InternalVerifier.cc

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: InternalVerifier.cc,v 1.3 2004/05/19 15:56:58 mmarsh Exp $
//
// $Log: InternalVerifier.cc,v $
// Revision 1.3  2004/05/19 15:56:58  mmarsh
// *** empty log message ***
//
// Revision 1.2  2003/11/04 22:31:50  mmarsh
// *** empty log message ***
//
//
#include "InternalVerifier.h"
#include "CODEX_Quorum/Socket.h"
#include "CODEX_ASN1/Integer.h"
#include "ServerState.h"

#include "CODEX_Exceptions/BignumExceptions.h"

using namespace CODEX_Server;

InternalVerifier::InternalVerifier(
   int port,
   const CODEX_Quorum::SocketBuilder& socketBuilder,
   CODEX_Quorum::SocketBase* socket ) :
   CODEX_Quorum::LocalServer( port, socketBuilder ),
   m_toRead( 0 )
{
   setSocket( socket );
   ServerState::instance()->addServer( this );
}

InternalVerifier::~InternalVerifier()
{
   ServerState* serverState = ServerState::instance();
   if ( NULL != serverState )
   {
      // Don't remove until now, because it screws up iterating through the
      // list otherwise.
      serverState->removeServer( this );
   }
}

void
InternalVerifier::disable()
{
   CODEX_Quorum::LocalServer::disable();
   ServerState* serverState = ServerState::instance();
   if ( NULL == serverState ) return;
   serverState->cleanServer( this );
}

void
InternalVerifier::processRequest( CODEX_Quorum::SocketBase::StateType s )
{
   using CODEX_Quorum::SocketBase;
   if ( ! m_nonce.initialized() )
   {
      // We're in the first step of the protocol.
      if ( SocketBase::kWrite != s )
      {
         return;
      }
      // Select a nonce
      BIGNUM * n = NULL;
      unsigned char* buffer = NULL;
      try
      {
         n = BN_new();
         if ( NULL == n )
         {
            throw CODEX_Exceptions::BignumNullException( __FILE__ , __LINE__ );
         }
         if ( ! BN_rand( n, 1024, -1, 0 ) )
         {
            throw CODEX_Exceptions::BignumRandRangeException( __FILE__ ,
                                                              __LINE__ );
         }
         m_nonce = CODEX_ASN1::SecureBigNumber( n );
         n = NULL;
         // send the nonce...
         int length = m_nonce.marshal(0);
         buffer = new unsigned char[length];
         unsigned char* pBuffer = buffer;
         m_nonce.marshal(&pBuffer);
         socket()->writeTo( CODEX_Quorum::Message( buffer, length ) );
         delete [] buffer;
      }
      catch ( ... )
      {
         if ( NULL != n ) BN_clear_free( n );
         if ( NULL != buffer ) delete [] buffer;
         throw;
      }
   }
   else
   {
      // We're in the second step of the protocol.
      if ( SocketBase::kRead != s )
      {
         return;
      }
      m_toRead = socket()->readAll( m_msg, m_toRead );
      if ( 0 != m_toRead )
      {
         return;
      }
      // We have the full message.
      int length = m_msg.length();
      unsigned char* data = (unsigned char*)m_msg.buffer();
      unsigned char* pData = data;
      CODEX_ASN1::Integer hostNum;
      if ( NULL == hostNum.unmarshal(NULL,&pData,length) )
      {
         disable();
         return;
      }
      if ( ( hostNum.value() < 0 ) ||
           ( hostNum.value() >= ServerState::nServers ) )
      {
         disable();
         return;
      }
      const CODEX_Ciphers::RSAPublicKey& hostKey =
         ServerState::instance()->publicKey( hostNum.value() );

      length -= ( pData-data );
      CODEX_ASN1::BigNumber nonce;
      if ( NULL == nonce.unmarshal(NULL,&pData,length) )
      {
         disable();
         return;
      }
      int dataLength = pData - data;
      length = m_msg.length() - dataLength;
      CODEX_Ciphers::RSASignature signature;
      if ( NULL == signature.unmarshal(NULL,&pData,length) )
      {
         disable();
         return;
      }
      CODEX_ASN1::ustring* str=NULL;
      str = ServerState::instance()->hashFunc()(
         CODEX_ASN1::ustring(data, dataLength) );
      BIGNUM * digest = NULL;
      digest = BN_new();
      BN_bin2bn( str->data(), str->length(), digest );
      delete str;
      str = NULL;
      if ( ! hostKey.verifySignature(signature,digest) )
      {
         cout << "verify failed" << endl;
         BN_free(digest);
         disable();
         return;
      }
      BN_free(digest);
      // The host is who it claims to be.  Set up a long-term connection.
      // Make sure the socket isn't going to be closed when this server
      // goes away.
      SocketBase* skt = socket();
      CODEX_Quorum::AsynchronousRemoteServer* rs =
         new CODEX_Quorum::AsynchronousRemoteServer(
            "",
            0,
            ServerState::instance()->serverOutSocketBuilder(),
            skt );

      // add rs to the quorum system
      if ( ! ServerState::instance()->addQuorumServer(hostNum.value(),rs) )
      {
         delete rs;
      }
      cout << "Accepted connection from server " << hostNum.value() << endl;
      setSocket(NULL);
      disable();
   }
}

---