diff options
Diffstat (limited to 'src/reclaim/vc_crypto.c')
-rw-r--r-- | src/reclaim/vc_crypto.c | 167 |
1 files changed, 167 insertions, 0 deletions
diff --git a/src/reclaim/vc_crypto.c b/src/reclaim/vc_crypto.c new file mode 100644 index 000000000..83b720666 --- /dev/null +++ b/src/reclaim/vc_crypto.c | |||
@@ -0,0 +1,167 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet | ||
3 | Copyright (C) 2022 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file reclaim/libgnunet_reclaim_vc_crypto.c | ||
23 | * @author Tristan Schwieren | ||
24 | */ | ||
25 | |||
26 | #include "platform.h" | ||
27 | #include "gnunet_util_lib.h" | ||
28 | #include "gnunet_identity_service.h" | ||
29 | #include "gnunet_signatures.h" | ||
30 | #include <jansson.h> | ||
31 | |||
32 | |||
33 | /** | ||
34 | * @brief Genereate the missing signature for a verifiable presentation | ||
35 | * @param pres A verifiable presentation with an empty signature field | ||
36 | * @param pk The private key which is used to generate the Signature | ||
37 | * @param result The verifiable presentation containing a valid signature is returned | ||
38 | */ | ||
39 | char * | ||
40 | generate_signature_vp(json_t * pres, | ||
41 | const struct GNUNET_IDENTITY_PrivateKey * pk) | ||
42 | { | ||
43 | // TODO: make sig multibase | ||
44 | char * data; | ||
45 | json_t * proof; | ||
46 | |||
47 | struct GNUNET_IDENTITY_Signature sig; | ||
48 | ssize_t sig_size; | ||
49 | |||
50 | struct GNUNET_CRYPTO_EccSignaturePurpose * sig_purpose; | ||
51 | ssize_t sig_purpose_size; | ||
52 | |||
53 | void * sig_buf; | ||
54 | ssize_t sig_buf_size; | ||
55 | |||
56 | char * sig_str; | ||
57 | ssize_t sig_str_size; | ||
58 | |||
59 | char * sig_str_final; | ||
60 | |||
61 | // Add empty signature key-value -> encode json -> delete empty signature key-value | ||
62 | // FIXME: Needs a real Canonicalization Scheme | ||
63 | proof = json_object_get(pres, "proof"); | ||
64 | json_object_set(proof, "signature", json_string("")); | ||
65 | data = json_dumps(pres, JSON_COMPACT); | ||
66 | json_object_del(proof, "signature"); | ||
67 | free(proof); | ||
68 | |||
69 | // Generate Signature | ||
70 | sig_purpose_size = sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + strlen(data); | ||
71 | sig_purpose = malloc(sig_purpose_size); | ||
72 | sig_purpose->size = htonl(sig_purpose_size); | ||
73 | sig_purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_TEST); | ||
74 | memcpy(&sig_purpose[1], (void *) data, strlen(data)); | ||
75 | |||
76 | GNUNET_IDENTITY_sign_(pk, | ||
77 | sig_purpose, | ||
78 | &sig); | ||
79 | |||
80 | free(data); | ||
81 | free(sig_purpose); | ||
82 | |||
83 | // Convert Signature to string | ||
84 | sig_size = GNUNET_IDENTITY_signature_get_length(&sig); | ||
85 | sig_buf = malloc(sig_size); | ||
86 | sig_buf_size = GNUNET_IDENTITY_write_signature_to_buffer(&sig, sig_buf, sig_size); | ||
87 | sig_str_size = GNUNET_STRINGS_base64_encode(sig_buf, sig_buf_size, &sig_str); | ||
88 | free(sig_buf); | ||
89 | |||
90 | return sig_str; | ||
91 | } | ||
92 | |||
93 | /** | ||
94 | * @brief Verfiy the the Proof of the verfiable presentation | ||
95 | * @return Return 1 if the verfiable Presentation has been issued by the subject and not been manipulated in any way. Return 0 if not | ||
96 | */ | ||
97 | int | ||
98 | verify_vp(char * vp) | ||
99 | { | ||
100 | json_t * pres; | ||
101 | |||
102 | char * data; | ||
103 | json_t * proof; | ||
104 | const char * verification_method; | ||
105 | char * pubk_str; | ||
106 | struct GNUNET_IDENTITY_PublicKey * pubk; | ||
107 | |||
108 | struct GNUNET_IDENTITY_Signature * sig; | ||
109 | ssize_t sig_size; | ||
110 | |||
111 | struct GNUNET_CRYPTO_EccSignaturePurpose * sig_purpose; | ||
112 | ssize_t sig_purpose_size; | ||
113 | |||
114 | void * sig_buf; | ||
115 | ssize_t sig_buf_size; | ||
116 | |||
117 | const char * sig_str; | ||
118 | ssize_t sig_str_size; | ||
119 | |||
120 | int valid; | ||
121 | |||
122 | pres = json_loads(vp, JSON_DECODE_ANY, NULL); | ||
123 | |||
124 | // Add empty signature key-value -> encode json -> delete empty signature key-value | ||
125 | // FIXME: Needs a real Canonicalization Scheme | ||
126 | proof = json_object_get(pres, "proof"); | ||
127 | json_object_del(proof, "signature"); | ||
128 | json_object_set(proof, "signature", json_string("")); | ||
129 | data = json_dumps(pres, JSON_COMPACT); | ||
130 | |||
131 | // Get pubkey from reclaim did | ||
132 | verification_method = json_string_value(json_object_get(proof, "verificationMethod")); | ||
133 | pubk_str = malloc(sizeof(char)*100); // FIXME: Get the real public key len | ||
134 | sscanf(verification_method, "did:reclaim:%s#key-1", pubk_str); | ||
135 | GNUNET_IDENTITY_public_key_from_string(pubk_str, pubk); | ||
136 | free(pubk_str); | ||
137 | |||
138 | // Get signature | ||
139 | sig_str = json_string_value(json_object_get(proof, "signature")); | ||
140 | sig_str_size = strlen(sig_str); | ||
141 | sig_buf = malloc(sig_str_size); | ||
142 | sig_buf_size = GNUNET_STRINGS_base64_decode(sig_str, sig_str_size, sig_buf); | ||
143 | sig_size = GNUNET_IDENTITY_read_signature_from_buffer(sig, sig_buf, sig_buf_size); | ||
144 | |||
145 | free(proof); | ||
146 | free(pres); | ||
147 | free(sig_buf); | ||
148 | |||
149 | // Generate Purpose | ||
150 | sig_purpose_size = sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + strlen(data); | ||
151 | sig_purpose = malloc(sig_purpose_size); | ||
152 | sig_purpose->size = htonl(sig_purpose_size); | ||
153 | sig_purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_TEST); | ||
154 | memcpy(&sig_purpose[1], (void *) data, strlen(data)); | ||
155 | |||
156 | valid = GNUNET_IDENTITY_signature_verify_(GNUNET_SIGNATURE_PURPOSE_TEST, | ||
157 | sig_purpose, | ||
158 | sig, | ||
159 | pubk); | ||
160 | |||
161 | free(data); | ||
162 | free(sig_purpose); | ||
163 | free(pubk); | ||
164 | free(sig); | ||
165 | |||
166 | return valid; | ||
167 | } \ No newline at end of file | ||