func TestReflection(t *testing.T) { alice := "*****@*****.**" aliceUID, err := uid.Create(alice, false, "", "", uid.Strict, hashchain.TestEntry, cipher.RandReader) if err != nil { t.Fatal(err) } bob := "*****@*****.**" bobUID, err := uid.Create(bob, false, "", "", uid.Strict, hashchain.TestEntry, cipher.RandReader) if err != nil { t.Fatal(err) } var encMsg bytes.Buffer aliceKeyStore := memstore.New() aliceKeyStore.AddPublicKeyEntry(bob, bobUID.PubKey()) // duplicate key encryptArgs := &EncryptArgs{ Writer: &encMsg, From: aliceUID, To: bobUID, SenderLastKeychainHash: hashchain.TestEntry, Reader: bytes.NewBufferString(msgs.Message1), Rand: cipher.RandReader, KeyStore: aliceKeyStore, } if _, err = Encrypt(encryptArgs); err != ErrReflection { t.Error("should fail with ErrReflection") } }
func encrypt(sign bool, flipUIDs bool) ( sender, recipient *uid.Message, w bytes.Buffer, recipientTemp *uid.KeyEntry, privateKey string, err error, ) { sender, err = uid.Create("*****@*****.**", false, "", "", uid.Strict, hashchain.TestEntry, cipher.RandReader) if err != nil { return } recipient, err = uid.Create("*****@*****.**", false, "", "", uid.Strict, hashchain.TestEntry, cipher.RandReader) if err != nil { return } if flipUIDs { sender, recipient = recipient, sender } r := bytes.NewBufferString(msgs.Message1) now := uint64(times.Now()) recipientKI, _, privateKey, err := recipient.KeyInit(1, now+times.Day, now-times.Day, false, "mute.berlin", "", "", cipher.RandReader) if err != nil { return } recipientTemp, err = recipientKI.KeyEntryECDHE25519(recipient.SigPubKey()) if err != nil { return } // encrypt var privateSigKey *[64]byte if sign { privateSigKey = sender.PrivateSigKey64() } ms := memstore.New() ms.AddPublicKeyEntry(recipient.Identity(), recipientTemp) args := &EncryptArgs{ Writer: &w, From: sender, To: recipient, SenderLastKeychainHash: hashchain.TestEntry, PrivateSigKey: privateSigKey, Reader: r, Rand: cipher.RandReader, KeyStore: ms, } if _, err = Encrypt(args); err != nil { return } return }
func decrypt(sender, recipient *uid.Message, r io.Reader, recipientTemp *uid.KeyEntry, privateKey string, sign bool, chkMsg bool) error { // decrypt var res bytes.Buffer identities := []*uid.Message{recipient} input := base64.NewDecoder(r) version, preHeader, err := ReadFirstOuterHeader(input) if err != nil { return err } if version != Version { return errors.New("wrong version") } ms := memstore.New() if err := recipientTemp.SetPrivateKey(privateKey); err != nil { return err } ms.AddPrivateKeyEntry(recipientTemp) args := &DecryptArgs{ Writer: &res, Identities: identities, PreHeader: preHeader, Reader: input, Rand: cipher.RandReader, KeyStore: ms, } _, sig, err := Decrypt(args) if err != nil { return err } // do not compare messages when fuzzing, because messages have to be different! if chkMsg && res.String() != msgs.Message1 { return errors.New("messages differ") } if sign { contentHash := cipher.SHA512(res.Bytes()) decSig, err := base64.Decode(sig) if err != nil { return err } if len(decSig) != ed25519.SignatureSize { return errors.New("signature has wrong length") } var sigBuf [ed25519.SignatureSize]byte copy(sigBuf[:], decSig) if !ed25519.Verify(sender.PublicSigKey32(), contentHash, &sigBuf) { return errors.New("signature verification failed") } } return nil }
func TestMaxMessageLength(t *testing.T) { alice := "*****@*****.**" aliceUID, err := uid.Create(alice, false, "", "", uid.Strict, hashchain.TestEntry, cipher.RandReader) if err != nil { t.Fatal(err) } bob := "*****@*****.**" bobUID, err := uid.Create(bob, false, "", "", uid.Strict, hashchain.TestEntry, cipher.RandReader) if err != nil { t.Fatal(err) } now := uint64(times.Now()) bobKI, _, privateKey, err := bobUID.KeyInit(1, now+times.Day, now-times.Day, false, "mute.berlin", "", "", cipher.RandReader) if err != nil { t.Fatal(err) } bobKE, err := bobKI.KeyEntryECDHE25519(bobUID.SigPubKey()) if err != nil { t.Fatal(err) } // create large message message, err := padding.Generate(MaxContentLength, cipher.RandReader) if err != nil { t.Fatal(err) } // encrypt message from Alice to Bob var encMsg bytes.Buffer aliceKeyStore := memstore.New() aliceKeyStore.AddPublicKeyEntry(bob, bobKE) encryptArgs := &EncryptArgs{ Writer: &encMsg, From: aliceUID, To: bobUID, SenderLastKeychainHash: hashchain.TestEntry, PrivateSigKey: aliceUID.PrivateSigKey64(), Reader: bytes.NewBuffer(message), Rand: cipher.RandReader, KeyStore: aliceKeyStore, } if _, err = Encrypt(encryptArgs); err != nil { t.Fatal(err) } // decrypt message from Alice to Bob var res bytes.Buffer bobIdentities := []*uid.Message{bobUID} input := base64.NewDecoder(&encMsg) version, preHeader, err := ReadFirstOuterHeader(input) if err != nil { t.Fatal(err) } if version != Version { t.Fatal("wrong version") } bobKeyStore := memstore.New() if err := bobKE.SetPrivateKey(privateKey); err != nil { t.Fatal(err) } bobKeyStore.AddPrivateKeyEntry(bobKE) decryptArgs := &DecryptArgs{ Writer: &res, Identities: bobIdentities, PreHeader: preHeader, Reader: input, Rand: cipher.RandReader, KeyStore: bobKeyStore, } _, _, err = Decrypt(decryptArgs) if err != nil { t.Fatal(err) } if res.String() != string(message) { t.Fatal("messages differ") } }
func TestGenerateMessageKeys(t *testing.T) { defer log.Flush() rk, err := base64.Decode("CH9NjvU/usWcT0vNgiiUHNt9UFgWKneEPRgN0HIvlP0=") if err != nil { t.Fatal(err) } ssp, err := base64.Decode("XRzQmXbf1TRTMVOpU9354Vx8mR32im0gK3IzzVPI/JE=") if err != nil { t.Fatal(err) } rp, err := base64.Decode("y2mzWFL3I16rkNPeMFleX/6a8Ynx93L8oirS4uSYTPo=") if err != nil { t.Fatal(err) } var rootKey [32]byte var senderSessionPub [32]byte var recipientPub [32]byte copy(rootKey[:], rk) copy(senderSessionPub[:], ssp) copy(recipientPub[:], rp) a := "*****@*****.**" b := "*****@*****.**" ms1 := memstore.New() senderSessionKey := session.CalcKey("sender", "recipient", base64.Encode(cipher.SHA512(senderSessionPub[:])), base64.Encode(cipher.SHA512(recipientPub[:]))) recipientSessionKey := session.CalcKey("recipient", "sender", base64.Encode(cipher.SHA512(recipientPub[:])), base64.Encode(cipher.SHA512(senderSessionPub[:]))) err = generateMessageKeys(a, b, "sender", "recipient", &rootKey, false, &senderSessionPub, &recipientPub, NumOfFutureKeys, ms1) if err != nil { t.Fatal(err) } rootKeyHash, err := ms1.GetRootKeyHash(senderSessionKey) if err != nil { t.Fatal(err) } b64 := base64.Encode(rootKeyHash[:]) if b64 != "KJgsEto4kssCEBJAgGJTt2fJ6/FJqMupevapOwtkdgjF0z0VNI8Zzv15hwRVfZPGrGtgc5AGaeZiyao2wZLE2Q==" { t.Errorf("wrong rootKeyHash: %s", b64) } key, err := ms1.GetMessageKey(senderSessionKey, true, 0) if err != nil { t.Fatal(err) } b64 = base64.Encode(key[:]) if b64 != "1EaJ70EOJ1tEYEksbmv1FOgmG+SB0A0LMcx4gp687NdrEmeb/T04GYneFw9hAenUGsgkOjGtySLIL36xqQlgmw==" { t.Errorf("wrong message key (sender, 0): %s", b64) } key, err = ms1.GetMessageKey(senderSessionKey, false, 0) if err != nil { t.Fatal(err) } b64 = base64.Encode(key[:]) if b64 != "o5K0K5cKuWEAMX6g1Cbv2yrcddg2eoB7PhJjtECO1IQsVbNkTf/FqiW4X2/Tmy6XbXhEoysdYPJL4bokoINvsA==" { t.Errorf("wrong message key (recipient, 0): %s", b64) } key, err = ms1.GetMessageKey(senderSessionKey, true, 49) if err != nil { t.Fatal(err) } b64 = base64.Encode(key[:]) if b64 != "r1TwPGq7WF5ysN2ZFyX4ZmnnNxMzH3hAAOfWew8mIND7BqFPSY01H/A7U48awcOwFd9pCnVXd5yc5W0TYvON/Q==" { t.Errorf("wrong message key (sender, 49): %s", b64) } key, err = ms1.GetMessageKey(senderSessionKey, false, 49) if err != nil { t.Fatal(err) } b64 = base64.Encode(key[:]) if b64 != "d45Eic1g95nDrSncvo4FML/zha9lHtnDO/9kDyARQP3AgguhXD1bjw+/ep8MkI91qjAlnmHcsxVOAEEMbecmaQ==" { t.Errorf("wrong message key (recipient, 49): %s", b64) } // generate additional keys from chainKey chainKey, err := ms1.GetChainKey(senderSessionKey) if err != nil { t.Fatal(err) } err = generateMessageKeys(a, b, "sender", "recipient", chainKey, false, &senderSessionPub, &recipientPub, NumOfFutureKeys, ms1) if err != nil { t.Fatal(err) } // generate all keys at the same time ms2 := memstore.New() copy(rootKey[:], rk) err = generateMessageKeys(a, b, "sender", "recipient", &rootKey, true, &senderSessionPub, &recipientPub, 2*NumOfFutureKeys, ms2) if err != nil { t.Fatal(err) } n1, err := ms1.NumMessageKeys(senderSessionKey) if err != nil { t.Fatal(err) } n2, err := ms2.NumMessageKeys(recipientSessionKey) if err != nil { t.Fatal(err) } if n1 != n2 { t.Error("number of message keys differ") } // compare keys k1, err := ms1.GetMessageKey(senderSessionKey, true, NumOfFutureKeys-1) if err != nil { t.Fatal(err) } k2, err := ms2.GetMessageKey(recipientSessionKey, false, NumOfFutureKeys-1) if err != nil { t.Fatal(err) } if !bytes.Equal(k1[:], k2[:]) { t.Error("keys differ") } k1, err = ms1.GetMessageKey(senderSessionKey, true, 2*NumOfFutureKeys-1) if err != nil { t.Fatal(err) } k2, err = ms2.GetMessageKey(recipientSessionKey, false, 2*NumOfFutureKeys-1) if err != nil { t.Fatal(err) } if !bytes.Equal(k1[:], k2[:]) { t.Error("keys differ") } }