From 79191a4a95cd7225782bfc0e6b9954efbf5c08c4 Mon Sep 17 00:00:00 2001 From: Michael Preisach Date: Sat, 11 Sep 2021 14:15:51 +0200 Subject: [PATCH] updated member_tpm to codebase of member --- common.h | 2 +- member-tpm.c | 66 +++++++++++++++++++++++++++++----------------------- member.c | 11 ++++----- verifier.c | 2 +- 4 files changed, 44 insertions(+), 37 deletions(-) diff --git a/common.h b/common.h index e34fa85..9f6411d 100644 --- a/common.h +++ b/common.h @@ -12,7 +12,7 @@ #define VERIFIERPORT 6592 #define MAX_CLIENTS 10 -#define MAX_MSGSIZE 2048 +#define MAX_MSGSIZE 4096 #define MAX_CHKSUMSIZE 1024 #define MAX_BUFSIZE (((MAX_MSGSIZE + 2) / 3) * 4) + (((MAX_CHKSUMSIZE + 2) / 3) * 4) + 1536 /* #define MAX_MSGSIZE ((MAX_BUFSIZE - 1536) / 2) - MAX_CHKSUMSIZE //for bin to hex*/ diff --git a/member-tpm.c b/member-tpm.c index a0db41b..d32bc09 100644 --- a/member-tpm.c +++ b/member-tpm.c @@ -28,6 +28,8 @@ typedef struct member { member_t member; uint8_t msg[MAX_MSGSIZE]; size_t msg_len; +uint8_t chksum[MAX_CHKSUMSIZE]; +size_t chksum_len; int init_tpm(); int free_tpm(); @@ -46,7 +48,7 @@ int member_joinfinish(char *buffer); int main(int argc, char *argv[]) { char buffer[MAX_BUFSIZE]; - char *remote_ip = argv[2]; + char *remote_ip; int ret = 0; TPM2_HANDLE sk_handle = 0; @@ -60,6 +62,7 @@ int main(int argc, char *argv[]) { return 1; } member.state = ON; + remote_ip = argv[2]; ret = client_connect(&member_join, remote_ip, ISSUERPORT); if (0 >= ret || JOINED != member.state) { printf("Join process failed!\n"); @@ -67,17 +70,17 @@ int main(int argc, char *argv[]) { } else { printf("Join process was successful\n"); } - } else { - printf("2 arguments but not join\n"); - } - break; - case 4: - if(0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { - msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, argv[3]); - if (msg_len < 0) { - printf("Could not open message file %s\n", argv[3]); + } else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { + msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE); + if (msg_len < 0) { + printf("Could not open message file %s\n", MSGFILE); return 1; - } + } + chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, CHKSUMFILE); + if (chksum_len < 0) { + printf("Could not open checksum file %s\n", CHKSUMFILE); + return 1; + } if (0 != read_public_key_from_files(member.pk_in, &sk_handle, tpm_key_file, tpm_handle_file)) { printf("Error: reading in public key files '%s' and '%s' failed\n", tpm_key_file, tpm_handle_file); return 1; @@ -85,23 +88,25 @@ int main(int argc, char *argv[]) { if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) || 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) || 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { - printf("Could not import key files. importing from %s, %s or %s was not successful\n", + printf("Could not import key files. importing from either %s, %s or %s was not successful\n", member_nonce_file, member_public_key_file, member_credential_file); return 1; } member.state = JOINED; + remote_ip = argv[2]; ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT); - if (0 >= ret || JOINED != member.state) { - printf("connection to verifier failed\n"); + if (2 != ret) { + printf("message transmission to verifier failed\n"); } } else { - printf("3 arguments but not send\n"); + printf("arguments invalid"); } break; default: printf("Usage: \n Join an issuer's group: %s --join \n", argv[0]); - printf("Send a signed message to the verifier: %s --send \n", argv[0]); + printf("Send a signed message to the verifier: %s --send \n", argv[0]); printf("Before sending a DAA-signed message, the member must join a DAA group\n"); + printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", MSGFILE, MAX_MSGSIZE, CHKSUMFILE, MAX_CHKSUMSIZE); break; } return 0; @@ -195,9 +200,8 @@ int member_join(char *buffer) { case JOINPROCEED: if (0 == strncasecmp("JOINPROCEED", buffer, 11)) { printf("ISSUER > MEMBER: %s\n", buffer); - member_joinfinish(buffer); + ret = member_joinfinish(buffer); member.state = JOINED; - ret = 1; } else { printf("member_getpublic: did not get credentials from issuer\n"); member.state = RCVPUBLIC; @@ -213,14 +217,15 @@ int member_join(char *buffer) { return ret; } -//"VERIFYMSG" > "VERIFYMSG " +//"VERIFYMSG 0" or +//"VERIFYMSG 1" int member_verifymsg(char *buffer) { char *current = buffer; uint8_t binbuf[MAX_BUFSIZE]; uint8_t has_nym = member.bsn_len > 0 ? 1 : 0; struct ecdaa_signature_FP256BN sig; size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length(); - int ret = 0; + int bytes = 0; if (0 == strncasecmp("OK", buffer, 2)) { return 1; @@ -233,10 +238,12 @@ int member_verifymsg(char *buffer) { strncpy(current, "VERIFYMSG ", 10); current = ¤t[10]; - ret = ecdaa_encode(msg, current, msg_len); - current = ¤t[2 * MAX_MSGSIZE]; + bytes = ecdaa_encode(msg, current, MAX_MSGSIZE); + current = ¤t[bytes]; + bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE); + current = ¤t[bytes]; if(has_nym) { - if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &member.ctx)) { + if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig,ksum, chksum_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &member.ctx)) { printf("member_verifymsg: Signing message failed\n"); } current[0] = '1'; @@ -244,7 +251,7 @@ int member_verifymsg(char *buffer) { strncpy(current, (char *)member.bsn, MAX_BSNSIZE); current = ¤t[MAX_BSNSIZE]; } else { - if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, msg, msg_len, NULL, 0, &member.cred, ecdaa_rand, &member.ctx)) { + if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.cred, ecdaa_rand, &member.ctx)) { printf("member_verifymsg: Signing message failed\n"); } current[0] = '0'; @@ -253,14 +260,15 @@ int member_verifymsg(char *buffer) { bzero(binbuf, MAX_BUFSIZE); ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym); - ret = ecdaa_encode(binbuf, current, sig_len); + bytes = ecdaa_encode(binbuf, current, sig_len); printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len); - printf("member_verifymsg: msg: %s, len: %lu\n",msg, msg_len); - printf("member_verifymsg: bsn: %s, len: %lu\n",(char *)member.bsn, strlen((char *)member.bsn)); + printf("member_verifymsg: msg: %s, len: %lu\n", msg, msg_len); + printf("member_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len); + printf("member_verifymsg: bsn: %s, len: %lu\n", (char *)member.bsn, strlen((char *)member.bsn)); printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len); - current[ret] = '\n'; - return 0; + current[bytes] = '\n'; + return 2; //send to verifier before closing } //"PUBLISH" > "PUBLISH " diff --git a/member.c b/member.c index 22b8781..76fe14e 100644 --- a/member.c +++ b/member.c @@ -55,8 +55,7 @@ int main(int argc, char **argv) { } else { printf("Join process was successful\n"); } - } - else if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { + } else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE); if (msg_len < 0) { printf("Could not open message file %s\n", MSGFILE); @@ -71,7 +70,7 @@ int main(int argc, char **argv) { 0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) || 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) || 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { - printf("Could not import key files. importing from %s, %s, %s or %s was not successful\n", + printf("Could not import key files. importing from either %s, %s, %s or %s was not successful\n", member_nonce_file, member_secret_key_file, member_public_key_file, member_credential_file); return 1; } @@ -79,7 +78,7 @@ int main(int argc, char **argv) { remote_ip = argv[2]; ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT); if (2 != ret) { - printf("connection to verifier failed\n"); + printf("message transmission to verifier failed\n"); } } else { printf("arguments invalid\n"); @@ -179,7 +178,7 @@ int member_verifymsg(char *buffer) { bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE); current = ¤t[bytes]; if(has_nym) { - if (0 != ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand)) { + if (0 != ecdaa_signature_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand)) { printf("member_verifymsg: Signing message failed\n"); } current[0] = '1'; @@ -187,7 +186,7 @@ int member_verifymsg(char *buffer) { strncpy(current, (char *)member.bsn, MAX_BSNSIZE); current = ¤t[MAX_BSNSIZE]; } else { - if (0 != ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, NULL, 0, &member.msk, &member.cred, ecdaa_rand)) { + if (0 != ecdaa_signature_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.msk, &member.cred, ecdaa_rand)) { printf("member_verifymsg: Signing message failed\n"); } current[0] = '0'; diff --git a/verifier.c b/verifier.c index 763856a..cd12d44 100644 --- a/verifier.c +++ b/verifier.c @@ -197,7 +197,7 @@ int verifier_verifymsg(char *buffer) { printf("verifier_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len); printf("verifier_verifymsg: bsn: %s, len: %lu\n", bsn, bsn_len); printf("verifier_verifymsg: sig: %s, len: %lu\n", current, sig_len); - ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) msg, msg_len, + ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) chksum, chksum_len, (uint8_t *) bsn, bsn_len); if (0 != ret) { printf("verifier_verifymsg: signature not valid, ret = %i\n", ret);