mirror of https://github.com/arendst/Tasmota.git
Minor changes to Berry crypto (#17494)
This commit is contained in:
parent
234d6e20e0
commit
f5f7ff4fb8
|
@ -40,7 +40,7 @@ extern int m_hmac_sha256_out(bvm *vm);
|
|||
|
||||
extern int m_pbkdf2_hmac_sha256_f(bvm *vm);
|
||||
|
||||
extern int m_hkdf_hmac_sha256_derive(bvm *vm);
|
||||
extern int m_hkdf_sha256_derive(bvm *vm);
|
||||
|
||||
extern const bclass be_class_md5;
|
||||
|
||||
|
@ -53,7 +53,7 @@ extern const bclass be_class_md5;
|
|||
#include "be_fixed_be_class_sha256.h"
|
||||
#include "be_fixed_be_class_hmac_sha256.h"
|
||||
#include "be_fixed_be_class_pbkdf2_hmac_sha256.h"
|
||||
#include "be_fixed_be_class_hkdf_hmac_sha256.h"
|
||||
#include "be_fixed_be_class_hkdf_sha256.h"
|
||||
#include "be_fixed_crypto.h"
|
||||
|
||||
const be_const_member_t be_crypto_members[] = {
|
||||
|
@ -75,9 +75,9 @@ const be_const_member_t be_crypto_members[] = {
|
|||
{ "/EC_P256", (intptr_t) &be_class_ec_p256 },
|
||||
#endif // USE_BERRY_CRYPTO_EC_P256
|
||||
|
||||
#ifdef USE_BERRY_CRYPTO_HKDF_HMAC_SHA256
|
||||
{ "/HKDF_HMAC_SHA256", (intptr_t) &be_class_hkdf_hmac_sha256 },
|
||||
#endif // USE_BERRY_CRYPTO_HKDF_HMAC_SHA256
|
||||
#ifdef USE_BERRY_CRYPTO_HKDF_SHA256
|
||||
{ "/HKDF_SHA256", (intptr_t) &be_class_hkdf_sha256 },
|
||||
#endif // USE_BERRY_CRYPTO_HKDF_SHA256
|
||||
|
||||
#ifdef USE_BERRY_CRYPTO_HMAC_SHA256
|
||||
{ "/HMAC_SHA256", (intptr_t) &be_class_hmac_sha256 },
|
||||
|
@ -152,8 +152,8 @@ class be_class_pbkdf2_hmac_sha256 (scope: global, name: PBKDF2_HMAC_SHA256) {
|
|||
derive, closure(PBKDF2_HMAC_SHA256_closure)
|
||||
}
|
||||
|
||||
class be_class_hkdf_hmac_sha256 (scope: global, name: HKDF_HMAC_SHA256) {
|
||||
derive, static_func(m_hkdf_hmac_sha256_derive)
|
||||
class be_class_hkdf_sha256 (scope: global, name: HKDF_SHA256) {
|
||||
derive, static_func(m_hkdf_sha256_derive)
|
||||
}
|
||||
|
||||
module crypto (scope: global) {
|
||||
|
|
|
@ -25,7 +25,7 @@ int m_md5_init(bvm *vm) {
|
|||
be_return_nil(vm);
|
||||
}
|
||||
|
||||
// `Md5.update(content:bytes()) -> nil`
|
||||
// `Md5.update(content:bytes()) -> self`
|
||||
//
|
||||
// Add raw bytes to the MD5 calculation
|
||||
int m_md5_update(bvm *vm);
|
||||
|
@ -45,7 +45,8 @@ int m_md5_update(bvm *vm) {
|
|||
if (length > 0) {
|
||||
esp_rom_md5_update(ctx, (const uint8_t*) bytes, length);
|
||||
}
|
||||
be_return_nil(vm);
|
||||
be_pushvalue(vm, 1);
|
||||
be_return(vm);
|
||||
// success
|
||||
} while (0);
|
||||
}
|
||||
|
|
|
@ -1112,7 +1112,7 @@
|
|||
#define USE_BERRY_CRYPTO_SHA256 // enable SHA256 hash function
|
||||
#define USE_BERRY_CRYPTO_HMAC_SHA256 // enable HMAC SHA256 hash function
|
||||
// #define USE_BERRY_CRYPTO_PBKDF2_HMAC_SHA256 // PBKDF2 with HMAC SHA256, used in Matter protocol
|
||||
// #define USE_BERRY_CRYPTO_HKDF_HMAC_SHA256 // HKDF with HMAC SHA256, used in Matter protocol
|
||||
// #define USE_BERRY_CRYPTO_HKDF_SHA256 // HKDF with HMAC SHA256, used in Matter protocol
|
||||
#define USE_CSE7761 // Add support for CSE7761 Energy monitor as used in Sonoff Dual R3
|
||||
|
||||
// -- LVGL Graphics Library ---------------------------------
|
||||
|
|
|
@ -213,8 +213,8 @@ extern "C" {
|
|||
be_raise(vm, kTypeError, nullptr);
|
||||
}
|
||||
|
||||
// `<instance:AES_CTR>.encrypt(content:bytes(), in:bytes(12), counter:int) -> nil`
|
||||
// `<instance:AES_CTR>.decrypt(content:bytes(), in:bytes(12), counter:int) -> nil`
|
||||
// `<instance:AES_CTR>.encrypt(content:bytes(), in:bytes(12), counter:int) -> bytes()`
|
||||
// `<instance:AES_CTR>.decrypt(content:bytes(), in:bytes(12), counter:int) -> bytes()`
|
||||
int32_t m_aes_ctr_run(bvm *vm);
|
||||
int32_t m_aes_ctr_run(bvm *vm) {
|
||||
int32_t argc = be_top(vm); // Get the number of arguments
|
||||
|
@ -273,7 +273,7 @@ extern "C" {
|
|||
be_return_nil(vm);
|
||||
}
|
||||
|
||||
// `<instance:SHA256>.update(content:bytes()) -> nil`
|
||||
// `<instance:SHA256>.update(content:bytes()) -> self`
|
||||
//
|
||||
// Add raw bytes to the hash calculation
|
||||
int32_t m_hash_sha256_update(struct bvm *vm);
|
||||
|
@ -295,7 +295,8 @@ extern "C" {
|
|||
if (length > 0) {
|
||||
br_sha256_update(ctx, bytes, length);
|
||||
}
|
||||
be_return_nil(vm);
|
||||
be_pushvalue(vm, 1); // return self
|
||||
be_return(vm);
|
||||
// success
|
||||
} while (0);
|
||||
}
|
||||
|
@ -347,7 +348,7 @@ extern "C" {
|
|||
be_raise(vm, kTypeError, nullptr);
|
||||
}
|
||||
|
||||
// `<instance:HMAC_SHA256>.update(content:bytes()) -> nil`
|
||||
// `<instance:HMAC_SHA256>.update(content:bytes()) -> self`
|
||||
//
|
||||
// Add raw bytes to the hash calculation
|
||||
int32_t m_hmac_sha256_update(struct bvm *vm);
|
||||
|
@ -368,7 +369,8 @@ extern "C" {
|
|||
if (length > 0) {
|
||||
br_hmac_update(ctx, bytes, length);
|
||||
}
|
||||
be_return_nil(vm);
|
||||
be_pushvalue(vm, 1); // return self
|
||||
be_return(vm);
|
||||
// success
|
||||
} while (0);
|
||||
}
|
||||
|
@ -397,7 +399,7 @@ extern "C" {
|
|||
\*********************************************************************************************/
|
||||
#define BR_EC_P256_IMPL br_ec_p256_m15 // BearSSL implementation for Curve P256
|
||||
extern "C" {
|
||||
// crypto.EC_P256().public_key(private_key:bytes(32)) -> bytes(32)
|
||||
// crypto.EC_P256().public_key(private_key:bytes(32)) -> bytes(65)
|
||||
// Computes the public key from a completely random private key of 32 bytes
|
||||
int32_t m_ec_p256_pubkey(bvm *vm);
|
||||
int32_t m_ec_p256_pubkey(bvm *vm) {
|
||||
|
@ -420,7 +422,7 @@ extern "C" {
|
|||
be_raise(vm, kTypeError, nullptr);
|
||||
}
|
||||
|
||||
// crypto.EC_P256().shared_key(my_private_key:bytes(32), their_public_key:bytes(32)) -> bytes(32)
|
||||
// crypto.EC_P256().shared_key(my_private_key:bytes(32), their_public_key:bytes(65)) -> bytes(32)
|
||||
// Computes the shared pre-key. Normally this shared pre-key is hashed with another algorithm.
|
||||
int32_t m_ec_p256_sharedkey(bvm *vm);
|
||||
int32_t m_ec_p256_sharedkey(bvm *vm) {
|
||||
|
@ -535,10 +537,6 @@ extern "C" {
|
|||
be_raise(vm, kTypeError, nullptr);
|
||||
}
|
||||
|
||||
uint32_t (*muladd)(unsigned char *A, const unsigned char *B, size_t len,
|
||||
const unsigned char *x, size_t xlen,
|
||||
const unsigned char *y, size_t ylen, int curve);
|
||||
|
||||
// crypto.EC_P256().mul(x:bytes(), A:bytes(65)) -> bytes(65)`
|
||||
//
|
||||
// The point `x*A` is computed.
|
||||
|
@ -674,14 +672,14 @@ extern "C" {
|
|||
}
|
||||
|
||||
/*********************************************************************************************\
|
||||
* HKDF_HMAC_SHA256
|
||||
* HKDF_SHA256
|
||||
*
|
||||
\*********************************************************************************************/
|
||||
extern "C" {
|
||||
// crypto.HKDF_HMAC_SHA256().derive(ikm:bytes(), salt:bytes(), info:bytes(), out_bytes:int) -> bytes(out_bytes)
|
||||
// Derive key with HKDF based on HMAC SHA256
|
||||
int32_t m_hkdf_hmac_sha256_derive(bvm *vm);
|
||||
int32_t m_hkdf_hmac_sha256_derive(bvm *vm) {
|
||||
// crypto.HKDF_SHA256().derive(ikm:bytes(), salt:bytes(), info:bytes(), out_bytes:int) -> bytes(out_bytes)
|
||||
// Derive key with HKDF based on SHA256
|
||||
int32_t m_hkdf_sha256_derive(bvm *vm);
|
||||
int32_t m_hkdf_sha256_derive(bvm *vm) {
|
||||
int32_t argc = be_top(vm); // Get the number of arguments
|
||||
if (argc >= 4 && be_isbytes(vm, 1) && be_isbytes(vm, 2) && be_isbytes(vm, 3) && be_isint(vm, 4)) {
|
||||
size_t ikm_len;
|
||||
|
@ -716,7 +714,7 @@ extern "C" {
|
|||
import crypto
|
||||
|
||||
# Test Case 1
|
||||
hk = crypto.HKDF_HMAC_SHA256()
|
||||
hk = crypto.HKDF_SHA256()
|
||||
ikm = bytes("0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B")
|
||||
salt = bytes("000102030405060708090A0B0C")
|
||||
info = bytes("F0F1F2F3F4F5F6F7F8F9")
|
||||
|
@ -724,7 +722,7 @@ k = hk.derive(ikm, salt, info, 42)
|
|||
assert(k == bytes("3CB25F25FAACD57A90434F64D0362F2A2D2D0A90CF1A5A4C5DB02D56ECC4C5BF34007208D5B887185865"))
|
||||
|
||||
# Test Case 2
|
||||
hk = crypto.HKDF_HMAC_SHA256()
|
||||
hk = crypto.HKDF_SHA256()
|
||||
ikm = bytes("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f")
|
||||
salt = bytes("606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf")
|
||||
info = bytes("b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")
|
||||
|
@ -732,7 +730,7 @@ k = hk.derive(ikm, salt, info, 82)
|
|||
assert(k == bytes("b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"))
|
||||
|
||||
# Test Case 3
|
||||
hk = crypto.HKDF_HMAC_SHA256()
|
||||
hk = crypto.HKDF_SHA256()
|
||||
ikm = bytes("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b")
|
||||
salt = bytes()
|
||||
info = bytes()
|
||||
|
|
Loading…
Reference in New Issue