aboutsummaryrefslogtreecommitdiff
path: root/service_provider.h
blob: 97cf37ec71fae92d8aca4a23b3496848a4b77698 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
/* implementation of a basic service provider for use with the trusted
 * module */

#ifndef CSAA_SERVICE_PROVIDER_H
#define CSAA_SERVICE_PROVIDER_H

#include "crypto.h"
#include "trusted_module.h"

struct service_provider;

/* Client-service protocol: */

/* 1. Client sends user_request to service.
 *
 * 2. Client sends additional data to service, if needed.
 *
 * 3. Service sends filled tm_request to client for signature.
 *
 * 4. Client verifies that the tm_request is appropriate.
 *
 * 5. Client sends HMAC(tm_request, user key) to service.
 *
 * 6. Service performs action.
 *
 * 7. Service sends module's authenticated acknowledgement (and
 * response, in the case of RETRIEVE_INFO) to client.
 *
 * 8. Client verifies acknowledgement against earlier tm_request or
 * response.
 */

/* request from the client to the service */
struct user_request {
    enum { USERREQ_NONE = 0, CREATE_FILE, MODIFY_FILE, MODIFY_ACL, RETRIEVE_INFO, RETRIEVE_FILE } type;
    uint64_t user_id;
    union {
        uint64_t file_idx;
        struct {
            uint64_t file_idx;
            /* ACL IOMT will follow */

            /* service will respond with tm_request structure,
             * requiring a client signature; then the module's HMAC
             * will follow */
        } modify_acl;
        struct {
            uint64_t file_idx;
            hash_t encrypted_secret, kf;
            /* file contents, build code IOMT, and compose file IOMT
             * will follow */

            /* service will respond with tm_request structure,
             * requiring a client signature; then the module's HMAC
             * will follow */
        } modify_file;
        struct {
            /* same structure for retrieve file and retrieve info */
            uint64_t file_idx, version;

            /* used only for RETRIEVE_INFO */
            hash_t nonce;

            /* service will respond with either version_info struct,
             * the serialized ACL, and an HMAC, or file contents and
             * key (which the client can verify themselves) */
        } retrieve;
    };
} __attribute__((packed));

#ifndef CLIENT
struct service_provider *sp_new(const void *key,
                                size_t keylen,
                                int logleaves,
                                const char *data_dir,
                                const char *dbpath,
                                bool overwrite);
void sp_free(struct service_provider *sp);

/* see .c file for documentation */
struct tm_cert sp_request(struct service_provider *sp,
                          const struct tm_request *req, hash_t req_hmac,
                          hash_t *hmac_out,
                          struct tm_cert *vr_out, hash_t *vr_hmac_out,
                          hash_t *ack_hmac_out,
                          hash_t encrypted_secret, hash_t kf,
                          const void *encrypted_contents, size_t contents_len,
                          const void *buildcode, size_t buildcode_len,
                          const void *composefile, size_t composefile_len,
                          const struct iomt *new_acl);

/* Reserve a new file index with user_id added to the ACL. Returns
 * cert on failure. Authenticated with ack_hmac, which is the returned
 * request with a zero byte appended, signed by the module. */
struct tm_request sp_createfile(struct service_provider *sp,
                                uint64_t user_id,
                                hash_t (*sign_request)(void *userdata, const struct tm_request *req),
                                void *userdata,
                                hash_t *ack_hmac);

struct tm_request sp_modifyacl(struct service_provider *sp,
                               uint64_t user_id,
                               hash_t (*sign_request)(void *userdata, const struct tm_request *req),
                               void *userdata,
                               uint64_t file_idx,
                               struct iomt *new_acl,
                               hash_t *ack_hmac);

struct tm_request sp_modifyfile(struct service_provider *sp,
                                uint64_t user_id,
                                hash_t (*sign_request)(void *userdata, const struct tm_request *req),
                                void *userdata,
                                uint64_t file_idx,
                                hash_t encrypted_secret, hash_t kf,
                                const void *encrypted_file, size_t filelen,
                                const void *buildcode, size_t buildcode_len,
                                const void *composefile, size_t composefile_len,
                                hash_t *ack_hmac);

/* Retrieve authenticated information on a version of a file; if
 * version is zero, default to the latest version. */
struct version_info sp_fileinfo(struct service_provider *sp,
                                uint64_t user_id, uint64_t file_idx,
                                uint64_t version,
                                hash_t nonce,
                                hash_t *hmac,
                                struct iomt **acl_out);

/* Again, version=0 selects the latest version. */
void *sp_retrieve_file(struct service_provider *sp,
                       uint64_t user_id,
                       uint64_t file_idx,
                       uint64_t version,
                       hash_t *encrypted_secret,
                       hash_t *kf,
                       void **buildcode,
                       size_t *bc_len,
                       void **composefile,
                       size_t *cf_len,
                       size_t *len);

void sp_test(void);
#endif

#if defined(DUMMY) || !defined(CLIENT)
int sp_main(int sockfd, int logleaves, const char *dbpath, bool overwrite);

void sp_save(void);
#endif

#endif