You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
283 lines
10 KiB
283 lines
10 KiB
#include "member.h"
|
|
|
|
typedef enum memberstate {
|
|
ON,
|
|
ISSUERPUB,
|
|
RCVPUBLIC,
|
|
JOIN,
|
|
APPEND,
|
|
JOINPROCEED,
|
|
JOINED,
|
|
} memberstate_e;
|
|
|
|
typedef struct member {
|
|
struct ecdaa_member_public_key_FP256BN mpk;
|
|
struct ecdaa_member_secret_key_FP256BN msk;
|
|
memberstate_e state;
|
|
uint8_t nonce[NONCE_SIZE];
|
|
struct ecdaa_credential_FP256BN cred;
|
|
struct ecdaa_issuer_public_key_FP256BN ipk;
|
|
uint8_t bsn[MAX_BSNSIZE];
|
|
size_t bsn_len;
|
|
} member_t;
|
|
|
|
member_t member;
|
|
uint8_t msg[MAX_MSGSIZE];
|
|
size_t msg_len;
|
|
int member_join(char *buffer);
|
|
|
|
int member_verifymsg(char *buffer);
|
|
|
|
int member_publish(char *buffer);
|
|
|
|
int member_joinappend(char *buffer);
|
|
|
|
int member_joinfinish(char *buffer);
|
|
|
|
int main(int argc, char **argv) {
|
|
char buffer[MAX_BUFSIZE];
|
|
char *remote_ip = argv[2];
|
|
int ret = 0;
|
|
//strncpy(member.bsn, "mybasename", 10);
|
|
//member.bsn_len = strlen(member.bsn);
|
|
switch(argc) {
|
|
case 3:
|
|
if( 0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) {
|
|
member.state = ON;
|
|
ret = client_connect(&member_join, remote_ip, ISSUERPORT);
|
|
if (0 >= ret || JOINED != member.state) {
|
|
printf("Join process failed!\n");
|
|
return 1;
|
|
} else {
|
|
printf("Join process was successful\n");
|
|
}
|
|
} else {
|
|
printf("2 arguments but not join\n");
|
|
}
|
|
break;
|
|
case 4:
|
|
if( 0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
|
|
msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, argv[3]);
|
|
if (msg_len < 0) {
|
|
printf("Could not open message file %s\n", argv[3]);
|
|
return 1;
|
|
}
|
|
if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) ||
|
|
0 != ecdaa_member_secret_key_FP256BN_deserialize_file(&member.msk, member_secret_key_file) ||
|
|
0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
|
|
0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
|
|
printf("Could not import key files. importing from %s, %s, %s or %s was not successful\n",
|
|
member_nonce_file, member_secret_key_file, member_public_key_file, member_credential_file);
|
|
return 1;
|
|
}
|
|
member.state = JOINED;
|
|
ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
|
|
if (0 >= ret || JOINED != member.state) {
|
|
printf("connection to verifier failed\n");
|
|
}
|
|
} else {
|
|
printf("3 arguments but not send\n");
|
|
}
|
|
break;
|
|
default:
|
|
printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]);
|
|
printf("Send a signed message to the verifier: %s --send <verifier's IPv4> <msgfile>\n", argv[0]);
|
|
printf("Before sending a DAA-signed message, the member must join a DAA group\n");
|
|
break;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
int member_join(char *buffer) {
|
|
int ret = 0;
|
|
|
|
switch (member.state) {
|
|
case ON:
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "PUBLISH\n", 8);
|
|
member.state = ISSUERPUB;
|
|
break;
|
|
case ISSUERPUB:
|
|
if (0 == strncasecmp("PUBLISH", buffer, 7)) {
|
|
printf("ISSUER > MEMBER: %s\n", buffer);
|
|
uint8_t binbuf[MAX_BUFSIZE];
|
|
char *current = &buffer[8];
|
|
ecdaa_decode(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
|
|
ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf);
|
|
if (-1 == ret) {
|
|
printf("member_getpublic: issuer public key is malformed!\n");
|
|
ret = -1;
|
|
} else if (-2 == ret) {
|
|
printf("member_getpublic: signature of issuer public key is invalid\n");
|
|
ret = -1;
|
|
} else {
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "JOIN\n", 5);
|
|
member.state = APPEND;
|
|
ret = 0;
|
|
}
|
|
} else {
|
|
printf("member_getpublic: did not get public key from issuer\n");
|
|
member.state = ON;
|
|
ret = -1;
|
|
}
|
|
break;
|
|
case APPEND:
|
|
if (0 == strncasecmp("JOINSTART", buffer, 9)) {
|
|
printf("ISSUER > MEMBER: %s\n", buffer);
|
|
member_joinappend(buffer);
|
|
member.state = JOINPROCEED;
|
|
} else {
|
|
printf("member_join: did not get nonce from issuer\n");
|
|
member.state = RCVPUBLIC;
|
|
ret = -1;
|
|
}
|
|
break;
|
|
case JOINPROCEED:
|
|
if (0 == strncasecmp("JOINPROCEED", buffer, 11)) {
|
|
printf("ISSUER > MEMBER: %s\n", buffer);
|
|
member_joinfinish(buffer);
|
|
member.state = JOINED;
|
|
ret = 1;
|
|
} else {
|
|
printf("member_getpublic: did not get credentials from issuer\n");
|
|
member.state = RCVPUBLIC;
|
|
ret = -1;
|
|
}
|
|
break;
|
|
default:
|
|
ret = -1;
|
|
}
|
|
if (0 <= ret) {
|
|
printf("ISSUER < MEMBER: %s\n", buffer);
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
//"VERIFYMSG" > "VERIFYMSG <attestval>"
|
|
int member_verifymsg(char *buffer) {
|
|
char *current = buffer;
|
|
uint8_t binbuf[MAX_BUFSIZE];
|
|
uint8_t has_nym = member.bsn_len > 0 ? 1 : 0;
|
|
struct ecdaa_signature_FP256BN sig;
|
|
size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length();
|
|
int ret = 0;
|
|
|
|
if (0 == strncasecmp("OK", buffer, 2)) {
|
|
return 1;
|
|
} else if (0 == strncasecmp("ERR", buffer, 3)) {
|
|
printf("member_verifymsg: Verifier refused signature\n");
|
|
return 1;
|
|
}
|
|
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(current, "VERIFYMSG ", 10);
|
|
current = ¤t[10];
|
|
|
|
ret = ecdaa_encode(msg, current, msg_len);
|
|
current = ¤t[2 * MAX_MSGSIZE];
|
|
if(has_nym) {
|
|
if (0 != ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.msk, &member.cred, ecdaa_rand)) {
|
|
printf("member_verifymsg: Signing message failed\n");
|
|
}
|
|
current[0] = '1';
|
|
current = ¤t[1];
|
|
strncpy(current, (char *)member.bsn, MAX_BSNSIZE);
|
|
current = ¤t[MAX_BSNSIZE];
|
|
} else {
|
|
if (0 != ecdaa_signature_FP256BN_sign(&sig, msg, msg_len, NULL, 0, &member.msk, &member.cred, ecdaa_rand)) {
|
|
printf("member_verifymsg: Signing message failed\n");
|
|
}
|
|
current[0] = '0';
|
|
current = ¤t[1];
|
|
}
|
|
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
|
|
ret = ecdaa_encode(binbuf, current, sig_len);
|
|
printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
|
|
printf("member_verifymsg: msg: %s, len: %lu\n",msg, msg_len);
|
|
printf("member_verifymsg: bsn: %s, len: %lu\n",(char *)member.bsn, strlen((char *)member.bsn));
|
|
printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len);
|
|
|
|
current[ret] = '\n';
|
|
return 0;
|
|
}
|
|
|
|
//"PUBLISH" > "PUBLISH <member.mpk>"
|
|
/* int member_publish(char *buffer) { */
|
|
/* char *current; */
|
|
/* int ret = 0; */
|
|
/* uint8_t binbuf[MAX_BUFSIZE]; */
|
|
/* bzero(buffer, MAX_BUFSIZE); */
|
|
|
|
/* strncpy(buffer, "PUBLISH ", 8); */
|
|
|
|
/* current = &buffer[8]; */
|
|
/* bzero(binbuf, MAX_BUFSIZE); */
|
|
/* ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk); */
|
|
/* ret = ecdaa_encode(binbuf, current, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH); */
|
|
|
|
/* current[ret] = '\n'; */
|
|
|
|
/* return 0; */
|
|
/* } */
|
|
|
|
//"JOINSTART <issuer.nonce>" > "APPEND <member.mpk>"
|
|
int member_joinappend(char *buffer) {
|
|
char *current = &buffer[10];
|
|
uint8_t binbuf[MAX_BUFSIZE];
|
|
int ret = ecdaa_decode(current, member.nonce, NONCE_SIZE);
|
|
ecdaa_write_buffer_to_file(member_nonce_file, member.nonce, NONCE_SIZE);
|
|
// if (0 != ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, member.nonce, NONCE_SIZE)) {
|
|
if (0 != ecdaa_member_key_pair_FP256BN_generate(&member.mpk, &member.msk, member.nonce, NONCE_SIZE, ecdaa_rand)) {
|
|
fprintf(stderr, "Error generating member key-pair\n");
|
|
return -1;
|
|
}
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
strncpy(buffer, "APPEND ", 7);
|
|
|
|
current = &buffer[7];
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk);
|
|
ret = ecdaa_encode(binbuf, current, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH);
|
|
current[ret] = '\n';
|
|
return 0;
|
|
}
|
|
|
|
//"JOINPROCEED <member.cred><member.cred_sig>" > ""
|
|
int member_joinfinish(char *buffer) {
|
|
char *current = &buffer[12];
|
|
uint8_t *bincur;
|
|
uint8_t binbuf[MAX_BUFSIZE];
|
|
int ret = 0;
|
|
bzero(binbuf, MAX_BUFSIZE);
|
|
ret = ecdaa_decode(current, binbuf, ECDAA_CREDENTIAL_FP256BN_LENGTH);
|
|
|
|
current = ¤t[ret];
|
|
bincur = &binbuf[ECDAA_CREDENTIAL_FP256BN_LENGTH];
|
|
ecdaa_decode(current, bincur, ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH);
|
|
ret = ecdaa_credential_FP256BN_deserialize_with_signature(&member.cred, &member.mpk, &member.ipk.gpk, binbuf, bincur);
|
|
bzero(buffer, MAX_BUFSIZE);
|
|
if(-1 == ret) {
|
|
printf("member_joinfinish: credential is malformed!\n");
|
|
strncpy(buffer, "ERR", 3);
|
|
ret = -1;
|
|
} else if(-2 == ret) {
|
|
printf("member_joinfinish: siganture of credential is invalid\n");
|
|
strncpy(buffer, "ERR", 3);
|
|
ret = -1;
|
|
}
|
|
printf("member_joinfinish: writing key-pair and credential to disk\n");
|
|
if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) ||
|
|
0 != ecdaa_member_secret_key_FP256BN_serialize_file(member_secret_key_file, &member.msk) ||
|
|
0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) {
|
|
printf("issuer_setup: Error saving key-pair or credential to disk\n");
|
|
strncpy(buffer, "ERR", 3);
|
|
ret = -1;
|
|
} else {
|
|
strncpy(buffer, "OK", 2);
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
|