TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key,
struct ecc_public_key *public_key,
void *secret,
unsigned long *secret_len)
{
TEE_Result res = TEE_SUCCESS;
int lmd_res = 0;
uint8_t one[1] = { 1 };
mbedtls_ecdh_context ecdh;
size_t out_len = 0;
memset(&ecdh, 0, sizeof(ecdh));
mbedtls_ecdh_init(&ecdh);
lmd_res = mbedtls_ecp_group_load(&ecdh.grp, private_key->curve);
if (lmd_res != 0) {
res = TEE_ERROR_NOT_SUPPORTED;
goto out;
}
ecdh.d = *(mbedtls_mpi *)private_key->d;
ecdh.Qp.X = *(mbedtls_mpi *)public_key->x;
ecdh.Qp.Y = *(mbedtls_mpi *)public_key->y;
mbedtls_mpi_read_binary(&ecdh.Qp.Z, one, sizeof(one));
lmd_res = mbedtls_ecdh_calc_secret(&ecdh, &out_len, secret,
*secret_len, mbd_rand, NULL);
if (lmd_res != 0) {
res = get_tee_result(lmd_res);
goto out;
}
*secret_len = out_len;
out:
/* Reset mpi to skip freeing here, those mpis will be freed with key */
mbedtls_mpi_init(&ecdh.d);
mbedtls_mpi_init(&ecdh.Qp.X);
mbedtls_mpi_init(&ecdh.Qp.Y);
mbedtls_ecdh_free(&ecdh);
return res;
}
int dslink_init(int argc, char **argv,
const char *name, uint8_t isRequester,
uint8_t isResponder, DSLinkCallbacks *cbs) {
mbedtls_ecdh_context ctx;
DSLinkConfig config;
Url *url = NULL;
json_t *handshake = NULL;
char *dsId = NULL;
Socket *sock = NULL;
DSLink link;
memset(&link, 0, sizeof(DSLink));
int ret = 0;
config.name = name;
if ((ret = dslink_parse_opts(argc, argv, &config)) != 0) {
if (ret == DSLINK_ALLOC_ERR) {
log_fatal("Failed to allocate memory during argument parsing\n");
}
return 1;
}
// TODO: move .key as a parameter
if ((ret = dslink_handshake_key_pair_fs(&ctx, ".key")) != 0) {
if (ret == DSLINK_CRYPT_KEY_DECODE_ERR) {
log_fatal("Failed to decode existing key\n");
} else if (ret == DSLINK_OPEN_FILE_ERR) {
log_fatal("Failed to write generated key to disk\n");
} else if (ret == DSLINK_CRYPT_KEY_PAIR_GEN_ERR) {
log_fatal("Failed to generated key\n");
} else {
log_fatal("Unknown error occurred during key handling: %d\n", ret);
}
ret = 1;
goto exit;
}
url = dslink_url_parse(config.broker_url);
if (!url) {
log_fatal("Failed to parse url: %s\n", config.broker_url);
ret = 1;
goto exit;
}
if (isResponder) {
link.responder = calloc(1, sizeof(Responder));
if (!link.responder) {
log_fatal("Failed to create responder\n");
goto exit;
}
if (dslink_init_responder(link.responder) != 0) {
log_fatal("Failed to initialize responder\n");
goto exit;
}
}
if (cbs->init_cb) {
cbs->init_cb(&link);
}
if ((ret = dslink_handshake_generate(url, &ctx, config.name,
isRequester, isResponder,
&handshake, &dsId)) != 0) {
log_fatal("Handshake failed: %d\n", ret);
ret = 1;
goto exit;
}
const char *uri = json_string_value(json_object_get(handshake, "wsUri"));
const char *tKey = json_string_value(json_object_get(handshake, "tempKey"));
const char *salt = json_string_value(json_object_get(handshake, "salt"));
if (!(uri && tKey && salt)) {
log_fatal("Handshake didn't return the "
"necessary parameters to complete\n");
ret = 1;
goto exit;
}
if ((ret = dslink_handshake_connect_ws(url, &ctx, uri,
tKey, salt, dsId, &sock)) != 0) {
log_fatal("Failed to connect to the broker: %d\n", ret);
ret = 1;
goto exit;
} else {
log_info("Successfully connected to the broker\n");
}
if (cbs->on_connected_cb) {
cbs->on_connected_cb(&link);
}
link._socket = sock;
dslink_handshake_handle_ws(&link);
// TODO: automatic reconnecting
log_warn("Disconnected from the broker\n")
if (cbs->on_disconnected_cb) {
cbs->on_disconnected_cb(&link);
}
exit:
mbedtls_ecdh_free(&ctx);
DSLINK_CHECKED_EXEC(dslink_socket_close, sock);
if (link.responder) {
if (link.responder->super_root) {
dslink_node_tree_free(NULL, link.responder->super_root);
}
if (link.responder->open_streams) {
DSLINK_MAP_FREE(link.responder->open_streams, {
free(entry->key);
free(entry->value);
});
int main( int argc, char *argv[] )
{
int ret;
mbedtls_ecdh_context ctx_cli, ctx_srv;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
unsigned char cli_to_srv[32], srv_to_cli[32];
const char pers[] = "ecdh";
((void) argc);
((void) argv);
mbedtls_ecdh_init( &ctx_cli );
mbedtls_ecdh_init( &ctx_srv );
mbedtls_ctr_drbg_init( &ctr_drbg );
/*
* Initialize random number generation
*/
mbedtls_printf( " . Seeding the random number generator..." );
fflush( stdout );
mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers,
sizeof pers ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Client: inialize context and generate keypair
*/
mbedtls_printf( " . Setting up client context..." );
fflush( stdout );
ret = mbedtls_ecp_group_load( &ctx_cli.grp, MBEDTLS_ECP_DP_CURVE25519 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_gen_public( &ctx_cli.grp, &ctx_cli.d, &ctx_cli.Q,
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_gen_public returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_write_binary( &ctx_cli.Q.X, cli_to_srv, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Server: initialize context and generate keypair
*/
mbedtls_printf( " . Setting up server context..." );
fflush( stdout );
ret = mbedtls_ecp_group_load( &ctx_srv.grp, MBEDTLS_ECP_DP_CURVE25519 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_gen_public( &ctx_srv.grp, &ctx_srv.d, &ctx_srv.Q,
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_gen_public returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_write_binary( &ctx_srv.Q.X, srv_to_cli, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Server: read peer's key and generate shared secret
*/
mbedtls_printf( " . Server reading client key and computing secret..." );
fflush( stdout );
ret = mbedtls_mpi_lset( &ctx_srv.Qp.Z, 1 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_read_binary( &ctx_srv.Qp.X, cli_to_srv, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_compute_shared( &ctx_srv.grp, &ctx_srv.z,
&ctx_srv.Qp, &ctx_srv.d,
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Client: read peer's key and generate shared secret
*/
mbedtls_printf( " . Client reading server key and computing secret..." );
fflush( stdout );
ret = mbedtls_mpi_lset( &ctx_cli.Qp.Z, 1 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_read_binary( &ctx_cli.Qp.X, srv_to_cli, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_compute_shared( &ctx_cli.grp, &ctx_cli.z,
&ctx_cli.Qp, &ctx_cli.d,
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Verification: are the computed secret equal?
*/
mbedtls_printf( " . Checking if both computed secrets are equal..." );
fflush( stdout );
ret = mbedtls_mpi_cmp_mpi( &ctx_cli.z, &ctx_srv.z );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
exit:
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
mbedtls_ecdh_free( &ctx_srv );
mbedtls_ecdh_free( &ctx_cli );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return( ret != 0 );
}
int broker_handshake_handle_ws(Broker *broker,
Client *client,
const char *dsId,
const char *auth,
const char *wsAccept) {
ref_t *oldDsId = NULL;
ref_t *ref = dslink_map_remove_get(&broker->client_connecting,
(char *) dsId);
if (!ref) {
return 1;
}
RemoteDSLink *link = ref->data;
dslink_decref(ref);
if (link->name) {
dslink_map_remove(&broker->client_connecting,
(char *) link->name);
}
if (!(auth && link->auth->pubKey)) {
return 1;
}
uv_timer_t *ping_timer = NULL;
int ret = 0;
{ // Perform auth check
char expectedAuth[90];
if (dslink_handshake_gen_auth_key(&link->auth->tempKey,
link->auth->pubKey,
link->auth->salt,
(unsigned char *) expectedAuth,
sizeof(expectedAuth)) != 0) {
ret = 1;
goto exit;
}
if (strcmp(expectedAuth, auth) != 0) {
ret = 1;
goto exit;
}
}
DownstreamNode *node = NULL;
int pendingUpdateList = 0;
{ // Handle retrieval of the downstream node
ref = dslink_map_get(broker->downstream->children,
(char *) link->name);
if (!ref) {
node = broker_init_downstream_node(broker->downstream, link->name);
if (!node) {
ret = 1;
goto exit;
}
oldDsId = dslink_ref(dslink_strdup(dsId), dslink_free);
if (broker->downstream->list_stream) {
pendingUpdateList = 1;
}
broker_downstream_nodes_changed(broker);
} else {
node = ref->data;
oldDsId = node->dsId;
}
}
if (node->link) {
Client *c = node->link->client;
broker_close_link(node->link);
uv_poll_t *poll = c->poll;
dslink_socket_free(c->sock);
dslink_free(c);
uv_close((uv_handle_t *) poll, broker_free_handle);
}
// add permission group to link
json_t *group = json_object_get(node->meta, "$$group");
permission_groups_load(&link->permission_groups, dsId, json_string_value(group));
link->client = client;
link->dsId = oldDsId;
link->node = node;
node->dsId = oldDsId;
client->sock_data = link;
json_object_set_new(node->meta, "$$dsId", json_string_nocheck(dsId));
wslay_event_context_ptr ws;
if (wslay_event_context_server_init(&ws,
broker_ws_callbacks(),
link) != 0) {
ret = 1;
goto exit;
}
link->ws = ws;
broker_ws_send_init(client->sock, wsAccept);
ping_timer = dslink_malloc(sizeof(uv_timer_t));
ping_timer->data = link;
uv_timer_init(link->client->poll->loop, ping_timer);
uv_timer_start(ping_timer, dslink_handle_ping, 1000, 30000);
link->pingTimerHandle = ping_timer;
// set the ->link and update all existing stream
broker_dslink_connect(node, link);
if (pendingUpdateList) {
update_list_child(broker->downstream,
broker->downstream->list_stream,
link->name);
}
log_info("DSLink `%s` has connected\n", dsId);
exit:
mbedtls_ecdh_free(&link->auth->tempKey);
dslink_free((void *) link->auth->pubKey);
dslink_free(link->auth);
link->auth = NULL;
if (ret != 0) {
dslink_map_free(&link->requester_streams);
dslink_map_free(&link->responder_streams);
dslink_free((char *)link->path);
dslink_free(link);
if (ping_timer) {
uv_timer_stop(ping_timer);
uv_close((uv_handle_t *) ping_timer, broker_free_handle);
}
}
return ret;
}
