preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Network wrapper protocol as part of the practical master thesis
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 Commits
1 Branch
0 Tags
422 KiB
 
 
Tree: 36ac4abc5f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '36ac4abc5f'
${ noResults }
masterthesis-ecdaa-network-.../verifier.c

231 lines
6.9 KiB
Raw Blame History

#include "verifier.h"
typedef enum verifierstate {
ON,
ASKISSUER,
GOTISSUER,
ASKATTEST,
} verifierstate_e;
typedef struct verifier {
struct ecdaa_issuer_public_key_FP256BN ipk;
// struct ecdaa_member_public_key_FP256BN mpk;
struct ecdaa_revocations_FP256BN revocations;
verifierstate_e state;
} verifier_t;
verifier_t verifier;
int verifier_getissuer(char *buffer);
//int verifier_getmember(char *buffer);
int verifier_attestmember(char *buffer);
int verifier_checklink(char *buffer);
int verifier_checkattest(char *buffer);
int main() {
verifier.revocations.sk_list = NULL;
verifier.revocations.bsn_list = NULL;
if (2 != server_start(&process_verifier, VERIFIERPORT)) {
printf("server failed\n");
}
return 0;
}
int process_verifier(char *buffer) {
int ret = 0;
printf("> VERIFIER: %s\n", buffer);
if (0 == strncasecmp("VERIFY", buffer, 6)) {
switch (verifier.state) {
case GOTISSUER:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
break;
default:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
}
} else if (0 == strncasecmp("ATTEST", buffer, 4)) {
ret = client_connect(&verifier_attestmember, MEMBERIP, MEMBERPORT);
if (0 >= ret) {
printf("process_verifier: member verification failed\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
} else {
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
}
ret = 0;
} else if (0 == strncasecmp("LINK", buffer, 4)) {
bzero(buffer, MAX_BUFSIZE);
verifier_checklink(buffer);
} else if (0 == strncasecmp("GETPUBLIC", buffer, 9)) {
verifier.state = ON;
ret = client_connect(&verifier_getissuer, ISSUERIP, ISSUERPORT);
if (0 >= ret || GOTISSUER != verifier.state) {
printf("process_verifier: issuer connection failed\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
} else {
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
}
ret = 0;
} else if (0 == strncasecmp("EXIT", buffer, 4)) {
printf("exit()\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
ret = 1;
} else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) {
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "OK\n", 3);
ret = 2;
} else {
printf("error()\n");
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ERR\n", 4);
ret = 0;
}
printf("< VERIFIER: %s\n", buffer);
return ret;
}
int verifier_getissuer(char *buffer) {
int ret = 0;
switch (verifier.state) {
case ON:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "PUBLISH\n", 8);
verifier.state = ASKISSUER;
break;
case ASKISSUER:
if (0 == strncasecmp("PUBLISH", buffer, 7)) {
printf("ISSUER > VERIFIER: %s", buffer);
uint8_t binbuf[MAX_BUFSIZE];
char *current = &buffer[8];
ecdaa_hextobin(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
ret = ecdaa_issuer_public_key_FP256BN_deserialize(&verifier.ipk, binbuf);
if (-1 == ret) {
printf("verifier_getpublic: issuer public key is malformed!\n");
ret = -1;
} else if (-2 == ret) {
printf("verifier_getpublic: signature of issuer public key is invalid\n");
ret = -1;
} else {
verifier.state = GOTISSUER;
ret = 1;
}
} else {
printf("verifier_getpublic: did not get public key from issuer\n");
verifier.state = ON;
ret = -1;
}
break;
default:
ret = -1;
}
if (0 == ret) {
printf("ISSUER < VERIFIER: %s", buffer);
}
return ret;
}
//"ATTEST" > "OK"
int verifier_attestmember(char *buffer) {
int ret = 0;
switch (verifier.state) {
case GOTISSUER:
bzero(buffer, MAX_BUFSIZE);
strncpy(buffer, "ATTEST\n", 7);
verifier.state = ASKATTEST;
break;
case ASKATTEST:
if (0 == strncasecmp("ATTEST", buffer, 6)) {
printf("MEMBER > VERIFIER: %s", buffer);
ret = verifier_checkattest(buffer);
if (-1 == ret) {
printf("verifier_attestmember: member public key is malformed!\n");
ret = -1;
} else if (-2 == ret) {
printf("verifier_attestmember: signature of member public key is invalid\n");
ret = -1;
} else {
verifier.state = GOTISSUER;
ret = 1;
}
} else {
printf("verifier_attestmember: did not get correct message from member\n");
ret = -1;
}
break;
default:
ret = -1;
}
if (0 == ret) {
printf("MEMBER < VERIFIER: %s", buffer);
}
return ret;
}
//"ATTEST <msg>0<signature w/o bsn>" or
//"ATTEST <msg>1<signature with bsn>"
int verifier_checkattest(char *buffer) {
char *current = &buffer[7]; //"ATTEST "
char msg[MAX_MSGSIZE];
strncpy(msg, current, MAX_MSGSIZE);
size_t msg_len = strlen(msg);
current = &current[MAX_MSGSIZE];
int has_nym = current[0] - '0';
current = &current[1];
char bsn[MAX_BSNSIZE];
bzero(bsn, MAX_BSNSIZE);
size_t bsn_len = 0;
uint8_t binbuf[MAX_BUFSIZE];
bzero(binbuf, MAX_BUFSIZE);
if (has_nym) {
strncpy(bsn, current, MAX_BSNSIZE);
bsn_len = strlen(bsn);
current = &current[MAX_BSNSIZE];
}
int sig_len = has_nym ? ECDAA_SIGNATURE_FP256BN_WITH_NYM_LENGTH : ECDAA_SIGNATURE_FP256BN_LENGTH;
ecdaa_hextobin(current, binbuf, sig_len);
struct ecdaa_signature_FP256BN sig;
int ret = ecdaa_signature_FP256BN_deserialize(&sig, binbuf, has_nym);
if (0 != ret) {
printf("verifier_checkattest: error reading signature\n");
return -1;
}
printf("verifier_checkattest: msg: %s, len: %lu\n",msg, msg_len);
printf("verifier_checkattest: bsn: %s, len: %lu\n",bsn, bsn_len);
printf("verifier_checkattest: sig: %s", current);
ret = ecdaa_signature_FP256BN_verify(&sig, &verifier.ipk.gpk, &verifier.revocations, (uint8_t *) msg, msg_len,
(uint8_t *) bsn, bsn_len);
if (0 != ret) {
printf("verifier_checkattest: signature not valid\n");
return -1;
}
return 0;
}
//"LINK" > "NOT IMPLEMENTED"
int verifier_checklink(char *buffer) {
strncat(buffer, "NOT_IMPLEMENTED\n", 17);
return 0;
}