summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-08-18 00:22:24 +0200
committerSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-08-18 00:22:24 +0200
commitad98c44df138ec77bab5835b9a947804be2b94ba (patch)
treeae8b918d635dc083eddbcea890e9b02fff77e0a1
parentf348649e3c2238bbe49c0b52cb940b114e86574f (diff)
proving works
-rw-r--r--src/include/gnunet_zklaim_service.h4
-rw-r--r--src/zklaim/gnunet-zklaim.c74
-rw-r--r--src/zklaim/zklaim_api.c12
-rw-r--r--src/zklaim/zklaim_functions.c62
-rw-r--r--src/zklaim/zklaim_functions.h6
5 files changed, 154 insertions, 4 deletions
diff --git a/src/include/gnunet_zklaim_service.h b/src/include/gnunet_zklaim_service.h
index 7a46d0242..f7ebcfbc3 100644
--- a/src/include/gnunet_zklaim_service.h
+++ b/src/include/gnunet_zklaim_service.h
@@ -204,6 +204,10 @@ GNUNET_ZKLAIM_context_prove_with_keyfile (struct GNUNET_ZKLAIM_Context *ctx,
const char* pkey_fn,
GNUNET_ZKLAIM_PredicateIterator iter,
void* iter_cls);
+int
+GNUNET_ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx,
+ GNUNET_ZKLAIM_PredicateIterator iter,
+ void* iter_cls);
#if 0 /* keep Emacsens' auto-indent happy */
diff --git a/src/zklaim/gnunet-zklaim.c b/src/zklaim/gnunet-zklaim.c
index ef77b48e5..b60c62212 100644
--- a/src/zklaim/gnunet-zklaim.c
+++ b/src/zklaim/gnunet-zklaim.c
@@ -80,6 +80,12 @@ static char* ego_name;
static char* pkey_fn;
/**
+ * The proof to verify
+ */
+static char* verify_proof;
+
+
+/**
* ZKLAIM handle
*/
static struct GNUNET_ZKLAIM_Handle *zklaim_handle;
@@ -139,6 +145,7 @@ context_create_cb (void *cls,
int32_t success,
const char* emsg)
{
+ zklaim_op = NULL;
if (GNUNET_OK == success)
fprintf (stdout,
"Created.\n");
@@ -187,6 +194,7 @@ context_cb (void *cls,
char* data;
char *str;
+ zklaim_op = NULL;
if (NULL == ctx)
{
fprintf (stderr,
@@ -276,13 +284,48 @@ prove_iter (void *cls,
}
+const char* zklaim_parse_op (enum zklaim_op e) {
+ switch (e) {
+ case zklaim_noop:
+ return "noop";
+ case zklaim_less:
+ return "<";
+ case zklaim_less_or_eq:
+ return "<=";
+ case zklaim_eq:
+ return "=";
+ case zklaim_greater_or_eq:
+ return ">=";
+ case zklaim_greater:
+ return ">";
+ case zklaim_not_eq:
+ return "!=";
+ default:
+ return "enum zklaim_op: no valid value";
+ }
+}
+
+void
+verify_iter (void *cls,
+ const char* name,
+ enum zklaim_op *zop,
+ uint64_t *ref)
+{
+ const char *op = zklaim_parse_op (*zop);
+ fprintf (stdout,
+ "%s %s %lu\n", name, op, *ref);
+}
+
static void
handle_arguments ()
{
struct GNUNET_ZKLAIM_Context *ctx;
size_t len;
char *data;
+ char *proof_str;
+ char *proof_data;
int ret;
+ size_t proof_size;
timeout = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 60),
&timeout_task,
@@ -323,6 +366,31 @@ handle_arguments ()
NULL);
fprintf (stdout,
"%s\n", ret ? "failed." : "success.");
+ proof_size = GNUNET_ZKLAIM_context_serialize (ctx,
+ &proof_data);
+ GNUNET_STRINGS_base64_encode (proof_data,
+ proof_size,
+ &proof_str);
+ fprintf (stdout,
+ "Here is your proof:\n%s\n", proof_str);
+ GNUNET_free (proof_str);
+ GNUNET_free (proof_data);
+ GNUNET_ZKLAIM_context_destroy (ctx);
+ }
+ else if (verify_proof)
+ {
+ proof_size = GNUNET_STRINGS_base64_decode (verify_proof,
+ strlen (verify_proof),
+ (void**)&proof_data);
+ ctx = GNUNET_ZKLAIM_context_deserialize (proof_data,
+ proof_size);
+ ret = GNUNET_ZKLAIM_context_verify (ctx,
+ &verify_iter,
+ NULL);
+ fprintf (stdout,
+ "Proof is %s (%d)\n", ret ? "INVALID" : "VALID", ret);
+ GNUNET_free (proof_data);
+ GNUNET_ZKLAIM_context_destroy (ctx);
}
cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
@@ -431,6 +499,12 @@ main(int argc, char *const argv[])
NULL,
gettext_noop ("The proving key to use"),
&pkey_fn),
+ GNUNET_GETOPT_option_string ('V',
+ "verify",
+ NULL,
+ gettext_noop ("Proof to verify"),
+ &verify_proof),
+
GNUNET_GETOPT_OPTION_END
};
if (GNUNET_OK != GNUNET_PROGRAM_run (argc, argv, "ct",
diff --git a/src/zklaim/zklaim_api.c b/src/zklaim/zklaim_api.c
index fb83cccb6..8ec7ac410 100644
--- a/src/zklaim/zklaim_api.c
+++ b/src/zklaim/zklaim_api.c
@@ -639,4 +639,16 @@ GNUNET_ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx,
iter_cls);
}
+
+int
+GNUNET_ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx,
+ GNUNET_ZKLAIM_PredicateIterator iter,
+ void* iter_cls)
+{
+ return ZKLAIM_context_verify (ctx,
+ iter,
+ iter_cls);
+}
+
+
/* end of zklaim_api.c */
diff --git a/src/zklaim/zklaim_functions.c b/src/zklaim/zklaim_functions.c
index 0c6ea67cc..b528e1bbf 100644
--- a/src/zklaim/zklaim_functions.c
+++ b/src/zklaim/zklaim_functions.c
@@ -34,7 +34,12 @@ ZKLAIM_context_sign (struct GNUNET_ZKLAIM_Context *ctx,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *key)
{
int rc;
+ unsigned char *pubbuf;
+ size_t publen;
gcry_sexp_t priv;
+ gcry_sexp_t pub;
+ gcry_mpi_t q;
+ gcry_ctx_t gctx;
//TODO how to ensure not hashed??
zklaim_hash_ctx (ctx->ctx);
@@ -46,9 +51,22 @@ ZKLAIM_context_sign (struct GNUNET_ZKLAIM_Context *ctx,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"GCRY error...\n");
- //send_issue_response (ih, NULL, 0);
return GNUNET_SYSERR;
}
+ gcry_mpi_ec_new (&gctx, priv, NULL);
+ q = gcry_mpi_ec_get_mpi ("q@eddsa", gctx, 0);
+ rc = gcry_sexp_build(&pub, NULL, "(key-data (public-key (ecc (curve Ed25519) (q %M))))", q);
+ if (0 != rc) {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "GCRY error...\n");
+ return GNUNET_SYSERR;
+ }
+ gcry_mpi_release(q);
+ zklaim_pub2buf(pub, &pubbuf, &publen);
+ gcry_sexp_release(pub);
+ gcry_ctx_release (gctx);
+ memcpy(ctx->ctx->pub_key, pubbuf, sizeof(ctx->ctx->pub_key));
+ free(pubbuf);
return zklaim_ctx_sign (ctx->ctx, priv);
}
@@ -113,6 +131,7 @@ ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx,
{
int i;
int j;
+ int ret;
char *attr_name;
char *tmp;
zklaim_wrap_payload_ctx *plw;
@@ -153,13 +172,48 @@ ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx,
GNUNET_assert (NULL != plw);
}
GNUNET_free (tmp);
- return zklaim_proof_generate (ctx->ctx);
+ ret = zklaim_proof_generate (ctx->ctx);
+ zklaim_clear_pres(ctx->ctx);
+ return ret;
}
int
ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *ttp)
+ GNUNET_ZKLAIM_PredicateIterator iter,
+ void *iter_cls)
{
- //TODO check ttp pubkey against pubkey in ctx
+ int i;
+ int j;
+ char *attr_name;
+ char *tmp;
+ zklaim_wrap_payload_ctx *plw;
+
+ tmp = GNUNET_strdup (ctx->attrs);
+ attr_name = strtok (tmp, ",");
+ plw = ctx->ctx->pl_ctx_head;
+ for (i = 0; i < ctx->ctx->num_of_payloads; i++)
+ {
+ for (j = 0; j < ZKLAIM_MAX_PAYLOAD_ATTRIBUTES; j++)
+ {
+
+ if (NULL == attr_name)
+ break;
+ iter (iter_cls,
+ attr_name,
+ &plw->pl.data_op[j],
+ &plw->pl.data_ref[j]);
+ if ((attr_name - tmp) == (strlen (attr_name) + 1))
+ {
+ attr_name = NULL;
+ break;
+ }
+ attr_name = strtok (attr_name + strlen (attr_name) + 1, ",");
+ }
+ if (NULL == attr_name)
+ break;
+ plw = plw->next;
+ GNUNET_assert (NULL != plw);
+ }
+ GNUNET_free (tmp);
return zklaim_ctx_verify (ctx->ctx);
}
diff --git a/src/zklaim/zklaim_functions.h b/src/zklaim/zklaim_functions.h
index 6fda611fa..4b141a56a 100644
--- a/src/zklaim/zklaim_functions.h
+++ b/src/zklaim/zklaim_functions.h
@@ -74,4 +74,10 @@ ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx,
GNUNET_ZKLAIM_PredicateIterator iter,
void *iter_cls);
+
+int
+ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx,
+ GNUNET_ZKLAIM_PredicateIterator iter,
+ void *iter_cls);
+
#endif