preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

issuer saves key in file; verifier can receive message directly

master
Michael Preisach 5 years ago
parent
36ac4abc5f
commit
c77992f397
5 changed files with 83 additions and 79 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      common.h
  2. 120
      issuer.c
  3. 2
      issuer.h
  4. 8
      tags
  5. 28
      verifier.c

4
common.h
View File

@ -19,8 +19,8 @@
#define MAX_CLIENTS 10
#define MAX_BUFSIZE 2048
#define MAX_MSGSIZE (MAX_BUFSIZE / 8)
#define MAX_BSNSIZE (MAX_BUFSIZE / 16)
#define MAX_MSGSIZE ((MAX_BUFSIZE - 1536) / 2)
#define MAX_BSNSIZE 128
#define NONCE_SIZE 384
typedef int (*conn_handler)(char *buffer);

120
issuer.c
View File

@ -19,7 +19,8 @@ typedef struct issuer {
issuer_t issuer;
int issuer_setup(char *buffer);
int issuer_setup();
int issuer_reset(char *buffer);
int issuer_joinstart(char *buffer);
int issuer_joinproceed(char *buffer);
int issuer_publish(char *buffer);
@ -28,68 +29,21 @@ int main() {
if (2 != server_start(&process_issuer, ISSUERPORT)) {
printf("server failed\n");
}
/*
uint8_t buffer[1024], result[1024];
uint8_t *current = buffer;
char send[1024];
bzero(buffer, 1024);
bzero(result, 1024);
bzero(send,1024);
buffer[0] = 0x01;
buffer[1] = 0x02;
buffer[2] = 0x04;
buffer[3] = 0x08;
buffer[4] = 0x10;
buffer[5] = 0x20;
buffer[6] = 0x40;
buffer[7] = 0x80;
buffer[8] = 0x11;
buffer[9] = 0x22;
buffer[10] = 0x44;
buffer[11] = 0x88;
buffer[12] = 0x11;
buffer[13] = 0x21;
buffer[14] = 0x41;
buffer[15] = 0x81;
ecdaa_bintohex(buffer, 16, send);
for(int i = 0; i < 32; i++) {
printf("%c", send[i]);
}
ecdaa_hextobin(send, result, 16);
for(int i = 0; i < 1024; i++) {
if(buffer[i] != result[i]) {
printf("buffer[%i] = %X, result[%i] = %X\n", i, buffer[i], i, result[i]);
}
}
struct ecdaa_issuer_public_key_FP256BN key;
ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand);
ecdaa_issuer_public_key_FP256BN_serialize(buffer, &issuer.ipk);
int ret = ecdaa_issuer_public_key_FP256BN_deserialize(&key, buffer);
printf("ret = %i\n",ret);
ecdaa_bintohex(current, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH, send);
printf("%s\n", send);
ecdaa_hextobin(send, result, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
ret = ecdaa_issuer_public_key_FP256BN_deserialize(&key, result);
printf("ret = %i\n",ret);
for(int i = 0; i < 1024; i++) {
if(buffer[i] != result[i]) {
printf("buffer[%i] = %X, result[%i] = %X\n", i, buffer[i], i, result[i]);
}
}
*/
return 0;
}
int process_issuer(char *buffer) {
int ret = 0;
if(ON == issuer.state) {
if( (0 == issuer_setup()) {
issuer.state = READY;
} else {
printf("issuer setup failed\n");
return 2;
}
}
printf("> ISSUER: %s\n", buffer);
if (0 == strncasecmp("OK", buffer, 2)) {
@ -113,11 +67,18 @@ int process_issuer(char *buffer) {
strncpy(buffer, "ERR\n", 4);
break;
}
} else if (0 == strncasecmp("SETUP", buffer, 5)) {
} else if (0 == strncasecmp("RESET", buffer, 4)) {
switch (issuer.state) {
case ON:
if(0 == issuer_setup(buffer)) {
case READY:
printf("generate new issuer identity\n");
if( (0 == issuer_setup(buffer)) {
issuer.state = READY;
} else {
printf("issuer setup failed\n");
return 2;
}
if(0 == issuer_joinstart(buffer)) {
issuer.state = JOINSTART;
}
break;
default:
@ -234,15 +195,44 @@ int issuer_joinproceed(char *buffer) {
return 0;
}
// "SETUP > SETUPDONE"
int issuer_setup(char *buffer) {
// "RESET > RESETDONE"
int issuer_reset(char *buffer) {
printf("issuer_reset: generating new keys and save them to disk\n");
if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) {
printf("issuer_reset: Error generating issuer key-pair\n");
strncpy(buffer, "ERR\n", 4);
return -1;
}
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &ipk) ||
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &isk)) {
printf("issuer_reset: Error saving key-pair to disk\n");
strncpy(buffer, "ERR\n", 4);
return -1;
}
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "RESETDONE\n", 10);
return 0;
}
//Load or generate issuer keypair initially
int issuer_setup() {
printf("setup()\n");
if (0 == ecdaa_issuer_public_key_FP256BN_deserialize_file(&issuer.ipk, issuer_public_key_file)) {
if (0 == ecdaa_issuer_secret_key_FP256BN_deserialize_file(&issuer.isk, issuer_secret_key_file) {
printf("issuer_setup: loaded keys from disk\n");
return 0;
}
}
printf("issuer_setup: generating new keys and save them to disk\n");
if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) {
printf("issuer_setup: Error generating issuer key-pair\n");
return -1;
}
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "SETUPDONE\n", 10);
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &ipk) ||
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &isk)) {
printf("issuer_setup: Error saving key-pair to disk\n");
return -1;
}
return 0;
}

2
issuer.h
View File

@ -10,5 +10,7 @@
#include "common.h"
int process_issuer(char *buffer);
const char* issuer_public_key_file = "ipk.bin"
const char* issuer_secret_key_file = "isk.bin"
#endif //ECDAA_ISSUER_ISSUER_H

8
tags
View File

@ -26,6 +26,7 @@ ISSUERIP common.h /^#define ISSUERIP /;" d
ISSUERPORT common.h /^#define ISSUERPORT /;" d
ISSUERPUB member-tpm.c /^ ISSUERPUB,$/;" e enum:memberstate file:
ISSUERPUB member.c /^ ISSUERPUB,$/;" e enum:memberstate file:
Installing README.md /^## Installing$/;" s
Installing TPM support for TPM-backed member README.md /^### Installing TPM support for TPM-backed member$/;" S
Installing xaptum/ecdaa README.md /^### Installing xaptum\/ecdaa$/;" S
JOIN member-tpm.c /^ JOIN,$/;" e enum:memberstate file:
@ -48,9 +49,12 @@ ON member-tpm.c /^ ON,$/;" e enum:memberstate file:
ON member.c /^ ON,$/;" e enum:memberstate file:
ON verifier.c /^ ON,$/;" e enum:verifierstate file:
Prerequisities README.md /^## Prerequisities$/;" s
Protocol README.md /^### Protocol$/;" S
RCVPUBLIC member-tpm.c /^ RCVPUBLIC,$/;" e enum:memberstate file:
RCVPUBLIC member.c /^ RCVPUBLIC,$/;" e enum:memberstate file:
READY issuer.c /^ READY$/;" e enum:issuer_state file:
Setting IP addresses in common.h README.md /^### Setting IP addresses in common.h$/;" S
Usage README.md /^## Usage$/;" s
VERIFIERIP common.h /^#define VERIFIERIP /;" d
VERIFIERPORT common.h /^#define VERIFIERPORT /;" d
bin2hex common.c /^char bin2hex(uint8_t byte) {$/;" f typeref:typename:char
@ -84,10 +88,6 @@ ipk verifier.c /^ struct ecdaa_issuer_public_key_FP256BN ipk;$/;" m struct:ve
isk issuer.c /^ struct ecdaa_issuer_secret_key_FP256BN isk;$/;" m struct:issuer typeref:struct:ecdaa_issuer_secret_key_FP256BN file:
issuer issuer.c /^issuer_t issuer;$/;" v typeref:typename:issuer_t
issuer issuer.c /^typedef struct issuer {$/;" s file:
issuer_joinproceed issuer.c /^int issuer_joinproceed(char *buffer) {$/;" f typeref:typename:int
issuer_joinstart issuer.c /^int issuer_joinstart(char *buffer) {$/;" f typeref:typename:int
issuer_publish issuer.c /^int issuer_publish(char *buffer) {$/;" f typeref:typename:int
issuer_setup issuer.c /^int issuer_setup(char *buffer) {$/;" f typeref:typename:int
issuer_state issuer.c /^typedef enum issuer_state {$/;" g file:
issuer_t issuer.c /^} issuer_t;$/;" t typeref:struct:issuer file:
issuerstate_e issuer.c /^} issuerstate_e;$/;" t typeref:enum:issuer_state file:

28
verifier.c
View File

@ -37,21 +37,32 @@ int main() {
int process_verifier(char *buffer) {
int ret = 0;
char remote_ip[16];
printf("> VERIFIER: %s\n", buffer);
if (0 == strncasecmp("VERIFY", buffer, 6)) {
if (0 == strncasecmp("VERIFYMSG", buffer, 9)) {
switch (verifier.state) {
case GOTISSUER:
ret = verifier_checkattest(buffer[10]);
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
if (-1 == ret) {
printf("verifier_attestmember: member public key is malformed!\n");
strncpy(buffer, "ERR\n", 4);
} else if (-2 == ret) {
printf("verifier_attestmember: signature of member public key is invalid\n");
strncpy(buffer, "ERR\n", 4);
} else {
strncpy(buffer, "OK\n", 3);
}
break;
default:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
}
} else if (0 == strncasecmp("ATTEST", buffer, 4)) {
ret = client_connect(&verifier_attestmember, MEMBERIP, MEMBERPORT);
} else if (0 == strncasecmp("ATTEST", buffer, 6)) {
strncpy(remote_ip, buffer[7], 15);
ret = client_connect(&verifier_attestmember, remote_ip, MEMBERPORT);
if (0 >= ret) {
printf("process_verifier: member verification failed\n");
bzero(buffer, MAX_BUFSIZE);
@ -66,7 +77,8 @@ int process_verifier(char *buffer) {
verifier_checklink(buffer);
} else if (0 == strncasecmp("GETPUBLIC", buffer, 9)) {
verifier.state = ON;
ret = client_connect(&verifier_getissuer, ISSUERIP, ISSUERPORT);
strncpy(remote_ip, buffer[10], 15);
ret = client_connect(&verifier_getissuer, remote_ip, ISSUERPORT);
if (0 >= ret || GOTISSUER != verifier.state) {
printf("process_verifier: issuer connection failed\n");
bzero(buffer, MAX_BUFSIZE);
@ -96,6 +108,7 @@ int process_verifier(char *buffer) {
return ret;
}
//"GETPUBLIC <IPv4>" > "OK"
int verifier_getissuer(char *buffer) {
int ret = 0;
@ -138,7 +151,6 @@ int verifier_getissuer(char *buffer) {
}
//"ATTEST" > "OK"
int verifier_attestmember(char *buffer) {
int ret = 0;
@ -151,7 +163,7 @@ int verifier_attestmember(char *buffer) {
case ASKATTEST:
if (0 == strncasecmp("ATTEST", buffer, 6)) {
printf("MEMBER > VERIFIER: %s", buffer);
ret = verifier_checkattest(buffer);
ret = verifier_checkattest(buffer[7]);
if (-1 == ret) {
printf("verifier_attestmember: member public key is malformed!\n");
ret = -1;
@ -179,7 +191,7 @@ int verifier_attestmember(char *buffer) {
//"ATTEST <msg>0<signature w/o bsn>" or
//"ATTEST <msg>1<signature with bsn>"
int verifier_checkattest(char *buffer) {
char *current = &buffer[7]; //"ATTEST "
char *current = &buffer;
char msg[MAX_MSGSIZE];
strncpy(msg, current, MAX_MSGSIZE);

Write Preview
Loading…
Cancel
Save