#include <ServerState.h>
Collaboration diagram for CODEX_Server::ServerState:
Public Types | |
| typedef list< CODEX_Quorum::LocalServer * > | ServerList |
| Define a list type for servers. | |
|
typedef CODEX_VSS::Combinatoric< nServers, nFaults+1 > | ShareType |
| Specify the secret sharing scheme used. | |
| typedef CODEX_VSS::ModExpFunctional | OneWay |
| Specify the type of one-way function used for VSS. | |
|
typedef CODEX_VSS::LabeledShare< ShareType, OneWay > | LSType |
| Specify the labeled share (VSS) type. | |
|
typedef CODEX_VSS::SecretWitness< ShareType, OneWay > | WitnessType |
| Specify the type of the witness for a secret. | |
|
typedef CODEX_VSS::ShareSet< ShareType > | ShareSetType |
| Specify the share set type. | |
|
typedef CODEX_ThresholdCrypto::ThresholdRSACrypto< ShareType > | ThresholdRSAType |
| Specify the threshold RSA scheme used. | |
|
typedef CODEX_ThresholdCrypto::ThresholdElGamalCrypto< ShareType > | ThresholdElGamalType |
| Specify the threshold ElGamal scheme used. | |
|
typedef CODEX_ThresholdCrypto::ThresholdVarRSACrypto< ShareType > | ThresholdVarRSAType |
| Specify the threshold RSA variant scheme used. | |
| typedef ThresholdRSAType | ThresholdSignatureType |
| Specify the threshold scheme to use for signatures. | |
|
typedef ShareCallbackBase< ShareType, OneWay > | ShareCallback |
| Specify the share callback type. | |
| typedef vector< ShareLabelChallenge * > | ChallengeVector |
| A collection of challenges to a particular request. | |
|
typedef map< const unsigned char *, ChallengeVector, CODEX_Quorum::memless< CODEX_Server::ServerState::nMID > > | ChallengeMap |
| Mapping between a challenged request and its challenges. | |
Public Member Functions | |
| const CODEX_Ciphers::HashFunction & | hashFunc () const |
| The hash function that all server-related processes use. | |
| void | configure (const CONF *conf, const char *sec, const string &fname) |
| Configure the server from an OpenSSL CONF-format file. | |
| void | addServer (CODEX_Quorum::LocalServer *server) |
| Add a local server to the list. | |
| void | removeServer (CODEX_Quorum::LocalServer *server) |
| Remove a local server from the list. | |
| ServerList::const_iterator | serverListBegin () |
| Beginning of the ServerList. | |
| ServerList::const_iterator | serverListEnd () |
| End of the ServerList. | |
| int | serverListSize () |
| Size of the ServerList. | |
| void | cleanServer (CODEX_Quorum::LocalServer *server) |
| Schedule a local server for deletion. | |
| void | garbageCollectServers () |
| Destroy the local servers scheduled for deletion. | |
| const CODEX_ASN1::Certificate & | serverCert () const |
| The server's certificate. | |
| const CODEX_ASN1::Certificate & | serverCert (unsigned int i) const |
The certificate for server i. | |
| const CODEX_Ciphers::RSAPublicKey & | publicKey () |
| The server's public key. | |
| const CODEX_Ciphers::RSAPublicKey & | publicKey (unsigned int i) |
The public key for server i. | |
| const CODEX_Ciphers::RSAPrivateKey & | privateKey () const |
| The server's private key. | |
| const CODEX_ASN1::Certificate & | caCert () const |
| The CA's certificate. | |
| const EVP_PKEY * | caKey () |
| The CA's public key in EVP_PKEY form. | |
| const CODEX_Ciphers::RSAPublicKey & | serviceKey () |
| The service's public key. | |
| const CODEX_Ciphers::ElGamalPublicKey & | publicEGKey () const |
| The service's ElGamal public key. | |
| const CODEX_ASN1::BigNumber & | h () const |
| The auxiliary generator. | |
| const SignedAugmentedEGPublicKey & | signedEGKey () const |
| The service's ElGamal public key, signed by the service. | |
| const LSType & | rsaShares (const LSType::LabelType &label, unsigned int server) const |
| Get the RSA private key shares for a particular label. | |
| const LSType::LabelType & | defaultRSALabel () const |
| The label for the default RSA sharing. | |
| void | setRSAShareCallback (const ShareCallback *cb) |
| Set the callback to retrieve RSA shares. | |
| void | setRSADefaultLabel (const LSType::LabelType *label) |
| Set the label for the default RSA sharing. | |
| const ThresholdRSAType & | thresholdRSA () const |
| The RSA threshold cryptosystem. | |
| const ThresholdVarRSAType & | thresholdVarRSA () const |
| The RSA variant threshold cryptosystem. | |
| const WitnessType & | rsaWitness () const |
| The validity check for the service's RSA private key. | |
| const LSType & | elgamalShares (const LSType::LabelType &label, unsigned int server) const |
| Get the ElGamal private key shares for a particular label. | |
| const LSType::LabelType & | defaultEGLabel () const |
| The label for the default ElGamal sharing. | |
| void | setEGShareCallback (const ShareCallback *cb) |
| Set the callback to retrieve ElGamal shares. | |
| void | setEGDefaultLabel (const LSType::LabelType *label) |
| Set the label for the default RSA sharing. | |
| const ThresholdElGamalType & | thresholdEG () const |
| The ElGamal threshold cryptosystem. | |
| const WitnessType & | egWitness () const |
| The validity check for the service's ElGamal private key. | |
| const LSType::LabelType & | defaultLabel (unsigned int num) const |
| The label of the default sharing for a secret. | |
| void | setShareCallback (unsigned int num, const ShareCallback *cb) |
| Set the callback used to retrieve sharings of a secret. | |
| void | setDefaultLabel (const LSType::LabelType *label) |
| Set the label for the default sharing of a secret. | |
| const LSType & | signatureShares (const LSType::LabelType &label, unsigned int server) const |
| The shares of the private key used to generate signatures. | |
| const LSType::LabelType & | defaultSignatureLabel () const |
| The label for the default sharing of the signature key. | |
| const ThresholdSignatureType & | thresholdSignature () const |
| The threshold cryptosystem for generating signatures. | |
| void | rationalizeSharings (const vector< ShareType * > &sharings, ShareSetType &result) const |
| Given a set of sharings from a quorum of servers, this routine finds a consistent set. | |
| BIGNUM * | thresholdOperation (const vector< ShareType * > &sharings, const BIGNUM *operand) const |
| Given a set of partial results and the data being operated upon, find a valid threshold result. | |
| unsigned char * | newSequenceNumber () |
| Get a new sequence number. | |
| void | addChallenge (const unsigned char *request, ShareLabelChallenge *challenge) |
| Add a challenge for a request. | |
| const ServerState::ChallengeMap & | challengeMap () |
| The map of challenged requests to their challenges. | |
| void | removeChallenge (const unsigned char *request) |
| Remove a request from the challenged list. | |
| CODEX_Quorum::QuorumSystem * | quorumSystem () const |
| The QuorumSystem. | |
| long | hostNum () const |
| This server's host identifier. | |
| const string & | hostName (long i) |
| The name of the host for server i. | |
| long | serverPort () const |
| The port on which this server listens for peers. | |
| long | serverPort (long i) |
| The service port number for server i. | |
| bool | addQuorumServer (int host, CODEX_Quorum::AsynchronousRemoteServer *server) |
| Add a server to the QuorumSystem. | |
| const CODEX_Quorum::RemoteServer * | getQuorumServer (int host) |
A pointer to the remote server i, or NULL if not present. | |
| bool | haveQuorumServer (int host) const |
| Whether a connection exists to the remote server host. | |
| const CODEX_Quorum::SocketBuilder & | clientSocketBuilder () const |
| The CODEX_Quorum::SocketBuilder for clients. | |
| const CODEX_Quorum::SocketBuilder & | serverOutSocketBuilder () const |
| The outgoing CODEX_Quorum::SocketBuilder for servers. | |
| const CODEX_Quorum::SocketBuilder & | serverInSocketBuilder () const |
| The incoming CODEX_Quorum::SocketBuilder for servers. | |
Static Public Member Functions | |
| static ServerState * | instance () |
| Static method to fetch the unique instance. | |
| static void | destroy () |
| Destroys the unique instance. | |
Static Public Attributes | |
| static const unsigned int | nServers = 4 |
| Number of servers in the quorum system. | |
| static const unsigned int | nFaults = 1 |
| Number of Byzantine faults tolerated. | |
| static const size_t | nSID = 1 |
| Number of bytes identifying a server. | |
| static const size_t | nMID = 8 |
| Number of bytes identifying a request from a server. | |
| static const unsigned char | OutgoingMask = 0x80 |
| Mask for the server ID on outgoing requests. | |
| static const unsigned int | RSAKeyNum = 0 |
| ID number for the shared RSA private key. | |
| static const unsigned int | EGKeyNum = 1 |
| ID number for the shared ElGamal private key. | |
Protected Member Functions | |
| ServerState () | |
| Protected constructor, prevents multiple instances. | |
| virtual | ~ServerState () |
| Protected virtual destructor. | |
| void | readPrivateKey (const char *fname, const char *passwd=NULL) |
| Initialize server's private key from a PEM-format file. | |
| void | readCACert (const char *fname) |
| Initialize CA's certificate from a PEM-format file. | |
| void | readServiceCert (const char *fname) |
| Initialize service's certificate from a PEM-format file. | |
| void | readPublicEGKey (const char *fname) |
| Initialize service's ElGamal public key from a file. | |
| void | readRSAShares (const char *fname) |
| Initialize server's shares of the service's RSA private key. | |
| void | readElGamalShares (const char *fname) |
| Initialize server's shares of the service's ElGamal private key. | |
Static Protected Attributes | |
| static ServerState * | m_instance = 0 |
| Unique instance of this class. | |
This includes the number of servers in the (statically-configured) quorum system. Implementing the state this way allows us not to have to pass pointers and references to the state everywhere. There is, of course, the danger that something that really shouldn't be accessing the state will be able to, but since the server code has to be trusted on that server in any event, this shouldn't matter.
Definition at line 81 of file ServerState.h.
|
||||||||||||
|
Add a challenge for a request. This implies that some server questioned the validity of the share label sent with a threshold operation request. Such challenges are not dispatched immediately, since it is not known whether the challenge is valid, nor when the claimed-good label will become valid locally.
Definition at line 836 of file ServerState.cc. References nMID. Referenced by CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), CODEX_KeyService::SignCreateCallback::operator()(), and CODEX_KeyService::ClientReadCallback::operator()(). |
|
||||||||||||
|
Add a server to the QuorumSystem. We require this to be an asynchronous server.
Definition at line 873 of file ServerState.cc. References nServers, CODEX_Quorum::StaticByzantineQuorumSystem< N, T >::server(), and CODEX_Quorum::StaticByzantineQuorumSystem< N, T >::setServer(). Referenced by configure(), and CODEX_Server::QuorumBuilderAct::handler(). |
|
|
The CA's public key in EVP_PKEY form.
Definition at line 436 of file ServerState.cc. References CODEX_ASN1::Base::initialized(), and CODEX_ASN1::Certificate::value(). Referenced by CODEX_KeyService::ClientMessageVerifier::handler(). |
|
|
The label of the default sharing for a secret.
Definition at line 617 of file ServerState.cc. References defaultEGLabel(), defaultRSALabel(), EGKeyNum, and RSAKeyNum. Referenced by CODEX_APSS::SecretManagement::beginRun(). |
|
||||||||||||
|
Get the ElGamal private key shares for a particular label.
Definition at line 589 of file ServerState.cc. Referenced by CODEX_APSS::StateInfo::configure(), and CODEX_Server::ShareLabelChallengeHandler::handler(). |
|
|
Get a new sequence number. These are used to match responses to client requests. Uniqueness is all that matters, but for completeness this number is in LSB format. It will roll over back to 0 if all bits are set. While probably not harmful, since old requests are likely to have been cleared out, the parameter nMID, which determines the number of bytes in the sequence number, should be large enough to prevent collisions. If nMID is 5, there are 2^(5*8) sequence numbers, which at 100 requests per second would take over 348 years to exhaust. For added paranoia, an 8-byte sequence number is used in the default implementation. This would take hundreds of millennia at one million requests per second to exhaust. Definition at line 821 of file ServerState.cc. References nMID. Referenced by CODEX_APSS::SecretManagement::beginRun(), CODEX_APSS::InitActivity::handler(), CODEX_KeyService::DelegateRequestDistributor::handler(), CODEX_KeyService::VerifyWriteCallback::operator()(), CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), CODEX_KeyService::SignCreateCallback::operator()(), CODEX_KeyService::ClientWriteCallback::operator()(), CODEX_KeyService::ClientReadCallback::operator()(), CODEX_KeyService::ClientCreateCallback::operator()(), CODEX_APSS::StateInfo::recover(), and CODEX_APSS::SecretManagement::sendFinished(). |
|
||||||||||||
|
Given a set of sharings from a quorum of servers, this routine finds a consistent set. The consistent set might not contain all shares, since for T faults T+1 values must agree to be accepted. This will, however, reduce any combinatorics needed to resolve the remaining ambiguities.
Definition at line 667 of file ServerState.cc. Referenced by thresholdOperation(). |
|
|
Initialize service's ElGamal public key from a file.
Definition at line 470 of file ServerState.cc. References CODEX_Server::SignedAugmentedEGPublicKey::unmarshal(). Referenced by configure(). |
|
|
Remove a request from the challenged list. This should be called when a challenge has been met or when the relevant protocol determines that the challenge is not relevant. Definition at line 851 of file ServerState.cc. Referenced by CODEX_KeyService::ResponseCallback::fail(), CODEX_Server::ShareLabelChallengeHandler::handler(), CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), CODEX_KeyService::SignCreateCallback::operator()(), and CODEX_KeyService::ClientReadCallback::operator()(). |
|
||||||||||||
|
Get the RSA private key shares for a particular label.
Definition at line 568 of file ServerState.cc. Referenced by CODEX_APSS::StateInfo::configure(), CODEX_Server::ShareLabelChallengeHandler::handler(), and signatureShares(). |
|
|
Set the label for the default sharing of a secret. The identifier does not need to be passed in explicitly, since the label contains the relevant value.
Definition at line 647 of file ServerState.cc. References EGKeyNum, RSAKeyNum, setEGDefaultLabel(), and setRSADefaultLabel(). Referenced by CODEX_APSS::SecretManagement::addFinishedMsg(). |
|
||||||||||||
|
Set the callback used to retrieve sharings of a secret.
Definition at line 631 of file ServerState.cc. References EGKeyNum, RSAKeyNum, setEGShareCallback(), and setRSAShareCallback(). Referenced by CODEX_APSS::StateInfo::configure(). |
|
||||||||||||
|
The shares of the private key used to generate signatures.
Definition at line 412 of file ServerState.h. References rsaShares(). |
|
||||||||||||
|
Given a set of partial results and the data being operated upon, find a valid threshold result. This is RSA-specific.
Definition at line 730 of file ServerState.cc. References CODEX_Ciphers::RSAPublicKey::encrypt(), rationalizeSharings(), and CODEX_ASN1::BigNumber::value(). Referenced by CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), and CODEX_KeyService::SignCreateCallback::operator()(). |
1.4.1