---

ClientResponseSigner.cc

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: ClientResponseSigner.cc,v 1.3 2004/05/19 15:56:51 mmarsh Exp $
//
// $Log: ClientResponseSigner.cc,v $
// Revision 1.3  2004/05/19 15:56:51  mmarsh
// *** empty log message ***
//
// Revision 1.2  2003/11/04 22:31:49  mmarsh
// *** empty log message ***
//
//

#include "ClientResponseSigner.h"
#include "CODEX_Server/ServerResponseEvent.h"
#include "CODEX_Server/ServerState.h"
#include "StateInfo.h"
#include "ClientDelegation.h"

#include "CODEX_Server/ServerExceptions.h"

using namespace CODEX_KeyService;

ClientResponseSigner::ClientResponseSigner(
   CODEX_Events::DeadPileType& deadPile,
   CODEX_Events::QType& eventQueue,
   CODEX_Server::ServerResponseHandler* destination ):
   CODEX_Events::Activity( deadPile, eventQueue ),
   m_destination( destination )
{
}

ClientResponseSigner::~ClientResponseSigner()
{
}

/*
bool
ClientResponseSigner::handler( CODEX_Events::CloseEvent& event )
{
   // just acknowledge
   sendEvent( 0, event.source() );
   return true;
}
*/

bool
ClientResponseSigner::handler(
   SupportedClientResponseEvent< BoundNameMsg, SignedCreateKeyMsg >& event )
{
   return process( event.message().response(),
                   event.message().label(),
                   event.source(),
                   event );
}

bool
ClientResponseSigner::handler(
   SupportedClientResponseEvent< KeyStoredMsg, SignedWriteKeyMsg >& event )
{
   // This has to do something different, since it's not doing a threshold
   // signature at this point.

   const CODEX_Client::Message& message =
      event.message().response();
   CODEX_Events::Activity* source =
      event.source();
   const CODEX_Server::RoutingInfo& routingInfo =
      event;

#ifdef TIMING
   ActiveTimer.start();
#endif
   unsigned char* server = new unsigned char[CODEX_Server::ServerState::nSID];
   if ( NULL == server )
   {
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }

   StateInfo* stateInfo = StateInfo::instance();
   if ( NULL == stateInfo )
   {
      sendEvent( 0, source, true ); // NACK
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
      
   CODEX_Server::ServerState* serverState =
      CODEX_Server::ServerState::instance();
   if ( NULL == serverState )
   {
      sendEvent( 0, source, true ); // NACK
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
   try
   {
      memcpy( server, routingInfo.server(), CODEX_Server::ServerState::nSID );
      // Make sure the "outgoing" mask isn't set.
      server[0] &= ~(CODEX_Server::ServerState::OutgoingMask);
      unsigned int serverNum = server[0];

      CODEX_Quorum::Message m;

      // Fill message headers.
      m.fill( server, CODEX_Server::ServerState::nSID );
      delete [] server;
      m.fill( routingInfo.seqNum(), CODEX_Server::ServerState::nMID );
      m.fill( stateInfo->delegationDomain() );
      m.fill( ClientDelegation::kAcceptKeyVerification );

      // Sign the request.
      BIGNUM * digest = message.digest( serverState->hashFunc() );
      const CODEX_Ciphers::RSAPrivateKey& key = serverState->privateKey();
      CODEX_Ciphers::RSASignature* signature = key.sign( digest );
      BN_free(digest);
      if ( 0 == signature )
      {
         sendEvent( 0, source, true ); // NACK
#ifdef TIMING
         ActiveTimer.stop();
#endif
         return true;
      }
      int length = signature->marshal(0);
      unsigned char* buffer = new unsigned char[length];
      unsigned char* pBuffer = buffer;
      signature->marshal(&pBuffer);
      m.fill( buffer, length );
      delete [] buffer;
      delete signature;

      sendEvent( new CODEX_Server::ServerResponseEvent(
         this, m_destination, m, serverNum ),
                 source );
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
   catch ( ... )
   {
#ifdef TIMING
      ActiveTimer.stop();
#endif
      throw;
   }
}

bool
ClientResponseSigner::handler( SupportedKeyStoredEvent& event )
{
   return process( event.message().response(),
                   event.message().label(),
                   event.source(),
                   event );
}

bool
ClientResponseSigner::handler(
   SupportedClientResponseEvent< VerifiableBlindKeyMsg, SignedReadKeyMsg >&
   event )
{
   return process( event.message().response().upcast(),
                   event.message().label(),
                   event.source(),
                   event );
}

bool
ClientResponseSigner::process(
   const CODEX_Client::Message& message,
   const CODEX_Server::ServerState::LSType::LabelType& label,
   CODEX_Events::Activity* source,
   const CODEX_Server::RoutingInfo& routingInfo )
{
#ifdef TIMING
   ActiveTimer.start();
#endif
   unsigned char* server = new unsigned char[CODEX_Server::ServerState::nSID];
   if ( NULL == server )
   {
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return false;
   }

   StateInfo* stateInfo = StateInfo::instance();
   if ( NULL == stateInfo )
   {
      sendEvent( 0, source, true ); // NACK
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
      
   CODEX_Server::ServerState* serverState =
      CODEX_Server::ServerState::instance();
   if ( NULL == serverState )
   {
      sendEvent( 0, source, true ); // NACK
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
   try
   {
      memcpy( server, routingInfo.server(), CODEX_Server::ServerState::nSID );
      // Make sure the "outgoing" mask isn't set.
      server[0] &= ~(CODEX_Server::ServerState::OutgoingMask);
      unsigned int serverNum = server[0];

      const CODEX_Server::ServerState::LSType& keyShares =
         serverState->signatureShares( label, serverNum );

      CODEX_Quorum::Message m;

      // Fill message headers.
      m.fill( server, CODEX_Server::ServerState::nSID );
      delete [] server;
      m.fill( routingInfo.seqNum(), CODEX_Server::ServerState::nMID );
      m.fill( stateInfo->delegationDomain() );
      m.fill( ClientDelegation::kAcceptSignatureRequest );

      // Sign the request.
      BIGNUM * digest = message.digest( serverState->hashFunc() );
      const CODEX_Server::ServerState::ThresholdSignatureType&
         thresholdSignature = serverState->thresholdSignature();
      CODEX_Server::ServerState::ShareType signatures;
      thresholdSignature.sign( keyShares.share(), digest, signatures );
      BN_free(digest);
      if ( ! signatures.initialized() )
      {
         sendEvent( 0, source, true ); // NACK
#ifdef TIMING
         ActiveTimer.stop();
#endif
         return true;
      }
      int length = signatures.marshal(0);
      unsigned char* buffer = new unsigned char[length];
      unsigned char* pBuffer = buffer;
      signatures.marshal(&pBuffer);
      m.fill( buffer, length );
      delete [] buffer;

      sendEvent( new CODEX_Server::ServerResponseEvent(
         this, m_destination, m, serverNum ),
                 source );
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
   catch ( CODEX_Server::InvalidLabelException& e )
   {
      CODEX_Quorum::Message m;
      memcpy( server, routingInfo.server(), CODEX_Server::ServerState::nSID );
      // Make sure the "outgoing" mask isn't set.
      server[0] &= ~(CODEX_Server::ServerState::OutgoingMask);
      int serverNum = server[0];

      // Fill message headers.
      m.fill( server, CODEX_Server::ServerState::nSID );
      delete [] server;
      m.fill( routingInfo.seqNum(), CODEX_Server::ServerState::nMID );
      m.fill( stateInfo->delegationDomain() );
      m.fill( ClientDelegation::kBadShareLabel );
      const CODEX_Server::ServerState::LSType::LabelType& label =
         serverState->defaultSignatureLabel();
      int length = label.marshal(0);
      unsigned char* buffer = new unsigned char[length];
      unsigned char* pBuffer = buffer;
      label.marshal(&pBuffer);
      m.fill( buffer, length );
      delete [] buffer;

      sendEvent( new CODEX_Server::ServerResponseEvent(
         this, m_destination, m, serverNum ),
                 source );
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
   catch ( CODEX_Server::KeySharesNotFoundException& )
   {
      sendEvent( 0, source, true ); // NACK
#ifdef TIMING
      ActiveTimer.stop();
#endif
      return true;
   }
   catch ( ... )
   {
#ifdef TIMING
      ActiveTimer.stop();
#endif
      throw;
   }
}

---