From 0b27a0cb355a15fddbce639e66d5af2c2106526a Mon Sep 17 00:00:00 2001 From: slvr Date: Wed, 14 Aug 2013 14:26:04 +0100 Subject: [PATCH 1/3] Incorrect constants: s/BOXZERO/ZERO/ --- core/net_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/net_crypto.c b/core/net_crypto.c index 07c43c40..0d8ad4c7 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c @@ -81,7 +81,7 @@ int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0) return -1; - uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; + uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ @@ -114,7 +114,7 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0) return -1; - uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; + uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ From ee34b51c24acfcee7c155b3b056a16dded8a27bc Mon Sep 17 00:00:00 2001 From: slvr Date: Wed, 14 Aug 2013 14:29:39 +0100 Subject: [PATCH 2/3] s/BOXZERO/ZERO/ --- core/net_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/net_crypto.c b/core/net_crypto.c index 0d8ad4c7..fd606335 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c @@ -139,7 +139,7 @@ int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES) return -1; - uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; + uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ @@ -165,7 +165,7 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES) return -1; - uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; + uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ From a854a730ecd3b92426914d9bc30713ade92d5727 Mon Sep 17 00:00:00 2001 From: slvr Date: Wed, 14 Aug 2013 14:46:29 +0100 Subject: [PATCH 3/3] Reduced redundant code, added new crypto test --- auto_tests/crypto_test.c | 38 +++++++++++++++++++++ core/net_crypto.c | 72 +++++++++------------------------------- 2 files changed, 54 insertions(+), 56 deletions(-) diff --git a/auto_tests/crypto_test.c b/auto_tests/crypto_test.c index 9ac81349..8b5397e4 100644 --- a/auto_tests/crypto_test.c +++ b/auto_tests/crypto_test.c @@ -197,6 +197,43 @@ START_TEST(test_endtoend) } END_TEST +START_TEST(test_large_data) +{ + unsigned char k[crypto_box_BEFORENMBYTES]; + + unsigned char n[crypto_box_NONCEBYTES]; + + unsigned char m1[MAX_DATA_SIZE - ENCRYPTION_PADDING]; + unsigned char c1[sizeof(m1) + ENCRYPTION_PADDING]; + unsigned char m1prime[sizeof(m1)]; + + unsigned char m2[MAX_DATA_SIZE]; + unsigned char c2[sizeof(m2) + ENCRYPTION_PADDING]; + + int c1len, c2len; + int m1plen; + + //Generate random messages + rand_bytes(m1, sizeof(m1)); + rand_bytes(m2, sizeof(m2)); + rand_bytes(n, crypto_box_NONCEBYTES); + + //Generate key + rand_bytes(k, crypto_box_BEFORENMBYTES); + + c1len = encrypt_data_fast(k, n, m1, sizeof(m1), c1); + c2len = encrypt_data_fast(k, n, m2, sizeof(m2), c2); + + ck_assert_msg(c1len == sizeof(m1) + ENCRYPTION_PADDING, "Could not encrypt max size"); + ck_assert_msg(c2len == -1, "incorrectly succeeded encrypting massive size"); + + m1plen = decrypt_data_fast(k, n, c1, c1len, m1prime); + + ck_assert_msg(m1plen == sizeof(m1), "decrypted text lengths differ"); + ck_assert_msg(memcmp(m1prime, m1, sizeof(m1)) == 0, "decrypted texts differ"); +} +END_TEST + #define DEFTESTCASE(NAME) \ TCase *NAME = tcase_create(#NAME); \ tcase_add_test(NAME, test_##NAME); \ @@ -209,6 +246,7 @@ Suite* crypto_suite(void) DEFTESTCASE(known); DEFTESTCASE(fast_known); DEFTESTCASE(endtoend); + DEFTESTCASE(large_data); return s; } diff --git a/core/net_crypto.c b/core/net_crypto.c index fd606335..ab18dd63 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c @@ -71,33 +71,6 @@ uint8_t crypto_iszero(uint8_t *mem, uint32_t length) return check; // We return zero if mem is made out of zeroes. } -/* encrypts plain of length length to encrypted of length + 16 using the - public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce - return -1 if there was a problem. - return length of encrypted data if everything was fine. */ -int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, - uint8_t *plain, uint32_t length, uint8_t *encrypted) -{ - if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0) - return -1; - - uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; - uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; - - memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ - - crypto_box(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, public_key, secret_key); - - /* if encryption is successful the first crypto_box_BOXZEROBYTES of the message will be zero - apparently memcmp should not be used so we do this instead:*/ - if(crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0) - return -1; - - /* unpad the encrypted message */ - memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES); - return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES; -} - /* Precomputes the shared key from their public_key and our secret_key. This way we can avoid an expensive elliptic curve scalar multiply for each encrypt/decrypt operation. @@ -129,35 +102,6 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES; } -/* decrypts encrypted of length length to plain of length length - 16 using the - public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce - return -1 if there was a problem(decryption failed) - return length of plain data if everything was fine. */ -int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, - uint8_t *encrypted, uint32_t length, uint8_t *plain) -{ - if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES) - return -1; - - uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; - uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; - - memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ - - if (crypto_box_open(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES, - nonce, public_key, secret_key) == -1) - return -1; - - /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero - apparently memcmp should not be used so we do this instead:*/ - if(crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0) - return -1; - - /* unpad the plain message */ - memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES); - return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES; -} - /* Fast decrypt. Depends on enc_ley from encrypt_precompute. */ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain) @@ -184,6 +128,22 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES; } +int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, + uint8_t *plain, uint32_t length, uint8_t *encrypted) +{ + uint8_t k[crypto_box_BEFORENMBYTES]; + encrypt_precompute(public_key, secret_key, k); + return encrypt_data_fast(k, nonce, plain, length, encrypted); +} + +int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, + uint8_t *encrypted, uint32_t length, uint8_t *plain) +{ + uint8_t k[crypto_box_BEFORENMBYTES]; + encrypt_precompute(public_key, secret_key, k); + return decrypt_data_fast(k, nonce, encrypted, length, plain); +} + /* increment the given nonce by 1 */ static void increment_nonce(uint8_t *nonce) {