int main()
{
uint8_t a_pub[ECC_BYTES+1];
uint8_t a_pri[ECC_BYTES];
uint8_t b_pub[ECC_BYTES+1];
uint8_t b_pri[ECC_BYTES];
uint8_t a_secret[ECC_BYTES];
uint8_t b_secret[ECC_BYTES];
uint8_t p_signature[ECC_BYTES*2];
uint8_t a_hash[SHA256_BLOCK_SIZE];
uint8_t b_hash[SHA256_BLOCK_SIZE];
SHA256_CTX ctx;
int errid = 0;
int i=0;
/* print ECC_CURVE parameter */
print_parameter(ECC_CURVE);
/* make key */
errid = ecc_make_key(a_pub,a_pri);
if(errid != 1){
printf("[ecc_make _key] error!!!");
return -1;
}
printf("A key pair generation completed...\n");
errid = ecc_make_key(b_pub,b_pri);
if(errid != 1){
printf("[ecc_make _key] error!!!");
return -1;
}
printf("B key pair generation completed...\n");
/* compute shared secret */
errid = ecdh_shared_secret(b_pub,a_pri,a_secret);
if(errid != 1){
printf("[ecdh_sharedS_secret]error!!!");
return -1;
}
printf("A shared_secret generation completed...\n");
errid = ecdh_shared_secret(a_pub,b_pri,b_secret);
if(errid != 1){
printf("[ecdh_sharedS_secret]error!!!");
return -1;
}
printf("B shared_secret generation completed...\n");
hash_sha256(a_secret,a_hash);
if(errid != 1){
printf("[hash_sha256]error!!!");
return -1;
}
printf("A shared_secret hash completed...\n");
hash_sha256(b_secret,b_hash);
if(errid != 1){
printf("[hash_sha256]error!!!");
return -1;
}
printf("B shared_secret hash completed...\n");
/* sign */
errid = ecdsa_sign(a_pri,a_hash,p_signature);
if(errid != 1){
printf("[ecdsa_sign]error!!!");
return -1;
}
/* verify */
errid = ecdsa_verify(a_pub,a_hash,p_signature);
if(errid != 1){
printf("[ecdsa_verify]error!!!");
return -1;
}else{
printf("success \n");
}
errid = ecdsa_sign(b_pri,b_hash,p_signature);
if(errid != 1){
printf("[ecdsa_sign]error!!!");
return -1;
}
/* verify */
errid = ecdsa_verify(b_pub,b_hash,p_signature);
if(errid != 1){
printf("[ecdsa_verify]error!!!");
return -1;
}else{
printf("success \n");
}
return 0;
}
void create_signing_string(List *http_headers, char *payload, char *region, char *longdate, char *shortdate, char **signing_string) {
char *signed_request;
char *canonical_request_str;
create_canonical_request(http_headers, payload, &canonical_request_str);
if (NULL == canonical_request_str) {
puts("Failed to generate canonical request");
free(canonical_request_str);
return;
}
hash_sha256(canonical_request_str, strlen(canonical_request_str), &signed_request);
if (NULL == signed_request) {
puts("Failed to create signed_request");
free(signed_request);
return;
}
free(canonical_request_str);
int signing_string_len = strlen("AWS4-HMAC-SHA256\n\n//kinesis/aws4_request\n") + strlen(longdate) + strlen(shortdate) + strlen(region) + 2*32;
*signing_string = (char *)calloc(signing_string_len + 1, sizeof(char));
if (!sprintf(*signing_string, "AWS4-HMAC-SHA256\n%s\n%s/%s/kinesis/aws4_request\n%s", longdate, shortdate, region, signed_request)) {
puts("Failed to create sign_string");
free(signing_string);
return;
}
}
void create_canonical_request(List *headers, char *payload, char **canonical_request) {
if (NULL == headers || NULL == payload) {
puts("Invalid headers or payload list");
return;
}
char *header_names_line = "connection;content-length;content-type;host;user-agent;x-amz-date;x-amz-target";
char *hash_payload;
hash_sha256(payload, strlen(payload), &hash_payload);
if (NULL == hash_payload) {
puts("Failed to generate hash payload");
return;
}
List *canonical_request_lines = (List *)calloc(1, sizeof(List));
add_new_item_with_data(canonical_request_lines, "POST", 4);
add_new_item_with_data(canonical_request_lines, "/", 1);
add_new_item_with_data(canonical_request_lines, "", 0);
listcat(canonical_request_lines, headers);
add_new_item_with_data(canonical_request_lines, "", 0);
add_new_item_with_data(canonical_request_lines, header_names_line, strlen(header_names_line));
add_new_item_with_data(canonical_request_lines, hash_payload, 2*32);
*canonical_request = join_all_lines(canonical_request_lines, "\n");
free_list(canonical_request_lines);
}
//Computes HMACSHA256 on given plain text and key, outputs a string of bytes.
std::string hmac_sha256(std::string key,const std::string& plain)
{
if(key.size()>SHA256_BLOCK_SIZE)
key=hash_sha256(key);
std::string o_key_pad(SHA256_BLOCK_SIZE,0x5c);
std::string i_key_pad(SHA256_BLOCK_SIZE,0x36);
for(size_t ii=0;ii<key.size();++ii)
{
o_key_pad[ii]^=key[ii];
i_key_pad[ii]^=key[ii];
}
std::string hash=hash_sha256(i_key_pad+plain);
return hash_sha256(o_key_pad+hash);
}
