const char *system_get_version(enum system_image_copy_t copy) { uintptr_t addr; const struct version_struct *v; /* Handle version of current image */ if (copy == system_get_image_copy() || copy == SYSTEM_IMAGE_UNKNOWN) return &RO(version_data).version[0]; addr = get_base(copy); if (addr == 0xffffffff) return ""; /* The version string is always located after the reset vectors, so * it's the same as in the current image. */ addr += ((uintptr_t)&version_data - get_base(system_get_image_copy())); /* Make sure the version struct cookies match before returning the * version string. */ v = (const struct version_struct *)addr; if (v->cookie1 == RO(version_data).cookie1 && v->cookie2 == RO(version_data).cookie2) return v->version; return ""; }
// <loop> -> LOOP [ <expr> <RO> <expr> ] <block> APTNode* LOOP(void) { if (strcmp(currentTok.sym, "LOOPtk") == 0) { scanner(); if (strcmp(currentTok.sym, "LBRACKtk") == 0) { scanner(); APTNode* lExprNode = EXPR(); APTNode* roNode = RO(); APTNode* rExprNode = EXPR(); if (strcmp(currentTok.sym, "RBRACKtk") == 0) { scanner(); APTNode* blockNode = BLOCK(); APTNode* loopNode = createNonIdAPTNode("<LOOPtk>"); addChildNode(loopNode, lExprNode); addChildNode(loopNode, roNode); addChildNode(loopNode, rExprNode); addChildNode(loopNode, blockNode); return loopNode; } else errMsg("RBRACKtk"); } else errMsg("LBRACKtk"); } else errMsg("LOOPtk"); }
static void MuxDispatch_m(IDCServerStubs_clp self) { MuxServer_t *st = self->st; ShmConnection_t *conn = st->conn; word_t *id; /* If it's been smoked, then let dispatch return happily */ if(DCB_EPRW(RO(Pvs(vp)), conn->eps.tx)->state == Channel_State_Dead) return; while(conn->call < VP$Poll (Pvs(vp), conn->eps.rx)) { /* Unmarshall the binding id (first in the buf) */ id = conn->rxbuf.base; /* Frob the rxbuf so that the servers underneath us are happy. We will frob them back when we leave. */ conn->rxbuf.base += sizeof(*id); conn->rxsize -= sizeof(*id); conn->rxbuf.space = conn->rxsize; /* We hijack the rx event count as marker so that the ServerBinding knows it is being called from the muxed dispatcher (rather than via the while {..} in the Dispatch method of the stubs. */ conn->evs.rx = NULL_EVENT; TRC(eprintf("call=%x, rx ep is %x (current val is %x).\n", conn->call, conn->eps.rx, VP$Poll(Pvs(vp), conn->eps.rx))); if(*id >= st->nstubs) { eprintf("Critical Error: got binding_id as %d (nstubs is %d)!\n", *id, st->nstubs); ntsc_dbgstop(); } TRC(eprintf("=> server stubs are at %p\n", st->stubs[binding_id])); TRC(eprintf("=> op = %p, st = %p, op->Dispatch = %p\n", st->stubs[*id]->op, st->stubs[*id]->st, st->stubs[*id]->op->Dispatch)); IDCServerStubs$Dispatch(st->stubs[*id]); TRC(eprintf("done dispatch!\n")); /* Now we frob the rxbuf back again */ conn->rxbuf.base -= sizeof(*id); conn->rxsize += sizeof(*id); conn->rxbuf.space = conn->rxsize; } return; }
static Channel_Endpoint AllocChannel_m(VP_cl *self) { dcb_rw_t *rwp = RW(self); dcb_ro_t *rop = RO(self); ep_rw_t *eprw; Channel_EP ept; if ( !(eprw = rwp->free_eps) ) { #ifdef __SMP__ DB(eprintf("VP$AllocChannel: no end-points free in domain %qx\n", INFO_PAGE_PCPU(smp_cpuid()).dcb_ro->id)); #else DB(eprintf("VP$AllocChannel: no end-points free in domain %qx\n", rop->id)); #endif RAISE_Channel$NoSlots( rop->id ); } ept = eprw - rop->eprws; rwp->free_eps = (ep_rw_t *)eprw->ack; eprw->state = Channel_State_Local; eprw->ack = 0; return ept; }
static void FreeChannel_m(VP_cl *self, Channel_Endpoint ep ) { dcb_rw_t *rwp = RW(self); dcb_ro_t *rop = RO(self); ep_rw_t *eprw; ep_ro_t *epro; if ( ep >= rop->num_eps ) { DB(eprintf("VP$FreeChannel: invalid EP.\n")); RAISE_Channel$Invalid( ep ); } epro = DCB_EPRO(rop,ep); eprw = DCB_EPRW(rop,ep); if ( epro->peer_dcb != NULL || eprw->state == Channel_State_Free ) { DB(eprintf("VP$FreeChannel: Bad State.\n")); RAISE_Channel$BadState( ep, eprw->state ); } eprw->state = Channel_State_Free; eprw->ack = (word_t)(rwp->free_eps); rwp->free_eps = eprw; }
static bool_t NextEvent_m (VP_cl *self, /* RETURNS */ Channel_Endpoint *ep, Channel_EPType *type, Event_Val *val, Channel_State *state) { dcb_rw_t *rwp = RW(self); dcb_ro_t *rop = RO(self); ep_ro_t *epro; ep_rw_t *eprw; TRC (eprintf ("VP$NextEvent(dom=%lx): rop=%x rwp=%x head=%x tail=%x " "n=%x mask=%x\n", rop->id, rop, rwp, rwp->ep_head, rwp->ep_tail, rop->num_eps, rop->ep_mask)); if (EP_FIFO_EMPTY (rwp)) return False; /* Pull the first end-point out of the FIFO */ *ep = rop->ep_fifo [rwp->ep_tail & rop->ep_mask]; rwp->ep_tail++; /* Here, "ept" is to be returned. */ epro = rop->epros + *ep; eprw = rop->eprws + *ep; *type = epro->type; *val = epro->val; *state = eprw->state; TRC (eprintf ("VP$NextEvent(dom=%lx): rop=%x rwp=%x\n", rop, rwp)); return True; }
/* * local optimizations, most of which are probably * machine independent */ NODE * optim(NODE *p) { int o, ty; NODE *sp, *q; OFFSZ sz; int i; if (odebug) return(p); ty = coptype(p->n_op); if( ty == LTYPE ) return(p); if( ty == BITYPE ) p->n_right = optim(p->n_right); p->n_left = optim(p->n_left); /* collect constants */ again: o = p->n_op; switch(o){ case SCONV: if (concast(p->n_left, p->n_type)) { q = p->n_left; nfree(p); p = q; break; } /* FALLTHROUGH */ case PCONV: if (p->n_type != VOID) p = clocal(p); break; case FORTCALL: p->n_right = fortarg( p->n_right ); break; case ADDROF: if (LO(p) == TEMP) break; if( LO(p) != NAME ) cerror( "& error" ); if( !andable(p->n_left) && !statinit) break; LO(p) = ICON; setuleft: /* paint over the type of the left hand side with the type of the top */ p->n_left->n_type = p->n_type; p->n_left->n_df = p->n_df; p->n_left->n_ap = p->n_ap; q = p->n_left; nfree(p); p = q; break; case NOT: case UMINUS: case COMPL: if (LCON(p) && conval(p->n_left, o, p->n_left)) p = nfree(p); break; case UMUL: /* Do not discard ADDROF TEMP's */ if (LO(p) == ADDROF && LO(p->n_left) != TEMP) { q = p->n_left->n_left; nfree(p->n_left); nfree(p); p = q; break; } if( LO(p) != ICON ) break; LO(p) = NAME; goto setuleft; case RS: if (LCON(p) && RCON(p) && conval(p->n_left, o, p->n_right)) goto zapright; sz = tsize(p->n_type, p->n_df, p->n_ap); if (LO(p) == RS && RCON(p->n_left) && RCON(p) && (RV(p) + RV(p->n_left)) < sz) { /* two right-shift by constants */ RV(p) += RV(p->n_left); p->n_left = zapleft(p->n_left); } #if 0 else if (LO(p) == LS && RCON(p->n_left) && RCON(p)) { RV(p) -= RV(p->n_left); if (RV(p) < 0) o = p->n_op = LS, RV(p) = -RV(p); p->n_left = zapleft(p->n_left); } #endif if (RO(p) == ICON) { if (RV(p) < 0) { RV(p) = -RV(p); p->n_op = LS; goto again; } #ifdef notyet /* must check for side effects, --a >> 32; */ if (RV(p) >= tsize(p->n_type, p->n_df, p->n_sue) && ISUNSIGNED(p->n_type)) { /* ignore signed shifts */ /* too many shifts */ tfree(p->n_left); nfree(p->n_right); p->n_op = ICON; p->n_lval = 0; p->n_sp = NULL; } else #endif /* avoid larger shifts than type size */ if (RV(p) >= sz) { RV(p) = RV(p) % sz; werror("shift larger than type"); } if (RV(p) == 0) p = zapleft(p); } break; case LS: if (LCON(p) && RCON(p) && conval(p->n_left, o, p->n_right)) goto zapright; sz = tsize(p->n_type, p->n_df, p->n_ap); if (LO(p) == LS && RCON(p->n_left) && RCON(p)) { /* two left-shift by constants */ RV(p) += RV(p->n_left); p->n_left = zapleft(p->n_left); } #if 0 else if (LO(p) == RS && RCON(p->n_left) && RCON(p)) { RV(p) -= RV(p->n_left); p->n_left = zapleft(p->n_left); } #endif if (RO(p) == ICON) { if (RV(p) < 0) { RV(p) = -RV(p); p->n_op = RS; goto again; } #ifdef notyet /* must check for side effects */ if (RV(p) >= tsize(p->n_type, p->n_df, p->n_sue)) { /* too many shifts */ tfree(p->n_left); nfree(p->n_right); p->n_op = ICON; p->n_lval = 0; p->n_sp = NULL; } else #endif /* avoid larger shifts than type size */ if (RV(p) >= sz) { RV(p) = RV(p) % sz; werror("shift larger than type"); } if (RV(p) == 0) p = zapleft(p); } break; case MINUS: if (LCON(p) && RCON(p) && p->n_left->n_sp == p->n_right->n_sp) { /* link-time constants, but both are the same */ /* solve it now by forgetting the symbols */ p->n_left->n_sp = p->n_right->n_sp = NULL; } if( !nncon(p->n_right) ) break; RV(p) = -RV(p); o = p->n_op = PLUS; case MUL: /* * Check for u=(x-y)+z; where all vars are pointers to * the same struct. This has two advantages: * 1: avoid a mul+div * 2: even if not allowed, people may get surprised if this * calculation do not give correct result if using * unaligned structs. */ if (p->n_type == INTPTR && RCON(p) && LO(p) == DIV && RCON(p->n_left) && RV(p) == RV(p->n_left) && LO(p->n_left) == MINUS) { q = p->n_left->n_left; if (q->n_left->n_type == PTR+STRTY && q->n_right->n_type == PTR+STRTY && strmemb(q->n_left->n_ap) == strmemb(q->n_right->n_ap)) { p = zapleft(p); p = zapleft(p); } } /* FALLTHROUGH */ case PLUS: case AND: case OR: case ER: /* commutative ops; for now, just collect constants */ /* someday, do it right */ if( nncon(p->n_left) || ( LCON(p) && !RCON(p) ) ) SWAP( p->n_left, p->n_right ); /* make ops tower to the left, not the right */ if( RO(p) == o ){ NODE *t1, *t2, *t3; t1 = p->n_left; sp = p->n_right; t2 = sp->n_left; t3 = sp->n_right; /* now, put together again */ p->n_left = sp; sp->n_left = t1; sp->n_right = t2; sp->n_type = p->n_type; p->n_right = t3; } if(o == PLUS && LO(p) == MINUS && RCON(p) && RCON(p->n_left) && conval(p->n_right, MINUS, p->n_left->n_right)){ zapleft: q = p->n_left->n_left; nfree(p->n_left->n_right); nfree(p->n_left); p->n_left = q; } if( RCON(p) && LO(p)==o && RCON(p->n_left) && conval( p->n_right, o, p->n_left->n_right ) ){ goto zapleft; } else if( LCON(p) && RCON(p) && conval( p->n_left, o, p->n_right ) ){ zapright: nfree(p->n_right); q = makety(p->n_left, p->n_type, p->n_qual, p->n_df, p->n_ap); nfree(p); p = clocal(q); break; } /* change muls to shifts */ if( o == MUL && nncon(p->n_right) && (i=ispow2(RV(p)))>=0){ if( i == 0 ) { /* multiplication by 1 */ goto zapright; } o = p->n_op = LS; p->n_right->n_type = INT; p->n_right->n_df = NULL; RV(p) = i; } /* change +'s of negative consts back to - */ if( o==PLUS && nncon(p->n_right) && RV(p)<0 ){ RV(p) = -RV(p); o = p->n_op = MINUS; } /* remove ops with RHS 0 */ if ((o == PLUS || o == MINUS || o == OR || o == ER) && nncon(p->n_right) && RV(p) == 0) { goto zapright; } break; case DIV: if( nncon( p->n_right ) && p->n_right->n_lval == 1 ) goto zapright; if (LCON(p) && RCON(p) && conval(p->n_left, DIV, p->n_right)) goto zapright; if (RCON(p) && ISUNSIGNED(p->n_type) && (i=ispow2(RV(p))) > 0) { p->n_op = RS; RV(p) = i; q = p->n_right; if(tsize(q->n_type, q->n_df, q->n_ap) > SZINT) p->n_right = makety(q, INT, 0, 0, 0); break; } break; case MOD: if (RCON(p) && ISUNSIGNED(p->n_type) && ispow2(RV(p)) > 0) { p->n_op = AND; RV(p) = RV(p) -1; break; } break; case EQ: case NE: case LT: case LE: case GT: case GE: case ULT: case ULE: case UGT: case UGE: if( !LCON(p) ) break; /* exchange operands */ sp = p->n_left; p->n_left = p->n_right; p->n_right = sp; p->n_op = revrel[p->n_op - EQ ]; break; #ifdef notyet case ASSIGN: /* Simple test to avoid two branches */ if (RO(p) != NE) break; q = p->n_right; if (RCON(q) && RV(q) == 0 && LO(q) == AND && RCON(q->n_left) && (i = ispow2(RV(q->n_left))) && q->n_left->n_type == INT) { q->n_op = RS; RV(q) = i; } break; #endif } return(p); }
bool proofOfShuffle(proofStruct &pfStr, const Node &w, const Node &w_prime, const Node &mu, const Node &tau_pos, const Node &sigma_pos) { // Byte trees that will be used in this function Node u; IntLeaf A_prime; IntLeaf C_prime; IntLeaf D_prime; Node F_prime; Node B; Node B_prime; IntLeaf kA; IntLeaf kC; IntLeaf kD; Node kF; Node kB; Node kE; // Save p,q,g for convenience const IntLeaf &p = pfStr.Gq.getIntLeafChild(0); const IntLeaf &q = pfStr.Gq.getIntLeafChild(1); const IntLeaf &g = pfStr.Gq.getIntLeafChild(2); // Step 1 // a) assert that mu is array of Pdersen commitments in pfStr.Gq u = mu; // Loop through all children and make sure each one is // a Pedersen commitment in Gq for(unsigned int i=0; i < pfStr.N; ++i) { try { if(!isPedersenCommitment(pfStr.Gq, u.getIntLeafChild(i))) { // u is not a N-array of Pedersen Commitments return false; } } catch(...) { // u is not a N-array of Pedersen Commitments return false; } } // b) assert that tau_pos is a Node (B, A', B', C', D', F'), where // A',C',D' is in G_q, F' is in Cw and B and B' are arrays of N // elements in Gq try { A_prime = tau_pos.getIntLeafChild(1); C_prime = tau_pos.getIntLeafChild(3); D_prime = tau_pos.getIntLeafChild(4); if(!isElemOfGq(pfStr.Gq, A_prime)) { return false; } if(!isElemOfGq(pfStr.Gq, C_prime)) { return false; } if(!isElemOfGq(pfStr.Gq, D_prime)) { return false; } F_prime = tau_pos.getNodeChild(5); if(pfStr.width == 1) { Node u; Node v; u.addChild(F_prime.getIntLeafChild(0)); v.addChild(F_prime.getIntLeafChild(1)); Node uv; uv.addChild(u); uv.addChild(v); F_prime = uv; } if(!isElemOfCw(pfStr, F_prime)) { return false; } B = tau_pos.getNodeChild(0); B_prime = tau_pos.getNodeChild(2); for(unsigned int i=0; i<pfStr.N; ++i) { if(!isElemOfGq(pfStr.Gq, B.getIntLeafChild(i))) { return false; } if(!isElemOfGq(pfStr.Gq, B_prime.getIntLeafChild(i))) { return false; } } } catch(...) { // tau_pos could not be interpreted as needed return false; } // c) assert that sigma_pos is a Node (kA, kB, kC, kD, kE, kF), // where kA, kC, kD, kF is in Z_q, kB is an array of N elements in // Rw and kE is an array of N elements in G_q try { kA = sigma_pos.getIntLeafChild(0); kC = sigma_pos.getIntLeafChild(2); kD = sigma_pos.getIntLeafChild(3); if(pfStr.width == 1) { kF.addChild(sigma_pos.getNodeChild(5)); } else { kF = sigma_pos.getNodeChild(5); } kB = sigma_pos.getNodeChild(1); kE = sigma_pos.getNodeChild(4); if(!isElemOfZn(q, kA) || !isElemOfZn(q, kC) || !isElemOfZn(q, kD) || !isElemOfRw(pfStr, kF)) { return false; } for(unsigned int i=0; i<pfStr.N; ++i) { if(!isElemOfZn(q, kB.getIntLeafChild(i))) { return false; } if(!isElemOfZn(q, kE.getIntLeafChild(i))) { return false; } } } catch(...) { return false; } // Get random array h - (TODO: could be moved outside of ProofOfShuffle) DataLeaf generators = DataLeaf("generators"); bytevector seed_data = pfStr.rho; bytevector seed_data2 = generators.serialize(); seed_data.insert(seed_data.end(), seed_data2.begin(), seed_data2.end()); RO RO_seed = RO(pfStr.hash, pfStr.nH); IntLeaf s = RO_seed(seed_data); Node h = RandomArray(pfStr.Gq, pfStr.N, pfStr.hash, s.toVector(), pfStr.nR); print_debug("ProofOfShuffle: h", h.serializeString()); // Step 2, compute a seed by creating the node/array Node(g,h,u,pk,w,w') Node seed_gen; // TODO: Fix h-vector // Does not work with correct h-vector either seed_gen.addChild(g); seed_gen.addChild(h); seed_gen.addChild(u); seed_gen.addChild(pfStr.pk); seed_gen.addChild(w); seed_gen.addChild(w_prime); // Concatenate byte representation of rho with seed_gen bytevector gen = pfStr.rho; bytevector gen2 = seed_gen.serialize(); gen.insert(gen.end(), gen2.begin(), gen2.end()); print_debug("ProofOfShuffle: s_hash", gen); // Create a random oracle to be used to generate a seed, seedlen specified RO rs = RO(pfStr.hash, pfStr.nE); // Generate the seed IntLeaf seed = rs(gen); print_debug("ProofOfShuffle: s", seed.toVector()); // Step 3 - TODO: Runda upp nE/8 PRG prg = PRG(pfStr.hash, seed.serialize(), (pfStr.nE/8)*8); Node t; for(unsigned int i=0; i<pfStr.N; ++i) { t.addChild(prg.next()); } // e_i = t_i mod 2^(nE) IntLeaf exp(2); exp.expTo(pfStr.nE); Node e = t.mod(exp); // compute A and F IntLeaf A = u.expMultMod(e, p); Node F; { Node u = w.getNodeChild(0); Node v = w.getNodeChild(1); if(pfStr.width == 1) { F.addChild(u.expMultMod(e, p)); F.addChild(v.expMultMod(e, p)); } else { Node a, b; for(unsigned int i = 0; i < pfStr.width; i++) { a.addChild(u.getNodeChild(i).expMultMod(e, p)); b.addChild(v.getNodeChild(i).expMultMod(e, p)); } F.addChild(a); F.addChild(b); } } print_debug("ProofOfShuffle: A", A.serializeString()); print_debug("ProofOfShuffle: F", F.serializeString()); print_debug("ProofOfShuffle: B", B.serializeString()); print_debug("ProofOfShuffle: Ap", A_prime.serializeString()); print_debug("ProofOfShuffle: Bp", B_prime.serializeString()); print_debug("ProofOfShuffle: Cp", C_prime.serializeString()); print_debug("ProofOfShuffle: Dp", D_prime.serializeString()); print_debug("ProofOfShuffle: Fp", F_prime.serializeString()); // Step 4, compute a challenge // challenge_gen = Node(seed, tau_pos) Node challenge_gen; challenge_gen.addChild(seed); challenge_gen.addChild(tau_pos); // concatenate rho with the Node above gen = pfStr.rho; gen2 = challenge_gen.serialize(); gen.insert(gen.end(), gen2.begin(), gen2.end()); // create a challenge RO RO RO_challenge = RO(pfStr.hash, pfStr.nV); // use the seed above to generate v, interpret v as non-negative integer IntLeaf v = RO_challenge(gen); // Step 5 - Compute C, D and check that equalities hold as specified IntLeaf C = u.prodMod(p).multMod(h.prodMod(p).inverse(p), p); IntLeaf D = B.getIntLeafChild(pfStr.N - 1).multMod(h.getIntLeafChild(0).expMod(e.prodMod(p), p).inverse(p),p); print_debug("ProofOfShuffle: v", v.toVector()); print_debug("ProofOfShuffle: C", C.serializeString()); print_debug("ProofOfShuffle: D", D.serializeString()); print_debug("ProofOfShuffle: k_A", kA.serializeString()); print_debug("ProofOfShuffle: k_B", kB.serializeString()); print_debug("ProofOfShuffle: k_C", kC.serializeString()); print_debug("ProofOfShuffle: k_D", kD.serializeString()); print_debug("ProofOfShuffle: k_F", kF.serializeString()); // Check A^v * A' == g^kA * prod h_i^kE_i IntLeaf left = A.expMod(v, p).multMod(A_prime, p); IntLeaf right = g.expMod(kA, p).multMod(h.expMultMod(kE, p), p); if(A.expMod(v, p).multMod(A_prime, p) != g.expMod(kA, p).multMod(h.expMultMod(kE, p), p)) { return false; } // Check B_i^v * B'_i == g^kB_i * B_{i-1}^kE_i for i = 1,...,N-1 for(unsigned int i=1; i<pfStr.N; ++i) { if(B.getIntLeafChild(i).expMod(v, p).multMod(B_prime.getIntLeafChild(i), p) != g.expMod(kB.getIntLeafChild(i),p).multMod(B.getIntLeafChild(i-1).expMod(kE.getIntLeafChild(i),p), p)) { return false; } } // Handling case: B.getChild(i-1) = h_0, i.e i == 0 if(B.getIntLeafChild(0).expMod(v,p).multMod(B_prime.getIntLeafChild(0), p) != g.expMod(kB.getIntLeafChild(0),p).multMod(h.getIntLeafChild(0).expMod(kE.getIntLeafChild(0),p),p)) { return false; } // Check C^v * C' == g^kC if(C.expMod(v, p).multMod(C_prime,p) != g.expMod(kC, p)) { return false; } // Check D^v * D' == g^kD if(D.expMod(v, p).multMod(D_prime, p) != g.expMod(kD, p)) { return false; } // Check F^v * F' = Enc_pk(1, -kF)* prod (w'_i)^kE_i /*if(pfStr.width == 1) { }*/ //TODO: Fixa denna kodrad /*if(F.expMod(v, p) * F_prime != Enc(pfStr.pk, IntLeaf(1), -kF, p) * w_prime.expMultMod(kE, p)) { return false; }*/ // All equalities holds, return true return true; }
static IDCOffer_clp BinderOffer_m (VP_clp self) { return RO(self)->binder_offer; }