anandatul144/DIMA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Keygen working

Browse Source
This commit is contained in:
atul.jha 2021-01-13 10:55:08 +01:00
parent 84f36c4292
commit 0d6dbbae93
7 changed files with 229 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
trial4/KeyGen.c
View File

@ -37,6 +37,8 @@ Every key derivation should start with a new KD contxt
**/ **/
/* /*
/////////////////////////////////////TODO////////////////////
void cleanup() void cleanup()
{ {
mbedtls_entropy_free(&entropyCtx); mbedtls_entropy_free(&entropyCtx);
@ -133,19 +135,8 @@ DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx)
if(DEBUG) if(DEBUG)
printf("PASS 1\n"); printf("PASS 1\n");
mbedtls_pk_context key_ctx; mbedtls_pk_context pkey_ctx;
mbedtls_pk_init(&key_ctx); mbedtls_pk_init(&pkey_ctx);
/*
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
mbedtls_mpi_init( &N );
mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q );
mbedtls_mpi_init( &D );
mbedtls_mpi_init( &E );
mbedtls_mpi_init( &DP );
mbedtls_mpi_init( &DQ );
mbedtls_mpi_init( &QP );
*/
//assign entropy source and derive seed for key gen //assign entropy source and derive seed for key gen
@ -207,7 +198,7 @@ if(DEBUG)
if(KD_ctx->PKC_MODE == isECC) if(KD_ctx->PKC_MODE == isECC)
{ {
ret = mbedtls_pk_setup(&key_ctx,mbedtls_pk_info_from_type((mbedtls_pk_type_t)MBEDTLS_PK_ECKEY)); ret = mbedtls_pk_setup(&pkey_ctx,mbedtls_pk_info_from_type((mbedtls_pk_type_t)MBEDTLS_PK_ECKEY));
if(ret < DIMASUCCESS) if(ret < DIMASUCCESS)
{ {
perror("DIMAPKFAILURE\n"); perror("DIMAPKFAILURE\n");
@ -215,7 +206,7 @@ if(DEBUG)
exit(DIMAPKFAILURE); exit(DIMAPKFAILURE);
} }
ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) ECC_CURVE, mbedtls_pk_ec( key_ctx ), ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) ECC_CURVE, mbedtls_pk_ec( pkey_ctx ),
mbedtls_ctr_drbg_random, &drbgCtx ); mbedtls_ctr_drbg_random, &drbgCtx );
if(ret < DIMASUCCESS) if(ret < DIMASUCCESS)
{ {
@ -224,9 +215,9 @@ if(DEBUG)
exit(DIMAECCFAILURE); exit(DIMAECCFAILURE);
} }
if( mbedtls_pk_get_type( &key_ctx ) == MBEDTLS_PK_ECKEY ) if( mbedtls_pk_get_type( &pkey_ctx ) == MBEDTLS_PK_ECKEY )
{ {
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key_ctx ); mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pkey_ctx );
if(DEBUG) if(DEBUG)
{ {
printf( "curve: %s\n", mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name ); printf( "curve: %s\n", mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name );
@ -259,7 +250,7 @@ if(DEBUG)
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &DQ );
mbedtls_mpi_init( &QP ); mbedtls_mpi_init( &QP );
ret = mbedtls_pk_setup(&key_ctx, mbedtls_pk_info_from_type((mbedtls_pk_type_t) MBEDTLS_PK_RSA)); ret = mbedtls_pk_setup(&pkey_ctx, mbedtls_pk_info_from_type((mbedtls_pk_type_t) MBEDTLS_PK_RSA));
if(ret < DIMASUCCESS) if(ret < DIMASUCCESS)
{ {
perror("DIMAPKFAILURE\n"); perror("DIMAPKFAILURE\n");
@ -267,7 +258,7 @@ if(DEBUG)
exit(DIMAPKFAILURE); exit(DIMAPKFAILURE);
} }
ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key_ctx ), mbedtls_ctr_drbg_random, &drbgCtx, RSA_SIZE, RSA_EXP ); ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( pkey_ctx ), mbedtls_ctr_drbg_random, &drbgCtx, RSA_SIZE, RSA_EXP );
if(ret < DIMASUCCESS) if(ret < DIMASUCCESS)
{ {
perror("DIMARSAFAILURE\n"); perror("DIMARSAFAILURE\n");
@ -275,9 +266,9 @@ if(DEBUG)
exit(DIMARSAFAILURE); exit(DIMARSAFAILURE);
} }
if( mbedtls_pk_get_type( &key_ctx ) == MBEDTLS_PK_RSA ) if( mbedtls_pk_get_type( &pkey_ctx ) == MBEDTLS_PK_RSA )
{ {
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key_ctx ); mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pkey_ctx );
if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 )
@ -306,12 +297,150 @@ if(DEBUG)
exit(DIMAINVALIDSTATE); exit(DIMAINVALIDSTATE);
} }
ret = WritePrivKey(KD_ctx,&pkey_ctx);
ret = WritePubKey(KD_ctx, &pkey_ctx);
////////////////////////////TODO///////////////////////////
//free block //free block
return DIMASUCCESS; return DIMASUCCESS;
} }
//#define DFL_PUB "keys/DID_pub." DFL_FORM
//#define DFL_PRIV "SecureStorage/DID_priv" DFL_FORM
DIMASTATUS WritePrivKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * pkey_ctx)
{
DIMASTATUS ret = 0;
int i = 0;
size_t len;
FILE *fp;
unsigned char dest_file[50];
unsigned char * outbuf = calloc(1,sizeof(unsigned char)*KEY_BUF_SIZE);
if(strcmp(KD_ctx -> phrase, IDENTITY))
{
if(DEBUG)
{
printf("Private DID key should be stored only inside secure storage.\n");
}
//codeblock to check existance of SS.
//return with warning otherwise
//exit?
//////////////////////////////TODO///////////////////
strcpy(dest_file,"SecureStorage/");
}
else
{
strcpy(dest_file,"keys/");
}
printf("%s,%s\n",KD_ctx->phrase,IDENTITY );
strcat(dest_file, KD_ctx->phrase);
strcat(dest_file, "_priv");
if(KD_ctx->KEY_FORM == PEM)
{
strcat(dest_file, ".pem");
//write pem does not return no of bytes written....stupid
len = mbedtls_pk_write_key_pem(pkey_ctx, outbuf, KEY_BUF_SIZE);
if(len < 0)
{
perror("DIMAOUTPUTERROR:");
return(DIMAOUTPUTERROR);
}
}
else if(KD_ctx->KEY_FORM == DER)
{
strcat(dest_file, ".der");
len = mbedtls_pk_write_key_der(pkey_ctx, outbuf, KEY_BUF_SIZE);
if(len < 0)
{
perror("DIMAOUTPUTERROR:");
return(DIMAOUTPUTERROR);
}
}
else
{
perror("DIMAINVALIDSTATE : Check key format in Key Derivation struct\n");
//cleanup();
exit(DIMAINVALIDSTATE);
}
len = strlen( (char *) outbuf );
if( ( fp = fopen( dest_file, "w" ) ) == NULL )
{
perror("DIMAOUTPUTERROR: ");
return(DIMAOUTPUTERROR);
}
fwrite( outbuf, 1, len, fp );
fclose( fp );
return(DIMASUCCESS);
}
DIMASTATUS WritePubKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * pkey_ctx)
{
DIMASTATUS ret = 0;
int i = 0;
size_t len;
FILE * fp;
unsigned char dest_file[50];
unsigned char * outbuf = calloc(1,sizeof(unsigned char)*KEY_BUF_SIZE);
strcpy(dest_file,"keys/");
strcat(dest_file, KD_ctx->phrase);
strcat(dest_file, "_pub");
if(KD_ctx->KEY_FORM == PEM)
{
strcat(dest_file, ".pem");
//write pem does not return no of bytes written....stupid
len = mbedtls_pk_write_pubkey_pem(pkey_ctx, outbuf, KEY_BUF_SIZE);
if(len < 0)
{
perror("DIMAOUTPUTERROR:");
return(DIMAOUTPUTERROR);
}
}
else if(KD_ctx->KEY_FORM == DER)
{
strcat(dest_file, ".der");
len = mbedtls_pk_write_pubkey_der(pkey_ctx, outbuf, KEY_BUF_SIZE);
if(len < 0)
{
perror("DIMAOUTPUTERROR:");
return(DIMAOUTPUTERROR);
}
}
else
{
perror("DIMAINVALIDSTATE : Check key format in Key Derivation struct\n");
//cleanup();
exit(DIMAINVALIDSTATE);
}
len = strlen( (char *) outbuf );
if( ( fp = fopen( dest_file, "w" ) ) == NULL )
{
perror("DIMAOUTPUTERROR: ");
return(DIMAOUTPUTERROR);
}
fwrite( outbuf, 1, len, fp );
fclose( fp );
return(DIMASUCCESS);
}

17
trial4/KeyGen.h
View File

@ -29,4 +29,21 @@ DIMASTATUS use_dev_random(void *data, unsigned char *output, size_t len, size_t
DIMASTATUS seedRNGSource(void *data, unsigned char *output, size_t len); DIMASTATUS seedRNGSource(void *data, unsigned char *output, size_t len);
*/ */
//Create Asymmetric device key from CDI key
//Create KD contxt, fill in information required for the asymm key derivation
//call KeyGen with KD ctx
//export Pub key?
//export Pub cert?
//what else can we do? key chains?
DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx); DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx);
//If KD->phrase is IDENTITY, do not write priv key file outside SS. issue warning.
DIMASTATUS WritePrivKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * key_ctx);
DIMASTATUS WritePubKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * key_ctx);

BIN
trial4/RANDFILE
View File

Binary file not shown.

42
trial4/ROMprotocol.c
View File

@ -45,7 +45,7 @@ DIMASTATUS ROMprotocol()
//Calculating UDS hash //Calculating UDS hash
FILE *fp = NULL; FILE *fp = NULL;
fp = fopen("RANDFILE", "rb"); fp = fopen("SecureStorage/RANDFILE", "rb");
if(!fp) if(!fp)
{ {
perror("DIMAFILENOTFOUND: Unable to access UDS\n"); perror("DIMAFILENOTFOUND: Unable to access UDS\n");
@ -179,29 +179,10 @@ if(DEBUG)
if(DEBUG) if(DEBUG)
{printf("PASS 5\n");} {printf("PASS 5\n");}
//Create Asymmetric device key from CDI key
//Create KD contxt, fill in information required for the asymm key derivation
//call KeyGen with KD ctx
//export Pub key?
//export Pub cert?
//what else can we do?
/*
int ENT_MODE; //SW_PRNG,HW_TRNG,DETERM,
int PKC_MODE; //isRSA, isECC
const uint8_t * seed;
const char * phrase;
int KEY_FORM; //BIN,PEM,DER
char * pub_file;
priv_file;
} KeyDrv_context;
*/
//Every key derivation should start with a new KD contxt //Every key derivation should start with a new KD contxt
//setting context for DID
KeyDrv_context DID_ctx; KeyDrv_context DID_ctx;
DID_ctx.ENT_MODE = DFL_ENT; DID_ctx.ENT_MODE = DFL_ENT;
@ -209,12 +190,13 @@ if(DEBUG)
DID_ctx.seed = CDIKEY; DID_ctx.seed = CDIKEY;
DID_ctx.phrase = IDENTITY; DID_ctx.phrase = IDENTITY;
DID_ctx.KEY_FORM = DFL_FORM; DID_ctx.KEY_FORM = DFL_FORM;
DID_ctx.pub_file = "DID_pub.pem"; //DID_ctx.pub_file = DFL_PUB;
DID_ctx.priv_file = "DID_priv.pem"; //Dont save DID priv //DID_ctx.priv_file = DFL_PRIV; //Dont save DID priv outside SS
if(DEBUG) if(DEBUG)
{printf("PASS 6\n");} {printf("PASS 6\n");}
//Deriving and storing DID
ret = AsymmKeyGen(&DID_ctx); ret = AsymmKeyGen(&DID_ctx);
if(ret < DIMASUCCESS) if(ret < DIMASUCCESS)
{ {
@ -223,10 +205,22 @@ if(DEBUG)
exit(DIMAFAILURE); exit(DIMAFAILURE);
} }
free(CDIKEY);
//delete DID_ctx??
//setting context for Alias keys
//deriving alisa keys
//session keys?
if(DEBUG) if(DEBUG)
{printf("PASS 7\n");} {printf("PASS 7\n");}
free(CDIKEY);
if(DEBUG) if(DEBUG)

64
trial4/defines.h
View File

@ -21,11 +21,9 @@
#define DIMAFAILUREUNKWN -1111 #define DIMAFAILUREUNKWN -1111
////////////////////////////////////////////////
/* CONSTANTS TO BE USED IN DIMA */ /* CONSTANTS TO BE USED IN DIMA */
#define SHA256_DGST_SIZE 32 //bytes #define SHA256_DGST_SIZE 32 //bytes
#define UDS_SIZE 8 #define UDS_SIZE 8
#define CDI_KEY_SIZE 32 #define CDI_KEY_SIZE 32
@ -34,31 +32,7 @@
#define RSA_HASH_ID MBEDTLS_MD_SHA256 #define RSA_HASH_ID MBEDTLS_MD_SHA256
#define RSA_SIZE 2048 //4096 #define RSA_SIZE 2048 //4096
#define RSA_EXP 65537 #define RSA_EXP 65537
#define KEY_BUF_SIZE 16000
/* DEFAULT CONFIGURATIONS */
#define DEBUG 1 //print all values when 1
#define isRSA 0
#define isECC 1
#define DFL_PKC isECC // isECC, 1 = ECC, 0= RSA
#define BIN 0
#define PEM 1
#define DER 2
#define DFL_FORM PEM
//DRBG entropy source
#define SW_PRNG 0
#define HW_TRNG 1
#define DETERM 2
#define DFL_ENT HW_TRNG
/* SPECIFIC AND SPECIAL VALUES */ /* SPECIFIC AND SPECIAL VALUES */
/* DO NOT CHANGE THIS BLOCK */ /* DO NOT CHANGE THIS BLOCK */
@ -69,7 +43,37 @@
#define ENTROPY_LEN 32 #define ENTROPY_LEN 32
/* typedes */ ////////////////////////////////////////////////
/* DEFAULT CONFIGURATIONS */
#define DEBUG 1 //print all values when 1
#define isRSA 0
#define isECC 1
#define DFL_PKC isRSA // isECC, 1 = ECC, 0= RSA
//#define BIN 2
#define PEM 0
#define DER 1
#define DFL_FORM PEM
//#define DFL_PUB "keys/DID_pub." DFL_FORM
//#define DFL_PRIV "SecureStorage/DID_priv" DFL_FORM
//DRBG entropy source
#define SW_PRNG 0
#define HW_TRNG 1
#define DETERM 2
#define DFL_ENT DETERM
//////////////////////////////////////////////////
/* typedefs */
typedef struct typedef struct
{ {
@ -96,3 +100,5 @@ typedef struct
size_t inLen; size_t inLen;
uint8_t * outbuf; //out buf uint8_t * outbuf; //out buf
} Hash_contxt; } Hash_contxt;
//useless structure ^ this one

8
trial4/makefile
View File

@ -20,7 +20,15 @@ debug:
trial: trial:
${CC} -g -o $(ODIR)/trial ECCtrial.c -lm -lmbedcrypto -lmbedtls -lmbedx509 ${CC} -g -o $(ODIR)/trial ECCtrial.c -lm -lmbedcrypto -lmbedtls -lmbedx509
remake:
rm -r $(ODIR)/*
${CC} -o $(ODIR)/main main.c KeyGen.c ROMprotocol.c -lm -lmbedcrypto -lmbedtls -lmbedx509
clean: clean:
rm -r $(ODIR)/* rm -r $(ODIR)/*
rm -r ./keys/* rm -r ./keys/*
rm -r ./SecureStorage/*.pem
rm -r ./SecureStorage/*.der

BIN
trial4/out/main
View File

Binary file not shown.