From e90eb8c4cd7edc0cd3eddafac622edc45efff794 Mon Sep 17 00:00:00 2001 From: Terry Geng Date: Wed, 3 Jun 2020 18:54:38 +0800 Subject: src: Made CryptState an abstract class, in order to support multiple crypto types in the future. Moved all crypto-related files into src/crypto. --- src/tests/Benchmark.cpp | 10 ++--- src/tests/Benchmark.pro | 4 +- src/tests/TestCrypt/TestCrypt.cpp | 48 +++++++++++++--------- src/tests/TestCrypt/TestCrypt.pro | 4 +- .../TestCryptographicHash.cpp | 2 +- .../TestCryptographicHash.pro | 4 +- .../TestCryptographicRandom.cpp | 2 +- .../TestCryptographicRandom.pro | 4 +- .../TestPasswordGenerator.pro | 4 +- 9 files changed, 46 insertions(+), 36 deletions(-) (limited to 'src/tests') diff --git a/src/tests/Benchmark.cpp b/src/tests/Benchmark.cpp index 7a5413db8..95495a5af 100644 --- a/src/tests/Benchmark.cpp +++ b/src/tests/Benchmark.cpp @@ -24,7 +24,7 @@ #include "PacketDataStream.h" #include "Timer.h" #include "Message.h" -#include "CryptState.h" +#include "crypto/CryptState.h" #include "Mumble.pb.h" class Client : public QThread { @@ -34,7 +34,7 @@ class Client : public QThread { bool sender; struct sockaddr_in srv; unsigned int uiSession; - CryptState crypt; + CryptStateOCB2 crypt; int rcvd; int socket; int seq; @@ -220,16 +220,16 @@ void Client::readyRead() { const std::string &client_nonce = msg.client_nonce(); const std::string &server_nonce = msg.server_nonce(); if (key.size() == AES_BLOCK_SIZE && client_nonce.size() == AES_BLOCK_SIZE && server_nonce.size() == AES_BLOCK_SIZE) - crypt.setKey(reinterpret_cast(key.data()), reinterpret_cast(client_nonce.data()), reinterpret_cast(server_nonce.data())); + crypt.setKey(key, client_nonce, server_nonce); } else if (msg.has_server_nonce()) { const std::string &server_nonce = msg.server_nonce(); if (server_nonce.size() == AES_BLOCK_SIZE) { crypt.uiResync++; - memcpy(crypt.decrypt_iv, server_nonce.data(), AES_BLOCK_SIZE); + crypt.setDecryptIV(server_nonce); } } else { MumbleProto::CryptSetup mpcs; - mpcs.set_client_nonce(std::string(reinterpret_cast(crypt.encrypt_iv), AES_BLOCK_SIZE)); + mpcs.set_client_nonce(crypt.getEncryptIV()); sendMessage(mpcs, MessageHandler::CryptSetup); } break; diff --git a/src/tests/Benchmark.pro b/src/tests/Benchmark.pro index 5d1cf4fed..30a3376ee 100644 --- a/src/tests/Benchmark.pro +++ b/src/tests/Benchmark.pro @@ -6,8 +6,8 @@ CONFIG -= app_bundle QT *= network xml LANGUAGE = C++ TARGET = Benchmark -SOURCES *= Benchmark.cpp Timer.cpp CryptState.cpp -HEADERS *= Timer.h CryptState.h +SOURCES *= Benchmark.cpp Timer.cpp crypto/CryptStateOCB2.cpp +HEADERS *= Timer.h crypto/CryptState.h crypto/CryptStateOCB2.h VPATH *= .. INCLUDEPATH *= .. ../murmur ../mumble !win32 { diff --git a/src/tests/TestCrypt/TestCrypt.cpp b/src/tests/TestCrypt/TestCrypt.cpp index 1b621967f..1021f8aec 100644 --- a/src/tests/TestCrypt/TestCrypt.cpp +++ b/src/tests/TestCrypt/TestCrypt.cpp @@ -6,9 +6,10 @@ #include #include +#include #include "SSL.h" #include "Timer.h" -#include "CryptState.h" +#include "crypto/CryptStateOCB2.h" #include "Utils.h" class TestCrypt : public QObject { @@ -33,13 +34,14 @@ void TestCrypt::cleanupTestCase() { } void TestCrypt::reverserecovery() { - CryptState enc, dec; + CryptStateOCB2 enc, dec; enc.genKey(); // For our testcase, we're going to FORCE iv - memset(enc.encrypt_iv, 0x55, AES_BLOCK_SIZE); - - dec.setKey(enc.raw_key, enc.decrypt_iv, enc.encrypt_iv); + char encrypt_iv[AES_BLOCK_SIZE]; + memset(encrypt_iv, 0x55, AES_BLOCK_SIZE); + enc.setEncryptIV(std::string(reinterpret_cast(encrypt_iv), AES_BLOCK_SIZE)); + dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV()); unsigned char secret[10] = "abcdefghi"; unsigned char crypted[512][14]; @@ -89,13 +91,14 @@ void TestCrypt::reverserecovery() { } void TestCrypt::ivrecovery() { - CryptState enc, dec; + CryptStateOCB2 enc, dec; enc.genKey(); // For our testcase, we're going to FORCE iv - memset(enc.encrypt_iv, 0x55, AES_BLOCK_SIZE); - - dec.setKey(enc.raw_key, enc.decrypt_iv, enc.encrypt_iv); + char encrypt_iv[AES_BLOCK_SIZE]; + memset(encrypt_iv, 0x55, AES_BLOCK_SIZE); + enc.setEncryptIV(std::string(reinterpret_cast(encrypt_iv), AES_BLOCK_SIZE)); + dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV()); unsigned char secret[10] = "abcdefghi"; unsigned char crypted[14]; @@ -126,7 +129,7 @@ void TestCrypt::ivrecovery() { QCOMPARE(dec.uiLost, 14U); } - QVERIFY(memcmp(enc.encrypt_iv, dec.decrypt_iv, AES_BLOCK_SIZE)==0); + QVERIFY(enc.getEncryptIV() == dec.getDecryptIV()); // Wrap too far for (int i=0;i<257;i++) @@ -135,7 +138,7 @@ void TestCrypt::ivrecovery() { QVERIFY(! dec.decrypt(crypted, decr, 14)); // Sync it - dec.setDecryptIV(enc.encrypt_iv); + dec.setDecryptIV(enc.getEncryptIV()); enc.encrypt(secret, crypted, 10); QVERIFY(dec.decrypt(crypted, decr, 14)); @@ -145,8 +148,9 @@ void TestCrypt::testvectors() { // Test vectors are from draft-krovetz-ocb-00.txt const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; - CryptState cs; - cs.setKey(rawkey, rawkey, rawkey); + CryptStateOCB2 cs; + std::string rawkey_str = std::string(reinterpret_cast(rawkey), AES_BLOCK_SIZE); + cs.setKey(rawkey_str, rawkey_str, rawkey_str); unsigned char tag[16]; QVERIFY(cs.ocb_encrypt(NULL, NULL, 0, rawkey, tag)); @@ -176,8 +180,10 @@ void TestCrypt::authcrypt() { for (int len=0;len<128;len++) { const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - CryptState cs; - cs.setKey(rawkey, nonce, nonce); + std::string rawkey_str = std::string(reinterpret_cast(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast(nonce), AES_BLOCK_SIZE); + CryptStateOCB2 cs; + cs.setKey(rawkey_str, nonce_str, nonce_str); STACKVAR(unsigned char, src, len); for (int i=0;i(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast(nonce), AES_BLOCK_SIZE); + CryptStateOCB2 cs; + cs.setKey(rawkey_str, nonce_str, nonce_str); STACKVAR(unsigned char, src, 2 * AES_BLOCK_SIZE); // Set first block to `len(secondBlock)` @@ -240,8 +248,10 @@ void TestCrypt::xexstarAttack() { void TestCrypt::tamper() { const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - CryptState cs; - cs.setKey(rawkey, nonce, nonce); + std::string rawkey_str = std::string(reinterpret_cast(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast(nonce), AES_BLOCK_SIZE); + CryptStateOCB2 cs; + cs.setKey(rawkey_str, nonce_str, nonce_str); const unsigned char msg[] = "It was a funky funky town!"; int len = sizeof(msg); diff --git a/src/tests/TestCrypt/TestCrypt.pro b/src/tests/TestCrypt/TestCrypt.pro index 83ea84f6e..6535e4b19 100644 --- a/src/tests/TestCrypt/TestCrypt.pro +++ b/src/tests/TestCrypt/TestCrypt.pro @@ -8,7 +8,7 @@ include(../test.pri) QT *= network TARGET = TestCrypt -HEADERS *= SSL.h SSLLocks.h Timer.h CryptState.h -SOURCES *= SSL.cpp SSLLocks.cpp TestCrypt.cpp CryptState.cpp Timer.cpp +HEADERS *= SSL.h SSLLocks.h Timer.h crypto/CryptState.h crypto/CryptStateOCB2.h +SOURCES *= SSL.cpp SSLLocks.cpp TestCrypt.cpp crypto/CryptStateOCB2.cpp Timer.cpp win32:LIBS *= -lws2_32 diff --git a/src/tests/TestCryptographicHash/TestCryptographicHash.cpp b/src/tests/TestCryptographicHash/TestCryptographicHash.cpp index 653a9b72a..90be99485 100644 --- a/src/tests/TestCryptographicHash/TestCryptographicHash.cpp +++ b/src/tests/TestCryptographicHash/TestCryptographicHash.cpp @@ -9,7 +9,7 @@ #include "SSL.h" -#include "CryptographicHash.h" +#include "crypto/CryptographicHash.h" class TestCryptographicHash : public QObject { Q_OBJECT diff --git a/src/tests/TestCryptographicHash/TestCryptographicHash.pro b/src/tests/TestCryptographicHash/TestCryptographicHash.pro index bda9506dc..dc5b256c8 100644 --- a/src/tests/TestCryptographicHash/TestCryptographicHash.pro +++ b/src/tests/TestCryptographicHash/TestCryptographicHash.pro @@ -8,5 +8,5 @@ include(../test.pri) QT += network TARGET = TestCryptographicHash -SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicHash.cpp CryptographicHash.cpp -HEADERS *= SSL.h SSLLocks.h CryptographicHash.h +SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicHash.cpp crypto/CryptographicHash.cpp +HEADERS *= SSL.h SSLLocks.h crypto/CryptographicHash.h diff --git a/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp b/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp index be9d04fa5..ee1a2edd7 100644 --- a/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp +++ b/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp @@ -8,7 +8,7 @@ #include "SSL.h" -#include "CryptographicRandom.h" +#include "crypto/CryptographicRandom.h" #include #include diff --git a/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro b/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro index 5d04255f0..c6625f3f9 100644 --- a/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro +++ b/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro @@ -8,8 +8,8 @@ include(../test.pri) QT += network TARGET = TestCryptographicRandom -SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicRandom.cpp CryptographicRandom.cpp arc4random_uniform.cpp -HEADERS *= SSL.h SSLLocks.h CryptographicHash.h +SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicRandom.cpp crypto/CryptographicRandom.cpp arc4random_uniform.cpp +HEADERS *= SSL.h SSLLocks.h crypto/CryptographicHash.h VPATH *= ../../../3rdparty/arc4random-src INCLUDEPATH *= ../../../3rdparty/arc4random-src diff --git a/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro b/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro index 3bb6df3cd..77a30e92c 100644 --- a/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro +++ b/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro @@ -8,8 +8,8 @@ include(../test.pri) QT += network TARGET = TestPasswordGenerator -SOURCES *= SSL.cpp SSLLocks.cpp TestPasswordGenerator.cpp PasswordGenerator.cpp CryptographicRandom.cpp arc4random_uniform.cpp -HEADERS *= SSL.h SSLLocks.h PasswordGenerator.h CryptographicHash.h +SOURCES *= SSL.cpp SSLLocks.cpp TestPasswordGenerator.cpp PasswordGenerator.cpp crypto/CryptographicRandom.cpp arc4random_uniform.cpp +HEADERS *= SSL.h SSLLocks.h PasswordGenerator.h crypto/CryptographicHash.h VPATH *= ../../../3rdparty/arc4random-src INCLUDEPATH *= ../../../3rdparty/arc4random-src -- cgit v1.2.3