implemented kdf. slightly broken. pointer passing issue!!

trial1/layer1.c

@@ -5,9 +5,9 @@
 
 #define UDSFILE "./out/RANDFILE"
 #define UDSsize 8						//bytes
-#define FW_file "layer1.c"
+#define FW_file "layer2.c"				//use RANDFILE if testing FW_M for consistency
 #define FW_size 1000		
-////need to find a way to determine file size using BIO tools
+////need to find a way to determine FW file size using BIO tools
 
 
 int createUDS()
@@ -31,10 +31,10 @@ int readUDS(uint8_t* UDS_M)
 	int i;
 
 	//uint8_t UDSbuf[UDSsize] = {0};
-	//uint8_t UDS_M[SHA256_dig_t] = {0};
+	//uint8_t UDS_M[SHA256_DGST_SIZE] = {0};
 
 	uint8_t* UDSbuf = calloc(1,sizeof(uint8_t)*UDSsize);
-	//uint8_t* UDS_M = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	//uint8_t* UDS_M = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 
 
 	out = BIO_new_fp(stdout, BIO_NOCLOSE);
@@ -62,11 +62,11 @@ int readUDS(uint8_t* UDS_M)
 
 	//Print block. delete later
 	for(i = 0; i < UDSsize; i++)
-	 	BIO_printf(out,"%x",UDSbuf[i]);
+	 	BIO_printf(out,"%x,",UDSbuf[i]);
 	BIO_printf(out, "\n");
 
 	BIO_printf(out,"UDS digest : ");
-	for(i = 0; i < SHA256_dig_t; i++)
+	for(i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",UDS_M[i]);
 	BIO_printf(out, "\n");
 
@@ -80,40 +80,37 @@ int readUDS(uint8_t* UDS_M)
 
 int readFWID(uint8_t* FW_M)
 {
-	//1. Read layer1.c into memory
-	//2. Calcualte hash into arg
 
-	//uint8_t * source;
-	//FW_size shoudl not be static.
-	//Use indefinite array or determine FW_size
-	uint8_t* source = calloc(1,sizeof(uint8_t)*(FW_size));
+// 	//1. Read layer1.c into memory
+// 	//2. Calcualte hash into arg
+
 	BIO *fp, *out;
-	int buf_size = 0;
 	int i;
 
+// 	//uint8_t * source;
+// 	//FW_size shoudl not be static.
+// 	//Use indefinite array or determine FW_size
+	uint8_t* source = calloc(1,sizeof(uint8_t)*FW_size);
 	out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
 	fp = BIO_new_file(FW_file, "r");
-
 	if(!fp)
-		perror("Opening FW to read failed\n");
+		perror("Opening firmware bin to read failed\n");
 	
-	if(BIO_eof(fp))
-		perror("File empty\n");
+	if (BIO_read(fp,source,FW_size) < 0)		//Suspecting a ENDian issue in reading. data is half byte reversed
+		perror("BIO read failed\n");
 
-	 while(!BIO_eof(fp) && (buf_size < FW_size))
-	 {
-	 	BIO_read(fp, source[buf_size], 1);
-	 	buf_size++;				//buf_size includes EOF
-	 	//break;
-	 }
-
-	if(SHA256(source, buf_size -1, FW_M) == NULL)
+	//Compute hash of FW
+	if(SHA256(source, FW_size, FW_M) == NULL)
 		perror("FW measurement failed\n");
 
+	//Print block. delete later
+	 // for(i = 0; i < 100; i++)
+	 //  	BIO_printf(out,"%x,",source[i]);
+	 // BIO_printf(out, "\n");
 
-	//print block
 	BIO_printf(out,"FW digest : ");
-	for(i = 0; i < SHA256_dig_t; i++)
+	for(i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",FW_M[i]);
 	BIO_printf(out, "\n");
 
@@ -124,6 +121,8 @@ int readFWID(uint8_t * FW_M)
 
 }
 
+
+
 int calcCDID(uint8_t * UDS_M, uint8_t * FW_M, uint8_t * CDID)
 {
 	//0. internally call readUDS and readFWID? abstraction of UDS against layer2
@@ -150,17 +149,17 @@ int calcCDID(uint8_t * UDS_M, uint8_t * FW_M, uint8_t * CDID)
  	//print block
 
  	BIO_printf(out,"UDID_M : ");
-	for(int i = 0; i < SHA256_dig_t; i++)
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",UDS_M[i]);
 	BIO_printf(out, "\n");
 
 	BIO_printf(out,"FWID_M : ");
-	for(int i = 0; i < SHA256_dig_t; i++)
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",FW_M[i]);
 	BIO_printf(out, "\n");
 
 	BIO_printf(out,"CDI : ");
-	for(int i = 0; i < SHA256_dig_t; i++)
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",CDID[i]);
 	BIO_printf(out, "\n");
 	BIO_free(out);
@@ -184,29 +183,59 @@ int _calcCDID(uint8_t * _CDID)
 	BIO_printf(out, "\n");BIO_printf(out, "\n");BIO_printf(out, "\n");
 
 	//step 1 : Derive Device ID
-	uint8_t* UDS_ID = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	uint8_t* UDS_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 	readUDS(UDS_ID);
 
 	//step 2 : Derive Firmware ID
-	uint8_t* FW_ID = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	uint8_t* FW_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 	readFWID(FW_ID);
 
 	//step3 : call calcCDID
 	calcCDID(UDS_ID,FW_ID,_CDID);
 
+	// BIO_printf(out,"_UDID : ");
+	// for(int i = 0; i < SHA256_DGST_SIZE; i++)
+	//  	BIO_printf(out,"%x",UDS_ID[i]);
+	// BIO_printf(out, "\n");
+
+	// BIO_printf(out,"_FWID : ");
+	// for(int i = 0; i < SHA256_DGST_SIZE; i++)
+	//  	BIO_printf(out,"%x",FW_ID[i]);
+	// BIO_printf(out, "\n");
+
+
+	// BIO_printf(out,"_CDI : ");
+	// for(int i = 0; i < SHA256_DGST_SIZE; i++)
+	//  	BIO_printf(out,"%x",_CDID[i]);
+	// BIO_printf(out, "\n");
+
+	// SHA256_CTX *ctx;
+	// if(!SHA256_Init(ctx))
+	// 	perror("SHA init failed\n");
+
+	// if(!SHA256_Update(ctx, UDS_ID, UDSsize))
+	// 	perror("SHA update failed\n");
+	// if(!SHA256_Update(ctx, FW_ID, FW_size))
+	// 	perror("SHA update2 failed\n");
+
+ // 	if(!SHA256_Final(_CDID, ctx))
+ // 		perror("SHA close failed\n");
+
+
+	
 	BIO_printf(out,"_UDID : ");
-	for(int i = 0; i < SHA256_dig_t; i++)
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",UDS_ID[i]);
 	BIO_printf(out, "\n");
 
 	BIO_printf(out,"_FWID : ");
-	for(int i = 0; i < SHA256_dig_t; i++)
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",FW_ID[i]);
 	BIO_printf(out, "\n");
 
 
 	BIO_printf(out,"_CDI : ");
-	for(int i = 0; i < SHA256_dig_t; i++)
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	 	BIO_printf(out,"%x",_CDID[i]);
 	BIO_printf(out, "\n");
 	BIO_free(out);

trial1/layer1.h

@@ -1,19 +1,19 @@
 #include <stdio.h>
 #include <stdint.h>
+
 #include <openssl/rand.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/sha.h>
-#include <openssl/ec.h>
-#include <openssl/pem.h>
-#include <openssl/kdf.h>
 
 
-#define SHA256_dig_t 32	//bytes
+
+#define SHA256_DGST_SIZE 32	//bytes
 #define ECC_curve 
 
+int createUDS();					//create rand file. to be replaced with real fuse pointer
+
 int readUDS(uint8_t* UDSdigest);
-int createUDS();
 int readFWID(uint8_t * FW_M);
 int calcCDID(uint8_t * UDS_M, uint8_t * FW_M, uint8_t * CDID);
 int _calcCDID(uint8_t * CDID);		//wrapper function broken, do not use

trial1/layer2.c

@@ -1,38 +1,58 @@
 #include "layer2.h"
 
+//RIOT core
 
-
-void startProtocol()
+void startCDIProtocol()
 {
 
 	//step 1 : Derive Device ID
-	uint8_t* UDS_ID = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	uint8_t* UDS_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 	readUDS(UDS_ID);
 
-	// for(int i = 0; i < SHA256_dig_t; i++)
+	// for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	//  	printf("%x",UDS_ID[i]);
 	//  printf("\n");
 
 	//step 2 : Derive Firmware ID
-	uint8_t* FW_ID = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	uint8_t* FW_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 	readFWID(FW_ID);
 
-	// for(int i = 0; i < SHA256_dig_t; i++)
+	// for(int i = 0; i < SHA256_DGST_SIZE; i++)
 	//  	printf("%x",FW_ID[i]);
 	//  printf("\n");
 
 
 	//setp 3 : Derive Composite Device ID
-	uint8_t* CD_ID = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	uint8_t* CD_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 	calcCDID(UDS_ID,FW_ID,CD_ID);
 	free(UDS_ID);
 	free(FW_ID);
 
-	// uint8_t* _CD_ID = calloc(1,sizeof(uint8_t)*SHA256_dig_t);
+	//uint8_t* _CD_ID = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
 	// _calcCDID(_CD_ID);
 	
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
+	 	printf("%x",CD_ID[i]);
+	printf( "\n");
+
+	uint8_t* KEY_OUT = calloc(1,sizeof(uint8_t)*KDF_KEY_SIZE);
+	size_t KEY_LEN = KDF_KEY_SIZE;			//need to pass pointer to the out key size, not the value
 
 
+	if(deriveKDF(KEY_OUT, &KEY_LEN, CD_ID, SHA256_DGST_SIZE, PASSPHRASE, lenofstr(PASSPHRASE)))
+		printf("KDF call success\n");;
+
+
+	//return value iz not correct.
+	//first 6 bytes are random, inconsistent, followed by two 0s then the next bytes are correct
+	//very suspicious behaviour
+	//is this similar to _cacl_CDID fun issue?
+	//should i use memset memcp isntead of passing pointers?
+	//learn pointers more thoroughly
+
+	for(int i = 0; i <= KDF_KEY_SIZE; i++)
+	 	printf("%x,",KEY_OUT[i]);
+	printf( ":KEY_OUT\n");
 
 
 	//End block
@@ -41,3 +61,56 @@ void startProtocol()
 	//free(_CD_ID);
 }
 
+
+int deriveKDF(uint8_t * out, size_t * out_len, uint8_t * secret, int secret_len, unsigned char * passphrase, int pass_len)
+{
+	//create comtext
+	//ctx set params
+		//passphrase
+		//secret
+		//alg			//not taken as input. fixed to sha256
+		//salt 			//meh, hardcode salt too
+		//out
+
+	//hkdf derive key
+	
+	for(int i = 0; i < SHA256_DGST_SIZE; i++)
+	 	printf("%x",secret[i]);
+	printf( " : secret\n");
+
+
+	//sample kdf prog
+	EVP_PKEY_CTX * pctx;
+	//uint8_t * OUT = calloc(1,sizeof(uint8_t)*KDF_KEY_SIZE);
+	//size_t keylen = KDF_KEY_SIZE;
+
+	uint8_t salt[32] = {0x31,0xe2,0x3e,0xcc,0x28,0xc5,0x7b,0xbb,0x38,0x7d,0xe6,0x66,0xbb,
+		0xbe,0x67,0x0a,0xf8,0xf3,0x92,0x0e,0xba,0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc,0x4f,
+		0xf1,0xd9,0x1e};
+
+	pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);		//..new_id() allocates pub key alg to ctx 
+
+	if(EVP_PKEY_derive_init(pctx) <= 0)
+		perror("pkey init failed:");
+	// if (EVP_PKEY_CTX_hkdf_mode(pctx,EVP_PKEY_HKDEF_MODE_EXPAND_ONLY ) <= 0)
+ 		//perror("set message mode failed:");
+	if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0)
+    	perror("set message digest failed:");
+	if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, sizeof(salt)) <= 0)
+ 		perror("set salt failed:");
+	if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0)
+    	perror("set secret failed:");
+	if (EVP_PKEY_CTX_add1_hkdf_info(pctx, passphrase, pass_len) <= 0)
+    	perror("set label failed:");
+	if (EVP_PKEY_derive(pctx, out, out_len) <= 0)
+    	perror("pkey derivation failed:");
+
+    for(int i = 0; i <= KDF_KEY_SIZE; i++)
+	 	printf("%x,",out[i]);
+	printf( ": OUT\n");
+
+	EVP_PKEY_CTX_free(pctx);
+	free(out);
+
+	return 1; 
+}

trial1/layer2.h

@@ -1,16 +1,24 @@
 #include "layer1.h"
 
-#include <stdio.h>
-#include <stdint.h>
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/sha.h>
+#include <openssl/ec.h>
+#include <openssl/pem.h>
+#include <openssl/kdf.h>
 
 
-#define SHA256_dig_t 32	//bytes
+#define SHA256_DGST_SIZE		32	//bytes
+#define PASSPHRASE				"Identity"
+#define KDF_KEY_SIZE			32
+#define KDF_ALG					EVP_sha256()
+#define EC_KEY_SIZE				32
 
-void startProtocol();
+#define lenofstr(a)				(sizeof(a)-1)
 
-int deriveKDF();
+
+void startCDIProtocol();
+
+int deriveKDF(uint8_t * out, size_t * out_len, uint8_t * secret, int secret_len, unsigned char * passphrase, int pass_len);
 int deriveECC_Key();
+int deriveDEVICE_Key();
+int deriveALIAS_key();
+int genDEVICE_cert();
+int genALIAS_cert();

trial1/main.c

@@ -3,7 +3,8 @@
 int main()
 {
 	printf("Hello World\n\n\n");
-	startProtocol();
+	startCDIProtocol();
+	//deriveKDF();
 	printf("\n\nSeccessful exit\n");
 	return 0;
 }