preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

DAA voer network working

master
Michael Preisach 4 years ago
parent
ef4d601f39
commit
4afbd43d89
6 changed files with 138 additions and 126 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      CMakeLists.txt
  2. 15
      issuer.c
  3. 116
      member-tpm.c
  4. 2
      member-tpm.h
  5. 118
      tpm_utils.h
  6. 11
      verifier.c

2
CMakeLists.txt
View File

@ -17,7 +17,7 @@ target_include_directories(ecdaa_member PUBLIC
target_link_libraries(ecdaa_member /usr/lib/x86_64-linux-gnu/libecdaa.so) target_link_libraries(ecdaa_member /usr/lib/x86_64-linux-gnu/libecdaa.so)
target_link_libraries(ecdaa_member /usr/lib/x86_64-linux-gnu/libecdaa-tpm.so) target_link_libraries(ecdaa_member /usr/lib/x86_64-linux-gnu/libecdaa-tpm.so)
add_executable(ecdaa_member_tpm member-tpm.c common.h common.c client.h client.c server.h server.c member-tpm-key.h member-tpm-key.c) add_executable(ecdaa_member_tpm member-tpm.c common.h common.c client.h client.c server.h server.c member-tpm-key.h member-tpm-key.c tpm_utils.h)
target_include_directories(ecdaa_member_tpm PUBLIC target_include_directories(ecdaa_member_tpm PUBLIC
${ECDAA_AMCL} ${ECDAA_AMCL}
) )

15
issuer.c
View File

@ -71,18 +71,18 @@ int process_issuer(char *buffer) {
switch (issuer.state) { switch (issuer.state) {
case READY: case READY:
case JOINSTART: case JOINSTART:
printf("Generate new issuer identity.\n"); printf("process_issuer: Generate new issuer identity.\n");
if (0 == issuer_setup(buffer)) { if (0 == issuer_setup(buffer)) {
issuer.state = READY; issuer.state = READY;
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3); strncpy(buffer, "OK\n", 3);
} else { } else {
printf("Error: Issuer setup failed.\n"); printf("Error: Issuer setup failed.\n");
return 2; ret = 2;
} }
break; break;
default: default:
printf("Reset not possible.\n"); printf("process_issuer: Reset not possible.\n");
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
break; break;
@ -95,7 +95,7 @@ int process_issuer(char *buffer) {
} }
break; break;
default: default:
printf("Issuer not ready for join.\n"); printf("process_issuer: Issuer not ready for join.\n");
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
break; break;
@ -104,11 +104,12 @@ int process_issuer(char *buffer) {
switch (issuer.state) { switch (issuer.state) {
case JOINSTART: case JOINSTART:
if(0 == issuer_joinproceed(buffer)) { if(0 == issuer_joinproceed(buffer)) {
issuer.state = READY; printf("process_issuer: Successfully added new member.\n");
} }
issuer.state = READY;
break; break;
default: default:
printf("Issuer not ready for append.\n"); printf("process_issuer: Issuer not ready for append.\n");
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
break; break;
@ -120,7 +121,7 @@ int process_issuer(char *buffer) {
issuer_publish(buffer); issuer_publish(buffer);
break; break;
default: default:
printf("There are no keys to publish.\n"); printf("process_issuer: There are no keys to publish.\n");
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
break; break;

116
member-tpm.c
View File

@ -20,23 +20,12 @@ typedef struct member {
size_t bsn_len; size_t bsn_len;
} member_t; } member_t;
typedef struct tpm_context {
struct ecdaa_tpm_context tpm_ctx;
uint8_t pk_in[ECP_FP256BN_LENGTH];
unsigned char tcti_buffer[256];
TSS2_TCTI_CONTEXT *tcti_context;
} tpm_context_t;
member_t member; member_t member;
uint8_t msg[MAX_MSGSIZE]; uint8_t msg[MAX_MSGSIZE];
size_t msg_len; size_t msg_len;
uint8_t chksum[MAX_CHKSUMSIZE]; uint8_t chksum[MAX_CHKSUMSIZE];
size_t chksum_len; size_t chksum_len;
static int tpm_initialize(struct tpm_context *ctx, const char *pub_key_filename, const char *handle_filename);
static void tpm_cleanup(struct tpm_context *ctx);
static int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, const char *tpm_key_file, const char *tpm_handle_file);
int member_join(char *buffer); int member_join(char *buffer);
int member_signmsg(char *buffer); int member_signmsg(char *buffer);
@ -52,8 +41,8 @@ int main(int argc, char *argv[]) {
char *remote_ip; char *remote_ip;
int ret = 0; int ret = 0;
//strncpy(member.bsn, "mybasename", 10); strncpy(member.bsn, "mybasename", 10);
//member.bsn_len = strlen(member.bsn); member.bsn_len = strlen(member.bsn);
switch(argc) { switch(argc) {
case 2: case 2:
if(0 == strncasecmp("--createkey", argv[1], 11) || 0 == strncasecmp("-c", argv[1], 2)) { if(0 == strncasecmp("--createkey", argv[1], 11) || 0 == strncasecmp("-c", argv[1], 2)) {
@ -115,57 +104,6 @@ int main(int argc, char *argv[]) {
return 0; return 0;
} }
static int tpm_initialize(struct tpm_context *ctx, const char *pub_key_filename, const char *handle_filename)
{
const char *device_conf = "/dev/tpm0";
memset(ctx->tcti_buffer, 0, sizeof(ctx->tcti_buffer));
int ret = 0;
TPM2_HANDLE key_handle = 0;
if (0 != read_public_key_from_files(ctx->pk_in, &key_handle, pub_key_filename, handle_filename)) {
printf("Error reading public key files '%s' and '%s'.\n",pub_key_filename, handle_filename);
return -1;
}
TSS2_TCTI_CONTEXT *tcti_ctx = (TSS2_TCTI_CONTEXT*)ctx->tcti_buffer;
size_t size;
ret = Tss2_Tcti_Device_Init(NULL, &size, device_conf);
if (TSS2_RC_SUCCESS != ret) {
printf("Error: Failed to get allocation size for tcti context.\n");
return -1;
}
if (size > sizeof(ctx->tcti_buffer)) {
printf("Error: device TCTI context size larger than pre-allocated buffer.\n");
return -1;
}
ret = Tss2_Tcti_Device_Init(ctx->tcti_context, &size, device_conf);
if (TSS2_RC_SUCCESS != ret) {
printf("Error: Unable to initialize device TCTI context.\n");
return -1;
}
//initialize ecdaa tpm context
ret = ecdaa_tpm_context_init(&ctx->tpm_ctx, key_handle, NULL, 0, ctx->tcti_context);
if ( 0 != ret) {
printf("Error: ECDAA context failed: ret = 0x%x\n", ret);
return -1;
}
#ifdef DEBUG
printf("ECDAA context initialized.\n");
#endif
return 0;
}
static void tpm_cleanup(struct tpm_context *ctx) {
ecdaa_tpm_context_free(&ctx->tpm_ctx);
if (NULL != ctx->tcti_context) {
Tss2_Tcti_Finalize(ctx->tcti_context);
}
}
int member_join(char *buffer) { int member_join(char *buffer) {
int ret = 0; int ret = 0;
@ -264,7 +202,7 @@ int member_signmsg(char *buffer) {
bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE); bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE);
current = &current[bytes]; current = &current[bytes];
if(has_nym) { if(has_nym) {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &ctx.tpm_ctx)) { if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &(ctx.tpm_ctx))) {
printf("member_signmsg: Signing message failed.\n"); printf("member_signmsg: Signing message failed.\n");
} }
current[0] = '1'; current[0] = '1';
@ -272,7 +210,7 @@ int member_signmsg(char *buffer) {
strncpy(current, (char *)member.bsn, MAX_BSNSIZE); strncpy(current, (char *)member.bsn, MAX_BSNSIZE);
current = &current[MAX_BSNSIZE]; current = &current[MAX_BSNSIZE];
} else { } else {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.cred, ecdaa_rand, &ctx.tpm_ctx)) { if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.cred, ecdaa_rand, &(ctx.tpm_ctx))) {
printf("member_signmsg: Signing message failed.\n"); printf("member_signmsg: Signing message failed.\n");
} }
current[0] = '0'; current[0] = '0';
@ -310,7 +248,7 @@ int member_joinappend(char *buffer) {
strncpy(buffer, "ABORT\n", 6); strncpy(buffer, "ABORT\n", 6);
return -1; return -1;
} }
if (0 != (ret = ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, ctx.pk_in, member.nonce, NONCE_SIZE, &ctx.tpm_ctx))) { if (0 != (ret = ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, ctx.serialized_public_key, member.nonce, NONCE_SIZE, &(ctx.tpm_ctx)))) {
fprintf(stderr, "Error generating member key-pair: ret = %d\n", ret); fprintf(stderr, "Error generating member key-pair: ret = %d\n", ret);
strncpy(buffer, "ABORT\n", 6); strncpy(buffer, "ABORT\n", 6);
return -1; return -1;
@ -359,47 +297,3 @@ int member_joinfinish(char *buffer) {
return ret; return ret;
} }
static int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, const char *pub_key_filename, const char *handle_filename)
{
int ret = 0;
FILE *pub_key_file_ptr = fopen(pub_key_filename, "r");
if (NULL == pub_key_file_ptr) {
printf("read_public_key: Failed to open tpm public key.\n");
return -1;
}
do {
for (unsigned i=0; i < ECP_FP256BN_LENGTH; i++) {
unsigned byt;
if (ret = fscanf(pub_key_file_ptr, "%02X", &byt) != 1) {
ret = -1;
break;
}
public_key[i] = (uint8_t)byt;
}
} while(0);
(void)fclose(pub_key_file_ptr);
FILE *handle_file_ptr = fopen(handle_filename, "r");
if (NULL == handle_file_ptr) {
printf("read_public_key: Error opening handle.\n");
return -1;
}
do {
for (int i=(sizeof(TPM2_HANDLE)-1); i >= 0; i--) {
unsigned byt;
if (fscanf(handle_file_ptr, "%02X", &byt) != 1) {
ret = -1;
break;
}
*key_handle += byt<<(i*8);
}
if (0 != ret)
break;
} while(0);
(void)fclose(handle_file_ptr);
return ret;
}

2
member-tpm.h
View File

@ -9,8 +9,8 @@
#include "client.h" #include "client.h"
#include "common.h" #include "common.h"
#include "member-tpm-key.h" #include "member-tpm-key.h"
#include "tpm_utils.h"
#define ECP_FP256BN_LENGTH 65
int process_member(char *buffer); int process_member(char *buffer);
#endif //ECDAA_MEMBER_TPM_H #endif //ECDAA_MEMBER_TPM_H

118
tpm_utils.h
View File

@ -0,0 +1,118 @@
#include <ecdaa-tpm.h>
#include <tss2/tss2_sys.h>
#include <tss2/tss2_tcti_mssim.h>
#include <tss2/tss2_tcti_device.h>
#include <string.h>
#define ECP_FP256BN_LENGTH 65
const char *pub_key_filename = "pub_key.txt";
const char *handle_filename = "handle.txt";
struct tpm_context {
struct ecdaa_tpm_context tpm_ctx;
uint8_t serialized_public_key[ECP_FP256BN_LENGTH];
ECP_FP256BN public_key;
unsigned char tcti_buffer[256];
TSS2_TCTI_CONTEXT *tcti_context;
};
static void tpm_cleanup(struct tpm_context *ctx);
static int tpm_initialize(struct tpm_context *ctx, const char *pub_key_filename, const char *handle_filename);
int read_public_key_from_files(uint8_t *public_key,
TPM2_HANDLE *key_handle,
const char *pub_key_filename,
const char *handle_filename)
{
int ret = 0;
FILE *pub_key_file_ptr = fopen(pub_key_filename, "r");
printf("Reading: %s\n",pub_key_filename);
if (NULL == pub_key_file_ptr)
return -1;
do {
for (unsigned i=0; i < ECP_FP256BN_LENGTH; i++) {
unsigned byt;
if (fscanf(pub_key_file_ptr, "%02X", &byt) != 1) {
ret = -1;
printf("i=%d, fscanf did not read a byte\n",i);
break;
}
public_key[i] = (uint8_t)byt;
}
} while(0);
(void)fclose(pub_key_file_ptr);
if (0 != ret)
return -1;
FILE *handle_file_ptr = fopen(handle_filename, "r");
printf("Reading: %s\n",handle_filename);
if (NULL == handle_file_ptr)
return -1;
do {
for (int i=(sizeof(TPM2_HANDLE)-1); i >= 0; i--) {
unsigned byt;
if (fscanf(handle_file_ptr, "%02X", &byt) != 1) {
ret = -1;
break;
}
*key_handle += byt<<(i*8);
}
if (0 != ret)
break;
} while(0);
(void)fclose(handle_file_ptr);
return ret;
}
static int tpm_initialize(struct tpm_context *ctx, const char *pub_key_filename, const char *handle_filename)
{
const char *device_conf = "/dev/tpm0";
memset(ctx->tcti_buffer, 0, sizeof(ctx->tcti_buffer));
int ret = 0;
TPM2_HANDLE key_handle = 0;
if (0 != read_public_key_from_files(ctx->serialized_public_key, &key_handle, pub_key_filename, handle_filename)) {
printf("Error: error reading in public key files '%s' and '%s'\n", pub_key_filename, handle_filename);
return -1;
}
ctx->tcti_context = (TSS2_TCTI_CONTEXT*)ctx->tcti_buffer;
size_t size;
ret = Tss2_Tcti_Device_Init(NULL, &size, device_conf);
if (TSS2_RC_SUCCESS != ret) {
printf("Failed to get allocation size for tcti context\n");
return -1;
}
if (size > sizeof(ctx->tcti_buffer)) {
printf("Error: device TCTI context size larger than pre-allocated buffer\n");
return -1;
}
ret = Tss2_Tcti_Device_Init(ctx->tcti_context, &size, device_conf);
if (TSS2_RC_SUCCESS != ret) {
printf("Error: Unable to initialize device TCTI context\n");
return -1;
}
ret = ecdaa_tpm_context_init(&ctx->tpm_ctx, key_handle, NULL, 0, ctx->tcti_context);
if (0 != ret) {
printf("Error: ecdaa_tpm_context_init failed: 0x%x\n", ret);
return -1;
}
return 0;
}
static void tpm_cleanup(struct tpm_context *ctx)
{
ecdaa_tpm_context_free(&ctx->tpm_ctx);
if (NULL != ctx->tcti_context) {
Tss2_Tcti_Finalize(ctx->tcti_context);
}
}

11
verifier.c
View File

@ -80,15 +80,14 @@ int process_verifier(char *buffer) {
ret = verifier_verifymsg(&buffer[10]); ret = verifier_verifymsg(&buffer[10]);
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
if (-1 == ret) { if (-1 == ret) {
printf("process_verifier: member public key is malformed!\n"); printf("process_verifier: Member public key is malformed!\n");
strncpy(buffer, "ERR\n", 4);
} else if (-2 == ret) { } else if (-2 == ret) {
printf("process_verifier: signature of member public key is invalid.\n"); printf("process_verifier: Signature of member public key is invalid.\n");
strncpy(buffer, "ERR\n", 4);
} else { } else {
strncpy(buffer, "OK\n", 3); printf("process_verifier: Received message with valid DAA signature.\n");
} }
ret = 0; printf("closing client session.\n");
ret = 1;
} else if (0 == strncasecmp("EXIT", buffer, 4)) { } else if (0 == strncasecmp("EXIT", buffer, 4)) {
printf("closing client session.\n"); printf("closing client session.\n");
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);

Write Preview
Loading…
Cancel
Save