]>
Commit | Line | Data |
---|---|---|
f3af4969 TB |
1 | /* |
2 | * Copyright (C) 2010 Martin Willi | |
3 | * Copyright (C) 2010 revosec AG | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify it | |
6 | * under the terms of the GNU General Public License as published by the | |
7 | * Free Software Foundation; either version 2 of the License, or (at your | |
8 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, but | |
11 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
12 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
13 | * for more details. | |
14 | */ | |
37e52c3f MW |
15 | |
16 | #include <stdio.h> | |
17 | #include <library.h> | |
37e52c3f | 18 | |
3935d812 | 19 | static int burn_crypter(const proposal_token_t *token, u_int limit, u_int len) |
5da79478 | 20 | { |
466d560a | 21 | chunk_t iv, key, data; |
5da79478 MW |
22 | crypter_t *crypter; |
23 | int i = 0; | |
24 | bool ok; | |
25 | ||
26 | crypter = lib->crypto->create_crypter(lib->crypto, token->algorithm, | |
27 | token->keysize / 8); | |
28 | if (!crypter) | |
29 | { | |
30 | fprintf(stderr, "%N-%zu not supported\n", | |
31 | encryption_algorithm_names, token->algorithm, token->keysize); | |
32 | return FALSE; | |
33 | } | |
34 | ||
35 | iv = chunk_alloc(crypter->get_iv_size(crypter)); | |
36 | memset(iv.ptr, 0xFF, iv.len); | |
3935d812 | 37 | data = chunk_alloc(round_up(len, crypter->get_block_size(crypter))); |
5da79478 | 38 | memset(data.ptr, 0xDD, data.len); |
466d560a MW |
39 | key = chunk_alloc(crypter->get_key_size(crypter)); |
40 | memset(key.ptr, 0xAA, key.len); | |
5da79478 | 41 | |
466d560a | 42 | ok = crypter->set_key(crypter, key); |
5da79478 MW |
43 | while (ok) |
44 | { | |
45 | if (!crypter->encrypt(crypter, data, iv, NULL)) | |
46 | { | |
47 | fprintf(stderr, "encryption failed!\n"); | |
48 | ok = FALSE; | |
49 | break; | |
50 | } | |
51 | if (!crypter->decrypt(crypter, data, iv, NULL)) | |
52 | { | |
53 | fprintf(stderr, "decryption failed!\n"); | |
54 | ok = FALSE; | |
55 | break; | |
56 | } | |
57 | if (limit && ++i == limit) | |
58 | { | |
59 | break; | |
60 | } | |
61 | } | |
62 | crypter->destroy(crypter); | |
63 | ||
64 | free(iv.ptr); | |
65 | free(data.ptr); | |
466d560a | 66 | free(key.ptr); |
5da79478 MW |
67 | |
68 | return ok; | |
69 | } | |
70 | ||
3935d812 | 71 | static bool burn_aead(const proposal_token_t *token, u_int limit, u_int len) |
5da79478 | 72 | { |
466d560a | 73 | chunk_t iv, key, data, dataicv, assoc; |
5da79478 MW |
74 | aead_t *aead; |
75 | int i = 0; | |
76 | bool ok; | |
77 | ||
78 | aead = lib->crypto->create_aead(lib->crypto, token->algorithm, | |
79 | token->keysize / 8, 0); | |
80 | if (!aead) | |
81 | { | |
82 | fprintf(stderr, "%N-%zu not supported\n", | |
83 | encryption_algorithm_names, token->algorithm, token->keysize); | |
84 | return FALSE; | |
85 | } | |
86 | ||
87 | iv = chunk_alloc(aead->get_iv_size(aead)); | |
88 | memset(iv.ptr, 0xFF, iv.len); | |
3935d812 | 89 | dataicv = chunk_alloc(round_up(len, aead->get_block_size(aead)) + |
5da79478 MW |
90 | aead->get_icv_size(aead)); |
91 | data = chunk_create(dataicv.ptr, dataicv.len - aead->get_icv_size(aead)); | |
92 | memset(data.ptr, 0xDD, data.len); | |
93 | assoc = chunk_alloc(13); | |
94 | memset(assoc.ptr, 0xCC, assoc.len); | |
466d560a MW |
95 | key = chunk_alloc(aead->get_key_size(aead)); |
96 | memset(key.ptr, 0xAA, key.len); | |
5da79478 | 97 | |
466d560a | 98 | ok = aead->set_key(aead, key); |
5da79478 MW |
99 | while (ok) |
100 | { | |
101 | if (!aead->encrypt(aead, data, assoc, iv, NULL)) | |
102 | { | |
103 | fprintf(stderr, "aead encryption failed!\n"); | |
104 | ok = FALSE; | |
105 | break; | |
106 | } | |
107 | if (!aead->decrypt(aead, dataicv, assoc, iv, NULL)) | |
108 | { | |
109 | fprintf(stderr, "aead integrity check failed!\n"); | |
110 | ok = FALSE; | |
111 | break; | |
112 | } | |
113 | if (limit && ++i == limit) | |
114 | { | |
115 | break; | |
116 | } | |
117 | } | |
118 | aead->destroy(aead); | |
119 | ||
120 | free(iv.ptr); | |
121 | free(data.ptr); | |
466d560a | 122 | free(key.ptr); |
b8215750 | 123 | free(assoc.ptr); |
5da79478 MW |
124 | |
125 | return ok; | |
126 | } | |
127 | ||
22d0c934 MW |
128 | static int burn_signer(const proposal_token_t *token, u_int limit, u_int len) |
129 | { | |
130 | chunk_t key, data, sig; | |
131 | signer_t *signer; | |
132 | int i = 0; | |
133 | bool ok; | |
134 | ||
135 | signer = lib->crypto->create_signer(lib->crypto, token->algorithm); | |
136 | if (!signer) | |
137 | { | |
138 | fprintf(stderr, "%N not supported\n", | |
139 | integrity_algorithm_names, token->algorithm); | |
140 | return FALSE; | |
141 | } | |
142 | ||
143 | data = chunk_alloc(len); | |
144 | memset(data.ptr, 0xDD, data.len); | |
145 | key = chunk_alloc(signer->get_key_size(signer)); | |
146 | memset(key.ptr, 0xAA, key.len); | |
147 | sig = chunk_alloc(signer->get_block_size(signer)); | |
148 | ||
149 | ok = signer->set_key(signer, key); | |
150 | while (ok) | |
151 | { | |
152 | if (!signer->get_signature(signer, data, sig.ptr)) | |
153 | { | |
154 | fprintf(stderr, "creating signature failed!\n"); | |
155 | ok = FALSE; | |
156 | break; | |
157 | } | |
158 | if (!signer->verify_signature(signer, data, sig)) | |
159 | { | |
160 | fprintf(stderr, "verifying signature failed!\n"); | |
161 | ok = FALSE; | |
162 | break; | |
163 | } | |
164 | if (limit && ++i == limit) | |
165 | { | |
166 | break; | |
167 | } | |
168 | } | |
169 | signer->destroy(signer); | |
170 | ||
171 | free(data.ptr); | |
172 | free(key.ptr); | |
173 | free(sig.ptr); | |
174 | ||
175 | return ok; | |
176 | } | |
177 | ||
37e52c3f MW |
178 | int main(int argc, char *argv[]) |
179 | { | |
180 | const proposal_token_t *token; | |
3935d812 | 181 | u_int limit = 0, len = 1024; |
5da79478 | 182 | bool ok; |
37e52c3f | 183 | |
34d3bfcf | 184 | library_init(NULL, "crypt_burn"); |
d5ce572d | 185 | lib->plugins->load(lib->plugins, getenv("PLUGINS") ?: PLUGINS); |
37e52c3f MW |
186 | atexit(library_deinit); |
187 | ||
d5ce572d | 188 | fprintf(stderr, "loaded: %s\n", lib->plugins->loaded_plugins(lib->plugins)); |
37e52c3f | 189 | |
37e52c3f MW |
190 | if (argc < 2) |
191 | { | |
3935d812 MW |
192 | fprintf(stderr, "usage: %s <algorithm> [buflen=%u] [rounds=%u]\n", |
193 | argv[0], len, limit); | |
37e52c3f MW |
194 | return 1; |
195 | } | |
196 | if (argc > 2) | |
197 | { | |
3935d812 | 198 | len = atoi(argv[2]); |
03993149 | 199 | if (len > (1 << 30)) |
7a132466 TB |
200 | { |
201 | fprintf(stderr, "buffer too large (1 GiB limit)\n"); | |
202 | return 1; | |
203 | } | |
3935d812 MW |
204 | } |
205 | if (argc > 3) | |
206 | { | |
207 | limit = atoi(argv[3]); | |
37e52c3f MW |
208 | } |
209 | ||
4c57c630 | 210 | token = lib->proposal->get_token(lib->proposal, argv[1]); |
37e52c3f MW |
211 | if (!token) |
212 | { | |
213 | fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]); | |
214 | return 1; | |
215 | } | |
37e52c3f | 216 | |
5da79478 | 217 | switch (token->type) |
37e52c3f | 218 | { |
5da79478 MW |
219 | case ENCRYPTION_ALGORITHM: |
220 | if (encryption_algorithm_is_aead(token->algorithm)) | |
e2ed7bfd | 221 | { |
3935d812 | 222 | ok = burn_aead(token, limit, len); |
e2ed7bfd | 223 | } |
5da79478 | 224 | else |
37e52c3f | 225 | { |
3935d812 | 226 | ok = burn_crypter(token, limit, len); |
37e52c3f | 227 | } |
5da79478 | 228 | break; |
22d0c934 MW |
229 | case INTEGRITY_ALGORITHM: |
230 | ok = burn_signer(token, limit, len); | |
231 | break; | |
5da79478 MW |
232 | default: |
233 | fprintf(stderr, "'%s' is not a crypter/aead algorithm!\n", argv[1]); | |
234 | ok = FALSE; | |
235 | break; | |
37e52c3f | 236 | } |
5da79478 | 237 | return !ok; |
37e52c3f | 238 | } |