From 5657ab979646d7bca7bc9005e0f389c759f90a79 Mon Sep 17 00:00:00 2001
From: csoler <retroshare.project@gmail.com>
Date: Sun, 21 Apr 2013 19:16:25 +0000
Subject: [PATCH] bug fixing. Apparently still problems with AES padding.

git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-GenericTunneling@6323 b45a01b8-16f6-495d-af2f-9b41ad6348cc
---
 libretroshare/src/services/p3chatservice.cc | 32 +++++++++++++++++++--
 libretroshare/src/tests/util/aes_test.cc    | 16 ++++++-----
 libretroshare/src/turtle/rsturtleitem.cc    |  1 -
 libretroshare/src/util/rsaes.cc             | 25 +++++++++++++---
 4 files changed, 60 insertions(+), 14 deletions(-)

diff --git a/libretroshare/src/services/p3chatservice.cc b/libretroshare/src/services/p3chatservice.cc
index 9f7538a12..c22eda594 100644
--- a/libretroshare/src/services/p3chatservice.cc
+++ b/libretroshare/src/services/p3chatservice.cc
@@ -2885,6 +2885,18 @@ void p3ChatService::removeVirtualPeer(const TurtleFileHash& hash,const TurtleVir
 	rsicontrol->getNotify().notifyChatStatus(hash,"tunnel is down...",true) ;
 	rsicontrol->getNotify().notifyPeerStatusChanged(hash,RS_STATUS_OFFLINE) ;
 }
+
+static void printBinaryData(void *data,uint32_t size)
+{
+	static const char outl[16] = { '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' } ;
+
+	for(uint32_t j = 0; j < size; j++) 
+	{ 
+		std::cerr << outl[ ( ((uint8_t*)data)[j]>>4) ] ; 
+		std::cerr << outl[ ((uint8_t*)data)[j] & 0xf ] ; 
+	}
+}
+
 void p3ChatService::receiveTurtleData(	RsTurtleGenericTunnelItem *gitem,const std::string& hash,
 													const std::string& virtual_peer_id,RsTurtleGenericTunnelItem::Direction direction)
 {
@@ -2902,6 +2914,11 @@ void p3ChatService::receiveTurtleData(	RsTurtleGenericTunnelItem *gitem,const st
 	}
 	std::cerr << "   size = " << item->data_size << std::endl;
 	std::cerr << "   data = " << (void*)item->data_bytes << std::endl;
+	std::cerr << "     IV = " << std::hex << *(uint64_t*)item->data_bytes << std::dec << std::endl;
+	std::cerr << "   data = " ;
+
+	printBinaryData(item->data_bytes,item->data_size) ;
+	std::cerr << std::endl;
 
 	uint8_t aes_key[DISTANT_CHAT_AES_KEY_SIZE] ;
 
@@ -2926,8 +2943,11 @@ void p3ChatService::receiveTurtleData(	RsTurtleGenericTunnelItem *gitem,const st
 		std::cerr << "(EE) item encrypted data stream is too small: size = " << item->data_size << std::endl;
 		return ;
 	}
-	uint32_t decrypted_size ;
-	uint8_t *decrypted_data = new uint8_t[RsAES::get_buffer_size(item->data_size-8)];
+	uint32_t decrypted_size = RsAES::get_buffer_size(item->data_size-8);
+	uint8_t *decrypted_data = new uint8_t[decrypted_size];
+
+	std::cerr << "   Using IV: " << std::hex << *(uint64_t*)item->data_bytes << std::dec << std::endl;
+	std::cerr << "   Decrypted buffer size: " << decrypted_size << std::endl;
 
 	if(!RsAES::aes_decrypt_8_16((uint8_t*)item->data_bytes+8,item->data_size-8,aes_key,(uint8_t*)item->data_bytes,decrypted_data,decrypted_size))
 	{
@@ -2968,6 +2988,7 @@ void p3ChatService::sendTurtleData(RsChatItem *item)
 		delete[] buff ;
 		return ;
 	}
+	std::cerr << "     Serialized item has size " << rssize << std::endl;
 	
 	uint8_t aes_key[DISTANT_CHAT_AES_KEY_SIZE] ;
 	std::string virtual_peer_id ;
@@ -2995,6 +3016,8 @@ void p3ChatService::sendTurtleData(RsChatItem *item)
 
 	uint64_t IV = RSRandom::random_u64() ; // make a random 8 bytes IV
 
+	std::cerr << "   Using IV: " << std::hex << IV << std::dec << std::endl;
+
 	if(!RsAES::aes_crypt_8_16(buff,rssize,aes_key,(uint8_t*)&IV,encrypted_data,encrypted_size))
 	{
 		std::cerr << "(EE) packet encryption failed." << std::endl;
@@ -3018,6 +3041,11 @@ void p3ChatService::sendTurtleData(RsChatItem *item)
 	delete item ;
 
 	std::cerr << "p3ChatService::sendTurtleData(): Sending through virtual peer: " << virtual_peer_id << std::endl;
+	std::cerr << "   gitem->data_size = " << gitem->data_size << std::endl;
+	std::cerr << "   data = " ;
+
+	printBinaryData(gitem->data_bytes,gitem->data_size) ;
+	std::cerr << std::endl;
 
 	mTurtle->sendTurtleData(virtual_peer_id,gitem) ;
 }
diff --git a/libretroshare/src/tests/util/aes_test.cc b/libretroshare/src/tests/util/aes_test.cc
index 7123eff7d..18631de7f 100644
--- a/libretroshare/src/tests/util/aes_test.cc
+++ b/libretroshare/src/tests/util/aes_test.cc
@@ -67,7 +67,7 @@ int main(int argc,char *argv[])
 
 	std::cerr << "Testing AES crypt" << std::endl;
 
-	std::string source_string = "This is a very secret string ;-)" ;
+	std::string source_string = "This is a very secret string, but ultimately it will always be decyphered" ;
 	std::cerr << "Input string: length=" << source_string.length() << ", s=\"" << source_string << "\"" << std::endl;
 
 	unsigned char key_data[16] ;
@@ -76,19 +76,21 @@ int main(int argc,char *argv[])
 	for(int i=0;i<16;++i)
 		key_data[i] = lrand48() & 0xff ;
 
-	for(int i=0;i<50;++i)
+	for(int i=5;i<source_string.length();++i)
 	{
 		for(int j=0;j<8;++j)
 			salt[j] = lrand48() & 0xff ;
 
-		unsigned char output_data[source_string.size() + 16] ;
-		uint32_t output_data_length = source_string.size() + 16 ;
+		std::string S(source_string.c_str(),i) ;
 
-		CHECK(RsAES::aes_crypt_8_16( (const uint8_t*)source_string.c_str(),source_string.length(),key_data,salt,output_data,output_data_length)) ;
+		unsigned char output_data[S.size() + 16] ;
+		uint32_t output_data_length = S.size() + 16 ;
+
+		CHECK(RsAES::aes_crypt_8_16( (const uint8_t*)S.c_str(),S.length(),key_data,salt,output_data,output_data_length)) ;
 
 		std::cerr << "Round " << i << " salt=" ;
 		printHex(salt,8) ;
-		std::cerr << ": " << "output_length = " << output_data_length << ", encrypted string = " ;
+		std::cerr << ": real_length = " << S.length() << ", output_length = " << output_data_length << ", encrypted string = " ;
 		printHex(output_data,output_data_length) ;
 		std::cerr << std::endl;
 
@@ -101,7 +103,7 @@ int main(int argc,char *argv[])
 		printHex(output_data2,output_data_length2) ;
 		std::cerr << std::endl;
 	
-		CHECK(std::string( (const char *)output_data2,output_data_length2) == source_string) ;
+		CHECK(std::string( (const char *)output_data2,output_data_length2) == S) ;
 	}
 
 	FINALREPORT("AESTest") ;
diff --git a/libretroshare/src/turtle/rsturtleitem.cc b/libretroshare/src/turtle/rsturtleitem.cc
index 192ec0e90..9446e8686 100644
--- a/libretroshare/src/turtle/rsturtleitem.cc
+++ b/libretroshare/src/turtle/rsturtleitem.cc
@@ -534,7 +534,6 @@ RsTurtleGenericDataItem::RsTurtleGenericDataItem(void *data,uint32_t pktsize)
 	/* add mandatory parts first */
 
 	bool ok = true ;
-	uint32_t data_size = 0;
 
 	ok &= getRawUInt32(data, pktsize, &offset, &tunnel_id) ;
 	ok &= getRawUInt32(data, pktsize, &offset, &data_size);
diff --git a/libretroshare/src/util/rsaes.cc b/libretroshare/src/util/rsaes.cc
index 34a59a68f..a7eeec85c 100644
--- a/libretroshare/src/util/rsaes.cc
+++ b/libretroshare/src/util/rsaes.cc
@@ -23,6 +23,7 @@
  *
  */
 
+#include <iostream>
 #include <openssl/evp.h>
 #include <openssl/aes.h>
 
@@ -65,10 +66,18 @@ bool RsAES::aes_crypt_8_16(const uint8_t *input_data,uint32_t input_data_length,
 	/* update ciphertext, c_len is filled with the length of ciphertext generated,
 	 *len is the size of plaintext in bytes */
 
-	EVP_EncryptUpdate(&e_ctx, output_data, &c_len, input_data, input_data_length);
+	if(!EVP_EncryptUpdate(&e_ctx, output_data, &c_len, input_data, input_data_length))
+	{
+		std::cerr << "RsAES: decryption failed at end. Check padding." << std::endl;
+		return false ;
+	}
 
 	/* update ciphertext with the final remaining bytes */
-	EVP_EncryptFinal_ex(&e_ctx, output_data+c_len, &f_len);
+	if(!EVP_EncryptFinal_ex(&e_ctx, output_data+c_len, &f_len))
+	{
+		std::cerr << "RsAES: decryption failed at end. Check padding." << std::endl;
+		return false ;
+	}
 
 	output_data_length = c_len + f_len;
 
@@ -109,10 +118,18 @@ bool RsAES::aes_decrypt_8_16(const uint8_t *input_data,uint32_t input_data_lengt
 	/* update ciphertext, c_len is filled with the length of ciphertext generated,
 	 *len is the size of plaintext in bytes */
 
-	EVP_DecryptUpdate(&e_ctx, output_data, &c_len, input_data, input_data_length);
+	if(! EVP_DecryptUpdate(&e_ctx, output_data, &c_len, input_data, input_data_length))
+	{
+		std::cerr << "RsAES: decryption failed." << std::endl;
+		return false ;
+	}
 
 	/* update ciphertext with the final remaining bytes */
-	EVP_DecryptFinal_ex(&e_ctx, output_data+c_len, &f_len);
+	if(!EVP_DecryptFinal_ex(&e_ctx, output_data+c_len, &f_len))
+	{
+		std::cerr << "RsAES: decryption failed at end. Check padding." << std::endl;
+		return false ;
+	}
 
 	output_data_length = c_len + f_len;