From 8854044e9417bed30c325870cecc31d629a23f14 Mon Sep 17 00:00:00 2001 From: "F. Duncanh" Date: Thu, 30 Nov 2023 07:02:33 -0500 Subject: [PATCH] don't use ED25519 private key as SRP6 private key --- lib/crypto.c | 75 --------------------------------------------------- lib/crypto.h | 1 - lib/pairing.c | 19 +++++-------- lib/pairing.h | 1 + lib/utils.c | 54 ------------------------------------- lib/utils.h | 1 - 6 files changed, 8 insertions(+), 143 deletions(-) diff --git a/lib/crypto.c b/lib/crypto.c index 2f9e7c2..b56bdd5 100644 --- a/lib/crypto.c +++ b/lib/crypto.c @@ -350,73 +350,8 @@ int gcm_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *pl struct ed25519_key_s { EVP_PKEY *pkey; - unsigned char ed_secret[ED25519_KEY_SIZE]; }; -const unsigned char* ed25519_secret_key(const ed25519_key_t *key) { - assert(key); - return (const unsigned char *) key->ed_secret; -} - -int -extract_evp_private_key(unsigned char *privkey, int keylen, char *data) { - int count = 0; - unsigned int val; - unsigned int part1 = 0; - int part = 0; - unsigned char start[4] = { 0x20, 0x20, 0x20, 0x20 }; - - printf("%s\n", data); - - for (int i = 0; i < strlen(data); i ++ ) { - if (memcmp(data, start, 4)) { - data ++; - } else { - data += 4; - break; - } - } - - int datalen = strlen(data); - for (int i = 0; (count < keylen && i < datalen); i++) { - val = 64; - if ('0' <= *data && *data <= '9') val = *data - '0'; - if ('a' <= *data && *data <= 'f') val = 10 + *data - 'a'; - if ('A' <= *data && *data <= 'F') val = 10 + *data - 'A'; - if (val == 64) { - data++; - continue; - } - part++; - part = part% 2; - switch (part) { - case 1: - part1 = val; - data++; - break; - case 0: - privkey[count] = (unsigned char) (val + (part1 << 4)); - count++; - data++; - break; - default: - break; - } - } - - if (count != keylen) goto error; - - for (int i = 0; i < keylen; i++) { - printf("%2.2x ", *(privkey + i)); - } - printf("\n"); - - return 0; - error:; - memset(privkey, 0, keylen); - return -1; -} - ed25519_key_t *ed25519_key_generate(const char *keyfile) { ed25519_key_t *key; EVP_PKEY_CTX *pctx; @@ -467,16 +402,6 @@ ed25519_key_t *ed25519_key_generate(const char *keyfile) { } } } - - int bufsize = 512; /*should be big enough */ - void *buf = malloc(bufsize); - bp = BIO_new(BIO_s_mem()); - EVP_PKEY_print_private(bp, key->pkey, 0, NULL); - BIO_read(bp, buf, bufsize); - BIO_free(bp); - - private_key_from_EVP_PKEY_print_private(key->ed_secret, ED25519_KEY_SIZE, (char *) buf); - free(buf); return key; } diff --git a/lib/crypto.h b/lib/crypto.h index c6cf434..59a3865 100644 --- a/lib/crypto.h +++ b/lib/crypto.h @@ -82,7 +82,6 @@ int gcm_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *pl typedef struct ed25519_key_s ed25519_key_t; -const unsigned char* ed25519_secret_key(const ed25519_key_t *key); ed25519_key_t *ed25519_key_generate(const char * keyfile); ed25519_key_t *ed25519_key_from_raw(const unsigned char data[ED25519_KEY_SIZE]); void ed25519_key_get_raw(unsigned char data[ED25519_KEY_SIZE], const ed25519_key_t *key); diff --git a/lib/pairing.c b/lib/pairing.c index 9cc978f..49c2600 100644 --- a/lib/pairing.c +++ b/lib/pairing.c @@ -57,7 +57,7 @@ struct pairing_session_s { /* srp items */ srp_user_t *srp_user; unsigned char srp_session_key[SRP_SESSION_KEY_SIZE]; - + unsigned char srp_private_key[SRP_PRIVATE_KEY_SIZE]; }; static int @@ -101,11 +101,6 @@ pairing_get_public_key(pairing_t *pairing, unsigned char public_key[ED25519_KEY_ ed25519_key_get_raw(public_key, pairing->ed); } -const unsigned char *srp_private_key(pairing_t *pairing) { - assert(pairing); - return ed25519_secret_key(pairing->ed); -} - int pairing_get_ecdh_secret_key(pairing_session_t *session, unsigned char ecdh_secret[X25519_KEY_SIZE]) { @@ -272,7 +267,6 @@ pairing_session_destroy(pairing_session_t *session) x25519_key_destroy(session->ecdh_ours); x25519_key_destroy(session->ecdh_theirs); - free(session); } } @@ -318,12 +312,13 @@ srp_new_user(pairing_session_t *session, pairing_t *pairing, const char *device_ } memset(session->srp_user, 0, sizeof(srp_user_t)); strncpy(session->srp_user->username, device_id, SRP_USERNAME_SIZE); - - const unsigned char *srp_b = srp_private_key(pairing); + get_random_bytes(session->srp_private_key, SRP_PRIVATE_KEY_SIZE); + + const unsigned char *srp_b = session->srp_private_key; unsigned char * srp_B; unsigned char * srp_s; unsigned char * srp_v; - int len_b = ED25519_KEY_SIZE; + int len_b = SRP_PRIVATE_KEY_SIZE; int len_B; int len_s; int len_v; @@ -361,8 +356,8 @@ srp_validate_proof(pairing_session_t *session, pairing_t *pairing, const unsigne int len_A, unsigned char *proof, int client_proof_len, int proof_len) { int authenticated = 0; const unsigned char *B = NULL; - const unsigned char *b = srp_private_key(pairing); - int len_b = ED25519_KEY_SIZE; + const unsigned char *b = session->srp_private_key; + int len_b = SRP_PRIVATE_KEY_SIZE; int len_B = 0; int len_K = 0; const unsigned char *session_key = NULL; diff --git a/lib/pairing.h b/lib/pairing.h index 0648cc3..00b116b 100644 --- a/lib/pairing.h +++ b/lib/pairing.h @@ -29,6 +29,7 @@ #define SRP_SHA SRP_SHA1 #define SRP_NG SRP_NG_2048 #define SRP_M2_SIZE 64 +#define SRP_PRIVATE_KEY_SIZE 32 #define GCM_AUTHTAG_SIZE 16 #define SHA512_KEY_LENGTH 64 diff --git a/lib/utils.c b/lib/utils.c index e21ef7f..561e79b 100644 --- a/lib/utils.c +++ b/lib/utils.c @@ -196,60 +196,6 @@ char *utils_pk_to_string(const unsigned char *pk, int pk_len) { return pk_str; } -int -private_key_from_EVP_PKEY_print_private(unsigned char *privkey, int keylen, char *data) { - int count = 0; - unsigned int val; - unsigned int part1 = 0; - int part = 0; - unsigned char start[4] = { 0x20, 0x20, 0x20, 0x20 }; - - /* data must be output of EVP_PKEY_print_private */ - - for (int i = 0; i < strlen(data); i ++ ) { - if (memcmp(data, start, 4)) { - data ++; - } else { - data += 4; - break; - } - } - - int datalen = strlen(data); - for (int i = 0; (count < keylen && i < datalen); i++) { - val = 64; - if ('0' <= *data && *data <= '9') val = *data - '0'; - if ('a' <= *data && *data <= 'f') val = 10 + *data - 'a'; - if ('A' <= *data && *data <= 'F') val = 10 + *data - 'A'; - if (val == 64) { - data++; - continue; - } - part++; - part = part% 2; - switch (part) { - case 1: - part1 = val; - data++; - break; - case 0: - privkey[count] = (unsigned char) (val + (part1 << 4)); - count++; - data++; - break; - default: - break; - } - } - - if (count != keylen) goto error; - - return 0; - error:; - memset(privkey, 0, keylen); - return -1; -} - char *utils_data_to_string(const unsigned char *data, int datalen, int chars_per_line) { assert(datalen >= 0); assert(chars_per_line > 0); diff --git a/lib/utils.h b/lib/utils.h index 447c2cc..671115a 100644 --- a/lib/utils.h +++ b/lib/utils.h @@ -31,5 +31,4 @@ char *utils_data_to_text(const char *data, int datalen); void ntp_timestamp_to_time(uint64_t ntp_timestamp, char *timestamp, size_t maxsize); void ntp_timestamp_to_seconds(uint64_t ntp_timestamp, char *timestamp, size_t maxsize); -int private_key_from_EVP_PKEY_print_private(unsigned char *privkey, int keylen, char *data); #endif