int crypt_new_1a(crypt_t c, unsigned char *key, int len) { unsigned char hash[32]; crypt_1a_t cs; if(!key || len <= 0) return 1; c->cs = malloc(sizeof(struct crypt_1a_struct)); memset(c->cs, 0, sizeof (struct crypt_1a_struct)); cs = (crypt_1a_t)c->cs; if(len == uECC_BYTES*2) { memcpy(cs->id_public,key,uECC_BYTES*2); }else{ // try to base64 decode in case that's the incoming format if(key[len] != 0 || base64_binlength((char*)key,0) != uECC_BYTES*2 || base64dec(cs->id_public,(char*)key,0)) return -1; } // generate fingerprint crypt_hash(cs->id_public,uECC_BYTES*2,hash); // create line ephemeral key uECC_make_key(cs->line_public, cs->line_private); // alloc/copy in the public values (free'd by crypt_free) c->part = malloc(32*2+1); c->keylen = uECC_BYTES*2; c->key = malloc(c->keylen); memcpy(c->key,cs->id_public,uECC_BYTES*2); util_hex(hash,32,(unsigned char*)c->part); return 0; }
int main(void) { uint32_t err_code; uint32_t time0, time1; LOG("Starting LFCLK"); err_code = nrf_drv_clock_init(); APP_ERROR_CHECK(err_code); nrf_drv_clock_lfclk_request(NULL); LOG("Starting RTC"); err_code = nrf_drv_rtc_init(&rtc, NULL, &rtc_handler); APP_ERROR_CHECK(err_code); nrf_drv_rtc_tick_enable(&rtc, false); nrf_drv_rtc_enable(&rtc); LOG("Starting RNG"); err_code = nrf_drv_rng_init(NULL); APP_ERROR_CHECK(err_code); while (1) { /* get a random key */ time0 = nrf_drv_rtc_counter_get(&rtc); uECC_make_key(public_key, private_key); time1 = nrf_drv_rtc_counter_get(&rtc); LOG("Key time was %u ", time1 - time0); /* use the key to sign the hash */ time0 = nrf_drv_rtc_counter_get(&rtc); uECC_sign(private_key, hash, signature); time1 = nrf_drv_rtc_counter_get(&rtc); LOG("Sig Time was %u ", time1 - time0); /* verify the signature */ time0 = nrf_drv_rtc_counter_get(&rtc); uECC_verify(public_key, hash, signature); time1 = nrf_drv_rtc_counter_get(&rtc); LOG("Verify Time was %u ", time1 - time0); time0 = nrf_drv_rtc_counter_get(&rtc); uECC_shared_secret(public_key, private_key, secret); time1 = nrf_drv_rtc_counter_get(&rtc); LOG("SS Time was %u ", time1 - time0); time0 = nrf_drv_rtc_counter_get(&rtc); sha256_init(&context); sha256_update(&context, message, 20); sha256_final(&context, shahash); time1 = nrf_drv_rtc_counter_get(&rtc); LOG("SHA Time was %u ", time1 - time0); } return 0; }
int yacl_create_key_pair(uint8_t public_key[YACL_P256_COORD_SIZE*2], uint8_t private_key[YACL_P256_COORD_SIZE]) { int rc; rc = uECC_make_key(public_key, private_key); rc = (rc == 1) ? 0 : 1; return rc; }
uint8_t cipher_generate(lob_t keys, lob_t secrets) { uint8_t secret[uECC_BYTES], key[uECC_BYTES*2], comp[uECC_BYTES+1]; if(!uECC_make_key(key, secret)) return 1; uECC_compress(key,comp); lob_set_base32(keys,"1a",comp,uECC_BYTES+1); lob_set_base32(secrets,"1a",secret,uECC_BYTES); return 0; }
uint8_t cipher_generate(lob_t keys, lob_t secrets) { uint8_t secret[SECRET_BYTES], key[KEY_BYTES], comp[COMP_BYTES]; if(!uECC_make_key(key, secret, curve)) return 1; uECC_compress(key,comp, curve); lob_set_base32(keys,"1c",comp,COMP_BYTES); lob_set_base32(secrets,"1c",secret,SECRET_BYTES); return 0; }
int yacl_create_key_pair(uint8_t public_key[YACL_P256_COORD_SIZE*2], uint8_t private_key[YACL_P256_COORD_SIZE]) { int rc; rc = uECC_make_key(public_key, private_key); if (rc == 1) return 0; else return 1; }
int main(int argc, char **argv) { unsigned l_num = 1; unsigned i, j; if(argc > 1) { l_num = strtoul(argv[1], NULL, 10); } randfd = open("/dev/urandom", O_RDONLY); if(randfd == -1) { printf("No access to urandom\n"); return -1; } uint8_t l_private[uECC_BYTES]; uint8_t l_public[uECC_BYTES*2]; uint8_t base64enc[uECC_BYTES*4]; for(i=0; i<l_num; ++i) { uECC_set_rng(&getRandomBytes); uECC_make_key(l_public, l_private); base64_encode(base64enc, l_private, uECC_BYTES); printf("Private_key_%u= \"", i); printf(base64enc); printf("\";\n"); printf("uint8_t private_%u[NUM_ECC_DIGITS] = {", i); vli_print(l_private); printf("};\n"); base64_encode(base64enc, l_public, uECC_BYTES*2); printf("Public_key_%u= \"", i); printf(base64enc); printf("\";\n"); printf("uint8_t public_%u[2*NUM_ECC_DIGITS] = {", i); vli_print(l_public); vli_print(l_public+uECC_BYTES); printf("};\n\n"); } return 0; }
int crypt_keygen_1a(packet_t p) { char b64[uECC_BYTES*4]; uint8_t id_private[uECC_BYTES], id_public[uECC_BYTES*2]; // create line ephemeral key uECC_make_key(id_public, id_private); base64enc(b64,id_public,uECC_BYTES*2); packet_set_str(p,"1a",b64); base64enc(b64,id_private,uECC_BYTES); packet_set_str(p,"1a_secret",b64); return 0; }
PKIError GenerateCAKeyPair (ByteArray *caPrivateKey, ByteArray *caPublicKey) { FUNCTION_INIT(); CHECK_NULL(caPrivateKey, ISSUER_NULL_PASSED); CHECK_NULL(caPrivateKey->data, ISSUER_NULL_PASSED); CHECK_NULL(caPublicKey, ISSUER_NULL_PASSED); CHECK_NULL(caPublicKey->data, ISSUER_NULL_PASSED); CHECK_COND(uECC_make_key(caPublicKey->data, caPrivateKey->data), ISSUER_MAKE_KEY_ERROR); caPublicKey->len = PUBLIC_KEY_SIZE; caPrivateKey->len = PRIVATE_KEY_SIZE; CHECK_CALL(InitCKMInfo); CHECK_CALL(SetCAPrivateKey, caPrivateKey); CHECK_CALL(SetCAPublicKey, caPublicKey); CHECK_CALL(SaveCKMInfo); FUNCTION_CLEAR(); }
remote_t remote_new(lob_t key, uint8_t *token) { uint8_t hash[32]; remote_t remote; if(!key || key->body_len != uECC_BYTES+1) return LOG("invalid key %d != %d",(key)?key->body_len:0,uECC_BYTES+1); if(!(remote = malloc(sizeof(struct remote_struct)))) return NULL; memset(remote,0,sizeof (struct remote_struct)); // copy in key and make ephemeral ones uECC_decompress(key->body,remote->key); uECC_make_key(remote->ekey, remote->esecret); uECC_compress(remote->ekey, remote->ecomp); if(token) { cipher_hash(remote->ecomp,16,hash); memcpy(token,hash,16); } // generate a random seq starting point for message IV's e3x_rand((uint8_t*)&(remote->seq),4); return remote; }
void ecdsa_keygen(unsigned char skey[ECDSA_SKEY_SIZE], unsigned char pkey[ECDSA_PKEY_SIZE]) { uECC_make_key(pkey, skey); }
int main(void) { printf("micro-ecc compiled!\n"); const struct uECC_Curve_t *curve = uECC_secp256r1(); int i, errorc = 0; int curve_size = uECC_curve_private_key_size(curve); int public_key_size = uECC_curve_public_key_size(curve); uint8_t l_secret1[curve_size]; uint8_t l_secret2[curve_size]; /* reserve space for a SHA-256 hash */ uint8_t l_hash[32] = { 0 }; uint8_t l_sig[public_key_size]; printf("Testing %d random private key pairs and signature using HWRNG\n", TESTROUNDS); uint8_t l_private1[curve_size]; uint8_t l_private2[curve_size]; uint8_t l_public1[public_key_size]; uint8_t l_public2[public_key_size]; for (i = 0; i < TESTROUNDS; ++i) { printf("."); if (!uECC_make_key(l_public1, l_private1, curve) || !uECC_make_key(l_public2, l_private2, curve)) { printf("\nRound %d: uECC_make_key() failed", i); errorc++; } else { if (!uECC_shared_secret(l_public2, l_private1, l_secret1, curve)) { printf("\nRound %d: shared_secret() failed (1)", i); errorc++; } else { if (!uECC_shared_secret(l_public1, l_private2, l_secret2, curve)) { printf("\nRound: %d: shared_secret() failed (2)", i); errorc++; } else { if (memcmp(l_secret1, l_secret2, sizeof(l_secret1)) != 0) { printf("\nShared secrets are not identical!\n"); errorc++; } /* copy some bogus data into the hash */ memcpy(l_hash, l_public1, 32); if ((uECC_sign(l_private1, l_hash, sizeof(l_hash), l_sig, curve)) != 1) { printf("\nRound %d: uECC_sign() failed", i); errorc++; } else { if ((uECC_verify(l_public1, l_hash, sizeof(l_hash), l_sig, curve)) != 1) { printf("\nRound %d: uECC_verify() failed", i); errorc++; } } } } } } printf(" done with %d error(s)\n", errorc); if (errorc) { puts("FAILURE"); return 1; } else { puts("SUCCESS"); return 0; } }
int main(void) { printf("micro-ecc compiled!\n"); int i, errorc = 0; uint8_t l_private1[uECC_BYTES]; uint8_t l_private2[uECC_BYTES]; uint8_t l_public1[uECC_BYTES * 2]; uint8_t l_public2[uECC_BYTES * 2]; uint8_t l_secret1[uECC_BYTES]; uint8_t l_secret2[uECC_BYTES]; uint8_t l_hash[uECC_BYTES]; uint8_t l_sig[uECC_BYTES * 2]; /* initialize hardware random number generator */ random_init(); /* power off RNG to save energy */ random_poweroff(); printf("Testing %d random private key pairs and signature\n", TESTROUNDS); for (i = 0; i < TESTROUNDS; ++i) { printf("."); if (!uECC_make_key(l_public1, l_private1) || !uECC_make_key(l_public2, l_private2)) { printf("\nRound %d: uECC_make_key() failed", i); errorc++; } else { if (!uECC_shared_secret(l_public2, l_private1, l_secret1)) { printf("\nRound %d: shared_secret() failed (1)", i); errorc++; } else { if (!uECC_shared_secret(l_public1, l_private2, l_secret2)) { printf("\nRound: %d: shared_secret() failed (2)", i); errorc++; } else { if (memcmp(l_secret1, l_secret2, sizeof(l_secret1)) != 0) { printf("\nShared secrets are not identical!\n"); errorc++; } memcpy(l_hash, l_public1, uECC_BYTES); if ((uECC_sign(l_private1, l_hash, l_sig)) != 1) { printf("\nRound %d: uECC_sign() failed", i); errorc++; } else { if ((uECC_verify(l_public1, l_hash, l_sig)) != 1) { printf("\nRound %d: uECC_verify() failed", i); errorc++; } } } } } } printf(" done with %d error(s)\n", errorc); if (errorc == 0) { return 0; } else { return 1; } }