Beginning of testing of handshake

This commit is contained in:
John Jones 2017-02-08 12:32:41 -05:00
parent e1a29128b6
commit be9f278ebf
7 changed files with 67 additions and 24 deletions

View file

@ -236,33 +236,45 @@ int libp2p_crypto_rsa_rsa_private_key_free(struct RsaPrivateKey* private_key) {
* @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048 bit key can store a sig in 256 bytes) * @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048 bit key can store a sig in 256 bytes)
* @returns true(1) on successs, otherwise false(0) * @returns true(1) on successs, otherwise false(0)
*/ */
int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const unsigned char* message, size_t message_length, unsigned char* result) { int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const char* message, size_t message_length, unsigned char* result) {
unsigned char output[32]; unsigned char hash[32];
libp2p_crypto_hashing_sha256(message, message_length, output); mbedtls_pk_context private_context;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
char* pers = "libp2p crypto rsa sign";
libp2p_crypto_hashing_sha256(message, message_length, hash);
// make a pk_context from the private key // make a pk_context from the private key
mbedtls_pk_context private_context;
mbedtls_pk_init(&private_context); mbedtls_pk_init(&private_context);
mbedtls_pk_parse_key(&private_context, (unsigned char*)private_key->der, private_key->der_length, NULL, 0); mbedtls_pk_parse_key(&private_context, (unsigned char*)private_key->der, private_key->der_length, NULL, 0);
// gety just the RSA portion of the context // get just the RSA portion of the context
mbedtls_rsa_context* ctx = mbedtls_pk_rsa(private_context); mbedtls_rsa_context* ctx = mbedtls_pk_rsa(private_context);
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_entropy_init( &entropy );
// seed the routines
if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) != 0 )
return 0;
// sign // sign
/*
int retVal = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx, int retVal = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx,
NULL, //mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&ctr_drbg, &ctr_drbg,
MBEDTLS_RSA_PRIVATE, MBEDTLS_RSA_PRIVATE,
MBEDTLS_MD_SHA256, MBEDTLS_MD_SHA256,
32, 32,
output, output,
result ); result );
//int retVal = mbedtls_rsa_private(&ctx, NULL, NULL, message, result); */
int retVal = mbedtls_rsa_private(ctx, mbedtls_ctr_drbg_random, &ctr_drbg, hash, result);
// cleanup // cleanup
mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ctr_drbg_free(&ctr_drbg);
mbedtls_pk_free(&private_context); //mbedtls_pk_free(private_context);
return retVal == 0; return retVal == 0;
} }

View file

@ -39,6 +39,12 @@ struct EphemeralPrivateKey {
*/ */
int libp2p_crypto_ephemeral_keypair_generate(char* curve, struct EphemeralPrivateKey** private_key); int libp2p_crypto_ephemeral_keypair_generate(char* curve, struct EphemeralPrivateKey** private_key);
/***
* Remove resources used by generation of ephemeral private key
* @param in the key to destroy
*/
void libp2p_crypto_ephemeral_key_free( struct EphemeralPrivateKey* in);
/** /**
* Routines to help with the StretchedKey struct * Routines to help with the StretchedKey struct
*/ */

View file

@ -58,7 +58,7 @@ int libp2p_crypto_rsa_rsa_private_key_free(struct RsaPrivateKey* private_key);
* @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048) * @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048)
* @returns true(1) on successs, otherwise false(0) * @returns true(1) on successs, otherwise false(0)
*/ */
int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const unsigned char* message, size_t message_length, unsigned char* result); int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const char* message, size_t message_length, unsigned char* result);
int libp2p_crypto_rsa_verify(struct RsaPublicKey* public_key, const unsigned char* message, size_t message_length, const unsigned char* signature); int libp2p_crypto_rsa_verify(struct RsaPublicKey* public_key, const unsigned char* message, size_t message_length, const unsigned char* signature);

View file

@ -98,14 +98,6 @@ int libp2p_net_multistream_connect(const char* hostname, int port) {
if (socket_connect4(socket, ip, port) != 0) if (socket_connect4(socket, ip, port) != 0)
goto exit; goto exit;
// try to receive the protocol id
return_result = libp2p_net_multistream_receive(socket, &results, &results_size);
if (return_result == 0 || results_size < 1)
goto exit;
if (strstr(results, "multistream") == NULL) {
goto exit;
}
// send the multistream handshake // send the multistream handshake
char* protocol_buffer = "/multistream/1.0.0\n"; char* protocol_buffer = "/multistream/1.0.0\n";
@ -113,6 +105,14 @@ int libp2p_net_multistream_connect(const char* hostname, int port) {
if (num_bytes <= 0) if (num_bytes <= 0)
goto exit; goto exit;
// try to receive the protocol id
return_result = libp2p_net_multistream_receive(socket, &results, &results_size);
if (return_result == 0 || results_size < 1)
goto exit;
if (strstr(results, "multistream") == NULL)
goto exit;
// we are now in the loop, so we can switch to another protocol (i.e. /secio/1.0.0) // we are now in the loop, so we can switch to another protocol (i.e. /secio/1.0.0)
retVal = socket; retVal = socket;

View file

@ -190,7 +190,7 @@ int libp2p_secio_verify_signature(struct PublicKey* public_key, const unsigned c
return 0; return 0;
} }
int libp2p_secio_sign(struct PrivateKey* private_key, unsigned char* in, size_t in_length, unsigned char** signature, size_t* signature_size) { int libp2p_secio_sign(struct PrivateKey* private_key, const char* in, size_t in_length, unsigned char** signature, size_t* signature_size) {
if (private_key->type == KEYTYPE_RSA) { if (private_key->type == KEYTYPE_RSA) {
struct RsaPrivateKey rsa_key; struct RsaPrivateKey rsa_key;
rsa_key.der = (char*)private_key->data; rsa_key.der = (char*)private_key->data;
@ -415,7 +415,15 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
propose_in_bytes = (unsigned char*)strchr((char*)results, '\n'); propose_in_bytes = (unsigned char*)strchr((char*)results, '\n');
if (propose_in_bytes == NULL) if (propose_in_bytes == NULL)
goto exit; goto exit;
// are we at the end of the buffer?
if (propose_in_bytes - results + 1 >= results_size) {
free(results);
// read some more
bytes_written = libp2p_net_multistream_receive(local_session->socket_descriptor, (char**)&results, &results_size);
propose_in_bytes = results;
} else {
propose_in_bytes++; propose_in_bytes++;
}
propose_in_size = results_size - (propose_in_bytes - results); propose_in_size = results_size - (propose_in_bytes - results);
if (!libp2p_secio_propose_protobuf_decode(propose_in_bytes, propose_in_size, &propose_in)) if (!libp2p_secio_propose_protobuf_decode(propose_in_bytes, propose_in_size, &propose_in))
@ -474,7 +482,13 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
// generate EphemeralPubKey // generate EphemeralPubKey
struct EphemeralPrivateKey* e_private_key; struct EphemeralPrivateKey* e_private_key;
libp2p_crypto_ephemeral_keypair_generate(local_session->chosen_curve, &e_private_key); if (libp2p_crypto_ephemeral_keypair_generate(local_session->chosen_curve, &e_private_key) == 0)
goto exit;
local_session->ephemeral_public_key = malloc(e_private_key->public_key->bytes_size);
memcpy(local_session->ephemeral_public_key, e_private_key->public_key->bytes, e_private_key->public_key->bytes_size);
local_session->ephemeral_public_key_size = e_private_key->public_key->bytes_size;
libp2p_crypto_ephemeral_key_free(e_private_key);
// build buffer to sign // build buffer to sign
char_buffer = libp2p_utils_vector_new(); char_buffer = libp2p_utils_vector_new();
@ -490,9 +504,10 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
memcpy(exchange_out->epubkey, local_session->ephemeral_public_key, local_session->ephemeral_public_key_size); memcpy(exchange_out->epubkey, local_session->ephemeral_public_key, local_session->ephemeral_public_key_size);
exchange_out->epubkey_size = local_session->ephemeral_public_key_size; exchange_out->epubkey_size = local_session->ephemeral_public_key_size;
struct PrivateKey priv; struct PrivateKey priv;
priv.type = KEYTYPE_RSA;
priv.data = (unsigned char*)private_key->der; priv.data = (unsigned char*)private_key->der;
priv.data_size = private_key->der_length; priv.data_size = private_key->der_length;
libp2p_secio_sign(&priv, char_buffer->buffer, char_buffer->buffer_size, &exchange_out->signature, &exchange_out->signature_size); libp2p_secio_sign(&priv, (char*)char_buffer->buffer, char_buffer->buffer_size, &exchange_out->signature, &exchange_out->signature_size);
libp2p_utils_vector_free(char_buffer); libp2p_utils_vector_free(char_buffer);
exchange_out_protobuf_size = libp2p_secio_exchange_protobuf_encode_size(exchange_out); exchange_out_protobuf_size = libp2p_secio_exchange_protobuf_encode_size(exchange_out);
@ -505,6 +520,8 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
// receive Exchange packet // receive Exchange packet
bytes_written = libp2p_net_multistream_receive(local_session->socket_descriptor, (char**)&results, &results_size); bytes_written = libp2p_net_multistream_receive(local_session->socket_descriptor, (char**)&results, &results_size);
if (bytes_written == 0)
goto exit;
libp2p_secio_exchange_protobuf_decode(results, results_size, &exchange_in); libp2p_secio_exchange_protobuf_decode(results, results_size, &exchange_in);
// parse and verify // parse and verify

View file

@ -48,11 +48,15 @@ int test_secio_handshake() {
secure_session.traffic_type = TCP; secure_session.traffic_type = TCP;
// connect to host // connect to host
secure_session.socket_descriptor = libp2p_net_multistream_connect(secure_session.host, secure_session.port); secure_session.socket_descriptor = libp2p_net_multistream_connect(secure_session.host, secure_session.port);
if (secure_session.socket_descriptor == -1) if (secure_session.socket_descriptor == -1) {
fprintf(stderr, "test_secio_handshake: Unable to get socket descriptor\n");
goto exit; goto exit;
}
if (!libp2p_secio_handshake(&secure_session, &rsa_private_key)) if (!libp2p_secio_handshake(&secure_session, &rsa_private_key)) {
fprintf(stderr, "test_secio_handshake: Unable to do handshake\n");
goto exit; goto exit;
}
retVal = 1; retVal = 1;
exit: exit:

View file

@ -33,9 +33,13 @@ int libp2p_utils_vector_add(struct Libp2pVector* vector, unsigned char* in_bytes
if (in_size > 0) { if (in_size > 0) {
if (vector->buffer == NULL) { if (vector->buffer == NULL) {
vector->buffer = (unsigned char*)malloc(in_size); vector->buffer = (unsigned char*)malloc(in_size);
if (vector->buffer == NULL)
return 0;
memcpy(vector->buffer, in_bytes, in_size); memcpy(vector->buffer, in_bytes, in_size);
} else { } else {
vector->buffer = (unsigned char*)realloc(vector->buffer, in_size + vector->buffer_size); vector->buffer = (unsigned char*)realloc(vector->buffer, in_size + vector->buffer_size);
if (vector->buffer == NULL)
return 0;
memcpy(&vector->buffer[vector->buffer_size], in_bytes, in_size); memcpy(&vector->buffer[vector->buffer_size], in_bytes, in_size);
vector->buffer_size += in_size; vector->buffer_size += in_size;
} }