aboutsummaryrefslogtreecommitdiff
path: root/helper.c
diff options
context:
space:
mode:
authorFranklin Wei <me@fwei.tk>2018-06-12 22:39:53 -0400
committerFranklin Wei <me@fwei.tk>2018-06-12 22:39:53 -0400
commit96f1240471dd75638f2a53b769a4a63e5e083b7e (patch)
tree5aefcfaaf3596033dfca8df745ce4fabab823748 /helper.c
parentcae99b638f54748e52a10ca613c1758c9646e2d0 (diff)
downloadcsaa-96f1240471dd75638f2a53b769a4a63e5e083b7e.zip
csaa-96f1240471dd75638f2a53b769a4a63e5e083b7e.tar.gz
csaa-96f1240471dd75638f2a53b769a4a63e5e083b7e.tar.bz2
csaa-96f1240471dd75638f2a53b769a4a63e5e083b7e.tar.xz
Various changes; also implement binary tree complement calculation
Diffstat (limited to 'helper.c')
-rw-r--r--helper.c63
1 files changed, 52 insertions, 11 deletions
diff --git a/helper.c b/helper.c
index 20b6ac9..6537c89 100644
--- a/helper.c
+++ b/helper.c
@@ -4,6 +4,8 @@
* certificates to function. This file provides various helper
* functions to handle the generation of these needed certificates. */
+#include <assert.h>
+
#include "crypto.h"
#include "trusted_module.h"
@@ -25,20 +27,59 @@ struct tm_cert cert_ru(struct trusted_module *tm,
}
struct tm_cert cert_rv(struct trusted_module *tm,
- const struct iomt_node *node,
- const hash_t *comp, const int *orders, size_t n,
- hash_t *hmac_out)
+ const struct iomt_node *node,
+ const hash_t *comp, const int *orders, size_t n,
+ hash_t *hmac_out)
{
hash_t nu_hmac;
struct tm_cert nu = tm_cert_node_update(tm,
- hash_node(node),
- hash_node(node),
- comp, orders, n,
- &nu_hmac);
+ hash_node(node),
+ hash_node(node),
+ comp, orders, n,
+ &nu_hmac);
return tm_cert_record_verify(tm,
- &nu, nu_hmac,
- node,
- hmac_out,
- 0, NULL, NULL);
+ &nu, nu_hmac,
+ node,
+ hmac_out,
+ 0, NULL, NULL);
+}
+
+/* generate an EQ certificate for inserting a placeholder with index
+ * a, given an encloser (which must actually enclose a) */
+struct tm_cert cert_eq(struct trusted_module *tm,
+ const struct iomt_node *encloser,
+ int a,
+ const hash_t *enc_comp, const int *enc_orders, size_t enc_n,
+ const hash_t *ins_comp, const int *ins_orders, size_t ins_n,
+ hash_t *hmac_out)
+{
+ assert(encloses(encloser->idx, encloser->next_idx, a));
+
+ struct iomt_node encloser_mod = *encloser;
+ encloser_mod.next_idx = a;
+
+ struct iomt_node insert;
+ insert.idx = a;
+ insert.next_idx = encloser->next_idx;
+ insert.val = hash_null;
+
+ hash_t h_enc = hash_node(encloser);
+ hash_t h_encmod = hash_node(&encloser_mod);
+
+ hash_t h_ins = hash_node(&insert);
+
+ /* we need two NU certificates */
+ hash_t nu1_hmac, nu2_hmac;
+
+ struct tm_cert nu1 = tm_cert_node_update(tm,
+ h_enc, h_encmod,
+ enc_comp, enc_orders, enc_n,
+ &nu1_hmac);
+
+ struct tm_cert nu2 = tm_cert_node_update(tm,
+ hash_null, h_ins,
+ ins_comp, ins_orders, ins_n,
+ &nu2_hmac);
+ return tm_cert_equiv(tm, &nu1, nu1_hmac, &nu2, nu2_hmac, encloser, a, hmac_out);
}