CODEX_KeyService/StateInfo.cc

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: StateInfo.cc,v 1.3 2004/05/19 15:56:53 mmarsh Exp $
//
// $Log: StateInfo.cc,v $
// Revision 1.3  2004/05/19 15:56:53  mmarsh
// *** empty log message ***
//
// Revision 1.2  2003/11/04 22:15:00  mmarsh
// General code cleanup and reorganization.  The signed ElGamal public key
// was moved to CODEX_Server, decoupling that package from CODEX_Client.
// Since CODEX_Server no longer knows about the cryptosystem used by
// the client, switching between cryptosystems is handled locally by
// CODEX_KeyService.
//
//

#include <fstream>
#include <sstream>
#include <openssl/conf.h>

#include "StateInfo.h"
#include "ClientActivity.h"
#include "CODEX_ASN1/Integer.h"
#include "CODEX_Exceptions/FileExceptions.h"
#include "CODEX_Server/ServerExceptions.h"
#include "CODEX_Server/ConfigurationExceptions.h"
#include "Exceptions.h"

#include "timing.h"

using namespace CODEX_KeyService;

StateInfo* StateInfo::m_instance = 0;


//=============================================================
// Constructors and destructors
//=============================================================

StateInfo*
StateInfo::instance()
{
   if ( 0 == m_instance )
   {
      m_instance = new StateInfo;
   }
   return m_instance;
}

void
StateInfo::destroy()
{
   if ( 0 != m_instance )
   {
      delete m_instance;
   }
   m_instance = 0;
}

StateInfo::SynchronyState
StateInfo::synchronize(const char* fname, bool force_read)
{
   try
   {
      if ( m_keyMap.empty() || force_read )
      {
         // We need to read.

         // First purge the key map.
         KeyMap::iterator kmItr = m_keyMap.begin();
         KeyMap::iterator kmEnd = m_keyMap.end();
         for ( ; kmItr != kmEnd ; ++kmItr )
         {
            delete kmItr->second;
         }
         m_keyMap.clear();

         // Now read the keys in from the file "fname".
         ifstream is(fname);
         if ( ! is.is_open() )
         {
            throw CODEX_Exceptions::FileCannotOpenException( __FILE__ ,
                                                             __LINE__ ,
                                                             fname );
         }
         string s;
         char ch;
         while ( is.get(ch) )
         {
            s.push_back(ch);
         }
         //CODEX_ASN1::ustring s;
         //is >> s;
         is.close();
         unsigned int length = s.length();
         unsigned char* p = new unsigned char[length];
         unsigned char* pOrig = p;
         for ( unsigned int i = 0 ; i < length ; ++i )
         {
            p[i] = s.data()[i];
         }
         //unsigned char* p = (unsigned char*)s.data();
         unsigned char* oldP = p;
         CODEX_ASN1::Integer nKeys;
         if ( 0 == nKeys.unmarshal(0,&p,length) )
         {
            // Not a great exception to throw here, but it's not worth
            // creating a new class for this case.
            throw KeyNotFoundException( __FILE__ , __LINE__ );
         }
         length -= ( p - oldP );
         oldP = p;
         KeyInfo* pKey = 0;
         try
         {
            for ( int i = 0 ; i < nKeys.value() ; ++i )
            {
               CODEX_ASN1::OctetString name;
               pKey = new KeyInfo;
               if ( length < 1 )
               {
                  // not the _ideal_ exception, but it's an OK match, since
                  // we're expecting a key that isn't there.
                  throw KeyNotFoundException( __FILE__ , __LINE__ );
               }
               if ( 0 == name.unmarshal(0,&p,length) )
               {
                  throw KeyNotFoundException( __FILE__ , __LINE__ );
               }
               length -= ( p - oldP );
               oldP = p;
               if ( length < 1 )
               {
                  throw KeyNotFoundException( __FILE__ , __LINE__ );
               }
               if ( 0 == pKey->unmarshal(0,&p,length) )
               {
                  throw KeyNotFoundException( __FILE__ , __LINE__ );
               }
               length -= ( p - oldP );
               oldP = p;
               m_keyMap.insert( KeyMap::value_type( name.value(), pKey ) );
               pKey = 0;
            }
            delete [] pOrig;
            return kRead;
         }
         catch ( ... )
         {
            delete [] pOrig;
            if ( 0 != pKey ) delete pKey;
            throw;
         }
      }
      else
      {
         // We need to write.
         unsigned char* buff = 0;
         try
         {
            // First marshal the data.
            CODEX_ASN1::Integer nKeys( m_keyMap.size() );
            unsigned int length = nKeys.marshal(0);
            KeyMap::const_iterator kmItr = m_keyMap.begin();
            KeyMap::const_iterator kmEnd = m_keyMap.end();
            for ( ; kmItr != kmEnd ; ++kmItr )
            {
               CODEX_ASN1::OctetString name( kmItr->first );
               length += name.marshal(0);
               length += kmItr->second->marshal(0);
            }
            buff = new unsigned char[length];
            unsigned char* pBuff = buff;
            nKeys.marshal(&pBuff);
            kmItr = m_keyMap.begin();
            for ( ; kmItr != kmEnd ; ++kmItr )
            {
               CODEX_ASN1::OctetString name( kmItr->first );
               name.marshal(&pBuff);
               kmItr->second->marshal(&pBuff);
            }

            // Now write the buffer to the file "fname".
            ofstream os(fname);
            if ( ! os.is_open() )
            {
               throw CODEX_Exceptions::FileCannotCreateException( __FILE__ ,
                                                                  __LINE__ ,
                                                                  fname );
            }
            for ( unsigned int i = 0 ; i < length ; ++i )
            {
               os << buff[i];
            }
            os.close();
            delete [] buff;
            return kWrote;
         }
         catch ( ... )
         {
            if ( 0 != buff ) delete [] buff;
            throw;
         }
      }
   }
   catch ( CODEX_Exceptions::ExceptionBase& e )
   {
      // Synchrony exceptions are important -- always report them.
      e.report();
      return kFailed;
   }
   catch ( ... )
   {
      // unknown exception, just return the failure.
      return kFailed;
   }
}

StateInfo::StateInfo() :
   m_messageDomain( 0 ),
   m_delegationDomain( 0 )
{
}

StateInfo::~StateInfo()
{
   RequestMap::iterator rmItr = m_requestMap.begin();
   RequestMap::iterator rmEnd = m_requestMap.end();
   for ( ; rmItr != rmEnd ; ++rmItr )
   {
      delete [] rmItr->first;
   }
   KeyMap::iterator kmItr = m_keyMap.begin();
   KeyMap::iterator kmEnd = m_keyMap.end();
   for ( ; kmItr != kmEnd ; ++kmItr )
   {
      delete kmItr->second;
   }
}


//=============================================================
// Configuration
//=============================================================

void
StateInfo::configure( const CONF* conf, const char* sec, const string& fname )
{
   long dummy;

   // Security parameter for proofs of plaintext knowledge
   if ( ! NCONF_get_number_e(conf,
                             sec,
                             "ppk_security_param",
                             &dummy) )
   {
      throw CODEX_Server::BCParameterNotDefinedException(
         __FILE__ , __LINE__ , fname, "ppk_security_param" );
   }
   if ( dummy <= 0 )
   {
      throw CODEX_Server::BCBadValueException(
         __FILE__ , __LINE__ , fname, "ppk_security_param" );
   }
   m_ppkSecurityParam = dummy;

   // Port on which to listen for clients.
   if ( ! NCONF_get_number_e(conf,sec,"client_port",&m_clientPort) )
   {
      throw CODEX_Server::BCParameterNotDefinedException(
         __FILE__ , __LINE__ , fname, "client_port" );
   }
   if ( 0 >= m_clientPort )
   {
      throw CODEX_Server::BCBadValueException(
         __FILE__ , __LINE__ , fname, "client_port" );
   }
}


//=============================================================
// Client management
//=============================================================

bool
StateInfo::addClient( ClientActivity* clientAct )
{
   return ( m_clientMap.insert( ClientMap::value_type( clientAct,
                                                       clientAct ) ) ).second;
}

ClientActivity*
StateInfo::getClient( CODEX_Events::Activity* clientAct ) const
{
   ClientMap::const_iterator mapItr = m_clientMap.find( clientAct );
   if ( m_clientMap.end() == mapItr )
   {
      return 0;
   }
   return mapItr->second;
}

bool
StateInfo::removeClient( CODEX_Events::Activity* clientAct )
{
   ClientMap::iterator mapItr = m_clientMap.find( clientAct );
   if ( m_clientMap.end() == mapItr )
   {
      return false;
   }
   // remove all sequence numbers associated with this activity
   RequestMap::iterator rItr = m_requestMap.begin();
   // We want the call to end() to be made at each step, since the map
   // is potentially changing underneath us.
   for ( ; rItr != m_requestMap.end() ; )
   {
      if ( clientAct == rItr->second )
      {
         removeSequenceNumber( rItr->first );
         // re-start the loop
         rItr = m_requestMap.begin();
      }
      else
      {
         ++rItr;
      }
   }
   m_clientMap.erase( mapItr );
   return true;
}

bool
StateInfo::registerSequenceNumber( const unsigned char* seqNum,
                                   CODEX_Events::Activity* clientAct )
{
   unsigned char* s = new unsigned char[ CODEX_Server::ServerState::nMID ];
   memcpy( s, seqNum, CODEX_Server::ServerState::nMID );
   return ( m_requestMap.insert(
      RequestMap::value_type( s, clientAct ) ) ).second;
}

bool
StateInfo::removeSequenceNumber( const unsigned char* seqNum )
{
   RequestMap::iterator mapItr = m_requestMap.find( seqNum );
   if ( m_requestMap.end() == mapItr )
   {
      return false;
   }
   const unsigned char* s = mapItr->first;
   m_requestMap.erase( mapItr );
   delete [] s;
   return true;
}

CODEX_Events::Activity*
StateInfo::getActFromSeqNum( const unsigned char* seqNum ) const
{
   RequestMap::const_iterator mapItr = m_requestMap.find( seqNum );
   if ( m_requestMap.end() == mapItr )
   {
      return 0;
   }
   return mapItr->second;
}


//=============================================================
// Key management
//=============================================================

bool
StateInfo::addKeyName( const CODEX_ASN1::ustring& name,
                         const CODEX_Client::SignedBoundNameMsg& binding )
{
   return (
      m_keyMap.insert( KeyMap::value_type(
         name,
         new KeyInfo(binding.message(), binding.signature()) )
         ) ).second;
}

bool
StateInfo::addKeyName( const CODEX_ASN1::ustring& name,
                         const CODEX_Client::BoundNameMsg& binding )
{
   return (
      m_keyMap.insert( KeyMap::value_type( name, new KeyInfo(binding) ) )
      ).second;
}

const KeyInfo*
StateInfo::getKeyInfo( const CODEX_ASN1::ustring& name ) const
{
#ifdef TIMING
   LookupTimer.start();
#endif
   KeyMap::const_iterator mapItr = m_keyMap.find( name );
#ifdef TIMING
   LookupTimer.stop();
#endif
   if ( m_keyMap.end() == mapItr )
   {
      return 0;
   }
   return mapItr->second;
}

bool
StateInfo::addKeySignature( const CODEX_ASN1::ustring& name,
                              const CODEX_Ciphers::RSASignature& signature )
{
#ifdef TIMING
   LookupTimer.start();
#endif
   KeyMap::iterator mapItr = m_keyMap.find( name );
#ifdef TIMING
   LookupTimer.stop();
#endif
   if ( m_keyMap.end() == mapItr )
   {
      return false;
   }
   mapItr->second->setSignature( signature );
   return true;
}

bool
StateInfo::replaceKeyBinding(
   const CODEX_ASN1::ustring& name,
   const CODEX_Client::SignedBoundNameMsg& binding )
{
#ifdef TIMING
   LookupTimer.start();
#endif
   KeyMap::iterator mapItr = m_keyMap.find( name );
#ifdef TIMING
   LookupTimer.stop();
#endif
   if ( m_keyMap.end() == mapItr )
   {
      return false;
   }
   mapItr->second->setBinding( binding.message() );
   mapItr->second->setSignature( binding.signature() );
   return true;
}

bool
StateInfo::addKeyValue( const CODEX_ASN1::ustring& name,
                        const CODEX_Client::RequestCipherTextType& keyValue )
{
#ifdef TIMING
   LookupTimer.start();
#endif
   KeyMap::iterator mapItr = m_keyMap.find( name );
#ifdef TIMING
   LookupTimer.stop();
#endif
   if ( m_keyMap.end() == mapItr )
   {
      return false;
   }
   mapItr->second->setKeyValue( keyValue );
   return true;
}

bool
StateInfo::verifyKeyValue( const CODEX_ASN1::ustring& name )
{
#ifdef TIMING
   LookupTimer.start();
#endif
   KeyMap::iterator mapItr = m_keyMap.find( name );
#ifdef TIMING
   LookupTimer.stop();
#endif
   if ( m_keyMap.end() == mapItr )
   {
      return false;
   }
   mapItr->second->setVerified();
   return true;
}

//=============================================================
// Decryption template methods
//=============================================================

const StateInfo::LSType&
StateInfo::decryptionShares( const LSType::LabelType& label,
                             unsigned int server ) const
{
   return shareTemplate< CODEX_Client::CipherTextType >(
      label, server );
}

const StateInfo::LSType::LabelType&
StateInfo::defaultDecryptionLabel() const
{
   return labelTemplate< CODEX_Client::CipherTextType >();
}

const StateInfo::ThresholdDecryptionType&
StateInfo::thresholdDecryption() const
{
   return thresholdTemplate< ThresholdDecryptionType >();
}


//=============================================================
// KeyInfo methods
//=============================================================

KeyInfo::KeyInfo() :
   CODEX_ASN1::Base( false ),
   m_verified( false )
{
}

KeyInfo::KeyInfo( const CODEX_Client::BoundNameMsg& binding ) :
   CODEX_ASN1::Base( true ),
   m_binding( binding ),
   m_verified( false )
{
}

KeyInfo::KeyInfo( const CODEX_Client::BoundNameMsg& binding,
                  const CODEX_Ciphers::RSASignature& signature ) :
   CODEX_ASN1::Base( true ),
   m_binding( binding ),
   m_signature( signature ),
   m_verified( false )
{
}

KeyInfo::KeyInfo( const CODEX_Client::SignedBoundNameMsg& binding ) :
   CODEX_ASN1::Base( true ),
   m_binding( binding.message() ),
   m_signature( binding.signature() ),
   m_verified( false )
{
}

KeyInfo::KeyInfo( const CODEX_Client::BoundNameMsg& binding,
                  const CODEX_Ciphers::RSASignature& signature,
                  const CODEX_Client::RequestCipherTextType& keyValue ) :
   CODEX_ASN1::Base( true ),
   m_binding( binding ),
   m_signature( signature ),
   m_keyValue( keyValue ),
   m_verified( false )
{
}

KeyInfo::KeyInfo( const CODEX_Client::SignedBoundNameMsg& binding,
                  const CODEX_Client::RequestCipherTextType& keyValue ) :
   CODEX_ASN1::Base( true ),
   m_binding( binding.message() ),
   m_signature( binding.signature() ),
   m_keyValue( keyValue ),
   m_verified( false )
{
}

KeyInfo::KeyInfo( const KeyInfo& aKI ) :
   CODEX_ASN1::Base( aKI.m_initialized ),
   m_binding( aKI.m_binding ),
   m_keyValue( aKI.m_keyValue ),
   m_verified( false )
{
}

KeyInfo::~KeyInfo()
{
}

void
KeyInfo::operator=( const KeyInfo& aKI )
{
   m_initialized = aKI.m_initialized;
   m_binding     = aKI.m_binding;
   m_keyValue    = aKI.m_keyValue;
   m_verified    = aKI.m_verified;
}

void
KeyInfo::setKeyValue( const CODEX_Client::RequestCipherTextType& keyValue )
{
   m_keyValue = keyValue;
}

void
KeyInfo::setBinding( const CODEX_Client::BoundNameMsg& binding )
{
   m_binding = binding;
}

void
KeyInfo::setSignature( const CODEX_Ciphers::RSASignature& signature )
{
   m_signature = signature;
}

int
KeyInfo::marshal( unsigned char ** pp ) const
{
   int r=0;
   int ret=0;
   unsigned char * p;

   CODEX_ASN1::Integer haveSignature( m_signature.initialized() ? 1 : 0 );
   CODEX_ASN1::Integer haveKeyValue( m_keyValue.initialized() ? 1 : 0 );
   CODEX_ASN1::Integer isVerified( m_verified ? 1 : 0 );

   ret += m_binding.marshal(0);
   ret += haveSignature.marshal(0);
   if ( haveSignature.value() )
   {
      ret += m_signature.marshal(0);
   }
   ret += haveKeyValue.marshal(0);
   if ( haveKeyValue.value() )
   {
      ret += m_keyValue.marshal(0);
   }
   ret += isVerified.marshal(0);
   M_ASN1_I2D_seq_total();
   m_binding.marshal(&p);
   haveSignature.marshal(&p);
   if ( haveSignature.value() )
   {
      m_signature.marshal(&p);
   }
   haveKeyValue.marshal(&p);
   if ( haveKeyValue.value() )
   {
      m_keyValue.marshal(&p);
   }
   isVerified.marshal(&p);
   M_ASN1_I2D_finish();
}

void*
KeyInfo::unmarshal( void* bogus, unsigned char ** pp, long length )
{
   if ( m_initialized )
   {
      return 0;
   }
   if ( (0 == pp) || (0 == *pp) )
   {
      return 0;
   }
   ASN1_CTX c;
   c.pp = pp;
   c.q = *pp;
   c.error = ERR_R_NESTED_ASN1_ERROR;
   int i;
   CODEX_ASN1::Integer haveSignature;
   CODEX_ASN1::Integer haveKeyValue;
   CODEX_ASN1::Integer isVerified;

   M_ASN1_D2I_Init();
   M_ASN1_D2I_start_sequence();
   M_ASN1_D2I_get(i, m_binding.unmarshal);
   M_ASN1_D2I_get(i, haveSignature.unmarshal);
   if ( haveSignature.value() )
   {
      M_ASN1_D2I_get(i, m_signature.unmarshal);
   }
   M_ASN1_D2I_get(i, haveKeyValue.unmarshal);
   if ( haveKeyValue.value() )
   {
      M_ASN1_D2I_get(i, m_keyValue.unmarshal);
   }
   M_ASN1_D2I_get(i, isVerified.unmarshal);
   m_verified = isVerified.value();
   if ( !asn1_Finish(&c) )
   {
      return 0;
   }
   *pp=c.p;
   m_initialized = true;
   return this;
  err: // needed by ASN.1 macros
   return 0;
}

---