---

CODEX_Server::ServerState Class Reference

This is a singleton class that holds all of the state information that different parts of the server need to share. More...

#include <ServerState.h>

Collaboration diagram for CODEX_Server::ServerState:

[legend]List of all members.

Public Types
typedef list< CODEX_Quorum::LocalServer * >	ServerList
	Define a list type for servers.
typedef CODEX_VSS::Combinatoric< nServers, nFaults+1 >	ShareType
	Specify the secret sharing scheme used.
typedef CODEX_VSS::ModExpFunctional	OneWay
	Specify the type of one-way function used for VSS.
typedef CODEX_VSS::LabeledShare< ShareType, OneWay >	LSType
	Specify the labeled share (VSS) type.
typedef CODEX_VSS::SecretWitness< ShareType, OneWay >	WitnessType
	Specify the type of the witness for a secret.
typedef CODEX_VSS::ShareSet< ShareType >	ShareSetType
	Specify the share set type.
typedef CODEX_ThresholdCrypto::ThresholdRSACrypto< ShareType >	ThresholdRSAType
	Specify the threshold RSA scheme used.
typedef CODEX_ThresholdCrypto::ThresholdElGamalCrypto< ShareType >	ThresholdElGamalType
	Specify the threshold ElGamal scheme used.
typedef CODEX_ThresholdCrypto::ThresholdVarRSACrypto< ShareType >	ThresholdVarRSAType
	Specify the threshold RSA variant scheme used.
typedef ThresholdRSAType	ThresholdSignatureType
	Specify the threshold scheme to use for signatures.
typedef ShareCallbackBase< ShareType, OneWay >	ShareCallback
	Specify the share callback type.
typedef vector< ShareLabelChallenge * >	ChallengeVector
	A collection of challenges to a particular request.
typedef map< const unsigned char *, ChallengeVector, CODEX_Quorum::memless< CODEX_Server::ServerState::nMID > >	ChallengeMap
	Mapping between a challenged request and its challenges.
Public Methods
const CODEX_Ciphers::HashFunction &	hashFunc () const
	Returns: The hash function that all server-related processes use.
void	configure (const CONF *conf, const char *sec, const string &fname)
	Configure the server from an OpenSSL CONF-format file.
void	addServer (CODEX_Quorum::LocalServer *server)
	Add a local server to the list.
void	removeServer (CODEX_Quorum::LocalServer *server)
	Remove a local server from the list.
ServerList::const_iterator	serverListBegin ()
	Returns: Beginning of the ServerList.
ServerList::const_iterator	serverListEnd ()
	Returns: End of the ServerList.
int	serverListSize ()
	Returns: Size of the ServerList.
void	cleanServer (CODEX_Quorum::LocalServer *server)
	Schedule a local server for deletion.
void	garbageCollectServers ()
	Destroy the local servers scheduled for deletion.
const CODEX_ASN1::Certificate &	serverCert () const
	Returns: the server's certificate.
const CODEX_ASN1::Certificate &	serverCert (unsigned int i) const
	Returns: the certificate for server i.
const CODEX_Ciphers::RSAPublicKey &	publicKey ()
	Returns: the server's public key.
const CODEX_Ciphers::RSAPublicKey &	publicKey (unsigned int i)
	Returns: the public key for server i.
const CODEX_Ciphers::RSAPrivateKey &	privateKey () const
	Returns: the server's private key.
const CODEX_ASN1::Certificate &	caCert () const
	Returns: the CA's certificate.
const EVP_PKEY *	caKey ()
	Returns: The CA's public key in EVP_PKEY form.
const CODEX_Ciphers::RSAPublicKey &	serviceKey ()
	Returns: The service's public key.
const CODEX_Ciphers::ElGamalPublicKey &	publicEGKey () const
	Returns: The service's ElGamal public key.
const CODEX_ASN1::BigNumber &	h () const
	Returns: The auxiliary generator.
const SignedAugmentedEGPublicKey &	signedEGKey () const
	Returns: The service's ElGamal public key, signed by the service.
const LSType &	rsaShares (const LSType::LabelType &label, unsigned int server) const
	Get the RSA private key shares for a particular label.
const LSType::LabelType &	defaultRSALabel () const
	Returns: The label for the default RSA sharing.
void	setRSAShareCallback (const ShareCallback *cb)
	Set the callback to retrieve RSA shares.
void	setRSADefaultLabel (const LSType::LabelType *label)
	Set the label for the default RSA sharing.
const ThresholdRSAType &	thresholdRSA () const
	Returns: The RSA threshold cryptosystem.
const ThresholdVarRSAType &	thresholdVarRSA () const
	Returns: The RSA variant threshold cryptosystem.
const WitnessType &	rsaWitness () const
	Returns: The validity check for the service's RSA private key.
const LSType &	elgamalShares (const LSType::LabelType &label, unsigned int server) const
	Get the ElGamal private key shares for a particular label.
const LSType::LabelType &	defaultEGLabel () const
	Returns: The label for the default ElGamal sharing.
void	setEGShareCallback (const ShareCallback *cb)
	Set the callback to retrieve ElGamal shares.
void	setEGDefaultLabel (const LSType::LabelType *label)
	Set the label for the default RSA sharing.
const ThresholdElGamalType &	thresholdEG () const
	Returns: The ElGamal threshold cryptosystem.
const WitnessType &	egWitness () const
	Returns: The validity check for the service's ElGamal private key.
const LSType::LabelType &	defaultLabel (unsigned int num) const
	The label of the default sharing for a secret.
void	setShareCallback (unsigned int num, const ShareCallback *cb)
	Set the callback used to retrieve sharings of a secret.
void	setDefaultLabel (const LSType::LabelType *label)
	Set the label for the default sharing of a secret.
const LSType &	signatureShares (const LSType::LabelType &label, unsigned int server) const
	The shares of the private key used to generate signatures.
const LSType::LabelType &	defaultSignatureLabel () const
	Returns: The label for the default sharing of the signature key.
const ThresholdSignatureType &	thresholdSignature () const
	Returns: The threshold cryptosystem for generating signatures.
void	rationalizeSharings (const vector< ShareType * > &sharings, ShareSetType &result) const
	Given a set of sharings from a quorum of servers, this routine finds a consistent set.
BIGNUM *	thresholdOperation (const vector< ShareType * > &sharings, const BIGNUM *operand) const
	Given a set of partial results and the data being operated upon, find a valid threshold result.
unsigned char *	newSequenceNumber ()
	Get a new sequence number.
void	addChallenge (const unsigned char *request, ShareLabelChallenge *challenge)
	Add a challenge for a request.
const ServerState::ChallengeMap &	challengeMap ()
void	removeChallenge (const unsigned char *request)
	Remove a request from the challenged list.
CODEX_Quorum::QuorumSystem *	quorumSystem () const
	Returns: The QuorumSystem.
long	hostNum () const
	Returns: This server's host identifier.
const string &	hostName (long i)
	Returns: The name of the host for server i
long	serverPort () const
	Returns: The port on which this server listens for peers
long	serverPort (long i)
	Returns: The service port number for server i
bool	addQuorumServer (int host, CODEX_Quorum::AsynchronousRemoteServer *server)
	Add a server to the QuorumSystem.
const CODEX_Quorum::RemoteServer *	getQuorumServer (int host)
bool	haveQuorumServer (int host) const
const CODEX_Quorum::SocketBuilder &	clientSocketBuilder () const
	Returns: The CODEX_Quorum::SocketBuilder for clients.
const CODEX_Quorum::SocketBuilder &	serverOutSocketBuilder () const
	Returns: The outgoing CODEX_Quorum::SocketBuilder for servers.
const CODEX_Quorum::SocketBuilder &	serverInSocketBuilder () const
	Returns: The incoming CODEX_Quorum::SocketBuilder for servers.
Static Public Methods
ServerState *	instance ()
	Static method to fetch the unique instance.
void	destroy ()
	Destroys the unique instance.
Static Public Attributes
const unsigned int	nServers = 4
	Number of servers in the quorum system.
const unsigned int	nFaults = 1
	Number of Byzantine faults tolerated.
const size_t	nSID = 1
	Number of bytes identifying a server.
const size_t	nMID = 8
	Number of bytes identifying a request from a server.
const unsigned char	OutgoingMask = 0x80
	Mask for the server ID on outgoing requests.
const unsigned int	RSAKeyNum = 0
	ID number for the shared RSA private key.
const unsigned int	EGKeyNum = 1
	ID number for the shared ElGamal private key.
Protected Methods
	ServerState ()
	Protected constructor, prevents multiple instances.
virtual	~ServerState ()
	Protected virtual destructor.
void	readPrivateKey (const char *fname, const char *passwd=NULL)
	Initialize server's private key from a PEM-format file.
void	readCACert (const char *fname)
	Initialize CA's certificate from a PEM-format file.
void	readServiceCert (const char *fname)
	Initialize service's certificate from a PEM-format file.
void	readPublicEGKey (const char *fname)
	Initialize service's ElGamal public key from a file.
void	readRSAShares (const char *fname)
	Initialize server's shares of the service's RSA private key.
void	readElGamalShares (const char *fname)
	Initialize server's shares of the service's ElGamal private key.
Static Protected Attributes
ServerState *	m_instance = 0
	Unique instance of this class.

---

Detailed Description

This is a singleton class that holds all of the state information that different parts of the server need to share.

This includes the number of servers in the (statically-configured) quorum system. Implementing the state this way allows us not to have to pass pointers and references to the state everywhere. There is, of course, the danger that something that really shouldn't be accessing the state will be able to, but since the server code has to be trusted on that server in any event, this shouldn't matter.

Definition at line 78 of file ServerState.h.

---

Member Function Documentation

void ServerState::addChallenge (  const unsigned char *    request, ShareLabelChallenge *    challenge )

Add a challenge for a request. This implies that some server questioned the validity of the share label sent with a threshold operation request. Such challenges are not dispatched immediately, since it is not known whether the challenge is valid, nor when the claimed-good label will become valid locally. Parameters: request  The request for which the challenge has been issued. challenge  An encapsulation of the challenge data, which includes the event to send if the challenge can be met. Definition at line 836 of file ServerState.cc. References ChallengeVector, and nMID. Referenced by CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), CODEX_KeyService::SignCreateCallback::operator()(), and CODEX_KeyService::ClientReadCallback::operator()().

bool ServerState::addQuorumServer (  int    host, CODEX_Quorum::AsynchronousRemoteServer *    server )

Add a server to the QuorumSystem. We require this to be an asynchronous server. Parameters: host  The remote host server  The remote server object for the host Return values: true  if the server was successfully added. false  if the server is NULL, there is already a connection to that remote host, or the host ID is not valid. Definition at line 873 of file ServerState.cc. References nServers, CODEX_Quorum::StaticByzantineQuorumSystem< nServers, nFaults >::server(), and CODEX_Quorum::StaticByzantineQuorumSystem< nServers, nFaults >::setServer(). Referenced by configure(), and CODEX_Server::QuorumBuilderAct::handler().

const EVP_PKEY * ServerState::caKey (    )

Returns: The CA's public key in EVP_PKEY form. Bug: Have to cast away const for X509_get_pubkey. Definition at line 436 of file ServerState.cc. References CODEX_ASN1::Base::initialized(), and CODEX_ASN1::Certificate::value(). Referenced by CODEX_KeyService::ClientMessageVerifier::handler().

const ServerState::ChallengeMap& CODEX_Server::ServerState::challengeMap (    )  [inline]

Returns: The map of challenged requests to their challenges. Definition at line 489 of file ServerState.h. Referenced by CODEX_Server::ShareLabelChallengeHandler::handler().

const ServerState::LSType::LabelType & ServerState::defaultLabel (  unsigned int    num )  const

The label of the default sharing for a secret. Parameters: num  The identifier for a secret. Returns: The label for the default sharing of the corresponding secret. Definition at line 617 of file ServerState.cc. References defaultEGLabel(), defaultRSALabel(), EGKeyNum, and RSAKeyNum. Referenced by CODEX_APSS::SecretManagement::beginRun().

const ServerState::LSType & ServerState::elgamalShares (  const LSType::LabelType &    label, unsigned int    server )  const

Get the ElGamal private key shares for a particular label. Parameters: label  The label requested. server  The server requesting an operation with this label. Returns: The server's shares of the service's ElGamal private key. Definition at line 589 of file ServerState.cc. Referenced by CODEX_APSS::StateInfo::configure(), and CODEX_Server::ShareLabelChallengeHandler::handler().

const CODEX_Quorum::RemoteServer * ServerState::getQuorumServer (  int    host )

Returns: A pointer to the remote server i, or NULL if not present. Definition at line 897 of file ServerState.cc. References CODEX_Quorum::StaticByzantineQuorumSystem< nServers, nFaults >::server(). Referenced by CODEX_Server::ServerResponseHandler::handler().

bool ServerState::haveQuorumServer (  int    host )  const

Returns: Whether a connection exists to the remote server host. Definition at line 907 of file ServerState.cc. References CODEX_Quorum::StaticByzantineQuorumSystem< nServers, nFaults >::server(). Referenced by CODEX_Server::QuorumBuilderAct::handler().

unsigned char * ServerState::newSequenceNumber (    )

Get a new sequence number. These are used to match responses to client requests. Uniqueness is all that matters, but for completeness this number is in LSB format. It will roll over back to 0 if all bits are set. While probably not harmful, since old requests are likely to have been cleared out, the parameter nMID, which determines the number of bytes in the sequence number, should be large enough to prevent collisions. If nMID is 5, there are 2^(5*8) sequence numbers, which at 100 requests per second would take over 348 years to exhaust. For added paranoia, an 8-byte sequence number is used in the default implementation. This would take hundreds of millennia at one million requests per second to exhaust. Definition at line 821 of file ServerState.cc. References nMID. Referenced by CODEX_APSS::SecretManagement::beginRun(), CODEX_APSS::InitActivity::handler(), CODEX_KeyService::DelegateRequestDistributor::handler(), CODEX_KeyService::VerifyWriteCallback::operator()(), CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), CODEX_KeyService::SignCreateCallback::operator()(), CODEX_APSS::InitCallback::operator()(), CODEX_APSS::ComputeCallback::operator()(), CODEX_KeyService::ClientWriteCallback::operator()(), CODEX_KeyService::ClientReadCallback::operator()(), CODEX_KeyService::ClientCreateCallback::operator()(), CODEX_APSS::StateInfo::recover(), and CODEX_APSS::SecretManagement::sendFinished().

void ServerState::rationalizeSharings (  const vector< ShareType * > &    sharings, ShareSetType &    result )  const

Given a set of sharings from a quorum of servers, this routine finds a consistent set. The consistent set might not contain all shares, since for T faults T+1 values must agree to be accepted. This will, however, reduce any combinatorics needed to resolve the remaining ambiguities. Parameters: sharings  The sharings returned by servers. result  A consistent sharing. Definition at line 667 of file ServerState.cc. References CODEX_APSS::ShareSetType. Referenced by thresholdOperation().

void ServerState::readPublicEGKey (  const char *    fname )  [protected]

Initialize service's ElGamal public key from a file. Bug: Have to cast away const for unmarshal. Definition at line 470 of file ServerState.cc. References CODEX_Server::SignedAugmentedEGPublicKey::unmarshal(). Referenced by configure().

void ServerState::removeChallenge (  const unsigned char *    request )

Remove a request from the challenged list. This should be called when a challenge has been met or when the relevant protocol determines that the challenge is not relevant. Definition at line 851 of file ServerState.cc. Referenced by CODEX_KeyService::ResponseCallback::fail(), CODEX_Server::ShareLabelChallengeHandler::handler(), CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), CODEX_KeyService::SignCreateCallback::operator()(), and CODEX_KeyService::ClientReadCallback::operator()().

const ServerState::LSType & ServerState::rsaShares (  const LSType::LabelType &    label, unsigned int    server )  const

Get the RSA private key shares for a particular label. Parameters: label  The label requested. server  The server requesting an operation with this label. Returns: The server's shares of the service's RSA private key. Definition at line 568 of file ServerState.cc. Referenced by CODEX_APSS::StateInfo::configure(), CODEX_Server::ShareLabelChallengeHandler::handler(), and signatureShares().

void ServerState::setDefaultLabel (  const LSType::LabelType *    label )

Set the label for the default sharing of a secret. The identifier does not need to be passed in explicitly, since the label contains the relevant value. Parameters: label  The label to set. Definition at line 647 of file ServerState.cc. References EGKeyNum, RSAKeyNum, setEGDefaultLabel(), and setRSADefaultLabel(). Referenced by CODEX_APSS::SecretManagement::addFinishedMsg().

void ServerState::setShareCallback (  unsigned int    num, const ShareCallback *    cb )

Set the callback used to retrieve sharings of a secret. Parameters: num  The identifier of a secret. cb  The callback for sharings of the secret. Definition at line 631 of file ServerState.cc. References EGKeyNum, RSAKeyNum, setEGShareCallback(), and setRSAShareCallback(). Referenced by CODEX_APSS::StateInfo::configure().

const LSType& CODEX_Server::ServerState::signatureShares (  const LSType::LabelType &    label, unsigned int    server )  const [inline]

The shares of the private key used to generate signatures. Parameters: label  The label for the sharing. server  The server requesting the signature with this label (used to update servers with invalid labels). Returns: A labeled sharing of the private key, uninitialized if the label was not found. Definition at line 409 of file ServerState.h. References rsaShares().

BIGNUM * ServerState::thresholdOperation (  const vector< ShareType * > &    sharings, const BIGNUM *    operand )  const

Given a set of partial results and the data being operated upon, find a valid threshold result. This is RSA-specific. Parameters: sharings  The sharings containing partial results. operand  The data on which we are performing a threshold operation. Definition at line 730 of file ServerState.cc. References CODEX_Ciphers::RSAPublicKey::encrypt(), rationalizeSharings(), ShareSetType, and CODEX_ASN1::BigNumber::value(). Referenced by CODEX_KeyService::SignWriteCallback::operator()(), CODEX_KeyService::SignReadCallback::operator()(), and CODEX_KeyService::SignCreateCallback::operator()().

---

The documentation for this class was generated from the following files:

• ServerState.h
• ServerState.cc

---