lib_its_security.c 107 KB
Newer Older
YannGarcia's avatar
YannGarcia committed

  /* Test decrypt function */
  printf("###########################################################################\n");
  printf("Test decrypt \n");
  {
    assert(lib_its_security_context == NULL);
    result = initialize(nist_p_256, &lib_its_security_context);
    if (result == -1) {
      fprintf(stderr, "main: initialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
    // Test #1
    lib_its_security_context->nonce = hex_to_bin((const int8_t*)"8A395AA1C94062766027BFAC", &lib_its_security_context->nonce_length);
    lib_its_security_context->sym_key = hex_to_bin((const int8_t*)"A3762D576B7A1DC2A2D8CF11B28A8BF8", &lib_its_security_context->sym_key_length);
    lib_its_security_context->tag = hex_to_bin((const int8_t*)"5921DBABF3EC01EE123976B171E3C549", &lib_its_security_context->tag_length);
    size_t cipher_message_length;
    uint8_t* cipher_message = hex_to_bin((const int8_t*)"cfea3fed73db25664feb046e0097fb57e541b12d74985965b175462893f32f9b373525b399367140542f44f94abb8b9df77b0d2bcce4709081d7d4ad781b8f28c86d8ee48e3b5427cf57ade2927701066d565073bbb31c2e54bf68da36296f9a23ab4c63a8ac26f92d0b99d28650120cb2d2dc0220a0bc56267736e3607c8a78094e167b65191a20cf9cdcb58d757756de32c75822de5687db6d7a65803137347a43da0db6de10dcfd3f045c3cc2198f29522cb72fc5296fdafa3b13151bb866078c5305b1a9ee08c34fb12b2c2c7bf06866f0d308e0721557d35448c37f126c96328acdc1298f316d6b0e94b2bb15228f5906809f56e39e2a5fba1d06b6222c3ff0234580288c09566c79d72342a2724033a5", &cipher_message_length);
    uint8_t* plain_text_message;
    size_t plain_text_message_length;
    lib_its_security_context->encryption_algorithm = aes_128_ccm;
    assert(decrypt(lib_its_security_context, cipher_message, cipher_message_length, &plain_text_message, &plain_text_message_length) == 0);
    printf("plain_text_message_length= %ld\n", plain_text_message_length);
    show_hex((const int8_t*)"plain_text_message", plain_text_message, plain_text_message_length);
    size_t expected_plain_text_message_length;
    uint8_t* expected_plain_text_message = hex_to_bin((const int8_t*)"03810040038081BC01800381004003806400104553435259505400000000000000001101008082671439CBFB6E69370113B14E077A6097AACC62945C122D402A6975AF6FF3DAA77C8110455343525950540000000000000000111DCCE0F98400788301028000FA80017C00010180012481030201C04002026F0001C6B773D2F2B0828080217B7AA6442D85721A9DB6F0C2E307BEC1795B33E6957055F504F8F7A5DD1A956788F6A1146998DA44EC4756C8DB2AB46EBD1D3BAB6894FE8667594FAE2B24374002026F0001C6B773D33130828080AE1B9F9D16A35646C4C84CE4A4C3B50C84125356A74A94B009750941DC94A9DB6D91A2B75633AB573B3369C0DE7CCBD44EC08ABB268EA341FCBB53757E5B7589", &expected_plain_text_message_length);
    assert(expected_plain_text_message_length == cipher_message_length);
    for (int32_t i = 0; i < expected_plain_text_message_length; assert(*(expected_plain_text_message + i) == *(plain_text_message + i)), i++);
    free(cipher_message);
    free(plain_text_message);
    free(expected_plain_text_message);

    result = uninitialize(&lib_its_security_context);
    lib_its_security_context = NULL;
    if (result == -1) {
      fprintf(stderr, "main: uninitialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
  }

  /* Test generate_and_derive_ephemeral_key_for_encryption */
  printf("###########################################################################\n");
  printf("Test generate_and_derive_ephemeral_key_for_encryption \n");
  {
    assert(lib_its_security_context == NULL);
    assert(lib_its_security_context_comp == NULL);
    size_t l;
    uint8_t* private_key = hex_to_bin((const int8_t*)"65322BEE2CFC665FBBAC6C0DC42EE73422278DFB7563A6350F7087013E216ACA", &l);
    assert(l == 32);
    result = initialize_with_private_key(nist_p_256, private_key, &lib_its_security_context);
    if (result == -1) {
      fprintf(stderr, "main: initialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
    free(private_key);

    // Test #1
    size_t recipients_public_key_length;
    uint8_t* recipients_public_key = hex_to_bin((const int8_t*)"E169F42FB028801B6DB717F5E7A37A7FBB17CB95A811BF224588F6F256FE8DDC", &recipients_public_key_length);
    assert(recipients_public_key_length == 32);
    assert(initialize_with_public_key(nist_p_256, recipients_public_key, compressed_y_0, &lib_its_security_context_comp) == 0);
    assert(lib_its_security_context_comp->ec_key != NULL);
    assert(lib_its_security_context_comp->ec_group != NULL);
    assert(lib_its_security_context_comp->key_length == 32);
    size_t salt_length;
    uint8_t* salt = hex_to_bin((const int8_t*)"89BAB7DEA15BDAF3FF0357D952760A25735DD9816941BF6562C042D452D16EBA", &salt_length);
    assert(generate_and_derive_ephemeral_key_for_encryption(lib_its_security_context/*Ephemeral's private key*/, aes_128_ccm, lib_its_security_context_comp/*recipient's public keys*/, salt, salt_length) == 0);
    assert(lib_its_security_context->sym_key_length == 16);
    assert(lib_its_security_context->tag_length == 16);
    // Expected digest: 22cc5d042f654a9ce39e52fe232248a8d4793603b1ce4e98f67f2d634c24692573a2e89dbe9952e79b32faa0c94bf614b243fd84097d2eb50c4d6a4b996b7c12
    // Expected k1: 22cc5d042f654a9ce39e52fe232248a8
    // Expected k2: d4793603b1ce4e98f67f2d634c24692573a2e89dbe9952e79b32faa0c94bf614
    show_hex((const int8_t*)"nonce", lib_its_security_context->nonce, lib_its_security_context->nonce_length);
    show_hex((const int8_t*)"tag", lib_its_security_context->tag, lib_its_security_context->tag_length);
    show_hex((const int8_t*)"sym_key", lib_its_security_context->sym_key, lib_its_security_context->sym_key_length);
    show_hex((const int8_t*)"enc_sym_key", lib_its_security_context->enc_sym_key, lib_its_security_context->sym_key_length);

    free(recipients_public_key);
    free(salt);

    uninitialize(&lib_its_security_context_comp);
    lib_its_security_context_comp = NULL;
    result = uninitialize(&lib_its_security_context);
    lib_its_security_context = NULL;
    if (result == -1) {
      fprintf(stderr, "main: uninitialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
  }

  /* Test encrypt_with_ecies_nistp256_with_sha256 #1 */
  printf("###########################################################################\n");
  printf("Test xxcrypt_with_ecies_nistp256_with_sha256 #1 \n");
  {
    printf("==> encrypt_with_ecies_nistp256_with_sha256 #1 \n");
    assert(lib_its_security_context == NULL);
    assert(lib_its_security_context_comp == NULL);
    result = initialize(nist_p_256, &lib_its_security_context);
    if (result == -1) {
      fprintf(stderr, "main: initialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
    /* Generate recipient's key */
    assert(generate_key_pair(lib_its_security_context, &lib_its_security_context->private_key, &lib_its_security_context->public_key_x, &lib_its_security_context->public_key_y, &lib_its_security_context->public_key_c, &lib_its_security_context->compressed_mode) == 0);
    /* Set parameters */
    size_t plain_text_message_length;
    uint8_t* plain_text_message = hex_to_bin((const int8_t*)"03810040038081BC01800381004003806400104553435259505400000000000000001101008082671439CBFB6E69370113B14E077A6097AACC62945C122D402A6975AF6FF3DAA77C8110455343525950540000000000000000111DCCE0F98400788301028000FA80017C00010180012481030201C04002026F0001C6B773D2F2B0828080217B7AA6442D85721A9DB6F0C2E307BEC1795B33E6957055F504F8F7A5DD1A956788F6A1146998DA44EC4756C8DB2AB46EBD1D3BAB6894FE8667594FAE2B24374002026F0001C6B773D33130828080AE1B9F9D16A35646C4C84CE4A4C3B50C84125356A74A94B009750941DC94A9DB6D91A2B75633AB573B3369C0DE7CCBD44EC08ABB268EA341FCBB53757E5B7589", &plain_text_message_length);
    size_t salt_length;
    uint8_t* salt = hex_to_bin((const int8_t*)"4739DA8E1723A178CCF278763454DAE55B67208F1D9DCB312BDA08D4402BDEAA", &salt_length);
    /* Encrypt */
    uint8_t* ephemeral_key_compressed = NULL;
    ecc_compressed_mode_t ephemeral_compressed_mode;
    uint8_t* aes_sym_key = NULL;
    uint8_t* encrypted_sym_key = NULL;
    uint8_t* authentication_vector = NULL;
    uint8_t* nonce = NULL;
    uint8_t* encrypted_secured_message = NULL;
    size_t encrypted_secured_message_length;
    assert(encrypt_with_ecies_nistp256_with_sha256(lib_its_security_context/*recipient's public keys*/, plain_text_message, plain_text_message_length, lib_its_security_context->public_key_c, lib_its_security_context->compressed_mode, salt, salt_length, &ephemeral_key_compressed, &ephemeral_compressed_mode, &aes_sym_key, &encrypted_sym_key, &authentication_vector, &nonce, &encrypted_secured_message, &encrypted_secured_message_length) == 0);
    show_hex((const int8_t*)"ephemeral_key_compressed", ephemeral_key_compressed, 32);
    show_hex((const int8_t*)"encrypted_secured_message || tag", encrypted_secured_message, encrypted_secured_message_length);
    /* Decrypt */
    printf("==> decrypt_with_ecies_nistp256_with_sha256 #1 \n");
    size_t new_plain_text_message_length;
    uint8_t* new_plain_text_message = NULL;
    uint8_t* new_aes_enc_sym_key = NULL;
    assert(decrypt_with_ecies_nistp256_with_sha256(lib_its_security_context, encrypted_secured_message, encrypted_secured_message_length, lib_its_security_context->private_key, ephemeral_key_compressed, ephemeral_compressed_mode, encrypted_sym_key, authentication_vector, nonce, salt, salt_length, &new_aes_enc_sym_key, &new_plain_text_message, &new_plain_text_message_length) == 0);
    show_hex((const int8_t*)"new_plain_text_message", new_plain_text_message, new_plain_text_message_length);
    show_hex((const int8_t*)"new_aes_enc_sym_key", new_aes_enc_sym_key, 16);
    /* TODO Verify result */
    assert(new_plain_text_message_length == plain_text_message_length);
    for (int32_t i = 0; i < plain_text_message_length; assert(*(plain_text_message + i) == *(new_plain_text_message + i)), i++);
    for (int32_t i = 0; i < 16; assert(*(encrypted_sym_key + i) == *(new_aes_enc_sym_key + i)), i++);

    free(new_plain_text_message);
    free(new_aes_enc_sym_key);
    free(plain_text_message);
    free(salt);
    free(aes_sym_key);
    free(encrypted_sym_key);
    free(authentication_vector);
    free(nonce);
    free(encrypted_secured_message);
    free(ephemeral_key_compressed);

    result = uninitialize(&lib_its_security_context);
    lib_its_security_context = NULL;
    if (result == -1) {
      fprintf(stderr, "main: uninitialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
  }

  /* Test encrypt_with_ecies_brainpoolp256r1_with_sha256 #1 */
  printf("###########################################################################\n");
  printf("Test xxcrypt_with_ecies_brainpoolp256r1_with_sha256 #1 \n");
  {
    printf("==> encrypt_with_ecies_brainpoolp256r1_with_sha256 #1 \n");
    assert(lib_its_security_context == NULL);
    assert(lib_its_security_context_comp == NULL);
    result = initialize(brainpool_p_256_r1, &lib_its_security_context);
    if (result == -1) {
      fprintf(stderr, "main: initialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
    /* Generate recipient's key */
    assert(generate_key_pair(lib_its_security_context, &lib_its_security_context->private_key, &lib_its_security_context->public_key_x, &lib_its_security_context->public_key_y, &lib_its_security_context->public_key_c, &lib_its_security_context->compressed_mode) == 0);
    /* Set parameters */
    size_t plain_text_message_length;
    uint8_t* plain_text_message = hex_to_bin((const int8_t*)"03810040038081BC01800381004003806400104553435259505400000000000000001101008082671439CBFB6E69370113B14E077A6097AACC62945C122D402A6975AF6FF3DAA77C8110455343525950540000000000000000111DCCE0F98400788301028000FA80017C00010180012481030201C04002026F0001C6B773D2F2B0828080217B7AA6442D85721A9DB6F0C2E307BEC1795B33E6957055F504F8F7A5DD1A956788F6A1146998DA44EC4756C8DB2AB46EBD1D3BAB6894FE8667594FAE2B24374002026F0001C6B773D33130828080AE1B9F9D16A35646C4C84CE4A4C3B50C84125356A74A94B009750941DC94A9DB6D91A2B75633AB573B3369C0DE7CCBD44EC08ABB268EA341FCBB53757E5B7589", &plain_text_message_length);
    size_t salt_length;
    uint8_t* salt = hex_to_bin((const int8_t*)"4739DA8E1723A178CCF278763454DAE55B67208F1D9DCB312BDA08D4402BDEAA", &salt_length);
    /* Encrypt */
    uint8_t* ephemeral_key_compressed = NULL;
    ecc_compressed_mode_t ephemeral_compressed_mode;
    uint8_t* aes_sym_key = NULL;
    uint8_t* encrypted_sym_key = NULL;
    uint8_t* authentication_vector = NULL;
    uint8_t* nonce = NULL;
    uint8_t* encrypted_secured_message = NULL;
    size_t encrypted_secured_message_length;
    assert(encrypt_with_ecies_brainpoolp256r1_with_sha256(lib_its_security_context/*recipient's public keys*/, plain_text_message, plain_text_message_length, lib_its_security_context->public_key_c, lib_its_security_context->compressed_mode, salt, salt_length, &ephemeral_key_compressed, &ephemeral_compressed_mode, &aes_sym_key, &encrypted_sym_key, &authentication_vector, &nonce, &encrypted_secured_message, &encrypted_secured_message_length) == 0);
    show_hex((const int8_t*)"ephemeral_key_compressed", ephemeral_key_compressed, 32);
    show_hex((const int8_t*)"encrypted_secured_message || tag", encrypted_secured_message, encrypted_secured_message_length);
    /* Decrypt */
    printf("==> decrypt_with_ecies_brainpoolp256r1_with_sha256 #1 \n");
    size_t new_plain_text_message_length;
    uint8_t* new_plain_text_message = NULL;
    uint8_t* new_aes_enc_sym_key = NULL;
    assert(decrypt_with_ecies_brainpoolp256r1_with_sha256(lib_its_security_context, encrypted_secured_message, encrypted_secured_message_length, lib_its_security_context->private_key, ephemeral_key_compressed, ephemeral_compressed_mode, encrypted_sym_key, authentication_vector, nonce, salt, salt_length, &new_aes_enc_sym_key, &new_plain_text_message, &new_plain_text_message_length) == 0);
    show_hex((const int8_t*)"new_plain_text_message", new_plain_text_message, new_plain_text_message_length);
    show_hex((const int8_t*)"new_aes_enc_sym_key", new_aes_enc_sym_key, 16);
    /* TODO Verify result */
    assert(new_plain_text_message_length == plain_text_message_length);
    for (int32_t i = 0; i < plain_text_message_length; assert(*(plain_text_message + i) == *(new_plain_text_message + i)), i++);
    for (int32_t i = 0; i < 16; assert(*(encrypted_sym_key + i) == *(new_aes_enc_sym_key + i)), i++);

    free(new_plain_text_message);
    free(new_aes_enc_sym_key);
    free(plain_text_message);
    free(salt);
    free(aes_sym_key);
    free(encrypted_sym_key);
    free(authentication_vector);
    free(nonce);
    free(encrypted_secured_message);
    free(ephemeral_key_compressed);

    result = uninitialize(&lib_its_security_context);
    lib_its_security_context = NULL;
    if (result == -1) {
      fprintf(stderr, "main: uninitialize failed: %d/'%s'\n", result, strerror(errno));
      return -1;
    }
  }

  return 0;
}

#endif