From bc48bec97b65534966da74a07ed3edb3f13f6263 Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Sun, 25 Feb 2018 08:18:34 +0000 Subject: Revert "Add support for OpenSSL 1.1 and replace deprecated function calls" Until shown to be safe. See message from Johann Glaser to the mailing list. This reverts commit 85e7efc3fa0477f60318d2cd2144503a9ea8feb9. --- test/crypto/testcrypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/crypto/testcrypto.cpp') diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp index 32d2efb8..4e623cc2 100644 --- a/test/crypto/testcrypto.cpp +++ b/test/crypto/testcrypto.cpp @@ -266,7 +266,7 @@ int test(int argc, const char *argv[]) // Check rolling checksums uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE); uint8_t *checkdata = checkdata_blk; - RAND_bytes(checkdata, CHECKSUM_DATA_SIZE); + RAND_pseudo_bytes(checkdata, CHECKSUM_DATA_SIZE); for(int size = CHECKSUM_BLOCK_SIZE_BASE; size <= CHECKSUM_BLOCK_SIZE_LAST; ++size) { // Test skip-roll code -- cgit v1.2.3 From d3da41380064015add8ffc16c91dbfa57cbd954b Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Tue, 27 Feb 2018 22:38:29 +0000 Subject: Add a test that we can setup Blowfish encryption properly --- test/crypto/testcrypto.cpp | 74 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 73 insertions(+), 1 deletion(-) (limited to 'test/crypto/testcrypto.cpp') diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp index 4e623cc2..003bf992 100644 --- a/test/crypto/testcrypto.cpp +++ b/test/crypto/testcrypto.cpp @@ -12,13 +12,15 @@ #include #include -#include "Test.h" #include "CipherContext.h" #include "CipherBlowfish.h" #include "CipherAES.h" #include "CipherException.h" +#include "CollectInBufferStream.h" +#include "Guards.h" #include "RollingChecksum.h" #include "Random.h" +#include "Test.h" #include "MemLeakFindOn.h" @@ -33,6 +35,12 @@ #define CHECKSUM_BLOCK_SIZE_LAST (CHECKSUM_BLOCK_SIZE_BASE + 64) #define CHECKSUM_ROLLS 16 +// Copied from BackupClientCryptoKeys.h +#define BACKUPCRYPTOKEYS_FILENAME_KEY_START 0 +#define BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH 56 +#define BACKUPCRYPTOKEYS_FILENAME_IV_START (0 + BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH) +#define BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH 8 + void check_random_int(uint32_t max) { for(int c = 0; c < 1024; ++c) @@ -262,6 +270,70 @@ int test(int argc, const char *argv[]) ::printf("Skipping AES -- not supported by version of OpenSSL in use.\n"); #endif + // Test with known plaintext and ciphertext (correct algorithm used, etc) + { + FileStream keyfile("testfiles/bbackupd.keys"); + // Ideally we would use a 448 bit (56 byte) key here, since that's what we do in + // real life, but unfortunately the OpenSSL command-line tool only supports 128-bit + // Blowfish keys, so it's hard to generate a reference ciphertext unless we restrict + // ourselves to what OpenSSL can support too. + // https://security.stackexchange.com/questions/25393/openssl-blowfish-key-limited-to-256-bits + char key[16], iv[BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH]; + + if(!keyfile.ReadFullBuffer(key, sizeof(key), 0)) + { + TEST_FAIL_WITH_MESSAGE("Failed to read full key length from file"); + } + + keyfile.Seek(BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH, IOStream::SeekType_Absolute); + if(!keyfile.ReadFullBuffer(iv, sizeof(iv), 0)) + { + TEST_FAIL_WITH_MESSAGE("Failed to read full IV length from file"); + } + + CipherContext encryptor; + CipherContext decryptor; + + encryptor.Reset(); + encryptor.Init(CipherContext::Encrypt, CipherBlowfish(CipherDescription::Mode_CBC, key, sizeof(key))); + ASSERT(encryptor.GetIVLength() == sizeof(iv)); + encryptor.SetIV(iv); + + decryptor.Reset(); + decryptor.Init(CipherContext::Decrypt, CipherBlowfish(CipherDescription::Mode_CBC, key, sizeof(key))); + ASSERT(decryptor.GetIVLength() == sizeof(iv)); + decryptor.SetIV(iv); + + // The encrypted file bfdlink.h.enc was generated with the following command: + // key=`dd if=bbackupd.keys bs=1 count=16 | hexdump -e '/1 "%02x"'` + // iv=`dd if=bbackupd.keys bs=1 skip=56 count=8 | hexdump -e '/1 "%02x"'` + // openssl enc -bf -in bfdlink.h -K $key -iv $iv + // And has MD5 checksum 586b65fdd07474bc139c0795d344d8ad + FileStream plaintext_file("testfiles/bfdlink.h", O_RDONLY); + FileStream ciphertext_file("testfiles/bfdlink.h.enc", O_RDONLY); + + CollectInBufferStream plaintext, ciphertext; + plaintext_file.CopyStreamTo(plaintext); + ciphertext_file.CopyStreamTo(ciphertext); + plaintext.SetForReading(); + ciphertext.SetForReading(); + + MemoryBlockGuard encrypted( + encryptor.MaxOutSizeForInBufferSize(ciphertext.GetSize())); + + int encrypted_size = encryptor.TransformBlock(encrypted.GetPtr(), + encrypted.GetSize(), plaintext.GetBuffer(), plaintext.GetSize()); + TEST_EQUAL(ciphertext.GetSize(), encrypted_size); + TEST_EQUAL(0, memcmp(encrypted.GetPtr(), ciphertext.GetBuffer(), encrypted_size)); + + MemoryBlockGuard decrypted(ciphertext.GetSize() + 16); + + int decrypted_size = decryptor.TransformBlock(decrypted.GetPtr(), + decrypted.GetSize(), encrypted.GetPtr(), encrypted_size); + TEST_EQUAL(plaintext.GetSize(), decrypted_size); + TEST_EQUAL(0, memcmp(decrypted.GetPtr(), plaintext.GetBuffer(), decrypted_size)); + } + ::printf("Misc...\n"); // Check rolling checksums uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE); -- cgit v1.2.3 From c2547266775954292d78ab90b1af925d57c3f9e3 Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Tue, 27 Feb 2018 22:39:10 +0000 Subject: Reimplement OpenSSL 1.1 support This time I have made the minimum number of changes necessary to make OpenSSL 1.1 work, and also added more tests which would have caught the issues with the previous attempt. Thanks to Johann Glaser for testing out the new version and reporting the issue with decryption! --- test/crypto/testcrypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/crypto/testcrypto.cpp') diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp index 003bf992..200bdd0f 100644 --- a/test/crypto/testcrypto.cpp +++ b/test/crypto/testcrypto.cpp @@ -338,7 +338,7 @@ int test(int argc, const char *argv[]) // Check rolling checksums uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE); uint8_t *checkdata = checkdata_blk; - RAND_pseudo_bytes(checkdata, CHECKSUM_DATA_SIZE); + RAND_bytes(checkdata, CHECKSUM_DATA_SIZE); for(int size = CHECKSUM_BLOCK_SIZE_BASE; size <= CHECKSUM_BLOCK_SIZE_LAST; ++size) { // Test skip-roll code -- cgit v1.2.3