preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

verify message with bsn working

master
Michael Preisach 5 years ago
parent
34bb4b3507
commit
e3cd6862c2
10 changed files with 92 additions and 183 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      .gitignore
  2. 4
      CMakeLists.txt
  3. BIN
      ecdaa_issuer
  4. BIN
      ecdaa_member
  5. BIN
      ecdaa_verifier
  6. 27
      issuer.c
  7. 2
      member-tpm.c
  8. 201
      member.c
  9. 1
      member.h
  10. 38
      verifier.c

2
.gitignore
View File

@ -2,3 +2,5 @@ CMakeFiles/
CMakeCache.txt CMakeCache.txt
Makefile Makefile
cmake_install.cmake cmake_install.cmake
*.bin
*.txt

4
CMakeLists.txt
View File

@ -23,8 +23,8 @@ target_include_directories(ecdaa_member_tpm PUBLIC
) )
target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libecdaa.so) target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libecdaa.so)
target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libecdaa-tpm.so) target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libecdaa-tpm.so)
target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libxaptum-tpm.so) # target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libxaptum-tpm.so)
target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libtss2-esys.so) # target_link_libraries(ecdaa_member_tpm /usr/lib/x86_64-linux-gnu/libtss2-esys.so)
add_executable(ecdaa_verifier verifier.c common.h common.c server.h server.c client.h client.c) add_executable(ecdaa_verifier verifier.c common.h common.c server.h server.c client.h client.c)
target_include_directories(ecdaa_verifier PUBLIC target_include_directories(ecdaa_verifier PUBLIC

BIN
ecdaa_issuer
View File

Binary file not shown.

BIN
ecdaa_member
View File

Binary file not shown.

BIN
ecdaa_verifier
View File

Binary file not shown.

27
issuer.c
View File

@ -26,6 +26,16 @@ int issuer_joinproceed(char *buffer);
int issuer_publish(char *buffer); int issuer_publish(char *buffer);
int main() { int main() {
issuer.state = ON;
if(ON == issuer.state) {
if (0 == issuer_setup()) {
issuer.state = READY;
} else {
printf("issuer setup failed\n");
return 1;
}
}
if (2 != server_start(&process_issuer, ISSUERPORT)) { if (2 != server_start(&process_issuer, ISSUERPORT)) {
printf("server failed\n"); printf("server failed\n");
} }
@ -35,15 +45,6 @@ int main() {
int process_issuer(char *buffer) { int process_issuer(char *buffer) {
int ret = 0; int ret = 0;
if(ON == issuer.state) {
if( (0 == issuer_setup()) {
issuer.state = READY;
} else {
printf("issuer setup failed\n");
return 2;
}
}
printf("> ISSUER: %s\n", buffer); printf("> ISSUER: %s\n", buffer);
if (0 == strncasecmp("OK", buffer, 2)) { if (0 == strncasecmp("OK", buffer, 2)) {
@ -71,7 +72,7 @@ int process_issuer(char *buffer) {
switch (issuer.state) { switch (issuer.state) {
case READY: case READY:
printf("generate new issuer identity\n"); printf("generate new issuer identity\n");
if( (0 == issuer_setup(buffer)) { if (0 == issuer_setup(buffer)) {
issuer.state = READY; issuer.state = READY;
} else { } else {
printf("issuer setup failed\n"); printf("issuer setup failed\n");
@ -203,8 +204,8 @@ int issuer_reset(char *buffer) {
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
return -1; return -1;
} }
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &ipk) || if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &issuer.ipk) ||
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &isk)) { 0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &issuer.isk)) {
printf("issuer_reset: Error saving key-pair to disk\n"); printf("issuer_reset: Error saving key-pair to disk\n");
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
return -1; return -1;
@ -218,7 +219,7 @@ int issuer_reset(char *buffer) {
int issuer_setup() { int issuer_setup() {
printf("setup()\n"); printf("setup()\n");
if (0 == ecdaa_issuer_public_key_FP256BN_deserialize_file(&issuer.ipk, issuer_public_key_file)) { if (0 == ecdaa_issuer_public_key_FP256BN_deserialize_file(&issuer.ipk, issuer_public_key_file)) {
if (0 == ecdaa_issuer_secret_key_FP256BN_deserialize_file(&issuer.isk, issuer_secret_key_file) { if (0 == ecdaa_issuer_secret_key_FP256BN_deserialize_file(&issuer.isk, issuer_secret_key_file)) {
printf("issuer_setup: loaded keys from disk\n"); printf("issuer_setup: loaded keys from disk\n");
return 0; return 0;
} }

2
member-tpm.c
View File

@ -44,7 +44,7 @@ int main() {
int init_tpm() { int init_tpm() {
TSS2_TCTI_CONTEXT *tctiContext = NULL; TSS2_TCTI_CONTEXT *tctiContext = NULL;
TPML_HANDLE handle = 0; TPM2_HANDLE handle = 0;
const char* passwd = "1234"; const char* passwd = "1234";
uint16_t passwdlen = strlen(passwd); uint16_t passwdlen = strlen(passwd);
TSS2_RC retval = 0; TSS2_RC retval = 0;

201
member.c
View File

@ -26,12 +26,10 @@ uint8_t msg[MAX_MSGSIZE];
size_t msg_len; size_t msg_len;
int member_join(char *buffer); int member_join(char *buffer);
int member_attest(char *buffer); int member_verifymsg(char *buffer);
int member_publish(char *buffer); int member_publish(char *buffer);
/* int member_getpublic(char *buffer); */
int member_joinappend(char *buffer); int member_joinappend(char *buffer);
int member_joinfinish(char *buffer); int member_joinfinish(char *buffer);
@ -40,8 +38,10 @@ int main(int argc, char **argv) {
char buffer[MAX_BUFSIZE]; char buffer[MAX_BUFSIZE];
char *remote_ip = argv[2]; char *remote_ip = argv[2];
int ret = 0; int ret = 0;
// strncpy(member.bsn, "mybasename", 10);
// member.bsn_len = strlen(member.bsn);
switch(argc) { switch(argc) {
case 2: case 3:
if( 0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) { if( 0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) {
member.state = ON; member.state = ON;
ret = client_connect(&member_join, remote_ip, ISSUERPORT); ret = client_connect(&member_join, remote_ip, ISSUERPORT);
@ -51,106 +51,43 @@ int main(int argc, char **argv) {
} else { } else {
printf("Join process was successful\n"); printf("Join process was successful\n");
} }
} } else {
printf("2 arguments but not join\n");
}
break; break;
case 3: case 4:
if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
char *msgfile = argv[3]; msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, argv[3]);
FILE *fileptr = fopen(msgfile, "rb"); if (msg_len < 0) {
if (0 == fileptr) { printf("Could not open message file %s\n", argv[3]);
printf("Could not open message file %s\n", msgfile);
return 1;
}
size_t bytes_read = fread(msg, 1, MAX_MSGSIZE, fileptr);
if (bytes_to_read != bytes_read && !feof(file_ptr)) {
printf("Error reading message file");
fclose(fileptr);
return 1; return 1;
} }
if (0 != fclose(fileptr)) { if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) ||
printf("Error closing message file"); 0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) ||
return 1; 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
}
if (0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) ||
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file) ||
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
printf("Could not import key files. importing from %s, %s or %s was not successful\n", member_secret_key_file, member_public_key_file, member_credential_file); printf("Could not import key files. importing from %s, %s, %s or %s was not successful\n",
member_nonce_file, member_secret_key_file, member_public_key_file, member_credential_file);
return 1; return 1;
} }
member.state = JOINED member.state = JOINED;
ret = client_connect(&member_attest, remote_ip, VERIFIERPORT); ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
if (0 >= ret || JOINED != member.state) { if (0 >= ret || JOINED != member.state) {
printf("connection to verifier failed\n"); printf("connection to verifier failed\n");
} }
} } else {
printf("3 arguments but not send\n");
}
break; break;
default: default:
printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]); printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]);
printf("Send a signed message to the verifier: %s --send <verifier's IPv4> <msgfile>\n", argv[0]); printf("Send a signed message to the verifier: %s --send <verifier's IPv4> <msgfile>\n", argv[0]);
printf("Before sending a DAA-signed message, the member must join a DAA group\n", argv[0]); printf("Before sending a DAA-signed message, the member must join a DAA group\n");
break; break;
}
return 0; return 0;
} }
/* int process_member(char *buffer) { */
/* int ret = 0; */
/* char remote_ip[16]; */
/* bzero(member.bsn, MAX_BSNSIZE); */
/* strncpy((char *) member.bsn, "Biometric Sensor", 16); */
/* member.bsn_len = 16; */
/* printf("> MEMBER: %s\n", buffer); */
/* if (member.state == JOINED && 0 == strncasecmp("ATTEST", buffer, 6)) { */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "ATTEST ", 7); */
/* member_attest(buffer); */
/* } else if (member.state == ON && 0 == strncasecmp("GETPUBLIC", buffer, 9)) { */
/* strncpy(remote_ip, buffer[10], 15); */
/* ret = client_connect(&member_getpublic, remote_ip, ISSUERPORT); */
/* if (0 >= ret || RCVPUBLIC != member.state) { */
/* printf("process_member: issuer connection failed\n"); */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "ERR\n", 4); */
/* } else { */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "OK\n", 3); */
/* } */
/* ret = 0; */
/* } else if (0 == strncasecmp("PUBLISH", buffer, 7)) { */
/* bzero(buffer, MAX_BUFSIZE); */
/* member_publish(buffer); */
/* } else if (member.state == RCVPUBLIC && 0 == strncasecmp("JOIN", buffer, 4)) { */
/* member.state = JOIN; */
/* ret = client_connect(&member_join, ISSUERIP, ISSUERPORT); */
/* if (0 >= ret || JOINED != member.state) { */
/* printf("process_member: issuer connection failed\n"); */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "ERR\n", 4); */
/* } else { */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "OK\n", 3); */
/* } */
/* ret = 0; */
/* } else if (0 == strncasecmp("EXIT", buffer, 4)) { */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "OK\n", 3); */
/* ret = 1; */
/* } else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) { */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "OK\n", 3); */
/* ret = 2; */
/* } else { */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "ERR\n", 4); */
/* ret = 0; */
/* } */
/* printf("< MEMBER: %s\n", buffer); */
/* return ret; */
/* } */
int member_join(char *buffer) { int member_join(char *buffer) {
int ret = 0; int ret = 0;
@ -174,7 +111,10 @@ int member_join(char *buffer) {
printf("member_getpublic: signature of issuer public key is invalid\n"); printf("member_getpublic: signature of issuer public key is invalid\n");
ret = -1; ret = -1;
} else { } else {
member.state = JOIN; bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "JOIN\n", 5);
member.state = APPEND;
ret = 0;
} }
} else { } else {
printf("member_getpublic: did not get public key from issuer\n"); printf("member_getpublic: did not get public key from issuer\n");
@ -182,11 +122,6 @@ int member_join(char *buffer) {
ret = -1; ret = -1;
} }
break; break;
case JOIN:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "JOIN\n", 5);
member.state = APPEND;
break;
case APPEND: case APPEND:
if (0 == strncasecmp("JOINSTART", buffer, 9)) { if (0 == strncasecmp("JOINSTART", buffer, 9)) {
printf("ISSUER > MEMBER: %s", buffer); printf("ISSUER > MEMBER: %s", buffer);
@ -219,68 +154,28 @@ int member_join(char *buffer) {
return ret; return ret;
} }
/* int member_getpublic(char *buffer) { */ //"VERIFYMSG" > "VERIFYMSG <attestval>"
/* int ret = 0; */ int member_verifymsg(char *buffer) {
/* switch (member.state) { */
/* case ON: */
/* bzero(buffer, MAX_BUFSIZE); */
/* strncpy(buffer, "PUBLISH\n", 8); */
/* member.state = ISSUERPUB; */
/* break; */
/* case ISSUERPUB: */
/* if (0 == strncasecmp("PUBLISH", buffer, 7)) { */
/* printf("ISSUER > MEMBER: %s", buffer); */
/* uint8_t binbuf[MAX_BUFSIZE]; */
/* char *current = &buffer[8]; */
/* ecdaa_hextobin(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH); */
/* ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf); */
/* if (-1 == ret) { */
/* printf("member_getpublic: issuer public key is malformed!\n"); */
/* ret = -1; */
/* } else if (-2 == ret) { */
/* printf("member_getpublic: signature of issuer public key is invalid\n"); */
/* ret = -1; */
/* } else { */
/* member.state = RCVPUBLIC; */
/* ret = 1; */
/* } */
/* } else { */
/* printf("member_getpublic: did not get public key from issuer\n"); */
/* member.state = ON; */
/* ret = -1; */
/* } */
/* break; */
/* default: */
/* printf("member_getpublic: did not get public key from issuer\n"); */
/* member.state = ON; */
/* ret = -1; */
/* break; */
/* } */
/* if (0 == ret) { */
/* printf("ISSUER < MEMBER: %s", buffer); */
/* } */
/* return ret; */
/* } */
//"ATTEST" > "ATTEST <attestval>"
int member_attest(char *buffer) {
char *current = buffer; char *current = buffer;
uint8_t binbuf[MAX_BUFSIZE]; uint8_t binbuf[MAX_BUFSIZE];
/* uint8_t msg[MAX_MSGSIZE] = "I am the real host"; */ uint8_t has_nym = member.bsn_len > 0 ? 1 : 0;
/* size_t msg_len = strlen((char*)msg); */
uint8_t has_nym = member.bsn_len != 0 ? 1 : 0;
struct ecdaa_signature_FP256BN sig; struct ecdaa_signature_FP256BN sig;
size_t sig_len = has_nym ? ECDAA_SIGNATURE_FP256BN_WITH_NYM_LENGTH : ECDAA_SIGNATURE_FP256BN_LENGTH; size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length();
if (0 == strncasecmp("OK", buffer, 2)) {
return 1;
} else if (0 == strncasecmp("ERR", buffer, 3)) {
printf("member_verifymsg: Verifier refused signature\n");
return 1;
}
ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand); ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand);
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
bzero(binbuf, MAX_BUFSIZE); bzero(binbuf, MAX_BUFSIZE);
strncpy(current, "ATTEST ", 7); strncpy(current, "VERIFYMSG ", 10);
current = &current[7]; current = &current[10];
strncpy(current, (char*) msg, MAX_MSGSIZE); strncpy(current, (char*) msg, msg_len);
current[MAX_MSGSIZE] = has_nym == 1 ? '1' : '0'; current[MAX_MSGSIZE] = has_nym == 1 ? '1' : '0';
current = &current[MAX_MSGSIZE + 1]; current = &current[MAX_MSGSIZE + 1];
if(has_nym) { if(has_nym) {
@ -290,9 +185,10 @@ int member_attest(char *buffer) {
ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym); ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
ecdaa_bintohex(binbuf, sig_len, current); ecdaa_bintohex(binbuf, sig_len, current);
printf("member_attest: msg: %s, len: %lu\n",msg, msg_len); printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
printf("member_attest: bsn: %s, len: %lu\n",(char *)member.bsn, strlen((char *)member.bsn)); printf("member_verifymsg: msg: %s, len: %lu\n",msg, msg_len);
printf("member_attest: sig: %s\n",current); printf("member_verifymsg: bsn: %s, len: %lu\n",(char *)member.bsn, strlen((char *)member.bsn));
printf("member_verifymsg: sig: %s\n",current);
current[2 * sig_len] = '\n'; current[2 * sig_len] = '\n';
return 0; return 0;
} }
@ -320,7 +216,7 @@ int member_joinappend(char *buffer) {
char *current = &buffer[10]; char *current = &buffer[10];
uint8_t binbuf[MAX_BUFSIZE]; uint8_t binbuf[MAX_BUFSIZE];
ecdaa_hextobin(current, member.nonce, NONCE_SIZE); ecdaa_hextobin(current, member.nonce, NONCE_SIZE);
ecdaa_write_buffer_to_file(member_nonce_file, member.nonce, NONCE_SIZE);
// if (0 != ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, member.nonce, NONCE_SIZE)) { // if (0 != ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, member.nonce, NONCE_SIZE)) {
if (0 != ecdaa_member_key_pair_FP256BN_generate(&member.mpk, &member.msk, member.nonce, NONCE_SIZE, ecdaa_rand)) { if (0 != ecdaa_member_key_pair_FP256BN_generate(&member.mpk, &member.msk, member.nonce, NONCE_SIZE, ecdaa_rand)) {
fprintf(stderr, "Error generating member key-pair\n"); fprintf(stderr, "Error generating member key-pair\n");
@ -354,10 +250,10 @@ int member_joinfinish(char *buffer) {
printf("member_joinfinish: credential is malformed!\n"); printf("member_joinfinish: credential is malformed!\n");
ret = -1; ret = -1;
} else if(-2 == ret) { } else if(-2 == ret) {
printf("member_joinfinish: siganture of credential is invalid"); printf("member_joinfinish: siganture of credential is invalid\n");
ret = -1; ret = -1;
} }
printf("member_joinfinish: writing key-pair and credential to disk"); printf("member_joinfinish: writing key-pair and credential to disk\n");
if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) || if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) ||
0 != ecdaa_member_secret_key_FP256BN_serialize_file(member_secret_key_file, &member.msk) || 0 != ecdaa_member_secret_key_FP256BN_serialize_file(member_secret_key_file, &member.msk) ||
0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) { 0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) {
@ -367,3 +263,4 @@ int member_joinfinish(char *buffer) {
return ret; return ret;
} }

1
member.h
View File

@ -15,5 +15,6 @@
const char* member_public_key_file = "mpk.bin"; const char* member_public_key_file = "mpk.bin";
const char* member_secret_key_file = "msk.bin"; const char* member_secret_key_file = "msk.bin";
const char* member_credential_file = "mcred.bin"; const char* member_credential_file = "mcred.bin";
const char* member_nonce_file = "mnonce.bin";
#endif //ECDAA_ISSUER_ISSUER_H #endif //ECDAA_ISSUER_ISSUER_H

38
verifier.c
View File

@ -44,7 +44,7 @@ int process_verifier(char *buffer) {
if (0 == strncasecmp("VERIFYMSG", buffer, 9)) { if (0 == strncasecmp("VERIFYMSG", buffer, 9)) {
switch (verifier.state) { switch (verifier.state) {
case GOTISSUER: case GOTISSUER:
ret = verifier_checkattest(buffer[10]); ret = verifier_checkattest(&buffer[10]);
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
if (-1 == ret) { if (-1 == ret) {
printf("verifier_attestmember: member public key is malformed!\n"); printf("verifier_attestmember: member public key is malformed!\n");
@ -60,8 +60,9 @@ int process_verifier(char *buffer) {
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
} }
ret = 0;
} else if (0 == strncasecmp("ATTEST", buffer, 6)) { } else if (0 == strncasecmp("ATTEST", buffer, 6)) {
strncpy(remote_ip, buffer[7], 15); strncpy(remote_ip, &buffer[7], 15);
ret = client_connect(&verifier_attestmember, remote_ip, MEMBERPORT); ret = client_connect(&verifier_attestmember, remote_ip, MEMBERPORT);
if (0 >= ret) { if (0 >= ret) {
printf("process_verifier: member verification failed\n"); printf("process_verifier: member verification failed\n");
@ -77,16 +78,23 @@ int process_verifier(char *buffer) {
verifier_checklink(buffer); verifier_checklink(buffer);
} else if (0 == strncasecmp("GETPUBLIC", buffer, 9)) { } else if (0 == strncasecmp("GETPUBLIC", buffer, 9)) {
verifier.state = ON; verifier.state = ON;
strncpy(remote_ip, buffer[10], 15); int iplen = strlen(&buffer[10]);
ret = client_connect(&verifier_getissuer, remote_ip, ISSUERPORT); if (iplen >= 7 && iplen <= 15) {
if (0 >= ret || GOTISSUER != verifier.state) { strncpy(remote_ip, &buffer[10], 15);
printf("process_verifier: issuer connection failed\n"); ret = client_connect(&verifier_getissuer, remote_ip, ISSUERPORT);
if (0 >= ret || GOTISSUER != verifier.state) {
printf("process_verifier: issuer connection failed\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
} else {
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
}
} else {
printf("process_verifier: no valid ip\n");
bzero(buffer, MAX_BUFSIZE); bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4); strncpy(buffer, "ERR\n", 4);
} else { }
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
}
ret = 0; ret = 0;
} else if (0 == strncasecmp("EXIT", buffer, 4)) { } else if (0 == strncasecmp("EXIT", buffer, 4)) {
printf("exit()\n"); printf("exit()\n");
@ -163,12 +171,12 @@ int verifier_attestmember(char *buffer) {
case ASKATTEST: case ASKATTEST:
if (0 == strncasecmp("ATTEST", buffer, 6)) { if (0 == strncasecmp("ATTEST", buffer, 6)) {
printf("MEMBER > VERIFIER: %s", buffer); printf("MEMBER > VERIFIER: %s", buffer);
ret = verifier_checkattest(buffer[7]); ret = verifier_checkattest(&buffer[7]);
if (-1 == ret) { if (-1 == ret) {
printf("verifier_attestmember: member public key is malformed!\n"); printf("verifier_attestmember: group public key is malformed!\n");
ret = -1; ret = -1;
} else if (-2 == ret) { } else if (-2 == ret) {
printf("verifier_attestmember: signature of member public key is invalid\n"); printf("verifier_attestmember: signature of group public key is invalid\n");
ret = -1; ret = -1;
} else { } else {
verifier.state = GOTISSUER; verifier.state = GOTISSUER;
@ -191,7 +199,7 @@ int verifier_attestmember(char *buffer) {
//"ATTEST <msg>0<signature w/o bsn>" or //"ATTEST <msg>0<signature w/o bsn>" or
//"ATTEST <msg>1<signature with bsn>" //"ATTEST <msg>1<signature with bsn>"
int verifier_checkattest(char *buffer) { int verifier_checkattest(char *buffer) {
char *current = &buffer; char *current = buffer;
char msg[MAX_MSGSIZE]; char msg[MAX_MSGSIZE];
strncpy(msg, current, MAX_MSGSIZE); strncpy(msg, current, MAX_MSGSIZE);
@ -229,7 +237,7 @@ int verifier_checkattest(char *buffer) {
ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) msg, msg_len, ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) msg, msg_len,
(uint8_t *) bsn, bsn_len); (uint8_t *) bsn, bsn_len);
if (0 != ret) { if (0 != ret) {
printf("verifier_checkattest: signature not valid\n"); printf("verifier_checkattest: signature not valid, ret = %i\n", ret);
return -1; return -1;
} }

Write Preview
Loading…
Cancel
Save