Noise handshake working

hexnoise.py

@@ -0,0 +1,82 @@
+#!/usr/bin/env python3
+
+import time
+import string
+
+from cobs import cobs
+
+def _print_line(write, ts, line, width=16):
+    h,m,s,ms = int(ts//3600), int((ts//60)%60), int(ts%60), int((ts%1.0) * 1000)
+    timestamp = f'{h: 3d}:{m:02d}:{s:02d}:{ms:03d}'
+    line = list(line) + [None]*(width-len(line))
+    hexcol = '\033[94m' 
+    col = lambda b, s: s if b != 0 else f'\033[91m{s}{hexcol}'
+    hexfmt = '  '.join(
+            ' '.join(col(b, f'{b:02x}') if b is not None else '  ' for b in line[i*8:i*8+8])
+            for i in range(1 + (len(line)-1)//8))
+    asciifmt = ''.join(chr(c) if c is not None and chr(c) in string.printable else '.' for c in line)
+    write(f'\033[38;5;244m{timestamp}  {hexcol}{hexfmt}  \033[38;5;244m|\033[92m{asciifmt}\033[38;5;244m|\033[0m', flush=True, end='')
+
+startup = time.time()
+
+def hexdump(write, packet, width=16):
+    ts = time.time()
+    while len(packet) > width:
+        chunk, packet = packet[:width], packet[width:]
+        _print_line(write, ts-startup, chunk, width=width)
+        write()
+    _print_line(write, ts-startup, packet, width=width)
+    write()
+
+def send_packet(ser, data, width=16):
+    encoded = cobs.encode(data) + b'\0'
+    print(f'\033[93mSending {len(data)} bytes\033[0m')
+    hexdump(print, encoded, width)
+    ser.write(encoded)
+    ser.flushOutput()
+
+def receive_packet(ser, width=16):
+    packet = ser.read_until(b'\0')
+    data = cobs.decode(packet[:-1])
+    print(f'\033[93mReceived {len(data)} bytes\033[0m')
+    hexdump(print, data, width)
+    return data
+
+if __name__ == '__main__':
+    import argparse
+    import serial
+
+    parser = argparse.ArgumentParser()
+    parser.add_argument('serial')
+    parser.add_argument('baudrate')
+    parser.add_argument('-w', '--width', type=int, default=16, help='Number of bytes to display in one line')
+    args = parser.parse_args()
+
+    ser = serial.Serial(args.serial, args.baudrate)
+
+    from noise.connection import NoiseConnection, Keypair
+
+    STATIC_LOCAL = bytes([
+        0xbb, 0xdb, 0x4c, 0xdb, 0xd3, 0x09, 0xf1, 0xa1,
+        0xf2, 0xe1, 0x45, 0x69, 0x67, 0xfe, 0x28, 0x8c,
+        0xad, 0xd6, 0xf7, 0x12, 0xd6, 0x5d, 0xc7, 0xb7,
+        0x79, 0x3d, 0x5e, 0x63, 0xda, 0x6b, 0x37, 0x5b
+        ])
+
+    proto = NoiseConnection.from_name(b'Noise_XX_25519_ChaChaPoly_BLAKE2s')
+    proto.set_as_initiator()
+    proto.set_keypair_from_private_bytes(Keypair.STATIC, STATIC_LOCAL)
+    proto.start_handshake()
+    print('\033[91mHandshake started\033[0m')
+
+    while True:
+        if proto.handshake_finished:
+            break
+        send_packet(ser, proto.write_message(), args.width)
+
+        if proto.handshake_finished:
+                break
+        proto.read_message(receive_packet(ser, args.width))
+    print('Handshake finished, handshake hash:')
+    hexdump(print, proto.get_handshake_hash(), args.width)
+

src/demo.c

@@ -175,7 +175,7 @@ volatile struct {
 
 struct dma_usart_file usart2_out_s = {
     .usart = USART2,
-    .baudrate = 1000000,
+    .baudrate = 115200,
     .dma = DMA1,
     .stream = 6,
     .channel = 4,
@@ -298,6 +298,8 @@ int main(void)
     cobs_decode_incremental_initialize(&host_cobs_state);
     usart_enable_rx_interrupt(USART2);
     nvic_enable_irq(NVIC_USART2_IRQ);
+    nvic_set_priority(NVIC_USART2_IRQ, 3<<4);
+    nvic_set_priority(debug_out_s.irqn, 1<<4);
 
 	LOG_PRINTF("\n==================================\n");
 	LOG_PRINTF("SecureHID device side initializing\n");
@@ -329,14 +331,9 @@ int main(void)
     if (!handshake)
         LOG_PRINTF("Error starting protocol handshake.\n");
 
-    int i = 0, j = 0;
 	while (23) {
 		usbh_poll(tim6_get_time_us());
 		delay_ms_busy_loop(1); /* approx 1ms interval between usbh_poll() */
-        if (i++ == 1000) {
-            i = 0;
-            LOG_PRINTF("Loop iteration %d\n", 1000*(j++));
-        }
 
         if (handshake) {
 #define MAX_MESSAGE_LEN 256
@@ -364,6 +361,7 @@ int main(void)
                         noise_handshakestate_free(handshake);
                         handshake = NULL;
                     }
+                    host_packet_length = 0; /* Acknowledge to USART ISR the buffer has been handled */
                 }
                 break;
 
@@ -371,7 +369,16 @@ int main(void)
                 if (noise_handshakestate_split(handshake, &tx_cipher, &rx_cipher) != NOISE_ERROR_NONE) {
                     LOG_PRINTF("Error splitting handshake state\n");
                 } else {
-                    LOG_PRINTF("Noise protocol handshake completed successfully\n");
+                    LOG_PRINTF("Noise protocol handshake completed successfully, handshake hash:\n");
+                    uint8_t buf[BLAKE2S_HASH_SIZE];
+                    if (noise_handshakestate_get_handshake_hash(handshake, buf, sizeof(buf)) != NOISE_ERROR_NONE) {
+                        LOG_PRINTF("Error fetching noise handshake state\n");
+                    } else {
+                        LOG_PRINTF("    ");
+                        for (int i=0; i<sizeof(buf); i++)
+                            LOG_PRINTF("%02x ", buf[i]);
+                        LOG_PRINTF("\n");
+                    }
                 }
 
                 noise_handshakestate_free(handshake);

src/rand_stm32.c

@@ -46,8 +46,6 @@
 #include "crypto/noise-c/src/protocol/internal.h"
 #include "crypto/noise-c/src/crypto/blake2/blake2s.h"
 
-#define BLAKE2S_HASH_SIZE 32
-
 /* FIXME persist state in backup sram */
 extern unsigned _ram_start, _ram_end, _rom_start, _rom_end;
 static uint8_t global_stm_rand_state[BLAKE2S_HASH_SIZE];

src/rand_stm32.h

@@ -4,6 +4,8 @@
 #include <stdint.h>
 #include <unistd.h>
 
+#define BLAKE2S_HASH_SIZE 32
+
 void rand_init(void);
 
 #endif