cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove the "examples" directory.

Browse Source 
It is very incomplete and hasn't been updated for a long time.

The idea was good, and this directory might be resurrected later.
But for now, better hide it than keep something unfinished around.
This commit is contained in:
Frank Denis 2016-04-04 23:54:34 +02:00
parent fce6852d64
commit df91dd1dd4
10 changed files with 0 additions and 749 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
examples/.gitignore vendored
View File

@ -1,7 +0,0 @@
auth
box
box_detached
generichash
generichash_stream
shorthash
sign

21
examples/Makefile
View File

@ -1,21 +0,0 @@
TARGETS = \
auth \
box \
box_detached \
generichash \
generichash_stream \
shorthash \
sign
SODIUM_CFLAGS != pkg-config --cflags libsodium
SODIUM_LIBS != pkg-config --libs libsodium
CFLAGS += $(SODIUM_CFLAGS)
LDFLAGS += $(SODIUM_LIBS)
all: $(TARGETS)
clean:
rm -f $(TARGETS)
distclean: clean

68
examples/auth.c
View File

@ -1,68 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* This operation computes an authentication tag for a message and a
* secret key, and provides a way to verify that a given tag is valid
* for a given message and a key.
*
* The function computing the tag deterministic: the same (message,
* key) tuple will always produce the same output.
*
* However, even if the message is public, knowing the key is
* required in order to be able to compute a valid tag. Therefore,
* the key should remain confidential. The tag, however, can be
* public.
*
* A typical use case is:
*
* - A prepares a message, add an authentication tag, sends it to B
* - A doesn't store the message
* - Later on, B sends the message and the authentication tag to A
* - A uses the authentication tag to verify that it created this message.
*
* This operation does not encrypt the message. It only computes and
* verifies an authentication tag.
*/
static int
auth(void)
{
unsigned char key[crypto_auth_KEYBYTES];
unsigned char mac[crypto_auth_BYTES];
unsigned char message[MAX_INPUT_LEN];
size_t message_len;
int ret;
puts("Example: crypto_auth\n");
prompt_input("a key", (char*)key, sizeof key, 0);
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
printf("Generating %s authentication...\n", crypto_auth_primitive());
crypto_auth(mac, message, message_len, key);
printf("Authentication tag: ");
print_hex(mac, sizeof mac);
puts("Verifying authentication tag...");
ret = crypto_auth_verify(mac, message, message_len, key);
print_verification(ret);
sodium_memzero(key, sizeof key); /* wipe sensitive data */
return ret;
}
int
main(void)
{
init();
return auth() != 0;
}

135
examples/box.c
View File

@ -1,135 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* Using public-key authenticated encryption, Bob can encrypt a
* confidential message specifically for Alice, using Alice's public
* key.
*
* Using Bob's public key, Alice can verify that the encrypted
* message was actually created by Bob and was not tampered with,
* before eventually decrypting it.
*
* Alice only needs Bob's public key, the nonce and the ciphertext.
* Bob should never ever share his secret key, even with Alice.
*
* And in order to send messages to Alice, Bob only needs Alice's
* public key. Alice should never ever share her secret key either,
* even with Bob.
*
* Alice can reply to Bob using the same system, without having to
* generate a distinct key pair.
*
* The nonce doesn't have to be confidential, but it should be used
* with just one invokation of crypto_box_open_easy() for a
* particular pair of public and secret keys.
*
* One easy way to generate a nonce is to use randombytes_buf(),
* considering the size of nonces the risk of any random collisions
* is negligible. For some applications, if you wish to use nonces to
* detect missing messages or to ignore replayed messages, it is also
* ok to use a simple incrementing counter as a nonce.
*
* When doing so you must ensure that the same value can never be
* re-used (for example you may have multiple threads or even hosts
* generating messages using the same key pairs).
*
* This system provides mutual authentication. However, a typical use
* case is to secure communications between a server, whose public
* key is known in advance, and clients connecting anonymously.
*/
static int
box(void)
{
unsigned char bob_pk[crypto_box_PUBLICKEYBYTES]; /* Bob's public key */
unsigned char bob_sk[crypto_box_SECRETKEYBYTES]; /* Bob's secret key */
unsigned char alice_pk[crypto_box_PUBLICKEYBYTES]; /* Alice's public key */
unsigned char alice_sk[crypto_box_SECRETKEYBYTES]; /* Alice's secret key */
unsigned char nonce[crypto_box_NONCEBYTES];
unsigned char message[MAX_INPUT_LEN];
unsigned char ciphertext[crypto_box_MACBYTES + MAX_INPUT_LEN];
size_t message_len;
size_t ciphertext_len;
int ret;
puts("Example: crypto_box_easy\n");
puts("Generating keypairs...\n");
crypto_box_keypair(bob_pk, bob_sk); /* generate Bob's keys */
crypto_box_keypair(alice_pk, alice_sk); /* generate Alice's keys */
puts("Bob");
printf("Public key: ");
print_hex(bob_pk, sizeof bob_pk);
printf("Secret key: ");
print_hex(bob_sk, sizeof bob_sk);
puts("Alice");
printf("Public key: ");
print_hex(alice_pk, sizeof alice_pk);
printf("Secret key: ");
print_hex(alice_sk, sizeof alice_sk);
/* nonce must be unique per (key, message) - it can be public and deterministic */
puts("Generating nonce...");
randombytes_buf(nonce, sizeof nonce);
printf("Nonce: ");
print_hex(nonce, sizeof nonce);
/* read input */
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
print_hex(message, message_len);
/* encrypt and authenticate the message */
printf("Encrypting and authenticating with %s\n\n", crypto_box_primitive());
if (crypto_box_easy(ciphertext, message, message_len, nonce, alice_pk, bob_sk) != 0) {
abort();
}
ciphertext_len = crypto_box_MACBYTES + message_len;
/* send the nonce and the ciphertext */
puts("Bob sends the nonce and the ciphertext...\n");
printf("Ciphertext len: %zu bytes - Original message length: %zu bytes\n",
ciphertext_len, message_len);
puts("Notice the prepended 16 byte authentication token\n");
printf("Nonce: ");
print_hex(nonce, sizeof nonce);
printf("Ciphertext: ");
print_hex(ciphertext, ciphertext_len);
/* decrypt the message */
puts("Alice verifies and decrypts the ciphertext...");
ret = crypto_box_open_easy(message, ciphertext, ciphertext_len, nonce, bob_pk,
alice_sk);
print_hex(message, message_len);
print_verification(ret);
if (ret == 0) {
printf("Plaintext: ");
fwrite(message, 1U, message_len, stdout);
putchar('\n');
}
sodium_memzero(bob_sk, sizeof bob_sk); /* wipe sensitive data */
sodium_memzero(alice_sk, sizeof alice_sk);
sodium_memzero(message, sizeof message);
sodium_memzero(ciphertext, sizeof ciphertext);
return ret;
}
int
main(void)
{
init();
return box() != 0;
}

134
examples/box_detached.c
View File

@ -1,134 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* Using public-key authenticated encryption, Bob can encrypt a
* confidential message specifically for Alice, using Alice's public
* key.
*
* Using Bob's public key, Alice can verify that the encrypted
* message was actually created by Bob and was not tampered with,
* before eventually decrypting it.
*
* Alice only needs Bob's public key, the nonce and the ciphertext.
* Bob should never ever share his secret key, even with Alice.
*
* And in order to send messages to Alice, Bob only needs Alice's
* public key. Alice should never ever share her secret key either,
* even with Bob.
*
* Alice can reply to Bob using the same system, without having to
* generate a distinct key pair.
*
* The nonce doesn't have to be confidential, but it should be used
* with just one invokation of crypto_box_open_easy() for a
* particular pair of public and secret keys.
*
* One easy way to generate a nonce is to use randombytes_buf(),
* considering the size of nonces the risk of any random collisions
* is negligible. For some applications, if you wish to use nonces to
* detect missing messages or to ignore replayed messages, it is also
* ok to use a simple incrementing counter as a nonce.
*
* When doing so you must ensure that the same value can never be
* re-used (for example you may have multiple threads or even hosts
* generating messages using the same key pairs).
*
* This system provides mutual authentication. However, a typical use
* case is to secure communications between a server, whose public
* key is known in advance, and clients connecting anonymously.
*/
static int
box_detached(void)
{
unsigned char bob_pk[crypto_box_PUBLICKEYBYTES]; /* Bob's public key */
unsigned char bob_sk[crypto_box_SECRETKEYBYTES]; /* Bob's secret key */
unsigned char alice_pk[crypto_box_PUBLICKEYBYTES]; /* Alice's public key */
unsigned char alice_sk[crypto_box_SECRETKEYBYTES]; /* Alice's secret key */
unsigned char nonce[crypto_box_NONCEBYTES];
unsigned char message[MAX_INPUT_LEN];
unsigned char mac[crypto_box_MACBYTES];
unsigned char ciphertext[MAX_INPUT_LEN];
size_t message_len;
int ret;
puts("Example: crypto_box_detached\n");
puts("Generating keypairs...\n");
crypto_box_keypair(bob_pk, bob_sk); /* generate Bob's keys */
crypto_box_keypair(alice_pk, alice_sk); /* generate Alice's keys */
puts("Bob");
printf("Public key: ");
print_hex(bob_pk, sizeof bob_pk);
printf("Secret key: ");
print_hex(bob_sk, sizeof bob_sk);
puts("Alice");
printf("Public key: ");
print_hex(alice_pk, sizeof alice_pk);
printf("Secret key: ");
print_hex(alice_sk, sizeof alice_sk);
/* nonce must be unique per (key, message) - it can be public and deterministic */
puts("Generating nonce...");
randombytes_buf(nonce, sizeof nonce);
printf("Nonce: ");
print_hex(nonce, sizeof nonce);
/* read input */
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
print_hex(message, message_len);
/* encrypt and authenticate the message */
printf("Encrypting and authenticating with %s\n\n", crypto_box_primitive());
if (crypto_box_detached(ciphertext, mac, message, message_len, nonce,
alice_pk, bob_sk) != 0) {
abort();
}
/* send the nonce, the MAC and the ciphertext */
puts("Bob sends the nonce, the MAC and the ciphertext...\n");
printf("Nonce: ");
print_hex(nonce, sizeof nonce);
printf("MAC: ");
print_hex(mac, sizeof mac);
printf("Ciphertext: ");
print_hex(ciphertext, message_len);
/* decrypt the message */
puts("Alice verifies the MAC and decrypts the ciphertext...");
ret = crypto_box_open_detached(message, ciphertext, mac, message_len, nonce,
bob_pk, alice_sk);
print_hex(message, message_len);
print_verification(ret);
if (ret == 0) {
printf("Plaintext: ");
fwrite(message, 1U, message_len, stdout);
putchar('\n');
}
sodium_memzero(bob_sk, sizeof bob_sk); /* wipe sensitive data */
sodium_memzero(alice_sk, sizeof alice_sk);
sodium_memzero(message, sizeof message);
sodium_memzero(ciphertext, sizeof ciphertext);
return ret;
}
int
main(void)
{
init();
return box_detached() != 0;
}

80
examples/generichash.c
View File

@ -1,80 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* This function computes a fixed-length fingerprint for an arbitrary long message.
*
* Sample use cases:
*
* File integrity checking
* Creating unique identifiers to index arbitrary long data
*
* The crypto_generichash() function puts a fingerprint of the
* message in whose length is inlen bytes into out. The output size
* can be chosen by the application.
*
* The minimum recommended output size is crypto_generichash_BYTES.
* This size makes it practically impossible for two messages to
* produce the same fingerprint.
*
* But for specific use cases, the size can be any value between
* crypto_generichash_BYTES_MIN (included) and
* crypto_generichash_BYTES_MAX (included).
*
* key can be NULL and keylen can be 0. In this case, a message will
* always have the same fingerprint, similar to the MD5 or SHA-1
* functions for which crypto_generichash() is a faster and more
* secure alternative.
*
* But a key can also be specified. A message will always have the
* same fingerprint for a given key, but different keys used to hash
* the same message are very likely to produce distinct fingerprints.
*
* In particular, the key can be used to make sure that different
* applications generate different fingerprints even if they process
* the same data.
*
* The recommended key size is crypto_generichash_KEYBYTES bytes.
*
* However, the key size can by any value between
* crypto_generichash_KEYBYTES_MIN (included) and
* crypto_generichash_KEYBYTES_MAX (included).
*/
void
generichash(void)
{
unsigned char key[crypto_generichash_KEYBYTES_MAX];
unsigned char hash[crypto_generichash_BYTES];
unsigned char message[MAX_INPUT_LEN];
size_t message_len;
size_t key_len;
puts("Example: crypto_generichash\n");
key_len = prompt_input("a key", (char*)key, sizeof key, 1);
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
printf("Hashing message with %s\n", crypto_generichash_primitive());
if (crypto_generichash(hash, sizeof hash, message, message_len,
key, key_len) != 0) {
puts("Couldn't hash the message, probably due to the key length");
} else {
printf("Hash: ");
print_hex(hash, sizeof hash);
}
}
int
main(void)
{
init();
generichash();
return 0;
}

58
examples/generichash_stream.c
View File

@ -1,58 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* Streaming variant of generic hash. This has the ability to hash
* data in chunks at a time and compute the same result as hashing
* all of the data at once.
*/
void
generichash_stream(void)
{
unsigned char key[crypto_generichash_KEYBYTES_MAX];
unsigned char hash[crypto_generichash_BYTES];
unsigned char message_part[MAX_INPUT_LEN];
crypto_generichash_state state;
size_t message_part_len;
puts("Example: crypto_generichashstream\n");
prompt_input("a key", (char*)key, sizeof key, 1);
printf("Hashing message with %s\n", crypto_generichash_primitive());
/* initialize the stream */
if (crypto_generichash_init(&state, key, sizeof key, sizeof hash) != 0) {
puts("Couldn't hash the message, probably due to the key length");
exit(EXIT_FAILURE);
}
for(;;) {
message_part_len = prompt_input("the next part of the message",
(char*)message_part, sizeof message_part, 1);
if (message_part_len == 0)
break;
/* keep appending data */
crypto_generichash_update(&state, message_part, message_part_len);
}
crypto_generichash_final(&state, hash, sizeof hash);
printf("Hash: ");
print_hex(hash, sizeof hash);
}
int
main(void)
{
init();
generichash_stream();
return 0;
}

58
examples/shorthash.c
View File

@ -1,58 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* Many applications and programming language implementations were
* recently found to be vulnerable to denial-of-service attacks when
* a hash function with weak security guarantees, such as Murmurhash
* 3, was used to construct a hash table.
*
* In order to address this, Sodium provides the crypto_shorthash()
* function, which outputs short but unpredictable (without knowing
* the secret key) values suitable for picking a list in a hash table
* for a given key.
*
* This function is optimized for short inputs.
*
* The output of this function is only 64 bits. Therefore, it should
* not be considered collision-resistant.
*
* Use cases:
*
* - Hash tables
* - Probabilistic data structures such as Bloom filters
* - Integrity checking in interactive protocols
*/
void
shorthash(void)
{
unsigned char key[crypto_shorthash_KEYBYTES];
unsigned char hash[crypto_shorthash_BYTES];
unsigned char message[MAX_INPUT_LEN];
size_t message_len;
puts("Example: crypto_shorthash\n");
prompt_input("a key", (char*)key, sizeof key, 0);
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
printf("Hashing the message with %s\n", crypto_shorthash_primitive());
crypto_shorthash(hash, message, message_len, key);
printf("Hash: ");
print_hex(hash, sizeof hash);
}
int
main(void)
{
init();
shorthash();
return 0;
}

78
examples/sign.c
View File

@ -1,78 +0,0 @@
/*
* GraxRabble
* example programs for libsodium.
*/
#include <sodium.h> /* library header */
#include "utils.h" /* utility functions shared by examples */
/*
* Signs a message with secret key which will authenticate a message.
* Everybody else can use the public key to ensure that the message is both
* valid and untampered.
*
* Note that the signed message will have 16 bytes of signature prepended.
* Ensure that the signed buffer is at least crypto_sign_BYTES longer then
* the actual message.
*/
static int
sign(void)
{
unsigned char pk[crypto_sign_PUBLICKEYBYTES]; /* Bob's public key */
unsigned char sk[crypto_sign_SECRETKEYBYTES]; /* Bob's secret key */
unsigned char message[MAX_INPUT_LEN];
unsigned char message_signed[crypto_sign_BYTES + MAX_INPUT_LEN];
unsigned long long message_len;
unsigned long long message_signed_len;
int ret;
puts("Example: crypto_sign\n");
puts("Generating keypair...");
crypto_sign_keypair(pk, sk); /* generate Bob's keys */
printf("Public key: ");
print_hex(pk, sizeof pk);
printf("Secret key: ");
print_hex(sk, sizeof sk);
puts("The secret key, as returned by crypto_sign_keypair(), actually includes "
"a copy of the public key, in order to avoid a scalar multiplication "
"when signing messages.");
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
printf("Signing message with %s...\n", crypto_sign_primitive());
crypto_sign(message_signed, &message_signed_len, message, message_len, sk);
sodium_memzero(sk, sizeof sk); /* wipe sensitive data */
printf("Signed message:");
print_hex(message_signed, message_signed_len);
printf("A %u bytes signature was prepended to the message\n",
crypto_sign_BYTES);
printf("Signature: ");
print_hex(message_signed, crypto_sign_BYTES);
printf("Message: ");
fwrite(message_signed + crypto_sign_BYTES, 1U,
message_signed_len - crypto_sign_BYTES, stdout);
putchar('\n');
puts("Validating message...");
ret = crypto_sign_open(message, &message_len, message_signed,
message_signed_len, pk);
print_verification(ret);
if (ret == 0)
printf("Message: %s\n", message);
return ret;
}
int
main(void)
{
init();
return sign() != 0;
}

110
examples/utils.h
View File

@ -1,110 +0,0 @@
/*
* Utility functions shared by all the demo programs.
*/
#ifndef UTILS_H
#define UTILS_H
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sodium.h>
#define MAX_INPUT_LEN 4096
/*
* print_hex() is a wrapper around sodium_bin2hex() which allocates
* temporary memory then immediately prints the result followed by \n
*/
static void
print_hex(const void *bin, const size_t bin_len)
{
char *hex;
size_t hex_size;
if (bin_len >= SIZE_MAX / 2) {
abort();
}
hex_size = bin_len * 2 + 1;
if ((hex = malloc(hex_size)) == NULL) {
abort();
}
/* the library supplies a few utility functions like the one below */
if (sodium_bin2hex(hex, hex_size, bin, bin_len) == NULL) {
abort();
}
puts(hex);
free(hex);
}
/*
* Display a prompt for input by user. It will save the input into a buffer
* of a specific size with room for the null terminator while removing
* trailing newline characters.
*/
static size_t
prompt_input(const char *prompt, char *input, const size_t max_input_len,
int variable_length)
{
char input_tmp[MAX_INPUT_LEN + 1U];
size_t actual_input_len;
if (variable_length != 0) {
printf("\nEnter %s (%zu bytes max) > ", prompt, max_input_len);
} else {
printf("\nEnter %s (%zu bytes) > ", prompt, max_input_len);
}
fflush(stdout);
if (fgets(input_tmp, sizeof input_tmp, stdin) == NULL) {
input_tmp[0] = '\0';
}
actual_input_len = strlen(input_tmp);
/* trim \n */
if (actual_input_len > 0 && input_tmp[actual_input_len - 1] == '\n') {
input_tmp[actual_input_len - 1] = '\0';
--actual_input_len;
}
if (actual_input_len > max_input_len) {
printf("Warning: truncating input to %zu bytes\n\n", max_input_len);
actual_input_len = max_input_len;
} else if (actual_input_len < max_input_len && variable_length == 0) {
printf("Warning: %zu bytes expected, %zu bytes given: padding with zeros\n\n",
max_input_len, actual_input_len);
memset(input, 0, max_input_len);
} else {
printf("Length: %zu bytes\n\n", actual_input_len);
}
memcpy(input, input_tmp, actual_input_len);
if (variable_length == 0) {
return max_input_len;
} else {
return actual_input_len;
}
}
/*
* Display whether the function was sucessful or failed.
*/
static void
print_verification(int ret)
{
if (ret == 0)
puts("Success!\n");
else
puts("Failure.\n");
}
static void
init(void)
{
if (sodium_init() != 0) {
abort();
}
printf("Using libsodium %s\n", sodium_version_string());
}
#endif /* UTILS_H */