#include "member.h" typedef enum memberstate { ON, ISSUERPUB, RCVPUBLIC, JOIN, APPEND, JOINPROCEED, JOINED, } memberstate_e; typedef struct member { struct ecdaa_member_public_key_FP256BN mpk; struct ecdaa_member_secret_key_FP256BN msk; memberstate_e state; uint8_t nonce[NONCE_SIZE]; struct ecdaa_credential_FP256BN cred; struct ecdaa_issuer_public_key_FP256BN ipk; uint8_t bsn[MAX_BSNSIZE]; size_t bsn_len; } member_t; member_t member; uint8_t msg[MAX_MSGSIZE]; size_t msg_len; int member_join(char *buffer); int member_attest(char *buffer); int member_publish(char *buffer); /* int member_getpublic(char *buffer); */ int member_joinappend(char *buffer); int member_joinfinish(char *buffer); int main(int argc, char **argv) { char buffer[MAX_BUFSIZE]; char *remote_ip = argv[2]; int ret = 0; switch(argc) { case 2: if( 0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) { member.state = ON; ret = client_connect(&member_join, remote_ip, ISSUERPORT); if (0 >= ret || JOINED != member.state) { printf("Join process failed!\n"); return 1; } else { printf("Join process was successful\n"); } } break; case 3: if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) { char *msgfile = argv[3]; FILE *fileptr = fopen(msgfile, "rb"); if (0 == fileptr) { printf("Could not open message file %s\n", msgfile); return 1; } size_t bytes_read = fread(msg, 1, MAX_MSGSIZE, fileptr); if (bytes_to_read != bytes_read && !feof(file_ptr)) { printf("Error reading message file"); fclose(fileptr); return 1; } if (0 != fclose(fileptr)) { printf("Error closing message file"); return 1; } if (0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) || 0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file) || 0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) { printf("Could not import key files. importing from %s, %s or %s was not successful\n", member_secret_key_file, member_public_key_file, member_credential_file); return 1; } member.state = JOINED ret = client_connect(&member_attest, remote_ip, VERIFIERPORT); if (0 >= ret || JOINED != member.state) { printf("connection to verifier failed\n"); } } break; default: printf("Usage: \n Join an issuer's group: %s --join \n", argv[0]); printf("Send a signed message to the verifier: %s --send \n", argv[0]); printf("Before sending a DAA-signed message, the member must join a DAA group\n", argv[0]); break; return 0; } /* int process_member(char *buffer) { */ /* int ret = 0; */ /* char remote_ip[16]; */ /* bzero(member.bsn, MAX_BSNSIZE); */ /* strncpy((char *) member.bsn, "Biometric Sensor", 16); */ /* member.bsn_len = 16; */ /* printf("> MEMBER: %s\n", buffer); */ /* if (member.state == JOINED && 0 == strncasecmp("ATTEST", buffer, 6)) { */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "ATTEST ", 7); */ /* member_attest(buffer); */ /* } else if (member.state == ON && 0 == strncasecmp("GETPUBLIC", buffer, 9)) { */ /* strncpy(remote_ip, buffer[10], 15); */ /* ret = client_connect(&member_getpublic, remote_ip, ISSUERPORT); */ /* if (0 >= ret || RCVPUBLIC != member.state) { */ /* printf("process_member: issuer connection failed\n"); */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "ERR\n", 4); */ /* } else { */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "OK\n", 3); */ /* } */ /* ret = 0; */ /* } else if (0 == strncasecmp("PUBLISH", buffer, 7)) { */ /* bzero(buffer, MAX_BUFSIZE); */ /* member_publish(buffer); */ /* } else if (member.state == RCVPUBLIC && 0 == strncasecmp("JOIN", buffer, 4)) { */ /* member.state = JOIN; */ /* ret = client_connect(&member_join, ISSUERIP, ISSUERPORT); */ /* if (0 >= ret || JOINED != member.state) { */ /* printf("process_member: issuer connection failed\n"); */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "ERR\n", 4); */ /* } else { */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "OK\n", 3); */ /* } */ /* ret = 0; */ /* } else if (0 == strncasecmp("EXIT", buffer, 4)) { */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "OK\n", 3); */ /* ret = 1; */ /* } else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) { */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "OK\n", 3); */ /* ret = 2; */ /* } else { */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "ERR\n", 4); */ /* ret = 0; */ /* } */ /* printf("< MEMBER: %s\n", buffer); */ /* return ret; */ /* } */ int member_join(char *buffer) { int ret = 0; switch (member.state) { case ON: bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "PUBLISH\n", 8); member.state = ISSUERPUB; break; case ISSUERPUB: if (0 == strncasecmp("PUBLISH", buffer, 7)) { printf("ISSUER > MEMBER: %s", buffer); uint8_t binbuf[MAX_BUFSIZE]; char *current = &buffer[8]; ecdaa_hextobin(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH); ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf); if (-1 == ret) { printf("member_getpublic: issuer public key is malformed!\n"); ret = -1; } else if (-2 == ret) { printf("member_getpublic: signature of issuer public key is invalid\n"); ret = -1; } else { member.state = JOIN; } } else { printf("member_getpublic: did not get public key from issuer\n"); member.state = ON; ret = -1; } break; case JOIN: bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "JOIN\n", 5); member.state = APPEND; break; case APPEND: if (0 == strncasecmp("JOINSTART", buffer, 9)) { printf("ISSUER > MEMBER: %s", buffer); member_joinappend(buffer); member.state = JOINPROCEED; } else { printf("member_join: did not get nonce from issuer\n"); member.state = RCVPUBLIC; ret = -1; } break; case JOINPROCEED: if (0 == strncasecmp("JOINPROCEED", buffer, 11)) { printf("ISSUER > MEMBER: %s", buffer); member_joinfinish(buffer); member.state = JOINED; ret = 1; } else { printf("member_getpublic: did not get credentials from issuer\n"); member.state = RCVPUBLIC; ret = -1; } break; default: ret = -1; } if (0 == ret) { printf("ISSUER < MEMBER: %s", buffer); } return ret; } /* int member_getpublic(char *buffer) { */ /* int ret = 0; */ /* switch (member.state) { */ /* case ON: */ /* bzero(buffer, MAX_BUFSIZE); */ /* strncpy(buffer, "PUBLISH\n", 8); */ /* member.state = ISSUERPUB; */ /* break; */ /* case ISSUERPUB: */ /* if (0 == strncasecmp("PUBLISH", buffer, 7)) { */ /* printf("ISSUER > MEMBER: %s", buffer); */ /* uint8_t binbuf[MAX_BUFSIZE]; */ /* char *current = &buffer[8]; */ /* ecdaa_hextobin(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH); */ /* ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf); */ /* if (-1 == ret) { */ /* printf("member_getpublic: issuer public key is malformed!\n"); */ /* ret = -1; */ /* } else if (-2 == ret) { */ /* printf("member_getpublic: signature of issuer public key is invalid\n"); */ /* ret = -1; */ /* } else { */ /* member.state = RCVPUBLIC; */ /* ret = 1; */ /* } */ /* } else { */ /* printf("member_getpublic: did not get public key from issuer\n"); */ /* member.state = ON; */ /* ret = -1; */ /* } */ /* break; */ /* default: */ /* printf("member_getpublic: did not get public key from issuer\n"); */ /* member.state = ON; */ /* ret = -1; */ /* break; */ /* } */ /* if (0 == ret) { */ /* printf("ISSUER < MEMBER: %s", buffer); */ /* } */ /* return ret; */ /* } */ //"ATTEST" > "ATTEST " int member_attest(char *buffer) { char *current = buffer; uint8_t binbuf[MAX_BUFSIZE]; /* uint8_t msg[MAX_MSGSIZE] = "I am the real host"; */ /* size_t msg_len = strlen((char*)msg); */ uint8_t has_nym = member.bsn_len != 0 ? 1 : 0; struct ecdaa_signature_FP256BN sig; size_t sig_len = has_nym ? ECDAA_SIGNATURE_FP256BN_WITH_NYM_LENGTH : ECDAA_SIGNATURE_FP256BN_LENGTH; ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand); bzero(buffer, MAX_BUFSIZE); bzero(binbuf, MAX_BUFSIZE); strncpy(current, "ATTEST ", 7); current = ¤t[7]; strncpy(current, (char*) msg, MAX_MSGSIZE); current[MAX_MSGSIZE] = has_nym == 1 ? '1' : '0'; current = ¤t[MAX_MSGSIZE + 1]; if(has_nym) { strncpy(current, (char *)member.bsn, MAX_BSNSIZE); current = ¤t[MAX_BSNSIZE]; } ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym); ecdaa_bintohex(binbuf, sig_len, current); printf("member_attest: msg: %s, len: %lu\n",msg, msg_len); printf("member_attest: bsn: %s, len: %lu\n",(char *)member.bsn, strlen((char *)member.bsn)); printf("member_attest: sig: %s\n",current); current[2 * sig_len] = '\n'; return 0; } //"PUBLISH" > "PUBLISH " int member_publish(char *buffer) { char *current; uint8_t binbuf[MAX_BUFSIZE]; bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "PUBLISH ", 8); current = &buffer[8]; bzero(binbuf, MAX_BUFSIZE); ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk); ecdaa_bintohex(binbuf, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH, current); current[2 * ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH] = '\n'; return 0; } //"JOINSTART " > "APPEND " int member_joinappend(char *buffer) { char *current = &buffer[10]; uint8_t binbuf[MAX_BUFSIZE]; ecdaa_hextobin(current, member.nonce, NONCE_SIZE); // if (0 != ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, member.nonce, NONCE_SIZE)) { if (0 != ecdaa_member_key_pair_FP256BN_generate(&member.mpk, &member.msk, member.nonce, NONCE_SIZE, ecdaa_rand)) { fprintf(stderr, "Error generating member key-pair\n"); return -1; } bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "APPEND ", 7); current = &buffer[7]; bzero(binbuf, MAX_BUFSIZE); ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk); ecdaa_bintohex(binbuf, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH, current); current[2 * ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH] = '\n'; return 0; } //"JOINPROCEED " > "" int member_joinfinish(char *buffer) { char *current = &buffer[12]; uint8_t *bincur; uint8_t binbuf[MAX_BUFSIZE]; int ret = 0; bzero(binbuf, MAX_BUFSIZE); ecdaa_hextobin(current, binbuf, ECDAA_CREDENTIAL_FP256BN_LENGTH); current = &buffer[12 + 2 * ECDAA_CREDENTIAL_FP256BN_LENGTH + 1]; bincur = &binbuf[ECDAA_CREDENTIAL_FP256BN_LENGTH]; ecdaa_hextobin(current, bincur, ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH); ret = ecdaa_credential_FP256BN_deserialize_with_signature(&member.cred, &member.mpk, &member.ipk.gpk, binbuf, bincur); if(-1 == ret) { printf("member_joinfinish: credential is malformed!\n"); ret = -1; } else if(-2 == ret) { printf("member_joinfinish: siganture of credential is invalid"); ret = -1; } printf("member_joinfinish: writing key-pair and credential to disk"); if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) || 0 != ecdaa_member_secret_key_FP256BN_serialize_file(member_secret_key_file, &member.msk) || 0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) { printf("issuer_setup: Error saving key-pair or credential to disk\n"); return -1; } return ret; }