//Process S1 message
public CdgStatus ProcessS1Message(byte[] s1Msg)
{
//Convert S1 message from byte array into the compatible structure
object s1Message = new DataStructs.SIGMA_S1_MESSAGE();
Utils.ByteArrayToStructure(s1Msg, ref s1Message);
//Extract S1 message
DataStructs.SIGMA_S1_MESSAGE message = (DataStructs.SIGMA_S1_MESSAGE)s1Message;
Ga = message.Ga; //Prover's ephemeral DH public key
OCSPReq = message.OcspReq; //An (optional) OCSP Request from the prover
groupID = message.Gid; //platform EPID group ID
//Derive SK(Session Confidentiality Key: 128 bit), MK(Session Integrity Key: 128bit) and SMK(Session Message Key)
CdgStatus status = CryptoDataGenWrapper_1_1.DeriveSigmaKeys(Ga, Ga.Length, Gb, Gb.Length, Sk, Sk.Length, Mk, Mk.Length, SMK, SMK.Length);
return(status);
}
private CdgStatus ProcessS1Message(byte[] s1Msg)
{
// Convert S1 message from byte array into the compatible structure
object s1Message = new SigmaDataStructs.SigmaS1Message();
GeneralUtils.ByteArrayToStructure(s1Msg, ref s1Message);
// Extract S1 message
SigmaDataStructs.SigmaS1Message message = (SigmaDataStructs.SigmaS1Message)s1Message;
Ga = message.Ga; // Prover's ephemeral DH public key
OCSPReq = message.OcspReq; // An (optional) OCSP Request from the prover
epidGroupID = message.Gid; // Platform EPID group ID
// Derive SK (Session Confidentiality Key: 128 bit derived from SMK), MK(Session Integrity Key: 128bit derived from SMK) and SMK(Session Message Key)
byte[] Sk = new byte[SigmaDataStructs.SIGMA_SESSION_KEY_LEN];
byte[] Mk = new byte[SigmaDataStructs.SIGMA_MAC_KEY_LEN];
CdgStatus status = CryptoDataGenWrapper.DeriveSigmaKeys(Ga, Ga.Length, Gb, Gb.Length, Sk, Sk.Length, Mk, Mk.Length, SMK, SMK.Length);
return(status);
}
private bool validateSignature(byte[] adaptedMessage, byte[] signature)
{
//groupCert contains the SIGMA1_0 certificate for the specific EPID group ID
byte[] groupCert = Utils.GetSpecificEpidCertificate_SIGMA_1_0((uint)groupID);
//epidParamsCert contains the mathematic parameters
byte[] epidParamsCert = File.ReadAllBytes(DataStructs.DEBUG_SIGNED_BIN_PARAMS_CERT_FILE);
// taskInfoArray is a data structure defined in the DAL implementation. It is prepended to the message by DAL prior to signing,
// and so has to be prepened by us prior to verification
byte[] taskInfoArray = Utils.StructureToByteArray(DataStructs.GetTaskInfo());
byte[] infoNonceMessage = new byte[taskInfoArray.Length + adaptedMessage.Length]; //TaskInfo || Nonce || Message
taskInfoArray.CopyTo(infoNonceMessage, 0); //concatenate the info to infoNonceMessage
adaptedMessage.CopyTo(infoNonceMessage, taskInfoArray.Length); //concatenate the adapted message(including the nonce) to infoNonceMessage
//Verify the signature
//When we call the MessageVerifyPch function, we can send
//baseName - the basename that will be signed as part of the signature
//privateKeyRevList - list of the platforms that were revoked based on the platform’s private key
//SignatureRevList - list of the platforms that were revoked based on the signature generated by the platform
//GroupRevList - list of the EPID groups that were revoked based on the group public key
//as parameters.
CdgResult retStatus;
CdgStatus status = CryptoDataGenWrapper_1_1.MessageVerifyPch(groupCert, groupCert.Length, epidParamsCert, infoNonceMessage, infoNonceMessage.Length, null, 0, signature, signature.Length, out retStatus, null, null, null);
if (status != CdgStatus.CdgStsOk)
{
return(false);
}
else
if (retStatus != CdgResult.CdgValid)
{
return(false);
}
else
{
return(true);
}
}
public override void HandleClientCommunication(object client)
{
try
{
TcpClient tcpClient = (TcpClient)client;
Socket socket = tcpClient.Client;
isClientConnected = socket.Connected;
while (isClientConnected)
{
// Receive adapted message (message prepared for verification)
int dataSize = socket.ReceiveMessageAsInt();
byte[] adaptedMessage = socket.ReceiveMessage(dataSize);
// Receive signature
dataSize = socket.ReceiveMessageAsInt();
byte[] signature = socket.ReceiveMessage(dataSize);
// Receive EPID group ID
int groupID = socket.ReceiveMessageAsInt();
// groupCert contains the SIGMA 1.1 certificate for the specific EPID group ID
byte[] groupCert = SigmaUtils.GetSpecificEpidCertificate_SIGMA_1_0((uint)groupID);
// epidParamsCert contains the mathematic parameters
byte[] epidParamsCert = File.ReadAllBytes(EPIDDataStructs.DEBUG_SIGNED_BIN_PARAMS_CERT_FILE);
// taskInfoArray is a data structure defined in the DAL implementation.
// It is prepended to the message by DAL prior to signing,
// and so has to be prepended by us prior to verification
byte[] taskInfoArray = GeneralUtils.StructureToByteArray(EPIDDataStructs.GetTaskInfo());
byte[] infoNonceMessage = new byte[taskInfoArray.Length + adaptedMessage.Length]; //TaskInfo || Nonce || Message
// Concatenate the info to infoNonceMessage
taskInfoArray.CopyTo(infoNonceMessage, 0);
// Concatenate the adapted message(including the nonce) to infoNonceMessage
adaptedMessage.CopyTo(infoNonceMessage, taskInfoArray.Length);
// Verify the signature
// When we call the MessageVerifyPch function, we can send
// baseName - the basename that will be signed as part of the signature
// privateKeyRevList - a list of the platforms that were revoked based on the platform’s private key
// SignatureRevList - a list of the platforms that were revoked based on the signature generated by the platform
// GroupRevList - a list of the EPID groups that were revoked based on the group public key
// as parameters.
CdgResult retStatus;
CdgStatus status = CryptoDataGenWrapper.MessageVerifyPch(groupCert, groupCert.Length, epidParamsCert, infoNonceMessage, infoNonceMessage.Length, null, 0, signature, signature.Length, out retStatus, null, null, null);
int res = VERIFYNG_SUCCESS;
if (status != CdgStatus.CdgStsOk)
{
res = ERROR;
}
else if (retStatus != CdgResult.CdgValid)
{
res = VERIFYNG_FAILED;
}
// Send the signature verification result to the client
socket.SendInt(res);
}
Console.WriteLine("EPID Signing Sample Client disconnected.\n");
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
public void handleClientComm(object client)
{
try
{
TcpClient tcpClient = (TcpClient)client;
Socket socket = tcpClient.Client;
clientConnected = socket.Connected;
while (clientConnected)
{
byte[] dataSize = new byte[4];
int received, size, total, dataLeft;
//receive adapted message(message prepared for verification)
received = socket.Receive(dataSize, 0, 4, 0);
size = BitConverter.ToInt32(dataSize, 0);
total = 0;
dataLeft = size;
byte[] adaptedMessage = new byte[size];
while (total < size)
{
received = socket.Receive(adaptedMessage, total, dataLeft, 0);
if (received == 0)
{
break;
}
total += received;
dataLeft -= received;
}
//receive signature
received = socket.Receive(dataSize, 0, 4, 0);
size = BitConverter.ToInt32(dataSize, 0);
total = 0;
dataLeft = size;
byte[] signature = new byte[size];
while (total < size)
{
received = socket.Receive(signature, total, dataLeft, 0);
if (received == 0)
{
break;
}
total += received;
dataLeft -= received;
}
//receive EPID groupID
byte[] groupIDByteArray = new byte[4];
socket.Receive(groupIDByteArray, 0, 4, 0);
int groupID = Utils.ByteArrayToInt(groupIDByteArray);
//groupCert contains the SIGMA1_0 certificate for the specific EPID group ID
byte[] groupCert = Utils.GetSpecificEpidCertificate_SIGMA_1_0((uint)groupID);
//epidParamsCert contains the mathematic parameters
byte[] epidParamsCert = File.ReadAllBytes(DataStructs.DEBUG_SIGNED_BIN_PARAMS_CERT_FILE);
// taskInfoArray is a data structure defined in the DAL implementation. It is prepended to the message by DAL prior to signing,
// and so has to be prepended by us prior to verification
byte[] taskInfoArray = Utils.StructureToByteArray(DataStructs.GetTaskInfo());
byte[] infoNonceMessage = new byte[taskInfoArray.Length + adaptedMessage.Length]; //TaskInfo || Nonce || Message
taskInfoArray.CopyTo(infoNonceMessage, 0); //concatenate the info to infoNonceMessage
adaptedMessage.CopyTo(infoNonceMessage, taskInfoArray.Length); //concatenate the adapted message(including the nonce) to infoNonceMessage
//Verify the signature
//When we call the MessageVerifyPch function, we can send
//baseName - the basename that will be signed as part of the signature
//privateKeyRevList - list of the platforms that were revoked based on the platform’s private key
//SignatureRevList - list of the platforms that were revoked based on the signature generated by the platform
//GroupRevList - list of the EPID groups that were revoked based on the group public key
//as parameters.
CdgResult retStatus;
CdgStatus status = CryptoDataGenWrapper_1_1.MessageVerifyPch(groupCert, groupCert.Length, epidParamsCert, infoNonceMessage, infoNonceMessage.Length, null, 0, signature, signature.Length, out retStatus, null, null, null);
int res;
if (status != CdgStatus.CdgStsOk)
{
res = ERROR;
}
else
if (retStatus != CdgResult.CdgValid)
{
res = VERIFYNG_FAILED;
}
else
{
res = VERIFYNG_SUCCESS;
}
byte[] result = new byte[4];
result = BitConverter.GetBytes(res);
//Send the signature verification result to the client
socket.Send(result);
}
Console.WriteLine("EPID Signing Sample Client disconnected.\n");
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
public void handleClientComm(object client)
{
try
{
TcpClient tcpClient = (TcpClient)client;
Socket socket = tcpClient.Client;
clientConnected = socket.Connected;
byte[] statusByte = new byte[DataStructs.INT_SIZE];
while (clientConnected)
{
//Receive S1 message from client
byte[] s1Msg = new byte[S1_MSG_LEN];
socket.Receive(s1Msg, 0, S1_MSG_LEN, 0);
//Process S1 message
CdgStatus status = ProcessS1Message(s1Msg);
//If S1 message processing succeeded
if (status == CdgStatus.CdgStsOk)
{
socket.Send(BitConverter.GetBytes(STATUS_SUCCEEDED));
//Get S2 Message
byte[] s2Message;
if (GetS2Message(out s2Message))
{
socket.Send(BitConverter.GetBytes(STATUS_SUCCEEDED));
//Send the S2 message to the client
int total = 0;
int size = s2Message.Length;
int dataleft = size;
int sent;
byte[] datasize = new byte[DataStructs.INT_SIZE];
datasize = BitConverter.GetBytes(size);
sent = socket.Send(datasize);
while (total < size)
{
sent = socket.Send(s2Message, total, dataleft, SocketFlags.None);
total += sent;
dataleft -= sent;
}
//Receive S3 message length from client
byte[] s3MsgLen = new byte[DataStructs.INT_SIZE];
socket.Receive(s3MsgLen, 0, DataStructs.INT_SIZE, 0);
int s3MessageLen = Utils.ByteArrayToInt(s3MsgLen);
//Receive S3 message from client
byte[] s3Msg = new byte[s3MessageLen];
int bytesNeeded = s3MessageLen;
int bytesReceived = 0;
while (bytesNeeded > 0)
{
bytesReceived = socket.Receive(s3Msg, s3MessageLen - bytesNeeded, bytesNeeded, 0);
bytesNeeded -= bytesReceived;
}
//Send S3 verification status to client
if (VerifyS3Message(s3Msg))
{
socket.Send(BitConverter.GetBytes(STATUS_SUCCEEDED));
return;
}
else
{
socket.Send(BitConverter.GetBytes(STATUS_FAILED));
}
}
else
{
socket.Send(BitConverter.GetBytes(STATUS_FAILED));
}
}
else
{
socket.Send(BitConverter.GetBytes(STATUS_FAILED));
}
}
Console.WriteLine("Protected Output Sample Client disconnected.\n");
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
