summary refs log tree commit diff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2013-12-20 00:36:26 +0100
committerLudovic Courtès <ludo@gnu.org>2013-12-20 00:36:26 +0100
commit3476ded934dc0beab1801d7fcdcc37b5c17bbf01 (patch)
tree0bfb72b8a75e44c7dea729ce8211f6caa10de94b
parentb1aa25be00c58285c61d9bb25afa7885269e98c9 (diff)
downloadguix-3476ded934dc0beab1801d7fcdcc37b5c17bbf01.tar.gz
Add (guix pk-crypto).
* guix/pk-crypto.scm, tests/pk-crypto.scm: New files.
* Makefile.am (MODULES, SCM_TESTS): Add them.
-rw-r--r--Makefile.am2
-rw-r--r--guix/pk-crypto.scm167
-rw-r--r--tests/pk-crypto.scm106
3 files changed, 275 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am
index eb278a76e9..2db77d57f3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -30,6 +30,7 @@ MODULES =					\
   guix/base32.scm				\
   guix/records.scm				\
   guix/hash.scm					\
+  guix/pk-crypto.scm				\
   guix/utils.scm				\
   guix/download.scm				\
   guix/monads.scm				\
@@ -107,6 +108,7 @@ clean-go:
 SCM_TESTS =					\
   tests/base32.scm				\
   tests/hash.scm				\
+  tests/pk-crypto.scm				\
   tests/builders.scm				\
   tests/derivations.scm				\
   tests/ui.scm					\
diff --git a/guix/pk-crypto.scm b/guix/pk-crypto.scm
new file mode 100644
index 0000000000..9d093b34b0
--- /dev/null
+++ b/guix/pk-crypto.scm
@@ -0,0 +1,167 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (guix pk-crypto)
+  #:use-module (guix config)
+  #:use-module ((guix utils) #:select (bytevector->base16-string))
+  #:use-module (system foreign)
+  #:use-module (rnrs bytevectors)
+  #:use-module (ice-9 match)
+  #:export (gcry-sexp?
+            string->gcry-sexp
+            gcry-sexp->string
+            number->gcry-sexp
+            bytevector->hash-data
+            sign
+            verify
+            generate-key
+            find-sexp-token))
+
+
+;;; Commentary:
+;;;
+;;; Public key cryptographic routines from GNU Libgcrypt.
+;;;;
+;;; Libgcrypt uses s-expressions to represent key material, parameters, and
+;;; data.  We keep it as an opaque object rather than attempting to map them
+;;; to Scheme s-expressions because (1) Libgcrypt sexps are stored in secure
+;;; memory, and (2) the read syntax is different.
+;;;
+;;; Code:
+
+;; Libgcrypt "s-expressions".
+(define-wrapped-pointer-type <gcry-sexp>
+  gcry-sexp?
+  naked-pointer->gcry-sexp
+  gcry-sexp->pointer
+  (lambda (obj port)
+    ;; Don't print OBJ's external representation: we don't want key material
+    ;; to leak in backtraces and such.
+    (format port "#<gcry-sexp ~a | ~a>"
+            (number->string (object-address obj) 16)
+            (number->string (pointer-address (gcry-sexp->pointer obj))
+                            16))))
+
+(define libgcrypt-func
+  (let ((lib (dynamic-link %libgcrypt)))
+    (lambda (func)
+      "Return a pointer to symbol FUNC in libgcrypt."
+      (dynamic-func func lib))))
+
+(define finalize-gcry-sexp!
+  (libgcrypt-func "gcry_sexp_release"))
+
+(define-inlinable (pointer->gcry-sexp ptr)
+  "Return a <gcry-sexp> that wraps PTR."
+  (let* ((sexp (naked-pointer->gcry-sexp ptr))
+         (ptr* (gcry-sexp->pointer sexp)))
+    ;; Did we already have a <gcry-sexp> object for PTR?
+    (when (equal? ptr ptr*)
+      ;; No, so we can safely add a finalizer (in Guile 2.0.9
+      ;; 'set-pointer-finalizer!' *adds* a finalizer rather than replacing the
+      ;; existing one.)
+      (set-pointer-finalizer! ptr finalize-gcry-sexp!))
+    sexp))
+
+(define string->gcry-sexp
+  (let* ((ptr  (libgcrypt-func "gcry_sexp_new"))
+         (proc (pointer->procedure int ptr `(* * ,size_t ,int))))
+    (lambda (str)
+      "Parse STR and return the corresponding gcrypt s-expression."
+      (let* ((sexp (bytevector->pointer (make-bytevector (sizeof '*))))
+             (err  (proc sexp (string->pointer str) 0 1)))
+        (if (= 0 err)
+            (pointer->gcry-sexp (dereference-pointer sexp))
+            (throw 'gcry-error err))))))
+
+(define-syntax GCRYSEXP_FMT_ADVANCED
+  (identifier-syntax 3))
+
+(define gcry-sexp->string
+  (let* ((ptr  (libgcrypt-func "gcry_sexp_sprint"))
+         (proc (pointer->procedure size_t ptr `(* ,int * ,size_t))))
+    (lambda (sexp)
+      "Return a textual representation of SEXP."
+      (let loop ((len 1024))
+        (let* ((buf  (bytevector->pointer (make-bytevector len)))
+               (size (proc (gcry-sexp->pointer sexp)
+                           GCRYSEXP_FMT_ADVANCED buf len)))
+          (if (zero? size)
+              (loop (* len 2))
+              (pointer->string buf size "ISO-8859-1")))))))
+
+(define (number->gcry-sexp number)
+  "Return an s-expression representing NUMBER."
+  (string->gcry-sexp (string-append "#" (number->string number 16) "#")))
+
+(define* (bytevector->hash-data bv #:optional (hash-algo "sha256"))
+  "Given BV, a bytevector containing a hash, return an s-expression suitable
+for use as the data for 'sign'."
+  (string->gcry-sexp
+   (format #f "(data (flags pkcs1) (hash \"~a\" #~a#))"
+           hash-algo
+           (bytevector->base16-string bv))))
+
+(define sign
+  (let* ((ptr  (libgcrypt-func "gcry_pk_sign"))
+         (proc (pointer->procedure int ptr '(* * *))))
+    (lambda (data secret-key)
+      "Sign DATA (an s-expression) with SECRET-KEY (an s-expression whose car
+is 'private-key'.)"
+      (let* ((sig (bytevector->pointer (make-bytevector (sizeof '*))))
+             (err (proc sig (gcry-sexp->pointer data)
+                        (gcry-sexp->pointer secret-key))))
+        (if (= 0 err)
+            (pointer->gcry-sexp (dereference-pointer sig))
+            (throw 'gry-error err))))))
+
+(define verify
+  (let* ((ptr  (libgcrypt-func "gcry_pk_verify"))
+         (proc (pointer->procedure int ptr '(* * *))))
+    (lambda (signature data public-key)
+      "Verify that SIGNATURE is a signature of DATA with PUBLIC-KEY, all of
+which are gcrypt s-expressions."
+      (zero? (proc (gcry-sexp->pointer signature)
+                   (gcry-sexp->pointer data)
+                   (gcry-sexp->pointer public-key))))))
+
+(define generate-key
+  (let* ((ptr  (libgcrypt-func "gcry_pk_genkey"))
+         (proc (pointer->procedure int ptr '(* *))))
+    (lambda (params)
+      "Return as an s-expression a new key pair for PARAMS.  PARAMS must be an
+s-expression like: (genkey (rsa (nbits 4:2048)))."
+      (let* ((key (bytevector->pointer (make-bytevector (sizeof '*))))
+             (err (proc key (gcry-sexp->pointer params))))
+        (if (zero? err)
+            (pointer->gcry-sexp (dereference-pointer key))
+            (throw 'gcry-error err))))))
+
+(define find-sexp-token
+  (let* ((ptr  (libgcrypt-func "gcry_sexp_find_token"))
+         (proc (pointer->procedure '* ptr `(* * ,size_t))))
+    (lambda (sexp token)
+      "Find in SEXP the first element whose 'car' is TOKEN and return it;
+return #f if not found."
+      (let* ((token (string->pointer (symbol->string token)))
+             (res   (proc (gcry-sexp->pointer sexp) token 0)))
+        (if (null-pointer? res)
+            #f
+            (pointer->gcry-sexp res))))))
+
+;;; pk-crypto.scm ends here
diff --git a/tests/pk-crypto.scm b/tests/pk-crypto.scm
new file mode 100644
index 0000000000..1acce13f0a
--- /dev/null
+++ b/tests/pk-crypto.scm
@@ -0,0 +1,106 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (test-pk-crypto)
+  #:use-module (guix pk-crypto)
+  #:use-module (guix utils)
+  #:use-module (guix hash)
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-64)
+  #:use-module (rnrs bytevectors)
+  #:use-module (rnrs io ports)
+  #:use-module (ice-9 match))
+
+;; Test the (guix pk-crypto) module.
+
+(define %key-pair
+  ;; Key pair that was generated with:
+  ;;   (generate-key (string->gcry-sexp "(genkey (rsa (nbits 4:1024)))"))
+  ;; which takes a bit of time.
+  "(key-data
+    (public-key
+     (rsa
+      (n #00C1F764069F54FFE93A126B02328903E984E4AE3AF6DF402B5B6B3907911B88C385F1BA76A002EC9DEA109A5228EF0E62EE31A06D1A5861CAB474F6C857AC66EB65A1905F25BBA1869579E73A3B7FED13AF5A1667326F88CDFC2FF24B03C14FD1384AA7E73CA89572880B606E3A974E15347963FC7B6378574936A47580DBCB45#)
+      (e #010001#)))
+    (private-key
+     (rsa
+      (n #00C1F764069F54FFE93A126B02328903E984E4AE3AF6DF402B5B6B3907911B88C385F1BA76A002EC9DEA109A5228EF0E62EE31A06D1A5861CAB474F6C857AC66EB65A1905F25BBA1869579E73A3B7FED13AF5A1667326F88CDFC2FF24B03C14FD1384AA7E73CA89572880B606E3A974E15347963FC7B6378574936A47580DBCB45#)
+      (e #010001#)
+      (d #58CAD84653D0046A8EC3F9AA82D9C829B145422109FC3F12DA01A694B92FA296E70D366FB166454D30E632CEE3A033B4C41781BA10325F69FCDC0250CA19C8EEB352FA085992494098DB133E682ED38A931701F0DED1A1E508F4341A4FB446A04F019427C7CB3C44F251EEA9D386100DA80F125E0FD5CE1B0DFEC6D21516EACD#)
+      (p #00D47F185147EC39393CCDA4E7323FFC20FC8B8073E2A54DD63BA392A66975E4204CA48572496A9DFD7522436B852C07472A5AB25B7706F7C14E6F33FBC420FF3B#)
+      (q #00E9AD22F158060BC9AE3601DA623AFC60FFF3058795802CA92371C00097335CF9A23D7782DE353C9DBA93D7BB99E6A24A411107605E722481C5C191F80D7EB77F#)
+      (u #59B45B95AE01A7A7370FAFDB08FE73A4793CE37F228961B09B1B1E7DDAD9F8D3E28F5C5E8B4B067E6B8E0BBF3F690B42991A79E46108DDCDA2514323A66964DE#))))")
+
+(test-begin "pk-crypto")
+
+(let ((sexps '("(foo bar)" "#C0FFEE#"
+               "(genkey \n (rsa \n  (nbits \"1024\")\n  )\n )")))
+  (test-equal "string->gcry-sexp->string"
+    sexps
+    (let ((sexps (map string->gcry-sexp sexps)))
+      (and (every gcry-sexp? sexps)
+           (map (compose string-trim-both gcry-sexp->string) sexps)))))
+
+(gc)                                              ; stress test!
+
+(let ((sexps `(("(foo bar)" foo -> "(foo bar)")
+               ("(foo (bar (baz 3:123)))" baz -> "(baz \"123\")")
+               ("(foo (bar 3:123))" baz -> #f))))
+  (test-equal "find-sexp-token"
+    (map (match-lambda
+          ((_ _ '-> expected)
+           expected))
+         sexps)
+    (map (match-lambda
+          ((input token '-> _)
+           (let ((sexp (find-sexp-token (string->gcry-sexp input) token)))
+             (and sexp
+                  (string-trim-both (gcry-sexp->string sexp))))))
+         sexps)))
+
+(gc)
+
+;; XXX: The test below is typically too long as it needs to gather enough entropy.
+
+;; (test-assert "generate-key"
+;;   (let ((key (generate-key (string->gcry-sexp
+;;                             "(genkey (rsa (nbits 3:128)))"))))
+;;     (and (gcry-sexp? key)
+;;          (find-sexp-token key 'key-data)
+;;          (find-sexp-token key 'public-key)
+;;          (find-sexp-token key 'private-key))))
+
+(test-assert "sign + verify"
+  (let* ((pair   (string->gcry-sexp %key-pair))
+         (secret (find-sexp-token pair 'private-key))
+         (public (find-sexp-token pair 'public-key))
+         (data   (bytevector->hash-data
+                  (sha256 (string->utf8 "Hello, world."))))
+         (sig    (sign data secret)))
+    (and (verify sig data public)
+         (not (verify sig
+                      (bytevector->hash-data
+                       (sha256 (string->utf8 "Hi!")))
+                      public)))))
+
+(gc)
+
+(test-end)
+
+
+(exit (= (test-runner-fail-count (test-runner-current)) 0))