Challenge response successful
This commit is contained in:
atul.jha
@@ -116,7 +116,7 @@ if(DEBUG)printf("Pass2\n");
|
||||
|
||||
*/
|
||||
|
||||
DIMASTATUS challenge( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t *signlen)
|
||||
DIMASTATUS challengeCl( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t *signlen)
|
||||
{
|
||||
|
||||
DIMASTATUS ret = 0;
|
||||
@@ -158,12 +158,15 @@ DIMASTATUS challenge( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t
|
||||
printf(" :signature intr\n" );
|
||||
|
||||
}
|
||||
|
||||
// server : send challenge, cli_info -> cli_fd
|
||||
|
||||
return DIMASUCCESS;
|
||||
|
||||
}
|
||||
|
||||
|
||||
DIMASTATUS response( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t signlen)
|
||||
DIMASTATUS verifyCl( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t signlen)
|
||||
{
|
||||
|
||||
//Paramer checks
|
||||
|
||||
@@ -25,21 +25,92 @@
|
||||
#include "mbedtls/sha1.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
|
||||
#include "mbedtls/net_sockets.h"
|
||||
|
||||
|
||||
#include "defines.h"
|
||||
|
||||
|
||||
#define SERVER_PORT "11999"
|
||||
#define PLAINTEXT "==Hello there!=="
|
||||
#define SERVER_ID "0001"
|
||||
#define CLIENT_ID "0002"
|
||||
|
||||
////////typedefs
|
||||
|
||||
|
||||
typedef struct
|
||||
{
|
||||
/*
|
||||
Use this struct to load, store and update client info on server side
|
||||
or both ways if mutual attestation is possible
|
||||
*/
|
||||
const char * cli_ID;
|
||||
const char * pub_file;
|
||||
mbedtls_ecp_point * pub_key;
|
||||
int Cli_STATUS;
|
||||
int Cli_CAP;
|
||||
const uint8_t * NONCE;
|
||||
mbedtls_net_context * cli_fd;
|
||||
|
||||
} Client_info;
|
||||
|
||||
|
||||
typedef struct
|
||||
{
|
||||
/*
|
||||
Use this struct to load, store and update info about server on client
|
||||
*/
|
||||
const char * ser_ID;
|
||||
const char * pub_file;
|
||||
mbedtls_ecp_point * pub_key;
|
||||
mbedtls_net_context * ser_fd;
|
||||
} Server_info;
|
||||
|
||||
|
||||
typedef struct
|
||||
{
|
||||
//Use this struct to maintain uniformity between client and sever
|
||||
|
||||
const char * cli_ID;
|
||||
const uint8_t * NONCE;
|
||||
const uint8_t * sign;
|
||||
const size_t sig_len;
|
||||
|
||||
} Chall_context;
|
||||
|
||||
|
||||
typedef struct
|
||||
{
|
||||
//Use this struct to maintain uniformity between client and sever
|
||||
|
||||
const char * cli_ID;
|
||||
const uint8_t * NONCE;
|
||||
const uint8_t * sign;
|
||||
const size_t sig_len;
|
||||
} Resp_context;
|
||||
|
||||
|
||||
///////////functions
|
||||
|
||||
|
||||
DIMASTATUS load_nodes(Client_info * Cl_list);
|
||||
|
||||
DIMASTATUS genNONCE( Client_info * Cl_ctx);
|
||||
|
||||
DIMASTATUS challenge( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t *signlen);
|
||||
DIMASTATUS challengeCl( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t *signlen);
|
||||
//DIMASTATUS challengeCTX( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, Chall_context * ch_ctx);
|
||||
|
||||
|
||||
DIMASTATUS response( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t signlen);
|
||||
DIMASTATUS verifyCl( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, uint8_t *sign, size_t signlen);
|
||||
//DIMASTATUS responseCTX( mbedtls_pk_context * pk_ctx, Client_info * Cl_ctx, Resp_context * resp_ctx);
|
||||
|
||||
|
||||
DIMASTATUS responSer( mbedtls_pk_context * pk_ctx, Resp_context * Res_ctx, uint8_t *sign, size_t *signlen);
|
||||
|
||||
DIMASTATUS IIStepSend(unsigned char * outBuff, mbedtls_net_context * net_fd);
|
||||
|
||||
DIMASTATUS IIStepRecv(unsigned char * inBuff, mbedtls_net_context * net_fd);
|
||||
|
||||
|
||||
#endif
|
||||
@@ -25,6 +25,8 @@
|
||||
#define DIMAVERIFYFAILURE -1012
|
||||
|
||||
|
||||
#define DIMANETWORKFAILURE -1020
|
||||
|
||||
#define DIMAINFOMISMATCH -1100
|
||||
|
||||
|
||||
@@ -139,44 +141,6 @@ typedef struct
|
||||
//useless structure ^ this one
|
||||
|
||||
|
||||
typedef struct
|
||||
{
|
||||
/*
|
||||
Use this struct to load, store and update client info on server side
|
||||
or both ways if mutual attestation is possible
|
||||
*/
|
||||
const char * cli_ID;
|
||||
const char * pub_file;
|
||||
mbedtls_ecp_point * pub_key;
|
||||
int Cli_STATUS;
|
||||
int Cli_CAP;
|
||||
const uint8_t * NONCE;
|
||||
|
||||
} Client_info;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
//Use this struct to maintain uniformity between client and sever
|
||||
|
||||
const char * cli_ID;
|
||||
const uint8_t * NONCE;
|
||||
const uint8_t * sign;
|
||||
const size_t sig_len;
|
||||
|
||||
} Chall_context;
|
||||
|
||||
|
||||
typedef struct
|
||||
{
|
||||
//Use this struct to maintain uniformity between client and sever
|
||||
|
||||
const char * cli_ID;
|
||||
const uint8_t * NONCE;
|
||||
const uint8_t * sign;
|
||||
const size_t sig_len;
|
||||
} Resp_context;
|
||||
|
||||
|
||||
|
||||
#endif //DEFINE_HEADERS_SEEN
|
||||
//End of file
|
||||
|
||||
@@ -48,9 +48,13 @@ int main()
|
||||
exit(DIMAFAILURE);
|
||||
}
|
||||
|
||||
|
||||
/////////////////KEY gen protocol ends here
|
||||
/////////////////DID Priv key is purged/secure, other keys are available for use
|
||||
|
||||
/////////////////////DICE END//////////////////////////
|
||||
|
||||
|
||||
//////////////////////Now STAGE 2 protocols///////////////////
|
||||
//read verifier signing key
|
||||
//load connected nodes information
|
||||
@@ -127,6 +131,16 @@ int main()
|
||||
////////////// wait for conn init //////
|
||||
|
||||
|
||||
/*
|
||||
server : bind socket
|
||||
Client : load server info
|
||||
client : connect
|
||||
server : accept
|
||||
client : send CLI_ID
|
||||
server : recv, add cli_fd into appropriate Cli_info
|
||||
server : challengeCl()
|
||||
send
|
||||
*/
|
||||
|
||||
////////////// active clients /////////
|
||||
printf("client ID : %s\n", Cl_list[1].cli_ID);
|
||||
@@ -142,7 +156,7 @@ int main()
|
||||
uint8_t* sign = calloc(1,sizeof(uint8_t)*MBEDTLS_MPI_MAX_SIZE);//MBEDTLS_ECDSA_MAX_LEN);
|
||||
size_t signlen = 0;
|
||||
|
||||
ret = challenge( &pk_ctx, &Cl_list[1], sign, &signlen);
|
||||
ret = challengeCl( &pk_ctx, &Cl_list[1], sign, &signlen);
|
||||
/*
|
||||
if(DEBUG)
|
||||
{
|
||||
@@ -160,14 +174,25 @@ int main()
|
||||
}
|
||||
*/
|
||||
|
||||
//net send (Cl_list[1].NONCE);
|
||||
//net send (sign);
|
||||
/////////////////// client actions ////////////
|
||||
/*
|
||||
client : recv challenge
|
||||
store in chall/resp ctx?
|
||||
verf signature
|
||||
N = N+1?
|
||||
calloc sign
|
||||
responSer(priv key ctx, resp ctx, sign, signlen)
|
||||
send
|
||||
*/
|
||||
|
||||
//////////////////////////////////////////////////
|
||||
|
||||
//net recv (response)
|
||||
|
||||
//verify
|
||||
//ret = verify(&Cl_list[1], &response);
|
||||
|
||||
/* self verification */
|
||||
|
||||
mbedtls_pk_context pubk_ctx;
|
||||
mbedtls_pk_init( &pubk_ctx );
|
||||
@@ -180,7 +205,19 @@ int main()
|
||||
return DIMAPKFAILURE;
|
||||
}
|
||||
|
||||
ret = response( &pubk_ctx, &Cl_list[1], sign, signlen);
|
||||
/////////////////verification/////////////
|
||||
/*
|
||||
server : recv resp ctx
|
||||
verifycl(cli ctx, resp ctx, sign, siglen)
|
||||
send (ack)
|
||||
cli_inf set "verified"
|
||||
|
||||
client : free(), clear server info
|
||||
server : free(), clear client info
|
||||
*/
|
||||
|
||||
|
||||
ret = verifyCl( &pubk_ctx, &Cl_list[1], sign, signlen);
|
||||
if (ret < DIMASUCCESS)
|
||||
{
|
||||
perror("DIMAVERIFYFAILURE : could not verify client\n");
|
||||
|
||||
Reference in New Issue
Block a user