#include "verifier.h" typedef enum verifierstate { ON, ASKISSUER, GOTISSUER, ASKATTEST, } verifierstate_e; typedef struct verifier { struct ecdaa_issuer_public_key_FP256BN ipk; // struct ecdaa_member_public_key_FP256BN mpk; struct ecdaa_revocations_FP256BN revocations; verifierstate_e state; } verifier_t; verifier_t verifier; int verifier_getissuer(char *buffer); //int verifier_getmember(char *buffer); int verifier_attestmember(char *buffer); int verifier_checklink(char *buffer); int verifier_checkattest(char *buffer); int main() { verifier.revocations.sk_list = NULL; verifier.revocations.bsn_list = NULL; if (2 != server_start(&process_verifier, VERIFIERPORT)) { printf("server failed\n"); } return 0; } int process_verifier(char *buffer) { int ret = 0; printf("> VERIFIER: %s\n", buffer); if (0 == strncasecmp("VERIFY", buffer, 6)) { switch (verifier.state) { case GOTISSUER: bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "OK\n", 3); break; default: bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "ERR\n", 4); } } else if (0 == strncasecmp("ATTEST", buffer, 4)) { ret = client_connect(&verifier_attestmember, MEMBERIP, MEMBERPORT); if (0 >= ret) { printf("process_verifier: member verification failed\n"); bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "ERR\n", 4); } else { bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "OK\n", 3); } ret = 0; } else if (0 == strncasecmp("LINK", buffer, 4)) { bzero(buffer, MAX_BUFSIZE); verifier_checklink(buffer); } else if (0 == strncasecmp("GETPUBLIC", buffer, 9)) { verifier.state = ON; ret = client_connect(&verifier_getissuer, ISSUERIP, ISSUERPORT); if (0 >= ret || GOTISSUER != verifier.state) { printf("process_verifier: issuer connection failed\n"); bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "ERR\n", 4); } else { bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "OK\n", 3); } ret = 0; } else if (0 == strncasecmp("EXIT", buffer, 4)) { printf("exit()\n"); bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "OK\n", 3); ret = 1; } else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) { bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "OK\n", 3); ret = 2; } else { printf("error()\n"); bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "ERR\n", 4); ret = 0; } printf("< VERIFIER: %s\n", buffer); return ret; } int verifier_getissuer(char *buffer) { int ret = 0; switch (verifier.state) { case ON: bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "PUBLISH\n", 8); verifier.state = ASKISSUER; break; case ASKISSUER: if (0 == strncasecmp("PUBLISH", buffer, 7)) { printf("ISSUER > VERIFIER: %s", buffer); uint8_t binbuf[MAX_BUFSIZE]; char *current = &buffer[8]; ecdaa_hextobin(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH); ret = ecdaa_issuer_public_key_FP256BN_deserialize(&verifier.ipk, binbuf); if (-1 == ret) { printf("verifier_getpublic: member public key is malformed!\n"); ret = -1; } else if (-2 == ret) { printf("verifier_getpublic: signature of member public key is invalid\n"); ret = -1; } else { verifier.state = GOTISSUER; ret = 1; } } else { printf("verifier_getpublic: did not get public key from issuer\n"); verifier.state = ON; ret = -1; } break; default: ret = -1; } if (0 == ret) { printf("ISSUER < VERIFIER: %s", buffer); } return ret; } //"ATTEST" > "OK" int verifier_attestmember(char *buffer) { int ret = 0; switch (verifier.state) { case GOTISSUER: bzero(buffer, MAX_BUFSIZE); strncpy(buffer, "ATTEST\n", 7); verifier.state = ASKATTEST; break; case ASKATTEST: if (0 == strncasecmp("ATTEST", buffer, 6)) { printf("MEMBER > VERIFIER: %s", buffer); ret = verifier_checkattest(buffer); if (-1 == ret) { printf("verifier_attestmember: member public key is malformed!\n"); ret = -1; } else if (-2 == ret) { printf("verifier_attestmember: signature of member public key is invalid\n"); ret = -1; } else { verifier.state = GOTISSUER; ret = 1; } } else { printf("verifier_attestmember: did not get correct message from member\n"); ret = -1; } break; default: ret = -1; } if (0 == ret) { printf("MEMBER < VERIFIER: %s", buffer); } return ret; } //"ATTEST 0" or //"ATTEST 1" int verifier_checkattest(char *buffer) { char *current = &buffer[7]; //"ATTEST " char msg[MAX_MSGSIZE]; strncpy(msg, buffer, MAX_MSGSIZE); size_t msg_len = strlen(msg); current = ¤t[MAX_MSGSIZE]; int has_nym = current[0] - '0'; current = ¤t[1]; char bsn[MAX_BSNSIZE]; bzero(bsn, MAX_BSNSIZE); size_t bsn_len = 0; uint8_t binbuf[MAX_BUFSIZE]; bzero(binbuf, MAX_BUFSIZE); if (has_nym) { strncpy(bsn, current, MAX_BSNSIZE); bsn_len = strlen(bsn); current = ¤t[MAX_BSNSIZE]; } int sig_len = has_nym ? ECDAA_SIGNATURE_FP256BN_WITH_NYM_LENGTH : ECDAA_SIGNATURE_FP256BN_LENGTH; ecdaa_hextobin(current, binbuf, sig_len); struct ecdaa_signature_FP256BN sig; int ret = ecdaa_signature_FP256BN_deserialize(&sig, binbuf, has_nym); if (0 != ret) { printf("verifier_checkattest: error reading signature"); return -1; } ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) msg, msg_len, (uint8_t *) bsn, bsn_len); if (0 == ret) { printf("verifier_checkattest: signature not valid"); return -1; } return 0; } //"LINK" > "NOT IMPLEMENTED" int verifier_checklink(char *buffer) { strncat(buffer, "NOT_IMPLEMENTED\n", 17); return 0; }