Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. vpnc>
  3. devel
svn commit: vpnc r538 - /branches/vpnc-nortel/ /branches/vpnc-nortel/test/ /trunk/ /trunk/test/
vpnc at unix-ag
Dec 4, 2013, 5:40 AM
Post #1 of 1 (688 views)
Permalink
Author: Antonio Borneo
Date: Wed Dec 4 14:40:55 2013
New Revision: 538

Log:
test-crypto: move crypted data out of code

The test program embeds encrypted binary data, but the
encryption key is not made available from the original
developer.
Move the binary data out of the code, so later we can
replace it with data encrypted under our control.

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>

Added:
branches/vpnc-nortel/test/dec_data.bin
branches/vpnc-nortel/test/sig_data.bin
trunk/test/dec_data.bin
trunk/test/sig_data.bin
Modified:
branches/vpnc-nortel/Makefile
branches/vpnc-nortel/test-crypto.c
trunk/Makefile
trunk/test-crypto.c

Modified: branches/vpnc-nortel/Makefile
==============================================================================
--- branches/vpnc-nortel/Makefile (original)
+++ branches/vpnc-nortel/Makefile Wed Dec 4 14:40:55 2013
@@ -114,8 +114,8 @@
rm -rf vpnc-$*

test : all
- ./test-crypto test/cert.pem test/cert1.pem test/cert2.pem test/root.pem
- #./test-crypto test/cert.pem test/cert0.crt test/cert1.crt test/cert2.crt test/root.crt
+ ./test-crypto test/sig_data.bin test/dec_data.bin \
+ test/cert.pem test/cert1.pem test/cert2.pem test/root.pem

dist : VERSION vpnc.8 vpnc-$(RELEASE_VERSION).tar.gz


Modified: branches/vpnc-nortel/test-crypto.c
==============================================================================
--- branches/vpnc-nortel/test-crypto.c (original)
+++ branches/vpnc-nortel/test-crypto.c Wed Dec 4 14:40:55 2013
@@ -16,6 +16,7 @@
*/

#include <stdio.h>
+#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
@@ -25,55 +26,64 @@
#include <stdlib.h>
#include "crypto.h"

+static unsigned char *read_binfile(const char *filename, size_t *len)
+{
+ int fd, ret;
+ struct stat s;
+ unsigned char *b;
+
+ if (filename == NULL || len ==NULL)
+ return NULL;
+
+ fd = open(filename, O_RDONLY);
+ if (fd < 0) {
+ fprintf(stderr, "Error opening file %s\n", filename);
+ return NULL;
+ }
+
+ ret = fstat(fd, &s);
+ if (ret < 0) {
+ fprintf(stderr, "Error while stat() file %s\n", filename);
+ close(fd);
+ return NULL;
+ }
+ if (s.st_size == 0) {
+ fprintf(stderr, "Empty file %s\n", filename);
+ close(fd);
+ return NULL;
+ }
+
+ b = malloc(s.st_size);
+ if (b == NULL) {
+ fprintf(stderr, "Error allocating memory\n");
+ close(fd);
+ return NULL;
+ }
+
+ ret = read(fd, b, s.st_size);
+ if (ret != s.st_size) {
+ fprintf(stderr, "Error reading file %s\n", filename);
+ free(b);
+ close(fd);
+ return NULL;
+ }
+
+ close(fd);
+ *len = s.st_size;
+ return b;
+}
+
int main(int argc, char *argv[])
{
crypto_ctx *cctx;
crypto_error *error = NULL;
int i;
unsigned char *data;
- size_t size = 0;
- const unsigned char sig_data[] = {
- 0x30, 0x82, 0x04, 0xb5, 0x30, 0x82, 0x03, 0x9d, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x02,
- 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30,
- 0x81, 0x9f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
- 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x09, 0x42, 0x65, 0x72, 0x6b, 0x73, 0x68,
+ size_t size = 0, sig_len, dec_len;
+ unsigned char *sig_data, *dec_data;

- 0x69, 0x72, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4e, 0x65,
- 0x77, 0x62, 0x75, 0x72, 0x79, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e,
- 0x4d, 0x79, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x31, 0x11,
- 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x08, 0x54, 0x68, 0x65, 0x20, 0x55, 0x6e, 0x69,
-
- 0x74, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x12, 0x74, 0x65, 0x73, 0x74,
- 0x2e, 0x73, 0x6f, 0x6d, 0x65, 0x77, 0x68, 0x65, 0x72, 0x65, 0x2e, 0x6f, 0x72, 0x67, 0x31, 0x21,
- 0x30, 0x1f, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x12, 0x74,
- 0x65, 0x73, 0x74, 0x40, 0x73, 0x6f, 0x6d, 0x65, 0x77, 0x68, 0x65, 0x72, 0x65, 0x2e, 0x6f, 0x72,
-
- 0x67, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x39, 0x30, 0x34, 0x32, 0x38, 0x30, 0x32, 0x35, 0x30, 0x35,
- 0x32, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x34, 0x32, 0x36, 0x30, 0x32, 0x35, 0x30, 0x35, 0x32,
- 0x5a, 0x30, 0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
- 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x09, 0x42, 0x65, 0x72, 0x6b,
- };
- const unsigned char dec_data[] = {
- 0x7c, 0x2a, 0xe4, 0x60, 0x10, 0x9f, 0xab, 0xd6, 0x76, 0x7b, 0x9d, 0x16, 0xbb, 0xd3, 0x16, 0xa3,
- 0x61, 0x50, 0x56, 0x13, 0xe4, 0x61, 0x0e, 0x90, 0x71, 0x5c, 0x47, 0xae, 0x4a, 0xc2, 0x89, 0xf8,
- 0x47, 0x61, 0x4c, 0x3f, 0xd6, 0x11, 0x97, 0xb7, 0x0d, 0x84, 0x86, 0xdd, 0xe9, 0x6d, 0x3e, 0x89,
- 0xe0, 0x4f, 0x7a, 0x95, 0x3f, 0x6e, 0xe4, 0xcd, 0xb2, 0x80, 0x3e, 0x19, 0x3e, 0x97, 0x7c, 0xdf,
- 0xd5, 0xff, 0xcb, 0x90, 0xfb, 0x71, 0x9c, 0xef, 0xa1, 0xf6, 0x8c, 0x36, 0xb3, 0x1f, 0x63, 0x7f,
- 0x32, 0xf5, 0x00, 0x12, 0x5e, 0x13, 0x84, 0x88, 0xe3, 0x13, 0x1c, 0x11, 0x2d, 0x9a, 0xd7, 0xec,
- 0x51, 0x94, 0x20, 0x6e, 0x8f, 0x69, 0xdf, 0x07, 0xe9, 0x46, 0x3b, 0xd9, 0x1c, 0x0a, 0xc0, 0x60,
- 0x90, 0x3a, 0x9a, 0x18, 0xa8, 0x19, 0xc6, 0x78, 0xc9, 0xf3, 0x1a, 0xbb, 0xca, 0xa8, 0xb5, 0x05,
- 0x6b, 0xa8, 0xfb, 0xeb, 0xdd, 0x19, 0x56, 0xc4, 0xfe, 0x7c, 0x84, 0xb1, 0xfd, 0x92, 0xbd, 0xe2,
- 0xb2, 0x94, 0x57, 0x3d, 0x03, 0x0a, 0xf1, 0xee, 0xca, 0xec, 0x8a, 0x0f, 0xb6, 0x23, 0x0b, 0x44,
- 0x14, 0x0d, 0xe0, 0xb1, 0x68, 0x38, 0x56, 0x7c, 0x66, 0x60, 0x8f, 0x54, 0x8b, 0x5c, 0x80, 0x37,
- 0x94, 0x27, 0x89, 0x47, 0x2c, 0x24, 0x45, 0x6b, 0x76, 0xdd, 0xfb, 0xf1, 0x31, 0xef, 0x7f, 0xa4,
- 0xba, 0x95, 0x4b, 0x91, 0x9c, 0x86, 0xa6, 0x48, 0xa2, 0x5a, 0x41, 0x64, 0x31, 0x14, 0x80, 0x6b,
- 0xb3, 0x0d, 0x46, 0x14, 0xb2, 0x61, 0x49, 0x81, 0xf5, 0x14, 0x2e, 0x1c, 0x3b, 0x7b, 0xc2, 0x23,
- 0x9d, 0x31, 0x66, 0x49, 0x56, 0x50, 0x69, 0x69, 0x5a, 0x5c, 0x82, 0x68, 0x96, 0x04, 0xc1, 0x76,
- 0x18, 0x19, 0x13, 0x95, 0xad, 0xbd, 0x5f, 0x96, 0x6d, 0xfe, 0xde, 0x65, 0x6a, 0x78, 0x47, 0x63,
- };
-
- if (argc < 4) {
- fprintf(stderr, "Need at least 3 arguments: <ca> <cert1> <server>\n");
+ if (argc < 6) {
+ fprintf(stderr, "Need at least 5 arguments: <sig> <dec> <ca> <cert1> <server>\n");
return 1;
}

@@ -84,7 +94,7 @@
}

/* Load certificates */
- for (i = 2; i < argc; i++) {
+ for (i = 4; i < argc; i++) {
data = crypto_read_cert(argv[i], &size, &error);
if (!data) {
fprintf(stderr, "Error reading cert %d: %s\n", i + 1, error->msg);
@@ -99,30 +109,50 @@
}

/* Verify the cert chain */
- if (crypto_verify_chain(cctx, argv[1], NULL, &error) != 0) {
+ if (crypto_verify_chain(cctx, argv[3], NULL, &error) != 0) {
fprintf(stderr, "Error verifying chain: %s\n", error && error->msg ? error->msg : "(none)");
return error->code;
}

/* Decrypt something using the public key of the server certificate */
+ sig_data = read_binfile(argv[1], &sig_len);
+ if (sig_data == NULL)
+ return 1;
+
+ dec_data = read_binfile(argv[2], &dec_len);
+ if (dec_data == NULL) {
+ free(sig_data);
+ return 1;
+ }
+
size = 0;
- data = crypto_decrypt_signature(cctx, &sig_data[0], sizeof(sig_data), &size, CRYPTO_PAD_NONE, &error);
+ data = crypto_decrypt_signature(cctx, &sig_data[0], sig_len, &size, CRYPTO_PAD_NONE, &error);
if (!data || !size) {
fprintf(stderr, "Error decrypting signature: %s\n", error && error->msg ? error->msg : "(none)");
+ free(dec_data);
+ free(sig_data);
return error->code;
}

- if (size != sizeof(dec_data)) {
+ if (size != dec_len) {
fprintf(stderr, "Error decrypting signature: unexpected "
- "decrypted size %zd (expected %zu)\n", size, sizeof(dec_data));
+ "decrypted size %zd (expected %zu)\n", size, dec_len);
+ free(dec_data);
+ free(sig_data);
+ free(data);
return 1;
}

- if (memcmp(data, dec_data, sizeof(dec_data))) {
+ if (memcmp(data, dec_data, dec_len)) {
fprintf(stderr, "Error decrypting signature: decrypted data did"
" not match expected decrypted data\n");
+ free(dec_data);
+ free(sig_data);
+ free(data);
return 1;
}
+ free(dec_data);
+ free(sig_data);
free(data);

fprintf(stdout, "Success\n");

Added: branches/vpnc-nortel/test/dec_data.bin
==============================================================================
--- branches/vpnc-nortel/test/dec_data.bin (added)
+++ branches/vpnc-nortel/test/dec_data.bin Wed Dec 4 14:40:55 2013
@@ -0,0 +1,3 @@
+|*ä`Ÿ«Öv{»Ó£aPVäaq\G®J‰øGaL?Ö—· „†Ýém>‰àOz•?näͲ€>>—|ßÕÿːûqœï¡öŒ6³c2õ+À`:š¨ÆxÉó»Ê¨µk¨ûëÝVÄþ|„±ý’½â²”W=
+ñîÊ슶# D à±h8V|f`T‹\€7”'‰G,$EkvÝûñ1鷺•K‘œ†¦H¢ZAd1€k³ F²aIõ.;{Â#1fIVPiiZ\‚h–Áv•­½_–mþÞejxGc

Added: branches/vpnc-nortel/test/sig_data.bin
==============================================================================
--- branches/vpnc-nortel/test/sig_data.bin (added)
+++ branches/vpnc-nortel/test/sig_data.bin Wed Dec 4 14:40:55 2013
@@ -0,0 +1,2 @@
+0‚µ0‚ 0  *†H†÷ +My Company Ltd10U The Unit10Utest.somewhere.org1!0 *†H†÷  test@somewhere.org0 090428025052Z 190426025052Z01 0 UUS10U Berk

Modified: trunk/Makefile
==============================================================================
--- trunk/Makefile (original)
+++ trunk/Makefile Wed Dec 4 14:40:55 2013
@@ -114,8 +114,8 @@
rm -rf vpnc-$*

test : all
- ./test-crypto test/cert.pem test/cert1.pem test/cert2.pem test/root.pem
- #./test-crypto test/cert.pem test/cert0.crt test/cert1.crt test/cert2.crt test/root.crt
+ ./test-crypto test/sig_data.bin test/dec_data.bin \
+ test/cert.pem test/cert1.pem test/cert2.pem test/root.pem

dist : VERSION vpnc.8 vpnc-$(RELEASE_VERSION).tar.gz


Modified: trunk/test-crypto.c
==============================================================================
--- trunk/test-crypto.c (original)
+++ trunk/test-crypto.c Wed Dec 4 14:40:55 2013
@@ -16,6 +16,7 @@
*/

#include <stdio.h>
+#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
@@ -25,55 +26,64 @@
#include <stdlib.h>
#include "crypto.h"

+static unsigned char *read_binfile(const char *filename, size_t *len)
+{
+ int fd, ret;
+ struct stat s;
+ unsigned char *b;
+
+ if (filename == NULL || len ==NULL)
+ return NULL;
+
+ fd = open(filename, O_RDONLY);
+ if (fd < 0) {
+ fprintf(stderr, "Error opening file %s\n", filename);
+ return NULL;
+ }
+
+ ret = fstat(fd, &s);
+ if (ret < 0) {
+ fprintf(stderr, "Error while stat() file %s\n", filename);
+ close(fd);
+ return NULL;
+ }
+ if (s.st_size == 0) {
+ fprintf(stderr, "Empty file %s\n", filename);
+ close(fd);
+ return NULL;
+ }
+
+ b = malloc(s.st_size);
+ if (b == NULL) {
+ fprintf(stderr, "Error allocating memory\n");
+ close(fd);
+ return NULL;
+ }
+
+ ret = read(fd, b, s.st_size);
+ if (ret != s.st_size) {
+ fprintf(stderr, "Error reading file %s\n", filename);
+ free(b);
+ close(fd);
+ return NULL;
+ }
+
+ close(fd);
+ *len = s.st_size;
+ return b;
+}
+
int main(int argc, char *argv[])
{
crypto_ctx *cctx;
crypto_error *error = NULL;
int i;
unsigned char *data;
- size_t size = 0;
- const unsigned char sig_data[] = {
- 0x30, 0x82, 0x04, 0xb5, 0x30, 0x82, 0x03, 0x9d, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x02,
- 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30,
- 0x81, 0x9f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
- 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x09, 0x42, 0x65, 0x72, 0x6b, 0x73, 0x68,
+ size_t size = 0, sig_len, dec_len;
+ unsigned char *sig_data, *dec_data;

- 0x69, 0x72, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4e, 0x65,
- 0x77, 0x62, 0x75, 0x72, 0x79, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e,
- 0x4d, 0x79, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x31, 0x11,
- 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x08, 0x54, 0x68, 0x65, 0x20, 0x55, 0x6e, 0x69,
-
- 0x74, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x12, 0x74, 0x65, 0x73, 0x74,
- 0x2e, 0x73, 0x6f, 0x6d, 0x65, 0x77, 0x68, 0x65, 0x72, 0x65, 0x2e, 0x6f, 0x72, 0x67, 0x31, 0x21,
- 0x30, 0x1f, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x12, 0x74,
- 0x65, 0x73, 0x74, 0x40, 0x73, 0x6f, 0x6d, 0x65, 0x77, 0x68, 0x65, 0x72, 0x65, 0x2e, 0x6f, 0x72,
-
- 0x67, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x39, 0x30, 0x34, 0x32, 0x38, 0x30, 0x32, 0x35, 0x30, 0x35,
- 0x32, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x34, 0x32, 0x36, 0x30, 0x32, 0x35, 0x30, 0x35, 0x32,
- 0x5a, 0x30, 0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
- 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x09, 0x42, 0x65, 0x72, 0x6b,
- };
- const unsigned char dec_data[] = {
- 0x7c, 0x2a, 0xe4, 0x60, 0x10, 0x9f, 0xab, 0xd6, 0x76, 0x7b, 0x9d, 0x16, 0xbb, 0xd3, 0x16, 0xa3,
- 0x61, 0x50, 0x56, 0x13, 0xe4, 0x61, 0x0e, 0x90, 0x71, 0x5c, 0x47, 0xae, 0x4a, 0xc2, 0x89, 0xf8,
- 0x47, 0x61, 0x4c, 0x3f, 0xd6, 0x11, 0x97, 0xb7, 0x0d, 0x84, 0x86, 0xdd, 0xe9, 0x6d, 0x3e, 0x89,
- 0xe0, 0x4f, 0x7a, 0x95, 0x3f, 0x6e, 0xe4, 0xcd, 0xb2, 0x80, 0x3e, 0x19, 0x3e, 0x97, 0x7c, 0xdf,
- 0xd5, 0xff, 0xcb, 0x90, 0xfb, 0x71, 0x9c, 0xef, 0xa1, 0xf6, 0x8c, 0x36, 0xb3, 0x1f, 0x63, 0x7f,
- 0x32, 0xf5, 0x00, 0x12, 0x5e, 0x13, 0x84, 0x88, 0xe3, 0x13, 0x1c, 0x11, 0x2d, 0x9a, 0xd7, 0xec,
- 0x51, 0x94, 0x20, 0x6e, 0x8f, 0x69, 0xdf, 0x07, 0xe9, 0x46, 0x3b, 0xd9, 0x1c, 0x0a, 0xc0, 0x60,
- 0x90, 0x3a, 0x9a, 0x18, 0xa8, 0x19, 0xc6, 0x78, 0xc9, 0xf3, 0x1a, 0xbb, 0xca, 0xa8, 0xb5, 0x05,
- 0x6b, 0xa8, 0xfb, 0xeb, 0xdd, 0x19, 0x56, 0xc4, 0xfe, 0x7c, 0x84, 0xb1, 0xfd, 0x92, 0xbd, 0xe2,
- 0xb2, 0x94, 0x57, 0x3d, 0x03, 0x0a, 0xf1, 0xee, 0xca, 0xec, 0x8a, 0x0f, 0xb6, 0x23, 0x0b, 0x44,
- 0x14, 0x0d, 0xe0, 0xb1, 0x68, 0x38, 0x56, 0x7c, 0x66, 0x60, 0x8f, 0x54, 0x8b, 0x5c, 0x80, 0x37,
- 0x94, 0x27, 0x89, 0x47, 0x2c, 0x24, 0x45, 0x6b, 0x76, 0xdd, 0xfb, 0xf1, 0x31, 0xef, 0x7f, 0xa4,
- 0xba, 0x95, 0x4b, 0x91, 0x9c, 0x86, 0xa6, 0x48, 0xa2, 0x5a, 0x41, 0x64, 0x31, 0x14, 0x80, 0x6b,
- 0xb3, 0x0d, 0x46, 0x14, 0xb2, 0x61, 0x49, 0x81, 0xf5, 0x14, 0x2e, 0x1c, 0x3b, 0x7b, 0xc2, 0x23,
- 0x9d, 0x31, 0x66, 0x49, 0x56, 0x50, 0x69, 0x69, 0x5a, 0x5c, 0x82, 0x68, 0x96, 0x04, 0xc1, 0x76,
- 0x18, 0x19, 0x13, 0x95, 0xad, 0xbd, 0x5f, 0x96, 0x6d, 0xfe, 0xde, 0x65, 0x6a, 0x78, 0x47, 0x63,
- };
-
- if (argc < 4) {
- fprintf(stderr, "Need at least 3 arguments: <ca> <cert1> <server>\n");
+ if (argc < 6) {
+ fprintf(stderr, "Need at least 5 arguments: <sig> <dec> <ca> <cert1> <server>\n");
return 1;
}

@@ -84,7 +94,7 @@
}

/* Load certificates */
- for (i = 2; i < argc; i++) {
+ for (i = 4; i < argc; i++) {
data = crypto_read_cert(argv[i], &size, &error);
if (!data) {
fprintf(stderr, "Error reading cert %d: %s\n", i + 1, error->msg);
@@ -99,30 +109,50 @@
}

/* Verify the cert chain */
- if (crypto_verify_chain(cctx, argv[1], NULL, &error) != 0) {
+ if (crypto_verify_chain(cctx, argv[3], NULL, &error) != 0) {
fprintf(stderr, "Error verifying chain: %s\n", error && error->msg ? error->msg : "(none)");
return error->code;
}

/* Decrypt something using the public key of the server certificate */
+ sig_data = read_binfile(argv[1], &sig_len);
+ if (sig_data == NULL)
+ return 1;
+
+ dec_data = read_binfile(argv[2], &dec_len);
+ if (dec_data == NULL) {
+ free(sig_data);
+ return 1;
+ }
+
size = 0;
- data = crypto_decrypt_signature(cctx, &sig_data[0], sizeof(sig_data), &size, CRYPTO_PAD_NONE, &error);
+ data = crypto_decrypt_signature(cctx, &sig_data[0], sig_len, &size, CRYPTO_PAD_NONE, &error);
if (!data || !size) {
fprintf(stderr, "Error decrypting signature: %s\n", error && error->msg ? error->msg : "(none)");
+ free(dec_data);
+ free(sig_data);
return error->code;
}

- if (size != sizeof(dec_data)) {
+ if (size != dec_len) {
fprintf(stderr, "Error decrypting signature: unexpected "
- "decrypted size %zd (expected %zu)\n", size, sizeof(dec_data));
+ "decrypted size %zd (expected %zu)\n", size, dec_len);
+ free(dec_data);
+ free(sig_data);
+ free(data);
return 1;
}

- if (memcmp(data, dec_data, sizeof(dec_data))) {
+ if (memcmp(data, dec_data, dec_len)) {
fprintf(stderr, "Error decrypting signature: decrypted data did"
" not match expected decrypted data\n");
+ free(dec_data);
+ free(sig_data);
+ free(data);
return 1;
}
+ free(dec_data);
+ free(sig_data);
free(data);

fprintf(stdout, "Success\n");

Added: trunk/test/dec_data.bin
==============================================================================
--- trunk/test/dec_data.bin (added)
+++ trunk/test/dec_data.bin Wed Dec 4 14:40:55 2013
@@ -0,0 +1,3 @@
+|*ä`Ÿ«Öv{»Ó£aPVäaq\G®J‰øGaL?Ö—· „†Ýém>‰àOz•?näͲ€>>—|ßÕÿːûqœï¡öŒ6³c2õ+À`:š¨ÆxÉó»Ê¨µk¨ûëÝVÄþ|„±ý’½â²”W=
+ñîÊ슶# D à±h8V|f`T‹\€7”'‰G,$EkvÝûñ1鷺•K‘œ†¦H¢ZAd1€k³ F²aIõ.;{Â#1fIVPiiZ\‚h–Áv•­½_–mþÞejxGc

Added: trunk/test/sig_data.bin
==============================================================================
--- trunk/test/sig_data.bin (added)
+++ trunk/test/sig_data.bin Wed Dec 4 14:40:55 2013
@@ -0,0 +1,2 @@
+0‚µ0‚ 0  *†H†÷ +My Company Ltd10U The Unit10Utest.somewhere.org1!0 *†H†÷  test@somewhere.org0 090428025052Z 190426025052Z01 0 UUS10U Berk

_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal