Improve signer keypair generation

lib/Makefile

@@ -0,0 +1,55 @@
+# Tell make to use C++ compiler rule for .c files
+COMPILE.c = $(COMPILE.cc)
+
+CPPFLAGS += -g -Wall -O2
+
+.PHONY: clean all test help
+
+help:
+	@echo "This Makefile supports the following targets:"
+	@echo "    * signer   build signer executable"
+	@echo "    * test     check signer operation"
+	@echo "    * all      creates executable and runs test"
+	@echo "    * clean    removes executable and object files"
+	@echo "    * keys.txt generate a new key pair"
+	@echo "    * keys.sh  create shell script to set generated keys when running MCP"
+	@echo "    * keys.c   generate C code for adding new public key into Tilda firmware"
+
+all: signer test
+
+main.o uECC.o: uECC.h
+
+signer: main.o uECC.o
+	$(LINK.cc) -o $@ $^
+
+clean:
+	rm -f signer main.o uECC.o
+
+test:
+	./test.sh
+
+keys.txt:
+	./signer create > $@
+
+keys.sh: keys.txt
+	( \
+	  echo "# To generate radio messages signed with your key pair you must"; \
+	  echo "# set these environment variables before running the MCP"; \
+	  echo -n "export EMF_PRIVATE_KEY="; \
+	  echo `grep -A 1 "PRIVATE:" $^ | tail -n 1`; \
+	  echo -n "export EMF_PUBLIC_KEY="; \
+	  echo `grep -A 1 "PUBLIC:" $^ | tail -n 1` \
+	) | tee $@
+
+keys.c: keys.txt
+	( \
+	  echo "# To make your badge trust messages signed by your"; \
+	  echo "# new key pair you must replace the public key in"; \
+	  echo "# EMF2014Config.h with:"; \
+	  echo ""; \
+	  echo "const uint8_t EMF_PUBLIC_KEY[40] = {"; \
+	  grep -A 1 "PUBLIC:" $^ | tail -n 1 | xxd -r -p | xxd -i -c 10; \
+	  echo "};"; \
+	  echo ""; \
+	  echo "# Then rebuild the firmware and download to your badge."; \
+	) | tee $@

lib/main.c

@@ -2,6 +2,7 @@
 #include "uECC.h"
 #include <string>
 #include <stdlib.h>
+#include <stdexcept>
 
 int char2int(uint8_t input)
 {
@@ -11,13 +12,13 @@ int char2int(uint8_t input)
         return input - 'A' + 10;
     if(input >= 'a' && input <= 'f')
         return input - 'a' + 10;
-    throw "Invalid input string";
+    throw std::runtime_error("Invalid input string");
 }
 
 int main(int argc, char *argv[])
 {
     if (argc < 2) {
-        std::cerr << "Define mode: sign | verify | create";
+        std::cerr << "Define mode: sign | verify | create\n";
         return 1;
     }
 
@@ -49,7 +50,12 @@ int main(int argc, char *argv[])
 
 
     if (mode.compare("sign") == 0) {
-        std::string privateKeyAsHex(getenv("EMF_PRIVATE_KEY"));
+        char *private_key = getenv("EMF_PRIVATE_KEY");
+        if (!private_key) {
+          std::cerr << "Must set EMF_PRIVATE_KEY environment variable for signing\n";
+          return 1;
+        }
+        std::string privateKeyAsHex(private_key);
         for (int i=0; i<uECC_BYTES; i++) {
             l_private[i] = char2int(privateKeyAsHex[i * 2]) * 16 + char2int(privateKeyAsHex[i * 2 + 1]);
         }
@@ -90,7 +96,12 @@ int main(int argc, char *argv[])
     }
 
     if (mode.compare("verify") == 0) {
-        std::string publicKeyInHex(getenv("EMF_PUBLIC_KEY"));
+        char *public_key = getenv("EMF_PUBLIC_KEY");
+        if (!public_key) {
+          std::cerr << "Must set EMF_PUBLIC_KEY environment variable for verify\n";
+          return 1;
+        }
+        std::string publicKeyInHex(public_key);
         for (int i=0; i<uECC_BYTES * 2; i++) {
             l_public[i] = char2int(publicKeyInHex[i * 2]) * 16 + char2int(publicKeyInHex[i * 2 + 1]);
         }
@@ -127,6 +138,6 @@ int main(int argc, char *argv[])
         }
     }
 
-    std::cerr << "Onvalid mode: sign | verify";
+    std::cerr << "Invalid mode: sign | verify | create\n";
     return 1;
-}
+}

lib/test.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Set bash flags to echo commands and automatically exit on error
+trap 'echo "Test failed!"' ERR
+set -ex
+
+# Create a new key pair
+KEYS=keys.txt.$$
+./signer create > $KEYS
+
+# Load the new keys in the environment variables expected by signer
+export EMF_PRIVATE_KEY=`grep -A 1 "PRIVATE:" $KEYS | tail -n 1`
+export EMF_PUBLIC_KEY=`grep -A 1 "PUBLIC:" $KEYS | tail -n 1`
+
+# Generate hash, must be 20 bytes long ASCII hex
+HASH="20140913cafefeedBADC00123456789012345600"
+
+# Sign hash
+SIGNED=`echo $HASH | ./signer sign`
+
+# Check output contains the hash at beginning
+echo $SIGNED | egrep -qi "^$HASH"
+
+# Test valid data, expect 'OK' response
+echo $SIGNED | ./signer verify | grep -q "OK"
+
+# Test corrupted signature, expect 'Invalid' response
+CORRUPT=`echo $SIGNED | sed -e 's/0/f/'`
+echo $CORRUPT | ./signer verify | grep -q "Invalid"
+
+rm $KEYS
+echo "PASS"