blob: 371a3170a3bfedf05841b7efd78a89895d5d9111 [file] [log] [blame]
Yingdi Yu0b82a4e2013-10-18 11:29:25 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/*
3 * Copyright (c) 2013, Regents of the University of California
4 * Yingdi Yu
5 *
6 * BSD license, See the LICENSE file for more information
7 *
8 * Author: Yingdi Yu <yingdi@cs.ucla.edu>
9 */
10
11#include "contact-manager.h"
12
Yingdi Yuaa8d7692013-10-18 17:05:02 -070013#ifndef Q_MOC_RUN
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070014#include <ndn.cxx/wrapper/wrapper.h>
15#include <ndn.cxx/security/keychain.h>
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070016#include <ndn.cxx/security/policy/simple-policy-manager.h>
17#include <ndn.cxx/security/policy/identity-policy-rule.h>
Yingdi Yu8dacdf22013-11-05 23:06:43 -080018#include <ndn.cxx/helpers/der/der.h>
Yingdi Yu6a5b9f62013-11-06 23:00:21 -080019#include <cryptopp/base64.h>
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070020#include <fstream>
Yingdi Yu590fa5d2013-10-18 18:35:09 -070021#include "logging.h"
Yingdi Yuaa8d7692013-10-18 17:05:02 -070022#endif
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070023
24using namespace ndn;
25using namespace ndn::security;
26
Yingdi Yu590fa5d2013-10-18 18:35:09 -070027INIT_LOGGER("ContactManager");
28
Yingdi Yuaa8d7692013-10-18 17:05:02 -070029ContactManager::ContactManager(Ptr<ContactStorage> contactStorage,
Yingdi Yu590fa5d2013-10-18 18:35:09 -070030 Ptr<DnsStorage> dnsStorage,
31 QObject* parent)
32 : QObject(parent)
33 , m_contactStorage(contactStorage)
Yingdi Yuaa8d7692013-10-18 17:05:02 -070034 , m_dnsStorage(dnsStorage)
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070035{
Yingdi Yuaa8d7692013-10-18 17:05:02 -070036 setKeychain();
37
38 m_wrapper = Ptr<Wrapper>(new Wrapper(m_keychain));
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070039}
40
41ContactManager::~ContactManager()
42{
43}
44
Yingdi Yuaa8d7692013-10-18 17:05:02 -070045void
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070046ContactManager::setKeychain()
47{
Yingdi Yu6a5b9f62013-11-06 23:00:21 -080048 Ptr<IdentityManager> identityManager = Ptr<IdentityManager>::Create();
49 Ptr<SimplePolicyManager> policyManager = Ptr<SimplePolicyManager>::Create();
50
51 Ptr<Keychain> keychain = Ptr<Keychain>(new Keychain(identityManager, policyManager, NULL));
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070052
Yingdi Yu8dacdf22013-11-05 23:06:43 -080053 policyManager->addVerificationPolicyRule(Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<DNS>]*)<DNS><ENDORSED>",
54 "^([^<KEY>]*)<KEY>(<>*)[<ksk-.*><dsk-.*>]<ID-CERT>$",
55 "==", "\\1", "\\1\\2", true)));
Yingdi Yuaa8d7692013-10-18 17:05:02 -070056 policyManager->addVerificationPolicyRule(Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<DNS>]*)<DNS><PROFILE>",
Yingdi Yued8cfc42013-11-01 17:37:51 -070057 "^([^<KEY>]*)<KEY>(<>*)[<ksk-.*><dsk-.*>]<ID-CERT>$",
Yingdi Yuaa8d7692013-10-18 17:05:02 -070058 "==", "\\1", "\\1\\2", true)));
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070059 policyManager->addVerificationPolicyRule(Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<PROFILE-CERT>]*)<PROFILE-CERT>",
Yingdi Yued8cfc42013-11-01 17:37:51 -070060 "^([^<KEY>]*)<KEY>(<>*<ksk-.*>)<ID-CERT>$",
Yingdi Yuaa8d7692013-10-18 17:05:02 -070061 "==", "\\1", "\\1\\2", true)));
Yingdi Yu42f66462013-10-31 17:38:22 -070062 policyManager->addVerificationPolicyRule(Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>",
Yingdi Yued8cfc42013-11-01 17:37:51 -070063 "^([^<KEY>]*)<KEY><dsk-.*><ID-CERT>$",
Yingdi Yuaa8d7692013-10-18 17:05:02 -070064 ">", "\\1\\2", "\\1", true)));
Yingdi Yu42f66462013-10-31 17:38:22 -070065 policyManager->addVerificationPolicyRule(Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT>",
Yingdi Yued8cfc42013-11-01 17:37:51 -070066 "^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
Yingdi Yuaa8d7692013-10-18 17:05:02 -070067 "==", "\\1", "\\1\\2", true)));
68
69 policyManager->addSigningPolicyRule(Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<DNS>]*)<DNS><PROFILE>",
70 "^([^<KEY>]*)<KEY>(<>*)<><ID-CERT>",
71 "==", "\\1", "\\1\\2", true)));
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070072
Yingdi Yu6a5b9f62013-11-06 23:00:21 -080073 const string TrustAnchor("BIICqgOyEIWlKzDI2xX2hdq5Azheu9IVyewcV4uM7ylfh67Y8MIxF3tDCTx5JgEn\
74HYMuCaYQm6XuaXTlVfDdWff/K7Xebq8IgGxjNBeU9eMf7Gy9iIMrRAOdBG0dBHmo\
7567biGs8F+P1oh1FwKu/FN1AE9vh8HSOJ94PWmjO+6PvITFIXuI3QbcCz8rhvbsfb\
765X/DmfbJ8n8c4X3nVxrBm6fd4z8kOFOvvhgJImvqsow69Uy+38m8gJrmrcWMoPBJ\
77WsNLcEriZCt/Dlg7EqqVrIn6ukylKCvVrxA9vm/cEB74J/N+T0JyMRDnTLm17gpq\
78Gd75rhj+bLmpOMOBT7Nb27wUKq8gcXzeAADy+p1uZG4A+p1LRVkA+vVrc2stMTM4\
79MzMyNTcyMAD6vUlELUNFUlQA+q39PgurHgAAAaID4gKF5vjua9EIr3/Fn8k1AdSc\
80nEryjVDW3ikvYoSwjK7egTkAArq1BSc+C6sdAAHiAery+p1uZG4A+p1LRVkA+vVr\
81c2stMTM4MzMyNTcyMAD6vUlELUNFUlQAAAAAAAGaFr0wggFjMCIYDzIwMTMxMTAx\
82MTcxMTIyWhgPMjAxNDExMDExNzExMjJaMBkwFwYDVQQpExBORE4gVGVzdGJlZCBS\
83b290MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA06x+elwzWCHa4I3b\
84yrYCMAIVxQpRVLuOXp0h+BS+5GNgMVPi7+40o4zSJG+kiU8CIH1mtj8RQAzBX9hF\
85I5VAyOC8nS8D8YOfBwt2yRDZPgt1E5PpyYUBiDYuq/zmJDL8xjxAlxrMzVOqD/uj\
86/vkkcBM/T1t9Q6p1CpRyq+GMRbV4EAHvH7MFb6bDrH9t8DHEg7NPUCaSQBrd7PvL\
8772P+QdiNH9zs/EiVzAkeMG4iniSXLuYM3z0gMqqcyUUUr6r1F9IBmDO+Kp97nZh8\
88VCL+cnIEwyzAFAupQH5GoXUWGiee8oKWwH2vGHX7u6sWZsCp15NMSG3OC4jUIZOE\
89iVUF1QIBEQAA");
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070090
Yingdi Yu6a5b9f62013-11-06 23:00:21 -080091 string decoded;
92 CryptoPP::StringSource ss(reinterpret_cast<const unsigned char *>(TrustAnchor.c_str()),
93 TrustAnchor.size(),
94 true,
95 new CryptoPP::Base64Decoder(new CryptoPP::StringSink(decoded)));
96 Ptr<Blob> blob = Ptr<Blob>(new Blob(decoded.c_str(), decoded.size()));
97 Ptr<Data> data = Data::decodeFromWire(blob);
98 Ptr<IdentityCertificate>anchor = Ptr<IdentityCertificate>(new IdentityCertificate(*data));
Yingdi Yu0b82a4e2013-10-18 11:29:25 -070099 policyManager->addTrustAnchor(anchor);
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800100
101#ifdef _DEBUG
102
103 const string FakeAnchor("BIICqgOyEIVAaoHnQZIx5osAuY2fKte4HBSrxyam7MY6/kp+w47O1bGdd2KjeZKV\
104zZzQd3EQorDC3KUPbB6ql30jYfspvo4OPSlIuDrkyROaoZ+MSKyzQYpB6CZcTjBa\
105qcWYFOfwUlcWvkbd00X4bkc5PkcWpVdRrx+NCTiq9EXes//hOHpEJHMNsJUi45O+\
1066M4OE6/sNEqs/ryHn2w1vCqwPpG8xzcd0prQUdCH2MGE77F+H0XFDuWp8mrT37Uw\
107DUy7Ltm+7nDTHSQy2J3Zk4Q+0tjxCzSw4owEpwOHr+afdkuE3v9aB2NRQBBDCEmL\
108Ykz4sYX3XE8MVFqRn1HHWCkszjDg+F0UAADy+p1uZG4A+p1LRVkA+vVrc2stMTM4\
109MjkzNDE5OAD6vUlELUNFUlQA+s39/////95rc7MAAAGiA+IChaK1eVvzlkg6BJAw\
110qiOpxRoezQ0hAHOBbPRLeBllxMN7AAK6tQUm3mtztQAB4gHq8vqdbmRuAPqdS0VZ\
111APr1a3NrLTEzODI5MzQxOTgA+r1JRC1DRVJUAAAAAAABmhblMIIBaDAiGA8yMDEz\
112MTAyODAwMDAwMFoYDzIwMzMxMDI4MDAwMDAwWjAcMBoGA1UEKRMTL25kbi9rc2st\
113MTM4MjkzNDE5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2htIFF\
114/PH+SJsGOA6jhpFT74xfLJlgZNJOnKzl27HI2gupE0mainWj/HqVzdGxD6jOOReI\
115sul+eQyEyBYq4e35pLmdJGlux/+UPQ51DD8jg04GrUPewV7+iGm6usp/7xEGHbah\
116H2Grv/bsGrt6aRA8cKmdIc+rehxZCVFtiwSEHTnOWzn3lfZR5xnjF9aGX+uGo1hA\
117gMwu1ECxg4H3O4z1tbTzji5+WH0RDsPRlgzQX6wAQH8btlQyoFJfljEA3QaOtDaB\
118OcfegIlClzutmgJnK9i5ZLz2Mjvx49dlCWAVKg65vOXMLC/33jD9F+V8urwsBlOb\
119F7Wh5ayeo8NBKDsCAwEAAQAA");
120
121 string decoded2;
122 CryptoPP::StringSource ss2(reinterpret_cast<const unsigned char *>(FakeAnchor.c_str()),
123 FakeAnchor.size(),
124 true,
125 new CryptoPP::Base64Decoder(new CryptoPP::StringSink(decoded2)));
126 Ptr<Blob> blob2 = Ptr<Blob>(new Blob(decoded2.c_str(), decoded2.size()));
127 Ptr<Data> data2 = Data::decodeFromWire(blob2);
128 Ptr<IdentityCertificate>anchor2 = Ptr<IdentityCertificate>(new IdentityCertificate(*data2));
129 policyManager->addTrustAnchor(anchor2);
130
131#endif
Yingdi Yu0b82a4e2013-10-18 11:29:25 -0700132
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700133 m_keychain = keychain;
Yingdi Yu0b82a4e2013-10-18 11:29:25 -0700134}
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700135
136
137void
138ContactManager::fetchSelfEndorseCertificate(const ndn::Name& identity)
139{
140 Name interestName = identity;
141 interestName.append("DNS").append("PROFILE");
142
143 Ptr<Interest> interestPtr = Ptr<Interest>(new Interest(interestName));
Yingdi Yu42f66462013-10-31 17:38:22 -0700144 interestPtr->setChildSelector(Interest::CHILD_RIGHT);
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700145 Ptr<Closure> closure = Ptr<Closure> (new Closure(boost::bind(&ContactManager::onDnsSelfEndorseCertificateVerified,
146 this,
147 _1,
148 identity),
149 boost::bind(&ContactManager::onDnsSelfEndorseCertificateTimeout,
150 this,
151 _1,
152 _2,
153 identity,
154 0),
155 boost::bind(&ContactManager::onDnsSelfEndorseCertificateUnverified,
156 this,
157 _1,
158 identity)));
159 m_wrapper->sendInterest(interestPtr, closure);
160}
161
162void
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800163ContactManager::fetchCollectEndorse(const ndn::Name& identity)
164{
165 Name interestName = identity;
166 interestName.append("DNS").append("ENDORSED");
167
168 Ptr<Interest> interestPtr = Ptr<Interest>(new Interest(interestName));
169 interestPtr->setChildSelector(Interest::CHILD_RIGHT);
170 interestPtr->setInterestLifetime(1);
171 Ptr<Closure> closure = Ptr<Closure> (new Closure(boost::bind(&ContactManager::onDnsCollectEndorseVerified,
172 this,
173 _1,
174 identity),
175 boost::bind(&ContactManager::onDnsCollectEndorseTimeout,
176 this,
177 _1,
178 _2,
179 identity,
180 0),
181 boost::bind(&ContactManager::onDnsCollectEndorseUnverified,
182 this,
183 _1,
184 identity)));
185 m_wrapper->sendInterest(interestPtr, closure);
186}
187
188void
189ContactManager::fetchKey(const ndn::Name& certName)
190{
191 Name interestName = certName;
192
193 Ptr<Interest> interestPtr = Ptr<Interest>(new Interest(interestName));
194 interestPtr->setChildSelector(Interest::CHILD_RIGHT);
Yingdi Yu908f8412013-11-09 00:03:26 -0800195 interestPtr->setInterestLifetime(1);
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800196 Ptr<Closure> closure = Ptr<Closure> (new Closure(boost::bind(&ContactManager::onKeyVerified,
197 this,
198 _1,
199 certName),
200 boost::bind(&ContactManager::onKeyTimeout,
201 this,
202 _1,
203 _2,
204 certName,
205 0),
206 boost::bind(&ContactManager::onKeyUnverified,
207 this,
208 _1,
209 certName)));
210 m_wrapper->sendInterest(interestPtr, closure);
211}
212
213void
Yingdi Yu908f8412013-11-09 00:03:26 -0800214ContactManager::fetchIdCertificate(const ndn::Name& certName)
215{
216 Name interestName = certName;
217
218 Ptr<Interest> interestPtr = Ptr<Interest>(new Interest(interestName));
219 interestPtr->setChildSelector(Interest::CHILD_RIGHT);
220 interestPtr->setInterestLifetime(1);
221 Ptr<Closure> closure = Ptr<Closure> (new Closure(boost::bind(&ContactManager::onIdCertificateVerified,
222 this,
223 _1,
224 certName),
225 boost::bind(&ContactManager::onIdCertificateTimeout,
226 this,
227 _1,
228 _2,
229 certName,
230 0),
231 boost::bind(&ContactManager::onIdCertificateUnverified,
232 this,
233 _1,
234 certName)));
235 m_wrapper->sendInterest(interestPtr, closure);
236}
237
238void
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800239ContactManager::onDnsCollectEndorseVerified(Ptr<Data> data, const Name& identity)
240{ emit collectEndorseFetched (*data); }
241
242void
243ContactManager::onDnsCollectEndorseTimeout(Ptr<Closure> closure, Ptr<Interest> interest, const Name& identity, int retry)
244{ emit collectEndorseFetchFailed (identity); }
245
246void
247ContactManager::onDnsCollectEndorseUnverified(Ptr<Data> data, const Name& identity)
248{ emit collectEndorseFetchFailed (identity); }
249
250void
251ContactManager::onKeyVerified(Ptr<Data> data, const Name& identity)
252{
253 IdentityCertificate identityCertificate(*data);
Yingdi Yue9ea5c92013-11-06 18:42:34 -0800254
255 Ptr<ProfileData> profileData = Ptr<ProfileData>(new ProfileData(Profile(identityCertificate)));
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800256
257 Ptr<IdentityManager> identityManager = m_keychain->getIdentityManager();
258 Name certificateName = identityManager->getDefaultCertificateName ();
259 identityManager->signByCertificate(*profileData, certificateName);
260
Yingdi Yub35b8652013-11-07 11:32:40 -0800261 Ptr<EndorseCertificate> endorseCertificate = NULL;
262 try{
263 endorseCertificate = Ptr<EndorseCertificate>(new EndorseCertificate(identityCertificate, profileData));
264 }catch(exception& e){
265 _LOG_ERROR("Exception: " << e.what());
266 return;
267 }
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800268
Yingdi Yub35b8652013-11-07 11:32:40 -0800269 identityManager->signByCertificate(*endorseCertificate, certificateName);
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800270
Yingdi Yub35b8652013-11-07 11:32:40 -0800271 emit contactKeyFetched (*endorseCertificate);
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800272}
273
274void
275ContactManager::onKeyUnverified(Ptr<Data> data, const Name& identity)
276{ emit contactKeyFetchFailed (identity); }
277
278void
279ContactManager::onKeyTimeout(Ptr<Closure> closure, Ptr<Interest> interest, const Name& identity, int retry)
280{ emit contactKeyFetchFailed(identity); }
281
282void
Yingdi Yu908f8412013-11-09 00:03:26 -0800283ContactManager::onIdCertificateVerified(Ptr<Data> data, const Name& identity)
284{
285 IdentityCertificate identityCertificate(*data);
286 emit contactCertificateFetched(identityCertificate);
287}
288
289void
290ContactManager::onIdCertificateUnverified(Ptr<Data> data, const Name& identity)
291{ emit contactCertificateFetchFailed (identity); }
292
293void
294ContactManager::onIdCertificateTimeout(Ptr<Closure> closure, Ptr<Interest> interest, const Name& identity, int retry)
295{ emit contactCertificateFetchFailed (identity); }
296
297void
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700298ContactManager::updateProfileData(const Name& identity)
299{
300 // Get current profile;
301 Ptr<Profile> newProfile = m_contactStorage->getSelfProfile(identity);
302 if(NULL == newProfile)
303 return;
304 Ptr<Blob> newProfileBlob = newProfile->toDerBlob();
305
306 // Check if profile exists
307 Ptr<Blob> profileDataBlob = m_contactStorage->getSelfEndorseCertificate(identity);
308 if(NULL != profileDataBlob)
309 {
Yingdi Yub35b8652013-11-07 11:32:40 -0800310
311 Ptr<EndorseCertificate> oldEndorseCertificate = NULL;
312 try{
313 Ptr<Data> plainData = Data::decodeFromWire(profileDataBlob);
314 oldEndorseCertificate = Ptr<EndorseCertificate>(new EndorseCertificate(*plainData));
315 }catch(exception& e){
316 _LOG_ERROR("Exception: " << e.what());
317 return;
318 }
319
320 const Blob& oldProfileBlob = oldEndorseCertificate->getProfileData()->content();
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700321
322 if(oldProfileBlob == *newProfileBlob)
323 return;
324
325 Ptr<EndorseCertificate> newEndorseCertificate = getSignedSelfEndorseCertificate(identity, *newProfile);
Yingdi Yub35b8652013-11-07 11:32:40 -0800326
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700327 if(NULL == newEndorseCertificate)
328 return;
Yingdi Yub35b8652013-11-07 11:32:40 -0800329
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700330 m_contactStorage->updateSelfEndorseCertificate(newEndorseCertificate, identity);
331
332 publishSelfEndorseCertificateInDNS(newEndorseCertificate);
333 }
334 else
335 {
336 Ptr<EndorseCertificate> newEndorseCertificate = getSignedSelfEndorseCertificate(identity, *newProfile);
Yingdi Yub35b8652013-11-07 11:32:40 -0800337
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700338 if(NULL == newEndorseCertificate)
339 return;
Yingdi Yub35b8652013-11-07 11:32:40 -0800340
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700341 m_contactStorage->addSelfEndorseCertificate(newEndorseCertificate, identity);
342
343 publishSelfEndorseCertificateInDNS(newEndorseCertificate);
344 }
345}
346
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800347void
348ContactManager::updateEndorseCertificate(const ndn::Name& identity, const ndn::Name& signerIdentity)
349{
350 Ptr<Blob> oldEndorseCertificateBlob = m_contactStorage->getEndorseCertificate(identity);
351 Ptr<EndorseCertificate> newEndorseCertificate = generateEndorseCertificate(identity, signerIdentity);
352 if(NULL != oldEndorseCertificateBlob)
353 {
Yingdi Yub35b8652013-11-07 11:32:40 -0800354 Ptr<EndorseCertificate> oldEndorseCertificate = NULL;
355 try{
356 Ptr<Data> plainData = Data::decodeFromWire(oldEndorseCertificateBlob);
357 oldEndorseCertificate = Ptr<EndorseCertificate>(new EndorseCertificate(*plainData));
358 }catch(exception& e){
359 _LOG_ERROR("Exception: " << e.what());
360 return;
361 }
362 const Blob& oldEndorseContent = oldEndorseCertificate->content();
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800363 const Blob& newEndorseContent = newEndorseCertificate->content();
364 if(oldEndorseContent == newEndorseContent)
365 return;
366 }
367 else
368 {
369 if(NULL == newEndorseCertificate)
370 return;
371 }
372 m_contactStorage->addEndorseCertificate(newEndorseCertificate, identity);
373 publishEndorseCertificateInDNS(newEndorseCertificate, signerIdentity);
374}
375
376Ptr<EndorseCertificate>
377ContactManager::generateEndorseCertificate(const Name& identity, const Name& signerIdentity)
378{
379 Ptr<ContactItem> contact = getContact(identity);
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800380 if(contact == NULL)
381 return NULL;
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800382
383 Ptr<IdentityManager> identityManager = m_keychain->getIdentityManager();
384 Name signerKeyName = identityManager->getDefaultKeyNameForIdentity(signerIdentity);
385 Name signerCertName = identityManager->getDefaultCertificateNameByIdentity(signerIdentity);
386
387 vector<string> endorseList = m_contactStorage->getEndorseList(identity);
388
Yingdi Yub35b8652013-11-07 11:32:40 -0800389 Ptr<EndorseCertificate> cert = NULL;
390 try{
391 cert = Ptr<EndorseCertificate>(new EndorseCertificate(contact->getSelfEndorseCertificate(), signerKeyName, endorseList));
392 }catch(exception& e){
393 _LOG_ERROR("Exception: " << e.what());
394 return NULL;
395 }
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800396 identityManager->signByCertificate(*cert, signerCertName);
397
398 return cert;
399}
400
Yingdi Yu79c25a22013-10-21 13:38:38 -0700401vector<Ptr<ContactItem> >
402ContactManager::getContactItemList()
Yingdi Yu813d4e92013-11-03 16:22:05 -0800403{ return m_contactStorage->getAllContacts(); }
Yingdi Yu79c25a22013-10-21 13:38:38 -0700404
Yingdi Yud40226b2013-10-23 14:05:12 -0700405Ptr<ContactItem>
406ContactManager::getContact(const ndn::Name& contactNamespace)
Yingdi Yu813d4e92013-11-03 16:22:05 -0800407{ return m_contactStorage->getContact(contactNamespace); }
Yingdi Yud40226b2013-10-23 14:05:12 -0700408
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700409Ptr<EndorseCertificate>
410ContactManager::getSignedSelfEndorseCertificate(const Name& identity,
411 const Profile& profile)
412{
413 Ptr<IdentityManager> identityManager = m_keychain->getIdentityManager();
414 Name certificateName = identityManager->getDefaultCertificateNameByIdentity(identity);
415 if(0 == certificateName.size())
416 return NULL;
417
Yingdi Yue9ea5c92013-11-06 18:42:34 -0800418 Ptr<ProfileData> profileData = Ptr<ProfileData>(new ProfileData(profile));
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700419 identityManager->signByCertificate(*profileData, certificateName);
420
Yingdi Yued8cfc42013-11-01 17:37:51 -0700421 Ptr<security::IdentityCertificate> signingCert = identityManager->getCertificate(certificateName);
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800422 if(NULL == signingCert)
423 return NULL;
424
Yingdi Yued8cfc42013-11-01 17:37:51 -0700425 Name signingKeyName = security::IdentityCertificate::certificateNameToPublicKeyName(signingCert->getName(), true);
426
427 Ptr<security::IdentityCertificate> kskCert;
428 if(signingKeyName.get(-1).toUri().substr(0,4) == string("dsk-"))
429 {
430 Ptr<const signature::Sha256WithRsa> dskCertSig = DynamicCast<const signature::Sha256WithRsa>(signingCert->getSignature());
431 // HACK! KSK certificate should be retrieved from network.
Yingdi Yued8cfc42013-11-01 17:37:51 -0700432 Name keyName = security::IdentityCertificate::certificateNameToPublicKeyName(dskCertSig->getKeyLocator().getKeyName());
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800433
Yingdi Yued8cfc42013-11-01 17:37:51 -0700434 Name kskCertName = identityManager->getPublicStorage()->getDefaultCertificateNameForKey(keyName);
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800435
Yingdi Yued8cfc42013-11-01 17:37:51 -0700436 kskCert = identityManager->getCertificate(kskCertName);
437
438 }
439 else
440 {
441 kskCert = signingCert;
Yingdi Yued8cfc42013-11-01 17:37:51 -0700442 }
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700443
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800444 if(NULL == kskCert)
445 return NULL;
446
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700447 vector<string> endorseList;
448 Profile::const_iterator it = profile.begin();
449 for(; it != profile.end(); it++)
450 endorseList.push_back(it->first);
451
Yingdi Yub35b8652013-11-07 11:32:40 -0800452 Ptr<EndorseCertificate> selfEndorseCertificate = NULL;
453 try{
454 selfEndorseCertificate = Ptr<EndorseCertificate>(new EndorseCertificate(*kskCert,
455 profileData,
456 endorseList));
457 }catch(exception& e){
458 _LOG_ERROR("Exception: " << e.what());
459 return NULL;
460 }
461
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700462 identityManager->signByCertificate(*selfEndorseCertificate, kskCert->getName());
463
464 return selfEndorseCertificate;
465}
466
467
468void
469ContactManager::onDnsSelfEndorseCertificateVerified(Ptr<Data> data, const Name& identity)
470{
Yingdi Yuc29fb982013-10-20 19:43:10 -0700471 Ptr<Blob> dataContentBlob = Ptr<Blob>(new Blob(data->content().buf(), data->content().size()));
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700472
Yingdi Yub35b8652013-11-07 11:32:40 -0800473 Ptr<Data> plainData = NULL;
474 Ptr<EndorseCertificate> selfEndorseCertificate = NULL;
475 try{
476 plainData = Data::decodeFromWire(dataContentBlob);
477 selfEndorseCertificate = Ptr<EndorseCertificate>(new EndorseCertificate(*plainData));
478 }catch(exception& e){
479 _LOG_ERROR("Exception: " << e.what());
480 return;
481 }
Yingdi Yuc29fb982013-10-20 19:43:10 -0700482
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700483 const security::Publickey& ksk = selfEndorseCertificate->getPublicKeyInfo();
Yingdi Yuc29fb982013-10-20 19:43:10 -0700484
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700485 if(security::PolicyManager::verifySignature(*plainData, ksk))
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800486 emit contactFetched (*selfEndorseCertificate);
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700487 else
Yingdi Yu6a5b9f62013-11-06 23:00:21 -0800488 emit contactFetchFailed (identity);
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700489}
490
491void
492ContactManager::onDnsSelfEndorseCertificateUnverified(Ptr<Data> data, const Name& identity)
493{ emit contactFetchFailed (identity); }
494
495void
496ContactManager::onDnsSelfEndorseCertificateTimeout(Ptr<Closure> closure, Ptr<Interest> interest, const Name& identity, int retry)
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800497{ emit contactFetchFailed(identity); }
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700498
499void
500ContactManager::publishSelfEndorseCertificateInDNS(Ptr<EndorseCertificate> selfEndorseCertificate)
501{
502 Ptr<Data> data = Ptr<Data>::Create();
503
504 Name keyName = selfEndorseCertificate->getPublicKeyName();
505 Name identity = keyName.getSubName(0, keyName.size()-1);
506
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700507
508 Name dnsName = identity;
Yingdi Yu42f66462013-10-31 17:38:22 -0700509 dnsName.append("DNS").append("PROFILE").appendVersion();
Yingdi Yuc29fb982013-10-20 19:43:10 -0700510
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700511 data->setName(dnsName);
512 Ptr<Blob> blob = selfEndorseCertificate->encodeToWire();
Yingdi Yuc29fb982013-10-20 19:43:10 -0700513
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700514 Content content(blob->buf(), blob->size());
515 data->setContent(content);
516
517 m_keychain->signByIdentity(*data, identity);
Yingdi Yu590fa5d2013-10-18 18:35:09 -0700518
519 m_dnsStorage->updateDnsSelfProfileData(*data, identity);
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700520
521 Ptr<Blob> dnsBlob = data->encodeToWire();
522
Yingdi Yuc4d08d22013-10-23 23:07:29 -0700523 m_wrapper->putToNdnd(*dnsBlob);
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700524}
525
Yingdi Yu8dacdf22013-11-05 23:06:43 -0800526void
527ContactManager::publishEndorseCertificateInDNS(Ptr<EndorseCertificate> endorseCertificate, const Name& signerIdentity)
528{
529 Ptr<Data> data = Ptr<Data>::Create();
530
531 Name keyName = endorseCertificate->getPublicKeyName();
532 Name endorsee = keyName.getSubName(0, keyName.size()-1);
533
534
535 Name dnsName = signerIdentity;
536 dnsName.append("DNS").append(endorsee).append("ENDORSEE").appendVersion();
537
538 data->setName(dnsName);
539 Ptr<Blob> blob = endorseCertificate->encodeToWire();
540
541 Content content(blob->buf(), blob->size());
542 data->setContent(content);
543
544 Name signCertName = m_keychain->getIdentityManager()->getDefaultCertificateNameByIdentity(signerIdentity);
545 m_keychain->getIdentityManager()->signByCertificate(*data, signCertName);
546
547 m_dnsStorage->updateDnsEndorseOthers(*data, signerIdentity, endorsee);
548
549 Ptr<Blob> dnsBlob = data->encodeToWire();
550
551 m_wrapper->putToNdnd(*dnsBlob);
552}
553
554void
555ContactManager::publishEndorsedDataInDns(const Name& identity)
556{
557 Ptr<Data> data = Ptr<Data>::Create();
558
559 Name dnsName = identity;
560 dnsName.append("DNS").append("ENDORSED").appendVersion();
561 data->setName(dnsName);
562
563 Ptr<vector<Blob> > collectEndorseList = m_contactStorage->getCollectEndorseList(identity);
564
565 Ptr<der::DerSequence> root = Ptr<der::DerSequence>::Create();
566
567 vector<Blob>::const_iterator it = collectEndorseList->begin();
568 for(; it != collectEndorseList->end(); it++)
569 {
570 Ptr<der::DerOctetString> entry = Ptr<der::DerOctetString>(new der::DerOctetString(*it));
571 root->addChild(entry);
572 }
573
574 blob_stream blobStream;
575 OutputIterator & start = reinterpret_cast<OutputIterator &> (blobStream);
576 root->encode(start);
577
578 Content content(blobStream.buf()->buf(), blobStream.buf()->size());
579 data->setContent(content);
580
581 Name signCertName = m_keychain->getIdentityManager()->getDefaultCertificateNameByIdentity(identity);
582 m_keychain->getIdentityManager()->signByCertificate(*data, signCertName);
583
584 m_dnsStorage->updateDnsOthersEndorse(*data, identity);
585
586 Ptr<Blob> dnsBlob = data->encodeToWire();
587
588 m_wrapper->putToNdnd(*dnsBlob);
589}
590
Yingdi Yu908f8412013-11-09 00:03:26 -0800591void
592ContactManager::addContact(const IdentityCertificate& identityCertificate, const Profile& profile)
593{
594 Ptr<ProfileData> profileData = Ptr<ProfileData>(new ProfileData(profile));
595
596 Ptr<IdentityManager> identityManager = m_keychain->getIdentityManager();
597 Name certificateName = identityManager->getDefaultCertificateNameByIdentity (m_defaultIdentity);
598 identityManager->signByCertificate(*profileData, certificateName);
599
600 Ptr<EndorseCertificate> endorseCertificate = NULL;
601 try{
602 endorseCertificate = Ptr<EndorseCertificate>(new EndorseCertificate(identityCertificate, profileData));
603 }catch(exception& e){
604 _LOG_ERROR("Exception: " << e.what());
605 return;
606 }
607
608 identityManager->signByCertificate(*endorseCertificate, certificateName);
609
610 ContactItem contactItem(*endorseCertificate);
611
612 try{
613 m_contactStorage->addContact(contactItem);
614 }catch(exception& e){
615 emit warning(e.what());
616 _LOG_ERROR("Exception: " << e.what());
617 return;
618 }
619}
620
621
Yingdi Yuaa8d7692013-10-18 17:05:02 -0700622
623#if WAF
624#include "contact-manager.moc"
625#include "contact-manager.cpp.moc"
626#endif