Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add code quality improvements, manually and with clang-tidy/clang-format #310

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions .clang-format
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
BasedOnStyle: Google
IndentWidth: 2
TabWidth: 2
ColumnLimit: 80
AlignAfterOpenBracket: AlwaysBreak
AlwaysBreakAfterReturnType: TopLevel
DerivePointerAlignment: false
PointerAlignment: Left
AlignConsecutiveAssignments: true
SpacesInAngles: false
47 changes: 28 additions & 19 deletions bootrom/bootloader.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@
#include "sha3/sha3.h"
/* Adopted from https://github.com/orlp/ed25519
provides:
- void ed25519_create_keypair(t_pubkey *public_key, t_privkey *private_key, t_seed *seed);
- void ed25519_create_keypair(t_pubkey *public_key, t_privkey *private_key,
t_seed *seed);
- void ed25519_sign(t_signature *signature,
const unsigned uint8_t *message,
size_t message_len,
Expand All @@ -26,7 +27,6 @@
provides memcpy, memset
*/


typedef unsigned char byte;

// Sanctum header fields in DRAM
Expand All @@ -40,18 +40,21 @@ extern byte sanctum_sm_signature[64];
#define DRAM_BASE 0x80000000

/* Update this to generate valid entropy for target platform*/
inline byte random_byte(unsigned int i) {
inline byte
random_byte(unsigned int i) {
#warning Bootloader does not have entropy source, keys are for TESTING ONLY
return 0xac + (0xdd ^ i);
}

void bootloader() {
//*sanctum_sm_size = 0x200;
void
bootloader() {
//*sanctum_sm_size = 0x200;
// Reserve stack space for secrets
byte scratchpad[128];
sha3_ctx_t hash_ctx;

// TODO: on real device, copy boot image from memory. In simulator, HTIF writes boot image
// TODO: on real device, copy boot image from memory. In simulator, HTIF
// writes boot image
// ... SD card to beginning of memory.
// sd_init();
// sd_read_from_start(DRAM, 1024);
Expand All @@ -62,21 +65,22 @@ void bootloader() {
* that do not provide such a source must gather their own
* entropy. See the Keystone documentation for further
* discussion. For testing purposes, we have no entropy generation.
*/
*/

// Create a random seed for keys and nonces from TRNG
for (unsigned int i=0; i<32; i++) {
for (unsigned int i = 0; i < 32; i++) {
scratchpad[i] = random_byte(i);
}

/* On a real device, the platform must provide a secure root device
keystore. For testing purposes we hardcode a known private/public
keypair */
// TEST Device key
#include "use_test_keys.h"
/* On a real device, the platform must provide a secure root device
keystore. For testing purposes we hardcode a known private/public
keypair */
// TEST Device key
#include "use_test_keys.h"

// Derive {SK_D, PK_D} (device keys) from a 32 B random seed
//ed25519_create_keypair(sanctum_dev_public_key, sanctum_dev_secret_key, scratchpad);
// ed25519_create_keypair(sanctum_dev_public_key, sanctum_dev_secret_key,
// scratchpad);

// Measure SM
sha3_init(&hash_ctx, 64);
Expand All @@ -86,17 +90,22 @@ void bootloader() {
// Combine SK_D and H_SM via a hash
// sm_key_seed <-- H(SK_D, H_SM), truncate to 32B
sha3_init(&hash_ctx, 64);
sha3_update(&hash_ctx, sanctum_dev_secret_key, sizeof(*sanctum_dev_secret_key));
sha3_update(
&hash_ctx, sanctum_dev_secret_key, sizeof(*sanctum_dev_secret_key));
sha3_update(&hash_ctx, sanctum_sm_hash, sizeof(*sanctum_sm_hash));
sha3_final(scratchpad, &hash_ctx);
// Derive {SK_D, PK_D} (device keys) from the first 32 B of the hash (NIST endorses SHA512 truncation as safe)
ed25519_create_keypair(sanctum_sm_public_key, sanctum_sm_secret_key, scratchpad);
// Derive {SK_D, PK_D} (device keys) from the first 32 B of the hash (NIST
// endorses SHA512 truncation as safe)
ed25519_create_keypair(
sanctum_sm_public_key, sanctum_sm_secret_key, scratchpad);

// Endorse the SM
memcpy(scratchpad, sanctum_sm_hash, 64);
memcpy(scratchpad + 64, sanctum_sm_public_key, 32);
// Sign (H_SM, PK_SM) with SK_D
ed25519_sign(sanctum_sm_signature, scratchpad, 64 + 32, sanctum_dev_public_key, sanctum_dev_secret_key);
ed25519_sign(
sanctum_sm_signature, scratchpad, 64 + 32, sanctum_dev_public_key,
sanctum_dev_secret_key);

// Clean up
// Erase SK_D
Expand Down
44 changes: 27 additions & 17 deletions bootrom/ed25519/ed25519.h
Original file line number Diff line number Diff line change
Expand Up @@ -4,33 +4,43 @@
#include <stddef.h>

#if defined(_WIN32)
#if defined(ED25519_BUILD_DLL)
#define ED25519_DECLSPEC __declspec(dllexport)
#elif defined(ED25519_DLL)
#define ED25519_DECLSPEC __declspec(dllimport)
#else
#define ED25519_DECLSPEC
#endif
#if defined(ED25519_BUILD_DLL)
#define ED25519_DECLSPEC __declspec(dllexport)
#elif defined(ED25519_DLL)
#define ED25519_DECLSPEC __declspec(dllimport)
#else
#define ED25519_DECLSPEC
#define ED25519_DECLSPEC
#endif
#else
#define ED25519_DECLSPEC
#endif


#ifdef __cplusplus
extern "C" {
#endif

#ifndef ED25519_NO_SEED
int ED25519_DECLSPEC ed25519_create_seed(unsigned char *seed);
int ED25519_DECLSPEC
ed25519_create_seed(unsigned char* seed);
#endif

void ED25519_DECLSPEC ed25519_create_keypair(unsigned char *public_key, unsigned char *private_key, const unsigned char *seed);
void ED25519_DECLSPEC ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key);
int ED25519_DECLSPEC ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key);

//void ED25519_DECLSPEC ed25519_add_scalar(unsigned char *public_key, unsigned char *private_key, const unsigned char *scalar);
//void ED25519_DECLSPEC ed25519_key_exchange(unsigned char *shared_secret, const unsigned char *public_key, const unsigned char *private_key);

void ED25519_DECLSPEC
ed25519_create_keypair(
unsigned char* public_key, unsigned char* private_key,
const unsigned char* seed);
void ED25519_DECLSPEC
ed25519_sign(
unsigned char* signature, const unsigned char* message, size_t message_len,
const unsigned char* public_key, const unsigned char* private_key);
int ED25519_DECLSPEC
ed25519_verify(
const unsigned char* signature, const unsigned char* message,
size_t message_len, const unsigned char* public_key);

// void ED25519_DECLSPEC ed25519_add_scalar(unsigned char *public_key, unsigned
// char *private_key, const unsigned char *scalar); void ED25519_DECLSPEC
// ed25519_key_exchange(unsigned char *shared_secret, const unsigned char
// *public_key, const unsigned char *private_key);

#ifdef __cplusplus
}
Expand Down
Loading