aboutsummaryrefslogtreecommitdiff
path: root/service_provider.c
diff options
context:
space:
mode:
Diffstat (limited to 'service_provider.c')
-rw-r--r--service_provider.c68
1 files changed, 67 insertions, 1 deletions
diff --git a/service_provider.c b/service_provider.c
index aaa58a1..4faf43f 100644
--- a/service_provider.c
+++ b/service_provider.c
@@ -2,8 +2,11 @@
* module */
#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
#include "crypto.h"
+#include "helper.h"
#include "service_provider.h"
#include "trusted_module.h"
@@ -53,7 +56,70 @@ struct service_provider *sp_new(const void *key, size_t keylen)
return sp;
}
-void sp_request(struct service_provider *sp, const struct user_request *req, hash_t hmac)
+struct tm_cert sp_request(struct service_provider *sp,
+ const struct user_request *req, hash_t req_hmac,
+ hash_t *hmac_out,
+ struct tm_cert *vr_out, hash_t *vr_hmac,
+ hash_t *ack_hmac)
{
+ /* see if module succeeds; if so, update the databases */
+ return tm_request(sp->tm, req, req_hmac, hmac_out, vr_out, vr_hmac, ack_hmac);
+}
+
+void check(int condition);
+void sp_test(void)
+{
+ struct service_provider *sp = sp_new("a", 1);
+ /* construct a request to create a file */
+ struct user_request req;
+ req.idx = 1;
+ req.user_id = 1;
+ req.type = ACL_UPDATE;
+ req.counter = 0;
+
+ struct iomt_node acl_node;
+ acl_node.idx = 1;
+ memset(&acl_node.val, 0, sizeof(acl_node.val));
+ acl_node.val.hash[0] = 3; /* full access */
+ acl_node.next_idx = 1;
+ req.val = merkle_compute(hash_node(&acl_node), NULL, NULL, 0);
+
+ struct iomt_node node;
+ node.idx = 1;
+ memset(node.val.hash, 0, 32);
+ node.next_idx = 1;
+
+ hash_t one;
+ memset(one.hash, 0, 32);
+ one.hash[0] = 1;
+
+ hash_t ru_hmac;
+
+ /* we need a RU certificate of the form [f, 0, root, 1, new root],
+ * which requires a NU certificate of the form [v, root, v', new
+ * root], where v=h(original IOMT node) and v'=h(new IOMT node) */
+ struct tm_cert ru = cert_ru(sp->tm, &node, one,
+ NULL, NULL, 0,
+ &ru_hmac,
+ 0, NULL, NULL);
+ printf("RU generation: ");
+ check(ru.type == RU &&
+ ru.ru.idx == 1 &&
+ hash_equals(ru.ru.orig_val, node.val) &&
+ hash_equals(ru.ru.new_val, one));
+
+ /* now create a request */
+ req.create.ru_cert = ru;
+ req.create.ru_hmac = ru_hmac;
+ hash_t req_hmac = hmac_sha256(&req, sizeof(req), "a", 1);
+ hash_t fr_hmac;
+ hash_t ack_hmac;
+
+ struct tm_cert fr_cert = sp_request(sp, &req, req_hmac, &fr_hmac, NULL, NULL, &ack_hmac);
+
+ printf("File creation: ");
+ check(fr_cert.type == FR &&
+ fr_cert.fr.counter == 1 &&
+ fr_cert.fr.version == 0);
}