Adapting to TLV-specific ndn-cpp
diff --git a/src/specific-policy-rule.cc b/src/specific-policy-rule.cc
index 7057ba5..3a74e64 100644
--- a/src/specific-policy-rule.cc
+++ b/src/specific-policy-rule.cc
@@ -9,7 +9,7 @@
*/
#include "specific-policy-rule.h"
-#include <ndn-cpp/sha256-with-rsa-signature.hpp>
+#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
using namespace ndn;
using namespace ndn::ptr_lib;
@@ -36,9 +36,15 @@
bool
SpecificPolicyRule::matchSignerName(const Data& data)
{
- const Sha256WithRsaSignature* sigPtr = dynamic_cast<const Sha256WithRsaSignature*> (data.getSignature());
- Name signerName = sigPtr->getKeyLocator().getKeyName ();
- return m_signerRegex->match(signerName);
+ try{
+ SignatureSha256WithRsa sig(data.getSignature());
+ Name signerName = sig.getKeyLocator().getName ();
+ return m_signerRegex->match(signerName);
+ }catch(SignatureSha256WithRsa::Error &e){
+ return false;
+ }catch(KeyLocator::Error &e){
+ return false;
+ }
}
bool
diff --git a/src/sync-intro-certificate.cc b/src/sync-intro-certificate.cc
index d7e75f8..9489bb2 100644
--- a/src/sync-intro-certificate.cc
+++ b/src/sync-intro-certificate.cc
@@ -42,7 +42,7 @@
certificateName.append("INTRODUCER");
break;
default:
- throw SecurityException("Wrong Introduction Type!");
+ throw Error("Wrong Introduction Type!");
}
posix_time::time_duration now = posix_time::microsec_clock::universal_time () - posix_time::ptime(gregorian::date (1970, boost::gregorian::Jan, 1));
@@ -76,7 +76,7 @@
certificateName.append("INTRODUCER");
break;
default:
- throw SecurityException("Wrong Introduction Type!");
+ throw Error("Wrong Introduction Type!");
}
posix_time::time_duration now = posix_time::microsec_clock::universal_time () - posix_time::ptime(gregorian::date (1970, boost::gregorian::Jan, 1));
uint64_t version = (now.total_seconds () << 12) | (0xFFF & (now.fractional_seconds () / 244));
@@ -106,7 +106,7 @@
}
if(i >= certificateName.size())
- throw SecurityException("Wrong SyncIntroCertificate Name!");
+ throw Error("Wrong SyncIntroCertificate Name!");
for(; i< certificateName.size(); i++)
{
@@ -118,7 +118,7 @@
}
if(i >= certificateName.size())
- throw SecurityException("Wrong SyncIntroCertificate Name!");
+ throw Error("Wrong SyncIntroCertificate Name!");
m_keyName = certificateName.getSubName(keyNameStart, keyNameEnd - keyNameStart);
@@ -128,7 +128,7 @@
else if(typeComponent == string("INTRODUCER"))
m_introType = INTRODUCER;
else
- throw SecurityException("Wrong SyncIntroCertificate Name!");
+ throw Error("Wrong SyncIntroCertificate Name!");
}
SyncIntroCertificate::SyncIntroCertificate (const SyncIntroCertificate& chronosIntroCertificate)
@@ -153,7 +153,7 @@
}
if(i >= certificateName.size())
- throw SecurityException("Wrong SyncIntroCertificate Name!");
+ throw Error("Wrong SyncIntroCertificate Name!");
for(; i< certificateName.size(); i++)
{
@@ -165,7 +165,7 @@
}
if(i >= certificateName.size())
- throw SecurityException("Wrong SyncIntroCertificate Name!");
+ throw Error("Wrong SyncIntroCertificate Name!");
m_keyName = certificateName.getSubName(keyNameStart, keyNameEnd - keyNameStart);
@@ -175,7 +175,7 @@
else if(typeComponent == string("INTRODUCER"))
m_introType = INTRODUCER;
else
- throw SecurityException("Wrong SyncIntroCertificate Name!");
+ throw Error("Wrong SyncIntroCertificate Name!");
return *this;
}
diff --git a/src/sync-intro-certificate.h b/src/sync-intro-certificate.h
index cfc5596..6479126 100644
--- a/src/sync-intro-certificate.h
+++ b/src/sync-intro-certificate.h
@@ -17,6 +17,8 @@
class SyncIntroCertificate : public ndn::Certificate
{
public:
+ struct Error : public ndn::Certificate::Error { Error(const std::string &what) : ndn::Certificate::Error(what) {} };
+
enum IntroType{
PRODUCER,
INTRODUCER
diff --git a/src/sync-logic.cc b/src/sync-logic.cc
index 38b624a..448d791 100644
--- a/src/sync-logic.cc
+++ b/src/sync-logic.cc
@@ -31,16 +31,12 @@
#include "sync-logging.h"
#include "sync-state.h"
-#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
-#include <ndn-cpp/security/identity/osx-private-key-storage.hpp>
-
#include <boost/make_shared.hpp>
#include <boost/foreach.hpp>
#include <boost/lexical_cast.hpp>
#include <vector>
using namespace std;
-using namespace boost;
using namespace ndn;
using namespace ndn::ptr_lib;
using namespace ndn::func_lib;
@@ -66,7 +62,6 @@
SyncLogic::SyncLogic (const Name& syncPrefix,
shared_ptr<SyncPolicyManager> syncPolicyManager,
shared_ptr<Face> face,
- shared_ptr<Transport> transport,
LogicUpdateCallback onUpdate,
LogicRemoveCallback onRemove)
: m_state (new FullState)
@@ -76,8 +71,9 @@
, m_onRemove (onRemove)
, m_perBranch (false)
, m_policyManager(syncPolicyManager)
+ , m_verifier(new Verifier(syncPolicyManager))
+ , m_keyChain(new KeyChain())
, m_face(face)
- , m_transport(transport)
#ifndef NS3_MODULE
, m_randomGenerator (static_cast<unsigned int> (std::time (0)))
, m_rangeUniformRandom (m_randomGenerator, uniform_int<> (200,1000))
@@ -91,22 +87,13 @@
#ifndef NS3_MODULE
// In NS3 module these functions are moved to StartApplication method
- // m_transport = make_shared<TcpTransport>();
- // m_face = make_shared<Face>(m_transport, make_shared<TcpTransport::ConnectionInfo>("localhost"));
-
- // connectToDaemon();
-
- shared_ptr<BasicIdentityStorage> publicStorage = make_shared<BasicIdentityStorage>();
- shared_ptr<OSXPrivateKeyStorage> privateStorage = make_shared<OSXPrivateKeyStorage>();
- m_identityManager = make_shared<IdentityManager>(publicStorage, privateStorage);
-
- m_syncRegisteredPrefixId = m_face->registerPrefix(m_syncPrefix,
- bind(&SyncLogic::onSyncInterest, this, _1, _2, _3, _4),
- bind(&SyncLogic::onSyncRegisterFailed, this, _1));
+ m_syncRegisteredPrefixId = m_face->setInterestFilter(m_syncPrefix,
+ func_lib::bind(&SyncLogic::onSyncInterest, this, _1, _2, _3, _4),
+ func_lib::bind(&SyncLogic::onSyncRegisterFailed, this, _1));
m_scheduler.schedule (TIME_SECONDS (0), // no need to add jitter
- bind (&SyncLogic::sendSyncInterest, this),
+ func_lib::bind (&SyncLogic::sendSyncInterest, this),
REEXPRESSING_INTEREST);
#endif
}
@@ -114,7 +101,6 @@
SyncLogic::SyncLogic (const Name& syncPrefix,
shared_ptr<SyncPolicyManager> syncPolicyManager,
shared_ptr<Face> face,
- shared_ptr<Transport> transport,
LogicPerBranchCallback onUpdateBranch)
: m_state (new FullState)
, m_syncInterestTable (TIME_SECONDS (m_syncInterestReexpress))
@@ -122,8 +108,9 @@
, m_onUpdateBranch (onUpdateBranch)
, m_perBranch(true)
, m_policyManager(syncPolicyManager)
+ , m_verifier(new Verifier(syncPolicyManager))
+ , m_keyChain(new KeyChain())
, m_face(face)
- , m_transport(transport)
#ifndef NS3_MODULE
, m_randomGenerator (static_cast<unsigned int> (std::time (0)))
, m_rangeUniformRandom (m_randomGenerator, uniform_int<> (200,1000))
@@ -136,55 +123,22 @@
{
#ifndef NS3_MODULE
// In NS3 module these functions are moved to StartApplication method
-
- // m_transport = make_shared<TcpTransport>();
- // m_face = make_shared<Face>(m_transport, make_shared<TcpTransport::ConnectionInfo>("localhost"));
-
- // connectToDaemon();
-
- shared_ptr<BasicIdentityStorage> publicStorage = make_shared<BasicIdentityStorage>();
- shared_ptr<OSXPrivateKeyStorage> privateStorage = make_shared<OSXPrivateKeyStorage>();
- m_identityManager = make_shared<IdentityManager>(publicStorage, privateStorage);
- m_syncRegisteredPrefixId = m_face->registerPrefix(m_syncPrefix,
- bind(&SyncLogic::onSyncInterest, this, _1, _2, _3, _4),
- bind(&SyncLogic::onSyncRegisterFailed, this, _1));
+ m_syncRegisteredPrefixId = m_face->setInterestFilter(m_syncPrefix,
+ func_lib::bind(&SyncLogic::onSyncInterest, this, _1, _2, _3, _4),
+ func_lib::bind(&SyncLogic::onSyncRegisterFailed, this, _1));
m_scheduler.schedule (TIME_SECONDS (0), // no need to add jitter
- bind (&SyncLogic::sendSyncInterest, this),
+ func_lib::bind (&SyncLogic::sendSyncInterest, this),
REEXPRESSING_INTEREST);
#endif
}
SyncLogic::~SyncLogic ()
{
- m_face->removeRegisteredPrefix(m_syncRegisteredPrefixId);
+ m_face->unsetInterestFilter(m_syncRegisteredPrefixId);
}
-// void
-// SyncLogic::connectToDaemon()
-// {
-// //Hack! transport does not connect to daemon unless an interest is expressed.
-// Name name("/ndn");
-// shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(name);
-// m_face->expressInterest(*interest,
-// bind(&SyncLogic::onConnectionData, this, _1, _2),
-// bind(&SyncLogic::onConnectionDataTimeout, this, _1));
-// }
-
-// void
-// SyncLogic::onConnectionData(const shared_ptr<const ndn::Interest>& interest,
-// const shared_ptr<Data>& data)
-// {
-// _LOG_DEBUG("onConnectionData");
-// }
-
-// void
-// SyncLogic::onConnectionDataTimeout(const shared_ptr<const ndn::Interest>& interest)
-// {
-// _LOG_DEBUG("onConnectionDataTimeout");
-// }
-
#ifdef NS3_MODULE
void
SyncLogic::StartApplication ()
@@ -193,10 +147,10 @@
m_ccnxHandle->StartApplication ();
m_ccnxHandle->setInterestFilter (m_syncPrefix,
- bind (&SyncLogic::respondSyncInterest, this, _1));
+ func_lib::bind (&SyncLogic::respondSyncInterest, this, _1));
m_scheduler.schedule (TIME_SECONDS (0), // need to send first interests at exactly the same time
- bind (&SyncLogic::sendSyncInterest, this),
+ func_lib::bind (&SyncLogic::sendSyncInterest, this),
REEXPRESSING_INTEREST);
}
@@ -213,7 +167,7 @@
void
SyncLogic::stop()
{
- m_face->removeRegisteredPrefix(m_syncRegisteredPrefixId);
+ m_face->unsetInterestFilter(m_syncRegisteredPrefixId);
m_scheduler.cancel (REEXPRESSING_INTEREST);
m_scheduler.cancel (DELAYED_INTEREST_PROCESSING);
}
@@ -292,41 +246,31 @@
void
SyncLogic::onSyncData(const shared_ptr<const ndn::Interest>& interest,
const shared_ptr<Data>& data,
- int stepCount,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed)
{
- shared_ptr<ValidationRequest> nextStep = m_policyManager->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
-
- if (nextStep)
- m_face->expressInterest
- (*nextStep->interest_,
- bind(&SyncLogic::onSyncCert, this, _1, _2, nextStep),
- bind(&SyncLogic::onSyncCertTimeout, this, _1, onVerifyFailed, data, nextStep));
+ m_verifier->verifyData(data, onVerified, onVerifyFailed);
}
void
SyncLogic::onSyncDataTimeout(const shared_ptr<const ndn::Interest>& interest,
int retry,
- int stepCount,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed)
{
if(retry > 0)
{
m_face->expressInterest(*interest,
- bind(&SyncLogic::onSyncData,
+ func_lib::bind(&SyncLogic::onSyncData,
this,
_1,
_2,
- stepCount,
onVerified,
onVerifyFailed),
- bind(&SyncLogic::onSyncDataTimeout,
+ func_lib::bind(&SyncLogic::onSyncDataTimeout,
this,
_1,
retry - 1,
- stepCount,
onVerified,
onVerifyFailed));
}
@@ -344,8 +288,8 @@
SyncLogic::onSyncDataVerified(const shared_ptr<Data>& data)
{
string name = data->getName().toUri();
- const char* wireData = (const char*)data->getContent().buf();
- size_t len = data->getContent().size();
+ const char* wireData = (const char*)data->getContent().value();
+ size_t len = data->getContent().value_size();
try
{
@@ -375,46 +319,6 @@
}
void
-SyncLogic::onSyncCert(const shared_ptr<const ndn::Interest>& interest,
- const shared_ptr<Data>& cert,
- shared_ptr<ValidationRequest> previousStep)
-{
- shared_ptr<ValidationRequest> nextStep = m_policyManager->checkVerificationPolicy(cert,
- previousStep->stepCount_,
- previousStep->onVerified_,
- previousStep->onVerifyFailed_);
-
- if (nextStep)
- m_face->expressInterest
- (*nextStep->interest_,
- bind(&SyncLogic::onSyncCert, this, _1, _2, nextStep),
- bind(&SyncLogic::onSyncCertTimeout, this, _1, previousStep->onVerifyFailed_, cert, nextStep));
-}
-
-void
-SyncLogic::onSyncCertTimeout(const ptr_lib::shared_ptr<const ndn::Interest>& interest,
- const OnVerifyFailed& onVerifyFailed,
- const shared_ptr<Data>& data,
- shared_ptr<ValidationRequest> nextStep)
-{
- if(nextStep->retry_ > 0)
- m_face->expressInterest(*interest,
- bind(&SyncLogic::onSyncCert,
- this,
- _1,
- _2,
- nextStep),
- bind(&SyncLogic::onSyncCertTimeout,
- this,
- _1,
- onVerifyFailed,
- data,
- nextStep));
- else
- onVerifyFailed(data);
-}
-
-void
SyncLogic::processSyncInterest (const std::string &name, DigestConstPtr digest, bool timedProcessing/*=false*/)
{
_LOG_DEBUG("processSyncInterest");
@@ -467,7 +371,7 @@
_LOG_DEBUG ("Digest is not in the log. Schedule processing after small delay: " << waitDelay << "ms");
m_scheduler.schedule (TIME_MILLISECONDS (waitDelay),
- bind (&SyncLogic::processSyncInterest, this, name, digest, true),
+ func_lib::bind (&SyncLogic::processSyncInterest, this, name, digest, true),
DELAYED_INTEREST_PROCESSING);
}
else
@@ -594,7 +498,7 @@
// if state has changed, then it is safe to express a new interest
m_scheduler.cancel (REEXPRESSING_INTEREST);
m_scheduler.schedule (TIME_SECONDS_WITH_JITTER (0),
- bind (&SyncLogic::sendSyncInterest, this),
+ func_lib::bind (&SyncLogic::sendSyncInterest, this),
REEXPRESSING_INTEREST);
}
}
@@ -746,17 +650,17 @@
m_scheduler.cancel (REEXPRESSING_INTEREST);
m_scheduler.schedule (TIME_SECONDS_WITH_JITTER (m_syncInterestReexpress),
- bind (&SyncLogic::sendSyncInterest, this),
+ func_lib::bind (&SyncLogic::sendSyncInterest, this),
REEXPRESSING_INTEREST);
shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(os.str());
- OnVerified onVerified = bind(&SyncLogic::onSyncDataVerified, this, _1);
- OnVerifyFailed onVerifyFailed = bind(&SyncLogic::onSyncDataVerifyFailed, this, _1);
+ OnVerified onVerified = func_lib::bind(&SyncLogic::onSyncDataVerified, this, _1);
+ OnVerifyFailed onVerifyFailed = func_lib::bind(&SyncLogic::onSyncDataVerifyFailed, this, _1);
m_face->expressInterest(*interest,
- bind(&SyncLogic::onSyncData, this, _1, _2, 0, onVerified, onVerifyFailed),
- bind(&SyncLogic::onSyncDataTimeout, this, _1, 1, 0, onVerified, onVerifyFailed));
+ func_lib::bind(&SyncLogic::onSyncData, this, _1, _2, onVerified, onVerifyFailed),
+ func_lib::bind(&SyncLogic::onSyncDataTimeout, this, _1, 1, onVerified, onVerifyFailed));
}
void
@@ -773,18 +677,18 @@
if (m_recoveryRetransmissionInterval < 100*1000) // <100 seconds
{
m_scheduler.schedule (nextRetransmission,
- bind (&SyncLogic::sendSyncRecoveryInterests, this, digest),
+ func_lib::bind (&SyncLogic::sendSyncRecoveryInterests, this, digest),
REEXPRESSING_RECOVERY_INTEREST);
}
shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(os.str());
- OnVerified onVerified = bind(&SyncLogic::onSyncDataVerified, this, _1);
- OnVerifyFailed onVerifyFailed = bind(&SyncLogic::onSyncDataVerifyFailed, this, _1);
+ OnVerified onVerified = func_lib::bind(&SyncLogic::onSyncDataVerified, this, _1);
+ OnVerifyFailed onVerifyFailed = func_lib::bind(&SyncLogic::onSyncDataVerifyFailed, this, _1);
m_face->expressInterest(*interest,
- bind(&SyncLogic::onSyncData, this, _1, _2, 0, onVerified, onVerifyFailed),
- bind(&SyncLogic::onSyncDataTimeout, this, _1, 1, 0, onVerified, onVerifyFailed));
+ func_lib::bind(&SyncLogic::onSyncData, this, _1, _2, onVerified, onVerifyFailed),
+ func_lib::bind(&SyncLogic::onSyncDataTimeout, this, _1, 1, onVerified, onVerifyFailed));
}
@@ -804,19 +708,16 @@
_LOG_TRACE (">> D " << name);
int size = ssm.ByteSize();
char *wireData = new char[size];
- ssm.SerializeToArray(wireData, size);
- Blob blob((const uint8_t*)wireData, size);
Name dataName(name);
Name signingIdentity = m_policyManager->inferSigningIdentity(dataName);
shared_ptr<Data> syncData = make_shared<Data>(dataName);
- syncData->setContent(blob.buf(), blob.size());
- syncData->getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0);
+ syncData->setContent(reinterpret_cast<const uint8_t*>(wireData), size);
- Name certificateName = m_identityManager->getDefaultCertificateNameForIdentity(signingIdentity);
- m_identityManager->signByCertificate(*syncData, certificateName);
+ Name certificateName = m_keyChain->getDefaultCertificateNameForIdentity(signingIdentity);
+ m_keyChain->sign(*syncData, certificateName);
- m_transport->send(*syncData->wireEncode());
+ m_face->put(*syncData);
delete []wireData;
diff --git a/src/sync-logic.h b/src/sync-logic.h
index db28b90..c351324 100644
--- a/src/sync-logic.h
+++ b/src/sync-logic.h
@@ -30,7 +30,8 @@
#include <map>
#include <ndn-cpp/face.hpp>
-#include <ndn-cpp/security/identity/identity-manager.hpp>
+#include <ndn-cpp/security/verifier.hpp>
+#include <ndn-cpp/security/key-chain.hpp>
#include "sync-interest-table.h"
#include "sync-diff-state.h"
@@ -88,14 +89,12 @@
SyncLogic (const ndn::Name& syncPrefix,
ndn::ptr_lib::shared_ptr<SyncPolicyManager> syncPolicyManager,
ndn::ptr_lib::shared_ptr<ndn::Face> face,
- ndn::ptr_lib::shared_ptr<ndn::Transport> transport,
LogicUpdateCallback onUpdate,
LogicRemoveCallback onRemove);
SyncLogic (const ndn::Name& syncPrefix,
ndn::ptr_lib::shared_ptr<SyncPolicyManager> syncPolicyManager,
ndn::ptr_lib::shared_ptr<ndn::Face> face,
- ndn::ptr_lib::shared_ptr<ndn::Transport> transport,
LogicPerBranchCallback onUpdateBranch);
~SyncLogic ();
@@ -172,14 +171,12 @@
void
onSyncData(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
- int stepCount,
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed);
void
onSyncDataTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
int retry,
- int stepCount,
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed);
@@ -190,17 +187,6 @@
onSyncDataVerified(const ndn::ptr_lib::shared_ptr<ndn::Data>& data);
void
- onSyncCert(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
- const ndn::ptr_lib::shared_ptr<ndn::Data>& cert,
- ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> previousStep);
-
- void
- onSyncCertTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
- const ndn::OnVerifyFailed& onVerifyFailed,
- const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
- ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep);
-
- void
processSyncInterest (const std::string &name,
DigestConstPtr digest, bool timedProcessing=false);
@@ -252,9 +238,9 @@
LogicPerBranchCallback m_onUpdateBranch;
bool m_perBranch;
ndn::ptr_lib::shared_ptr<SyncPolicyManager> m_policyManager;
- ndn::ptr_lib::shared_ptr<ndn::IdentityManager> m_identityManager;
+ ndn::ptr_lib::shared_ptr<ndn::Verifier> m_verifier;
+ ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
- ndn::ptr_lib::shared_ptr<ndn::Transport> m_transport;
uint64_t m_syncRegisteredPrefixId;
Scheduler m_scheduler;
diff --git a/src/sync-policy-manager.cc b/src/sync-policy-manager.cc
index d8cb1c1..8b34856 100644
--- a/src/sync-policy-manager.cc
+++ b/src/sync-policy-manager.cc
@@ -10,10 +10,8 @@
#include "sync-intro-certificate.h"
#include "sync-logging.h"
-#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
-#include <ndn-cpp/security/identity/osx-private-key-storage.hpp>
-#include <ndn-cpp/sha256-with-rsa-signature.hpp>
-#include <ndn-cpp/security/signature/sha256-with-rsa-handler.hpp>
+#include <ndn-cpp/security/verifier.hpp>
+#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
#include "sync-policy-manager.h"
@@ -27,22 +25,13 @@
const Name& signingCertificateName,
const Name& syncPrefix,
shared_ptr<Face> face,
- shared_ptr<Transport> transport,
int stepLimit)
: m_signingIdentity(signingIdentity)
, m_signingCertificateName(signingCertificateName.getPrefix(signingCertificateName.size()-1))
, m_syncPrefix(syncPrefix)
, m_stepLimit(stepLimit)
-{
- // m_transport = make_shared<TcpTransport>();
- // m_face = make_shared<Face>(m_transport, make_shared<TcpTransport::ConnectionInfo>("localhost"));
-
- // connectToDaemon();
-
- shared_ptr<IdentityStorage> publicStorage = make_shared<BasicIdentityStorage>();
- shared_ptr<PrivateKeyStorage> privateStorage = make_shared<OSXPrivateKeyStorage>();
- m_identityManager = make_shared<IdentityManager>(publicStorage, privateStorage);
-
+ , m_keyChain(new KeyChain())
+{
Name wotPrefix = syncPrefix;
wotPrefix.append("WOT");
m_syncPrefixRegex = Regex::fromName(syncPrefix);
@@ -55,30 +44,6 @@
SyncPolicyManager::~SyncPolicyManager()
{}
-// void
-// SyncPolicyManager::connectToDaemon()
-// {
-// //Hack! transport does not connect to daemon unless an interest is expressed.
-// Name name("/ndn");
-// shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(name);
-// m_face->expressInterest(*interest,
-// bind(&SyncPolicyManager::onConnectionData, this, _1, _2),
-// bind(&SyncPolicyManager::onConnectionDataTimeout, this, _1));
-// }
-
-// void
-// SyncPolicyManager::onConnectionData(const shared_ptr<const ndn::Interest>& interest,
-// const shared_ptr<Data>& data)
-// {
-// _LOG_DEBUG("onConnectionData");
-// }
-
-// void
-// SyncPolicyManager::onConnectionDataTimeout(const shared_ptr<const ndn::Interest>& interest)
-// {
-// _LOG_DEBUG("onConnectionDataTimeout");
-// }
-
bool
SyncPolicyManager::skipVerifyAndTrust (const Data& data)
{ return false; }
@@ -99,61 +64,66 @@
return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
}
- const Sha256WithRsaSignature* sigPtr = dynamic_cast<const Sha256WithRsaSignature*> (data->getSignature());
- if(ndn_KeyLocatorType_KEYNAME != sigPtr->getKeyLocator().getType())
- {
- onVerifyFailed(data);
- return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
- }
+ try{
+ SignatureSha256WithRsa sig(data->getSignature());
- const Name& keyLocatorName = sigPtr->getKeyLocator().getKeyName();
+ const Name& keyLocatorName = sig.getKeyLocator().getName();
- // if data is intro cert
- if(m_wotPrefixRegex->match(data->getName()))
- {
- // _LOG_DEBUG("Intro Cert");
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
- map<string, PublicKey>::const_iterator it = m_trustedIntroducers.find(keyName.toUri());
- if(m_trustedIntroducers.end() != it)
- {
- if(Sha256WithRsaHandler::verifySignature(*data, it->second))
- onVerified(data);
- else
- onVerifyFailed(data);
- return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
- }
- else
- return prepareRequest(keyName, true, data, stepCount, onVerified, onVerifyFailed);
- }
+ // if data is intro cert
+ if(m_wotPrefixRegex->match(data->getName()))
+ {
+ // _LOG_DEBUG("Intro Cert");
+ Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
+ map<string, PublicKey>::const_iterator it = m_trustedIntroducers.find(keyName.toUri());
+ if(m_trustedIntroducers.end() != it)
+ {
+ if(Verifier::verifySignature(*data, sig, it->second))
+ onVerified(data);
+ else
+ onVerifyFailed(data);
+ return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
+ }
+ else
+ return prepareRequest(keyName, true, data, stepCount, onVerified, onVerifyFailed);
+ }
- // if data is sync data or chat data
- if(m_syncPrefixRegex->match(data->getName()) || m_chatDataPolicy->satisfy(*data))
- {
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
+ // if data is sync data or chat data
+ if(m_syncPrefixRegex->match(data->getName()) || m_chatDataPolicy->satisfy(*data))
+ {
+ Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
- map<string, PublicKey>::const_iterator it = m_trustedIntroducers.find(keyName.toUri());
- if(m_trustedIntroducers.end() != it)
- {
- if(Sha256WithRsaHandler::verifySignature(*data, it->second))
- onVerified(data);
- else
- onVerifyFailed(data);
- return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
- }
+ map<string, PublicKey>::const_iterator it = m_trustedIntroducers.find(keyName.toUri());
+ if(m_trustedIntroducers.end() != it)
+ {
+ if(Verifier::verifySignature(*data, sig, it->second))
+ onVerified(data);
+ else
+ onVerifyFailed(data);
+ return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
+ }
- it = m_trustedProducers.find(keyName.toUri());
- if(m_trustedProducers.end() != it)
- {
- if(Sha256WithRsaHandler::verifySignature(*data, it->second))
- onVerified(data);
- else
- onVerifyFailed(data);
- return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
- }
+ it = m_trustedProducers.find(keyName.toUri());
+ if(m_trustedProducers.end() != it)
+ {
+ if(Verifier::verifySignature(*data, sig, it->second))
+ onVerified(data);
+ else
+ onVerifyFailed(data);
+ return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
+ }
- return prepareRequest(keyName, false, data, stepCount, onVerified, onVerifyFailed);
- }
-
+ return prepareRequest(keyName, false, data, stepCount, onVerified, onVerifyFailed);
+ }
+ }catch(SignatureSha256WithRsa::Error &e){
+ _LOG_DEBUG("SyncPolicyManager Error: " << e.what());
+ onVerifyFailed(data);
+ return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
+ }catch(KeyLocator::Error &e){
+ _LOG_DEBUG("SyncPolicyManager Error: " << e.what());
+ onVerifyFailed(data);
+ return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
+ }
+
onVerifyFailed(data);
return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
}
@@ -186,20 +156,6 @@
const IdentityCertificate& identityCertificate,
bool isIntroducer)
{
- // Name dataPrefix = prefix;
- // dataPrefix.append("chronos").append(m_syncPrefix.get(-1));
- // Ptr<Regex> dataRegex = Regex::fromName(prefix);
- // Name certName = identityCertificate.getName();
- // Name signerName = certName.getPrefix(certName.size()-1);
- // Ptr<Regex> signerRegex = Regex::fromName(signerName, true);
-
- // SpecificPolicyRule rule(dataRegex, signerRegex);
- // map<Name, SpecificPolicyRule>::iterator it = m_chatDataRules.find(dataPrefix);
- // if(it != m_chatDataRules.end())
- // it->second = rule;
- // else
- // m_chatDataRules.insert(pair <Name, SpecificPolicyRule > (dataPrefix, rule));
-
addTrustAnchor(identityCertificate, isIntroducer);
}
@@ -242,7 +198,6 @@
shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(interestName);
// _LOG_DEBUG("send interest for intro cert: " << interest->getName());
- interest->setChildSelector(ndn_Interest_CHILD_SELECTOR_RIGHT);
OnVerified requestedCertVerifiedCallback = boost::bind(&SyncPolicyManager::onIntroCertVerified,
this,
@@ -281,10 +236,7 @@
map<string, Data>::const_iterator it = m_introCert.find(prefix->toUri());
if(m_introCert.end() != it)
- {
- Blob encodedData = it->second.wireEncode();
- transport.send(*encodedData);
- }
+ m_face->put(it->second);
}
void
@@ -306,17 +258,17 @@
introCertificate->getPublicKeyInfo()));
SyncIntroCertificate syncIntroCertificate(m_syncPrefix,
introCertificate->getPublicKeyName(),
- m_identityManager->getDefaultKeyNameForIdentity(m_signingIdentity),
+ m_keyChain->getDefaultKeyNameForIdentity(m_signingIdentity),
introCertificate->getNotBefore(),
introCertificate->getNotAfter(),
introCertificate->getPublicKeyInfo(),
SyncIntroCertificate::INTRODUCER);
- Name certName = m_identityManager->getDefaultCertificateNameForIdentity(m_signingIdentity);
+ Name certName = m_keyChain->getDefaultCertificateNameForIdentity(m_signingIdentity);
_LOG_DEBUG("Publish Intro Certificate on Verified: " << syncIntroCertificate.getName());
- m_identityManager->signByCertificate(syncIntroCertificate, certName);
+ m_keyChain->sign(syncIntroCertificate, certName);
- m_transport->send(*syncIntroCertificate.wireEncode());
+ m_face->put(syncIntroCertificate);
// Name prefix = syncIntroCertificate.getName().getPrefix(syncIntroCertificate.getName().size()-1);
@@ -339,17 +291,17 @@
introCertificate->getPublicKeyInfo()));
SyncIntroCertificate syncIntroCertificate(m_syncPrefix,
introCertificate->getPublicKeyName(),
- m_identityManager->getDefaultKeyNameForIdentity(m_signingIdentity),
+ m_keyChain->getDefaultKeyNameForIdentity(m_signingIdentity),
introCertificate->getNotBefore(),
introCertificate->getNotAfter(),
introCertificate->getPublicKeyInfo(),
SyncIntroCertificate::PRODUCER);
- Name certName = m_identityManager->getDefaultCertificateNameForIdentity(m_signingIdentity);
+ Name certName = m_keyChain->getDefaultCertificateNameForIdentity(m_signingIdentity);
_LOG_DEBUG("Publish Intro Certificate on Verified: " << syncIntroCertificate.getName());
- m_identityManager->signByCertificate(syncIntroCertificate, certName);
+ m_keyChain->sign(syncIntroCertificate, certName);
- m_transport->send(*syncIntroCertificate.wireEncode());
+ m_face->put(syncIntroCertificate);
// Name prefix = syncIntroCertificate.getName().getPrefix(syncIntroCertificate.getName().size()-1);
@@ -367,10 +319,17 @@
// }
}
- if(Sha256WithRsaHandler::verifySignature(*originalData, introCertificate->getPublicKeyInfo()))
- onVerified(originalData);
- else
+ try{
+ SignatureSha256WithRsa sig(originalData->getSignature());
+ if(Verifier::verifySignature(*originalData, sig, introCertificate->getPublicKeyInfo()))
+ onVerified(originalData);
+ else
+ onVerifyFailed(originalData);
+ }catch(SignatureSha256WithRsa::Error &e){
onVerifyFailed(originalData);
+ }catch(KeyLocator::Error &e){
+ onVerifyFailed(originalData);
+ }
}
void
@@ -393,7 +352,6 @@
interestName.append("INTRODUCER");
shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(interestName);
- interest->setChildSelector(ndn_Interest_CHILD_SELECTOR_RIGHT);
OnVerified onRecursiveVerified = boost::bind(&SyncPolicyManager::onIntroCertVerified,
this,
diff --git a/src/sync-policy-manager.h b/src/sync-policy-manager.h
index 6a41f27..922ebbb 100644
--- a/src/sync-policy-manager.h
+++ b/src/sync-policy-manager.h
@@ -12,7 +12,8 @@
#define SYNC_POLICY_MANAGER_H
#include <ndn-cpp/face.hpp>
-#include <ndn-cpp/security/identity/identity-manager.hpp>
+#include <ndn-cpp/security/key-chain.hpp>
+#include <ndn-cpp/security/verifier.hpp>
#include <ndn-cpp/security/policy/policy-manager.hpp>
#include <ndn-cpp/security/certificate/identity-certificate.hpp>
#include <ndn-cpp-et/regex/regex.hpp>
@@ -30,7 +31,6 @@
const ndn::Name& signingCertificateName,
const ndn::Name& syncPrefix,
ndn::ptr_lib::shared_ptr<ndn::Face> face,
- ndn::ptr_lib::shared_ptr<ndn::Transport> transport,
int m_stepLimit = 3);
virtual
@@ -63,20 +63,7 @@
const ndn::IdentityCertificate& identityCertificate,
bool isIntroducer);
- // inline void
- // setFace(ndn::ndn::ptr_lib::shared_ptr<Face> face)
- // { face_ = face; }
-
private:
- // void
- // connectToDaemon();
-
- // void
- // onConnectionData(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
- // const ndn::ptr_lib::shared_ptr<ndn::Data>& data);
-
- // void
- // onConnectionDataTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest);
ndn::ptr_lib::shared_ptr<ndn::ValidationRequest>
prepareIntroducerRequest(const ndn::Name& keyName,
@@ -155,8 +142,7 @@
std::map<std::string, SpecificPolicyRule> m_chatDataRules;
std::map<std::string, ndn::Data> m_introCert;
- ndn::ptr_lib::shared_ptr<ndn::IdentityManager> m_identityManager;
- ndn::ptr_lib::shared_ptr<ndn::Transport> m_transport;
+ ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
};
diff --git a/src/sync-socket.cc b/src/sync-socket.cc
index a36d551..924145b 100644
--- a/src/sync-socket.cc
+++ b/src/sync-socket.cc
@@ -35,53 +35,26 @@
SyncSocket::SyncSocket (const string &syncPrefix,
shared_ptr<SyncPolicyManager> syncPolicyManager,
shared_ptr<Face> face,
- shared_ptr<Transport> transport,
NewDataCallback dataCallback,
RemoveCallback rmCallback )
: m_newDataCallback(dataCallback)
, m_syncPolicyManager(syncPolicyManager)
- , m_transport(transport)
+ , m_verifier(new Verifier(syncPolicyManager))
+ , m_keyChain(new KeyChain())
, m_face(face)
, m_syncLogic (syncPrefix,
syncPolicyManager,
face,
- transport,
bind(&SyncSocket::passCallback, this, _1),
rmCallback)
{
- shared_ptr<BasicIdentityStorage> publicStorage = make_shared<BasicIdentityStorage>();
- shared_ptr<OSXPrivateKeyStorage> privateStorage = make_shared<OSXPrivateKeyStorage>();
- m_identityManager = make_shared<IdentityManager>(publicStorage, privateStorage);
+ m_verifier->setFace(face);
}
SyncSocket::~SyncSocket()
{
}
-// void
-// SyncSocket::connectToDaemon()
-// {
-// //Hack! transport does not connect to daemon unless an interest is expressed.
-// Name name("/ndn");
-// shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(name);
-// m_face->expressInterest(*interest,
-// bind(&SyncSocket::onConnectionData, this, _1, _2),
-// bind(&SyncSocket::onConnectionDataTimeout, this, _1));
-// }
-
-// void
-// SyncSocket::onConnectionData(const shared_ptr<const ndn::Interest>& interest,
-// const shared_ptr<Data>& data)
-// {
-// _LOG_DEBUG("onConnectionData");
-// }
-
-// void
-// SyncSocket::onConnectionDataTimeout(const shared_ptr<const ndn::Interest>& interest)
-// {
-// _LOG_DEBUG("onConnectionDataTimeout");
-// }
-
bool
SyncSocket::publishData(const std::string &prefix, uint32_t session, const char *buf, size_t len, int freshness)
{
@@ -90,17 +63,15 @@
contentNameWithSeqno << prefix << "/" << session << "/" << sequence;
Name dataName(contentNameWithSeqno.str ());
- Blob blob((const uint8_t*)buf, len);
Name signingIdentity = m_syncPolicyManager->inferSigningIdentity(dataName);
shared_ptr<Data> data = make_shared<Data>(dataName);
- data->setContent(blob.buf(), blob.size());
- data->getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0);
+ data->setContent(reinterpret_cast<const uint8_t*>(buf), len);
- Name certificateName = m_identityManager->getDefaultCertificateNameForIdentity(signingIdentity);
- m_identityManager->signByCertificate(*data, certificateName);
+ Name certificateName = m_keyChain->getDefaultCertificateNameForIdentity(signingIdentity);
+ m_keyChain->sign(*data, certificateName);
- m_transport->send(*data->wireEncode());
+ m_face->put(*data);
SeqNo s(session, sequence + 1);
m_sequenceLog[prefix] = s;
@@ -126,58 +97,12 @@
}
void
-SyncSocket::onChatCert(const shared_ptr<const ndn::Interest>& interest,
- const shared_ptr<Data>& cert,
- shared_ptr<ValidationRequest> previousStep)
-{
- shared_ptr<ValidationRequest> nextStep = m_syncPolicyManager->checkVerificationPolicy(cert,
- previousStep->stepCount_,
- previousStep->onVerified_,
- previousStep->onVerifyFailed_);
-
- if (nextStep)
- m_face->expressInterest
- (*nextStep->interest_,
- bind(&SyncSocket::onChatCert, this, _1, _2, nextStep),
- bind(&SyncSocket::onChatCertTimeout, this, _1, previousStep->onVerifyFailed_, cert, nextStep));
-}
-
-void
-SyncSocket::onChatCertTimeout(const shared_ptr<const ndn::Interest>& interest,
- const OnVerifyFailed& onVerifyFailed,
- const shared_ptr<Data>& data,
- shared_ptr<ValidationRequest> nextStep)
-{
- if(nextStep->retry_ > 0)
- m_face->expressInterest(*interest,
- bind(&SyncSocket::onChatCert,
- this,
- _1,
- _2,
- nextStep),
- bind(&SyncSocket::onChatCertTimeout,
- this,
- _1,
- onVerifyFailed,
- data,
- nextStep));
- else
- onVerifyFailed(data);
-}
-
-void
SyncSocket::onChatData(const shared_ptr<const ndn::Interest>& interest,
const shared_ptr<Data>& data,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed)
{
- shared_ptr<ValidationRequest> nextStep = m_syncPolicyManager->checkVerificationPolicy(data, 0, onVerified, onVerifyFailed);
-
- if (nextStep)
- m_face->expressInterest
- (*nextStep->interest_,
- bind(&SyncSocket::onChatCert, this, _1, _2, nextStep),
- bind(&SyncSocket::onChatCertTimeout, this, _1, onVerifyFailed, data, nextStep));
+ m_verifier->verifyData(data, onVerified, onVerifyFailed);
}
void
diff --git a/src/sync-socket.h b/src/sync-socket.h
index 6fa7913..a0ceec1 100644
--- a/src/sync-socket.h
+++ b/src/sync-socket.h
@@ -26,7 +26,8 @@
#include <boost/unordered_map.hpp>
#include "sync-seq-no.h"
#include <ndn-cpp/face.hpp>
-#include <ndn-cpp/security/identity/identity-manager.hpp>
+#include <ndn-cpp/security/verifier.hpp>
+#include <ndn-cpp/security/key-chain.hpp>
#include <utility>
#include <map>
#include <vector>
@@ -57,7 +58,6 @@
SyncSocket (const std::string &syncPrefix,
ndn::ptr_lib::shared_ptr<SyncPolicyManager> syncPolicyManager,
ndn::ptr_lib::shared_ptr<ndn::Face> face,
- ndn::ptr_lib::shared_ptr<ndn::Transport> transport,
NewDataCallback dataCallback,
RemoveCallback rmCallback);
@@ -90,32 +90,11 @@
GetLocalPrefix ();
private:
- // void
- // connectToDaemon();
-
- // void
- // onConnectionData(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
- // const ndn::ptr_lib::shared_ptr<ndn::Data>& data);
-
- // void
- // onConnectionDataTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest);
-
void
passCallback(const std::vector<MissingDataInfo> &v)
{ m_newDataCallback(v, this); }
void
- onChatCert(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
- const ndn::ptr_lib::shared_ptr<ndn::Data>& cert,
- ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> previousStep);
-
- void
- onChatCertTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
- const ndn::OnVerifyFailed& onVerifyFailed,
- const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
- ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep);
-
- void
onChatData(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
const ndn::OnVerified& onVerified,
@@ -135,8 +114,8 @@
NewDataCallback m_newDataCallback;
SequenceLog m_sequenceLog;
ndn::ptr_lib::shared_ptr<SyncPolicyManager> m_syncPolicyManager;
- ndn::ptr_lib::shared_ptr<ndn::IdentityManager> m_identityManager;
- ndn::ptr_lib::shared_ptr<ndn::Transport> m_transport;
+ ndn::ptr_lib::shared_ptr<ndn::Verifier> m_verifier;
+ ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
SyncLogic m_syncLogic;
};