---

Client.cc

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: Client.cc,v 1.5 2004/05/19 15:56:48 mmarsh Exp $
//
// $Log: Client.cc,v $
// Revision 1.5  2004/05/19 15:56:48  mmarsh
// *** empty log message ***
//
// Revision 1.4  2003/11/06 16:58:39  mmarsh
// Most of the inputs for CODEX operations were not being tested.  Now
// all of them are.
//
// Revision 1.3  2003/11/04 22:09:57  mmarsh
// The signed ElGamal public key for the service was moved into CODEX_Server.
//
//

#include <fstream>

#include "CODEX_Quorum/Message.h"
#include "CODEX_Quorum/Socket.h"
#include "CODEX_Exceptions/BignumExceptions.h"
#include "CODEX_Exceptions/FileExceptions.h"
#include "CODEX_ASN1/Integer.h"

#include "Client.h"

using namespace CODEX_Client;

Client::Client() :
   m_server( 0 ),
   m_certificate( 0 ),
   m_privateKey( 0 ),
   m_serviceKey( 0 ),
   m_serviceEGKey( 0 ),
   m_serviceH( 0 ),
   m_publicEGKey( 0 ),
   m_privateEGKey( 0 )
{
}

Client::~Client()
{
   if ( 0 != m_server       ) delete m_server;
   if ( 0 != m_certificate  ) delete m_certificate;
   if ( 0 != m_privateKey   ) delete m_privateKey;
   if ( 0 != m_serviceKey   ) delete m_serviceKey;
   if ( 0 != m_serviceEGKey ) delete m_serviceEGKey;
   if ( 0 != m_serviceH     ) delete m_serviceH;
   if ( 0 != m_publicEGKey  ) delete m_publicEGKey;
   if ( 0 != m_privateEGKey ) delete m_privateEGKey;
}

void
Client::setRemoteServer( const string& name, int port )
{
   // We'll assume that the caller knows what he's doing and delete any
   // existing remote server.  This does NOT affect the service information
   // held.
   if ( 0 != m_server ) delete m_server;
   try
   {
      m_server = new
         CODEX_Quorum::AsynchronousRemoteServer( name, port, m_socketBuilder );
   }
   catch ( ... )
   {
      m_server = 0;
   }
}

void
Client::setServiceKey( CODEX_Ciphers::RSAPublicKey* key )
{
   m_serviceKey = key;
}

void
Client::setKeyPair( CODEX_ASN1::Certificate* cert,
                    CODEX_Ciphers::RSAPrivateKey* key )
{
   m_certificate = cert;
   m_privateKey = key;
}

CODEX_Ciphers::Policy*
Client::createPolicy( const CODEX_Ciphers::RSAPublicKey& policyPubKey,
                      const CODEX_Ciphers::RSAPrivateKey& ownerPrivKey )
{
   try
   {
//      CODEX_Ciphers::Policy* p = new CODEX_Ciphers::Policy( policyPubKey,
//                                                            ownerPrivKey,
//                                                            m_hashFunc );
      CODEX_Ciphers::Policy* p = new CODEX_Ciphers::Policy;
      p->unmarshal(0,0,0); // trick the object into thinking it's initialized
      return p;
   }
   catch ( ... )
   {
      return 0;
   }
}

CODEX_Ciphers::Credentials*
Client::issueCredentials( const CODEX_Ciphers::RSAPublicKey& clientPubKey,
                          const CODEX_Ciphers::RSAPrivateKey& policyPrivKey )
{
   try
   {
      CODEX_Ciphers::Credentials* c =
         new CODEX_Ciphers::Credentials( clientPubKey );
      return c;
   }
   catch ( ... )
   {
      return 0;
   }
}

bool
Client::createKey( const CODEX_ASN1::ustring& name,
                   const CODEX_ASN1::Certificate& owner_cert,
                   const CODEX_Ciphers::Policy& readPolicy,
                   const CODEX_Ciphers::Policy& writePolicy,
                   SignedBoundNameMsg& binding )
{
   if ( 0 == m_server )
   {
      return false;
   }
   if ( 0 == m_privateKey )
   {
      return false;
   }
   if ( ! owner_cert.initialized() )
   {
      return false;
   }
   if ( ! readPolicy.initialized() )
   {
      return false;
   }
   if ( ! writePolicy.initialized() )
   {
      return false;
   }
   try
   {
      CreateKeyMsg ckMsg( name,
                          owner_cert,
                          readPolicy,
                          writePolicy );
      BIGNUM * digest = ckMsg.digest( m_hashFunc );
      CODEX_Ciphers::RSASignature* signature = m_privateKey->sign( digest );
      BN_free( digest );
      SignedCreateKeyMsg signedCKMsg( ckMsg, *signature );

      CODEX_Quorum::Message response;
      if ( ! contactServer( signedCKMsg,
                            kCreateKeyMsg | SignatureMask,
                            response ) )
      {
         throw 0;
      }

      // Check the response's message type.
      const unsigned char* data = response.buffer();
      int length = response.length();
      if ( (kBoundNameMsg|SignatureMask) != data[0] )
      {
         throw 1;
      }

      // Unmarshal the data.
      unsigned char* pBuff = (unsigned char*) data + 1;
      if ( 0 == binding.unmarshal( 0, &pBuff, length-1 ) )
      {
         throw 2;
      }

      // Check the key name of the response.
      if ( ckMsg.name().value() != binding.message().name().value() )
      {
         throw 3;
      }

      // Check the client signature in the response.
      if ( 0 != BN_cmp( binding.message().request().signature().value(),
                        signedCKMsg.signature().value() ) )
      {
         throw 4;
      }

      // Check the service's signature on the response.
      digest = binding.message().digest( m_hashFunc );
      if ( ! m_serviceKey->verifySignature( binding.signature(), digest ) )
      {
         throw 5;
      }
      BN_free(digest);
      digest = 0;

      return true;
   }
   catch ( ... )
   {
      return false;
   }
}

bool
Client::writeKey( const CODEX_ASN1::ustring& name,
                  const BIGNUM* keyValue,
                  const CODEX_Ciphers::Credentials& credentials,
                  const CODEX_Ciphers::RSAPrivateKey& privKey,
                  const SignedBoundNameMsg& binding )
{
   if ( 0 == m_server )
   {
      return false;
   }
   if ( 0 == keyValue )
   {
      return false;
   }
   if ( ! credentials.initialized() )
   {
      return false;
   }
   if ( ! privKey.initialized() )
   {
      return false;
   }
   if ( ! binding.initialized() )
   {
      return false;
   }

#ifdef ELGAMAL
   if ( 0 == m_serviceEGKey )
   {
      if ( ! getServiceKey() )
      {
         return false;
      }
   }
#endif

   if ( (0 == m_serviceKey ) )
   {
      return false;
   }

   // Now we're ready to actually compose the message.
   //CODEX_Ciphers::ElGamalCipherText* clientEnc = 0;
   //CODEX_Ciphers::ElGamalCipherText* serviceEnc = 0;
   //BIGNUM * k = 0;
   RequestCipherTextType* encryption = 0;
   BIGNUM * digest = 0;
   BIGNUM * r = 0;
   try
   {
#ifndef ELGAMAL
      CODEX_Ciphers::VarRSAPublicKey encKey( *m_serviceKey );
      r = BN_new();
      if ( 0 == r )
      {
         throw CODEX_Exceptions::BignumNullException( __FILE__ , __LINE__ );
      }
      encryption = encKey.encrypt( keyValue, m_hashFunc, r );

      CODEX_Ciphers::RSAPlaintextPK proof( r,
                                           *m_serviceKey,
                                           credentials,
                                           m_hashFunc );
      r = 0;
#else
      encryption =
         m_serviceEGKey->encryptS( keyValue, credentials, m_hashFunc );
#endif

      WriteKeyMsg wkMsg( name,
                         *encryption,
#ifndef ELGAMAL
                         proof,
#endif
                         credentials,
                         binding );

      digest = wkMsg.digest( m_hashFunc );
      CODEX_Ciphers::RSASignature* signature = privKey.sign( digest );
      BN_free( digest );
      digest = 0;
      SignedWriteKeyMsg signedWKMsg( wkMsg, *signature );
      delete signature;

      CODEX_Quorum::Message response;
      if ( ! contactServer( signedWKMsg,
                            kWriteKeyMsg | SignatureMask,
                            response ) )
      {
         throw 0;
      }

      // Check the response's message type.
      const unsigned char* data = response.buffer();
      int length = response.length();
      if ( (kKeyStoredMsg|SignatureMask) != data[0] )
      {
         throw 1;
      }

      // Unmarshal the data.
      SignedKeyStoredMsg sksMsg;
      unsigned char* pBuff = (unsigned char*) data + 1;
      if ( 0 == sksMsg.unmarshal( 0, &pBuff, length-1 ) )
      {
         throw 2;
      }

      // Check the key name of the response.
      if ( wkMsg.name().value() != sksMsg.message().name().value() )
      {
         throw 3;
      }

      // Check the client signature in the response.
      if ( 0 != BN_cmp( sksMsg.message().requestSignature().value(),
                        signedWKMsg.signature().value() ) )
      {
         throw 4;
      }

      // Check the service's signature on the response.
      digest = sksMsg.message().digest( m_hashFunc );
      if ( ! m_serviceKey->verifySignature( sksMsg.signature(), digest ) )
      {
         throw 5;
      }
      BN_free(digest);
      digest = 0;

      //if ( 0 != clientEnc ) delete clientEnc;
      //if ( 0 != serviceEnc ) delete serviceEnc;
      //if ( 0 != k ) BN_clear_free(k);
      if ( 0 != encryption ) delete encryption;
      if ( 0 != digest ) BN_free(digest);
      return true;
   }
   catch ( ... )
   {
      //if ( 0 != clientEnc ) delete clientEnc;
      //if ( 0 != serviceEnc ) delete serviceEnc;
      //if ( 0 != k ) BN_clear_free(k);
      if ( 0 != encryption ) delete encryption;
      if ( 0 != digest ) BN_free(digest);
      if ( 0 != r ) BN_clear_free( r );
      return false;
   }
}

bool
Client::readKey( const CODEX_ASN1::ustring& name,
                 const CODEX_Ciphers::Credentials& credentials,
                 const CODEX_Ciphers::RSAPrivateKey& privKey,
                 BIGNUM ** returnedKeyValue )
{
   if ( ! credentials.initialized() )
   {
      return false;
   }
   if ( ! privKey.initialized() )
   {
      return false;
   }
   if ( 0 == returnedKeyValue )
   {
      return false;
   }
   *returnedKeyValue = 0;

   if ( 0 == m_server )
   {
      return false;
   }

#ifdef ELGAMAL
   if ( 0 == m_serviceEGKey )
   {
      if ( ! getServiceKey() )
      {
         return false;
      }
   }
#endif

   BIGNUM * digest = 0;
   BIGNUM * b = 0;
   BlindingCipherTextType* blindingFactor = 0;
   BN_CTX * ctx = 0;
   try
   {
      b = BN_new();
      if ( 0 == b )
      {
         throw CODEX_Exceptions::BignumNullException( __FILE__ , __LINE__ );
      }
#ifndef ELGAMAL
      const CODEX_ASN1::BigNumber& nbn = m_serviceKey->n();
      const BIGNUM * n = m_serviceKey->n().value();
      BIGNUM * bMax = (BIGNUM*) n;
#else
      const BIGNUM * n = m_serviceEGKey->p().value();
      BIGNUM * bMax = (BIGNUM*) m_serviceEGKey->q();
#endif
      do
      {
         if ( ! BN_rand_range( b, bMax ) )
         {
            throw CODEX_Exceptions::BignumRandRangeException( __FILE__ ,
                                                              __LINE__ );
         }
      } while ( 0 >= BN_cmp( b, BN_value_one() ) );

#ifndef ELGAMAL
      blindingFactor = m_serviceKey->encrypt( b );

      CODEX_Ciphers::RSAPlaintextPK proof( BN_dup(b),
                                           *m_serviceKey,
                                           credentials,
                                           m_hashFunc );
#else
      blindingFactor =
         m_serviceEGKey->encryptS( b, credentials, m_hashFunc );
#endif

      ReadKeyMsg rkMsg( name,
                        *blindingFactor,
#ifndef ELGAMAL
                        proof,
#endif
                        credentials );

      digest = rkMsg.digest( m_hashFunc );
      CODEX_Ciphers::RSASignature* signature = privKey.sign( digest );
      BN_free( digest );
      digest = 0;
      SignedReadKeyMsg signedRKMsg( rkMsg, *signature );
      delete signature;

      CODEX_Quorum::Message response;
      if ( ! contactServer( signedRKMsg,
                            kReadKeyMsg | SignatureMask,
                            response ) )
      {
         throw 0;
      }

      // Check the response's message type.
      const unsigned char* data = response.buffer();
      int length = response.length();
      if ( (kBlindKeyMsg|SignatureMask) != data[0] )
      {
         throw 1;
      }

      // Unmarshal the data.
      SignedBlindKeyMsg sbkMsg;
      unsigned char* pBuff = (unsigned char*) data + 1;
      if ( 0 == sbkMsg.unmarshal( 0, &pBuff, length-1 ) )
      {
         throw 2;
      }

      // Check the key name of the response.
      if ( rkMsg.name().value() != sbkMsg.message().name().value() )
      {
         throw 3;
      }

      // Check the client signature in the response.
      if ( 0 != BN_cmp( sbkMsg.message().requestSignature().value(),
                        signedRKMsg.signature().value() ) )
      {
         throw 4;
      }

      // Check the service's signature on the response.
      digest = sbkMsg.message().digest( m_hashFunc );
      if ( ! m_serviceKey->verifySignature( sbkMsg.signature(), digest ) )
      {
         throw 5;
      }
      BN_free(digest);
      digest = 0;

#ifdef ELGAMAL
      *returnedKeyValue = BN_dup( sbkMsg.message().blindedKey().value() );
      if ( 0 == *returnedKeyValue )
      {
         throw CODEX_Exceptions::BignumNullException( __FILE__ , __LINE__ );
      }
      ctx = BN_CTX_new();
      if ( 0 == ctx )
      {
         throw CODEX_Exceptions::BignumContextException( __FILE__ , __LINE__ );
      }
      if ( ! BN_mod_inverse( b, b, n, ctx ) )
      {
         throw CODEX_Exceptions::BignumModInverseException( __FILE__ ,
                                                            __LINE__ );
      }
      if ( ! BN_mod_mul( *returnedKeyValue, *returnedKeyValue, b, n, ctx ) )
      {
         throw CODEX_Exceptions::BignumModMulException( __FILE__ , __LINE__ );
      }
      if ( BN_cmp( *returnedKeyValue, bMax ) >= 0 )
      {
         if ( ! BN_sub( *returnedKeyValue, n, *returnedKeyValue ) )
         {
            throw CODEX_Exceptions::BignumSubException( __FILE__ , __LINE__ );
         }
      }
#else
      *returnedKeyValue =
         sbkMsg.message().blindedKey().unblind( b, nbn, m_hashFunc );
#endif      
      BN_CTX_free(ctx);
      ctx = 0;

      BN_clear_free(b);
      delete blindingFactor;
      return true;
   }
   catch ( ... )
   {
      if ( 0 != digest ) BN_free(digest);
      if ( 0 != b ) BN_clear_free(b);
      if ( 0 != blindingFactor ) delete blindingFactor;
      if ( 0 != *returnedKeyValue ) BN_clear_free( *returnedKeyValue );
      *returnedKeyValue = 0;
      if ( 0 != ctx ) BN_CTX_free(ctx);
      return false;
   }
}

bool
Client::getServiceKey()
{
   if ( 0 == m_server )
   {
      return false;
   }
   if ( 0 == m_serviceKey )
   {
      return false;
   }

   BIGNUM * digest = 0;
   try
   {
      RequestKeyMsg rkMsg;

      CODEX_Quorum::Message response;
      if ( ! contactServer( rkMsg,
                            kRequestKeyMsg,
                            response ) )
      {
         return false;
      }

      int length = response.length();
      const unsigned char* data = response.buffer();

      // Does the response match the request?
      if ( (kPublicKeyMsg|SignatureMask) != data[0] )
      {
         return false;
      }

      SignedPublicKeyMsg spkMsg;
      unsigned char* p = (unsigned char*) data + 1;
      if ( 0 == spkMsg.unmarshal( 0, &p, length-1 ) )
      {
         return false;
      }
      digest = spkMsg.key().digest( m_hashFunc );
      // Is the service's signature valid?
      if ( ! m_serviceKey->verifySignature( spkMsg.signature(), digest ) )
      {
         BN_free(digest);
         return false;
      }
      BN_free(digest);
      digest = 0;

      m_serviceEGKey =
         new CODEX_Ciphers::ElGamalPublicKey( spkMsg.key().key() );
      m_serviceH = new CODEX_ASN1::BigNumber( spkMsg.key().h() );

      return true;
   }
   catch ( ... )
   {
      if ( 0 != digest ) BN_free(digest);
      return false;
   }
}

bool
Client::contactServer( const Message& message,
                       unsigned char mtype,
                       CODEX_Quorum::Message& response )
{
   int length = message.marshal(0) + 1;
   unsigned char* buff = new unsigned char[length];
   cout << "length of message: " << length << endl;
   buff[0] = mtype;
   unsigned char* pBuff = buff+1;
   message.marshal(&pBuff);
   CODEX_Quorum::Message msg( buff, length );
   delete [] buff;

   // Block waiting for the response.
   CODEX_Quorum::RemoteServerReturn sRet;
   try
   {
      m_server->sendTo( msg, sRet );
      m_server->flushSocket(); // blocking write
   }
   catch ( CODEX_Quorum::QSExceptionBase& e )
   {
      e.report();
      return false;
   }
   catch ( ... )
   {
      return false;
   }
   if ( CODEX_Quorum::RemoteServerReturn::kSuccess != sRet.returnCode() )
   {
      return false;
   }
   sRet.reset();
   try
   {
      length = 0;
      do
      {
         length = m_server->receiveFrom( response, sRet, length );
      } while ( length > 0 );
   }
   catch ( CODEX_Quorum::QSExceptionBase& e )
   {
      e.report();
      return false;
   }
   catch ( ... )
   {
      return false;
   }

   return true;
}

void
Client::toFile( const char* fname ) const
{
   CODEX_ASN1::Integer haveCert( ( 0 != m_certificate ) ? 1 : 0 );
   CODEX_ASN1::Integer havePrivKey( ( 0 != m_privateKey ) ? 1 : 0 );
   CODEX_ASN1::Integer haveServKey( ( 0 != m_serviceKey ) ? 1 : 0 );
   CODEX_ASN1::Integer haveServEGKey( ( 0 != m_serviceEGKey ) ? 1 : 0 );
   CODEX_ASN1::Integer haveServH( ( 0 != m_serviceH ) ? 1 : 0 );
   CODEX_ASN1::Integer havePubEGKey( ( 0 != m_publicEGKey ) ? 1 : 0 );
   CODEX_ASN1::Integer havePrivEGKey( ( 0 != m_privateEGKey ) ? 1 : 0 );
   int length = 0;
   length += haveCert.marshal(0);
   length += havePrivKey.marshal(0);
   length += haveServKey.marshal(0);
   length += haveServEGKey.marshal(0);
   length += haveServH.marshal(0);
   length += havePubEGKey.marshal(0);
   length += havePrivEGKey.marshal(0);
   if ( haveCert.value() )
   {
      length += m_certificate->marshal(0);
   }
   if ( havePrivKey.value() )
   {
      length += m_privateKey->marshal(0);
   }
   if ( haveServKey.value() )
   {
      length += m_serviceKey->marshal(0);
   }
   if ( haveServEGKey.value() )
   {
      length += m_serviceEGKey->marshal(0);
   }
   if ( haveServH.value() )
   {
      length += m_serviceH->marshal(0);
   }
   if ( havePubEGKey.value() )
   {
      length += m_publicEGKey->marshal(0);
   }
   if ( havePrivEGKey.value() )
   {
      length += m_privateEGKey->marshal(0);
   }
   unsigned char* buff = new unsigned char[length];
   unsigned char* p = buff;
   haveCert.marshal(&p);
   havePrivKey.marshal(&p);
   haveServKey.marshal(&p);
   haveServEGKey.marshal(&p);
   haveServH.marshal(&p);
   havePubEGKey.marshal(&p);
   havePrivEGKey.marshal(&p);
   if ( haveCert.value() )
   {
      m_certificate->marshal(&p);
   }
   if ( havePrivKey.value() )
   {
      m_privateKey->marshal(&p);
   }
   if ( haveServKey.value() )
   {
      m_serviceKey->marshal(&p);
   }
   if ( haveServEGKey.value() )
   {
      m_serviceEGKey->marshal(&p);
   }
   if ( haveServH.value() )
   {
      m_serviceH->marshal(&p);
   }
   if ( havePubEGKey.value() )
   {
      m_publicEGKey->marshal(&p);
   }
   if ( havePrivEGKey.value() )
   {
      m_privateEGKey->marshal(&p);
   }

   ofstream os(fname);
   if ( ! os.is_open() )
   {
      delete [] buff;
      throw CODEX_Exceptions::FileCannotCreateException( __FILE__ ,
                                                         __LINE__ ,
                                                         fname );
   }
   for ( int i = 0 ; i < length ; ++i )
   {
      os << buff[i];
   }
   os.close();
   delete [] buff;
}

void*
Client::fromFile( const char* fname )
{
   ifstream is(fname);
   if ( ! is.is_open() )
   {
      throw CODEX_Exceptions::FileCannotOpenException( __FILE__ ,
                                                       __LINE__ ,
                                                       fname );
   }
   string s;
   char ch;
   while ( is.get(ch) )
   {
      s.push_back(ch);
   }
   //basic_string<unsigned char> s;
   //is >> s;
   is.close();
   unsigned int length = s.length();
   unsigned char* p = new unsigned char[ length ];
   unsigned char* pOrig = p;
   //unsigned char* p = (unsigned char*)s.data();
   for ( unsigned int i = 0 ; i < length ; ++i )
   {
      p[i] = s.data()[i];
   }
   CODEX_ASN1::Integer haveCert;
   CODEX_ASN1::Integer havePrivKey;
   CODEX_ASN1::Integer haveServKey;
   CODEX_ASN1::Integer haveServEGKey;
   CODEX_ASN1::Integer haveServH;
   CODEX_ASN1::Integer havePubEGKey;
   CODEX_ASN1::Integer havePrivEGKey;
   haveCert.unmarshal(0,&p,length);
   havePrivKey.unmarshal(0,&p,length);
   haveServKey.unmarshal(0,&p,length);
   haveServEGKey.unmarshal(0,&p,length);
   haveServH.unmarshal(0,&p,length);
   havePubEGKey.unmarshal(0,&p,length);
   havePrivEGKey.unmarshal(0,&p,length);
   if ( haveCert.value() )
   {
      if ( 0 != m_certificate ) delete m_certificate;
      m_certificate = new CODEX_ASN1::Certificate;
      m_certificate->unmarshal(0,&p,length);
   }
   if ( havePrivKey.value() )
   {
      if ( 0 != m_privateKey ) delete m_privateKey;
      m_privateKey = new CODEX_Ciphers::RSAPrivateKey;
      m_privateKey->unmarshal(0,&p,length);
   }
   if ( haveServKey.value() )
   {
      if ( 0 != m_serviceKey ) delete m_serviceKey;
      m_serviceKey = new CODEX_Ciphers::RSAPublicKey;
      m_serviceKey->unmarshal(0,&p,length);
   }
   if ( haveServEGKey.value() )
   {
      if ( 0 != m_serviceEGKey ) delete m_serviceEGKey;
      m_serviceEGKey = new CODEX_Ciphers::ElGamalPublicKey;
      m_serviceEGKey->unmarshal(0,&p,length);
   }
   if ( haveServH.value() )
   {
      if ( 0 != m_serviceH ) delete m_serviceH;
      m_serviceH = new CODEX_ASN1::BigNumber;
      m_serviceH->unmarshal(0,&p,length);
   }
   if ( havePubEGKey.value() )
   {
      if ( 0 != m_publicEGKey ) delete m_publicEGKey;
      m_publicEGKey = new CODEX_Ciphers::ElGamalPublicKey;
      m_publicEGKey->unmarshal(0,&p,length);
   }
   if ( havePrivEGKey.value() )
   {
      if ( 0 != m_privateEGKey ) delete m_privateEGKey;
      m_privateEGKey = new CODEX_Ciphers::ElGamalPrivateKey;
      m_privateEGKey->unmarshal(0,&p,length);
   }
   delete [] pOrig;
   return this;
}

---