Merge pull request #464 from slvr/crypto-fix

Incorrect constants: s/BOXZERO/ZERO/
This commit is contained in:
irungentoo 2013-08-14 07:10:14 -07:00
commit 0338c3c9e8
2 changed files with 56 additions and 58 deletions

View File

@ -197,6 +197,43 @@ START_TEST(test_endtoend)
} }
END_TEST END_TEST
START_TEST(test_large_data)
{
unsigned char k[crypto_box_BEFORENMBYTES];
unsigned char n[crypto_box_NONCEBYTES];
unsigned char m1[MAX_DATA_SIZE - ENCRYPTION_PADDING];
unsigned char c1[sizeof(m1) + ENCRYPTION_PADDING];
unsigned char m1prime[sizeof(m1)];
unsigned char m2[MAX_DATA_SIZE];
unsigned char c2[sizeof(m2) + ENCRYPTION_PADDING];
int c1len, c2len;
int m1plen;
//Generate random messages
rand_bytes(m1, sizeof(m1));
rand_bytes(m2, sizeof(m2));
rand_bytes(n, crypto_box_NONCEBYTES);
//Generate key
rand_bytes(k, crypto_box_BEFORENMBYTES);
c1len = encrypt_data_fast(k, n, m1, sizeof(m1), c1);
c2len = encrypt_data_fast(k, n, m2, sizeof(m2), c2);
ck_assert_msg(c1len == sizeof(m1) + ENCRYPTION_PADDING, "Could not encrypt max size");
ck_assert_msg(c2len == -1, "incorrectly succeeded encrypting massive size");
m1plen = decrypt_data_fast(k, n, c1, c1len, m1prime);
ck_assert_msg(m1plen == sizeof(m1), "decrypted text lengths differ");
ck_assert_msg(memcmp(m1prime, m1, sizeof(m1)) == 0, "decrypted texts differ");
}
END_TEST
#define DEFTESTCASE(NAME) \ #define DEFTESTCASE(NAME) \
TCase *NAME = tcase_create(#NAME); \ TCase *NAME = tcase_create(#NAME); \
tcase_add_test(NAME, test_##NAME); \ tcase_add_test(NAME, test_##NAME); \
@ -209,6 +246,7 @@ Suite* crypto_suite(void)
DEFTESTCASE(known); DEFTESTCASE(known);
DEFTESTCASE(fast_known); DEFTESTCASE(fast_known);
DEFTESTCASE(endtoend); DEFTESTCASE(endtoend);
DEFTESTCASE(large_data);
return s; return s;
} }

View File

@ -71,33 +71,6 @@ uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
return check; // We return zero if mem is made out of zeroes. return check; // We return zero if mem is made out of zeroes.
} }
/* encrypts plain of length length to encrypted of length + 16 using the
public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce
return -1 if there was a problem.
return length of encrypted data if everything was fine. */
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
uint8_t *plain, uint32_t length, uint8_t *encrypted)
{
if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
return -1;
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */
crypto_box(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, public_key, secret_key);
/* if encryption is successful the first crypto_box_BOXZEROBYTES of the message will be zero
apparently memcmp should not be used so we do this instead:*/
if(crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0)
return -1;
/* unpad the encrypted message */
memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES;
}
/* Precomputes the shared key from their public_key and our secret_key. /* Precomputes the shared key from their public_key and our secret_key.
This way we can avoid an expensive elliptic curve scalar multiply for each This way we can avoid an expensive elliptic curve scalar multiply for each
encrypt/decrypt operation. encrypt/decrypt operation.
@ -114,7 +87,7 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0) if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
return -1; return -1;
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0};
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */
@ -129,35 +102,6 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES; return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES;
} }
/* decrypts encrypted of length length to plain of length length - 16 using the
public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce
return -1 if there was a problem(decryption failed)
return length of plain data if everything was fine. */
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
uint8_t *encrypted, uint32_t length, uint8_t *plain)
{
if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
return -1;
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */
if (crypto_box_open(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES,
nonce, public_key, secret_key) == -1)
return -1;
/* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero
apparently memcmp should not be used so we do this instead:*/
if(crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0)
return -1;
/* unpad the plain message */
memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES);
return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES;
}
/* Fast decrypt. Depends on enc_ley from encrypt_precompute. */ /* Fast decrypt. Depends on enc_ley from encrypt_precompute. */
int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
uint8_t *encrypted, uint32_t length, uint8_t *plain) uint8_t *encrypted, uint32_t length, uint8_t *plain)
@ -165,7 +109,7 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES) if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
return -1; return -1;
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES];
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */
@ -184,6 +128,22 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES; return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES;
} }
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
uint8_t *plain, uint32_t length, uint8_t *encrypted)
{
uint8_t k[crypto_box_BEFORENMBYTES];
encrypt_precompute(public_key, secret_key, k);
return encrypt_data_fast(k, nonce, plain, length, encrypted);
}
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
uint8_t *encrypted, uint32_t length, uint8_t *plain)
{
uint8_t k[crypto_box_BEFORENMBYTES];
encrypt_precompute(public_key, secret_key, k);
return decrypt_data_fast(k, nonce, encrypted, length, plain);
}
/* increment the given nonce by 1 */ /* increment the given nonce by 1 */
static void increment_nonce(uint8_t *nonce) static void increment_nonce(uint8_t *nonce)
{ {