emailencode.c

IBE是一种非对称密码技术

/* Copyright 2003-2006, Voltage Security, all rights reserved.
 */
#include "vibe.h"
#include "environment.h"
#include "base.h"
#include "libctx.h"
#include "idobj.h"
#include "oidlist.h"
#include "idencode.h"
#include "emailschema.h"
#include "vtime.h"
#include "errorctx.h"

/* Determine the offset of the baseTime from the email address.
 * <p>The caller passes in a validity period (in seconds), and a
 * segmentCount. The segmentCount is the number of segments into which
 * the function will break the validity period. For example, a week's
 * validity period will generally be broken into 7 segments (0 to 6),
 * one for each day.
 * <p>The function will digest the email address and choose a number in
 * the range [0, segmentCount). It will then divide the validity period
 * by the segmentCount to get the number of seconds in each segment.
 * Finally, it will multiply the seconds per segment by the selected
 * number. This is the offset.
 * <p>The offset is therefore number of seconds.
 *
 * @param libCtx The libCtx to use.
 * @param emailAddress The email address used to determine the offset,
 * it should be the lower case version.
 * @param emailAddressLen The length, in bytes, of the email address.
 * @param validityPeriod In seconds.
 * @param segementCount
 * @param offset The address where the routine will deposit the offset.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
static int VOLT_CALLING_CONV DetermineOffset VOLT_PROTO_LIST ((
   VtLibCtx libraryCtx,
   unsigned char *emailAddress,
   unsigned int emailAddressLen,
   unsigned int validityPeriod,
   unsigned int segmentCount,
   UInt32 *offset
));

/* Set up the OpenSSL ASN.1 templates.
 */
ASN1_SEQUENCE (Asn1AttributeV1) =
{
  ASN1_SIMPLE (Asn1AttributeV1, id, ASN1_UTF8STRING),
  ASN1_SIMPLE (Asn1AttributeV1, value, ASN1_OCTET_STRING),
} ASN1_SEQUENCE_END (Asn1AttributeV1);

IMPLEMENT_ASN1_FUNCTIONS (Asn1AttributeV1)

ASN1_SEQUENCE (Asn1AttributeListV1) =
{
  ASN1_SIMPLE (Asn1AttributeListV1, notBefore, Asn1AttributeV1),
  ASN1_SIMPLE (Asn1AttributeListV1, email, Asn1AttributeV1),
} ASN1_SEQUENCE_END (Asn1AttributeListV1);

IMPLEMENT_ASN1_FUNCTIONS (Asn1AttributeListV1)

ASN1_SEQUENCE (Asn1EmailValueV2) =
{
  ASN1_SIMPLE (Asn1EmailValueV2, notBefore, ASN1_GENERALIZEDTIME),
  ASN1_SIMPLE (Asn1EmailValueV2, address, ASN1_UTF8STRING)
} ASN1_SEQUENCE_END (Asn1EmailValueV2);

IMPLEMENT_ASN1_FUNCTIONS (Asn1EmailValueV2)

int EncodeSchemaEmailAlloc (
   VtIdentityObject idObj,
   Pointer schema,
   unsigned int version,
   unsigned char **encoding,
   unsigned int *encodingLen
   )
{
  int status, asn1Ret;
  unsigned int totalLen;
  VoltTime theTime, baseTime, period, count;
  UInt32 offset;
  VoltIdentityObject *obj = (VoltIdentityObject *)idObj;
  VoltLibCtx *libCtx = (VoltLibCtx *)(obj->voltObject.libraryCtx);
  VoltDistrictObject *distObj = (VoltDistrictObject *)(obj->district);
  VoltIdentitySchema *theSchema = (VoltIdentitySchema *)schema;
  VoltEmailSchema *emailSchema = (VoltEmailSchema *)(theSchema->value);
  unsigned char *buffer = (unsigned char *)0;
  unsigned char *temp;
  unsigned char utcTime[VOLT_UTC_LEN];
  Asn1AttributeListV1 *attrListV1 = (Asn1AttributeListV1 *)0;
  Asn1EmailValueV2 *emailValueV2 = (Asn1EmailValueV2 *)0;
  ASN1_GENERALIZEDTIME *genTime;
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  *encoding = (unsigned char *)0;
  *encodingLen = 0;

  do
  {
    /* We're taking out this check. We're going to go ahead and use any
     * date the caller wants, then if the key server doesn't like the
     * date, then it will fail.
     * We're also not going to use the validityStart time as the
     * minimum time. If we compute a time before the validity start but
     * after the base time, we'll use it.

     * Is theTime before the validityStart or beyond the validityEnd of
     * the district?
     *
    VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_DISTRICT_VALIDITY;
    if (VoltCompareTime (
      &(emailSchema->emailInfo.emailTime), &(distObj->validityStart)) < 0)
      break;
    if (VoltCompareTime (
      &(emailSchema->emailInfo.emailTime), &(distObj->validityEnd)) > 0)
      break;

     * If we compute an email base time after the input time or if the
     * id time eventually computed is before the validityStart, use the
     * validityStart as theTime.
     *
    VoltConvertTimeToSeconds (libCtx, &(distObj->validityStart), &theTime);

     */

    /* Determine the time to use, it will be
     *   baseTime + offset + (n * period)
     * for some n.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = DetermineOffset (
      (VtLibCtx)libCtx, emailSchema->lowerCaseEmail,
      emailSchema->lowerCaseLen, emailSchema->emailInfo.validityPeriod,
      emailSchema->emailInfo.segmentCount, &offset);
    if (status != 0)
      break;

    /* The email base time is the base time plus the email address's
     * offset.
     */
    baseTime = emailSchema->baseTimeSeconds;
    baseTime += (VoltTime)offset;

    /* The time to use will be the base time + n * period. The n is
     * computed as the (email time - base time) / period.
     * If the time is before the base time, error.
     */
    VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_INVALID_TIME;
    if (emailSchema->internalTime < baseTime)
      break;

    period = (VoltTime)(emailSchema->emailInfo.validityPeriod);
    count = (emailSchema->internalTime - baseTime) / period;
    theTime = baseTime + (count * period);

    VoltConvertTimeToVoltage (&theTime, &(theSchema->idTime));

    if (version == VT_ENCODE_IBCS_2_V_1)
    {
      VoltConvertTimeToUTC (&theTime, utcTime);

      /* Build the struct.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_MEMORY;
      attrListV1 = Asn1AttributeListV1_new ();
      if (attrListV1 == (Asn1AttributeListV1 *)0)
        break;

      /* Set the fields.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      asn1Ret = ASN1_STRING_set (
        attrListV1->notBefore->id, NotBeforeKeyString, NotBeforeKeyStringLen);
      if (asn1Ret != 1)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      asn1Ret = ASN1_OCTET_STRING_set (
        attrListV1->notBefore->value, utcTime, VOLT_UTC_LEN);
      if (asn1Ret != 1)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      asn1Ret = ASN1_STRING_set (
        attrListV1->email->id, EmailKeyString, EmailKeyStringLen);
      if (asn1Ret != 1)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      asn1Ret = ASN1_OCTET_STRING_set (
        attrListV1->email->value, emailSchema->lowerCaseEmail,
        emailSchema->lowerCaseLen);
      if (asn1Ret != 1)
        break;

      /* How big does the buffer need to be?
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_INVALID_INPUT;
      totalLen = i2d_Asn1AttributeListV1 (attrListV1, (unsigned char **)0);
      if (totalLen == 0)
        break;

      /* Allocate the space.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_MEMORY;
      buffer = (unsigned char *)Z2Malloc (totalLen, 0);
      if (buffer == (unsigned char *)0)
        break;

      /* Encode into the buffer.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_INVALID_INPUT;
      temp = buffer;
      totalLen = i2d_Asn1AttributeListV1 (attrListV1, &temp);
      if (totalLen == 0)
        break;

      *encoding = buffer;
      *encodingLen = totalLen;
      status = 0;
      break;
    }

    /* Version 2, build the email value: the notBefore and the email
     * address.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_MEMORY;
    emailValueV2 = Asn1EmailValueV2_new ();
    if (emailValueV2 == (Asn1EmailValueV2 *)0)
      break;

    /* Set the values in the template.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_INVALID_INPUT;
    genTime = VoltOpenSslSetGenTime (
      emailValueV2->notBefore, &theTime);
    if (genTime == (ASN1_GENERALIZEDTIME *)0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_MEMORY;
    asn1Ret = ASN1_STRING_set (
      emailValueV2->address, emailSchema->lowerCaseEmail,
      (int)(emailSchema->lowerCaseLen));
    if (asn1Ret != 1)
      break;

    /* How big does the buffer need to be?
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_INVALID_INPUT;
    totalLen = i2d_Asn1EmailValueV2 (emailValueV2, (unsigned char **)0);
    if (totalLen == 0)
      break;

    /* Allocate the space.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_MEMORY;
    buffer = (unsigned char *)Z2Malloc (totalLen, 0);
    if (buffer == (unsigned char *)0)
      break;

    /* Encode the email value.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_MEMORY;
    temp = buffer;
    totalLen = i2d_Asn1EmailValueV2 (emailValueV2, &temp);
    if (totalLen == 0)
      break;

    /* Now build the schema.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VoltEncodeV2SchemaAlloc (
      libCtx, theSchema->oid.data, theSchema->oid.len, buffer, totalLen,
      encoding, encodingLen);

    Z2Free (buffer);
    buffer = (unsigned char *)0;

  } while (0);