int user_addr_store(void * sub_proc,void * message)
{
int ret;
struct user_address * user_addr;
MSG_EXPAND * expand;
struct expand_flow_trace * flow_trace;
struct login_info * login_data;
DB_RECORD * db_record;
int trace_offset;
ret=message_get_record(message,&login_data,0);
if(ret<0)
return ret;
ret=message_get_define_expand(message,&expand,DTYPE_MSG_EXPAND,SUBTYPE_FLOW_TRACE);
if(ret<0)
return ret;
if(expand==NULL)
return -EINVAL;
flow_trace=expand->expand;
if(flow_trace->record_num<=0)
return -EINVAL;
trace_offset=DIGEST_SIZE*(flow_trace->record_num-1);
db_record=memdb_find_byname(login_data->user,DTYPE_CRYPTO_DEMO,SUBTYPE_USER_ADDR);
if(db_record!=NULL)
{
user_addr=(struct user_address *)db_record->record;
if(Memcmp(user_addr->addr,flow_trace->trace_record+trace_offset,DIGEST_SIZE)==0)
return 0;
memdb_remove_record(db_record);
}
user_addr=Talloc0(sizeof(struct user_address));
if(user_addr==NULL)
return -ENOMEM;
Strncpy(user_addr->user,login_data->user,DIGEST_SIZE);
Memcpy(user_addr->addr,flow_trace->trace_record+trace_offset,DIGEST_SIZE);
memdb_store(user_addr,DTYPE_CRYPTO_DEMO,SUBTYPE_USER_ADDR,login_data->user);
return 1;
}
int proc_tcm_makeidentity(void * sub_proc,void * recv_msg)
{
int ret=0;
int fd;
BYTE local_uuid[DIGEST_SIZE];
BYTE Buf[DIGEST_SIZE*32];
BYTE NameBuf[DIGEST_SIZE*4];
UINT32 result;
RECORD(TCM_PIK_DESC,USERINFO) * pik_userinfo;
RECORD(MESSAGE,SIZED_BINDATA) req_blob;
RECORD(VTCM_IN_KEY,TCM_BIN_KEY) tcm_pik;
RECORD(VTCM_IN_KEY,TCM_BIN_PUBKEY) tcm_pikpub;
RECORD(TCM_KEY_MANAGE,PRIVATE_KEY) tcm_pik_info;
void * new_msg;
int key_len;
void * tcm_key_template;
UINT32 smkHandle;
UINT32 ownerHandle;
UINT32 keyHandle;
UINT32 keyAuthHandle;
char uuid[DIGEST_SIZE*2+1];
DB_RECORD * db_record;
printf("begin pik makeidentity!\n");
// get pik_userinfo from message
ret=message_get_record(recv_msg,&pik_userinfo,0);
if(ret<0)
return -EINVAL;
if(pik_userinfo==NULL)
return -EINVAL;
// get this node's machine uuid
ret=proc_share_data_getvalue("uuid",pik_userinfo->node_uuid);
if(ret<0)
return ret;
// get this node's hostname
ret=gethostname(pik_userinfo->node_name,DIGEST_SIZE);
if(ret!=0)
Memset(pik_userinfo->node_name,0,DIGEST_SIZE);
// build tcm session
ret=TCM_APCreate(TCM_ET_OWNER, NULL, "ooo", &ownerHandle);
printf("ownerHandle is : %x\n",ownerHandle);
if(ret<0)
{
print_cubeerr("TCM_APCreate failed!\n");
return -EINVAL;
}
ret=TCM_APCreate(TCM_ET_SMK, NULL, "sss", &smkHandle);
printf("smkHandle is : %x\n",smkHandle);
if(ret<0)
{
printf("TCM_APCreate failed!\n");
return -EINVAL;
}
int userinfolen;
BYTE * req;
int reqlen;
// get userinfo blob
tcm_key_template=memdb_get_template(TYPE_PAIR(TCM_PIK_DESC,USERINFO));
if(tcm_key_template==NULL)
return -EINVAL;
userinfolen=struct_2_blob(pik_userinfo,Buf,tcm_key_template);
if(userinfolen<0)
return userinfolen;
db_record=memdb_store(pik_userinfo,TYPE_PAIR(TCM_PIK_DESC,USERINFO),NULL);
if(db_record==NULL)
return -EINVAL;
// do makeidentity
ret = TCM_MakeIdentity(ownerHandle, smkHandle,
userinfolen,Buf,"kkk",
&tcm_pik, &req, &reqlen);
if(ret<0)
{
print_cubeerr("TCM_MakeIdentity failed!\n");
return -EINVAL;
}
// build an expand message record for req data
req_blob.size=reqlen;
req_blob.bindata=req;
// terminate session
ret=TCM_APTerminate(ownerHandle);
if(ret<0)
{
print_cubeerr("TCM_APTerminate failed!\n");
return -EINVAL;
}
ret=TCM_APTerminate(smkHandle);
if(ret<0)
{
print_cubeerr("TCM_APTerminate failed!\n");
return -EINVAL;
}
// generate TCM pik info ,left pubkey_uuid for fill
tcm_key_template=memdb_get_template(TYPE_PAIR(VTCM_IN_KEY,TCM_BIN_KEY));
if(tcm_key_template==NULL)
return -EINVAL;
key_len=struct_2_blob(&tcm_pik,Buf,tcm_key_template);
if(key_len<0)
return key_len;
Memset(&tcm_pik_info,0,sizeof(tcm_pik_info));
calculate_context_sm3(Buf,key_len,tcm_pik_info.uuid);
Memcpy(tcm_pik_info.vtcm_uuid,local_uuid,DIGEST_SIZE);
tcm_pik_info.issmkwrapped=1;
tcm_pik_info.key_usage=TCM_KEY_IDENTITY;
tcm_pik_info.key_flags=TCM_ISVOLATILE|TCM_PCRIGNOREDONREAD;
// store pik file
digest_to_uuid(tcm_pik_info.uuid,uuid);
uuid[DIGEST_SIZE*2]=0;
printf("get pik's uuid is %s!\n",uuid);
Strcpy(NameBuf,"tcmkey/");
Strcat(NameBuf,uuid);
fd=open(NameBuf,O_CREAT|O_WRONLY,0666);
if(fd<0)
return fd;
write(fd,Buf,key_len);
close(fd);
// Get pikpub from pik
//
ret=TCM_ExGetPubkeyFromTcmkey(&tcm_pikpub,&tcm_pik);
if(ret!=0)
{
print_cubeerr("Get Pubpik failed!\n");
return -EINVAL;
}
tcm_key_template=memdb_get_template(TYPE_PAIR(VTCM_IN_KEY,TCM_BIN_PUBKEY));
if(tcm_key_template==NULL)
return -EINVAL;
key_len=struct_2_blob(&tcm_pikpub,Buf,tcm_key_template);
if(key_len<0)
return key_len;
calculate_context_sm3(Buf,key_len,tcm_pik_info.pubkey_uuid);
db_record=memdb_store(&tcm_pik_info,TYPE_PAIR(TCM_KEY_MANAGE,PRIVATE_KEY),NULL);
// build a message and send it
new_msg=message_create(TYPE_PAIR(TCM_PIK_DESC,USERINFO),recv_msg);
if(new_msg==NULL)
return -EINVAL;
ret=message_add_record(new_msg,pik_userinfo);
if(ret<0)
return ret;
ret=message_add_expand_data(new_msg,TYPE_PAIR(MESSAGE,SIZED_BINDATA),&req_blob);
if(ret<0)
return -EINVAL;
ret=message_add_expand_data(new_msg,TYPE_PAIR(VTCM_IN_KEY,TCM_BIN_PUBKEY),&tcm_pikpub);
if(ret<0)
return -EINVAL;
ret=ex_module_sendmsg(sub_proc,new_msg);
return ret;
}
int proc_symmkey_gen(void * sub_proc,void * recv_msg)
{
int ret=0;
int i=0;
struct trust_encdata_info * encdatainfo;
struct vTPM_wrappedkey * key_struct;
void * send_msg;
TSS_HKEY hEnckey;
BYTE uuid[DIGEST_SIZE];
DB_RECORD * keyinfo_record;
DB_RECORD * key_record;
BYTE EncData[DIGEST_SIZE];
BYTE uuidstr[DIGEST_SIZE*2];
char filename[DIGEST_SIZE*4];
char buffer[DIGEST_SIZE*8];
// get message
ret=message_get_record(recv_msg,&key_struct,0);
if(key_struct==NULL)
return -EINVAL;
encdatainfo=Calloc(sizeof(*encdatainfo));
if(encdatainfo==NULL)
return -ENOMEM;
key_record=memdb_find_first(DTYPE_TESI_KEY_STRUCT,SUBTYPE_WRAPPED_KEY,"uuid",key_struct->uuid);
if(key_record==NULL)
return -EINVAL;
hEnckey=key_record->tail;
TESI_Local_GetRandom(EncData,DIGEST_SIZE);
int fd=open("encdata/tempkey.dat",O_RDWR|O_CREAT|O_TRUNC,0666);
if(fd<0)
return -EINVAL;
write(fd,EncData,DIGEST_SIZE);
close(fd);
TESI_Local_Bind("encdata/tempkey.dat",hEnckey,"encdata/symmkey.dat");
convert_uuidname("encdata/symmkey",".dat",encdatainfo->uuid,filename);
Memcpy(encdatainfo->vtpm_uuid,key_struct->vtpm_uuid,DIGEST_SIZE);
Memcpy(encdatainfo->enckey_uuid,key_struct->uuid,DIGEST_SIZE);
getcwd(buffer,DIGEST_SIZE*5-6);
Strcat(buffer,"/");
Strcat(buffer,filename);
encdatainfo->filename=dup_str(buffer,DIGEST_SIZE*7);
send_msg=message_create(DTYPE_TRUST_DEMO,SUBTYPE_ENCDATA_INFO,recv_msg);
if(send_msg==NULL)
return -EINVAL;
message_add_record(send_msg,encdatainfo);
memdb_store(encdatainfo,DTYPE_TRUST_DEMO,SUBTYPE_ENCDATA_INFO,NULL);
ex_module_sendmsg(sub_proc,send_msg);
ex_module_sendmsg(sub_proc,recv_msg);
return ret;
}
int proc_key_recover(void * sub_proc,void * recv_msg)
{
int ret;
DB_RECORD * record;
struct trust_filecrypt_info * filecrypt_info;
struct trust_filecrypt_info * decrypt_info;
struct trust_encdata_info * encdata_info;
struct vTPM_wrappedkey * key_struct;
void * send_msg;
struct types_pair * types;
ret=message_get_record(recv_msg,&filecrypt_info,0);
if(filecrypt_info==NULL)
return -EINVAL;
if(!Isemptyuuid(filecrypt_info->encdata_uuid))
{
memdb_store(filecrypt_info,DTYPE_TRUST_DEMO,SUBTYPE_FILECRYPT_INFO,NULL);
send_msg=message_create(DTYPE_MESSAGE,SUBTYPE_TYPES,NULL);
if(send_msg==NULL)
return -EINVAL;
types=Talloc(sizeof(*types));
if(types==NULL)
return -EINVAL;
types->type=DTYPE_TRUST_DEMO;
types->subtype=SUBTYPE_FILECRYPT_INFO;
message_add_record(send_msg,types);
ex_module_sendmsg(sub_proc,send_msg);
}
else if(!Isemptyuuid(filecrypt_info->cipher_uuid))
{
record=memdb_find_first(DTYPE_TRUST_DEMO,SUBTYPE_FILECRYPT_INFO,"cipher_uuid",filecrypt_info->cipher_uuid);
if(record==NULL)
return -EINVAL;
decrypt_info=record->record;
record=memdb_find_first(DTYPE_TRUST_DEMO,SUBTYPE_ENCDATA_INFO,"uuid",decrypt_info->encdata_uuid);
if(record==NULL)
return -EINVAL;
encdata_info=record->record;
record=memdb_find_first(DTYPE_TESI_KEY_STRUCT,SUBTYPE_WRAPPED_KEY,"uuid",encdata_info->enckey_uuid);
if(record==NULL)
return -EINVAL;
key_struct=record->record;
// send_msg=message_create(DTYPE_TRUST_DEMO,SUBTYPE_FILECRYPT_INFO,recv_msg);
// if(send_msg==NULL)
// return -EINVAL;
// message_add_record(send_msg,decrypt_info);
// ex_module_sendmsg(sub_proc,send_msg);
send_msg=message_create(DTYPE_TRUST_DEMO,SUBTYPE_ENCDATA_INFO,recv_msg);
if(send_msg==NULL)
return -EINVAL;
message_add_record(send_msg,encdata_info);
ex_module_sendmsg(sub_proc,send_msg);
send_msg=message_create(DTYPE_TESI_KEY_STRUCT,SUBTYPE_WRAPPED_KEY,recv_msg);
if(send_msg==NULL)
return -EINVAL;
message_add_record(send_msg,key_struct);
ex_module_sendmsg(sub_proc,send_msg);
}
return 0;
}
int proc_key_store(void * sub_proc,void * sock)
{
int ret=0;
BYTE uuid[DIGEST_SIZE];
struct vTPM_wrappedkey * key_record;
struct vTPM_wrappedkey * pubkey_record;
struct trust_demo_keyinfo * keyinfo;
struct trust_demo_keyinfo * pubkeyinfo;
void * send_msg;
void * recv_msg;
struct types_pair * types;
// get keyinfo record
keyinfo= slot_sock_removerecord(sock,DTYPE_TRUST_DEMO,SUBTYPE_KEY_INFO);
if(keyinfo==NULL)
return -EINVAL;
// get WEAPPED_KEY message
recv_msg=slot_sock_removemessage(sock,DTYPE_TESI_KEY_STRUCT,SUBTYPE_WRAPPED_KEY);
if(recv_msg==NULL)
return -EINVAL;
ret=message_get_record(recv_msg,&key_record,0);
if(key_record==NULL)
return -EINVAL;
Memcpy(keyinfo->uuid,key_record->uuid,DIGEST_SIZE);
memdb_store(keyinfo,DTYPE_TRUST_DEMO,SUBTYPE_KEY_INFO,NULL);
//memdb_store(key_record,DTYPE_TESI_KEY_STRUCT,SUBTYPE_WRAPPED_KEY,NULL);
send_msg=message_create(DTYPE_TESI_KEY_STRUCT,SUBTYPE_WRAPPED_KEY,recv_msg);
if(send_msg==NULL)
return -EINVAL;
message_add_record(send_msg,key_record);
ex_module_sendmsg(sub_proc,send_msg);
// get PUBLIC_KEY message
recv_msg=slot_sock_removemessage(sock,DTYPE_TESI_KEY_STRUCT,SUBTYPE_PUBLIC_KEY);
if(recv_msg==NULL)
return -EINVAL;
ret=message_get_record(recv_msg,&pubkey_record,0);
if(pubkey_record==NULL)
return -EINVAL;
send_msg=message_create(DTYPE_TESI_KEY_STRUCT,SUBTYPE_PUBLIC_KEY,recv_msg);
if(send_msg==NULL)
return -EINVAL;
message_add_record(send_msg,pubkey_record);
ex_module_sendmsg(sub_proc,send_msg);
// build a public key_info struct
/*
Memcpy(pubkeyinfo,keyinfo,sizeof(*pubkey_info));
Memcpy(pubkeyinfo->uuid,pubkey_record->uuid,DIGEST_SIZE);
keyinfo->ispubkey=1;
send_msg=message_create(DTYPE_TRUST_DEMO,SUBTYPE_KEY_INFO,NULL);
if(send_msg==NULL)
return -EINVAL;
message_add_record(send_msg,keyinfo);
ex_module_sendmsg(sub_proc,send_msg);
*/
send_msg=message_create(DTYPE_MESSAGE,SUBTYPE_TYPES,NULL);
if(send_msg==NULL)
return -EINVAL;
types=Talloc(sizeof(*types));
if(types==NULL)
return -EINVAL;
types->type=DTYPE_TRUST_DEMO;
types->subtype=SUBTYPE_KEY_INFO;
message_add_record(send_msg,types);
types=Talloc(sizeof(*types));
if(types==NULL)
return -EINVAL;
types->type=DTYPE_TESI_KEY_STRUCT;
types->subtype=SUBTYPE_WRAPPED_KEY;
message_add_record(send_msg,types);
types=Talloc(sizeof(*types));
if(types==NULL)
return -EINVAL;
types->type=DTYPE_TESI_KEY_STRUCT;
types->subtype=SUBTYPE_PUBLIC_KEY;
message_add_record(send_msg,types);
types=Talloc(sizeof(*types));
if(types==NULL)
return -EINVAL;
types->type=DTYPE_TRUST_DEMO;
types->subtype=SUBTYPE_ENCDATA_INFO;
message_add_record(send_msg,types);
ex_module_sendmsg(sub_proc,send_msg);
return 0;
}
int read_typelist_json_desc(void * root,void * record)
{
int ret;
struct struct_namelist * namelist;
struct struct_namelist * baselist;
struct struct_typelist * typelist;
struct struct_typelist * basetypelist;
int * temp_node;
void * namelist_template;
void * typelist_template;
DB_RECORD * db_record=record;
DB_RECORD * namelist_record;
ret=Galloc0(&typelist,sizeof(struct struct_typelist));
if(ret<0)
return ret;
if(db_record->head.type!=DB_TYPELIST)
return -EINVAL;
// store the namelist (if exists) and compute the uuid
temp_node=json_find_elem("uuid",root);
if(temp_node == NULL)
{
// this typelist use namelist describe,
// we should finish namelist store first
ret=Galloc0(&namelist_record,sizeof(DB_RECORD));
if(ret<0)
return ret;
namelist_record->head.type=DB_NAMELIST;
ret=read_namelist_json_desc(root,namelist_record);
if(ret<0)
return ret;
Memcpy(typelist->uuid,namelist_record->head.uuid,DIGEST_SIZE);
namelist=namelist_record->record;
typelist->elem_no=namelist->elem_no;
}
else
{
typelist_template=memdb_get_template(DB_TYPELIST,0);
if(typelist_template==NULL)
return -EINVAL;
ret=json_2_struct(root,typelist,typelist_template);
namelist_record=memdb_find(typelist->uuid,DB_NAMELIST,0);
if(namelist_record==NULL)
return -EINVAL;
namelist=namelist_record->record;
if(typelist->elem_no==0)
typelist->elem_no=namelist->elem_no;
}
db_record->record=typelist;
ret=memdb_store_record(db_record);
// merge the typelist
namelist_record=memdb_find_byname("typeenumlist",DB_NAMELIST,0);
if(namelist_record==NULL)
return -EINVAL;
baselist=_merge_namelist(namelist_record->record,db_record->tail);
if(baselist==NULL)
return -EINVAL;
ret=memdb_remove_byname("typeenumlist",DB_NAMELIST,0);
if(ret<0)
return -EINVAL;
memdb_store(baselist,DB_NAMELIST,0,"typeenumlist");
typeenumlist=baselist;
return ret;
}