preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

updated member_tpm to codebase of member

master
Michael Preisach 4 years ago
parent
a056c26b83
commit
79191a4a95
4 changed files with 44 additions and 37 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      common.h
  2. 58
      member-tpm.c
  3. 11
      member.c
  4. 2
      verifier.c

2
common.h
View File

@ -12,7 +12,7 @@
#define VERIFIERPORT 6592 #define VERIFIERPORT 6592
#define MAX_CLIENTS 10 #define MAX_CLIENTS 10
#define MAX_MSGSIZE 2048 #define MAX_MSGSIZE 4096
#define MAX_CHKSUMSIZE 1024 #define MAX_CHKSUMSIZE 1024
#define MAX_BUFSIZE (((MAX_MSGSIZE + 2) / 3) * 4) + (((MAX_CHKSUMSIZE + 2) / 3) * 4) + 1536 #define MAX_BUFSIZE (((MAX_MSGSIZE + 2) / 3) * 4) + (((MAX_CHKSUMSIZE + 2) / 3) * 4) + 1536
/* #define MAX_MSGSIZE ((MAX_BUFSIZE - 1536) / 2) - MAX_CHKSUMSIZE //for bin to hex*/ /* #define MAX_MSGSIZE ((MAX_BUFSIZE - 1536) / 2) - MAX_CHKSUMSIZE //for bin to hex*/

58
member-tpm.c
View File

@ -28,6 +28,8 @@ typedef struct member {
member_t member; member_t member;
uint8_t msg[MAX_MSGSIZE]; uint8_t msg[MAX_MSGSIZE];
size_t msg_len; size_t msg_len;
uint8_t chksum[MAX_CHKSUMSIZE];
size_t chksum_len;
int init_tpm(); int init_tpm();
int free_tpm(); int free_tpm();
@ -46,7 +48,7 @@ int member_joinfinish(char *buffer);
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
char buffer[MAX_BUFSIZE]; char buffer[MAX_BUFSIZE];
char *remote_ip = argv[2]; char *remote_ip;
int ret = 0; int ret = 0;
TPM2_HANDLE sk_handle = 0; TPM2_HANDLE sk_handle = 0;
@ -60,6 +62,7 @@ int main(int argc, char *argv[]) {
return 1; return 1;
} }
member.state = ON; member.state = ON;
remote_ip = argv[2];
ret = client_connect(&member_join, remote_ip, ISSUERPORT); ret = client_connect(&member_join, remote_ip, ISSUERPORT);
if (0 >= ret || JOINED != member.state) { if (0 >= ret || JOINED != member.state) {
printf("Join process failed!\n"); printf("Join process failed!\n");
@ -67,15 +70,15 @@ int main(int argc, char *argv[]) {
} else { } else {
printf("Join process was successful\n"); printf("Join process was successful\n");
} }
} else { } else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
printf("2 arguments but not join\n"); msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE);
}
break;
case 4:
if(0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, argv[3]);
if (msg_len < 0) { if (msg_len < 0) {
printf("Could not open message file %s\n", argv[3]); printf("Could not open message file %s\n", MSGFILE);
return 1;
}
chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, CHKSUMFILE);
if (chksum_len < 0) {
printf("Could not open checksum file %s\n", CHKSUMFILE);
return 1; return 1;
} }
if (0 != read_public_key_from_files(member.pk_in, &sk_handle, tpm_key_file, tpm_handle_file)) { if (0 != read_public_key_from_files(member.pk_in, &sk_handle, tpm_key_file, tpm_handle_file)) {
@ -85,23 +88,25 @@ int main(int argc, char *argv[]) {
if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) || if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) ||
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) || 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
printf("Could not import key files. importing from %s, %s or %s was not successful\n", printf("Could not import key files. importing from either %s, %s or %s was not successful\n",
member_nonce_file, member_public_key_file, member_credential_file); member_nonce_file, member_public_key_file, member_credential_file);
return 1; return 1;
} }
member.state = JOINED; member.state = JOINED;
remote_ip = argv[2];
ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT); ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
if (0 >= ret || JOINED != member.state) { if (2 != ret) {
printf("connection to verifier failed\n"); printf("message transmission to verifier failed\n");
} }
} else { } else {
printf("3 arguments but not send\n"); printf("arguments invalid");
} }
break; break;
default: default:
printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]); printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]);
printf("Send a signed message to the verifier: %s --send <verifier's IPv4> <msgfile>\n", argv[0]); printf("Send a signed message to the verifier: %s --send <verifier's IPv4>\n", argv[0]);
printf("Before sending a DAA-signed message, the member must join a DAA group\n"); printf("Before sending a DAA-signed message, the member must join a DAA group\n");
printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", MSGFILE, MAX_MSGSIZE, CHKSUMFILE, MAX_CHKSUMSIZE);
break; break;
} }
return 0; return 0;
@ -195,9 +200,8 @@ int member_join(char *buffer) {
case JOINPROCEED: case JOINPROCEED:
if (0 == strncasecmp("JOINPROCEED", buffer, 11)) { if (0 == strncasecmp("JOINPROCEED", buffer, 11)) {
printf("ISSUER > MEMBER: %s\n", buffer); printf("ISSUER > MEMBER: %s\n", buffer);
member_joinfinish(buffer); ret = member_joinfinish(buffer);
member.state = JOINED; member.state = JOINED;
ret = 1;
} else { } else {
printf("member_getpublic: did not get credentials from issuer\n"); printf("member_getpublic: did not get credentials from issuer\n");
member.state = RCVPUBLIC; member.state = RCVPUBLIC;
@ -213,14 +217,15 @@ int member_join(char *buffer) {
return ret; return ret;
} }
//"VERIFYMSG" > "VERIFYMSG <attestval>" //"VERIFYMSG <msg><checksum>0<signature>" or
//"VERIFYMSG <msg><checksum>1<signature with bsn>"
int member_verifymsg(char *buffer) { int member_verifymsg(char *buffer) {
char *current = buffer; char *current = buffer;
uint8_t binbuf[MAX_BUFSIZE]; uint8_t binbuf[MAX_BUFSIZE];
uint8_t has_nym = member.bsn_len > 0 ? 1 : 0; uint8_t has_nym = member.bsn_len > 0 ? 1 : 0;
struct ecdaa_signature_FP256BN sig; struct ecdaa_signature_FP256BN sig;
size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length(); size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length();
int ret = 0; int bytes = 0;
if (0 == strncasecmp("OK", buffer, 2)) { if (0 == strncasecmp("OK", buffer, 2)) {
return 1; return 1;
@ -233,10 +238,12 @@ int member_verifymsg(char *buffer) {
strncpy(current, "VERIFYMSG ", 10); strncpy(current, "VERIFYMSG ", 10);
current = &current[10]; current = &current[10];
ret = ecdaa_encode(msg, current, msg_len); bytes = ecdaa_encode(msg, current, MAX_MSGSIZE);
current = &current[2 * MAX_MSGSIZE]; current = &current[bytes];
bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE);
current = &current[bytes];
if(has_nym) { if(has_nym) {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &member.ctx)) { if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig,ksum, chksum_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &member.ctx)) {
printf("member_verifymsg: Signing message failed\n"); printf("member_verifymsg: Signing message failed\n");
} }
current[0] = '1'; current[0] = '1';
@ -244,7 +251,7 @@ int member_verifymsg(char *buffer) {
strncpy(current, (char *)member.bsn, MAX_BSNSIZE); strncpy(current, (char *)member.bsn, MAX_BSNSIZE);
current = &current[MAX_BSNSIZE]; current = &current[MAX_BSNSIZE];
} else { } else {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, msg, msg_len, NULL, 0, &member.cred, ecdaa_rand, &member.ctx)) { if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.cred, ecdaa_rand, &member.ctx)) {
printf("member_verifymsg: Signing message failed\n"); printf("member_verifymsg: Signing message failed\n");
} }
current[0] = '0'; current[0] = '0';
@ -253,14 +260,15 @@ int member_verifymsg(char *buffer) {
bzero(binbuf, MAX_BUFSIZE); bzero(binbuf, MAX_BUFSIZE);
ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym); ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
ret = ecdaa_encode(binbuf, current, sig_len); bytes = ecdaa_encode(binbuf, current, sig_len);
printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len); printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
printf("member_verifymsg: msg: %s, len: %lu\n", msg, msg_len); printf("member_verifymsg: msg: %s, len: %lu\n", msg, msg_len);
printf("member_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len);
printf("member_verifymsg: bsn: %s, len: %lu\n", (char *)member.bsn, strlen((char *)member.bsn)); printf("member_verifymsg: bsn: %s, len: %lu\n", (char *)member.bsn, strlen((char *)member.bsn));
printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len); printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len);
current[ret] = '\n'; current[bytes] = '\n';
return 0; return 2; //send to verifier before closing
} }
//"PUBLISH" > "PUBLISH <member.mpk>" //"PUBLISH" > "PUBLISH <member.mpk>"

11
member.c
View File

@ -55,8 +55,7 @@ int main(int argc, char **argv) {
} else { } else {
printf("Join process was successful\n"); printf("Join process was successful\n");
} }
} } else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
else if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE); msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE);
if (msg_len < 0) { if (msg_len < 0) {
printf("Could not open message file %s\n", MSGFILE); printf("Could not open message file %s\n", MSGFILE);
@ -71,7 +70,7 @@ int main(int argc, char **argv) {
0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) || 0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) ||
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) || 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
printf("Could not import key files. importing from %s, %s, %s or %s was not successful\n", printf("Could not import key files. importing from either %s, %s, %s or %s was not successful\n",
member_nonce_file, member_secret_key_file, member_public_key_file, member_credential_file); member_nonce_file, member_secret_key_file, member_public_key_file, member_credential_file);
return 1; return 1;
} }
@ -79,7 +78,7 @@ int main(int argc, char **argv) {
remote_ip = argv[2]; remote_ip = argv[2];
ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT); ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
if (2 != ret) { if (2 != ret) {
printf("connection to verifier failed\n"); printf("message transmission to verifier failed\n");
} }
} else { } else {
printf("arguments invalid\n"); printf("arguments invalid\n");
@ -179,7 +178,7 @@ int member_verifymsg(char *buffer) {
bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE); bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE);
current = &current[bytes]; current = &current[bytes];
if(has_nym) { if(has_nym) {
if (0 != ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand)) { if (0 != ecdaa_signature_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand)) {
printf("member_verifymsg: Signing message failed\n"); printf("member_verifymsg: Signing message failed\n");
} }
current[0] = '1'; current[0] = '1';
@ -187,7 +186,7 @@ int member_verifymsg(char *buffer) {
strncpy(current, (char *)member.bsn, MAX_BSNSIZE); strncpy(current, (char *)member.bsn, MAX_BSNSIZE);
current = &current[MAX_BSNSIZE]; current = &current[MAX_BSNSIZE];
} else { } else {
if (0 != ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, NULL, 0, &member.msk, &member.cred, ecdaa_rand)) { if (0 != ecdaa_signature_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.msk, &member.cred, ecdaa_rand)) {
printf("member_verifymsg: Signing message failed\n"); printf("member_verifymsg: Signing message failed\n");
} }
current[0] = '0'; current[0] = '0';

2
verifier.c
View File

@ -197,7 +197,7 @@ int verifier_verifymsg(char *buffer) {
printf("verifier_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len); printf("verifier_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len);
printf("verifier_verifymsg: bsn: %s, len: %lu\n", bsn, bsn_len); printf("verifier_verifymsg: bsn: %s, len: %lu\n", bsn, bsn_len);
printf("verifier_verifymsg: sig: %s, len: %lu\n", current, sig_len); printf("verifier_verifymsg: sig: %s, len: %lu\n", current, sig_len);
ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) msg, msg_len, ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) chksum, chksum_len,
(uint8_t *) bsn, bsn_len); (uint8_t *) bsn, bsn_len);
if (0 != ret) { if (0 != ret) {
printf("verifier_verifymsg: signature not valid, ret = %i\n", ret); printf("verifier_verifymsg: signature not valid, ret = %i\n", ret);

Write Preview
Loading…
Cancel
Save