diff --git a/lib/include/chiaki/ecdh.h b/lib/include/chiaki/ecdh.h index d6cbdfc..b96907e 100644 --- a/lib/include/chiaki/ecdh.h +++ b/lib/include/chiaki/ecdh.h @@ -35,8 +35,8 @@ typedef struct chiaki_ecdh_t CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_init(ChiakiECDH *ecdh); CHIAKI_EXPORT void chiaki_ecdh_fini(ChiakiECDH *ecdh); -CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_get_local_pub_key(ChiakiECDH *ecdh, uint8_t *key_out, size_t *key_out_size, uint8_t *handshake_key, uint8_t *sig_out, size_t *sig_out_size); -CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_derive_secret(ChiakiECDH *ecdh, uint8_t *remote_key, size_t remote_key_size, uint8_t *handshake_key, uint8_t *remote_sig, size_t remote_sig_size); +CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_get_local_pub_key(ChiakiECDH *ecdh, uint8_t *key_out, size_t *key_out_size, const uint8_t *handshake_key, uint8_t *sig_out, size_t *sig_out_size); +CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_derive_secret(ChiakiECDH *ecdh, uint8_t *secret_out, size_t *secret_out_size, const uint8_t *remote_key, size_t remote_key_size, const uint8_t *handshake_key, const uint8_t *remote_sig, size_t remote_sig_size); CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_set_local_key(ChiakiECDH *ecdh, const uint8_t *private_key, size_t private_key_size, const uint8_t *public_key, size_t public_key_size); #ifdef __cplusplus diff --git a/lib/src/ecdh.c b/lib/src/ecdh.c index 481d124..ae84c23 100644 --- a/lib/src/ecdh.c +++ b/lib/src/ecdh.c @@ -92,7 +92,7 @@ error_priv: return err; } -CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_get_local_pub_key(ChiakiECDH *ecdh, uint8_t *key_out, size_t *key_out_size, uint8_t *handshake_key, uint8_t *sig_out, size_t *sig_out_size) +CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_get_local_pub_key(ChiakiECDH *ecdh, uint8_t *key_out, size_t *key_out_size, const uint8_t *handshake_key, uint8_t *sig_out, size_t *sig_out_size) { const EC_POINT *point = EC_KEY_get0_public_key(ecdh->key_local); if(!point) @@ -105,48 +105,29 @@ CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_get_local_pub_key(ChiakiECDH *ecdh, ui if(!HMAC(EVP_sha256(), handshake_key, CHIAKI_HANDSHAKE_KEY_SIZE, key_out, *key_out_size, sig_out, (unsigned int *)sig_out_size)) return CHIAKI_ERR_UNKNOWN; - // TODO: set *sig_out_size? - return CHIAKI_ERR_SUCCESS; } -CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_derive_secret(ChiakiECDH *ecdh, uint8_t *remote_key, size_t remote_key_size, uint8_t *handshake_key, uint8_t *remote_sig, size_t remote_sig_size) +CHIAKI_EXPORT ChiakiErrorCode chiaki_ecdh_derive_secret(ChiakiECDH *ecdh, uint8_t *secret_out, size_t *secret_out_size, const uint8_t *remote_key, size_t remote_key_size, const uint8_t *handshake_key, const uint8_t *remote_sig, size_t remote_sig_size) { - EC_POINT *point = EC_POINT_new(ecdh->group); - if(!point) + EC_POINT *remote_public_key = EC_POINT_new(ecdh->group); + if(!remote_public_key) return CHIAKI_ERR_UNKNOWN; - if(!EC_POINT_oct2point(ecdh->group, point, remote_key, remote_key_size, NULL)) + if(!EC_POINT_oct2point(ecdh->group, remote_public_key, remote_key, remote_key_size, NULL)) { - EC_POINT_free(point); + EC_POINT_free(remote_public_key); return CHIAKI_ERR_UNKNOWN; } - EC_KEY *remote_ec_key = EC_KEY_new(); - if(!remote_ec_key) - { - EC_POINT_free(point); + int r = ECDH_compute_key(secret_out, *secret_out_size, remote_public_key, ecdh->key_local, NULL); + + EC_POINT_free(remote_public_key); + + if(r <= 0) return CHIAKI_ERR_UNKNOWN; - } - if(!EC_KEY_set_group(remote_ec_key, ecdh->group)) - { - EC_KEY_free(remote_ec_key); - EC_POINT_free(point); - return CHIAKI_ERR_UNKNOWN; - } - - if(!EC_KEY_set_public_key(remote_ec_key, point)) - { - EC_KEY_free(remote_ec_key); - EC_POINT_free(point); - return CHIAKI_ERR_UNKNOWN; - } - EC_POINT_free(point); - - // TODO: do derivation - - EC_KEY_free(remote_ec_key); + *secret_out_size = (size_t)r; return CHIAKI_ERR_SUCCESS; } \ No newline at end of file diff --git a/lib/src/nagare.c b/lib/src/nagare.c index 4e7a037..c2067db 100644 --- a/lib/src/nagare.c +++ b/lib/src/nagare.c @@ -200,10 +200,10 @@ static void nagare_takion_data_expect_bang(ChiakiNagare *nagare, uint8_t *buf, s CHIAKI_LOGI(nagare->log, "Nagare bang looks good so far\n"); - chiaki_ecdh_derive_secret(&nagare->session->ecdh, - ecdh_pub_key_buf.buf, ecdh_pub_key_buf.size, - nagare->session->handshake_key, - ecdh_sig_buf.buf, ecdh_sig_buf.size); +// chiaki_ecdh_derive_secret(&nagare->session->ecdh, +// ecdh_pub_key_buf.buf, ecdh_pub_key_buf.size, +// nagare->session->handshake_key, +// ecdh_sig_buf.buf, ecdh_sig_buf.size); error: chiaki_mirai_signal(&nagare->bang_mirai, true); diff --git a/test/gkcrypt.c b/test/gkcrypt.c index 0e6fce1..30a9d6f 100644 --- a/test/gkcrypt.c +++ b/test/gkcrypt.c @@ -19,6 +19,7 @@ #include +#include static MunitResult test_ecdh(const MunitParameter params[], void *user) { @@ -39,9 +40,29 @@ static MunitResult test_ecdh(const MunitParameter params[], void *user) if(err != CHIAKI_ERR_SUCCESS) return MUNIT_ERROR; - //uint8_t local_public_key_result[128]; - //uint8_t local_public_key_sig_result[32]; - //chiaki_ecdh_get_local_pub_key() + uint8_t local_public_key_result[128]; + size_t local_public_key_result_size = sizeof(local_public_key_result); + uint8_t local_public_key_sig_result[32]; + size_t local_public_key_sig_result_size = sizeof(local_public_key_sig_result); + chiaki_ecdh_get_local_pub_key(&ecdh, local_public_key_result, &local_public_key_result_size, handshake_key, local_public_key_sig_result, &local_public_key_sig_result_size); + + munit_assert_size(local_public_key_result_size, ==, sizeof(local_public_key)); + munit_assert_memory_equal(sizeof(local_public_key), local_public_key_result, local_public_key); + + munit_assert_size(local_public_key_sig_result_size, ==, sizeof(local_public_key_sig)); + munit_assert_memory_equal(sizeof(local_public_key_sig), local_public_key_sig_result, local_public_key_sig); + + uint8_t secret_result[128]; + size_t secret_result_size = sizeof(secret_result); + chiaki_ecdh_derive_secret(&ecdh, secret_result, &secret_result_size, + remote_public_key, sizeof(remote_public_key), + handshake_key, + remote_public_key_sig, sizeof(remote_public_key_sig)); + + munit_assert_size(secret_result_size, ==, sizeof(secret)); + munit_assert_memory_equal(sizeof(secret), secret_result, secret); + + chiaki_ecdh_fini(&ecdh); return MUNIT_OK; }