Merge pull request #22 from atsign-foundation/jeremy-changes

feat: sha library & small changes

CMakeLists.txt

@@ -39,11 +39,11 @@ if(NOT BUILD_ESP_IDF) # build for other platforms
   # setup at_client library
 
   FILE(GLOB_RECURSE at_client_sources ${CMAKE_SOURCE_DIR}/src/at_client/*.*)
-  add_library(at_client ${at_client_sources})
+  add_library(at_client STATIC ${at_client_sources})
 
   # setup at_chops library
   FILE(GLOB_RECURSE at_chops_sources ${CMAKE_SOURCE_DIR}/src/at_chops/*.*)
-  add_library(at_chops ${at_chops_sources})
+  add_library(at_chops STATIC ${at_chops_sources})
 
   set_target_properties(at_client PROPERTIES LINKER_LANGUAGE C)
   set(CMAKE_C_STANDARD 99)

include/at_chops/rsa.h

@@ -7,45 +7,35 @@ extern "C"
 #endif
 
 #include <ctype.h>
+#include "at_chops/sha.h"
 
-typedef struct rsa_param {
+typedef struct {
     size_t len;
     unsigned char *value; // hex byte array of the number
 } rsa_param;
 
 typedef struct {
     rsa_param n_param; // modulus
     rsa_param e_param; // public exponent
-} atchops_rsa2048_publickey;
+} atchops_rsa_publickey;
 
 typedef struct {
     rsa_param n_param; // modulus
     rsa_param e_param; // public exponent
     rsa_param d_param; // private exponent
     rsa_param p_param; // prime 1
     rsa_param q_param; // prime 2
-} atchops_rsa2048_privatekey;
-
-typedef enum {
-    ATCHOPS_MD_NONE=0,    /**< None. */
-    ATCHOPS_MD_MD5,       /**< The MD5 message digest. */
-    ATCHOPS_MD_SHA1,      /**< The SHA-1 message digest. */
-    ATCHOPS_MD_SHA224,    /**< The SHA-224 message digest. */
-    ATCHOPS_MD_SHA256,    /**< The SHA-256 message digest. */
-    ATCHOPS_MD_SHA384,    /**< The SHA-384 message digest. */
-    ATCHOPS_MD_SHA512,    /**< The SHA-512 message digest. */
-    ATCHOPS_MD_RIPEMD160,
-} atchops_md_type;
+} atchops_rsa_privatekey;
 
 /**
  * @brief Populate a public key struct from a base64 string
- * 
+ *
  * @param publickeybase64 a base64 string representing an RSA 2048 Public Key
  * @param publickeybase64len the length of the base64 string
  * @param publickeystruct the public key struct to populate
  * @return int 0 on success
  */
-int atchops_rsa_populate_publickey(const char *publickeybase64, const size_t publickeybase64len, atchops_rsa2048_publickey *publickeystruct);
+int atchops_rsa_populate_publickey(const char *publickeybase64, const size_t publickeybase64len, atchops_rsa_publickey *publickeystruct);
 
 /**
  * @brief Populate a private key struct from a base64 string
@@ -55,7 +45,7 @@ int atchops_rsa_populate_publickey(const char *publickeybase64, const size_t pub
  * @param privatekeystruct the private key struct to populate
  * @return int 0 on success
  */
-int atchops_rsa_populate_privatekey(const char *privatekeybase64, const size_t privatekeybase64len, atchops_rsa2048_privatekey *privatekeystruct);
+int atchops_rsa_populate_privatekey(const char *privatekeybase64, const size_t privatekeybase64len, atchops_rsa_privatekey *privatekeystruct);
 
 /**
  * @brief Sign a message with an RSA 2048 Private Key
@@ -68,16 +58,31 @@ int atchops_rsa_populate_privatekey(const char *privatekeybase64, const size_t p
  * @param messagelen the length of the message
  * @return int 0 on success
  */
-int atchops_rsa_sign(atchops_rsa2048_privatekey privatekeystruct, atchops_md_type mdtype, unsigned char **signature, size_t *signaturelen, const unsigned char *message, const size_t messagelen);
+int atchops_rsa_sign(atchops_rsa_privatekey privatekeystruct, atchops_md_type mdtype, unsigned char **signature, size_t *signaturelen, const unsigned char *message, const size_t messagelen);
 
-// todo
-// int atchops_rsa2048_verify(atchops_rsa2048_publickey *publickeystruct, const unsigned char *signature, const size_t signaturelen, );
-
-// todo comments
-int atchops_rsa_encrypt(atchops_rsa2048_publickey publickeystruct, const char *plaintext, const size_t plaintextlen, char **ciphertext, size_t *ciphertextolen);
+/**
+ * @brief Encrypt a string of text with an RSA 2048 Public Key
+ * 
+ * @param publickeystruct the public key struct to use for encryption, must be populated using atchops_rsa_populate_publickey
+ * @param plaintext the plain text to encrypt
+ * @param plaintextlen the length of the plain text
+ * @param ciphertext the ciphertext to populate. Pass in a pointer to a pointer to a char array. The pointer will be reassigned to the newly allocated array. Assumption is enough space is allocated for the ciphertext.
+ * @param ciphertextolen the output length of the ciphertext
+ * @return int 0 on success
+ */
+int atchops_rsa_encrypt(atchops_rsa_publickey publickeystruct, const char *plaintext, const size_t plaintextlen, char **ciphertext, size_t *ciphertextolen);
 
-// todo comments
-int atchops_rsa_decrypt(atchops_rsa2048_privatekey privatekeystruct, const char *ciphertextbase64encoded, const size_t ciphertextbase64encodedlen, char **plaintext, size_t *plaintextolen);
+/**
+ * @brief Decrypt a string of text with an RSA 2048 Private Key
+ * 
+ * @param privatekeystruct the private key struct to use for decryption, must be populated using atchops_rsa_populate_privatekey
+ * @param ciphertextbase64encoded the base64 encoded string ciphertext to decrypt 
+ * @param ciphertextbase64encodedlen the length of the base64 encoded string
+ * @param plaintext the plaintext to populate. Pass in a pointer to a pointer to a char array. The pointer will be reassigned to the newly allocated array. Assumption is enough space is allocated for the plaintext.
+ * @param plaintextolen the output length of the plaintext
+ * @return int 0 on success
+ */
+int atchops_rsa_decrypt(atchops_rsa_privatekey privatekeystruct, const char *ciphertextbase64encoded, const size_t ciphertextbase64encodedlen, char **plaintext, size_t *plaintextolen);
 #ifdef __cplusplus
 }
 #endif

include/at_chops/sha.h

@@ -0,0 +1,22 @@
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum {
+    ATCHOPS_MD_NONE=0,    /**< None. */
+    ATCHOPS_MD_MD5,       /**< The MD5 message digest. */
+    ATCHOPS_MD_SHA1,      /**< The SHA-1 message digest. */
+    ATCHOPS_MD_SHA224,    /**< The SHA-224 message digest. */
+    ATCHOPS_MD_SHA256,    /**< The SHA-256 message digest. */
+    ATCHOPS_MD_SHA384,    /**< The SHA-384 message digest. */
+    ATCHOPS_MD_SHA512,    /**< The SHA-512 message digest. */
+    ATCHOPS_MD_RIPEMD160,
+} atchops_md_type;
+
+int atchops_sha_hash(const char *input, size_t inputlen, unsigned char **output, atchops_md_type mdtype);
+
+#ifdef __cplusplus
+}
+#endif

src/at_chops/rsa.c

@@ -15,8 +15,9 @@ extern "C"
 #include "at_chops/rsa.h"
 #include "at_chops/base64.h"
 #include "at_chops/byteutil.h"
+#include "at_chops/sha.h"
 
-int atchops_rsa_populate_publickey(const char *publickeybase64, const size_t publickeybase64len, atchops_rsa2048_publickey *publickeystruct)
+int atchops_rsa_populate_publickey(const char *publickeybase64, const size_t publickeybase64len, atchops_rsa_publickey *publickeystruct)
 {
     int ret = 0;
 
@@ -108,7 +109,7 @@ int atchops_rsa_populate_publickey(const char *publickeybase64, const size_t pub
     }
 }
 
-int atchops_rsa_populate_privatekey(const char *privatekeybase64, const size_t privatekeybase64len, atchops_rsa2048_privatekey *privatekeystruct)
+int atchops_rsa_populate_privatekey(const char *privatekeybase64, const size_t privatekeybase64len, atchops_rsa_privatekey *privatekeystruct)
 {
     int ret = 1;
 
@@ -244,37 +245,16 @@ int atchops_rsa_populate_privatekey(const char *privatekeybase64, const size_t p
     }
 }
 
-int atchops_rsa_sign(atchops_rsa2048_privatekey privatekeystruct, atchops_md_type mdtype, unsigned char **signature, size_t *signaturelen, const unsigned char *message, const size_t messagelen)
+int atchops_rsa_sign(atchops_rsa_privatekey privatekeystruct, atchops_md_type mdtype, unsigned char **signature, size_t *signaturelen, const unsigned char *message, const size_t messagelen)
 {
     int ret = 1; // error, until successful.
 
-    mbedtls_md_context_t md_ctx;
-    mbedtls_md_init(&md_ctx);
-
-    mbedtls_md_type_t md_type = mdtype; // TODO dynamic
-
-    ret = mbedtls_md_setup(&md_ctx, mbedtls_md_info_from_type(md_type), 0);
-    if (ret != 0)
-        goto ret;
-
-    ret = mbedtls_md_starts(&md_ctx);
-    if (ret != 0)
-        goto ret;
-
-    ret = mbedtls_md_update(&md_ctx, message, messagelen);
+    const size_t hashlen = 32;
+    unsigned char *hash = malloc(sizeof(char) * hashlen);
+    ret = atchops_sha_hash(message, messagelen, &hash, mdtype);
     if (ret != 0)
         goto ret;
 
-    const size_t hashlen = mbedtls_md_get_size(mbedtls_md_info_from_type(md_type));
-    // printf("hashlen: %lu\n", hashlen);
-    unsigned char *hash = malloc(sizeof(unsigned char) * hashlen);
-
-    ret = mbedtls_md_finish(&md_ctx, hash);
-    if (ret != 0)
-        goto ret;
-
-    mbedtls_md_free(&md_ctx);
-
     // printf("signaturelen: %lu\n", *signaturelen);
     // for(int i = 0; i < *signaturelen; i++)
     // {
@@ -370,7 +350,7 @@ int atchops_rsa_sign(atchops_rsa2048_privatekey privatekeystruct, atchops_md_typ
     }
 }
 
-int atchops_rsa_encrypt(atchops_rsa2048_publickey publickeystruct, const char *plaintext, const size_t plaintextlen, char **ciphertext, size_t *ciphertextolen)
+int atchops_rsa_encrypt(atchops_rsa_publickey publickeystruct, const char *plaintext, const size_t plaintextlen, char **ciphertext, size_t *ciphertextolen)
 {
     int ret = 1;
 
@@ -452,7 +432,7 @@ int atchops_rsa_encrypt(atchops_rsa2048_publickey publickeystruct, const char *p
 
 }
 
-int atchops_rsa_decrypt(atchops_rsa2048_privatekey privatekeystruct, const char *ciphertextbase64encoded, const size_t ciphertextbase64encodedlen, char **plaintext, size_t *plaintextolen)
+int atchops_rsa_decrypt(atchops_rsa_privatekey privatekeystruct, const char *ciphertextbase64encoded, const size_t ciphertextbase64encodedlen, char **plaintext, size_t *plaintextolen)
 {
     int ret = 1;
 

src/at_chops/sha.c

@@ -0,0 +1,43 @@
+#include <stdlib.h>
+#include <mbedtls/md.h>
+#include <mbedtls/md5.h>
+#include "at_chops/sha.h"
+
+int atchops_sha_hash(const char *input, size_t inputlen, unsigned char **output, atchops_md_type mdtype)
+{
+    int ret = 1;
+
+    mbedtls_md_context_t md_ctx;
+    mbedtls_md_init(&md_ctx);
+
+    mbedtls_md_type_t md_type = mdtype; // TODO dynamic
+
+    ret = mbedtls_md_setup(&md_ctx, mbedtls_md_info_from_type(md_type), 0);
+    if (ret != 0)
+        goto ret;
+
+    ret = mbedtls_md_starts(&md_ctx);
+    if (ret != 0)
+        goto ret;
+
+    ret = mbedtls_md_update(&md_ctx, input, inputlen);
+    if (ret != 0)
+        goto ret;
+
+    const size_t hashlen = mbedtls_md_get_size(mbedtls_md_info_from_type(md_type));
+    // printf("hashlen: %lu\n", hashlen);
+    unsigned char *hash = malloc(sizeof(unsigned char) * hashlen);
+
+    *output = hash;
+
+    ret = mbedtls_md_finish(&md_ctx, hash);
+    if (ret != 0)
+        goto ret;
+
+    mbedtls_md_free(&md_ctx);
+
+    goto ret;
+    ret: {
+        return ret;
+    }
+}

test/test_rsa.c

@@ -11,7 +11,7 @@ int main()
     // const unsigned char *privatekeybase64 = "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCy64Pzy9ZDdm6e96z3DmjektD7sKUo40Ax+1VD12Ksm3pUPTGDkM3Nf4Sp2ATcy6ZbCRHSEWtx7dPfC/H1p7yS9KOVLtAmx8aT0SNiT+WGsclshI/n/XP+jCjxrpYwf4ntgX2i6p6hlo/ZiW8i3+Ayyhw8uYuVMUyMHv70EaoTN0+N5QF9l74LkLYL7cXyfZayDPTZJxbLF2WEoQz4ZWJhgFk40EeBw03jiLg/T0hw1gbS0z97HhZs/QPtTaDR9EJYq27eZagRFZ6em7esrjjTpmGaTJmtZjEomV6o/EOtdvImRe1tViI22DWGAKi87BBGXR5Zr3xoRXPSypHLqLsNAgMBAAECggEAatzd//QEMmD/KzVU+m6B1kYsSde0nZo1kmTCBXYUenGWe8/cze7j7NQ4AVWDefiskHz3Rteeq/pXbEXvK0EXEVLKjWTbb/4sLcdg8ew0c+GmI4l9hhtMd4FxRwB2tdrHH7MSvgaR3oNVwaEjXtoGR2+Ns/tCUkaSqLIupsoSIc0Mj07Teq7SZvAe++oMyNgkyArR509oSG0GQFQp706VgLaUVrvtlMEXvtGB0pcn/y1Axz/l9VvYpojYp7MqSwVU6R4GWxjrn4JXCVQrh48VmuJS83i2oqFgbAXD2KyNjjkoW3Z26uhfJ0qgN2PeQgMYH06gNhfEYOAGTI8HgtfChQKBgQDc7xIYG0IchAX/0lds4yUXRRF9wEjZmsvaf6LZPEs97/z11cAbTp41zlppCqpGL0md/lTwFVwsmGuZNob999sGKi7A6mM2sBj+QiBoHACvl2e167O72eFYqyXtJwDH5XOA5JMHbc6GJpSeVE29UnIgq1czgp3DtapQRX3BOPMRYwKBgQDPUVjZJERK5N9ccs59gjyKiu6e60m42AVjpvaCWbqPSZXTEhGM8X9OJNsdZufRoMi6tYctXGthiB4HOoV1E5ACvJxgWpOTmbqqbBDA5pQPrJ4eRdigHjGnrAWdsJ+3smMbhk/6Ai00gmqwz8rv7eyGSY+dwOem/vPoJOrlRFFkzwKBgH+IhbJiscQSNgBZpFvXtwZ6uUEU6Tir0bccbJ3n3ysuyKAENnPM6yj2KFxwaqA/FcjdEpzQR7f6eEomHsCl/cnOOdTkuEbOWm8TLu/KEl9KD/UEzWjHufxcN3VxSVMa0ZT63SCxs0DfLnVDBukdmYHgRmMWqAlcaacSpigOvskvAoGADVikSp5OEzA2vOHbLzNCKH0XLX3iKhcmCatG9U9Hdk/7aDIilRs64dH3lSX5yIH8SiDDigUIGKhFnpuC2e2feL2hp4ZNN9ROswfv8Csn3vZy22oNrwkikzO8zNEBBzdhr/Tukx6uwFGhAq7t1pJPhrmXmEVB5HtHQmuV/5ptTvsCgYA5d5L3hO3+1Na4C6xj8luQXFhkSLNe0rwoe16OLjcyzcnhlb2KKA8rORGP28s1JcCL4Htasf0YzCkOJ/jR28GzX/0qvWu0hBSilV2mCAqwQ1fvZx0L4quJznkAhJPMZ+oag8o1LlQiJGgnhsIMbDLZApKh3NuYlTmdqo20FfkZkg==";
     // size_t privatekeybase64len = strlen(privatekeybase64);
 
-    // atchops_rsa2048_privatekey *privatekeystruct;
+    // atchops_rsa_privatekey *privatekeystruct;
     // atchops_rsa2048_privatekey_init(&privatekeystruct);
 
     // ret = atchops_rsa_populate_privatekey(privatekeybase64, privatekeybase64len, privatekeystruct);
@@ -47,7 +47,7 @@ int main()
 
     // size_t publickeybase64len = strlen(publickeybase64);
 
-    // atchops_rsa2048_publickey *publickeystruct;
+    // atchops_rsa_publickey *publickeystruct;
     // atchops_rsa2048_publickey_init(&publickeystruct);
 
     // ret = atchops_rsa_populate_publickey(publickeybase64, publickeybase64len, publickeystruct);

test/test_rsadecrypt.c

@@ -10,7 +10,7 @@
 int main()
 {
     int ret = 1;
-    atchops_rsa2048_privatekey privatekeystruct;
+    atchops_rsa_privatekey privatekeystruct;
 
     const size_t privatekeylen = strlen(PRIVATEKEYBASE64);
     const char *privatekey = PRIVATEKEYBASE64;

test/test_rsaencrypt.c

@@ -19,7 +19,7 @@ int main()
     const char *plaintext = PLAINTEXT;
     const size_t plaintextlen = strlen(plaintext);
 
-    atchops_rsa2048_publickey publickeystruct;
+    atchops_rsa_publickey publickeystruct;
 
     // printf("populating public key struct..\n");
     ret = atchops_rsa_populate_publickey(publickey, publickeylen, &publickeystruct);
@@ -36,7 +36,7 @@ int main()
     if(ret != 0)
         goto ret;
 
-    printf("ciphertext (base64 encoded): %s\n", ciphertext);
+    // printf("ciphertext (base64 encoded): %s\n", ciphertext);
     // printx(ciphertext, *ciphertextolen);
 
     goto ret;

test/test_rsaprivatepopulate.c

@@ -12,7 +12,7 @@ int main()
     const size_t privatekeybase64len = strlen(PRIVATE_KEY_BASE64);
     const unsigned char *privatekeybase64 = PRIVATE_KEY_BASE64;
 
-    atchops_rsa2048_privatekey privatekeystruct;
+    atchops_rsa_privatekey privatekeystruct;
     ret = atchops_rsa_populate_privatekey(privatekeybase64, privatekeybase64len, &privatekeystruct);
     if (ret != 0)
     {

test/test_rsapublicpopulate.c

@@ -13,7 +13,7 @@ int main()
     size_t publickeybase64len = strlen(PUBLIC_KEY_BASE64);
     const unsigned char *publickeybase64 = PUBLIC_KEY_BASE64;
 
-    atchops_rsa2048_publickey publickeystruct;
+    atchops_rsa_publickey publickeystruct;
     ret = atchops_rsa_populate_publickey(publickeybase64, publickeybase64len, &publickeystruct);
     if (ret != 0)
     {

test/test_rsasign.c

@@ -18,19 +18,19 @@ int main()
     size_t privatekeybase64len = strlen(PRIVATE_KEY_BASE64);
     const unsigned char *privatekeybase64 = PRIVATE_KEY_BASE64;
 
-    atchops_rsa2048_privatekey privatekeystruct;
+    atchops_rsa_privatekey privatekeystruct;
     ret = atchops_rsa_populate_privatekey(privatekeybase64, privatekeybase64len, &privatekeystruct);
     if (ret != 0)
         goto ret;
-    
+
     size_t *signaturelen = malloc(sizeof(size_t));
     unsigned char *signature = malloc(sizeof(unsigned char) * SIGNATURE_BUFFER_LEN);
 
     const unsigned char *message = MESSAGE;
     const size_t messagelen = strlen(message);
 
     ret = atchops_rsa_sign(privatekeystruct, ATCHOPS_MD_SHA256, &signature, signaturelen, message, messagelen);
-    if(ret != 0) 
+    if(ret != 0)
         goto ret;
 
     ret = strncmp(signature, "AwsKWNqRHiCtdNJ0U5GXZ1H5obptEWVR1+A1kPhot4cdLfmulvBVXRaBIrP+jd2TSP2J/KNAgv2BDLH7DXUibdTnzJaKm/QKAjpwpuShnV6Y9KSWTnomBw9x9OWDkVrBzSo5rOFpHHOTZJhp4ygStKEzZDa108g8uP5PpkfzntO2eIVEOdMHoL9/yAkuYJcz+VmCH+1AJtCdeKfhjfmlk0bP72fwsait6pA3TW0iEll9ptZmlLjNtCTi982h1yNprh+XtrjMz7ClbJChQf3LLHiJMZ+7r4yKTrehdBVfxQoNNw9r2D7TBRaY8bXYwMombMHRuu0oVbqNU1jEs60NGQ==", *signaturelen);