blob: 21f505365795eebd7277d6501ee4b4aada5745db [file] [log] [blame]
Yingdi Yu3c2a9762013-10-11 11:02:09 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/*
3 * Copyright (c) 2013, Regents of the University of California
4 * Yingdi Yu
5 *
6 * BSD license, See the LICENSE file for more information
7 *
8 * Author: Yingdi Yu <yingdi@cs.ucla.edu>
9 */
10
11#include "endorse-certificate.h"
Yingdi Yu64206112013-12-24 11:16:32 +080012#include "endorse-extension.pb.h"
Yingdi Yu64206112013-12-24 11:16:32 +080013#include <boost/iostreams/stream.hpp>
Yingdi Yu68aced92013-10-17 21:13:03 -070014#include "logging.h"
Yingdi Yu3c2a9762013-10-11 11:02:09 -070015
16using namespace std;
17using namespace ndn;
Yingdi Yua1a688f2014-02-06 18:09:22 -080018
Yingdi Yu3c2a9762013-10-11 11:02:09 -070019
Yingdi Yu68aced92013-10-17 21:13:03 -070020INIT_LOGGER("EndorseCertificate");
21
Yingdi Yua1a688f2014-02-06 18:09:22 -080022namespace chronos{
Yingdi Yu3c2a9762013-10-11 11:02:09 -070023
Yingdi Yua1a688f2014-02-06 18:09:22 -080024const OID EndorseCertificate::PROFILE_EXT_OID("1.3.6.1.5.32.2.1");
25const OID EndorseCertificate::ENDORSE_EXT_OID("1.3.6.1.5.32.2.2");
Yingdi Yu5ff62102013-10-13 17:24:50 -070026
Yingdi Yua1a688f2014-02-06 18:09:22 -080027Chronos::EndorseExtensionMsg&
28operator << (Chronos::EndorseExtensionMsg& endorseExtension, const vector<string>& endorseList)
29{
Yingdi Yu64206112013-12-24 11:16:32 +080030 vector<string>::const_iterator it = endorseList.begin();
31 for(; it != endorseList.end(); it++)
32 endorseExtension.add_endorseentry()->set_name(*it);
Yingdi Yu5ff62102013-10-13 17:24:50 -070033
Yingdi Yua1a688f2014-02-06 18:09:22 -080034 return endorseExtension;
35}
36
37Chronos::EndorseExtensionMsg&
38operator >> (Chronos::EndorseExtensionMsg& endorseExtension, vector<string>& endorseList)
39{
40 for(int i = 0; i < endorseExtension.endorseentry_size(); i ++)
41 endorseList.push_back(endorseExtension.endorseentry(i).name());
42
43 return endorseExtension;
Yingdi Yu5ff62102013-10-13 17:24:50 -070044}
45
Yingdi Yu3c2a9762013-10-11 11:02:09 -070046EndorseCertificate::EndorseCertificate(const IdentityCertificate& kskCertificate,
Yingdi Yua1a688f2014-02-06 18:09:22 -080047 const Profile& profile,
Yingdi Yu5ff62102013-10-13 17:24:50 -070048 const vector<string>& endorseList)
Yingdi Yu3c2a9762013-10-11 11:02:09 -070049 : Certificate()
Yingdi Yua1a688f2014-02-06 18:09:22 -080050 , m_profile(profile)
Yingdi Yu5ff62102013-10-13 17:24:50 -070051 , m_endorseList(endorseList)
Yingdi Yu3c2a9762013-10-11 11:02:09 -070052{
Yingdi Yua1a688f2014-02-06 18:09:22 -080053 m_keyName = IdentityCertificate::certificateNameToPublicKeyName(kskCertificate.getName());
54 m_signer = m_keyName;
55
Yingdi Yu5ff62102013-10-13 17:24:50 -070056 Name dataName = m_keyName;
Yingdi Yu6df61252014-01-21 11:05:11 -080057 dataName.append("PROFILE-CERT").append(m_signer.wireEncode()).appendVersion();
Yingdi Yu5ff62102013-10-13 17:24:50 -070058 setName(dataName);
59
Yingdi Yu8dacdf22013-11-05 23:06:43 -080060 setNotBefore(kskCertificate.getNotBefore());
61 setNotAfter(kskCertificate.getNotAfter());
Yingdi Yu64206112013-12-24 11:16:32 +080062 addSubjectDescription(CertificateSubjectDescription("2.5.4.41", m_keyName.toUri()));
Yingdi Yu68aced92013-10-17 21:13:03 -070063 setPublicKeyInfo(kskCertificate.getPublicKeyInfo());
Yingdi Yua1a688f2014-02-06 18:09:22 -080064
65 OBufferStream profileStream;
66 m_profile.encode(profileStream);
67 addExtension(CertificateExtension(PROFILE_EXT_OID, true, *profileStream.buf()));
68
69 OBufferStream endorseStream;
70 Chronos::EndorseExtensionMsg endorseExtension;
71 endorseExtension << m_endorseList;
72 endorseExtension.SerializeToOstream(&endorseStream);
73 addExtension(CertificateExtension(ENDORSE_EXT_OID, true, *endorseStream.buf()));
Yingdi Yu5ff62102013-10-13 17:24:50 -070074
75 encode();
76}
77
78EndorseCertificate::EndorseCertificate(const EndorseCertificate& endorseCertificate,
79 const Name& signer,
Yingdi Yu5ff62102013-10-13 17:24:50 -070080 const vector<string>& endorseList)
81 : Certificate()
82 , m_keyName(endorseCertificate.m_keyName)
83 , m_signer(signer)
Yingdi Yua1a688f2014-02-06 18:09:22 -080084 , m_profile(endorseCertificate.m_profile)
Yingdi Yu5ff62102013-10-13 17:24:50 -070085 , m_endorseList(endorseList)
Yingdi Yua1a688f2014-02-06 18:09:22 -080086{
Yingdi Yu5ff62102013-10-13 17:24:50 -070087 Name dataName = m_keyName;
Yingdi Yu6df61252014-01-21 11:05:11 -080088 dataName.append("PROFILE-CERT").append(m_signer.wireEncode()).appendVersion();
Yingdi Yu5ff62102013-10-13 17:24:50 -070089 setName(dataName);
90
Yingdi Yu8dacdf22013-11-05 23:06:43 -080091 setNotBefore(endorseCertificate.getNotBefore());
92 setNotAfter(endorseCertificate.getNotAfter());
Yingdi Yu64206112013-12-24 11:16:32 +080093 addSubjectDescription(CertificateSubjectDescription("2.5.4.41", m_keyName.toUri()));
Yingdi Yu5ff62102013-10-13 17:24:50 -070094 setPublicKeyInfo(endorseCertificate.getPublicKeyInfo());
Yingdi Yua1a688f2014-02-06 18:09:22 -080095
96 OBufferStream profileStream;
97 m_profile.encode(profileStream);
98 addExtension(CertificateExtension(PROFILE_EXT_OID, true, *profileStream.buf()));
99
100 OBufferStream endorseStream;
101 Chronos::EndorseExtensionMsg endorseExtension;
102 endorseExtension << m_endorseList;
103 endorseExtension.SerializeToOstream(&endorseStream);
104 addExtension(CertificateExtension(ENDORSE_EXT_OID, true, *endorseStream.buf()));
Yingdi Yu5ff62102013-10-13 17:24:50 -0700105
106 encode();
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700107}
108
109EndorseCertificate::EndorseCertificate(const EndorseCertificate& endorseCertificate)
110 : Certificate(endorseCertificate)
111 , m_keyName(endorseCertificate.m_keyName)
112 , m_signer(endorseCertificate.m_signer)
Yingdi Yua1a688f2014-02-06 18:09:22 -0800113 , m_profile(endorseCertificate.m_profile)
Yingdi Yu5ff62102013-10-13 17:24:50 -0700114 , m_endorseList(endorseCertificate.m_endorseList)
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700115{}
116
117EndorseCertificate::EndorseCertificate(const Data& data)
118 : Certificate(data)
119{
120 const Name& dataName = data.getName();
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700121
Yingdi Yua1a688f2014-02-06 18:09:22 -0800122 if(dataName.size() < 3 || dataName.get(-3).toEscapedString() != "PROFILE-CERT")
Yingdi Yu6df61252014-01-21 11:05:11 -0800123 throw Error("No PROFILE-CERT component in data name!");
124
125 m_keyName = dataName.getPrefix(-3);
Yingdi Yua1a688f2014-02-06 18:09:22 -0800126 m_signer.wireDecode(dataName.get(-2).blockFromValue());
Yingdi Yu5ff62102013-10-13 17:24:50 -0700127
Yingdi Yu64206112013-12-24 11:16:32 +0800128 ExtensionList::iterator it = extensionList_.begin();
129 for(; it != extensionList_.end(); it++)
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700130 {
Yingdi Yua1a688f2014-02-06 18:09:22 -0800131 if(PROFILE_EXT_OID == it->getOid())
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700132 {
Yingdi Yua1a688f2014-02-06 18:09:22 -0800133 boost::iostreams::stream<boost::iostreams::array_source> is
134 (reinterpret_cast<const char*>(it->getValue().buf()), it->getValue().size());
135 m_profile.decode(is);
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700136 }
Yingdi Yua1a688f2014-02-06 18:09:22 -0800137 if(ENDORSE_EXT_OID == it->getOid())
Yingdi Yu5ff62102013-10-13 17:24:50 -0700138 {
Yingdi Yua1a688f2014-02-06 18:09:22 -0800139 Chronos::EndorseExtensionMsg endorseExtension;
140
141 boost::iostreams::stream<boost::iostreams::array_source> is
142 (reinterpret_cast<const char*>(it->getValue().buf()), it->getValue().size());
143 endorseExtension.ParseFromIstream(&is);
144
145 endorseExtension >> m_endorseList;
Yingdi Yu5ff62102013-10-13 17:24:50 -0700146 }
Yingdi Yu3c2a9762013-10-11 11:02:09 -0700147 }
148}
Yingdi Yua1a688f2014-02-06 18:09:22 -0800149
150}//chronos