minor changes. derive ECC still working
This commit is contained in:
atul.jha
parent
ba8d2729ea
commit
90f9e7f5b7
142
trial3/layer1.c
142
trial3/layer1.c
@ -250,11 +250,8 @@ int seedRNGSource(void *data, unsigned char *output, size_t len)
|
|||||||
if(memcpy(output, p_ent -> accumulator.buffer + ACCUM_BUFF_OFFSET , ENTROPY_LEN) < 0)
|
if(memcpy(output, p_ent -> accumulator.buffer + ACCUM_BUFF_OFFSET , ENTROPY_LEN) < 0)
|
||||||
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
||||||
|
|
||||||
for(int i = 0; i < ENTROPY_LEN; i++)
|
|
||||||
printf("0x%hhx,",output[i]);
|
|
||||||
printf(" : CDIKEY\n");
|
|
||||||
len = ENTROPY_LEN;
|
len = ENTROPY_LEN;
|
||||||
printf("%d\n", (int)len );
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
@ -280,108 +277,105 @@ int deriveECCKeyPair(KeyDrv_context * KD_ctx)
|
|||||||
printf("inside deriveECCKeyPair layer1\n\n");
|
printf("inside deriveECCKeyPair layer1\n\n");
|
||||||
|
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
unsigned char pubkeybuf[100];
|
unsigned char pubkeybuf[100];
|
||||||
size_t pubkeysize;
|
size_t pubkeysize;
|
||||||
char privkeybuf[100];
|
char privkeybuf[100];
|
||||||
size_t privkeysize;
|
size_t privkeysize;
|
||||||
char privkeybuf2[100];
|
char privkeybuf2[100];
|
||||||
size_t privkey2size;
|
size_t privkey2size;
|
||||||
|
|
||||||
|
|
||||||
|
mbedtls_ecp_group ecpGrp;
|
||||||
|
mbedtls_ecp_group_init(&ecpGrp);
|
||||||
|
mbedtls_ecp_group_load(&ecpGrp, ECC_CURVE);
|
||||||
|
|
||||||
|
mbedtls_mpi secret;
|
||||||
|
mbedtls_mpi_init(&secret);
|
||||||
|
|
||||||
mbedtls_ecp_group ecpGrp;
|
mbedtls_ecp_point Public;
|
||||||
mbedtls_ecp_group_init(&ecpGrp);
|
mbedtls_ecp_point_init(&Public);
|
||||||
mbedtls_ecp_group_load(&ecpGrp, ECC_CURVE);
|
|
||||||
|
|
||||||
mbedtls_mpi secret;
|
mbedtls_entropy_context entropyCtx;
|
||||||
mbedtls_mpi_init(&secret);
|
mbedtls_entropy_init(&entropyCtx);
|
||||||
|
|
||||||
mbedtls_ecp_point Public;
|
mbedtls_ctr_drbg_context drbgCtx;
|
||||||
mbedtls_ecp_point_init(&Public);
|
mbedtls_ctr_drbg_init(&drbgCtx);
|
||||||
|
|
||||||
mbedtls_entropy_context entropyCtx;
|
|
||||||
mbedtls_entropy_init(&entropyCtx);
|
if (KD_ctx->ENT_MODE == HW_TRNG) //HW RNG
|
||||||
|
{
|
||||||
|
printf("using /dev/random.... this may take a moment\n");
|
||||||
|
mbedtls_entropy_add_source( &entropyCtx, use_dev_random,
|
||||||
|
NULL, ENTROPY_LEN, MBEDTLS_ENTROPY_SOURCE_STRONG );
|
||||||
|
|
||||||
|
mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func,
|
||||||
|
&entropyCtx,
|
||||||
|
(const unsigned char *) KD_ctx->phrase ,
|
||||||
|
strlen(KD_ctx->phrase)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
mbedtls_ctr_drbg_context drbgCtx;
|
else if (KD_ctx->ENT_MODE == DETERM) // Deterministic derviation with seed
|
||||||
mbedtls_ctr_drbg_init(&drbgCtx);
|
{
|
||||||
|
printf("Seeding entropy accumulator....\n");
|
||||||
|
if(mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN) < 0)
|
||||||
if (KD_ctx->ENT_MODE == HW_TRNG) //HW RNG
|
|
||||||
{
|
{
|
||||||
printf("using /dev/random.... this may take a moment\n");
|
perror("Accumulator seed failed\n");
|
||||||
mbedtls_entropy_add_source( &entropyCtx, use_dev_random,
|
return RIOTFAILURE;
|
||||||
NULL, ENTROPY_LEN, MBEDTLS_ENTROPY_SOURCE_STRONG );
|
|
||||||
|
|
||||||
mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func,
|
|
||||||
&entropyCtx,
|
|
||||||
(const unsigned char *) KD_ctx->phrase ,
|
|
||||||
strlen(KD_ctx->phrase)
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
else if (KD_ctx->ENT_MODE == DETERM) // Deterministic derviation with seed
|
if(mbedtls_ctr_drbg_seed(&drbgCtx, seedRNGSource, &entropyCtx,
|
||||||
{
|
(const unsigned char *) KD_ctx->phrase, sizeof(&KD_ctx->phrase)) < 0)
|
||||||
printf("Seeding entropy accumulator....\n");
|
{
|
||||||
if(mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN) < 0)
|
perror("drbg seed failed\v");
|
||||||
{
|
return RIOTFAILURE;
|
||||||
perror("Accumulator seed failed\n");
|
}
|
||||||
return RIOTFAILURE;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(mbedtls_ctr_drbg_seed(&drbgCtx, seedRNGSource, &entropyCtx,
|
|
||||||
(const unsigned char *) KD_ctx->phrase, sizeof(&KD_ctx->phrase)) < 0)
|
|
||||||
{
|
|
||||||
perror("drbg seed failed\v");
|
|
||||||
return RIOTFAILURE;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
else //regular key derivation
|
else //regular SW accumulator used for key derivation
|
||||||
{
|
{
|
||||||
printf("Accumulating entropy ...\n");
|
printf("Accumulating entropy ...\n");
|
||||||
mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN);
|
mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN);
|
||||||
mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func,
|
mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, &entropyCtx,
|
||||||
&entropyCtx,
|
|
||||||
(const unsigned char *) KD_ctx->phrase ,
|
(const unsigned char *) KD_ctx->phrase ,
|
||||||
strlen(KD_ctx->phrase)
|
strlen(KD_ctx->phrase)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(mbedtls_ecp_gen_keypair(&ecpGrp, &secret, &Public,
|
if(mbedtls_ecp_gen_keypair(&ecpGrp, &secret, &Public,
|
||||||
mbedtls_ctr_drbg_random, &drbgCtx) <0)
|
mbedtls_ctr_drbg_random, &drbgCtx) <0)
|
||||||
{
|
{
|
||||||
perror("ECP gen keypair failed\n");
|
perror("ECP gen keypair failed\n");
|
||||||
return RIOTFAILURE;
|
return RIOTFAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = mbedtls_ecp_tls_write_point(&ecpGrp, &Public, MBEDTLS_ECP_PF_UNCOMPRESSED,
|
ret = mbedtls_ecp_tls_write_point(&ecpGrp, &Public, MBEDTLS_ECP_PF_UNCOMPRESSED,
|
||||||
&pubkeysize, pubkeybuf, sizeof(pubkeybuf));
|
&pubkeysize, pubkeybuf, sizeof(pubkeybuf));
|
||||||
if(ret < 0)
|
if(ret < 0)
|
||||||
{
|
{
|
||||||
perror("ECP write point failure\n");
|
perror("ECP write point failure\n");
|
||||||
return RIOTFAILURE;
|
return RIOTFAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
//printf("%zu : pubkeysize\n", pubkeysize );
|
//printf("%zu : pubkeysize\n", pubkeysize );
|
||||||
for(int i = 0; i < pubkeysize; i++)
|
for(int i = 0; i < pubkeysize; i++)
|
||||||
printf("%hhx",pubkeybuf[i]);
|
printf("%hhx",pubkeybuf[i]);
|
||||||
printf(" : PubKey\n");
|
printf(" : PubKey\n");
|
||||||
|
|
||||||
|
|
||||||
ret = mbedtls_mpi_write_string(&secret, 16, privkeybuf, sizeof(privkeybuf), &privkeysize);
|
ret = mbedtls_mpi_write_string(&secret, 16, privkeybuf, sizeof(privkeybuf), &privkeysize);
|
||||||
if(ret < 0)
|
if(ret < 0)
|
||||||
{
|
{
|
||||||
printf("%d\n", ret);
|
printf("%d\n", ret);
|
||||||
perror("MPI write point to string failure\n");
|
perror("MPI write point to string failure\n");
|
||||||
return RIOTFAILURE;
|
return RIOTFAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
printf("%s : PrivKey\n",privkeybuf);
|
printf("%s : PrivKey\n",privkeybuf);
|
||||||
|
|
||||||
//copy keys to parent function
|
//copy keys to parent function
|
||||||
mbedtls_ecp_copy(&KD_ctx->Public, &Public);
|
mbedtls_ecp_copy(&KD_ctx->Public, &Public);
|
||||||
mbedtls_mpi_copy(&KD_ctx->secret, &secret); /* Make SK NULL for Identitiy key generation */
|
mbedtls_mpi_copy(&KD_ctx->secret, &secret); /* Make SK NULL for Identitiy key generation */
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -19,7 +19,7 @@ void ROMprotocol(void)
|
|||||||
|
|
||||||
|
|
||||||
deriveDeviceIDKeyPair(CDIKEY, USE_ECC);
|
deriveDeviceIDKeyPair(CDIKEY, USE_ECC);
|
||||||
deriveDeviceIDKeyPair(CDIKEY, USE_ECC);
|
//deriveDeviceIDKeyPair(CDIKEY, USE_ECC);
|
||||||
|
|
||||||
|
|
||||||
printf("pass 100\n");
|
printf("pass 100\n");
|
||||||
|
|||||||
@ -3,6 +3,86 @@
|
|||||||
<logicalFolder name="root" displayName="root" projectFiles="true" kind="ROOT">
|
<logicalFolder name="root" displayName="root" projectFiles="true" kind="ROOT">
|
||||||
<df root="." name="0">
|
<df root="." name="0">
|
||||||
<df name="include">
|
<df name="include">
|
||||||
|
<df name="mbedtls">
|
||||||
|
<in>aes.h</in>
|
||||||
|
<in>aesni.h</in>
|
||||||
|
<in>arc4.h</in>
|
||||||
|
<in>aria.h</in>
|
||||||
|
<in>asn1.h</in>
|
||||||
|
<in>asn1write.h</in>
|
||||||
|
<in>base64.h</in>
|
||||||
|
<in>bignum.h</in>
|
||||||
|
<in>blowfish.h</in>
|
||||||
|
<in>bn_mul.h</in>
|
||||||
|
<in>camellia.h</in>
|
||||||
|
<in>ccm.h</in>
|
||||||
|
<in>certs.h</in>
|
||||||
|
<in>chacha20.h</in>
|
||||||
|
<in>chachapoly.h</in>
|
||||||
|
<in>check_config.h</in>
|
||||||
|
<in>cipher.h</in>
|
||||||
|
<in>cipher_internal.h</in>
|
||||||
|
<in>cmac.h</in>
|
||||||
|
<in>compat-1.3.h</in>
|
||||||
|
<in>config.h</in>
|
||||||
|
<in>ctr_drbg.h</in>
|
||||||
|
<in>debug.h</in>
|
||||||
|
<in>des.h</in>
|
||||||
|
<in>dhm.h</in>
|
||||||
|
<in>ecdh.h</in>
|
||||||
|
<in>ecdsa.h</in>
|
||||||
|
<in>ecjpake.h</in>
|
||||||
|
<in>ecp.h</in>
|
||||||
|
<in>ecp_internal.h</in>
|
||||||
|
<in>entropy.h</in>
|
||||||
|
<in>entropy_poll.h</in>
|
||||||
|
<in>error.h</in>
|
||||||
|
<in>gcm.h</in>
|
||||||
|
<in>havege.h</in>
|
||||||
|
<in>hkdf.h</in>
|
||||||
|
<in>hmac_drbg.h</in>
|
||||||
|
<in>md.h</in>
|
||||||
|
<in>md2.h</in>
|
||||||
|
<in>md4.h</in>
|
||||||
|
<in>md5.h</in>
|
||||||
|
<in>md_internal.h</in>
|
||||||
|
<in>memory_buffer_alloc.h</in>
|
||||||
|
<in>net.h</in>
|
||||||
|
<in>net_sockets.h</in>
|
||||||
|
<in>nist_kw.h</in>
|
||||||
|
<in>oid.h</in>
|
||||||
|
<in>padlock.h</in>
|
||||||
|
<in>pem.h</in>
|
||||||
|
<in>pk.h</in>
|
||||||
|
<in>pk_internal.h</in>
|
||||||
|
<in>pkcs11.h</in>
|
||||||
|
<in>pkcs12.h</in>
|
||||||
|
<in>pkcs5.h</in>
|
||||||
|
<in>platform.h</in>
|
||||||
|
<in>platform_time.h</in>
|
||||||
|
<in>platform_util.h</in>
|
||||||
|
<in>poly1305.h</in>
|
||||||
|
<in>ripemd160.h</in>
|
||||||
|
<in>rsa.h</in>
|
||||||
|
<in>rsa_internal.h</in>
|
||||||
|
<in>sha1.h</in>
|
||||||
|
<in>sha256.h</in>
|
||||||
|
<in>sha512.h</in>
|
||||||
|
<in>ssl.h</in>
|
||||||
|
<in>ssl_cache.h</in>
|
||||||
|
<in>ssl_ciphersuites.h</in>
|
||||||
|
<in>ssl_cookie.h</in>
|
||||||
|
<in>ssl_internal.h</in>
|
||||||
|
<in>ssl_ticket.h</in>
|
||||||
|
<in>threading.h</in>
|
||||||
|
<in>timing.h</in>
|
||||||
|
<in>version.h</in>
|
||||||
|
<in>x509.h</in>
|
||||||
|
<in>x509_crl.h</in>
|
||||||
|
<in>x509_crt.h</in>
|
||||||
|
<in>x509_csr.h</in>
|
||||||
|
<in>xtea.h</in>
|
||||||
|
</df>
|
||||||
</df>
|
</df>
|
||||||
<df name="keys">
|
<df name="keys">
|
||||||
</df>
|
</df>
|
||||||
@ -42,8 +122,6 @@
|
|||||||
<gdb_interceptlist>
|
<gdb_interceptlist>
|
||||||
<gdbinterceptoptions gdb_all="false" gdb_unhandled="true" gdb_unexpected="true"/>
|
<gdbinterceptoptions gdb_all="false" gdb_unhandled="true" gdb_unexpected="true"/>
|
||||||
</gdb_interceptlist>
|
</gdb_interceptlist>
|
||||||
<gdb_signals>
|
|
||||||
</gdb_signals>
|
|
||||||
<gdb_options>
|
<gdb_options>
|
||||||
<DebugOptions>
|
<DebugOptions>
|
||||||
</DebugOptions>
|
</DebugOptions>
|
||||||
|
|||||||
BIN
trial3/out/main
BIN
trial3/out/main
Binary file not shown.
Loading…
Reference in New Issue
Block a user