anandatul144/DIMA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
a103031539
DIMA/ch-resp-self/Stage2.c
atul.jha 8573d2bc2a challenge response self
2021-01-20 13:31:58 +01:00

218 lines
4.5 KiB
C
Raw Blame History

#include "Stage2.h"
/*
Client_info
const char * cli_ID;
const char * pub_file;
mbedtls_ecp_point * pub_key;
int Cli_STATUS;
int Cli_CAP;
*/
DIMASTATUS load_nodes(Client_info * Cl_list)
{
printf("PASS 20\n");
DIMASTATUS ret = 0;
int len = 0;
mbedtls_entropy_context entropy;
mbedtls_entropy_init(&entropy);
uint8_t * RAND = calloc(1, sizeof(uint8_t)*NONCE_SIZE);
if(DEBUG)
{printf("PASS 21\n");}
//load from access list?
//////////////////////////TODO////////////////////////////
//Protected accesslist must be unlocked with Alias key
//Allow access to client list only after successful DICE
//itrate over client list : perclient
Client_info Cl1_ctx;
Cl1_ctx.cli_ID = "Node1";
Cl1_ctx.pub_file = "clientkeys/Client1_pub.pem";
Cl1_ctx.Cli_STATUS = Cl_unverf;
Cl1_ctx.Cli_CAP = DFL_CAP;
//mbedtls_entropy_gather(&entropy);
ret = mbedtls_entropy_func(&entropy, RAND, sizeof(RAND));
if(ret < DIMASUCCESS)
{
perror("DIMADRBGFAILURE : Failed to gen NONCE\n");
exit(DIMADRBGFAILURE);
}
Cl1_ctx.NONCE = RAND;
/*
if(DEBUG)
{
for(int i = 0; i < NONCE_SIZE; i++)
printf("%hhx",Cl1_ctx.NONCE[i]);
printf(" : NONCE inter\n");
}
*/
//add to the client list
Cl_list[1] = Cl1_ctx;
//end perclient itetration
mbedtls_entropy_free(&entropy);
return DIMASUCCESS;
}
/* NOT USING THIS
DIMASTATUS genNONCE(Client_info * Cl_ctx)
{
//
//1. create new genNONCe session n entropy per client
//2. pass client list iterate over active clients genNONCE for all
//
mbedtls_entropy_context entropy;
mbedtls_entropy_init(&entropy);
DIMASTATUS ret = 0;
uint8_t * RAND = calloc(1, sizeof(uint8_t)*NONCE_SIZE);
if(DEBUG)printf("Pass1\n");
//mbedtls_entropy_gather(&entropy);
ret = mbedtls_entropy_func(&entropy, RAND, sizeof(RAND));
if(ret < DIMASUCCESS)
{
perror("DIMADRBGFAILURE : Failed to gen NONCE\n");
exit(DIMADRBGFAILURE);
}
if(DEBUG)printf("Pass2\n");
Cl_ctx -> NONCE = RAND;
if(DEBUG)
{
for(int i = 0; i < NONCE_SIZE; i++)
printf("%hhx",RAND[i]);
printf(" : RAND\n");
}
if(DEBUG)
{
for(int i = 0; i < NONCE_SIZE; i++)
printf("%hhx",Cl_ctx -> NONCE[i]);
printf(" : NONCE\n");
}
mbedtls_entropy_free(&entropy);
return DIMASUCCESS;
}
*/
DIMASTATUS challenge( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t *signlen)
{
DIMASTATUS ret = 0;
uint8_t* dgst = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
ret = mbedtls_sha256_ret( Cl_ctx->NONCE,NONCE_SIZE,dgst,0 );
if(ret < DIMASUCCESS)
{
perror("DIMASHAFAILURE : could not perfom SHA digest\n");
return DIMASHAFAILURE;
}
// ret = mbedtls_md(mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
// Cl_list[1].NONCE, NONCE_SIZE, hash );
if(DEBUG)
{
for (int i = 0; i < SHA256_DGST_SIZE; i++)
printf("%hhx", dgst[i]);
printf(" : sha dgst\n" );
}
//ret = mbedtls_pk_sign( &pk_ctx, MBEDTLS_MD_SHA256, dgst, SHA256_DGST_SIZE, sign, &signlen,
// mbedtls_ctr_drbg_random, &drbgCtx );
ret = mbedtls_pk_sign( pk_ctx, MBEDTLS_MD_SHA256, dgst, SHA256_DGST_SIZE, sign, signlen,
NULL,NULL );
if(ret < DIMASUCCESS)
{
perror("DIMASIGNFAILURE : could not perfom private key signature\n");
return DIMASIGNFAILURE;
}
if(DEBUG)
{
for (int i = 0; i < *signlen; i++)
printf("%hhx", sign[i]);
printf(" :signature intr\n" );
}
return DIMASUCCESS;
}
DIMASTATUS response( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t signlen)
{
//Paramer checks
if(Cl_ctx->Cli_STATUS != Cl_unverf)
{
printf("DIMAINFOMISMATCH :Client %s verification already performed. skipping to next client..", Cl_ctx->cli_ID);
return DIMAINFOMISMATCH;
}
//////
DIMASTATUS ret = 0;
uint8_t* dgst = calloc(1,sizeof(uint8_t)*SHA256_DGST_SIZE);
ret = mbedtls_sha256_ret( Cl_ctx->NONCE,NONCE_SIZE,dgst,0 );
if(ret < DIMASUCCESS)
{
perror("DIMASHAFAILURE : could not perfom SHA digest\n");
return DIMASHAFAILURE;
}
/*
if(DEBUG)
{
for(int i = 0; i < NONCE_SIZE; i++)
printf("%hhx",Cl_ctx.NONCE[i]);
printf(" : NONCE verf\n");
}
if(DEBUG)
{
for (int i = 0; i < signlen; i++)
printf("%hhx", sign[i]);
printf(" :signature verf\n" );
}
*/
ret = mbedtls_pk_verify( pk_ctx, MBEDTLS_MD_SHA256, dgst, 0, sign, signlen );
if (ret < DIMASUCCESS)
{
perror("DIMAVERIFYFAILURE : could not verify signature\n");
Cl_ctx->Cli_STATUS = Cl_fault;
return DIMAVERIFYFAILURE;
}
Cl_ctx->Cli_STATUS = Cl_verfd;
return DIMASUCCESS;
}
Reference in New Issue View Git Blame Copy Permalink