You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
277 lines
8.7 KiB
277 lines
8.7 KiB
#include "issuer.h"
|
|
|
|
typedef enum issuer_state {
|
|
ON,
|
|
JOINSTART,
|
|
JOINPROCEED,
|
|
READY
|
|
} issuerstate_e;
|
|
|
|
typedef struct issuer {
|
|
struct ecdaa_issuer_public_key_FP256BN ipk;
|
|
struct ecdaa_issuer_secret_key_FP256BN isk;
|
|
uint8_t nonce[NONCE_SIZE];
|
|
struct ecdaa_member_public_key_FP256BN mpk;
|
|
issuerstate_e state;
|
|
struct ecdaa_credential_FP256BN cred;
|
|
struct ecdaa_credential_FP256BN_signature cred_sig;
|
|
} issuer_t;
|
|
|
|
issuer_t issuer;
|
|
|
|
int issuer_setup();
|
|
int issuer_reset(char *buffer);
|
|
int issuer_joinstart(char *buffer);
|
|
int issuer_joinproceed(char *buffer);
|
|
int issuer_publish(char *buffer);
|
|
|
|
int main() {
|
|
issuer.state = ON;
|
|
if(ON == issuer.state) {
|
|
if (0 == issuer_setup()) {
|
|
issuer.state = READY;
|
|
} else {
|
|
printf("issuer setup failed\n");
|
|
return 1;
|
|
}
|
|
}
|
|
|
|
if (2 != server_start(&process_issuer, ISSUERPORT)) {
|
|
printf("server failed\n");
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
int process_issuer(char *buffer) {
|
|
int ret = 0;
|
|
|
|
printf("> ISSUER: %s\n", buffer);
|
|
|
|
if (0 == strncasecmp("OK", buffer, 2)) {
|
|
switch (issuer.state) {
|
|
case JOINPROCEED:
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
issuer.state = READY;
|
|
ret = 1;
|
|
break;
|
|
default:
|
|
printf("nothing to confirm\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("ERR", buffer, 3)) {
|
|
switch (issuer.state) {
|
|
case JOINPROCEED:
|
|
printf("command failed at client\n");
|
|
issuer.state = READY;
|
|
break;
|
|
default:
|
|
issuer.state = READY;
|
|
printf("ignoring command\n");
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("ABORT", buffer, 5)) {
|
|
switch (issuer.state) {
|
|
case JOINSTART:
|
|
case JOINPROCEED:
|
|
printf("aborting join\n");
|
|
issuer.state = READY;
|
|
break;
|
|
default:
|
|
printf("nothing to abort\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("RESET", buffer, 5)) {
|
|
switch (issuer.state) {
|
|
case READY:
|
|
case JOINSTART:
|
|
case JOINPROCEED:
|
|
printf("generate new issuer identity\n");
|
|
if (0 == issuer_setup(buffer)) {
|
|
issuer.state = READY;
|
|
} else {
|
|
printf("issuer setup failed\n");
|
|
return 2;
|
|
}
|
|
break;
|
|
default:
|
|
printf("Reset not possible\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("JOIN", buffer, 4)) {
|
|
switch (issuer.state) {
|
|
case READY:
|
|
if(0 == issuer_joinstart(buffer)) {
|
|
issuer.state = JOINSTART;
|
|
}
|
|
break;
|
|
default:
|
|
printf("Issuer not ready for join\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("APPEND", buffer, 6)) {
|
|
switch (issuer.state) {
|
|
case JOINSTART:
|
|
if(0 == issuer_joinproceed(buffer)) {
|
|
issuer.state = JOINPROCEED;
|
|
}
|
|
break;
|
|
default:
|
|
printf("Issuer not ready for append\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("PUBLISH", buffer, 7)) {
|
|
switch (issuer.state) {
|
|
case READY:
|
|
case JOINPROCEED:
|
|
case JOINSTART:
|
|
issuer_publish(buffer);
|
|
break;
|
|
default:
|
|
printf("There are no keys to publish\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
break;
|
|
}
|
|
} else if (0 == strncasecmp("EXIT", buffer, 4)) {
|
|
printf("closing client session\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
ret = 1;
|
|
} else if (0 == strncasecmp("SHUTDOWN", buffer, 8)) {
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
ret = 2;
|
|
} else {
|
|
printf("unknown command\n");
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "ERR\n", 4);
|
|
ret = 0;
|
|
}
|
|
|
|
if(0 == ret) {
|
|
printf("< ISSUER: %s\n", buffer);
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
// "JOIN" > "JOINSTART <issuer.nonce>"
|
|
int issuer_joinstart(char *buffer) {
|
|
ecdaa_rand(issuer.nonce, NONCE_SIZE);
|
|
char* current;
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "JOINSTART ", 10);
|
|
current = &buffer[10];
|
|
ecdaa_encode(issuer.nonce, current, NONCE_SIZE);
|
|
buffer[2 * NONCE_SIZE + 10] = '\n';
|
|
return 0;
|
|
}
|
|
|
|
// "APPEND <member.mpk>" > "JOINPROCEED <member.cred><member.cred_sig>"
|
|
int issuer_joinproceed(char *buffer) {
|
|
char *current = &buffer[7];
|
|
uint8_t binbuf[MAX_BUFSIZE];
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
int ret = 0;
|
|
|
|
ecdaa_decode(current, binbuf, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH);
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
ret = ecdaa_member_public_key_FP256BN_deserialize(&issuer.mpk, binbuf, issuer.nonce, NONCE_SIZE);
|
|
if(-1 == ret) {
|
|
strncpy(buffer, "ERR\n", 4);
|
|
printf("issuer_joinproceed: member public key is malformed!\n");
|
|
return -1;
|
|
} else if (-2 == ret) {
|
|
strncpy(buffer, "ERR\n", 4);
|
|
printf("issuer_joinproceed: signature of member public key is invalid\n");
|
|
return -1;
|
|
}
|
|
|
|
if (0 != ecdaa_credential_FP256BN_generate(&issuer.cred, &issuer.cred_sig, &issuer.isk, &issuer.mpk, ecdaa_rand)) {
|
|
strncpy(buffer, "ERR\n", 4);
|
|
printf("issuer_joinproceed: error generating credential\n");
|
|
return -1;
|
|
}
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "JOINPROCEED ", 12);
|
|
|
|
current = &buffer[12];
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
ecdaa_credential_FP256BN_serialize(binbuf, &issuer.cred);
|
|
ret = ecdaa_encode(binbuf, current, ECDAA_CREDENTIAL_FP256BN_LENGTH);
|
|
|
|
current = ¤t[ret];
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
ecdaa_credential_FP256BN_signature_serialize(binbuf, &issuer.cred_sig);
|
|
ret = ecdaa_encode(binbuf, current, ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH);
|
|
|
|
current[ret] = '\n';
|
|
return 0;
|
|
}
|
|
|
|
// "RESET > RESETDONE"
|
|
int issuer_reset(char *buffer) {
|
|
printf("issuer_reset: generating new keys and save them to disk\n");
|
|
if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) {
|
|
printf("issuer_reset: Error generating issuer key-pair\n");
|
|
strncpy(buffer, "ERR\n", 4);
|
|
return -1;
|
|
}
|
|
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &issuer.ipk) ||
|
|
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &issuer.isk)) {
|
|
printf("issuer_reset: Error saving key-pair to disk\n");
|
|
strncpy(buffer, "ERR\n", 4);
|
|
return -1;
|
|
}
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "RESETDONE\n", 10);
|
|
return 0;
|
|
}
|
|
|
|
//Load or generate issuer keypair initially
|
|
int issuer_setup() {
|
|
printf("setup()\n");
|
|
if (0 == ecdaa_issuer_public_key_FP256BN_deserialize_file(&issuer.ipk, issuer_public_key_file)) {
|
|
if (0 == ecdaa_issuer_secret_key_FP256BN_deserialize_file(&issuer.isk, issuer_secret_key_file)) {
|
|
printf("issuer_setup: loaded keys from disk\n");
|
|
return 0;
|
|
}
|
|
}
|
|
printf("issuer_setup: generating new keys and save them to disk\n");
|
|
if (0 != ecdaa_issuer_key_pair_FP256BN_generate(&issuer.ipk, &issuer.isk, ecdaa_rand)) {
|
|
printf("issuer_setup: Error generating issuer key-pair\n");
|
|
return -1;
|
|
}
|
|
if(0 != ecdaa_issuer_public_key_FP256BN_serialize_file(issuer_public_key_file, &issuer.ipk) ||
|
|
0 != ecdaa_issuer_secret_key_FP256BN_serialize_file(issuer_secret_key_file, &issuer.isk)) {
|
|
printf("issuer_setup: Error saving key-pair to disk\n");
|
|
return -1;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
// "PUBLISH" > "PUBLISH <issuer.ipk>"
|
|
int issuer_publish(char *buffer) {
|
|
char *current;
|
|
uint8_t binbuf[MAX_BUFSIZE];
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
int ret = 0;
|
|
|
|
strncpy(buffer, "PUBLISH ", 8);
|
|
|
|
current = &buffer[8];
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
ecdaa_issuer_public_key_FP256BN_serialize(binbuf, &issuer.ipk);
|
|
ret = ecdaa_encode(binbuf, current, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
|
|
|
|
current[ret] = '\n';
|
|
|
|
return 0;
|
|
}
|
|
|