Vendor lock-in or let's have some fun with libucrypto
So one of the new features of Solaris 11.4 is the libucrypto library. They sell it as:
a lightweight library that provides access to hardware accelerated cryptography
Sadly the documentation is... scarce. The only opensource program that seems to be using it is Java.
Anyway, let's code a small sample RC4 (don't ever use RC4 for real world crypto!) program today and verify the cipher text against a known-good test vector. And yes, the plain text input is all zeros.
$ cat ucrypto_rc4.c #include <libucrypto.h> #include <assert.h> #include <stdio.h> #include <strings.h> // memcmp() // https://tools.ietf.org/html/rfc6229 static const uchar_t key_str[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 }; static const uchar_t tv3_out[] = { 0x97, 0xab, 0x8a, 0x1b, 0xf0, 0xaf, 0xb9, 0x61, 0x32, 0xf2, 0xf6, 0x72, 0x58, 0xda, 0x15, 0xa8, 0x82, 0x63, 0xef, 0xdb, 0x45, 0xc4, 0xa1, 0x86, 0x84, 0xef, 0x87, 0xe6, 0xb1, 0x9e, 0x5b, 0x09 }; int main(void) { const ucrypto_mech_t mech = CRYPTO_RC4; int rv = CRYPTO_FAILED; int ret = -1; size_t out_len = sizeof(tv3_out); uchar_t in[out_len]; memset(&in, 0x0, sizeof(in)); uchar_t out[out_len]; memset(&out, 0x1, sizeof(out)); printf("RFC 6229 key: 0x0102030405060708\n"); rv = ucrypto_encrypt(mech, key_str, sizeof(key_str), NULL, 0, in, sizeof(in), out, &out_len); //printf("errror is %s\n", ucrypto_strerror(rv)); assert(rv == CRYPTO_SUCCESS); ret = memcmp(out, tv3_out, sizeof(tv3_out)); assert(ret == 0); printf("All tests passed\n"); return 0; } $ cc -m64 -Wall ucrypto_rc4.c -lucrypto $ ./a.out RFC 6229 key: 0x0102030405060708 All tests passed
Well I'm pretty sure it would be more lines of code with OpenSSL. I'd still advice to use NaCL or OpenSSL though. And please don't use RC4 for anything anymore!
Links
- What's New in Oracle Solaris 11.4
- Test Vectors for the Stream Cipher RC4
- libucrypto(3lib)
- libucrypto_encrypt(3lib)
- libucrypto_util(3lib)
- JDK 10 libj2ucrypto source
- NaCl: Networking and Cryptography library
No comments:
Post a Comment