From 793e8d949b0e69364a141a68b2e906850a2f7f89 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 6 Nov 2019 17:44:04 +0100 Subject: [PATCH] added crypto payload to member and issuer, not yet tested --- CMakeLists.txt | 6 +-- common.c | 37 ++++++++++++++ common.h | 13 ++++- issuer.c | 134 ++++++++++++++++++++++++++++++++++++++++++------- issuer.h | 2 - member.c | 46 +++++++++++++++-- member.h | 3 +- verifier.c | 4 +- verifier.h | 2 - 9 files changed, 212 insertions(+), 35 deletions(-) create mode 100644 common.c diff --git a/CMakeLists.txt b/CMakeLists.txt index ec4ae5f..5ac977d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,20 +4,20 @@ project(ecdaa_issuer C) set(CMAKE_C_STANDARD 11) set(ECDAA_AMCL "/opt/amcl") -add_executable(ecdaa_issuer issuer.c common.h server.h server.c) +add_executable(ecdaa_issuer issuer.c common.h common.c server.h server.c) target_include_directories(ecdaa_issuer PUBLIC ${ECDAA_AMCL} ) target_link_libraries(ecdaa_issuer /usr/local/lib/libecdaa.so) -add_executable(ecdaa_member member.c common.h client.h client.c server.h server.c) +add_executable(ecdaa_member member.c common.h common.c client.h client.c server.h server.c) target_include_directories(ecdaa_member PUBLIC ${ECDAA_AMCL} ) target_link_libraries(ecdaa_member /usr/local/lib/libecdaa.so) target_link_libraries(ecdaa_member /usr/local/lib/libecdaa-tpm.so) -add_executable(ecdaa_verifier verifier.c common.h server.h server.c client.h client.c) +add_executable(ecdaa_verifier verifier.c common.h common.c server.h server.c client.h client.c) target_include_directories(ecdaa_verifier PUBLIC ${ECDAA_AMCL} ) diff --git a/common.c b/common.c new file mode 100644 index 0000000..ed2b4d2 --- /dev/null +++ b/common.c @@ -0,0 +1,37 @@ +#include "common.h" + +void ecdaa_rand(void *buffer, size_t buflen) { + getrandom(buffer, buflen, GRND_RANDOM); +} + +char bin2hex(uint8_t byte) { + char word = byte & 0x0f; + char hex = 0; + if (byte >= 0 && byte <= 9) hex = word + '0'; + else if (byte >= 10 && byte <= 15) hex = word - 10 + 'A'; + return hex; +} + +uint8_t hex2bin(char hex) { + uint8_t byte = 0; + if (hex >= '0' && hex <= '9') byte = hex - '0'; + else if (hex >= 'a' && hex <= 'f') byte = hex - 'a' + 10; + else if (hex >= 'A' && hex <= 'F') byte = hex - 'A' + 10; + return byte; +} + +void ecdaa_hextobin(const char *in_hex, uint8_t *out_bin, size_t outlen) { + for (size_t i = 0, j = 0; i < outlen; i++, j+=2) { + uint8_t val = hex2bin(in_hex[j]); + val += hex2bin(in_hex[j+1]) * 16; + out_bin[i] = (char) val; + } +} + +void ecdaa_bintohex(const uint8_t *in_bin, size_t inlen, char *out_hex) { + for (size_t i = 0, j = 0; i < inlen; i++, j+=2) { + out_hex[j] = bin2hex(in_bin[i] % 0x0f); + out_hex[j+1] = bin2hex((in_bin[i] / 16) % 0x0f); + } +} + diff --git a/common.h b/common.h index 646bffb..073d270 100644 --- a/common.h +++ b/common.h @@ -5,6 +5,11 @@ #ifndef ECDAA_ISSUER_COMMON_H #define ECDAA_ISSUER_COMMON_H +#include +#include +#include +#include + #define ISSUERIP "127.0.0.1" #define ISSUERPORT 6590 #define MEMBERIP "127.0.0.1" @@ -14,8 +19,14 @@ #define MAX_CLIENTS 10 #define MAX_BUFSIZE 1024 +#define NONCE_SIZE 384 + +typedef int (*conn_handler)(char *buffer); + +void ecdaa_rand(void *buffer, size_t buflen); -typedef int (*conn_handler)(char* buffer); +void ecdaa_hextobin(const char *in_hex, uint8_t *out_bin, size_t outlen); +void ecdaa_bintohex(const uint8_t *in_bin, size_t inlen, char *out_hex); #endif //ECDAA_ISSUER_COMMON_H diff --git a/issuer.c b/issuer.c index 1219a12..815bcfb 100644 --- a/issuer.c +++ b/issuer.c @@ -10,18 +10,42 @@ typedef enum issuer_state { typedef struct issuer { struct ecdaa_issuer_public_key_FP256BN ipk; struct ecdaa_issuer_secret_key_FP256BN isk; + uint8_t nonce[NONCE_SIZE]; + struct ecdaa_member_public_key_FP256BN mpk; issuerstate_e state; + struct ecdaa_credential_FP256BN cred; + struct ecdaa_credential_FP256BN_signature cred_sig; } issuer_t; issuer_t issuer; +int issuer_setup(char *buffer); +int issuer_joinstart(char *buffer); +int issuer_joinproceed(char *buffer); +int issuer_publish(char *buffer); int main() { int err = 0; - if (2 != server_start(&process_issuer, ISSUERPORT)) { - printf("server failed\n"); - } + //if (2 != server_start(&process_issuer, ISSUERPORT)) { + // printf("server failed\n"); + //} + uint8_t buffer[1024]; + uint8_t *current = buffer; + char send[1024]; + bzero(buffer, 1024); + bzero(send,1024); + + struct ecdaa_issuer_public_key_FP256BN key; + + ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand); + ecdaa_issuer_public_key_FP256BN_serialize(current, &issuer.ipk); + ecdaa_bintohex((char*)current, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH, send); + printf("%s\n", send); + bzero(current, 1024); + ecdaa_hextobin(send, (char*)current, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH); + int ret = ecdaa_issuer_public_key_FP256BN_deserialize(&key, current); + printf("%i\n",ret); return 0; } @@ -55,10 +79,9 @@ int process_issuer(char *buffer) { } else if (0 == strncasecmp("SETUP", buffer, 5)) { switch (issuer.state) { case ON: - printf("setup()\n"); - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "SETUPDONE\n", 10); - issuer.state = READY; + if(0 == issuer_setup(buffer)) { + issuer.state = READY; + } break; default: bzero(buffer, MAX_BUFSIZE); @@ -68,10 +91,9 @@ int process_issuer(char *buffer) { } else if (0 == strncasecmp("JOIN", buffer, 4)) { switch (issuer.state) { case READY: - printf("join()\n"); - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "JOINSTART\n", 10); - issuer.state = JOINSTART; + if(0 == issuer_joinstart(buffer)) { + issuer.state = JOINSTART; + } break; default: bzero(buffer, MAX_BUFSIZE); @@ -81,10 +103,9 @@ int process_issuer(char *buffer) { } else if (0 == strncasecmp("APPEND", buffer, 6)) { switch (issuer.state) { case JOINSTART: - printf("append()\n"); - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "JOINPROCEED\n", 12); - issuer.state = READY; + if(0 == issuer_joinproceed(buffer)) { + issuer.state = READY; + } break; default: bzero(buffer, MAX_BUFSIZE); @@ -94,9 +115,7 @@ int process_issuer(char *buffer) { } else if (0 == strncasecmp("PUBLISH", buffer, 7)) { switch (issuer.state) { case READY: - printf("publish()\n"); - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "PUBLISH\n", 8); + issuer_publish(buffer); issuer.state = READY; break; default: @@ -123,3 +142,82 @@ int process_issuer(char *buffer) { printf("< ISSUER: %s", buffer); return ret; } + +// "JOIN" > "JOINSTART " +int issuer_joinstart(char *buffer) { + getrandom(issuer.nonce, NONCE_SIZE, GRND_RANDOM); + char* current; + bzero(buffer, MAX_BUFSIZE); + strncpy(buffer, "JOINSTART ", 10); + current = &buffer[10]; + ecdaa_bintohex(issuer.nonce, NONCE_SIZE, buffer); + buffer[2 * NONCE_SIZE + 10] = '\n'; + return 0; +} + +// "APPEND " > "JOINPROCEED " +int issuer_joinproceed(char *buffer) { + char *current = &buffer[7]; + uint8_t binbuf[MAX_BUFSIZE]; + bzero(binbuf, MAX_BUFSIZE); + + ecdaa_hextobin(current, binbuf, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH); + int ret = ecdaa_member_public_key_FP256BN_deserialize(&issuer.mpk, binbuf, issuer.nonce, NONCE_SIZE); + if(-1 == ret) { + printf("issuer_joinproceed: member public key is malformed!"); + return -1; + } else if (-2 == ret) { + printf("issuer_joinproceed: signature of member public key is invalid"); + } + + if (0 != ecdaa_credential_FP256BN_generate(&issuer.cred, &issuer.cred_sig, &issuer.isk, &issuer.mpk, ecdaa_rand)) { + printf("issuer_joinproceed: error generating credential\n"); + return -1; + } + bzero(buffer, MAX_BUFSIZE); + strncpy(buffer, "JOINPROCEED ", 12); + + current = &buffer[12]; + ecdaa_credential_FP256BN_serialize(binbuf, &issuer.cred); + bzero(binbuf, MAX_BUFSIZE); + ecdaa_bintohex(binbuf, ECDAA_CREDENTIAL_FP256BN_LENGTH, current); + + current = &buffer[12 + 2 * ECDAA_CREDENTIAL_FP256BN_LENGTH]; + ecdaa_credential_FP256BN_signature_serialize(binbuf, &issuer.cred_sig); + bzero(binbuf, MAX_BUFSIZE); + ecdaa_bintohex(binbuf, ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH, current); + + buffer[2 * ECDAA_CREDENTIAL_FP256BN_LENGTH + 2 * ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH + 12] = '\n'; + return 0; +} + +// "SETUP > SETUPDONE" +int issuer_setup(char *buffer) { + printf("setup()\n"); + if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) { + printf("issuer_setup: Error generating issuer key-pair\n"); + return -1; + } + bzero(buffer, MAX_BUFSIZE); + strncpy(buffer, "SETUPDONE\n", 10); + return 0; +} + +// "PUBLISH" > "PUBLISH " +int issuer_publish(char *buffer) { + printf("publish()\n"); + char *current; + uint8_t binbuf[MAX_BUFSIZE]; + bzero(buffer, MAX_BUFSIZE); + + strncpy(buffer, "PUBLISH ", 8); + + current = &buffer[8]; + bzero(binbuf, MAX_BUFSIZE); + ecdaa_issuer_public_key_FP256BN_serialize(binbuf, &issuer.ipk); + ecdaa_bintohex(binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH, current); + + buffer[2 * ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH + 8] = '\n'; + + return 0; +} diff --git a/issuer.h b/issuer.h index fca10a3..861f031 100644 --- a/issuer.h +++ b/issuer.h @@ -4,8 +4,6 @@ #ifndef ECDAA_ISSUER_ISSUER_H #define ECDAA_ISSUER_ISSUER_H -#include -#include #include #include "server.h" #include "client.h" diff --git a/member.c b/member.c index bb177e1..8c9157a 100644 --- a/member.c +++ b/member.c @@ -12,8 +12,11 @@ typedef enum memberstate { typedef struct member { struct ecdaa_member_public_key_FP256BN mpk; - struct ecdaa_member_public_key_FP256BN msk; + struct ecdaa_member_secret_key_FP256BN msk; memberstate_e state; + uint8_t nonce[NONCE_SIZE]; + struct ecdaa_credential_FP256BN cred; + struct ecdaa_credential_FP256BN_signature cred_sig; } member_t; member_t member; @@ -21,6 +24,8 @@ member_t member; int member_join(char* buffer); int member_attest(char* buffer); int member_publish(char* buffer); +int member_joinappend(char* buffer); +int member_joinfinish(char* buffer); int main() { int err = 0; @@ -46,7 +51,7 @@ int process_member(char *buffer) { bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "PUBLISH ", 8); member_publish(buffer); - } else if (0 == strncasecmp("JOIN", buffer, 4)) { + } else if (member.state != JOINED && 0 == strncasecmp("JOIN", buffer, 4)) { printf("join()\n"); member.state = JOIN; ret = client_connect(&member_join, ISSUERIP, ISSUERPORT); @@ -91,14 +96,13 @@ int member_join(char *buffer) { break; case APPEND: if (0 == strncasecmp("JOINSTART", buffer, 9)) { - bzero(buffer, MAX_BUFSIZE); - strncpy(buffer, "APPEND\n", 7); + member_joinappend(buffer); member.state = JOINPROCEED; } break; case JOINPROCEED: if (0 == strncasecmp("JOINPROCEED", buffer, 11)) { - bzero(buffer, MAX_BUFSIZE); + member_joinfinish(buffer); member.state = JOINED; ret = 1; } @@ -117,7 +121,39 @@ int member_attest(char* buffer) { return 0; } +//"PUBLISH" > "PUBLISH " int member_publish(char* buffer) { strncat(buffer, "\n", 12); return 0; +} + +//"JOINSTART " > "APPEND " +int member_joinappend(char* buffer) { + char *current = &buffer[10]; + uint8_t binbuf[MAX_BUFSIZE]; + ecdaa_hextobin(current, member.nonce, NONCE_SIZE); + + if (0 != ecdaa_member_key_pair_FP256BN_generate(&member.mpk, &member.msk, member.nonce, NONCE_SIZE, ecdaa_rand)) { + fprintf(stderr, "Error generating member key-pair\n"); + return 1; + } + bzero(buffer, MAX_BUFSIZE); + strncpy(buffer, "APPEND ", 7); + + current = &buffer[7]; + bzero(binbuf, MAX_BUFSIZE); + ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk); + ecdaa_bintohex(binbuf, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH, current); + return 0; +} + +//"JOINPROCEED " > "" +int member_joinfinish(char* buffer) { + char *current = &buffer[12]; + uint8_t binbuf[MAX_BUFSIZE]; + ecdaa_credential_FP256BN_deserialize(binbuf, &member.cred); + current = &buffer[12 + 2 * ECDAA_CREDENTIAL_FP256BN_LENGTH]; + //ecdaa_credential_FP256BN_signature_deserialize(current, &member.cred_sig); + bzero(buffer, MAX_BUFSIZE); + return 0; } \ No newline at end of file diff --git a/member.h b/member.h index 45ca421..10ff17e 100644 --- a/member.h +++ b/member.h @@ -4,10 +4,9 @@ #ifndef ECDAA_ISSUER_MEMBER_H #define ECDAA_ISSUER_MEMBER_H -#include -#include #include #include +#include #include "server.h" #include "client.h" #include "common.h" diff --git a/verifier.c b/verifier.c index b09b583..4086a7b 100644 --- a/verifier.c +++ b/verifier.c @@ -9,8 +9,8 @@ typedef enum verifierstate { } verifierstate_e; typedef struct verifier { - struct ecdaa_verifier_public_key_FP256BN mpk; - struct ecdaa_verifier_public_key_FP256BN ipk; + struct ecdaa_issuer_public_key_FP256BN mpk; + struct ecdaa_member_public_key_FP256BN ipk; verifierstate_e state; } verifier_t; diff --git a/verifier.h b/verifier.h index 4a8aeda..cdb5f73 100644 --- a/verifier.h +++ b/verifier.h @@ -4,8 +4,6 @@ #ifndef ECDAA_ISSUER_MEMBER_H #define ECDAA_ISSUER_MEMBER_H -#include -#include #include #include #include "server.h"