aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFranklin Wei <me@fwei.tk>2018-06-04 18:04:20 -0400
committerFranklin Wei <me@fwei.tk>2018-06-04 18:04:20 -0400
commit35d085feee188ef5b6910fe67222fb297c5c6ea6 (patch)
treeabbd39ffb2f3092ead5be2e558df4913ba4cca9f
parenta4bee983312b69bb28bc57f3e7210f0e9b645930 (diff)
downloadcsaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.zip
csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.gz
csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.bz2
csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.xz
Implement trusted module secret relaying
-rw-r--r--service_provider.c10
-rw-r--r--trusted_module.c47
-rw-r--r--trusted_module.h1
3 files changed, 52 insertions, 6 deletions
diff --git a/service_provider.c b/service_provider.c
index a6c68c2..aaa58a1 100644
--- a/service_provider.c
+++ b/service_provider.c
@@ -8,9 +8,9 @@
#include "trusted_module.h"
struct file_version {
- hash_t k; /* h(key, f_idx) */
- hash_t l; /* h(encrypted contents, k) */
- hash_t enc_key; /* XOR'd with h(k, module secret) */
+ hash_t kf; /* h(key, file_idx) */
+ hash_t l; /* h(h(file contents), kf) */
+ hash_t enc_key; /* XOR'd with h(kf, module secret) */
struct tm_cert cert; /* VR certificate */
hash_t cert_hmac;
@@ -26,8 +26,8 @@ struct file_record {
struct iomt_node *acl;
int acl_nodes;
- struct tm_cert cert; /* FR cert */
- hash_t cert_hmac;
+ struct tm_cert fr_cert; /* issued by module */
+ hash_t fr_hmac;
struct file_version *versions;
int n_versions;
diff --git a/trusted_module.c b/trusted_module.c
index 501267f..78a010e 100644
--- a/trusted_module.c
+++ b/trusted_module.c
@@ -70,6 +70,13 @@ bool hash_equals(hash_t a, hash_t b)
return !memcmp(a.hash, b.hash, 32);
}
+hash_t hash_xor(hash_t a, hash_t b)
+{
+ for(int i = 0; i < 32; ++i)
+ a.hash[i] ^= b.hash[i];
+ return a;
+}
+
struct trusted_module *tm_new(const void *key, size_t keylen)
{
struct trusted_module *tm = calloc(1, sizeof(struct trusted_module));
@@ -168,7 +175,8 @@ struct tm_cert tm_cert_node_update(struct trusted_module *tm, hash_t orig, hash_
return cert;
}
-static struct tm_cert cert_null = { NONE };
+static const struct tm_cert cert_null = { NONE };
+static const struct hash_t hash_null = { { 0 } };
static const char *tm_error = NULL;
static void tm_seterror(const char *error)
@@ -666,6 +674,43 @@ struct tm_cert tm_request(struct trusted_module *tm,
assert(false);
}
+/* enc_secret is encrypted by the user by XOR'ing the file encryption
+ * key with h(f + c_f + K), where + denotes concatenation. The purpose
+ * of this function is to decrypt the secret passed by the user,
+ * verify its integrity against kf=HMAC(secret, key=f_idx), and then
+ * re-encrypt the secret with the module's secret key. This is the
+ * F_rs() function described by Mohanty et al. */
+hash_t tm_verify_and_encrypt_secret(struct trusted_module *tm,
+ uint64_t file_idx, uint64_t file_counter, uint64_t user_id, hash_t enc_secret, hash_t kf)
+{
+ hash_t pad; /* key = enc_secret ^ pad */
+ HMAC_CTX *ctx = HMAC_CTX_new();
+ HMAC_Init_ex(ctx, tm->user_keys[user_id - 1].key, tm->user_keys[user_id - 1].len,
+ EVP_sha256(), NULL);
+
+ HMAC_Update(ctx, (const unsigned char*)&file_idx, sizeof(file_idx));
+ HMAC_Update(ctx, (const unsigned char*)&file_counter, sizeof(file_counter));
+
+ HMAC_Final(ctx, pad.hash, NULL);
+ HMAC_CTX_free(ctx);
+
+ hash_t key = hash_xor(enc_secret, pad);
+
+ if(hash_equals(kf,
+ hmac_sha256(key.hash, sizeof(key.hash),
+ &file_idx, sizeof(file_idx))))
+ {
+ /* re-encrypt */
+ pad = hmac_sha256(kf.hash, sizeof(kf.hash),
+ tm->secret, sizeof(tm->secret));
+
+ return hash_xor(key, pad);
+ }
+
+ /* failure */
+ return hash_null;
+}
+
/* self-test */
void check(int condition)
{
diff --git a/trusted_module.h b/trusted_module.h
index 7796a1a..7ecfa9f 100644
--- a/trusted_module.h
+++ b/trusted_module.h
@@ -98,6 +98,7 @@ struct tm_cert tm_cert_record_update(struct trusted_module *tm,
bool tm_set_equiv_root(struct trusted_module *tm,
const struct tm_cert *cert_eq, hash_t hmac);
+/* process a user's request to transform the IOMT in some way */
struct tm_cert tm_request(struct trusted_module *tm,
const struct user_request *req, hash_t req_hmac,
hash_t *hmac_out,