Exemple #1
0
/* Verifies that a PolicyApproveMessage has been properly constructed.
 *
 * Arguments:
 *	su         = the suite that the insurer's public key was derived from.
 *      insuredKey = the public key of the insured or the client
 *      insurerKey = the public key of the insurer or "trustee"
 *
 * Returns:
 *	whether or not the message is valid.
 */
func (msg *PolicyApprovedMessage) verifyCertificate(su abstract.Suite,
	insuredKey abstract.Point) bool {

	set := anon.Set{msg.PubKey}
	_, err := anon.Verify(su, msg.Message, set, nil, msg.Signature)
	correctMsg := msg.PubKey.String() + " insures " + insuredKey.String()
	return err == nil && correctMsg == string(msg.Message)
}
Exemple #2
0
// verifyHost will anaylze the systempacket information and verify the signature
// It will return a ACK properly initialized with the right codes in it.
func verifyHost(pubKeyFile string) (net.Conn, Ack) {
	//  get the right public key
	pub, host, err := cliutils.ReadPubKey(suite, pubKeyFile)
	if err != nil {
		dbg.Fatal("Could not read the public key from the file:", err)
	}
	dbg.Lvl1("Public key file read")

	// Then get a connection
	conn, err := net.Dial("tcp", host)
	if err != nil {
		dbg.Fatal("Error when getting the connection to the host:", err)
	}

	dbg.Lvl1("Verifier connected to the host. Validation in progress...")
	// Get the system packet message
	var sys SystemPacket
	if err = suite.Read(conn, &sys); err != nil {
		dbg.Fatal("Error when reading the system packet message from host:", err)
	}
	// Get the signature length first
	var length int
	if err := suite.Read(conn, &length); err != nil {
		dbg.Fatal("Could not read length of the signature ...")
	}
	// Get the signature
	sig := make([]byte, length)
	if err := suite.Read(conn, &sig); err != nil {
		dbg.Fatal("Error reading the signature:", err)
	}

	// First, encode the sys packet
	var b bytes.Buffer
	if err := suite.Write(&b, sys); err != nil {
		dbg.Fatal("Error when encoding the syspacket to be verified:", err)
	}
	X := make([]abstract.Point, 1)
	X[0] = pub

	// Verify signature
	var ack Ack
	ack.Type = TYPE_SYS
	ack.Code = SYS_EXIT
	if _, err := anon.Verify(suite, b.Bytes(), anon.Set(X), nil, sig); err != nil {
		// Wrong signature
		ack.Code = SYS_WRONG_SIG
		dbg.Lvl1("WARNING: signature provided is wrong.")
	} else {
		// verfiy SystemPacket itself
		ack.Code = SYS_OK
		dbg.Lvl1("Host's signature verified and system seems healty. OK")
	}

	return conn, ack
}
Exemple #3
0
/* An internal helper function, verifies a signature is from a given insurer.
 *
 * Arguments
 *    i   = the index of the insurer in the insurers list
 *    sig = the signature object containing the signature
 *    msg = the message that was signed
 *
 * Return
 *   an error if the signature is malformed, nil otherwise.
 */
func (p *Deal) verifySignature(i int, sig *signature, msg []byte) error {
	if i < 0 || i >= p.n {
		return errors.New("Invalid index. Expected 0 <= i < n")
	}
	if sig.signature == nil {
		return errors.New("Nil signature")
	}
	set := anon.Set{p.insurers[i]}
	_, err := anon.Verify(sig.suite, msg, set, nil, sig.signature)
	return err
}
Exemple #4
0
func (s *shuffler) getSignOffs(state *stateVector) error {
	replies := make(chan *signature)
	for i := 1; i < s.N; i++ {
		go func(id int) {
			port := 8080 + (id % s.N)
			addr := fmt.Sprintf("localhost:%d", port)
			rwc, err := net.Dial("tcp", addr)
			if err != nil {
				replies <- nil
				return
			}
			defer rwc.Close()

			bc := &ByteConn{rwc, make([]byte, 1)}
			if err = protobuf.Write(bc, state); err != nil {
				replies <- nil
				return
			}
			rwc.(*net.TCPConn).CloseWrite()

			var sig signature
			if err = protobuf.Read(bc, &sig); err != nil {
				replies <- nil
				return
			}
			replies <- &sig
		}(i)
	}

	sigs := make([][]byte, s.N)
	sig, err := s.signStateVector(state)
	if err != nil {
		return err
	}
	sigs[0] = sig

	for i := 0; i < s.N-1; i++ {
		reply := <-replies
		if reply != nil {
			X := s.HH[reply.Id]
			bytes, _ := protobuf.Encode(state)
			_, err := anon.Verify(s.suite, bytes, anon.Set{X}, nil, reply.S)
			if err != nil {
				return err
			}
			sigs[reply.Id] = reply.S
		}
	}

	fmt.Println("Got all signatures.")
	return s.checkKeys(state.States[len(state.States)-1])
}