int main() { uint8_t a_pub[ECC_BYTES+1]; uint8_t a_pri[ECC_BYTES]; uint8_t b_pub[ECC_BYTES+1]; uint8_t b_pri[ECC_BYTES]; uint8_t a_secret[ECC_BYTES]; uint8_t b_secret[ECC_BYTES]; uint8_t p_signature[ECC_BYTES*2]; uint8_t a_hash[SHA256_BLOCK_SIZE]; uint8_t b_hash[SHA256_BLOCK_SIZE]; SHA256_CTX ctx; int errid = 0; int i=0; /* print ECC_CURVE parameter */ print_parameter(ECC_CURVE); /* make key */ errid = ecc_make_key(a_pub,a_pri); if(errid != 1){ printf("[ecc_make _key] error!!!"); return -1; } printf("A key pair generation completed...\n"); errid = ecc_make_key(b_pub,b_pri); if(errid != 1){ printf("[ecc_make _key] error!!!"); return -1; } printf("B key pair generation completed...\n"); /* compute shared secret */ errid = ecdh_shared_secret(b_pub,a_pri,a_secret); if(errid != 1){ printf("[ecdh_sharedS_secret]error!!!"); return -1; } printf("A shared_secret generation completed...\n"); errid = ecdh_shared_secret(a_pub,b_pri,b_secret); if(errid != 1){ printf("[ecdh_sharedS_secret]error!!!"); return -1; } printf("B shared_secret generation completed...\n"); hash_sha256(a_secret,a_hash); if(errid != 1){ printf("[hash_sha256]error!!!"); return -1; } printf("A shared_secret hash completed...\n"); hash_sha256(b_secret,b_hash); if(errid != 1){ printf("[hash_sha256]error!!!"); return -1; } printf("B shared_secret hash completed...\n"); /* sign */ errid = ecdsa_sign(a_pri,a_hash,p_signature); if(errid != 1){ printf("[ecdsa_sign]error!!!"); return -1; } /* verify */ errid = ecdsa_verify(a_pub,a_hash,p_signature); if(errid != 1){ printf("[ecdsa_verify]error!!!"); return -1; }else{ printf("success \n"); } errid = ecdsa_sign(b_pri,b_hash,p_signature); if(errid != 1){ printf("[ecdsa_sign]error!!!"); return -1; } /* verify */ errid = ecdsa_verify(b_pub,b_hash,p_signature); if(errid != 1){ printf("[ecdsa_verify]error!!!"); return -1; }else{ printf("success \n"); } return 0; }
void create_signing_string(List *http_headers, char *payload, char *region, char *longdate, char *shortdate, char **signing_string) { char *signed_request; char *canonical_request_str; create_canonical_request(http_headers, payload, &canonical_request_str); if (NULL == canonical_request_str) { puts("Failed to generate canonical request"); free(canonical_request_str); return; } hash_sha256(canonical_request_str, strlen(canonical_request_str), &signed_request); if (NULL == signed_request) { puts("Failed to create signed_request"); free(signed_request); return; } free(canonical_request_str); int signing_string_len = strlen("AWS4-HMAC-SHA256\n\n//kinesis/aws4_request\n") + strlen(longdate) + strlen(shortdate) + strlen(region) + 2*32; *signing_string = (char *)calloc(signing_string_len + 1, sizeof(char)); if (!sprintf(*signing_string, "AWS4-HMAC-SHA256\n%s\n%s/%s/kinesis/aws4_request\n%s", longdate, shortdate, region, signed_request)) { puts("Failed to create sign_string"); free(signing_string); return; } }
void create_canonical_request(List *headers, char *payload, char **canonical_request) { if (NULL == headers || NULL == payload) { puts("Invalid headers or payload list"); return; } char *header_names_line = "connection;content-length;content-type;host;user-agent;x-amz-date;x-amz-target"; char *hash_payload; hash_sha256(payload, strlen(payload), &hash_payload); if (NULL == hash_payload) { puts("Failed to generate hash payload"); return; } List *canonical_request_lines = (List *)calloc(1, sizeof(List)); add_new_item_with_data(canonical_request_lines, "POST", 4); add_new_item_with_data(canonical_request_lines, "/", 1); add_new_item_with_data(canonical_request_lines, "", 0); listcat(canonical_request_lines, headers); add_new_item_with_data(canonical_request_lines, "", 0); add_new_item_with_data(canonical_request_lines, header_names_line, strlen(header_names_line)); add_new_item_with_data(canonical_request_lines, hash_payload, 2*32); *canonical_request = join_all_lines(canonical_request_lines, "\n"); free_list(canonical_request_lines); }
//Computes HMACSHA256 on given plain text and key, outputs a string of bytes. std::string hmac_sha256(std::string key,const std::string& plain) { if(key.size()>SHA256_BLOCK_SIZE) key=hash_sha256(key); std::string o_key_pad(SHA256_BLOCK_SIZE,0x5c); std::string i_key_pad(SHA256_BLOCK_SIZE,0x36); for(size_t ii=0;ii<key.size();++ii) { o_key_pad[ii]^=key[ii]; i_key_pad[ii]^=key[ii]; } std::string hash=hash_sha256(i_key_pad+plain); return hash_sha256(o_key_pad+hash); }