-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathevidence_record.lua
513 lines (439 loc) · 16.4 KB
/
evidence_record.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
--[[
MIT License
Copyright (c) 2024 Florian Fischer
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
]]--
-- Evidence Record Implementation nach RFC4998
local EvidenceRecord = {
_NAME = "Evidence Record Library",
_VERSION = "1.0.0", -- Following semantic versioning: MAJOR.MINOR.PATCH
_AUTHOR = "Florian Fischer"
}
-- Return version string
function EvidenceRecord.version()
return EvidenceRecord._NAME .. " " .. EvidenceRecord._VERSION .. " (c)'2024, " .. EvidenceRecord._AUTHOR
end
local withBracket = true
-- Hilfsfunktion zum Hashen von zwei Werten
local function hashPair(left, right, writeBrackets)
-- Make sure we're working with the hash values, not node objects
local leftHash = type(left) == "table" and left.hash or left
local rightHash = type(right) == "table" and right.hash or right
-- In einer echten Implementierung würde hier ein kryptographischer Hash verwendet
-- Für dieses Beispiel konkatenieren wir einfach die Werte
if rightHash and writeBrackets and withBracket then
return "(" .. leftHash .. ") + (" .. rightHash .. ")"
elseif rightHash then
return leftHash .. "+" .. rightHash
else
return leftHash
end
end
-- Erstellt einen Merkle-Hashbaum aus einer Liste von Hashwerten
function EvidenceRecord.createHashtree(hashValues)
local tree = {
nodes = {},
levels = {},
root = nil
}
-- Erste Ebene mit den Eingabe-Hashwerten
tree.levels[1] = {}
for i, hash in ipairs(hashValues) do
local node = {
hash = hash,
left = nil,
right = nil,
parent = nil,
level = 1,
isLeaf = true,
leafPosition = i % 2 == 1 and "left" or "right"
}
table.insert(tree.nodes, node)
table.insert(tree.levels[1], node)
end
-- Baum aufbauen
local currentLevel = 1
while #tree.levels[currentLevel] > 1 do
local nextLevel = currentLevel + 1
tree.levels[nextLevel] = {}
for i = 1, #tree.levels[currentLevel], 2 do
local left = tree.levels[currentLevel][i]
local right = tree.levels[currentLevel][i + 1]
local parentHash
if right then
parentHash = hashPair(left.hash, right.hash)
else
parentHash = left.hash -- Einzelner Knoten wird nach oben durchgereicht
end
local parent = {
hash = parentHash,
left = left,
right = right,
parent = nil,
level = nextLevel,
isLeaf = false
}
left.parent = parent
if right then
right.parent = parent
end
table.insert(tree.nodes, parent)
table.insert(tree.levels[nextLevel], parent)
end
currentLevel = nextLevel
end
tree.root = tree.levels[#tree.levels][1]
return tree
end
-- Erstellt einen abstrakten Zeitstempel für einen Hashwert
function EvidenceRecord.createTimestamp(hash, timeStampHashAlgorithm)
return {
hash = hash,
time = os.time(),
algorithm = timeStampHashAlgorithm, -- "SHA256" - Beispiel-Algorithmus
}
end
-- Reduziert einen Hashbaum zu einem Archival Data Object (ADO)
function EvidenceRecord.reduceTree(tree, targetHash)
local path = {}
local current = nil
-- Finde den Knoten mit dem Zielhash
for _, node in ipairs(tree.nodes) do
if node.hash == targetHash then
current = node
break
end
end
if not current then
return nil
end
-- Reduzierter Baum als neue Struktur
local reducedTree = {
hash = current.hash,
left = nil,
right = nil,
isLeaf = current.isLeaf,
leafPosition = current.leafPosition
}
local currentReduced = reducedTree
current = current.parent
-- Pfad zur Wurzel aufbauen
while current do
local newNode = {
hash = current.hash,
left = nil,
right = nil,
isLeaf = false
}
if current.left and current.left.hash == currentReduced.hash then
newNode.left = currentReduced
if current.right then
newNode.right = {
hash = current.right.hash,
isLeaf = current.right.isLeaf,
leafPosition = current.right.leafPosition
}
end
else
newNode.right = currentReduced
newNode.left = {
hash = current.left.hash,
isLeaf = current.left.isLeaf,
leafPosition = current.left.leafPosition
}
end
currentReduced = newNode
current = current.parent
end
return currentReduced
end
-- Erstellt einen Evidence Record für einen bestimmten Hash
function EvidenceRecord.createEvidenceRecord(tree, reducedTree, hashAlgorithm)
local timestamp = EvidenceRecord.createTimestamp(tree.root.hash, hashAlgorithm)
return {
version = 1,
digestAlgorithm = hashAlgorithm, -- "SHA256" - Beispiel-Algorithmus
cryptoInfos = {},
encryptionInfo = nil,
archiveTimeStampSequence = {
{
reduced = reducedTree,
timestamp = timestamp
}
}
}
end
-- Hilfsfunktion zum Konvertieren einer ArchiveTimeStampSequence in einen String
local function encodeATSC(sequence)
-- In einer echten Implementierung würde hier DER-Encoding stattfinden
-- Für dieses Beispiel konkatenieren wir einfach die Hashes
local encoded = ""
for _, ats in ipairs(sequence) do
-- letzter aktueller ats-hash wird genommen
encoded = ats.timestamp.hash
end
return encoded
end
-- Erneuert den Hashbaum für eine Liste von Evidence Records mit neuen Hashwerten
function EvidenceRecord.renewHashtree(records_and_hashes, newHashAlgorithm)
-- records_and_hashes ist eine Liste von Tupeln {record, newHash}
local newHashes = {}
-- Schritt 3 & 4: Für jeden Evidence Record
for _, tuple in ipairs(records_and_hashes) do
local record = tuple[1]
-- local newDocumentHash = tuple[2]
-- Encode die bestehende ArchiveTimeStampSequence
local atsc = encodeATSC(record.archiveTimeStampSequence)
local atscHash = hashPair(atsc) -- Schritt 3: ha(i) = H(atsc(i))
local newDocumentHash = tuple[2]
if type(newDocumentHash) == "table" then
for _, hash in ipairs(newDocumentHash) do
-- Schritt 4: Kombiniere Document Hash mit ATSC Hash
local combinedHash = hashPair(hash, atscHash, true)
table.insert(newHashes, combinedHash)
end
else
-- Schritt 4: Kombiniere Document Hash mit ATSC Hash
local combinedHash = hashPair(newDocumentHash, atscHash, true)
table.insert(newHashes, combinedHash)
end
end
-- Schritt 5: Erstelle einen neuen Hashbaum mit den kombinierten Hashes
local newTree = EvidenceRecord.createHashtree(newHashes)
-- Erstelle reduzierte Bäume für jeden Evidence Record
local results = {}
for i, tuple in ipairs(records_and_hashes) do
local record = tuple[1]
local combinedHash = newHashes[i]
-- Reduziere den Baum für den spezifischen Hash
local reducedTree = EvidenceRecord.reduceTree(newTree, combinedHash)
-- Schritt 6: Erstelle neue ArchiveTimeStampChain
local newTimestamp = EvidenceRecord.createTimestamp(newTree.root.hash, newHashAlgorithm)
local newChain = {
reduced = reducedTree,
timestamp = newTimestamp
}
-- Füge die neue Chain zur Sequence hinzu
table.insert(record.archiveTimeStampSequence, newChain)
-- Aktualisiere den verwendeten Hash-Algorithmus
record.digestAlgorithm = newHashAlgorithm
table.insert(results, record)
end
return results, newTree
end
--------------------------------------------------------------------
-- Verification is not complete!
--[[
-- Helper function to verify a single timestamp
local function verifyTimestamp(timestamp, referenceTime)
-- In a real implementation, the cryptographic signature would be verified
-- and validity would be checked at the reference time
-- For this example, we just check if the timestamp is before the reference time
return timestamp.time < referenceTime
end
-- Helper function to verify a reduced Merkle tree
local function verifyReducedTree(reducedTree, targetHash)
if not reducedTree then
return false
end
-- First, find the target hash in the leaf nodes
local function findTargetInLeaves(node)
if not node then
return false
end
-- If we're at a leaf, check if it matches the target hash
if node.isLeaf then
return node.hash == targetHash
end
-- Recursively search left and right subtrees
return findTargetInLeaves(node.left) or findTargetInLeaves(node.right)
end
-- Verify the hash calculations from bottom to top
local function verifyNodeHash(node)
if not node then
return true
end
-- If it's a leaf node, no need to verify further down
if node.isLeaf then
return true
end
-- Verify left and right subtrees first
if not verifyNodeHash(node.left) or not verifyNodeHash(node.right) then
return false
end
-- Calculate expected hash based on children
local calculatedHash
--print('check hash', node.left and node.left.hash, node.right and node.right.hash)
if node.left and node.right then
calculatedHash = node.left.hash .. "+" .. node.right.hash
elseif node.left or node.right then
calculatedHash = node.left and node.left.hash or node.right.hash
end
-- Compare calculated hash with stored hash
--print('compare', calculatedHash, node.hash, calculatedHash == node.hash)
return calculatedHash == node.hash
end
-- First verify that the target hash exists in the leaves
if not findTargetInLeaves(reducedTree) then
return false
end
-- Then verify the hash chain from bottom to top
return verifyNodeHash(reducedTree)
end
-- Main function to verify an Evidence Record
function EvidenceRecord.verifyEvidenceRecord(record, hashValueAlgorithmPairs)
if not record or not record.archiveTimeStampSequence or #record.archiveTimeStampSequence == 0 then
return false, "Invalid evidence record structure"
end
local currentTime = os.time() + 1
-- Step 1: Verify the initial Archive Timestamp
local initialChain = record.archiveTimeStampSequence[1]
local initialHash = hashValueAlgorithmPairs[1][1]
local initialAlgorithm = hashValueAlgorithmPairs[1][2]
--print('initialChain.reduced, initialHash', initialChain.reduced, initialHash)
if not verifyReducedTree(initialChain.reduced, initialHash) then
return false, "Initial hash verification failed"
end
-- Step 2: Verify each ArchiveTimestampChain
local previousTimestamp = initialChain.timestamp
local previousAlgorithm = initialAlgorithm
for i = 1, #record.archiveTimeStampSequence do
local currentChain = record.archiveTimeStampSequence[i]
local currentHash = hashValueAlgorithmPairs[i][1]
local currentAlgorithm = hashValueAlgorithmPairs[i][2]
-- Check if hash algorithm in chain is consistent
if currentAlgorithm == previousAlgorithm then
return false, string.format(
"Inconsistent hash algorithm in chain %d: expected different than %s, got %s",
i, previousAlgorithm, currentAlgorithm
)
end
-- Verify timestamp
if not verifyTimestamp(previousTimestamp, currentChain.timestamp.time + 1) then
return false, string.format(
"Invalid timestamp sequence in chain %d",
i
)
end
-- Step 3: Verify the chaining of ArchiveTimeStampChains
local rightLeaf = previousTimestamp.hash -- Encode the previous timestamp
local concatenatedHash = currentHash .. "+" .. rightLeaf
if not verifyReducedTree(currentChain.reduced, concatenatedHash) then
return false, string.format(
"Chain linkage verification failed at chain %d",
i
)
end
previousTimestamp = currentChain.timestamp
previousAlgorithm = currentAlgorithm
end
-- Check validity of last timestamp
if not verifyTimestamp(previousTimestamp, currentTime) then
return false, "Last timestamp is not valid at current time"
end
return true, "Evidence record verification successful"
end
-- Test function to validate the implementation
local function testVerifyReducedTree()
local testReducedTree = {
hash = "h1+h2+h3",
isLeaf = false,
left = {
hash = "h1+h2",
isLeaf = false
},
right = {
hash = "h3",
isLeaf = false,
left = {
hash = "h3",
isLeaf = true,
leafPosition = "left"
}
}
}
-- Test cases
print("Testing h1:", verifyReducedTree(testReducedTree, "h1")) -- Should be false
print("Testing h2:", verifyReducedTree(testReducedTree, "h2")) -- Should be false
print("Testing h3:", verifyReducedTree(testReducedTree, "h3")) -- Should be true
print("Testing invalid hash:", verifyReducedTree(testReducedTree, "h4")) -- Should be false
end
testVerifyReducedTree()
local function testVerifyEvidenceRecord()
local testEvidenceRecord = {
archiveTimeStampSequence = { {
reduced = {
hash = "h1+h2+h3",
isLeaf = false,
left = {
hash = "h1+h2",
isLeaf = false
},
right = {
hash = "h3",
isLeaf = false,
left = {
hash = "h3",
isLeaf = true,
leafPosition = "left"
}
}
},
timestamp = {
algorithm = "SHA256",
hash = "h1+h2+h3",
time = 1730736754
}
}, {
reduced = {
hash = "H1+h1+h2+h3+H2+h1+h2+h3+H3+h1+h2+h3",
isLeaf = false,
left = {
hash = "H1+h1+h2+h3+H2+h1+h2+h3",
isLeaf = false
},
right = {
hash = "H3+h1+h2+h3",
isLeaf = false,
left = {
hash = "H3+h1+h2+h3",
isLeaf = true,
leafPosition = "left"
}
}
},
timestamp = {
algorithm = "SHA512",
hash = "H1+h1+h2+h3+H2+h1+h2+h3+H3+h1+h2+h3",
time = 1730736754
}
} },
cryptoInfos = {},
digestAlgorithm = "SHA512",
version = 1
}
-- Test case: A sequence with two chains, where one document is covered. In the first chain the document hash is h3 made with SHA256 HashAlgorithm and the second hash of the document is H3 made with SHA512 HashAlgorithm.
local result, text = EvidenceRecord.verifyEvidenceRecord(testEvidenceRecord, {
{ "h3", "SHA256" },
{ "H3", "SHA512"},
}
)
print("Testing ER:", text, result) -- result should be true
end
testVerifyEvidenceRecord()
]]--
return EvidenceRecord