scripts/crypt_burn.c

   1 /*
   2  * Copyright (C) 2010 Martin Willi
   3  * Copyright (C) 2010 revosec AG
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include <stdio.h>
  17 #include <library.h>
  18
  19 static int burn_crypter(const proposal_token_t *token, u_int limit)
  20 {
  21         chunk_t iv,  data;
  22         crypter_t *crypter;
  23         int i = 0;
  24         bool ok;
  25
  26         crypter = lib->crypto->create_crypter(lib->crypto, token->algorithm,
  27                                                                                   token->keysize / 8);
  28         if (!crypter)
  29         {
  30                 fprintf(stderr, "%N-%zu not supported\n",
  31                                 encryption_algorithm_names, token->algorithm, token->keysize);
  32                 return FALSE;
  33         }
  34
  35         iv = chunk_alloc(crypter->get_iv_size(crypter));
  36         memset(iv.ptr, 0xFF, iv.len);
  37         data = chunk_alloc(round_up(1024, crypter->get_block_size(crypter)));
  38         memset(data.ptr, 0xDD, data.len);
  39
  40         ok = TRUE;
  41         while (ok)
  42         {
  43                 if (!crypter->encrypt(crypter, data, iv, NULL))
  44                 {
  45                         fprintf(stderr, "encryption failed!\n");
  46                         ok = FALSE;
  47                         break;
  48                 }
  49                 if (!crypter->decrypt(crypter, data, iv, NULL))
  50                 {
  51                         fprintf(stderr, "decryption failed!\n");
  52                         ok = FALSE;
  53                         break;
  54                 }
  55                 if (limit && ++i == limit)
  56                 {
  57                         break;
  58                 }
  59         }
  60         crypter->destroy(crypter);
  61
  62         free(iv.ptr);
  63         free(data.ptr);
  64
  65         return ok;
  66 }
  67
  68 static bool burn_aead(const proposal_token_t *token, u_int limit)
  69 {
  70         chunk_t iv, data, dataicv, assoc;
  71         aead_t *aead;
  72         int i = 0;
  73         bool ok;
  74
  75         aead = lib->crypto->create_aead(lib->crypto, token->algorithm,
  76                                                                         token->keysize / 8, 0);
  77         if (!aead)
  78         {
  79                 fprintf(stderr, "%N-%zu not supported\n",
  80                                 encryption_algorithm_names, token->algorithm, token->keysize);
  81                 return FALSE;
  82         }
  83
  84         iv = chunk_alloc(aead->get_iv_size(aead));
  85         memset(iv.ptr, 0xFF, iv.len);
  86         dataicv = chunk_alloc(round_up(1024, aead->get_block_size(aead)) +
  87                                                   aead->get_icv_size(aead));
  88         data = chunk_create(dataicv.ptr, dataicv.len - aead->get_icv_size(aead));
  89         memset(data.ptr, 0xDD, data.len);
  90         assoc = chunk_alloc(13);
  91         memset(assoc.ptr, 0xCC, assoc.len);
  92
  93         ok = TRUE;
  94         while (ok)
  95         {
  96                 if (!aead->encrypt(aead, data, assoc, iv, NULL))
  97                 {
  98                         fprintf(stderr, "aead encryption failed!\n");
  99                         ok = FALSE;
 100                         break;
 101                 }
 102                 if (!aead->decrypt(aead, dataicv, assoc, iv, NULL))
 103                 {
 104                         fprintf(stderr, "aead integrity check failed!\n");
 105                         ok = FALSE;
 106                         break;
 107                 }
 108                 if (limit && ++i == limit)
 109                 {
 110                         break;
 111                 }
 112         }
 113         aead->destroy(aead);
 114
 115         free(iv.ptr);
 116         free(data.ptr);
 117
 118         return ok;
 119 }
 120
 121 int main(int argc, char *argv[])
 122 {
 123         const proposal_token_t *token;
 124         int limit = 0;
 125         bool ok;
 126
 127         library_init(NULL, "crypt_burn");
 128         lib->plugins->load(lib->plugins, getenv("PLUGINS") ?: PLUGINS);
 129         atexit(library_deinit);
 130
 131         fprintf(stderr, "loaded: %s\n", lib->plugins->loaded_plugins(lib->plugins));
 132
 133         if (argc < 2)
 134         {
 135                 fprintf(stderr, "usage: %s <algorithm>!\n", argv[0]);
 136                 return 1;
 137         }
 138         if (argc > 2)
 139         {
 140                 limit = atoi(argv[2]);
 141         }
 142
 143         token = lib->proposal->get_token(lib->proposal, argv[1]);
 144         if (!token)
 145         {
 146                 fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]);
 147                 return 1;
 148         }
 149
 150         switch (token->type)
 151         {
 152                 case ENCRYPTION_ALGORITHM:
 153                         if (encryption_algorithm_is_aead(token->algorithm))
 154                         {
 155                                 ok = burn_aead(token, limit);
 156                         }
 157                         else
 158                         {
 159                                 ok = burn_crypter(token, limit);
 160                         }
 161                         break;
 162                 default:
 163                         fprintf(stderr, "'%s' is not a crypter/aead algorithm!\n", argv[1]);
 164                         ok = FALSE;
 165                         break;
 166         }
 167         return !ok;
 168 }