preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

added debug flag, improved error messages

master
Michael Preisach 4 years ago
parent
b0edf1d3b8
commit
c849b4544b
5 changed files with 134 additions and 98 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      common.h
  2. 54
      issuer.c
  3. 81
      member-tpm.c
  4. 51
      member.c
  5. 42
      verifier.c

4
common.h
View File

@ -7,6 +7,8 @@
#include <string.h>
#include <stdint.h>
#define DEBUG //enable on screen debug information
#define ISSUERPORT 6590
#define MEMBERPORT 6591
#define VERIFIERPORT 6592
@ -28,7 +30,7 @@ const char* member_secret_key_file = "msk.bin"; //for TPM less members o
const char* member_public_key_file = "mpk.bin";
const char* member_credential_file = "mcred.bin";
const char* member_nonce_file = "mnonce.bin";
const char* verifier_ipk_file = "ipk.bin";
const char* verifier_group_pk_file = "gpk.bin";
const char* message_file = "msg.txt"; //Checksum of message in chksum.txt
const char* checksum_file = "chksum.txt"; //Only this file is signed due to 1024 bytes size limit

54
issuer.c
View File

@ -30,13 +30,13 @@ int main() {
if (0 == issuer_setup()) {
issuer.state = READY;
} else {
printf("issuer setup failed\n");
printf("Error: Issuer setup failed.\n");
return 1;
}
}
if (2 != server_start(&process_issuer, ISSUERPORT)) {
printf("server failed\n");
printf("Error: Server failed.\n");
}
return 0;
}
@ -44,22 +44,24 @@ int main() {
int process_issuer(char *buffer) {
int ret = 0;
#ifdef DEBUG
printf("> ISSUER: %s\n", buffer);
#endif
if (0 == strncasecmp("OK", buffer, 2)) {
printf("nothing to confirm\n");
printf("Nothing to confirm.\n");
} else if (0 == strncasecmp("ERR", buffer, 3)) {
printf("ignoring command\n");
printf("Ignoring command.\n");
} else if (0 == strncasecmp("ABORT", buffer, 5)) {
switch (issuer.state) {
case JOINSTART:
printf("aborting join\n");
printf("Aborting join.\n");
issuer.state = READY;
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
break;
default:
printf("nothing to abort\n");
printf("Nothing to abort.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
break;
@ -68,18 +70,18 @@ int process_issuer(char *buffer) {
switch (issuer.state) {
case READY:
case JOINSTART:
printf("generate new issuer identity\n");
printf("Generate new issuer identity.\n");
if (0 == issuer_setup(buffer)) {
issuer.state = READY;
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
} else {
printf("issuer setup failed\n");
printf("Error: Issuer setup failed.\n");
return 2;
}
break;
default:
printf("Reset not possible\n");
printf("Reset not possible.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
break;
@ -92,7 +94,7 @@ int process_issuer(char *buffer) {
}
break;
default:
printf("Issuer not ready for join\n");
printf("Issuer not ready for join.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
break;
@ -105,7 +107,7 @@ int process_issuer(char *buffer) {
}
break;
default:
printf("Issuer not ready for append\n");
printf("Issuer not ready for append.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
break;
@ -117,27 +119,29 @@ int process_issuer(char *buffer) {
issuer_publish(buffer);
break;
default:
printf("There are no keys to publish\n");
printf("There are no keys to publish.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
break;
}
} else if (0 == strncasecmp("EXIT", buffer, 4)) {
printf("closing client session\n");
printf("Closing client session.\n");
bzero(buffer, MAX_BUFSIZE);
ret = 1;
} else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) {
bzero(buffer, MAX_BUFSIZE);
ret = 2;
} else {
printf("unknown command\n");
printf("Unknown command.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
ret = 0;
}
if(0 == ret) {
#ifdef DEBUG
printf("< ISSUER: %s\n", buffer);
#endif
}
return ret;
}
@ -169,17 +173,17 @@ int issuer_joinproceed(char *buffer) {
ret = ecdaa_member_public_key_FP256BN_deserialize(&issuer.mpk, binbuf, issuer.nonce, NONCE_SIZE);
if(-1 == ret) {
strncpy(buffer, "ERR\n", 4);
printf("issuer_joinproceed: member public key is malformed!\n");
printf("issuer_joinproceed: Member public key is malformed!\n");
return -1;
} else if (-2 == ret) {
strncpy(buffer, "ERR\n", 4);
printf("issuer_joinproceed: signature of member public key is invalid\n");
printf("issuer_joinproceed: Signature of member public key is invalid.\n");
return -1;
}
if (0 != ecdaa_credential_FP256BN_generate(&issuer.cred, &issuer.cred_sig, &issuer.isk, &issuer.mpk, ecdaa_rand)) {
strncpy(buffer, "ERR\n", 4);
printf("issuer_joinproceed: error generating credential\n");
printf("issuer_joinproceed: Error generating credential.\n");
return -1;
}
bzero(buffer, MAX_BUFSIZE);
@ -201,15 +205,15 @@ int issuer_joinproceed(char *buffer) {
// "RESET > RESETDONE"
int issuer_reset(char *buffer) {
printf("issuer_reset: generating new keys and save them to disk\n");
printf("issuer_reset: Generating new keys and save them to disk.\n");
if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) {
printf("issuer_reset: Error generating issuer key-pair\n");
printf("issuer_reset: Error generating issuer key-pair.\n");
strncpy(buffer, "ERR\n", 4);
return -1;
}
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &issuer.ipk) ||
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &issuer.isk)) {
printf("issuer_reset: Error saving key-pair to disk\n");
printf("issuer_reset: Error saving key-pair to disk.\n");
strncpy(buffer, "ERR\n", 4);
return -1;
}
@ -220,21 +224,23 @@ int issuer_reset(char *buffer) {
//Load or generate issuer keypair initially
int issuer_setup() {
#ifdef DEBUG
printf("setup()\n");
#endif
if (0 == ecdaa_issuer_public_key_FP256BN_deserialize_file(&issuer.ipk, issuer_public_key_file)) {
if (0 == ecdaa_issuer_secret_key_FP256BN_deserialize_file(&issuer.isk, issuer_secret_key_file)) {
printf("issuer_setup: loaded keys from disk\n");
printf("issuer_setup: Loaded keys from disk.\n");
return 0;
}
}
printf("issuer_setup: generating new keys and save them to disk\n");
printf("issuer_setup: Generating new keys and save them to disk.\n");
if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) {
printf("issuer_setup: Error generating issuer key-pair\n");
printf("issuer_setup: Error generating issuer key-pair.\n");
return -1;
}
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &issuer.ipk) ||
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &issuer.isk)) {
printf("issuer_setup: Error saving key-pair to disk\n");
printf("issuer_setup: Error saving key-pair to disk.\n");
return -1;
}
return 0;

81
member-tpm.c
View File

@ -59,15 +59,15 @@ int main(int argc, char *argv[]) {
if (0 != read_public_key_from_files(member.pk_in, &sk_handle, member_tpm_key_file, member_tpm_handle_file)) {
printf("Could not load TPM key with '%s' and '%s', trying to create a new key...\n", member_tpm_key_file, member_tpm_handle_file);
if (0 != create_key(member_tpm_key_file, member_tpm_handle_file) || 0 != read_public_key_from_files(member.pk_in, &sk_handle, member_tpm_key_file, member_tpm_handle_file)) {
printf("Error: Creating or Loading TPM key with '%s' and '%s' failed. Exiting\n", member_tpm_key_file, member_tpm_handle_file);
printf("Error: Creating or Loading TPM key with '%s' and '%s' failed.\n", member_tpm_key_file, member_tpm_handle_file);
return 1;
}
}
if (0 != init_tpm()) {
printf("Error: Failed to initialize TPM. Exiting\n");
printf("Error: Failed to initialize TPM.\n");
return 1;
}
printf("Initialized TPM with pubkey and handle\n");
printf("Initialized TPM with pubkey and handle.\n");
member.state = ON;
remote_ip = argv[2];
ret = client_connect(&member_join, remote_ip, ISSUERPORT);
@ -75,32 +75,32 @@ int main(int argc, char *argv[]) {
printf("Join process failed!\n");
return 1;
}
printf("Join process was successful\n");
printf("Join process was successful.\n");
} else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
if (0 != read_public_key_from_files(member.pk_in, &sk_handle, member_tpm_key_file, member_tpm_handle_file)) {
printf("Error: reading in public key files '%s' and '%s' failed\n", member_tpm_key_file, member_tpm_handle_file);
return 1;
}
if (0 != init_tpm()) {
printf("Error: Failed to initialize TPM. Exiting\n");
printf("Error: Failed to initialize TPM.\n");
return 1;
}
printf("Initialized TPM with pubkey and handle\n");
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE);
printf("Initialized TPM with pubkey and handle.\n");
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, message_file);
if (msg_len < 0) {
printf("Could not open message file %s\n", MSGFILE);
printf("Could not open message file %s.\n", message_file);
return 1;
}
chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, CHKSUMFILE);
chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, checksum_file);
if (chksum_len < 0) {
printf("Could not open checksum file %s\n", CHKSUMFILE);
printf("Could not open checksum file %s.\n", checksum_file);
return 1;
}
printf("Loaded message and checksum\n");
printf("Loaded message and checksum.\n");
if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) ||
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
printf("Could not import key files. importing from either %s, %s or %s was not successful\n",
printf("Could not import key files. Importing from either %s, %s or %s was not successful.\n",
member_nonce_file, member_public_key_file, member_credential_file);
return 1;
}
@ -108,17 +108,17 @@ int main(int argc, char *argv[]) {
remote_ip = argv[2];
ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
if (2 != ret) {
printf("message transmission to verifier failed\n");
printf("Error: Message transmission to verifier failed.\n");
}
} else {
printf("arguments invalid");
printf("Error: Arguments invalid.\n");
}
break;
default:
printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]);
printf("Send a signed message to the verifier: %s --send <verifier's IPv4>\n", argv[0]);
printf("Before sending a DAA-signed message, the member must join a DAA group\n");
printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", MSGFILE, MAX_MSGSIZE, CHKSUMFILE, MAX_CHKSUMSIZE);
printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", message_file, MAX_MSGSIZE, checksum_file, MAX_CHKSUMSIZE);
break;
}
return 0;
@ -139,25 +139,27 @@ int init_tpm()
size_t size;
init_ret = Tss2_Tcti_Device_Init(NULL, &size, device_conf);
if (TSS2_RC_SUCCESS != init_ret) {
printf("Failed to get allocation size for tcti context\n");
printf("Error: Failed to get allocation size for tcti context.\n");
return -1;
}
if (size > sizeof(member.tcti_buffer)) {
printf("Error: device TCTI context size larger than pre-allocated buffer\n");
printf("Error: device TCTI context size larger than pre-allocated buffer.\n");
return -1;
}
init_ret = Tss2_Tcti_Device_Init(tcti_ctx, &size, device_conf);
if (TSS2_RC_SUCCESS != init_ret) {
printf("Error: Unable to initialize device TCTI context\n");
printf("Error: Unable to initialize device TCTI context.\n");
return -1;
}
//initialize ecdaa tpm context
if(0 != ecdaa_tpm_context_init(&member.ctx, member.pk_handle, NULL, 0, tcti_ctx)) {
printf("\necdaa context failed\n");
printf("Error: ECDAA context failed.\n");
return -1;
}
printf("\necdaa context initialized\n");
#ifdef DEBUG
printf("ECDAA context initialized.\n");
#endif
return 0;
}
@ -177,7 +179,9 @@ int member_join(char *buffer) {
break;
case ISSUERPUB:
if (0 == strncasecmp("PUBLISH", buffer, 7)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
uint8_t binbuf[MAX_BUFSIZE];
char *current = &buffer[8];
ecdaa_decode(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
@ -186,7 +190,7 @@ int member_join(char *buffer) {
printf("member_getpublic: issuer public key is malformed!\n");
ret = -1;
} else if (-2 == ret) {
printf("member_getpublic: signature of issuer public key is invalid\n");
printf("member_getpublic: signature of issuer public key is invalid.\n");
ret = -1;
} else {
bzero(buffer, MAX_BUFSIZE);
@ -195,29 +199,33 @@ int member_join(char *buffer) {
ret = 0;
}
} else {
printf("member_getpublic: did not get public key from issuer\n");
printf("member_getpublic: did not get public key from issuer.\n");
member.state = ON;
ret = -1;
}
break;
case APPEND:
if (0 == strncasecmp("JOINSTART", buffer, 9)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
member_joinappend(buffer);
member.state = JOINPROCEED;
} else {
printf("member_join: did not get nonce from issuer\n");
printf("member_join: did not get nonce from issuer.\n");
member.state = RCVPUBLIC;
ret = -1;
}
break;
case JOINPROCEED:
if (0 == strncasecmp("JOINPROCEED", buffer, 11)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
ret = member_joinfinish(buffer);
member.state = JOINED;
} else {
printf("member_getpublic: did not get credentials from issuer\n");
printf("member_getpublic: did not get credentials from issuer.\n");
member.state = RCVPUBLIC;
ret = -1;
}
@ -226,7 +234,9 @@ int member_join(char *buffer) {
ret = -1;
}
if (0 == ret) {
#ifdef DEBUG
printf("ISSUER < MEMBER: %s", buffer);
#endif
}
return ret;
}
@ -244,7 +254,7 @@ int member_verifymsg(char *buffer) {
if (0 == strncasecmp("OK", buffer, 2)) {
return 1;
} else if (0 == strncasecmp("ERR", buffer, 3)) {
printf("member_verifymsg: Verifier refused signature\n");
printf("member_verifymsg: Verifier refused signature.\n");
return 1;
}
@ -258,7 +268,7 @@ int member_verifymsg(char *buffer) {
current = &current[bytes];
if(has_nym) {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &member.ctx)) {
printf("member_verifymsg: Signing message failed\n");
printf("member_verifymsg: Signing message failed.\n");
}
current[0] = '1';
current = &current[1];
@ -266,7 +276,7 @@ int member_verifymsg(char *buffer) {
current = &current[MAX_BSNSIZE];
} else {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.cred, ecdaa_rand, &member.ctx)) {
printf("member_verifymsg: Signing message failed\n");
printf("member_verifymsg: Signing message failed.\n");
}
current[0] = '0';
current = &current[1];
@ -275,12 +285,13 @@ int member_verifymsg(char *buffer) {
bzero(binbuf, MAX_BUFSIZE);
ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
bytes = ecdaa_encode(binbuf, current, sig_len);
#ifdef DEBUG
printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
printf("member_verifymsg: msg: %s, len: %lu\n", msg, msg_len);
printf("member_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len);
printf("member_verifymsg: bsn: %s, len: %lu\n", (char *)member.bsn, strlen((char *)member.bsn));
printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len);
#endif
current[bytes] = '\n';
return 2; //send to verifier before closing
}
@ -326,13 +337,13 @@ int member_joinfinish(char *buffer) {
printf("member_joinfinish: credential is malformed!\n");
ret = -1;
} else if(-2 == ret) {
printf("member_joinfinish: siganture of credential is invalid\n");
printf("member_joinfinish: siganture of credential is invalid.\n");
ret = -1;
}
printf("member_joinfinish: writing public key and credential to disk\n");
printf("member_joinfinish: writing public key and credential to disk.\n");
if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) ||
0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) {
printf("issuer_setup: Error saving key-pair or credential to disk\n");
printf("issuer_setup: Error saving key-pair or credential to disk.\n");
ret = -1;
} else {
ret = 1;
@ -347,7 +358,7 @@ int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, con
FILE *pub_key_file_ptr = fopen(pub_key_filename, "r");
if (NULL == pub_key_file_ptr) {
printf("read_public_key: error opening public key\n");
printf("read_public_key: error opening public key.\n");
return -1;
}
do {
@ -362,13 +373,13 @@ int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, con
} while(0);
(void)fclose(pub_key_file_ptr);
if (0 != ret) {
printf("read_public_key: error reading public key file\n");
printf("read_public_key: error reading public key file.\n");
return -1;
}
FILE *handle_file_ptr = fopen(handle_filename, "r");
if (NULL == handle_file_ptr) {
printf("read_public_key: error opening handle\n");
printf("read_public_key: error opening handle.\n");
return -1;
}
@ -387,7 +398,7 @@ int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, con
(void)fclose(handle_file_ptr);
if (0 != ret) {
printf("read_public_key: error closing public key\n");
printf("read_public_key: error closing public key.\n");
return -1;
}
return ret;

51
member.c
View File

@ -50,27 +50,28 @@ int main(int argc, char **argv) {
remote_ip = argv[2];
ret = client_connect(&member_join, remote_ip, ISSUERPORT);
if (0 >= ret || JOINED != member.state) {
printf("Join process failed!\n");
printf("Error: Join process failed!\n");
return 1;
} else {
printf("Join process was successful\n");
printf("Join process was successful.\n");
}
} else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MSGFILE);
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, message_file);
if (msg_len < 0) {
printf("Could not open message file %s\n", MSGFILE);
printf("Error: Could not open message file %s.\n", message_file);
return 1;
}
chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, CHKSUMFILE);
chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, checksum_file);
if (chksum_len < 0) {
printf("Could not open checksum file %s\n", CHKSUMFILE);
printf("Error: Could not open checksum file %s.\n", checksum_file);
return 1;
}
printf("Loaded message and checksum.\n");
if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) ||
0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) ||
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
printf("Could not import key files. importing from either %s, %s, %s or %s was not successful\n",
printf("Could not import key files. Importing from either %s, %s, %s or %s was not successful.\n",
member_nonce_file, member_secret_key_file, member_public_key_file, member_credential_file);
return 1;
}
@ -78,17 +79,17 @@ int main(int argc, char **argv) {
remote_ip = argv[2];
ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
if (2 != ret) {
printf("message transmission to verifier failed\n");
printf("Error: Message transmission to verifier failed.\n");
}
} else {
printf("arguments invalid\n");
printf("Error: Arguments invalid.\n");
}
break;
default:
printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]);
printf("Send a signed message to the verifier: %s --send <verifier's IPv4>\n", argv[0]);
printf("Before sending a DAA-signed message, the member must join a DAA group\n");
printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", MSGFILE, MAX_MSGSIZE, CHKSUMFILE, MAX_CHKSUMSIZE);
printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", message_file, MAX_MSGSIZE, checksum_file, MAX_CHKSUMSIZE);
break;
}
return 0;
@ -105,7 +106,9 @@ int member_join(char *buffer) {
break;
case ISSUERPUB:
if (0 == strncasecmp("PUBLISH", buffer, 7)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
uint8_t binbuf[MAX_BUFSIZE];
char *current = &buffer[8];
ecdaa_decode(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
@ -114,7 +117,7 @@ int member_join(char *buffer) {
printf("member_getpublic: issuer public key is malformed!\n");
ret = -1;
} else if (-2 == ret) {
printf("member_getpublic: signature of issuer public key is invalid\n");
printf("member_getpublic: signature of issuer public key is invalid.\n");
ret = -1;
} else {
bzero(buffer, MAX_BUFSIZE);
@ -123,29 +126,33 @@ int member_join(char *buffer) {
ret = 0;
}
} else {
printf("member_getpublic: did not get public key from issuer\n");
printf("member_getpublic: did not get public key from issuer.\n");
member.state = ON;
ret = -1;
}
break;
case APPEND:
if (0 == strncasecmp("JOINSTART", buffer, 9)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
member_joinappend(buffer);
member.state = JOINPROCEED;
} else {
printf("member_join: did not get nonce from issuer\n");
printf("member_join: did not get nonce from issuer.\n");
member.state = RCVPUBLIC;
ret = -1;
}
break;
case JOINPROCEED:
if (0 == strncasecmp("JOINPROCEED", buffer, 11)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
ret = member_joinfinish(buffer);
member.state = JOINED;
} else {
printf("member_getpublic: did not get credentials from issuer\n");
printf("member_getpublic: did not get credentials from issuer.\n");
member.state = RCVPUBLIC;
ret = -1;
}
@ -154,7 +161,9 @@ int member_join(char *buffer) {
ret = -1;
}
if (0 == ret) {
#ifdef DEBUG
printf("ISSUER < MEMBER: %s\n", buffer);
#endif
}
return ret;
}
@ -179,7 +188,7 @@ int member_verifymsg(char *buffer) {
current = &current[bytes];
if(has_nym) {
if (0 != ecdaa_signature_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand)) {
printf("member_verifymsg: Signing message failed\n");
printf("member_verifymsg: Signing message failed.\n");
}
current[0] = '1';
current = &current[1];
@ -187,7 +196,7 @@ int member_verifymsg(char *buffer) {
current = &current[MAX_BSNSIZE];
} else {
if (0 != ecdaa_signature_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.msk, &member.cred, ecdaa_rand)) {
printf("member_verifymsg: Signing message failed\n");
printf("member_verifymsg: Signing message failed.\n");
}
current[0] = '0';
current = &current[1];
@ -196,11 +205,13 @@ int member_verifymsg(char *buffer) {
bzero(binbuf, MAX_BUFSIZE);
ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
bytes = ecdaa_encode(binbuf, current, sig_len);
#ifdef DEBUG
printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
printf("member_verifymsg: msg: %s, len: %lu\n", msg, msg_len);
printf("member_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len);
printf("member_verifymsg: bsn: %s, len: %lu\n", (char *)member.bsn, strlen((char *)member.bsn));
printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len);
#endif
current[bytes] = '\n';
return 2; //send to verifier before closing
@ -214,7 +225,7 @@ int member_joinappend(char *buffer) {
ecdaa_write_buffer_to_file(member_nonce_file, member.nonce, NONCE_SIZE);
// if (0 != ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, member.nonce, NONCE_SIZE)) {
if (0 != ecdaa_member_key_pair_FP256BN_generate(&member.mpk, &member.msk, member.nonce, NONCE_SIZE, ecdaa_rand)) {
fprintf(stderr, "Error generating member key-pair\n");
fprintf(stderr, "Error generating member key-pair.\n");
return -1;
}
bzero(buffer, MAX_BUFSIZE);
@ -246,14 +257,14 @@ int member_joinfinish(char *buffer) {
printf("member_joinfinish: credential is malformed!\n");
ret = -1;
} else if(-2 == ret) {
printf("member_joinfinish: siganture of credential is invalid\n");
printf("member_joinfinish: siganture of credential is invalid.\n");
ret = -1;
}
printf("member_joinfinish: writing key-pair and credential to disk\n");
printf("member_joinfinish: writing key-pair and credential to disk.\n");
if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) ||
0 != ecdaa_member_secret_key_FP256BN_serialize_file(member_secret_key_file, &member.msk) ||
0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) {
printf("issuer_joinfinish: Error saving key-pair or credential to disk\n");
printf("issuer_joinfinish: Error saving key-pair or credential to disk.\n");
ret = -1;
} else {
ret = 1;

42
verifier.c
View File

@ -36,10 +36,10 @@ int main(int argc, char **argv) {
switch(argc) {
case 1:
if (0 != ecdaa_issuer_public_key_FP256BN_deserialize_file(&verifier.ipk, verifier_ipk_file)) {
printf("Could not import key file. Importing from %s was not successful",verifier_ipk_file);
printf("Could not import key file. Importing from %s was not successful.\n",verifier_ipk_file);
return 1;
}
printf("verifier_setup: loaded keys from disk\n");
printf("verifier_setup: loaded keys from disk.\n");
verifier.state = GOTISSUER;
break;
case 3:
@ -48,24 +48,24 @@ int main(int argc, char **argv) {
remote_ip = argv[2];
ret = client_connect(&verifier_getissuer, remote_ip, ISSUERPORT);
if (0 >= ret || GOTISSUER != verifier.state) {
printf("connection to issuer failed\n");
printf("Error: connection to issuer failed.\n");
}
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(verifier_ipk_file, &verifier.ipk)) {
printf("issuer_setup: Error saving key-pair to disk\n");
printf("Error saving key-pair to disk.\n");
return -1;
}
printf("verifier_setup: wrote new issuer's public key to %s\n", verifier_ipk_file);
printf("verifier_setup: wrote new issuer's public key to %s.\n", verifier_ipk_file);
} else {
printf("arguments invalid\n");
printf("Error: Arguments invalid.\n");
}
break;
default:
printf("Usage: \n Get issuer's public key: %s --public <issuer's IPv4>\n", argv[0]);
printf("If the public key is already saved, no arguments are needed\n");
printf("If the public key is already saved, no arguments are needed.\n");
break;
}
if (GOTISSUER == verifier.state && 2 != server_start(&process_verifier, VERIFIERPORT)) {
printf("server failed\n");
printf("Error: Server failed.\n");
}
return 0;
}
@ -83,21 +83,21 @@ int process_verifier(char *buffer) {
printf("process_verifier: member public key is malformed!\n");
strncpy(buffer, "ERR\n", 4);
} else if (-2 == ret) {
printf("process_verifier: signature of member public key is invalid\n");
printf("process_verifier: signature of member public key is invalid.\n");
strncpy(buffer, "ERR\n", 4);
} else {
strncpy(buffer, "OK\n", 3);
}
ret = 0;
} else if (0 == strncasecmp("EXIT", buffer, 4)) {
printf("closing client session\n");
printf("closing client session.\n");
bzero(buffer, MAX_BUFSIZE);
ret = 1;
} else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) {
bzero(buffer, MAX_BUFSIZE);
ret = 2;
} else {
printf("unknown command\n");
printf("unknown command.\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
ret = 0;
@ -120,7 +120,9 @@ int verifier_getissuer(char *buffer) {
break;
case ASKISSUER:
if (0 == strncasecmp("PUBLISH", buffer, 7)) {
#ifdef DEBUG
printf("ISSUER > VERIFIER: %s", buffer);
#endif
uint8_t binbuf[MAX_BUFSIZE];
char *current = &buffer[8];
ecdaa_decode(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
@ -129,14 +131,14 @@ int verifier_getissuer(char *buffer) {
printf("verifier_getpublic: issuer public key is malformed!\n");
ret = -1;
} else if (-2 == ret) {
printf("verifier_getpublic: signature of issuer public key is invalid\n");
printf("verifier_getpublic: signature of issuer public key is invalid.\n");
ret = -1;
} else {
verifier.state = GOTISSUER;
ret = 1;
}
} else {
printf("verifier_getpublic: did not get public key from issuer\n");
printf("verifier_getpublic: did not get public key from issuer.\n");
verifier.state = ON;
ret = -1;
}
@ -145,7 +147,9 @@ int verifier_getissuer(char *buffer) {
ret = -1;
}
if (0 == ret) {
#ifdef DEBUG
printf("ISSUER < VERIFIER: %s", buffer);
#endif
}
return ret;
}
@ -188,15 +192,17 @@ int verifier_verifymsg(char *buffer) {
ret = ecdaa_signature_FP256BN_deserialize(&sig, binbuf, has_nym);
if (0 != ret) {
printf("verifier_verifymsg: error reading signature\n");
printf("verifier_verifymsg: error reading signature.\n");
return -1;
}
#ifdef DEBUG
printf("verifier_verifymsg: has_nym: %u, sig_len: %lu\n", has_nym, sig_len);
printf("verifier_verifymsg: msg: %s, len: %lu\n", msg, msg_len);
printf("verifier_verifymsg: chksum: %s, len: %lu\n", chksum, chksum_len);
printf("verifier_verifymsg: bsn: %s, len: %lu\n", bsn, bsn_len);
printf("verifier_verifymsg: sig: %s, len: %lu\n", current, sig_len);
#endif
ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) chksum, chksum_len,
(uint8_t *) bsn, bsn_len);
if (0 != ret) {
@ -204,9 +210,9 @@ int verifier_verifymsg(char *buffer) {
return -1;
}
printf("writing message to %s\n", MSGFILE);
ecdaa_write_buffer_to_file(MSGFILE, msg, msg_len);
printf("writing checksum to %s\n", CHKSUMFILE);
ecdaa_write_buffer_to_file(CHKSUMFILE, chksum, chksum_len);
printf("writing message to %s\n", message_file);
ecdaa_write_buffer_to_file(message_file, msg, msg_len);
printf("writing checksum to %s\n", checksum_file);
ecdaa_write_buffer_to_file(checksum_file, chksum, chksum_len);
return 0;
}

Write Preview
Loading…
Cancel
Save