diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6936addb3..2e5366079 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -6,7 +6,8 @@ include_directories(..)
-add_executable(testeth ${SRC_LIST})
+file(GLOB HEADERS "*.h")
+add_executable(testeth ${SRC_LIST} ${HEADERS})
target_link_libraries(testeth ethereum)
target_link_libraries(testeth ethcore)
diff --git a/TestHelperCrypto.h b/TestHelperCrypto.h
new file mode 100644
index 000000000..6feeeb97f
--- /dev/null
+++ b/TestHelperCrypto.h
@@ -0,0 +1,56 @@
+ This file is part of cpp-ethereum.
+ cpp-ethereum is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ cpp-ethereum is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ GNU General Public License for more details.
+ You should have received a copy of the GNU General Public License
+ along with cpp-ethereum. If not, see .
+ */
+/** @file TestHelperCrypto.h
+ * @author Alex Leverington
+ * @date 2014
+ */
+#pragma once
+using namespace std;
+using namespace CryptoPP;
+void SavePrivateKey(const PrivateKey& key, const string& file = "ecies.private.key")
+ FileSink sink(file.c_str());
+ key.Save(sink);
+void SavePublicKey(const PublicKey& key, const string& file = "ecies.public.key")
+ FileSink sink(file.c_str());
+ key.Save(sink);
+void LoadPrivateKey(PrivateKey& key, const string& file = "ecies.private.key")
+ FileSource source(file.c_str(), true);
+ key.Load(source);
+void LoadPublicKey(PublicKey& key, const string& file = "ecies.public.key")
+ FileSource source(file.c_str(), true);
+ key.Load(source);
diff --git a/crypto.cpp b/crypto.cpp
index ebe3f81aa..e71ee2285 100644
--- a/crypto.cpp
+++ b/crypto.cpp
@@ -27,13 +27,170 @@
+#include "TestHelperCrypto.h"
using namespace std;
using namespace dev;
-using namespace dev::eth;
+namespace dev
+namespace crypto
+inline CryptoPP::AutoSeededRandomPool& PRNG() {
+ static CryptoPP::AutoSeededRandomPool prng;
+ return prng;
+using namespace CryptoPP;
+ cnote << "Testing cryptopp_ecies_message...";
+ string const message("Now is the time for all good men to come to the aide of humanity.");
+ AutoSeededRandomPool prng;
+ ECIES::Decryptor localDecryptor(prng, ASN1::secp256r1());
+ SavePrivateKey(localDecryptor.GetPrivateKey());
+ ECIES::Encryptor localEncryptor(localDecryptor);
+ SavePublicKey(localEncryptor.GetPublicKey());
+ ECIES::Decryptor futureDecryptor;
+ LoadPrivateKey(futureDecryptor.AccessPrivateKey());
+ futureDecryptor.GetPrivateKey().ThrowIfInvalid(prng, 3);
+ ECIES::Encryptor futureEncryptor;
+ LoadPublicKey(futureEncryptor.AccessPublicKey());
+ futureEncryptor.GetPublicKey().ThrowIfInvalid(prng, 3);
+ // encrypt/decrypt with local
+ string cipherLocal;
+ StringSource ss1 (message, true, new PK_EncryptorFilter(prng, localEncryptor, new StringSink(cipherLocal) ) );
+ string plainLocal;
+ StringSource ss2 (cipherLocal, true, new PK_DecryptorFilter(prng, localDecryptor, new StringSink(plainLocal) ) );
+ // encrypt/decrypt with future
+ string cipherFuture;
+ StringSource ss3 (message, true, new PK_EncryptorFilter(prng, futureEncryptor, new StringSink(cipherFuture) ) );
+ string plainFuture;
+ StringSource ss4 (cipherFuture, true, new PK_DecryptorFilter(prng, futureDecryptor, new StringSink(plainFuture) ) );
+ // decrypt local w/future
+ string plainFutureFromLocal;
+ StringSource ss5 (cipherLocal, true, new PK_DecryptorFilter(prng, futureDecryptor, new StringSink(plainFutureFromLocal) ) );
+ // decrypt future w/local
+ string plainLocalFromFuture;
+ StringSource ss6 (cipherFuture, true, new PK_DecryptorFilter(prng, localDecryptor, new StringSink(plainLocalFromFuture) ) );
+ assert(plainLocal == message);
+ assert(plainFuture == plainLocal);
+ assert(plainFutureFromLocal == plainLocal);
+ assert(plainLocalFromFuture == plainLocal);
+ cnote << "Testing cryptopp_ecdh_prime...";
+ using namespace CryptoPP;
+ OID curve = ASN1::secp256r1();
+ ECDH::Domain dhLocal(curve);
+ SecByteBlock privLocal(dhLocal.PrivateKeyLength());
+ SecByteBlock pubLocal(dhLocal.PublicKeyLength());
+ dhLocal.GenerateKeyPair(dev::crypto::PRNG(), privLocal, pubLocal);
+ ECDH::Domain dhRemote(curve);
+ SecByteBlock privRemote(dhRemote.PrivateKeyLength());
+ SecByteBlock pubRemote(dhRemote.PublicKeyLength());
+ dhRemote.GenerateKeyPair(dev::crypto::PRNG(), privRemote, pubRemote);
+ assert(dhLocal.AgreedValueLength() == dhRemote.AgreedValueLength());
+ // local: send public to remote; remote: send public to local
+ // Local
+ SecByteBlock sharedLocal(dhLocal.AgreedValueLength());
+ assert(dhLocal.Agree(sharedLocal, privLocal, pubRemote));
+ // Remote
+ SecByteBlock sharedRemote(dhRemote.AgreedValueLength());
+ assert(dhRemote.Agree(sharedRemote, privRemote, pubLocal));
+ // Test
+ Integer ssLocal, ssRemote;
+ ssLocal.Decode(sharedLocal.BytePtr(), sharedLocal.SizeInBytes());
+ ssRemote.Decode(sharedRemote.BytePtr(), sharedRemote.SizeInBytes());
+ assert(ssLocal != 0);
+ assert(ssLocal == ssRemote);
+ // ECDH gives 256-bit shared while aes uses 128-bits
+ // Use first 128-bits of shared secret as symmetric key
+ // IV is 0
+ // New connections require new ECDH keypairs
+ // Initial Authentication:
+ //
+ // New/Known Peer:
+ // pubkeyL = knownR? ? myKnown : myECDH
+ // pubkeyR = knownR? ? theirKnown : theirECDH
+ //
+ // Initial message = hmac(k=sha3(shared-secret[128..255]), address(pubkeyL)) || ECIES encrypt(pubkeyR, pubkeyL)
+ //
+ // Key Exchange (this could occur after handshake messages):
+ // If peers do not know each other they will need to exchange public keys.
+ //
+ // Drop ECDH (this could occur after handshake messages):
+ // After authentication and/or key exchange, both sides generate shared key
+ // from their 'known' keys and use this to encrypt all future messages.
+ //
+ // v2: If one side doesn't trust the other then a single-use key maybe sent.
+ // This will need to be tracked for future connections; when non-trusting peer
+ // wants to trust the other, it can request that it's old, 'new', public key be
+ // accepted. And, if the peer *really* doesn't trust the other side, it can request
+ // that a new, 'new', public key be accepted.
+ //
+ // Handshake (all or nothing, padded):
+ // All Peers (except blacklisted):
+ //
+ //
+ // New Peer:
+ //
+ //
+ // Known Untrusted Peer:
+ //
+ //
+ // Known Trusted Peer:
+ //
+ //
+ // Blacklisted Peeer:
+ // Already dropped by now.
+ //
+ //
+ // MAC:
+ // ...
cnote << "Testing Crypto...";
@@ -42,7 +199,7 @@ BOOST_AUTO_TEST_CASE(crypto_tests)
BOOST_REQUIRE(p.pub() == Public(fromHex("97466f2b32bc3bb76d4741ae51cd1d8578b48d3f1e68da206d47321aec267ce78549b514e4453d74ef11b0cd5e4e4c364effddac8b51bcfc8de80682f952896f")));
BOOST_REQUIRE(p.address() == Address(fromHex("8a40bfaa73256b60764c1bf40675a99083efb075")));
- Transaction t;
+ eth::Transaction t;
t.nonce = 0;
t.receiveAddress = h160(fromHex("944400f4b88ac9589a0f17ed4671da26bddb668b"));
t.value = 1000;
@@ -70,7 +227,7 @@ int cryptoTest()
assert(p.pub() == Public(fromHex("97466f2b32bc3bb76d4741ae51cd1d8578b48d3f1e68da206d47321aec267ce78549b514e4453d74ef11b0cd5e4e4c364effddac8b51bcfc8de80682f952896f")));
assert(p.address() == Address(fromHex("8a40bfaa73256b60764c1bf40675a99083efb075")));
- Transaction t;
+ eth::Transaction t;
t.nonce = 0;
t.receiveAddress = h160(fromHex("944400f4b88ac9589a0f17ed4671da26bddb668b"));
t.value = 1000;
@@ -156,3 +313,5 @@ int cryptoTest()
return 0;