File name format change and Removed warning messages (Except warning from boost for Logging)
Change-Id: If3a3a5411d377d925527fc3e8809c228a9a81e26
diff --git a/src/security/certificate-store-entry.cpp b/src/security/certificate-store-entry.cpp
new file mode 100644
index 0000000..5cb7933
--- /dev/null
+++ b/src/security/certificate-store-entry.cpp
@@ -0,0 +1,17 @@
+#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
+#include "certificate-store-entry.hpp"
+
+namespace nlsr {
+std::ostream&
+operator<<(std::ostream& os, const CertificateStoreEntry& ncse)
+{
+ os << "------Certificate Entry---------------" << std::endl;
+ os << *(ncse.getCert()) << std::endl;
+ ndn::SignatureSha256WithRsa sig(ncse.getCert()->getSignature());
+ ndn::Name keyName = sig.getKeyLocator().getName();
+ os << "Signee : " << keyName.toUri() << std::endl;
+ os << "Cert Seq Num: " << ncse.getCertSeqNum() << std::endl;
+ os << "Is Signer Verified: " << ncse.getIsSignerVerified() << std::endl;
+ return os;
+}
+}//namespace nlsr
diff --git a/src/security/certificate-store-entry.hpp b/src/security/certificate-store-entry.hpp
new file mode 100644
index 0000000..1257129
--- /dev/null
+++ b/src/security/certificate-store-entry.hpp
@@ -0,0 +1,72 @@
+#ifndef NLSR_CERT_STORE_ENTRY_HPP
+#define NLSR_CERT_STORE_ENTRY_HPP
+
+#include <iostream>
+#include <ndn-cpp-dev/face.hpp>
+#include <ndn-cpp-dev/security/identity-certificate.hpp>
+
+namespace nlsr {
+class CertificateStoreEntry
+{
+public:
+ CertificateStoreEntry()
+ : m_cert(ndn::make_shared<ndn::IdentityCertificate>())
+ , m_certSeqNum(0)
+ , m_isSignerVerified(false)
+ {}
+
+ CertificateStoreEntry(ndn::shared_ptr<ndn::IdentityCertificate> pcert
+ , uint32_t csn, bool isv)
+ : m_cert(pcert)
+ , m_certSeqNum(csn)
+ , m_isSignerVerified(isv)
+ {}
+
+ ndn::shared_ptr<ndn::IdentityCertificate>
+ getCert() const
+ {
+ return m_cert;
+ }
+
+ void
+ setCert(ndn::shared_ptr<ndn::IdentityCertificate> pcert)
+ {
+ m_cert = pcert;
+ }
+
+ uint32_t
+ getCertSeqNum() const
+ {
+ return m_certSeqNum;
+ }
+
+ void
+ setCertSeqNum(uint32_t csn)
+ {
+ m_certSeqNum = csn;
+ }
+
+ bool
+ getIsSignerVerified() const
+ {
+ return m_isSignerVerified;
+ }
+
+ void
+ setIsSignerVerified(bool isv)
+ {
+ m_isSignerVerified = isv;
+ }
+
+private:
+ ndn::shared_ptr<ndn::IdentityCertificate> m_cert;
+ uint32_t m_certSeqNum;
+ bool m_isSignerVerified;
+};
+/* Debugging Purpose */
+std::ostream&
+operator <<(std::ostream& os, const CertificateStoreEntry& ncse);
+
+}//namespace NLSR
+
+#endif //NLSR_CERT_STORE_ENTRY_HPP
diff --git a/src/security/certificate-store.cpp b/src/security/certificate-store.cpp
new file mode 100644
index 0000000..3ac5361
--- /dev/null
+++ b/src/security/certificate-store.cpp
@@ -0,0 +1,233 @@
+#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
+#include <ndn-cpp-dev/security/key-chain.hpp>
+#include "certificate-store.hpp"
+#include "waiting-list-entry.hpp"
+#include "key-manager.hpp"
+
+
+namespace nlsr {
+static bool
+nlsrCertificateStoreEntryCompare(CertificateStoreEntry& ncse1,
+ CertificateStoreEntry& ncse2)
+
+{
+ int sizeDiff = ncse1.getCert()->getName().size() -
+ ncse2.getCert()->getName().size();
+ return (ncse2.getCert()->getName().isPrefixOf(ncse1.getCert()->getName()) &&
+ (sizeDiff <= 1 && sizeDiff >= 0));
+}
+
+static bool
+nlsrCertificateStoreEntryCompareByName(CertificateStoreEntry& ncse1,
+ std::string compCertName)
+
+{
+ ndn::Name ccn(compCertName);
+ int sizeDiff = ncse1.getCert()->getName().size() - ccn.size();
+ return (ccn.isPrefixOf(ncse1.getCert()->getName()) &&
+ (sizeDiff <= 1 && sizeDiff >= 0));
+}
+
+void
+CertificateStore::updateWaitingList(std::string respCertName)
+{
+ ndn::Name tmpName(respCertName);
+ respCertName = tmpName.getPrefix(-1).toUri();
+ std::pair<WaitingListEntry, bool> chkWle =
+ m_waitingList.getWaitingListEntry(respCertName);
+ if (chkWle.second)
+ {
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> sc =
+ getCertificateFromStore(respCertName);
+ std::list<std::string> waitees = (chkWle.first).getWaitingCerts();
+ for (std::list<std::string>::iterator it = waitees.begin();
+ it != waitees.end(); ++it)
+ {
+ KeyManager km;
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> wc =
+ getCertificateFromStore(*(it));
+ if (wc.second && sc.second)
+ {
+ if (km.verifySignature(*(wc.first), sc.first->getPublicKeyInfo()))
+ {
+ //1. Update Certificate Store
+ setCertificateIsVerified(*(it), true);
+ //2. Call updateWaitingList for waitee ( *(it) )
+ updateWaitingList(*(it));
+ }
+ }
+ }
+ }
+
+ //remove that entry from waiting list
+ m_waitingList.remove(respCertName);
+}
+
+void
+CertificateStore::updateWaitingList(CertificateStoreEntry& ncse)
+{
+ if (ncse.getIsSignerVerified())
+ {
+ updateWaitingList(ncse.getCert()->getName().toUri());
+ }
+ else
+ {
+ ndn::SignatureSha256WithRsa signature(ncse.getCert()->getSignature());
+ m_waitingList.add(signature.getKeyLocator().getName().toUri(),
+ ncse.getCert()->getName().toUri());
+ }
+}
+
+bool
+CertificateStore::addCertificate(CertificateStoreEntry& ncse)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompare, _1, ncse));
+ if (it == m_certTable.end())
+ {
+ m_certTable.push_back(ncse);
+ updateWaitingList(ncse);
+ return true;
+ }
+ else if (it != m_certTable.end())
+ {
+ if ((*it).getCertSeqNum() < ncse.getCertSeqNum())
+ {
+ m_certTable.erase(it);
+ m_certTable.push_back(ncse);
+ updateWaitingList(ncse);
+ return true;
+ }
+ }
+ return false;
+}
+
+bool
+CertificateStore::addCertificate(
+ ndn::shared_ptr<ndn::IdentityCertificate> pcert, uint32_t csn, bool isv)
+{
+ CertificateStoreEntry ncse(pcert, csn, isv);
+ return addCertificate(ncse);
+}
+
+std::pair<uint32_t, bool>
+CertificateStore::getCertificateSeqNum(std::string certName)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it == m_certTable.end())
+ {
+ return std::make_pair(0, false);
+ }
+ return std::make_pair((*it).getCertSeqNum(), true);
+}
+
+
+
+void
+CertificateStore::setCertificateIsVerified(std::string certName,
+ bool isVerified)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it != m_certTable.end())
+ {
+ it->setIsSignerVerified(true);
+ }
+}
+
+bool
+CertificateStore::getCertificateIsVerified(std::string certName)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it != m_certTable.end())
+ {
+ return it->getIsSignerVerified();
+ }
+
+ return false;
+}
+
+std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+CertificateStore::getCertificateFromStore(const std::string certName)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it == m_certTable.end())
+ {
+ ndn::shared_ptr<ndn::IdentityCertificate> cert =
+ ndn::make_shared<ndn::IdentityCertificate>();
+ return std::make_pair(cert, false);
+ }
+ return std::make_pair((*it).getCert(), true);
+}
+
+std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+CertificateStore::getCertificateFromStore(
+ const std::string certName, uint64_t checkSeqNum)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it == m_certTable.end())
+ {
+ ndn::shared_ptr<ndn::IdentityCertificate> cert =
+ ndn::make_shared<ndn::IdentityCertificate>();
+ return std::make_pair(cert, false);
+ }
+ else
+ {
+ if ((*it).getCertSeqNum() == checkSeqNum)
+ {
+ return std::make_pair((*it).getCert(), true);
+ }
+ }
+ return std::make_pair((*it).getCert(), false);
+}
+
+bool
+CertificateStore::isCertificateNewInStore(const std::string certName,
+ int checkSeqNo)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it != m_certTable.end())
+ {
+ return (*it).getCertSeqNum() < checkSeqNo ;
+ }
+ return true;
+}
+
+bool
+CertificateStore::removeCertificateFromStroe(const std::string certName)
+{
+ std::list<CertificateStoreEntry>::iterator it =
+ std::find_if(m_certTable.begin(), m_certTable.end(),
+ bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
+ if (it != m_certTable.end())
+ {
+ m_certTable.erase(it);
+ return true;
+ }
+ return false;
+}
+
+void
+CertificateStore::print()
+{
+ std::list<CertificateStoreEntry>::iterator it;
+ for (it = m_certTable.begin(); it != m_certTable.end(); ++it)
+ {
+ std::cout << (*it) << std::endl;
+ }
+ std::cout << m_waitingList << std::endl;
+}
+
+} //namespace nlsr
diff --git a/src/security/certificate-store.hpp b/src/security/certificate-store.hpp
new file mode 100644
index 0000000..01495d9
--- /dev/null
+++ b/src/security/certificate-store.hpp
@@ -0,0 +1,63 @@
+#ifndef NLSR_CERT_STORE_HPP
+#define NLSR_CERT_STORE_HPP
+
+#include <list>
+#include <ndn-cpp-dev/security/identity-certificate.hpp>
+#include "certificate-store-entry.hpp"
+#include "waiting-list.hpp"
+
+namespace nlsr {
+class CertificateStore
+{
+public:
+ CertificateStore()
+ : m_certTable()
+ , m_waitingList()
+ {}
+
+ bool
+ addCertificate(CertificateStoreEntry& ncse);
+
+ bool
+ addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
+ , uint32_t csn, bool isv);
+
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+ getCertificateFromStore(const std::string certName);
+
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+ getCertificateFromStore(const std::string certName, uint64_t checkSeqNum);
+
+ bool
+ removeCertificateFromStroe(const std::string certName);
+
+ bool
+ isCertificateNewInStore(const std::string certName, int checkSeqNo);
+
+ std::pair<uint32_t, bool>
+ getCertificateSeqNum(std::string certName);
+
+ void
+ print();
+
+ void
+ setCertificateIsVerified(std::string certName, bool isVerified);
+
+ bool
+ getCertificateIsVerified(std::string certName);
+
+private:
+ void
+ updateWaitingList(CertificateStoreEntry& ncse);
+
+ void
+ updateWaitingList(std::string respCertName);
+
+private:
+ std::list<CertificateStoreEntry> m_certTable;
+ WaitingList m_waitingList;
+};
+
+} //namespace nlsr
+
+#endif // NLSR_CERT_STORE_HPP
diff --git a/src/security/key-manager.cpp b/src/security/key-manager.cpp
new file mode 100644
index 0000000..5ab63a8
--- /dev/null
+++ b/src/security/key-manager.cpp
@@ -0,0 +1,406 @@
+#include <ndn-cpp-dev/security/identity-certificate.hpp>
+#include <ndn-cpp-dev/encoding/block.hpp>
+#include <ndn-cpp-dev/util/io.hpp>
+#include <stdexcept>
+
+#include "sequencing-manager.hpp"
+#include "key-manager.hpp"
+#include "nlsr.hpp"
+
+
+namespace nlsr {
+bool
+KeyManager::initialize(ConfParameter& cp)
+{
+ initCertSeqFromFile(cp.getSeqFileDir());
+ if (!loadAllCertificates(cp.getCertDir()))
+ {
+ return false;
+ }
+ m_nlsrRootKeyPrefix = cp.getRootKeyPrefix();
+ string processIdentityName(cp.getRootKeyPrefix());
+ processIdentityName += "/";
+ processIdentityName += cp.getSiteName();
+ processIdentityName += "/";
+ processIdentityName += "R.Start";
+ processIdentityName += "/";
+ processIdentityName += cp.getRouterName();
+ ndn::Name ri(processIdentityName);
+ std::cout << "Router Identity: " << ri.toUri() << std::endl;
+ m_routerIdentity = ri;
+ processIdentityName += "/";
+ processIdentityName += "nlsr";
+ cout << "Proces Identity Name: " << processIdentityName << endl;
+ ndn::Name identityName(processIdentityName);
+ m_processIdentity = identityName;
+ ndn::KeyChain::deleteIdentity(m_processIdentity);
+ m_processCertName = ndn::KeyChain::createIdentity(m_processIdentity);
+ cout << "Certificate Name: " << m_processCertName.toUri() << endl;
+ m_processKeyName = m_processCertName.getPrefix(-2);
+ cout << "Key Name: " << m_processKeyName.toUri() << endl;
+ ndn::shared_ptr<ndn::IdentityCertificate> cert =
+ getCertificate(m_processCertName);
+ signByIdentity(*(cert), m_routerIdentity);
+ m_certStore.addCertificate(cert, m_certSeqNo, true);
+ m_certStore.print();
+ return true;
+}
+
+bool
+KeyManager::loadAllCertificates(std::string certDirPath)
+{
+ std::string filePath = certDirPath;
+ if (filePath.empty())
+ {
+ SequencingManager sm;
+ filePath = sm.getUserHomeDirectory();
+ filePath += "/nlsrCertDir";
+ }
+ return loadCertificate(filePath + "/root.cert", KEY_TYPE_ROOT)
+ && loadCertificate(filePath + "/site.cert", KEY_TYPE_SITE)
+ && loadCertificate(filePath + "/operator.cert", KEY_TYPE_OPERATOR)
+ && loadCertificate(filePath + "/router.cert", KEY_TYPE_ROUTER) ;
+}
+
+bool
+KeyManager::loadCertificate(std::string inputFile, nlsrKeyType keyType)
+{
+ try
+ {
+ ndn::shared_ptr<ndn::IdentityCertificate> cert =
+ ndn::io::load<ndn::IdentityCertificate>(inputFile, ndn::io::BASE_64);
+ ndn::Name certName = cert->getName();
+ switch (keyType)
+ {
+ case KEY_TYPE_ROOT:
+ m_certStore.addCertificate(cert, 10, true);
+ m_rootCertName = certName;
+ std::cout << "Root Cert: " << m_rootCertName << std::endl;
+ break;
+ case KEY_TYPE_SITE:
+ m_certStore.addCertificate(cert, 10, true);
+ m_siteCertName = certName;
+ std::cout << "Site Cert: " << m_siteCertName << std::endl;
+ break;
+ case KEY_TYPE_OPERATOR:
+ m_certStore.addCertificate(cert, 10, true);
+ m_opCertName = certName;
+ std::cout << "Operator Cert: " << m_opCertName << std::endl;
+ break;
+ case KEY_TYPE_ROUTER:
+ m_certStore.addCertificate(cert, m_certSeqNo, true);
+ m_routerCertName = certName;
+ std::cout << "Router Cert: " << m_routerCertName << std::endl;
+ break;
+ case KEY_TYPE_PROCESS:
+ m_certStore.addCertificate(cert, m_certSeqNo, true);
+ m_processCertName = certName;
+ std::cout << "Process Cert: " << m_processCertName << std::endl;
+ break;
+ default:
+ break;
+ }
+ return true;
+ }
+ catch (std::exception& e)
+ {
+ return false;
+ }
+ return false;
+}
+
+ndn::Name
+KeyManager::getProcessCertName()
+{
+ return m_processCertName;
+}
+
+ndn::Name
+KeyManager::getRouterCertName()
+{
+ return m_routerCertName;
+}
+
+ndn::Name
+KeyManager::getOperatorCertName()
+{
+ return m_opCertName;
+}
+
+ndn::Name
+KeyManager::getSiteCertName()
+{
+ return m_siteCertName;
+}
+
+ndn::Name
+KeyManager::getRootCertName()
+{
+ return m_rootCertName;
+}
+
+uint32_t
+KeyManager::getCertSeqNo()
+{
+ return m_certSeqNo;
+}
+
+void
+KeyManager::setCerSeqNo(uint32_t csn)
+{
+ m_certSeqNo = csn;
+}
+
+void
+KeyManager::initCertSeqFromFile(string certSeqFileDir)
+{
+ m_certSeqFileNameWithPath = certSeqFileDir;
+ if (m_certSeqFileNameWithPath.empty())
+ {
+ SequencingManager sm;
+ m_certSeqFileNameWithPath = sm.getUserHomeDirectory();
+ }
+ m_certSeqFileNameWithPath += "/nlsrCertSeqNo.txt";
+ cout << "Key Seq File Name: " << m_certSeqFileNameWithPath << endl;
+ std::ifstream inputFile(m_certSeqFileNameWithPath.c_str(), ios::binary);
+ if (inputFile.good())
+ {
+ inputFile >> m_certSeqNo;
+ m_certSeqNo++;
+ }
+ else
+ {
+ m_certSeqNo = 1;
+ }
+ writeCertSeqToFile();
+}
+
+void
+KeyManager::writeCertSeqToFile()
+{
+ std::ofstream outputFile(m_certSeqFileNameWithPath.c_str(), ios::binary);
+ outputFile << m_certSeqNo;
+ outputFile.close();
+}
+
+bool
+KeyManager::isNewCertificate(std::string certName, int checkSeqNum)
+{
+ return m_certStore.isCertificateNewInStore(certName, checkSeqNum);
+}
+
+std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+KeyManager::getCertificateFromStore(const std::string certName, int checkSeqNum)
+{
+ return m_certStore.getCertificateFromStore(certName, checkSeqNum);
+}
+
+std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+KeyManager::getCertificateFromStore(const std::string certName)
+{
+ return m_certStore.getCertificateFromStore(certName);
+}
+
+bool
+KeyManager::addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
+ , uint32_t csn, bool isv)
+{
+ return m_certStore.addCertificate(pcert, csn, isv);
+}
+
+std::pair<uint32_t, bool>
+KeyManager::getCertificateSeqNum(std::string certName)
+{
+ return m_certStore.getCertificateSeqNum(certName);
+}
+
+nlsrKeyType
+KeyManager::getKeyTypeFromName(const std::string keyName)
+{
+ Tokenizer nt(keyName, "/");
+ std::string KEY("KEY");
+ std::string opHandle("O.Start");
+ std::string routerHandle("R.Start");
+ std::string processHandle("nlsr");
+ if (nt.getTokenString(0, nt.getTokenPosition(KEY) - 1) == m_nlsrRootKeyPrefix)
+ {
+ return KEY_TYPE_ROOT;
+ }
+ else if (nt.doesTokenExist(opHandle))
+ {
+ return KEY_TYPE_OPERATOR;
+ }
+ else if (nt.doesTokenExist(routerHandle) &&
+ nt.doesTokenExist(processHandle))
+ {
+ return KEY_TYPE_PROCESS;
+ }
+ else if (nt.doesTokenExist(routerHandle) &&
+ !nt.doesTokenExist(processHandle))
+ {
+ return KEY_TYPE_ROUTER;
+ }
+ else
+ {
+ return KEY_TYPE_SITE;
+ }
+}
+
+std::string
+KeyManager::getRouterName(const std::string name)
+{
+ std::string routerName;
+ std::string rkp(m_nlsrRootKeyPrefix);
+ Tokenizer ntRkp(rkp, "/");
+ Tokenizer nt(name, "/");
+ std::string KEY("KEY");
+ std::string opHandle("O.Start");
+ std::string routerHandle("R.Start");
+ std::string processHandle("nlsr");
+ std::string infoHandle("info");
+ std::string lsaHandle("LSA");
+ if (nt.doesTokenExist(processHandle) && nt.doesTokenExist(routerHandle))
+ {
+ routerName = "/ndn" +
+ nt.getTokenString(ntRkp.getTokenNumber(),
+ nt.getTokenPosition(routerHandle) - 1) +
+ nt.getTokenString(nt.getTokenPosition(routerHandle) + 1,
+ nt.getTokenPosition(processHandle) - 1);
+ }
+ else if (nt.doesTokenExist(routerHandle) && !nt.doesTokenExist(infoHandle)
+ && !nt.doesTokenExist(lsaHandle))
+ {
+ routerName = "/ndn" +
+ nt.getTokenString(ntRkp.getTokenNumber(),
+ nt.getTokenPosition(routerHandle) - 1) +
+ nt.getTokenString(nt.getTokenPosition(routerHandle) + 1,
+ nt.getTokenPosition(KEY) - 1);
+ }
+ else
+ {
+ if (nt.doesTokenExist(infoHandle))
+ {
+ routerName = nt.getTokenString(0, nt.getTokenPosition(infoHandle) - 1);
+ }
+ else
+ {
+ routerName = nt.getTokenString(nt.getTokenPosition(lsaHandle) + 1,
+ nt.getTokenNumber() - 4);
+ }
+ }
+ return routerName;
+}
+
+std::string
+KeyManager::getSiteName(const std::string name)
+{
+ std::string siteName;
+ std::string routerName;
+ std::string rkp(m_nlsrRootKeyPrefix);
+ Tokenizer ntRkp(rkp, "/");
+ Tokenizer nt(name, "/");
+ std::string KEY("KEY");
+ std::string opHandle("O.Start");
+ std::string routerHandle("R.Start");
+ if (nt.doesTokenExist(routerHandle))
+ {
+ siteName = "/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
+ nt.getTokenPosition(routerHandle) - 1);
+ }
+ else if (nt.doesTokenExist(opHandle))
+ {
+ siteName = "/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
+ nt.getTokenPosition(opHandle) - 1);
+ }
+ else
+ {
+ siteName = "/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
+ nt.getTokenPosition(KEY) - 1);
+ }
+ return siteName;
+}
+
+std::string
+KeyManager::getRootName(const std::string name)
+{
+ std::string rName;
+ Tokenizer nt(name, "/");
+ std::string rkp(m_nlsrRootKeyPrefix);
+ Tokenizer ntRkp(rkp, "/");
+ rName = nt.getTokenString(0, ntRkp.getTokenNumber() - 1);
+ return rName;
+}
+
+
+bool
+KeyManager::verifyCertPacket(Nlsr& pnlsr, ndn::IdentityCertificate& packet)
+{
+ std::cout << "KeyManager::verifyCertPacket Called" << std::endl;
+ ndn::SignatureSha256WithRsa signature(packet.getSignature());
+ std::string signingCertName = signature.getKeyLocator().getName().toUri();
+ std::string packetName = packet.getName().toUri();
+
+ std::cout << "Packet Name: " << packetName << std::endl;
+ std::cout << "Signee Name: " << signingCertName << std::endl;
+
+ int paketCertType = getKeyTypeFromName(packetName);
+ int signingCertType = getKeyTypeFromName(signingCertName);
+
+ if (signingCertType > paketCertType) //lower level Cert can not sign
+ {
+ //upper level Cert
+ return false;
+ }
+
+ if ((signingCertType == paketCertType) && (paketCertType != KEY_TYPE_ROOT))
+ {
+ return false;
+ }
+
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> signee =
+ m_certStore.getCertificateFromStore(signingCertName);
+
+ if (signee.second)
+ {
+ switch (paketCertType)
+ {
+ case KEY_TYPE_ROOT:
+ return ((getRootName(packetName) == m_nlsrRootKeyPrefix) &&
+ verifySignature(packet, signee.first->getPublicKeyInfo()));
+ break;
+ case KEY_TYPE_SITE:
+ return ((getRootName(packetName) == getRootName(signingCertName)) &&
+ verifySignature(packet, signee.first->getPublicKeyInfo()) &&
+ m_certStore.getCertificateIsVerified(signingCertName));
+ break;
+ case KEY_TYPE_OPERATOR:
+ return ((getSiteName(packetName) == getSiteName(signingCertName)) &&
+ verifySignature(packet, signee.first->getPublicKeyInfo()) &&
+ m_certStore.getCertificateIsVerified(signingCertName));
+ break;
+ case KEY_TYPE_ROUTER:
+ return ((getSiteName(packetName) == getSiteName(signingCertName)) &&
+ verifySignature(packet, signee.first->getPublicKeyInfo()) &&
+ m_certStore.getCertificateIsVerified(signingCertName));
+ break;
+ case KEY_TYPE_PROCESS:
+ return ((getRouterName(packetName) == getRouterName(signingCertName)) &&
+ verifySignature(packet, signee.first->getPublicKeyInfo()) &&
+ m_certStore.getCertificateIsVerified(signingCertName));
+ break;
+ }
+ }
+ else
+ {
+ std::cout << "Certificate Not Found in store. Sending Interest" << std::endl;
+ pnlsr.getIm().expressInterest(pnlsr, signingCertName, 3,
+ pnlsr.getConfParameter().getInterestResendTime());
+ return false;
+ }
+ return false;
+}
+
+}//namespace nlsr
+
+
+
diff --git a/src/security/key-manager.hpp b/src/security/key-manager.hpp
new file mode 100644
index 0000000..9becfe2
--- /dev/null
+++ b/src/security/key-manager.hpp
@@ -0,0 +1,275 @@
+#ifndef NLSR_KM_HPP
+#define NLSR_KM_HPP
+
+#include <ndn-cpp-dev/face.hpp>
+#include <ndn-cpp-dev/data.hpp>
+#include <ndn-cpp-dev/security/key-chain.hpp>
+#include <ndn-cpp-dev/security/validator.hpp>
+#include <ndn-cpp-dev/util/random.hpp>
+#include <ndn-cpp-dev/security/identity-certificate.hpp>
+#include <list>
+#include "conf-parameter.hpp"
+#include "certificate-store.hpp"
+#include "utility/tokenizer.hpp"
+
+namespace nlsr {
+class Nlsr;
+enum nlsrKeyType
+{
+ KEY_TYPE_ROOT,
+ KEY_TYPE_SITE,
+ KEY_TYPE_OPERATOR,
+ KEY_TYPE_ROUTER,
+ KEY_TYPE_PROCESS,
+ KEY_TYPE_UNKNOWN
+};
+
+enum nlsrContentType
+{
+ CONTENT_TYPE_DATA,
+ CONTENT_TYPE_CERT
+};
+
+class KeyManager: public ndn::KeyChain, public ndn::Validator
+{
+ typedef SecPublicInfo::Error InfoError;
+ typedef SecTpm::Error TpmError;
+public:
+ using ndn::KeyChain::addCertificate;
+ KeyManager()
+ : m_certSeqNo(1)
+ , m_nlsrRootKeyPrefix()
+ , m_certStore()
+ {
+ }
+
+ bool
+ initialize(ConfParameter& cp);
+
+
+
+ void
+ checkPolicy(const ndn::Data& data,
+ int stepCount,
+ const ndn::OnDataValidated& onValidated,
+ const ndn::OnDataValidationFailed& onValidationFailed,
+ std::vector<ndn::shared_ptr<ndn::ValidationRequest> >& nextSteps)
+ {}
+
+ void
+ checkPolicy(const ndn::Interest& interest,
+ int stepCount,
+ const ndn::OnInterestValidated& onValidated,
+ const ndn::OnInterestValidationFailed& onValidationFailed,
+ std::vector<ndn::shared_ptr<ndn::ValidationRequest> >& nextSteps)
+ {}
+
+ void
+ signData(ndn::Data& data)
+ {
+ ndn::KeyChain::signByIdentity(data, m_processIdentity);
+ }
+
+ template<typename T> void
+ signByIdentity(T& packet, ndn::Name signeeIdentity)
+ {
+ ndn::KeyChain::signByIdentity(packet, signeeIdentity);
+ }
+
+ ndn::Name
+ createIdentity(const ndn::Name identityName)
+ {
+ return ndn::KeyChain::createIdentity(identityName);
+ }
+
+ ndn::Name
+ createIdentity(const ndn::Name identityName, const ndn::Name signee)
+ {
+ ndn::KeyChain::addIdentity(identityName);
+ ndn::Name keyName;
+ try
+ {
+ keyName = ndn::KeyChain::getDefaultKeyNameForIdentity(identityName);
+ }
+ catch (InfoError& e)
+ {
+ keyName = ndn::KeyChain::generateRSAKeyPairAsDefault(identityName, true);
+ }
+ ndn::shared_ptr<ndn::PublicKey> pubKey;
+ try
+ {
+ pubKey = ndn::KeyChain::getPublicKey(keyName);
+ }
+ catch (InfoError& e)
+ {
+ return identityName;
+ }
+ ndn::Name certName;
+ try
+ {
+ certName = ndn::KeyChain::getDefaultCertificateNameForKey(keyName);
+ }
+ catch (InfoError& e)
+ {
+ ndn::shared_ptr<ndn::IdentityCertificate> certificate =
+ ndn::make_shared<ndn::IdentityCertificate>();
+ ndn::Name certificateName = keyName.getPrefix(-1);
+ certificateName.append("KEY").append(
+ keyName.get(-1)).append("ID-CERT").appendVersion();
+ certificate->setName(certificateName);
+ certificate->setNotBefore(ndn::time::system_clock::now());
+ certificate->setNotAfter(ndn::time::system_clock::now() + ndn::time::days(
+ 7300) /* 1 year*/);
+ certificate->setPublicKeyInfo(*pubKey);
+ certificate->addSubjectDescription(
+ ndn::CertificateSubjectDescription("2.5.4.41",
+ keyName.toUri()));
+ certificate->encode();
+ try
+ {
+ ndn::KeyChain::signByIdentity(*certificate, signee);
+ }
+ catch (InfoError& e)
+ {
+ try
+ {
+ ndn::KeyChain::deleteIdentity(identityName);
+ }
+ catch (InfoError& e)
+ {
+ }
+ return identityName;
+ }
+ certName = certificate->getName();
+ }
+ return certName;
+ }
+
+ void
+ printCertStore()
+ {
+ m_certStore.print();
+ }
+
+private:
+ bool
+ verifyDataPacket(ndn::Data packet)
+ {
+ std::cout << "KeyManager::verifyDataPacket Called" << std::endl;
+ ndn::SignatureSha256WithRsa signature(packet.getSignature());
+ std::string signingCertName = signature.getKeyLocator().getName().toUri();
+ std::string packetName = packet.getName().toUri();
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> signee =
+ m_certStore.getCertificateFromStore(signingCertName);
+ if (signee.second)
+ {
+ std::string routerNameFromPacketName = getRouterName(packetName);
+ std::string routerNameFromCertName = getRouterName(signingCertName);
+ return ((routerNameFromPacketName == routerNameFromCertName) &&
+ verifySignature(packet, signee.first->getPublicKeyInfo()) &&
+ m_certStore.getCertificateIsVerified(signingCertName));
+ }
+ return false;
+ }
+
+ bool
+ verifyCertPacket(Nlsr& pnlsr, ndn::IdentityCertificate& packet);
+
+public:
+ template<typename T> bool
+ verify(T& packet)
+ {
+ std::cout << "KeyManager::verify Called" << std::endl;
+
+ return verifyDataPacket(packet);
+
+ return false;
+ }
+
+ bool
+ verify(Nlsr& pnlsr, ndn::IdentityCertificate& packet)
+ {
+ return verifyCertPacket(pnlsr, packet);
+ }
+
+ ndn::Name
+ getProcessCertName();
+
+ ndn::Name
+ getRouterCertName();
+
+ ndn::Name
+ getOperatorCertName();
+
+ ndn::Name
+ getSiteCertName();
+
+ ndn::Name
+ getRootCertName();
+
+ uint32_t
+ getCertSeqNo();
+
+ std::pair<uint32_t, bool>
+ getCertificateSeqNum(std::string certName);
+
+ void
+ setCerSeqNo(uint32_t csn);
+
+ void
+ initCertSeqFromFile(std::string certSeqFileDir);
+
+ void
+ writeCertSeqToFile();
+
+ bool
+ isNewCertificate(std::string certName, int checkSeqNum);
+
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+ getCertificateFromStore(const std::string certName, int checkSeqNum);
+
+ std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
+ getCertificateFromStore(const std::string certName);
+
+ bool
+ addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert,
+ uint32_t csn, bool isv);
+
+
+private:
+ bool
+ loadAllCertificates(std::string certDirPath);
+
+ bool
+ loadCertificate(std::string inputFile, nlsrKeyType keyType);
+
+ nlsrKeyType
+ getKeyTypeFromName(const std::string keyName);
+
+ std::string
+ getRouterName(const std::string name);
+
+ std::string
+ getSiteName(const std::string name);
+
+ std::string
+ getRootName(const std::string name);
+
+private:
+ ndn::Name m_processIdentity;
+ ndn::Name m_routerIdentity;
+ ndn::Name m_processCertName;
+ ndn::Name m_routerCertName;
+ ndn::Name m_opCertName;
+ ndn::Name m_siteCertName;
+ ndn::Name m_rootCertName;
+ ndn::Name m_processKeyName;
+ uint32_t m_certSeqNo;
+ std::string m_certSeqFileNameWithPath;
+ std::string m_nlsrRootKeyPrefix;
+ CertificateStore m_certStore;
+
+};
+}//namespace nlsr
+
+#endif //NLSR_KM_HPP
diff --git a/src/security/nlsr_cert_store.cpp b/src/security/nlsr_cert_store.cpp
deleted file mode 100644
index fa84ad9..0000000
--- a/src/security/nlsr_cert_store.cpp
+++ /dev/null
@@ -1,236 +0,0 @@
-#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
-#include <ndn-cpp-dev/security/key-chain.hpp>
-#include "nlsr_cert_store.hpp"
-#include "nlsr_wle.hpp"
-#include "nlsr_km.hpp"
-
-#define THIS_FILE "nlsr_cert_store.cpp"
-
-namespace nlsr
-{
- static bool
- nlsrCertificateStoreEntryCompare(NlsrCertificateStoreEntry& ncse1,
- NlsrCertificateStoreEntry& ncse2)
-
- {
- int sizeDiff=ncse1.getCert()->getName().size()-
- ncse2.getCert()->getName().size();
- return (ncse2.getCert()->getName().isPrefixOf(ncse1.getCert()->getName()) &&
- (sizeDiff <= 1 && sizeDiff>= 0));
-
-
- }
-
- static bool
- nlsrCertificateStoreEntryCompareByName(NlsrCertificateStoreEntry& ncse1,
- std::string compCertName)
-
- {
- ndn::Name ccn(compCertName);
- int sizeDiff= ncse1.getCert()->getName().size() -ccn.size();
- return ( ccn.isPrefixOf(ncse1.getCert()->getName()) &&
- (sizeDiff <= 1 && sizeDiff>= 0));
- }
-
- void
- NlsrCertificateStore::updateWaitingList(std::string respCertName)
- {
- ndn::Name tmpName(respCertName);
- respCertName=tmpName.getPrefix(-1).toUri();
- std::pair<WaitingListEntry, bool> chkWle=
- m_waitingList.getWaitingListEntry(respCertName);
- if( chkWle.second )
- {
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> sc=
- getCertificateFromStore(respCertName);
- std::list<std::string> waitees=(chkWle.first).getWaitingCerts();
- for(std::list<std::string>::iterator it = waitees.begin();
- it != waitees.end();++it)
- {
- KeyManager km;
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> wc=
- getCertificateFromStore(*(it));
- if( wc.second && sc.second )
- {
- if(km.verifySignature(*(wc.first),sc.first->getPublicKeyInfo()))
- {
- //1. Update Certificate Store
- setCertificateIsVerified(*(it),true);
- //2. Call updateWaitingList for waitee ( *(it) )
- updateWaitingList(*(it));
- }
- }
- }
- }
-
- //remove that entry from waiting list
- m_waitingList.remove(respCertName);
- }
-
- void
- NlsrCertificateStore::updateWaitingList(NlsrCertificateStoreEntry& ncse)
- {
- if( ncse.getIsSignerVerified())
- {
- updateWaitingList(ncse.getCert()->getName().toUri());
- }
- else
- {
- ndn::SignatureSha256WithRsa signature(ncse.getCert()->getSignature());
- m_waitingList.add(signature.getKeyLocator().getName().toUri(),
- ncse.getCert()->getName().toUri());
- }
- }
-
- bool
- NlsrCertificateStore::addCertificate(NlsrCertificateStoreEntry & ncse)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompare, _1, ncse));
- if(it == m_certTable.end())
- {
- m_certTable.push_back(ncse);
- updateWaitingList(ncse);
- return true;
- }
- else if( it != m_certTable.end() )
- {
- if ( (*it).getCertSeqNum() < ncse.getCertSeqNum() )
- {
- m_certTable.erase(it);
- m_certTable.push_back(ncse);
- updateWaitingList(ncse);
- return true;
- }
- }
- return false;
- }
-
- bool
- NlsrCertificateStore::addCertificate(
- ndn::shared_ptr<ndn::IdentityCertificate> pcert, uint32_t csn, bool isv)
- {
- NlsrCertificateStoreEntry ncse(pcert, csn, isv);
- return addCertificate(ncse);
- }
-
- std::pair<uint32_t, bool>
- NlsrCertificateStore::getCertificateSeqNum(std::string certName)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it == m_certTable.end())
- {
- return std::make_pair(0,false);
- }
- return std::make_pair((*it).getCertSeqNum(),true);
- }
-
-
-
- void
- NlsrCertificateStore::setCertificateIsVerified(std::string certName,
- bool isVerified)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it != m_certTable.end())
- {
- it->setIsSignerVerified(true);
- }
- }
-
- bool
- NlsrCertificateStore::getCertificateIsVerified( std::string certName )
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it != m_certTable.end())
- {
- return it->getIsSignerVerified();
- }
-
- return false;
- }
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- NlsrCertificateStore::getCertificateFromStore(const std::string certName)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it == m_certTable.end())
- {
- ndn::shared_ptr<ndn::IdentityCertificate> cert=
- ndn::make_shared<ndn::IdentityCertificate>();
- return std::make_pair(cert,false);
- }
- return std::make_pair((*it).getCert(),true);
- }
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- NlsrCertificateStore::getCertificateFromStore(
- const std::string certName, int checkSeqNum)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it == m_certTable.end())
- {
- ndn::shared_ptr<ndn::IdentityCertificate> cert=
- ndn::make_shared<ndn::IdentityCertificate>();
- return std::make_pair(cert,false);
- }
- else
- {
- if( (*it).getCertSeqNum() == checkSeqNum )
- {
- return std::make_pair((*it).getCert(),true);
- }
- }
- return std::make_pair((*it).getCert(),false);
- }
-
- bool
- NlsrCertificateStore::isCertificateNewInStore(const std::string certName,
- int checkSeqNo)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it != m_certTable.end())
- {
- return (*it).getCertSeqNum() < checkSeqNo ;
- }
- return true;
- }
-
- bool
- NlsrCertificateStore::removeCertificateFromStroe(const std::string certName)
- {
- std::list<NlsrCertificateStoreEntry>::iterator it =
- std::find_if( m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if(it != m_certTable.end())
- {
- m_certTable.erase(it);
- return true;
- }
- return false;
- }
-
- void
- NlsrCertificateStore::print()
- {
- std::list<NlsrCertificateStoreEntry>::iterator it;
- for(it=m_certTable.begin(); it!=m_certTable.end(); ++it)
- {
- std::cout<<(*it)<<std::endl;
- }
- std::cout<<m_waitingList<<std::endl;
- }
-}
diff --git a/src/security/nlsr_cert_store.hpp b/src/security/nlsr_cert_store.hpp
deleted file mode 100644
index 2ef4513..0000000
--- a/src/security/nlsr_cert_store.hpp
+++ /dev/null
@@ -1,42 +0,0 @@
-#ifndef NLSR_CERT_STORE_HPP
-#define NLSR_CERT_STORE_HPP
-
-#include<list>
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-#include "nlsr_cse.hpp"
-#include "nlsr_wl.hpp"
-
-namespace nlsr
-{
- class NlsrCertificateStore
- {
- public:
- NlsrCertificateStore()
- : m_certTable()
- , m_waitingList()
- {}
-
- bool addCertificate(NlsrCertificateStoreEntry& ncse);
- bool addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv);
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName);
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName, int checkSeqNum);
- bool removeCertificateFromStroe(const std::string certName);
- bool isCertificateNewInStore(const std::string certName, int checkSeqNo);
- std::pair<uint32_t, bool> getCertificateSeqNum(std::string certName);
- void print();
- void setCertificateIsVerified(std::string certName, bool isVerified);
- bool getCertificateIsVerified(std::string certName);
- private:
- void updateWaitingList(NlsrCertificateStoreEntry& ncse);
- void updateWaitingList(std::string respCertName);
-
- private:
- std::list<NlsrCertificateStoreEntry> m_certTable;
- WaitingList m_waitingList;
- };
-}
-
-#endif
diff --git a/src/security/nlsr_cse.cpp b/src/security/nlsr_cse.cpp
deleted file mode 100644
index 91c0150..0000000
--- a/src/security/nlsr_cse.cpp
+++ /dev/null
@@ -1,20 +0,0 @@
-#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
-#include "nlsr_cse.hpp"
-
-#define THIS_FILE "nlsr_cse.cpp"
-
-namespace nlsr
-{
- std::ostream&
- operator <<(std::ostream& os, const NlsrCertificateStoreEntry& ncse)
- {
- os<<"------Certificate Entry---------------"<<std::endl;
- os<<*(ncse.getCert())<<std::endl;
- ndn::SignatureSha256WithRsa sig(ncse.getCert()->getSignature());
- ndn::Name keyName=sig.getKeyLocator().getName();
- os<<"Signee : "<<keyName.toUri()<<std::endl;
- os<<"Cert Seq Num: "<<ncse.getCertSeqNum()<<std::endl;
- os<<"Is Signer Verified: "<<ncse.getIsSignerVerified()<<std::endl;
- return os;
- }
-}
diff --git a/src/security/nlsr_cse.hpp b/src/security/nlsr_cse.hpp
deleted file mode 100644
index 238d511..0000000
--- a/src/security/nlsr_cse.hpp
+++ /dev/null
@@ -1,66 +0,0 @@
-#ifndef NLSR_CERT_STORE_ENTRY_HPP
-#define NLSR_CERT_STORE_ENTRY_HPP
-
-#include <iostream>
-#include <ndn-cpp-dev/face.hpp>
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-
-namespace nlsr
-{
- class NlsrCertificateStoreEntry
- {
- public:
- NlsrCertificateStoreEntry()
- : m_cert(ndn::make_shared<ndn::IdentityCertificate>())
- , m_certSeqNum(0)
- , m_isSignerVerified(false)
- {}
-
- NlsrCertificateStoreEntry(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv)
- : m_cert(pcert)
- , m_certSeqNum(csn)
- , m_isSignerVerified(isv)
- {}
-
- ndn::shared_ptr<ndn::IdentityCertificate> getCert() const
- {
- return m_cert;
- }
-
- void setCert(ndn::shared_ptr<ndn::IdentityCertificate> pcert)
- {
- m_cert=pcert;
- }
-
- uint32_t getCertSeqNum() const
- {
- return m_certSeqNum;
- }
-
- void setCertSeqNum(uint32_t csn)
- {
- m_certSeqNum=csn;
- }
-
- bool getIsSignerVerified() const
- {
- return m_isSignerVerified;
- }
-
- void setIsSignerVerified(bool isv)
- {
- m_isSignerVerified=isv;
- }
-
- private:
- ndn::shared_ptr<ndn::IdentityCertificate> m_cert;
- uint32_t m_certSeqNum;
- bool m_isSignerVerified;
- };
- /* Debugging Purpose */
- std::ostream&
- operator <<(std::ostream& os, const NlsrCertificateStoreEntry& ncse);
-}
-
-#endif
diff --git a/src/security/nlsr_km.cpp b/src/security/nlsr_km.cpp
deleted file mode 100644
index d357795..0000000
--- a/src/security/nlsr_km.cpp
+++ /dev/null
@@ -1,405 +0,0 @@
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-#include <ndn-cpp-dev/encoding/block.hpp>
-#include <ndn-cpp-dev/util/io.hpp>
-#include <stdexcept>
-#include "nlsr_sm.hpp"
-#include "nlsr_km.hpp"
-#include "nlsr.hpp"
-
-#define THIS_FILE "nlsr_km.cpp"
-
-namespace nlsr
-{
- bool
- KeyManager::initialize(ConfParameter &cp)
- {
- initCertSeqFromFile(cp.getSeqFileDir());
- if( !loadAllCertificates(cp.getCertDir()) )
- {
- return false;
- }
- m_nlsrRootKeyPrefix=cp.getRootKeyPrefix();
- string processIdentityName(cp.getRootKeyPrefix());
- processIdentityName += "/";
- processIdentityName += cp.getSiteName();
- processIdentityName += "/";
- processIdentityName += "R.Start";
- processIdentityName += "/";
- processIdentityName += cp.getRouterName();
- ndn::Name ri(processIdentityName);
- std::cout<<"Router Identity: "<<ri.toUri()<<std::endl;
- m_routerIdentity=ri;
- processIdentityName += "/";
- processIdentityName += "nlsr";
- cout<<"Proces Identity Name: "<<processIdentityName<<endl;
- ndn::Name identityName(processIdentityName);
- m_processIdentity=identityName;
- ndn::KeyChain::deleteIdentity(m_processIdentity);
- m_processCertName = ndn::KeyChain::createIdentity(m_processIdentity);
- cout<<"Certificate Name: "<<m_processCertName.toUri()<<endl;
- m_processKeyName=m_processCertName.getPrefix(-2);
- cout<<"Key Name: "<<m_processKeyName.toUri()<<endl;
- ndn::shared_ptr<ndn::IdentityCertificate> cert =
- getCertificate(m_processCertName);
- signByIdentity(*(cert),m_routerIdentity);
- m_certStore.addCertificate(cert, m_certSeqNo, true);
- m_certStore.print();
- return true;
- }
-
- bool
- KeyManager::loadAllCertificates(std::string certDirPath)
- {
- std::string filePath=certDirPath;
- if(filePath.empty())
- {
- SequencingManager sm;
- filePath=sm.getUserHomeDirectory();
- filePath+="/nlsrCertDir";
- }
- return loadCertificate(filePath+"/root.cert", KEY_TYPE_ROOT)
- && loadCertificate(filePath+"/site.cert", KEY_TYPE_SITE)
- && loadCertificate(filePath+"/operator.cert", KEY_TYPE_OPERATOR)
- && loadCertificate(filePath+"/router.cert", KEY_TYPE_ROUTER) ;
- }
-
- bool
- KeyManager::loadCertificate(std::string inputFile, nlsrKeyType keyType)
- {
- try
- {
- ndn::shared_ptr<ndn::IdentityCertificate> cert =
- ndn::io::load<ndn::IdentityCertificate>(inputFile, ndn::io::BASE_64);
- ndn::Name certName=cert->getName();
- switch(keyType)
- {
- case KEY_TYPE_ROOT:
- m_certStore.addCertificate(cert, 10, true);
- m_rootCertName=certName;
- std::cout<<"Root Cert: "<<m_rootCertName<<std::endl;
- break;
- case KEY_TYPE_SITE:
- m_certStore.addCertificate(cert, 10, true);
- m_siteCertName=certName;
- std::cout<<"Site Cert: "<<m_siteCertName<<std::endl;
- break;
- case KEY_TYPE_OPERATOR:
- m_certStore.addCertificate(cert, 10, true);
- m_opCertName=certName;
- std::cout<<"Operator Cert: "<<m_opCertName<<std::endl;
- break;
- case KEY_TYPE_ROUTER:
- m_certStore.addCertificate(cert, m_certSeqNo, true);
- m_routerCertName=certName;
- std::cout<<"Router Cert: "<<m_routerCertName<<std::endl;
- break;
- case KEY_TYPE_PROCESS:
- m_certStore.addCertificate(cert, m_certSeqNo, true);
- m_processCertName=certName;
- std::cout<<"Process Cert: "<<m_processCertName<<std::endl;
- break;
- default:
- break;
- }
- return true;
- }
- catch(std::exception& e)
- {
- return false;
- }
- return false;
- }
-
- ndn::Name
- KeyManager::getProcessCertName()
- {
- return m_processCertName;
- }
-
- ndn::Name
- KeyManager::getRouterCertName()
- {
- return m_routerCertName;
- }
-
- ndn::Name
- KeyManager::getOperatorCertName()
- {
- return m_opCertName;
- }
-
- ndn::Name
- KeyManager::getSiteCertName()
- {
- return m_siteCertName;
- }
-
- ndn::Name
- KeyManager::getRootCertName()
- {
- return m_rootCertName;
- }
-
- uint32_t
- KeyManager::getCertSeqNo()
- {
- return m_certSeqNo;
- }
-
- void
- KeyManager::setCerSeqNo(uint32_t csn)
- {
- m_certSeqNo=csn;
- }
-
- void
- KeyManager::initCertSeqFromFile(string certSeqFileDir)
- {
- m_certSeqFileNameWithPath=certSeqFileDir;
- if( m_certSeqFileNameWithPath.empty() )
- {
- SequencingManager sm;
- m_certSeqFileNameWithPath=sm.getUserHomeDirectory();
- }
- m_certSeqFileNameWithPath += "/nlsrCertSeqNo.txt";
- cout<<"Key Seq File Name: "<< m_certSeqFileNameWithPath<<endl;
- std::ifstream inputFile(m_certSeqFileNameWithPath.c_str(),ios::binary);
- if ( inputFile.good() )
- {
- inputFile>>m_certSeqNo;
- m_certSeqNo++;
- }
- else
- {
- m_certSeqNo=1;
- }
- writeCertSeqToFile();
- }
-
- void
- KeyManager::writeCertSeqToFile()
- {
- std::ofstream outputFile(m_certSeqFileNameWithPath.c_str(),ios::binary);
- outputFile<<m_certSeqNo;
- outputFile.close();
- }
-
- bool
- KeyManager::isNewCertificate(std::string certName, int checkSeqNum)
- {
- return m_certStore.isCertificateNewInStore(certName,checkSeqNum);
- }
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- KeyManager::getCertificateFromStore(const std::string certName, int checkSeqNum)
- {
- return m_certStore.getCertificateFromStore(certName, checkSeqNum);
- }
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- KeyManager::getCertificateFromStore(const std::string certName)
- {
- return m_certStore.getCertificateFromStore(certName);
- }
-
- bool
- KeyManager::addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv)
- {
- return m_certStore.addCertificate(pcert, csn, isv);
- }
-
- std::pair<uint32_t, bool>
- KeyManager::getCertificateSeqNum(std::string certName)
- {
- return m_certStore.getCertificateSeqNum(certName);
- }
-
- nlsrKeyType
- KeyManager::getKeyTypeFromName(const std::string keyName)
- {
- nlsrTokenizer nt(keyName,"/");
- std::string KEY("KEY");
- std::string opHandle("O.Start");
- std::string routerHandle("R.Start");
- std::string processHandle("nlsr");
- if ( nt.getTokenString(0,nt.getTokenPosition(KEY)-1) == m_nlsrRootKeyPrefix)
- {
- return KEY_TYPE_ROOT;
- }
- else if ( nt.doesTokenExist(opHandle) )
- {
- return KEY_TYPE_OPERATOR;
- }
- else if ( nt.doesTokenExist(routerHandle) &&
- nt.doesTokenExist(processHandle))
- {
- return KEY_TYPE_PROCESS;
- }
- else if ( nt.doesTokenExist(routerHandle) &&
- !nt.doesTokenExist(processHandle))
- {
- return KEY_TYPE_ROUTER;
- }
- else
- {
- return KEY_TYPE_SITE;
- }
- }
-
- std::string
- KeyManager::getRouterName(const std::string name)
- {
- std::string routerName;
- std::string rkp(m_nlsrRootKeyPrefix);
- nlsrTokenizer ntRkp(rkp,"/");
- nlsrTokenizer nt(name,"/");
- std::string KEY("KEY");
- std::string opHandle("O.Start");
- std::string routerHandle("R.Start");
- std::string processHandle("nlsr");
- std::string infoHandle("info");
- std::string lsaHandle("LSA");
- if ( nt.doesTokenExist(processHandle) && nt.doesTokenExist(routerHandle))
- {
- routerName="/ndn" +
- nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(routerHandle)-1) +
- nt.getTokenString(nt.getTokenPosition(routerHandle)+1,
- nt.getTokenPosition(processHandle)-1);
- }
- else if(nt.doesTokenExist(routerHandle) && !nt.doesTokenExist(infoHandle)
- && !nt.doesTokenExist(lsaHandle))
- {
- routerName="/ndn" +
- nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(routerHandle)-1) +
- nt.getTokenString(nt.getTokenPosition(routerHandle)+1,
- nt.getTokenPosition(KEY)-1);
- }
- else
- {
- if (nt.doesTokenExist(infoHandle) )
- {
- routerName=nt.getTokenString(0,nt.getTokenPosition(infoHandle)-1);
- }
- else
- {
- routerName=nt.getTokenString(nt.getTokenPosition(lsaHandle)+1,
- nt.getTokenNumber()-4);
- }
- }
- return routerName;
- }
-
- std::string
- KeyManager::getSiteName(const std::string name)
- {
- std::string siteName;
- std::string routerName;
- std::string rkp(m_nlsrRootKeyPrefix);
- nlsrTokenizer ntRkp(rkp,"/");
- nlsrTokenizer nt(name,"/");
- std::string KEY("KEY");
- std::string opHandle("O.Start");
- std::string routerHandle("R.Start");
- if ( nt.doesTokenExist(routerHandle) )
- {
- siteName="/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(routerHandle) -1);
- }
- else if ( nt.doesTokenExist(opHandle) )
- {
- siteName="/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(opHandle) -1);
- }
- else
- {
- siteName="/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(KEY) -1);
- }
- return siteName;
- }
-
- std::string
- KeyManager::getRootName(const std::string name)
- {
- std::string rName;
- nlsrTokenizer nt(name,"/");
- std::string rkp(m_nlsrRootKeyPrefix);
- nlsrTokenizer ntRkp(rkp,"/");
- rName=nt.getTokenString(0,ntRkp.getTokenNumber()-1);
- return rName;
- }
-
-
- bool
- KeyManager::verifyCertPacket(Nlsr& pnlsr, ndn::IdentityCertificate& packet)
- {
- std::cout<<"KeyManager::verifyCertPacket Called"<<std::endl;
- ndn::SignatureSha256WithRsa signature(packet.getSignature());
- std::string signingCertName=signature.getKeyLocator().getName().toUri();
- std::string packetName=packet.getName().toUri();
-
- std::cout<<"Packet Name: "<<packetName<<std::endl;
- std::cout<<"Signee Name: "<<signingCertName<<std::endl;
-
- int paketCertType=getKeyTypeFromName(packetName);
- int signingCertType=getKeyTypeFromName(signingCertName);
-
- if( signingCertType > paketCertType ) //lower level Cert can not sign
- { //upper level Cert
- return false;
- }
-
- if((signingCertType == paketCertType) && (paketCertType != KEY_TYPE_ROOT))
- {
- return false;
- }
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> signee=
- m_certStore.getCertificateFromStore(signingCertName);
-
- if( signee.second )
- {
- switch(paketCertType)
- {
- case KEY_TYPE_ROOT:
- return ((getRootName(packetName) == m_nlsrRootKeyPrefix) &&
- verifySignature(packet,signee.first->getPublicKeyInfo()));
- break;
- case KEY_TYPE_SITE:
- return ((getRootName(packetName) == getRootName(signingCertName)) &&
- verifySignature(packet,signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- case KEY_TYPE_OPERATOR:
- return ((getSiteName(packetName) == getSiteName(signingCertName)) &&
- verifySignature(packet,signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- case KEY_TYPE_ROUTER:
- return ((getSiteName(packetName) == getSiteName(signingCertName)) &&
- verifySignature(packet,signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- case KEY_TYPE_PROCESS:
- return ((getRouterName(packetName) == getRouterName(signingCertName)) &&
- verifySignature(packet,signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- }
- }
- else
- {
- std::cout<<"Certificate Not Found in store. Sending Interest"<<std::endl;
- pnlsr.getIm().expressInterest(pnlsr, signingCertName, 3,
- pnlsr.getConfParameter().getInterestResendTime());
- return false;
- }
- return false;
- }
-}
-
-
-
diff --git a/src/security/nlsr_km.hpp b/src/security/nlsr_km.hpp
deleted file mode 100644
index 291d55c..0000000
--- a/src/security/nlsr_km.hpp
+++ /dev/null
@@ -1,249 +0,0 @@
-#ifndef NLSR_KM_HPP
-#define NLSR_KM_HPP
-
-#include <ndn-cpp-dev/face.hpp>
-#include <ndn-cpp-dev/data.hpp>
-#include <ndn-cpp-dev/security/key-chain.hpp>
-#include <ndn-cpp-dev/security/validator.hpp>
-#include <ndn-cpp-dev/util/random.hpp>
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-#include <list>
-#include "nlsr_conf_param.hpp"
-#include "nlsr_cert_store.hpp"
-#include "utility/nlsr_tokenizer.hpp"
-
-namespace nlsr
-{
- class Nlsr;
- enum nlsrKeyType
- {
- KEY_TYPE_ROOT,
- KEY_TYPE_SITE,
- KEY_TYPE_OPERATOR,
- KEY_TYPE_ROUTER,
- KEY_TYPE_PROCESS,
- KEY_TYPE_UNKNOWN
- };
-
- enum nlsrContentType
- {
- CONTENT_TYPE_DATA,
- CONTENT_TYPE_CERT
- };
-
- class KeyManager: public ndn::KeyChain, public ndn::Validator
- {
- typedef SecPublicInfo::Error InfoError;
- typedef SecTpm::Error TpmError;
- public:
- KeyManager()
- : m_certSeqNo(1)
- , m_certStore()
- , m_nlsrRootKeyPrefix()
- {
- }
-
- bool initialize(ConfParameter &cp);
-
-
-
- void
- checkPolicy (const ndn::Data& data,
- int stepCount,
- const ndn::OnDataValidated& onValidated,
- const ndn::OnDataValidationFailed& onValidationFailed,
- std::vector<ndn::shared_ptr<ndn::ValidationRequest> >& nextSteps)
- {}
-
- void
- checkPolicy (const ndn::Interest& interest,
- int stepCount,
- const ndn::OnInterestValidated& onValidated,
- const ndn::OnInterestValidationFailed& onValidationFailed,
- std::vector<ndn::shared_ptr<ndn::ValidationRequest> >& nextSteps)
- {}
-
- void signData(ndn::Data& data)
- {
- ndn::KeyChain::signByIdentity(data,m_processIdentity);
- }
-
- template<typename T>
- void signByIdentity(T& packet, ndn::Name signeeIdentity)
- {
- ndn::KeyChain::signByIdentity(packet,signeeIdentity);
- }
-
- ndn::shared_ptr<ndn::IdentityCertificate>
- getCertificate(ndn::Name certificateName)
- {
- return ndn::KeyChain::getCertificate(certificateName);
- }
-
- ndn::shared_ptr<ndn::IdentityCertificate>
- getCertificate()
- {
- return getCertificate(m_processCertName);
- }
-
- ndn::Name
- createIdentity(const ndn::Name identityName)
- {
- return ndn::KeyChain::createIdentity(identityName);
- }
-
- ndn::Name
- createIdentity(const ndn::Name identityName, const ndn::Name signee)
- {
- ndn::KeyChain::addIdentity(identityName);
- ndn::Name keyName;
- try
- {
- keyName = ndn::KeyChain::getDefaultKeyNameForIdentity(identityName);
- }
- catch(InfoError& e)
- {
- keyName = ndn::KeyChain::generateRSAKeyPairAsDefault(identityName, true);
- }
- ndn::shared_ptr<ndn::PublicKey> pubKey;
- try
- {
- pubKey = ndn::KeyChain::getPublicKey(keyName);
- }
- catch(InfoError& e)
- {
- return identityName;
- }
- ndn::Name certName;
- try
- {
- certName = ndn::KeyChain::getDefaultCertificateNameForKey(keyName);
- }
- catch(InfoError& e)
- {
- ndn::shared_ptr<ndn::IdentityCertificate> certificate =
- ndn::make_shared<ndn::IdentityCertificate>();
- ndn::Name certificateName = keyName.getPrefix(-1);
- certificateName.append("KEY").append(
- keyName.get(-1)).append("ID-CERT").appendVersion();
- certificate->setName(certificateName);
- certificate->setNotBefore(ndn::time::system_clock::now());
- certificate->setNotAfter(ndn::time::system_clock::now() + ndn::time::days(7300) /* 1 year*/);
- certificate->setPublicKeyInfo(*pubKey);
- certificate->addSubjectDescription(
- ndn::CertificateSubjectDescription("2.5.4.41",
- keyName.toUri()));
- certificate->encode();
- try
- {
- ndn::KeyChain::signByIdentity(*certificate,signee);
- }
- catch(InfoError& e)
- {
- try
- {
- ndn::KeyChain::deleteIdentity(identityName);
- }
- catch(InfoError& e)
- {
- }
- return identityName;
- }
- certName=certificate->getName();
- }
- return certName;
- }
-
- void printCertStore()
- {
- m_certStore.print();
- }
-
- private:
- bool
- verifyDataPacket(ndn::Data packet)
- {
- std::cout<<"KeyManager::verifyDataPacket Called"<<std::endl;
- ndn::SignatureSha256WithRsa signature(packet.getSignature());
- std::string signingCertName=signature.getKeyLocator().getName().toUri();
- std::string packetName=packet.getName().toUri();
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> signee=
- m_certStore.getCertificateFromStore(signingCertName);
- if( signee.second )
- {
- std::string routerNameFromPacketName=getRouterName(packetName);
- std::string routerNameFromCertName=getRouterName(signingCertName);
- return ( (routerNameFromPacketName== routerNameFromCertName) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- }
- return false;
- }
-
- bool
- verifyCertPacket(Nlsr& pnlsr, ndn::IdentityCertificate& packet);
-
- public:
- template<typename T>
- bool
- verify(T& packet )
- {
- std::cout<<"KeyManager::verify Called"<<std::endl;
-
- return verifyDataPacket(packet);
-
- return false;
- }
-
- bool
- verify(Nlsr& pnlsr, ndn::IdentityCertificate& packet)
- {
- return verifyCertPacket(pnlsr, packet);
- }
-
- ndn::Name getProcessCertName();
- ndn::Name getRouterCertName();
- ndn::Name getOperatorCertName();
- ndn::Name getSiteCertName();
- ndn::Name getRootCertName();
-
- uint32_t getCertSeqNo();
- std::pair<uint32_t, bool> getCertificateSeqNum(std::string certName);
- void setCerSeqNo(uint32_t csn);
- void initCertSeqFromFile(string certSeqFileDir);
- void writeCertSeqToFile();
- bool isNewCertificate(std::string certName, int checkSeqNum);
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName, int checkSeqNum);
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName);
- bool addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv);
-
-
- private:
- bool loadAllCertificates(std::string certDirPath);
- bool loadCertificate(std::string inputFile, nlsrKeyType keyType);
- nlsrKeyType getKeyTypeFromName(const std::string keyName);
- std::string getRouterName(const std::string name);
- std::string getSiteName(const std::string name);
- std::string getRootName(const std::string name);
-
- private:
- ndn::Name m_processIdentity;
- ndn::Name m_routerIdentity;
- ndn::Name m_processCertName;
- ndn::Name m_routerCertName;
- ndn::Name m_opCertName;
- ndn::Name m_siteCertName;
- ndn::Name m_rootCertName;
- ndn::Name m_processKeyName;
- uint32_t m_certSeqNo;
- string m_certSeqFileNameWithPath;
- string m_nlsrRootKeyPrefix;
- NlsrCertificateStore m_certStore;
-
- };
-}
-
-#endif
diff --git a/src/security/nlsr_wl.cpp b/src/security/nlsr_wl.cpp
deleted file mode 100644
index 442afe3..0000000
--- a/src/security/nlsr_wl.cpp
+++ /dev/null
@@ -1,77 +0,0 @@
-#include <ndn-cpp-dev/face.hpp>
-#include "nlsr_wl.hpp"
-
-#define THIS_FILE "nlsr_wl.cpp"
-
-namespace nlsr
-{
- static bool
- waitingListCompare(const WaitingListEntry& w1, const std::string& respCert)
- {
- return w1.getResponsibleCert() == respCert;
- }
-
- std::pair<WaitingListEntry, bool>
- WaitingList::getWaitingListEntry(std::string respCert)
- {
- std::list<WaitingListEntry>::iterator it = std::find_if( m_waitingTable.begin(),
- m_waitingTable.end(),ndn::bind(&waitingListCompare, _1, respCert));
- if( it != m_waitingTable.end() )
- {
- return std::make_pair(*(it),true);
- }
-
- WaitingListEntry wle;
- return std::make_pair(wle,false);
-
- }
-
- bool
- WaitingList::add(std::string respCert, std::string waitee)
- {
- std::list<WaitingListEntry>::iterator it = std::find_if( m_waitingTable.begin(),
- m_waitingTable.end(),ndn::bind(&waitingListCompare, _1, respCert));
- if( it == m_waitingTable.end() )
- {
- WaitingListEntry newWle(respCert);
- newWle.addWaitee(waitee);
- m_waitingTable.push_back(newWle);
- return true;
- }
- else
- {
- return it->addWaitee(waitee);
- }
- return false;
- }
-
- bool
- WaitingList::remove(std::string respCert)
- {
- std::list<WaitingListEntry>::iterator it = std::find_if( m_waitingTable.begin(),
- m_waitingTable.end(),ndn::bind(&waitingListCompare, _1, respCert));
- if( it == m_waitingTable.end() )
- {
- return false;
- }
- else
- {
- m_waitingTable.erase(it);
- return true;
- }
- return false;
- }
-
- std::ostream&
- operator<<(std::ostream& os, WaitingList wl)
- {
- os<<"-------Waiting List--------"<<std::endl;
- std::list<WaitingListEntry> wles=wl.getWaitingTable();
- for( std::list<WaitingListEntry> ::iterator it=wles.begin();
- it != wles.end(); ++it)
- {
- os<<*(it)<<std::endl;
- }
- return os;
- }
-}
diff --git a/src/security/nlsr_wl.hpp b/src/security/nlsr_wl.hpp
deleted file mode 100644
index 1a752ca..0000000
--- a/src/security/nlsr_wl.hpp
+++ /dev/null
@@ -1,31 +0,0 @@
-#ifndef NLSR_WL_HPP
-#define NLSR_WL_HPP
-
-#include "nlsr_wle.hpp"
-
-namespace nlsr
-{
- class WaitingList
- {
- public:
- WaitingList()
- : m_waitingTable()
- {}
-
- std::list<WaitingListEntry>& getWaitingTable()
- {
- return m_waitingTable;
- }
-
- bool add(std::string respCert, std::string waitee);
- std::pair<WaitingListEntry, bool> getWaitingListEntry(std::string respCert);
- bool remove(std::string respCert);
-
- private:
- std::list<WaitingListEntry> m_waitingTable;
- };
-
- std::ostream& operator<<(std::ostream& os, WaitingList wl);
-}
-
-#endif
diff --git a/src/security/nlsr_wle.cpp b/src/security/nlsr_wle.cpp
deleted file mode 100644
index 37caf6d..0000000
--- a/src/security/nlsr_wle.cpp
+++ /dev/null
@@ -1,44 +0,0 @@
-#include <iostream>
-#include <list>
-#include <ndn-cpp-dev/face.hpp>
-#include "nlsr_wle.hpp"
-
-#define THIS_FILE "nlsr_wle.cpp"
-
-namespace nlsr
-{
- static bool
- waiteeCompare(std::string& w1, std::string& w2)
- {
- return w1 == w2 ;
- }
-
- bool
- WaitingListEntry::addWaitee(std::string waiteeName)
- {
- std::list<std::string>::iterator it = std::find_if( m_waitingCerts.begin(),
- m_waitingCerts.end(),ndn::bind(&waiteeCompare, _1, waiteeName));
- if( it == m_waitingCerts.end() )
- {
- m_waitingCerts.push_back(waiteeName);
- return true;
- }
-
- return false;
- }
-
- std::ostream&
- operator<<(std::ostream& os, const WaitingListEntry& we)
- {
- os<<"-------------Wiating List Entry-------------"<<std::endl;
- os<<"Responsible Certificate: "<<we.getResponsibleCert()<<std::endl;
- std::list<std::string> waitee=we.getWaitingCerts();
- int i=1;
- for(std::list<std::string>::iterator it=waitee.begin();
- it!=waitee.end(); ++i, ++it)
- {
- os<<"Waite "<<i<<": "<<*(it)<<std::endl;
- }
- return os;
- }
-}
diff --git a/src/security/nlsr_wle.hpp b/src/security/nlsr_wle.hpp
deleted file mode 100644
index 0647382..0000000
--- a/src/security/nlsr_wle.hpp
+++ /dev/null
@@ -1,47 +0,0 @@
-#ifndef NLSR_WLE_HPP
-#define NLSR_WLE_HPP
-
-#include <list>
-#include <iostream>
-
-namespace nlsr
-{
- class WaitingListEntry
- {
- public:
- WaitingListEntry()
- : m_responsibleCert()
- , m_waitingCerts()
- {}
-
- WaitingListEntry(std::string resCert)
- : m_responsibleCert(resCert)
- , m_waitingCerts()
- {}
-
- std::string getResponsibleCert() const
- {
- return m_responsibleCert;
- }
-
- void setResponsibleCert(std::string resCert)
- {
- m_responsibleCert=resCert;
- }
-
- std::list<std::string> getWaitingCerts() const
- {
- return m_waitingCerts;
- }
-
- bool addWaitee(std::string waiteeName);
-
- private:
- std::string m_responsibleCert;
- std::list<std::string> m_waitingCerts;
- };
-
- std::ostream& operator<<(std::ostream& os, const WaitingListEntry& we);
-} //end name space
-
-#endif
diff --git a/src/security/waiting-list-entry.cpp b/src/security/waiting-list-entry.cpp
new file mode 100644
index 0000000..1172698
--- /dev/null
+++ b/src/security/waiting-list-entry.cpp
@@ -0,0 +1,41 @@
+#include <iostream>
+#include <list>
+#include <ndn-cpp-dev/face.hpp>
+#include "waiting-list-entry.hpp"
+
+namespace nlsr {
+static bool
+waiteeCompare(std::string& w1, std::string& w2)
+{
+ return w1 == w2 ;
+}
+
+bool
+WaitingListEntry::addWaitee(std::string waiteeName)
+{
+ std::list<std::string>::iterator it = std::find_if(m_waitingCerts.begin(),
+ m_waitingCerts.end(), ndn::bind(&waiteeCompare, _1, waiteeName));
+ if (it == m_waitingCerts.end())
+ {
+ m_waitingCerts.push_back(waiteeName);
+ return true;
+ }
+
+ return false;
+}
+
+std::ostream&
+operator<<(std::ostream& os, const WaitingListEntry& we)
+{
+ os << "-------------Wiating List Entry-------------" << std::endl;
+ os << "Responsible Certificate: " << we.getResponsibleCert() << std::endl;
+ std::list<std::string> waitee = we.getWaitingCerts();
+ int i = 1;
+ for (std::list<std::string>::iterator it = waitee.begin();
+ it != waitee.end(); ++i, ++it)
+ {
+ os << "Waite " << i << ": " << *(it) << std::endl;
+ }
+ return os;
+}
+}//namespace nlsr
diff --git a/src/security/waiting-list-entry.hpp b/src/security/waiting-list-entry.hpp
new file mode 100644
index 0000000..66b0a95
--- /dev/null
+++ b/src/security/waiting-list-entry.hpp
@@ -0,0 +1,51 @@
+#ifndef NLSR_WLE_HPP
+#define NLSR_WLE_HPP
+
+#include <list>
+#include <iostream>
+
+namespace nlsr {
+class WaitingListEntry
+{
+public:
+ WaitingListEntry()
+ : m_responsibleCert()
+ , m_waitingCerts()
+ {}
+
+ WaitingListEntry(std::string resCert)
+ : m_responsibleCert(resCert)
+ , m_waitingCerts()
+ {}
+
+ std::string
+ getResponsibleCert() const
+ {
+ return m_responsibleCert;
+ }
+
+ void
+ setResponsibleCert(std::string resCert)
+ {
+ m_responsibleCert = resCert;
+ }
+
+ std::list<std::string>
+ getWaitingCerts() const
+ {
+ return m_waitingCerts;
+ }
+
+ bool
+ addWaitee(std::string waiteeName);
+
+private:
+ std::string m_responsibleCert;
+ std::list<std::string> m_waitingCerts;
+};
+
+std::ostream&
+operator<<(std::ostream& os, const WaitingListEntry& we);
+} //end name space
+
+#endif //NLSR_WLE_HPP
diff --git a/src/security/waiting-list.cpp b/src/security/waiting-list.cpp
new file mode 100644
index 0000000..dbf9b68
--- /dev/null
+++ b/src/security/waiting-list.cpp
@@ -0,0 +1,74 @@
+#include <ndn-cpp-dev/face.hpp>
+#include "waiting-list.hpp"
+
+namespace nlsr {
+static bool
+waitingListCompare(const WaitingListEntry& w1, const std::string& respCert)
+{
+ return w1.getResponsibleCert() == respCert;
+}
+
+std::pair<WaitingListEntry, bool>
+WaitingList::getWaitingListEntry(std::string respCert)
+{
+ std::list<WaitingListEntry>::iterator it = std::find_if(m_waitingTable.begin(),
+ m_waitingTable.end(), ndn::bind(&waitingListCompare, _1, respCert));
+ if (it != m_waitingTable.end())
+ {
+ return std::make_pair(*(it), true);
+ }
+
+ WaitingListEntry wle;
+ return std::make_pair(wle, false);
+
+}
+
+bool
+WaitingList::add(std::string respCert, std::string waitee)
+{
+ std::list<WaitingListEntry>::iterator it = std::find_if(m_waitingTable.begin(),
+ m_waitingTable.end(), ndn::bind(&waitingListCompare, _1, respCert));
+ if (it == m_waitingTable.end())
+ {
+ WaitingListEntry newWle(respCert);
+ newWle.addWaitee(waitee);
+ m_waitingTable.push_back(newWle);
+ return true;
+ }
+ else
+ {
+ return it->addWaitee(waitee);
+ }
+ return false;
+}
+
+bool
+WaitingList::remove(std::string respCert)
+{
+ std::list<WaitingListEntry>::iterator it = std::find_if(m_waitingTable.begin(),
+ m_waitingTable.end(), ndn::bind(&waitingListCompare, _1, respCert));
+ if (it == m_waitingTable.end())
+ {
+ return false;
+ }
+ else
+ {
+ m_waitingTable.erase(it);
+ return true;
+ }
+ return false;
+}
+
+std::ostream&
+operator<<(std::ostream& os, WaitingList wl)
+{
+ os << "-------Waiting List--------" << std::endl;
+ std::list<WaitingListEntry> wles = wl.getWaitingTable();
+ for (std::list<WaitingListEntry> ::iterator it = wles.begin();
+ it != wles.end(); ++it)
+ {
+ os << *(it) << std::endl;
+ }
+ return os;
+}
+}//namespace nlsr
diff --git a/src/security/waiting-list.hpp b/src/security/waiting-list.hpp
new file mode 100644
index 0000000..d7e89ce
--- /dev/null
+++ b/src/security/waiting-list.hpp
@@ -0,0 +1,38 @@
+#ifndef NLSR_WL_HPP
+#define NLSR_WL_HPP
+
+#include "waiting-list-entry.hpp"
+
+namespace nlsr {
+class WaitingList
+{
+public:
+ WaitingList()
+ : m_waitingTable()
+ {}
+
+ std::list<WaitingListEntry>&
+ getWaitingTable()
+ {
+ return m_waitingTable;
+ }
+
+ bool
+ add(std::string respCert, std::string waitee);
+
+ std::pair<WaitingListEntry, bool>
+ getWaitingListEntry(std::string respCert);
+
+ bool
+ remove(std::string respCert);
+
+private:
+ std::list<WaitingListEntry> m_waitingTable;
+};
+
+std::ostream&
+operator<<(std::ostream& os, WaitingList wl);
+
+}//namespace nlsr
+
+#endif //NLSR_WL_HPP