kris
/
MatasanoCrypto
1
0
Rozštěpit 0
Zdrojový kód Úkoly 0 Požadavky na natažení 0 Vydání 0 Wiki Aktivita
Procházet zdrojové kódy

CBC OpenSSL test. End of refac

master
Krzysztof Kwiatkowski před 9 roky
rodič
85890fe8ec
revize
500c4dbc24
5 změnil soubory, kde provedl 153 přidání a 168 odebrání
Rozdělené zobrazení
Diff Options
Zobrazit statistiky Stáhněte soubor opravy Stáhněte rozdílový soubor
  1. +106
    -93
      sol/set2.c
  2. +2
    -2
      sol/set2.h
  3. +9
    -0
      src/common.h
  4. +29
    -68
      src/enc_modes.c
  5. +7
    -5
      src/enc_modes.h

+ 106
- 93
sol/set2.c Zobrazit soubor

@@ -8,37 +8,11 @@
#include <openssl/rand.h>
#include <assert.h>

struct SyncOperations
{
int (*init)( EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv);
int (*update)(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int (*final)(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
};

struct SyncOperations EncryptOps = {
.init = EVP_EncryptInit,
.update = EVP_EncryptUpdate,
.final = EVP_EncryptFinal
};

struct SyncOperations DecryptOps = {
.init = EVP_DecryptInit,
.update = EVP_DecryptUpdate,
.final = EVP_DecryptFinal
};


struct OpenSSL
{
static uint8_t Cbc(CryptoAttribs_t* i_attribs,
const Key_t* i_key)
static Result_t Cbc(CryptoAttribs_t* i_attribs,
const Key_t* const i_key)
{
struct SyncOperations sop = EncryptOps;
if(i_attribs->operation == kDecrypt)
sop = DecryptOps;

if(NULL==i_attribs->output)
{
i_attribs->output = (uint8_t*) malloc(i_attribs->input_len);
@@ -47,16 +21,24 @@ struct OpenSSL
int ret=0;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
sop.init(&ctx, EVP_aes_128_cbc(), i_key->key, i_attribs->iv);
OP_CHECK(
EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, i_key->key, i_attribs->iv,
i_attribs->operation==kEncrypt ? 1 : 0));
EVP_CIPHER_CTX_set_padding(&ctx, 0);
EVP_CIPHER_CTX_set_key_length(&ctx, i_key->len);

sop.update(&ctx, i_attribs->output, &ret, i_attribs->input,
i_attribs->input_len);
OP_CHECK(
EVP_CipherUpdate(&ctx, &i_attribs->output[ret], &ret, i_attribs->input,
i_attribs->input_len));
i_attribs->output_len = ret;
sop.final (&ctx, (i_attribs->output)+ret, &ret);
OP_CHECK(
EVP_CipherFinal_ex(&ctx, &i_attribs->output[ret], &ret));
i_attribs->output_len += ret;
return 1;
EVP_CIPHER_CTX_cleanup(&ctx);
return Result_OK;

end:
return Result_Error;
}
};

@@ -113,6 +95,37 @@ TCASE(pkcs7_test)
}
TCASE_E

TCASE(cbc_decrypt_test)
{
static const uint8_t expected_result[34] = "I'm back and I'm ringin' the bell";
CryptoAttribs_t attribs;
Key_t key;
Result_t res = Result_Error;

Key_t::Init(&key);
key.len = 16;
key.key = (uint8_t*) malloc(key.len);
memcpy(key.key,"YELLOW SUBMARINE",key.len);

CryptoAttribs_t::Init(&attribs);
attribs.iv = (uint8_t*) malloc(key.len);
attribs.iv_len = key.len;
memset(attribs.iv, 0, attribs.iv_len);

res = load_base64_to_hex(
"sol/etc/set2_t2.txt",
&(attribs.input),
&(attribs.input_len));
CHECK(res == Result_OK, (const uint8_t*) "Problem when loading input file");
cbc_decrypt(&attribs, &key);
CHECK( memcmp(expected_result, attribs.output, 33) == 0, (const uint8_t*)
"Wrong plaintext decrypted");
// cleanup
CryptoAttribs_t::Free(&attribs);
Key_t::Free(&key);
}
TCASE_E

TCASE(cbc_enc_dec_test)
{
static const uint8_t test_text[49] = "The quick brown fox jumps over the lazy mad dog.";
@@ -159,38 +172,6 @@ end:
}
TCASE_E

TCASE(cbc_decrypt_test)
{
static const uint8_t expected_result[34] = "I'm back and I'm ringin' the bell";
CryptoAttribs_t attribs;
Key_t key;
Result_t res = Result_Error;

Key_t::Init(&key);
key.len = 16;
key.key = (uint8_t*) malloc(key.len);
memcpy(key.key,"YELLOW SUBMARINE",key.len);

CryptoAttribs_t::Init(&attribs);
attribs.iv = (uint8_t*) malloc(key.len);
attribs.iv_len = key.len;
memset(attribs.iv, 0, attribs.iv_len);

res = load_base64_to_hex(
"sol/etc/set2_t2.txt",
&(attribs.input),
&(attribs.input_len));
CHECK(res == Result_OK, (const uint8_t*) "Problem when loading input file");
cbc_decrypt(&attribs, &key);
CHECK( memcmp(expected_result, attribs.output, 33) == 0, (const uint8_t*)
"Wrong plaintext decrypted");
// cleanup
CryptoAttribs_t::Free(&attribs);
Key_t::Free(&key);
}
TCASE_E

/*
TCASE(encode_decode_openssl)
{
uint8_t concatenated_blocks[16*3];
@@ -206,34 +187,66 @@ TCASE(encode_decode_openssl)
memset(&concatenated_blocks[32], 9, 16);

RAND_bytes(iv1, 16);
Key_t keyObj;
keyObj.key = &key[0];
keyObj.len = 16;

CHECK( 1 == OpenSSL::Cbc(concatenated_blocks, 48,
iv1, 16,
key, 16,
kEncrypt,
&ciphertext, &ciphertext_len),
(uint8_t*)"OpenSSL encryption failed");

// test decryption
CHECK(ciphertext_len==48, (uint8_t*)"Ciphertext has wrong size");
res = decrypt_cbc(iv1, 16, ciphertext, ciphertext_len, key, 16, &out, &out_len );
CHECK( Result_OK == res );
CHECK( memcmp(concatenated_blocks, out, 48) == 0, (uint8_t*)"Input/Output differs");

// test encryption
ciphertext_len = 0;
out_len = 0;
res = encrypt_cbc(iv1, 16, concatenated_blocks, 48, key, 16, &ciphertext, &ciphertext_len );
CHECK( Result_OK == res );
CHECK(ciphertext_len==48, (uint8_t*)"Ciphertext has wrong size");
CHECK( 1 == OpenSSL::Cbc(ciphertext, 48,
iv1, 16,
key, 16,
kDecrypt,
&out, &out_len),
(uint8_t*)"OpenSSL encryption failed");
CHECK(ciphertext_len==48, (uint8_t*)"Ciphertext has wrong size");
CHECK( memcmp(concatenated_blocks, out, 48) == 0, (uint8_t*)"Input/Output differs");
// 1. decryption test
{
CryptoAttribs_t attribs_openssl_enc;
CryptoAttribs_t::Init(&attribs_openssl_enc);
attribs_openssl_enc.input = concatenated_blocks;
attribs_openssl_enc.input_len = sizeof(concatenated_blocks);
attribs_openssl_enc.output = (uint8_t*)malloc(attribs_openssl_enc.input_len);
attribs_openssl_enc.output_len;
attribs_openssl_enc.iv = &iv1[0];
attribs_openssl_enc.iv_len = sizeof(iv1);
attribs_openssl_enc.operation = kEncrypt;
CHECK(OpenSSL::Cbc(&attribs_openssl_enc, &keyObj)==Result_OK);
CHECK(attribs_openssl_enc.output_len==48, (uint8_t*)"Ciphertext has wrong size");

CryptoAttribs_t cbc_attribs;
CryptoAttribs_t::Init(&cbc_attribs);
cbc_attribs.input = attribs_openssl_enc.output;
cbc_attribs.input_len = attribs_openssl_enc.output_len;
cbc_attribs.iv = &iv1[0];
cbc_attribs.iv_len = sizeof(iv1);
CHECK( Result_OK == cbc_decrypt(&cbc_attribs, &keyObj) );
CHECK(
memcmp( concatenated_blocks,
cbc_attribs.output,
cbc_attribs.output_len) == 0,
(uint8_t*)"Input/Output differs");
::free(attribs_openssl_enc.output);
::free(cbc_attribs.output);
}
// 2. encryption test
{
CryptoAttribs_t attribs_enc;
CryptoAttribs_t::Init(&attribs_enc);
attribs_enc.input = concatenated_blocks;
attribs_enc.input_len = sizeof(concatenated_blocks);
attribs_enc.iv = &iv1[0];
attribs_enc.iv_len = sizeof(iv1);
attribs_enc.operation = kEncrypt;
CHECK( Result_OK == cbc_encrypt(&attribs_enc, &keyObj) );

CryptoAttribs_t attribs_openssl_dec;
CryptoAttribs_t::Init(&attribs_openssl_dec);
attribs_openssl_dec.input = attribs_enc.output;
attribs_openssl_dec.input_len = attribs_enc.output_len;
attribs_openssl_dec.iv = &iv1[0];
attribs_openssl_dec.iv_len = sizeof(iv1);
attribs_openssl_dec.operation = kDecrypt;
CHECK(OpenSSL::Cbc(&attribs_openssl_dec, &keyObj)==Result_OK);
CHECK(attribs_openssl_dec.output_len==48, (uint8_t*)"Ciphertext has wrong size");
CHECK(
memcmp( concatenated_blocks,
attribs_openssl_dec.output,
attribs_openssl_dec.output_len) == 0,
(uint8_t*)"Input/Output differs");
::free(attribs_enc.output);
::free(attribs_openssl_dec.output);
}
}
TCASE_E
*/

+ 2
- 2
sol/set2.h Zobrazit soubor

@@ -5,7 +5,7 @@ void pkcs7_test();
void cbc_decrypt_test();
void cbc_enc_dec_test();
void ecb_encrypt_decrypt_single_block();
//void encode_decode_openssl();
void encode_decode_openssl();

struct SET2
{
@@ -13,9 +13,9 @@ struct SET2
{
ecb_encrypt_decrypt_single_block();
pkcs7_test();
encode_decode_openssl();
cbc_decrypt_test();
cbc_enc_dec_test();
// encode_decode_openssl();
}
};



+ 9
- 0
src/common.h Zobrazit soubor

@@ -22,6 +22,15 @@ void __CheckFunc__(bool iFlag, const char* const file, int line, const uint8_t*
#define MIN(a,b) a<b ? a : b
#define ROUNDUP_16_BYTES(X) (((X+15)/16) * 16)

#define OP_CHECK(exp) \
do { \
if(!exp) { \
printf("Error with expression %s %d\n", #exp, exp); \
goto end; \
} \
} \
while(false)

typedef enum
{
Result_OK = 0,


+ 29
- 68
src/enc_modes.c Zobrazit soubor

@@ -8,19 +8,14 @@
#include "base64.h" // to del
#include <openssl/err.h>

#define OP_CHECK(exp) \
do { \
if(!exp) { \
printf("Error with expression %s %d\n", #exp, exp); \
goto end; \
} \
} \
while(false)

Result_t ecb_decrypt(
CryptoAttribs_t* attribs,
const Key_t* const key)
static Result_t crypt( CryptoAttribs_t* attribs,
const Key_t* const key,
CryptoOperation operation )
{
assert(key != NULL);
assert(attribs != NULL);
assert(key->len == 16);

// if output is NULL then allocate same size as input rounded to block size
if(attribs->output == NULL)
{
@@ -31,64 +26,25 @@ Result_t ecb_decrypt(
uint8_t* out = attribs->output;

int ret = 0;
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_init(ctx);
OP_CHECK( EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key->key, NULL) );
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
OP_CHECK( EVP_CIPHER_CTX_iv_length(ctx) == 0);
EVP_CIPHER_CTX_set_padding(ctx, 0);
//OP_CHECK( EVP_CIPHER_CTX_set_key_length(ctx, key->len) );
OP_CHECK( EVP_DecryptUpdate(ctx, &out[ret], &ret, attribs->input, attribs->input_len) );
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
OP_CHECK(
EVP_CipherInit_ex( &ctx, EVP_aes_128_ecb(), NULL, key->key, NULL,
(operation == kEncrypt ? 1 : 0)) );
OP_CHECK( EVP_CIPHER_CTX_iv_length(&ctx) == 0);
EVP_CIPHER_CTX_set_padding(&ctx, 0);
OP_CHECK( EVP_CipherUpdate(&ctx, &out[ret], &ret, attribs->input, attribs->input_len) );
attribs->output_len = ret;
OP_CHECK( EVP_DecryptFinal_ex(ctx, &out[ret], &ret) );
OP_CHECK( EVP_CipherFinal_ex(&ctx, &out[ret], &ret) );
attribs->output_len += ret;
EVP_CIPHER_CTX_free(ctx);
// EVP_cleanup();

EVP_CIPHER_CTX_cleanup(&ctx);
return Result_OK;

end:
return Result_Error;
}

Result_t ecb_encrypt(
CryptoAttribs_t* attribs,
const Key_t* const key)

{
assert(attribs->input_len == key->len);
assert(key->len == 16);
// if output is NULL then allocate same size as input rounded to block size
if(attribs->output == NULL)
{
attribs->output = (uint8_t*) malloc(
ROUNDUP_16_BYTES(attribs->input_len) );
}

uint8_t* out = attribs->output;
int ret = 0;

EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_init(ctx);
OP_CHECK( EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key->key, NULL) );
EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);

OP_CHECK( EVP_CIPHER_CTX_iv_length(ctx) == 0);
EVP_CIPHER_CTX_set_padding(ctx, 0);
//OP_CHECK( EVP_CIPHER_CTX_set_key_length(ctx, key->len) );
OP_CHECK( EVP_EncryptUpdate(ctx, &out[ret], &ret, attribs->input, attribs->input_len) );
attribs->output_len = ret;
OP_CHECK( EVP_EncryptFinal_ex(ctx, &out[ret], &ret) );
attribs->output_len += ret;
EVP_CIPHER_CTX_free(ctx);
// EVP_cleanup();
return Result_OK;
end:
return Result_Error;
}


Result_t cbc_decrypt(
CryptoAttribs_t* attribs,
const Key_t* const key)
@@ -110,7 +66,6 @@ Result_t cbc_decrypt(
// same as input + 16 bytes iv
const size_t len = (ROUNDUP_16_BYTES(attribs->input_len)+16);
attribs->output = (uint8_t*) malloc(len);
//attribs->output_len = len;
assert( attribs->output != NULL );
assert( len != 0 );
}
@@ -128,7 +83,7 @@ Result_t cbc_decrypt(
ecb_attribs.input_len = key->len;

// 1. Decrypt
if( ecb_decrypt(&ecb_attribs, key) != Result_OK )
if( crypt(&ecb_attribs, key, kDecrypt) != Result_OK )
return Result_Error;

// 2. Xor IV
@@ -150,6 +105,7 @@ Result_t cbc_encrypt(
CryptoAttribs_t* attribs,
const Key_t* const key)
{

if((attribs->input_len % key->len) != 0 )
return Result_Error;

@@ -169,15 +125,14 @@ Result_t cbc_encrypt(
(ROUNDUP_16_BYTES(attribs->input_len)+16) );
assert( attribs->output != NULL );
}

uint8_t* iv = attribs->iv;
// Initialize attribs for ECB block encryption
CryptoAttribs_t ecb_attribs;
CryptoAttribs_t::Init(&ecb_attribs);
ecb_attribs.input = (uint8_t*)malloc(bs);
ecb_attribs.input_len = bs;
ecb_attribs.input_len = 0;
ecb_attribs.output = (uint8_t*)malloc(bs);
ecb_attribs.output_len = bs;
ecb_attribs.output_len = 0;
for(int i=0; i<bc; ++i)
{
uint8_t* buffptr = (attribs->input)+(bs*i);
@@ -190,7 +145,7 @@ Result_t cbc_encrypt(
ecb_attribs.input_len = bs;

// 2. Encrypt
if( ecb_encrypt(&ecb_attribs, key) != Result_OK )
if( crypt(&ecb_attribs, key, kEncrypt) != Result_OK )
return Result_Error;

// Encrypted block is my new IV
@@ -205,3 +160,9 @@ Result_t cbc_encrypt(
CryptoAttribs_t::Free(&ecb_attribs);
return Result_OK;
}

Result_t ecb_encrypt( CryptoAttribs_t* attribs, const Key_t* const key )
{ return crypt(attribs, key, kEncrypt); }

Result_t ecb_decrypt( CryptoAttribs_t* attribs, const Key_t* const key )
{ return crypt(attribs, key, kDecrypt); }

+ 7
- 5
src/enc_modes.h Zobrazit soubor

@@ -1,12 +1,14 @@
#ifndef _ecb_H_
#define _ecb_H_
#ifndef __enc_modes__
#define __enc_modes__

#include "common.h"

Result_t ecb_encrypt( CryptoAttribs_t* attribs, const Key_t* const key );
Result_t ecb_decrypt( CryptoAttribs_t* attribs, const Key_t* const key );
Result_t crypt( CryptoAttribs_t* attribs, const Key_t* const key, CryptoOperation operation );

Result_t cbc_encrypt( CryptoAttribs_t* attribs, const Key_t* const key );
Result_t cbc_decrypt( CryptoAttribs_t* attribs, const Key_t* const key );

#endif /* _ecb_ */
Result_t ecb_encrypt( CryptoAttribs_t* attribs, const Key_t* const key );
Result_t ecb_decrypt( CryptoAttribs_t* attribs, const Key_t* const key );

#endif /* __enc_modes__ */

Zapsat Náhled
Načítá se…
Zrušit
Uložit