1 #ifdef HAVE_CONFIG_H
2 #include "config.h"
3 #endif
4
5 #include <stdint.h>
6 #include <stdlib.h>
7 #include <string.h>
8 #include <sys/types.h>
9
10 #ifdef VANILLA_NACL
11 #include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h"
12 #else
13 #include <sodium.h>
14 #endif
15
16 #include "../testing/misc_tools.h"
17 #include "../toxcore/ccompat.h"
18 #include "../toxcore/crypto_core.h"
19 #include "../toxcore/tox.h"
20 #include "../toxencryptsave/toxencryptsave.h"
21 #include "check_compat.h"
22
23 static unsigned char test_salt[TOX_PASS_SALT_LENGTH] = {0xB1, 0xC2, 0x09, 0xEE, 0x50, 0x6C, 0xF0, 0x20, 0xC4, 0xD6, 0xEB, 0xC0, 0x44, 0x51, 0x3B, 0x60, 0x4B, 0x39, 0x4A, 0xCF, 0x09, 0x53, 0x4F, 0xEA, 0x08, 0x41, 0xFA, 0xCA, 0x66, 0xD2, 0x68, 0x7F};
24 static unsigned char known_key[TOX_PASS_KEY_LENGTH] = {0x29, 0x36, 0x1c, 0x9e, 0x65, 0xbb, 0x46, 0x8b, 0xde, 0xa1, 0xac, 0xf, 0xd5, 0x11, 0x81, 0xc8, 0x29, 0x28, 0x17, 0x23, 0xa6, 0xc3, 0x6b, 0x77, 0x2e, 0xd7, 0xd3, 0x10, 0xeb, 0xd2, 0xf7, 0xc8};
25 static const char *pw = "hunter2";
26 static unsigned int pwlen = 7;
27
28 static unsigned char known_key2[CRYPTO_SHARED_KEY_SIZE] = {0x7a, 0xfa, 0x95, 0x45, 0x36, 0x8a, 0xa2, 0x5c, 0x40, 0xfd, 0xc0, 0xe2, 0x35, 0x8, 0x7, 0x88, 0xfa, 0xf9, 0x37, 0x86, 0xeb, 0xff, 0x50, 0x4f, 0x3, 0xe2, 0xf6, 0xd9, 0xef, 0x9, 0x17, 0x1};
29 // same as above, except standard opslimit instead of extra ops limit for test_known_kdf, and hash pw before kdf for compat
30
31 /* cause I'm shameless */
accept_friend_request(Tox * m,const uint8_t * public_key,const uint8_t * data,size_t length,void * userdata)32 static void accept_friend_request(Tox *m, const uint8_t *public_key, const uint8_t *data, size_t length, void *userdata)
33 {
34 if (*((uint32_t *)userdata) != 974536) {
35 return;
36 }
37
38 if (length == 7 && memcmp("Gentoo", data, 7) == 0) {
39 tox_friend_add_norequest(m, public_key, nullptr);
40 }
41 }
42
test_known_kdf(void)43 static void test_known_kdf(void)
44 {
45 unsigned char out[CRYPTO_SHARED_KEY_SIZE];
46 int16_t res = crypto_pwhash_scryptsalsa208sha256(out,
47 CRYPTO_SHARED_KEY_SIZE,
48 pw,
49 pwlen,
50 test_salt,
51 crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 8,
52 crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE);
53 ck_assert_msg(res != -1, "crypto function failed");
54 ck_assert_msg(memcmp(out, known_key, CRYPTO_SHARED_KEY_SIZE) == 0, "derived key is wrong");
55 }
56
test_save_friend(void)57 static void test_save_friend(void)
58 {
59 Tox *tox1 = tox_new_log(nullptr, nullptr, nullptr);
60 Tox *tox2 = tox_new_log(nullptr, nullptr, nullptr);
61 ck_assert_msg(tox1 || tox2, "Failed to create 2 tox instances");
62 tox_callback_friend_request(tox2, accept_friend_request);
63 uint8_t address[TOX_ADDRESS_SIZE];
64 tox_self_get_address(tox2, address);
65 uint32_t test = tox_friend_add(tox1, address, (const uint8_t *)"Gentoo", 7, nullptr);
66 ck_assert_msg(test != UINT32_MAX, "Failed to add friend");
67
68 size_t size = tox_get_savedata_size(tox1);
69 VLA(uint8_t, data, size);
70 tox_get_savedata(tox1, data);
71 size_t size2 = size + TOX_PASS_ENCRYPTION_EXTRA_LENGTH;
72 VLA(uint8_t, enc_data, size2);
73 Tox_Err_Encryption error1;
74 bool ret = tox_pass_encrypt(data, size, (const uint8_t *)"correcthorsebatterystaple", 25, enc_data, &error1);
75 ck_assert_msg(ret, "failed to encrypted save: %d", error1);
76 ck_assert_msg(tox_is_data_encrypted(enc_data), "magic number missing");
77
78 struct Tox_Options *options = tox_options_new(nullptr);
79 ck_assert(options != nullptr);
80 tox_options_set_savedata_type(options, TOX_SAVEDATA_TYPE_TOX_SAVE);
81 tox_options_set_savedata_data(options, enc_data, size2);
82
83 Tox_Err_New err2;
84 Tox *tox3 = tox_new_log(options, &err2, nullptr);
85 ck_assert_msg(err2 == TOX_ERR_NEW_LOAD_ENCRYPTED, "wrong error! %d. should fail with %d", err2,
86 TOX_ERR_NEW_LOAD_ENCRYPTED);
87 ck_assert_msg(tox3 == nullptr, "tox_new with error should return NULL");
88 VLA(uint8_t, dec_data, size);
89 Tox_Err_Decryption err3;
90 ret = tox_pass_decrypt(enc_data, size2, (const uint8_t *)"correcthorsebatterystaple", 25, dec_data, &err3);
91 ck_assert_msg(ret, "failed to decrypt save: %d", err3);
92 tox_options_set_savedata_data(options, dec_data, size);
93 tox3 = tox_new_log(options, &err2, nullptr);
94 ck_assert_msg(err2 == TOX_ERR_NEW_OK, "failed to load from decrypted data: %d", err2);
95 uint8_t address2[TOX_PUBLIC_KEY_SIZE];
96 ret = tox_friend_get_public_key(tox3, 0, address2, nullptr);
97 ck_assert_msg(ret, "no friends!");
98 ck_assert_msg(memcmp(address, address2, TOX_PUBLIC_KEY_SIZE) == 0, "addresses don't match!");
99
100 size = tox_get_savedata_size(tox3);
101 VLA(uint8_t, data2, size);
102 tox_get_savedata(tox3, data2);
103 Tox_Err_Key_Derivation keyerr;
104 Tox_Pass_Key *key = tox_pass_key_derive((const uint8_t *)"123qweasdzxc", 12, &keyerr);
105 ck_assert_msg(key != nullptr, "pass key allocation failure");
106 memcpy((uint8_t *)key, test_salt, TOX_PASS_SALT_LENGTH);
107 memcpy((uint8_t *)key + TOX_PASS_SALT_LENGTH, known_key2, TOX_PASS_KEY_LENGTH);
108 size2 = size + TOX_PASS_ENCRYPTION_EXTRA_LENGTH;
109 VLA(uint8_t, encdata2, size2);
110 ret = tox_pass_key_encrypt(key, data2, size, encdata2, &error1);
111 ck_assert_msg(ret, "failed to key encrypt %d", error1);
112 ck_assert_msg(tox_is_data_encrypted(encdata2), "magic number the second missing");
113
114 VLA(uint8_t, out1, size);
115 VLA(uint8_t, out2, size);
116 ret = tox_pass_decrypt(encdata2, size2, (const uint8_t *)pw, pwlen, out1, &err3);
117 ck_assert_msg(ret, "failed to pw decrypt %d", err3);
118 ret = tox_pass_key_decrypt(key, encdata2, size2, out2, &err3);
119 ck_assert_msg(ret, "failed to key decrypt %d", err3);
120 ck_assert_msg(memcmp(out1, out2, size) == 0, "differing output data");
121
122 // and now with the code in use (I only bothered with manually to debug this, and it seems a waste
123 // to remove the manual check now that it's there)
124 tox_options_set_savedata_data(options, out1, size);
125 Tox *tox4 = tox_new_log(options, &err2, nullptr);
126 ck_assert_msg(err2 == TOX_ERR_NEW_OK, "failed to new the third");
127 uint8_t address5[TOX_PUBLIC_KEY_SIZE];
128 ret = tox_friend_get_public_key(tox4, 0, address5, nullptr);
129 ck_assert_msg(ret, "no friends! the third");
130 ck_assert_msg(memcmp(address, address2, TOX_PUBLIC_KEY_SIZE) == 0, "addresses don't match! the third");
131
132 tox_pass_key_free(key);
133 tox_options_free(options);
134
135 tox_kill(tox1);
136 tox_kill(tox2);
137 tox_kill(tox3);
138 tox_kill(tox4);
139 }
140
test_keys(void)141 static void test_keys(void)
142 {
143 Tox_Err_Encryption encerr;
144 Tox_Err_Decryption decerr;
145 Tox_Err_Key_Derivation keyerr;
146 const uint8_t *key_char = (const uint8_t *)"123qweasdzxc";
147 Tox_Pass_Key *key = tox_pass_key_derive(key_char, 12, &keyerr);
148 ck_assert_msg(key != nullptr, "generic failure 1: %d", keyerr);
149 const uint8_t *string = (const uint8_t *)"No Patrick, mayonnaise is not an instrument."; // 44
150
151 uint8_t encrypted[44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH];
152 bool ret = tox_pass_key_encrypt(key, string, 44, encrypted, &encerr);
153 ck_assert_msg(ret, "generic failure 2: %d", encerr);
154
155 // Testing how tox handles encryption of large messages.
156 int size_large = 30 * 1024 * 1024;
157 int ciphertext_length2a = size_large + TOX_PASS_ENCRYPTION_EXTRA_LENGTH;
158 int plaintext_length2a = size_large;
159 uint8_t *encrypted2a = (uint8_t *)malloc(ciphertext_length2a);
160 uint8_t *in_plaintext2a = (uint8_t *)malloc(plaintext_length2a);
161 ret = tox_pass_encrypt(in_plaintext2a, plaintext_length2a, key_char, 12, encrypted2a, &encerr);
162 ck_assert_msg(ret, "tox_pass_encrypt failure 2a: %d", encerr);
163
164 // Decryption of same message.
165 uint8_t *out_plaintext2a = (uint8_t *) malloc(plaintext_length2a);
166 ret = tox_pass_decrypt(encrypted2a, ciphertext_length2a, key_char, 12, out_plaintext2a, &decerr);
167 ck_assert_msg(ret, "tox_pass_decrypt failure 2a: %d", decerr);
168 ck_assert_msg(memcmp(in_plaintext2a, out_plaintext2a, plaintext_length2a) == 0, "Large message decryption failed");
169 free(encrypted2a);
170 free(in_plaintext2a);
171 free(out_plaintext2a);
172
173
174 uint8_t encrypted2[44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH];
175 ret = tox_pass_encrypt(string, 44, key_char, 12, encrypted2, &encerr);
176 ck_assert_msg(ret, "generic failure 3: %d", encerr);
177
178 uint8_t out1[44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH];
179 uint8_t out2[44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH];
180
181 ret = tox_pass_key_decrypt(key, encrypted, 44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH, out1, &decerr);
182 ck_assert_msg(ret, "generic failure 4: %d", decerr);
183 ck_assert_msg(memcmp(out1, string, 44) == 0, "decryption 1 failed");
184
185 ret = tox_pass_decrypt(encrypted2, 44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH, (const uint8_t *)"123qweasdzxc", 12, out2,
186 &decerr);
187 ck_assert_msg(ret, "generic failure 5: %d", decerr);
188 ck_assert_msg(memcmp(out2, string, 44) == 0, "decryption 2 failed");
189
190 ret = tox_pass_decrypt(encrypted2, 44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH, nullptr, 0, out2, &decerr);
191 ck_assert_msg(!ret, "Decrypt succeeded with wrong pass");
192 ck_assert_msg(decerr != TOX_ERR_DECRYPTION_FAILED, "Bad error code %d", decerr);
193
194 // test that pass_decrypt can decrypt things from pass_key_encrypt
195 ret = tox_pass_decrypt(encrypted, 44 + TOX_PASS_ENCRYPTION_EXTRA_LENGTH, (const uint8_t *)"123qweasdzxc", 12, out1,
196 &decerr);
197 ck_assert_msg(ret, "generic failure 6: %d", decerr);
198 ck_assert_msg(memcmp(out1, string, 44) == 0, "decryption 3 failed");
199
200 uint8_t salt[TOX_PASS_SALT_LENGTH];
201 Tox_Err_Get_Salt salt_err;
202 ck_assert_msg(tox_get_salt(encrypted, salt, &salt_err), "couldn't get salt");
203 ck_assert_msg(salt_err == TOX_ERR_GET_SALT_OK, "get_salt returned an error");
204 Tox_Pass_Key *key2 = tox_pass_key_derive_with_salt((const uint8_t *)"123qweasdzxc", 12, salt, &keyerr);
205 ck_assert_msg(key2 != nullptr, "generic failure 7: %d", keyerr);
206 ck_assert_msg(0 == memcmp(key, key2, TOX_PASS_KEY_LENGTH + TOX_PASS_SALT_LENGTH), "salt comparison failed");
207 tox_pass_key_free(key2);
208 tox_pass_key_free(key);
209 }
210
main(void)211 int main(void)
212 {
213 setvbuf(stdout, nullptr, _IONBF, 0);
214 test_known_kdf();
215 test_save_friend();
216 test_keys();
217
218 return 0;
219 }
220