From ff32a1052ffefedf7b98f639e9b530b8b345726d Mon Sep 17 00:00:00 2001 From: km Date: Thu, 26 Mar 2026 14:00:02 +0900 Subject: [PATCH] =?UTF-8?q?test=5Fx25519=5Fecdh:=20=E5=AE=9F=E9=9A=9B?= =?UTF-8?q?=E3=81=AE=20SE050=20ECDH=20=E8=A8=88=E7=AE=97=E3=83=86=E3=82=B9?= =?UTF-8?q?=E3=83=88=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Test 5 を実装して、SE050 ハードウェア接続時の実際の ECDH 計算を検証: 実装内容: - I2C HAL 初期化と SE050 接続 - Session/Keystore/RNG の初期化 - Alice と Bob の鍵ペア生成 (se050_x25519_generate_keypair) - Alice: ECDH(Bob_pub, Alice_priv) 計算 - Bob: ECDH(Alice_pub, Bob_priv) 計算 - 共有秘密の一致確認 動作: - SE050 未接続:SKIP (構造テストは Test 3 で完了) - SE050 接続時:実際の ECDH 計算と共有秘密の一致を検証 エラーハンドリング: - I2C 接続失敗: gracefully skip - セッション作成失敗: gracefully skip - 鍵生成失敗: fail - ECDH 計算失敗: fail - 共有秘密不一致: fail テスト結果: - SE050 未接続環境:6/6 PASS (Test 5 は SKIP) - SE050 接続環境:実際の ECDH 計算を検証可能 --- tests/test_x25519_ecdh.c | 132 ++++++++++++++++++++++++++++++++++++--- 1 file changed, 124 insertions(+), 8 deletions(-) diff --git a/tests/test_x25519_ecdh.c b/tests/test_x25519_ecdh.c index a29d4eb..46c39dc 100644 --- a/tests/test_x25519_ecdh.c +++ b/tests/test_x25519_ecdh.c @@ -185,16 +185,132 @@ static int test_rfc7748_vectors(void) return 1; } -/* Test 5: Cross-compatibility */ +/* Test 5: Cross-compatibility with actual SE050 ECDH */ static int test_cross_compatibility(void) { - printf("\n=== Test 5: Cross-Compatibility Check ===\n"); - printf("[INFO] Alice computes: ECDH(Bob_pub, Alice_priv)\n"); - printf("[INFO] Bob computes: ECDH(Alice_pub, Bob_priv)\n"); - printf("[INFO] Both should get same shared secret\n"); - printf("[PASS] Cross-compatibility structure verified\n"); - printf("[INFO] Actual computation requires SE050 hardware\n"); - return 1; + se050_i2c_hal_t hal; + se050_session_ctx_t *session; + se050_keystore_ctx_t *keystore; + se050_rng_ctx_t *rng; + se050_status_t status; + uint8_t shared_secret_alice[32]; + uint8_t shared_secret_bob[32]; + int result = 1; + + printf("\n=== Test 5: Cross-Compatibility Check (SE050 ECDH) ===\n"); + + /* Check if hardware is available */ + printf("[INFO] Attempting to connect to SE050...\n"); + + /* Initialize I2C HAL */ + status = se050_i2c_init(&hal, "/dev/i2c-1", 0x48); + if (status != SE050_OK) { + printf("[SKIP] SE050 not available at /dev/i2c-1 (0x48)\n"); + printf("[INFO] For hardware test, ensure SE050 is connected\n"); + printf("[INFO] Structure verification passed (see Test 3)\n"); + return 1; /* Skip, not fail */ + } + + printf("[INFO] I2C connection established\n"); + + /* Create session */ + status = se050_session_create(&session, &hal); + if (status != SE050_OK) { + printf("[SKIP] Session creation failed (0x%04x)\n", status); + se050_i2c_close(&hal); + return 1; /* Skip, not fail */ + } + printf("[INFO] Session created\n"); + + /* Initialize keystore */ + status = se050_keystore_init(&keystore, session); + if (status != SE050_OK) { + printf("[SKIP] Keystore init failed (0x%04x)\n", status); + se050_session_delete(session); + se050_i2c_close(&hal); + return 1; + } + printf("[INFO] Keystore initialized\n"); + + /* Initialize RNG */ + status = se050_rng_init(&rng, session); + if (status != SE050_OK) { + printf("[SKIP] RNG init failed (0x%04x)\n", status); + se050_keystore_free(keystore); + se050_session_delete(session); + se050_i2c_close(&hal); + return 1; + } + printf("[INFO] RNG initialized\n"); + + /* Generate Alice's keypair */ + se050_x25519_keypair_t keypair_alice; + status = se050_x25519_generate_keypair(keystore, &keypair_alice, 0x1001); + if (status != SE050_OK) { + printf("[SKIP] Alice key generation failed (0x%04x)\n", status); + result = 0; + goto cleanup; + } + printf("[INFO] Alice's keypair generated (ID: 0x1001)\n"); + + /* Generate Bob's keypair */ + se050_x25519_keypair_t keypair_bob; + status = se050_x25519_generate_keypair(keystore, &keypair_bob, 0x1002); + if (status != SE050_OK) { + printf("[SKIP] Bob key generation failed (0x%04x)\n", status); + result = 0; + goto cleanup; + } + printf("[INFO] Bob's keypair generated (ID: 0x1002)\n"); + + /* Alice computes shared secret using Bob's public key */ + printf("[INFO] Alice computing ECDH with Bob's public key...\n"); + status = se050_x25519_compute_shared_secret(keystore, 0x1001, + keypair_bob.public_key, + shared_secret_alice); + if (status != SE050_OK) { + printf("[FAIL] Alice ECDH computation failed (0x%04x)\n", status); + result = 0; + goto cleanup; + } + printf("[INFO] Alice's shared secret computed\n"); + + /* Bob computes shared secret using Alice's public key */ + printf("[INFO] Bob computing ECDH with Alice's public key...\n"); + status = se050_x25519_compute_shared_secret(keystore, 0x1002, + keypair_alice.public_key, + shared_secret_bob); + if (status != SE050_OK) { + printf("[FAIL] Bob ECDH computation failed (0x%04x)\n", status); + result = 0; + goto cleanup; + } + printf("[INFO] Bob's shared secret computed\n"); + + /* Compare shared secrets */ + printf("[INFO] Comparing shared secrets...\n"); + printf("[INFO] Alice's shared secret:\n"); + print_hex(" ", shared_secret_alice, 32); + printf("[INFO] Bob's shared secret:\n"); + print_hex(" ", shared_secret_bob, 32); + + if (!buffers_equal(shared_secret_alice, shared_secret_bob, 32)) { + printf("[FAIL] Shared secrets DO NOT match!\n"); + result = 0; + goto cleanup; + } + + printf("[PASS] Shared secrets match! ECDH successful.\n"); + printf("[INFO] Alice and Bob now share a common secret for WireGuard.\n"); + +cleanup: + /* Cleanup */ + se050_rng_free(rng); + se050_keystore_free(keystore); + se050_session_delete(session); + se050_i2c_close(&hal); + + return result; } /* Test 6: Key material security */