summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjaseg <git@jaseg.net>2018-11-08 16:35:31 +0900
committerjaseg <git@jaseg.net>2018-11-08 16:35:31 +0900
commit333d94bf9f1b4e4c83a125342dd20fea62589057 (patch)
tree7a7b5e785e4f9282c58002ff23c44b5599b4c222
parent050d49a56bc54c78c3fc1f4f125b09634d6c5b83 (diff)
downloadsecure-hid-333d94bf9f1b4e4c83a125342dd20fea62589057.tar.gz
secure-hid-333d94bf9f1b4e4c83a125342dd20fea62589057.tar.bz2
secure-hid-333d94bf9f1b4e4c83a125342dd20fea62589057.zip
Noise handshake working
-rwxr-xr-xhexnoise.py82
-rw-r--r--src/demo.c21
-rw-r--r--src/rand_stm32.c2
-rw-r--r--src/rand_stm32.h2
4 files changed, 98 insertions, 9 deletions
diff --git a/hexnoise.py b/hexnoise.py
new file mode 100755
index 0000000..b092bb3
--- /dev/null
+++ b/hexnoise.py
@@ -0,0 +1,82 @@
+#!/usr/bin/env python3
+
+import time
+import string
+
+from cobs import cobs
+
+def _print_line(write, ts, line, width=16):
+ h,m,s,ms = int(ts//3600), int((ts//60)%60), int(ts%60), int((ts%1.0) * 1000)
+ timestamp = f'{h: 3d}:{m:02d}:{s:02d}:{ms:03d}'
+ line = list(line) + [None]*(width-len(line))
+ hexcol = '\033[94m'
+ col = lambda b, s: s if b != 0 else f'\033[91m{s}{hexcol}'
+ hexfmt = ' '.join(
+ ' '.join(col(b, f'{b:02x}') if b is not None else ' ' for b in line[i*8:i*8+8])
+ for i in range(1 + (len(line)-1)//8))
+ asciifmt = ''.join(chr(c) if c is not None and chr(c) in string.printable else '.' for c in line)
+ write(f'\033[38;5;244m{timestamp} {hexcol}{hexfmt} \033[38;5;244m|\033[92m{asciifmt}\033[38;5;244m|\033[0m', flush=True, end='')
+
+startup = time.time()
+
+def hexdump(write, packet, width=16):
+ ts = time.time()
+ while len(packet) > width:
+ chunk, packet = packet[:width], packet[width:]
+ _print_line(write, ts-startup, chunk, width=width)
+ write()
+ _print_line(write, ts-startup, packet, width=width)
+ write()
+
+def send_packet(ser, data, width=16):
+ encoded = cobs.encode(data) + b'\0'
+ print(f'\033[93mSending {len(data)} bytes\033[0m')
+ hexdump(print, encoded, width)
+ ser.write(encoded)
+ ser.flushOutput()
+
+def receive_packet(ser, width=16):
+ packet = ser.read_until(b'\0')
+ data = cobs.decode(packet[:-1])
+ print(f'\033[93mReceived {len(data)} bytes\033[0m')
+ hexdump(print, data, width)
+ return data
+
+if __name__ == '__main__':
+ import argparse
+ import serial
+
+ parser = argparse.ArgumentParser()
+ parser.add_argument('serial')
+ parser.add_argument('baudrate')
+ parser.add_argument('-w', '--width', type=int, default=16, help='Number of bytes to display in one line')
+ args = parser.parse_args()
+
+ ser = serial.Serial(args.serial, args.baudrate)
+
+ from noise.connection import NoiseConnection, Keypair
+
+ STATIC_LOCAL = bytes([
+ 0xbb, 0xdb, 0x4c, 0xdb, 0xd3, 0x09, 0xf1, 0xa1,
+ 0xf2, 0xe1, 0x45, 0x69, 0x67, 0xfe, 0x28, 0x8c,
+ 0xad, 0xd6, 0xf7, 0x12, 0xd6, 0x5d, 0xc7, 0xb7,
+ 0x79, 0x3d, 0x5e, 0x63, 0xda, 0x6b, 0x37, 0x5b
+ ])
+
+ proto = NoiseConnection.from_name(b'Noise_XX_25519_ChaChaPoly_BLAKE2s')
+ proto.set_as_initiator()
+ proto.set_keypair_from_private_bytes(Keypair.STATIC, STATIC_LOCAL)
+ proto.start_handshake()
+ print('\033[91mHandshake started\033[0m')
+
+ while True:
+ if proto.handshake_finished:
+ break
+ send_packet(ser, proto.write_message(), args.width)
+
+ if proto.handshake_finished:
+ break
+ proto.read_message(receive_packet(ser, args.width))
+ print('Handshake finished, handshake hash:')
+ hexdump(print, proto.get_handshake_hash(), args.width)
+
diff --git a/src/demo.c b/src/demo.c
index a4debe5..d39d145 100644
--- a/src/demo.c
+++ b/src/demo.c
@@ -175,7 +175,7 @@ volatile struct {
struct dma_usart_file usart2_out_s = {
.usart = USART2,
- .baudrate = 1000000,
+ .baudrate = 115200,
.dma = DMA1,
.stream = 6,
.channel = 4,
@@ -298,6 +298,8 @@ int main(void)
cobs_decode_incremental_initialize(&host_cobs_state);
usart_enable_rx_interrupt(USART2);
nvic_enable_irq(NVIC_USART2_IRQ);
+ nvic_set_priority(NVIC_USART2_IRQ, 3<<4);
+ nvic_set_priority(debug_out_s.irqn, 1<<4);
LOG_PRINTF("\n==================================\n");
LOG_PRINTF("SecureHID device side initializing\n");
@@ -329,14 +331,9 @@ int main(void)
if (!handshake)
LOG_PRINTF("Error starting protocol handshake.\n");
- int i = 0, j = 0;
while (23) {
usbh_poll(tim6_get_time_us());
delay_ms_busy_loop(1); /* approx 1ms interval between usbh_poll() */
- if (i++ == 1000) {
- i = 0;
- LOG_PRINTF("Loop iteration %d\n", 1000*(j++));
- }
if (handshake) {
#define MAX_MESSAGE_LEN 256
@@ -364,6 +361,7 @@ int main(void)
noise_handshakestate_free(handshake);
handshake = NULL;
}
+ host_packet_length = 0; /* Acknowledge to USART ISR the buffer has been handled */
}
break;
@@ -371,7 +369,16 @@ int main(void)
if (noise_handshakestate_split(handshake, &tx_cipher, &rx_cipher) != NOISE_ERROR_NONE) {
LOG_PRINTF("Error splitting handshake state\n");
} else {
- LOG_PRINTF("Noise protocol handshake completed successfully\n");
+ LOG_PRINTF("Noise protocol handshake completed successfully, handshake hash:\n");
+ uint8_t buf[BLAKE2S_HASH_SIZE];
+ if (noise_handshakestate_get_handshake_hash(handshake, buf, sizeof(buf)) != NOISE_ERROR_NONE) {
+ LOG_PRINTF("Error fetching noise handshake state\n");
+ } else {
+ LOG_PRINTF(" ");
+ for (int i=0; i<sizeof(buf); i++)
+ LOG_PRINTF("%02x ", buf[i]);
+ LOG_PRINTF("\n");
+ }
}
noise_handshakestate_free(handshake);
diff --git a/src/rand_stm32.c b/src/rand_stm32.c
index 862587c..03aa98f 100644
--- a/src/rand_stm32.c
+++ b/src/rand_stm32.c
@@ -46,8 +46,6 @@
#include "crypto/noise-c/src/protocol/internal.h"
#include "crypto/noise-c/src/crypto/blake2/blake2s.h"
-#define BLAKE2S_HASH_SIZE 32
-
/* FIXME persist state in backup sram */
extern unsigned _ram_start, _ram_end, _rom_start, _rom_end;
static uint8_t global_stm_rand_state[BLAKE2S_HASH_SIZE];
diff --git a/src/rand_stm32.h b/src/rand_stm32.h
index 6f9ba3d..3e89ec3 100644
--- a/src/rand_stm32.h
+++ b/src/rand_stm32.h
@@ -4,6 +4,8 @@
#include <stdint.h>
#include <unistd.h>
+#define BLAKE2S_HASH_SIZE 32
+
void rand_init(void);
#endif