Beginning of testing of handshake
This commit is contained in:
parent
e1a29128b6
commit
be9f278ebf
7 changed files with 67 additions and 24 deletions
30
crypto/rsa.c
30
crypto/rsa.c
|
@ -236,33 +236,45 @@ int libp2p_crypto_rsa_rsa_private_key_free(struct RsaPrivateKey* private_key) {
|
||||||
* @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048 bit key can store a sig in 256 bytes)
|
* @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048 bit key can store a sig in 256 bytes)
|
||||||
* @returns true(1) on successs, otherwise false(0)
|
* @returns true(1) on successs, otherwise false(0)
|
||||||
*/
|
*/
|
||||||
int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const unsigned char* message, size_t message_length, unsigned char* result) {
|
int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const char* message, size_t message_length, unsigned char* result) {
|
||||||
unsigned char output[32];
|
unsigned char hash[32];
|
||||||
libp2p_crypto_hashing_sha256(message, message_length, output);
|
mbedtls_pk_context private_context;
|
||||||
|
mbedtls_entropy_context entropy;
|
||||||
|
mbedtls_ctr_drbg_context ctr_drbg;
|
||||||
|
char* pers = "libp2p crypto rsa sign";
|
||||||
|
|
||||||
|
libp2p_crypto_hashing_sha256(message, message_length, hash);
|
||||||
|
|
||||||
// make a pk_context from the private key
|
// make a pk_context from the private key
|
||||||
mbedtls_pk_context private_context;
|
|
||||||
mbedtls_pk_init(&private_context);
|
mbedtls_pk_init(&private_context);
|
||||||
mbedtls_pk_parse_key(&private_context, (unsigned char*)private_key->der, private_key->der_length, NULL, 0);
|
mbedtls_pk_parse_key(&private_context, (unsigned char*)private_key->der, private_key->der_length, NULL, 0);
|
||||||
|
|
||||||
// gety just the RSA portion of the context
|
// get just the RSA portion of the context
|
||||||
mbedtls_rsa_context* ctx = mbedtls_pk_rsa(private_context);
|
mbedtls_rsa_context* ctx = mbedtls_pk_rsa(private_context);
|
||||||
mbedtls_ctr_drbg_context ctr_drbg;
|
|
||||||
mbedtls_ctr_drbg_init(&ctr_drbg);
|
mbedtls_ctr_drbg_init(&ctr_drbg);
|
||||||
|
|
||||||
|
mbedtls_entropy_init( &entropy );
|
||||||
|
|
||||||
|
// seed the routines
|
||||||
|
if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) != 0 )
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
|
||||||
// sign
|
// sign
|
||||||
|
/*
|
||||||
int retVal = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx,
|
int retVal = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx,
|
||||||
NULL, //mbedtls_ctr_drbg_random,
|
mbedtls_ctr_drbg_random,
|
||||||
&ctr_drbg,
|
&ctr_drbg,
|
||||||
MBEDTLS_RSA_PRIVATE,
|
MBEDTLS_RSA_PRIVATE,
|
||||||
MBEDTLS_MD_SHA256,
|
MBEDTLS_MD_SHA256,
|
||||||
32,
|
32,
|
||||||
output,
|
output,
|
||||||
result );
|
result );
|
||||||
//int retVal = mbedtls_rsa_private(&ctx, NULL, NULL, message, result);
|
*/
|
||||||
|
int retVal = mbedtls_rsa_private(ctx, mbedtls_ctr_drbg_random, &ctr_drbg, hash, result);
|
||||||
// cleanup
|
// cleanup
|
||||||
mbedtls_ctr_drbg_free(&ctr_drbg);
|
mbedtls_ctr_drbg_free(&ctr_drbg);
|
||||||
mbedtls_pk_free(&private_context);
|
//mbedtls_pk_free(private_context);
|
||||||
return retVal == 0;
|
return retVal == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,6 +39,12 @@ struct EphemeralPrivateKey {
|
||||||
*/
|
*/
|
||||||
int libp2p_crypto_ephemeral_keypair_generate(char* curve, struct EphemeralPrivateKey** private_key);
|
int libp2p_crypto_ephemeral_keypair_generate(char* curve, struct EphemeralPrivateKey** private_key);
|
||||||
|
|
||||||
|
/***
|
||||||
|
* Remove resources used by generation of ephemeral private key
|
||||||
|
* @param in the key to destroy
|
||||||
|
*/
|
||||||
|
void libp2p_crypto_ephemeral_key_free( struct EphemeralPrivateKey* in);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Routines to help with the StretchedKey struct
|
* Routines to help with the StretchedKey struct
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -58,7 +58,7 @@ int libp2p_crypto_rsa_rsa_private_key_free(struct RsaPrivateKey* private_key);
|
||||||
* @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048)
|
* @param result the resultant signature. Note: should be pre-allocated and be the size of the private key (i.e. 2048)
|
||||||
* @returns true(1) on successs, otherwise false(0)
|
* @returns true(1) on successs, otherwise false(0)
|
||||||
*/
|
*/
|
||||||
int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const unsigned char* message, size_t message_length, unsigned char* result);
|
int libp2p_crypto_rsa_sign(struct RsaPrivateKey* private_key, const char* message, size_t message_length, unsigned char* result);
|
||||||
|
|
||||||
int libp2p_crypto_rsa_verify(struct RsaPublicKey* public_key, const unsigned char* message, size_t message_length, const unsigned char* signature);
|
int libp2p_crypto_rsa_verify(struct RsaPublicKey* public_key, const unsigned char* message, size_t message_length, const unsigned char* signature);
|
||||||
|
|
||||||
|
|
|
@ -98,14 +98,6 @@ int libp2p_net_multistream_connect(const char* hostname, int port) {
|
||||||
if (socket_connect4(socket, ip, port) != 0)
|
if (socket_connect4(socket, ip, port) != 0)
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
||||||
// try to receive the protocol id
|
|
||||||
return_result = libp2p_net_multistream_receive(socket, &results, &results_size);
|
|
||||||
if (return_result == 0 || results_size < 1)
|
|
||||||
goto exit;
|
|
||||||
|
|
||||||
if (strstr(results, "multistream") == NULL) {
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
// send the multistream handshake
|
// send the multistream handshake
|
||||||
char* protocol_buffer = "/multistream/1.0.0\n";
|
char* protocol_buffer = "/multistream/1.0.0\n";
|
||||||
|
|
||||||
|
@ -113,6 +105,14 @@ int libp2p_net_multistream_connect(const char* hostname, int port) {
|
||||||
if (num_bytes <= 0)
|
if (num_bytes <= 0)
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
||||||
|
// try to receive the protocol id
|
||||||
|
return_result = libp2p_net_multistream_receive(socket, &results, &results_size);
|
||||||
|
if (return_result == 0 || results_size < 1)
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
if (strstr(results, "multistream") == NULL)
|
||||||
|
goto exit;
|
||||||
|
|
||||||
// we are now in the loop, so we can switch to another protocol (i.e. /secio/1.0.0)
|
// we are now in the loop, so we can switch to another protocol (i.e. /secio/1.0.0)
|
||||||
|
|
||||||
retVal = socket;
|
retVal = socket;
|
||||||
|
|
|
@ -190,7 +190,7 @@ int libp2p_secio_verify_signature(struct PublicKey* public_key, const unsigned c
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int libp2p_secio_sign(struct PrivateKey* private_key, unsigned char* in, size_t in_length, unsigned char** signature, size_t* signature_size) {
|
int libp2p_secio_sign(struct PrivateKey* private_key, const char* in, size_t in_length, unsigned char** signature, size_t* signature_size) {
|
||||||
if (private_key->type == KEYTYPE_RSA) {
|
if (private_key->type == KEYTYPE_RSA) {
|
||||||
struct RsaPrivateKey rsa_key;
|
struct RsaPrivateKey rsa_key;
|
||||||
rsa_key.der = (char*)private_key->data;
|
rsa_key.der = (char*)private_key->data;
|
||||||
|
@ -415,7 +415,15 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
|
||||||
propose_in_bytes = (unsigned char*)strchr((char*)results, '\n');
|
propose_in_bytes = (unsigned char*)strchr((char*)results, '\n');
|
||||||
if (propose_in_bytes == NULL)
|
if (propose_in_bytes == NULL)
|
||||||
goto exit;
|
goto exit;
|
||||||
|
// are we at the end of the buffer?
|
||||||
|
if (propose_in_bytes - results + 1 >= results_size) {
|
||||||
|
free(results);
|
||||||
|
// read some more
|
||||||
|
bytes_written = libp2p_net_multistream_receive(local_session->socket_descriptor, (char**)&results, &results_size);
|
||||||
|
propose_in_bytes = results;
|
||||||
|
} else {
|
||||||
propose_in_bytes++;
|
propose_in_bytes++;
|
||||||
|
}
|
||||||
propose_in_size = results_size - (propose_in_bytes - results);
|
propose_in_size = results_size - (propose_in_bytes - results);
|
||||||
|
|
||||||
if (!libp2p_secio_propose_protobuf_decode(propose_in_bytes, propose_in_size, &propose_in))
|
if (!libp2p_secio_propose_protobuf_decode(propose_in_bytes, propose_in_size, &propose_in))
|
||||||
|
@ -474,7 +482,13 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
|
||||||
|
|
||||||
// generate EphemeralPubKey
|
// generate EphemeralPubKey
|
||||||
struct EphemeralPrivateKey* e_private_key;
|
struct EphemeralPrivateKey* e_private_key;
|
||||||
libp2p_crypto_ephemeral_keypair_generate(local_session->chosen_curve, &e_private_key);
|
if (libp2p_crypto_ephemeral_keypair_generate(local_session->chosen_curve, &e_private_key) == 0)
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
local_session->ephemeral_public_key = malloc(e_private_key->public_key->bytes_size);
|
||||||
|
memcpy(local_session->ephemeral_public_key, e_private_key->public_key->bytes, e_private_key->public_key->bytes_size);
|
||||||
|
local_session->ephemeral_public_key_size = e_private_key->public_key->bytes_size;
|
||||||
|
libp2p_crypto_ephemeral_key_free(e_private_key);
|
||||||
|
|
||||||
// build buffer to sign
|
// build buffer to sign
|
||||||
char_buffer = libp2p_utils_vector_new();
|
char_buffer = libp2p_utils_vector_new();
|
||||||
|
@ -490,9 +504,10 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
|
||||||
memcpy(exchange_out->epubkey, local_session->ephemeral_public_key, local_session->ephemeral_public_key_size);
|
memcpy(exchange_out->epubkey, local_session->ephemeral_public_key, local_session->ephemeral_public_key_size);
|
||||||
exchange_out->epubkey_size = local_session->ephemeral_public_key_size;
|
exchange_out->epubkey_size = local_session->ephemeral_public_key_size;
|
||||||
struct PrivateKey priv;
|
struct PrivateKey priv;
|
||||||
|
priv.type = KEYTYPE_RSA;
|
||||||
priv.data = (unsigned char*)private_key->der;
|
priv.data = (unsigned char*)private_key->der;
|
||||||
priv.data_size = private_key->der_length;
|
priv.data_size = private_key->der_length;
|
||||||
libp2p_secio_sign(&priv, char_buffer->buffer, char_buffer->buffer_size, &exchange_out->signature, &exchange_out->signature_size);
|
libp2p_secio_sign(&priv, (char*)char_buffer->buffer, char_buffer->buffer_size, &exchange_out->signature, &exchange_out->signature_size);
|
||||||
libp2p_utils_vector_free(char_buffer);
|
libp2p_utils_vector_free(char_buffer);
|
||||||
|
|
||||||
exchange_out_protobuf_size = libp2p_secio_exchange_protobuf_encode_size(exchange_out);
|
exchange_out_protobuf_size = libp2p_secio_exchange_protobuf_encode_size(exchange_out);
|
||||||
|
@ -505,6 +520,8 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
|
||||||
|
|
||||||
// receive Exchange packet
|
// receive Exchange packet
|
||||||
bytes_written = libp2p_net_multistream_receive(local_session->socket_descriptor, (char**)&results, &results_size);
|
bytes_written = libp2p_net_multistream_receive(local_session->socket_descriptor, (char**)&results, &results_size);
|
||||||
|
if (bytes_written == 0)
|
||||||
|
goto exit;
|
||||||
libp2p_secio_exchange_protobuf_decode(results, results_size, &exchange_in);
|
libp2p_secio_exchange_protobuf_decode(results, results_size, &exchange_in);
|
||||||
|
|
||||||
// parse and verify
|
// parse and verify
|
||||||
|
|
|
@ -48,11 +48,15 @@ int test_secio_handshake() {
|
||||||
secure_session.traffic_type = TCP;
|
secure_session.traffic_type = TCP;
|
||||||
// connect to host
|
// connect to host
|
||||||
secure_session.socket_descriptor = libp2p_net_multistream_connect(secure_session.host, secure_session.port);
|
secure_session.socket_descriptor = libp2p_net_multistream_connect(secure_session.host, secure_session.port);
|
||||||
if (secure_session.socket_descriptor == -1)
|
if (secure_session.socket_descriptor == -1) {
|
||||||
|
fprintf(stderr, "test_secio_handshake: Unable to get socket descriptor\n");
|
||||||
goto exit;
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
if (!libp2p_secio_handshake(&secure_session, &rsa_private_key))
|
if (!libp2p_secio_handshake(&secure_session, &rsa_private_key)) {
|
||||||
|
fprintf(stderr, "test_secio_handshake: Unable to do handshake\n");
|
||||||
goto exit;
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
retVal = 1;
|
retVal = 1;
|
||||||
exit:
|
exit:
|
||||||
|
|
|
@ -33,9 +33,13 @@ int libp2p_utils_vector_add(struct Libp2pVector* vector, unsigned char* in_bytes
|
||||||
if (in_size > 0) {
|
if (in_size > 0) {
|
||||||
if (vector->buffer == NULL) {
|
if (vector->buffer == NULL) {
|
||||||
vector->buffer = (unsigned char*)malloc(in_size);
|
vector->buffer = (unsigned char*)malloc(in_size);
|
||||||
|
if (vector->buffer == NULL)
|
||||||
|
return 0;
|
||||||
memcpy(vector->buffer, in_bytes, in_size);
|
memcpy(vector->buffer, in_bytes, in_size);
|
||||||
} else {
|
} else {
|
||||||
vector->buffer = (unsigned char*)realloc(vector->buffer, in_size + vector->buffer_size);
|
vector->buffer = (unsigned char*)realloc(vector->buffer, in_size + vector->buffer_size);
|
||||||
|
if (vector->buffer == NULL)
|
||||||
|
return 0;
|
||||||
memcpy(&vector->buffer[vector->buffer_size], in_bytes, in_size);
|
memcpy(&vector->buffer[vector->buffer_size], in_bytes, in_size);
|
||||||
vector->buffer_size += in_size;
|
vector->buffer_size += in_size;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue