From 34bb4b35076531d6d5bb7ed05db53281a30f7fce Mon Sep 17 00:00:00 2001 From: Michael Preisach Date: Sat, 12 Sep 2020 20:09:58 +0200 Subject: [PATCH] updated member, testing of new functions needed --- issuer.c | 4 +- issuer.h | 4 +- member.c | 302 +++++++++++++++++++++++++++++++++++-------------------- member.h | 6 +- tags | 16 +-- 5 files changed, 210 insertions(+), 122 deletions(-) diff --git a/issuer.c b/issuer.c index 2495013..3103d9a 100644 --- a/issuer.c +++ b/issuer.c @@ -228,8 +228,8 @@ int issuer_setup() { printf("issuer_setup: Error generating issuer key-pair\n"); return -1; } - if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &ipk) || - 0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &isk)) { + if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &issuer.ipk) || + 0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &issuer.isk)) { printf("issuer_setup: Error saving key-pair to disk\n"); return -1; } diff --git a/issuer.h b/issuer.h index 451ac4c..71abf10 100644 --- a/issuer.h +++ b/issuer.h @@ -10,7 +10,7 @@ #include "common.h" int process_issuer(char *buffer); -const char* issuer_public_key_file = "ipk.bin" -const char* issuer_secret_key_file = "isk.bin" +const char* issuer_public_key_file = "ipk.bin"; +const char* issuer_secret_key_file = "isk.bin"; #endif //ECDAA_ISSUER_ISSUER_H diff --git a/member.c b/member.c index 9d8f211..f85c804 100644 --- a/member.c +++ b/member.c @@ -22,127 +22,136 @@ typedef struct member { } member_t; member_t member; - +uint8_t msg[MAX_MSGSIZE]; +size_t msg_len; int member_join(char *buffer); int member_attest(char *buffer); int member_publish(char *buffer); -int member_getpublic(char *buffer); +/* int member_getpublic(char *buffer); */ int member_joinappend(char *buffer); int member_joinfinish(char *buffer); -int main() { - - if (2 != server_start(&process_member, MEMBERPORT)) { - printf("server failed\n"); - } - return 0; -} - -int process_member(char *buffer) { - int ret = 0; - - bzero(member.bsn, MAX_BSNSIZE); - strncpy((char *) member.bsn, "Biometric Sensor", 16); - member.bsn_len = 16; - - printf("> MEMBER: %s\n", buffer); - - if (member.state == JOINED && 0 == strncasecmp("ATTEST", buffer, 6)) { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "ATTEST ", 7); - member_attest(buffer); - } else if (member.state == ON && 0 == strncasecmp("GETPUBLIC", buffer, 9)) { - bzero(buffer, MAX_BUFSIZE); - ret = client_connect(&member_getpublic, ISSUERIP, ISSUERPORT); - if (0 >= ret || RCVPUBLIC != member.state) { - printf("process_member: issuer connection failed\n"); - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "ERR\n", 4); - } else { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "OK\n", 3); - } - ret = 0; - } else if (0 == strncasecmp("PUBLISH", buffer, 7)) { - bzero(buffer, MAX_BUFSIZE); - member_publish(buffer); - } else if (member.state == RCVPUBLIC && 0 == strncasecmp("JOIN", buffer, 4)) { - member.state = JOIN; - ret = client_connect(&member_join, ISSUERIP, ISSUERPORT); - if (0 >= ret || JOINED != member.state) { - printf("process_member: issuer connection failed\n"); - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "ERR\n", 4); - } else { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "OK\n", 3); - } - ret = 0; - } else if (0 == strncasecmp("EXIT", buffer, 4)) { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "OK\n", 3); - ret = 1; - } else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "OK\n", 3); - ret = 2; - } else { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "ERR\n", 4); - ret = 0; - } - - printf("< MEMBER: %s\n", buffer); - return ret; -} - -int member_join(char *buffer) { +int main(int argc, char **argv) { + char buffer[MAX_BUFSIZE]; + char *remote_ip = argv[2]; int ret = 0; - - switch (member.state) { - case JOIN: - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "JOIN\n", 5); - member.state = APPEND; - break; - case APPEND: - if (0 == strncasecmp("JOINSTART", buffer, 9)) { - printf("ISSUER > MEMBER: %s", buffer); - member_joinappend(buffer); - member.state = JOINPROCEED; - } else { - printf("member_join: did not get nonce from issuer\n"); - member.state = RCVPUBLIC; - ret = -1; + switch(argc) { + case 2: + if( 0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) { + member.state = ON; + ret = client_connect(&member_join, remote_ip, ISSUERPORT); + if (0 >= ret || JOINED != member.state) { + printf("Join process failed!\n"); + return 1; + } else { + printf("Join process was successful\n"); + } } break; - case JOINPROCEED: - if (0 == strncasecmp("JOINPROCEED", buffer, 11)) { - printf("ISSUER > MEMBER: %s", buffer); - member_joinfinish(buffer); - member.state = JOINED; - ret = 1; - } else { - printf("member_getpublic: did not get credentials from issuer\n"); - member.state = RCVPUBLIC; - ret = -1; + case 3: + if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { + char *msgfile = argv[3]; + FILE *fileptr = fopen(msgfile, "rb"); + if (0 == fileptr) { + printf("Could not open message file %s\n", msgfile); + return 1; + } + size_t bytes_read = fread(msg, 1, MAX_MSGSIZE, fileptr); + if (bytes_to_read != bytes_read && !feof(file_ptr)) { + printf("Error reading message file"); + fclose(fileptr); + return 1; + } + if (0 != fclose(fileptr)) { + printf("Error closing message file"); + return 1; + } + if (0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) || + 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file) || + 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { + printf("Could not import key files. importing from %s, %s or %s was not successful\n", member_secret_key_file, member_public_key_file, member_credential_file); + return 1; + } + member.state = JOINED + ret = client_connect(&member_attest, remote_ip, VERIFIERPORT); + if (0 >= ret || JOINED != member.state) { + printf("connection to verifier failed\n"); + } } break; default: - ret = -1; - } - if (0 == ret) { - printf("ISSUER < MEMBER: %s", buffer); - } - return ret; + printf("Usage: \n Join an issuer's group: %s --join \n", argv[0]); + printf("Send a signed message to the verifier: %s --send \n", argv[0]); + printf("Before sending a DAA-signed message, the member must join a DAA group\n", argv[0]); + break; + return 0; } -int member_getpublic(char *buffer) { +/* int process_member(char *buffer) { */ +/* int ret = 0; */ +/* char remote_ip[16]; */ + +/* bzero(member.bsn, MAX_BSNSIZE); */ +/* strncpy((char *) member.bsn, "Biometric Sensor", 16); */ +/* member.bsn_len = 16; */ + +/* printf("> MEMBER: %s\n", buffer); */ + +/* if (member.state == JOINED && 0 == strncasecmp("ATTEST", buffer, 6)) { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "ATTEST ", 7); */ +/* member_attest(buffer); */ +/* } else if (member.state == ON && 0 == strncasecmp("GETPUBLIC", buffer, 9)) { */ +/* strncpy(remote_ip, buffer[10], 15); */ +/* ret = client_connect(&member_getpublic, remote_ip, ISSUERPORT); */ +/* if (0 >= ret || RCVPUBLIC != member.state) { */ +/* printf("process_member: issuer connection failed\n"); */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "ERR\n", 4); */ +/* } else { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "OK\n", 3); */ +/* } */ +/* ret = 0; */ +/* } else if (0 == strncasecmp("PUBLISH", buffer, 7)) { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* member_publish(buffer); */ +/* } else if (member.state == RCVPUBLIC && 0 == strncasecmp("JOIN", buffer, 4)) { */ +/* member.state = JOIN; */ +/* ret = client_connect(&member_join, ISSUERIP, ISSUERPORT); */ +/* if (0 >= ret || JOINED != member.state) { */ +/* printf("process_member: issuer connection failed\n"); */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "ERR\n", 4); */ +/* } else { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "OK\n", 3); */ +/* } */ +/* ret = 0; */ +/* } else if (0 == strncasecmp("EXIT", buffer, 4)) { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "OK\n", 3); */ +/* ret = 1; */ +/* } else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "OK\n", 3); */ +/* ret = 2; */ +/* } else { */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "ERR\n", 4); */ +/* ret = 0; */ +/* } */ + +/* printf("< MEMBER: %s\n", buffer); */ +/* return ret; */ +/* } */ + +int member_join(char *buffer) { int ret = 0; switch (member.state) { @@ -165,8 +174,7 @@ int member_getpublic(char *buffer) { printf("member_getpublic: signature of issuer public key is invalid\n"); ret = -1; } else { - member.state = RCVPUBLIC; - ret = 1; + member.state = JOIN; } } else { printf("member_getpublic: did not get public key from issuer\n"); @@ -174,11 +182,36 @@ int member_getpublic(char *buffer) { ret = -1; } break; + case JOIN: + bzero(buffer, MAX_BUFSIZE); + strncpy(buffer, "JOIN\n", 5); + member.state = APPEND; + break; + case APPEND: + if (0 == strncasecmp("JOINSTART", buffer, 9)) { + printf("ISSUER > MEMBER: %s", buffer); + member_joinappend(buffer); + member.state = JOINPROCEED; + } else { + printf("member_join: did not get nonce from issuer\n"); + member.state = RCVPUBLIC; + ret = -1; + } + break; + case JOINPROCEED: + if (0 == strncasecmp("JOINPROCEED", buffer, 11)) { + printf("ISSUER > MEMBER: %s", buffer); + member_joinfinish(buffer); + member.state = JOINED; + ret = 1; + } else { + printf("member_getpublic: did not get credentials from issuer\n"); + member.state = RCVPUBLIC; + ret = -1; + } + break; default: - printf("member_getpublic: did not get public key from issuer\n"); - member.state = ON; ret = -1; - break; } if (0 == ret) { printf("ISSUER < MEMBER: %s", buffer); @@ -186,12 +219,56 @@ int member_getpublic(char *buffer) { return ret; } +/* int member_getpublic(char *buffer) { */ +/* int ret = 0; */ + +/* switch (member.state) { */ +/* case ON: */ +/* bzero(buffer, MAX_BUFSIZE); */ +/* strncpy(buffer, "PUBLISH\n", 8); */ +/* member.state = ISSUERPUB; */ +/* break; */ +/* case ISSUERPUB: */ +/* if (0 == strncasecmp("PUBLISH", buffer, 7)) { */ +/* printf("ISSUER > MEMBER: %s", buffer); */ +/* uint8_t binbuf[MAX_BUFSIZE]; */ +/* char *current = &buffer[8]; */ +/* ecdaa_hextobin(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH); */ +/* ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf); */ +/* if (-1 == ret) { */ +/* printf("member_getpublic: issuer public key is malformed!\n"); */ +/* ret = -1; */ +/* } else if (-2 == ret) { */ +/* printf("member_getpublic: signature of issuer public key is invalid\n"); */ +/* ret = -1; */ +/* } else { */ +/* member.state = RCVPUBLIC; */ +/* ret = 1; */ +/* } */ +/* } else { */ +/* printf("member_getpublic: did not get public key from issuer\n"); */ +/* member.state = ON; */ +/* ret = -1; */ +/* } */ +/* break; */ +/* default: */ +/* printf("member_getpublic: did not get public key from issuer\n"); */ +/* member.state = ON; */ +/* ret = -1; */ +/* break; */ +/* } */ +/* if (0 == ret) { */ +/* printf("ISSUER < MEMBER: %s", buffer); */ +/* } */ +/* return ret; */ +/* } */ + //"ATTEST" > "ATTEST " int member_attest(char *buffer) { char *current = buffer; uint8_t binbuf[MAX_BUFSIZE]; - uint8_t msg[MAX_MSGSIZE] = "I am the real host"; - size_t msg_len = strlen((char*)msg); + /* uint8_t msg[MAX_MSGSIZE] = "I am the real host"; */ + /* size_t msg_len = strlen((char*)msg); */ uint8_t has_nym = member.bsn_len != 0 ? 1 : 0; struct ecdaa_signature_FP256BN sig; size_t sig_len = has_nym ? ECDAA_SIGNATURE_FP256BN_WITH_NYM_LENGTH : ECDAA_SIGNATURE_FP256BN_LENGTH; @@ -280,6 +357,13 @@ int member_joinfinish(char *buffer) { printf("member_joinfinish: siganture of credential is invalid"); ret = -1; } + printf("member_joinfinish: writing key-pair and credential to disk"); + if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) || + 0 != ecdaa_member_secret_key_FP256BN_serialize_file(member_secret_key_file, &member.msk) || + 0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) { + printf("issuer_setup: Error saving key-pair or credential to disk\n"); + return -1; + } return ret; } diff --git a/member.h b/member.h index 5b78c8f..db9c7d4 100644 --- a/member.h +++ b/member.h @@ -10,6 +10,10 @@ #include "client.h" #include "common.h" -int process_member(char *buffer); +/* int process_member(char *buffer); */ + +const char* member_public_key_file = "mpk.bin"; +const char* member_secret_key_file = "msk.bin"; +const char* member_credential_file = "mcred.bin"; #endif //ECDAA_ISSUER_ISSUER_H diff --git a/tags b/tags index 5673b01..a118493 100644 --- a/tags +++ b/tags @@ -88,29 +88,28 @@ ipk verifier.c /^ struct ecdaa_issuer_public_key_FP256BN ipk;$/;" m struct:ve isk issuer.c /^ struct ecdaa_issuer_secret_key_FP256BN isk;$/;" m struct:issuer typeref:struct:ecdaa_issuer_secret_key_FP256BN file: issuer issuer.c /^issuer_t issuer;$/;" v typeref:typename:issuer_t issuer issuer.c /^typedef struct issuer {$/;" s file: +issuer_public_key_file issuer.h /^const char* issuer_public_key_file = "ipk.bin";$/;" v typeref:typename:const char * +issuer_secret_key_file issuer.h /^const char* issuer_secret_key_file = "isk.bin";$/;" v typeref:typename:const char * issuer_state issuer.c /^typedef enum issuer_state {$/;" g file: issuer_t issuer.c /^} issuer_t;$/;" t typeref:struct:issuer file: issuerstate_e issuer.c /^} issuerstate_e;$/;" t typeref:enum:issuer_state file: main issuer.c /^int main() {$/;" f typeref:typename:int main member-tpm.c /^int main() {$/;" f typeref:typename:int -main member.c /^int main() {$/;" f typeref:typename:int +main member.c /^int main(int argc, char **argv) {$/;" f typeref:typename:int main verifier.c /^int main() {$/;" f typeref:typename:int member member-tpm.c /^member_t member;$/;" v typeref:typename:member_t member member-tpm.c /^typedef struct member {$/;" s file: member member.c /^member_t member;$/;" v typeref:typename:member_t member member.c /^typedef struct member {$/;" s file: member_attest member-tpm.c /^int member_attest(char *buffer) {$/;" f typeref:typename:int -member_attest member.c /^int member_attest(char *buffer) {$/;" f typeref:typename:int +member_credential_file member.h /^const char* member_credential_file = "mcred.bin";$/;" v typeref:typename:const char * member_getpublic member-tpm.c /^int member_getpublic(char *buffer) {$/;" f typeref:typename:int -member_getpublic member.c /^int member_getpublic(char *buffer) {$/;" f typeref:typename:int member_join member-tpm.c /^int member_join(char *buffer) {$/;" f typeref:typename:int -member_join member.c /^int member_join(char *buffer) {$/;" f typeref:typename:int member_joinappend member-tpm.c /^int member_joinappend(char *buffer) {$/;" f typeref:typename:int -member_joinappend member.c /^int member_joinappend(char *buffer) {$/;" f typeref:typename:int member_joinfinish member-tpm.c /^int member_joinfinish(char *buffer) {$/;" f typeref:typename:int -member_joinfinish member.c /^int member_joinfinish(char *buffer) {$/;" f typeref:typename:int +member_public_key_file member.h /^const char* member_public_key_file = "mpk.bin";$/;" v typeref:typename:const char * member_publish member-tpm.c /^int member_publish(char *buffer) {$/;" f typeref:typename:int -member_publish member.c /^int member_publish(char *buffer) {$/;" f typeref:typename:int +member_secret_key_file member.h /^const char* member_secret_key_file = "msk.bin";$/;" v typeref:typename:const char * member_t member-tpm.c /^} member_t;$/;" t typeref:struct:member file: member_t member.c /^} member_t;$/;" t typeref:struct:member file: memberstate member-tpm.c /^typedef enum memberstate {$/;" g file: @@ -120,13 +119,14 @@ memberstate_e member.c /^} memberstate_e;$/;" t typeref:enum:memberstate file: mpk issuer.c /^ struct ecdaa_member_public_key_FP256BN mpk;$/;" m struct:issuer typeref:struct:ecdaa_member_public_key_FP256BN file: mpk member-tpm.c /^ struct ecdaa_member_public_key_FP256BN mpk;$/;" m struct:member typeref:struct:ecdaa_member_public_key_FP256BN file: mpk member.c /^ struct ecdaa_member_public_key_FP256BN mpk;$/;" m struct:member typeref:struct:ecdaa_member_public_key_FP256BN file: +msg member.c /^uint8_t msg[MAX_MSGSIZE];$/;" v typeref:typename:uint8_t[] +msg_len member.c /^size_t msg_len;$/;" v typeref:typename:size_t msk member.c /^ struct ecdaa_member_secret_key_FP256BN msk;$/;" m struct:member typeref:struct:ecdaa_member_secret_key_FP256BN file: nonce issuer.c /^ uint8_t nonce[NONCE_SIZE];$/;" m struct:issuer typeref:typename:uint8_t[] file: nonce member-tpm.c /^ uint8_t nonce[NONCE_SIZE];$/;" m struct:member typeref:typename:uint8_t[] file: nonce member.c /^ uint8_t nonce[NONCE_SIZE];$/;" m struct:member typeref:typename:uint8_t[] file: process_issuer issuer.c /^int process_issuer(char *buffer) {$/;" f typeref:typename:int process_member member-tpm.c /^int process_member(char *buffer) {$/;" f typeref:typename:int -process_member member.c /^int process_member(char *buffer) {$/;" f typeref:typename:int process_verifier verifier.c /^int process_verifier(char *buffer) {$/;" f typeref:typename:int revocations verifier.c /^ struct ecdaa_revocations_FP256BN revocations;$/;" m struct:verifier typeref:struct:ecdaa_revocations_FP256BN file: server_open server.c /^int server_open(int16_t port) {$/;" f typeref:typename:int