123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358 |
- /* vim: set expandtab ts=4 sw=4: */
- /*
- * You may redistribute this program and/or modify it under the terms of
- * the GNU General Public License as published by the Free Software Foundation,
- * either version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- */
- #include "crypto/test/TestCa.h"
- #include "crypto/CryptoAuth.h"
- #include "rust/cjdns_sys/Rffi.h"
- #include "util/Hex.h"
- struct TestCa_s {
- RTypes_CryptoAuth2_t* ca2;
- struct CryptoAuth* ca;
- bool noise;
- };
- typedef struct TestCa_Session_pvt_s {
- TestCa_Session_t pub;
- RTypes_CryptoAuth2_Session_t* s2;
- struct CryptoAuth_Session* s;
- struct Iface sPlain;
- struct Iface sCipher;
- struct Iface s2Plain;
- struct Iface s2Cipher;
- Identity
- } TestCa_Session_pvt_t;
- TestCa_t* TestCa_new(
- Allocator_t *allocator,
- const uint8_t *privateKey,
- EventBase_t* eventBase,
- struct Log* logger,
- struct Random* rand0,
- struct Random* rand1,
- enum TestCa_Config cfg)
- {
- TestCa_t* out = Allocator_calloc(allocator, sizeof(TestCa_t), 1);
- if (cfg == TestCa_Config_OLD || cfg == TestCa_Config_OLD_NEW) {
- out->ca = CryptoAuth_new(allocator, privateKey, eventBase, logger, rand0);
- }
- if (cfg == TestCa_Config_OLD_NEW || cfg == TestCa_Config_NOISE) {
- out->ca2 = Rffi_CryptoAuth2_new(allocator, privateKey, rand1);
- }
- if (cfg == TestCa_Config_NOISE) {
- out->noise = true;
- }
- return out;
- }
- int TestCa_addUser_ipv6(
- String_t *password,
- String_t *login,
- uint8_t *ipv6,
- TestCa_t *ca)
- {
- int ret = 0;
- if (ca->ca) {
- ret = CryptoAuth_addUser_ipv6(password, login, ipv6, ca->ca);
- }
- if (ca->ca2) {
- int ret2 = Rffi_CryptoAuth2_addUser_ipv6(password, login, ipv6, ca->ca2);
- if (ca->ca) {
- Assert_true(ret == ret2);
- }
- return ret2;
- }
- return ret;
- }
- int TestCa_removeUsers(TestCa_t* ca, String_t* user)
- {
- int i1 = 0;
- if (ca->ca) {
- i1 = CryptoAuth_removeUsers(ca->ca, user);
- }
- if (ca->ca2) {
- int i2 = Rffi_CryptoAuth2_removeUsers(ca->ca2, user);
- if (ca->ca) {
- Assert_true(i1 == i2);
- }
- return i2;
- }
- return i1;
- }
- RTypes_StrList_t* TestCa_getUsers(const TestCa_t *ca, Allocator_t *alloc)
- {
- RTypes_StrList_t* l1 = NULL;
- if (ca->ca) {
- l1 = CryptoAuth_getUsers(ca->ca, alloc);
- }
- if (ca->ca2) {
- RTypes_StrList_t* l2 = Rffi_CryptoAuth2_getUsers(ca->ca2, alloc);
- Assert_true(l1->len == l2->len);
- for (uintptr_t i = 0; i < l1->len; i++) {
- Assert_true(String_equals(l1->items[i], l2->items[i]));
- }
- return l2;
- }
- return l1;
- }
- #define PASS 1
- #define STOP 2
- #define VERIFY 3
- #include <stdio.h>
- static Iface_DEFUN messagePlaintext(Message_t *msg, struct Iface* iface)
- {
- TestCa_Session_pvt_t* sess = Identity_containerOf(iface, TestCa_Session_pvt_t, pub.plaintext);
- Message_t* m2 = NULL;
- if (sess->s2) {
- if (sess->s) {
- m2 = Message_clone(msg, Message_getAlloc(msg));
- } else {
- m2 = msg;
- msg = NULL;
- }
- }
- struct RTypes_Error_t* i1 = NULL;
- if (sess->s) {
- int flag = sess->s2 ? STOP : PASS;
- Err(Message_epushAd(msg, &flag, sizeof flag));
- printf("Send [%d]\n", flag);
- i1 = Iface_send(&sess->sPlain, msg);
- }
- if (sess->s2) {
- if (sess->s) {
- Err(Message_epushAd(m2, &msg, sizeof &msg));
- }
- int flag = sess->s ? VERIFY : PASS;
- Err(Message_epushAd(m2, &flag, sizeof flag));
- printf("Send2 [%d]\n", flag);
- struct RTypes_Error_t* i2 = Iface_send(&sess->s2Plain, m2);
- if (sess->s) {
- Assert_true((i2 == NULL) == (i1 == NULL));
- }
- printf("Send2 done\n");
- return i2;
- }
- return i1;
- }
- static Iface_DEFUN messageCiphertext(Message_t *msg, struct Iface* iface)
- {
- TestCa_Session_pvt_t* sess = Identity_containerOf(iface, TestCa_Session_pvt_t, pub.ciphertext);
- Message_t* m2 = NULL;
- if (sess->s2) {
- if (sess->s) {
- m2 = Message_clone(msg, Message_getAlloc(msg));
- } else {
- m2 = msg;
- msg = NULL;
- }
- }
- struct RTypes_Error_t* i1 = NULL;
- if (sess->s) {
- int flag = sess->s2 ? STOP : PASS;
- Err(Message_epushAd(msg, &flag, sizeof flag));
- i1 = Iface_send(&sess->sCipher, msg);
- }
- if (sess->s2) {
- int flag = PASS;
- if (sess->s) {
- uintptr_t mp = (uintptr_t)msg;
- Err(Message_epushAd(m2, &mp, sizeof &mp));
- flag = VERIFY;
- }
- Err(Message_epushAd(m2, &flag, sizeof flag));
- struct RTypes_Error_t* i2 = Iface_send(&sess->s2Cipher, m2);
- if (sess->s) {
- Assert_true((i2 == NULL) == (i1 == NULL));
- }
- return i2;
- }
- return i1;
- }
- static bool check(Message_t *msg, TestCa_Session_pvt_t* sess)
- {
- int flag = 0;
- Err(Message_epopAd(msg, &flag, sizeof flag));
- if (flag == PASS) {
- printf("Passing message\n");
- } else if (flag == STOP) {
- // do nothing, wait for the next message to come through....
- printf("Stopping message\n");
- return true;
- } else if (flag == VERIFY) {
- uintptr_t m2p = 0;
- Err(Message_epopAd(msg, &m2p, sizeof m2p));
- printf("Verifying message %lx\n", (unsigned long) m2p);
- Message_t* m2 = (Message_t*) m2p;
- if (Message_getLength(msg) != Message_getLength(m2)) {
- Assert_failure("Message_getLength(msg) != m2->length: %d != %d",
- Message_getLength(msg), Message_getLength(m2));
- }
- if (Bits_memcmp(Message_bytes(msg), Message_bytes(m2), Message_getLength(msg))) {
- const char* msgH = Hex_print(Message_bytes(msg), Message_getLength(msg), Message_getAlloc(msg));
- const char* m2H = Hex_print(Message_bytes(m2), Message_getLength(m2), Message_getAlloc(m2));
- Assert_failure("msg->bytes != m2->bytes:\n%s\n%s\n", msgH, m2H);
- }
- Assert_true(!Bits_memcmp(Message_bytes(msg), Message_bytes(m2), Message_getLength(msg)));
- } else {
- Assert_failure("unexpected flag [%d]", flag);
- }
- return false;
- }
- static Iface_DEFUN sPlainRecv(Message_t *msg, struct Iface* iface)
- {
- TestCa_Session_pvt_t* sess = Identity_containerOf(iface, TestCa_Session_pvt_t, sPlain);
- if (check(msg, sess)) { return NULL; }
- return Iface_next(&sess->pub.plaintext, msg);
- }
- static Iface_DEFUN s2PlainRecv(Message_t *msg, struct Iface* iface)
- {
- TestCa_Session_pvt_t* sess = Identity_containerOf(iface, TestCa_Session_pvt_t, s2Plain);
- if (check(msg, sess)) { return NULL; }
- return Iface_next(&sess->pub.plaintext, msg);
- }
- static Iface_DEFUN sCipherRecv(Message_t *msg, struct Iface* iface)
- {
- TestCa_Session_pvt_t* sess = Identity_containerOf(iface, TestCa_Session_pvt_t, sCipher);
- if (check(msg, sess)) { return NULL; }
- return Iface_next(&sess->pub.ciphertext, msg);
- }
- static Iface_DEFUN s2CipherRecv(Message_t *msg, struct Iface* iface)
- {
- TestCa_Session_pvt_t* sess = Identity_containerOf(iface, TestCa_Session_pvt_t, s2Cipher);
- if (check(msg, sess)) { return NULL; }
- return Iface_next(&sess->pub.ciphertext, msg);
- }
- TestCa_Session_t* TestCa_newSession(
- TestCa_t *ca,
- Allocator_t *alloc,
- const uint8_t *herPublicKey,
- bool requireAuth,
- char *name,
- bool useNoise)
- {
- TestCa_Session_pvt_t* out = Allocator_calloc(alloc, sizeof(TestCa_Session_pvt_t), 1);
- Identity_set(out);
- out->sCipher.send = sCipherRecv;
- out->sPlain.send = sPlainRecv;
- out->s2Cipher.send = s2CipherRecv;
- out->s2Plain.send = s2PlainRecv;
- if (ca->ca) {
- out->s = CryptoAuth_newSession(ca->ca, alloc, herPublicKey, requireAuth, name, false);
- Iface_plumb(&out->sCipher, &out->s->ciphertext);
- Iface_plumb(&out->sPlain, &out->s->plaintext);
- }
- if (ca->ca2) {
- out->s2 = Rffi_CryptoAuth2_newSession(
- ca->ca2, alloc, herPublicKey, requireAuth, name, ca->noise && useNoise);
- Iface_plumb(&out->s2Cipher, out->s2->ciphertext);
- Iface_plumb(&out->s2Plain, out->s2->plaintext);
- }
- out->pub.plaintext.send = messagePlaintext;
- out->pub.ciphertext.send = messageCiphertext;
- return &out->pub;
- }
- void TestCa_setAuth(const String_t* password, const String_t* login, TestCa_Session_t* session)
- {
- TestCa_Session_pvt_t* sess = Identity_check((TestCa_Session_pvt_t*) session);
- if (sess->s) {
- CryptoAuth_setAuth(password, login, sess->s);
- }
- if (sess->s2) {
- Rffi_CryptoAuth2_setAuth(password, login, sess->s2);
- }
- }
- void TestCa_resetIfTimeout(TestCa_Session_t* session)
- {
- TestCa_Session_pvt_t* sess = Identity_check((TestCa_Session_pvt_t*) session);
- if (sess->s) {
- CryptoAuth_resetIfTimeout(sess->s);
- }
- if (sess->s2) {
- Rffi_CryptoAuth2_resetIfTimeout(sess->s2);
- }
- }
- void TestCa_reset(TestCa_Session_t* session)
- {
- TestCa_Session_pvt_t* sess = Identity_check((TestCa_Session_pvt_t*) session);
- if (sess->s) {
- CryptoAuth_reset(sess->s);
- }
- if (sess->s2) {
- Rffi_CryptoAuth2_reset(sess->s2);
- }
- }
- RTypes_CryptoAuth_State_t TestCa_getState(TestCa_Session_t* session)
- {
- TestCa_Session_pvt_t* sess = Identity_check((TestCa_Session_pvt_t*) session);
- RTypes_CryptoAuth_State_t st = 0;
- if (sess->s) {
- st = CryptoAuth_getState(sess->s);
- }
- if (sess->s2) {
- RTypes_CryptoAuth_State_t st2 = Rffi_CryptoAuth2_getState(sess->s2);
- if (sess->s) {
- Assert_true(st2 == st);
- }
- return st2;
- }
- return st;
- }
- void TestCa_getHerPubKey(TestCa_Session_t* session, uint8_t* buf)
- {
- TestCa_Session_pvt_t* sess = Identity_check((TestCa_Session_pvt_t*) session);
- uint8_t hpk1[32];
- if (sess->s) {
- CryptoAuth_getHerPubKey(sess->s, hpk1);
- }
- if (sess->s2) {
- Rffi_CryptoAuth2_getHerPubKey(sess->s2, buf);
- if (sess->s) {
- Assert_true(!Bits_memcmp(hpk1, buf, 32));
- }
- return;
- }
- Bits_memcpy(buf, hpk1, 32);
- }
- void TestCa_getPubKey(TestCa_t *ca, uint8_t* buf)
- {
- uint8_t pk1[32];
- if (ca->ca) {
- CryptoAuth_getPubKey(ca->ca, pk1);
- }
- if (ca->ca2) {
- Rffi_CryptoAuth2_getPubKey(ca->ca2, buf);
- if (ca->ca) {
- Assert_true(!Bits_memcmp(pk1, buf, 32));
- }
- return;
- }
- Bits_memcpy(buf, pk1, 32);
- }
|