Archive 07/10/2020.

TP16 et signature

pat29

Bonjour,

Il semblerait avoir un problème de génération de la signature sur une machine connectée au IoT-Lab.

  • Terminal with native app
    jovyan@d5c4d12277ca:~/work/iot-lab-training$ make -C riot/security/signature
    make: Entering directory ‘/home/jovyan/work/iot-lab-training/riot/security/signature’
    Building application “signature” for “native” with MCU “native”.

mkdir -p /home/jovyan/work/iot-lab-training/riot/security/signature/bin/pkg/native
2020-04-14 04:40:34 URL:https://www.dlbeer.co.nz/downloads/c25519-2017-10-05.zip [68419/68419] -> “/home/jovyan/work/iot-lab-training/riot/security/signature/bin/pkg/native/c25519-2017-10-05.zip” [1]
test “dbfb4285837ab2ea3d99c448b22877cc7a139ccbaebb1de367e2bec1fd562fe629b389d86603915448078b8fd7e631c8fc9a7d126eb889a1ba0c17611369b190 /home/jovyan/work/iot-lab-training/riot/security/signature/bin/pkg/native/c25519-2017-10-05.zip” = “$(sha512sum “/home/jovyan/work/iot-lab-training/riot/security/signature/bin/pkg/native/c25519-2017-10-05.zip”)”
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/pkg/c25519
“make” -C /home/jovyan/work/iot-lab-training/riot/security/signature/bin/pkg/native/c25519/src -f /home/jovyan/work/iot-lab-training/riot/RIOT/pkg/c25519/Makefile.c25519
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/boards/native
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/boards/native/drivers
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/core
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/cpu/native
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/cpu/native/periph
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/cpu/native/stdio_native
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/cpu/native/vfs
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/drivers
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/drivers/periph_common
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys/auto_init
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys/fmt
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys/luid
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys/random
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys/random/tinymt32
“make” -C /home/jovyan/work/iot-lab-training/riot/RIOT/sys/shell
text data bss dec hex filename
43730 656 47952 92338 168b2 /home/jovyan/work/iot-lab-training/riot/security/signature/bin/native/signature.elf
make: Leaving directory ‘/home/jovyan/work/iot-lab-training/riot/security/signature’
jovyan@d5c4d12277ca:~/work/iot-lab-training$ make -C riot/security/signature termmake: Entering directory ‘/home/jovyan/work/iot-lab-training/riot/security/signature’
/home/jovyan/work/iot-lab-training/riot/security/signature/bin/native/signature.elf
RIOT native interrupts/signals initialized.
LED_RED_OFF
LED_GREEN_ON
RIOT native board initialized.
RIOT native hardware initialization complete.

main(): This is RIOT! (Version: 2020.01)

help
help
Command Description

key Generate a new pair of keys
sign Compute the signature of a message
verify Verify the signature of a message

key
key
New keypair generated:

  • Secret: E002F870F121D3605A8D54709BCE4D32936C14F50D9F51867A6062DF2E6C0249
  • Public: 93F6592CC893E1DDF549225603E20B5B9038C9DC1830102546AAC9521968AC55

sign riot
sign riot
0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
verify riot
verify riot
usage: verify
verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
Message verified
verify rito 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
verify rito 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
Message not verified

Semble OK

  • Terminal on harware IoT-LAB
    jovyan@d5c4d12277ca:~/work/iot-lab-training$ make BOARD=iotlab-m3 IOTLAB_NODE=auto-ssh -C riot/security/signature term
    make: Entering directory ‘/home/jovyan/work/iot-lab-training/riot/security/signature’
    ssh -t funff21b44aa7@lille.iot-lab.info ‘socat - tcp:m3-100.lille.iot-lab.info:20000’
    help
    help
    Command Description

key Generate a new pair of keys
sign Compute the signature of a message
verify Verify the signature of a message

key
key
New keypair generated:

  • Secret: E002F870F121D3605A8D54709BCE4D32936C14F50D9F51867A6062DF2E6C0249
  • Public: 93F6592CC893E1DDF549225603E20B5B9038C9DC1830102546AAC9521968AC55

sign riot
sign riot
0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE6048>

verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE6048
verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE6048
Message not verified
sign riot
sign riot
0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB50429

verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB50429
verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB50429
Message not verified
verify rito 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB50429
verify rito 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB50429
Message not verified

Pourtant, les clés sont identiques mais le message n’est par vérifié.
En utilisant la signature de la native app, c’est fonctionnel:

verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
verify riot 0BC26A14A5AF5763A3F43B58AE965985657D5BF24A1A764E8BB0F5EA0236BB969D5E2B5FD42B56AD27DB54097AE60488637CB3F8AB504299AC1CF8D284534002
Message verified

D’avance merci pour vos réponses

aabadie2

Bonjour,

En effet, j’arrive à reproduire cette erreur. Il semble que le problème vienne de la ligne static char signature_hex[EDSIGN_SIGNATURE_SIZE * 2] = { 0 }; qui devrait en fait être static char signature_hex[EDSIGN_SIGNATURE_SIZE * 2 + 1] = { 0 };
Le printf de la signature prend toute cette chaine de caractère mais il manque le caractère nul de fin de chaine, c’est pourquoi il faut ajouter +1.

Est-ce que vous pouvez tester avec modification ? Chez moi, ça fonctionne parfaitement avec ça.

Merci.

pat29

Bonjour,
Merci pour votre réponse.
Avec votre correction, c’est fonctionnel

chrisdg

Cela montre qu’un programme qui “marche” en “native” peut ne pas marcher sur un matériel contraint. En fait, il ne marche pas !

asibler

Bonjour,
J’ai eu le même problème.
La modification de la taille du buffer a réglé le problème.
Ce qui est curieux : la longueur de l’empreinte était très variable pour différents essais de la même chaîne d’entrée
Cordialement

aabadie2

Bonjour,

Comme il manquait le caractère null de fin de chaine, la fonction printf peu avoir un comportement in défini.
Il ne faut donc pas trop prendre en compte les chaines qui étaient affichées avant d’avoir appliqué le correctif.