Alias and session keys
This commit is contained in:
atul.jha
parent
5102767b36
commit
f92dcf0f5b
@ -156,9 +156,9 @@ if(DEBUG)
|
||||
0xbe,0x67,0x0a,0xf8,0xf3,0x92,0x0e,0xba,
|
||||
0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc,0x4f };
|
||||
|
||||
uint8_t * CDIKEY = calloc(1, sizeof(uint8_t)*CDI_KEY_SIZE);
|
||||
uint8_t * CDIKEY = calloc(1, sizeof(uint8_t)*HKDF_KEY_SIZE);
|
||||
ret = mbedtls_hkdf(md_info, salt, sizeof(salt), CDI, SHA256_DGST_SIZE,
|
||||
IDENTITY, sizeof(IDENTITY), CDIKEY, CDI_KEY_SIZE);
|
||||
IDENTITY, sizeof(IDENTITY), CDIKEY, HKDF_KEY_SIZE);
|
||||
|
||||
if(ret < DIMASUCCESS)
|
||||
{
|
||||
@ -172,7 +172,7 @@ if(DEBUG)
|
||||
|
||||
if(DEBUG)
|
||||
{
|
||||
for(int i = 0; i < CDI_KEY_SIZE; i++)
|
||||
for(int i = 0; i < HKDF_KEY_SIZE; i++)
|
||||
printf("%hhx",CDIKEY[i]);
|
||||
printf(" : CDIKEY\n");
|
||||
}
|
||||
|
||||
@ -26,7 +26,7 @@
|
||||
/* CONSTANTS TO BE USED IN DIMA */
|
||||
#define SHA256_DGST_SIZE 32 //bytes
|
||||
#define UDS_SIZE 8
|
||||
#define CDI_KEY_SIZE 32
|
||||
#define HKDF_KEY_SIZE 32
|
||||
#define HKDF_ALG MBEDTLS_MD_SHA256
|
||||
#define ECC_CURVE MBEDTLS_ECP_DP_SECP256R1 //mbedtls_ecp_group_id
|
||||
#define RSA_HASH_ID MBEDTLS_MD_SHA256
|
||||
|
||||
@ -10,7 +10,84 @@ void main()
|
||||
ret = ROMprotocol();
|
||||
/*release resources*/
|
||||
|
||||
//alias and session keys, firmware execution
|
||||
//ALIAS and session keys, firmware execution
|
||||
|
||||
//measure firmware.bin
|
||||
//measure firmware.conf
|
||||
//measure ....
|
||||
//calculate FW_ID - composite hash of all above measurements
|
||||
//create ALIAS KD_ctx
|
||||
//keygen
|
||||
//publish keys
|
||||
|
||||
|
||||
//placeholder FW_ID
|
||||
uint8_t FW_ID[SHA256_DGST_SIZE] = { 0xf3,0x92,0x0e,0x4f,0xbe,0x67,0x0a,0xf8,
|
||||
0xf1,0xd9,0x30,0xe2,0x33,0xcc,0x28,0xc5,
|
||||
0xba,0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc,
|
||||
0xe6,0x66,0xbb,0x1e,0x7b,0xbb,0x38,0x7d };
|
||||
|
||||
const mbedtls_md_info_t * md_info;
|
||||
if(!(md_info = mbedtls_md_info_from_type(HKDF_ALG)))
|
||||
{
|
||||
perror("DIMAHKDFFAILURE: MD alg type def failed\n");
|
||||
exit(DIMAHKDFFAILURE);
|
||||
}
|
||||
|
||||
uint8_t salt[32] = { 0x68, 0x5e, 0x4e, 0xbe, 0xf2, 0xbe, 0xb9, 0xd5, 0x13,
|
||||
0x7c, 0x14, 0x71, 0x20, 0xfb, 0x42, 0x32, 0x54, 0x12,
|
||||
0x3e, 0x31, 0xa6, 0x89, 0x4c, 0xe0, 0x58, 0x51, 0x0e,
|
||||
0x26, 0xb0, 0xdd, 0x78, 0x55 };
|
||||
|
||||
uint8_t * FWKEY = calloc(1, sizeof(uint8_t)*HKDF_KEY_SIZE);
|
||||
ret = mbedtls_hkdf(md_info, salt, sizeof(salt), FW_ID, SHA256_DGST_SIZE,
|
||||
ALIAS, sizeof(ALIAS), FWKEY, HKDF_KEY_SIZE);
|
||||
|
||||
if(ret < DIMASUCCESS)
|
||||
{
|
||||
perror("DIMAHKDFFAILURE\n");
|
||||
exit(DIMAHKDFFAILURE);
|
||||
}
|
||||
|
||||
KeyDrv_context ALIAS_ctx;
|
||||
ALIAS_ctx.ENT_MODE = DFL_ENT;
|
||||
ALIAS_ctx.PKC_MODE = DFL_PKC;
|
||||
ALIAS_ctx.seed = FWKEY;
|
||||
ALIAS_ctx.phrase = ALIAS;
|
||||
ALIAS_ctx.KEY_FORM = DFL_FORM;
|
||||
|
||||
printf("Generating Alias keys\n");
|
||||
|
||||
ret = AsymmKeyGen(&ALIAS_ctx);
|
||||
if(ret < DIMASUCCESS)
|
||||
{
|
||||
perror("DIMAFAILURE : ALIAS key gen failed\n");
|
||||
exit(DIMAFAILURE);
|
||||
}
|
||||
|
||||
|
||||
|
||||
//Session key creation
|
||||
//receive session nonce from verifier?
|
||||
//placeholder
|
||||
char * nonce = "session1";
|
||||
|
||||
KeyDrv_context SSN_ctx;
|
||||
SSN_ctx.ENT_MODE = SW_PRNG;
|
||||
SSN_ctx.PKC_MODE = DFL_PKC;
|
||||
SSN_ctx.seed = FWKEY;
|
||||
SSN_ctx.phrase = nonce;
|
||||
SSN_ctx.KEY_FORM = DFL_FORM;
|
||||
|
||||
printf("Generating Session keys\n");
|
||||
|
||||
ret = AsymmKeyGen(&SSN_ctx);
|
||||
if(ret < DIMASUCCESS)
|
||||
{
|
||||
perror("DIMAFAILURE : SESSION key gen failed\n");
|
||||
exit(DIMAFAILURE);
|
||||
}
|
||||
|
||||
printf("Successful exit\n");
|
||||
|
||||
return;
|
||||
|
||||
BIN
trial4/out/main
BIN
trial4/out/main
Binary file not shown.
Loading…
Reference in New Issue
Block a user