/* [identical to Skein_256_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */ int Skein_256_InitExt(Skein_256_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes) { union { u08b_t b[SKEIN_256_STATE_BYTES]; u64b_t w[SKEIN_256_STATE_WORDS]; } cfg; /* config block */ Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN); Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL); /* compute the initial chaining values ctx->X[], based on key */ if (keyBytes == 0) /* is there a key? */ { memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */ } else /* here to pre-process a key */ { Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X)); /* do a mini-Init right here */ ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */ Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */ memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */ Skein_256_Update(ctx,key,keyBytes); /* hash the key */ Skein_256_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */ memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */ #if SKEIN_NEED_SWAP { uint_t i; for (i=0;i<SKEIN_256_STATE_WORDS;i++) /* convert key bytes to context words */ ctx->X[i] = Skein_Swap64(ctx->X[i]); } #endif } /* build/process the config block, type == CONFIG (could be precomputed for each key) */ ctx->h.hashBitLen = hashBitLen; /* output hash bit count */ Skein_Start_New_Type(ctx,CFG_FINAL); memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */ cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */ cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */ Skein_Show_Key(256,&ctx->h,key,keyBytes); /* compute the initial chaining values from config block */ Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN); /* The chaining vars ctx->X are now initialized */ /* Set up to process the data message portion of the hash (default) */ ctx->h.bCnt = 0; /* buffer b[] starts out empty */ Skein_Start_New_Type(ctx,MSG); return SKEIN_SUCCESS; }
int skeinUpdate(SkeinCtx_t *ctx, const uint8_t *msg, size_t msgByteCnt) { int ret = SKEIN_FAIL; Skein_Assert(ctx, SKEIN_FAIL); switch (ctx->skeinSize) { case Skein256: ret = Skein_256_Update(&ctx->m.s256, (const u08b_t*)msg, msgByteCnt); break; case Skein512: ret = Skein_512_Update(&ctx->m.s512, (const u08b_t*)msg, msgByteCnt); break; case Skein1024: ret = Skein1024_Update(&ctx->m.s1024, (const u08b_t*)msg, msgByteCnt); break; } return ret; }
uint8_t * calc_mac(uint8_t *snum, uint8_t *mkey, uint8_t *nonce, int nonce_len) { EKeySkein sk_mac; uint8_t macbuf[32]; uint8_t *mac; mac = calloc(1, 6); PrepareSkein(&sk_mac, snum, mkey, EKEY_SKEIN_PERSONALISATION_LKMS); Skein_256_Update(&sk_mac, nonce, nonce_len); Skein_256_Final_Pad(&sk_mac, macbuf); mac[0] = macbuf[0]; mac[1] = macbuf[1]; mac[2] = macbuf[2]; mac[3] = macbuf[29]; mac[4] = macbuf[30]; mac[5] = macbuf[31]; return mac; }
int main(int argc, char **argv) { uint8_t *mkey = NULL; /** Master key. */ uint8_t *snum = NULL; /** Serial number */ char *key_path = NULL; estream_state_t *key_stream ; /** The input stream. */ epkt_state_t *epkt; /* The packet handler attached to the framer. */ int opt; int res; uint8_t data[128]; uint8_t nonce[12]; uint8_t *mac; EKeySkein rekeying_state; uint8_t session_key[32]; int retries; char *keyring_filename; bool nokeyring = false; keyring_filename = strdup(KEYRINGFILE); while ((opt = getopt(argc, argv, "vhnf:s:m:")) != -1) { switch (opt) { case 's': /* set serial number */ snum = malloc(12); res = pem64_decode_bytes(optarg, 16, snum); if (res != 12) { fprintf(stderr, "The serial number given is not the correct length. (%d/12)\n", res); return EXIT_CODE_CMDLINE; } break; case 'm': /* set master key */ mkey = extract_master_key(optarg, strlen(optarg)); if (mkey == NULL) return EXIT_CODE_CMDLINE; break; case 'f': /* set keyring filename */ free(keyring_filename); keyring_filename = strdup(optarg); break; case 'n': /* do not update the keyring */ nokeyring = true; break; case 'v': /* print version number */ printf("%s: Version 1.1\n", argv[0]); return 0; case 'h': default: fprintf(stderr, usage, argv[0]); return EXIT_CODE_CMDLINE; } } if (optind >= argc) { if (snum == NULL) { fprintf(stderr, "A device path must be given.\n"); fprintf(stderr, usage, argv[0]); return EXIT_CODE_CMDLINE; } else { key_path = calloc(1, 17 + strlen(DEVEKEY)); memcpy(key_path, DEVEKEY, 1 + strlen(DEVEKEY)); pem64_encode_bytes(snum, 12, key_path + 16); } } else { key_path = strdup(argv[optind]); } /* load keyring */ if (nokeyring == false) { if (get_keyring(keyring_filename) < 0) { free(key_path); return EXIT_CODE_LOADKEYRING; } } /* ensure master key */ if (mkey == NULL) { char s[55]; int sidx; int sodx; int slen; if (isatty(STDIN) == 0) { fprintf(stderr, "A master key must be given.\n"); free(key_path); return EXIT_CODE_MASTERKEY; } printf("Please enter a master key: "); if (fgets(s, sizeof(s), stdin) == NULL) { perror("fgets"); } /* we must allow for the user entering spaces in the input */ slen = strlen(s); sidx = sodx = 0; while ((sidx < slen) && (s[sidx] != 0)) { s[sodx] = s[sidx]; if (s[sidx] != ' ') { sodx++; } sidx++; } s[sodx] = 0; mkey = extract_master_key(s, sodx); if (mkey == NULL) { free(key_path); return EXIT_CODE_MASTERKEY; } } /* open entropy key device */ key_stream = estream_open(key_path); if (key_stream == NULL) { perror("Error"); fprintf(stderr, "Unable to open %s as the entropy key device.\n", key_path); free(key_path); return EXIT_CODE_EKEYERR; } free(key_path); epkt = epkt_open(eframe_open(key_stream)); /* reset key */ estream_write(key_stream, reset, 1); epkt_setsessionkey(epkt, NULL, default_session_key); /* wait for serial packet */ retries = 20; do { res = epkt_read(epkt, data, 128); if (res <= 0) { if (errno == EWOULDBLOCK) continue; perror("Unexpected error"); return 2; } else if (epkt->pkt_type == PKTTYPE_SNUM) { break; } /* reset key */ estream_write(key_stream, reset, 1); epkt_setsessionkey(epkt, NULL, default_session_key); retries--; } while (retries > 0); if (retries == 0) { fprintf(stderr, "Timeout obtaining serial number from key.\n"); return 3; } if (res != 12) { fprintf(stderr, "Bad serial number from key.\n"); return 4; } if (snum == NULL) { /* no serial number */ snum = malloc(res); memcpy(snum, data, res); } else { /* ensure serial number matches */ if (memcmp(snum, data, 12) != 0) { fprintf(stderr, "Serial number did not match the one specified.\n"); return 4; } } /* Initialise the MAC checksum using the serial number and the default * shared key */ epkt_setsessionkey(epkt, snum, default_session_key); /* Prepare a nonce */ if (fill_nonce(nonce, 12) != true) { fprintf(stderr, "Unable to generate nonce.\n"); return 1; } close_nonce(); /* send nonce MAC */ mac = calc_mac(snum, mkey, nonce, 12); data[0] = 'M'; pem64_encode_bytes(mac, 6, (char *)data + 1); estream_write(key_stream, data, 9); /* wait for MAC ack packet */ retries = 20; do { res = epkt_read(epkt, data, 128); if (res <= 0) { if (errno == EWOULDBLOCK) continue; perror("Unexpected error"); return 2; } if (epkt->pkt_type == PKTTYPE_LTREKEYMAC) break; retries--; } while (retries > 0); if (retries == 0) { fprintf(stderr, "Timeout obtaining MAC acknowledgement packet.\n"); return 3; } data[0] = 'L'; data[17] = '.'; pem64_encode_bytes(nonce, 12, (char *)data + 1); estream_write(key_stream, data, 18); /* wait for rekey ack packet */ do { res = epkt_read(epkt, data, 128); if (res <= 0) { if (errno == EWOULDBLOCK) continue; if (errno == EPROTO) { fprintf(stderr, "Provided master key does not match the device's.\n"); return 2; } perror("Unexpected error"); return 2; } } while (epkt->pkt_type != PKTTYPE_LTREKEY); /* calculate new longterm key */ PrepareSkein(&rekeying_state, snum, &(mkey[0]), EKEY_SKEIN_PERSONALISATION_LRS); Skein_256_Update(&rekeying_state, &(data[0]), 32); Skein_256_Update(&rekeying_state, nonce, 12); Skein_256_Final(&rekeying_state, session_key); if (nokeyring == false) { add_ltkey(snum, session_key); if (put_keyring(keyring_filename) < 0) return EXIT_CODE_WRITEKEYRING; } else { /* just display new key */ output_key(stdout, snum, session_key); } return 0; }
void SKEIN256_Update(SKEIN256_CTX * ctx, const void *in, size_t len) { Skein_256_Update(ctx, in, len); }