void
hcrypto_validate(void)
{
static int validated = 0;
unsigned int i;
/* its ok to run this twice, do don't check for races */
if (validated)
return;
validated++;
for (i = 0; i < sizeof(hc_tests) / sizeof(hc_tests[0]); i++)
test_cipher(&hc_tests[i]);
check_hmac();
}
int
main (int argc, char **argv)
{
int debug = 0;
if (argc > 1 && !strcmp (argv[1], "--verbose"))
verbose = 1;
else if (argc > 1 && !strcmp (argv[1], "--debug"))
verbose = debug = 1;
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
check_hmac ();
return error_count ? 1 : 0;
}
int main(int argc, char** argv)
{
int ret;
int i;
(void)argc;
(void)argv;
#if defined(MICROCHIP_PIC32)
init_serial() ; /* initialize PIC32MZ serial I/O */
SYSTEMConfigPerformance(80000000);
DBINIT();
#endif
/* align key, iv pointers */
key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY);
if (key == NULL) {
printf("mcapi key alloc failed\n");
return -1;
}
iv = (byte*)XMALLOC(16, NULL, DYNAMIC_TYPE_KEY);
if (iv == NULL) {
printf("mcapi iv alloc failed\n");
return -1;
}
for (i = 0; i < OUR_DATA_SIZE; i++)
ourData[i] = (byte)i;
ret = check_md5();
if (ret != 0) {
printf("mcapi check_md5 failed\n");
return -1;
}
ret = check_sha();
if (ret != 0) {
printf("mcapi check_sha failed\n");
return -1;
}
ret = check_sha256();
if (ret != 0) {
printf("mcapi check_sha256 failed\n");
return -1;
}
ret = check_sha384();
if (ret != 0) {
printf("mcapi check_sha384 failed\n");
return -1;
}
ret = check_sha512();
if (ret != 0) {
printf("mcapi check_sha512 failed\n");
return -1;
}
ret = check_hmac();
if (ret != 0) {
printf("mcapi check_hmac failed\n");
return -1;
}
ret = check_compress();
if (ret != 0) {
printf("mcapi check_compress failed\n");
return -1;
}
ret = check_rng();
if (ret != 0) {
printf("mcapi check_rng failed\n");
return -1;
}
ret = check_des3();
if (ret != 0) {
printf("mcapi check_des3 failed\n");
return -1;
}
ret = check_aescbc();
if (ret != 0) {
printf("mcapi check_aes cbc failed\n");
return -1;
}
ret = check_aesctr();
if (ret != 0) {
printf("mcapi check_aes ctr failed\n");
return -1;
}
ret = check_aesdirect();
if (ret != 0) {
printf("mcapi check_aes direct failed\n");
return -1;
}
ret = check_rsa();
if (ret != 0) {
printf("mcapi check_rsa failed\n");
return -1;
}
ret = check_ecc();
if (ret != 0) {
printf("mcapi check_ecc failed\n");
return -1;
}
XFREE(iv, NULL, DYNAMIC_TYPE_KEY);
XFREE(key, NULL, DYNAMIC_TYPE_KEY);
return 0;
}
/*
* Decrypt onion, return true if onion->hop[0] is valid.
*
* Returns enckey and pad_iv for use in unwrap.
*/
static bool decrypt_onion(const struct seckey *myseckey, struct onion *onion,
struct enckey *enckey, struct iv *pad_iv)
{
secp256k1_context *ctx;
unsigned char secret[32];
struct hmackey hmackey;
struct iv iv;
secp256k1_pubkey pubkey;
ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
if (!pubkey_parse(ctx, &pubkey, &myhop(onion)->pubkey))
goto fail;
/* Extract shared secret. */
if (!secp256k1_ecdh(ctx, secret, &pubkey, myseckey->u.u8))
goto fail;
hmackey = hmackey_from_secret(secret);
*enckey = enckey_from_secret(secret);
ivs_from_secret(secret, &iv, pad_iv);
/* Check HMAC. */
#if 0
printf("Checking HMAC using key%02x%02x%02x%02x%02x%02x%02x%02x (offset %u len %zu) for %02x%02x%02x%02x%02x%02x%02x%02x...%02x%02x%02x\n",
hmackey.k[0], hmackey.k[1],
hmackey.k[2], hmackey.k[3],
hmackey.k[4], hmackey.k[5],
hmackey.k[6], hmackey.k[7],
SHA256_DIGEST_LENGTH,
sizeof(*onion) - SHA256_DIGEST_LENGTH,
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[0],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[1],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[2],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[3],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[4],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[5],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[6],
((unsigned char *)onion + SHA256_DIGEST_LENGTH)[7],
((unsigned char *)(onion + 1))[-3],
((unsigned char *)(onion + 1))[-2],
((unsigned char *)(onion + 1))[-1]);
dump_contents((unsigned char *)onion + SHA256_DIGEST_LENGTH,
sizeof(*onion) - SHA256_DIGEST_LENGTH);
#endif
if (!check_hmac(onion, &hmackey))
goto fail;
/* Decrypt everything up to pubkey. */
/* FIXME: Assumes we can decrypt in place! */
if (!aes_decrypt(onion, onion,
sizeof(struct hop) * (MAX_HOPS-1)
+ sizeof(myhop(onion)->msg),
enckey, &iv))
goto fail;
secp256k1_context_destroy(ctx);
return true;
fail:
secp256k1_context_destroy(ctx);
return false;
}