Home Explore Help
Sign In
miti
/
linux-sgx-trts-modified
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
linux-sgx-tr...
/
external
/
epid-sdk
/
epid
/
member
/
src
/
join.c

join.c 4.8 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152 
  1. /*############################################################################
    2. 

  2.   # Copyright 2017 Intel Corporation
    3. 

  3.   #
    4. 

  4.   # Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5.   # you may not use this file except in compliance with the License.
    6. 

  6.   # You may obtain a copy of the License at
    7. 

  7.   #
    8. 

  8.   #     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9.   #
    10. 

  10.   # Unless required by applicable law or agreed to in writing, software
    11. 

  11.   # distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12.   # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13.   # See the License for the specific language governing permissions and
    14. 

  14.   # limitations under the License.
    15. 

  15.   ############################################################################*/
    16. 

  16. /// Join Request related implementation.
    17. 

  17. /*! \file */
    18. 

  18. 

  19. #include <epid/member/api.h>
    20. 

  20. 

  21. #include "epid/common/src/epid2params.h"
    22. 

  22. #include "epid/common/src/grouppubkey.h"
    23. 

  23. #include "epid/common/src/hashsize.h"
    24. 

  24. #include "epid/common/src/memory.h"
    25. 

  25. #include "epid/common/types.h"
    26. 

  26. #include "epid/member/src/context.h"
    27. 

  27. #include "epid/member/src/join_commitment.h"
    28. 

  28. #include "epid/member/src/privateexp.h"
    29. 

  29. #include "epid/member/src/resize.h"
    30. 

  30. #include "epid/member/tpm2/commit.h"
    31. 

  31. #include "epid/member/tpm2/sign.h"
    32. 

  32. 

  33. /// Handle SDK Error with Break
    34. 

  34. #define BREAK_ON_EPID_ERROR(ret) \
    35. 

  35.   if (kEpidNoErr != (ret)) {     \
    36. 

  36.     break;                       \
    37. 

  37.   }
    38. 

  38. 

  39. EpidStatus EpidCreateJoinRequest(MemberCtx* ctx, GroupPubKey const* pub_key,
    40. 

  40.                                  IssuerNonce const* ni,
    41. 

  41.                                  JoinRequest* join_request) {
    42. 

  42.   EpidStatus sts = kEpidErr;
    43. 

  43.   GroupPubKey_* pub_key_ = NULL;
    44. 

  44.   EcPoint* t = NULL;  // temporary used for F and R
    45. 

  45.   EcPoint* h1 = NULL;
    46. 

  46.   EcPoint* K = NULL;
    47. 

  47.   EcPoint* l = NULL;
    48. 

  48.   EcPoint* e = NULL;
    49. 

  49. 

  50.   FfElement* k = NULL;
    51. 

  51.   FfElement* s = NULL;
    52. 

  52.   uint8_t* digest = NULL;
    53. 

  53. 

  54.   if (!ctx || !pub_key || !ni || !join_request || !ctx->epid2_params) {
    55. 

  55.     return kEpidBadArgErr;
    56. 

  56.   }
    57. 

  57. 

  58.   if (kSha256 != ctx->hash_alg && kSha384 != ctx->hash_alg &&
    59. 

  59.       kSha512 != ctx->hash_alg && kSha512_256 != ctx->hash_alg) {
    60. 

  60.     return kEpidBadArgErr;
    61. 

  61.   }
    62. 

  62. 

  63.   do {
    64. 

  64.     JoinRequest request = {0};
    65. 

  65.     G1ElemStr R = {0};
    66. 

  66.     EcGroup* G1 = ctx->epid2_params->G1;
    67. 

  67.     FiniteField* Fp = ctx->epid2_params->Fp;
    68. 

  68.     size_t digest_size = 0;
    69. 

  69. 

  70.     if (!ctx->is_provisioned && !ctx->is_initially_provisioned) {
    71. 

  71.       sts = EpidMemberInitialProvision(ctx);
    72. 

  72.       BREAK_ON_EPID_ERROR(sts);
    73. 

  73.     }
    74. 

  74. 

  75.     // validate public key by creating
    76. 

  76.     sts = CreateGroupPubKey(pub_key, ctx->epid2_params->G1,
    77. 

  77.                             ctx->epid2_params->G2, &pub_key_);
    78. 

  78.     BREAK_ON_EPID_ERROR(sts);
    79. 

  79. 

  80.     sts = NewEcPoint(G1, &t);
    81. 

  81.     BREAK_ON_EPID_ERROR(sts);
    82. 

  82.     sts = NewEcPoint(G1, &h1);
    83. 

  83.     BREAK_ON_EPID_ERROR(sts);
    84. 

  84.     sts = ReadEcPoint(G1, &pub_key->h1, sizeof(pub_key->h1), h1);
    85. 

  85.     BREAK_ON_EPID_ERROR(sts);
    86. 

  86. 

  87.     // 2. The member computes F = G1.sscmExp(h1, f).
    88. 

  88.     sts = EpidPrivateExp(ctx, h1, t);
    89. 

  89.     BREAK_ON_EPID_ERROR(sts);
    90. 

  90.     sts = WriteEcPoint(G1, t, &request.F, sizeof(request.F));
    91. 

  91.     BREAK_ON_EPID_ERROR(sts);
    92. 

  92. 

  93.     // 1. The member chooses a random integer r from [1, p-1].
    94. 

  94.     // 3. The member computes R = G1.sscmExp(h1, r).
    95. 

  95.     sts = NewEcPoint(G1, &K);
    96. 

  96.     BREAK_ON_EPID_ERROR(sts);
    97. 

  97.     sts = NewEcPoint(G1, &l);
    98. 

  98.     BREAK_ON_EPID_ERROR(sts);
    99. 

  99.     sts = NewEcPoint(G1, &e);
    100. 

  100.     BREAK_ON_EPID_ERROR(sts);
    101. 

  101.     sts =
    102. 

  102.         Tpm2Commit(ctx->tpm2_ctx, h1, NULL, 0, NULL, K, l, e, &(ctx->join_ctr));
    103. 

  103.     BREAK_ON_EPID_ERROR(sts);
    104. 

  104.     sts = WriteEcPoint(G1, e, &R, sizeof(R));
    105. 

  105.     BREAK_ON_EPID_ERROR(sts);
    106. 

  106. 

  107.     sts = HashJoinCommitment(ctx->epid2_params->Fp, ctx->hash_alg, pub_key,
    108. 

  108.                              &request.F, &R, ni, &request.c);
    109. 

  109.     BREAK_ON_EPID_ERROR(sts);
    110. 

  110. 

  111.     // Extend value c to be of a digest size.
    112. 

  112.     digest_size = EpidGetHashSize(ctx->hash_alg);
    113. 

  113.     digest = (uint8_t*)SAFE_ALLOC(digest_size);
    114. 

  114.     if (!digest) {
    115. 

  115.       sts = kEpidMemAllocErr;
    116. 

  116.       break;
    117. 

  117.     }
    118. 

  118.     sts = ResizeOctStr(&request.c, sizeof(request.c), digest, digest_size);
    119. 

  119.     BREAK_ON_EPID_ERROR(sts);
    120. 

  120. 

  121.     // Step 5. The member computes s = (r + c * f) mod p.
    122. 

  122.     sts = NewFfElement(Fp, &k);
    123. 

  123.     BREAK_ON_EPID_ERROR(sts);
    124. 

  124.     sts = NewFfElement(Fp, &s);
    125. 

  125.     BREAK_ON_EPID_ERROR(sts);
    126. 

  126.     sts = Tpm2Sign(ctx->tpm2_ctx, digest, digest_size, ctx->join_ctr, k, s);
    127. 

  127.     BREAK_ON_EPID_ERROR(sts);
    128. 

  128.     sts = WriteFfElement(Fp, s, &request.s, sizeof(request.s));
    129. 

  129.     BREAK_ON_EPID_ERROR(sts);
    130. 

  130. 

  131.     // Step 6. The output join request is (F, c, s).
    132. 

  132.     *join_request = request;
    133. 

  133. 

  134.     sts = kEpidNoErr;
    135. 

  135.   } while (0);
    136. 

  136. 

  137.   if (sts != kEpidNoErr) {
    138. 

  138.     (void)Tpm2ReleaseCounter(ctx->tpm2_ctx, ctx->join_ctr);
    139. 

  139.   }
    140. 

  140. 

  141.   DeleteEcPoint(&t);
    142. 

  142.   DeleteEcPoint(&h1);
    143. 

  143.   DeleteEcPoint(&K);
    144. 

  144.   DeleteEcPoint(&l);
    145. 

  145.   DeleteEcPoint(&e);
    146. 

  146.   DeleteFfElement(&k);
    147. 

  147.   DeleteFfElement(&s);
    148. 

  148.   SAFE_FREE(digest);
    149. 

  149.   DeleteGroupPubKey(&pub_key_);
    150. 

  150. 

  151.   return sts;
    152. 

  152. }
    153.