2014-09-24 17:40:21 -04:00
|
|
|
/*
|
|
|
|
|
* GraxRabble
|
|
|
|
|
* Demo programs for libsodium.
|
|
|
|
|
*/
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
2015-05-27 07:02:56 -04:00
|
|
|
#include <sodium.h> /* library header */
|
2014-09-24 17:40:21 -04:00
|
|
|
|
2015-05-27 09:47:49 -04:00
|
|
|
#include "utils.h" /* utility functions shared by demos */
|
2014-09-24 17:40:21 -04:00
|
|
|
|
|
|
|
|
/*
|
2015-05-27 10:34:06 -04:00
|
|
|
* This operation computes an authentication tag for a message and a
|
|
|
|
|
* secret key, and provides a way to verify that a given tag is valid
|
|
|
|
|
* for a given message and a key.
|
|
|
|
|
*
|
|
|
|
|
* The function computing the tag deterministic: the same (message,
|
|
|
|
|
* key) tuple will always produce the same output.
|
|
|
|
|
*
|
|
|
|
|
* However, even if the message is public, knowing the key is
|
|
|
|
|
* required in order to be able to compute a valid tag. Therefore,
|
|
|
|
|
* the key should remain confidential. The tag, however, can be
|
|
|
|
|
* public.
|
|
|
|
|
*
|
|
|
|
|
* A typical use case is:
|
|
|
|
|
*
|
|
|
|
|
* - A prepares a message, add an authentication tag, sends it to B
|
|
|
|
|
* - A doesn't store the message
|
|
|
|
|
* - Later on, B sends the message and the authentication tag to A
|
|
|
|
|
* - A uses the authentication tag to verify that it created this message.
|
|
|
|
|
*
|
|
|
|
|
* This operation does not encrypt the message. It only computes and
|
|
|
|
|
* verifies an authentication tag.
|
2014-09-24 17:40:21 -04:00
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
auth(void)
|
|
|
|
|
{
|
2015-05-27 10:29:57 -04:00
|
|
|
unsigned char key[crypto_auth_KEYBYTES];
|
|
|
|
|
unsigned char mac[crypto_auth_BYTES];
|
|
|
|
|
unsigned char message[MAX_INPUT_SIZE];
|
|
|
|
|
size_t message_len;
|
|
|
|
|
int ret;
|
2014-09-24 17:40:21 -04:00
|
|
|
|
|
|
|
|
puts("Example: crypto_auth\n");
|
2015-05-27 07:02:56 -04:00
|
|
|
|
2015-05-27 10:29:57 -04:00
|
|
|
memset(key, 0, sizeof key);
|
|
|
|
|
prompt_input("Enter a key > ", (char*)key, sizeof key);
|
|
|
|
|
puts("Complete key:");
|
|
|
|
|
print_hex(key, sizeof key);
|
2014-09-24 19:39:35 -04:00
|
|
|
putchar('\n');
|
|
|
|
|
|
2015-05-27 10:29:57 -04:00
|
|
|
message_len = prompt_input("Enter a message > ",
|
|
|
|
|
(char*)message, sizeof message);
|
2014-09-24 17:40:21 -04:00
|
|
|
putchar('\n');
|
|
|
|
|
|
|
|
|
|
printf("Generating %s authentication...\n", crypto_auth_primitive());
|
2015-05-27 10:29:57 -04:00
|
|
|
crypto_auth(mac, message, message_len, key);
|
2014-09-24 17:40:21 -04:00
|
|
|
|
2015-05-27 10:57:51 -04:00
|
|
|
fputs("Authentication tag: ", stdout);
|
2015-05-27 10:29:57 -04:00
|
|
|
print_hex(mac, sizeof mac);
|
2014-09-24 17:40:21 -04:00
|
|
|
putchar('\n');
|
|
|
|
|
|
2015-05-27 10:29:57 -04:00
|
|
|
puts("Verifying authentication tag...");
|
|
|
|
|
ret = crypto_auth_verify(mac, message, message_len, key);
|
|
|
|
|
print_verification(ret);
|
2014-09-24 17:40:21 -04:00
|
|
|
|
2015-05-27 10:29:57 -04:00
|
|
|
sodium_memzero(key, sizeof key); /* wipe sensitive data */
|
|
|
|
|
|
|
|
|
|
return ret;
|
2014-09-24 17:40:21 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
2015-05-27 06:41:43 -04:00
|
|
|
main(void)
|
2014-09-24 17:40:21 -04:00
|
|
|
{
|
2015-05-27 10:10:07 -04:00
|
|
|
init();
|
2014-09-24 17:40:21 -04:00
|
|
|
|
2015-05-27 06:41:43 -04:00
|
|
|
return auth() != 0;
|
2014-09-24 17:40:21 -04:00
|
|
|
}
|
