SignCreateCallback.cc

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: SignCreateCallback.cc,v 1.3 2004/05/19 15:56:52 mmarsh Exp $
//
// $Log: SignCreateCallback.cc,v $
// Revision 1.3  2004/05/19 15:56:52  mmarsh
// *** empty log message ***
//
// Revision 1.2  2003/11/04 22:31:49  mmarsh
// *** empty log message ***
//
//

#include "SignCreateCallback.h"
#include "CODEX_Events/Event.h"
#include "StateInfo.h"
#include "CODEX_Client/Message.h"
#include "CODEX_Server/SignRequestEvent.h"
#include "ClientDelegation.h"
#include "CODEX_Server/ShareLabelChallenge.h"

#include "CODEX_Server/ServerExceptions.h"
#include "Exceptions.h"

#include "timing.h"

using namespace CODEX_KeyService;

SignCreateCallback::SignCreateCallback(
   CODEX_Events::DeadPileType& deadPile,
   CODEX_Events::QType& eventQueue,
   ClientResponseHandler* destination,
   const RequestType& request,
   const unsigned char* seqNum,
   CODEX_Server::SignRequestHandler* reqHandler ) :
   ResponseCallback( seqNum ),
   CODEX_Events::Activity( deadPile, eventQueue ),
   m_destination( destination ),
   m_request( request ),
   m_complete( false ),
   m_reqHandler( reqHandler )
{
   m_digest = m_request.response().digest(
      CODEX_Server::ServerState::instance()->hashFunc() );
   ChallengeVector::iterator vItr = m_challenges.begin();
   ChallengeVector::iterator vEnd = m_challenges.end();
   for ( ; vItr != vEnd ; ++vItr )
   {
      delete *vItr;
   }
}

SignCreateCallback::~SignCreateCallback()
{
   if ( NULL != m_digest ) BN_free( m_digest );
   while ( m_signatures.size() )
   {
      delete m_signatures.back();
      m_signatures.pop_back();
   }
}

bool
SignCreateCallback::operator()( unsigned int server,
                                CODEX_Quorum::Message* msg )
{
   if ( NULL == msg )
   {
      return false;
   }

   if ( m_complete )
   {
      delete msg;
      return true;
   }

#ifdef TIMING
   ActiveTimer.start();
#endif

   CODEX_Server::ServerState* serverState =
      CODEX_Server::ServerState::instance();
   if ( NULL == serverState )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }

   StateInfo* stateInfo = StateInfo::instance();
   if ( NULL == stateInfo )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }

   // Sanity check -- is our destination still valid?
   if ( NULL == stateInfo->getActFromSeqNum( seqNum() ) )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }

   CODEX_Quorum::QuorumSystem* qs = serverState->quorumSystem();
   if ( NULL == qs )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      throw CODEX_Server::NoQuorumSystemException( __FILE__ , __LINE__ );
   }

   unsigned char* data = (unsigned char*)msg->buffer();
   int length = msg->length();

   if ( length < 2 )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }

   // Check the message type.
   if ( stateInfo->delegationDomain() != data[0] )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }
   ++data;
   --length;

   // Test a special condition
   if ( ClientDelegation::kBadShareLabel == data[0] )
   {
      cerr << __FILE__ << ", line " << __LINE__ << ":\n"
           << "   kBadShareLabel returned" << endl;
      ++data;
      --length;
      // We need to re-send the request with the new label, but only if
      // the label returned is actually valid.
      CODEX_Server::ServerState::LSType::LabelType label;
      if ( NULL == label.unmarshal( NULL, &data, length ) )
      {
         // The response is no good.
         delete msg;
#ifdef TIMING
         ActiveTimer.stop();
#endif
         return false;
      }
      RequestType newReq( m_request.response(),
                          m_request.request(),
                          m_request.evidence(),
                          label );
      const unsigned char* newSeqNum = serverState->newSequenceNumber();
      stateInfo->registerSequenceNumber( newSeqNum, m_destination );
      SignCreateCallback* cb = new SignCreateCallback( m_deadPile,
                                                       m_queue,
                                                       m_destination,
                                                       newReq,
                                                       newSeqNum,
                                                       m_reqHandler );

      CODEX_Quorum::Message message;
      unsigned char self = serverState->hostNum();
      message.fill( self | CODEX_Server::ServerState::OutgoingMask );
      message.fill( newSeqNum, CODEX_Server::ServerState::nMID );
      message.fill( stateInfo->delegationDomain() );
      message.fill( ClientDelegation::kRequestSignature );
      message.fill( CODEX_Client::kBoundNameMsg );
      int length = newReq.marshal(0);
      unsigned char* buffer = new unsigned char[length];
      unsigned char* pBuffer = buffer;
      newReq.marshal(&pBuffer);
      message.fill( buffer, length );
      delete [] buffer;

      // Create the outgoing event.
      CODEX_Server::SignRequestEvent* outEvent =
         new CODEX_Server::SignRequestEvent( this,
                                             m_reqHandler,
                                             message,
                                             cb );
      CODEX_Server::ShareLabelChallenge* slc =
         new CODEX_Server::ShareLabelChallenge( label, server, cb, outEvent );
      m_challenges.push_back( slc );
      if ( m_challenges.size() > qs->faultsTolerated() )
      {
         // register challenges
         ChallengeVector::iterator vItr = m_challenges.begin();
         ChallengeVector::iterator vEnd = m_challenges.end();
         for ( ; vItr != vEnd ; ++vItr )
         {
            serverState->addChallenge( seqNum() , *vItr );
         }
         m_challenges.clear();
         // No progress will be made on this request.
         m_complete = true;
      }
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }

   if ( ClientDelegation::kAcceptSignatureRequest != data[0] )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }
   ++data;
   --length;

   // Check that it unmarshalls.
   typedef CODEX_Server::ServerState::ShareType  ShareType;
   ShareType* signatures = new ShareType;
   if ( NULL == signatures->unmarshal( NULL, &data, length ) )
   {
      delete msg;
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }
   delete msg;
   m_signatures.push_back( signatures );

   // See if we have enough responses to create the threshold signature.
   typedef CODEX_Client::SignedBoundNameMsg MsgType;

   const CODEX_Server::ServerState::ThresholdRSAType& thresholdRSA =
      serverState->thresholdRSA();

   // optimistic case
   if ( m_signatures.size() > CODEX_Server::ServerState::nFaults )
   {
      CODEX_Server::ServerState::ShareSetType partials;
      SignatureArray::const_iterator itr = m_signatures.begin();
      SignatureArray::const_iterator end = m_signatures.end();
      for ( ; itr != end ; ++itr )
      {
         partials.addShare( **itr );
      }
      // Get the threshold signature, verify it, and if OK respond.
      BIGNUM * tsig = thresholdRSA.threshold( partials );
      if ( NULL != tsig )
      {
         ClientResponseEvent< MsgType >* event = NULL;
         try
         {
            CODEX_Ciphers::RSASignature sig( tsig );
            const CODEX_Ciphers::RSAPublicKey& serviceKey =
               serverState->serviceKey();
            if ( ! serviceKey.initialized() )
            {
               throw CODEX_Server::PublicKeyNotFoundException( __FILE__ ,
                                                               __LINE__ );
            }
            if ( serviceKey.verifySignature( sig, m_digest ) )
            {
               event = new ClientResponseEvent< MsgType >(
                  this,
                  m_destination,
                  MsgType(m_request.response(), sig) );
               if ( ! stateInfo->addKeySignature(
                  m_request.response().name().value(), sig ) )
               {
                  throw KeyNotFoundException( __FILE__ , __LINE__ );
               }
               sendEvent( event, 0 ); // no need to acknowledge
               serverState->removeChallenge( seqNum() );
               m_complete = true;
               // We're done.
#ifdef TIMING
               ActiveTimer.stop();
#endif
               return true;
            }
         }
         catch ( ... )
         {
            if ( NULL == event ) delete event;
#ifdef TIMING
            ActiveTimer.stop();
#endif
            throw;
         }
      }
   }

   // Wait for a full quorum and try all possible combinations until one
   // works.
   if ( m_signatures.size() >= qs->quorumSize() )
   {
      BIGNUM* tsig = serverState->thresholdOperation( m_signatures, m_digest );
      if ( NULL != tsig )
      {
         ClientResponseEvent< MsgType >* event = NULL;
         try
         {
            CODEX_Ciphers::RSASignature sig(tsig);
            event = new ClientResponseEvent< MsgType >(
               this,
               m_destination,
               MsgType(m_request.response(), sig) );
            if ( ! stateInfo->addKeySignature(
               m_request.response().name().value(),sig ) )
            {
               throw KeyNotFoundException( __FILE__ , __LINE__ );
            }
            sendEvent( event, 0 ); // no need to acknowledge
            serverState->removeChallenge( seqNum() );
            m_complete = true;
         }
         catch ( ... )
         {
            if ( NULL != event ) delete event;
#ifdef TIMING
            ActiveTimer.stop();
#endif
            throw;
         }
      }
      else
      {
         // There was a problem
         sendEvent( new CODEX_Events::CloseEvent( this, m_destination ), 0 );
      }
   }
#ifdef TIMING
   ActiveTimer.stop();
#endif
   return true;
}

---