diff --git a/trial5/KeyGen.c b/trial5/KeyGen.c index d9b7c37..4e0fffc 100644 --- a/trial5/KeyGen.c +++ b/trial5/KeyGen.c @@ -134,8 +134,6 @@ DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx) mbedtls_ctr_drbg_context drbgCtx; mbedtls_ctr_drbg_init(&drbgCtx); -if(DEBUG) - printf("PASS 1\n"); mbedtls_pk_context pkey_ctx; mbedtls_pk_init(&pkey_ctx); @@ -193,8 +191,7 @@ if(DEBUG) exit(DIMAINVALIDSTATE); } -if(DEBUG) - printf("PASS 2\n"); + if(DEBUG) printf("Generating ECC asymmetric key pair...\n"); //////ECC implementation @@ -222,11 +219,13 @@ if(DEBUG) mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pkey_ctx ); if(DEBUG) { - printf( "curve: %s\n", mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name ); + printf( "key info : \ncurve: %s\n", mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name ); mbedtls_mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL ); mbedtls_mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL ); mbedtls_mpi_write_file( "D: ", &ecp->d , 16, NULL ); } + + mbedtls_ecp_keypair_free(ecp); } else { @@ -280,6 +279,7 @@ if(DEBUG) if(DEBUG) { + printf("RSA Key pair info :\n"); mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); mbedtls_mpi_write_file( "D: ", &D, 16, NULL ); @@ -291,6 +291,15 @@ if(DEBUG) } } + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); + mbedtls_mpi_free(&E); + mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); + mbedtls_mpi_free(&QP); + } else { @@ -306,6 +315,11 @@ if(DEBUG) ////////////////////////////TODO/////////////////////////// //free block + mbedtls_entropy_free(&entropyCtx); + mbedtls_ctr_drbg_free(&drbgCtx); + mbedtls_pk_free(&pkey_ctx); + + return DIMASUCCESS; } @@ -383,7 +397,7 @@ DIMASTATUS WritePrivKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * pkey_ctx) fwrite( outbuf, 1, len, fp ); fclose( fp ); - + free(outbuf); return(DIMASUCCESS); } @@ -441,7 +455,7 @@ DIMASTATUS WritePubKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * pkey_ctx) fwrite( outbuf, 1, len, fp ); fclose( fp ); - + free(outbuf); return(DIMASUCCESS); } diff --git a/trial5/MutualAttestation.c b/trial5/MutualAttestation.c index 6f6eb16..578c5bb 100644 --- a/trial5/MutualAttestation.c +++ b/trial5/MutualAttestation.c @@ -1,5 +1,5 @@ #include "Stage2.h" - +//test DIMASTATUS load_nodes(Node_info * nodelist) { @@ -29,8 +29,8 @@ DIMASTATUS challenge_client(Node_info * Client) { DIMASTATUS ret = 0; - //if (DEBUG) - printf("challence node %s.... \n", Client->ID); + if (DEBUG) + printf("challenge node %s.... \n", Client->ID); Chall_context Ch; Ch.siglen = 0; @@ -52,14 +52,14 @@ DIMASTATUS challenge_client(Node_info * Client) memcpy(Client->NONCE, Ch.NONCE, NONCE_SIZE); - //if(DEBUG) + if(DEBUG) { for(int i = 0; i < NONCE_SIZE; i++) printf("%hhx",Ch.NONCE[i]); printf(" : NONCE chall\n"); } - //if(DEBUG) + if(DEBUG) { for(int i = 0; i < NONCE_SIZE; i++) printf("%hhx",Client->NONCE[i]); @@ -67,7 +67,7 @@ DIMASTATUS challenge_client(Node_info * Client) } //loading private key - //if (DEBUG) + if (DEBUG) printf("load private key\n"); mbedtls_pk_context priv_ctx; @@ -81,7 +81,7 @@ DIMASTATUS challenge_client(Node_info * Client) } //measuring NONCe - //if(DEBUG) + if(DEBUG) printf("measuring nonce\n"); uint8_t* dgst = calloc(1, sizeof(uint8_t)*SHA256_DGST_SIZE); @@ -95,7 +95,7 @@ DIMASTATUS challenge_client(Node_info * Client) printf("DIMASHAFAILURE : could not perfom SHA digest -0x%04x\n", (unsigned int) -ret); return DIMASHAFAILURE; } - //if(DEBUG) + if(DEBUG) { for(int i = 0; i < SHA256_DGST_SIZE; i++) printf("%hhx",dgst[i]); @@ -103,7 +103,7 @@ DIMASTATUS challenge_client(Node_info * Client) } //signing NONCE - //if(DEBUG) + if(DEBUG) printf("SIGNING nonce\n"); ret = mbedtls_pk_sign(&priv_ctx, MBEDTLS_MD_SHA256, dgst, SHA256_DGST_SIZE, Ch.sign, &siglen, NULL, NULL); if(ret < DIMASUCCESS) @@ -113,7 +113,7 @@ DIMASTATUS challenge_client(Node_info * Client) } Ch.siglen = siglen; - //if(DEBUG) + if(DEBUG) { for(int i=0; i< siglen; i++) printf("%hhx",Ch.sign[i] ); @@ -121,7 +121,7 @@ DIMASTATUS challenge_client(Node_info * Client) } //sending challenge - //if(DEBUG) + if(DEBUG) printf("sending challenge...\n"); @@ -133,7 +133,7 @@ DIMASTATUS challenge_client(Node_info * Client) memcpy(netBuff, Ch.NONCE, NONCE_SIZE); memcpy(&netBuff[NONCE_SIZE + PAD], Ch.sign, Ch.siglen); - sleep(1); + //sleep(1); ret = mbedtls_net_send(Client->fd, netBuff, NONCE_SIZE+Ch.siglen+PAD ); if(ret < DIMASUCCESS) { @@ -141,9 +141,15 @@ DIMASTATUS challenge_client(Node_info * Client) return DIMANETWORKFAILURE; } - //if(DEBUG) + if(DEBUG) printf("sent %d bytes\n", ret); + + //////FREE + mbedtls_entropy_free(&entropy); + mbedtls_pk_free(&priv_ctx); + free(dgst); + return ret; } @@ -189,6 +195,12 @@ DIMASTATUS verify_client(Node_info * Client, Resp_context * Rp) return DIMASIGNFAILURE; } + *Client->status = (uint8_t) Cl_verfd; + + //////////FREEEEEEEE + free(dgst); + mbedtls_pk_free(&Cli_ctx); + return DIMASUCCESS; } @@ -249,7 +261,7 @@ DIMASTATUS response_master(Node_info * Server, Resp_context * Rp, unsigned char } //measuring NONCe - //if(DEBUG) + if(DEBUG) printf("measuring nonce\n"); uint8_t* dgst = calloc(1, sizeof(uint8_t)*SHA256_DGST_SIZE); @@ -263,7 +275,7 @@ DIMASTATUS response_master(Node_info * Server, Resp_context * Rp, unsigned char printf("DIMASHAFAILURE : could not perfom SHA digest -0x%04x\n", (unsigned int) -ret); return DIMASHAFAILURE; } - //if(DEBUG) + if(DEBUG) { for(int i = 0; i < SHA256_DGST_SIZE; i++) printf("%hhx",dgst[i]); @@ -271,7 +283,7 @@ DIMASTATUS response_master(Node_info * Server, Resp_context * Rp, unsigned char } //signing NONCE - //if(DEBUG) + if(DEBUG) printf("SIGNING nonce\n"); ret = mbedtls_pk_sign(&priv_ctx, MBEDTLS_MD_SHA256, dgst, SHA256_DGST_SIZE, Rp->sign, &siglen, NULL, NULL); if(ret < DIMASUCCESS) @@ -281,7 +293,7 @@ DIMASTATUS response_master(Node_info * Server, Resp_context * Rp, unsigned char } Rp->siglen = siglen; - //if(DEBUG) + if(DEBUG) { for(int i=0; i< siglen; i++) printf("%hhx",Rp->sign[i] ); @@ -289,7 +301,7 @@ DIMASTATUS response_master(Node_info * Server, Resp_context * Rp, unsigned char } //sending challenge - //if(DEBUG) + if(DEBUG) printf("sending response...\n"); @@ -309,7 +321,7 @@ DIMASTATUS response_master(Node_info * Server, Resp_context * Rp, unsigned char return DIMANETWORKFAILURE; } - //if(DEBUG) + if(DEBUG) for(int i; i < NODE_ID_SIZE + Rp->siglen + PAD; i++) printf("%hhx", netBuff[i]); printf(" : sent %d bytes\n", ret); diff --git a/trial5/ROMprotocol.c b/trial5/ROMprotocol.c index 0ce64b0..9ff21d5 100644 --- a/trial5/ROMprotocol.c +++ b/trial5/ROMprotocol.c @@ -1,47 +1,86 @@ #include "ROMprotocol.h" -/* - DIMASTATUS ret = 0; - int len = 0; - - -if(DEBUG) -{printf("PASS \n");} - -if(ret < DIMASUCCESS) - { - perror("\n"); - - //other cleanup - exit(); - } - -*/ - DIMASTATUS ROMprotocol() { - printf("PASS 10\n"); + printf("Start DICE protocol...\n"); DIMASTATUS ret = 0; int len = 0; if(DEBUG) - {printf("PASS 11\n");} + {printf("Calculating device secrets ...\n");} //Calculate DIMA RTM hash - - //////////////TODO//////////////// - //this should be calculated on the DIMA bin and remain static. - //how to do that? - //hardcoding junk value for now + //RTM, i.e this file measures itself + + uint8_t* RTM_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); + FILE *rtm = NULL; + rtm = fopen("ROMprotocol.c", "rb"); + if(!rtm) + { + perror("DIMAFILENOTFOUND: Unable to find RTM(?)\n"); + + fclose(rtm); + exit(DIMAFILENOTFOUND); + } + + mbedtls_sha256_context RTM_ctx; + mbedtls_sha256_init(&RTM_ctx); + + ret = mbedtls_sha256_starts_ret(&RTM_ctx,0); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to create hash context\n"); + mbedtls_sha256_free(&RTM_ctx); + exit(DIMASHAFAILURE); + } + + uint8_t *RTMbuf = calloc(1, sizeof(uint8_t)*1024); + + while( (ret = fread(RTMbuf, 1024, 1, rtm))&& (ret != EOF)) + { + + ret = mbedtls_sha256_update_ret(&RTM_ctx, RTMbuf, 1024); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to measure RTM\n"); + mbedtls_sha256_free(&RTM_ctx); + exit(DIMASHAFAILURE); + } + memset(RTMbuf,0,1024); + + } + + ret = mbedtls_sha256_update_ret(&RTM_ctx, RTMbuf, ret); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to measure RTM\n"); + mbedtls_sha256_free(&RTM_ctx); + exit(DIMASHAFAILURE); + } + + ret = mbedtls_sha256_finish_ret(&RTM_ctx,RTM_ID); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to measure RTM\n"); + mbedtls_sha256_free(&RTM_ctx); + exit(DIMASHAFAILURE); + } + + fclose(rtm); + free(RTMbuf); + mbedtls_sha256_free(&RTM_ctx); + + if(DEBUG) + { + for (int i = 0; i < SHA256_DGST_SIZE; i++) + printf("%hhx", RTM_ID[i]); + printf(" : RTM ID\n" ); + } - uint8_t RTM_ID[SHA256_DGST_SIZE] = { 0xbe,0x67,0x0a,0xf8,0xf3,0x92,0x0e,0x4f, - 0xba,0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc, - 0xf1,0xd9,0x30,0xe2,0x33,0xcc,0x28,0xc5, - 0x7b,0xbb,0x38,0x7d,0xe6,0x66,0xbb,0x1e }; //Calculating UDS hash @@ -50,22 +89,18 @@ DIMASTATUS ROMprotocol() if(!fp) { perror("DIMAFILENOTFOUND: Unable to access UDS\n"); - + printf("For the same of testing, please run >> \ + \n dd if=/dev/urandom of=SecureStorage/RANDFILE bs=256 count=1 \n and retry ..\n"); fclose(fp); exit(DIMAFILENOTFOUND); } - if(DEBUG) -{printf("PASS 12\n");} + uint8_t *UDSbuf = calloc(1, sizeof(uint8_t)*SHA256_DGST_SIZE); fread(UDSbuf,UDS_SIZE,1,fp); fclose(fp); -if(DEBUG) -{printf("PASS 13\n");} - - uint8_t* UDS_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); ret = mbedtls_sha256_ret( UDSbuf,UDS_SIZE,UDS_ID,0 ); if(ret < DIMASUCCESS) @@ -130,18 +165,16 @@ if(DEBUG) } free(UDS_ID); - //free(RTM_ID); + free(RTM_ID); mbedtls_sha256_free(&CDI_ctx); -if(DEBUG) -{ - for(int i = 0; i < SHA256_DGST_SIZE; i++) - printf("%hhx",CDI[i]); - printf(" : CDI\n"); -} + if(DEBUG) + { + for(int i = 0; i < SHA256_DGST_SIZE; i++) + printf("%hhx",CDI[i]); + printf(" : CDI\n"); + } -if(DEBUG) -{printf("PASS 14\n");} //Calculating CDI key, HKDF const mbedtls_md_info_t * md_info; @@ -168,23 +201,19 @@ if(DEBUG) exit(DIMAHKDFFAILURE); } - //free(CDI); - -if(DEBUG) -{ - for(int i = 0; i < HKDF_KEY_SIZE; i++) - printf("%hhx",CDIKEY[i]); - printf(" : CDIKEY\n"); -} + if(DEBUG) + { + for(int i = 0; i < HKDF_KEY_SIZE; i++) + printf("%hhx",CDIKEY[i]); + printf(" : CDIKEY\n"); + } -if(DEBUG) -{printf("PASS 15\n");} - - - //Every key derivation should start with a new KD contxt //setting context for DID + //creating scope to reduce access to key derivation context + //is there a better way to do this? + { KeyDrv_context DID_ctx; DID_ctx.ENT_MODE = DETERM; DID_ctx.PKC_MODE = DFL_PKC; @@ -194,9 +223,6 @@ if(DEBUG) //DID_ctx.pub_file = DFL_PUB; //DID_ctx.priv_file = DFL_PRIV; //Dont save DID priv outside SS -if(DEBUG) -{printf("PASS 16\n");} - //Deriving and storing DID ret = AsymmKeyGen(&DID_ctx); if(ret < DIMASUCCESS) @@ -205,6 +231,7 @@ if(DEBUG) free(CDIKEY); exit(DIMAFAILURE); } + } free(CDIKEY); //But CDIKey is needed to gen AliasKP //delete DID_ctx?? @@ -214,16 +241,91 @@ if(DEBUG) //////////////////////////deriving alisa keys - //placeholder FW_ID - uint8_t FW_ID[SHA256_DGST_SIZE] = { 0xf3,0x92,0x0e,0x4f,0xbe,0x67,0x0a,0xf8, - 0xf1,0xd9,0x30,0xe2,0x33,0xcc,0x28,0xc5, - 0xba,0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc, - 0xe6,0x66,0xbb,0x1e,0x7b,0xbb,0x38,0x7d }; + //FW_ID = #(MututalAuthentication.c) + //conf_ID = #(define.h) + if(DEBUG) printf("Measuring Firmware and config files ...\n"); + uint8_t * FW_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); + + mbedtls_sha256_context FW_ctx; + mbedtls_sha256_init(&FW_ctx); + + FILE *fw = NULL; + fw = fopen("MutualAttestation.c", "rb"); + if(!fw) + { + perror("DIMAFILENOTFOUND: Unable to find stage 2 files(?)\n"); + + fclose(fw); + exit(DIMAFILENOTFOUND); + } + + ret = mbedtls_sha256_starts_ret(&FW_ctx,0); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to create hash context\n"); + mbedtls_sha256_free(&FW_ctx); + exit(DIMASHAFAILURE); + } + + uint8_t *FWbuf = calloc(1, sizeof(uint8_t)*1024); + + while( (ret = fread(FWbuf, 1024, 1, fw))&& (ret != EOF)) + { + + ret = mbedtls_sha256_update_ret(&FW_ctx, FWbuf, 1024); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to measure Stage2 files\n"); + mbedtls_sha256_free(&FW_ctx); + exit(DIMASHAFAILURE); + } + memset(FWbuf,0,1024); + + } + + ret = mbedtls_sha256_update_ret(&FW_ctx, FWbuf, ret); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to measure RTM\n"); + mbedtls_sha256_free(&FW_ctx); + exit(DIMASHAFAILURE); + } + + ret = mbedtls_sha256_finish_ret(&FW_ctx,FW_ID); + if(ret < DIMASUCCESS) + { + perror("DIMASHAFAILURE : Failed to measure RTM\n"); + mbedtls_sha256_free(&FW_ctx); + exit(DIMASHAFAILURE); + } + + fclose(fw); + free(FWbuf); + mbedtls_sha256_free(&FW_ctx); + + if(DEBUG) + { + for (int i = 0; i < SHA256_DGST_SIZE; i++) + printf("%hhx", FW_ID[i]); + printf(" : FW ID\n" ); + } + + + + //defines.h is volatile right now! + //changing define, hence alias key adds 3-4 steps to per round of testing + //include conf measurement only after everything else is fixed + //should be performed exactly as line 242, above + + //calc conf_ID + //calc composite hash CDI2 with CDI, conf_ID nad fw_ID + //derive FWKEY from CDI2 + uint8_t * FWKEY = calloc(1, sizeof(uint8_t)*HKDF_KEY_SIZE); - //create Alias key derivation material using CDI and seed and FW_ID as salt - //Alternatively do composite hash of CDI and FW_ID to create Alias key der material + //LAZY METHOD - create Alias key derivation material using CDI and seed and FW_ID as salt + ret = mbedtls_hkdf(md_info, FW_ID, sizeof(FW_ID), CDI, SHA256_DGST_SIZE, ALIAS, sizeof(ALIAS), FWKEY, HKDF_KEY_SIZE); @@ -233,6 +335,9 @@ if(DEBUG) exit(DIMAHKDFFAILURE); } + //creating scope to reduce access to key derivation context + //is there a better way to do this? + { KeyDrv_context ALIAS_ctx; ALIAS_ctx.ENT_MODE = DETERM; ALIAS_ctx.PKC_MODE = DFL_PKC; @@ -248,22 +353,13 @@ if(DEBUG) perror("DIMAFAILURE : ALIAS key gen failed\n"); exit(DIMAFAILURE); } - + } //session keys? free(CDI); free(FWKEY); - -if(DEBUG) -{printf("PASS 17\n");} - - - - -if(DEBUG) -{printf("PASS 100\n");} return DIMASUCCESS; } diff --git a/trial5/keys/a b/trial5/keys/a deleted file mode 100644 index e69de29..0000000 diff --git a/trial5/main.c b/trial5/main.c index 996e77c..b1c9335 100644 --- a/trial5/main.c +++ b/trial5/main.c @@ -14,7 +14,6 @@ int main() /*lock Secure Storage*/ - //ALIAS and session keys, firmware execution //measure firmware.bin @@ -48,7 +47,6 @@ int main() exit(DIMAFAILURE); } - /////////////////KEY gen protocol ends here /////////////////DID Priv key is purged/secure, other keys are available for use @@ -65,7 +63,7 @@ int main() Self.ID = DFL_ID; Self.status = DFL_CL_STAT; - printf("size of ID %ld\n", NODE_ID_SIZE ); + //if(DEBUG) printf("size of ID %ld\n", NODE_ID_SIZE ); //Verifier Node code if(Self.ID == MASTER_ID) @@ -110,7 +108,9 @@ int main() return DIMANETWORKFAILURE; } - //loop till all clients verified: + //multiple clients to be veirfied! + //loop on nodelist till all clients verified + mbedtls_net_context fd_client; mbedtls_net_init(&fd_client); @@ -131,7 +131,7 @@ int main() printf("DIMANETWORKFAILURE : Failed to recv ID -0x%04x\n", (unsigned int) -ret); return DIMANETWORKFAILURE; } - //if(DEBUG) + if(DEBUG) printf("recvd %d bytes ID %s \n", ret, netBuff); if(strcmp(netBuff, nodelist[1].ID) == DIMASUCCESS) @@ -160,14 +160,14 @@ int main() //response from client memset(netBuff,0,NETBUFSIZE); - ret = mbedtls_net_recv(nodelist[1].fd, netBuff, 100); + ret = mbedtls_net_recv(nodelist[1].fd, netBuff, NETBUFSIZE); if(ret <= DIMASUCCESS) { printf("DIMANETWORKFAILURE : Failed to recv response -0x%04x\n", (unsigned int) -ret); return DIMANETWORKFAILURE; } - for(int i; i < 100; i++) + for(int i; i < ret; i++) printf("%hhx",netBuff[i] ); printf("Received data of len... %d\n Unpacking...\n", ret ); @@ -178,7 +178,7 @@ int main() memcpy(Rp.sign, &netBuff[NODE_ID_SIZE + PAD], Rp.siglen); - //if(DEBUG) + if(DEBUG) { for(int i=0; i< Rp.siglen; i++) printf("%hhx",Rp.sign[i] ); @@ -194,7 +194,18 @@ int main() return DIMASIGNFAILURE; } - printf("Signature verified \n"); + printf("Client signature verified \n"); + + mbedtls_net_free(&fd_client); + + //finish loop, wait for next client + + + //FREE BLOCK + free(nodelist); + mbedtls_net_free(&fd_bind); + + } @@ -217,7 +228,7 @@ int main() printf("Running as Slave node....\n"); Node_info Server; Server.ID = MASTER_ID; - Server.pubKey_file = "clientkeys/Server_pub.pem"; + Server.pubKey_file = "clientkeys/Server_pub.pemh"; mbedtls_net_context fd_server; @@ -248,7 +259,7 @@ int main() //recv, unpack challenge contxt - ret = mbedtls_net_recv(Server.fd, netBuff, 100); + ret = mbedtls_net_recv(Server.fd, netBuff, NETBUFSIZE); if(ret <= DIMASUCCESS) { printf("DIMANETWORKFAILURE : Failed to recv challenge -0x%04x\n", (unsigned int) -ret); @@ -257,7 +268,7 @@ int main() return DIMANETWORKFAILURE; } - for(int i; i < 100; i++) + for(int i; i < ret; i++) printf("%hhx",netBuff[i] ); printf("Received data of len... %d\n Unpacking...\n", ret ); @@ -266,14 +277,14 @@ int main() memcpy(Ch.NONCE, netBuff, NONCE_SIZE); memcpy(Ch.sign, &netBuff[NONCE_SIZE + PAD], Ch.siglen); - //if(DEBUG) + if(DEBUG) { for(int i = 0; i < NONCE_SIZE; i++) printf("%hhx",Ch.NONCE[i]); printf(" : NONCE chall\n"); } - //if(DEBUG) + if(DEBUG) { for(int i=0; i< Ch.siglen; i++) printf("%hhx",Ch.sign[i] ); @@ -297,7 +308,9 @@ int main() printf("Responding to Challenge...\n"); ret = response_master(&Server, &Rp, Ch.NONCE); - + + //FREE BLOCK + mbedtls_net_free(&fd_server); } diff --git a/trial5/out/a b/trial5/out/a deleted file mode 100644 index e69de29..0000000