diff options
| author | subtly <subtly@users.noreply.github.com> | 2014-10-18 11:11:36 +0800 |
|---|---|---|
| committer | subtly <subtly@users.noreply.github.com> | 2014-10-18 11:11:36 +0800 |
| commit | 224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081 (patch) | |
| tree | 708f68706b7df69857a2ff6558938ce8438aebd5 | |
| parent | 5693de0f139c90c12abb7a2d1fc88ccecef97018 (diff) | |
| download | dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.tar dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.tar.gz dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.tar.bz2 dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.tar.lz dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.tar.xz dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.tar.zst dexon-solidity-224f43bf81b5cf7e54b0bdf95cd87e2d46bdb081.zip | |
basic ecies class
| -rw-r--r-- | TestHelperCrypto.h | 2 | ||||
| -rw-r--r-- | crypto.cpp | 106 |
2 files changed, 31 insertions, 77 deletions
diff --git a/TestHelperCrypto.h b/TestHelperCrypto.h index 57e4e420..24104f11 100644 --- a/TestHelperCrypto.h +++ b/TestHelperCrypto.h @@ -21,8 +21,6 @@ #pragma once -//#include <ostream> - #pragma warning(push) #pragma warning(disable:4100 4244) #pragma GCC diagnostic push @@ -27,27 +27,38 @@ #include <libdevcore/Log.h> #include <libethereum/Transaction.h> #include <boost/test/unit_test.hpp> +#include <libdevcrypto/EC.h> +#include <libdevcrypto/ECIES.h> #include "TestHelperCrypto.h" using namespace std; using namespace dev; +using namespace dev::crypto; +using namespace CryptoPP; -namespace dev -{ -namespace crypto +BOOST_AUTO_TEST_SUITE(devcrypto) + +BOOST_AUTO_TEST_CASE(ecies) { + ECKeyPair k = ECKeyPair::create(); + + string message("Now is the time for all good men to come to the aide of humanity."); + bytes b = bytesConstRef(message).toBytes(); + ECIESEncryptor(&k).encrypt(b); -inline CryptoPP::AutoSeededRandomPool& PRNG() { - static CryptoPP::AutoSeededRandomPool prng; - return prng; -} + bytesConstRef br(&b); + bytes plain = ECIESDecryptor(&k).decrypt(br); + assert(plain == bytesConstRef(message).toBytes()); } -} - -using namespace CryptoPP; -BOOST_AUTO_TEST_SUITE(crypto) +BOOST_AUTO_TEST_CASE(ecdhe_aes128_ctr_sha3mac) +{ + // New connections require new ECDH keypairs + // Every new connection requires a new EC keypair + // Every new trust requires a new EC keypair + // All connections should share seed for PRF (or PRNG) for nonces +} BOOST_AUTO_TEST_CASE(cryptopp_ecies_message) { @@ -55,9 +66,7 @@ BOOST_AUTO_TEST_CASE(cryptopp_ecies_message) string const message("Now is the time for all good men to come to the aide of humanity."); - AutoSeededRandomPool prng; - - ECIES<ECP>::Decryptor localDecryptor(prng, ASN1::secp256r1()); + ECIES<ECP>::Decryptor localDecryptor(crypto::PRNG(), crypto::secp256k1()); SavePrivateKey(localDecryptor.GetPrivateKey()); ECIES<ECP>::Encryptor localEncryptor(localDecryptor); @@ -65,31 +74,31 @@ BOOST_AUTO_TEST_CASE(cryptopp_ecies_message) ECIES<ECP>::Decryptor futureDecryptor; LoadPrivateKey(futureDecryptor.AccessPrivateKey()); - futureDecryptor.GetPrivateKey().ThrowIfInvalid(prng, 3); + futureDecryptor.GetPrivateKey().ThrowIfInvalid(crypto::PRNG(), 3); ECIES<ECP>::Encryptor futureEncryptor; LoadPublicKey(futureEncryptor.AccessPublicKey()); - futureEncryptor.GetPublicKey().ThrowIfInvalid(prng, 3); + futureEncryptor.GetPublicKey().ThrowIfInvalid(crypto::PRNG(), 3); // encrypt/decrypt with local string cipherLocal; - StringSource ss1 (message, true, new PK_EncryptorFilter(prng, localEncryptor, new StringSink(cipherLocal) ) ); + StringSource ss1 (message, true, new PK_EncryptorFilter(crypto::PRNG(), localEncryptor, new StringSink(cipherLocal) ) ); string plainLocal; - StringSource ss2 (cipherLocal, true, new PK_DecryptorFilter(prng, localDecryptor, new StringSink(plainLocal) ) ); + StringSource ss2 (cipherLocal, true, new PK_DecryptorFilter(crypto::PRNG(), localDecryptor, new StringSink(plainLocal) ) ); // encrypt/decrypt with future string cipherFuture; - StringSource ss3 (message, true, new PK_EncryptorFilter(prng, futureEncryptor, new StringSink(cipherFuture) ) ); + StringSource ss3 (message, true, new PK_EncryptorFilter(crypto::PRNG(), futureEncryptor, new StringSink(cipherFuture) ) ); string plainFuture; - StringSource ss4 (cipherFuture, true, new PK_DecryptorFilter(prng, futureDecryptor, new StringSink(plainFuture) ) ); + StringSource ss4 (cipherFuture, true, new PK_DecryptorFilter(crypto::PRNG(), futureDecryptor, new StringSink(plainFuture) ) ); // decrypt local w/future string plainFutureFromLocal; - StringSource ss5 (cipherLocal, true, new PK_DecryptorFilter(prng, futureDecryptor, new StringSink(plainFutureFromLocal) ) ); + StringSource ss5 (cipherLocal, true, new PK_DecryptorFilter(crypto::PRNG(), futureDecryptor, new StringSink(plainFutureFromLocal) ) ); // decrypt future w/local string plainLocalFromFuture; - StringSource ss6 (cipherFuture, true, new PK_DecryptorFilter(prng, localDecryptor, new StringSink(plainLocalFromFuture) ) ); + StringSource ss6 (cipherFuture, true, new PK_DecryptorFilter(crypto::PRNG(), localDecryptor, new StringSink(plainLocalFromFuture) ) ); assert(plainLocal == message); @@ -173,60 +182,7 @@ BOOST_AUTO_TEST_CASE(cryptopp_aes128_cbc) cbcDecryption.ProcessData((byte*)&cipher[0], (byte*)&string192[0], cipher.size()); assert(string192 == plainOriginal); } - -BOOST_AUTO_TEST_CASE(cryptopp_ecdh_aes128_cbc_noauth) -{ - // ECDH gives 256-bit shared while aes uses 128-bits - // Use first 128-bits of shared secret as symmetric key - // IV is 0 - // New connections require new ECDH keypairs -} - -BOOST_AUTO_TEST_CASE(cryptopp_eth_fbba) -{ - // Initial Authentication: - // - // New/Known Peer: - // pubkeyL = knownR? ? myKnown : myECDH - // pubkeyR = knownR? ? theirKnown : theirECDH - // - // Initial message = hmac(k=sha3(shared-secret[128..255]), address(pubkeyL)) || ECIES encrypt(pubkeyR, pubkeyL) - // - // Key Exchange (this could occur after handshake messages): - // If peers do not know each other they will need to exchange public keys. - // - // Drop ECDH (this could occur after handshake messages): - // After authentication and/or key exchange, both sides generate shared key - // from their 'known' keys and use this to encrypt all future messages. - // - // v2: If one side doesn't trust the other then a single-use key maybe sent. - // This will need to be tracked for future connections; when non-trusting peer - // wants to trust the other, it can request that it's old, 'new', public key be - // accepted. And, if the peer *really* doesn't trust the other side, it can request - // that a new, 'new', public key be accepted. - // - // Handshake (all or nothing, padded): - // All Peers (except blacklisted): - // - // - // New Peer: - // - // - // Known Untrusted Peer: - // - // - // Known Trusted Peer: - // - // - // Blacklisted Peeer: - // Already dropped by now. - // - // - // MAC: - // ... -} - BOOST_AUTO_TEST_CASE(eth_keypairs) { cnote << "Testing Crypto..."; |