Commit 2bb36c74 authored by Jonas Hundseder's avatar Jonas Hundseder
Browse files

Final Version 1.0 AES CTR does not function

parent 0abad409
BasedOnStyle: WebKit
ColumnLimit: 120
AlignAfterOpenBracket: AlwaysBreak
AlignEscapedNewlines: DontAlign
AllowAllArgumentsOnNextLine: false
AllowAllParametersOfDeclarationOnNextLine: false
AllowShortBlocksOnASingleLine: Empty
AllowShortFunctionsOnASingleLine: None
BinPackArguments: false
BinPackParameters: false
BreakBeforeBinaryOperators: None
BreakBeforeBraces: Allman
MaxEmptyLinesToKeep: 2
PointerAlignment: Right
{
"folders": [
{
"path": "."
}
]
}
\ No newline at end of file
#ifndef MAIN_H
#define MAIN_H
//#define MBEDTLS_CIPHER_MODE_CTR
#endif
\ No newline at end of file
/**
* @file nfc.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for NFC Tag
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing functions to communicate with RFID-RC522 Module
* and to process data from NFC Tag
*/
#ifndef NFC_H
#define NFC_H
//____includes_____________________________________________________________________
#include <MFRC522.h>
#include <mbed.h>
//____defines______________________________________________________________________
#define SMI_SHORT_HASH_LENGTH (3 * 4 - 1)
#define SMI_TAGID_LENGTH 7
#define SMI_TAGIN_LENGTH 1
//____declaration__________________________________________________________________
/**
* @brief Initializes the MFRC522 chip.
* Has to be called once before starting to transact with
* chip
*/
void nfc_init(void);
/**
* @brief Wait for Tag until a new one is detected. Then function
* return
*/
void wait_for_tag();
/**
* @brief Get current UID from NFC tag
* Save it in a global variable
* @param global \p bufferID : the global param from typ \p uint8_t array with \c 8 item
* It is no return or transfer param
*/
void get_UID();
/**
* @brief This function reads one SHA256 digests from tag
* (Caution: only \c 11 bytes per digest is stored)
* Additional it reads each index per digest, total \c 12 bytes are stored
* \c 12 bytes are stored in 3 blocks ( \c 4 bytes per block )
*
* @param block_nr starting block number for one digest
* @param in array of length \c 64 bytes to save index values
* @param nr offset for index array. get array position, where index has to be saved
* @param hash array of length \c 11 bytes, to save short digest
*/
void nfc_read_index_hash_set(uint8_t block_nr, uint8_t in[], uint8_t nr, uint8_t hash[SMI_SHORT_HASH_LENGTH]);
/**
* @brief compare to arrays with hash values
* arrays have to has a length of \c 11 bytes
*
* @param hash_table pointer to hash value stored in hash_table (hash from tag)
* @param hash_snippet pointer to hash value from snippet, got from server request
* @return \p uint8_t return \c 1 if hash are equal, else \c 0
*/
uint8_t is_hash_equal(uint8_t *hash_table, uint8_t *hash_snippet);
/**
* @brief Create a data snippets message filled with tag ID and index nr
* this data has to be send to server to get snippet
* @param data pointer to data for snippet message
* @param bufferId pointer to tag ID
* @param bufferIn pointer to index number of digest
*/
void create_data_snippets(uint8_t *data, uint8_t *bufferId, uint8_t *bufferIn);
/**
* @brief This function reads complete data from tag
* Reads a total of \c 64 such index-hash datasets ( \c 768 bytes)
* calls function \p nfc_read_index_has_set within a for loop for each dataset
*/
void nfc_read_hash_table(void);
#endif // NFC_H
\ No newline at end of file
/**
* @file ownAes.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for AES crypotgraphy
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing functions to operate a AES cryptography for
* safe communication with server after exchange AES key with RSA
*
*/
#ifndef OWNAES_H
#define OWNAES_H
//____includes_____________________________________________________________________
#include <mbed.h>
//____declaration__________________________________________________________________
/**
* @brief performs a AES CTR encryption or decryption (both are the same)
* abstract mbed_tls function which do the same
*
* @param length length of data which has to be enc or dec in \p bytes
* @param data pointer to data which hast be enc or dec
* @param data_enc pointer to output data, which is enc or dec
*/
void aes_crypt_ctr(size_t length, uint8_t *data, uint8_t *data_enc);
/**
* @brief Create a data snippets enc message
* function use \c create_data_snippets to create normal message to get snippets
* and encode it with AES CTR encryption
* @param bufferId pointer to Tag ID
* @param bufferIn pointer to index nr
* @param data pointer to allocaded memory for normal data
* @param data_enc pointer to allocaded memory for encoded snippets data
*/
void create_data_snippets_enc(uint8_t *bufferId, uint8_t *bufferIn, uint8_t *data, uint8_t *data_enc);
/**
* @brief Get the enc client half aes key and safe it to global variable
*
* @param global \p client_half_aes_key , \c uint8_t array for client half aes key, length \c 16 bytes
*/
void get_enc_client_half_aes_key(void);
/**
* @brief Get the final aes key:
* send client half aes key to server (RSA enc)
* get server half aes key from server (RSA enc) and decode it
* calculate final aes key as result of XOR from both
*
* @param aes_key array output for final aes key, have to be the length of \c 16 bytes
*/
void get_final_aes_key(uint8_t aes_key[16]);
/**
* @brief test if AES key exchange was successfully completed
* send AES encryped data to server, server decryped it and encryped it again
* server send data back and client decyrped again
* print the final result, which has to be the same at the beginning
*
* @param aes_key key which is used for AES CTR cryptopraphy
*/
void test_aesKey(uint8_t aes_key[16]);
/**
* @brief initialize \p aesctx and set key to \p aes_key
* set \p nonce_counter \p nc_off \p streamblock to starting values (all \c 0 )
* need to be called at the beginning of an CTR session only once
* @param aes_key array for AES CTR session
*/
void aes_ctr_init(uint8_t aes_key[16]);
/**
* @brief delete \p aesctx and release memory
*
*/
void free_aes(void);
#endif // OWNAES_H
\ No newline at end of file
/**
* @file ownRsa.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for RSA crypotgraphy
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing functions to operate a RSA cryptography for
* safe communication with server to exchange AES key safely
*
*/
#ifndef OWNRSA_H
#define OWNRSA_H
//____includes_____________________________________________________________________
#include <hal/trng_api.h>
#include <mbed.h>
#include <rsa.h>
//____declaration__________________________________________________________________
/**
* @brief generate RSA keypair with public modulus N, private exponed E and private exponend D
* safe it to an rsa context
* key length is \c 2048 bit
*
* @param rngc TRNG structure for random number generation
* @return mbedtls_rsa_context generated RSA context with calculated key pair
*/
mbedtls_rsa_context generate_rsa_key(trng_t *rngc);
/**
* @brief function inizialize TRNG context for random numbers and
* function call \p generate_rsa_key
* convert client modulus N an \p uint8_t array
* safe it to an global variable
*
*@param global global param \p buffer_modulus_client with length \c 258 bytes
*/
void create_client_modulus(void);
/**
* @brief Get the public modulus server by server request
* and init RSA context for server, save modulus to this context
*
*/
void get_modulus_server(void);
#endif // OWNRSA_H
/**
* @file printHex.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for print hex values
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing function to print hex values
*
*
*/
#ifndef PRINTHEX_H
#define PRINTHEX_H
//____includes_____________________________________________________________________
#include <mbed.h>
//____declaration__________________________________________________________________
/**
* @brief function print byte arry in hex values
*
* @param Byte pointer to input byte array
* @param size size of byte array
*/
void printfhex(uint8_t Byte[], size_t size);
#endif // PRINTHEX_H
\ No newline at end of file
/**
* @file randNum.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for generate random numbers
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing functions to generate random numbers
*
*
*/
#ifndef RANDNUM_H
#define RANDNUM_H
//____includes_____________________________________________________________________
#include <mbed.h>
//____declaration__________________________________________________________________
/**
* @brief get random number with \p trng_get_bytes
* init trng struct
*
* @param number pointer to output including generated random number
*/
void random_numbers(uint8_t number[16]);
/**
* @brief get random number with \p trng_get_bytes
* does not init trng struct, has to be input param to this function
* interface for input in mbedtls RSA enc/dec function
* @param rngctx TRNG contex, which has to be initialized
* @param buffer buffer for output data
* @param length length of buffer
* @return int return \c 0 on success, else \c -1
*/
int crypto_trng_generate(void *rngctx, uint8_t *buffer, size_t length);
#endif // RANDNUM_H
\ No newline at end of file
/**
* @file snippets.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for get snippets
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing functions to get snippets from server and solve puzzel
* one function without cryptography, and one with cryptography
*
*/
#ifndef SNIPPETS_H
#define SNIPPETS_H
//____includes_____________________________________________________________________
#include <mbed.h>
//____declaration__________________________________________________________________
/**
* @brief get snippets from server by calling various function
* be aware of calling important functions to connect wifi, get UID, get hash table before
* solve puzzel and send solve message to server
*
*/
void get_solve_snippets(void);
/**
* @brief get AES encoded snippets from server by calling various function
* be aware of calling important functions to connect wifi, get UID, get hash table before
* it is necessary to exchange AES key with RSA before calling this function
*
*/
void get_solve_snippets_aesctr(void);
#endif // SNIPPETS_H
\ No newline at end of file
/**
* @file wifi.h
* @author Jonas Hundseder (jonas.hundseder@hs-augsburg.de)
* @brief Header for wifi connection and server request
* @version 1.0
* @date 2021-11-24
*
* @copyright Copyright (c) 2021
*
* Company: Hochschule Augsburg
*
* Header containing functions to connect to wifi and create various request
* to server. Also function to get response data and handle it
*
*
*/
#ifndef WIFI_H
#define WIFI_H
//____includes_____________________________________________________________________
#include <http_request.h>
#include <mbed.h>
//____declaration__________________________________________________________________
/**
* @brief connect to current wifi
*
*/
void connect_wifi(void);
/**
* @brief Create a request getsnippet object to get snippets from server
*
* @return HttpRequest return request object
*/
HttpRequest create_request_getsnippet(void);
/**
* @brief Create a request solve object to send a solve request to server
*
* @return HttpRequest return request object
*/
HttpRequest create_request_solve(void);
/**
* @brief Create a request aesctr solve object to send a solve request
* to server AES CTR encryped
*
* @return HttpRequest return request object
*/
HttpRequest create_request_aesctr_solve(void);
/**
* @brief Create a request aesctr getsnippet object to get snippets from server
* with AES CTR encryped
*
* @return HttpRequest return request object
*/
HttpRequest create_request_aesctr_getsnippet(void);
/**
* @brief Create a request public key object to get the public modulus from server
*
* @return HttpRequest return request object
*/
HttpRequest create_request_public_key(void);
/**
* @brief Create a request client aes object to send the client half aes key to server
* and to get server half aes key
*
* @return HttpRequest return request object
*/
HttpRequest create_request_client_aes(void);
/**
* @brief Create a request test exKey object to send random data encoded with final AES
* key to server and get encoded with AES key from server (same data send and get)
*
* @return HttpRequest return request object
*/
HttpRequest create_request_test_exKey(void);
/**
* @brief send generated request solve with data to server
* create data to send to server with \p uid and \p hash_equal_index
*
* @param request generated request with \p create_request_solve
* @param uid pointer to Tag UID
* @param hash_equal_index pointer to hash_equal_index array, with correct order of snippet index
*/
void send_request_solve(HttpRequest *request, uint8_t *uid, uint8_t *hash_equal_index);
/**
* @brief send generated request solve with data to server
* create data to send to server with \p uid and \p hash_equal_index
* encryped data to send with final AES Key and \p aesctx
* \p aesctx has to be inizialized
*
* @param request generated request with \p create_request_aesctr_solve
* @param uid pointer to Tag UID
* @param hash_equal_index pointer to hash_equal_index array, with correct order of snippet index
* @param aesctx actual context to encryped and decryped data to send
*/
void send_request_aesctr_solve(
HttpRequest *request,
uint8_t *uid,
uint8_t *hash_equal_index,
mbedtls_aes_context *aesctx);
/**
* @brief send generated request getsnippets with data to server
* create data to send to server with \p bufferId and \p bufferIn
*
* @param request generated request with \p create_request_getsnippets
* @param bufferId buffer for Tag ID
* @param bufferIn buffer for index number
* @return HttpResponse* pointer to response structure, containing response data (hash snippets) send by
* server
*/
HttpResponse *send_request_snippet(HttpRequest request, uint8_t *bufferId, uint8_t *bufferIn);
/**
* @brief send generated request getsnippets with data to server
* create data to send to server with \p bufferId and \p bufferIn
* encyrped data to send with final AES key and \p aesctx
* \p aesctx has to be inizialized
*
* @param request generated request with \p create_request_aesctr_getsnippets
* @param bufferId buffer for Tag ID
* @param bufferIn buffer for index number
* @param aesctx actual context to encryped and decryped data to send
* @return HttpResponse* pointer to response structure, containing response data (hash snippets enc) send
* by server
*/
HttpResponse *
send_request_aesctr_snippet(HttpRequest request, uint8_t *bufferId, uint8_t *bufferIn, mbedtls_aes_context *aesctx);
/**
* @brief send generated request with data to server and get the response data
*
* @param request generated request with \p create_request_test_exKey
* @param data pointer to data which es enc with AES CTR and final AES Key
* @param respon_data ponter to output data, which contains response data from server encoded
*/
void send_request_test_exKey(HttpRequest *request, uint8_t data[32], uint8_t respon_data[32]);
/**
* @brief send generated request without data to server to get public modulus from server
*
* @param request generated request with \p create_request_public_key
* @param public_key pointer to output data, which contains public key, must have a length of \c 256
* bytes
*/
void send_request_public_key(HttpRequest *request, uint8_t public_key[256]);
/**
* @brief send generated request with data to server to tell them
* client half aes key and to get server half aes key
*
* @param request generated request with \p create_request_client_aes
* @param client_half_aes_key_enc random number for client half aes key, key have to be encoded with RSA
* @param server_half_aes_key_enc output data, contains server half aes key, encoded with RSA
*/
void send_request_client_aes(
HttpRequest *request,
uint8_t client_half_aes_key_enc[256],
uint8_t server_half_aes_key_enc[256]);
/**
* @brief send generated request with data to server to tell them
* client public modulus
*
* @param buffer input data, contain public modulus, must have a length of \c 256 byte
*/
void send_client_modulus(uint8_t buffer[256]);
#endif // WIFI_H
\ No newline at end of file
......@@ -17,7 +17,11 @@ build_type = release
lib_deps =
https://gitlab.elektrotechnik.hs-augsburg.de/hackenbs/mbed-http.git
https://gitlab.elektrotechnik.hs-augsburg.de/hackenbs/mbed-mfrc522.git
https://gitlab.elektrotechnik.hs-augsburg.de/hackenbs/mbed-logger.git
debug_load_mode = manual
monitor_speed = 115200
monitor_flags = --raw
build_flags =
-DLOG_LEVEL_INFO
-DLOG_LEVEL_DEBUG
[env:smi]
\ No newline at end of file
#include <mbed.h>
#include <MFRC522.h>
#include <http_request.h>
#include <sha256.h>
#include <hal/trng_api.h>
#include <rsa.h>
#include <aes.h>
#include "main.h"
#define SMI_SHORT_HASH_LENGTH (3*4-1)
#define SMI_TAGID_LENGTH 7
#define SMI_TAGIN_LENGTH 1
#define TEST_WIFI_CONNECTION(value) (if((value) != NSAPI_ERROR_OK) exit())
uint8_t block [64][SMI_SHORT_HASH_LENGTH];
uint8_t bufferID[SMI_TAGID_LENGTH + 1];
HttpResponse *response;
uint8_t hash_snippet[32] = {0};
uint8_t hash_equal_index[64] = {0};
uint8_t buffer[256] = {0};
uint8_t public_key_server[256] = {0};
uint8_t *index_hash = (uint8_t *) malloc(64);
uint8_t *sn = (uint8_t*) malloc(4500);
uint8_t bufferCM[256] = {0};
uint8_t our_half_aes_key_enc[256] = {0};
uint8_t server_half_aes_key_enc[256] = {0};
mbedtls_rsa_context rsactx_client;
mbedtls_rsa_context rsactx_server;
uint8_t our_half_aes_key_buffer[256] = {0};
size_t nc_off = 0;
uint8_t nonce_counter[16] = {0};
uint8_t stream_block[16] = {0};
void wait_for_tag(MFRC522* nfc)
{
bool result = false;
printf("Wait for Tag\n");
while(result != true)
{
result = nfc->PICC_IsNewCardPresent();
}
printf("Get new Tag\n");
}
void printfhex(uint8_t Byte[], size_t size)
{
for (size_t