int main(int argc, char **argv) { SilcUInt64 sec; SilcUInt32 usec; double totsec; unsigned char *data; SilcUInt32 rounds; SilcUInt32 i, k; data = malloc(ENC_LEN * sizeof(*data)); if (!data) exit(1); for (i = 0; i < ENC_LEN; i++) data[i] = i % 255; silc_timer_synchronize(&timer); for (i = 0; silc_default_ciphers[i].name; i++) { if (!silc_cipher_alloc(silc_default_ciphers[i].name, &cipher)) { fprintf(stderr, "Error allocating %s\n", silc_default_ciphers[i].name); exit(1); } silc_cipher_set_key(cipher, data, silc_cipher_get_key_len(cipher), TRUE); silc_cipher_set_iv(cipher, data); rounds = ENC_ROUND; retry: silc_timer_start(&timer); for (k = 0; k < rounds; k++) silc_cipher_encrypt(cipher, data, data, ENC_LEN, NULL); silc_timer_stop(&timer); silc_timer_value(&timer, &sec, &usec); totsec = (double)sec; totsec += ((double)usec / (double)(1000 * 1000)); if (totsec < ENC_MIN_TIME) { rounds += rounds; goto retry; } printf("%s:\t%.2f KB (%.2f MB) / sec (total test time %.2f secs)\n", silc_default_ciphers[i].name, (((double)(ENC_LEN * rounds) / 1024.0) / totsec), (((double)(ENC_LEN * rounds) / (1024.0 * 1024.0)) / totsec), totsec); silc_cipher_free(cipher); } return 0; }
int main(int argc, char **argv) { SilcUInt64 sec; SilcUInt32 usec; double totsec; unsigned char *data; SilcUInt32 rounds; SilcUInt32 i, k; silc_runtime_init(); silc_crypto_init(NULL); #if 0 silc_log_debug(TRUE); silc_log_quick(TRUE); silc_log_debug_hexdump(TRUE); silc_log_set_debug_string("*acc*,*thread*"); #endif if (!silc_acc_init(SILC_SOFTACC, (void *)0x01, "min_threads", 2, "max_threads", 8, NULL)) exit(1); data = malloc(ENC_LEN * sizeof(*data)); if (!data) exit(1); for (i = 0; i < ENC_LEN; i++) data[i] = i % 255; silc_timer_synchronize(&timer); for (i = 0; silc_default_ciphers[i].name; i++) { if (!silc_cipher_alloc(silc_default_ciphers[i].name, &cipher)) { fprintf(stderr, "Error allocating %s\n", silc_default_ciphers[i].name); exit(1); } acc_cipher = silc_acc_cipher(SILC_SOFTACC, cipher); if (!acc_cipher) continue; silc_cipher_set_iv(acc_cipher, data); silc_cipher_set_key(acc_cipher, data, silc_cipher_get_key_len(cipher), TRUE); sleep(1); rounds = ENC_ROUND; retry: silc_timer_start(&timer); for (k = 0; k < rounds; k++) silc_cipher_encrypt(acc_cipher, data, data, ENC_LEN, NULL); silc_timer_stop(&timer); silc_timer_value(&timer, &sec, &usec); totsec = (double)sec; totsec += ((double)usec / (double)((double)1000 * (double)1000)); if (totsec < ENC_MIN_TIME) { rounds += rounds; goto retry; } silc_cipher_free(acc_cipher); silc_cipher_free(cipher); sleep(1); printf("%s:\t%.2f KB (%.2f MB, %.2f Mbit) / sec (total %.3f secs)\n", silc_default_ciphers[i].name, (((double)((double)ENC_LEN * (double)rounds) / 1024.0) / totsec), (((double)((double)ENC_LEN * (double)rounds) / (1024.0 * 1024.0)) / totsec), ((((double)((double)ENC_LEN * (double)rounds) / 1024.0) / 128.0) / totsec), totsec); } silc_acc_uninit(SILC_SOFTACC); silc_crypto_uninit(); silc_runtime_uninit(); return 0; }
SilcBool silc_client_add_private_message_key_ske(SilcClient client, SilcClientConnection conn, SilcClientEntry client_entry, const char *cipher, const char *hmac, SilcSKEKeyMaterial keymat) { if (!client || !client_entry) return FALSE; /* Return FALSE if key already set */ if (client_entry->internal.send_key && client_entry->internal.receive_key) return FALSE; if (!cipher) cipher = SILC_DEFAULT_CIPHER; if (!hmac) hmac = SILC_DEFAULT_HMAC; /* Check the requested cipher and HMAC */ if (!silc_cipher_is_supported(cipher)) return FALSE; if (!silc_hmac_is_supported(hmac)) return FALSE; client_entry->internal.generated = TRUE; /* Allocate the cipher and HMAC */ if (!silc_cipher_alloc(cipher, &client_entry->internal.send_key)) return FALSE; if (!silc_cipher_alloc(cipher, &client_entry->internal.receive_key)) return FALSE; if (!silc_hmac_alloc(hmac, NULL, &client_entry->internal.hmac_send)) return FALSE; if (!silc_hmac_alloc(hmac, NULL, &client_entry->internal.hmac_receive)) return FALSE; /* Set the keys */ if (client_entry->internal.prv_resp) { silc_cipher_set_key(client_entry->internal.send_key, keymat->receive_enc_key, keymat->enc_key_len, TRUE); silc_cipher_set_iv(client_entry->internal.send_key, keymat->receive_iv); silc_cipher_set_key(client_entry->internal.receive_key, keymat->send_enc_key, keymat->enc_key_len, FALSE); silc_cipher_set_iv(client_entry->internal.receive_key, keymat->send_iv); silc_hmac_set_key(client_entry->internal.hmac_send, keymat->receive_hmac_key, keymat->hmac_key_len); silc_hmac_set_key(client_entry->internal.hmac_receive, keymat->send_hmac_key, keymat->hmac_key_len); } else { silc_cipher_set_key(client_entry->internal.send_key, keymat->send_enc_key, keymat->enc_key_len, TRUE); silc_cipher_set_iv(client_entry->internal.send_key, keymat->send_iv); silc_cipher_set_key(client_entry->internal.receive_key, keymat->receive_enc_key, keymat->enc_key_len, FALSE); silc_cipher_set_iv(client_entry->internal.receive_key, keymat->receive_iv); silc_hmac_set_key(client_entry->internal.hmac_send, keymat->send_hmac_key, keymat->hmac_key_len); silc_hmac_set_key(client_entry->internal.hmac_receive, keymat->receive_hmac_key, keymat->hmac_key_len); } return TRUE; }
int main(int argc, char **argv) { SilcBool success = FALSE; SilcMessagePayload message; SilcBuffer buf; const char *msg = "FOOBAR MESSAGE"; unsigned char *data, tmp[1023], *tmp2; SilcUInt32 data_len; SilcUInt16 flags; int i, n; if (argc > 1 && !strcmp(argv[1], "-d")) { silc_log_debug(TRUE); silc_log_debug_hexdump(TRUE); silc_log_set_debug_string("*message*"); } silc_cipher_register_default(); silc_hash_register_default(); silc_hmac_register_default(); silc_pkcs_register_default(); SILC_LOG_DEBUG(("Load keypair")); if (!silc_load_key_pair("pubkey.pub", "privkey.prv", "", &public_key, &private_key)) { SILC_LOG_DEBUG(("Create keypair")); if (!silc_create_key_pair("rsa", 2048, "pubkey.pub", "privkey.prv", NULL, "", &public_key, &private_key, FALSE)) goto err; } SILC_LOG_DEBUG(("Alloc RNG")); rng = silc_rng_alloc(); silc_rng_init(rng); SILC_LOG_DEBUG(("Alloc AES")); if (!silc_cipher_alloc("aes-128-cbc", &key)) goto err; SILC_LOG_DEBUG(("Alloc SHA-256")); if (!silc_hash_alloc("sha256", &hash)) goto err; SILC_LOG_DEBUG(("Alloc HMAC")); if (!silc_hmac_alloc("hmac-sha256-96", hash, &hmac)) goto err; SILC_LOG_DEBUG(("Set static key: '1234567890123456'")); if (!silc_cipher_set_key(key, "1234567890123456", 16 * 8)) goto err; SILC_LOG_DEBUG(("Set HMAC key: '1234567890123456'")); silc_hmac_set_key(hmac, "1234567890123456", 16); /* Simple private message */ SILC_LOG_DEBUG(("Encoding private message len %d (static key)", strlen(msg))); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK, msg, strlen(msg), TRUE, TRUE, key, hmac, rng, NULL, NULL, NULL, NULL); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing private messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), TRUE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != strlen(msg) || memcmp(data, msg, strlen(msg))) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); silc_message_payload_free(message); /* Simple private message */ n = 10; SILC_LOG_DEBUG(("Encoding private message len %d (static key)", n)); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK, msg, n, TRUE, TRUE, key, hmac, rng, NULL, NULL, NULL, buf); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing private messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), TRUE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != n || memcmp(data, msg, n)) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); silc_message_payload_free(message); /* Simple private message */ n = 1; SILC_LOG_DEBUG(("Encoding private message len %d (static key)", n)); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK, msg, n, TRUE, TRUE, key, hmac, rng, NULL, NULL, NULL, buf); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing private messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), TRUE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != n || memcmp(data, msg, n)) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); silc_message_payload_free(message); /* Simple private message */ for (i = 0; i < sizeof(tmp); i++) tmp[i] = (32 + i) & 127; SILC_LOG_DEBUG(("Encoding private message len %d (static key)", sizeof(tmp))); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK, tmp, sizeof(tmp), TRUE, TRUE, key, hmac, rng, NULL, NULL, NULL, buf); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing private messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), TRUE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != sizeof(tmp) || memcmp(data, tmp, sizeof(tmp))) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); silc_message_payload_free(message); /* Digitally signed private message */ for (i = 0; i < sizeof(tmp); i++) tmp[i] = (32 + i) & 127; SILC_LOG_DEBUG(("Encoding private message len %d (static key) SIGNED", sizeof(tmp))); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK | SILC_MESSAGE_FLAG_SIGNED, tmp, sizeof(tmp), TRUE, TRUE, key, hmac, rng, public_key, private_key, hash, buf); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing private messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), TRUE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; if (!(flags & SILC_MESSAGE_FLAG_SIGNED)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != sizeof(tmp) || memcmp(data, tmp, sizeof(tmp))) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); SILC_LOG_DEBUG(("Verifying signature")); if (silc_message_signed_verify(message, public_key, hash) != SILC_AUTH_OK) goto err; SILC_LOG_DEBUG(("Signature Ok")); SILC_LOG_DEBUG(("Get public key")); pk2 = silc_message_signed_get_public_key(message, NULL, NULL); if (!pk2) goto err; SILC_LOG_DEBUG(("Verify public key")); if (!silc_pkcs_public_key_compare(public_key, pk2)) goto err; SILC_LOG_DEBUG(("Public key Ok")); silc_pkcs_public_key_free(pk2); silc_message_payload_free(message); /* Digitally signed channel message */ for (i = 0; i < sizeof(tmp) / 2; i++) tmp[i] = (32 + i) & 127; SILC_LOG_DEBUG(("Encoding channel message len %d (static key) SIGNED", sizeof(tmp) / 2)); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK | SILC_MESSAGE_FLAG_SIGNED, tmp, sizeof(tmp) / 2, TRUE, FALSE, key, hmac, rng, public_key, private_key, hash, buf); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing channel messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), FALSE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; if (!(flags & SILC_MESSAGE_FLAG_SIGNED)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != sizeof(tmp) / 2 || memcmp(data, tmp, sizeof(tmp) / 2)) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); SILC_LOG_DEBUG(("Verifying signature")); if (silc_message_signed_verify(message, public_key, hash) != SILC_AUTH_OK) goto err; SILC_LOG_DEBUG(("Signature Ok")); SILC_LOG_DEBUG(("Get public key")); pk2 = silc_message_signed_get_public_key(message, NULL, NULL); if (!pk2) goto err; SILC_LOG_DEBUG(("Verify public key")); if (!silc_pkcs_public_key_compare(public_key, pk2)) goto err; SILC_LOG_DEBUG(("Public key Ok")); silc_pkcs_public_key_free(pk2); silc_message_payload_free(message); /* Digitally signed private message (no encryption) */ for (i = 0; i < sizeof(tmp) / 2; i++) tmp[i] = (32 + i) & 127; SILC_LOG_DEBUG(("Encoding private message len %d SIGNED", sizeof(tmp) / 2)); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK | SILC_MESSAGE_FLAG_SIGNED, tmp, sizeof(tmp) / 2, FALSE, TRUE, NULL, NULL, rng, public_key, private_key, hash, buf); if (!buf) goto err; SILC_LOG_HEXDUMP(("message"), buf->data, silc_buffer_len(buf)); SILC_LOG_DEBUG(("Parsing private messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), TRUE, FALSE, NULL, NULL, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; if (!(flags & SILC_MESSAGE_FLAG_SIGNED)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_HEXDUMP(("Data"), data, data_len); if (data_len != sizeof(tmp) / 2 || memcmp(data, tmp, sizeof(tmp) / 2)) goto err; SILC_LOG_DEBUG(("Verifying signature")); if (silc_message_signed_verify(message, public_key, hash) != SILC_AUTH_OK) goto err; SILC_LOG_DEBUG(("Signature Ok")); SILC_LOG_DEBUG(("Get public key")); pk2 = silc_message_signed_get_public_key(message, NULL, NULL); if (!pk2) goto err; SILC_LOG_DEBUG(("Verify public key")); if (!silc_pkcs_public_key_compare(public_key, pk2)) goto err; SILC_LOG_DEBUG(("Public key Ok")); silc_pkcs_public_key_free(pk2); silc_message_payload_free(message); /* Digitally signed channel message (LARGE) */ n = 65550; tmp2 = silc_malloc(n); if (!tmp2) goto err; SILC_LOG_DEBUG(("Encoding channel message len %d (static key) SIGNED LARGE", n)); buf = silc_message_payload_encode(SILC_MESSAGE_FLAG_ACTION | SILC_MESSAGE_FLAG_UTF8 | SILC_MESSAGE_FLAG_ACK | SILC_MESSAGE_FLAG_SIGNED, tmp2, n, TRUE, FALSE, key, hmac, rng, public_key, private_key, hash, buf); if (!buf) goto err; SILC_LOG_DEBUG(("Message length: %d", silc_buffer_len(buf))); if (silc_buffer_len(buf) > SILC_PACKET_MAX_LEN) goto err; SILC_LOG_DEBUG(("Parsing channel messsage (static key)")); message = silc_message_payload_parse(silc_buffer_data(buf), silc_buffer_len(buf), FALSE, TRUE, key, hmac, NULL, FALSE, NULL); if (!message) goto err; flags = silc_message_get_flags(message); SILC_LOG_DEBUG(("Flags: %x", flags)); if (!(flags & SILC_MESSAGE_FLAG_ACTION)) goto err; if (!(flags & SILC_MESSAGE_FLAG_UTF8)) goto err; if (!(flags & SILC_MESSAGE_FLAG_ACK)) goto err; if (!(flags & SILC_MESSAGE_FLAG_SIGNED)) goto err; data = silc_message_get_data(message, &data_len); SILC_LOG_DEBUG(("Data len: %d", data_len)); if (silc_buffer_len(buf) > SILC_PACKET_MAX_LEN) goto err; SILC_LOG_HEXDUMP(("MAC"), silc_message_get_mac(message), silc_hmac_len(hmac)); SILC_LOG_DEBUG(("Verifying signature")); if (silc_message_signed_verify(message, public_key, hash) != SILC_AUTH_OK) goto err; SILC_LOG_DEBUG(("Signature Ok")); SILC_LOG_DEBUG(("Get public key")); pk2 = silc_message_signed_get_public_key(message, NULL, NULL); if (!pk2) goto err; SILC_LOG_DEBUG(("Verify public key")); if (!silc_pkcs_public_key_compare(public_key, pk2)) goto err; SILC_LOG_DEBUG(("Public key Ok")); silc_pkcs_public_key_free(pk2); silc_message_payload_free(message); silc_free(tmp2); success = TRUE; SILC_LOG_DEBUG(("Cleanup")); silc_pkcs_public_key_free(public_key); silc_pkcs_private_key_free(private_key); silc_cipher_free(key); silc_hash_free(hash); silc_rng_free(rng); err: silc_cipher_unregister_all(); silc_hash_unregister_all(); silc_hmac_unregister_all(); silc_pkcs_unregister_all(); SILC_LOG_DEBUG(("Testing was %s", success ? "SUCCESS" : "FAILURE")); fprintf(stderr, "Testing was %s\n", success ? "SUCCESS" : "FAILURE"); return success; }
int main(int argc, char **argv) { SilcBool success = FALSE; SilcCipher cipher, cipher2; unsigned char dst[256], pdst[256]; int i; if (argc > 1 && !strcmp(argv[1], "-d")) { silc_log_debug(TRUE); silc_log_debug_hexdump(TRUE); silc_log_set_debug_string("*crypt*,*cast*,*cipher*"); } SILC_LOG_DEBUG(("Registering builtin hash functions")); silc_cipher_register_default(); SILC_LOG_DEBUG(("Allocating cast5-CBC cipher")); if (!silc_cipher_alloc("cast5-128-cbc", &cipher)) { SILC_LOG_DEBUG(("Allocating cas5-CBC cipher failed")); goto err; } if (!silc_cipher_alloc("cast5-128-cbc", &cipher2)) { SILC_LOG_DEBUG(("Allocating cast5-CBC cipher failed")); goto err; } /* First test vector */ SILC_LOG_DEBUG(("First test vector")); memset(dst, 0, sizeof(dst)); memset(pdst, 0, sizeof(pdst)); silc_cipher_set_iv(cipher, iv1); assert(silc_cipher_set_key(cipher, key1, key1_len, TRUE)); assert(silc_cipher_set_key(cipher2, key1, key1_len, FALSE)); assert(silc_cipher_encrypt(cipher, p1, dst, p1_len, NULL)); SILC_LOG_DEBUG(("block len %d, key len %d, name %s", silc_cipher_get_block_len(cipher), silc_cipher_get_key_len(cipher), silc_cipher_get_name(cipher))); SILC_LOG_HEXDUMP(("Plaintext"), (unsigned char *)p1, p1_len); SILC_LOG_HEXDUMP(("Ciphertext"), (unsigned char *)dst, p1_len); SILC_LOG_HEXDUMP(("Expected ciphertext"), (unsigned char *)c1, p1_len); if (memcmp(dst, c1, p1_len)) { SILC_LOG_DEBUG(("Encrypt failed")); goto err; } SILC_LOG_DEBUG(("Encrypt is successful")); silc_cipher_set_iv(cipher2, iv1); assert(silc_cipher_decrypt(cipher2, dst, pdst, p1_len, NULL)); SILC_LOG_HEXDUMP(("Decrypted plaintext"), (unsigned char *)pdst, p1_len); SILC_LOG_HEXDUMP(("Expected plaintext"), (unsigned char *)p1, p1_len); if (memcmp(pdst, p1, p1_len)) { SILC_LOG_DEBUG(("Decrypt failed")); goto err; } SILC_LOG_DEBUG(("Decrypt is successful")); /* Second test vector */ SILC_LOG_DEBUG(("Second test vector")); memset(dst, 0, sizeof(dst)); memset(pdst, 0, sizeof(pdst)); silc_cipher_set_iv(cipher, iv2); assert(silc_cipher_set_key(cipher, key2, key2_len, TRUE)); assert(silc_cipher_set_key(cipher2, key2, key2_len, FALSE)); assert(silc_cipher_encrypt(cipher, p2, dst, p2_len, NULL)); SILC_LOG_DEBUG(("block len %d, key len %d, name %s", silc_cipher_get_block_len(cipher), silc_cipher_get_key_len(cipher), silc_cipher_get_name(cipher))); SILC_LOG_HEXDUMP(("Plaintext"), (unsigned char *)p2, p2_len); SILC_LOG_HEXDUMP(("Ciphertext"), (unsigned char *)dst, p2_len); SILC_LOG_HEXDUMP(("Expected ciphertext"), (unsigned char *)c2, p2_len); if (memcmp(dst, c2, p2_len)) { SILC_LOG_DEBUG(("Encrypt failed")); goto err; } SILC_LOG_DEBUG(("Encrypt is successful")); silc_cipher_set_iv(cipher2, iv2); assert(silc_cipher_decrypt(cipher2, dst, pdst, p2_len, NULL)); SILC_LOG_HEXDUMP(("Decrypted plaintext"), (unsigned char *)pdst, p2_len); SILC_LOG_HEXDUMP(("Expected plaintext"), (unsigned char *)p2, p2_len); if (memcmp(pdst, p2, p2_len)) { SILC_LOG_DEBUG(("Decrypt failed")); goto err; } SILC_LOG_DEBUG(("Decrypt is successful")); silc_cipher_free(cipher); silc_cipher_free(cipher2); SILC_LOG_DEBUG(("Allocating cast5-128-ctr cipher")); if (!silc_cipher_alloc("cast5-128-ctr", &cipher)) { SILC_LOG_DEBUG(("Allocating cast5-128-ctr cipher failed")); goto err; } /* Fourth test vector */ SILC_LOG_DEBUG(("Fourth test vector")); memset(dst, 0, sizeof(dst)); memset(pdst, 0, sizeof(pdst)); silc_cipher_set_iv(cipher, iv4); assert(silc_cipher_set_key(cipher, key4, key4_len, TRUE)); assert(silc_cipher_encrypt(cipher, p4, dst, p4_len, NULL)); SILC_LOG_DEBUG(("block len %d, key len %d, name %s", silc_cipher_get_block_len(cipher), silc_cipher_get_key_len(cipher), silc_cipher_get_name(cipher))); SILC_LOG_HEXDUMP(("Plaintext"), (unsigned char *)p4, p4_len); SILC_LOG_HEXDUMP(("Ciphertext"), (unsigned char *)dst, p4_len); SILC_LOG_HEXDUMP(("Expected ciphertext"), (unsigned char *)c4, p4_len); if (memcmp(dst, c4, p4_len)) { SILC_LOG_DEBUG(("Encrypt failed")); goto err; } SILC_LOG_DEBUG(("Encrypt is successful")); silc_cipher_set_iv(cipher, iv4); assert(silc_cipher_decrypt(cipher, dst, pdst, p4_len, NULL)); SILC_LOG_HEXDUMP(("Decrypted plaintext"), (unsigned char *)pdst, p4_len); SILC_LOG_HEXDUMP(("Expected plaintext"), (unsigned char *)p4, p4_len); if (memcmp(pdst, p4, p4_len)) { SILC_LOG_DEBUG(("Decrypt failed")); goto err; } SILC_LOG_DEBUG(("Decrypt is successful")); silc_cipher_free(cipher); SILC_LOG_DEBUG(("Allocating cast5-128-cfb cipher")); if (!silc_cipher_alloc("cast5-128-cfb", &cipher)) { SILC_LOG_DEBUG(("Allocating cast5-128-cfb cipher failed")); goto err; } if (!silc_cipher_alloc("cast5-128-cfb", &cipher2)) { SILC_LOG_DEBUG(("Allocating cast5-128-cfb cipher failed")); goto err; } SILC_LOG_DEBUG(("CFB test vector")); memset(dst, 0, sizeof(dst)); memset(pdst, 0, sizeof(pdst)); silc_cipher_set_iv(cipher, iv6); assert(silc_cipher_set_key(cipher, key6, key6_len, TRUE)); assert(silc_cipher_set_key(cipher2, key6, key6_len, FALSE)); assert(silc_cipher_encrypt(cipher, p6, dst, p6_len, NULL)); SILC_LOG_DEBUG(("block len %d, key len %d, name %s", silc_cipher_get_block_len(cipher), silc_cipher_get_key_len(cipher), silc_cipher_get_name(cipher))); SILC_LOG_HEXDUMP(("Plaintext"), (unsigned char *)p6, p6_len); SILC_LOG_HEXDUMP(("Ciphertext"), (unsigned char *)dst, p6_len); SILC_LOG_HEXDUMP(("Expected ciphertext"), (unsigned char *)c6, p6_len); if (memcmp(dst, c6, p6_len)) { SILC_LOG_DEBUG(("Encrypt failed")); goto err; } SILC_LOG_DEBUG(("Encrypt is successful")); silc_cipher_set_iv(cipher2, iv6); assert(silc_cipher_decrypt(cipher2, dst, pdst, p6_len, NULL)); SILC_LOG_HEXDUMP(("Decrypted plaintext"), (unsigned char *)pdst, p6_len); SILC_LOG_HEXDUMP(("Expected plaintext"), (unsigned char *)p6, p6_len); if (memcmp(pdst, p6, p6_len)) { SILC_LOG_DEBUG(("Decrypt failed")); goto err; } SILC_LOG_DEBUG(("Decrypt is successful")); silc_cipher_free(cipher2); success = TRUE; err: SILC_LOG_DEBUG(("Testing was %s", success ? "SUCCESS" : "FAILURE")); fprintf(stderr, "Testing was %s\n", success ? "SUCCESS" : "FAILURE"); silc_cipher_unregister_all(); return success; }
int main(int argc, char **argv) { SilcBool success = FALSE; unsigned char *data, iv[SILC_CIPHER_MAX_IV_SIZE]; SilcUInt32 i, k; silc_runtime_init(); silc_crypto_init(NULL); if (argc > 1 && !strcmp(argv[1], "-d")) { silc_log_debug(TRUE); silc_log_debug_hexdump(TRUE); silc_log_set_debug_string("*acc*,*cipher*,*twofish*"); } if (!silc_acc_init(SILC_SOFTACC, (void *)0x01, "min_threads", 2, "max_threads", 8, NULL)) exit(1); data = malloc(ENC_LEN * sizeof(*data)); if (!data) exit(1); /* Plaintext */ for (i = 0; i < ENC_LEN; i++) data[i] = i % 255; SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); /* IV */ for (i = 0; i < SILC_CIPHER_MAX_IV_SIZE; i++) iv[i] = i % 255; SILC_LOG_HEXDUMP(("IV"), iv, SILC_CIPHER_MAX_IV_SIZE); for (i = 0; silc_default_ciphers[i].name; i++) { if (!silc_cipher_alloc(silc_default_ciphers[i].name, &enc_cipher)) { fprintf(stderr, "Error allocating %s\n", silc_default_ciphers[i].name); exit(1); } if (!silc_cipher_alloc(silc_default_ciphers[i].name, &dec_cipher)) { fprintf(stderr, "Error allocating %s\n", silc_default_ciphers[i].name); exit(1); } enc_acc_cipher = silc_acc_cipher(SILC_SOFTACC, enc_cipher); if (!enc_acc_cipher) continue; dec_acc_cipher = silc_acc_cipher(SILC_SOFTACC, dec_cipher); if (!dec_acc_cipher) continue; SILC_LOG_DEBUG(("Allocated cipher %s", silc_default_ciphers[i].name)); SILC_LOG_DEBUG(("Set key")); silc_cipher_set_key(enc_acc_cipher, data, silc_cipher_get_key_len(enc_cipher), TRUE); silc_cipher_set_key(dec_acc_cipher, data, silc_cipher_get_key_len(dec_cipher), FALSE); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(enc_acc_cipher, iv); SILC_LOG_DEBUG(("Encrypt with accelerated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_encrypt(enc_acc_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(dec_cipher, iv); SILC_LOG_DEBUG(("Decrypt with associated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_decrypt(dec_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); /* Verify */ SILC_LOG_DEBUG(("Verify")); for (k = 0; k < ENC_LEN; k++) if (data[k] != k % 255) goto err; SILC_LOG_DEBUG(("Ok")); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(enc_cipher, iv); SILC_LOG_DEBUG(("Encrypt with associated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_encrypt(enc_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(dec_acc_cipher, iv); SILC_LOG_DEBUG(("Decrypt with accelerated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_decrypt(dec_acc_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); /* Verify */ SILC_LOG_DEBUG(("Verify")); for (k = 0; k < ENC_LEN; k++) if (data[k] != k % 255) goto err; SILC_LOG_DEBUG(("Ok")); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(enc_acc_cipher, iv); SILC_LOG_DEBUG(("Encrypt with accelerated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_encrypt(enc_acc_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(dec_acc_cipher, iv); SILC_LOG_DEBUG(("Decrypt with accelerated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_decrypt(dec_acc_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); /* Verify */ SILC_LOG_DEBUG(("Verify")); for (k = 0; k < ENC_LEN; k++) if (data[k] != k % 255) goto err; SILC_LOG_DEBUG(("Ok")); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(enc_cipher, iv); SILC_LOG_DEBUG(("Encrypt with associated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_encrypt(enc_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); SILC_LOG_DEBUG(("Set IV")); silc_cipher_set_iv(dec_cipher, iv); SILC_LOG_DEBUG(("Decrypt with associated cipher")); for (k = 0; k < ENC_ROUND; k++) silc_cipher_decrypt(dec_cipher, data, data, ENC_LEN, NULL); SILC_LOG_HEXDUMP(("data"), data, ENC_LEN); /* Verify */ SILC_LOG_DEBUG(("Verify")); for (k = 0; k < ENC_LEN; k++) if (data[k] != k % 255) goto err; SILC_LOG_DEBUG(("Ok")); silc_cipher_free(enc_acc_cipher); silc_cipher_free(enc_cipher); silc_cipher_free(dec_acc_cipher); silc_cipher_free(dec_cipher); } silc_acc_uninit(SILC_SOFTACC); success = TRUE; err: SILC_LOG_DEBUG(("Testing was %s", success ? "SUCCESS" : "FAILURE")); fprintf(stderr, "Testing was %s\n", success ? "SUCCESS" : "FAILURE"); silc_crypto_uninit(); silc_runtime_uninit(); return !success; }
SilcBool silc_client_add_channel_private_key(SilcClient client, SilcClientConnection conn, SilcChannelEntry channel, const char *name, char *cipher, char *hmac, unsigned char *key, SilcUInt32 key_len, SilcChannelPrivateKey *ret_key) { SilcChannelPrivateKey entry; unsigned char hash[SILC_HASH_MAXLEN]; SilcSKEKeyMaterial keymat; if (!client || !conn || !channel) return FALSE; if (!cipher) cipher = SILC_DEFAULT_CIPHER; if (!hmac) hmac = SILC_DEFAULT_HMAC; if (!silc_cipher_is_supported(cipher)) return FALSE; if (!silc_hmac_is_supported(hmac)) return FALSE; if (!channel->internal.private_keys) { channel->internal.private_keys = silc_dlist_init(); if (!channel->internal.private_keys) return FALSE; } /* Produce the key material */ keymat = silc_ske_process_key_material_data(key, key_len, 16, 256, 16, conn->internal->sha1hash); if (!keymat) return FALSE; /* Save the key */ entry = silc_calloc(1, sizeof(*entry)); if (!entry) { silc_ske_free_key_material(keymat); return FALSE; } entry->name = name ? strdup(name) : NULL; /* Allocate the cipher and set the key */ if (!silc_cipher_alloc(cipher, &entry->send_key)) { silc_free(entry); silc_free(entry->name); silc_ske_free_key_material(keymat); return FALSE; } if (!silc_cipher_alloc(cipher, &entry->receive_key)) { silc_free(entry); silc_free(entry->name); silc_cipher_free(entry->send_key); silc_ske_free_key_material(keymat); return FALSE; } silc_cipher_set_key(entry->send_key, keymat->send_enc_key, keymat->enc_key_len, TRUE); silc_cipher_set_key(entry->receive_key, keymat->send_enc_key, keymat->enc_key_len, FALSE); /* Generate HMAC key from the channel key data and set it */ if (!silc_hmac_alloc(hmac, NULL, &entry->hmac)) { silc_free(entry); silc_free(entry->name); silc_cipher_free(entry->send_key); silc_cipher_free(entry->receive_key); silc_ske_free_key_material(keymat); return FALSE; } silc_hash_make(silc_hmac_get_hash(entry->hmac), keymat->send_enc_key, keymat->enc_key_len / 8, hash); silc_hmac_set_key(entry->hmac, hash, silc_hash_len(silc_hmac_get_hash(entry->hmac))); memset(hash, 0, sizeof(hash)); /* Add to the private keys list */ silc_dlist_add(channel->internal.private_keys, entry); if (!channel->internal.curr_key) { channel->internal.curr_key = entry; channel->cipher = silc_cipher_get_name(entry->send_key); channel->hmac = silc_cipher_get_name(entry->send_key); } /* Free the key material */ silc_ske_free_key_material(keymat); if (ret_key) *ret_key = entry; return TRUE; }
SilcBool silc_client_save_channel_key(SilcClient client, SilcClientConnection conn, SilcBuffer key_payload, SilcChannelEntry channel) { unsigned char *id_string, *key, *cipher, *hmac, hash[SILC_HASH_MAXLEN]; SilcUInt32 tmp_len; SilcChannelID id; SilcChannelKeyPayload payload; SILC_LOG_DEBUG(("New channel key")); payload = silc_channel_key_payload_parse(silc_buffer_data(key_payload), silc_buffer_len(key_payload)); if (!payload) return FALSE; id_string = silc_channel_key_get_id(payload, &tmp_len); if (!id_string) { silc_channel_key_payload_free(payload); return FALSE; } if (!silc_id_str2id(id_string, tmp_len, SILC_ID_CHANNEL, &id, sizeof(id))) { silc_channel_key_payload_free(payload); return FALSE; } /* Find channel. */ if (!channel) { channel = silc_client_get_channel_by_id(client, conn, &id); if (!channel) { SILC_LOG_DEBUG(("Key for unknown channel")); silc_channel_key_payload_free(payload); return FALSE; } } else { silc_client_ref_channel(client, conn, channel); } /* Save the old key for a short period of time so that we can decrypt channel message even after the rekey if some client would be sending messages with the old key after the rekey. */ if (!channel->internal.old_channel_keys) channel->internal.old_channel_keys = silc_dlist_init(); if (!channel->internal.old_hmacs) channel->internal.old_hmacs = silc_dlist_init(); if (channel->internal.old_channel_keys && channel->internal.old_hmacs) { silc_dlist_add(channel->internal.old_channel_keys, channel->internal.receive_key); silc_dlist_add(channel->internal.old_hmacs, channel->internal.hmac); silc_schedule_task_add_timeout(client->schedule, silc_client_save_channel_key_rekey, channel, 15, 0); } /* Get channel cipher */ cipher = silc_channel_key_get_cipher(payload, NULL); if (!silc_cipher_alloc(cipher, &channel->internal.send_key)) { client->internal->ops->say( conn->client, conn, SILC_CLIENT_MESSAGE_AUDIT, "Cannot talk to channel: unsupported cipher %s", cipher); silc_client_unref_channel(client, conn, channel); silc_channel_key_payload_free(payload); return FALSE; } if (!silc_cipher_alloc(cipher, &channel->internal.receive_key)) { client->internal->ops->say( conn->client, conn, SILC_CLIENT_MESSAGE_AUDIT, "Cannot talk to channel: unsupported cipher %s", cipher); silc_client_unref_channel(client, conn, channel); silc_channel_key_payload_free(payload); return FALSE; } /* Set the cipher key. Both sending and receiving keys are same */ key = silc_channel_key_get_key(payload, &tmp_len); silc_cipher_set_key(channel->internal.send_key, key, tmp_len * 8, TRUE); silc_cipher_set_key(channel->internal.receive_key, key, tmp_len * 8, FALSE); /* Get channel HMAC */ hmac = (channel->internal.hmac ? (char *)silc_hmac_get_name(channel->internal.hmac) : SILC_DEFAULT_HMAC); if (!silc_hmac_alloc(hmac, NULL, &channel->internal.hmac)) { client->internal->ops->say( conn->client, conn, SILC_CLIENT_MESSAGE_AUDIT, "Cannot talk to channel: unsupported HMAC %s", hmac); silc_client_unref_channel(client, conn, channel); silc_channel_key_payload_free(payload); return FALSE; } channel->cipher = silc_cipher_get_name(channel->internal.send_key); channel->hmac = silc_hmac_get_name(channel->internal.hmac); /* Set HMAC key */ silc_hash_make(silc_hmac_get_hash(channel->internal.hmac), key, tmp_len, hash); silc_hmac_set_key(channel->internal.hmac, hash, silc_hash_len(silc_hmac_get_hash(channel->internal.hmac))); memset(hash, 0, sizeof(hash)); silc_channel_key_payload_free(payload); silc_client_unref_channel(client, conn, channel); return TRUE; }