📄 recontest.c
字号:
/*____________________________________________________________________________
ReconTest.c
Copyright (C) 2003,2004 PGP Corporation
All rights reserved.
FIPS 140-2 Operational Test/ Key reconstruction test
$Id: ReconTest.c 48493 2006-10-12 21:19:56Z vinnie $
____________________________________________________________________________*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include "pgpErrors.h"
#include "pgpKeys.h"
#include "pgpShare.h"
#include "pgpMemoryMgr.h"
#include "pgpUtilities.h"
#include "pgpReconstruct.h"
#include "optest.h"
/*
PGPSendReconstruction
PGPGetReconstructionPrompts
PGPMakeReconstructionPassesHash
PGPVerifyReconstructionPassesHash
PGPGetReconstructionData
PGPSetReconstructionServerURL
PGPGetReconContext
*/
static void importReconQA(PGPReconPrompts reconQuestions, PGPReconPasses reconAnswers)
{
strcpy(reconQuestions[0], "Question 1");
strcpy(reconQuestions[1], "Question 2");
strcpy(reconQuestions[2], "Question 3");
strcpy(reconQuestions[3], "Question 4");
strcpy(reconQuestions[4], "Question 5");
strcpy(reconAnswers[0], "Answer 1");
strcpy(reconAnswers[1], "Answer 2");
strcpy(reconAnswers[2], "Answer 3");
strcpy(reconAnswers[3], "Answer 4");
strcpy(reconAnswers[4], "Answer 5");
}
static void printReconQ(PGPReconPrompts reconQuestions)
{
int i;
for(i = 0; i < kPGPRecon_NumShares; i++)
if(reconQuestions[i])
OPTESTPrintF("\t [%d] \"%s\"\n", i, reconQuestions[i]);
}
PGPError TestRecon(PGPContextRef context)
{
PGPError err = kPGPError_NoErr;
PGPKeyDBRef keyDB = kInvalidPGPKeyDBRef;
PGPKeyDBRef newKeyDB = kInvalidPGPKeyDBRef;
PGPKeyDBObjRef theKey = kInvalidPGPKeyDBObjRef;
PGPKeyIterRef iter = kInvalidPGPKeyIterRef;
PGPReconContextRef recon = kInvalidPGPReconContextRef;
PGPKeyID theKeyID;
PGPReconPrompts reconQuestions;
PGPReconPasses reconAnswers;
void* reconData = NULL;
PGPSize reconDataSize;
void* exportBuf = NULL;
PGPSize exportBufSize;
PGPUInt16 hashReps;
DecodeInfo decodeInfo;
PGPUInt32 count;
char armoredPassKey[kPGPRecon_ArmoredHashSize];
InitDecodeInfo(&decodeInfo);
importReconQA(reconQuestions, reconAnswers);
/* Read in the test keys and get a ref to it */
err = importKeys(context,gTestKeysPath, kPGPInputFormat_PGP, &keyDB); CKERR;
/* Find test Key */
OPTESTPrintF("\tFind Test Key\n" );
err = PGPNewKeyIDFromString( kAlicesKeyIDString, kPGPPublicKeyAlgorithm_Invalid, &theKeyID); CKERR;
err = PGPFindKeyByKeyID( keyDB, &theKeyID, &theKey); CKERR;
if(gVerbose_flag)
{
printKeyDetails( " ", FALSE,theKey);
OPTESTPrintF("\n");
}
else
printKeyName(" ", theKey);
OPTESTPrintF("\tMake reconstruction info - ");
/* make reconstruction block */
err = PGPNewReconstruct(theKey, NULL, NULL, OptestEventHandler, &decodeInfo, &recon); CKERR;
err = PGPMakeReconstruction(recon, reconQuestions, reconAnswers, (PGPUTF8*) kAlicesPassPhrase); CKERR;
err = PGPGetReconstruction(recon, (void*)&reconData, &reconDataSize); CKERR;
OPTESTPrintF(" %ld bytes\n",reconDataSize);
// dumpHex( reconData, reconDataSize, 0);
OPTESTPrintF("\tRemove secret key\n");
/* free up keyDB and recon context */
PGPFreeReconstruct(recon); recon = kInvalidPGPReconContextRef;
ZERO(reconQuestions, sizeof(reconQuestions));
strcpy(reconAnswers[0], "foo");
strcpy(reconAnswers[4], "wrong answer");
strcpy(reconAnswers[2], "another wrong answer");
/* save public key */
err = PGPExport(context,
PGPOExportKeyDBObj(context, theKey),
PGPOExportPrivateKeys(context,FALSE),
PGPOAllocatedOutputBuffer( context, &exportBuf, MAX_PGPSize, &exportBufSize),
PGPOLastOption( context ) ); CKERR;
PGPFreeKeyDB( keyDB ); keyDB = kInvalidPGPKeyDBRef;
/* reimport as public key only */
err = PGPImport( context, &keyDB,
PGPOInputBuffer( context,exportBuf, exportBufSize ),
PGPOLastOption( context ) ); CKERR;
err = PGPNewKeyIDFromString( kAlicesKeyIDString, kPGPPublicKeyAlgorithm_Invalid, &theKeyID); CKERR;
err = PGPFindKeyByKeyID( keyDB, &theKeyID, &theKey); CKERR;
printKeyName("\t ", theKey);
err = PGPGetReconstructionPromptsFromData(reconData, reconDataSize, reconQuestions, &hashReps); CKERR;
OPTESTPrintF("\tGet Reconstruction Questions:\n");
if(gVerbose_flag)
printReconQ(reconQuestions);
err = PGPNewReconstruct(theKey, NULL, NULL, NULL, NULL, &recon); CKERR;
err = PGPSetReconstructionEventHandler(recon, OptestEventHandler, &decodeInfo);
OPTESTPrintF("\tAttempt Key Reconstruction with insufficent data\n");
err = PGPReconstruct(recon, reconAnswers, reconData, reconDataSize, &newKeyDB);
if(err != kPGPError_BadPassphrase) FAIL("Key Reconstruction Failure");
OPTESTPrintF("\tFailed as expected.\n");
strcpy(reconAnswers[2], "Answer 3");
/* The pass hash stuff is just here for testing */
err = PGPMakeReconstructionPassesHash(recon, reconAnswers, hashReps, armoredPassKey); CKERR;
OPTESTPrintF("\tDisplay armored pass key:\n\t\t%s\n" , armoredPassKey);
OPTESTPrintF("\tVerify armored pass key\n");
err = PGPVerifyReconstructionPassesHash(recon, reconData, reconDataSize, armoredPassKey); CKERR;
OPTESTPrintF("\tRe-attempt Key Reconstruction with proper answers\n");
err = PGPReconstruct(recon, reconAnswers, reconData, reconDataSize, &newKeyDB);
err = PGPCountKeysInKeyDB(newKeyDB, &count); CKERR;
if(count != 1) FAIL("Key Reconstruction failed\n");
/* Iterate through each key */
err = PGPNewKeyIterFromKeyDB( newKeyDB, &iter); CKERR;
while( IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &theKey) ) )
{
if(gVerbose_flag)
{
printKeyDetails( " ", FALSE,theKey);
OPTESTPrintF("\n");
}
else
printKeyName(" ", theKey);
}
done:
if( reconData)
PGPFreeData(reconData);
if( exportBuf)
PGPFreeData(exportBuf);
if (PGPReconContextRefIsValid(recon))
PGPFreeReconstruct(recon);
if( PGPKeyIterRefIsValid( iter ) )
PGPFreeKeyIter( iter );
if( PGPKeyDBRefIsValid( keyDB ) )
PGPFreeKeyDB( keyDB );
if( PGPKeyDBRefIsValid( newKeyDB ) )
PGPFreeKeyDB( newKeyDB );
return err;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -