diff options
author | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-08-18 00:22:24 +0200 |
---|---|---|
committer | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-08-18 00:22:24 +0200 |
commit | ad98c44df138ec77bab5835b9a947804be2b94ba (patch) | |
tree | ae8b918d635dc083eddbcea890e9b02fff77e0a1 | |
parent | f348649e3c2238bbe49c0b52cb940b114e86574f (diff) | |
download | gnunet-ad98c44df138ec77bab5835b9a947804be2b94ba.tar.gz gnunet-ad98c44df138ec77bab5835b9a947804be2b94ba.zip |
proving works
-rw-r--r-- | src/include/gnunet_zklaim_service.h | 4 | ||||
-rw-r--r-- | src/zklaim/gnunet-zklaim.c | 74 | ||||
-rw-r--r-- | src/zklaim/zklaim_api.c | 12 | ||||
-rw-r--r-- | src/zklaim/zklaim_functions.c | 62 | ||||
-rw-r--r-- | src/zklaim/zklaim_functions.h | 6 |
5 files changed, 154 insertions, 4 deletions
diff --git a/src/include/gnunet_zklaim_service.h b/src/include/gnunet_zklaim_service.h index 7a46d0242..f7ebcfbc3 100644 --- a/src/include/gnunet_zklaim_service.h +++ b/src/include/gnunet_zklaim_service.h | |||
@@ -204,6 +204,10 @@ GNUNET_ZKLAIM_context_prove_with_keyfile (struct GNUNET_ZKLAIM_Context *ctx, | |||
204 | const char* pkey_fn, | 204 | const char* pkey_fn, |
205 | GNUNET_ZKLAIM_PredicateIterator iter, | 205 | GNUNET_ZKLAIM_PredicateIterator iter, |
206 | void* iter_cls); | 206 | void* iter_cls); |
207 | int | ||
208 | GNUNET_ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx, | ||
209 | GNUNET_ZKLAIM_PredicateIterator iter, | ||
210 | void* iter_cls); | ||
207 | 211 | ||
208 | 212 | ||
209 | #if 0 /* keep Emacsens' auto-indent happy */ | 213 | #if 0 /* keep Emacsens' auto-indent happy */ |
diff --git a/src/zklaim/gnunet-zklaim.c b/src/zklaim/gnunet-zklaim.c index ef77b48e5..b60c62212 100644 --- a/src/zklaim/gnunet-zklaim.c +++ b/src/zklaim/gnunet-zklaim.c | |||
@@ -80,6 +80,12 @@ static char* ego_name; | |||
80 | static char* pkey_fn; | 80 | static char* pkey_fn; |
81 | 81 | ||
82 | /** | 82 | /** |
83 | * The proof to verify | ||
84 | */ | ||
85 | static char* verify_proof; | ||
86 | |||
87 | |||
88 | /** | ||
83 | * ZKLAIM handle | 89 | * ZKLAIM handle |
84 | */ | 90 | */ |
85 | static struct GNUNET_ZKLAIM_Handle *zklaim_handle; | 91 | static struct GNUNET_ZKLAIM_Handle *zklaim_handle; |
@@ -139,6 +145,7 @@ context_create_cb (void *cls, | |||
139 | int32_t success, | 145 | int32_t success, |
140 | const char* emsg) | 146 | const char* emsg) |
141 | { | 147 | { |
148 | zklaim_op = NULL; | ||
142 | if (GNUNET_OK == success) | 149 | if (GNUNET_OK == success) |
143 | fprintf (stdout, | 150 | fprintf (stdout, |
144 | "Created.\n"); | 151 | "Created.\n"); |
@@ -187,6 +194,7 @@ context_cb (void *cls, | |||
187 | char* data; | 194 | char* data; |
188 | char *str; | 195 | char *str; |
189 | 196 | ||
197 | zklaim_op = NULL; | ||
190 | if (NULL == ctx) | 198 | if (NULL == ctx) |
191 | { | 199 | { |
192 | fprintf (stderr, | 200 | fprintf (stderr, |
@@ -276,13 +284,48 @@ prove_iter (void *cls, | |||
276 | 284 | ||
277 | } | 285 | } |
278 | 286 | ||
287 | const char* zklaim_parse_op (enum zklaim_op e) { | ||
288 | switch (e) { | ||
289 | case zklaim_noop: | ||
290 | return "noop"; | ||
291 | case zklaim_less: | ||
292 | return "<"; | ||
293 | case zklaim_less_or_eq: | ||
294 | return "<="; | ||
295 | case zklaim_eq: | ||
296 | return "="; | ||
297 | case zklaim_greater_or_eq: | ||
298 | return ">="; | ||
299 | case zklaim_greater: | ||
300 | return ">"; | ||
301 | case zklaim_not_eq: | ||
302 | return "!="; | ||
303 | default: | ||
304 | return "enum zklaim_op: no valid value"; | ||
305 | } | ||
306 | } | ||
307 | |||
308 | void | ||
309 | verify_iter (void *cls, | ||
310 | const char* name, | ||
311 | enum zklaim_op *zop, | ||
312 | uint64_t *ref) | ||
313 | { | ||
314 | const char *op = zklaim_parse_op (*zop); | ||
315 | fprintf (stdout, | ||
316 | "%s %s %lu\n", name, op, *ref); | ||
317 | } | ||
318 | |||
279 | static void | 319 | static void |
280 | handle_arguments () | 320 | handle_arguments () |
281 | { | 321 | { |
282 | struct GNUNET_ZKLAIM_Context *ctx; | 322 | struct GNUNET_ZKLAIM_Context *ctx; |
283 | size_t len; | 323 | size_t len; |
284 | char *data; | 324 | char *data; |
325 | char *proof_str; | ||
326 | char *proof_data; | ||
285 | int ret; | 327 | int ret; |
328 | size_t proof_size; | ||
286 | 329 | ||
287 | timeout = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 60), | 330 | timeout = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 60), |
288 | &timeout_task, | 331 | &timeout_task, |
@@ -323,6 +366,31 @@ handle_arguments () | |||
323 | NULL); | 366 | NULL); |
324 | fprintf (stdout, | 367 | fprintf (stdout, |
325 | "%s\n", ret ? "failed." : "success."); | 368 | "%s\n", ret ? "failed." : "success."); |
369 | proof_size = GNUNET_ZKLAIM_context_serialize (ctx, | ||
370 | &proof_data); | ||
371 | GNUNET_STRINGS_base64_encode (proof_data, | ||
372 | proof_size, | ||
373 | &proof_str); | ||
374 | fprintf (stdout, | ||
375 | "Here is your proof:\n%s\n", proof_str); | ||
376 | GNUNET_free (proof_str); | ||
377 | GNUNET_free (proof_data); | ||
378 | GNUNET_ZKLAIM_context_destroy (ctx); | ||
379 | } | ||
380 | else if (verify_proof) | ||
381 | { | ||
382 | proof_size = GNUNET_STRINGS_base64_decode (verify_proof, | ||
383 | strlen (verify_proof), | ||
384 | (void**)&proof_data); | ||
385 | ctx = GNUNET_ZKLAIM_context_deserialize (proof_data, | ||
386 | proof_size); | ||
387 | ret = GNUNET_ZKLAIM_context_verify (ctx, | ||
388 | &verify_iter, | ||
389 | NULL); | ||
390 | fprintf (stdout, | ||
391 | "Proof is %s (%d)\n", ret ? "INVALID" : "VALID", ret); | ||
392 | GNUNET_free (proof_data); | ||
393 | GNUNET_ZKLAIM_context_destroy (ctx); | ||
326 | } | 394 | } |
327 | cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); | 395 | cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); |
328 | } | 396 | } |
@@ -431,6 +499,12 @@ main(int argc, char *const argv[]) | |||
431 | NULL, | 499 | NULL, |
432 | gettext_noop ("The proving key to use"), | 500 | gettext_noop ("The proving key to use"), |
433 | &pkey_fn), | 501 | &pkey_fn), |
502 | GNUNET_GETOPT_option_string ('V', | ||
503 | "verify", | ||
504 | NULL, | ||
505 | gettext_noop ("Proof to verify"), | ||
506 | &verify_proof), | ||
507 | |||
434 | GNUNET_GETOPT_OPTION_END | 508 | GNUNET_GETOPT_OPTION_END |
435 | }; | 509 | }; |
436 | if (GNUNET_OK != GNUNET_PROGRAM_run (argc, argv, "ct", | 510 | if (GNUNET_OK != GNUNET_PROGRAM_run (argc, argv, "ct", |
diff --git a/src/zklaim/zklaim_api.c b/src/zklaim/zklaim_api.c index fb83cccb6..8ec7ac410 100644 --- a/src/zklaim/zklaim_api.c +++ b/src/zklaim/zklaim_api.c | |||
@@ -639,4 +639,16 @@ GNUNET_ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx, | |||
639 | iter_cls); | 639 | iter_cls); |
640 | } | 640 | } |
641 | 641 | ||
642 | |||
643 | int | ||
644 | GNUNET_ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx, | ||
645 | GNUNET_ZKLAIM_PredicateIterator iter, | ||
646 | void* iter_cls) | ||
647 | { | ||
648 | return ZKLAIM_context_verify (ctx, | ||
649 | iter, | ||
650 | iter_cls); | ||
651 | } | ||
652 | |||
653 | |||
642 | /* end of zklaim_api.c */ | 654 | /* end of zklaim_api.c */ |
diff --git a/src/zklaim/zklaim_functions.c b/src/zklaim/zklaim_functions.c index 0c6ea67cc..b528e1bbf 100644 --- a/src/zklaim/zklaim_functions.c +++ b/src/zklaim/zklaim_functions.c | |||
@@ -34,7 +34,12 @@ ZKLAIM_context_sign (struct GNUNET_ZKLAIM_Context *ctx, | |||
34 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *key) | 34 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *key) |
35 | { | 35 | { |
36 | int rc; | 36 | int rc; |
37 | unsigned char *pubbuf; | ||
38 | size_t publen; | ||
37 | gcry_sexp_t priv; | 39 | gcry_sexp_t priv; |
40 | gcry_sexp_t pub; | ||
41 | gcry_mpi_t q; | ||
42 | gcry_ctx_t gctx; | ||
38 | 43 | ||
39 | //TODO how to ensure not hashed?? | 44 | //TODO how to ensure not hashed?? |
40 | zklaim_hash_ctx (ctx->ctx); | 45 | zklaim_hash_ctx (ctx->ctx); |
@@ -46,9 +51,22 @@ ZKLAIM_context_sign (struct GNUNET_ZKLAIM_Context *ctx, | |||
46 | { | 51 | { |
47 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 52 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
48 | "GCRY error...\n"); | 53 | "GCRY error...\n"); |
49 | //send_issue_response (ih, NULL, 0); | ||
50 | return GNUNET_SYSERR; | 54 | return GNUNET_SYSERR; |
51 | } | 55 | } |
56 | gcry_mpi_ec_new (&gctx, priv, NULL); | ||
57 | q = gcry_mpi_ec_get_mpi ("q@eddsa", gctx, 0); | ||
58 | rc = gcry_sexp_build(&pub, NULL, "(key-data (public-key (ecc (curve Ed25519) (q %M))))", q); | ||
59 | if (0 != rc) { | ||
60 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
61 | "GCRY error...\n"); | ||
62 | return GNUNET_SYSERR; | ||
63 | } | ||
64 | gcry_mpi_release(q); | ||
65 | zklaim_pub2buf(pub, &pubbuf, &publen); | ||
66 | gcry_sexp_release(pub); | ||
67 | gcry_ctx_release (gctx); | ||
68 | memcpy(ctx->ctx->pub_key, pubbuf, sizeof(ctx->ctx->pub_key)); | ||
69 | free(pubbuf); | ||
52 | return zklaim_ctx_sign (ctx->ctx, priv); | 70 | return zklaim_ctx_sign (ctx->ctx, priv); |
53 | } | 71 | } |
54 | 72 | ||
@@ -113,6 +131,7 @@ ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx, | |||
113 | { | 131 | { |
114 | int i; | 132 | int i; |
115 | int j; | 133 | int j; |
134 | int ret; | ||
116 | char *attr_name; | 135 | char *attr_name; |
117 | char *tmp; | 136 | char *tmp; |
118 | zklaim_wrap_payload_ctx *plw; | 137 | zklaim_wrap_payload_ctx *plw; |
@@ -153,13 +172,48 @@ ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx, | |||
153 | GNUNET_assert (NULL != plw); | 172 | GNUNET_assert (NULL != plw); |
154 | } | 173 | } |
155 | GNUNET_free (tmp); | 174 | GNUNET_free (tmp); |
156 | return zklaim_proof_generate (ctx->ctx); | 175 | ret = zklaim_proof_generate (ctx->ctx); |
176 | zklaim_clear_pres(ctx->ctx); | ||
177 | return ret; | ||
157 | } | 178 | } |
158 | 179 | ||
159 | int | 180 | int |
160 | ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx, | 181 | ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx, |
161 | const struct GNUNET_CRYPTO_EcdsaPublicKey *ttp) | 182 | GNUNET_ZKLAIM_PredicateIterator iter, |
183 | void *iter_cls) | ||
162 | { | 184 | { |
163 | //TODO check ttp pubkey against pubkey in ctx | 185 | int i; |
186 | int j; | ||
187 | char *attr_name; | ||
188 | char *tmp; | ||
189 | zklaim_wrap_payload_ctx *plw; | ||
190 | |||
191 | tmp = GNUNET_strdup (ctx->attrs); | ||
192 | attr_name = strtok (tmp, ","); | ||
193 | plw = ctx->ctx->pl_ctx_head; | ||
194 | for (i = 0; i < ctx->ctx->num_of_payloads; i++) | ||
195 | { | ||
196 | for (j = 0; j < ZKLAIM_MAX_PAYLOAD_ATTRIBUTES; j++) | ||
197 | { | ||
198 | |||
199 | if (NULL == attr_name) | ||
200 | break; | ||
201 | iter (iter_cls, | ||
202 | attr_name, | ||
203 | &plw->pl.data_op[j], | ||
204 | &plw->pl.data_ref[j]); | ||
205 | if ((attr_name - tmp) == (strlen (attr_name) + 1)) | ||
206 | { | ||
207 | attr_name = NULL; | ||
208 | break; | ||
209 | } | ||
210 | attr_name = strtok (attr_name + strlen (attr_name) + 1, ","); | ||
211 | } | ||
212 | if (NULL == attr_name) | ||
213 | break; | ||
214 | plw = plw->next; | ||
215 | GNUNET_assert (NULL != plw); | ||
216 | } | ||
217 | GNUNET_free (tmp); | ||
164 | return zklaim_ctx_verify (ctx->ctx); | 218 | return zklaim_ctx_verify (ctx->ctx); |
165 | } | 219 | } |
diff --git a/src/zklaim/zklaim_functions.h b/src/zklaim/zklaim_functions.h index 6fda611fa..4b141a56a 100644 --- a/src/zklaim/zklaim_functions.h +++ b/src/zklaim/zklaim_functions.h | |||
@@ -74,4 +74,10 @@ ZKLAIM_context_prove (struct GNUNET_ZKLAIM_Context *ctx, | |||
74 | GNUNET_ZKLAIM_PredicateIterator iter, | 74 | GNUNET_ZKLAIM_PredicateIterator iter, |
75 | void *iter_cls); | 75 | void *iter_cls); |
76 | 76 | ||
77 | |||
78 | int | ||
79 | ZKLAIM_context_verify (struct GNUNET_ZKLAIM_Context *ctx, | ||
80 | GNUNET_ZKLAIM_PredicateIterator iter, | ||
81 | void *iter_cls); | ||
82 | |||
77 | #endif | 83 | #endif |