From c5ff6b32157dceafb4fced9b5a3fc391047acd04 Mon Sep 17 00:00:00 2001
From: Jon Burgess <jburgess777@gmail.com>
Date: Sat, 13 Sep 2014 16:08:08 +0100
Subject: [PATCH 1/5] Report error if environment variables are not set. Fix
 typo and add newline to existing messages.

---
 lib/main.c | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/lib/main.c b/lib/main.c
index d4d7bdf..1206d9d 100644
--- a/lib/main.c
+++ b/lib/main.c
@@ -17,7 +17,7 @@ int char2int(uint8_t input)
 int main(int argc, char *argv[])
 {
     if (argc < 2) {
-        std::cerr << "Define mode: sign | verify | create";
+        std::cerr << "Define mode: sign | verify | create\n";
         return 1;
     }
 
@@ -49,7 +49,12 @@ int main(int argc, char *argv[])
 
 
     if (mode.compare("sign") == 0) {
-        std::string privateKeyAsHex(getenv("EMF_PRIVATE_KEY"));
+        char *private_key = getenv("EMF_PRIVATE_KEY");
+        if (!private_key) {
+          std::cerr << "Must set EMF_PRIVATE_KEY environment variable for signing\n";
+          return 1;
+        }
+        std::string privateKeyAsHex(private_key);
         for (int i=0; i<uECC_BYTES; i++) {
             l_private[i] = char2int(privateKeyAsHex[i * 2]) * 16 + char2int(privateKeyAsHex[i * 2 + 1]);
         }
@@ -90,7 +95,12 @@ int main(int argc, char *argv[])
     }
 
     if (mode.compare("verify") == 0) {
-        std::string publicKeyInHex(getenv("EMF_PUBLIC_KEY"));
+        char *public_key = getenv("EMF_PUBLIC_KEY");
+        if (!public_key) {
+          std::cerr << "Must set EMF_PUBLIC_KEY environment variable for verify\n";
+          return 1;
+        }
+        std::string publicKeyInHex(public_key);
         for (int i=0; i<uECC_BYTES * 2; i++) {
             l_public[i] = char2int(publicKeyInHex[i * 2]) * 16 + char2int(publicKeyInHex[i * 2 + 1]);
         }
@@ -127,6 +137,6 @@ int main(int argc, char *argv[])
         }
     }
 
-    std::cerr << "Onvalid mode: sign | verify";
+    std::cerr << "Invalid mode: sign | verify | create\n";
     return 1;
-}
\ No newline at end of file
+}

From 49d64b6cb9c37f27545fc6a92f4a2d88e49719ae Mon Sep 17 00:00:00 2001
From: Jon Burgess <jburgess777@gmail.com>
Date: Sat, 13 Sep 2014 16:31:45 +0100
Subject: [PATCH 2/5] Use std::runtime_error() to ensure message is visible
 after error.

---
 lib/main.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/main.c b/lib/main.c
index 1206d9d..cc39d40 100644
--- a/lib/main.c
+++ b/lib/main.c
@@ -2,6 +2,7 @@
 #include "uECC.h"
 #include <string>
 #include <stdlib.h>
+#include <stdexcept>
 
 int char2int(uint8_t input)
 {
@@ -11,7 +12,7 @@ int char2int(uint8_t input)
         return input - 'A' + 10;
     if(input >= 'a' && input <= 'f')
         return input - 'a' + 10;
-    throw "Invalid input string";
+    throw std::runtime_error("Invalid input string");
 }
 
 int main(int argc, char *argv[])

From f5487f4314458936984c10f73b221f223ed40825 Mon Sep 17 00:00:00 2001
From: Jon Burgess <jburgess777@gmail.com>
Date: Sat, 13 Sep 2014 16:35:13 +0100
Subject: [PATCH 3/5] Add simple test script for signer operations

---
 lib/test.sh | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100755 lib/test.sh

diff --git a/lib/test.sh b/lib/test.sh
new file mode 100755
index 0000000..9594848
--- /dev/null
+++ b/lib/test.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Set bash flags to echo commands and automatically exit on error
+trap 'echo "Test failed!"' ERR
+set -ex
+
+# Create a new key pair
+KEYS=keys.txt.$$
+./signer create > $KEYS
+
+# Load the new keys in the environment variables expected by signer
+export EMF_PRIVATE_KEY=`grep -A 1 "PRIVATE:" $KEYS | tail -n 1`
+export EMF_PUBLIC_KEY=`grep -A 1 "PUBLIC:" $KEYS | tail -n 1`
+
+# Generate hash, must be 20 bytes long ASCII hex
+HASH="20140913cafefeedBADC00123456789012345600"
+
+# Sign hash
+SIGNED=`echo $HASH | ./signer sign`
+
+# Check output contains the hash at beginning
+echo $SIGNED | egrep -qi "^$HASH"
+
+# Test valid data, expect 'OK' response
+echo $SIGNED | ./signer verify | grep -q "OK"
+
+# Test corrupted signature, expect 'Invalid' response
+CORRUPT=`echo $SIGNED | sed -e 's/0/f/'`
+echo $CORRUPT | ./signer verify | grep -q "Invalid"
+
+rm $KEYS
+echo "PASS"

From 72a110ddc0a8db1d4ae65310a480c70cfc64bd2f Mon Sep 17 00:00:00 2001
From: Jon Burgess <jburgess777@gmail.com>
Date: Sat, 13 Sep 2014 16:36:34 +0100
Subject: [PATCH 4/5] Add Makefile with the following targets: * signer:  
 build signer executable * test:     check signer operation * all:     
 creates executable and runs test * clean:    removes executables and object
 files * keys.txt: generate a new key pair * keys.sh:  create shell script to
 set generated keys

---
 lib/Makefile | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 lib/Makefile

diff --git a/lib/Makefile b/lib/Makefile
new file mode 100644
index 0000000..b162a70
--- /dev/null
+++ b/lib/Makefile
@@ -0,0 +1,30 @@
+# Tell make to use C++ compiler rule for .c files
+COMPILE.c = $(COMPILE.cc)
+
+CPPFLAGS += -g -Wall -O2
+
+.PHONY: clean all test
+
+all: signer test
+
+main.o uECC.o: uECC.h
+
+signer: main.o uECC.o
+	$(LINK.cc) -o $@ $^
+
+clean:
+	rm -f signer main.o uECC.o
+
+test:
+	./test.sh
+
+keys.txt: signer
+	./signer create > $@
+
+keys.sh: keys.txt
+	( \
+	  echo -n "export EMF_PRIVATE_KEY="; \
+	  echo `grep -A 1 "PRIVATE:" $^ | tail -n 1`; \
+	  echo -n "export EMF_PUBLIC_KEY="; \
+	  echo `grep -A 1 "PUBLIC:" $^ | tail -n 1` \
+	) > $@

From 3812ca6bb47fe321f386fc142623f72edf72ffec Mon Sep 17 00:00:00 2001
From: Jon Burgess <jburgess777@gmail.com>
Date: Sat, 13 Sep 2014 18:07:23 +0100
Subject: [PATCH 5/5] Add help target into makefile to describe the targets,
 this is now the default target. Added new keys.c target to describe how to
 update the public key in the badge firmware.

Removed keys.txt dependency on signer to prevent regeneration
of keys whenever you rebuild the executable.
---
 lib/Makefile | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/lib/Makefile b/lib/Makefile
index b162a70..83f624e 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -3,7 +3,17 @@ COMPILE.c = $(COMPILE.cc)
 
 CPPFLAGS += -g -Wall -O2
 
-.PHONY: clean all test
+.PHONY: clean all test help
+
+help:
+	@echo "This Makefile supports the following targets:"
+	@echo "    * signer   build signer executable"
+	@echo "    * test     check signer operation"
+	@echo "    * all      creates executable and runs test"
+	@echo "    * clean    removes executable and object files"
+	@echo "    * keys.txt generate a new key pair"
+	@echo "    * keys.sh  create shell script to set generated keys when running MCP"
+	@echo "    * keys.c   generate C code for adding new public key into Tilda firmware"
 
 all: signer test
 
@@ -18,13 +28,28 @@ clean:
 test:
 	./test.sh
 
-keys.txt: signer
+keys.txt:
 	./signer create > $@
 
 keys.sh: keys.txt
 	( \
+	  echo "# To generate radio messages signed with your key pair you must"; \
+	  echo "# set these environment variables before running the MCP"; \
 	  echo -n "export EMF_PRIVATE_KEY="; \
 	  echo `grep -A 1 "PRIVATE:" $^ | tail -n 1`; \
 	  echo -n "export EMF_PUBLIC_KEY="; \
 	  echo `grep -A 1 "PUBLIC:" $^ | tail -n 1` \
-	) > $@
+	) | tee $@
+
+keys.c: keys.txt
+	( \
+	  echo "# To make your badge trust messages signed by your"; \
+	  echo "# new key pair you must replace the public key in"; \
+	  echo "# EMF2014Config.h with:"; \
+	  echo ""; \
+	  echo "const uint8_t EMF_PUBLIC_KEY[40] = {"; \
+	  grep -A 1 "PUBLIC:" $^ | tail -n 1 | xxd -r -p | xxd -i -c 10; \
+	  echo "};"; \
+	  echo ""; \
+	  echo "# Then rebuild the firmware and download to your badge."; \
+	) | tee $@