2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
19 static int burn_crypter(const proposal_token_t
*token
, u_int limit
, u_int len
)
21 chunk_t iv
, key
, data
;
26 crypter
= lib
->crypto
->create_crypter(lib
->crypto
, token
->algorithm
,
30 fprintf(stderr
, "%N-%zu not supported\n",
31 encryption_algorithm_names
, token
->algorithm
, token
->keysize
);
35 iv
= chunk_alloc(crypter
->get_iv_size(crypter
));
36 memset(iv
.ptr
, 0xFF, iv
.len
);
37 data
= chunk_alloc(round_up(len
, crypter
->get_block_size(crypter
)));
38 memset(data
.ptr
, 0xDD, data
.len
);
39 key
= chunk_alloc(crypter
->get_key_size(crypter
));
40 memset(key
.ptr
, 0xAA, key
.len
);
42 ok
= crypter
->set_key(crypter
, key
);
45 if (!crypter
->encrypt(crypter
, data
, iv
, NULL
))
47 fprintf(stderr
, "encryption failed!\n");
51 if (!crypter
->decrypt(crypter
, data
, iv
, NULL
))
53 fprintf(stderr
, "decryption failed!\n");
57 if (limit
&& ++i
== limit
)
62 crypter
->destroy(crypter
);
71 static bool burn_aead(const proposal_token_t
*token
, u_int limit
, u_int len
)
73 chunk_t iv
, key
, data
, dataicv
, assoc
;
78 aead
= lib
->crypto
->create_aead(lib
->crypto
, token
->algorithm
,
79 token
->keysize
/ 8, 0);
82 fprintf(stderr
, "%N-%zu not supported\n",
83 encryption_algorithm_names
, token
->algorithm
, token
->keysize
);
87 iv
= chunk_alloc(aead
->get_iv_size(aead
));
88 memset(iv
.ptr
, 0xFF, iv
.len
);
89 dataicv
= chunk_alloc(round_up(len
, aead
->get_block_size(aead
)) +
90 aead
->get_icv_size(aead
));
91 data
= chunk_create(dataicv
.ptr
, dataicv
.len
- aead
->get_icv_size(aead
));
92 memset(data
.ptr
, 0xDD, data
.len
);
93 assoc
= chunk_alloc(13);
94 memset(assoc
.ptr
, 0xCC, assoc
.len
);
95 key
= chunk_alloc(aead
->get_key_size(aead
));
96 memset(key
.ptr
, 0xAA, key
.len
);
98 ok
= aead
->set_key(aead
, key
);
101 if (!aead
->encrypt(aead
, data
, assoc
, iv
, NULL
))
103 fprintf(stderr
, "aead encryption failed!\n");
107 if (!aead
->decrypt(aead
, dataicv
, assoc
, iv
, NULL
))
109 fprintf(stderr
, "aead integrity check failed!\n");
113 if (limit
&& ++i
== limit
)
127 static int burn_signer(const proposal_token_t
*token
, u_int limit
, u_int len
)
129 chunk_t key
, data
, sig
;
134 signer
= lib
->crypto
->create_signer(lib
->crypto
, token
->algorithm
);
137 fprintf(stderr
, "%N not supported\n",
138 integrity_algorithm_names
, token
->algorithm
);
142 data
= chunk_alloc(len
);
143 memset(data
.ptr
, 0xDD, data
.len
);
144 key
= chunk_alloc(signer
->get_key_size(signer
));
145 memset(key
.ptr
, 0xAA, key
.len
);
146 sig
= chunk_alloc(signer
->get_block_size(signer
));
148 ok
= signer
->set_key(signer
, key
);
151 if (!signer
->get_signature(signer
, data
, sig
.ptr
))
153 fprintf(stderr
, "creating signature failed!\n");
157 if (!signer
->verify_signature(signer
, data
, sig
))
159 fprintf(stderr
, "verifying signature failed!\n");
163 if (limit
&& ++i
== limit
)
168 signer
->destroy(signer
);
177 int main(int argc
, char *argv
[])
179 const proposal_token_t
*token
;
180 u_int limit
= 0, len
= 1024;
183 library_init(NULL
, "crypt_burn");
184 lib
->plugins
->load(lib
->plugins
, getenv("PLUGINS") ?: PLUGINS
);
185 atexit(library_deinit
);
187 fprintf(stderr
, "loaded: %s\n", lib
->plugins
->loaded_plugins(lib
->plugins
));
191 fprintf(stderr
, "usage: %s <algorithm> [buflen=%u] [rounds=%u]\n",
192 argv
[0], len
, limit
);
201 limit
= atoi(argv
[3]);
204 token
= lib
->proposal
->get_token(lib
->proposal
, argv
[1]);
207 fprintf(stderr
, "algorithm '%s' unknown!\n", argv
[1]);
213 case ENCRYPTION_ALGORITHM
:
214 if (encryption_algorithm_is_aead(token
->algorithm
))
216 ok
= burn_aead(token
, limit
, len
);
220 ok
= burn_crypter(token
, limit
, len
);
223 case INTEGRITY_ALGORITHM
:
224 ok
= burn_signer(token
, limit
, len
);
227 fprintf(stderr
, "'%s' is not a crypter/aead algorithm!\n", argv
[1]);