Deterministic ECC rom Seed working

trial3/defines.h

@@ -31,4 +31,39 @@
 
 /* CONFIGURATIONS */
 
-#define USE_ECC			1
+#define USE_ECC			1
+#define USE_HW_TRNG		0
+
+
+
+#define SW_PRNG 	0
+#define HW_TRNG 	1
+#define DETERM 		2
+
+
+
+
+
+/* SPECIFIC AND SPECIAL VALUES */
+/* DO NOT CHANGE THIS BLOCK */
+
+#define ACCUM_BUFF_OFFSET	2
+#define ENTROPY_LEN			32
+
+
+/* typedes */
+
+typedef struct
+{
+	/*
+	Use this typedef to define settings and vlaues to be passed to deriveECCKeyPair()
+	To be used or exchanging data between ROM and FW
+	*/
+
+	mbedtls_mpi 			secret;			//Private key holder
+    mbedtls_ecp_point 		Public;			//Public key holder
+    int 					ENT_MODE;		//0 - SW_PRNG, 1 - HW_TRNG, 2 - DETERM, 
+    int 					PKC_MODE;		// isECC, 1 = ECC, 0= RSA
+    const uint8_t * 		seed;			//To seed
+    const char *			phrase;			//Session string
+} KeyDrv_context;

trial3/layer1.c

@@ -196,8 +196,85 @@ int _calcCDIKEY(uint8_t * CDIKEY)
   //gen keypair
 
 
+/* To use HW TRNG /dev/random as the source of entropy add source to entropy contxt -
+*/
 
-int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK)
+int use_dev_random(void *data, unsigned char *output,
+                             size_t len, size_t *olen )
+{
+    FILE *file;
+    size_t ret, left = len;
+    unsigned char *p = output;
+    ((void) data);
+
+    *olen = 0;
+
+    file = fopen( "/dev/random", "rb" );
+    if( file == NULL )
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+    while( left > 0 )
+    {
+        /* /dev/random can return much less than requested. If so, try again */
+        ret = fread( p, 1, left, file );
+        if( ret == 0 && ferror( file ) )
+        {
+            fclose( file );
+            return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+        }
+
+        p += ret;
+        left -= ret;
+        sleep( 1 );
+    }
+    fclose( file );
+    *olen = len;
+
+    return( 0 );
+}
+
+
+int seedRNGSource(void *data, unsigned char *output, size_t len)
+{
+  //srand(); lib fun call //https://stackoverflow.com/questions/55927662/generate-every-time-same-rsa-key-with-c
+  //ctr_drbg    //programs/test/benchmark.c:705
+  //hmac_drbg
+
+	//Fill entropy accum with CDI and pass to DRBG
+
+
+  mbedtls_entropy_context * p_ent = data;
+  printf("manual update entropy with CDI\n");
+  printf("%d : len of buffer\n", (int)sizeof(p_ent -> accumulator.buffer) );
+    
+  if(memcpy(output, p_ent -> accumulator.buffer + ACCUM_BUFF_OFFSET , ENTROPY_LEN) < 0)
+  	return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+  for(int i = 0; i < ENTROPY_LEN; i++)
+      printf("0x%hhx,",output[i]);
+  printf(" :  CDIKEY\n");
+  len = ENTROPY_LEN;
+  printf("%d\n", (int)len );
+
+  return 0;
+
+  //  ((void) data);
+  //  printf("Direct return CDI to drbg\n");
+  
+  // len = sizeof(CDI);
+  // memcpy(output, CDI, len);
+  //      for(int i = 0; i < len; i++)
+  //   printf("0x%hhx,",output[i]);
+  //  printf(" :  CDIKEY\n"); 
+  //  printf("%d\n", (int)len);
+  // return 0;
+
+}
+
+
+
+
+int deriveECCKeyPair(KeyDrv_context * KD_ctx)
 {
 
 	printf("inside deriveECCKeyPair layer1\n\n");
@@ -229,15 +306,48 @@ int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK)
     mbedtls_ctr_drbg_context drbgCtx;
     mbedtls_ctr_drbg_init(&drbgCtx);
 
-    //Seed drbg with secret data now?
+   
-    //move "private" string to n param
+    if (KD_ctx->ENT_MODE == HW_TRNG)		//HW RNG
-    if(mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func, &entropyCtx,
-    				(const unsigned char *) "Private", sizeof("Private")) < 0)
     {
-    	perror("drbg seed failed\v");
+    	printf("using /dev/random.... this may take a moment\n");
-    	return RIOTFAILURE;
+    	mbedtls_entropy_add_source( &entropyCtx, use_dev_random,
+                                 NULL, ENTROPY_LEN, MBEDTLS_ENTROPY_SOURCE_STRONG );
+    	
+    	mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func,
+                               &entropyCtx,
+                               (const unsigned char *) KD_ctx->phrase ,
+                               strlen(KD_ctx->phrase)
+                               );
     }
 
+    else if (KD_ctx->ENT_MODE == DETERM)			// Deterministic derviation with seed
+    {	
+    	printf("Seeding entropy accumulator....\n");
+	    if(mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN) < 0)
+	    {
+	    	perror("Accumulator seed failed\n");
+	    	return RIOTFAILURE;
+	    }
+
+	    if(mbedtls_ctr_drbg_seed(&drbgCtx, seedRNGSource, &entropyCtx,
+	    				(const unsigned char *) KD_ctx->phrase, sizeof(&KD_ctx->phrase)) < 0)
+	    {
+	    	perror("drbg seed failed\v");
+	    	return RIOTFAILURE;
+	    }
+	}
+
+	else 						//regular key derivation
+	{
+		printf("Accumulating entropy ...\n");
+		mbedtls_entropy_update_manual(&entropyCtx, KD_ctx->seed, ENTROPY_LEN);
+		mbedtls_ctr_drbg_seed(&drbgCtx, mbedtls_entropy_func,
+                               &entropyCtx,
+                               (const unsigned char *) KD_ctx->phrase ,
+                               strlen(KD_ctx->phrase)
+                               );
+	}
+
     if(mbedtls_ecp_gen_keypair(&ecpGrp, &secret, &Public, 
     				mbedtls_ctr_drbg_random, &drbgCtx) <0)
     {
@@ -270,8 +380,10 @@ int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK)
 	printf("%s :  PrivKey\n",privkeybuf);
 
 	//copy keys to parent function
-    mbedtls_ecp_copy(PK, &Public);
+    mbedtls_ecp_copy(&KD_ctx->Public, &Public);
-    mbedtls_mpi_copy(SK, &secret);
+    mbedtls_mpi_copy(&KD_ctx->secret, &secret);		/* Make SK NULL for Identitiy key generation */
+
+
 
     //what now? how to obtain the keys in PEM/DER/bin format?
 

trial3/layer1.h

@@ -1,6 +1,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
+
 
 #include <mbedtls/bignum.h>
 #include <mbedtls/entropy.h>
@@ -30,7 +32,10 @@ int _calcCDID(uint8_t * CDID);
 
 int _calcCDIKEY(uint8_t * CDIKEY);
 
-int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK);
+
+int seedRNGSource(void *data, unsigned char *output, size_t len);
+
+int deriveECCKeyPair(KeyDrv_context * KD_ctx);
 
 int deriveRSAKeyPair(void);
 

trial3/layer2.c

@@ -16,8 +16,10 @@ void ROMprotocol(void)
     printf(" : CDIKEY main\n");
 
   printf("USE_ECC %d\n", USE_ECC);
+
+
+  deriveDeviceIDKeyPair(CDIKEY, USE_ECC);
   deriveDeviceIDKeyPair(CDIKEY, USE_ECC);
-  deriveDeviceIDKeyPair(CDIKEY, !USE_ECC);
 
 
 printf("pass 100\n");
@@ -25,23 +27,6 @@ printf("pass 100\n");
   return;
 }
 
-void seedRNGSource(uint8_t * CDIKEY)
-{
-  //srand(); lib fun call //https://stackoverflow.com/questions/55927662/generate-every-time-same-rsa-key-with-c
-  //ctr_drbg    //programs/test/benchmark.c:705
-  //hmac_drbg
-
-  //seed rng with CDIKEY
-  //init
-  //drbg seed
-
-
-
-
-  return;
-}
-
-
 
 void deriveDeviceIDKeyPair(uint8_t * CDIKEY, int isECC)
 {
@@ -61,22 +46,31 @@ void deriveDeviceIDKeyPair(uint8_t * CDIKEY, int isECC)
   //return pubkey and privkey both to L2?
 
 
-  if(isECC)
+  KeyDrv_context DID_ctx;
+  DID_ctx.ENT_MODE = DETERM;	//deterministec
+  DID_ctx.PKC_MODE = isECC;
+  DID_ctx.seed = CDIKEY;
+  DID_ctx.phrase = IDENTITY;
+
+
+  if(DID_ctx.PKC_MODE == isECC)
   { 
 
-  	mbedtls_mpi secret;
+  	//mbedtls_mpi secret;
-    mbedtls_mpi_init(&secret);
+    mbedtls_mpi_init(&DID_ctx.secret);
 
-    mbedtls_ecp_point Public;
+    //mbedtls_ecp_point Public;
-    mbedtls_ecp_point_init(&Public);
+    mbedtls_ecp_point_init(&DID_ctx.Public);
 
     //return pubkey and privkey both to L2?
-    deriveECCKeyPair(&secret, &Public);		
+    deriveECCKeyPair(&DID_ctx);		
 
     //secret and Public contain raw key inormation of generated keys
     //Public also needs group and context to handle ECP
     //Converting raw info to PEM is not easible like this
 
+    //free(DID_ctx);
+
     return;
   }
 

trial3/layer2.h

@@ -16,15 +16,15 @@
 #include <mbedtls/sha256.h>
 
 
-#include "defines.h"
+//#include "defines.h"
 
 
+#define IDENTITY	"Identity"
+#define ALIAS 		"ALIAS"
 
 
 void ROMprotocol(void);
 
-void seedRNGSource(uint8_t * CDIKEY);
-
 void deriveDeviceIDKeyPair(uint8_t * CDIKEY, int isECC);
 
 void deriveAliasKeyPair(uint8_t * ALIKEY, int isECC);

trial3/links.txt

@@ -8,14 +8,19 @@ https://www.cryptopp.com/wiki/
 
 
 
+https://forums.mbed.com/t/ecc-raw-byte-stream-to-pem/4540/3
+https://github.com/ARMmbed/mbedtls/issues/2560
 
 
+ENTROPY
 
-
+gen_key.c
-
 adding /dev/random to entropy - 
 mbedtls_entropy_add_source( &entropy, dev_random_entropy_poll,
                                         NULL, DEV_RANDOM_THRESHOLD,
                                         MBEDTLS_ENTROPY_SOURCE_STRONG ) ) != 0 )
 
-                                        
+https://forums.mbed.com/t/mbedtls-porting-into-new-environment-help-with-networking-and-entropy/4969
+https://os.mbed.com/docs/mbed-os/v6.2/porting/entropy-sources.html
+
+https://tls.mbed.org/discussions/crypto-and-ssl/deterministic-random-bit-generator-help