diff --git a/trial3/defines.h b/trial3/defines.h index 0a53aaa..cd5b61c 100644 --- a/trial3/defines.h +++ b/trial3/defines.h @@ -46,7 +46,8 @@ /* SPECIFIC AND SPECIAL VALUES */ /* DO NOT CHANGE THIS BLOCK */ - +#define IDENTITY "Identity" +#define ALIAS "Alias" #define ACCUM_BUFF_OFFSET 2 #define ENTROPY_LEN 32 diff --git a/trial3/layer1.c b/trial3/layer1.c index 16bc9be..5cf0fbf 100644 --- a/trial3/layer1.c +++ b/trial3/layer1.c @@ -1,8 +1,6 @@ #include "layer1.h" -#define IDENTITY "identity" - int readUDS(uint8_t* UDSdigest) { //Read 8 bytes from RANDFILE @@ -245,8 +243,7 @@ int seedRNGSource(void *data, unsigned char *output, size_t len) mbedtls_entropy_context * p_ent = data; printf("manual update entropy with CDI\n"); - printf("%d : len of buffer\n", (int)sizeof(p_ent -> accumulator.buffer) ); - + if(memcpy(output, p_ent -> accumulator.buffer + ACCUM_BUFF_OFFSET , ENTROPY_LEN) < 0) return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); @@ -308,11 +305,8 @@ int deriveECCKeyPair(KeyDrv_context * KD_ctx) mbedtls_entropy_add_source( &entropyCtx, use_dev_random, NULL, ENTROPY_LEN, MBEDTLS_ENTROPY_SOURCE_STRONG ); - mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, - &entropyCtx, - (const unsigned char *) KD_ctx->phrase , - strlen(KD_ctx->phrase) - ); + mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, &entropyCtx, + (const unsigned char *) KD_ctx->phrase, strlen(KD_ctx->phrase) ); } else if (KD_ctx->ENT_MODE == DETERM) // Deterministic derviation with seed @@ -337,9 +331,7 @@ int deriveECCKeyPair(KeyDrv_context * KD_ctx) printf("Accumulating entropy ...\n"); mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN); mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, &entropyCtx, - (const unsigned char *) KD_ctx->phrase , - strlen(KD_ctx->phrase) - ); + (const unsigned char *) KD_ctx->phrase, strlen(KD_ctx->phrase) ); } if(mbedtls_ecp_gen_keypair(&ecpGrp, &secret, &Public, @@ -436,14 +428,14 @@ int deriveRSAKeyPair(void) mbedtls_rsa_init(&rsaCtx,MBEDTLS_RSA_PKCS_V21, RSA_HASH_ID); mbedtls_entropy_context entropyCtx; - mbedtls_entropy_init(&entropyCtx); + mbedtls_entropy_init(&entropyCtx); - mbedtls_ctr_drbg_context drbgCtx; - mbedtls_ctr_drbg_init(&drbgCtx); + mbedtls_ctr_drbg_context drbgCtx; + mbedtls_ctr_drbg_init(&drbgCtx); //Seed drbg with secret data now? //move "private" string to n param - int ret = mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, &entropyCtx, + int ret = mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, &entropyCtx, (const unsigned char *) "Private", sizeof("Private")); mbedtls_rsa_gen_key(&rsaCtx,mbedtls_ctr_drbg_random, &drbgCtx, diff --git a/trial3/layer2.h b/trial3/layer2.h index 5f59e65..4b62d8b 100644 --- a/trial3/layer2.h +++ b/trial3/layer2.h @@ -19,9 +19,6 @@ //#include "defines.h" -#define IDENTITY "Identity" -#define ALIAS "ALIAS" - void ROMprotocol(void); diff --git a/trial3/links.txt b/trial3/links.txt index f4573f1..d5a7ffc 100644 --- a/trial3/links.txt +++ b/trial3/links.txt @@ -23,4 +23,18 @@ mbedtls_entropy_add_source( &entropy, dev_random_entropy_poll, https://forums.mbed.com/t/mbedtls-porting-into-new-environment-help-with-networking-and-entropy/4969 https://os.mbed.com/docs/mbed-os/v6.2/porting/entropy-sources.html -https://tls.mbed.org/discussions/crypto-and-ssl/deterministic-random-bit-generator-help \ No newline at end of file +https://tls.mbed.org/discussions/crypto-and-ssl/deterministic-random-bit-generator-help + + + + + + + + + +removing sensitive data rom RAM + +https://stackoverflow.com/questions/42771298/explicitly-removing-sensitive-data-from-memory + +compiler removes memset(,0,) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=8537 \ No newline at end of file diff --git a/trial3/out/main b/trial3/out/main index 9171901..0b0eb42 100755 Binary files a/trial3/out/main and b/trial3/out/main differ