int crypt_new_1a(crypt_t c, unsigned char *key, int len)
{
unsigned char hash[32];
crypt_1a_t cs;
if(!key || len <= 0) return 1;
c->cs = malloc(sizeof(struct crypt_1a_struct));
memset(c->cs, 0, sizeof (struct crypt_1a_struct));
cs = (crypt_1a_t)c->cs;
if(len == uECC_BYTES*2)
{
memcpy(cs->id_public,key,uECC_BYTES*2);
}else{
// try to base64 decode in case that's the incoming format
if(key[len] != 0 || base64_binlength((char*)key,0) != uECC_BYTES*2 || base64dec(cs->id_public,(char*)key,0)) return -1;
}
// generate fingerprint
crypt_hash(cs->id_public,uECC_BYTES*2,hash);
// create line ephemeral key
uECC_make_key(cs->line_public, cs->line_private);
// alloc/copy in the public values (free'd by crypt_free)
c->part = malloc(32*2+1);
c->keylen = uECC_BYTES*2;
c->key = malloc(c->keylen);
memcpy(c->key,cs->id_public,uECC_BYTES*2);
util_hex(hash,32,(unsigned char*)c->part);
return 0;
}
int main(void) {
uint32_t err_code;
uint32_t time0, time1;
LOG("Starting LFCLK");
err_code = nrf_drv_clock_init();
APP_ERROR_CHECK(err_code);
nrf_drv_clock_lfclk_request(NULL);
LOG("Starting RTC");
err_code = nrf_drv_rtc_init(&rtc, NULL, &rtc_handler);
APP_ERROR_CHECK(err_code);
nrf_drv_rtc_tick_enable(&rtc, false);
nrf_drv_rtc_enable(&rtc);
LOG("Starting RNG");
err_code = nrf_drv_rng_init(NULL);
APP_ERROR_CHECK(err_code);
while (1) {
/* get a random key */
time0 = nrf_drv_rtc_counter_get(&rtc);
uECC_make_key(public_key, private_key);
time1 = nrf_drv_rtc_counter_get(&rtc);
LOG("Key time was %u ", time1 - time0);
/* use the key to sign the hash */
time0 = nrf_drv_rtc_counter_get(&rtc);
uECC_sign(private_key, hash, signature);
time1 = nrf_drv_rtc_counter_get(&rtc);
LOG("Sig Time was %u ", time1 - time0);
/* verify the signature */
time0 = nrf_drv_rtc_counter_get(&rtc);
uECC_verify(public_key, hash, signature);
time1 = nrf_drv_rtc_counter_get(&rtc);
LOG("Verify Time was %u ", time1 - time0);
time0 = nrf_drv_rtc_counter_get(&rtc);
uECC_shared_secret(public_key, private_key, secret);
time1 = nrf_drv_rtc_counter_get(&rtc);
LOG("SS Time was %u ", time1 - time0);
time0 = nrf_drv_rtc_counter_get(&rtc);
sha256_init(&context);
sha256_update(&context, message, 20);
sha256_final(&context, shahash);
time1 = nrf_drv_rtc_counter_get(&rtc);
LOG("SHA Time was %u ", time1 - time0);
}
return 0;
}
int
yacl_create_key_pair(uint8_t public_key[YACL_P256_COORD_SIZE*2],
uint8_t private_key[YACL_P256_COORD_SIZE])
{
int rc;
rc = uECC_make_key(public_key, private_key);
rc = (rc == 1) ? 0 : 1;
return rc;
}
uint8_t cipher_generate(lob_t keys, lob_t secrets)
{
uint8_t secret[uECC_BYTES], key[uECC_BYTES*2], comp[uECC_BYTES+1];
if(!uECC_make_key(key, secret)) return 1;
uECC_compress(key,comp);
lob_set_base32(keys,"1a",comp,uECC_BYTES+1);
lob_set_base32(secrets,"1a",secret,uECC_BYTES);
return 0;
}
uint8_t cipher_generate(lob_t keys, lob_t secrets)
{
uint8_t secret[SECRET_BYTES], key[KEY_BYTES], comp[COMP_BYTES];
if(!uECC_make_key(key, secret, curve)) return 1;
uECC_compress(key,comp, curve);
lob_set_base32(keys,"1c",comp,COMP_BYTES);
lob_set_base32(secrets,"1c",secret,SECRET_BYTES);
return 0;
}
int
yacl_create_key_pair(uint8_t public_key[YACL_P256_COORD_SIZE*2],
uint8_t private_key[YACL_P256_COORD_SIZE])
{
int rc;
rc = uECC_make_key(public_key, private_key);
if (rc == 1)
return 0;
else
return 1;
}
int main(int argc, char **argv)
{
unsigned l_num = 1;
unsigned i, j;
if(argc > 1)
{
l_num = strtoul(argv[1], NULL, 10);
}
randfd = open("/dev/urandom", O_RDONLY);
if(randfd == -1)
{
printf("No access to urandom\n");
return -1;
}
uint8_t l_private[uECC_BYTES];
uint8_t l_public[uECC_BYTES*2];
uint8_t base64enc[uECC_BYTES*4];
for(i=0; i<l_num; ++i)
{
uECC_set_rng(&getRandomBytes);
uECC_make_key(l_public, l_private);
base64_encode(base64enc, l_private, uECC_BYTES);
printf("Private_key_%u= \"", i);
printf(base64enc);
printf("\";\n");
printf("uint8_t private_%u[NUM_ECC_DIGITS] = {", i);
vli_print(l_private);
printf("};\n");
base64_encode(base64enc, l_public, uECC_BYTES*2);
printf("Public_key_%u= \"", i);
printf(base64enc);
printf("\";\n");
printf("uint8_t public_%u[2*NUM_ECC_DIGITS] = {", i);
vli_print(l_public);
vli_print(l_public+uECC_BYTES);
printf("};\n\n");
}
return 0;
}
int crypt_keygen_1a(packet_t p)
{
char b64[uECC_BYTES*4];
uint8_t id_private[uECC_BYTES], id_public[uECC_BYTES*2];
// create line ephemeral key
uECC_make_key(id_public, id_private);
base64enc(b64,id_public,uECC_BYTES*2);
packet_set_str(p,"1a",b64);
base64enc(b64,id_private,uECC_BYTES);
packet_set_str(p,"1a_secret",b64);
return 0;
}
PKIError GenerateCAKeyPair (ByteArray *caPrivateKey, ByteArray *caPublicKey)
{
FUNCTION_INIT();
CHECK_NULL(caPrivateKey, ISSUER_NULL_PASSED);
CHECK_NULL(caPrivateKey->data, ISSUER_NULL_PASSED);
CHECK_NULL(caPublicKey, ISSUER_NULL_PASSED);
CHECK_NULL(caPublicKey->data, ISSUER_NULL_PASSED);
CHECK_COND(uECC_make_key(caPublicKey->data, caPrivateKey->data), ISSUER_MAKE_KEY_ERROR);
caPublicKey->len = PUBLIC_KEY_SIZE;
caPrivateKey->len = PRIVATE_KEY_SIZE;
CHECK_CALL(InitCKMInfo);
CHECK_CALL(SetCAPrivateKey, caPrivateKey);
CHECK_CALL(SetCAPublicKey, caPublicKey);
CHECK_CALL(SaveCKMInfo);
FUNCTION_CLEAR();
}
remote_t remote_new(lob_t key, uint8_t *token)
{
uint8_t hash[32];
remote_t remote;
if(!key || key->body_len != uECC_BYTES+1) return LOG("invalid key %d != %d",(key)?key->body_len:0,uECC_BYTES+1);
if(!(remote = malloc(sizeof(struct remote_struct)))) return NULL;
memset(remote,0,sizeof (struct remote_struct));
// copy in key and make ephemeral ones
uECC_decompress(key->body,remote->key);
uECC_make_key(remote->ekey, remote->esecret);
uECC_compress(remote->ekey, remote->ecomp);
if(token)
{
cipher_hash(remote->ecomp,16,hash);
memcpy(token,hash,16);
}
// generate a random seq starting point for message IV's
e3x_rand((uint8_t*)&(remote->seq),4);
return remote;
}
void ecdsa_keygen(unsigned char skey[ECDSA_SKEY_SIZE], unsigned char pkey[ECDSA_PKEY_SIZE]) {
uECC_make_key(pkey, skey);
}
int main(void)
{
printf("micro-ecc compiled!\n");
const struct uECC_Curve_t *curve = uECC_secp256r1();
int i, errorc = 0;
int curve_size = uECC_curve_private_key_size(curve);
int public_key_size = uECC_curve_public_key_size(curve);
uint8_t l_secret1[curve_size];
uint8_t l_secret2[curve_size];
/* reserve space for a SHA-256 hash */
uint8_t l_hash[32] = { 0 };
uint8_t l_sig[public_key_size];
printf("Testing %d random private key pairs and signature using HWRNG\n", TESTROUNDS);
uint8_t l_private1[curve_size];
uint8_t l_private2[curve_size];
uint8_t l_public1[public_key_size];
uint8_t l_public2[public_key_size];
for (i = 0; i < TESTROUNDS; ++i) {
printf(".");
if (!uECC_make_key(l_public1, l_private1, curve) || !uECC_make_key(l_public2, l_private2, curve)) {
printf("\nRound %d: uECC_make_key() failed", i);
errorc++;
}
else {
if (!uECC_shared_secret(l_public2, l_private1, l_secret1, curve)) {
printf("\nRound %d: shared_secret() failed (1)", i);
errorc++;
}
else {
if (!uECC_shared_secret(l_public1, l_private2, l_secret2, curve)) {
printf("\nRound: %d: shared_secret() failed (2)", i);
errorc++;
}
else {
if (memcmp(l_secret1, l_secret2, sizeof(l_secret1)) != 0) {
printf("\nShared secrets are not identical!\n");
errorc++;
}
/* copy some bogus data into the hash */
memcpy(l_hash, l_public1, 32);
if ((uECC_sign(l_private1, l_hash, sizeof(l_hash), l_sig, curve)) != 1) {
printf("\nRound %d: uECC_sign() failed", i);
errorc++;
}
else {
if ((uECC_verify(l_public1, l_hash, sizeof(l_hash), l_sig, curve)) != 1) {
printf("\nRound %d: uECC_verify() failed", i);
errorc++;
}
}
}
}
}
}
printf(" done with %d error(s)\n", errorc);
if (errorc) {
puts("FAILURE");
return 1;
}
else {
puts("SUCCESS");
return 0;
}
}
int main(void)
{
printf("micro-ecc compiled!\n");
int i, errorc = 0;
uint8_t l_private1[uECC_BYTES];
uint8_t l_private2[uECC_BYTES];
uint8_t l_public1[uECC_BYTES * 2];
uint8_t l_public2[uECC_BYTES * 2];
uint8_t l_secret1[uECC_BYTES];
uint8_t l_secret2[uECC_BYTES];
uint8_t l_hash[uECC_BYTES];
uint8_t l_sig[uECC_BYTES * 2];
/* initialize hardware random number generator */
random_init();
/* power off RNG to save energy */
random_poweroff();
printf("Testing %d random private key pairs and signature\n", TESTROUNDS);
for (i = 0; i < TESTROUNDS; ++i) {
printf(".");
if (!uECC_make_key(l_public1, l_private1) || !uECC_make_key(l_public2, l_private2)) {
printf("\nRound %d: uECC_make_key() failed", i);
errorc++;
}
else {
if (!uECC_shared_secret(l_public2, l_private1, l_secret1)) {
printf("\nRound %d: shared_secret() failed (1)", i);
errorc++;
}
else {
if (!uECC_shared_secret(l_public1, l_private2, l_secret2)) {
printf("\nRound: %d: shared_secret() failed (2)", i);
errorc++;
}
else {
if (memcmp(l_secret1, l_secret2, sizeof(l_secret1)) != 0) {
printf("\nShared secrets are not identical!\n");
errorc++;
}
memcpy(l_hash, l_public1, uECC_BYTES);
if ((uECC_sign(l_private1, l_hash, l_sig)) != 1) {
printf("\nRound %d: uECC_sign() failed", i);
errorc++;
}
else {
if ((uECC_verify(l_public1, l_hash, l_sig)) != 1) {
printf("\nRound %d: uECC_verify() failed", i);
errorc++;
}
}
}
}
}
}
printf(" done with %d error(s)\n", errorc);
if (errorc == 0) {
return 0;
}
else {
return 1;
}
}
