[thirdparty/strongswan.git] / scripts / crypt_burn.c

/*
 * Copyright (C) 2010 Martin Willi
 * Copyright (C) 2010 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include <stdio.h>
#include <library.h>

static int burn_crypter(const proposal_token_t *token, u_int limit, u_int len)
{
	chunk_t iv, key, data;
	crypter_t *crypter;
	int i = 0;
	bool ok;

	crypter = lib->crypto->create_crypter(lib->crypto, token->algorithm,
										  token->keysize / 8);
	if (!crypter)
	{
		fprintf(stderr, "%N-%zu not supported\n",
				encryption_algorithm_names, token->algorithm, token->keysize);
		return FALSE;
	}

	iv = chunk_alloc(crypter->get_iv_size(crypter));
	memset(iv.ptr, 0xFF, iv.len);
	data = chunk_alloc(round_up(len, crypter->get_block_size(crypter)));
	memset(data.ptr, 0xDD, data.len);
	key = chunk_alloc(crypter->get_key_size(crypter));
	memset(key.ptr, 0xAA, key.len);

	ok = crypter->set_key(crypter, key);
	while (ok)
	{
		if (!crypter->encrypt(crypter, data, iv, NULL))
		{
			fprintf(stderr, "encryption failed!\n");
			ok = FALSE;
			break;
		}
		if (!crypter->decrypt(crypter, data, iv, NULL))
		{
			fprintf(stderr, "decryption failed!\n");
			ok = FALSE;
			break;
		}
		if (limit && ++i == limit)
		{
			break;
		}
	}
	crypter->destroy(crypter);

	free(iv.ptr);
	free(data.ptr);
	free(key.ptr);

	return ok;
}

static bool burn_aead(const proposal_token_t *token, u_int limit, u_int len)
{
	chunk_t iv, key, data, dataicv, assoc;
	aead_t *aead;
	int i = 0;
	bool ok;

	aead = lib->crypto->create_aead(lib->crypto, token->algorithm,
									token->keysize / 8, 0);
	if (!aead)
	{
		fprintf(stderr, "%N-%zu not supported\n",
				encryption_algorithm_names, token->algorithm, token->keysize);
		return FALSE;
	}

	iv = chunk_alloc(aead->get_iv_size(aead));
	memset(iv.ptr, 0xFF, iv.len);
	dataicv = chunk_alloc(round_up(len, aead->get_block_size(aead)) +
						  aead->get_icv_size(aead));
	data = chunk_create(dataicv.ptr, dataicv.len - aead->get_icv_size(aead));
	memset(data.ptr, 0xDD, data.len);
	assoc = chunk_alloc(13);
	memset(assoc.ptr, 0xCC, assoc.len);
	key = chunk_alloc(aead->get_key_size(aead));
	memset(key.ptr, 0xAA, key.len);

	ok = aead->set_key(aead, key);
	while (ok)
	{
		if (!aead->encrypt(aead, data, assoc, iv, NULL))
		{
			fprintf(stderr, "aead encryption failed!\n");
			ok = FALSE;
			break;
		}
		if (!aead->decrypt(aead, dataicv, assoc, iv, NULL))
		{
			fprintf(stderr, "aead integrity check failed!\n");
			ok = FALSE;
			break;
		}
		if (limit && ++i == limit)
		{
			break;
		}
	}
	aead->destroy(aead);

	free(iv.ptr);
	free(data.ptr);
	free(key.ptr);
	free(assoc.ptr);

	return ok;
}

static int burn_signer(const proposal_token_t *token, u_int limit, u_int len)
{
	chunk_t  key, data, sig;
	signer_t *signer;
	int i = 0;
	bool ok;

	signer = lib->crypto->create_signer(lib->crypto, token->algorithm);
	if (!signer)
	{
		fprintf(stderr, "%N not supported\n",
				integrity_algorithm_names, token->algorithm);
		return FALSE;
	}

	data = chunk_alloc(len);
	memset(data.ptr, 0xDD, data.len);
	key = chunk_alloc(signer->get_key_size(signer));
	memset(key.ptr, 0xAA, key.len);
	sig = chunk_alloc(signer->get_block_size(signer));

	ok = signer->set_key(signer, key);
	while (ok)
	{
		if (!signer->get_signature(signer, data, sig.ptr))
		{
			fprintf(stderr, "creating signature failed!\n");
			ok = FALSE;
			break;
		}
		if (!signer->verify_signature(signer, data, sig))
		{
			fprintf(stderr, "verifying signature failed!\n");
			ok = FALSE;
			break;
		}
		if (limit && ++i == limit)
		{
			break;
		}
	}
	signer->destroy(signer);

	free(data.ptr);
	free(key.ptr);
	free(sig.ptr);

	return ok;
}

int main(int argc, char *argv[])
{
	const proposal_token_t *token;
	u_int limit = 0, len = 1024;
	bool ok;

	library_init(NULL, "crypt_burn");
	lib->plugins->load(lib->plugins, getenv("PLUGINS") ?: PLUGINS);
	atexit(library_deinit);

	fprintf(stderr, "loaded: %s\n", lib->plugins->loaded_plugins(lib->plugins));

	if (argc < 2)
	{
		fprintf(stderr, "usage: %s <algorithm> [buflen=%u] [rounds=%u]\n",
				argv[0], len, limit);
		return 1;
	}
	if (argc > 2)
	{
		len = atoi(argv[2]);
		if (len > (2^30))
		{
			fprintf(stderr, "buffer too large (1 GiB limit)\n");
			return 1;
		}
	}
	if (argc > 3)
	{
		limit = atoi(argv[3]);
	}

	token = lib->proposal->get_token(lib->proposal, argv[1]);
	if (!token)
	{
		fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]);
		return 1;
	}

	switch (token->type)
	{
		case ENCRYPTION_ALGORITHM:
			if (encryption_algorithm_is_aead(token->algorithm))
			{
				ok = burn_aead(token, limit, len);
			}
			else
			{
				ok = burn_crypter(token, limit, len);
			}
			break;
		case INTEGRITY_ALGORITHM:
			ok = burn_signer(token, limit, len);
			break;
		default:
			fprintf(stderr, "'%s' is not a crypter/aead algorithm!\n", argv[1]);
			ok = FALSE;
			break;
	}
	return !ok;
}
Commit	Line	Data
f3af4969 TB	1	/*
	2	* Copyright (C) 2010 Martin Willi
	3	* Copyright (C) 2010 revosec AG
	4	*
	5	* This program is free software; you can redistribute it and/or modify it
	6	* under the terms of the GNU General Public License as published by the
	7	* Free Software Foundation; either version 2 of the License, or (at your
	8	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	9	*
	10	* This program is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	12	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	13	* for more details.
	14	*/
37e52c3f MW	15
	16	#include <stdio.h>
	17	#include <library.h>
37e52c3f	18
3935d812	19	static int burn_crypter(const proposal_token_t *token, u_int limit, u_int len)
5da79478	20	{
466d560a	21	chunk_t iv, key, data;
5da79478 MW	22	crypter_t *crypter;
	23	int i = 0;
	24	bool ok;
	25
	26	crypter = lib->crypto->create_crypter(lib->crypto, token->algorithm,
	27	token->keysize / 8);
	28	if (!crypter)
	29	{
	30	fprintf(stderr, "%N-%zu not supported\n",
	31	encryption_algorithm_names, token->algorithm, token->keysize);
	32	return FALSE;
	33	}
	34
	35	iv = chunk_alloc(crypter->get_iv_size(crypter));
	36	memset(iv.ptr, 0xFF, iv.len);
3935d812	37	data = chunk_alloc(round_up(len, crypter->get_block_size(crypter)));
5da79478	38	memset(data.ptr, 0xDD, data.len);
466d560a MW	39	key = chunk_alloc(crypter->get_key_size(crypter));
466d560a MW	40	memset(key.ptr, 0xAA, key.len);
5da79478	41
466d560a	42	ok = crypter->set_key(crypter, key);
5da79478 MW	43	while (ok)
	44	{
	45	if (!crypter->encrypt(crypter, data, iv, NULL))
	46	{
	47	fprintf(stderr, "encryption failed!\n");
	48	ok = FALSE;
	49	break;
	50	}
	51	if (!crypter->decrypt(crypter, data, iv, NULL))
	52	{
	53	fprintf(stderr, "decryption failed!\n");
	54	ok = FALSE;
	55	break;
	56	}
	57	if (limit && ++i == limit)
	58	{
	59	break;
	60	}
	61	}
	62	crypter->destroy(crypter);
	63
	64	free(iv.ptr);
	65	free(data.ptr);
466d560a	66	free(key.ptr);
5da79478 MW	67
	68	return ok;
	69	}
	70
3935d812	71	static bool burn_aead(const proposal_token_t *token, u_int limit, u_int len)
5da79478	72	{
466d560a	73	chunk_t iv, key, data, dataicv, assoc;
5da79478 MW	74	aead_t *aead;
	75	int i = 0;
	76	bool ok;
	77
	78	aead = lib->crypto->create_aead(lib->crypto, token->algorithm,
	79	token->keysize / 8, 0);
	80	if (!aead)
	81	{
	82	fprintf(stderr, "%N-%zu not supported\n",
	83	encryption_algorithm_names, token->algorithm, token->keysize);
	84	return FALSE;
	85	}
	86
	87	iv = chunk_alloc(aead->get_iv_size(aead));
	88	memset(iv.ptr, 0xFF, iv.len);
3935d812	89	dataicv = chunk_alloc(round_up(len, aead->get_block_size(aead)) +
5da79478 MW	90	aead->get_icv_size(aead));
	91	data = chunk_create(dataicv.ptr, dataicv.len - aead->get_icv_size(aead));
	92	memset(data.ptr, 0xDD, data.len);
	93	assoc = chunk_alloc(13);
	94	memset(assoc.ptr, 0xCC, assoc.len);
466d560a MW	95	key = chunk_alloc(aead->get_key_size(aead));
466d560a MW	96	memset(key.ptr, 0xAA, key.len);
5da79478	97
466d560a	98	ok = aead->set_key(aead, key);
5da79478 MW	99	while (ok)
	100	{
	101	if (!aead->encrypt(aead, data, assoc, iv, NULL))
	102	{
	103	fprintf(stderr, "aead encryption failed!\n");
	104	ok = FALSE;
	105	break;
	106	}
	107	if (!aead->decrypt(aead, dataicv, assoc, iv, NULL))
	108	{
	109	fprintf(stderr, "aead integrity check failed!\n");
	110	ok = FALSE;
	111	break;
	112	}
	113	if (limit && ++i == limit)
	114	{
	115	break;
	116	}
	117	}
	118	aead->destroy(aead);
	119
	120	free(iv.ptr);
	121	free(data.ptr);
466d560a	122	free(key.ptr);
b8215750	123	free(assoc.ptr);
5da79478 MW	124
	125	return ok;
	126	}
	127
22d0c934 MW	128	static int burn_signer(const proposal_token_t *token, u_int limit, u_int len)
	129	{
	130	chunk_t key, data, sig;
	131	signer_t *signer;
	132	int i = 0;
	133	bool ok;
	134
	135	signer = lib->crypto->create_signer(lib->crypto, token->algorithm);
	136	if (!signer)
	137	{
	138	fprintf(stderr, "%N not supported\n",
	139	integrity_algorithm_names, token->algorithm);
	140	return FALSE;
	141	}
	142
	143	data = chunk_alloc(len);
	144	memset(data.ptr, 0xDD, data.len);
	145	key = chunk_alloc(signer->get_key_size(signer));
	146	memset(key.ptr, 0xAA, key.len);
	147	sig = chunk_alloc(signer->get_block_size(signer));
	148
	149	ok = signer->set_key(signer, key);
	150	while (ok)
	151	{
	152	if (!signer->get_signature(signer, data, sig.ptr))
	153	{
	154	fprintf(stderr, "creating signature failed!\n");
	155	ok = FALSE;
	156	break;
	157	}
	158	if (!signer->verify_signature(signer, data, sig))
	159	{
	160	fprintf(stderr, "verifying signature failed!\n");
	161	ok = FALSE;
	162	break;
	163	}
	164	if (limit && ++i == limit)
	165	{
	166	break;
	167	}
	168	}
	169	signer->destroy(signer);
	170
	171	free(data.ptr);
	172	free(key.ptr);
	173	free(sig.ptr);
	174
	175	return ok;
	176	}
	177
37e52c3f MW	178	int main(int argc, char *argv[])
	179	{
	180	const proposal_token_t *token;
3935d812	181	u_int limit = 0, len = 1024;
5da79478	182	bool ok;
37e52c3f	183
34d3bfcf	184	library_init(NULL, "crypt_burn");
d5ce572d	185	lib->plugins->load(lib->plugins, getenv("PLUGINS") ?: PLUGINS);
37e52c3f MW	186	atexit(library_deinit);
37e52c3f MW	187
d5ce572d	188	fprintf(stderr, "loaded: %s\n", lib->plugins->loaded_plugins(lib->plugins));
37e52c3f	189
37e52c3f MW	190	if (argc < 2)
37e52c3f MW	191	{
3935d812 MW	192	fprintf(stderr, "usage: %s <algorithm> [buflen=%u] [rounds=%u]\n",
3935d812 MW	193	argv[0], len, limit);
37e52c3f MW	194	return 1;
	195	}
	196	if (argc > 2)
	197	{
3935d812	198	len = atoi(argv[2]);
7a132466 TB	199	if (len > (2^30))
	200	{
	201	fprintf(stderr, "buffer too large (1 GiB limit)\n");
	202	return 1;
	203	}
3935d812 MW	204	}
	205	if (argc > 3)
	206	{
	207	limit = atoi(argv[3]);
37e52c3f MW	208	}
37e52c3f MW	209
4c57c630	210	token = lib->proposal->get_token(lib->proposal, argv[1]);
37e52c3f MW	211	if (!token)
	212	{
	213	fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]);
	214	return 1;
	215	}
37e52c3f	216
5da79478	217	switch (token->type)
37e52c3f	218	{
5da79478 MW	219	case ENCRYPTION_ALGORITHM:
5da79478 MW	220	if (encryption_algorithm_is_aead(token->algorithm))
e2ed7bfd	221	{
3935d812	222	ok = burn_aead(token, limit, len);
e2ed7bfd	223	}
5da79478	224	else
37e52c3f	225	{
3935d812	226	ok = burn_crypter(token, limit, len);
37e52c3f	227	}
5da79478	228	break;
22d0c934 MW	229	case INTEGRITY_ALGORITHM:
	230	ok = burn_signer(token, limit, len);
	231	break;
5da79478 MW	232	default:
	233	fprintf(stderr, "'%s' is not a crypter/aead algorithm!\n", argv[1]);
	234	ok = FALSE;
	235	break;
37e52c3f	236	}
5da79478	237	return !ok;
37e52c3f	238	}