Last active
September 26, 2018 12:36
-
-
Save jaimejim/e1be32000328c7c1514457af81378640 to your computer and use it in GitHub Desktop.
Sample Bootloader SUIT validation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Copyright (C) 2018 Freie Universitat Berlin | |
| * Copyright (C) 2018 Inria | |
| * | |
| * This file is subject to the terms and conditions of the GNU Lesser | |
| * General Public License v2.1. See the file LICENSE in the top level | |
| * directory for more details. | |
| */ | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <stdlib.h> | |
| #include "cose/crypto.h" | |
| #include "cose.h" | |
| #include "cose_defines.h" | |
| #include "mbed.h" | |
| #include "cose/test.h" | |
| static uint8_t buf[2048]; | |
| #define CU_ASSERT(A) A | |
| #define CU_ASSERT_EQUAL(A,B) CU_ASSERT(A) | |
| #define CU_ASSERT_EQUAL_FATAL(A,B) CU_ASSERT(A) | |
| static const unsigned char cose_suite[] = { | |
| 0xd8, 0x62, 0x84, 0x44, 0xa1, 0x03, 0x18, 0x2a, 0xa0, 0x58, 0xcd, 0x8a, | |
| 0x02, 0xa4, 0x01, 0x6e, 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, | |
| 0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x02, 0x6e, 0x41, 0x20, 0x74, 0x65, | |
| 0x73, 0x74, 0x20, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x03, 0x6f, | |
| 0x41, 0x20, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x20, 0x76, 0x65, 0x6e, | |
| 0x64, 0x6f, 0x72, 0x04, 0x75, 0x41, 0x6e, 0x20, 0x65, 0x78, 0x70, 0x65, | |
| 0x72, 0x69, 0x6d, 0x65, 0x6e, 0x74, 0x61, 0x6c, 0x20, 0x6d, 0x6f, 0x64, | |
| 0x65, 0x6c, 0x50, 0xb5, 0x93, 0x36, 0xf0, 0x59, 0xf4, 0xdc, 0x45, 0x77, | |
| 0x3d, 0x2a, 0x51, 0xff, 0xa5, 0x62, 0xbc, 0x1a, 0x5b, 0x16, 0x6d, 0x2e, | |
| 0x82, 0x82, 0x01, 0x50, 0xfa, 0x6b, 0x4a, 0x53, 0xd5, 0xad, 0x5f, 0xdf, | |
| 0xbe, 0x9d, 0xe6, 0x63, 0xe4, 0xd4, 0x1f, 0xfe, 0x82, 0x02, 0x50, 0x14, | |
| 0x92, 0xaf, 0x14, 0x25, 0x69, 0x5e, 0x48, 0xbf, 0x42, 0x9b, 0x2d, 0x51, | |
| 0xf2, 0xab, 0x45, 0xf6, 0xf6, 0xf6, 0xf6, 0x87, 0x81, 0x01, 0x10, 0x43, | |
| 0x66, 0x6f, 0x6f, 0x81, 0x82, 0x6e, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, | |
| 0x2f, 0x66, 0x6f, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x01, 0x81, 0x01, 0xa1, | |
| 0x01, 0x58, 0x20, 0xc3, 0x12, 0x11, 0xd1, 0xff, 0x88, 0xf7, 0x7a, 0x5a, | |
| 0xaf, 0x65, 0x36, 0x77, 0x89, 0x5b, 0xfc, 0xa7, 0x69, 0xf0, 0x6d, 0xa1, | |
| 0x98, 0xa8, 0xfa, 0x71, 0x15, 0x6a, 0xa6, 0x4a, 0xcd, 0x69, 0x5d, 0xf6, | |
| 0x81, 0x83, 0x58, 0x26, 0xa2, 0x01, 0x26, 0x04, 0x58, 0x20, 0x3a, 0x65, | |
| 0x52, 0x7d, 0x1a, 0xc9, 0x2c, 0x47, 0x22, 0xc9, 0x19, 0xb3, 0x87, 0xad, | |
| 0xc9, 0xbc, 0x95, 0x57, 0x98, 0x27, 0x03, 0xa1, 0x69, 0xa0, 0xa4, 0x3f, | |
| 0xb4, 0x72, 0xa3, 0xa4, 0xcf, 0xc1, 0xa0, 0x58, 0x47, 0x30, 0x45, 0x02, | |
| 0x21, 0x00, 0xde, 0xbb, 0xd0, 0x12, 0xfb, 0xb9, 0x2f, 0xca, 0x04, 0xc3, | |
| 0x52, 0xc4, 0xe5, 0x93, 0xbd, 0x77, 0x86, 0xd4, 0x18, 0x3b, 0x22, 0xce, | |
| 0xd1, 0xf8, 0xe4, 0x5e, 0x33, 0xba, 0x93, 0x55, 0x5f, 0x05, 0x02, 0x20, | |
| 0x1f, 0x0a, 0x4a, 0x8c, 0xa9, 0x1f, 0x19, 0x13, 0x26, 0x07, 0xb6, 0xa3, | |
| 0xce, 0x54, 0x43, 0xb4, 0x4d, 0x55, 0x8f, 0xa5, 0xc8, 0xbc, 0xf4, 0xc4, | |
| 0x76, 0x38, 0x89, 0x67, 0xc7, 0x88, 0x79, 0x7f | |
| }; | |
| static unsigned char pk_x[MBEDTLS_ECP_MAX_BYTES] = { | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x5b, 0x69, 0xb5, 0x30, 0x6d, 0xf5, 0x5c, 0xf8, 0x0a, 0xd0, 0xa9, 0x8c, | |
| 0xa5, 0x76, 0x1c, 0xdc, 0x10, 0x48, 0x3f, 0x29, 0x86, 0xaf, 0xec, 0x56, | |
| 0x7c, 0xf9, 0xbf, 0xb1, 0xa8, 0x5e, 0x66, 0x92, | |
| }; | |
| static unsigned char pk_y[MBEDTLS_ECP_MAX_BYTES] = { | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x2e, 0xbf, 0xef, 0xa9, 0xd3, 0x57, 0x75, 0x72, 0xb4, 0x90, 0x25, 0xcc, | |
| 0x44, 0x76, 0xee, 0xc9, 0xdd, 0xc5, 0x16, 0xb0, 0x49, 0x5f, 0xdd, 0x4e, | |
| 0x7c, 0xa0, 0x65, 0x21, 0x26, 0x71, 0xba, 0x5e | |
| }; | |
| static void print_bytestr(const uint8_t *bytes, size_t len) | |
| { | |
| for(unsigned int idx=0; idx < len; idx++) | |
| { | |
| printf("%02X", bytes[idx]); | |
| } | |
| } | |
| DigitalOut green(PA5); | |
| int main(void) | |
| { | |
| green = 1; | |
| wait(1); | |
| cose_sign_t verify; | |
| cose_key_t signer; | |
| cose_signature_t signature; | |
| const uint8_t *kid = NULL; | |
| /* Initialize struct */ | |
| cose_sign_init(&verify, 0); | |
| /* First signer */ | |
| cose_key_init(&signer); | |
| cose_key_set_keys(&signer, COSE_EC_CURVE_P256, COSE_ALGO_ES256, pk_x, pk_y, NULL); | |
| printf("COSE bytestream: \n"); | |
| print_bytestr(cose_suite, sizeof(cose_suite)); | |
| printf("\n"); | |
| /* Decode again */ | |
| int decode_success = cose_sign_decode(&verify, cose_suite, sizeof(cose_suite)); | |
| printf("Decoding: %d\n", decode_success); | |
| /* Verify with signature slot 0 */ | |
| CU_ASSERT_EQUAL_FATAL(decode_success, 0); | |
| cose_sign_iter_t iter; | |
| cose_sign_iter_init(&verify, &iter); | |
| CU_ASSERT(cose_sign_iter(&iter, &signature)); | |
| int verification = cose_sign_verify(&verify, &signature, &signer, buf, sizeof(buf)); | |
| printf("Verification: %d\n", verification); | |
| CU_ASSERT_EQUAL(verification, 0); | |
| cose_hdr_t hdr; | |
| CU_ASSERT(cose_sign_get_protected(&verify, &hdr, COSE_HDR_CONTENT_TYPE)); | |
| CU_ASSERT_EQUAL(hdr.v.value, 42); | |
| ssize_t res = cose_signature_get_kid(&signature, &kid); | |
| CU_ASSERT(res); | |
| //CU_ASSERT_EQUAL(memcmp(kid, keyid, sizeof(keyid) - 1), 0); | |
| printf("Verify Result: %d\n", res); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment