Google Git
Sign in
apache / incubator-milagro-crypto-c / 34e32ecfe655141271e23c57d03f2b414424c751 / . / test / test_wcc_bad_sender_key_ZZZ.c.in
blob: 82d70be72d714fd1d3b0361fe6a418faa52c1379 [file] [log] [blame]
/**
* @file test_wcc_random.c
* @author Samuele Andreoli
* @brief Test WCC with bad sender key
*
* LICENSE
*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/* Smoke test: Test WCC using the wrong sender key, i.e. a key generated from a different identity */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "utils.h"
#include "config_curve_ZZZ.h"
#include "randapi.h"
#if CURVE_SECURITY_ZZZ == 128
#include "wcc_ZZZ.h"
#elif CURVE_SECURITY_ZZZ == 192
#include "wcc192_ZZZ.h"
#elif CURVE_SECURITY_ZZZ == 256
#include "wcc256_ZZZ.h"
#endif
#if CURVE_SECURITY_ZZZ == 128
#define G2LEN 4*WCC_PFS_ZZZ
#elif CURVE_SECURITY_ZZZ == 192
#define G2LEN 8*WCC_PFS_ZZZ
#elif CURVE_SECURITY_ZZZ == 256
#define G2LEN 16*WCC_PFS_ZZZ
#endif
// #define DEBUG
int main()
{
int i,rtn;
// Master secret
char ms[WCC_PGS_ZZZ];
octet MS= {0,sizeof(ms),ms};
// Alice Sender key
char akeyG1[2*WCC_PFS_ZZZ+1];
octet AKeyG1= {0,sizeof(akeyG1), akeyG1};
// Eve Sender key
char ekeyG1[2*WCC_PFS_ZZZ+1];
octet EKeyG1= {0,sizeof(ekeyG1), ekeyG1};
// Bob Receiver key
char bkeyG2[G2LEN];
octet BKeyG2= {0,sizeof(bkeyG2), bkeyG2};
// Identities
char alice_id[256],bob_id[256],eve_id[256];
octet IdA= {0,sizeof(alice_id),alice_id};
octet IdB= {0,sizeof(bob_id),bob_id};
octet IdE= {0,sizeof(eve_id),eve_id};
// Hash of the identities
char hida[WCC_PFS_ZZZ], hidb[WCC_PFS_ZZZ], hide[WCC_PFS_ZZZ];
octet HIdA = {0,sizeof(hida),hida};
octet HIdB = {0,sizeof(hidb),hidb};
octet HIdE = {0,sizeof(hide),hide};
// Ephemeral and intermediate values
char x[WCC_PGS_ZZZ];
octet X= {0,sizeof(x),x};
char y[WCC_PGS_ZZZ];
octet Y= {0,sizeof(y),y};
char w[WCC_PGS_ZZZ];
octet W= {0,sizeof(w),w};
char pia[WCC_PGS_ZZZ];
octet PIA= {0,sizeof(pia),pia};
char pib[WCC_PGS_ZZZ];
octet PIB= {0,sizeof(pib),pib};
char pgg1[2*WCC_PFS_ZZZ+1];
octet PgG1= {0,sizeof(pgg1), pgg1};
char pag1[2*WCC_PFS_ZZZ+1];
octet PaG1= {0,sizeof(pag1), pag1};
char pbg2[G2LEN];
octet PbG2= {0,sizeof(pbg2), pbg2};
// Derived AES keys
char k1[AESKEY_ZZZ];
char k2[AESKEY_ZZZ];
octet K1= {0,sizeof(k1),k1};
octet K2= {0,sizeof(k2),k2};
// Zero octet
char zero[AESKEY_ZZZ];
octet ZERO= {0,sizeof(zero),zero};
for(i=0; i<AESKEY_ZZZ; i++)
{
ZERO.val[i]=0;
}
// non random seed value
char seed[32] = {0};
octet SEED = {sizeof(seed),sizeof(seed),seed};
for (i=0; i<32; i++) SEED.val[i]=i+1;
csprng RNG;
#ifdef DEBUG
printf("SEED 0x");
OCT_output(&SEED);
#endif
/* initialize random number generator */
CREATE_CSPRNG(&RNG,&SEED);
/* Generate master secret */
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS);
if (rtn != 0)
{
printf("TA WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("TA MASTER SECRET: ");
OCT_output(&MS);
#endif
/* Generate key material for Alice, Bob and Eve */
// Alice's ID
OCT_jstring(&IdA,"alice@milagro.com");
#ifdef DEBUG
printf("ALICE ID:");
OCT_output_string(&IdA);
printf("\n");
#endif
// Hash Alice's Id
HASH_ID(HASH_TYPE_ZZZ,&IdA,&HIdA);
// TA: Generate Alice's sender key
rtn = WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdA,&AKeyG1);
if (rtn != 0)
{
printf("TA WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdA,&AKeyG1) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("TA Alice's sender key: ");
OCT_output(&AKeyG1);
#endif
// Bob's ID
OCT_jstring(&IdB,"bob@milagro.com");
#ifdef DEBUG
printf("BOB ID:");
OCT_output_string(&IdB);
printf("\n");
#endif
// Hash Bob's Id
HASH_ID(HASH_TYPE_ZZZ,&IdB,&HIdB);
// TA: Generate Bob's receiver key
rtn = WCC_ZZZ_GET_G2_MULTIPLE(&MS,&HIdB,&BKeyG2);
if (rtn != 0)
{
printf("TA WCC_ZZZ_GET_G2_MULTIPLE(&MS,&HIdB,&BKeyG2) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("TA Bob's receiver key: ");
OCT_output(&BKeyG2);
#endif
// Eve's ID
OCT_jstring(&IdE,"eve@milagro.com");
#ifdef DEBUG
printf("EVE ID:");
OCT_output_string(&IdE);
printf("\n");
#endif
// Hash Eve's Id
HASH_ID(HASH_TYPE_ZZZ,&IdE,&HIdE);
// TA: Generate Eve's sender key
rtn = WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdE,&EKeyG1);
if (rtn != 0)
{
printf("TA WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdE,&EKeyG1) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("TA Eve's sender key: ");
OCT_output(&EKeyG1);
#endif
/* TEST RUN: Check that the protocol is working when using the right receiver key */
#ifdef DEBUG
printf("Control Run. Alice:\n");
#endif
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&X);
if (rtn != 0)
{
printf("Alice WCC_ZZZ_RANDOM_GENERATE(&RNG,&X) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Alice X: ");
OCT_output(&X);
printf("\n");
#endif
rtn = WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1);
if (rtn != 0)
{
printf("Alice WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Alice sends IdA and PaG1 to Bob\n\n");
printf("Alice IdA: ");
OCT_output_string(&IdA);
printf("\n");
printf("Alice PaG1: ");
OCT_output(&PaG1);
printf("\n");
#endif
#ifdef DEBUG
printf("Bob\n");
#endif
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&W);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_RANDOM_GENERATE(&RNG,&W) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob W: ");
OCT_output(&W);
printf("\n");
#endif
rtn = WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("PgG1: ");
OCT_output(&PgG1);
printf("\n");
#endif
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob Y: ");
OCT_output(&Y);
printf("\n");
#endif
rtn = WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob PaG1: ");
OCT_output(&PaG1);
printf("\n");
printf("Bob PbG2: ");
OCT_output(&PbG2);
printf("\n");
printf("Bob PgG1: ");
OCT_output(&PgG1);
printf("\n");
printf("Bob IdB: ");
OCT_output(&IdB);
printf("\n");
#endif
// pia = Hq(PaG1,PbG2,PgG1,IdB)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
// pib = Hq(PbG2,PaG1,PgG1,IdA)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);
#ifdef DEBUG
printf("Bob PIA: ");
OCT_output(&PIA);
printf("\n");
printf("Bob PIB: ");
OCT_output(&PIB);
printf("\n");
#endif
// Bob calculates AES Key
rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&BKeyG2,&IdA,&K2);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_RECEIVER_KEY() Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob AES Key: ");
OCT_output(&K2);
#endif
if (OCT_comp(&K2,&ZERO))
{
printf("Bob WCC_ZZZ_RECEIVER_KEY() Error: generated key is zero\n");
return 1;
}
#ifdef DEBUG
printf("Bob sends IdB, PbG2 and PgG1 to Alice\n\n");
printf("Bob IdB: ");
OCT_output_string(&IdB);
printf("\n");
printf("Bob PbG2: ");
OCT_output(&PbG2);
printf("\n");
printf("Bob PgG1: ");
OCT_output(&PgG1);
printf("\n");
#endif
#ifdef DEBUG
printf("Alice\n");
#endif
// pia = Hq(PaG1,PbG2,PgG1,IdB)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
// pib = Hq(PbG2,PaG1,PgG1,IdA)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);
#ifdef DEBUG
printf("Alice PIA: ");
OCT_output(&PIA);
printf("\n");
printf("Alice PIB: ");
OCT_output(&PIB);
printf("\n");
#endif
// Alice calculates AES Key
rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&AKeyG1,&IdB,&K1);
if (rtn != 0)
{
printf("Alice WCC_ZZZ_SENDER_KEY() Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Alice AES Key: ");
OCT_output(&K1);
#endif
if (OCT_comp(&K1,&ZERO))
{
printf("Alice WCC_ZZZ_SENDER_KEY() Error: generated key is zero\n");
return 1;
}
#ifdef DEBUG
printf("K1: 0x");
OCT_output(&K1);
printf("K2: 0x");
OCT_output(&K2);
#endif
if (!OCT_comp(&K1,&K2))
{
printf("FAILURE Control run keys do not match. OCT_comp(&K1,&K2)\n");
return 1;
}
/* BAD KEY RUN: Check that someone with the wrong sender key obtains a different session key */
#ifdef DEBUG
printf("Bad key run. Eve:\n");
#endif
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&X);
if (rtn != 0)
{
printf("Eve WCC_ZZZ_RANDOM_GENERATE(&RNG,&X) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Eve X: ");
OCT_output(&X);
printf("\n");
#endif
rtn = WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1);
if (rtn != 0)
{
printf("Eve WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Eve sends IdA and PaG1 to Bob\n\n");
printf("Eve IdA: ");
OCT_output_string(&IdA);
printf("\n");
printf("Eve PaG1: ");
OCT_output(&PaG1);
printf("\n");
#endif
#ifdef DEBUG
printf("Bob\n");
#endif
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&W);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_RANDOM_GENERATE(&RNG,&W) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob W: ");
OCT_output(&W);
printf("\n");
#endif
rtn = WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("PgG1: ");
OCT_output(&PgG1);
printf("\n");
#endif
rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob Y: ");
OCT_output(&Y);
printf("\n");
#endif
rtn = WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2) Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob PbG2: ");
OCT_output(&PbG2);
printf("\n");
#endif
// pia = Hq(PaG1,PbG2,PgG1,IdB)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
// pib = Hq(PbG2,PaG1,PgG1,IdA)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);
#ifdef DEBUG
printf("Bob PIA: ");
OCT_output(&PIA);
printf("\n");
printf("Bob PIB: ");
OCT_output(&PIB);
printf("\n");
#endif
// Bob calculates AES Key
rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&BKeyG2,&IdA,&K2);
if (rtn != 0)
{
printf("Bob WCC_ZZZ_RECEIVER_KEY() Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Bob AES Key: ");
OCT_output(&K2);
#endif
if (OCT_comp(&K2,&ZERO))
{
printf("Bob WCC_ZZZ_RECEIVER_KEY() Error: generated key is zero\n");
return 1;
}
#ifdef DEBUG
printf("Bob sends IdB, PbG2 and PgG1 to Alice\n\n");
printf("Bob IdB: ");
OCT_output_string(&IdB);
printf("\n");
printf("Bob PbG2: ");
OCT_output(&PbG2);
printf("\n");
printf("Bob PgG1: ");
OCT_output(&PgG1);
printf("\n");
#endif
#ifdef DEBUG
printf("Eve\n");
#endif
// pia = Hq(PaG1,PbG2,PgG1,IdB)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
// pib = Hq(PbG2,PaG1,PgG1,IdA)
WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);
#ifdef DEBUG
printf("Eve PIA: ");
OCT_output(&PIA);
printf("\n");
printf("Eve PIB: ");
OCT_output(&PIB);
printf("\n");
#endif
// Eve calculates AES Key. nb use wrong key EKeyG1
rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&EKeyG1,&IdB,&K1);
if (rtn != 0)
{
printf("Eve WCC_ZZZ_SENDER_KEY() Error %d\n", rtn);
return 1;
}
#ifdef DEBUG
printf("Eve AES Key: ");
OCT_output(&K1);
#endif
if (OCT_comp(&K1,&ZERO))
{
printf("Eve WCC_ZZZ_SENDER_KEY() Error: generated key is zero\n");
return 1;
}
#ifdef DEBUG
printf("K1: 0x");
OCT_output(&K1);
printf("K2: 0x");
OCT_output(&K2);
#endif
if (OCT_comp(&K1,&K2))
{
printf("FAILURE Bad key run keys match. OCT_comp(&K1,&K2)\n");
return 1;
}
KILL_CSPRNG(&RNG);
printf("SUCCESS! WCC BAD RECEIVER KEY TEST\n");
return 0;
}