From 981261d90bfdba8ff17f3b87c8f4eaa279080fce Mon Sep 17 00:00:00 2001 From: oneiric Date: Tue, 26 Dec 2017 22:53:19 -0500 Subject: [PATCH] Fix commits and reopen PR Multiple commits from master (54d71d6d5) were rolled into this branch. This commit separates commits from master from changes specific to removing signatures. Remove signatures from RouterIdentity Removes signatures no longer needed for verifying RouterIdentity signatures. Keeps ed25519 and Elgamal+SHA512 for current (0.9.16+) I2P routers. --- src/core/crypto/impl/cryptopp/signature.cc | 580 --------------------- src/core/crypto/signature.h | 359 ------------- src/core/router/identity.cc | 261 ++-------- src/core/router/info.h | 2 +- src/util/benchmark.cc | 44 -- tests/unit_tests/CMakeLists.txt | 1 - tests/unit_tests/core/crypto/dsa.cc | 106 ---- 7 files changed, 41 insertions(+), 1312 deletions(-) delete mode 100644 tests/unit_tests/core/crypto/dsa.cc diff --git a/src/core/crypto/impl/cryptopp/signature.cc b/src/core/crypto/impl/cryptopp/signature.cc index 41a0f828..6d157fa0 100644 --- a/src/core/crypto/impl/cryptopp/signature.cc +++ b/src/core/crypto/impl/cryptopp/signature.cc @@ -55,423 +55,6 @@ namespace kovri { namespace core { -/** - * - * DSA - * - */ - -/// @class DSAVerifierImpl -/// @brief DSA verifier implementation -class DSAVerifier::DSAVerifierImpl { - public: - DSAVerifierImpl( - const std::uint8_t* signing_key) { - m_PublicKey.Initialize( - dsap, - dsaq, - dsag, - CryptoPP::Integer( - signing_key, - DSA_PUBLIC_KEY_LENGTH)); - } - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - CryptoPP::DSA::Verifier verifier(m_PublicKey); - return verifier.VerifyMessage(buf, len, signature, DSA_SIGNATURE_LENGTH); - } - - private: - CryptoPP::DSA::PublicKey m_PublicKey; -}; - -DSAVerifier::DSAVerifier( - const std::uint8_t* signing_key) - : m_DSAVerifierPimpl( - std::make_unique(signing_key)) {} - -DSAVerifier::~DSAVerifier() {} - -bool DSAVerifier::Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - return m_DSAVerifierPimpl->Verify(buf, len, signature); -} - -/// @class DSASignerImpl -/// @brief DSA signing implementation -class DSASigner::DSASignerImpl { - public: - DSASignerImpl( - const std::uint8_t* private_signing_key) { - m_PrivateKey.Initialize( - dsap, - dsaq, - dsag, - CryptoPP::Integer( - private_signing_key, - DSA_PRIVATE_KEY_LENGTH)); - } - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - CryptoPP::DSA::Signer signer(m_PrivateKey); - CryptoPP::AutoSeededRandomPool prng; - signer.SignMessage(prng, buf, len, signature); - } - - private: - CryptoPP::DSA::PrivateKey m_PrivateKey; -}; - -DSASigner::DSASigner( - const std::uint8_t* private_signing_key) - : m_DSASignerPimpl( - std::make_unique(private_signing_key)) {} - -DSASigner::~DSASigner() {} - -void DSASigner::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - m_DSASignerPimpl->Sign(buf, len, signature); -} - -// Create keys -void CreateDSARandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key) { - std::array key_buf; - CryptoPP::Integer dsax; - do { - kovri::core::RandBytes(key_buf.data(), DSA_PRIVATE_KEY_LENGTH); - dsax = CryptoPP::Integer(key_buf.data(), DSA_PRIVATE_KEY_LENGTH); - } while (dsax.IsZero() || dsax >= dsaq); - CryptoPP::DSA::PrivateKey private_key; - CryptoPP::DSA::PublicKey public_key; - private_key.Initialize(dsap, dsaq, dsag, dsax); - private_key.MakePublicKey(public_key); - private_key.GetPrivateExponent().Encode( - private_signing_key, - DSA_PRIVATE_KEY_LENGTH); - public_key.GetPublicElement().Encode( - public_signing_key, - DSA_PUBLIC_KEY_LENGTH); -} - -/** - * - * ECDSA - * - */ - - -/// @class ECDSAVerifier -/// @brief ECDSA verifier base class -template -class ECDSAVerifier { - public: - template - ECDSAVerifier( - Curve curve, - const std::uint8_t* signing_key) { - m_PublicKey.Initialize( - curve, - CryptoPP::ECP::Point( - CryptoPP::Integer( - signing_key, - KeyLen / 2), - CryptoPP::Integer( - signing_key + KeyLen / 2, - KeyLen / 2))); - } - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - typename CryptoPP::ECDSA::Verifier - verifier(m_PublicKey); - return verifier.VerifyMessage( - buf, - len, - signature, - KeyLen); // Signature length - } - - private: - typename CryptoPP::ECDSA::PublicKey m_PublicKey; -}; - -/// @class ECDSASigner -/// @brief ECDSA signer base class -template -class ECDSASigner : public Signer { - public: - template - ECDSASigner( - Curve curve, - const std::uint8_t* private_signing_key, - std::size_t key_length) { - m_PrivateKey.Initialize( - curve, - CryptoPP::Integer( - private_signing_key, - key_length / 2)); // Private key length - } - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - typename CryptoPP::ECDSA::Signer - signer(m_PrivateKey); - CryptoPP::AutoSeededRandomPool prng; - signer.SignMessage(prng, buf, len, signature); - } - - private: - typedef typename CryptoPP::ECDSA::PrivateKey - SignKey; - SignKey m_PrivateKey; -}; - -// Create keys -template -inline void CreateECDSARandomKeys( - Curve curve, - std::size_t key_length, - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key) { - typename CryptoPP::ECDSA::PrivateKey - private_key; - typename CryptoPP::ECDSA::PublicKey - public_key; - CryptoPP::AutoSeededRandomPool prng; - private_key.Initialize(prng, curve); - private_key.MakePublicKey(public_key); - private_key.GetPrivateExponent().Encode(private_signing_key, key_length / 2); - auto q = public_key.GetPublicElement(); - q.x.Encode(public_signing_key, key_length / 2); - q.y.Encode(public_signing_key + key_length / 2, key_length / 2); -} - -/** - * - * ECDSAP256 - * - */ - -/// @class ECDSAP256VerifierImpl -/// @brief ECDSAP256 verifier implementation -class ECDSAP256Verifier::ECDSAP256VerifierImpl - : public ECDSAVerifier { - public: - ECDSAP256VerifierImpl( - const std::uint8_t* signing_key) - : ECDSAVerifier( - CryptoPP::ASN1::secp256r1(), - signing_key) {} -}; - -ECDSAP256Verifier::ECDSAP256Verifier( - const std::uint8_t* signing_key) - : m_ECDSAP256VerifierPimpl( - std::make_unique(signing_key)) {} - -ECDSAP256Verifier::~ECDSAP256Verifier() {} - -bool ECDSAP256Verifier::Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - return m_ECDSAP256VerifierPimpl->Verify(buf, len, signature); -} - -/// @class ECDSAP256SignerImpl -/// @brief ECDSAP256 signing implementation -class ECDSAP256Signer::ECDSAP256SignerImpl - : public ECDSASigner { - public: - ECDSAP256SignerImpl( - const std::uint8_t* private_signing_key) - : ECDSASigner( - CryptoPP::ASN1::secp256r1(), - private_signing_key, - ECDSAP256_KEY_LENGTH) {} -}; - -ECDSAP256Signer::ECDSAP256Signer( - const std::uint8_t* private_signing_key) - : m_ECDSAP256SignerPimpl( - std::make_unique(private_signing_key)) {} - -ECDSAP256Signer::~ECDSAP256Signer() {} - -void ECDSAP256Signer::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - m_ECDSAP256SignerPimpl->Sign(buf, len, signature); -} - -// Create keys -void CreateECDSAP256RandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key) { - CreateECDSARandomKeys( - CryptoPP::ASN1::secp256r1(), - ECDSAP256_KEY_LENGTH, - private_signing_key, - public_signing_key); -} - -/** - * - * ECDSAP384 - * - */ - -/// @class ECDSAP384VerifierImpl -/// @brief ECDSAP384 verifier implementation -class ECDSAP384Verifier::ECDSAP384VerifierImpl - : public ECDSAVerifier { - public: - ECDSAP384VerifierImpl( - const std::uint8_t* signing_key) - : ECDSAVerifier( - CryptoPP::ASN1::secp384r1(), - signing_key) {} -}; - -ECDSAP384Verifier::ECDSAP384Verifier( - const std::uint8_t* signing_key) - : m_ECDSAP384VerifierPimpl( - std::make_unique(signing_key)) {} - -ECDSAP384Verifier::~ECDSAP384Verifier() {} - -bool ECDSAP384Verifier::Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - return m_ECDSAP384VerifierPimpl->Verify(buf, len, signature); -} - -/// @class ECDSAP384SignerImpl -/// @brief ECDSAP384 signing implementation -class ECDSAP384Signer::ECDSAP384SignerImpl - : public ECDSASigner { - public: - ECDSAP384SignerImpl( - const std::uint8_t* private_signing_key) - : ECDSASigner( - CryptoPP::ASN1::secp384r1(), - private_signing_key, - ECDSAP384_KEY_LENGTH) {} -}; - -ECDSAP384Signer::ECDSAP384Signer( - const std::uint8_t* private_signing_key) - : m_ECDSAP384SignerPimpl( - std::make_unique(private_signing_key)) {} - -ECDSAP384Signer::~ECDSAP384Signer() {} - -void ECDSAP384Signer::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t * signature) const { - m_ECDSAP384SignerPimpl->Sign(buf, len, signature); -} - -// Create keys -void CreateECDSAP384RandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key) { - CreateECDSARandomKeys( - CryptoPP::ASN1::secp384r1(), - ECDSAP384_KEY_LENGTH, - private_signing_key, - public_signing_key); -} - -/** - * - * ECDSAP521 - * - */ -/// @class ECDSAP521VerifierImpl -/// @brief ECDSAP521 verifier implementation -class ECDSAP521Verifier::ECDSAP521VerifierImpl - : public ECDSAVerifier { - public: - ECDSAP521VerifierImpl( - const std::uint8_t* signing_key) - : ECDSAVerifier( - CryptoPP::ASN1::secp521r1(), - signing_key) {} -}; - -ECDSAP521Verifier::ECDSAP521Verifier( - const std::uint8_t* signing_key) - : m_ECDSAP521VerifierPimpl( - std::make_unique(signing_key)) {} - -ECDSAP521Verifier::~ECDSAP521Verifier() {} - -bool ECDSAP521Verifier::Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - return m_ECDSAP521VerifierPimpl->Verify(buf, len, signature); -} - -/// @class ECDSAP521SignerImpl -/// @brief ECDSAP521 signing implementation -class ECDSAP521Signer::ECDSAP521SignerImpl - : public ECDSASigner { - public: - ECDSAP521SignerImpl( - const std::uint8_t* private_signing_key) - : ECDSASigner( - CryptoPP::ASN1::secp521r1(), - private_signing_key, - ECDSAP521_KEY_LENGTH) {} -}; - -ECDSAP521Signer::ECDSAP521Signer( - const std::uint8_t* private_signing_key) - : m_ECDSAP521SignerPimpl( - std::make_unique(private_signing_key)) {} - -ECDSAP521Signer::~ECDSAP521Signer() {} - -void ECDSAP521Signer::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - m_ECDSAP521SignerPimpl->Sign(buf, len, signature); -} - -// Create keys -void CreateECDSAP521RandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key) { - CreateECDSARandomKeys( - CryptoPP::ASN1::secp521r1(), - ECDSAP521_KEY_LENGTH, - private_signing_key, - public_signing_key); -} - /** * * RSA @@ -509,37 +92,6 @@ class RSAVerifier { CryptoPP::RSA::PublicKey m_PublicKey; }; -/// @class RSASigner -/// @brief RSA signing base class -template -class RSASigner { - public: - RSASigner( - const std::uint8_t* private_signing_key, - std::size_t key_length) { - m_PrivateKey.Initialize( - CryptoPP::Integer( - private_signing_key, - key_length / 2), - rsae, - CryptoPP::Integer( - private_signing_key + key_length / 2, - key_length / 2)); - } - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - CryptoPP::AutoSeededRandomPool prng; - typename CryptoPP::RSASS::Signer - signer(m_PrivateKey); - signer.SignMessage(prng, buf, len, signature); - } - - private: - CryptoPP::RSA::PrivateKey m_PrivateKey; -}; // Create keys void CreateRSARandomKeys( @@ -563,114 +115,6 @@ void CreateRSARandomKeys( public_key_length); } -/** - * - * RSASHA2562048 - * - */ - -/// @class RSASHA2562048VerifierImpl -/// @brief RSASHA2562048 verifier implementation -class RSASHA2562048Verifier::RSASHA2562048VerifierImpl - : public RSAVerifier { - public: - explicit RSASHA2562048VerifierImpl( - const std::uint8_t* public_key) - : RSAVerifier(public_key) {} -}; - -RSASHA2562048Verifier::RSASHA2562048Verifier( - const std::uint8_t* pubKey) - : m_RSASHA2562048VerifierPimpl( - std::make_unique(pubKey)) {} - -RSASHA2562048Verifier::~RSASHA2562048Verifier() {} - -bool RSASHA2562048Verifier::Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - return m_RSASHA2562048VerifierPimpl->Verify(buf, len, signature); -} - -/// @class RSASHA2562048SignerImpl -/// @brief RSASHA2562048 signing implementation -class RSASHA2562048Signer::RSASHA2562048SignerImpl - : public RSASigner { - public: - RSASHA2562048SignerImpl( - const std::uint8_t* privkey) - : RSASigner(privkey, RSASHA2562048_KEY_LENGTH * 2) {} -}; - -RSASHA2562048Signer::RSASHA2562048Signer( - const std::uint8_t* private_key) - : m_RSASHA2562048SignerPimpl( - std::make_unique(private_key)) {} - -RSASHA2562048Signer::~RSASHA2562048Signer() {} - -void RSASHA2562048Signer::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - m_RSASHA2562048SignerPimpl->Sign(buf, len, signature); -} - -/** - * - * RSASHA3843072 - * - */ - -/// @class RSASHA3843072VerifierImpl -/// @brief RSASHA3843072 verifier implementation -class RSASHA3843072Verifier::RSASHA3843072VerifierImpl - : public RSAVerifier { - public: - explicit RSASHA3843072VerifierImpl( - const std::uint8_t* public_key) - : RSAVerifier(public_key) {} -}; - -RSASHA3843072Verifier::RSASHA3843072Verifier( - const std::uint8_t* pubKey) - : m_RSASHA3843072VerifierPimpl( - std::make_unique(pubKey)) {} - -RSASHA3843072Verifier::~RSASHA3843072Verifier() {} - -bool RSASHA3843072Verifier::Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const { - return m_RSASHA3843072VerifierPimpl->Verify(buf, len, signature); -} - -/// @class RSASHA3843072SignerImpl -/// @brief RSASHA3843072 signing implementation -class RSASHA3843072Signer::RSASHA3843072SignerImpl - : public RSASigner { - public: - RSASHA3843072SignerImpl( - const std::uint8_t* privkey) - : RSASigner(privkey, RSASHA3843072_KEY_LENGTH * 2) {} -}; - -RSASHA3843072Signer::RSASHA3843072Signer( - const std::uint8_t* private_key) - : m_RSASHA3843072SignerPimpl( - std::make_unique(private_key)) {} - -RSASHA3843072Signer::~RSASHA3843072Signer() {} - -void RSASHA3843072Signer::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - m_RSASHA3843072SignerPimpl->Sign(buf, len, signature); -} - /** * * RSASHA5124096 @@ -701,30 +145,6 @@ bool RSASHA5124096Verifier::Verify( return m_RSASHA5124096VerifierPimpl->Verify(buf, len, signature); } -/// @class RSASHA5124096SignerImpl -/// @brief RSASHA5124096 signing implementation -class RSASHA5124096Signer::RSASHA5124096SignerImpl - : public RSASigner { - public: - RSASHA5124096SignerImpl( - const std::uint8_t* privkey) - : RSASigner(privkey, RSASHA5124096_KEY_LENGTH * 2) {} -}; - -RSASHA5124096Signer::RSASHA5124096Signer( - const std::uint8_t* private_key) - : m_RSASHA5124096SignerPimpl( - std::make_unique(private_key)) {} - -RSASHA5124096Signer::~RSASHA5124096Signer() {} - -void RSASHA5124096Signer::Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const { - m_RSASHA5124096SignerPimpl->Sign(buf, len, signature); -} - /** * * RSARaw diff --git a/src/core/crypto/signature.h b/src/core/crypto/signature.h index 35ce68b7..0f64bc68 100644 --- a/src/core/crypto/signature.h +++ b/src/core/crypto/signature.h @@ -41,348 +41,6 @@ namespace kovri { namespace core { -/** - * - * DSA - * - */ - -const std::size_t DSA_PUBLIC_KEY_LENGTH = 128; -const std::size_t DSA_SIGNATURE_LENGTH = 40; -const std::size_t DSA_PRIVATE_KEY_LENGTH = DSA_SIGNATURE_LENGTH / 2; - -/// @class DSAVerifier -class DSAVerifier : public Verifier { - public: - DSAVerifier( - const std::uint8_t* signing_key); - ~DSAVerifier(); - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const; - - std::size_t GetPublicKeyLen() const { - return DSA_PUBLIC_KEY_LENGTH; - } - - std::size_t GetSignatureLen() const { - return DSA_SIGNATURE_LENGTH; - } - - std::size_t GetPrivateKeyLen() const { - return DSA_PRIVATE_KEY_LENGTH; - } - - private: - class DSAVerifierImpl; - std::unique_ptr m_DSAVerifierPimpl; -}; - -/// @class DSASigner -class DSASigner : public Signer { - public: - explicit DSASigner( - const std::uint8_t* private_signing_key); - ~DSASigner(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class DSASignerImpl; - std::unique_ptr m_DSASignerPimpl; -}; - -void CreateDSARandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key); - -/** - * - * ECDSAP256 - * - */ - -const std::size_t ECDSAP256_KEY_LENGTH = 64; - -/// @class ECDSAP256Verifier -class ECDSAP256Verifier : public Verifier { - public: - ECDSAP256Verifier( - const std::uint8_t* signing_key); - ~ECDSAP256Verifier(); - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const; - - std::size_t GetPublicKeyLen() const { - return ECDSAP256_KEY_LENGTH; - } - - std::size_t GetSignatureLen() const { - return ECDSAP256_KEY_LENGTH; - } - - std::size_t GetPrivateKeyLen() const { - return ECDSAP256_KEY_LENGTH / 2; - } - - private: - class ECDSAP256VerifierImpl; - std::unique_ptr m_ECDSAP256VerifierPimpl; -}; - -/// @class ECDSAP256Signer -class ECDSAP256Signer : public Signer { - public: - explicit ECDSAP256Signer( - const std::uint8_t* private_signing_key); - ~ECDSAP256Signer(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class ECDSAP256SignerImpl; - std::unique_ptr m_ECDSAP256SignerPimpl; -}; - -void CreateECDSAP256RandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key); - -/** - * - * ECDSAP384 - * - */ - -const std::size_t ECDSAP384_KEY_LENGTH = 96; - -/// @class ECDSAP384Verifier -class ECDSAP384Verifier : public Verifier { - public: - ECDSAP384Verifier( - const std::uint8_t* signing_key); - ~ECDSAP384Verifier(); - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const; - - std::size_t GetPublicKeyLen() const { - return ECDSAP384_KEY_LENGTH; - } - - std::size_t GetSignatureLen() const { - return ECDSAP384_KEY_LENGTH; - } - - std::size_t GetPrivateKeyLen() const { - return ECDSAP384_KEY_LENGTH / 2; - } - - private: - class ECDSAP384VerifierImpl; - std::unique_ptr m_ECDSAP384VerifierPimpl; -}; - -/// @class ECDSAP384Signer -class ECDSAP384Signer : public Signer { - public: - explicit ECDSAP384Signer( - const uint8_t* private_signing_key); - ~ECDSAP384Signer(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class ECDSAP384SignerImpl; - std::unique_ptr m_ECDSAP384SignerPimpl; -}; - -void CreateECDSAP384RandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key); - -/** - * - * ECDSAP521 - * - */ - -const std::size_t ECDSAP521_KEY_LENGTH = 132; - -/// @class ECDSAP521Verifier -class ECDSAP521Verifier : public Verifier { - public: - ECDSAP521Verifier( - const std::uint8_t* signing_key); - ~ECDSAP521Verifier(); - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const; - - std::size_t GetPublicKeyLen() const { - return ECDSAP521_KEY_LENGTH; - } - - std::size_t GetSignatureLen() const { - return ECDSAP521_KEY_LENGTH; - } - - std::size_t GetPrivateKeyLen() const { - return ECDSAP521_KEY_LENGTH / 2; - } - - private: - class ECDSAP521VerifierImpl; - std::unique_ptr m_ECDSAP521VerifierPimpl; -}; - -/// @class ECDSAP521Signer -class ECDSAP521Signer : public Signer { - public: - explicit ECDSAP521Signer( - const uint8_t* private_signing_key); - ~ECDSAP521Signer(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class ECDSAP521SignerImpl; - std::unique_ptr m_ECDSAP521SignerPimpl; -}; - -void CreateECDSAP521RandomKeys( - std::uint8_t* private_signing_key, - std::uint8_t* public_signing_key); - -/** - * - * RSASHA2562048 - * - */ - -const std::size_t RSASHA2562048_KEY_LENGTH = 256; - -/// @class RSASHA2562048Verifier -class RSASHA2562048Verifier : public Verifier { - public: - explicit RSASHA2562048Verifier( - const std::uint8_t* signing_key); - ~RSASHA2562048Verifier(); - - std::size_t GetPublicKeyLen() const { - return RSASHA2562048_KEY_LENGTH; - } - - std::size_t GetSignatureLen() const { - return RSASHA2562048_KEY_LENGTH; - } - - std::size_t GetPrivateKeyLen() const { - return RSASHA2562048_KEY_LENGTH * 2; - } - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const; - - private: - class RSASHA2562048VerifierImpl; - std::unique_ptr m_RSASHA2562048VerifierPimpl; -}; - -/// @class RSASHA2562048Signer -class RSASHA2562048Signer : public Signer { - public: - explicit RSASHA2562048Signer( - const std::uint8_t* private_signing_key); - ~RSASHA2562048Signer(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class RSASHA2562048SignerImpl; - std::unique_ptr m_RSASHA2562048SignerPimpl; -}; - -/** - * - * RSASHA3843072 - * - */ - -const std::size_t RSASHA3843072_KEY_LENGTH = 384; - -/// @class RSASHA3843072Verifier -class RSASHA3843072Verifier : public Verifier { - public: - explicit RSASHA3843072Verifier( - const std::uint8_t* signing_key); - ~RSASHA3843072Verifier(); - - std::size_t GetPublicKeyLen() const { - return RSASHA3843072_KEY_LENGTH; - } - - std::size_t GetSignatureLen() const { - return RSASHA3843072_KEY_LENGTH; - } - - std::size_t GetPrivateKeyLen() const { - return RSASHA3843072_KEY_LENGTH * 2; - } - - bool Verify( - const std::uint8_t* buf, - std::size_t len, - const std::uint8_t* signature) const; - - private: - class RSASHA3843072VerifierImpl; - std::unique_ptr m_RSASHA3843072VerifierPimpl; -}; - -/// @class RSASHA3843072Signer -class RSASHA3843072Signer : public Signer { - public: - explicit RSASHA3843072Signer( - const std::uint8_t* private_signing_key); - ~RSASHA3843072Signer(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class RSASHA3843072SignerImpl; - std::unique_ptr m_RSASHA3843072SignerPimpl; -}; - /** * * RSASHA5124096 @@ -420,23 +78,6 @@ class RSASHA5124096Verifier : public Verifier { std::unique_ptr m_RSASHA5124096VerifierPimpl; }; -/// @class RSASHA5124096Signer -class RSASHA5124096Signer : public Signer { - public: - explicit RSASHA5124096Signer( - const std::uint8_t* private_signing_key); - ~RSASHA5124096Signer(); - - void Sign( - const std::uint8_t* buf, - std::size_t len, - std::uint8_t* signature) const; - - private: - class RSASHA5124096SignerImpl; - std::unique_ptr m_RSASHA5124096SignerPimpl; -}; - void CreateRSARandomKeys( std::size_t public_key_length, std::uint8_t* private_signing_key, diff --git a/src/core/router/identity.cc b/src/core/router/identity.cc index ceaa8898..446d7c22 100644 --- a/src/core/router/identity.cc +++ b/src/core/router/identity.cc @@ -102,107 +102,41 @@ IdentityEx::IdentityEx( m_StandardIdentity.public_key, public_key, sizeof(m_StandardIdentity.public_key)); - if (type != SIGNING_KEY_TYPE_DSA_SHA1) { - std::size_t excess_len = 0; - std::unique_ptr excess_buf; - switch (type) { - case SIGNING_KEY_TYPE_ECDSA_SHA256_P256: { - std::size_t padding = - 128 - kovri::core::ECDSAP256_KEY_LENGTH; // 64 = 128 - 64 - kovri::core::RandBytes( - m_StandardIdentity.signing_key, - padding); - memcpy( - m_StandardIdentity.signing_key + padding, - signing_key, - kovri::core::ECDSAP256_KEY_LENGTH); - break; - } - case SIGNING_KEY_TYPE_ECDSA_SHA384_P384: { - std::size_t padding = - 128 - kovri::core::ECDSAP384_KEY_LENGTH; // 32 = 128 - 96 - kovri::core::RandBytes( - m_StandardIdentity.signing_key, - padding); - memcpy( - m_StandardIdentity.signing_key + padding, - signing_key, - kovri::core::ECDSAP384_KEY_LENGTH); - break; - } - case SIGNING_KEY_TYPE_ECDSA_SHA512_P521: { - memcpy(m_StandardIdentity.signing_key, signing_key, 128); - excess_len = kovri::core::ECDSAP521_KEY_LENGTH - 128; // 4 = 132 - 128 - excess_buf = std::make_unique(excess_len); - memcpy(excess_buf.get(), signing_key + 128, excess_len); - break; - } - case SIGNING_KEY_TYPE_RSA_SHA256_2048: { - memcpy(m_StandardIdentity.signing_key, signing_key, 128); - excess_len = kovri::core::RSASHA2562048_KEY_LENGTH - 128; // 128 = 256 - 128 - excess_buf = std::make_unique(excess_len); - memcpy(excess_buf.get(), signing_key + 128, excess_len); - break; - } - case SIGNING_KEY_TYPE_RSA_SHA384_3072: { - memcpy(m_StandardIdentity.signing_key, signing_key, 128); - excess_len = kovri::core::RSASHA3843072_KEY_LENGTH - 128; // 256 = 384 - 128 - excess_buf = std::make_unique(excess_len); - memcpy(excess_buf.get(), signing_key + 128, excess_len); - break; - } - case SIGNING_KEY_TYPE_RSA_SHA512_4096: { - memcpy(m_StandardIdentity.signing_key, signing_key, 128); - excess_len = kovri::core::RSASHA5124096_KEY_LENGTH - 128; // 384 = 512 - 128 - excess_buf = std::make_unique(excess_len); - memcpy(excess_buf.get(), signing_key + 128, excess_len); - break; - } - case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: { - std::size_t padding = - 128 - kovri::core::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32 - kovri::core::RandBytes( - m_StandardIdentity.signing_key, - padding); - memcpy( - m_StandardIdentity.signing_key + padding, - signing_key, - kovri::core::EDDSA25519_PUBLIC_KEY_LENGTH); - break; - } - default: - LOG(warning) - << "IdentityEx: signing key type " - << static_cast(type) << " is not supported"; - } - m_ExtendedLen = 4 + excess_len; // 4 bytes extra + excess length - // fill certificate - m_StandardIdentity.certificate.type = CERTIFICATE_TYPE_KEY; - m_StandardIdentity.certificate.length = htobe16(m_ExtendedLen); - // fill extended buffer - m_ExtendedBuffer = std::make_unique(m_ExtendedLen); - htobe16buf(m_ExtendedBuffer.get(), type); - htobe16buf(m_ExtendedBuffer.get() + 2, CRYPTO_KEY_TYPE_ELGAMAL); - if (excess_len && excess_buf) { - memcpy(m_ExtendedBuffer.get() + 4, excess_buf.get(), excess_len); + std::size_t excess_len = 0; + std::unique_ptr excess_buf; + switch (type) { + case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: { + std::size_t padding = + 128 - kovri::core::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32 + kovri::core::RandBytes( + m_StandardIdentity.signing_key, + padding); + memcpy( + m_StandardIdentity.signing_key + padding, + signing_key, + kovri::core::EDDSA25519_PUBLIC_KEY_LENGTH); + break; } - // calculate ident hash - auto buf = std::make_unique(GetFullLen()); - ToBuffer(buf.get(), GetFullLen()); - kovri::core::SHA256().CalculateDigest(m_IdentHash, buf.get(), GetFullLen()); - } else { // DSA-SHA1 - memcpy( - m_StandardIdentity.signing_key, - signing_key, - sizeof(m_StandardIdentity.signing_key)); - memset( - &m_StandardIdentity.certificate, - 0, - sizeof(m_StandardIdentity.certificate)); - m_IdentHash = m_StandardIdentity.Hash(); - m_ExtendedLen = 0; - m_ExtendedBuffer.reset(nullptr); + default: + LOG(warning) + << "IdentityEx: signing key type " + << static_cast(type) << " is not supported"; } + m_ExtendedLen = 4 + excess_len; // 4 bytes extra + excess length + // fill certificate + m_StandardIdentity.certificate.type = CERTIFICATE_TYPE_KEY; + m_StandardIdentity.certificate.length = htobe16(m_ExtendedLen); + // fill extended buffer + m_ExtendedBuffer = std::make_unique(m_ExtendedLen); + htobe16buf(m_ExtendedBuffer.get(), type); + htobe16buf(m_ExtendedBuffer.get() + 2, CRYPTO_KEY_TYPE_ELGAMAL); + if (excess_len && excess_buf) { + memcpy(m_ExtendedBuffer.get() + 4, excess_buf.get(), excess_len); + } + // calculate ident hash + auto buf = std::make_unique(GetFullLen()); + ToBuffer(buf.get(), GetFullLen()); + kovri::core::SHA256().CalculateDigest(m_IdentHash, buf.get(), GetFullLen()); CreateVerifier(); } catch (...) { m_Exception.Dispatch(__func__); @@ -355,21 +289,6 @@ std::string IdentityEx::GetDescription(const std::string& tabs) const << tabs << "\t\t"; switch (GetSigningKeyType()) { - case SIGNING_KEY_TYPE_ECDSA_SHA256_P256: // 64 = 128 - 64 - ss << "Padding: " << (128 - kovri::core::ECDSAP256_KEY_LENGTH); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA384_P384: // 32 = 128 - 96 - ss << "Padding: " << (128 - kovri::core::ECDSAP384_KEY_LENGTH); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA512_P521: // 4 = 132 - 128 - ss << "Excess: " << (kovri::core::ECDSAP521_KEY_LENGTH - 128); - break; - case SIGNING_KEY_TYPE_RSA_SHA256_2048: // 128 = 256 - 128 - ss << "Excess: " << (kovri::core::RSASHA2562048_KEY_LENGTH - 128); - break; - case SIGNING_KEY_TYPE_RSA_SHA384_3072: // 256 = 384 - 128 - ss << "Excess: " << (kovri::core::RSASHA3843072_KEY_LENGTH - 128); - break; case SIGNING_KEY_TYPE_RSA_SHA512_4096: // 384 = 512 - 128 ss << "Excess: " << (kovri::core::RSASHA5124096_KEY_LENGTH - 128); break; @@ -408,7 +327,7 @@ std::size_t IdentityEx::GetSignatureLen() const { CreateVerifier(); if (m_Verifier) return m_Verifier->GetSignatureLen(); - return kovri::core::DSA_SIGNATURE_LENGTH; + return kovri::core::EDDSA25519_SIGNATURE_LENGTH; } bool IdentityEx::Verify( @@ -442,53 +361,12 @@ CryptoKeyType IdentityEx::GetCryptoKeyType() const { if (m_StandardIdentity.certificate.type == CERTIFICATE_TYPE_KEY && m_ExtendedBuffer) return bufbe16toh(m_ExtendedBuffer.get() + 2); // crypto key - return CRYPTO_KEY_TYPE_ELGAMAL; + return CRYPTO_KEY_TYPE_ELGAMAL; } void IdentityEx::CreateVerifier() const { auto key_type = GetSigningKeyType(); switch (key_type) { - case SIGNING_KEY_TYPE_DSA_SHA1: - m_Verifier = std::make_unique(m_StandardIdentity.signing_key); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA256_P256: { - std::size_t padding = 128 - kovri::core::ECDSAP256_KEY_LENGTH; // 64 = 128 - 64 - m_Verifier = - std::make_unique( - m_StandardIdentity.signing_key + padding); - break; - } - case SIGNING_KEY_TYPE_ECDSA_SHA384_P384: { - std::size_t padding = 128 - kovri::core::ECDSAP384_KEY_LENGTH; // 32 = 128 - 96 - m_Verifier = - std::make_unique( - m_StandardIdentity.signing_key + padding); - break; - } - case SIGNING_KEY_TYPE_ECDSA_SHA512_P521: { - std::uint8_t signing_key[kovri::core::ECDSAP521_KEY_LENGTH]; - memcpy(signing_key, m_StandardIdentity.signing_key, 128); - std::size_t excess_len = kovri::core::ECDSAP521_KEY_LENGTH - 128; // 4 = 132- 128 - memcpy(signing_key + 128, m_ExtendedBuffer.get() + 4, excess_len); // right after signing and crypto key types - m_Verifier = std::make_unique(signing_key); - break; - } - case SIGNING_KEY_TYPE_RSA_SHA256_2048: { - std::uint8_t signing_key[kovri::core::RSASHA2562048_KEY_LENGTH]; - memcpy(signing_key, m_StandardIdentity.signing_key, 128); - std::size_t excess_len = kovri::core::RSASHA2562048_KEY_LENGTH - 128; // 128 = 256- 128 - memcpy(signing_key + 128, m_ExtendedBuffer.get() + 4, excess_len); - m_Verifier = std::make_unique(signing_key); - break; - } - case SIGNING_KEY_TYPE_RSA_SHA384_3072: { - std::uint8_t signing_key[kovri::core::RSASHA3843072_KEY_LENGTH]; - memcpy(signing_key, m_StandardIdentity.signing_key, 128); - std::size_t excess_len = kovri::core::RSASHA3843072_KEY_LENGTH - 128; // 256 = 384- 128 - memcpy(signing_key + 128, m_ExtendedBuffer.get() + 4, excess_len); - m_Verifier = std::make_unique(signing_key); - break; - } case SIGNING_KEY_TYPE_RSA_SHA512_4096: { std::uint8_t signing_key[kovri::core::RSASHA5124096_KEY_LENGTH]; memcpy(signing_key, m_StandardIdentity.signing_key, 128); @@ -614,27 +492,6 @@ void PrivateKeys::Sign( void PrivateKeys::CreateSigner() { switch (m_Public.GetSigningKeyType()) { - case SIGNING_KEY_TYPE_DSA_SHA1: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA256_P256: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA384_P384: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA512_P521: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; - case SIGNING_KEY_TYPE_RSA_SHA256_2048: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; - case SIGNING_KEY_TYPE_RSA_SHA384_3072: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; - case SIGNING_KEY_TYPE_RSA_SHA512_4096: - m_Signer = std::make_unique(m_SigningPrivateKey); - break; case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: m_Signer = std::make_unique(m_SigningPrivateKey); break; @@ -653,33 +510,6 @@ PrivateKeys PrivateKeys::CreateRandomKeys(SigningKeyType type) { // signature std::uint8_t signing_public_key[512]; // signing public key is 512 bytes max switch (type) { - case SIGNING_KEY_TYPE_ECDSA_SHA256_P256: - kovri::core::CreateECDSAP256RandomKeys( - keys.m_SigningPrivateKey, - signing_public_key); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA384_P384: - kovri::core::CreateECDSAP384RandomKeys( - keys.m_SigningPrivateKey, - signing_public_key); - break; - case SIGNING_KEY_TYPE_ECDSA_SHA512_P521: - kovri::core::CreateECDSAP521RandomKeys( - keys.m_SigningPrivateKey, - signing_public_key); - break; - case SIGNING_KEY_TYPE_RSA_SHA256_2048: - kovri::core::CreateRSARandomKeys( - kovri::core::RSASHA2562048_KEY_LENGTH, - keys.m_SigningPrivateKey, - signing_public_key); - break; - case SIGNING_KEY_TYPE_RSA_SHA384_3072: - kovri::core::CreateRSARandomKeys( - kovri::core::RSASHA3843072_KEY_LENGTH, - keys.m_SigningPrivateKey, - signing_public_key); - break; case SIGNING_KEY_TYPE_RSA_SHA512_4096: kovri::core::CreateRSARandomKeys( kovri::core::RSASHA5124096_KEY_LENGTH, @@ -694,10 +524,11 @@ PrivateKeys PrivateKeys::CreateRandomKeys(SigningKeyType type) { default: LOG(warning) << "IdentityEx: Signing key type " - << static_cast(type) << " is not supported, creating DSA-SHA1"; + << static_cast(type) << " is not supported, creating EDDSA_SHA512_ED25519"; // fall-through - case SIGNING_KEY_TYPE_DSA_SHA1: - return PrivateKeys(kovri::core::CreateRandomKeys()); // DSA-SHA1 + kovri::core::CreateEDDSARandomKeys( + keys.m_SigningPrivateKey, + signing_public_key); } // encryption std::uint8_t public_key[256]; @@ -723,7 +554,7 @@ Keys CreateRandomKeys() { keys.private_key, keys.public_key); // signing - kovri::core::CreateDSARandomKeys( + kovri::core::CreateEDDSARandomKeys( keys.signing_private_key, keys.signing_key); } catch (...) { @@ -789,18 +620,6 @@ const std::string GetSigningKeyTypeName(const std::uint16_t key) { switch (key) { - case SIGNING_KEY_TYPE_DSA_SHA1: - return "DSA_SHA1"; - case SIGNING_KEY_TYPE_ECDSA_SHA256_P256: - return "ECDSA_SHA256_P256"; - case SIGNING_KEY_TYPE_ECDSA_SHA384_P384: - return "ECDSA_SHA384_P384"; - case SIGNING_KEY_TYPE_ECDSA_SHA512_P521: - return "ECDSA_SHA512_P521"; - case SIGNING_KEY_TYPE_RSA_SHA256_2048: - return "RSA_SHA256_2048"; - case SIGNING_KEY_TYPE_RSA_SHA384_3072: - return "RSA_SHA384_3072"; case SIGNING_KEY_TYPE_RSA_SHA512_4096: return "RSA_SHA512_4096"; case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: diff --git a/src/core/router/info.h b/src/core/router/info.h index 4018b5a4..ef773fba 100644 --- a/src/core/router/info.h +++ b/src/core/router/info.h @@ -65,7 +65,7 @@ struct RouterInfoTraits /// @brief Router Info size constants enum Size : std::uint16_t { - MinBuffer = core::DSA_SIGNATURE_LENGTH, // TODO(unassigned): see #498 + MinBuffer = core::EDDSA25519_SIGNATURE_LENGTH, // TODO(unassigned): see #498 MaxBuffer = 2048, // TODO(anonimal): review if arbitrary // TODO(unassigned): algorithm to dynamically determine cost NTCPCost = 10, // NTCP *should* have priority over SSU diff --git a/src/util/benchmark.cc b/src/util/benchmark.cc index 66c15062..aaeb86d9 100644 --- a/src/util/benchmark.cc +++ b/src/util/benchmark.cc @@ -39,50 +39,6 @@ namespace bpo = boost::program_options; /// @brief perfrom all benchmark tests void Benchmark::PerformTests() { - uint8_t private_key_DSA[kovri::core::DSA_PRIVATE_KEY_LENGTH]; - uint8_t public_key_DSA[kovri::core::DSA_PUBLIC_KEY_LENGTH]; - uint8_t output_DSA[kovri::core::DSA_SIGNATURE_LENGTH]; - LOG(info) << "--------DSA---------"; - BenchmarkTest( - Benchmark::BenchmarkCount, - private_key_DSA, - public_key_DSA, - output_DSA, - kovri::core::CreateDSARandomKeys); - - uint8_t private_key_ECDSAP256[kovri::core::ECDSAP256_KEY_LENGTH]; - uint8_t public_key_ECDSAP256[kovri::core::ECDSAP256_KEY_LENGTH/ 2]; - uint8_t output_ECDSAP256[kovri::core::ECDSAP256_KEY_LENGTH]; - LOG(info) << "-----ECDSAP256------"; - BenchmarkTest( - Benchmark::BenchmarkCount, - private_key_ECDSAP256, - public_key_ECDSAP256, - output_ECDSAP256, - kovri::core::CreateECDSAP256RandomKeys); - - LOG(info) << "-----ECDSAP384------"; - uint8_t private_key_ECDSAP384[kovri::core::ECDSAP384_KEY_LENGTH]; - uint8_t public_key_ECDSAP384[kovri::core::ECDSAP384_KEY_LENGTH / 2]; - uint8_t output_ECDSAP384[kovri::core::ECDSAP384_KEY_LENGTH]; - BenchmarkTest( - Benchmark::BenchmarkCount, - private_key_ECDSAP384, - public_key_ECDSAP384, - output_ECDSAP384, - kovri::core::CreateECDSAP384RandomKeys); - - LOG(info) << "-----ECDSAP521------"; - uint8_t private_key_ECDSAP521[kovri::core::ECDSAP521_KEY_LENGTH]; - uint8_t public_key_ECDSAP521[kovri::core::ECDSAP521_KEY_LENGTH / 2]; - uint8_t output_ECDSAP521[kovri::core::ECDSAP521_KEY_LENGTH]; - BenchmarkTest( - Benchmark::BenchmarkCount, - private_key_ECDSAP521, - public_key_ECDSAP521, - output_ECDSAP521, - kovri::core::CreateECDSAP521RandomKeys); - LOG(info) << "-----EDDSA25519-----"; uint8_t private_key_EDDSA25519[kovri::core::EDDSA25519_PRIVATE_KEY_LENGTH]; uint8_t public_key_EDDSA25519[kovri::core::EDDSA25519_PUBLIC_KEY_LENGTH]; diff --git a/tests/unit_tests/CMakeLists.txt b/tests/unit_tests/CMakeLists.txt index 8a631903..c47f2c06 100644 --- a/tests/unit_tests/CMakeLists.txt +++ b/tests/unit_tests/CMakeLists.txt @@ -10,7 +10,6 @@ set(TESTS_CLIENT set(TESTS_CORE "core/crypto/aes.cc" - "core/crypto/dsa.cc" "core/crypto/eddsa25519.cc" "core/crypto/elgamal.cc" "core/crypto/rand.cc" diff --git a/tests/unit_tests/core/crypto/dsa.cc b/tests/unit_tests/core/crypto/dsa.cc deleted file mode 100644 index 7edfbfd6..00000000 --- a/tests/unit_tests/core/crypto/dsa.cc +++ /dev/null @@ -1,106 +0,0 @@ -/** // - * Copyright (c) 2015-2017, The Kovri I2P Router Project // - * // - * All rights reserved. // - * // - * Redistribution and use in source and binary forms, with or without modification, are // - * permitted provided that the following conditions are met: // - * // - * 1. Redistributions of source code must retain the above copyright notice, this list of // - * conditions and the following disclaimer. // - * // - * 2. Redistributions in binary form must reproduce the above copyright notice, this list // - * of conditions and the following disclaimer in the documentation and/or other // - * materials provided with the distribution. // - * // - * 3. Neither the name of the copyright holder nor the names of its contributors may be // - * used to endorse or promote products derived from this software without specific // - * prior written permission. // - * // - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY // - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL // - * THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS // - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, // - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF // - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // - */ - -#define BOOST_TEST_DYN_LINK - -#include - -#include - -#include "core/crypto/rand.h" -#include "core/crypto/signature.h" - -BOOST_AUTO_TEST_SUITE(DSASHA1ests) - -struct DSAFixture { - DSAFixture() { - // TODO(unassigned): generate static test keys - kovri::core::CreateDSARandomKeys(private_key, public_key); - verifier = std::make_unique(public_key); - signer = std::make_unique(private_key); - } - uint8_t private_key[20], public_key[128]; - std::unique_ptr verifier; - std::unique_ptr signer; - static constexpr size_t key_message_len = 1024; -}; - -BOOST_FIXTURE_TEST_CASE(DSASHA1KeyLength, DSAFixture) { - BOOST_CHECK_EQUAL( - verifier->GetPublicKeyLen(), - kovri::core::DSA_PUBLIC_KEY_LENGTH); -} - -BOOST_FIXTURE_TEST_CASE(DSASHA1SignatureLength, DSAFixture) { - BOOST_CHECK_EQUAL( - verifier->GetSignatureLen(), - kovri::core::DSA_SIGNATURE_LENGTH); -} - -BOOST_FIXTURE_TEST_CASE(DSASHA1SignVerifyValid, DSAFixture) { - uint8_t signature[40], message[key_message_len]; - kovri::core::RandBytes(message, key_message_len); - signer->Sign(message, key_message_len, signature); - // check that the signature is valid - BOOST_CHECK_EQUAL(verifier->Verify(message, key_message_len, signature), true); -} - -BOOST_FIXTURE_TEST_CASE(DSASHA1SignVerifyBadSignature, DSAFixture) { - uint8_t signature[40], message[key_message_len]; - kovri::core::RandBytes(message, key_message_len); - signer->Sign(message, key_message_len, signature); - // introduce an error in the signature - signature[5] ^= kovri::core::RandInRange32(1, 128); - // it should fail verification - BOOST_CHECK_EQUAL(verifier->Verify(message, key_message_len, signature), false); -} - -BOOST_FIXTURE_TEST_CASE(DSASHA1SignVerifyBadMessage, DSAFixture) { - uint8_t signature[40], message[key_message_len]; - kovri::core::RandBytes(message, key_message_len); - signer->Sign(message, key_message_len, signature); - // introduce an error in the message - message[5] ^= kovri::core::RandInRange32(1, 128); - // this should also fail verification - BOOST_CHECK_EQUAL(verifier->Verify(message, key_message_len, signature), false); -} - -BOOST_FIXTURE_TEST_CASE(DSASHA1SignVerifyBadSignatureAndMessage, DSAFixture) { - uint8_t signature[40], message[key_message_len]; - kovri::core::RandBytes(message, key_message_len); - signer->Sign(message, key_message_len, signature); - // introduce errors in both the message and signature - message[6] ^= kovri::core::RandInRange32(1, 128); - signature[2] ^= kovri::core::RandInRange32(1, 128); - // this should fail verification as well - BOOST_CHECK_EQUAL(verifier->Verify(message, key_message_len, signature), false); -} - -BOOST_AUTO_TEST_SUITE_END()