ptth/bare_minimum_crypto/cpp/bmc_test.cpp

#include <chrono>
#include <iostream>
#include <optional>
#include <stdint.h>
#include <string>
#include <vector>

#include <sodium.h>

// From https://github.com/tkislan/base64
#include "base64.h"
#include "json.hpp"

using namespace std;
using chrono::duration_cast;
using chrono::seconds;
using chrono::system_clock;
using nlohmann::json;

const int64_t about_3_months = (int64_t)105 * 86400;

// Not sure why the Base64 lib fails to provide this API
string b64_encode (const vector <uint8_t> & v) {
	string s;
	s.resize (Base64::EncodedLength (v.size ()));
	
	Base64::Encode ((const char *)v.data (), v.size (), s.data (), s.size ());
	
	return s;
}

optional <vector <uint8_t>> b64_decode (const string & s) {
	vector <uint8_t> v;
	v.resize (Base64::DecodedLength (s.data (), s.size ()));
	
	if (! Base64::Decode (s.data (), s.size (), (char *)v.data (), v.size ()))
	{
		return nullopt;
	}
	
	return v;
}

struct ExpiringSignature {
	string cert_s;
	vector <uint8_t> sig;
	
	// C++ nonsense
	bool operator == (const ExpiringSignature & o) const {
		return
			cert_s == o.cert_s &&
			sig == o.sig
		;
	}
	
	bool operator != (const ExpiringSignature & o) const {
		return ! (*this == o);
	}
};

int64_t get_seconds_since_epoch () {
	const auto utc_now = system_clock::now ();
	return duration_cast <seconds> (utc_now.time_since_epoch ()).count ();
}

void try_sodium_init () {
	if (sodium_init () < 0) {
		throw std::runtime_error ("Can't initialize libsodium");
	}
}

struct VerifiedData {
	vector <uint8_t> payload;
	string purpose;
};

optional <VerifiedData> try_verify_signed_data (
	const ExpiringSignature & sig,
	int64_t now,
	const vector <uint8_t> & pubkey
) {
	try_sodium_init ();
	
	if (pubkey.size () != crypto_sign_PUBLICKEYBYTES) {
		return nullopt;
	}
	
	if (crypto_sign_verify_detached (
		sig.sig.data (),
		(const uint8_t *)sig.cert_s.data (),
		sig.cert_s.size (),
		pubkey.data ()
	) != 0) {
		return nullopt;
	}
	
	const json j = json::parse (sig.cert_s);
	
	const int64_t not_before = j ["not_before"];
	const int64_t not_after = j ["not_after"];
	
	if (now < not_before) {
		return nullopt;
	}
	if (now > not_after) {
		return nullopt;
	}
	
	const string purpose = j ["purpose"];
	const string payload_b64 = j ["payload_b64"];
	string payload_s;
	Base64::Decode (payload_b64, &payload_s);
	
	const vector <uint8_t> payload;
	
	return VerifiedData {
		payload,
		purpose
	};
}

optional <VerifiedData> verify_signed_data (
	const ExpiringSignature & sig,
	int64_t now,
	const vector <uint8_t> & pubkey
) {
	try {
		return try_verify_signed_data (sig, now, pubkey);
	}
	catch (json::exception &) {
		return nullopt;
	}
}

string to_base64 (const vector <uint8_t> & v) {
	const string s ((const char *)v.data (), v.size ());
	string b64;
	Base64::Encode (s, &b64);
	return b64;
}

class SigningKey {
	vector <uint8_t> pk;
	vector <uint8_t> sk;
	
public:
	SigningKey () {
		try_sodium_init ();
		
		pk.resize (crypto_sign_PUBLICKEYBYTES);
		sk.resize (crypto_sign_SECRETKEYBYTES);
		
		crypto_sign_keypair (pk.data (), sk.data ());
	}
	
	vector <uint8_t> pubkey () const {
		return pk;
	}
	
	string pub_to_base64 () const {
		return to_base64 (pk);
	}
	
	optional <ExpiringSignature> sign_binary (
		const vector <uint8_t> & payload, 
		string purpose,
		int64_t now
	) const {
		try_sodium_init ();
		
		const auto not_after = now + about_3_months;
		
		const json j {
			{"not_before", now},
			{"not_after", not_after},
			{"purpose", purpose},
			{"payload_b64", to_base64 (payload)},
		};
		
		const auto cert_s = j.dump ();
		
		vector <uint8_t> sig;
		sig.resize (crypto_sign_BYTES);
		
		crypto_sign_detached (sig.data (), nullptr, (const uint8_t *)cert_s.data (), cert_s.size (), sk.data ());
		
		return ExpiringSignature {
			cert_s,
			sig,
		};
	}
	
	optional <ExpiringSignature> sign_key (const SigningKey & k, int64_t now) const 
	{
		return sign_binary (k.pk, "4QHAB7O5 trusted public key", now);
	}
};

// Most tests will use a virtual clock. But just as a smoke test,
// make sure real time is realistic.

int check_real_time () {
	const auto seconds_since_epoch = get_seconds_since_epoch ();
	
	const auto time_of_writing = 1610844872;
	if (seconds_since_epoch < time_of_writing) {
		cerr << "Error: Real time is in the past." << endl;
		return 1;
	}
	
	const int64_t about_100_years = (int64_t)100 * 365 * 86400;
	if (seconds_since_epoch > time_of_writing + about_100_years) {
		cerr << "Error: Real time is in the far future." << endl;
		return 1;
	}
	
	return 0;
}

int check_base64 () {
	vector <uint8_t> v {1, 2, 3, 4, 5, 6};
	const auto s = b64_encode (v);
	
	if (s != "AQIDBAUG") {
		cerr << "Base64 encoding failed" << endl;
		return 1;
	}
	
	// Trivial decode
	const auto v2 = std::move (*b64_decode (s));
	
	if (v2 != v) {
		cerr << "Base64 trivial decode failed" << endl;
		return 1;
	}
	
	// Decode should fail
	const auto v3 = b64_decode ("AQIDBAUG.");
	
	if (v3 != nullopt) {
		cerr << "Base64 decode should have failed" << endl;
		return 1;
	}
	
	return 0;
}

int main () {
	if (check_base64 () != 0) {
		return 1;
	}
	
	// Suppose we generate a root key and keep it somewhere safe
	// (not a server)
	SigningKey root_key;
	cerr << "Root pub key " << root_key.pub_to_base64 () << endl;
	
	if (check_real_time () != 0) {
		return 1;
	}
	
	// Suppose the server generates a signing key
	SigningKey signing_key;
	cerr << "Signing key " << signing_key.pub_to_base64 () << endl;
	
	const auto now = get_seconds_since_epoch ();
	const ExpiringSignature cert = std::move (*root_key.sign_key (signing_key, now));
	
	{
		// Check that a different time results in a different cert
		const auto cert_2 = std::move (*root_key.sign_key (signing_key, now));
		const auto cert_3 = std::move (*root_key.sign_key (signing_key, now + 1));
		
		if (cert != cert_2) {
			cerr << "Certs should have been identical" << endl;
			return 1;
		}
		
		if (cert == cert_3) {
			cerr << "Certs should have been different" << endl;
			return 1;
		}
		
		if (cert == cert_3) {
			cerr << "Signatures should have been different" << endl;
			return 1;
		}
	}
	
	{
		cerr << "Cert:" << endl;
		cerr << cert.cert_s << endl;
		cerr << to_base64 (cert.sig) << endl;
	}
	
	// Suppose the client knows our root public key
	const auto root_pubkey = root_key.pubkey ();
	
	if (crypto_sign_verify_detached (cert.sig.data (), (const uint8_t *)cert.cert_s.data (), cert.cert_s.size (), root_pubkey.data ()) != 0) {
		cerr << "Bad signature" << endl;
		return 1;
	}
	if (crypto_sign_verify_detached (cert.sig.data (), (const uint8_t *)cert.cert_s.data (), cert.cert_s.size () - 1, root_pubkey.data ()) == 0) {
		cerr << "Signature should not have verified" << endl;
		return 1;
	}
	
	{
		const json j = json::parse (cert.cert_s);
		
		cerr << "not_before: " << (int64_t)j ["not_before"] << endl;
	}
	
	cerr << "Done." << endl;
	return 0;
}
:construction: wip 2021-01-17 15:11:21 +00:00			`#include <chrono>`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00			`#include <iostream>`
:construction: wip 2021-01-17 15:11:21 +00:00			`#include <optional>`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00			`#include <stdint.h>`
			`#include <string>`
			`#include <vector>`

			`#include <sodium.h>`

:construction: wip 2021-01-17 15:11:21 +00:00			`// From https://github.com/tkislan/base64`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00			`#include "base64.h"`
:construction: wip 2021-01-17 15:11:21 +00:00			`#include "json.hpp"`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00
			`using namespace std;`
:construction: wip 2021-01-17 15:11:21 +00:00			`using chrono::duration_cast;`
			`using chrono::seconds;`
			`using chrono::system_clock;`
			`using nlohmann::json;`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00
:construction: wip 2021-01-17 15:11:21 +00:00			`const int64_t about_3_months = (int64_t)105 * 86400;`

update: so I don't like this base64 lib anymore. It has no error handling. 2021-01-17 15:52:38 +00:00			`// Not sure why the Base64 lib fails to provide this API`
			`string b64_encode (const vector <uint8_t> & v) {`
			`string s;`
			`s.resize (Base64::EncodedLength (v.size ()));`

			`Base64::Encode ((const char *)v.data (), v.size (), s.data (), s.size ());`

			`return s;`
			`}`

			`optional <vector <uint8_t>> b64_decode (const string & s) {`
			`vector <uint8_t> v;`
			`v.resize (Base64::DecodedLength (s.data (), s.size ()));`

			`if (! Base64::Decode (s.data (), s.size (), (char *)v.data (), v.size ()))`
			`{`
			`return nullopt;`
			`}`

			`return v;`
			`}`

:construction: wip 2021-01-17 15:11:21 +00:00			`struct ExpiringSignature {`
			`string cert_s;`
			`vector <uint8_t> sig;`

			`// C++ nonsense`
			`bool operator == (const ExpiringSignature & o) const {`
			`return`
			`cert_s == o.cert_s &&`
			`sig == o.sig`
			`;`
			`}`

			`bool operator != (const ExpiringSignature & o) const {`
			`return ! (*this == o);`
			`}`
			`};`

			`int64_t get_seconds_since_epoch () {`
			`const auto utc_now = system_clock::now ();`
			`return duration_cast <seconds> (utc_now.time_since_epoch ()).count ();`
			`}`

			`void try_sodium_init () {`
			`if (sodium_init () < 0) {`
			`throw std::runtime_error ("Can't initialize libsodium");`
			`}`
			`}`

update: so I don't like this base64 lib anymore. It has no error handling. 2021-01-17 15:52:38 +00:00			`struct VerifiedData {`
			`vector <uint8_t> payload;`
			`string purpose;`
			`};`

			`optional <VerifiedData> try_verify_signed_data (`
			`const ExpiringSignature & sig,`
			`int64_t now,`
			`const vector <uint8_t> & pubkey`
			`) {`
			`try_sodium_init ();`

			`if (pubkey.size () != crypto_sign_PUBLICKEYBYTES) {`
			`return nullopt;`
			`}`

			`if (crypto_sign_verify_detached (`
			`sig.sig.data (),`
			`(const uint8_t *)sig.cert_s.data (),`
			`sig.cert_s.size (),`
			`pubkey.data ()`
			`) != 0) {`
			`return nullopt;`
			`}`

			`const json j = json::parse (sig.cert_s);`

			`const int64_t not_before = j ["not_before"];`
			`const int64_t not_after = j ["not_after"];`

			`if (now < not_before) {`
			`return nullopt;`
			`}`
			`if (now > not_after) {`
			`return nullopt;`
			`}`

			`const string purpose = j ["purpose"];`
			`const string payload_b64 = j ["payload_b64"];`
			`string payload_s;`
			`Base64::Decode (payload_b64, &payload_s);`

			`const vector <uint8_t> payload;`

			`return VerifiedData {`
			`payload,`
			`purpose`
			`};`
			`}`

			`optional <VerifiedData> verify_signed_data (`
			`const ExpiringSignature & sig,`
			`int64_t now,`
			`const vector <uint8_t> & pubkey`
			`) {`
			`try {`
			`return try_verify_signed_data (sig, now, pubkey);`
			`}`
			`catch (json::exception &) {`
			`return nullopt;`
			`}`
			`}`

:construction: wip 2021-01-17 15:11:21 +00:00			`string to_base64 (const vector <uint8_t> & v) {`
			`const string s ((const char *)v.data (), v.size ());`
			`string b64;`
			`Base64::Encode (s, &b64);`
			`return b64;`
			`}`

			`class SigningKey {`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00			`vector <uint8_t> pk;`
			`vector <uint8_t> sk;`

:construction: wip 2021-01-17 15:11:21 +00:00			`public:`
			`SigningKey () {`
			`try_sodium_init ();`

			`pk.resize (crypto_sign_PUBLICKEYBYTES);`
			`sk.resize (crypto_sign_SECRETKEYBYTES);`

			`crypto_sign_keypair (pk.data (), sk.data ());`
			`}`

			`vector <uint8_t> pubkey () const {`
			`return pk;`
			`}`

			`string pub_to_base64 () const {`
			`return to_base64 (pk);`
			`}`

			`optional <ExpiringSignature> sign_binary (`
			`const vector <uint8_t> & payload,`
			`string purpose,`
			`int64_t now`
			`) const {`
			`try_sodium_init ();`

			`const auto not_after = now + about_3_months;`

			`const json j {`
			`{"not_before", now},`
			`{"not_after", not_after},`
			`{"purpose", purpose},`
			`{"payload_b64", to_base64 (payload)},`
			`};`

			`const auto cert_s = j.dump ();`

			`vector <uint8_t> sig;`
			`sig.resize (crypto_sign_BYTES);`

			`crypto_sign_detached (sig.data (), nullptr, (const uint8_t *)cert_s.data (), cert_s.size (), sk.data ());`

			`return ExpiringSignature {`
			`cert_s,`
			`sig,`
			`};`
			`}`

			`optional <ExpiringSignature> sign_key (const SigningKey & k, int64_t now) const`
			`{`
			`return sign_binary (k.pk, "4QHAB7O5 trusted public key", now);`
			`}`
			`};`

			`// Most tests will use a virtual clock. But just as a smoke test,`
			`// make sure real time is realistic.`

			`int check_real_time () {`
			`const auto seconds_since_epoch = get_seconds_since_epoch ();`

			`const auto time_of_writing = 1610844872;`
			`if (seconds_since_epoch < time_of_writing) {`
			`cerr << "Error: Real time is in the past." << endl;`
			`return 1;`
			`}`

			`const int64_t about_100_years = (int64_t)100 * 365 * 86400;`
			`if (seconds_since_epoch > time_of_writing + about_100_years) {`
			`cerr << "Error: Real time is in the far future." << endl;`
			`return 1;`
			`}`

			`return 0;`
			`}`

update: so I don't like this base64 lib anymore. It has no error handling. 2021-01-17 15:52:38 +00:00			`int check_base64 () {`
			`vector <uint8_t> v {1, 2, 3, 4, 5, 6};`
			`const auto s = b64_encode (v);`

			`if (s != "AQIDBAUG") {`
			`cerr << "Base64 encoding failed" << endl;`
			`return 1;`
			`}`

			`// Trivial decode`
			`const auto v2 = std::move (*b64_decode (s));`

			`if (v2 != v) {`
			`cerr << "Base64 trivial decode failed" << endl;`
			`return 1;`
			`}`

			`// Decode should fail`
			`const auto v3 = b64_decode ("AQIDBAUG.");`

			`if (v3 != nullopt) {`
			`cerr << "Base64 decode should have failed" << endl;`
			`return 1;`
			`}`

			`return 0;`
			`}`

:construction: wip 2021-01-17 15:11:21 +00:00			`int main () {`
update: so I don't like this base64 lib anymore. It has no error handling. 2021-01-17 15:52:38 +00:00			`if (check_base64 () != 0) {`
			`return 1;`
			`}`

:construction: wip 2021-01-17 15:11:21 +00:00			`// Suppose we generate a root key and keep it somewhere safe`
			`// (not a server)`
			`SigningKey root_key;`
			`cerr << "Root pub key " << root_key.pub_to_base64 () << endl;`

			`if (check_real_time () != 0) {`
			`return 1;`
			`}`

			`// Suppose the server generates a signing key`
			`SigningKey signing_key;`
			`cerr << "Signing key " << signing_key.pub_to_base64 () << endl;`

			`const auto now = get_seconds_since_epoch ();`
			`const ExpiringSignature cert = std::move (*root_key.sign_key (signing_key, now));`

			`{`
			`// Check that a different time results in a different cert`
			`const auto cert_2 = std::move (*root_key.sign_key (signing_key, now));`
			`const auto cert_3 = std::move (*root_key.sign_key (signing_key, now + 1));`

			`if (cert != cert_2) {`
			`cerr << "Certs should have been identical" << endl;`
			`return 1;`
			`}`

			`if (cert == cert_3) {`
			`cerr << "Certs should have been different" << endl;`
			`return 1;`
			`}`

			`if (cert == cert_3) {`
			`cerr << "Signatures should have been different" << endl;`
			`return 1;`
			`}`
			`}`

			`{`
			`cerr << "Cert:" << endl;`
			`cerr << cert.cert_s << endl;`
			`cerr << to_base64 (cert.sig) << endl;`
			`}`

			`// Suppose the client knows our root public key`
			`const auto root_pubkey = root_key.pubkey ();`

			`if (crypto_sign_verify_detached (cert.sig.data (), (const uint8_t *)cert.cert_s.data (), cert.cert_s.size (), root_pubkey.data ()) != 0) {`
			`cerr << "Bad signature" << endl;`
			`return 1;`
			`}`
			`if (crypto_sign_verify_detached (cert.sig.data (), (const uint8_t *)cert.cert_s.data (), cert.cert_s.size () - 1, root_pubkey.data ()) == 0) {`
			`cerr << "Signature should not have verified" << endl;`
			`return 1;`
			`}`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00
update: so I don't like this base64 lib anymore. It has no error handling. 2021-01-17 15:52:38 +00:00			`{`
			`const json j = json::parse (cert.cert_s);`

			`cerr << "not_before: " << (int64_t)j ["not_before"] << endl;`
			`}`
:construction: wip: making some examples / demos for easy ways to use libsodium 2021-01-17 00:44:11 +00:00
			`cerr << "Done." << endl;`
			`return 0;`
			`}`