ip_data_reader(void *dest_, size_t len, ops_error_t **errors, 2262 ops_reader_info_t *rinfo, 2263 ops_parse_cb_info_t *cbinfo) 2264 { 2265 /* 2266 Gets entire SE_IP data packet. 2267 Verifies leading preamble 2268 Verifies trailing MDC packet 2269 Then passes up plaintext as requested 2270 */ 2271 2272 ops_region_t decrypted_region; 2273 2274 decrypt_se_ip_arg_t *arg=ops_reader_get_arg(rinfo); 2275 2276 if (!arg->passed_checks) 2277 { 2278 unsigned char*buf=NULL; 2279 2280 ops_hash_t hash; 2281 unsigned char hashed[SHA_DIGEST_LENGTH]; 2282 2283 ops_hash_any(&hash,OPS_HASH_SHA1); 2284 hash.init(&hash); 2285 2286 ops_init_subregion(&decrypted_region,NULL); 2287 decrypted_region.length = arg->region->length - arg->region->length_read; 2288 buf=ops_mallocz(decrypted_region.length); 2289 2290 // read entire SE IP packet 2291 2292 if (!ops_stacked_limited_read(buf,decrypted_region.length, &decrypted_region,errors,rinfo,cbinfo)) 2293 return -1; 2294 2295 // verify leading preamble 2296 2297 size_t b=arg->decrypt->blocksize; 2298 if(buf[b-2] != buf[b] || buf[b-1] != buf[b+1]) 2299 { 2300 // ERR4P(pinfo,"Bad symmetric decrypt (%02x%02x vs %02x%02x)", 2301 // buf[b-2],buf[b-1],buf[b],buf[b+1]); 2302 return 0; 2303 } 2304 2305 // Verify trailing MDC hash 2306 2307 size_t sz_preamble=arg->decrypt->blocksize+2; 2308 size_t sz_mdc_hash=OPS_SHA1_HASH_SIZE; 2309 size_t sz_mdc=1+1+sz_mdc_hash; 2310 size_t sz_plaintext=decrypted_region.length-sz_preamble-sz_mdc; 2311 2312 // unsigned char* preamble=buf; 2313 unsigned char* plaintext=buf+sz_preamble; 2314 unsigned char* mdc=plaintext+sz_plaintext; 2315 unsigned char* mdc_hash=mdc+2; 2316 2317 unsigned char c[0]; 2318 2319 hash.add(&hash, plaintext, sz_plaintext); 2320 c[0]=0xD3; 2321 hash.add(&hash,&c[0],1); // MDC packet tag 2322 c[0]=0x14; 2323 hash.add(&hash,&c[0],1); // MDC packet len 2324 2325 hash.finish(&hash,&hashed[0]); 2326 2327 if (memcmp(mdc_hash,hashed,OPS_SHA1_HASH_SIZE)) 2328 { 2329 fprintf(stderr,"Hash is bad"); 2330 // ERRP(pinfo,"Bad hash in MDC"); 2331 return 0; 2332 } 2333 2334 // all done with the checks 2335 // now can start reading from the plaintext 2336 assert(!arg->plaintext); 2337 arg->plaintext=ops_mallocz(sz_plaintext); 2338 memcpy(arg->plaintext, plaintext, sz_plaintext); 2339 arg->plaintext_available=sz_plaintext; 2340 2341 arg->passed_checks=1; 2342 2343 free(buf); 2344 } 2345 2346 unsigned int n=len; 2347 if (n > arg->plaintext_available) 2348 n=arg->plaintext_available; 2349 2350 memcpy(dest_, arg->plaintext+arg->plaintext_offset, n); 2351 arg->plaintext_available-=n; 2352 arg->plaintext_offset+=n; 2353 len-=n; 2354 2355 return n; 2356 } 2357 2358 static void se_ip_data_destroyer(ops_reader_info_t *rinfo) 2359 { 2360 decrypt_se_ip_arg_t* arg=ops_reader_get_arg(rinfo); 2361 free (arg->plaintext); 2362 free (arg); 2363 // free(ops_reader_get_arg(rinfo)); 2364 } 2365 2366 //void ops_reader_push_se_ip_data(ops_parse_info_t *pinfo __attribute__((__unused__)), ops_crypt_t *decrypt __attribute__((__unused__)), 2367 // ops_region_t *region __attribute__((__unused__))) 2368 void ops_reader_push_se_ip_data(ops_parse_info_t *pinfo, ops_crypt_t *decrypt, 2369 ops_region_t *region) 2370 { 2371 decrypt_se_ip_arg_t *arg=ops_mallocz(sizeof *arg); 2372 arg->region=region; 2373 arg->decrypt=decrypt; 2374 2375 ops_reader_push(pinfo, se_ip_data_reader, se_ip_data_destroyer,arg); 2376 } 2377 2378 void ops_reader_pop_se_ip_data(ops_parse_info_t* pinfo) 2379 { 2380 // decrypt_se_ip_arg_t *arg=ops_reader_get_arg(ops_parse_get_rinfo(pinfo)); 2381 // free(arg); 2382 ops_reader_pop(pinfo); 2383 } 2384 2247 2385 // XXX: make this static? 2248 2386 int ops_decrypt_data(ops_content_tag_t tag,ops_region_t *region, … … 2259 2397 ops_region_t encregion; 2260 2398 2261 2399 2262 2400 ops_reader_push_decrypt(pinfo,decrypt,region); 2263 2401 … … 2281 2419 } 2282 2420 2421 2283 2422 r=ops_parse(pinfo); 2423 2284 2424 ops_reader_pop_decrypt(pinfo); 2285 2425 } 2286 2426 else 2287 2427 { … … 2307 2447 } 2308 2448 2449 int ops_decrypt_se_ip_data(ops_content_tag_t tag,ops_region_t *region, 2450 ops_parse_info_t *pinfo) 2451 { 2452 int r=1; 2453 ops_crypt_t *decrypt=ops_parse_get_decrypt(pinfo); 2454 2455 if(decrypt) 2456 { 2457 ops_reader_push_decrypt(pinfo,decrypt,region); 2458 ops_reader_push_se_ip_data(pinfo,decrypt,region); 2459 2460 r=ops_parse(pinfo); 2461 2462 // assert(0); 2463 ops_reader_pop_se_ip_data(pinfo); 2464 ops_reader_pop_decrypt(pinfo); 2465 } 2466 else 2467 { 2468 ops_parser_content_t content; 2469 2470 while(region->length_read < region->length) 2471 { 2472 unsigned l=region->length-region->length_read; 2473 2474 if(l > sizeof C.se_data_body.data) 2475 l=sizeof C.se_data_body.data; 2476 2477 if(!limited_read(C.se_data_body.data,l,region,pinfo)) 2478 return 0; 2479 2480 C.se_data_body.length=l; 2481 2482 CBP(pinfo,tag,&content); 2483 } 2484 } 2485 2486 return r; 2487 } 2488 2309 2489 static int parse_se_data(ops_region_t *region,ops_parse_info_t *pinfo) 2310 2490 { … … 2325 2505 2326 2506 if(!limited_read(c,1,region,pinfo)) 2327 2507 return 0; 2328 2508 C.se_ip_data_header.version=c[0]; 2329 2509 assert(C.se_ip_data_header.version == OPS_SE_IP_V1); 2330 2510 2331 CBP(pinfo,OPS_PTAG_CT_SE_IP_DATA_HEADER,&content);2332 2333 2511 /* The content of an encrypted data packet is more OpenPGP packets 2334 2512 once decrypted, so recursively handle them */ 2335 return ops_decrypt_data(OPS_PTAG_CT_SE_IP_DATA_BODY,region,pinfo); 2336 } 2513 return ops_decrypt_se_ip_data(OPS_PTAG_CT_SE_IP_DATA_BODY,region,pinfo); 2514 } 2515 2516 static int parse_mdc(ops_region_t *region, ops_parse_info_t *pinfo) 2517 { 2518 ops_parser_content_t content; 2519 2520 if (!limited_read((unsigned char *)&C.mdc,OPS_SHA1_HASH_SIZE,region,pinfo)) 2521 return 0; 2522 2523 CBP(pinfo,OPS_PTAG_CT_MDC,&content); 2524 2525 return 1; 2526 } 2337 2527 2338 2528 /** Parse one packet. … … 2471 2661 break; 2472 2662 2663 case OPS_PTAG_CT_MDC: 2664 r=parse_mdc(®ion, pinfo); 2665 break; 2666 2473 2667 default: 2474 2668 ERR1P(pinfo,"Unknown content tag 0x%x", C.ptag.content_tag); openpgpsdk/trunk/src/advanced/adv_symmetric.c
r479 r480 98 98 if(!rinfo->pinfo->reading_v3_secret 99 99 || !rinfo->pinfo->reading_mpi_length) 100 arg->decrypted_count=ops_decrypt(arg->decrypt, 101 arg->decrypted, 102 buffer,n); 100 { 101 arg->decrypted_count=ops_decrypt_se_ip(arg->decrypt, 102 arg->decrypted, 103 buffer,n); 104 } 103 105 else 104 106 { … … 143 145 144 146 static void std_set_iv(ops_crypt_t *crypt,const unsigned char *iv) 145 { memcpy(crypt->iv,iv,crypt->blocksize); } 147 { 148 memcpy(crypt->iv,iv,crypt->blocksize); 149 crypt->num=0; 150 } 146 151 147 152 static void std_set_key(ops_crypt_t *crypt,const unsigned char *key) … … 358 363 void ops_encrypt_init(ops_crypt_t * encrypt) 359 364 { 360 return ops_decrypt_init(encrypt); 361 // \todo does there need to be both a ops_encrypt_init and a ops_decrypt_init? 362 encrypt->base_init(encrypt); 363 // needed? decrypt->block_encrypt(decrypt,decrypt->siv,decrypt->iv); 364 // needed? memcpy(decrypt->civ,decrypt->siv,decrypt->blocksize); 365 encrypt->num=0; 365 // \todo should there be a separate ops_encrypt_init? 366 return ops_decrypt_init(encrypt); 366 367 } 367 368 … … 374 375 } 375 376 376 size_t ops_decrypt(ops_crypt_t *decrypt,void *out_,const void *in_, 377 size_t ops_decrypt_se 378 (ops_crypt_t *decrypt,void *out_,const void *in_, 377 379 size_t count) 378 380 { … … 390 392 { 391 393 memcpy(decrypt->siv,decrypt->civ,decrypt->blocksize); 392 decrypt->block_ encrypt(decrypt,decrypt->civ,decrypt->civ);394 decrypt->block_decrypt(decrypt,decrypt->civ,decrypt->civ); 393 395 decrypt->num=0; 394 396 } … … 400 402 } 401 403 402 size_t ops_encrypt (ops_crypt_t *encrypt,void *out_,const void *in_,404 size_t ops_encrypt_se(ops_crypt_t *encrypt,void *out_,const void *in_, 403 405 size_t count) 404 406 { … … 423 425 return saved; 424 426 } 427 428 size_t ops_encrypt_se_ip(ops_crypt_t *crypt,void *out_,const void *in_, 429 size_t count) 430 { 431 CAST_cfb64_encrypt(in_, out_, count, 432 crypt->data, crypt->iv, (int *)&crypt->num, CAST_ENCRYPT); 433 return count; 434 } 435 436 size_t ops_decrypt_se_ip(ops_crypt_t *crypt,void *out_,const void *in_, 437 size_t count) 438 { 439 // \todo should not be hard-coded to CAST 440 441 CAST_cfb64_encrypt(in_, out_, count, 442 crypt->data, crypt->iv, (int *)&crypt->num, CAST_DECRYPT); 443 return count; 444 } openpgpsdk/trunk/src/standard/Makefile.template
r437 r480 11 11 all: Makefile headers .depend libops_std.a 12 12 13 LIBOBJS = std_keyring.o std_print.o 13 LIBOBJS = std_keyring.o std_print.o std_readerwriter.o 14 14 15 15 headers: openpgpsdk/trunk/src/standard/std_keyring.c
r438 r480 185 185 const char *userid) 186 186 { 187 int n ;188 unsigned int i ;187 int n=0; 188 unsigned int i=0; 189 189 190 190 for(n=0 ; n < keyring->nkeys ; ++n) openpgpsdk/trunk/src/standard/std_print.c
r447 r480 20 20 static void print_bn( const char *name, 21 21 const BIGNUM *bn); 22 #ifdef NOTYETUSED 23 static void print_hash(const char *name, 24 const unsigned char *data, 25 unsigned int len); 26 #endif 22 27 static void print_hex(const unsigned char *src, 23 28 size_t length); … … 239 244 } 240 245 246 #ifdef NOTYETUSED 247 static void print_hash(const char *name, 248 const unsigned char *data, 249 unsigned int len) 250 { 251 unsigned int i=0; 252 print_name(name); 253 printf("len=%d, data=0x", len); 254 for (i=0; i<len; i++) 255 { 256 printf("0x%2x ",data[i]); 257 } 258 printf("\n"); 259 } 260 #endif 261 241 262 static void print_hexdump(const char *name, 242 263 const unsigned char *data, openpgpsdk/trunk/tests/Makefile.template
r473 r480 21 21 tests: $(CUNIT_LIB) $(TESTOBJ) $(LIBDEPS) 22 22 $(CC) $(LDFLAGS) -o tests $(TESTOBJ) $(LIBS) 23 make runtests24 25 runtests:26 ./tests27 23 28 24 $(CUNIT_LIB): openpgpsdk/trunk/tests/test_packet_types.c
r476 r480 8 8 #include "openpgpsdk/util.h" 9 9 #include "openpgpsdk/crypto.h" 10 #include "openpgpsdk/readerwriter.h" 10 11 #include "../src/advanced/parse_local.h" 12 #include <openssl/aes.h> 13 #include <openssl/cast.h> 14 #include <openssl/sha.h> 11 15 12 16 #include "tests.h" 13 17 14 static unsigned char* data; 18 static unsigned char* literal_data=NULL; 19 static size_t sz_literal_data=0; 20 static unsigned char* mdc_data=NULL; 21 static size_t sz_mdc_data=0; 15 22 16 23 #define MAXBUF 128 24 25 static void cleanup(); 26 //static void print_hash(char* str, unsigned char* data); 17 27 18 28 /* … … 51 61 { 52 62 case OPS_PTAG_CT_LITERAL_DATA_BODY: 53 data=ops_mallocz(content->literal_data_body.length+1); 54 memcpy(data,content->literal_data_body.data,content->literal_data_body.length); 63 sz_literal_data=content->literal_data_body.length; 64 // literal_data=ops_mallocz(content->literal_data_body.length+1); 65 // memcpy(literal_data,content->literal_data_body.data,content->literal_data_body.length); 66 literal_data=ops_mallocz(sz_literal_data+1); 67 memcpy(literal_data,content->literal_data_body.data,sz_literal_data); 55 68 break; 56 69 … … 59 72 // ignore 60 73 break; 74 75 case OPS_PARSER_ERROR: 76 printf("parse error: %s\n",content->error.error); 77 break; 78 79 case OPS_PARSER_ERRCODE: 80 printf("parse error: %s\n", 81 ops_errcode(content->errcode.errcode)); 82 break; 61 83 62 84 default: … … 70 92 71 93 static ops_parse_cb_return_t 72 callback_ symmetrically_encrypted_data(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo)73 { 74 //ops_parser_content_union_t* content=(ops_parser_content_union_t *)&content_->content;94 callback_mdc(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo) 95 { 96 ops_parser_content_union_t* content=(ops_parser_content_union_t *)&content_->content; 75 97 76 98 OPS_USED(cbinfo); 77 99 78 ops_print_packet(content_); 79 100 // ops_print_packet(content_); 101 102 // Read data from packet into static buffer 80 103 switch(content_->tag) 81 104 { 82 // ignore 83 // break; 84 85 // case OPS_PTAG_CT_SE_DATA_BODY: 86 // data=ops_mallocz(content->literal_data_body.length+1); 87 // memcpy(data,content->literal_data_body.data,content->literal_data_body.length); 88 // break; 105 case OPS_PTAG_CT_MDC: 106 sz_mdc_data=OPS_SHA1_HASH_SIZE; 107 mdc_data=ops_mallocz(sz_mdc_data); 108 // print_hash("in callback",content->mdc.data); 109 memcpy(mdc_data,content->mdc.data,sz_mdc_data); 110 break; 89 111 90 112 case OPS_PARSER_PTAG: 91 case OPS_PTAG_CT_SE_DATA_HEADER:92 113 // ignore 93 114 break; 115 116 case OPS_PARSER_ERROR: 117 printf("parse error: %s\n",content->error.error); 118 break; 119 120 case OPS_PARSER_ERRCODE: 121 printf("parse error: %s\n", 122 ops_errcode(content->errcode.errcode)); 123 break; 94 124 95 125 default: … … 102 132 } 103 133 104 // \todo temp place to this. need to work out best place for this struct 105 // this is a copy of the original definition in adv_memory.c 106 struct ops_memory 107 { 108 unsigned char *buf; 109 size_t length; 110 size_t allocated; 111 }; 112 113 static void init_for_memory_write(ops_create_info_t **cinfo, ops_memory_t **mem) 114 { 115 /* 116 * initialise needed structures for writing 117 */ 118 119 *cinfo=ops_create_info_new(); 120 *mem=ops_memory_new(); 121 122 ops_memory_init(*mem,MAXBUF); 123 124 ops_writer_set_memory(*cinfo,*mem); 125 } 126 127 static void init_for_memory_read(ops_parse_info_t **pinfo, ops_memory_t *mem, 128 ops_parse_cb_return_t callback(const ops_parser_content_t *, ops_parse_cb_info_t *)) 129 { 130 /* 131 * initialise needed structures for reading 132 */ 133 134 *pinfo=ops_parse_info_new(); 135 ops_parse_cb_set(*pinfo,callback,NULL); 136 ops_reader_set_memory(*pinfo,mem->buf,mem->length); 137 } 138 139 134 static ops_parse_cb_return_t 135 callback_se_ip_data(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo) 136 { 137 // ops_parser_content_union_t* content=(ops_parser_content_union_t *)&content_->content; 138 139 OPS_USED(cbinfo); 140 141 // ops_print_packet(content_); 142 143 switch(content_->tag) 144 { 145 case OPS_PARSER_PTAG: 146 // ignore 147 break; 148 149 case OPS_PTAG_CT_LITERAL_DATA_HEADER: 150 case OPS_PTAG_CT_LITERAL_DATA_BODY: 151 return callback_literal_data(content_,cbinfo); 152 break; 153 154 default: 155 fprintf(stderr,"Unexpected packet tag=%d (0x%x)\n",content_->tag, 156 content_->tag); 157 assert(0); 158 } 159 160 return OPS_RELEASE_MEMORY; 161 } 162 140 163 static void test_literal_data_packet_text() 141 164 { … … 154 177 */ 155 178 156 init_for_memory_write(&cinfo,&mem);179 ops_setup_memory_write(&cinfo,&mem,strlen(in)); 157 180 158 181 /* … … 165 188 */ 166 189 167 init_for_memory_read(&pinfo,mem,callback_literal_data);190 ops_setup_memory_read(&pinfo,mem,callback_literal_data); 168 191 169 192 // and parse it … … 176 199 */ 177 200 178 CU_ASSERT(strncmp((char *) data,in,MAXBUF)==0);201 CU_ASSERT(strncmp((char *)literal_data,in,MAXBUF)==0); 179 202 180 203 // cleanup 181 ops_memory_free(mem); 204 cleanup(); 205 ops_teardown_memory_read(pinfo,mem); 182 206 free (in); 183 207 } … … 199 223 */ 200 224 201 init_for_memory_write(&cinfo,&mem);225 ops_setup_memory_write(&cinfo,&mem,MAXBUF); 202 226 203 227 /* … … 210 234 */ 211 235 212 init_for_memory_read(&pinfo,mem,callback_literal_data);236 ops_setup_memory_read(&pinfo,mem,callback_literal_data); 213 237 214 238 // and parse it … … 221 245 */ 222 246 223 CU_ASSERT(memcmp( data,in,MAXBUF)==0);247 CU_ASSERT(memcmp(literal_data,in,MAXBUF)==0); 224 248 225 249 // cleanup 226 ops_memory_free(mem); 250 cleanup(); 251 ops_teardown_memory_read(pinfo,mem); 227 252 free (in); 228 253 } 229 254 230 static void test_symmetrically_encrypted_data_packet() 231 { 255 static void test_cfb() 256 { 257 // Used for trying low-level OpenSSL tests 258 259 ops_crypt_t crypt_aes; 260 ops_crypt_any(&crypt_aes, OPS_SA_AES_256); 261 262 ops_crypt_t crypt_cast; 263 ops_crypt_any(&crypt_cast, OPS_SA_CAST5); 264 265 ops_crypt_t* crypt; 266 267 /* 268 AES init 269 using empty IV and key for the moment 270 */ 271 unsigned char *iv=ops_mallocz(crypt_aes.blocksize); 272 unsigned char *key=ops_mallocz(crypt_aes.keysize); 273 snprintf((char *)key, crypt_aes.keysize, "AES_KEY"); 274 crypt_aes.set_iv(&crypt_aes, iv); 275 crypt_aes.set_key(&crypt_aes, key); 276 ops_encrypt_init(&crypt_aes); 277 278 /* 279 * CAST 280 */ 281 iv=ops_mallocz(crypt_cast.blocksize); 282 key=ops_mallocz(crypt_cast.keysize); 283 // snprintf((char *)key, crypt_cast.keysize, "CAST_KEY"); 284 crypt_cast.set_iv(&crypt_cast, iv); 285 crypt_cast.set_key(&crypt_cast, key); 286 ops_encrypt_init(&crypt_cast); 287 288 crypt=&crypt_cast; 289 290 // Why does aes encrypt/decrypt work?? 291 // crypt=&crypt_aes; 292 293 unsigned char *in=ops_mallocz(crypt->blocksize); 294 unsigned char *out=ops_mallocz(crypt->blocksize); 295 unsigned char *out2=ops_mallocz(crypt->blocksize); 296 297 snprintf((char *)in,crypt->blocksize,"hello"); 298 /* 299 printf("\n"); 300 printf("in:\t0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x\n", 301 in[0], in[1], in[2], in[3], in[4], in[5], in[6], in[7]); 302 printf("in:\t%c %c %c %c %c %c %c %c\n", 303 in[0], in[1], in[2], in[3], in[4], in[5], in[6], in[7]); 304 */ 305 306 crypt->block_encrypt(crypt, out, in); 307 // AES_ecb_encrypt(in,out,crypt.data,AES_ENCRYPT); 308 /* 309 printf("out:\t0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x\n", 310 out[0], out[1], out[2], out[3], out[4], out[5], out[6], out[7]); 311 printf("out:\t%c %c %c %c %c %c %c %c\n", 312 out[0], out[1], out[2], out[3], out[4], out[5], out[6], out[7]); 313 */ 314 315 crypt->block_decrypt(crypt, out2, out); 316 // AES_ecb_encrypt(out,out2,crypt.data,AES_DECRYPT); 317 /* 318 printf("out2:\t0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x 0x%.2x\n", 319 out2[0], out2[1], out2[2], out2[3], out2[4], out2[5], out2[6], out2[7]); 320 printf("out2:\t%c %c %c %c %c %c %c %c\n", 321 out2[0], out2[1], out2[2], out2[3], out2[4], out2[5], out2[6], out2[7]); 322 */ 323 CU_ASSERT(memcmp((char *)in, (char *)out2, strlen((char *)in))==0); 324 325 cleanup(); 326 } 327 328 static void test_ops_mdc() 329 { 330 // Modification Detection Code Packet 331 // used by SE_IP data packets 332 333 ops_memory_t *mem; 334 ops_create_info_t *cinfo; 335 ops_parse_info_t *pinfo; 336 ops_hash_t hash; 337 char* plaintext="Text to be hashed in test_ops_mdc"; 338 int rtn=0; 339 340 // Write packet to memory 341 ops_setup_memory_write(&cinfo,&mem,strlen(plaintext)); 342 ops_write_mdc((unsigned char *)plaintext,strlen(plaintext),cinfo); 343 344 // Read back and verify contents 345 ops_setup_memory_read(&pinfo,mem,callback_mdc); 346 ops_parse_options(pinfo,OPS_PTAG_SS_ALL,OPS_PARSE_PARSED); 347 rtn=ops_parse(pinfo); 348 349 // This duplicates the hash done in ops_write_mdc so that we 350 // can verify it's been written correctly. 351 352 int x; 353 unsigned char hashed[SHA_DIGEST_LENGTH]; 354 unsigned char c[0]; 355 ops_hash_any(&hash,OPS_HASH_SHA1); 356 hash.init(&hash); 357 hash.add(&hash,(unsigned char *)plaintext,strlen(plaintext)); 358 c[0]=0xD3; 359 hash.add(&hash,&c[0],1); // MDC packet tag 360 c[0]=0x14; 361 hash.add(&hash,&c[0],1); // MDC packet len 362 x=hash.finish(&hash,&hashed[0]); 363 assert(x==SHA_DIGEST_LENGTH); 364 // print_hash("recreated hash",hashed); 365 366 CU_ASSERT(mdc_data!=0); 367 if (mdc_data) 368 CU_ASSERT(memcmp(mdc_data, hashed, OPS_SHA1_HASH_SIZE)==0); 369 370 // clean up 371 cleanup(); 372 ops_teardown_memory_read(pinfo,mem); 373 } 374 375 static void test_ops_se_ip() 376 { 377 ops_crypt_t encrypt; 378 // ops_crypt_t decrypt; 379 unsigned char *iv=NULL; 380 unsigned char *key=NULL; 381 382 // create a simple literal data packet as the encrypted payload 383 ops_memory_t *mem_ldt; 384 ops_create_info_t *cinfo_ldt; 385 char* ldt_text="Test Data string for test_se_ip"; 386 387 ops_setup_memory_write(&cinfo_ldt,&mem_ldt,strlen(ldt_text)); 388 ops_write_literal_data((unsigned char *)ldt_text, strlen(ldt_text), 389 OPS_LDT_TEXT, cinfo_ldt); 390 391 /* 392 * write out the encrypted packet 393 */ 394 int rtn=0; 232 395 ops_create_info_t *cinfo; 233 396 ops_parse_info_t *pinfo; 234 397 ops_memory_t *mem; 235 236 unsigned char *in=ops_mallocz(MAXBUF); 237 int rtn=0; 238 239 // create test data buffer 240 create_testdata("symmetrically encrypted data packet", &in[0], MAXBUF); 241 242 /* 243 * initialise needed structures for writing into memory 244 */ 245 246 init_for_memory_write(&cinfo,&mem); 247 248 /* 249 * create literal data packet 250 */ 251 ops_write_symmetrically_encrypted_data(in,MAXBUF,cinfo); 252 253 /* 254 * initialise needed structures for reading from memory 255 */ 256 257 init_for_memory_read(&pinfo,mem,callback_symmetrically_encrypted_data); 258 259 // and parse it 260 398 ops_setup_memory_write(&cinfo,&mem,MAXBUF); 399 400 ops_crypt_any(&encrypt, OPS_SA_CAST5); 401 iv=ops_mallocz(encrypt.blocksize); 402 encrypt.set_iv(&encrypt, iv); 403 key=ops_mallocz(encrypt.keysize); // using blank key for now 404 snprintf((char *)key, encrypt.keysize, "CAST_KEY"); 405 encrypt.set_key(&encrypt, key); 406 ops_encrypt_init(&encrypt); 407 408 ops_write_se_ip_data( ops_memory_get_data(mem_ldt), 409 ops_memory_get_length(mem_ldt), 410 &encrypt, cinfo); 411 412 /* 413 * now read it back 414 */ 415 416 ops_setup_memory_read(&pinfo,mem,callback_se_ip_data); 261 417 ops_parse_options(pinfo,OPS_PTAG_SS_ALL,OPS_PARSE_PARSED); 418 262 419 // \todo hardcode for now 263 // note: also hardcoded in ops_write_symmetrically_encrypted_data 264 ops_crypt_any(&(pinfo->decrypt), OPS_SA_AES_256); 420 // note: also hardcoded in ops_write_se_ip_data 421 ops_crypt_any(&(pinfo->decrypt), OPS_SA_CAST5); 422 pinfo->decrypt.set_iv(&(pinfo->decrypt), iv); // reuse blank iv from encrypt 423 pinfo->decrypt.set_key(&(pinfo->decrypt), key); 265 424 ops_encrypt_init(&pinfo->decrypt); 425 266 426 rtn=ops_parse(pinfo); 267 427 268 428 /* 269 * test it's the same270 */ 271 272 CU_ASSERT(memcmp( data,in,MAXBUF)==0);429 * Callback should now have literal_data parsed from packet 430 */ 431 432 CU_ASSERT(memcmp(literal_data,ldt_text, strlen(ldt_text))==0); 273 433 274 434 // cleanup 275 ops_memory_free(mem); 276 free (in); 435 cleanup(); 436 ops_teardown_memory_read(pinfo,mem); 437 ops_memory_free(mem_ldt); 277 438 } 278 439 … … 287 448 // add tests to suite 288 449 289 if (NULL == CU_add_test(suite, "Literal Data (Text) packet (Tag 11)", test_literal_data_packet_text)) 450 if (NULL == CU_add_test(suite, "Test CFB", test_cfb)) 451 return NULL; 452 453 if (NULL == CU_add_test(suite, "Tag 11: Literal Data packet in Text mode", test_literal_data_packet_text)) 290 454 return NULL; 291 455 292 if (NULL == CU_add_test(suite, " Literal Data (Data) packet (Tag 11)", test_literal_data_packet_data))456 if (NULL == CU_add_test(suite, "Tag 11: Literal Data packet in Data mode", test_literal_data_packet_data)) 293 457 return NULL; 294 458 295 if (NULL == CU_add_test(suite, "Symmetrically Encrypted Data packet (Tag 9)", test_symmetrically_encrypted_data_packet)) 296 return NULL; 297 459 if (NULL == CU_add_test(suite, "Tag 19: Modification Detection Code packet", test_ops_mdc)) 460 return NULL; 461 462 if (NULL == CU_add_test(suite, "Tag 20: Sym. Encrypted Integrity Protected Data packet", test_ops_se_ip)) 463 return NULL; 464 298 465 return suite; 299 466 } 300 467 468 static void cleanup() 469 { 470 if (literal_data) 471 { 472 free(literal_data); 473 literal_data=NULL; 474 } 475 476 if (mdc_data) 477 { 478 free(mdc_data); 479 mdc_data=NULL; 480 } 481 } 482 483 /* 484 static void print_hash(char* str, unsigned char* data) 485 { 486 fprintf(stderr, "\n%s: \n", str); 487 int i=0; 488 for (i=0; i<OPS_SHA1_HASH_SIZE; i++) 489 { 490 fprintf(stderr,"0x%2x ",data[i]); 491 } 492 fprintf(stderr,"\n"); 493 } 494 */ 495 openpgpsdk/trunk/tests/tests.c
r475 r480 7 7 8 8 #include "CUnit/Basic.h" 9 #include "openpgpsdk/readerwriter.h" 10 9 11 #include "tests.h" 10 12 … … 28 30 } 29 31 30 if (NULL == suite_crypt_mpi()) 32 /* 33 if (NULL == suite_rsa_decrypt()) 31 34 { 32 35 CU_cleanup_registry(); … … 34 37 } 35 38 36 if (NULL == suite_rsa_decrypt())37 {38 CU_cleanup_registry();39 return CU_get_error();40 }41 42 39 if (NULL == suite_rsa_encrypt()) 43 { 44 CU_cleanup_registry(); 45 return CU_get_error(); 46 } 40 { 41 CU_cleanup_registry(); 42 return CU_get_error(); 43 } 44 */ 47 45 48 46 // Run tests … … 97 95 98 96 97 openpgpsdk/trunk/tests/tests.h
r475 r480 11 11 #include <sys/types.h> 12 12 13 #include <openpgpsdk/memory.h> 14 #include <openpgpsdk/create.h> 15 13 16 int mktmpdir(); 14 17 extern char dir[];
