[Botan-devel] Key management issue

Bala Narasimhan balasn at gmail.com
Tue Apr 14 14:27:22 EDT 2009


Below is a test program I wrote up with Botan. The idea is as follows:
(1) Parent process P1 creates an mmap'ed region in SHARED mode.
(2) It creates a bunch of SymmetricKeys and InitializationVectors and stores
them into the region created in (1) above.
(3) The child process tries to interpret the values stored by the parent.

(3) fails. When I print out as_string() in the context of the child I get a
bunch of zeroes. This is in contrast to the parent when if I print out the
as_string() representation of the keys I get what seem like sane values.

Can someone tell me what I am doing wrong? I appreciate the help.

#include <iostream>
#include <botan/botan.h>
#include <botan/aes.h>
#include <botan/s2k.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <assert.h>

using namespace Botan;
using namespace std;

void Encrypt();
void Decrypt();

void *sharedmem = NULL;
int main()
{
  int ret;
  LibraryInitializer init;
  sharedmem = mmap(NULL, 8192, PROT_READ|PROT_WRITE,
MAP_SHARED|MAP_ANONYMOUS, 0, 0);
  assert(sharedmem != NULL);

  if ((ret = fork()) == 0) {
    sleep(10);
    Decrypt();
  } else {
    int i;
    Encrypt();
    wait(&i);
  }
}

void Encrypt(void)
{
  string m1 =
"315CA131FC134659C275F929A63CBF0E198A8E08283657820E85A314056563B2480FDA1378949DBCE38A2C54E523BEFD";
  SymmetricKey masterkey(m1);

  KDF *kdf = get_kdf("KDF2(SHA-1)");
  SymmetricKey blockkey = kdf->derive_key(32, masterkey.bits_of(), "cipher
b");
  InitializationVector blockiv = kdf->derive_key(16, masterkey.bits_of(),
"cipher iv");


  SymmetricKey *k = (SymmetricKey *) new(sharedmem) SymmetricKey(blockkey);
  InitializationVector *v = (InitializationVector *) new(k + 1)
InitializationVector(blockiv);

  cout<<"Encrypt: k "<<k->as_string()<<endl;
  cout << "Encrypt: iv "<<v->as_string()<<endl;
}

void Decrypt(void)
{

  SymmetricKey *k = (SymmetricKey *)sharedmem;
  InitializationVector *v =  (InitializationVector *)(k+1);
  cout<<"Decrypt: k "<<k<<endl;
  cout << "Decrypt: key "<<k->as_string()<<endl;
  cout << "Decrypt: iv "<<v->as_string()<<endl;

}


-- 
- Bala
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/botan-devel/attachments/20090414/088ecc59/attachment.html>


More information about the botan-devel mailing list