/*
** Copyright (C) 2020 Johannes Kepler University Linz, Institute of Networks and Security
** Copyright (C) 2020 CDL Digidow
**
** Licensed under the EUPL, Version 1.2 or – as soon they will be approved by
** the European Commission - subsequent versions of the EUPL (the "Licence").
** You may not use this work except in compliance with the Licence.
**
** You should have received a copy of the European Union Public License along
** with this program. If not, you may obtain a copy of the Licence at:
**
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the Licence is distributed on an "AS IS" basis,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the Licence for the specific language governing permissions and
** limitations under the Licence.
**
*/
#include "member-tpm.h"
typedef enum memberstate {
ON,
ISSUERPUB,
RCVPUBLIC,
JOIN,
APPEND,
JOINPROCEED,
JOINED,
} memberstate_e;
typedef struct member {
struct ecdaa_member_public_key_FP256BN mpk;
memberstate_e state;
uint8_t nonce[NONCE_SIZE];
struct ecdaa_credential_FP256BN cred;
struct ecdaa_issuer_public_key_FP256BN ipk;
uint8_t bsn[MAX_BSNSIZE];
size_t bsn_len;
} member_t;
member_t member;
uint8_t msg[MAX_MSGSIZE];
size_t msg_len;
uint8_t chksum[MAX_CHKSUMSIZE];
size_t chksum_len;
int member_join(char *buffer);
int member_signmsg(char *buffer);
int member_publish(char *buffer);
int member_joinappend(char *buffer);
int member_joinfinish(char *buffer);
int main(int argc, char *argv[]) {
char buffer[MAX_BUFSIZE];
char *remote_ip;
int ret = 0;
strncpy(member.bsn, "mybasename", 10);
member.bsn_len = strlen(member.bsn);
switch(argc) {
case 2:
if(0 == strncasecmp("--createkey", argv[1], 11) || 0 == strncasecmp("-c", argv[1], 2)) {
if (0 != create_key(MEMBER_TPM_KEY_FILE, MEMBER_TPM_HANDLE_FILE)) {
printf("TPM key generation failed.\n");
return 1;
}
printf("TPM key saved to %s and %s.\n",MEMBER_TPM_KEY_FILE, MEMBER_TPM_HANDLE_FILE);
}
break;
case 3:
if(0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) {
member.state = ON;
remote_ip = argv[2];
ret = client_connect(&member_join, remote_ip, ISSUERPORT);
if (0 >= ret || JOINED != member.state) {
printf("Join process failed!\n");
return 1;
} else {
printf("Join process was successful.\n");
}
} else if (0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, MESSAGE_FILE);
if (msg_len < 0) {
printf("Could not open message file %s.\n", MESSAGE_FILE);
return 1;
}
chksum_len = ecdaa_read_from_file(chksum, MAX_CHKSUMSIZE, CHECKSUM_FILE);
if (chksum_len < 0) {
printf("Could not open checksum file %s.\n", CHECKSUM_FILE);
return 1;
}
printf("Loaded message and checksum.\n");
if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, MEMBER_NONCE_FILE) ||
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, MEMBER_PUBLIC_KEY_FILE, member.nonce, NONCE_SIZE) ||
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, MEMBER_CREDENTIAL_FILE)) {
printf("Could not import key files. Importing from either %s, %s or %s was not successful.\n",
MEMBER_NONCE_FILE, MEMBER_PUBLIC_KEY_FILE, MEMBER_CREDENTIAL_FILE);
return 1;
}
member.state = JOINED;
remote_ip = argv[2];
ret = client_connect(&member_signmsg, remote_ip, VERIFIERPORT);
if (2 != ret) {
printf("Error: Message transmission to verifier failed.\n");
}
} else {
printf("Error: Arguments invalid.\n");
}
break;
default:
printf("Usage: Create a TPM key: %s --createkey\n", argv[0]);
printf("Join an issuer's group: %s --join \n", argv[0]);
printf("Send a signed message to the verifier: %s --send \n", argv[0]);
printf("Before sending a DAA-signed message, the member must join a DAA group\n");
printf("%s must not exceed %d Bytes, %s must be smaller than %d Bytes\n", MESSAGE_FILE, MAX_MSGSIZE, CHECKSUM_FILE, MAX_CHKSUMSIZE);
break;
}
return 0;
}
int member_join(char *buffer) {
int ret = 0;
switch (member.state) {
case ON:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "PUBLISH\n", 8);
member.state = ISSUERPUB;
break;
case ISSUERPUB:
if (0 == strncasecmp("PUBLISH", buffer, 7)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
uint8_t binbuf[MAX_BUFSIZE];
char *current = &buffer[8];
ecdaa_decode(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf);
if (-1 == ret) {
printf("member_getpublic: issuer public key is malformed!\n");
ret = -1;
} else if (-2 == ret) {
printf("member_getpublic: signature of issuer public key is invalid.\n");
ret = -1;
} else {
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "JOIN\n", 5);
member.state = APPEND;
ret = 0;
}
} else {
printf("member_getpublic: did not get public key from issuer.\n");
member.state = ON;
ret = -1;
}
break;
case APPEND:
if (0 == strncasecmp("JOINSTART", buffer, 9)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
member_joinappend(buffer);
member.state = JOINPROCEED;
} else {
printf("member_join: did not get nonce from issuer.\n");
member.state = RCVPUBLIC;
ret = -1;
}
break;
case JOINPROCEED:
if (0 == strncasecmp("JOINPROCEED", buffer, 11)) {
#ifdef DEBUG
printf("ISSUER > MEMBER: %s\n", buffer);
#endif
ret = member_joinfinish(buffer);
member.state = JOINED;
} else {
printf("member_getpublic: did not get credentials from issuer.\n");
member.state = RCVPUBLIC;
ret = -1;
}
break;
default:
ret = -1;
}
if (0 == ret) {
#ifdef DEBUG
printf("ISSUER < MEMBER: %s", buffer);
#endif
}
return ret;
}
//"VERIFYMSG 0" or
//"VERIFYMSG 1"
int member_signmsg(char *buffer) {
char *current = buffer;
uint8_t binbuf[MAX_BUFSIZE];
uint8_t has_nym = member.bsn_len > 0 ? 1 : 0;
struct ecdaa_signature_FP256BN sig;
size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length();
struct tpm_context ctx;
int bytes = 0;
if (0 != tpm_initialize(&ctx, MEMBER_TPM_KEY_FILE, MEMBER_TPM_HANDLE_FILE)) {
printf("member_signmsg: Failed to initialize TPM.");
return -1;
}
bzero(buffer, MAX_BUFSIZE);
strncpy(current, "VERIFYMSG ", 10);
current = ¤t[10];
bytes = ecdaa_encode(msg, current, MAX_MSGSIZE);
current = ¤t[bytes];
bytes = ecdaa_encode(chksum, current, MAX_CHKSUMSIZE);
current = ¤t[bytes];
if(has_nym) {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &(ctx.tpm_ctx))) {
printf("member_signmsg: Signing message failed.\n");
}
current[0] = '1';
current = ¤t[1];
bytes = ecdaa_encode(member.bsn, current, MAX_BSNSIZE);
current = ¤t[bytes];
} else {
if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, chksum, chksum_len, NULL, 0, &member.cred, ecdaa_rand, &(ctx.tpm_ctx))) {
printf("member_signmsg: Signing message failed.\n");
}
current[0] = '0';
current = ¤t[1];
}
bzero(binbuf, MAX_BUFSIZE);
ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
bytes = ecdaa_encode(binbuf, current, sig_len);
current[bytes] = '\n';
#ifdef DEBUG
printf("%s",buffer);
printf("member_signmsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
printf("member_signmsg: msg: %s, len: %lu\n", msg, msg_len);
printf("member_signmsg: chksum: %s, len: %lu\n", chksum, chksum_len);
printf("member_signmsg: bsn: %s, len: %lu\n", (char *)member.bsn, strlen((char *)member.bsn));
printf("member_signmsg: sig: %s, len: %lu\n", current, sig_len);
#endif
tpm_cleanup(&ctx);
return 2; //send to verifier before closing
}
//"JOINSTART " > "APPEND "
int member_joinappend(char *buffer) {
char *current = &buffer[10];
uint8_t binbuf[MAX_BUFSIZE];
struct tpm_context ctx;
int ret = 0;
int bytes = ecdaa_decode(current, member.nonce, NONCE_SIZE);
ecdaa_write_buffer_to_file(MEMBER_NONCE_FILE, member.nonce, NONCE_SIZE);
bzero(buffer, MAX_BUFSIZE);
if (0 != tpm_initialize(&ctx, MEMBER_TPM_KEY_FILE, MEMBER_TPM_HANDLE_FILE)) {
printf("member_joinappend: Failed to initialize TPM.\n");
strncpy(buffer, "ABORT\n", 6);
return -1;
}
if (0 != (ret = ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, ctx.serialized_public_key, member.nonce, NONCE_SIZE, &(ctx.tpm_ctx)))) {
fprintf(stderr, "Error generating member key-pair: ret = %d\n", ret);
strncpy(buffer, "ABORT\n", 6);
return -1;
}
strncpy(buffer, "APPEND ", 7);
current = &buffer[7];
bzero(binbuf, MAX_BUFSIZE);
ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk);
bytes = ecdaa_encode(binbuf, current, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH);
current[bytes] = '\n';
tpm_cleanup(&ctx);
return 0;
}
//"JOINPROCEED " > ""
int member_joinfinish(char *buffer) {
char *current = &buffer[12];
uint8_t *bincur;
uint8_t binbuf[MAX_BUFSIZE];
int bytes = 0;
int ret = 0;
bzero(binbuf, MAX_BUFSIZE);
bytes = ecdaa_decode(current, binbuf, ECDAA_CREDENTIAL_FP256BN_LENGTH);
current = ¤t[bytes];
bincur = &binbuf[ECDAA_CREDENTIAL_FP256BN_LENGTH];
ecdaa_decode(current, bincur, ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH);
ret = ecdaa_credential_FP256BN_deserialize_with_signature(&member.cred, &member.mpk, &member.ipk.gpk, binbuf, bincur);
if(-1 == ret) {
printf("member_joinfinish: credential is malformed!\n");
ret = -1;
} else if(-2 == ret) {
printf("member_joinfinish: siganture of credential is invalid.\n");
ret = -1;
}
printf("member_joinfinish: writing public key and credential to disk.\n");
if(0 != ecdaa_member_public_key_FP256BN_serialize_file(MEMBER_PUBLIC_KEY_FILE, &member.mpk) ||
0 != ecdaa_credential_FP256BN_serialize_file(MEMBER_CREDENTIAL_FILE, &member.cred)) {
printf("issuer_setup: Error saving key-pair or credential to disk.\n");
ret = -1;
} else {
ret = 1;
}
return ret;
}