From f92dcf0f5be295447ba1b8e5c01f7cee385cb663 Mon Sep 17 00:00:00 2001
From: "atul.jha" <s8atjhaa@stud.uni-saarland.de>
Date: Wed, 13 Jan 2021 14:32:48 +0100
Subject: [PATCH] Alias and session keys

---
 trial4/ROMprotocol.c |   6 ++--
 trial4/defines.h     |   2 +-
 trial4/main.c        |  79 ++++++++++++++++++++++++++++++++++++++++++-
 trial4/out/main      | Bin 23064 -> 23064 bytes
 4 files changed, 82 insertions(+), 5 deletions(-)

diff --git a/trial4/ROMprotocol.c b/trial4/ROMprotocol.c
index eb31ad4..0a9a8e4 100644
--- a/trial4/ROMprotocol.c
+++ b/trial4/ROMprotocol.c
@@ -156,9 +156,9 @@ if(DEBUG)
     						0xbe,0x67,0x0a,0xf8,0xf3,0x92,0x0e,0xba,
     						0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc,0x4f		};
 
-    uint8_t * CDIKEY = calloc(1, sizeof(uint8_t)*CDI_KEY_SIZE);
+    uint8_t * CDIKEY = calloc(1, sizeof(uint8_t)*HKDF_KEY_SIZE);
 	ret = mbedtls_hkdf(md_info, salt, sizeof(salt), CDI, SHA256_DGST_SIZE,
-              IDENTITY, sizeof(IDENTITY), CDIKEY, CDI_KEY_SIZE);
+              IDENTITY, sizeof(IDENTITY), CDIKEY, HKDF_KEY_SIZE);
 
 	if(ret < DIMASUCCESS)
 	{
@@ -172,7 +172,7 @@ if(DEBUG)
 
 if(DEBUG)
 {
-	for(int i = 0; i < CDI_KEY_SIZE; i++)
+	for(int i = 0; i < HKDF_KEY_SIZE; i++)
       printf("%hhx",CDIKEY[i]);
 	printf(" :  CDIKEY\n");
 }
diff --git a/trial4/defines.h b/trial4/defines.h
index f100963..f4b1ada 100644
--- a/trial4/defines.h
+++ b/trial4/defines.h
@@ -26,7 +26,7 @@
 /* CONSTANTS TO BE USED IN DIMA */
 #define SHA256_DGST_SIZE 	32			//bytes
 #define UDS_SIZE			8
-#define CDI_KEY_SIZE		32
+#define HKDF_KEY_SIZE		32
 #define HKDF_ALG			MBEDTLS_MD_SHA256
 #define ECC_CURVE			MBEDTLS_ECP_DP_SECP256R1	//mbedtls_ecp_group_id
 #define RSA_HASH_ID			MBEDTLS_MD_SHA256 
diff --git a/trial4/main.c b/trial4/main.c
index 4c1e1c0..f6e78c4 100644
--- a/trial4/main.c
+++ b/trial4/main.c
@@ -10,7 +10,84 @@ void main()
 	ret = ROMprotocol();
 	/*release resources*/
 
-	//alias and session keys, firmware execution
+	//ALIAS and session keys, firmware execution
+
+	//measure firmware.bin
+	//measure firmware.conf
+	//measure ....
+	//calculate FW_ID - composite hash of all above measurements
+	//create ALIAS KD_ctx
+	//keygen
+	//publish keys
+
+
+	//placeholder FW_ID
+	uint8_t FW_ID[SHA256_DGST_SIZE] = {	0xf3,0x92,0x0e,0x4f,0xbe,0x67,0x0a,0xf8,
+											0xf1,0xd9,0x30,0xe2,0x33,0xcc,0x28,0xc5,
+    										0xba,0x68,0xd1,0x56,0xea,0x34,0x3f,0xbc,
+    										0xe6,0x66,0xbb,0x1e,0x7b,0xbb,0x38,0x7d	}; 
+
+    const mbedtls_md_info_t * md_info;
+	if(!(md_info = mbedtls_md_info_from_type(HKDF_ALG)))
+	{
+		perror("DIMAHKDFFAILURE: MD alg type def failed\n");
+		exit(DIMAHKDFFAILURE);
+	}
+
+    uint8_t salt[32] = {	0x68, 0x5e, 0x4e, 0xbe, 0xf2, 0xbe, 0xb9, 0xd5, 0x13, 
+    						0x7c, 0x14, 0x71, 0x20, 0xfb, 0x42, 0x32, 0x54, 0x12,
+    						0x3e, 0x31, 0xa6, 0x89, 0x4c, 0xe0, 0x58, 0x51, 0x0e,
+    						0x26, 0xb0, 0xdd, 0x78, 0x55    };
+
+    uint8_t * FWKEY = calloc(1, sizeof(uint8_t)*HKDF_KEY_SIZE);
+    ret = mbedtls_hkdf(md_info, salt, sizeof(salt), FW_ID, SHA256_DGST_SIZE,
+              ALIAS, sizeof(ALIAS), FWKEY, HKDF_KEY_SIZE);
+
+    if(ret < DIMASUCCESS)
+	{
+		perror("DIMAHKDFFAILURE\n");
+		exit(DIMAHKDFFAILURE);
+	}
+
+	KeyDrv_context ALIAS_ctx;
+	ALIAS_ctx.ENT_MODE = DFL_ENT;
+	ALIAS_ctx.PKC_MODE = DFL_PKC;
+	ALIAS_ctx.seed = FWKEY;
+	ALIAS_ctx.phrase = ALIAS;
+	ALIAS_ctx.KEY_FORM = DFL_FORM;
+
+	printf("Generating Alias keys\n");
+
+	ret = AsymmKeyGen(&ALIAS_ctx);
+	if(ret < DIMASUCCESS)
+	{
+		perror("DIMAFAILURE : ALIAS key gen failed\n");
+		exit(DIMAFAILURE);
+	}
+
+
+
+	//Session key creation
+	//receive session nonce from verifier?
+	//placeholder 
+	char * nonce = "session1";
+
+	KeyDrv_context SSN_ctx;
+	SSN_ctx.ENT_MODE = SW_PRNG;
+	SSN_ctx.PKC_MODE = DFL_PKC;
+	SSN_ctx.seed = FWKEY;
+	SSN_ctx.phrase = nonce;
+	SSN_ctx.KEY_FORM = DFL_FORM;
+
+	printf("Generating Session keys\n");
+
+	ret = AsymmKeyGen(&SSN_ctx);
+	if(ret < DIMASUCCESS)
+	{
+		perror("DIMAFAILURE : SESSION key gen failed\n");
+		exit(DIMAFAILURE);
+	}
+
 	printf("Successful exit\n");
 
 	return;
diff --git a/trial4/out/main b/trial4/out/main
index 12124116308a6361aee72f0d4eae2183a03751d5..e73f4e2ff5caaac4b3349c8ed206f678f9d21e2a 100755
GIT binary patch
delta 4471
zcmaJ_4OmoV7QS=AKtz5;6bS|em0~am$xUaMF+RMw6eS4NvMHPRQ#?u{rfECqFy%z^
ztopS@ZEm)^k6Z0-nP?e_klHt8mgtuGmw%;QegZ@kN^SN%_s$?-&+<HQzVp53yyrdV
zyL0E$n(c;~?S}PD0Y}p$?dNFPhU2@#@>6y1hUIS=j*s}}S9Mhz^TVbdJe6ciY}ypj
z5V5DVwnnZQBF{6`ruugV4!wJnBq`3}dn5Vn5#7FP+L|P888^aej+7)d<eJ;<vZuM-
zZX#Eo50)f{<_fm;l3?#{6l`0NV70k|ZQm`}js=3f7a-XCy@Kt$DA)(b1gpD4un*4(
zw(Cy8>JJFEd!k?s9}Cu4C)h^|1>18-u)PI>?Q0S2<21p<Zv=Dg5?1!f1;IX@FWCMM
z1^X;Uumh_E`yA^prU-WM>4sZKQ1NxQTXEQ@K%io)CnHsiRGj7wBLOZ0*bs~k)K{<)
ztO?Z)JtElQ`vm(h)PC6|*jKPeJ`n8duLL_9F4(cvf*l_r*a_<sf}J!9_RUqnPE8l=
zbgE!y@&!8^CfK=O3-)b_VBc*K?7Ty;3ps*)e?~C%LBX0I5Ud3wX&o<E+g8DT_(rhy
z6@qol-fe{91_Q}HaaEI@L9(5*w<^wxCZ*cbMVtR)M)!^kE3n6I$#D+97$HfPos_FM
z4%O+_rPiS>#kS9=pN6eoJEE1;x(o5@D!_W{uWKiGKiFhYxa|2@VIiTOR^DNM5Ic%<
zhy!^T<y?3!`$D(X6XrCpBf?=nQIMT@6o*Sq0@=-_ms6yHN+ZmzP9TlWAyqoDf-M)T
zq}nc4MW#;zTZbj#ii53pu^Iv&K`Z&hxA8|}VU<+&JxuTBvI>P&W26nBaI5dqaGmA{
zX?He~*DKYmcb;;mZ^A_IE*qjYVw2Atxj5+52#9c+kHe^kf8t_fQsVYrO+~L_d%9Pu
z7>CqOD(u9zy>VH%*RSv8V<KZC4$xF=PoI%0YP^V}m*+;_=@(C&?jG)ljFIR3$lr{7
zAZv9G>9SW|p$aZ_xYn0>M>qnX(4n%+I+RKfCIYuwvh^A&RzT&SDNyO*8KdGO_E5YY
zpj2ms5S_J$uN)OWbxphxr|44GKyb4O<LcwFH&)C7%~Yb<OBx2|8?}7XSWo^~%Kt(?
zB(DxR*uI5!oaXK@kj%Nl6Gt26>sNS6^oY<Sv^5=B4fM`X7xwb9(Mi_lAQVp+8nM;W
zUuk6$(*HuS9f0)M2xMXRMcO?^yCaCfO+Dgqrrp2OU_1lK@Wn)e?d#E713l8}i`qc<
zV6^)Dj!^$`T46ppIwW)rF)SzEAmV+shfj;TJ@~b;G^jldK19)_^<Ye)$ViF|qe!!+
zz{BcNPhH_}McoxOS<{l?uQ&wcoeY(vouH6Z^JRWDD%NioHq?K1^SCjwet)I)nr=R0
zOzhZ7TK}#aQ;kJQWKO1y+n`;Sb^jH<ZcME8AR^GoW-5X<8g;kP<G!oAXFTrTbXW2`
zQCxS89=A$&GdymE?#}hN^Wo|*qtygB^!W{=r8Ypn%i6In2!YBX)YDb2z03=u(*vF|
z((r@|7iVwGq@W%m45hi<O7gs?;Zk>Z^Zn6tWM>z@{nixgE0+d65z7KG4EkbGgS)i6
zN~C{4Bdr51l>xqq@JTvO?GDD*_RFW~48|7_-f_|Gwt9v;I3R}t4k7?JO?xn&Lijs6
zP6Hl{k0kt0I!+TGj9(1`zT~3&E-FB0FgV~W1>}ODm0sef$cw|M^v}YKOMF92x}k`F
z5)&gEFLE_znrST+bFep*YKE5&UINa^k0OhnnkNC_<9-K-iiqg0PX0jbG`=}*xE$TZ
z8)6-@p^MKn{{G=To#3be%T}#w-f#p5Az81QMir`20hCIIRt;ZOtPzzKAd<EZ5rKp4
z#7l6eR1uDXxx}%*lN;h<f?5cz28zfp+PNt%Qa;~K;^i3~yeckHPU__E#62sQw`*#u
zsKyO7CBwjE#GbAui%^f6hkww@dey8%B-Qw~UEA)brkFTRwrgsx5$aKMrcG1R)5g=r
z#rXwNRBjtD8aLXnI{@oRZG82(^>gN7jh5!p*6UhH`<b6XVyh=3RU`l`Ch!FUt91}M
zcC<otBz+YAMS#;xL~1T}``rQNw(-Z~Cnlw1w_j=@xlVH=C0uP8kPz6$8{!l46A<CB
zAB6y0J^htdrXk_;p-9-@rg5pH5i(XGAJm;5w-j!}oA`264-bsXYvEH8k^;*?p})#n
zTX<PQgkK?X#<uY16Oyd4ec(%=vDpuR)L^S86Z^+~5D-SepEVCqe3Aq>?7bww>A7yW
z)GM^BySwRQPEwa*Z(vh2+fV($`4UZJ<c;(<5ZVw<!+pDz-#b1!J>(a2pQK!-O|!3Z
zL0@W7D}QbL==6`E_vW$_DYc(U66n{LI=q#)kB`jv{l%&${E+%4pnm<<p@=THk$@Wq
zVo?XgZEWTbO-Kry1q%Hb_N#ougow<!#QF306l*S`br;t9_4g>KF<^<VPPTe7`t>)1
z!dj`WcKr=);Vl!K@+_6FoR~Cf6K>8oUnrBCdHuvuzg`Yd?I2;*`njR^%@;J+pQ^y!
z09WVj85p<X0uN72N~;;-Z6E|fZT2tqM}>_3s9ZyUnn|Qi^Ho|;xxmX4Cs^OW8r>LC
z$7P>L&Ct`~H1DFAuJaUc5Alcy$A|gmliNg*Dvhez?v?v85*v_(8^u7NQe!k%Q_c%m
z2cXn5<g7c-55`1J@4()td*>$y$7;7#DL7WL6j}<h9ba2!Tk><93F*N`X}01tk<GI>
zu4g;0<RqR~Y;FF^N7sGS)8FwWx6P*SFi9yXEnQ+PT(Y!uUL4O!Hd!sDi;Byo%<OwD
z%5O8XvMkv-vuCjYX-3K7lBLDV7A;<2)FO<Jm#i#DJ_UM$jCUI?IoXyxf{Y7F78~am
zFDfm;3#PoJynNA;#VP$s^7K6~O&^a5)j*WT^768C@4JaAuj0{1kvYGj)L61&(X!g}
zx7{z-noYF^>w(j5_dW>v_c^z_4R#mo3$Wr_x7!ytvfVh<c-UjGnXuik^I*Ti=&N9p
z@WlKB_7S|y_rbo5ubA&(pT$?5FK%<M;zAt{8;I9bDJ*W$+K=I>S(0Hz2wyTOR5qUD
zYbPbk(rLbJ(s=96vu-y&uYEt!SQX*74$6AzerO2_c}Bix_$@w{<Ul`viSX6<-H6j2
z1KWoe5GrZ-tFX@hgYN>q4)|F~in>7{pVSzrz)AdO^C#|zwN_#PsrWSZmGLq8d1XYS
z@s0R`m^wgadY{Z`!2g3mwZq=XZ#H=Ii?F{61N0xj@1yZ&B4xEf@{!7Vd00x8Zw>C)
zyf`Dgwk+i#KR#ueLjU|<J1u$0%y}k+4*KztLZq@^+z*w!|G&^b#YYO0no?_jvb=4G
z3LC8>+HkRaAHT8`B$-C@J@;hEU#9VZ%;j=^DqowKEYCIZZJEhKx5eo>Q+ab{q5Q)*
zKAjzbKpvHqB_~GJ{vm6;ESH)1b4r%nnZyq(Zx7Xu7D?B5oD#`5XD^gbB=CTlTV!Q4
z-!?N@u8gWZH}l0|@~lz(se<GHZ<FBMR*)X*?agb?@gEB&1$aAyw$#G(fTmPk6dGGv
HxJCXS3V}tx

delta 3545
zcmaJ^3s6+&6~22{T_lPiE`*0HuN8!KQAEt7Yy<_o5|fyyV5S<4LTaWGjk>KdNw;yc
zPS)+J@n}O$C#D(48k<@p*wRc9q9&$Ot0Zl;)pVlq!9|dVqVml4JNMrOw>r5qyXW<t
zbH4xl|NU92YIIdKy6ugjE2l`>vvSJY=Z}uPVineqqyxJ1<4(84zF|C-Htx(jYdc@v
zA9nD^ITg37tK_QTa!p2cc1Xvlkz0(Cq<BY18Y$D*mFa8^SG=}&$4Qc!-0$<9Eb8a7
z>UX0g$z9Zske5RSgtk+7%u8VwnDC~vw`zcX5o4LSvCrpI+(q4r^Yw1Yo}ze)Iu!Rw
zbw1p#hV_vF+u28#Vob&z13)`pzbM(O0+FZs$QV1-ur?AkKkKEZViRO@Kdp{^x_D+U
zz+TtS?{J5c>OZ)X*QRISbP-x}TZFnf<Z&r5J(9CqXWsze<*@*U_0ovARO4HW7XZbR
zAI{~9dTB;nYUu2=M2XGWeN-729qZ;Kch7z3YdsoTogmO^FP(~uH_T+Txrf^066NDP
z6cIlzB9&bs;8P!tv8mQR%8j?onTP&v*COz9*73LWiUkatBY-`EkicHh7G=A_-aYIc
z#}z&kUL)6iv73Gu9~Zrt`MHl_Hevv0c>ztL{~6BC<LofbUfxUc_{=dCX6AjYUeDWG
zt05B|jQlT3)sJPQUhCtpcv9WlLu<xQkL|n5qsR|Y+@FJR22yIZBcku7Psf`Kp<JW#
zE;T`K4TnDaE{#qwC7)(J3AxQCv_z(p9Ua{PT2VdpWP-`Di>rHG@B6oLvoIU{=1+xr
z(QmF4rsO{k&k8fqZ<Yu%-*5gvn9Ka81!ldD7eA8&{@Fdmsy4j8-_<tn$QU4!2U#lJ
z6mQB6%}?RseXhd94kzwlP#qVH;JIBEodQSk&AYVSv{asdn>tNX#&iFmeP2Hc!#E#?
z3jgY&8Hq857S?Zf(NgG*e!m0y5!R1%(H`i#S>M$~_0S!x+q>u+=;f?0>>?lZIjm3X
zB2!X~DT{Sum(SM{g>DwMnlMCho<`rHvZP#{gSI9m$k%Ss!KA!N3b1&I_v4+!dx`hM
zJMH7q*f$(28$zxI`(zY40GB#&lcJOJau{PQ)i8W8c0m&dqx2R^X=UaCQq<rda6QUU
zXKE&GOI|GR?V=mWOB@vptwP^J8qdwRb<~gH6Fkp}Li?FSOQ*)~kXFz;Z8wnYUe6GB
zQ7vwiTFD*>9-FvECET?}>`hCC;(4N0@hm(9M*ENQ{&SjFR5sMI@p30MrbO%BqTeUk
zLavKG`^lD^qB}#+Cr_p~QWwclof_Y?n?Zc5Lec9uG6dgd&P5w8I?x`(_ah+Ly;+pM
zhwo0V;eh-5`0f#v1z%@7^ObkE(>ZgJVFu^lY$KmJ#*oJPS8ZgPuzl$}Bhk@oBM7yy
zgUPrqeh1;KV<Fki2=3(IbPjq%5DXW!VL8!!te@n7*T#j^n>T#EqluWFc!l)s6qc55
z`47DJr1rAuwUuzfd%+2RXrtw6<^^BC>vsJc1e|sJExnS11c?(Wd0-xw${ax>L6q+B
zn`2<se~3F(wFl$ww9<t%OZvW$!0Foxq|@~U@^sER7KWdlK#wf|sK;6<E8XIFW)S?S
z20kUgEKC}>h`}$l1})jagxs!ffE2GQ-zRAPioL=-is@*3Y=kd(kv!{u18P2s;VMx>
z>5l_iAIZahx{W&0;~mv#dVlT#&Q*t6@ql`O6sbNf@C05Bjn*f;O^W+8gUTOR?uT6N
z9_EZZpp_fJR1V#sw<ks~`0WF8!#H<tFqI{PR90}n;|lEBmFt7k;U3dksehuS!ZjkW
zSCuWiSB+x)EX4Q;0QEOou5BCZyP(%Yk<?ew3cDcj_?>kuBs<@5>ln6`d5qyD)U=W}
z!z<suPVt$RhZ~1WQbDa4%a{J~oK(MTp=Fs5KlUMl>JAVAZ*6lybXK!whWIx*2d1dI
zI~W(&On=O@<os<|U_sSDI$i%13t}M_l*K)oR222vtgK&9Daw*2Ul>L+EK!bj<g2^1
zuq)i(vjda7{~$Cn(!-PSxB~3*kXVl_pZY;?AVoAh$~n`8{%6)Rp=&oauEy?iW$I(2
z%;}iz`r+yhME-ibpsb*Dj{97}!h!{Jz2<8XiPA#FJBj7|0{6fi_no;DuPV;g5arVW
zy}GT5Op_KSDHW?$txhaky>?Z3k~H7GVnxNebuZXgC01;BaXo5FQuPw+JlSAgXECn}
zm8w6QT%&X3UH17-AQXSi=WB(uK<<RhZSwhs;ig^*nF{HIEQEXyvK-O@mTy9yh1?4n
zf_v%&<O{f*uRt!qADUsZBrV2ukqUVVaup<gvTBcR<1><OLpXht9U*VON;k8u@|tfc
zdFlj5`c<C~um0c@4{b3%8DN&p-h#03&GM|#BPvH37{~F~@X13w4stMFIu!pk+|$1&
z{ujiv5x*o!u|oyqueA!?;A?zt(WR*-M+OFvjrVV`jee4WVT_8$!t-#uJcor2#h;Y}
z@jS#gVo+_6L-A%^AifxW1p^ETs;}4T7b4{~ourp0_t2)C;$e&Mi;<qskF36!v&ew2
zm-X~Wp2GiNY|66^FR94@{{J4m6fQM9&>tZM{)4$UMK6t&mSt7<797;Y&W#cgZNgCh
zgpVwRNk59BW3!6o@+lNr_!Iexl{OVx<wF^CxX?PXH9_P&N6m$0a!C@+EIJE<6kA*@
zuZXT*UOYjT8!~8%QY`0Z&{xXAk=p(ush^URXnKFnO8Jo#3N6_uZ;GPBC06;9=<07v
xe)*96fsr<rT0;YiM9sscxe<Z21!OYylxBqnRt9d_Wx1itvIHqCY;D;-`F~1Yf{y?I