Esempio n. 1
0
void challenge_37()
{
	gmp_randstate_t *state = gmp_rand();

	unsigned char salt[16];
	char password[] = "hunter2";
	size_t slen = 16, plen = 7;

	// Agree on N, g, k, I (email), P (password).
	mpz_t N, g, k;
	srp_params(N, g, k);

	// Server initialization. Generates M (salt), v.
	mpz_t v;
	srp_init_server(N, g, salt, slen, password, plen, v);

	// Client sends I, A = 0, N, 2*N, etc. This ensures K
	// can be calculated without knowing the password.
	mpz_t a, A;
	//mpz_init_set_ui(A, 0);
	mpz_init_set(A, N);
	mpz_mul_ui(A, A, 2);

	// Server sends M, B = kv + g^b mod N.
	mpz_t b, B;
	srp_server_send(state, N, g, k, v, b, B);

	// Both calculate u.
	mpz_t u;
	srp_compute_u(A, B, u);

	// Client calculates HMAC-SHA256(K, M), using knowledge
	// that A = 0, N, etc. Therefore, S = 0.
	unsigned char K[32];
	unsigned char client_hmac[32];
	mpz_init_set_ui(a, 0);
	size_t countp;
	unsigned char *rop = mpz_export(NULL, &countp, 1, 1, 1, 0, a);
	sha256(rop, countp, K);
	sha256_hmac(K, 32, salt, 16, client_hmac);

	// Server finishes, calculates the same. For K, it
	// uses K = SHA256((A * v^u)^b % N).
	unsigned char server_hmac[32];
	srp_server_finish(salt, slen, N, v, b, A, u, server_hmac);
	
	// Verify.
	printf("Client:\n");
	print_hex(client_hmac, 32);
	printf("Server:\n");
	print_hex(server_hmac, 32);

	srp_cleanup(state, N, g, k, v, a, A, b, B, u);
}
Esempio n. 2
0
SEC_RESULT auth_sha256(uchar* in,const size_t inlen,uchar* key,size_t keylen,uchar* hash, size_t hashlen){
	uchar* datahash = (uchar*)malloc(SHA256_SIZE);
	if(!datahash) return SEC_ERROR;
	int ret = sha256_hmac(in,inlen,key,keylen,datahash);
	if(ret){
		free(datahash);
		return SEC_ERROR;
	}
	int ret_cmp = memcmp(datahash,hash,hashlen);
	free(datahash);
	if(ret_cmp) return SEC_ERROR;
	return SEC_SUCCESS;
}
uint8_t MAC_RSP(uint8_t* host_fix,uint8_t* host_rn,uint8_t*buffer){
	uint8_t ret = ATCA_SUCCESS;
	uint8_t randomized_param[RANDOM_NUM_SIZE];
	memcpy(randomized_param,rn,RANDOM_NUM_SIZE);
	delay_ms(100);
	printf("\r\n");
	printf("the fixed challenge is: \r\n");
	print_mem(host_fix, RANDOM_NUM_SIZE, 16);
	delay_ms(100);
	printf("the random number is: \r\n");
	print_mem(host_rn, RANDOM_NUM_SIZE, 16);
	ret=cademo_mac_fixed_chal_randomized(AUTH_KEY_ID,host_fix,randomized_param,tempkey);
    delay_ms(100);
	printf("the temperate key is: \r\n");
	print_mem(tempkey, sizeof(tempkey), 16);
	delay_ms(100);
	sha256_hmac( tempkey, MAC_CHALLENGE_SIZE,host_rn, RANDOM_NUM_SIZE,buffer, 0 );
	printf("the MAC is: \r\n");
	print_mem(buffer,MAC_CHALLENGE_SIZE, 16);
	return ret;
	
}
Esempio n. 4
0
static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
        const unsigned char *input, size_t ilen,
        unsigned char *output )
{
    sha256_hmac( key, keylen, input, ilen, output, 0 );
}
Esempio n. 5
0
int protect_buffer(unsigned char **output, int *output_len,
		unsigned char *input, int input_len,
		char *password,
		unsigned char *salt, int salt_len,
		unsigned int iterations)
{
	int ret;
	int i;
	unsigned char k_m[32];
	unsigned char k_c[32];
	unsigned char k_i[32];
	unsigned char tmp_1[36];
	int pad_len;
	unsigned char *input_padd;
	unsigned char *cipher;
	aes_context aes_ctx;

	unsigned char iv_[16];


	/* *** Initialisation *** */
	input_padd = NULL;
	cipher = NULL;
	memset(iv_, 0x00, 16);

	/* *** Check des arguments *** */
	if((output == NULL) || (output_len == NULL) || (input == NULL) 
	|| (input_len <= 0) || (password == NULL) || (salt == NULL))
	{
		goto cleanup;
	}

	/* *** Deriv password to MasterKey *** */
	ret = deriv_passwd(k_m, password, salt, salt_len, iterations);
	if(ret != 0)
	{
		fprintf(stderr, "error: deriv_passwd\n");
		return 1;
	}

	/* *** Deriv MasterKey to CipherKey / IntegrityKey *** */
	i = 0;
	memcpy(tmp_1, k_m, 32);
	memcpy(tmp_1+32, &i, sizeof(int));
	sha256(tmp_1, 36, k_c, 0);
	i ++;
	memcpy(tmp_1, k_m, 32);
	memcpy(tmp_1+32, &i, sizeof(int));
	sha256(tmp_1, 36, k_i, 0);

	/* *** Padding ?! *** */
	pad_len = 16 - (input_len % 16);
	input_padd = (unsigned char *)malloc((input_len + pad_len)*sizeof(char));
	if(input_padd == NULL)
		goto cleanup;
	cipher = (unsigned char *)malloc((input_len + pad_len + 32)*sizeof(char));
	if(cipher == NULL)
		goto cleanup;
	memcpy(input_padd, input, input_len);
	memcpy(input_padd+input_len, padding, pad_len);

	/* *** Chiffrement *** */
	ret = aes_setkey_enc(&aes_ctx, k_c, 256);
	if(ret != 0)
		goto cleanup;

	ret = aes_crypt_cbc(&aes_ctx, AES_ENCRYPT, 
			input_len+pad_len, iv_, input_padd, 
			cipher);
	if(ret != 0)
		goto cleanup;
	
	/* *** Ajout du controle d'integrite *** */
	sha256_hmac(k_i, 32, cipher, input_len+pad_len, cipher+input_len+pad_len, 0);

	*output = cipher;
	*output_len = input_len + pad_len + 32;

	ret = 0;
cleanup:
	if(input_padd != NULL)
		free(input_padd);
	if(cipher != NULL)
		free(cipher);
	memset(&aes_ctx, 0x00, sizeof(aes_context));
	memset(k_m, 0x00, 32);
	memset(k_c, 0x00, 32);
	memset(k_i, 0x00, 32);
	memset(tmp_1, 0x00, 36);

	return ret;
}
Esempio n. 6
0
void hmac_256(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[32])
{
  sha256_hmac(key, keylen, input, ilen, output, 0);
}