diff --git a/programs/.gitignore b/programs/.gitignore index d19162de1..30489bed0 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -9,9 +9,7 @@ hash/hello hash/md5sum hash/sha1sum hash/sha2sum -pkey/dh_client pkey/dh_genprime -pkey/dh_server pkey/ecdsa pkey/ecdh_curve25519 pkey/gen_key diff --git a/programs/Makefile b/programs/Makefile index 1df2cb19f..58358e5d9 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -49,8 +49,7 @@ endif APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \ - pkey/dh_client$(EXEXT) \ - pkey/dh_genprime$(EXEXT) pkey/dh_server$(EXEXT) \ + pkey/dh_genprime$(EXEXT) \ pkey/ecdh_curve25519$(EXEXT) \ pkey/ecdsa$(EXEXT) pkey/gen_key$(EXEXT) \ pkey/key_app$(EXEXT) pkey/key_app_writer$(EXEXT) \ @@ -123,18 +122,10 @@ hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP) echo " CC hash/generic_sum.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP) - echo " CC pkey/dh_client.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP) echo " CC pkey/dh_genprime.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP) - echo " CC pkey/dh_server.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP) echo " CC pkey/ecdh_curve25519.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index eb25a7f69..6dd7f7109 100644 --- a/programs/README.md +++ b/programs/README.md @@ -44,8 +44,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu ### Diffie-Hellman key exchange examples -* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key. - * [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement. ### Bignum (`mpi`) usage examples diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index 5a37a4212..944a100a2 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -1,12 +1,6 @@ -add_executable(dh_client dh_client.c) -target_link_libraries(dh_client mbedtls) - add_executable(dh_genprime dh_genprime.c) target_link_libraries(dh_genprime mbedtls) -add_executable(dh_server dh_server.c) -target_link_libraries(dh_server mbedtls) - add_executable(ecdh_curve25519 ecdh_curve25519.c) target_link_libraries(ecdh_curve25519 mbedtls) @@ -58,6 +52,6 @@ target_link_libraries(pk_encrypt mbedtls) add_executable(pk_decrypt pk_decrypt.c) target_link_libraries(pk_decrypt mbedtls) -install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key +install(TARGETS dh_genprime key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c deleted file mode 100644 index 1dce31aa7..000000000 --- a/programs/pkey/dh_client.c +++ /dev/null @@ -1,325 +0,0 @@ -/* - * Diffie-Hellman-Merkle key exchange (client side) - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) -#include "mbedtls/net_sockets.h" -#include "mbedtls/aes.h" -#include "mbedtls/dhm.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" - -#include -#include -#endif - -#define SERVER_NAME "localhost" -#define SERVER_PORT "11999" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -int main( void ) -{ - FILE *f; - - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; - mbedtls_net_context server_fd; - - unsigned char *p, *end; - unsigned char buf[2048]; - unsigned char hash[32]; - const char *pers = "dh_client"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_rsa_context rsa; - mbedtls_dhm_context dhm; - mbedtls_aes_context aes; - - mbedtls_net_init( &server_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - /* - * 1. Setup the RNG - */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - /* - * 2. Read the server's public RSA key - */ - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); - - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); - goto exit; - } - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); - goto exit; - } - - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; - - fclose( f ); - - /* - * 3. Initiate the connection - */ - mbedtls_printf( "\n . Connecting to tcp/%s/%s", SERVER_NAME, - SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - /* - * 4a. First get the buffer length - */ - mbedtls_printf( "\n . Receiving the server's DH parameters" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - n = buflen = ( buf[0] << 8 ) | buf[1]; - if( buflen < 1 || buflen > sizeof( buf ) ) - { - mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" ); - goto exit; - } - - /* - * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P - */ - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - p = buf, end = buf + buflen; - - if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret ); - goto exit; - } - - if( dhm.len < 64 || dhm.len > 512 ) - { - mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); - goto exit; - } - - /* - * 5. Check that the server's RSA signature matches - * the SHA-256 hash of (P,G,Ys) - */ - mbedtls_printf( "\n . Verifying the server's RSA signature" ); - fflush( stdout ); - - p += 2; - - if( ( n = (size_t) ( end - p ) ) != rsa.len ) - { - mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); - goto exit; - } - - if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); - goto exit; - } - - /* - * 6. Send our public value: Yc = G ^ Xc mod P - */ - mbedtls_printf( "\n . Sending own public value to server" ); - fflush( stdout ); - - n = dhm.len; - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - /* - * 7. Derive the shared secret: K = Ys ^ Xc mod P - */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); - - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); - goto exit; - } - - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); - - /* - * 8. Setup the AES-256 decryption key - * - * This is an overly simplified example; best practice is - * to hash the shared secret with a random value to derive - * the keying material for the encryption/decryption keys, - * IVs and MACs. - */ - mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" ); - fflush( stdout ); - - mbedtls_aes_setkey_dec( &aes, buf, 256 ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf ); - buf[16] = '\0'; - mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_net_free( &server_fd ); - - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && - MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c deleted file mode 100644 index a797e6070..000000000 --- a/programs/pkey/dh_server.c +++ /dev/null @@ -1,348 +0,0 @@ -/* - * Diffie-Hellman-Merkle key exchange (server side) - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) -#include "mbedtls/net_sockets.h" -#include "mbedtls/aes.h" -#include "mbedtls/dhm.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" - -#include -#include -#endif - -#define SERVER_PORT "11999" -#define PLAINTEXT "==Hello there!==" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -int main( void ) -{ - FILE *f; - - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; - mbedtls_net_context listen_fd, client_fd; - - unsigned char buf[2048]; - unsigned char hash[32]; - unsigned char buf2[2]; - const char *pers = "dh_server"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_rsa_context rsa; - mbedtls_dhm_context dhm; - mbedtls_aes_context aes; - - mbedtls_mpi N, P, Q, D, E; - - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); - - /* - * 1. Setup the RNG - */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - /* - * 2a. Read the server's private RSA key - */ - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); - - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); - goto exit; - } - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); - goto exit; - } - fclose( f ); - - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); - goto exit; - } - - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); - goto exit; - } - - /* - * 2b. Get the DHM modulus and generator - */ - mbedtls_printf( "\n . Reading DH parameters from dh_prime.txt" ); - fflush( stdout ); - - if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \ - " ! Please run dh_genprime first\n\n" ); - goto exit; - } - - if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 || - mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 ) - { - mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" ); - fclose( f ); - goto exit; - } - - fclose( f ); - - /* - * 3. Wait for a client to connect - */ - mbedtls_printf( "\n . Waiting for a remote connection" ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); - goto exit; - } - - /* - * 4. Setup the DH parameters (P,G,Ys) - */ - mbedtls_printf( "\n . Sending the server's DH parameters" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret ); - goto exit; - } - - /* - * 5. Sign the parameters and send them - */ - if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); - goto exit; - } - - buf[n ] = (unsigned char)( rsa.len >> 8 ); - buf[n + 1] = (unsigned char)( rsa.len ); - - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, - 0, hash, buf + n + 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); - goto exit; - } - - buflen = n + 2 + rsa.len; - buf2[0] = (unsigned char)( buflen >> 8 ); - buf2[1] = (unsigned char)( buflen ); - - if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 || - ( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - /* - * 6. Get the client's public value: Yc = G ^ Xc mod P - */ - mbedtls_printf( "\n . Receiving the client's public value" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - n = dhm.len; - if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); - goto exit; - } - - /* - * 7. Derive the shared secret: K = Ys ^ Xc mod P - */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); - - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); - goto exit; - } - - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); - - /* - * 8. Setup the AES-256 encryption key - * - * This is an overly simplified example; best practice is - * to hash the shared secret with a random value to derive - * the keying material for the encryption/decryption keys - * and MACs. - */ - mbedtls_printf( "...\n . Encrypting and sending the ciphertext" ); - fflush( stdout ); - - mbedtls_aes_setkey_enc( &aes, buf, 256 ); - memcpy( buf, PLAINTEXT, 16 ); - mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf ); - - if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( "\n\n" ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); - - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && - MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj deleted file mode 100644 index b2fae8093..000000000 --- a/visualc/VS2010/dh_client.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE} - Win32Proj - dh_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj deleted file mode 100644 index 6f87cb8b0..000000000 --- a/visualc/VS2010/dh_server.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {8D91B804-E2CE-142D-8E06-FBB037ED1F65} - Win32Proj - dh_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 8961f9d1c..35417a999 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -23,21 +23,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "generic_sum", "generic_sum. {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_client", "dh_client.vcxproj", "{4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_genprime", "dh_genprime.vcxproj", "{718960D9-5DA6-7B56-39AD-637E81076C71}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_server", "dh_server.vcxproj", "{8D91B804-E2CE-142D-8E06-FBB037ED1F65}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdh_curve25519", "ecdh_curve25519.vcxproj", "{82EE497E-12CC-7C5B-A072-665678ACB43E}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -311,14 +301,6 @@ Global {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.Build.0 = Release|Win32 {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.ActiveCfg = Release|x64 {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.Build.0 = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.ActiveCfg = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.Build.0 = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.ActiveCfg = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.Build.0 = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.ActiveCfg = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.Build.0 = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.ActiveCfg = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.Build.0 = Release|x64 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.ActiveCfg = Debug|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.Build.0 = Debug|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.ActiveCfg = Debug|x64 @@ -327,14 +309,6 @@ Global {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.Build.0 = Release|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.ActiveCfg = Release|x64 {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.Build.0 = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.ActiveCfg = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.Build.0 = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.ActiveCfg = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.Build.0 = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.ActiveCfg = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.Build.0 = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.ActiveCfg = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.Build.0 = Release|x64 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.ActiveCfg = Debug|Win32 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.Build.0 = Debug|Win32 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.ActiveCfg = Debug|x64