int main(void) { size_t clen; for (clen = 0; clen < sizeof c; ++clen) { randombytes_buf(key, sizeof key); randombytes_buf(c, clen); crypto_auth_hmacsha512(a, c, clen, key); if (crypto_auth_hmacsha512_verify(a, c, clen, key) != 0) { printf("fail %u\n", (unsigned int) clen); return 100; } if (clen > 0) { c[(size_t) rand() % clen] += 1 + (rand() % 255); if (crypto_auth_hmacsha512_verify(a, c, clen, key) == 0) { printf("forgery %u\n", (unsigned int) clen); return 100; } a[rand() % sizeof a] += 1 + (rand() % 255); if (crypto_auth_hmacsha512_verify(a, c, clen, key) == 0) { printf("forgery %u\n", (unsigned int) clen); return 100; } } } return 0; }
void c_rpc_server::c_session::read_handler_hmac(const boost::system::error_code &error, std::size_t bytes_transferred) { _dbg("readed " << bytes_transferred << " bytes of hmac authenticator"); _dbg("authenticate message"); if (error) { _dbg("asio error " << error.message()); delete_me(); return; } int ret = crypto_auth_hmacsha512_verify(m_hmac_authenticator.data(), reinterpret_cast<const unsigned char *>(m_received_data.data()), m_received_data.size(), m_hmac_key.data() ); if (ret == -1) { _warn("hmac authentication error"); delete_me(); return; } assert(ret == 0); try { execute_rpc_command(m_received_data); } catch (const std::exception &e) { _erro( "exception read_handler " << e.what()); _erro( "close connection\n" ); delete_me(); return; } }