Implement trusted module secret relaying

author: Franklin Wei <me@fwei.tk> 2018-06-04 18:04:20 -0400
committer: Franklin Wei <me@fwei.tk> 2018-06-04 18:04:20 -0400
commit: 35d085feee188ef5b6910fe67222fb297c5c6ea6 (patch)
tree: abbd39ffb2f3092ead5be2e558df4913ba4cca9f /service_provider.c
parent: a4bee983312b69bb28bc57f3e7210f0e9b645930 (diff)
download: csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.zip
csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.gz
csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.bz2
csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.xz
1 files changed, 5 insertions, 5 deletions
diff --git a/service_provider.c b/service_provider.c
index a6c68c2..aaa58a1 100644
--- a/service_provider.c
+++ b/service_provider.c
@@ -8,9 +8,9 @@
 #include "trusted_module.h"
 
 struct file_version {
-    hash_t k; /* h(key, f_idx) */
-    hash_t l; /* h(encrypted contents, k) */
-    hash_t enc_key; /* XOR'd with h(k, module secret) */
+    hash_t kf; /* h(key, file_idx) */
+    hash_t l; /* h(h(file contents), kf) */
+    hash_t enc_key; /* XOR'd with h(kf, module secret) */
 
     struct tm_cert cert; /* VR certificate */
     hash_t cert_hmac;
@@ -26,8 +26,8 @@ struct file_record {
     struct iomt_node *acl;
     int acl_nodes;
 
-    struct tm_cert cert; /* FR cert */
-    hash_t cert_hmac;
+    struct tm_cert fr_cert; /* issued by module */
+    hash_t fr_hmac;
 
     struct file_version *versions;
     int n_versions;
author	Franklin Wei <me@fwei.tk>	2018-06-04 18:04:20 -0400
committer	Franklin Wei <me@fwei.tk>	2018-06-04 18:04:20 -0400
commit	35d085feee188ef5b6910fe67222fb297c5c6ea6 (patch)
tree	abbd39ffb2f3092ead5be2e558df4913ba4cca9f /service_provider.c
parent	a4bee983312b69bb28bc57f3e7210f0e9b645930 (diff)
download	csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.zip csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.gz csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.bz2 csaa-35d085feee188ef5b6910fe67222fb297c5c6ea6.tar.xz