Main Page | Data Structures | File List | Data Fields | Globals

server.h File Reference

Functions unique to the server. More...

#include <stdio.h>
#include <stdlib.h>
#include <memory.h>
#include <errno.h>
#include <openssl/rsa.h>
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <mysql.h>
#include "WFU.h"

Go to the source code of this file.

Data Structures

struct  user_information
 Structure that stores the user information. More...
struct  key_information
 Structure that stores the information about a key. More...

Functions

int WFU_server_dispatch (SSL *ssl, char *client_ip)
 The core server component.
int WFU_server_verify_uvid (SSL *ssl, MYSQL *mysql)
 Server component of verify_uvid.
char * WFU_server_authenticate (SSL *ssl)
 Server authentication component.
int WFU_server_public_key (SSL *ssl)
 Server public key component.
int WFU_server_store_keys (SSL *ssl, MYSQL *mysql, struct user_information *user_info)
 Server key storage component.
int WFU_server_reclaim_keys (SSL *ssl, MYSQL *mysql)
 Server key retrieval component.
int WFU_server_query_salt (SSL *ssl, MYSQL *mysql)
 Server salt query component.
int WFU_server_query_user (SSL *ssl, MYSQL *mysql)
 Server user query component.
int WFU_server_test_ssl (SSL *ssl)
 An SSL testing function for development only.
MYSQL * WFU_mysql_connect ()
 Create a connection to the MySQL database.
void WFU_mysql_close (MYSQL *mysql)
 Closes the connection to the MySQL database.
int WFU_select_last_insert_id (MYSQL *mysql)
 Returns the value of the last autoincrement value.
user_informationWFU_user_exists (MYSQL *mysql, char *user_name)
 Test to see whether a user exists with the given username.
user_informationWFU_create_user (MYSQL *mysql, char *user_name)
 Create a user account with the given user_name.
void WFU_free_user_information (struct user_information *user_info)
 Releases the memory used by the user_information structure.
int WFU_insert_key (MYSQL *mysql, struct user_information *user_info, struct wfu_uvid *uvid, struct wfu_data *keys)
 Store the escrow information in the MySQL database.
wfu_dataWFU_get_key (MYSQL *mysql, int key_pk)
 Retrieve the key data given a key escrow number.
wfu_dataWFU_uvid2salt (struct wfu_uvid *uvid)
 Extract the salt from a uvid structure.
wfu_dataWFU_uvid2time (struct wfu_uvid *uvid)
 Extract the time from a uvid structure.
key_informationWFU_verify_uvid (MYSQL *mysql, struct user_information *user_info, struct wfu_uvid *uvid)
 Verify whether the uvid is indexed.
wfu_line_arrayWFU_query_salt (MYSQL *mysql, struct wfu_data *salt_data)
 Will return a list of key information for the volumes having the specified salt.
wfu_line_arrayWFU_query_user (MYSQL *mysql, struct user_information *user_info)
 Will return a list of key information for the volumes associated with the given user information.


Detailed Description

Functions unique to the server.


Function Documentation

struct user_information* WFU_create_user MYSQL *  mysql,
char *  user_name
 

Create a user account with the given user_name.

The user informaiton for the account will be returned. If the user_name already belongs to an account, the function returns the user_information just as the function WFU_user_exists().

Parameters:
mysql The MySQL connection.
user_name The username to test.
Return values:
NULL indicates a system failure.
Pointer If the user is found or is created, then a user_information structure is returned with the user information.
Note:
Use WFU_free_user_information() to free the memory returned from this function.

void WFU_free_user_information struct user_information user_info  ) 
 

Releases the memory used by the user_information structure.

Parameters:
user_info is a dynanmically created user_information structure.

struct wfu_data* WFU_get_key MYSQL *  mysql,
int  key_pk
 

Retrieve the key data given a key escrow number.

This will query the USER_KEY table for a row with the specified primary key value. It will return the escrow data from that row. A NULL will be returned if the row is not found.

Parameters:
mysql The MySQL database connection.
key_pk The primary_key (key escrow number)
Return values:
NULL indicates failure.
Pointer A wfu_data structure containing the encrypted escrow data.
Note:
The escrow data is stored as a LONGBLOB.

int WFU_insert_key MYSQL *  mysql,
struct user_information user_info,
struct wfu_uvid uvid,
struct wfu_data keys
 

Store the escrow information in the MySQL database.

A row will be added to the USER_KEY table with a foreign key referencing the user_id. The uvid will be split into the salt and timestamp. The salt, timestamp and encrypted key information will be stored in this row. Additionally, the current time will be stored.

Parameters:
mysql The MySQL database connection.
user_info The user information.
uvid The Unique Volume IDentifier.
keys The data to be escrowed.
Return values:
0 indicates failure.
>0 The key escrow value for this entry. This is actually the primary key value for this row.
See also:
WFU_user_exists(), WFU_lib_prepare_uvid(), WFU_uvid2salt(), WFU_uvid2time()
Note:
The escrow data is stored as a LONGBLOB.

void WFU_mysql_close MYSQL *  mysql  ) 
 

Closes the connection to the MySQL database.

Parameters:
mysql The MySQL connection.

MYSQL* WFU_mysql_connect  ) 
 

Create a connection to the MySQL database.

Return values:
NULL indicates an error.
Pointer is a pointer to the MYSQL structure.

struct wfu_line_array* WFU_query_salt MYSQL *  mysql,
struct wfu_data salt_data
 

Will return a list of key information for the volumes having the specified salt.

The function will constructs a list of possible escrow entries associated with this salt. Each entry of the list includes the escrow date, key escrow number and username. This function will return a pointer to a wfu_line_array structure containing this list.

Parameters:
mysql The MySQL database connection.
salt_data The salt information.
Return values:
NULL indicates failure or that no rows were found.
Pointer A wfu_line_array structure containing the text information.

struct wfu_line_array* WFU_query_user MYSQL *  mysql,
struct user_information user_info
 

Will return a list of key information for the volumes associated with the given user information.

The function will constructs a list of possible escrow entries associated with this user. Each entry of the list includes the escrow date, key escrow number and username. This function will return a pointer to a wfu_line_array structure containing this list.

Parameters:
mysql The MySQL database connection.
user_info The user_info information.
Return values:
NULL indicates failure or that no rows were found.
Pointer A wfu_line_array structure containing the text information.
See also:
WFU_user_exists()

int WFU_select_last_insert_id MYSQL *  mysql  ) 
 

Returns the value of the last autoincrement value.

Return values:
The last autoincrement value.

char* WFU_server_authenticate SSL *  ssl  ) 
 

Server authentication component.

This is the server function that handles the request from WFU_client_authenticate(). The parameters for the request are read from the SSL connection and check against the LDAP server. An answer is send to the client. If successful, the return value contains information about the user.

Parameters:
ssl The SSL connection.
See also:
WFU_server_ldap_authenticate().
Return values:
NULL indicates login failure and/or system error.
pointer Upon success, the function returns a pointer to the username.
Note:
The wfu_error_no may contain the following, however, the return value is most significant. Errors may also be forwarded from WFU_server_ldap_authenticate().

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

WFU_ERR_LOGIN upon login failure.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

Protocol:
 ======================================================
 client_authenticate.c      server_authenticate.c
 ---------------------      ---------------------------
                 LOGIN ->
                         <- YES
                            ERROR [code]
       [len][username] ->
       [len][password] ->
                         <- YES
                            NO
                            ERROR [code]

int WFU_server_dispatch SSL *  ssl,
char *  client_ip
 

The core server component.

This function manages the server actions. Commands are read from the network and this function determins which routine, if any, should handle the request.

Parameters:
ssl The SSL connection.
client_ip The character representation of the client's IP number.
Return values:
0 This return value really has no meaning.

int WFU_server_public_key SSL *  ssl  ) 
 

Server public key component.

This is the server function that handles the request from WFU_client_public_key(). The user must be authenticated.

Parameters:
ssl The SSL connection.
Return values:
1 indicates failure.
0 indicates success.
Protocol:
 ======================================================
   client_public_key.c      server_public_key.c
 ---------------------      ---------------------------
        REQ_PUBLIC_KEY ->
                         <- YES [len][modulus]
                                [len][exponent]
                            ERROR [code]
Note:
The wfu_error_no may contain the following, however, the return value is most significant.

WFU_ERR_CRYPT upon failure obtaining the public key.

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

int WFU_server_query_salt SSL *  ssl,
MYSQL *  mysql
 

Server salt query component.

This is the server function that handles the WFU_restore_query_salt() request. The function reads the salt data from the network and constructs a list of possible escrow entries associated with this salt. Each entry of the list includes the escrow date, key escrow number and username associated with the salt.

Parameters:
ssl The SSL connection.
mysql The MySQL database connection.
Return values:
-1 indicates failure.
>=0 Upon success, the function returns the number of entries that match the salt.
See also:
WFU_query_salt()
Note:
This function depends on the WFU_server_dispatch() to ensure that the user and client are authorized.
Protocol:
 ============================================================
 restore_query_salt.c      server_query_salt.c
 --------------------      ----------------------------------
           SALT_QUERY ->
                        <- YES
                           ERROR [code]
               [salt] ->
                        <- SALT_LIST
                             [count] // number of [len][line]
                               [len][line]
                               [len][line]
                               ...
                           ERROR [code]
Note:
The wfu_error_no may contain the following, however, the return value is most significant.

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

int WFU_server_query_user SSL *  ssl,
MYSQL *  mysql
 

Server user query component.

This is the server function that handles the WFU_restore_query_user() request. The function reads the username from the network and constructs a list of possible escrow entries associated with this user. Each entry of the list includes the escrow date, key escrow number and username.

Parameters:
ssl The SSL connection.
mysql The MySQL database connection.
Return values:
-1 indicates failure.
>=0 Upon success, the function returns the number of entries that match the username.
See also:
WFU_query_user()
Note:
This function depends on the WFU_server_dispatch() to ensure that the user and client are authorized.
Protocol:
 ============================================================
 restore_query_user.c      server_query_user.c
 --------------------      ----------------------------------
           USER_QUERY ->
                        <- YES
                           ERROR [code]
           [username] ->
                        <- USER_LIST
                             [count] // number of [len][line]
                               [len][line]
                               [len][line]
                               ...
                           ERROR [code]
Note:
The wfu_error_no may contain the following, however, the return value is most significant.

WFU_ERR_USER No such user.

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

int WFU_server_reclaim_keys SSL *  ssl,
MYSQL *  mysql
 

Server key retrieval component.

This is the server function that handles the WFU_restore_reclaim_keys() request. The key escrow number is read from the SSL connection, the data is retrieved from the database and returned to the client. The server cannot decrypt the key information. The client must perform the decryption.

Parameters:
ssl The SSL connection.
mysql The MySQL database connection.
Return values:
0 indicates failure.
>0 Upon success, the function returns the key escrow number given to this data.
See also:
WFU_get_key()
Note:
This function depends on the WFU_server_dispatch() to ensure that the user and client are authorized.
Protocol:
 ===========================================================
 restore_reclaim_keys.c    server_reclaim_keys.c
 ----------------------    ---------------------------------
             FS_KEYS_REQ ->
                           <- YES
                              ERROR [code]
                [number] ->
                           <- SND_KEYS [len][encrypted_data]
                              ERROR [code]
Note:
The wfu_error_no may contain the following, however, the return value is most significant.

WFU_ERR_KEY_NOT_FOUND The requested key was not found.

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

int WFU_server_store_keys SSL *  ssl,
MYSQL *  mysql,
struct user_information user_info
 

Server key storage component.

This is the server function that handles the WFU_client_store_keys() request. This function accepts the user's information as a parameter, therefore the user must be authenticated prior to this call. The uvid and encrypted data will be read from the SSL connection. The data will be stored under the user_id using the mysql connection. (The username in the uvid structure is ignored.)

Parameters:
ssl The SSL connection.
mysql The MySQL database connection.
user_info The information of the user.
Return values:
0 indicates failure.
>0 Upon success, the function returns the key escrow number given to this data.
See also:
WFU_verify_uvid(), WFU_insert_key()
Note:
The server calls WFU_verify_uvid() before attempting to store the data.

The key escrow number will be returned to the client.

Protocol:
 ====================================================
   client_store_keys.c      server_store_keys.c
 ---------------------      ---------------------------
              SND_KEYS ->
                         <- YES
                            ERROR [code]
       [len][key data] ->
      [len][volume id] ->
                         <- YES [pk]
                            ERROR [code]
Note:
The wfu_error_no may contain the following, however, the return value is most significant.

WFU_ERR_KEY_REDUNDANT the storage of this data would be redundant.

WFU_ERR_KEY_STORAGE key storage failed.

WFU_ERR_NULL_PTR upon failure obtaining the key information.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

int WFU_server_verify_uvid SSL *  ssl,
MYSQL *  mysql
 

Server component of verify_uvid.

This is the server function that handles the request from WFU_client_verify_uvid(). The parameters for the request are read from the SSL connection and check against MYSQL database connection. An answer is send to the client.

Parameters:
ssl The SSL connection.
mysql The MYSQL connection.
Return values:
-1 indicates a system error
>0 Upon success, the function returns a positive number. This number indicates the key escrow number for this operation.
Note:
The wfu_error_no may contain the following, however, the return value is most significant. Errors may also be forwarded from WFU_server_ldap_authenticate().

WFU_ERR_PROT_VIOLATION, WFU_ERR_SSL_RW upon problems with SSL.

WFU_ERR_PARAMETER indicates a problem with the function parameters.

Protocol:
 ============================================================
   client_verify_uvid.c      server_verify_uvid.c
  ---------------------      --------------------------------
            VERIFY_UVID ->
                          <- YES
                             ERROR [code]
        [len][wfu_uvid] ->
                          <- YES   [pk]  // key is stored
                             YES   [0]   // key is NOT stored
                             ERROR [code]  // error

struct user_information* WFU_user_exists MYSQL *  mysql,
char *  user_name
 

Test to see whether a user exists with the given username.

If the username does exists, then the user information will be returned. NULL will be returned if the user is not found.

Parameters:
mysql The MySQL connection.
user_name The username to test.
Return values:
NULL indicates the user does not exists.
Pointer If the user is found, then a user_information structure is returned with the user information.
Note:
Use WFU_free_user_information() to free the memory returned from this function.

struct wfu_data* WFU_uvid2salt struct wfu_uvid uvid  ) 
 

Extract the salt from a uvid structure.

The salt will be packaged in a wfu_data structure and returned.

Parameters:
uvid The Unique Volume IDentifier
Return values:
NULL indicates failure.
Pointer A pointer to the wfu_data structure containing the salt.

struct wfu_data* WFU_uvid2time struct wfu_uvid uvid  ) 
 

Extract the time from a uvid structure.

The time will be packaged in a wfu_data structure and returned.

Parameters:
uvid The Unique Volume IDentifier
Return values:
NULL indicates failure.
Pointer A pointer to the wfu_data structure containing the time.

struct key_information* WFU_verify_uvid MYSQL *  mysql,
struct user_information user_info,
struct wfu_uvid uvid
 

Verify whether the uvid is indexed.

The time and salt will be extracted from the uvid structure. The the user_id will be extracted from the user_info structure. The function will query the USER_KEY table for a row with this time, salt and user_id. If a row is found, the key_information structure for this row will be returned.

Parameters:
mysql The MySQL database connection.
user_info The user information.
uvid The Unique Volume IDentifier.
Return values:
NULL indicates failure or that no row was found.
Pointer A key_information structure containing data.


Generated on Wed Oct 10 12:38:21 2007 for WFUCrypt by  doxygen 1.3.9.1