Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ECDH key exchange #35

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

Add ECDH key exchange #35

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
c351723
Add base64 decode function
torntrousers Apr 11, 2021
14f60e6
Add base64 decode function
torntrousers Apr 11, 2021
0b0c19b
Add ecdh function
torntrousers Apr 11, 2021
597bdb6
start of example
torntrousers Aug 23, 2021
e3ef860
working example
jezcrypt Aug 25, 2021
83f1b7f
Configure ECDH mode for key destination
jezcrypt Aug 26, 2021
bf7690e
Implement generating IV using counter on chip
jezcrypt Aug 27, 2021
12bb471
AES encrypt function
jezcrypt Sep 6, 2021
6cf0cdd
AES decrypt function
jezcrypt Sep 7, 2021
14fdd3a
actually send the data to the chip
jezcrypt Sep 8, 2021
c145ed1
encode bit length instead of byte length
jezcrypt Sep 8, 2021
d689f0f
encrypt/decrypt function descriptions
jezcrypt Sep 13, 2021
be5c174
decrease delay
jezcrypt Sep 13, 2021
75ae800
counter comment
jezcrypt Sep 16, 2021
5dc6c6f
comment on example assumptions
jezcrypt Sep 16, 2021
f885c39
fix typo in b64.h
jezcrypt Sep 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 81 additions & 0 deletions examples/ECCX08AES/ECCX08AES.ino
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
/*
ECCX08 AES-GCM

This sketch uses the ECC608 to compute
the AES_128_GCM encryption for some data

This sketch assumes TempKey has been set
(ECDH sketch will do this)
and derives a deviceID from the public key
corresponding to the key in slot 0.

*/

#include <ArduinoECCX08.h>

void setup() {
Serial.begin(9600);
while (!Serial);

if (!ECCX08.begin()) {
Serial.println("Failed to communicate with ECC508/ECC608!");
while (1);
}

if (!ECCX08.locked()) {
Serial.println("The ECC508/ECC608 is not locked!");
while (1);
}

byte devicePubKey[64];
if (!ECCX08.generatePublicKey(0, devicePubKey)){
Serial.println("Failed to generate private key.");
} else {
Serial.println("Device Public key:");
printHex(devicePubKey, 64);
}

byte ad[20] = {0x14};
uint64_t adLength = (sizeof(ad));
Serial.print("AD: ");
printHex(ad, adLength);
byte pt[40] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28};
uint64_t ptLength = (sizeof(pt));
Serial.print("PT: ");
printHex(pt, ptLength);

byte IV[12];
byte ct[40];
byte tag[16];
if (!ECCX08.AESEncrypt(IV, ad, pt, ct, tag, adLength, ptLength)){
Serial.println("Failed to encrypt.");
} else {
Serial.print("IV: ");
printHex(IV, 12);
Serial.print("CT: ");
printHex(ct, ptLength);
Serial.print("tag: ");
printHex(tag, 16);
}

byte ptDecrypted[40];
if (!ECCX08.AESDecrypt(IV, ad, ptDecrypted, ct, tag, adLength, ptLength)){
Serial.println("Failed to decrypt.");
} else {
Serial.print("PT: ");
printHex(ptDecrypted, ptLength);
}
}

void loop() {
}

void printHex(uint8_t *data, uint8_t length) {
char tmp[16];
for (int i = 0; i < length; i++) {
sprintf(tmp, "%.2X", data[i]);
Serial.print(tmp);
Serial.print(" ");
}
Serial.println();
}
75 changes: 75 additions & 0 deletions examples/ECCX08ECDH/ECCX08ECDH.ino
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
/*
ECCX08 ECDH

This sketch uses the ECC608 to compute the ECDH shared secret
for a ECCX08 private key and a public key.

*/

#include <ArduinoECCX08.h>

void setup() {
Serial.begin(9600);
while (!Serial);

if (!ECCX08.begin()) {
Serial.println("Failed to communicate with ECC508/ECC608!");
while (1);
}

if (!ECCX08.locked()) {
Serial.println("The ECC508/ECC608 is not locked!");
while (1);
}

int privateKeySlot = 2;
int counterpartyKeySlot = 3;

byte devicePubKey[64];
if (!ECCX08.generatePrivateKey(privateKeySlot, devicePubKey)){
Serial.println("Failed to generate private key.");
} else {
Serial.println("Device Public key:");
printHex(devicePubKey, 64);
}

byte counterPartyPubKey[64];
// Yes, this function actually returns a public key.
if (!ECCX08.generatePrivateKey(counterpartyKeySlot, counterPartyPubKey)){
Serial.println("Failed to generate public key.");
} else {
Serial.println("Counterparty Public key:");
printHex(counterPartyPubKey, 64);
}

byte sharedSecret[32];
if (!ECCX08.ecdh(privateKeySlot, ECDH_MODE_OUTPUT, counterPartyPubKey, sharedSecret)) {
Serial.println("The ecdh function failed!");
while (1);
}

Serial.print("Shared secret = ");
printHex(sharedSecret, 32);

byte output[1];
if (!ECCX08.ecdh(privateKeySlot, ECDH_MODE_TEMPKEY, counterPartyPubKey, output)) {
Serial.println("The ecdh function failed!");
while (1);
}

Serial.print("Return code = ");
printHex(output, 1);
}

void loop() {
}

void printHex(uint8_t *data, uint8_t length) {
char tmp[16];
for (int i = 0; i < length; i++) {
sprintf(tmp, "%.2X", data[i]);
Serial.print(tmp);
Serial.print(" ");
}
Serial.println();
}
Loading