static void cryptoAuth(struct Context* ctx) { Log_info(ctx->log, "Setting up salsa20/poly1305 benchmark (encryption and decryption only)"); struct Allocator* alloc = Allocator_child(ctx->alloc); struct CryptoAuth* ca1 = CryptoAuth_new(alloc, NULL, ctx->base, ctx->log, ctx->rand); struct CryptoAuth* ca2 = CryptoAuth_new(alloc, NULL, ctx->base, ctx->log, ctx->rand); struct CryptoAuth_Session* sess1 = CryptoAuth_newSession(ca1, alloc, ca2->publicKey, NULL, false, "bench"); struct CryptoAuth_Session* sess2 = CryptoAuth_newSession(ca2, alloc, ca1->publicKey, NULL, false, "bench"); int size = 1500; int count = 100000; struct Message* msg = Message_new(size, 256, alloc); Random_bytes(ctx->rand, msg->bytes, msg->length); // setup session for (int i = 0; i < 2; i++) { Assert_true(!CryptoAuth_encrypt(sess1, msg)); Assert_true(!CryptoAuth_decrypt(sess2, msg)); Assert_true(!CryptoAuth_encrypt(sess2, msg)); Assert_true(!CryptoAuth_decrypt(sess1, msg)); } begin(ctx, "salsa20/poly1305", (count * size * 8) / 1024, "kilobits"); for (int i = 0; i < count; i++) { Assert_true(!CryptoAuth_encrypt(sess1, msg)); Assert_true(!CryptoAuth_decrypt(sess2, msg)); } done(ctx); Allocator_free(alloc); }
static void repeatHello() { uint8_t* expectedOutput = "0000000101641c99f7719f5700000000a693a9fd3f0e27e81ab1100b57b37259" "4c2adca8671f1fdd050383c91e7d56ec2336c09739fa8e91d8dc5bec63e8fad0" "74bee22a90642a6ba8555be84c5e35970c5270e8f31f2a5978e0fbdee4542882" "97568f25a3fc2801aa707d954c78eccb970bcc8cb26867e9dbf0c9d6ef1b3f27" "24e7e550"; struct Allocator* alloc = MallocAllocator_new(1<<20); struct Context* ctx = setUp(NULL, HERPUBKEY, "password", alloc); struct Message* msg = Message_new(0, CryptoHeader_SIZE + HELLOWORLDLEN, alloc); Message_push(msg, HELLOWORLD, HELLOWORLDLEN, NULL); Assert_true(!CryptoAuth_encrypt(ctx->sess, msg)); Message_reset(msg); Message_push(msg, HELLOWORLD, HELLOWORLDLEN, NULL); Assert_true(!CryptoAuth_encrypt(ctx->sess, msg)); char* actual = Hex_print(msg->bytes, msg->length, alloc); if (CString_strcmp(actual, expectedOutput)) { Assert_failure("Test failed.\n" "Expected %s\n" " Got %s\n", expectedOutput, actual); } Allocator_free(alloc); }
// This is directly called from SwitchCore, message is not encrypted. static Iface_DEFUN sendFromSwitch(struct Message* msg, struct Iface* switchIf) { struct Peer* ep = Identity_check((struct Peer*) switchIf); ep->bytesOut += msg->length; int msgs = PeerLink_send(msg, ep->peerLink); for (int i = 0; i < msgs; i++) { msg = PeerLink_poll(ep->peerLink); Assert_true(!CryptoAuth_encrypt(ep->caSession, msg)); Assert_true(!(((uintptr_t)msg->bytes) % 4) && "alignment fault"); // push the lladdr... Message_push(msg, ep->lladdr, ep->lladdr->addrLen, NULL); // very noisy if (Defined(Log_DEBUG) && false) { char* printedAddr = Hex_print(&ep->lladdr[1], ep->lladdr->addrLen - Sockaddr_OVERHEAD, msg->alloc); Log_debug(ep->ici->ic->logger, "Outgoing message to [%s]", printedAddr); } Iface_send(&ep->ici->pub.addrIf, msg); } return NULL; }
static void encryptRndNonceTest() { uint8_t buff[44]; Bits_memset(buff, 0, 44); uint8_t nonce[24]; Bits_memset(nonce, 0, 24); uint8_t secret[32]; Bits_memset(secret, 0, 32); struct Message m = { .bytes=&buff[32], .length=HELLOWORLDLEN, .padding=32}; CString_strcpy((char*) m.bytes, HELLOWORLDLOWER); CryptoAuth_encryptRndNonce(nonce, &m, secret); uint8_t* expected = (uint8_t*) "1391ac5d03ba9f7099bffbb6e6c69d67ae5bd79391a5b94399b293dc"; uint8_t output[57]; Hex_encode(output, 57, m.bytes, m.length); printf("\n%s\n%s\n", (char*) expected, (char*) output); Assert_true(!Bits_memcmp(expected, output, 56)); Assert_true(!CryptoAuth_decryptRndNonce(nonce, &m, secret)); Assert_true(m.length == HELLOWORLDLEN && !Bits_memcmp(m.bytes, HELLOWORLDLOWER, m.length)); } static struct Random* evilRandom(struct Allocator* alloc, struct Log* logger) { struct RandomSeed* evilSeed = DeterminentRandomSeed_new(alloc, NULL); return Random_newWithSeed(alloc, logger, evilSeed, NULL); } struct Context { struct Allocator* alloc; struct CryptoAuth* ca; struct CryptoAuth_Session* sess; struct Log* log; struct EventBase* base; }; static struct Context* setUp(uint8_t* myPrivateKey, uint8_t* herPublicKey, uint8_t* authPassword, struct Allocator* alloc) { struct Context* ctx = Allocator_calloc(alloc, sizeof(struct Context), 1); struct Log* log = ctx->log = FileWriterLog_new(stdout, alloc); struct EventBase* base = ctx->base = EventBase_new(alloc); struct CryptoAuth* ca = ctx->ca = CryptoAuth_new(alloc, myPrivateKey, base, log, evilRandom(alloc, log)); struct CryptoAuth_Session* sess = ctx->sess = CryptoAuth_newSession(ca, alloc, herPublicKey, NULL, false, Gcc_FILE); if (authPassword) { CryptoAuth_setAuth(String_CONST(authPassword), NULL, sess); } return ctx; } static void testHello(uint8_t* password, uint8_t* expectedOutput) { Assert_true(CString_strlen((char*)expectedOutput) == 264); struct Allocator* alloc = MallocAllocator_new(1<<20); struct Context* ctx = setUp(NULL, HERPUBKEY, password, alloc); struct Message* msg = Message_new(0, CryptoHeader_SIZE + 12, alloc); Message_push(msg, HELLOWORLD, HELLOWORLDLEN, NULL); Assert_true(!CryptoAuth_encrypt(ctx->sess, msg)); char* actual = Hex_print(msg->bytes, msg->length, alloc); if (CString_strcmp(actual, expectedOutput)) { Assert_failure("Test failed.\n" "Expected %s\n" " Got %s\n", expectedOutput, actual); } Allocator_free(alloc); }