From ceb7014e9d2ab2f7d6075158a664875472c50cac Mon Sep 17 00:00:00 2001 From: "atul.jha" Date: Wed, 27 May 2020 15:58:52 +0200 Subject: [PATCH] fixed KDF --- trial1/layer1.c | 71 ++++++++++++++++++++++++++--------------------- trial1/layer1.h | 1 + trial1/layer2.c | 47 ++++++++++++++----------------- trial1/out/main2 | Bin 18000 -> 18000 bytes 4 files changed, 61 insertions(+), 58 deletions(-) diff --git a/trial1/layer1.c b/trial1/layer1.c index 5ddba0d..d61c72b 100644 --- a/trial1/layer1.c +++ b/trial1/layer1.c @@ -148,15 +148,15 @@ int calcCDID(uint8_t * UDS_M, uint8_t * FW_M, uint8_t * CDID) //print block - BIO_printf(out,"UDID_M : "); - for(int i = 0; i < SHA256_DGST_SIZE; i++) - BIO_printf(out,"%x",UDS_M[i]); - BIO_printf(out, "\n"); + // BIO_printf(out,"UDID_M : "); + // for(int i = 0; i < SHA256_DGST_SIZE; i++) + // BIO_printf(out,"%x",UDS_M[i]); + // BIO_printf(out, "\n"); - BIO_printf(out,"FWID_M : "); - for(int i = 0; i < SHA256_DGST_SIZE; i++) - BIO_printf(out,"%x",FW_M[i]); - BIO_printf(out, "\n"); + // BIO_printf(out,"FWID_M : "); + // for(int i = 0; i < SHA256_DGST_SIZE; i++) + // BIO_printf(out,"%x",FW_M[i]); + // BIO_printf(out, "\n"); BIO_printf(out,"CDI : "); for(int i = 0; i < SHA256_DGST_SIZE; i++) @@ -190,36 +190,43 @@ int _calcCDID(uint8_t * _CDID) uint8_t* FW_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); readFWID(FW_ID); - //step3 : call calcCDID + ////step3 : call calcCDID calcCDID(UDS_ID,FW_ID,_CDID); - - // BIO_printf(out,"_UDID : "); - // for(int i = 0; i < SHA256_DGST_SIZE; i++) - // BIO_printf(out,"%x",UDS_ID[i]); - // BIO_printf(out, "\n"); - - // BIO_printf(out,"_FWID : "); - // for(int i = 0; i < SHA256_DGST_SIZE; i++) - // BIO_printf(out,"%x",FW_ID[i]); - // BIO_printf(out, "\n"); + BIO_printf(out,"_CDI : "); + for(int i = 0; i < SHA256_DGST_SIZE; i++) + BIO_printf(out,"%x",_CDID[i]); + BIO_printf(out, " : wrap \n\n\n"); - // BIO_printf(out,"_CDI : "); - // for(int i = 0; i < SHA256_DGST_SIZE; i++) - // BIO_printf(out,"%x",_CDID[i]); - // BIO_printf(out, "\n"); + //attempt 2 : use SHA256 here + BIO_printf(out,"_UDID : "); + for(int i = 0; i < SHA256_DGST_SIZE; i++) + BIO_printf(out,"%x",UDS_ID[i]); + BIO_printf(out, "\n"); - // SHA256_CTX *ctx; - // if(!SHA256_Init(ctx)) - // perror("SHA init failed\n"); + BIO_printf(out,"_FWID : "); + for(int i = 0; i < SHA256_DGST_SIZE; i++) + BIO_printf(out,"%x",FW_ID[i]); + BIO_printf(out, "\n"); - // if(!SHA256_Update(ctx, UDS_ID, UDSsize)) - // perror("SHA update failed\n"); - // if(!SHA256_Update(ctx, FW_ID, FW_size)) - // perror("SHA update2 failed\n"); + memset(_CDID, 0, SHA256_DGST_SIZE); - // if(!SHA256_Final(_CDID, ctx)) - // perror("SHA close failed\n"); + BIO_printf(out,"_CDI 0 : "); + for(int i = 0; i < SHA256_DGST_SIZE; i++) + BIO_printf(out,"%x",_CDID[i]); + BIO_printf(out, "\n"); + + SHA256_CTX *ctx; + if(!SHA256_Init(ctx)) + perror("SHA init failed\n"); + + if(!SHA256_Update(ctx, UDS_ID, UDSsize)) + perror("SHA update failed\n"); + if(!SHA256_Update(ctx, FW_ID, FW_size)) + perror("SHA update2 failed\n"); + + if(!SHA256_Final(_CDID, ctx)) + perror("SHA close failed\n"); diff --git a/trial1/layer1.h b/trial1/layer1.h index e068ec1..8900c6c 100644 --- a/trial1/layer1.h +++ b/trial1/layer1.h @@ -1,5 +1,6 @@ #include #include +#include #include #include diff --git a/trial1/layer2.c b/trial1/layer2.c index 1cd88f5..911278b 100644 --- a/trial1/layer2.c +++ b/trial1/layer2.c @@ -11,7 +11,7 @@ void startCDIProtocol() // for(int i = 0; i < SHA256_DGST_SIZE; i++) // printf("%x",UDS_ID[i]); - // printf("\n"); + // printf(" : UDS_ID, main\n"); //step 2 : Derive Firmware ID uint8_t* FW_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); @@ -19,7 +19,7 @@ void startCDIProtocol() // for(int i = 0; i < SHA256_DGST_SIZE; i++) // printf("%x",FW_ID[i]); - // printf("\n"); + // printf(" : FW_ID, main\n"); //setp 3 : Derive Composite Device ID @@ -28,37 +28,33 @@ void startCDIProtocol() free(UDS_ID); free(FW_ID); - //uint8_t* _CD_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); + + // //wrapper funciton to avoid exposing UDS and FW measurements + + // uint8_t* _CD_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE); // _calcCDID(_CD_ID); - - for(int i = 0; i < SHA256_DGST_SIZE; i++) - printf("%x",CD_ID[i]); - printf( "\n"); + // printf( "CDID wrap : "); + // for(int i = 0; i < SHA256_DGST_SIZE; i++) + // printf("%x",_CD_ID[i]); + // printf( "\n\n\n"); uint8_t* KEY_OUT = calloc(1,sizeof(uint8_t)*KDF_KEY_SIZE); size_t KEY_LEN = KDF_KEY_SIZE; //need to pass pointer to the out key size, not the value if(deriveKDF(KEY_OUT, &KEY_LEN, CD_ID, SHA256_DGST_SIZE, PASSPHRASE, lenofstr(PASSPHRASE))) - printf("KDF call success\n");; + printf("\n\nKDF call success\n");; - //return value iz not correct. - //first 6 bytes are random, inconsistent, followed by two 0s then the next bytes are correct - //very suspicious behaviour - //is this similar to _cacl_CDID fun issue? - //should i use memset memcp isntead of passing pointers? - //learn pointers more thoroughly - for(int i = 0; i <= KDF_KEY_SIZE; i++) printf("%x,",KEY_OUT[i]); - printf( ":KEY_OUT\n"); + printf( " : KEY_OUT\n"); //End block free(CD_ID); - //free(_CD_ID); + //free(_CD_ID); //for wrapper function } @@ -67,16 +63,16 @@ int deriveKDF(uint8_t * out, size_t * out_len, uint8_t * secret, int secret_len, //create comtext //ctx set params //passphrase - //secret + //secret //CDI //alg //not taken as input. fixed to sha256 //salt //meh, hardcode salt too //out //hkdf derive key - for(int i = 0; i < SHA256_DGST_SIZE; i++) - printf("%x",secret[i]); - printf( " : secret\n"); + // for(int i = 0; i < SHA256_DGST_SIZE; i++) + // printf("%x",secret[i]); + // printf( " : secret\n"); //sample kdf prog @@ -105,12 +101,11 @@ int deriveKDF(uint8_t * out, size_t * out_len, uint8_t * secret, int secret_len, if (EVP_PKEY_derive(pctx, out, out_len) <= 0) perror("pkey derivation failed:"); - for(int i = 0; i <= KDF_KEY_SIZE; i++) - printf("%x,",out[i]); - printf( ": OUT\n"); + // for(int i = 0; i <= KDF_KEY_SIZE; i++) + // printf("%x,",out[i]); + // printf( ": OUT\n"); EVP_PKEY_CTX_free(pctx); - free(out); - + return 1; } \ No newline at end of file diff --git a/trial1/out/main2 b/trial1/out/main2 index bf61f812623bc30db25b043664152548c6d9dcbf..e72d963360c4c6224ff5c81b6eafb532d1023603 100755 GIT binary patch delta 3737 zcmZ`+3vg7`89wK3!e%#*-Aw|!;gP*4gi^?35s0RMF3G~p00JoiX{m811We?SN{~kl z3k^6fNt~uXDq^SBI(1^pjOeyBFql$FO$3yMQVEZCq~fq5k0gMu7`XlabMIy^SZ^lh zKllH?|9Sp%?%8k?4>$2&g{>}`iN__koN0F)7@@rlP3nB@v{FzWoVt}Vs z`d6%2UCCBftz1)82ifMi7KxegPht$#nIC{XW|!l)XuytPtQ}fyVJK^b(`GmSGkjzI zDNls*q*FX0lxykZuJ=aCOxbp@PEx~4Lr2mfEp*00`N<)kRFuY;(wuq-E~R|Ecy20V zk(X|(Y8!zf3(&CAJar~bLird?Oj&u;)m*$#BFzDt#k?S_!0ux+NL7 zV}itzVUk1UAHzb&M*bcgcZ`wVw8AY%j<>~%3hQo>LU|OGx|HB2O0YAs;~Q1oc2ETU zOM)yA5Rv{?d`E~@`*ScgBPXz%Rv^Y|jjC#c?=o+wzwF+0L=R-65%C-%1RovkLPu@b zBkaT2g3VKc^=(RHV!;TRwbKGqJQ)bXT7HUZpJJKE8O;?2G0Cgy4opVq`Zv4~I5vNo1uh;xXCDuItl&4jI_hgWKhV%OKI z+Ue^+PwdP5Mqh_g8Ae!}!o#+`%(jY(Enrj~ zFWhy-+;wU0BKNxMHya8P{fgXmp}VfQyTeArCy3D9Z8v&rM}B9(cQoeisOGNcUUx4T zjcph1j-tDxad%6Mh$l67ZTn?3JkSJB$AhpLg9sE+6uxjQi17E6*lKh!NCXkaAj0t= zx(6Ama^a@PIZBJ0gjLn|LpEB8{6Lg{4)siQKh+<*RCK{XG^+#61Y{bJIwiV4Vj95h zjN|&yX`~z9^*z|8@4=hsUpMs`LH;5jqFI>&Vo7(zLS{# z$$0u_6AkHKyfLukuNpOvA-~ht9rM<$R6b5U{GBC#&1mdZRBG^bqr2|7yOl=7hPXSs z(VhPWY|hMl^gH{-V^q!+=Fg$|b8+)(f+3san0Z`G_f2RYJT7p8SV3Pm2H#Cyd}wNcw#BAU`tiI`j;=Kkqcowez^QkLoP8mb@v9 zu=fd;tOX%XxBTnib!JE#ufsy;1o+6=IA$D4gLw3dEW;c({ zOP5)>(ws~5$KK%W(%@IK$I^`;N%{M2QzSo>H}p0S6ql6BMKY_*Q6xLS}-LE4OES%UOmxHQiqb>Pna4bmp;!UIUp;pgle(i`~Q z>PNa1Z!#r#Max86^l*4(gj3pl72X|@C+)cm{~eK&<+`e>)PJ#OI8K(}|49pgG_}y#hk=Qk78blvHb!&F)n{5AtoP=dR=%* z&bv#0)_^|QrBAdCV~*=vCDJcJ))I~v&K?-)o|)jnn-BO4GD4f($5WtZ{DbLsyb#et zg{5cIFeu91#NUT~xfSVQJw-fB#S=Bd5Az=7t*{}_&1*uhG?P3c*SFzs}f#$??HWlzs?x|{RIp?9K_Z-aLxIr$Fac;3|UJ6#%1lnbYR z!M9=N8b3Df5q6G=@pH11#nFYs5H_tBJ$5*cUdD@Y8aO69vmQgFojDmRkOd+(RDpN0 zlW!5o--!`ZMcuRT`edi)BH5RmEa@Jt8_1_j_YBqSRO#jtz+dR(qk-e-5%XE#!TAC) zuca}IP8-rS3WrOD*`5*7^jNy2{CS@G3y1aoE^(!zbDZbg>)}U9n3W#jqS6;;CRSs zxg&~!ofYytRK^GCzpd65Ef4h;RV0MwKJ4e%z3)7dZ>iDSwg$d8F7Q=D&!|B$RM gF0>Y8Yo)b3A|GD?V#p#{7 z=Rf!RU*~_EvuES`czhpki(4B#OgxRA17CDFTocu=5emoo-^U&Cz37i-%Tp%5Uq0S^ zZQYMfRla%z4odalHOUZ9a`9GJVRFJQQ)6-yXKXTb^DM9@MR`4RC!OZ6L=Gf}ct(9g zuy%9J%dEDhu5N2BOiWp3WfC*t%a{ooQsxw>zBwX(G-Jol+4zpzvL&6dBz9QC8nU-o zP=g(Z?i3II5C&4#@g%4;f6kL5xt4p}{^3+FlXpjhQX(!lcbd;e3Q{B7ycdngt?5~C zBkk+8htn8S_B=`?+R3N#X$tYa`wpS?I{JgNRdV=Cx%rkIS#J{SFUSf9hMRW|CmPZa z+$ZF}NhDeV!{JX5csmVBGFDD;5q@Eqg!^umAzn$qL)4aA0{wDp(V8?kkuhoRrBsAp zSLK>__OZrxv4BEVy;;x_P~_S;ip6Cfw|&HHAJGRDV878;3F;I#2NZOtjJjKI6mgBZOEbD- zP?MP#@)|`ieobq?g~o1;8oNUcrbql9N{Dq}mO9XIJ2o~ur*~Va9NyU_w?v@L8y}G+z)!oqJ?&^)kCJ1-E=&pCv-2$V;!>>l% zr5L^a3-MTWpig(#r@HHU+?`}J_C6|&>28WHo@|JJpY9IxdgK8tbj}E^qJYDJ%NX=! zO80WCnxRT_Rdz43dx<@3Y!Sz+Z0w&Zd@D%|t%$lUQTMtq`a{*Pu&|Os3v`LdrnmeA z_qEtciXK{2oOu7hWvl!6?0t%=3zOL8X^Nl5V}vRHM66>R&eTq8BlBTwnOGoBs8~&F zgV>b*Q@DxP($?ht$>4B3nG!<7O4EJFcTFkZG~%Q{IJt;UE{_ZFp&g_uh{NGqdPa#jB|}QXhNPc2q)Zm znekDT&j>y_2-grkI0~O2xN#6X*?FN2qwrpWOYs}icM^-)t}a3pv*O-}uLcrxqgX7^ zsYl(ZM%_L(>Tdi6R%`f+0gAd4qwZAGE0dAm3?ynPzj(686c>8Hc{|N7qPRG`SStxYwY@2_L|GA3r=l&}H>ZPr@S2DeC^Q4YL?GDGAY+0 zSF#`R%~gvk7FAbzOT29H8huv2sDglM;)w~d#6;udHnNHrHog?x65PR-EL!ZPD~5M_ zLv8KG?b}&y<4jhvB(S!6S=DNWTH80)zPvFA3nu<7RN^HJAO4i-+d-swM_{fyi9{6X zvAbA9r0q!Ckbc~sNH9Dx?;`agEyCzak@_&l8<6h6I`2Yy0QcGvq$hBPMv<1`R_sNp z;Ey?7cD_#sC0%+LhI^e z{&x_69)tMp82uwce-Wyzr<+kc)drVf95lpF1*9gLs_LK zm<=Vfn)q2bHLE)FvKA&Dr|M&d>G|K|Ct*jvhu1|8<*$)=9SqENA~Z02{2ct*H6}(= zGBGRDE$N1cnpi4x!3tlsFPLq_)wu~Tm%IKi?m(@pJ|}O(aeO4B@I04-9{6HTK6im- z?pD4IcFe8J%3$@Hwx}Z-T}3xwcQt-yvJ4i-I~+YTRKm8wq#`HZMKZoOF{>o=yi;Y0 z?BcXi;5JN>rlgTykrw|zjBzpko2tV%@X56aLjYM*P^7Ip}W~$ zO-3b~z(3E)UlWo?#rS72_Q273PM<>dB_}gKruCH;Bh%KoQL~v0HN{Sz2OP&jF<%Nk zoL7nYHX7YwJWeR~lnhmAv8D@f040AZBu~?r`K2a#z@dt`B)CzW)?86vE`)pbrPQT7h6Z#+zdbV&$H;=eHo7Xi!J(=a=~?fO!{>?{Glx0s<#a8uN!6a w9C~N#^ylC!FR+aMrQ1?oY;Dv2=(SCZyjQ+h;&B)V6kF^I)bxD=+ZKBM2iL&YJOBUy