check_privrl_entry.c 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. /*############################################################################
  2. # Copyright 2016-2017 Intel Corporation
  3. #
  4. # Licensed under the Apache License, Version 2.0 (the "License");
  5. # you may not use this file except in compliance with the License.
  6. # You may obtain a copy of the License at
  7. #
  8. # http://www.apache.org/licenses/LICENSE-2.0
  9. #
  10. # Unless required by applicable law or agreed to in writing, software
  11. # distributed under the License is distributed on an "AS IS" BASIS,
  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. # See the License for the specific language governing permissions and
  14. # limitations under the License.
  15. ############################################################################*/
  16. /*!
  17. * \file
  18. * \brief EpidCheckPrivRlEntry implementation.
  19. */
  20. #include "epid/verifier/api.h"
  21. #include "epid/verifier/src/context.h"
  22. EpidStatus EpidCheckPrivRlEntry(VerifierCtx const* ctx,
  23. BasicSignature const* sig, FpElemStr const* f) {
  24. EpidStatus result = kEpidErr;
  25. EcPoint* b = NULL;
  26. EcPoint* k = NULL;
  27. EcPoint* t4 = NULL;
  28. EcGroup* G1 = NULL;
  29. FfElement* ff_elem = NULL;
  30. if (!ctx || !sig || !f) {
  31. return kEpidBadArgErr;
  32. }
  33. if (!ctx->epid2_params || !ctx->epid2_params->G1) {
  34. return kEpidBadArgErr;
  35. }
  36. do {
  37. // Section 4.1.2 Step 4.b For i = 0, ... , n1-1, the verifier computes t4
  38. // =G1.exp(B, f[i]) and verifies that G1.isEqual(t4, K) = false.
  39. bool compare_result = false;
  40. FiniteField* Fp = ctx->epid2_params->Fp;
  41. G1 = ctx->epid2_params->G1;
  42. result = NewFfElement(Fp, &ff_elem);
  43. if (kEpidNoErr != result) {
  44. break;
  45. }
  46. result = NewEcPoint(G1, &b);
  47. if (kEpidNoErr != result) {
  48. break;
  49. }
  50. result = NewEcPoint(G1, &k);
  51. if (kEpidNoErr != result) {
  52. break;
  53. }
  54. result = NewEcPoint(G1, &t4);
  55. if (kEpidNoErr != result) {
  56. break;
  57. }
  58. // ReadFfElement checks that the value f is in the field
  59. result = ReadFfElement(Fp, (BigNumStr const*)f, sizeof(BigNumStr), ff_elem);
  60. if (kEpidNoErr != result) {
  61. break;
  62. }
  63. result = ReadEcPoint(G1, &sig->B, sizeof(sig->B), b);
  64. if (kEpidNoErr != result) {
  65. break;
  66. }
  67. result = ReadEcPoint(G1, &sig->K, sizeof(sig->K), k);
  68. if (kEpidNoErr != result) {
  69. break;
  70. }
  71. result = EcExp(G1, b, (BigNumStr const*)f, t4);
  72. if (kEpidNoErr != result) {
  73. break;
  74. }
  75. result = EcIsEqual(G1, t4, k, &compare_result);
  76. if (kEpidNoErr != result) {
  77. break;
  78. }
  79. // if t4 == k, sig revoked in PrivRl
  80. if (compare_result) {
  81. result = kEpidSigRevokedInPrivRl;
  82. } else {
  83. result = kEpidNoErr;
  84. }
  85. } while (0);
  86. DeleteFfElement(&ff_elem);
  87. DeleteEcPoint(&t4);
  88. DeleteEcPoint(&k);
  89. DeleteEcPoint(&b);
  90. return result;
  91. }