client_functions.cc

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: client_functions.cc,v 1.3 2005/01/15 03:41:37 mmarsh Exp $
//
// $Log: client_functions.cc,v $
// Revision 1.3  2005/01/15 03:41:37  mmarsh
// Updated to work with more recent versions of g++.
//
// Revision 1.2  2004/05/19 15:56:49  mmarsh
// *** empty log message ***
//
// Revision 1.1  2003/11/06 17:01:02  mmarsh
// Added the implementations for the C wrappers.  This required some changes
// in the prototypes and structures, as well.
//
// The namespace CODEX_Client::Interface was incorrectly defined.  This has
// now been fixed.
//
//

#include "client_functions.h"

using namespace CODEX_Client::Interface;

Interface* Interface::m_instance = 0;

Interface::Interface()
{
}

Interface*
Interface::instance()
{
   if ( 0 == m_instance )
   {
      m_instance = new Interface;
   }
   return m_instance;
}

void
Interface::destroy()
{
   if ( 0 != m_instance )
   {
      delete m_instance;
   }
   m_instance = 0;
}


void
CODEX_Client::Interface::codex_zero_policy( codex_policy_t* policy )
{
   policy->data = 0;
   policy->length = 0;
}

void
CODEX_Client::Interface::codex_zero_credentials(
   codex_credentials_t* credentials )
{
   credentials->data = 0;
   credentials->length = 0;
}

void
CODEX_Client::Interface::codex_zero_binding( codex_binding_t* binding )
{
   binding->data = 0;
   binding->length = 0;
   binding->name = 0;
   binding->namelen = 0;
   binding->owner = 0;
   binding->read_policy = 0;
   binding->write_policy = 0;
   binding->signature = 0;
}


void
CODEX_Client::Interface::codex_clear_policy( codex_policy_t* policy )
{
   if ( 0 != policy->data ) delete [] policy->data;
   codex_zero_policy( policy );
}

void
CODEX_Client::Interface::codex_clear_credentials(
   codex_credentials_t* credentials )
{
   if ( 0 != credentials->data ) delete [] credentials->data;
   codex_zero_credentials( credentials );
}

void
CODEX_Client::Interface::codex_clear_binding( codex_binding_t* binding )
{
   if ( 0 != binding->data ) delete [] binding->data;
   if ( 0 != binding->name ) delete [] binding->name;
   if ( 0 != binding->owner ) X509_free( binding->owner );
   if ( 0 != binding->read_policy )
      codex_free_policy( binding->read_policy );
   if ( 0 != binding->write_policy )
      codex_free_policy( binding->write_policy );
   if ( 0 != binding->signature ) BN_free( binding->signature );
   codex_zero_binding( binding );
}


codex_policy_t*
CODEX_Client::Interface::codex_new_policy()
{
   codex_policy_t* retval = new codex_policy_t;
   codex_zero_policy( retval );
   return retval;
}

codex_credentials_t*
CODEX_Client::Interface::codex_new_credentials()
{
   codex_credentials_t* retval = new codex_credentials_t;
   codex_zero_credentials( retval );
   return retval;
}

codex_binding_t*
CODEX_Client::Interface::codex_new_binding()
{
   codex_binding_t* retval = new codex_binding_t;
   codex_zero_binding( retval );
   return retval;
}


int
CODEX_Client::Interface::codex_parse_binding( codex_binding_t* binding )
{
   if ( 0 == binding )
   {
      return 0;
   }
   if ( 0 == binding->data )
   {
      return 0;
   }
   if ( ( 0 != binding->name         ) ||
        ( 0 != binding->owner        ) ||
        ( 0 != binding->read_policy  ) ||
        ( 0 != binding->write_policy ) ||
        ( 0 != binding->signature    ) )
   {
      return -1;
   }

   try
   {
      CODEX_Client::SignedBoundNameMsg aBinding;
      unsigned char* pBuff = binding->data;
      aBinding.unmarshal( 0, &pBuff, binding->length );

      binding->namelen = aBinding.message().name().value().length();
      binding->name = new unsigned char [binding->namelen];
      memcpy( binding->name,
              aBinding.message().name().value().data(),
              binding->namelen );

      const X509* cert =
         aBinding.message().request().message().owner().value();
      binding->owner = X509_dup( (X509*)cert );

      binding->read_policy->length =
         aBinding.message().request().message().readP().marshal(0);
      binding->read_policy->data =
         new unsigned char[ binding->read_policy->length ];
      pBuff = binding->read_policy->data;
      aBinding.message().request().message().readP().marshal(&pBuff);

      binding->write_policy->length =
         aBinding.message().request().message().writeP().marshal(0);
      binding->write_policy->data =
         new unsigned char[ binding->write_policy->length ];
      pBuff = binding->write_policy->data;
      aBinding.message().request().message().writeP().marshal(&pBuff);

      binding->signature = BN_dup( aBinding.signature().value() );

      return 1;
   }
   catch ( ... )
   {
      // cache the marshalled data
      unsigned char* data = binding->data;
      long length = binding->length;

      // hide it from the utility function
      binding->data = 0;
      binding->length = 0;

      // clear everything else
      codex_clear_binding( binding );

      // restore the marshalled data
      binding->data = data;
      binding->length = length;

      return 0;
   }

   // We should never reach here.
   return 0;
}


void
CODEX_Client::Interface::codex_free_policy( codex_policy_t* policy )
{
   codex_clear_policy( policy );
   delete policy;
}

void
CODEX_Client::Interface::codex_free_credentials(
   codex_credentials_t* credentials )
{
   codex_clear_credentials( credentials );
   delete credentials;
}

void
CODEX_Client::Interface::codex_free_binding( codex_binding_t* binding )
{
   codex_clear_binding( binding );
   delete binding;
}


int
CODEX_Client::Interface::codex_set_server( const char* name, int port )
{
   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      instance->setRemoteServer( name, port );
   }
   catch ( ... )
   {
      return 0;
   }
   return 1;
}

int
CODEX_Client::Interface::codex_set_service_key( const X509* cert )
{
   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      instance->setServiceKey( new CODEX_Ciphers::RSAPublicKey(cert) );
   }
   catch ( ... )
   {
      return 0;
   }
   return 1;
}

int
CODEX_Client::Interface::codex_set_key_pair( const X509* cert, const RSA* key )
{
   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      instance->setKeyPair(
         new CODEX_ASN1::Certificate( X509_dup((X509*)cert) ),
         new CODEX_Ciphers::RSAPrivateKey( BN_dup(key->p),
                                           BN_dup(key->q),
                                           BN_dup(key->d),
                                           BN_dup(key->n) ) );
   }
   catch ( ... )
   {
      return 0;
   }
   return 1;
}

int
CODEX_Client::Interface::codex_create_policy( const RSA* policy_pub_key,
                                              const RSA* owner_priv_key,
                                              codex_policy_t* policy )
{
   if ( 0 == policy )
   {
      return 0;
   }
   codex_clear_policy( policy );

   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   CODEX_Ciphers::Policy* pCCP = 0;
   try
   {
      CODEX_Ciphers::RSAPublicKey aCCPub( BN_dup(policy_pub_key->n),
                                          BN_dup(policy_pub_key->e) );

      CODEX_Ciphers::RSAPrivateKey aCCPriv( BN_dup(owner_priv_key->p),
                                            BN_dup(owner_priv_key->q),
                                            BN_dup(owner_priv_key->d),
                                            BN_dup(owner_priv_key->n) );

      pCCP = instance->createPolicy( aCCPub, aCCPriv );

      policy->length = pCCP->marshal(0);
      policy->data = new unsigned char[policy->length];
      unsigned char* pBuff = policy->data;
      pCCP->marshal(&pBuff);
      delete pCCP; pCCP = 0;
   }
   catch ( ... )
   {
      if ( 0 != pCCP ) delete pCCP;
      codex_clear_policy( policy );
      return 0;
   }
   return 1;
}

int
CODEX_Client::Interface::codex_issue_credentials(
   const RSA* client_pub_key,
   const RSA* policy_priv_key,
   codex_credentials_t* credentials )
{
   if ( 0 == credentials )
   {
      return 0;
   }
   codex_clear_credentials( credentials );

   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   CODEX_Ciphers::Credentials* pCCC = 0;
   try
   {
      CODEX_Ciphers::RSAPublicKey aCCPub( BN_dup(client_pub_key->n),
                                          BN_dup(client_pub_key->e) );

      CODEX_Ciphers::RSAPrivateKey aCCPriv( BN_dup(policy_priv_key->p),
                                            BN_dup(policy_priv_key->q),
                                            BN_dup(policy_priv_key->d),
                                            BN_dup(policy_priv_key->n) );

      pCCC = instance->issueCredentials( aCCPub, aCCPriv );

      credentials->length = pCCC->marshal(0);
      credentials->data = new unsigned char[credentials->length];
      unsigned char* pBuff = credentials->data;
      pCCC->marshal(&pBuff);
      delete pCCC; pCCC = 0;
   }
   catch ( ... )
   {
      if ( 0 != pCCC ) delete pCCC;
      codex_clear_credentials( credentials );
      return 0;
   }
   return 1;
}

int
CODEX_Client::Interface::codex_create_key(
   const unsigned char* name,
   int length,
   const X509* owner_cert,
   const codex_policy_t* read_policy,
   const codex_policy_t* write_policy,
   codex_binding_t* binding )
{
   if ( ( 0 == name         ) ||
        ( 0 == owner_cert   ) ||
        ( 0 == read_policy  ) ||
        ( 0 == write_policy ) ||
        ( 0 == binding      ) )
   {
      return 0;
   }

   // Clear the binding object
   codex_clear_binding( binding );

   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      CODEX_ASN1::ustring aName( name, length );
      CODEX_ASN1::Certificate aCert( X509_dup((X509*)owner_cert) );

      CODEX_Ciphers::Policy aReadP;
      CODEX_Ciphers::Policy aWriteP;

      unsigned char* pBuff = (unsigned char*)(read_policy->data);
      aReadP.unmarshal( 0,
                        &pBuff,
                        read_policy->length );
      pBuff = (unsigned char*)(write_policy->data);
      aWriteP.unmarshal( 0,
                         &pBuff,
                         write_policy->length );

      CODEX_Client::SignedBoundNameMsg aBinding;
      bool retval =
         instance->createKey( aName, aCert, aReadP, aWriteP, aBinding );

      if ( ! retval )
      {
         return 0;
      }

      binding->length = aBinding.marshal(0);
      binding->data = new unsigned char[binding->length];
      pBuff = binding->data;
      aBinding.marshal(&pBuff);
      return retval ? 1 : 0;
   }
   catch ( ... )
   {
      codex_clear_binding( binding );
      return 0;
   }

   // We shouldn't reach here.
   return 0;
}

int
CODEX_Client::Interface::codex_write_key(
   const unsigned char* name,
   int length,
   const BIGNUM* key_value,
   const codex_credentials_t* credentials,
   const RSA* cred_private_key,
   const codex_binding_t* binding )
{
   if ( ( 0 == name             ) ||
        ( 0 == key_value        ) ||
        ( 0 == credentials      ) ||
        ( 0 == cred_private_key ) ||
        ( 0 == binding          ) )
   {
      return 0;
   }

   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      CODEX_ASN1::ustring aName( name, length );

      CODEX_Ciphers::RSAPrivateKey aKey( BN_dup(cred_private_key->p),
                                         BN_dup(cred_private_key->q),
                                         BN_dup(cred_private_key->d),
                                         BN_dup(cred_private_key->n) );

      CODEX_Ciphers::Credentials aCred;
      CODEX_Client::SignedBoundNameMsg aBinding;

      const unsigned char* pBuff = credentials->data;
      aCred.unmarshal( 0,
                       (unsigned char**)(&pBuff),
                       credentials->length );
      pBuff = binding->data;
      aBinding.unmarshal( 0,
                          (unsigned char**)(&pBuff),
                          binding->length );

      bool retval = instance->writeKey( aName,
                                        key_value,
                                        aCred,
                                        aKey,
                                        aBinding );

      return retval ? 1 : 0;
   }
   catch ( ... )
   {
      return 0;
   }

   // We shouldn't reach here.
   return 0;
}

int
CODEX_Client::Interface::codex_read_key(
   const unsigned char* name,
   int length,
   const codex_credentials_t* credentials,
   const RSA* cred_private_key,
   BIGNUM** returned_key_value )
{
   if ( ( 0 == name               ) ||
        ( 0 == credentials        ) ||
        ( 0 == cred_private_key   ) ||
        ( 0 == returned_key_value ) )
   {
      return 0;
   }

   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      CODEX_ASN1::ustring aName( name, length );

      CODEX_Ciphers::RSAPrivateKey aKey( BN_dup(cred_private_key->p),
                                         BN_dup(cred_private_key->q),
                                         BN_dup(cred_private_key->d),
                                         BN_dup(cred_private_key->n) );


      CODEX_Ciphers::Credentials aCred;

      const unsigned char* pBuff = credentials->data;
      aCred.unmarshal( 0,
                       (unsigned char**)(&pBuff),
                       credentials->length );

      bool retval = instance->readKey( aName,
                                       aCred,
                                       aKey,
                                       returned_key_value );

      return retval ? 1 : 0;
   }
   catch ( ... )
   {
      return 0;
   }

   // We shouldn't reach here.
   return 0;
}

int
CODEX_Client::Interface::codex_to_file( const char* fname )
{
   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      instance->toFile( fname );
   }
   catch ( ... )
   {
      return 0;
   }
   return 1;
}

int
CODEX_Client::Interface::codex_from_file( const char* fname )
{
   Interface* instance = Interface::instance();
   if ( 0 == instance )
   {
      return 0;
   }
   try
   {
      instance->fromFile( fname );
   }
   catch ( ... )
   {
      return 0;
   }
   return 1;
}

void
CODEX_Client::Interface::codex_clean_up()
{
   Interface::destroy();
}

---