Home Explore Help
Sign In
miti
/
linux-sgx-trts-modified
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
linux-sgx-tr...
/
external
/
epid-sdk
/
epid
/
member
/
src
/
validatekey.c

validatekey.c 4.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. /*############################################################################
    2. 

  2.   # Copyright 2017 Intel Corporation
    3. 

  3.   #
    4. 

  4.   # Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5.   # you may not use this file except in compliance with the License.
    6. 

  6.   # You may obtain a copy of the License at
    7. 

  7.   #
    8. 

  8.   #     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9.   #
    10. 

  10.   # Unless required by applicable law or agreed to in writing, software
    11. 

  11.   # distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12.   # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13.   # See the License for the specific language governing permissions and
    14. 

  14.   # limitations under the License.
    15. 

  15.   ############################################################################*/
    16. 

  16. /// Non-sensitive member context implementation
    17. 

  17. /*! \file */
    18. 

  18. 

  19. #include "epid/member/src/validatekey.h"
    20. 

  20. 

  21. #include <stddef.h>
    22. 

  22. 

  23. #include "epid/common/math/ecgroup.h"
    24. 

  24. #include "epid/common/math/finitefield.h"
    25. 

  25. #include "epid/common/math/pairing.h"
    26. 

  26. #include "epid/common/src/epid2params.h"
    27. 

  27. #include "epid/common/src/memory.h"
    28. 

  28. #include "epid/common/types.h"  // MemberPrecomp
    29. 

  29. #include "epid/member/src/context.h"
    30. 

  30. #include "epid/member/src/privateexp.h"
    31. 

  31. 

  32. /// Handle Intel(R) EPID Error with Break
    33. 

  33. #define BREAK_ON_EPID_ERROR(ret) \
    34. 

  34.   if (kEpidNoErr != (ret)) {     \
    35. 

  35.     break;                       \
    36. 

  36.   }
    37. 

  37. 

  38. bool EpidMemberIsKeyValid(MemberCtx* ctx, G1ElemStr const* A_str,
    39. 

  39.                           FpElemStr const* x_str, G1ElemStr const* h1_str,
    40. 

  40.                           G2ElemStr const* w_str) {
    41. 

  41.   bool key_is_valid = false;
    42. 

  42.   EcPoint* t1 = NULL;
    43. 

  43.   EcPoint* t2 = NULL;
    44. 

  44.   FfElement* t3 = NULL;
    45. 

  45.   FfElement* t4 = NULL;
    46. 

  46.   EcPoint* A = NULL;
    47. 

  47.   EcPoint* h1 = NULL;
    48. 

  48.   EcPoint* w = NULL;
    49. 

  49. 

  50.   if (!ctx || !A_str || !x_str || !h1_str || !w_str || !ctx->epid2_params) {
    51. 

  51.     return false;
    52. 

  52.   }
    53. 

  53. 

  54.   do {
    55. 

  55.     EpidStatus sts = kEpidErr;
    56. 

  56.     EcGroup* G1 = ctx->epid2_params->G1;
    57. 

  57.     EcGroup* G2 = ctx->epid2_params->G2;
    58. 

  58.     FiniteField* GT = ctx->epid2_params->GT;
    59. 

  59.     EcPoint* g1 = ctx->epid2_params->g1;
    60. 

  60.     EcPoint* g2 = ctx->epid2_params->g2;
    61. 

  61.     PairingState* ps_ctx = ctx->epid2_params->pairing_state;
    62. 

  62. 

  63.     if (!ctx->is_provisioned && !ctx->is_initially_provisioned) {
    64. 

  64.       sts = EpidMemberInitialProvision(ctx);
    65. 

  65.       BREAK_ON_EPID_ERROR(sts);
    66. 

  66.     }
    67. 

  67. 

  68.     // 2. The member computes t1 = G2.sscmExp(g2, x).
    69. 

  69.     sts = NewEcPoint(G2, &t1);
    70. 

  70.     BREAK_ON_EPID_ERROR(sts);
    71. 

  71. 

  72.     sts = EcSscmExp(G2, g2, (BigNumStr const*)x_str, t1);
    73. 

  73.     BREAK_ON_EPID_ERROR(sts);
    74. 

  74. 

  75.     // 3. The member computes t1 = G2.mul(t1, w).
    76. 

  76.     sts = NewEcPoint(G2, &w);
    77. 

  77.     BREAK_ON_EPID_ERROR(sts);
    78. 

  78.     sts = ReadEcPoint(G2, w_str, sizeof(*w_str), w);
    79. 

  79.     BREAK_ON_EPID_ERROR(sts);
    80. 

  80.     sts = EcMul(G2, t1, w, t1);
    81. 

  81.     BREAK_ON_EPID_ERROR(sts);
    82. 

  82. 

  83.     // 4. The member computes t3 = pairing(A, t1).
    84. 

  84.     sts = NewFfElement(GT, &t3);
    85. 

  85.     BREAK_ON_EPID_ERROR(sts);
    86. 

  86.     sts = NewEcPoint(G1, &A);
    87. 

  87.     BREAK_ON_EPID_ERROR(sts);
    88. 

  88.     sts = ReadEcPoint(G1, A_str, sizeof(*A_str), A);
    89. 

  89.     BREAK_ON_EPID_ERROR(sts);
    90. 

  90.     sts = Pairing(ps_ctx, A, t1, t3);
    91. 

  91.     BREAK_ON_EPID_ERROR(sts);
    92. 

  92. 

  93.     // 5. The member computes t2 = G1.sscmExp(h1, f).
    94. 

  94.     sts = NewEcPoint(G1, &t2);
    95. 

  95.     BREAK_ON_EPID_ERROR(sts);
    96. 

  96.     sts = NewEcPoint(G1, &h1);
    97. 

  97.     BREAK_ON_EPID_ERROR(sts);
    98. 

  98.     sts = ReadEcPoint(G1, h1_str, sizeof(*h1_str), h1);
    99. 

  99.     BREAK_ON_EPID_ERROR(sts);
    100. 

  100.     sts = EpidPrivateExp(ctx, h1, t2);
    101. 

  101.     BREAK_ON_EPID_ERROR(sts);
    102. 

  102. 

  103.     // 6. The member computes t2 = G1.mul(t2, g1).
    104. 

  104.     sts = EcMul(G1, t2, g1, t2);
    105. 

  105.     BREAK_ON_EPID_ERROR(sts);
    106. 

  106. 

  107.     // Step 7. The member computes t4 = pairing(t2, g2).
    108. 

  108.     sts = NewFfElement(GT, &t4);
    109. 

  109.     BREAK_ON_EPID_ERROR(sts);
    110. 

  110.     sts = Pairing(ps_ctx, t2, g2, t4);
    111. 

  111.     BREAK_ON_EPID_ERROR(sts);
    112. 

  112. 

  113.     // 8. If GT.isEqual(t3, t4) = false, reports bad private key.
    114. 

  114.     sts = FfIsEqual(GT, t3, t4, &key_is_valid);
    115. 

  115.     if (kEpidNoErr != sts) {
    116. 

  116.       key_is_valid = false;
    117. 

  117.       BREAK_ON_EPID_ERROR(sts);
    118. 

  118.     }
    119. 

  119.   } while (0);
    120. 

  120. 

  121.   DeleteEcPoint(&t1);
    122. 

  122.   DeleteEcPoint(&t2);
    123. 

  123.   DeleteFfElement(&t3);
    124. 

  124.   DeleteFfElement(&t4);
    125. 

  125.   DeleteEcPoint(&A);
    126. 

  126.   DeleteEcPoint(&h1);
    127. 

  127.   DeleteEcPoint(&w);
    128. 

  128. 

  129.   return key_is_valid;
    130. 

  130. }
    131.