Hi Steve, Before uECC_sign_impl() returns, it converts ECC points from native to big endian byte string( see vli_nativeToBytes) in ecc.c. But, dtls.c expects the output points to be in 32-bit integer format so that it can itself convert it into byte string (via dtls_add_ecdsa_signature_elem method).
The first patch which Dmitriy added attempts to remove the conversion effect of above dtls_add_ecdsa_signature_elem() before sending the data to uECC_verify(). As discussed yesterday, this will work ONLY if Iotivity?s tinyDTLS is talking to Iotivity?s tinyDTLS at other end. We are still working on to have an appropriate change in place where we can be compatible with other external SSL libraries. Thanks Sachin From: Clark, Steve [mailto:[email protected]] Sent: Wednesday, October 07, 2015 5:51 AM To: Agrawal, Sachin <sachin.agrawal at intel.com>; Lankswert, Patrick <patrick.lankswert at intel.com>; ??? <juney at samsung.com>; iotivity-dev at lists.iotivity.org; Kesavan, Vijay S <vijay.s.kesavan at intel.com> Cc: ??? (dongik.lee at samsung.com) <dongik.lee at samsung.com>; Dmitriy Zhuravlev <d.zhuravlev at samsung.com> Subject: RE: [dev] [Pat, Uze, Vijay] IoTivity 1.0.0 release schedule (RC3) Hi Sachin, Below is a little sanity check that I ran to test the proposed patch. The test uses known fixed vectors and checks verify on uECC and hardware implementations (1). Then it checks the output of uECC sign operation (2) forward and reverse for uECC and hardware. Here is the output of the code: Jan 01 00:00:00 DEBG 1. uECC_verify_impl verified Jan 01 00:00:01 DEBG 1. atcatls_verify verified Jan 01 00:00:02 DEBG 2. uECC_verify_impl verified Jan 01 00:00:02 DEBG 2. atcatls_verify verified Jan 01 00:00:03 DEBG 2. uECC_verify_impl reverse not verified Jan 01 00:00:03 DEBG 2. atcatls_verify reverse not verified I know this is a little late to be bringing this up, but I?m not sure the patch is correct. Let me know if anyone can see a mistake in my code or reasoning. --Steve int uECC_sign_impl(const uint8_t p_privateKey[uECC_BYTES], const uint8_t p_hash[uECC_BYTES], uint8_t p_signature[uECC_BYTES*2]); int uECC_verify_impl(const uint8_t p_publicKey[uECC_BYTES*2], const uint8_t p_hash[uECC_BYTES], const uint8_t p_signature[uECC_BYTES*2]); int hal_tests() { uint8_t pubKey1[] = { // X coordinate of the elliptic curve. 0x3C, 0x30, 0x7F, 0x3A, 0x1B, 0x05, 0x96, 0x19, 0x21, 0xEB, 0x35, 0x50, 0x09, 0x1D, 0x1D, 0x48, 0x5C, 0x68, 0xD4, 0xA4, 0x40, 0x21, 0x05, 0x90, 0x21, 0xF6, 0xA7, 0xF2, 0xA4, 0x7F, 0x2B, 0x8E, // X coordinate of the elliptic curve. 0xDD, 0x28, 0x1B, 0x0A, 0xA8, 0xF4, 0x5A, 0xF4, 0xAC, 0xDC, 0x85, 0xD9, 0x9A, 0xD0, 0x34, 0x6B, 0x60, 0xB1, 0x7F, 0xE6, 0xD8, 0x43, 0x26, 0xD9, 0x39, 0x48, 0xC6, 0x34, 0xCF, 0x45, 0xDE, 0x81 }; uint8_t msg1[] = { 0x8C, 0x61, 0x64, 0xCE, 0xFD, 0x38, 0x06, 0x05, 0xF7, 0x29, 0x44, 0xE3, 0xB6, 0x5B, 0x9A, 0x33, 0x34, 0x94, 0x63, 0x2D, 0x2E, 0x16, 0xFD, 0x9E, 0x77, 0x98, 0xF6, 0xF2, 0x67, 0x32, 0xA1, 0x76 }; uint8_t sig1[] = { // R coordinate of the signature. 0xCC, 0x58, 0xBC, 0xB6, 0x7D, 0x8D, 0x82, 0x28, 0x6B, 0xF4, 0x9A, 0x22, 0x88, 0x71, 0x2B, 0x57, 0x99, 0x73, 0x51, 0x56, 0x9E, 0xE6, 0x98, 0x0C, 0x06, 0xCD, 0x70, 0xEB, 0x82, 0xB5, 0x4D, 0x58, // S coordinate of the signature. 0xD1, 0x06, 0xF0, 0xBE, 0xDF, 0xBC, 0x9E, 0x00, 0x3E, 0x56, 0x53, 0xC6, 0x33, 0x6D, 0xFA, 0x9E, 0xB5, 0x3E, 0xC1, 0x7E, 0x37, 0xE6, 0x66, 0xE8, 0x68, 0xCF, 0xB7, 0x7E, 0x49, 0x1E, 0xBA, 0xBB }; uint8_t privKey2[] = { 0x71, 0xF7, 0x9E, 0xC0, 0xB2, 0x40, 0xA9, 0x4F, 0x44, 0x9D, 0x6F, 0xBB, 0xFB, 0x17, 0x2A, 0x03, 0x69, 0x39, 0xD0, 0x4E, 0x9D, 0x2A, 0xAF, 0x7A, 0x15, 0x76, 0x59, 0xB7, 0x3C, 0x71, 0xD3, 0x4F }; uint8_t pubKey2[] = { // X coordinate of the elliptic curve. 0x2C, 0xEB, 0x79, 0x69, 0x52, 0x5B, 0x14, 0x46, 0xD3, 0xF5, 0x69, 0xF1, 0xF9, 0x0A, 0xE3, 0x23, 0xD4, 0x11, 0x07, 0xBF, 0xF4, 0x1F, 0x7E, 0x33, 0x31, 0x03, 0x08, 0x22, 0x8F, 0x9A, 0x14, 0x68, // Y coordinate of the elliptic curve. 0xD2, 0x2F, 0x63, 0xA0, 0x3F, 0x66, 0xEF, 0x0D, 0xA4, 0x03, 0xB6, 0xFE, 0xCD, 0x4C, 0x92, 0x86, 0xAC, 0xBA, 0x1C, 0xF9, 0xB1, 0xF6, 0x33, 0x71, 0x57, 0x54, 0x63, 0x8B, 0x08, 0x1B, 0xDD, 0x60 }; uint8_t sig2[64] = {0}; uint8_t sig2rev[64] = {0}; uint8_t uecc_ret = 0; bool verified = false; ATCA_STATUS status = ATCA_SUCCESS; // Send fixed vectors to uECC_verify uecc_ret = uECC_verify_impl(pubKey1, msg1, sig1); if (uecc_ret == 1) dtls_debug("1. uECC_verify_impl verified\n"); else dtls_debug("1. uECC_verify_impl not verified\n"); // Send fixed vectors to atcatls_verify status = atcatls_verify(msg1, sig1, pubKey1, &verified); if (verified) dtls_debug("1. atcatls_verify verified\n"); else dtls_debug("1. atcatls_verify not verified\n"); // Send msg1 to uECC_sign create sig2 uecc_ret = uECC_sign_impl(privKey2, msg1, sig2); // Send uECC_sign to uECC_verify uecc_ret = uECC_verify_impl(pubKey2, msg1, sig2); if (uecc_ret == 1) dtls_debug("2. uECC_verify_impl verified\n"); else dtls_debug("2. uECC_verify_impl not verified\n"); // Send uECC_sign to atcatls_verify status = atcatls_verify(msg1, sig2, pubKey2, &verified); if (verified) dtls_debug("2. atcatls_verify verified\n"); else dtls_debug("2. atcatls_verify not verified\n"); // Reverse the R&S signature bytes int i; for (i = 0; i < uECC_BYTES; i++) { sig2rev[i] = sig2[31 - i]; sig2rev[i + 32] = sig2[63 - i]; } // Send uECC_sign to uECC_verify uecc_ret = uECC_verify_impl(pubKey2, msg1, sig2rev); if (uecc_ret == 1) dtls_debug("2. uECC_verify_impl reverse verified\n"); else dtls_debug("2. uECC_verify_impl reverse not verified\n"); // Send uECC_sign to atcatls_verify status = atcatls_verify(msg1, sig2rev, pubKey2, &verified); if (verified) dtls_debug("2. atcatls_verify reverse verified\n"); else dtls_debug("2. atcatls_verify reverse not verified\n"); return 0; } From: Agrawal, Sachin [mailto:[email protected]] Sent: Tuesday, October 6, 2015 9:49 PM To: Lankswert, Patrick; ???; iotivity-dev at lists.iotivity.org <mailto:iotivity-dev at lists.iotivity.org> ; Kesavan, Vijay S Cc: ??? (dongik.lee at samsung.com <mailto:dongik.lee at samsung.com> ); Dmitriy Zhuravlev; Clark, Steve Subject: RE: [dev] [Pat, Uze, Vijay] IoTivity 1.0.0 release schedule (RC3) Hi All, We have pushed the patch in 1.0.0-dev branch. Thanks Sachin From: Agrawal, Sachin Sent: Tuesday, October 06, 2015 7:44 PM To: 'Lankswert, Patrick' <patrick.lankswert at intel.com <mailto:patrick.lankswert at intel.com> >; '???' <juney at samsung.com <mailto:juney at samsung.com> >; 'iotivity-dev at lists.iotivity.org' <iotivity-dev at lists.iotivity.org <mailto:iotivity-dev at lists.iotivity.org> >; Kesavan, Vijay S <vijay.s.kesavan at intel.com <mailto:vijay.s.kesavan at intel.com> > Cc: ??? (dongik.lee at samsung.com <mailto:dongik.lee at samsung.com> ) <dongik.lee at samsung.com <mailto:dongik.lee at samsung.com> >; 'Dmitriy Zhuravlev' <d.zhuravlev at samsung.com <mailto:d.zhuravlev at samsung.com> >; Steve Clark (steve.clark at atmel.com <mailto:steve.clark at atmel.com> ) <steve.clark at atmel.com <mailto:steve.clark at atmel.com> > Subject: RE: [dev] [Pat, Uze, Vijay] IoTivity 1.0.0 release schedule (RC3) Hi All, A Jira for the bug is filed here : <https://jira.iotivity.org/browse/IOT-793> https://jira.iotivity.org/browse/IOT-793 A probable Fix has been provided here: https://gerrit.iotivity.org/gerrit/#/c/3653/ I am still waiting for some input from Dmitriy and Dongik. I can merge it in 1.0.0-dev once I get some confirmation from them. Thanks Sachin From: Agrawal, Sachin Sent: Tuesday, October 06, 2015 9:55 AM To: 'Lankswert, Patrick' <patrick.lankswert at intel.com <mailto:patrick.lankswert at intel.com> >; '???' <juney at samsung.com <mailto:juney at samsung.com> >; 'iotivity-dev at lists.iotivity.org' <iotivity-dev at lists.iotivity.org <mailto:iotivity-dev at lists.iotivity.org> >; Kesavan, Vijay S <vijay.s.kesavan at intel.com <mailto:vijay.s.kesavan at intel.com> > Cc: ??? (dongik.lee at samsung.com <mailto:dongik.lee at samsung.com> ) <dongik.lee at samsung.com <mailto:dongik.lee at samsung.com> >; 'Dmitriy Zhuravlev' <d.zhuravlev at samsung.com <mailto:d.zhuravlev at samsung.com> >; Steve Clark (steve.clark at atmel.com <mailto:steve.clark at atmel.com> ) <steve.clark at atmel.com <mailto:steve.clark at atmel.com> > Subject: RE: [dev] [Pat, Uze, Vijay] IoTivity 1.0.0 release schedule (RC3) Hi Pat/June, We have uncovered a issue in our testing which fails the authentication when one of the PKI based cipher-suites is used. We are currently diagnosing and in the process of filing a Jira ticket. We will try to provide an update again as soon as we have some more information. Thanks Sachin From: iotivity-dev-bounces at lists.iotivity.org <mailto:iotivity-dev-bounces at lists.iotivity.org> [mailto:[email protected]] On Behalf Of Lankswert, Patrick Sent: Tuesday, October 06, 2015 8:49 AM To: myeong.jeong at samsung.com <mailto:myeong.jeong at samsung.com> ; ??? <juney at samsung.com <mailto:juney at samsung.com> >; Rahul, Rahul <rahul.rahul at intel.com <mailto:rahul.rahul at intel.com> >; Kourt, Tim A <tim.a.kourt at intel.com <mailto:tim.a.kourt at intel.com> >; Morrow, Joseph L <joseph.l.morrow at intel.com <mailto:joseph.l.morrow at intel.com> >; ??? <sungkyu.ko at samsung.com <mailto:sungkyu.ko at samsung.com> >; ??? <uzchoi at samsung.com <mailto:uzchoi at samsung.com> >; iotivity-dev at lists.iotivity.org <mailto:iotivity-dev at lists.iotivity.org> ; Kesavan, Vijay S <vijay.s.kesavan at intel.com <mailto:vijay.s.kesavan at intel.com> >; ???? <markus.jung at samsung.com <mailto:markus.jung at samsung.com> > Subject: Re: [dev] [Pat, Uze, Vijay] IoTivity 1.0.0 release schedule (RC3) MJ, I reviewed it and it looks simple enough. I am just waiting for build verification. Pat From: MyeongGi Jeong [mailto:[email protected]] Sent: Tuesday, October 06, 2015 5:54 AM To: Lankswert, Patrick; ???; Rahul, Rahul; Kourt, Tim A; Morrow, Joseph L; ???; ???; iotivity-dev at lists.iotivity.org <mailto:iotivity-dev at lists.iotivity.org> ; Kesavan, Vijay S; ???? Subject: Re: RE: [Pat, Uze, Vijay] [dev] IoTivity 1.0.0 release schedule (RC3) Dear Pat, June. I'd like to tell you one thing about CoAP/TCP, one more gerrit review should be applied into 1.0.0-dev branch. https://gerrit.iotivity.org/gerrit/#/c/3579/ One line change by adding enumeration constant. Please review and apply it after build-test. I'm sorry for late reply.... Thanks in advance. Best Regards, --- MyeongGi Jeong Senior Engineer, Software Architect Software R&D Center, Samsung Electronics Co., Ltd. +82-10-3328-1130 ------- Original Message ------- Sender : Lankswert, Patrick<patrick.lankswert at intel.com <mailto:patrick.lankswert at intel.com> > Date : 2015-10-06 11:53 (GMT+09:00) Title : RE: [Pat, Uze, Vijay] [dev] IoTivity 1.0.0 release schedule (RC3) June, I continue to receive bug fixes for master to be cherry picked onto 1.0.0-dev. The biggest delay right now is the build verification. We are backed up by over 150 jobs. Pat From: ???(June Yong Young) [mailto:[email protected]] Sent: Monday, October 05, 2015 8:48 PM To: Rahul, Rahul; Kourt, Tim A; Morrow, Joseph L; Lankswert, Patrick; sungkyu.ko at samsung.com <mailto:sungkyu.ko at samsung.com> ; '???'; iotivity-dev at lists.iotivity.org <mailto:iotivity-dev at lists.iotivity.org> ; Kesavan, Vijay S; ???_??; ?????_ConnectivityTG; ???? Subject: [Pat, Uze, Vijay] [dev] IoTivity 1.0.0 release schedule (RC3) Pat, Uze, Vijay, Could you report the issues that you have on RC3 that is supposed to be released by today. According to the following schedule, if we cannot release RC3 by today, Website open date can be delayed and we need to discuss when it will be. 1.0.0 : ?OIC Spec 1.0 Compliant release? * Type for Release : Major release, Feature Driven, PlugFest #4 * Schedule (6 weeks ahead of QA completion) (cf. Original QA request is 6 weeks ahead of QA start) * 08/28, API freeze & Programmer?s guide freeze * 09/21, Feature complete & Review Complete and make ?1.0.0-RC1? release to QA * 09/25, QA 1st round complete * 09/29, Make ?1.0.0-RC2? release to QA * 10/02, QA 2nd round complete * 10/05, Make ?1.0.0-RC3? release to QA * 10/09, QA 3rd round complete * 10/12, Website Open * 10/27~29, Plug Fest #4 June Yong Young OIC Open Sourece WG Project Planning & Requirement TG Chair IoTivity Release Function Lead Samsung Electronics Co.,Ltd. Software R&D Center, IoT Solution Lab. | Web & Convergence Team Principal Engineer T: +82-31-301-6107, M: +82-10-9530-6107 E-mail :juney at samsung.com ---?? ???--- ??? : Lankswert, Patrick/patrick.lankswert at intel.com <mailto:Patrick/patrick.lankswert at intel.com> ???? : 2015/09/29 14:55 (GMT+09:00) ?? : RE: [dev] IoTivity 1.0.0 release schedule (RC2) June, There have been issues in the ZigBee, RD and other reviews. I can create the RC2 tag but it will not have the code that is currently under review. Pat From: ???(June Yong Young) [ <mailto:juney at samsung.com> mailto:[email protected]] Sent: Friday, September 25, 2015 4:27 AM To: Lankswert, Patrick; <mailto:iotivity-dev at lists.iotivity.org> iotivity-dev at lists.iotivity.org Subject: RE: [dev] IoTivity 1.0.0 release schedule (RC2) Dear IoTivity members, The next 1.0.0-RC2 will be released on 9/28. Please complete RC1 QA testing by 9/25, so that we can release RC2 on time. Vijay, Could you provide the list of the features will be added on RC2 regarding ZigBee? Pat, Korea has Thanks-giving big holiday during 9/26~9/29, so please tag RC2 on 9/28 after Intel feature fixes are completed. I?ll inform you just in case Samsung?s problems will still remain until 9/28. 1.0.0 : ?OIC Spec 1.0 Compliant release? * 08/28, API freeze & Programmer?s guide freeze * 09/21, Feature complete & Review Complete and make ?1.0.0-RC1? release to QA * 09/25, QA 1st round complete * 09/28, Make ?1.0.0-RC2? release to QA * 10/02, QA 2nd round complete * 10/05, Make ?1.0.0-RC3? release to QA * 10/09, QA 3rd round complete * 10/12, Website Open * 10/27~29, Plug Fest #4 June Yong Young OIC Open Sourece WG Project Planning & Requirement TG Chair IoTivity Release Function Lead Samsung Electronics Co.,Ltd. Software R&D Center, IoT Solution Lab. | Web & Convergence Team Principal Engineer T: +82-31-301-6107, M: +82-10-9530-6107 E-mail :juney at samsung.com From: <mailto:iotivity-dev-bounces at lists.iotivity.org> iotivity-dev-bounces at lists.iotivity.org [ <mailto:iotivity-dev-bounces at lists.iotivity.org> mailto:[email protected]] On Behalf Of ???(June Yong Young) Sent: Wednesday, September 16, 2015 2:17 AM To: <mailto:iotivity-dev at lists.iotivity.org> iotivity-dev at lists.iotivity.org Subject: Re: [dev] IoTivity 1.0.0 release schedule Dear IoTivity members The below is IoTivitiy 1.0.0 release schedule that was shared before. Please keep in mind that we have to complete feature implementation and release RC1 by 9/25 for the 1st activitiy. 1.0.0 : ?OIC Spec 1.0 Compliant release? * Type for Release : Major release, Feature Driven, PlugFest #4 * Schedule (6 weeks ahead of QA completion) (cf. Original QA request is 6 weeks ahead of QA start) * 08/28, API freeze & Programmer?s guide freeze * 09/18, Feature complete & Review Complete and make ?1.0.0-RC1? release to QA * 09/25, QA 1st round complete * 09/28, Make ?1.0.0-RC2? release to QA * 10/02, QA 2nd round complete * 10/05, Make ?1.0.0-RC3? release to QA * 10/09, QA 3rd round complete * 10/12, Website Open * 10/27~29, Plug Fest #4 And this is the final conclusion below at the last OIC OSWG F2F meeting regarding the mandatory features that have to be in 1.0.0. ? High priority features to be pushed and released ? * Blockwise transfer in CoAP * CoAP serialization over TCP * TLS support for RA (Conditional ? Depends on availability by 9/18) * Zigbee plugin June Yong Young OIC Open Sourece WG Project Planning & Requirement TG Chair IoTivity Release Function Lead Samsung Electronics Co.,Ltd. Software R&D Center, IoT Solution Lab. | Web & Convergence Team Principal Engineer T: +82-31-301-6107, M: +82-10-9530-6107 E-mail :juney at samsung.com <http://ext.samsung.net/mailcheck/SeenTimeChecker?do=2e7e10ec9ce7fb10467ba8a361a14c230c3fcadcbd9991aa032aa89e99be1a3e88d6974bd2f79a3cb3b9c254041823979dd130b31b023ef15296970253332b3707805447a154a46fcf878f9a26ce15a0> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20151007/2189bf36/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 13168 bytes Desc: not available URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20151007/2189bf36/attachment.gif> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7768 bytes Desc: not available URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20151007/2189bf36/attachment.p7s>
