COrnell Data EXchange (CODEX): split_private

00001 /*
00002  * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
00003  * This software is released under the modified BSD license.
00004  * See the file LICENSE in the top-level directory for details.
00005  */
00006 //
00007 // $Id: split_private_keys.cc,v 1.5 2005/01/21 19:44:16 mmarsh Exp $
00008 //
00009 // $Log: split_private_keys.cc,v $
00010 // Revision 1.5  2005/01/21 19:44:16  mmarsh
00011 // Updated for compatibility with Doxygen 1.4.1
00012 //
00013 // Revision 1.4  2004/05/19 15:56:46  mmarsh
00014 // *** empty log message ***
00015 //
00016 // Revision 1.3  2003/11/06 18:11:51  mmarsh
00017 // Cleaned up doxygen page label and title.
00018 //
00019 // Revision 1.2  2003/11/04 22:07:36  mmarsh
00020 // General code cleanup and reorganization.
00021 //
00022 //
00023 
00066 #include <fstream>
00067 #include <sstream>
00068 #include <openssl/ssl.h>
00069 #include <openssl/conf.h>
00070 #include <unistd.h>
00071 
00072 #include "CODEX_Ciphers/RSA.h"
00073 #include "CODEX_Ciphers/ElGamal.h"
00074 #include "CODEX_Ciphers/SHA1HashFunction.h"
00075 #include "CODEX_VSS/Combinatoric.h"
00076 #include "CODEX_VSS/CombinatoricFeldman.h"
00077 #include "CODEX_Server/ConfigurationExceptions.h"
00078 #include "CODEX_Server/ServerState.h"
00079 #include "CODEX_ThresholdCrypto/ThresholdRSA.h"
00080 #include "CODEX_VSS/ModIntRange.h"
00081 
00082 using namespace CODEX_Server;
00083 
00084 int main( int argc, char** argv )
00085 {
00086    SSLeay_add_ssl_algorithms();
00087 
00088    int arg = 0;
00089    string fname;
00090    string config_section;
00091    string usage_string(
00092       "Usage: split_private_keys -c <config_file> [-s <section>]");
00093    while ( -1 != arg )
00094    {
00095       arg = getopt(argc,argv,"c:s:");
00096       switch(arg)
00097       {
00098          case 'c' :
00099             fname = optarg;
00100             break;
00101          case 's' :
00102             config_section = optarg;
00103             break;
00104          case ':' :
00105          case '?' :
00106             cerr << usage_string << endl;
00107             ::exit(1);
00108       }
00109    }
00110    if ( 0 == fname.size() )
00111    {
00112       cerr << usage_string << endl;
00113       ::exit(1);
00114    }
00115 
00116    try
00117    {
00118       CONF* conf = NCONF_new(NCONF_default());
00119       if ( 0 == NCONF_load(conf,fname.c_str(),0) )
00120       {
00121          throw CODEX_Exceptions::FileCannotOpenException( __FILE__ ,
00122                                                           __LINE__ ,
00123                                                           fname );
00124       }
00125       char* section = (char*) config_section.c_str();
00126 
00127       const unsigned int N = ServerState::nServers;
00128       const unsigned int T = 1 + ServerState::nFaults;
00129 
00130       long dummy;
00131       if ( ! NCONF_get_number_e(conf,section,"nhosts",&dummy) )
00132       {
00133          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00134                                                fname, "nhosts" );
00135       }
00136       unsigned long uDummy = dummy;
00137       if ( N != uDummy )
00138       {
00139          throw BCBadValueException( __FILE__ , __LINE__ , fname , "nhosts" );
00140       }
00141       if ( ! NCONF_get_number_e(conf,section,"nfaults",&dummy) )
00142       {
00143          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00144                                                fname, "nfaults" );
00145       }
00146       if ( (T-1) != dummy )
00147       {
00148          throw BCBadValueException( __FILE__ , __LINE__ , fname, "nfaults" );
00149       }
00150 
00151       const char* privKeyFile =
00152          NCONF_get_string(conf,section,"private_key_file");
00153       if ( 0 == privKeyFile )
00154       {
00155          throw BCBadValueException( __FILE__ , __LINE__ ,
00156                                     fname, "private_key_file" );
00157       }
00158       const char* privKeyPasswd =
00159          NCONF_get_string(conf,section,"private_key_passwd");
00160       CODEX_Ciphers::RSAPrivateKey privKey;
00161       privKey.fromPEMFile( privKeyFile, privKeyPasswd );
00162 
00163       const char* pubEGKeyFile =
00164          NCONF_get_string(conf,section,"public_eg_key_file");
00165       if ( 0 == pubEGKeyFile )
00166       {
00167          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00168                                                fname, "public_eg_key_file" );
00169       }
00170       const char* privEGKeyFile =
00171          NCONF_get_string(conf,section,"private_eg_key_file");
00172       if ( 0 == privEGKeyFile )
00173       {
00174          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00175                                                fname, "private_eg_key_file" );
00176       }
00177       CODEX_Server::SignedAugmentedEGPublicKey pubEGKey;
00178       ifstream is(pubEGKeyFile);
00179       if ( ! is.is_open() )
00180       {
00181          throw CODEX_Exceptions::FileCannotOpenException( __FILE__ ,
00182                                                           __LINE__ ,
00183                                                           pubEGKeyFile );
00184       }
00185       string s;
00186       char ch;
00187       while ( is.get(ch) )
00188       {
00189          s.push_back(ch);
00190       }
00191       //basic_string<unsigned char> s;
00192       //is >> s;
00193       unsigned int length = s.length();
00194       //unsigned char* p = (unsigned char*)s.data();
00195       unsigned char* p = new unsigned char[length];
00196       unsigned char* pOrig = p;
00197       for ( unsigned int i = 0 ; i < length ; ++i )
00198       {
00199          p[i] = s.data()[i];
00200       }
00201       if ( 0 == pubEGKey.unmarshal(0,&p,length) )
00202       {
00203          delete [] pOrig;
00204          throw PublicKeyNotFoundException( __FILE__ , __LINE__ );
00205       }
00206       delete [] pOrig;
00207       CODEX_Ciphers::ElGamalPrivateKey privEGKey;
00208       privEGKey.fromFile( privEGKeyFile );
00209 
00210       typedef CODEX_VSS::Combinatoric< N , T >                ShareType;
00211       typedef CODEX_VSS::ShareSet< ShareType >                SetType;
00212       typedef CODEX_ThresholdCrypto::ThresholdRSARange        RSARangeType;
00213       typedef CODEX_VSS::ModIntRange                          EGRangeType;
00214       typedef CODEX_VSS::ShareSplitting< ShareType >          SplitType;
00215       typedef CODEX_VSS::ModExpFunctional                     OneWay;
00216       typedef CODEX_VSS::ShareLabel< ShareType , OneWay >     LabelType;
00217       typedef CODEX_VSS::LabeledShare< ShareType , OneWay >   LSType;
00218       typedef CODEX_VSS::SecretWitness< ShareType , OneWay >  WitnessType;
00219       typedef LabelType::VType::ValueType                     ValueType;
00220 
00221       // Use a trick -- Integer and BigNumber use the same ASN.1 representation
00222       long gen;
00223       if ( ! NCONF_get_number_e(conf,section,"rsa_generator",&gen ) )
00224       {
00225          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00226                                                fname, "rsa_generator" );
00227       }
00228       if ( gen < 3 ) // minimal value
00229       {
00230          throw BCBadValueException( __FILE__ , __LINE__ ,
00231                                     fname , "rsa_generator" );
00232       }
00233       CODEX_ASN1::Integer generator(gen);
00234       CODEX_ASN1::BigNumber bigGenerator( generator.asn1() );
00235 
00236       const char* output_dir =
00237          NCONF_get_string(conf,section,"output_directory");
00238       if ( 0 == output_dir )
00239       {
00240          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00241                                                fname, "output_directory" );
00242       }
00243 
00244       SetType   rsaShareSet;
00245       RSARangeType rsaRange( privKey.n().value(), ShareType::NumShares );
00246       SplitType::split( privKey.d().value(), rsaShareSet, rsaRange );
00247       OneWay::CtorArgs rsaArgs( bigGenerator, privKey.n() );
00248       OneWay rsaOneWay( rsaArgs );
00249       LabelType rsaLabel(ServerState::RSAKeyNum,0,0,rsaShareSet,rsaOneWay);
00250       ValueType vcrsa;
00251       rsaOneWay( privKey.d(), vcrsa );
00252       WitnessType rsaWitness( vcrsa, rsaArgs );
00253       ostringstream rwstr;
00254       rwstr << output_dir << "/rsa.witness\0";
00255       rsaWitness.toFile( rwstr.str().c_str() );
00256 
00257       SetType   egShareSet;
00258       EGRangeType egRange( pubEGKey.key().key().q() );
00259       SplitType::split(  privEGKey.x().value(), egShareSet, egRange );
00260       OneWay::CtorArgs egArgs( pubEGKey.key().key().g(),
00261                                pubEGKey.key().key().p() );
00262       OneWay egOneWay( egArgs );
00263       LabelType egLabel(ServerState::EGKeyNum,0,0,egShareSet,egOneWay);
00264       ValueType vceg;
00265       egOneWay( privEGKey.x(), vceg );
00266       WitnessType egWitness( vceg, egArgs );
00267       ostringstream ewstr;
00268       ewstr << output_dir << "/elgamal.witness\0";
00269       egWitness.toFile( ewstr.str().c_str() );
00270 
00271       for ( unsigned int i = 0 ; i < N ; ++i )
00272       {
00273          ShareType rsaShare( rsaShareSet, i );
00274          LSType labeledRSA( rsaShare, rsaLabel );
00275          ostringstream rstr;
00276          rstr << output_dir << "/rsa." << i << ".shares" << '\0';
00277          labeledRSA.toFile( rstr.str().c_str() );
00278 
00279          ShareType egShare( egShareSet, i );
00280          LSType labeledEG( egShare, egLabel );
00281          ostringstream estr;
00282          estr << output_dir << "/elgamal." << i << ".shares" << '\0';
00283          labeledEG.toFile( estr.str().c_str() );
00284       }
00285    }
00286    catch ( CODEX_Exceptions::ExceptionBase& e )
00287    {
00288       e.report();
00289       return 1;
00290    }
00291 
00292    return 0;
00293 }