static void cryptoAuth(struct Context* ctx)
{
Log_info(ctx->log, "Setting up salsa20/poly1305 benchmark (encryption and decryption only)");
struct Allocator* alloc = Allocator_child(ctx->alloc);
struct CryptoAuth* ca1 = CryptoAuth_new(alloc, NULL, ctx->base, ctx->log, ctx->rand);
struct CryptoAuth* ca2 = CryptoAuth_new(alloc, NULL, ctx->base, ctx->log, ctx->rand);
struct CryptoAuth_Session* sess1 =
CryptoAuth_newSession(ca1, alloc, ca2->publicKey, NULL, false, "bench");
struct CryptoAuth_Session* sess2 =
CryptoAuth_newSession(ca2, alloc, ca1->publicKey, NULL, false, "bench");
int size = 1500;
int count = 100000;
struct Message* msg = Message_new(size, 256, alloc);
Random_bytes(ctx->rand, msg->bytes, msg->length);
// setup session
for (int i = 0; i < 2; i++) {
Assert_true(!CryptoAuth_encrypt(sess1, msg));
Assert_true(!CryptoAuth_decrypt(sess2, msg));
Assert_true(!CryptoAuth_encrypt(sess2, msg));
Assert_true(!CryptoAuth_decrypt(sess1, msg));
}
begin(ctx, "salsa20/poly1305", (count * size * 8) / 1024, "kilobits");
for (int i = 0; i < count; i++) {
Assert_true(!CryptoAuth_encrypt(sess1, msg));
Assert_true(!CryptoAuth_decrypt(sess2, msg));
}
done(ctx);
Allocator_free(alloc);
}
static void repeatHello()
{
uint8_t* expectedOutput =
"0000000101641c99f7719f5700000000a693a9fd3f0e27e81ab1100b57b37259"
"4c2adca8671f1fdd050383c91e7d56ec2336c09739fa8e91d8dc5bec63e8fad0"
"74bee22a90642a6ba8555be84c5e35970c5270e8f31f2a5978e0fbdee4542882"
"97568f25a3fc2801aa707d954c78eccb970bcc8cb26867e9dbf0c9d6ef1b3f27"
"24e7e550";
struct Allocator* alloc = MallocAllocator_new(1<<20);
struct Context* ctx = setUp(NULL, HERPUBKEY, "password", alloc);
struct Message* msg = Message_new(0, CryptoHeader_SIZE + HELLOWORLDLEN, alloc);
Message_push(msg, HELLOWORLD, HELLOWORLDLEN, NULL);
Assert_true(!CryptoAuth_encrypt(ctx->sess, msg));
Message_reset(msg);
Message_push(msg, HELLOWORLD, HELLOWORLDLEN, NULL);
Assert_true(!CryptoAuth_encrypt(ctx->sess, msg));
char* actual = Hex_print(msg->bytes, msg->length, alloc);
if (CString_strcmp(actual, expectedOutput)) {
Assert_failure("Test failed.\n"
"Expected %s\n"
" Got %s\n", expectedOutput, actual);
}
Allocator_free(alloc);
}
// This is directly called from SwitchCore, message is not encrypted.
static Iface_DEFUN sendFromSwitch(struct Message* msg, struct Iface* switchIf)
{
struct Peer* ep = Identity_check((struct Peer*) switchIf);
ep->bytesOut += msg->length;
int msgs = PeerLink_send(msg, ep->peerLink);
for (int i = 0; i < msgs; i++) {
msg = PeerLink_poll(ep->peerLink);
Assert_true(!CryptoAuth_encrypt(ep->caSession, msg));
Assert_true(!(((uintptr_t)msg->bytes) % 4) && "alignment fault");
// push the lladdr...
Message_push(msg, ep->lladdr, ep->lladdr->addrLen, NULL);
// very noisy
if (Defined(Log_DEBUG) && false) {
char* printedAddr =
Hex_print(&ep->lladdr[1], ep->lladdr->addrLen - Sockaddr_OVERHEAD, msg->alloc);
Log_debug(ep->ici->ic->logger, "Outgoing message to [%s]", printedAddr);
}
Iface_send(&ep->ici->pub.addrIf, msg);
}
return NULL;
}
static void encryptRndNonceTest()
{
uint8_t buff[44];
Bits_memset(buff, 0, 44);
uint8_t nonce[24];
Bits_memset(nonce, 0, 24);
uint8_t secret[32];
Bits_memset(secret, 0, 32);
struct Message m = { .bytes=&buff[32], .length=HELLOWORLDLEN, .padding=32};
CString_strcpy((char*) m.bytes, HELLOWORLDLOWER);
CryptoAuth_encryptRndNonce(nonce, &m, secret);
uint8_t* expected = (uint8_t*) "1391ac5d03ba9f7099bffbb6e6c69d67ae5bd79391a5b94399b293dc";
uint8_t output[57];
Hex_encode(output, 57, m.bytes, m.length);
printf("\n%s\n%s\n", (char*) expected, (char*) output);
Assert_true(!Bits_memcmp(expected, output, 56));
Assert_true(!CryptoAuth_decryptRndNonce(nonce, &m, secret));
Assert_true(m.length == HELLOWORLDLEN && !Bits_memcmp(m.bytes, HELLOWORLDLOWER, m.length));
}
static struct Random* evilRandom(struct Allocator* alloc, struct Log* logger)
{
struct RandomSeed* evilSeed = DeterminentRandomSeed_new(alloc, NULL);
return Random_newWithSeed(alloc, logger, evilSeed, NULL);
}
struct Context
{
struct Allocator* alloc;
struct CryptoAuth* ca;
struct CryptoAuth_Session* sess;
struct Log* log;
struct EventBase* base;
};
static struct Context* setUp(uint8_t* myPrivateKey,
uint8_t* herPublicKey,
uint8_t* authPassword,
struct Allocator* alloc)
{
struct Context* ctx = Allocator_calloc(alloc, sizeof(struct Context), 1);
struct Log* log = ctx->log = FileWriterLog_new(stdout, alloc);
struct EventBase* base = ctx->base = EventBase_new(alloc);
struct CryptoAuth* ca = ctx->ca =
CryptoAuth_new(alloc, myPrivateKey, base, log, evilRandom(alloc, log));
struct CryptoAuth_Session* sess = ctx->sess =
CryptoAuth_newSession(ca, alloc, herPublicKey, NULL, false, Gcc_FILE);
if (authPassword) {
CryptoAuth_setAuth(String_CONST(authPassword), NULL, sess);
}
return ctx;
}
static void testHello(uint8_t* password, uint8_t* expectedOutput)
{
Assert_true(CString_strlen((char*)expectedOutput) == 264);
struct Allocator* alloc = MallocAllocator_new(1<<20);
struct Context* ctx = setUp(NULL, HERPUBKEY, password, alloc);
struct Message* msg = Message_new(0, CryptoHeader_SIZE + 12, alloc);
Message_push(msg, HELLOWORLD, HELLOWORLDLEN, NULL);
Assert_true(!CryptoAuth_encrypt(ctx->sess, msg));
char* actual = Hex_print(msg->bytes, msg->length, alloc);
if (CString_strcmp(actual, expectedOutput)) {
Assert_failure("Test failed.\n"
"Expected %s\n"
" Got %s\n", expectedOutput, actual);
}
Allocator_free(alloc);
}
