int ret;
char *secret = NULL;
size_t secret_len;
+ char *temp_material = NULL;
+ size_t temp_material_len;
char *key_material = NULL;
+ size_t key_material_len;
+ char *iv_material = NULL;
+ size_t iv_material_len;
yaca_key_h private_key = YACA_KEY_NULL;
yaca_key_h public_key = YACA_KEY_NULL;
yaca_key_h params = YACA_KEY_NULL;
yaca_key_h aes_key = YACA_KEY_NULL;
+ yaca_key_h iv = YACA_KEY_NULL;
ret = yaca_key_extract_parameters(pkey, ¶ms);
if (ret != YACA_ERROR_NONE)
if (ret != YACA_ERROR_NONE)
goto exit;
+ key_material_len = YACA_KEY_LENGTH_192BIT / 8;
+ iv_material_len = YACA_KEY_LENGTH_IV_128BIT / 8;
+ temp_material_len = key_material_len + iv_material_len;
ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len,
- NULL, 0, YACA_KEY_LENGTH_192BIT, &key_material);
+ NULL, 0, temp_material_len, &temp_material);
+
if (ret != YACA_ERROR_NONE)
goto exit;
- ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, YACA_KEY_LENGTH_192BIT,
- &aes_key);
+ key_material = temp_material;
+ iv_material = temp_material + key_material_len;
+
+ ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, key_material_len, &aes_key);
+ if (ret != YACA_ERROR_NONE)
+ goto exit;
+
+ ret = yaca_key_import(YACA_KEY_TYPE_IV, NULL, iv_material, iv_material_len, &iv);
if (ret != YACA_ERROR_NONE)
goto exit;
dump_hex(secret, secret_len, "\n***** Peer Secret: *****");
- dump_hex(key_material, YACA_KEY_LENGTH_192BIT, "\n***** Peer AES key: *****");
+ dump_hex(key_material, key_material_len, "\n***** Peer AES key: *****");
+ dump_hex(iv_material, iv_material_len, "\n***** Peer IV: *****");
exit:
yaca_key_destroy(private_key);
yaca_key_destroy(params);
yaca_key_destroy(aes_key);
+ yaca_key_destroy(iv);
yaca_free(secret);
- yaca_free(key_material);
+ yaca_free(temp_material);
return public_key;
}
-void key_exchange_dh_standard_parameters(void)
+void key_derivation(const yaca_key_h private_key)
{
int ret;
char *secret = NULL;
size_t secret_len;
+ char *temp_material = NULL;
+ size_t temp_material_len;
char *key_material = NULL;
+ size_t key_material_len;
+ char *iv_material = NULL;
+ size_t iv_material_len;
- yaca_key_h private_key = YACA_KEY_NULL;
yaca_key_h public_key = YACA_KEY_NULL;
yaca_key_h peer_key = YACA_KEY_NULL;
yaca_key_h aes_key = YACA_KEY_NULL;
-
- printf("\n***** Diffie Hellman key exchange with standard DH parameters *****");
-
- /* generate private, public key */
- ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &private_key);
- if (ret != YACA_ERROR_NONE)
- goto exit;
+ yaca_key_h iv = YACA_KEY_NULL;
ret = yaca_key_extract_public(private_key, &public_key);
if (ret != YACA_ERROR_NONE)
if (ret != YACA_ERROR_NONE)
goto exit;
+ key_material_len = YACA_KEY_LENGTH_192BIT / 8;
+ iv_material_len = YACA_KEY_LENGTH_IV_128BIT / 8;
+ temp_material_len = key_material_len + iv_material_len;
ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len,
- NULL, 0, YACA_KEY_LENGTH_192BIT, &key_material);
- if (ret != YACA_ERROR_NONE)
- goto exit;
-
- ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, YACA_KEY_LENGTH_192BIT,
- &aes_key);
- if (ret != YACA_ERROR_NONE)
- goto exit;
-
- dump_hex(secret, secret_len, "\n***** My Secret: *****");
- dump_hex(key_material, YACA_KEY_LENGTH_192BIT, "\n***** My AES key: *****");
-
-exit:
- yaca_key_destroy(private_key);
- yaca_key_destroy(public_key);
- yaca_key_destroy(peer_key);
- yaca_key_destroy(aes_key);
- yaca_free(secret);
- yaca_free(key_material);
-}
-
-void key_exchange_dh_generated_parameters(void)
-{
- int ret;
- char *secret = NULL;
- size_t secret_len;
- char *key_material = NULL;
-
- yaca_key_h params = YACA_KEY_NULL;
- yaca_key_h private_key = YACA_KEY_NULL;
- yaca_key_h public_key = YACA_KEY_NULL;
- yaca_key_h peer_key = YACA_KEY_NULL;
- yaca_key_h aes_key = YACA_KEY_NULL;
-
- printf("\n***** Diffie Hellman key exchange with parameters generation *****");
+ NULL, 0, temp_material_len, &temp_material);
- /* generate parameters */
- ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS,
- YACA_KEY_LENGTH_DH_GENERATOR_2 | 1024, ¶ms);
if (ret != YACA_ERROR_NONE)
goto exit;
- /* generate private, public key */
- ret = yaca_key_generate_from_parameters(params, &private_key);
- if (ret != YACA_ERROR_NONE)
- goto exit;
+ key_material = temp_material;
+ iv_material = temp_material + key_material_len;
- ret = yaca_key_extract_public(private_key, &public_key);
+ ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, key_material_len, &aes_key);
if (ret != YACA_ERROR_NONE)
goto exit;
- /* get peer public key */
- peer_key = exchange_keys(public_key);
- if (peer_key == YACA_KEY_NULL)
- goto exit;
-
- /* derive secret */
- ret = yaca_key_derive_dh(private_key, peer_key, &secret, &secret_len);
- if (ret != YACA_ERROR_NONE)
- goto exit;
-
- ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len,
- NULL, 0, YACA_KEY_LENGTH_192BIT, &key_material);
- if (ret != YACA_ERROR_NONE)
- goto exit;
-
- ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, YACA_KEY_LENGTH_192BIT,
- &aes_key);
+ ret = yaca_key_import(YACA_KEY_TYPE_IV, NULL, iv_material, iv_material_len, &iv);
if (ret != YACA_ERROR_NONE)
goto exit;
dump_hex(secret, secret_len, "\n***** My Secret: *****");
- dump_hex(key_material, YACA_KEY_LENGTH_192BIT, "\n***** My AES key: *****");
+ dump_hex(key_material, key_material_len, "\n***** My AES key: *****");
+ dump_hex(iv_material, iv_material_len, "\n***** My IV: *****");
exit:
- yaca_key_destroy(params);
- yaca_key_destroy(private_key);
yaca_key_destroy(public_key);
yaca_key_destroy(peer_key);
yaca_key_destroy(aes_key);
+ yaca_key_destroy(iv);
yaca_free(secret);
- yaca_free(key_material);
+ yaca_free(temp_material);
}
-void key_exchange_ecdh(void)
+int main()
{
- int ret;
- char *secret = NULL;
- size_t secret_len;
- char *key_material = NULL;
-
- yaca_key_h private_key = YACA_KEY_NULL;
- yaca_key_h public_key = YACA_KEY_NULL;
- yaca_key_h peer_key = YACA_KEY_NULL;
- yaca_key_h aes_key = YACA_KEY_NULL;
-
- printf("\n***** Elliptic Curve Diffie Hellman key exchange *****");
-
- /* generate private, public key */
- ret = yaca_key_generate(YACA_KEY_TYPE_EC_PRIV, YACA_KEY_LENGTH_EC_PRIME256V1, &private_key);
- if (ret != YACA_ERROR_NONE)
- goto exit;
-
- ret = yaca_key_extract_public(private_key, &public_key);
- if (ret != YACA_ERROR_NONE)
- goto exit;
+ yaca_debug_set_error_cb(debug_func);
- /* get peer public key */
- peer_key = exchange_keys(public_key);
- if (peer_key == YACA_KEY_NULL)
- goto exit;
+ yaca_key_h ecdh_key = YACA_KEY_NULL;
+ yaca_key_h dh_params = YACA_KEY_NULL;
+ yaca_key_h dh_key_from_params = YACA_KEY_NULL;
+ yaca_key_h dh_key = YACA_KEY_NULL;
- /* derive secret */
- ret = yaca_key_derive_dh(private_key, peer_key, &secret, &secret_len);
+ int ret = yaca_initialize();
if (ret != YACA_ERROR_NONE)
- goto exit;
+ return ret;
- ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len,
- NULL, 0, YACA_KEY_LENGTH_192BIT, &key_material);
- if (ret != YACA_ERROR_NONE)
- goto exit;
+ printf("\n***** Elliptic Curve Diffie Hellman key exchange and key/iv derivation *****");
+ {
+ ret = yaca_key_generate(YACA_KEY_TYPE_EC_PRIV, YACA_KEY_LENGTH_EC_PRIME256V1, &ecdh_key);
+ if (ret != YACA_ERROR_NONE)
+ goto exit;
- ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, YACA_KEY_LENGTH_192BIT,
- &aes_key);
- if (ret != YACA_ERROR_NONE)
- goto exit;
+ key_derivation(ecdh_key);
+ }
- dump_hex(secret, secret_len, "\n***** My Secret: *****");
- dump_hex(key_material, YACA_KEY_LENGTH_192BIT, "\n***** My AES key: *****");
+ printf("\n***** Diffie Hellman Diffie Hellman key exchange and key/iv derivation *****");
+ {
+ ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS,
+ YACA_KEY_LENGTH_DH_GENERATOR_2 | 1024, &dh_params);
+ if (ret != YACA_ERROR_NONE)
+ goto exit;
-exit:
- yaca_key_destroy(private_key);
- yaca_key_destroy(public_key);
- yaca_key_destroy(peer_key);
- yaca_key_destroy(aes_key);
- yaca_free(secret);
- yaca_free(key_material);
-}
+ ret = yaca_key_generate_from_parameters(dh_params, &dh_key_from_params);
+ if (ret != YACA_ERROR_NONE)
+ goto exit;
-int main()
-{
- yaca_debug_set_error_cb(debug_func);
+ key_derivation(dh_key_from_params);
+ }
- int ret = yaca_initialize();
- if (ret != YACA_ERROR_NONE)
- return ret;
+ printf("\n***** Diffie Hellman Diffie Hellman key exchange and key/iv derivation *****");
+ {
+ ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &dh_key);
+ if (ret != YACA_ERROR_NONE)
+ goto exit;
- key_exchange_dh_standard_parameters();
- key_exchange_dh_generated_parameters();
- key_exchange_ecdh();
+ key_derivation(dh_key);
+ }
+exit:
+ yaca_key_destroy(ecdh_key);
+ yaca_key_destroy(dh_params);
+ yaca_key_destroy(dh_key_from_params);
+ yaca_key_destroy(dh_key);
yaca_cleanup();
+
return ret;
}
projects / platform / core / security / yaca.git / commitdiff