int main(void) {
if (sodium_init() == -1) {
return -1;
}
return_status status = return_status_init();
//create buffers
buffer_t *master_key = buffer_create_on_heap(50, 50);
buffer_t *subkey1 = buffer_create_on_heap(60, 60);
buffer_t *subkey2 = buffer_create_on_heap(60, 60);
buffer_t *subkey1_copy = buffer_create_on_heap(60, 60);
int status_int = 0;
status_int = buffer_fill_random(master_key, master_key->buffer_length);
if (status_int != 0) {
throw(KEYDERIVATION_FAILED, "Failed to generate master key.");
}
printf("Master key:\n");
print_hex(master_key);
putchar('\n');
status = derive_key(subkey1, subkey1->buffer_length, master_key, 0);
throw_on_error(KEYDERIVATION_FAILED, "Failed to derive first subkey.");
printf("First subkey:\n");
print_hex(subkey1);
putchar('\n');
status = derive_key(subkey2, subkey2->buffer_length, master_key, 1);
throw_on_error(KEYDERIVATION_FAILED, "Failed to derive the second subkey.");
printf("Second subkey:\n");
print_hex(subkey2);
putchar('\n');
if (buffer_compare(subkey1, subkey2) == 0) {
throw(KEYGENERATION_FAILED, "Both subkeys are the same.");
}
status = derive_key(subkey1_copy, subkey1_copy->buffer_length, master_key, 0);
throw_on_error(KEYDERIVATION_FAILED, "Failed to derive copy of the first subkey.");
if (buffer_compare(subkey1, subkey1_copy) != 0) {
throw(INCORRECT_DATA, "Failed to reproduce subkey.");
}
cleanup:
buffer_destroy_from_heap_and_null_if_valid(master_key);
buffer_destroy_from_heap_and_null_if_valid(subkey1);
buffer_destroy_from_heap_and_null_if_valid(subkey2);
buffer_destroy_from_heap_and_null_if_valid(subkey1_copy);
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
/*
* Find a user for a given public signing key.
*
* Returns NULL if no user was found.
*/
return_status user_store_find_node(user_store_node ** const node, user_store * const store, const buffer_t * const public_signing_key) {
return_status status = return_status_init();
if ((node == NULL) || (public_signing_key == NULL) || (public_signing_key->content_length != PUBLIC_MASTER_KEY_SIZE)) {
throw(INVALID_INPUT, "Invalid input for user_store_find_node.");
}
*node = store->head;
//search for the matching public identity key
while (*node != NULL) {
if (buffer_compare((*node)->public_signing_key, public_signing_key) == 0) {
//match found
break;
}
*node = (*node)->next; //go on through the list
}
if (*node == NULL) {
throw(NOT_FOUND, "Couldn't find the user store node.");
}
cleanup:
on_error {
if (node != NULL) {
*node = NULL;
}
}
return status;
}
int main(void) {
return_status status = return_status_init();
//generate keys
buffer_t *header_key = buffer_create_on_heap(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *message_key = buffer_create_on_heap(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *public_identity_key = buffer_create_on_heap(PUBLIC_KEY_SIZE, PUBLIC_KEY_SIZE);
buffer_t *public_ephemeral_key = buffer_create_on_heap(PUBLIC_KEY_SIZE, PUBLIC_KEY_SIZE);
buffer_t *public_prekey = buffer_create_on_heap(PUBLIC_KEY_SIZE, PUBLIC_KEY_SIZE);
buffer_t *header = buffer_create_on_heap(4, 4);
buffer_create_from_string(message, "Hello world!\n");
buffer_t *packet = NULL;
buffer_t *decrypted_header = NULL;
if(sodium_init() == -1) {
throw(INIT_ERROR, "Failed to initialize libsodium.");
}
//generate message
header->content[0] = 0x01;
header->content[1] = 0x02;
header->content[2] = 0x03;
header->content[3] = 0x04;
molch_message_type packet_type = 1;
printf("Packet type: %02x\n", packet_type);
putchar('\n');
//NORMAL MESSAGE
printf("NORMAL MESSAGE\n");
int status_int = 0;
status = create_and_print_message(
&packet,
header_key,
message_key,
packet_type,
header,
message,
NULL,
NULL,
NULL);
throw_on_error(GENERIC_ERROR, "Failed to create and print message.");
//now decrypt the header
status = packet_decrypt_header(
&decrypted_header,
packet,
header_key);
throw_on_error(DECRYPT_ERROR, "Failed to decrypt the header.");
if (decrypted_header->content_length != header->content_length) {
throw(INVALID_VALUE, "Decrypted header isn't of the same length.");
}
printf("Decrypted header has the same length.\n\n");
//compare headers
if (buffer_compare(header, decrypted_header) != 0) {
throw(INVALID_VALUE, "Decrypted header doesn't match.");
}
printf("Decrypted header matches.\n\n");
//check if it decrypts manipulated packets (manipulated metadata)
printf("Manipulating header length.\n");
packet->content[2]++;
status = packet_decrypt_header(
&decrypted_header,
packet,
header_key);
if (status.status == SUCCESS) {
throw(GENERIC_ERROR, "Manipulated packet was accepted.");
} else {
return_status_destroy_errors(&status);
}
printf("Header manipulation detected.\n\n");
//repair manipulation
packet->content[2]--;
//check if it decrypts manipulated packets (manipulated header)
printf("Manipulate header.\n");
packet->content[3 + crypto_aead_chacha20poly1305_NPUBBYTES + 1] ^= 0x12;
status = packet_decrypt_header(
&decrypted_header,
packet,
header_key);
if (status.status == SUCCESS) {
throw(GENERIC_ERROR, "Manipulated packet was accepted.");
} else {
return_status_destroy_errors(&status);
}
printf("Header manipulation detected!\n\n");
//undo header manipulation
packet->content[3 + crypto_aead_chacha20poly1305_NPUBBYTES + 1] ^= 0x12;
//PREKEY MESSAGE
printf("PREKEY_MESSAGE\n");
//create the public keys
status_int = buffer_fill_random(public_identity_key, PUBLIC_KEY_SIZE);
if (status_int != 0) {
throw(KEYGENERATION_FAILED, "Failed to generate public identity key.");
}
status_int = buffer_fill_random(public_ephemeral_key, PUBLIC_KEY_SIZE);
if (status_int != 0) {
throw(KEYGENERATION_FAILED, "Failed to generate public ephemeral key.");
}
status_int = buffer_fill_random(public_prekey, PUBLIC_KEY_SIZE);
if (status_int != 0) {
throw(KEYGENERATION_FAILED, "Failed to generate public prekey.");
}
buffer_destroy_from_heap_and_null_if_valid(packet);
packet_type = PREKEY_MESSAGE;
status = create_and_print_message(
&packet,
header_key,
message_key,
packet_type,
header,
message,
public_identity_key,
public_ephemeral_key,
public_prekey);
throw_on_error(GENERIC_ERROR, "Failed to crate and print message.");
//now decrypt the header
status = packet_decrypt_header(
&decrypted_header,
packet,
header_key);
throw_on_error(DECRYPT_ERROR, "Failed to decrypt the header.");
if (decrypted_header->content_length != header->content_length) {
throw(INVALID_VALUE, "Decrypted header isn't of the same length.");
}
printf("Decrypted header has the same length.\n\n");
//compare headers
if (buffer_compare(header, decrypted_header) != 0) {
throw(INVALID_VALUE, "Decrypted header doesn't match.");
}
printf("Decrypted header matches.\n");
cleanup:
buffer_destroy_from_heap_and_null_if_valid(header_key);
buffer_destroy_from_heap_and_null_if_valid(message_key);
buffer_destroy_from_heap_and_null_if_valid(header);
buffer_destroy_from_heap_and_null_if_valid(public_identity_key);
buffer_destroy_from_heap_and_null_if_valid(public_ephemeral_key);
buffer_destroy_from_heap_and_null_if_valid(public_prekey);
buffer_destroy_from_heap_and_null_if_valid(packet);
buffer_destroy_from_heap_and_null_if_valid(decrypted_header);
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
int main(void) {
sodium_init();
//generate keys and message
buffer_t *header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *message_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *message = buffer_create_from_string("Hello world!\n");
buffer_t *header = buffer_create(4, 4);
header->content[0] = 0x01;
header->content[1] = 0x02;
header->content[2] = 0x03;
header->content[3] = 0x04;
buffer_t *packet = buffer_create(3 + crypto_aead_chacha20poly1305_NPUBBYTES + crypto_aead_chacha20poly1305_ABYTES + crypto_secretbox_NONCEBYTES + message->content_length + header->content_length + crypto_secretbox_MACBYTES + 255, 3 + crypto_aead_chacha20poly1305_NPUBBYTES + crypto_aead_chacha20poly1305_ABYTES + crypto_secretbox_NONCEBYTES + message->content_length + header->content_length + crypto_secretbox_MACBYTES + 255);
const unsigned char packet_type = 1;
printf("Packet type: %02x\n", packet_type);
const unsigned char current_protocol_version = 2;
printf("Current protocol version: %02x\n", current_protocol_version);
const unsigned char highest_supported_protocol_version = 3;
printf("Highest supported protocol version: %02x\n", highest_supported_protocol_version);
putchar('\n');
int status = create_and_print_message(
packet,
packet_type,
current_protocol_version,
highest_supported_protocol_version,
message,
message_key,
header,
header_key);
buffer_clear(message_key);
buffer_clear(message);
if (status != 0) {
buffer_clear(header_key);
buffer_clear(header);
return status;
}
//now decrypt the header
buffer_t *decrypted_header = buffer_create(255, 255);
buffer_t *decrypted_message_nonce = buffer_create(crypto_secretbox_NONCEBYTES, crypto_secretbox_NONCEBYTES);
status = packet_decrypt_header(
packet,
decrypted_header,
decrypted_message_nonce,
header_key);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to decrypt the header. (%i)\n", status);
buffer_clear(header);
buffer_clear(decrypted_header);
buffer_clear(decrypted_message_nonce);
buffer_clear(header_key);
return status;
}
if (decrypted_header->content_length != header->content_length) {
fprintf(stderr, "ERROR: Decrypted header isn't of the same length!\n");
buffer_clear(header);
buffer_clear(decrypted_header);
buffer_clear(decrypted_message_nonce);
buffer_clear(header_key);
return EXIT_SUCCESS;
}
printf("Decrypted header has the same length.\n\n");
printf("Decrypted message nonce (%zi Bytes):\n", decrypted_message_nonce->content_length);
print_hex(decrypted_message_nonce);
putchar('\n');
buffer_clear(decrypted_message_nonce);
//compare headers
if (buffer_compare(header, decrypted_header) != 0) {
fprintf(stderr, "ERROR: Decrypted header doesn't match!\n");
buffer_clear(header);
buffer_clear(decrypted_header);
buffer_clear(header_key);
return EXIT_FAILURE;
}
printf("Decrypted header matches.\n\n");
//check if it decrypts manipulated packets (manipulated metadata)
printf("Manipulating header length.\n");
packet->content[2]++;
status = packet_decrypt_header(
packet,
decrypted_header,
decrypted_message_nonce,
header_key);
buffer_clear(decrypted_message_nonce);
buffer_clear(decrypted_header);
if (status == 0) { //header was decrypted despite manipulation
fprintf(stderr, "ERROR: Manipulated packet was accepted!\n");
buffer_clear(header);
buffer_clear(header_key);
return EXIT_FAILURE;
}
printf("Header manipulation detected.\n\n");
//repair manipulation
packet->content[2]--;
//check if it decrypts manipulated packets (manipulated header)
printf("Manipulate header.\n");
packet->content[3 + crypto_aead_chacha20poly1305_NPUBBYTES + 1] ^= 0x12;
status = packet_decrypt_header(
packet,
decrypted_header,
decrypted_message_nonce,
header_key);
buffer_clear(decrypted_message_nonce);
buffer_clear(decrypted_header);
if (status == 0) { //header was decrypted desp
fprintf(stderr, "ERROR: Manipulated packet was accepted!\n");
buffer_clear(header);
buffer_clear(header_key);
return EXIT_FAILURE;
}
printf("Header manipulation detected!\n");
//undo header manipulation
packet->content[3 + crypto_aead_chacha20poly1305_NPUBBYTES + 1] ^= 0x12;
buffer_clear(header);
buffer_clear(header_key);
return EXIT_SUCCESS;
}
int main(void) {
sodium_init();
int status;
//create Alice's identity keypair
buffer_t *alice_public_identity = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *alice_private_identity = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
status = generate_and_print_keypair(
alice_public_identity,
alice_private_identity,
buffer_create_from_string("Alice"),
buffer_create_from_string("identity"));
if (status != 0) {
buffer_clear(alice_private_identity);
return status;
}
//create Alice's ephemeral keypair
buffer_t *alice_public_ephemeral = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *alice_private_ephemeral = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
status = generate_and_print_keypair(
alice_public_ephemeral,
alice_private_ephemeral,
buffer_create_from_string("Alice"),
buffer_create_from_string("ephemeral"));
if (status != 0) {
buffer_clear(alice_private_identity);
buffer_clear(alice_private_ephemeral);
return status;
}
//create Bob's identity keypair
buffer_t *bob_public_identity = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *bob_private_identity = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
status = generate_and_print_keypair(
bob_public_identity,
bob_private_identity,
buffer_create_from_string("Bob"),
buffer_create_from_string("identity"));
if (status != 0) {
buffer_clear(alice_private_identity);
buffer_clear(alice_private_ephemeral);
buffer_clear(bob_private_identity);
return status;
}
//create Bob's ephemeral keypair
buffer_t *bob_public_ephemeral = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *bob_private_ephemeral = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
status = generate_and_print_keypair(
bob_public_ephemeral,
bob_private_ephemeral,
buffer_create_from_string("Bob"),
buffer_create_from_string("ephemeral"));
if (status != 0) {
buffer_clear(alice_private_identity);
buffer_clear(alice_private_ephemeral);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_ephemeral);
return status;
}
//derive Alice's initial root and chain key
buffer_t *alice_root_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *alice_send_chain_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *alice_receive_chain_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *alice_send_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *alice_receive_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *alice_next_send_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *alice_next_receive_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
status = derive_initial_root_chain_and_header_keys(
alice_root_key,
alice_send_chain_key,
alice_receive_chain_key,
alice_send_header_key,
alice_receive_header_key,
alice_next_send_header_key,
alice_next_receive_header_key,
alice_private_identity,
alice_public_identity,
bob_public_identity,
alice_private_ephemeral,
alice_public_ephemeral,
bob_public_ephemeral,
true);
buffer_clear(alice_private_identity);
buffer_clear(alice_private_ephemeral);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to derive Alice's initial root and chain key. (%i)\n", status);
buffer_clear(alice_root_key);
buffer_clear(alice_send_chain_key);
buffer_clear(alice_receive_chain_key);
buffer_clear(alice_send_header_key);
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_ephemeral);
return status;
}
//print Alice's initial root and chain key
printf("Alice's initial root key (%zi Bytes):\n", alice_root_key->content_length);
print_hex(alice_root_key);
putchar('\n');
printf("Alice's initial send chain key (%zi Bytes):\n", alice_send_chain_key->content_length);
print_hex(alice_send_chain_key);
putchar('\n');
printf("Alice's initial receive chain key (%zi Bytes):\n", alice_receive_chain_key->content_length);
print_hex(alice_receive_chain_key);
putchar('\n');
printf("Alice's initial send header key (%zi Bytes):\n", alice_send_header_key->content_length);
print_hex(alice_send_header_key);
putchar('\n');
printf("Alice's initial receive header key (%zi Bytes):\n", alice_receive_header_key->content_length);
print_hex(alice_receive_header_key);
printf("Alice's initial next send header key (%zi Bytes):\n", alice_next_send_header_key->content_length);
print_hex(alice_next_send_header_key);
putchar('\n');
printf("Alice's initial next receive header key (%zi Bytes):\n", alice_next_receive_header_key->content_length);
print_hex(alice_next_receive_header_key);
putchar('\n');
//derive Bob's initial root and chain key
buffer_t *bob_root_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *bob_send_chain_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *bob_receive_chain_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *bob_send_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *bob_receive_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *bob_next_send_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
buffer_t *bob_next_receive_header_key = buffer_create(crypto_aead_chacha20poly1305_KEYBYTES, crypto_aead_chacha20poly1305_KEYBYTES);
status = derive_initial_root_chain_and_header_keys(
bob_root_key,
bob_send_chain_key,
bob_receive_chain_key,
bob_send_header_key,
bob_receive_header_key,
bob_next_send_header_key,
bob_next_receive_header_key,
bob_private_identity,
bob_public_identity,
alice_public_identity,
bob_private_ephemeral,
bob_public_ephemeral,
alice_public_ephemeral,
false);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_ephemeral);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to derive Bob's initial root and chain key. (%i)", status);
buffer_clear(alice_root_key);
buffer_clear(alice_send_chain_key);
buffer_clear(alice_receive_chain_key);
buffer_clear(alice_send_header_key);
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_root_key);
buffer_clear(bob_send_chain_key);
buffer_clear(bob_receive_chain_key);
buffer_clear(bob_send_header_key);
buffer_clear(bob_receive_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return status;
}
//print Bob's initial root and chain key
printf("Bob's initial root key (%zi Bytes):\n", bob_root_key->content_length);
print_hex(bob_root_key);
putchar('\n');
printf("Bob's initial send chain key (%zi Bytes):\n", bob_send_chain_key->content_length);
print_hex(bob_send_chain_key);
putchar('\n');
printf("Bob's initial receive chain key (%zi Bytes):\n", bob_receive_chain_key->content_length);
print_hex(bob_receive_chain_key);
putchar('\n');
printf("Bob's initial send header key (%zi Bytes):\n", bob_send_header_key->content_length);
print_hex(bob_send_header_key);
putchar('\n');
printf("Bob's initial receive header key (%zi Bytes):\n", bob_receive_header_key->content_length);
print_hex(bob_receive_header_key);
printf("Bob's initial next send header key (%zi Bytes):\n", bob_next_send_header_key->content_length);
print_hex(bob_next_send_header_key);
putchar('\n');
printf("Bob's initial next receive header key (%zi Bytes):\n", bob_next_receive_header_key->content_length);
print_hex(bob_next_receive_header_key);
putchar('\n');
//compare Alice's and Bob's initial root key
if (buffer_compare(alice_root_key, bob_root_key) != 0) {
fprintf(stderr, "ERROR: Alice's and Bob's initial root keys don't match.\n");
buffer_clear(alice_root_key);
buffer_clear(alice_send_chain_key);
buffer_clear(alice_receive_chain_key);
buffer_clear(alice_send_header_key);
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_root_key);
buffer_clear(bob_send_chain_key);
buffer_clear(bob_receive_chain_key);
buffer_clear(bob_send_header_key);
buffer_clear(bob_receive_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return -10;
}
printf("Alice's and Bob's initial root keys match.\n");
buffer_clear(alice_root_key);
buffer_clear(bob_root_key);
//compare Alice's and Bob's initial chain keys
if (buffer_compare(alice_send_chain_key, bob_receive_chain_key) != 0) {
fprintf(stderr, "ERROR: Alice's and Bob's initial chain keys don't match.\n");
buffer_clear(alice_send_chain_key);
buffer_clear(alice_receive_chain_key);
buffer_clear(alice_send_header_key);
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_send_chain_key);
buffer_clear(bob_receive_chain_key);
buffer_clear(bob_send_header_key);
buffer_clear(bob_receive_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return -10;
}
printf("Alice's and Bob's initial chain keys match.\n");
buffer_clear(alice_send_chain_key);
buffer_clear(bob_receive_chain_key);
if (buffer_compare(alice_receive_chain_key, bob_send_chain_key) != 0) {
fprintf(stderr, "ERROR: Alice's and Bob's initial chain keys don't match.\n");
buffer_clear(alice_receive_chain_key);
buffer_clear(alice_send_header_key);
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_send_chain_key);
buffer_clear(bob_send_header_key);
buffer_clear(bob_receive_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return -10;
}
printf("Alice's and Bob's initial chain keys match.\n");
//compare Alice's and Bob's initial header keys 1/2
if (buffer_compare(alice_send_header_key, bob_receive_header_key) != 0) {
fprintf(stderr, "ERROR: Alice's initial send and Bob's initial receive header keys don't match.\n");
buffer_clear(alice_send_header_key);
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_send_header_key);
buffer_clear(bob_receive_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return -10;
}
printf("Alice's initial send and Bob's initial receive header keys match.\n");
buffer_clear(alice_send_header_key);
buffer_clear(bob_receive_header_key);
//compare Alice's and Bob's initial header keys 2/2
if (buffer_compare(alice_receive_header_key, bob_send_header_key) != 0) {
fprintf(stderr, "ERROR: Alice's initial receive and Bob's initial send header keys don't match.\n");
buffer_clear(alice_receive_header_key);
buffer_clear(alice_next_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(bob_send_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return -10;
}
printf("Alice's initial receive and Bob's initial send header keys match.\n");
buffer_clear(alice_receive_header_key);
buffer_clear(bob_send_header_key);
//compare Alice's and Bob's initial next header keys 1/2
if (buffer_compare(alice_next_send_header_key, bob_next_receive_header_key) != 0) {
fprintf(stderr, "ERROR: Alice's initial next send and Bob's initial next receive header keys don't match.\n");
buffer_clear(alice_next_receive_header_key);
buffer_clear(alice_next_send_header_key);
buffer_clear(bob_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
return -10;
}
printf("Alice's initial next send and Bob's initial next receive header keys match.\n");
buffer_clear(alice_next_send_header_key);
buffer_clear(bob_next_receive_header_key);
//compare Alice's and Bob's initial next header keys 2/2
if (buffer_compare(alice_next_receive_header_key, bob_next_send_header_key) != 0) {
fprintf(stderr, "ERROR: Alice's initial next receive and Bob's initial next send header keys don't match.\n");
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_next_send_header_key);
return -10;
}
printf("Alice's initial next receive and Bob's initial next send header keys match.\n");
buffer_clear(alice_next_receive_header_key);
buffer_clear(bob_next_send_header_key);
return EXIT_SUCCESS;
}
int main(void) {
if (sodium_init() == -1) {
return -1;
}
return_status status = return_status_init();
//create buffers
buffer_t *alice_public_key = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *alice_private_key = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *alice_shared_secret = buffer_create_on_heap(crypto_generichash_BYTES, crypto_generichash_BYTES);
buffer_t *bob_public_key = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *bob_private_key = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *bob_shared_secret = buffer_create_on_heap(crypto_generichash_BYTES, crypto_generichash_BYTES);
int status_int = 0;
//create Alice's keypair
buffer_create_from_string(alice_string, "Alice");
buffer_create_from_string(empty_string, "");
status = generate_and_print_keypair(
alice_public_key,
alice_private_key,
alice_string,
empty_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Alice's keypair.");
//create Bob's keypair
buffer_create_from_string(bob_string, "Bob");
status = generate_and_print_keypair(
bob_public_key,
bob_private_key,
bob_string,
empty_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Bob's keypair.");
//Diffie Hellman on Alice's side
status = diffie_hellman(
alice_shared_secret,
alice_private_key,
alice_public_key,
bob_public_key,
true);
buffer_clear(alice_private_key);
throw_on_error(KEYGENERATION_FAILED, "Diffie Hellman with Alice's private key failed.");
//print Alice's shared secret
printf("Alice's shared secret ECDH(A_priv, B_pub) (%zu Bytes):\n", alice_shared_secret->content_length);
print_hex(alice_shared_secret);
putchar('\n');
//Diffie Hellman on Bob's side
status = diffie_hellman(
bob_shared_secret,
bob_private_key,
bob_public_key,
alice_public_key,
false);
buffer_clear(bob_private_key);
throw_on_error(KEYGENERATION_FAILED, "Diffie Hellman with Bob's private key failed.");
//print Bob's shared secret
printf("Bob's shared secret ECDH(B_priv, A_pub) (%zu Bytes):\n", bob_shared_secret->content_length);
print_hex(bob_shared_secret);
putchar('\n');
//compare both shared secrets
status_int = buffer_compare(alice_shared_secret, bob_shared_secret);
buffer_clear(alice_shared_secret);
buffer_clear(bob_shared_secret);
if (status_int != 0) {
throw(INCORRECT_DATA, "Diffie Hellman didn't produce the same shared secret.");
}
printf("Both shared secrets match!\n");
cleanup:
buffer_destroy_from_heap_and_null_if_valid(alice_public_key);
buffer_destroy_from_heap_and_null_if_valid(alice_private_key);
buffer_destroy_from_heap_and_null_if_valid(alice_shared_secret);
buffer_destroy_from_heap_and_null_if_valid(bob_public_key);
buffer_destroy_from_heap_and_null_if_valid(bob_private_key);
buffer_destroy_from_heap_and_null_if_valid(bob_shared_secret);
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
int main(void) {
sodium_init();
//create a user_store
user_store *store = user_store_create();
//check the content
buffer_t *list = user_store_list(store);
if (list->content_length != 0) {
fprintf(stderr, "ERROR: List of users is not empty.\n");
user_store_destroy(store);
buffer_destroy_from_heap(list);
return EXIT_FAILURE;
}
buffer_destroy_from_heap(list);
int status;
//create three users with prekeys and identity keys
//first alice
//alice identity key
buffer_t *alice_private_identity = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *alice_public_identity = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
status = generate_and_print_keypair(
alice_public_identity,
alice_private_identity,
buffer_create_from_string("Alice"),
buffer_create_from_string("identity"));
if (status != 0) {
fprintf(stderr, "ERROR: Failed to generate Alice's identity keypair.\n");
buffer_clear(alice_private_identity);
return status;
}
//alice prekeys
buffer_t *alice_private_prekeys = buffer_create(PREKEY_AMOUNT * crypto_box_SECRETKEYBYTES, PREKEY_AMOUNT * crypto_box_SECRETKEYBYTES);
buffer_t *alice_public_prekeys = buffer_create(PREKEY_AMOUNT * crypto_box_PUBLICKEYBYTES, PREKEY_AMOUNT * crypto_box_PUBLICKEYBYTES);
status = generate_prekeys(alice_private_prekeys, alice_public_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to generate Alice's prekeys.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
return status;
}
//then bob
//bob's identity key
buffer_t *bob_private_identity = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *bob_public_identity = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
status = generate_and_print_keypair(
bob_public_identity,
bob_private_identity,
buffer_create_from_string("Bob"),
buffer_create_from_string("identity"));
if (status != 0) {
fprintf(stderr, "ERROR: Failed to generate Bob's identity keypair.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
return status;
}
//bob's prekeys
buffer_t *bob_private_prekeys = buffer_create(PREKEY_AMOUNT * crypto_box_SECRETKEYBYTES, PREKEY_AMOUNT * crypto_box_SECRETKEYBYTES);
buffer_t *bob_public_prekeys = buffer_create(PREKEY_AMOUNT * crypto_box_PUBLICKEYBYTES, PREKEY_AMOUNT * crypto_box_PUBLICKEYBYTES);
status = generate_prekeys(bob_private_prekeys, bob_public_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to generate Bob's prekeys.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
return status;
}
//then charlie
//charlie's identity key
buffer_t *charlie_private_identity = buffer_create(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *charlie_public_identity = buffer_create(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
status = generate_and_print_keypair(
charlie_public_identity,
charlie_private_identity,
buffer_create_from_string("Charlie"),
buffer_create_from_string("identity"));
if (status != 0) {
fprintf(stderr, "ERROR: Failed to generate Charlie's identity keypair.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
return status;
}
//charlie's prekeys
buffer_t *charlie_private_prekeys = buffer_create(PREKEY_AMOUNT * crypto_box_SECRETKEYBYTES, PREKEY_AMOUNT * crypto_box_SECRETKEYBYTES);
buffer_t *charlie_public_prekeys = buffer_create(PREKEY_AMOUNT * crypto_box_PUBLICKEYBYTES, PREKEY_AMOUNT * crypto_box_PUBLICKEYBYTES);
status = generate_prekeys(charlie_private_prekeys, charlie_public_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to generate Charlie's prekeys.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
return status;
}
//add alice to the user store
status = user_store_add(
store,
alice_public_identity,
alice_private_identity,
alice_public_prekeys,
alice_private_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to add Alice to the user store.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return status;
}
printf("Successfully added Alice to the user store.\n");
//check length of the user store
sodium_mprotect_readonly(store);
if (store->length != 1) {
fprintf(stderr, "ERROR: User store has incorrect length.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
sodium_mprotect_noaccess(store);
printf("Length of the user store matches.");
//list user store
list = user_store_list(store);
if (buffer_compare(list, alice_public_identity) != 0) {
fprintf(stderr, "ERROR: Failed to list users.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
buffer_destroy_from_heap(list);
user_store_destroy(store);
return EXIT_FAILURE;
}
buffer_destroy_from_heap(list);
printf("Successfully listed users.\n");
//add bob to the user store
status = user_store_add(
store,
bob_public_identity,
bob_private_identity,
bob_public_prekeys,
bob_private_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to add Bob to the user store.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return status;
}
printf("Successfully added Bob to the user store.\n");
//check length of the user store
sodium_mprotect_readonly(store);
if (store->length != 2) {
fprintf(stderr, "ERROR: User store has incorrect length.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
sodium_mprotect_noaccess(store);
printf("Length of the user store matches.");
//list user store
list = user_store_list(store);
if ((buffer_compare_partial(list, 0, alice_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)
|| (buffer_compare_partial(list, crypto_box_PUBLICKEYBYTES, bob_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)) {
fprintf(stderr, "ERROR: Failed to list users.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
buffer_destroy_from_heap(list);
user_store_destroy(store);
return EXIT_FAILURE;
}
buffer_destroy_from_heap(list);
printf("Successfully listed users.\n");
//add charlie to the user store
status = user_store_add(
store,
charlie_public_identity,
charlie_private_identity,
charlie_public_prekeys,
charlie_private_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to add Charlie to the user store.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return status;
}
printf("Successfully added Charlie to the user store.\n");
//check length of the user store
sodium_mprotect_readonly(store);
if (store->length != 3) {
fprintf(stderr, "ERROR: User store has incorrect length.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
sodium_mprotect_noaccess(store);
printf("Length of the user store matches.");
//list user store
list = user_store_list(store);
if ((buffer_compare_partial(list, 0, alice_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)
|| (buffer_compare_partial(list, crypto_box_PUBLICKEYBYTES, bob_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)
|| (buffer_compare_partial(list, 2 * crypto_box_PUBLICKEYBYTES, charlie_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)) {
fprintf(stderr, "ERROR: Failed to list users.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
buffer_destroy_from_heap(list);
user_store_destroy(store);
return EXIT_FAILURE;
}
buffer_destroy_from_heap(list);
printf("Successfully listed users.\n");
//find node
user_store_node *bob_node = user_store_find_node(store, bob_public_identity);
if (bob_node == NULL) {
fprintf(stderr, "ERROR: Failed to find Bob's node.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
printf("Node found.\n");
sodium_mprotect_readonly(bob_node);
if ((buffer_compare(&(bob_node->public_identity_key), bob_public_identity) != 0)
|| (buffer_compare(&(bob_node->private_identity_key), bob_private_identity) != 0)
|| (buffer_compare(&(bob_node->public_prekeys), bob_public_prekeys) != 0)
|| (buffer_compare(&(bob_node->private_prekeys), bob_private_prekeys) != 0)) {
fprintf(stderr, "ERROR: Bob's data from the user store doesn't match.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
sodium_mprotect_noaccess(bob_node);
printf("Data from the node matches.\n");
//remove a user identified by it's key
user_store_remove_by_key(store, bob_public_identity);
//check the length
sodium_mprotect_readonly(store);
if (store->length != 2) {
fprintf(stderr, "ERROR: User store has incorrect length.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
sodium_mprotect_noaccess(store);
printf("Length of the user store matches.");
//check the user list
list = user_store_list(store);
if ((buffer_compare_partial(list, 0, alice_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)
|| (buffer_compare_partial(list, crypto_box_PUBLICKEYBYTES, charlie_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)) {
fprintf(stderr, "ERROR: Removing user failed.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
buffer_destroy_from_heap(list);
return EXIT_FAILURE;
}
buffer_destroy_from_heap(list);
printf("Successfully removed user.\n");
//readd bob
status = user_store_add(
store,
bob_public_identity,
bob_private_identity,
bob_public_prekeys,
bob_private_prekeys);
if (status != 0) {
fprintf(stderr, "ERROR: Failed to readd Bob to the user store.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return status;
}
printf("Successfully readded Bob to the user store.\n");
//now find bob again
bob_node = user_store_find_node(store, bob_public_identity);
if (bob_node == NULL) {
fprintf(stderr, "ERROR: Failed to find Bob's node.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
printf("Bob's node found again.\n");
//remove bob by it's node
user_store_remove(store, bob_node);
//check the length
sodium_mprotect_readonly(store);
if (store->length != 2) {
fprintf(stderr, "ERROR: User store has incorrect length.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
return EXIT_FAILURE;
}
sodium_mprotect_noaccess(store);
printf("Length of the user store matches.");
//check the user list
list = user_store_list(store);
if ((buffer_compare_partial(list, 0, alice_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)
|| (buffer_compare_partial(list, crypto_box_PUBLICKEYBYTES, charlie_public_identity, 0, crypto_box_PUBLICKEYBYTES) != 0)) {
fprintf(stderr, "ERROR: Removing user failed.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
user_store_destroy(store);
buffer_destroy_from_heap(list);
return EXIT_FAILURE;
}
buffer_destroy_from_heap(list);
printf("Successfully removed user.\n");
buffer_clear(alice_private_identity);
buffer_clear(alice_private_prekeys);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_prekeys);
buffer_clear(charlie_private_identity);
buffer_clear(charlie_private_prekeys);
//clear the user store
user_store_clear(store);
//check the length
sodium_mprotect_readonly(store);
if (store->length != 0) {
fprintf(stderr, "ERROR: User store has incorrect length.\n");
user_store_destroy(store);
return EXIT_FAILURE;
}
printf("Successfully cleared user store.\n");
sodium_mprotect_noaccess(store);
user_store_destroy(store);
return EXIT_SUCCESS;
}
int main(void) {
if (sodium_init() == -1) {
return -1;
}
return_status status = return_status_init();
//create buffers
//alice keys
buffer_t * const alice_public_identity = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t * const alice_private_identity = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t * const alice_public_ephemeral = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t * const alice_private_ephemeral = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t * const alice_shared_secret = buffer_create_on_heap(crypto_generichash_BYTES, crypto_generichash_BYTES);
//bobs keys
buffer_t * const bob_public_identity = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t * const bob_private_identity = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t * const bob_public_ephemeral = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t * const bob_private_ephemeral = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t * const bob_shared_secret = buffer_create_on_heap(crypto_generichash_BYTES, crypto_generichash_BYTES);
printf("Generate Alice's keys -------------------------------------------------------\n\n");
int status_int = 0;
//create Alice's identity keypair
buffer_create_from_string(alice_string, "Alice");
buffer_create_from_string(identity_string, "identity");
status = generate_and_print_keypair(
alice_public_identity,
alice_private_identity,
alice_string,
identity_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Alice' identity keypair.");
//create Alice's ephemeral keypair
buffer_create_from_string(ephemeral_string, "ephemeral");
status = generate_and_print_keypair(
alice_public_ephemeral,
alice_private_ephemeral,
alice_string,
ephemeral_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Alice' ephemeral keypair.");
printf("Generate Bob's keys ---------------------------------------------------------\n\n");
//create Bob's identity keypair
buffer_create_from_string(bob_string, "Bob");
status = generate_and_print_keypair(
bob_public_identity,
bob_private_identity,
bob_string,
identity_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Bob's identity keypair.");
//create Bob's ephemeral keypair
status = generate_and_print_keypair(
bob_public_ephemeral,
bob_private_ephemeral,
bob_string,
ephemeral_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Bob's ephemeral keypair.");
printf("Calculate shared secret via Triple Diffie Hellman ---------------------------\n\n");
//Triple Diffie Hellman on Alice's side
status = triple_diffie_hellman(
alice_shared_secret,
alice_private_identity,
alice_public_identity,
alice_private_ephemeral,
alice_public_ephemeral,
bob_public_identity,
bob_public_ephemeral,
true);
buffer_clear(alice_private_identity);
buffer_clear(alice_private_ephemeral);
throw_on_error(KEYGENERATION_FAILED, "Triple Diffie Hellman for Alice failed.");
//print Alice's shared secret
printf("Alice's shared secret H(DH(A_priv,B0_pub)||DH(A0_priv,B_pub)||DH(A0_priv,B0_pub)):\n");
print_hex(alice_shared_secret);
putchar('\n');
//Triple Diffie Hellman on Bob's side
status = triple_diffie_hellman(
bob_shared_secret,
bob_private_identity,
bob_public_identity,
bob_private_ephemeral,
bob_public_ephemeral,
alice_public_identity,
alice_public_ephemeral,
false);
buffer_clear(bob_private_identity);
buffer_clear(bob_private_ephemeral);
throw_on_error(KEYGENERATION_FAILED, "Triple Diffie Hellnan for Bob failed.");
//print Bob's shared secret
printf("Bob's shared secret H(DH(B0_priv, A_pub)||DH(B_priv, A0_pub)||DH(B0_priv, A0_pub)):\n");
print_hex(bob_shared_secret);
putchar('\n');
//compare both shared secrets
status_int = buffer_compare(alice_shared_secret, bob_shared_secret);
buffer_clear(alice_shared_secret);
buffer_clear(bob_shared_secret);
if (status_int != 0) {
throw(INCORRECT_DATA, "Triple Diffie Hellman didn't produce the same shared secret.");
}
printf("Both shared secrets match!\n");
cleanup:
//alice keys
buffer_destroy_from_heap(alice_public_identity);
buffer_destroy_from_heap(alice_private_identity);
buffer_destroy_from_heap(alice_public_ephemeral);
buffer_destroy_from_heap(alice_private_ephemeral);
buffer_destroy_from_heap(alice_shared_secret);
//bobs keys
buffer_destroy_from_heap(bob_public_identity);
buffer_destroy_from_heap(bob_private_identity);
buffer_destroy_from_heap(bob_public_ephemeral);
buffer_destroy_from_heap(bob_private_ephemeral);
buffer_destroy_from_heap(bob_shared_secret);
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
int main(void) {
if (sodium_init() == -1) {
return -1;
}
return_status status = return_status_init();
buffer_t *public_prekey = buffer_create_on_heap(PUBLIC_KEY_SIZE, PUBLIC_KEY_SIZE);
buffer_t *private_prekey1 = buffer_create_on_heap(PRIVATE_KEY_SIZE, PRIVATE_KEY_SIZE);
buffer_t *private_prekey2 = buffer_create_on_heap(PRIVATE_KEY_SIZE, PRIVATE_KEY_SIZE);
buffer_t *prekey_list = buffer_create_on_heap(PREKEY_AMOUNT * PUBLIC_KEY_SIZE, PREKEY_AMOUNT * PUBLIC_KEY_SIZE);
Prekey **protobuf_export_prekeys = NULL;
buffer_t **protobuf_export_prekeys_buffers = NULL;
size_t protobuf_export_prekeys_size = 0;
Prekey **protobuf_export_deprecated_prekeys = NULL;
buffer_t **protobuf_export_deprecated_prekeys_buffers = NULL;
size_t protobuf_export_deprecated_prekeys_size = 0;
Prekey **protobuf_second_export_prekeys = NULL;
buffer_t **protobuf_second_export_prekeys_buffers = NULL;
size_t protobuf_second_export_prekeys_size = 0;
Prekey **protobuf_second_export_deprecated_prekeys = NULL;
buffer_t **protobuf_second_export_deprecated_prekeys_buffers = NULL;
size_t protobuf_second_export_deprecated_prekeys_size = 0;
prekey_store *store = NULL;
status = prekey_store_create(&store);
throw_on_error(CREATION_ERROR, "Failed to create a prekey store.");
status = prekey_store_list(store, prekey_list);
throw_on_error(DATA_FETCH_ERROR, "Failed to list prekeys.");
printf("Prekey list:\n");
print_hex(prekey_list);
putchar('\n');
//compare the public keys with the ones in the prekey store
for (size_t i = 0; i < PREKEY_AMOUNT; i++) {
if (buffer_compare_partial(prekey_list, PUBLIC_KEY_SIZE * i, store->prekeys[i].public_key, 0, PUBLIC_KEY_SIZE) != 0) {
throw(INCORRECT_DATA, "Key list doesn't match the prekey store.");
}
}
printf("Prekey list matches the prekey store!\n");
//get a private key
const size_t prekey_index = 10;
if (buffer_clone(public_prekey, store->prekeys[prekey_index].public_key) != 0) {
throw(BUFFER_ERROR, "Failed to clone public key.");
}
status = prekey_store_get_prekey(store, public_prekey, private_prekey1);
throw_on_error(DATA_FETCH_ERROR, "Failed to get prekey.")
printf("Get a Prekey:\n");
printf("Public key:\n");
print_hex(public_prekey);
printf("Private key:\n");
print_hex(private_prekey1);
putchar('\n');
if (store->deprecated_prekeys == NULL) {
throw(GENERIC_ERROR, "Failed to deprecate requested key.");
}
if ((buffer_compare(public_prekey, store->deprecated_prekeys->public_key) != 0)
|| (buffer_compare(private_prekey1, store->deprecated_prekeys->private_key) != 0)) {
throw(INCORRECT_DATA, "Deprecated key is incorrect.");
}
if (buffer_compare(store->prekeys[prekey_index].public_key, public_prekey) == 0) {
throw(KEYGENERATION_FAILED, "Failed to generate new key for deprecated one.");
}
printf("Successfully deprecated requested key!\n");
//check if the prekey can be obtained from the deprecated keys
status = prekey_store_get_prekey(store, public_prekey, private_prekey2);
throw_on_error(DATA_FETCH_ERROR, "Failed to get key from the deprecated area.");
if (buffer_compare(private_prekey1, private_prekey2) != 0) {
throw(INCORRECT_DATA, "Prekey from the deprecated area didn't match.");
}
printf("Successfully got prekey from the deprecated area!\n");
//try to get a nonexistent key
if (buffer_fill_random(public_prekey, PUBLIC_KEY_SIZE) != 0) {
throw(KEYGENERATION_FAILED, "Failed to generate invalid public prekey.");
}
status = prekey_store_get_prekey(store, public_prekey, private_prekey1);
if (status.status == SUCCESS) {
throw(GENERIC_ERROR, "Didn't complain about invalid public key.");
}
printf("Detected invalid public prekey!\n");
//reset return status
return_status_destroy_errors(&status);
status.status = SUCCESS;
//Protobuf-C export
printf("Protobuf-C export\n");
status = protobuf_export(
store,
&protobuf_export_prekeys,
&protobuf_export_prekeys_size,
&protobuf_export_prekeys_buffers,
&protobuf_export_deprecated_prekeys,
&protobuf_export_deprecated_prekeys_size,
&protobuf_export_deprecated_prekeys_buffers);
throw_on_error(EXPORT_ERROR, "Failed to export prekey store to protobuf.");
printf("Prekeys:\n");
puts("[\n");
for (size_t i = 0; i < protobuf_export_prekeys_size; i++) {
print_hex(protobuf_export_prekeys_buffers[i]);
puts(",\n");
}
puts("]\n\n");
printf("Deprecated Prekeys:\n");
puts("[\n");
for (size_t i = 0; i < protobuf_export_deprecated_prekeys_size; i++) {
print_hex(protobuf_export_deprecated_prekeys_buffers[i]);
puts(",\n");
}
puts("]\n\n");
prekey_store_destroy(store);
store = NULL;
printf("Import from Protobuf-C\n");
status = protobuf_import(
&store,
protobuf_export_prekeys_buffers,
protobuf_export_prekeys_size,
protobuf_export_deprecated_prekeys_buffers,
protobuf_export_deprecated_prekeys_size);
throw_on_error(IMPORT_ERROR, "Failed to import from protobuf.");
printf("Protobuf-C export again\n");
status = protobuf_export(
store,
&protobuf_second_export_prekeys,
&protobuf_second_export_prekeys_size,
&protobuf_second_export_prekeys_buffers,
&protobuf_second_export_deprecated_prekeys,
&protobuf_second_export_deprecated_prekeys_size,
&protobuf_second_export_deprecated_prekeys_buffers);
throw_on_error(EXPORT_ERROR, "Failed to export prekey store to protobuf.");
//compare both prekey lists
printf("Compare normal prekeys\n");
if (protobuf_export_prekeys_size != protobuf_second_export_prekeys_size) {
throw(INCORRECT_DATA, "Both prekey exports contain different amounts of keys.");
}
for (size_t i = 0; i < protobuf_export_prekeys_size; i++) {
if (buffer_compare(protobuf_export_prekeys_buffers[i], protobuf_second_export_prekeys_buffers[i]) != 0) {
throw(INCORRECT_DATA, "First and second prekey export are not identical.");
}
}
//compare both deprecated prekey lists
printf("Compare deprecated prekeys\n");
if (protobuf_export_deprecated_prekeys_size != protobuf_second_export_deprecated_prekeys_size) {
throw(INCORRECT_DATA, "Both depcated prekey exports contain different amounts of keys.");
}
for (size_t i = 0; i < protobuf_export_deprecated_prekeys_size; i++) {
if (buffer_compare(protobuf_export_deprecated_prekeys_buffers[i], protobuf_second_export_deprecated_prekeys_buffers[i]) != 0) {
throw(INCORRECT_DATA, "First and second deprecated prekey export are not identical.");
}
}
//test the automatic deprecation of old keys
if (buffer_clone(public_prekey, store->prekeys[PREKEY_AMOUNT-1].public_key) != 0) {
throw(BUFFER_ERROR, "Failed to clone public key.");
}
store->prekeys[PREKEY_AMOUNT-1].expiration_date -= 365 * 24 * 3600; //one year
store->oldest_expiration_date = store->prekeys[PREKEY_AMOUNT - 1].expiration_date;
status = prekey_store_rotate(store);
throw_on_error(GENERIC_ERROR, "Failed to rotate the prekeys.");
if (buffer_compare(store->deprecated_prekeys->public_key, public_prekey) != 0) {
throw(GENERIC_ERROR, "Failed to deprecate outdated key.");
}
printf("Successfully deprecated outdated key!\n");
//test the automatic removal of old deprecated keys!
if (buffer_clone(public_prekey, store->deprecated_prekeys->next->public_key) != 0) {
throw(BUFFER_ERROR, "Failed to clone public key.");
}
store->deprecated_prekeys->next->expiration_date -= 24 * 3600;
store->oldest_deprecated_expiration_date = store->deprecated_prekeys->next->expiration_date;
status = prekey_store_rotate(store);
throw_on_error(GENERIC_ERROR, "Failed to rotate the prekeys.");
if (store->deprecated_prekeys->next != NULL) {
throw(GENERIC_ERROR, "Failed to remove outdated key.");
}
printf("Successfully removed outdated deprecated key!\n");
status = protobuf_no_deprecated_keys();
throw_on_error(GENERIC_ERROR, "Failed to im-/export a prekey store without deprecated prekeys.");
cleanup:
buffer_destroy_from_heap_and_null_if_valid(public_prekey);
buffer_destroy_from_heap_and_null_if_valid(private_prekey1);
buffer_destroy_from_heap_and_null_if_valid(private_prekey2);
buffer_destroy_from_heap_and_null_if_valid(prekey_list);
prekey_store_destroy(store);
if (protobuf_export_prekeys != NULL) {
for (size_t i = 0; i < protobuf_export_prekeys_size; i++) {
if (protobuf_export_prekeys[i] != NULL) {
prekey__free_unpacked(protobuf_export_prekeys[i], &protobuf_c_allocators);
protobuf_export_prekeys[i] = NULL;
}
}
zeroed_free_and_null_if_valid(protobuf_export_prekeys);
}
if (protobuf_export_deprecated_prekeys != NULL) {
for (size_t i = 0; i < protobuf_export_deprecated_prekeys_size; i++) {
if (protobuf_export_deprecated_prekeys[i] != NULL) {
prekey__free_unpacked(protobuf_export_deprecated_prekeys[i], &protobuf_c_allocators);
protobuf_export_deprecated_prekeys[i] = NULL;
}
}
zeroed_free_and_null_if_valid(protobuf_export_deprecated_prekeys);
}
if (protobuf_export_prekeys_buffers != NULL) {
for (size_t i = 0; i < protobuf_export_prekeys_size; i++) {
buffer_destroy_from_heap_and_null_if_valid(protobuf_export_prekeys_buffers[i]);
}
zeroed_free_and_null_if_valid(protobuf_export_prekeys_buffers);
}
if (protobuf_export_deprecated_prekeys_buffers != NULL) {
for (size_t i = 0; i < protobuf_export_deprecated_prekeys_size; i++) {
buffer_destroy_from_heap_and_null_if_valid(protobuf_export_deprecated_prekeys_buffers[i]);
}
zeroed_free_and_null_if_valid(protobuf_export_deprecated_prekeys_buffers);
}
if (protobuf_second_export_prekeys != NULL) {
for (size_t i = 0; i < protobuf_second_export_prekeys_size; i++) {
if (protobuf_second_export_prekeys[i] != NULL) {
prekey__free_unpacked(protobuf_second_export_prekeys[i], &protobuf_c_allocators);
protobuf_second_export_prekeys[i] = NULL;
}
}
zeroed_free_and_null_if_valid(protobuf_second_export_prekeys);
}
if (protobuf_second_export_deprecated_prekeys != NULL) {
for (size_t i = 0; i < protobuf_second_export_deprecated_prekeys_size; i++) {
if (protobuf_second_export_deprecated_prekeys[i] != NULL) {
prekey__free_unpacked(protobuf_second_export_deprecated_prekeys[i], &protobuf_c_allocators);
protobuf_second_export_deprecated_prekeys[i] = NULL;
}
}
zeroed_free_and_null_if_valid(protobuf_second_export_deprecated_prekeys);
}
if (protobuf_second_export_prekeys_buffers != NULL) {
for (size_t i = 0; i < protobuf_second_export_prekeys_size; i++) {
buffer_destroy_from_heap_and_null_if_valid(protobuf_second_export_prekeys_buffers[i]);
}
zeroed_free_and_null_if_valid(protobuf_second_export_prekeys_buffers);
}
if (protobuf_second_export_deprecated_prekeys_buffers != NULL) {
for (size_t i = 0; i < protobuf_second_export_deprecated_prekeys_size; i++) {
buffer_destroy_from_heap_and_null_if_valid(protobuf_second_export_deprecated_prekeys_buffers[i]);
}
zeroed_free_and_null_if_valid(protobuf_second_export_deprecated_prekeys_buffers);
}
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
int main(void) {
if (sodium_init() == -1) {
return -1;
}
return_status status = return_status_init();
//create key buffers
buffer_t *alice_public_ephemeral = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *alice_private_ephemeral = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *bob_public_ephemeral = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *bob_private_ephemeral = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *previous_root_key = buffer_create_on_heap(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *alice_root_key = buffer_create_on_heap(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *alice_chain_key = buffer_create_on_heap(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *alice_header_key = buffer_create_on_heap(HEADER_KEY_SIZE, HEADER_KEY_SIZE);
buffer_t *bob_root_key = buffer_create_on_heap(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *bob_chain_key = buffer_create_on_heap(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
buffer_t *bob_header_key = buffer_create_on_heap(HEADER_KEY_SIZE, HEADER_KEY_SIZE);
//create Alice's keypair
buffer_create_from_string(alice_string, "Alice");
buffer_create_from_string(ephemeral_string, "ephemeral");
status = generate_and_print_keypair(
alice_public_ephemeral,
alice_private_ephemeral,
alice_string,
ephemeral_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Alice's ephemeral keypair.");
//create Bob's keypair
buffer_create_from_string(bob_string, "Bob");
status = generate_and_print_keypair(
bob_public_ephemeral,
bob_private_ephemeral,
bob_string,
ephemeral_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Bob's ephemeral keypair.");
//create previous root key
if (buffer_fill_random(previous_root_key, crypto_secretbox_KEYBYTES) != 0) {
throw(KEYGENERATION_FAILED, "Failed to generate previous root key.");
}
//print previous root key
printf("Previous root key (%zu Bytes):\n", previous_root_key->content_length);
print_hex(previous_root_key);
putchar('\n');
//derive root and chain key for Alice
status = derive_root_next_header_and_chain_keys(
alice_root_key,
alice_header_key,
alice_chain_key,
alice_private_ephemeral,
alice_public_ephemeral,
bob_public_ephemeral,
previous_root_key,
true);
throw_on_error(KEYDERIVATION_FAILED, "Failed to derive root, next header and chain key for Alice.");
//print Alice's root and chain key
printf("Alice's root key (%zu Bytes):\n", alice_root_key->content_length);
print_hex(alice_root_key);
printf("Alice's chain key (%zu Bytes):\n", alice_chain_key->content_length);
print_hex(alice_chain_key);
printf("Alice's header key (%zu Bytes):\n", alice_header_key->content_length);
print_hex(alice_header_key);
putchar('\n');
//derive root and chain key for Bob
status = derive_root_next_header_and_chain_keys(
bob_root_key,
bob_header_key,
bob_chain_key,
bob_private_ephemeral,
bob_public_ephemeral,
alice_public_ephemeral,
previous_root_key,
false);
throw_on_error(KEYDERIVATION_FAILED, "Failed to derive root, next header and chain key for Bob.");
//print Bob's root and chain key
printf("Bob's root key (%zu Bytes):\n", bob_root_key->content_length);
print_hex(bob_root_key);
printf("Bob's chain key (%zu Bytes):\n", bob_chain_key->content_length);
print_hex(bob_chain_key);
printf("Bob's header key (%zu Bytes):\n", bob_header_key->content_length);
print_hex(bob_header_key);
putchar('\n');
//compare Alice's and Bob's root keys
if (buffer_compare(alice_root_key, bob_root_key) == 0) {
printf("Alice's and Bob's root keys match.\n");
} else {
throw(INCORRECT_DATA, "Alice's and Bob's root keys don't match.");
}
buffer_clear(alice_root_key);
buffer_clear(bob_root_key);
//compare Alice's and Bob's chain keys
if (buffer_compare(alice_chain_key, bob_chain_key) == 0) {
printf("Alice's and Bob's chain keys match.\n");
} else {
throw(INCORRECT_DATA, "Alice's and Bob's chain keys don't match.");
}
//compare Alice's and Bob's header keys
if (buffer_compare(alice_header_key, bob_header_key) == 0) {
printf("Alice's and Bob's header keys match.\n");
} else {
throw(INCORRECT_DATA, "Alice's and Bob's header keys don't match.");
}
cleanup:
buffer_destroy_from_heap_and_null_if_valid(alice_public_ephemeral);
buffer_destroy_from_heap_and_null_if_valid(alice_private_ephemeral);
buffer_destroy_from_heap_and_null_if_valid(bob_public_ephemeral);
buffer_destroy_from_heap_and_null_if_valid(bob_private_ephemeral);
buffer_destroy_from_heap_and_null_if_valid(previous_root_key);
buffer_destroy_from_heap_and_null_if_valid(alice_root_key);
buffer_destroy_from_heap_and_null_if_valid(alice_chain_key);
buffer_destroy_from_heap_and_null_if_valid(alice_header_key);
buffer_destroy_from_heap_and_null_if_valid(bob_root_key);
buffer_destroy_from_heap_and_null_if_valid(bob_chain_key);
buffer_destroy_from_heap_and_null_if_valid(bob_header_key);
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
