-dce

[oweals/gnunet.git] / src / util / test_crypto_aes_weak.c

/*
     This file is part of GNUnet.
     (C) 2003, 2004, 2005, 2006 Christian Grothoff (and other contributing authors)

     GNUnet is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published
     by the Free Software Foundation; either version 3, or (at your
     option) any later version.

     GNUnet is distributed in the hope that it will be useful, but
     WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     General Public License for more details.

     You should have received a copy of the GNU General Public License
     along with GNUnet; see the file COPYING.  If not, write to the
     Free Software Foundation, Inc., 59 Temple Place - Suite 330,
     Boston, MA 02111-1307, USA.

*/

/**
 * @author Krista Bennett
 * @author Christian Grothoff
 * @file util/test_crypto_aes_weak.c
 * @brief AES weak key test.
 */
#include "platform.h"
#include "gnunet_common.h"
#include "gnunet_crypto_lib.h"
#include <gcrypt.h>

#define MAX_WEAK_KEY_TRIALS 100000
#define GENERATE_WEAK_KEYS GNUNET_NO
#define WEAK_KEY_TESTSTRING "I hate weak keys."

static void
printWeakKey (struct GNUNET_CRYPTO_AesSessionKey *key)
{
  int i;

  for (i = 0; i < GNUNET_CRYPTO_AES_KEY_LENGTH; i++)
  {
    printf ("%x ", (int) (key->key[i]));
  }
}

static int
testWeakKey ()
{
  char result[100];
  char res[100];
  int size;
  struct GNUNET_CRYPTO_AesSessionKey weak_key;
  struct GNUNET_CRYPTO_AesInitializationVector INITVALUE;

  memset (&INITVALUE, 42,
          sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
  /* sorry, this is not a weak key -- I don't have
   * any at the moment! */
  weak_key.key[0] = (char) (0x4c);
  weak_key.key[1] = (char) (0x31);
  weak_key.key[2] = (char) (0xc6);
  weak_key.key[3] = (char) (0x2b);
  weak_key.key[4] = (char) (0xc1);
  weak_key.key[5] = (char) (0x5f);
  weak_key.key[6] = (char) (0x4d);
  weak_key.key[7] = (char) (0x1f);
  weak_key.key[8] = (char) (0x31);
  weak_key.key[9] = (char) (0xaa);
  weak_key.key[10] = (char) (0x12);
  weak_key.key[11] = (char) (0x2e);
  weak_key.key[12] = (char) (0xb7);
  weak_key.key[13] = (char) (0x82);
  weak_key.key[14] = (char) (0xc0);
  weak_key.key[15] = (char) (0xb6);
  weak_key.key[16] = (char) (0x4d);
  weak_key.key[17] = (char) (0x1f);
  weak_key.key[18] = (char) (0x31);
  weak_key.key[19] = (char) (0xaa);
  weak_key.key[20] = (char) (0x4c);
  weak_key.key[21] = (char) (0x31);
  weak_key.key[22] = (char) (0xc6);
  weak_key.key[23] = (char) (0x2b);
  weak_key.key[24] = (char) (0xc1);
  weak_key.key[25] = (char) (0x5f);
  weak_key.key[26] = (char) (0x4d);
  weak_key.key[27] = (char) (0x1f);
  weak_key.key[28] = (char) (0x31);
  weak_key.key[29] = (char) (0xaa);
  weak_key.key[30] = (char) (0xaa);
  weak_key.key[31] = (char) (0xaa);
  /* memset(&weak_key, 0, 32); */
  weak_key.crc32 =
      htonl (GNUNET_CRYPTO_crc32_n (&weak_key, GNUNET_CRYPTO_AES_KEY_LENGTH));

  size =
      GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING,
                                 strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key,
                                 &INITVALUE, result);

  if (size == -1)
  {
    GNUNET_break (0);
    return 1;
  }

  size = GNUNET_CRYPTO_aes_decrypt (result, size, &weak_key, &INITVALUE, res);

  if ((strlen (WEAK_KEY_TESTSTRING) + 1) != size)
  {
    GNUNET_break (0);
    return 1;
  }
  if (0 != strcmp (res, WEAK_KEY_TESTSTRING))
  {
    GNUNET_break (0);
    return 1;
  }
  else
    return 0;
}

static int
getWeakKeys ()
{
  struct GNUNET_CRYPTO_AesSessionKey sessionkey;
  int number_of_weak_keys = 0;
  int number_of_runs;

  gcry_cipher_hd_t handle;
  int rc;

  for (number_of_runs = 0; number_of_runs < MAX_WEAK_KEY_TRIALS;
       number_of_runs++)
  {

    if (number_of_runs % 1000 == 0)
      FPRINTF (stderr, "%s",  ".");
    /*printf("Got to run number %d.\n", number_of_runs); */
    GNUNET_CRYPTO_aes_create_session_key (&sessionkey);

    rc = gcry_cipher_open (&handle, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CFB,
                           0);

    if (rc)
    {
      printf ("testweakkey: gcry_cipher_open failed on trial %d. %s\n",
              number_of_runs, gcry_strerror (rc));
      continue;
    }

    rc = gcry_cipher_setkey (handle, &sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);

    if ((char) rc == GPG_ERR_WEAK_KEY)
    {
      printf ("\nWeak key (in hex): ");
      printWeakKey (&sessionkey);
      printf ("\n");
      number_of_weak_keys++;
    }
    else if (rc)
    {
      printf ("\nUnexpected error generating keys. Error is %s\n",
              gcry_strerror (rc));
    }

    gcry_cipher_close (handle);

  }

  return number_of_weak_keys;
}

int
main (int argc, char *argv[])
{
  int weak_keys;

  GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL);
  GNUNET_CRYPTO_random_disable_entropy_gathering ();
  if (GENERATE_WEAK_KEYS)
  {
    weak_keys = getWeakKeys ();

    if (weak_keys == 0)
    {
      printf ("\nNo weak keys found in %d runs.\n", MAX_WEAK_KEY_TRIALS);
    }
    else
    {
      printf ("\n%d weak keys found in %d runs.\n", weak_keys,
              MAX_WEAK_KEY_TRIALS);
    }
  }

  if (testWeakKey () != 0)
    return -1;
  return 0;
}

/* end of weakkeytest.c */