security: Remove unused disabled files
Change-Id: Ifbbe284f5e3586e6256ffa30902926c2d751743e
refs: #2960
diff --git a/src/security/certificate-store-entry.cpp.disable b/src/security/certificate-store-entry.cpp.disable
deleted file mode 100644
index 5cb7933..0000000
--- a/src/security/certificate-store-entry.cpp.disable
+++ /dev/null
@@ -1,17 +0,0 @@
-#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
-#include "certificate-store-entry.hpp"
-
-namespace nlsr {
-std::ostream&
-operator<<(std::ostream& os, const CertificateStoreEntry& ncse)
-{
- os << "------Certificate Entry---------------" << std::endl;
- os << *(ncse.getCert()) << std::endl;
- ndn::SignatureSha256WithRsa sig(ncse.getCert()->getSignature());
- ndn::Name keyName = sig.getKeyLocator().getName();
- os << "Signee : " << keyName.toUri() << std::endl;
- os << "Cert Seq Num: " << ncse.getCertSeqNum() << std::endl;
- os << "Is Signer Verified: " << ncse.getIsSignerVerified() << std::endl;
- return os;
-}
-}//namespace nlsr
diff --git a/src/security/certificate-store-entry.hpp.disable b/src/security/certificate-store-entry.hpp.disable
deleted file mode 100644
index 1257129..0000000
--- a/src/security/certificate-store-entry.hpp.disable
+++ /dev/null
@@ -1,72 +0,0 @@
-#ifndef NLSR_CERT_STORE_ENTRY_HPP
-#define NLSR_CERT_STORE_ENTRY_HPP
-
-#include <iostream>
-#include <ndn-cpp-dev/face.hpp>
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-
-namespace nlsr {
-class CertificateStoreEntry
-{
-public:
- CertificateStoreEntry()
- : m_cert(ndn::make_shared<ndn::IdentityCertificate>())
- , m_certSeqNum(0)
- , m_isSignerVerified(false)
- {}
-
- CertificateStoreEntry(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv)
- : m_cert(pcert)
- , m_certSeqNum(csn)
- , m_isSignerVerified(isv)
- {}
-
- ndn::shared_ptr<ndn::IdentityCertificate>
- getCert() const
- {
- return m_cert;
- }
-
- void
- setCert(ndn::shared_ptr<ndn::IdentityCertificate> pcert)
- {
- m_cert = pcert;
- }
-
- uint32_t
- getCertSeqNum() const
- {
- return m_certSeqNum;
- }
-
- void
- setCertSeqNum(uint32_t csn)
- {
- m_certSeqNum = csn;
- }
-
- bool
- getIsSignerVerified() const
- {
- return m_isSignerVerified;
- }
-
- void
- setIsSignerVerified(bool isv)
- {
- m_isSignerVerified = isv;
- }
-
-private:
- ndn::shared_ptr<ndn::IdentityCertificate> m_cert;
- uint32_t m_certSeqNum;
- bool m_isSignerVerified;
-};
-/* Debugging Purpose */
-std::ostream&
-operator <<(std::ostream& os, const CertificateStoreEntry& ncse);
-
-}//namespace NLSR
-
-#endif //NLSR_CERT_STORE_ENTRY_HPP
diff --git a/src/security/certificate-store.cpp.disable b/src/security/certificate-store.cpp.disable
deleted file mode 100644
index 6990b07..0000000
--- a/src/security/certificate-store.cpp.disable
+++ /dev/null
@@ -1,231 +0,0 @@
-#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
-#include <ndn-cpp-dev/security/key-chain.hpp>
-#include "certificate-store.hpp"
-#include "waiting-list-entry.hpp"
-#include "key-manager.hpp"
-
-
-namespace nlsr {
-static bool
-nlsrCertificateStoreEntryCompare(CertificateStoreEntry& ncse1,
- CertificateStoreEntry& ncse2)
-
-{
- int sizeDiff = ncse1.getCert()->getName().size() -
- ncse2.getCert()->getName().size();
- return (ncse2.getCert()->getName().isPrefixOf(ncse1.getCert()->getName()) &&
- (sizeDiff <= 1 && sizeDiff >= 0));
-}
-
-static bool
-nlsrCertificateStoreEntryCompareByName(CertificateStoreEntry& ncse1,
- std::string compCertName)
-
-{
- ndn::Name ccn(compCertName);
- int sizeDiff = ncse1.getCert()->getName().size() - ccn.size();
- return (ccn.isPrefixOf(ncse1.getCert()->getName()) &&
- (sizeDiff <= 1 && sizeDiff >= 0));
-}
-
-void
-CertificateStore::updateWaitingList(std::string respCertName)
-{
- ndn::Name tmpName(respCertName);
- respCertName = tmpName.getPrefix(-1).toUri();
- std::pair<WaitingListEntry, bool> chkWle =
- m_waitingList.getWaitingListEntry(respCertName);
- if (chkWle.second)
- {
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> sc =
- getCertificateFromStore(respCertName);
- std::list<std::string> waitees = (chkWle.first).getWaitingCerts();
- for (std::list<std::string>::iterator it = waitees.begin();
- it != waitees.end(); ++it)
- {
- KeyManager km;
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> wc =
- getCertificateFromStore(*(it));
- if (wc.second && sc.second)
- {
- if (km.verifySignature(*(wc.first), sc.first->getPublicKeyInfo()))
- {
- //1. Update Certificate Store
- setCertificateIsVerified(*(it), true);
- //2. Call updateWaitingList for waitee ( *(it) )
- updateWaitingList(*(it));
- }
- }
- }
- }
- //remove that entry from waiting list
- m_waitingList.remove(respCertName);
-}
-
-void
-CertificateStore::updateWaitingList(CertificateStoreEntry& ncse)
-{
- if (ncse.getIsSignerVerified())
- {
- updateWaitingList(ncse.getCert()->getName().toUri());
- }
- else
- {
- ndn::SignatureSha256WithRsa signature(ncse.getCert()->getSignature());
- m_waitingList.add(signature.getKeyLocator().getName().toUri(),
- ncse.getCert()->getName().toUri());
- }
-}
-
-bool
-CertificateStore::addCertificate(CertificateStoreEntry& ncse)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompare, _1, ncse));
- if (it == m_certTable.end())
- {
- m_certTable.push_back(ncse);
- updateWaitingList(ncse);
- return true;
- }
- else if (it != m_certTable.end())
- {
- if ((*it).getCertSeqNum() < ncse.getCertSeqNum())
- {
- m_certTable.erase(it);
- m_certTable.push_back(ncse);
- updateWaitingList(ncse);
- return true;
- }
- }
- return false;
-}
-
-bool
-CertificateStore::addCertificate(
- ndn::shared_ptr<ndn::IdentityCertificate> pcert, uint32_t csn, bool isv)
-{
- CertificateStoreEntry ncse(pcert, csn, isv);
- return addCertificate(ncse);
-}
-
-std::pair<uint32_t, bool>
-CertificateStore::getCertificateSeqNum(std::string certName)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it == m_certTable.end())
- {
- return std::make_pair(0, false);
- }
- return std::make_pair((*it).getCertSeqNum(), true);
-}
-
-
-
-void
-CertificateStore::setCertificateIsVerified(std::string certName,
- bool isVerified)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it != m_certTable.end())
- {
- it->setIsSignerVerified(true);
- }
-}
-
-bool
-CertificateStore::getCertificateIsVerified(std::string certName)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it != m_certTable.end())
- {
- return it->getIsSignerVerified();
- }
- return false;
-}
-
-std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
-CertificateStore::getCertificateFromStore(const std::string certName)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it == m_certTable.end())
- {
- ndn::shared_ptr<ndn::IdentityCertificate> cert =
- ndn::make_shared<ndn::IdentityCertificate>();
- return std::make_pair(cert, false);
- }
- return std::make_pair((*it).getCert(), true);
-}
-
-std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
-CertificateStore::getCertificateFromStore(
- const std::string certName, uint64_t checkSeqNum)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it == m_certTable.end())
- {
- ndn::shared_ptr<ndn::IdentityCertificate> cert =
- ndn::make_shared<ndn::IdentityCertificate>();
- return std::make_pair(cert, false);
- }
- else
- {
- if ((*it).getCertSeqNum() == checkSeqNum)
- {
- return std::make_pair((*it).getCert(), true);
- }
- }
- return std::make_pair((*it).getCert(), false);
-}
-
-bool
-CertificateStore::isCertificateNewInStore(const std::string certName,
- int checkSeqNo)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it != m_certTable.end())
- {
- return (*it).getCertSeqNum() < checkSeqNo ;
- }
- return true;
-}
-
-bool
-CertificateStore::removeCertificateFromStroe(const std::string certName)
-{
- std::list<CertificateStoreEntry>::iterator it =
- std::find_if(m_certTable.begin(), m_certTable.end(),
- bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
- if (it != m_certTable.end())
- {
- m_certTable.erase(it);
- return true;
- }
- return false;
-}
-
-void
-CertificateStore::print()
-{
- std::list<CertificateStoreEntry>::iterator it;
- for (it = m_certTable.begin(); it != m_certTable.end(); ++it)
- {
- std::cout << (*it) << std::endl;
- }
- std::cout << m_waitingList << std::endl;
-}
-
-} //namespace nlsr
diff --git a/src/security/certificate-store.hpp.disable b/src/security/certificate-store.hpp.disable
deleted file mode 100644
index 01495d9..0000000
--- a/src/security/certificate-store.hpp.disable
+++ /dev/null
@@ -1,63 +0,0 @@
-#ifndef NLSR_CERT_STORE_HPP
-#define NLSR_CERT_STORE_HPP
-
-#include <list>
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-#include "certificate-store-entry.hpp"
-#include "waiting-list.hpp"
-
-namespace nlsr {
-class CertificateStore
-{
-public:
- CertificateStore()
- : m_certTable()
- , m_waitingList()
- {}
-
- bool
- addCertificate(CertificateStoreEntry& ncse);
-
- bool
- addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv);
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName);
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName, uint64_t checkSeqNum);
-
- bool
- removeCertificateFromStroe(const std::string certName);
-
- bool
- isCertificateNewInStore(const std::string certName, int checkSeqNo);
-
- std::pair<uint32_t, bool>
- getCertificateSeqNum(std::string certName);
-
- void
- print();
-
- void
- setCertificateIsVerified(std::string certName, bool isVerified);
-
- bool
- getCertificateIsVerified(std::string certName);
-
-private:
- void
- updateWaitingList(CertificateStoreEntry& ncse);
-
- void
- updateWaitingList(std::string respCertName);
-
-private:
- std::list<CertificateStoreEntry> m_certTable;
- WaitingList m_waitingList;
-};
-
-} //namespace nlsr
-
-#endif // NLSR_CERT_STORE_HPP
diff --git a/src/security/key-manager.cpp.disable b/src/security/key-manager.cpp.disable
deleted file mode 100644
index 7379c1b..0000000
--- a/src/security/key-manager.cpp.disable
+++ /dev/null
@@ -1,400 +0,0 @@
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-#include <ndn-cpp-dev/encoding/block.hpp>
-#include <ndn-cpp-dev/util/io.hpp>
-#include <stdexcept>
-
-#include "sequencing-manager.hpp"
-#include "key-manager.hpp"
-#include "nlsr.hpp"
-
-
-namespace nlsr {
-bool
-KeyManager::initialize(ConfParameter& cp)
-{
- initCertSeqFromFile(cp.getSeqFileDir());
- if (!loadAllCertificates(cp.getCertDir()))
- {
- return false;
- }
- m_nlsrRootKeyPrefix = cp.getRootKeyPrefix();
- string processIdentityName(cp.getRootKeyPrefix());
- processIdentityName += "/";
- processIdentityName += cp.getSiteName();
- processIdentityName += "/";
- processIdentityName += "R.Start";
- processIdentityName += "/";
- processIdentityName += cp.getRouterName();
- ndn::Name ri(processIdentityName);
- std::cout << "Router Identity: " << ri.toUri() << std::endl;
- m_routerIdentity = ri;
- processIdentityName += "/";
- processIdentityName += "nlsr";
- cout << "Proces Identity Name: " << processIdentityName << endl;
- ndn::Name identityName(processIdentityName);
- m_processIdentity = identityName;
- ndn::KeyChain::deleteIdentity(m_processIdentity);
- m_processCertName = ndn::KeyChain::createIdentity(m_processIdentity);
- cout << "Certificate Name: " << m_processCertName.toUri() << endl;
- m_processKeyName = m_processCertName.getPrefix(-2);
- cout << "Key Name: " << m_processKeyName.toUri() << endl;
- ndn::shared_ptr<ndn::IdentityCertificate> cert =
- getCertificate(m_processCertName);
- signByIdentity(*(cert), m_routerIdentity);
- m_certStore.addCertificate(cert, m_certSeqNo, true);
- m_certStore.print();
- return true;
-}
-
-bool
-KeyManager::loadAllCertificates(std::string certDirPath)
-{
- std::string filePath = certDirPath;
- if (filePath.empty())
- {
- SequencingManager sm;
- filePath = sm.getUserHomeDirectory();
- filePath += "/nlsrCertDir";
- }
- return loadCertificate(filePath + "/root.cert", KEY_TYPE_ROOT)
- && loadCertificate(filePath + "/site.cert", KEY_TYPE_SITE)
- && loadCertificate(filePath + "/operator.cert", KEY_TYPE_OPERATOR)
- && loadCertificate(filePath + "/router.cert", KEY_TYPE_ROUTER) ;
-}
-
-bool
-KeyManager::loadCertificate(std::string inputFile, nlsrKeyType keyType)
-{
- try
- {
- ndn::shared_ptr<ndn::IdentityCertificate> cert =
- ndn::io::load<ndn::IdentityCertificate>(inputFile, ndn::io::BASE_64);
- ndn::Name certName = cert->getName();
- switch (keyType)
- {
- case KEY_TYPE_ROOT:
- m_certStore.addCertificate(cert, 10, true);
- m_rootCertName = certName;
- std::cout << "Root Cert: " << m_rootCertName << std::endl;
- break;
- case KEY_TYPE_SITE:
- m_certStore.addCertificate(cert, 10, true);
- m_siteCertName = certName;
- std::cout << "Site Cert: " << m_siteCertName << std::endl;
- break;
- case KEY_TYPE_OPERATOR:
- m_certStore.addCertificate(cert, 10, true);
- m_opCertName = certName;
- std::cout << "Operator Cert: " << m_opCertName << std::endl;
- break;
- case KEY_TYPE_ROUTER:
- m_certStore.addCertificate(cert, m_certSeqNo, true);
- m_routerCertName = certName;
- std::cout << "Router Cert: " << m_routerCertName << std::endl;
- break;
- case KEY_TYPE_PROCESS:
- m_certStore.addCertificate(cert, m_certSeqNo, true);
- m_processCertName = certName;
- std::cout << "Process Cert: " << m_processCertName << std::endl;
- break;
- default:
- break;
- }
- return true;
- }
- catch (std::exception& e)
- {
- return false;
- }
- return false;
-}
-
-ndn::Name
-KeyManager::getProcessCertName()
-{
- return m_processCertName;
-}
-
-ndn::Name
-KeyManager::getRouterCertName()
-{
- return m_routerCertName;
-}
-
-ndn::Name
-KeyManager::getOperatorCertName()
-{
- return m_opCertName;
-}
-
-ndn::Name
-KeyManager::getSiteCertName()
-{
- return m_siteCertName;
-}
-
-ndn::Name
-KeyManager::getRootCertName()
-{
- return m_rootCertName;
-}
-
-uint32_t
-KeyManager::getCertSeqNo()
-{
- return m_certSeqNo;
-}
-
-void
-KeyManager::setCerSeqNo(uint32_t csn)
-{
- m_certSeqNo = csn;
-}
-
-void
-KeyManager::initCertSeqFromFile(string certSeqFileDir)
-{
- m_certSeqFileNameWithPath = certSeqFileDir;
- if (m_certSeqFileNameWithPath.empty())
- {
- SequencingManager sm;
- m_certSeqFileNameWithPath = sm.getUserHomeDirectory();
- }
- m_certSeqFileNameWithPath += "/nlsrCertSeqNo.txt";
- cout << "Key Seq File Name: " << m_certSeqFileNameWithPath << endl;
- std::ifstream inputFile(m_certSeqFileNameWithPath.c_str(), ios::binary);
- if (inputFile.good())
- {
- inputFile >> m_certSeqNo;
- m_certSeqNo++;
- }
- else
- {
- m_certSeqNo = 1;
- }
- writeCertSeqToFile();
-}
-
-void
-KeyManager::writeCertSeqToFile()
-{
- std::ofstream outputFile(m_certSeqFileNameWithPath.c_str(), ios::binary);
- outputFile << m_certSeqNo;
- outputFile.close();
-}
-
-bool
-KeyManager::isNewCertificate(std::string certName, int checkSeqNum)
-{
- return m_certStore.isCertificateNewInStore(certName, checkSeqNum);
-}
-
-std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
-KeyManager::getCertificateFromStore(const std::string certName, int checkSeqNum)
-{
- return m_certStore.getCertificateFromStore(certName, checkSeqNum);
-}
-
-std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
-KeyManager::getCertificateFromStore(const std::string certName)
-{
- return m_certStore.getCertificateFromStore(certName);
-}
-
-bool
-KeyManager::addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert
- , uint32_t csn, bool isv)
-{
- return m_certStore.addCertificate(pcert, csn, isv);
-}
-
-std::pair<uint32_t, bool>
-KeyManager::getCertificateSeqNum(std::string certName)
-{
- return m_certStore.getCertificateSeqNum(certName);
-}
-
-nlsrKeyType
-KeyManager::getKeyTypeFromName(const std::string keyName)
-{
- Tokenizer nt(keyName, "/");
- std::string KEY("KEY");
- std::string opHandle("O.Start");
- std::string routerHandle("R.Start");
- std::string processHandle("nlsr");
- if (nt.getTokenString(0, nt.getTokenPosition(KEY) - 1) == m_nlsrRootKeyPrefix)
- {
- return KEY_TYPE_ROOT;
- }
- else if (nt.doesTokenExist(opHandle))
- {
- return KEY_TYPE_OPERATOR;
- }
- else if (nt.doesTokenExist(routerHandle) &&
- nt.doesTokenExist(processHandle))
- {
- return KEY_TYPE_PROCESS;
- }
- else if (nt.doesTokenExist(routerHandle) &&
- !nt.doesTokenExist(processHandle))
- {
- return KEY_TYPE_ROUTER;
- }
- else
- {
- return KEY_TYPE_SITE;
- }
-}
-
-std::string
-KeyManager::getRouterName(const std::string name)
-{
- std::string routerName;
- std::string rkp(m_nlsrRootKeyPrefix);
- Tokenizer ntRkp(rkp, "/");
- Tokenizer nt(name, "/");
- std::string KEY("KEY");
- std::string opHandle("O.Start");
- std::string routerHandle("R.Start");
- std::string processHandle("nlsr");
- std::string infoHandle("info");
- std::string lsaHandle("LSA");
- if (nt.doesTokenExist(processHandle) && nt.doesTokenExist(routerHandle))
- {
- routerName = "/ndn" +
- nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(routerHandle) - 1) +
- nt.getTokenString(nt.getTokenPosition(routerHandle) + 1,
- nt.getTokenPosition(processHandle) - 1);
- }
- else if (nt.doesTokenExist(routerHandle) && !nt.doesTokenExist(infoHandle)
- && !nt.doesTokenExist(lsaHandle))
- {
- routerName = "/ndn" +
- nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(routerHandle) - 1) +
- nt.getTokenString(nt.getTokenPosition(routerHandle) + 1,
- nt.getTokenPosition(KEY) - 1);
- }
- else
- {
- if (nt.doesTokenExist(infoHandle))
- {
- routerName = nt.getTokenString(0, nt.getTokenPosition(infoHandle) - 1);
- }
- else
- {
- routerName = nt.getTokenString(nt.getTokenPosition(lsaHandle) + 1,
- nt.getTokenNumber() - 4);
- }
- }
- return routerName;
-}
-
-std::string
-KeyManager::getSiteName(const std::string name)
-{
- std::string siteName;
- std::string routerName;
- std::string rkp(m_nlsrRootKeyPrefix);
- Tokenizer ntRkp(rkp, "/");
- Tokenizer nt(name, "/");
- std::string KEY("KEY");
- std::string opHandle("O.Start");
- std::string routerHandle("R.Start");
- if (nt.doesTokenExist(routerHandle))
- {
- siteName = "/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(routerHandle) - 1);
- }
- else if (nt.doesTokenExist(opHandle))
- {
- siteName = "/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(opHandle) - 1);
- }
- else
- {
- siteName = "/ndn" + nt.getTokenString(ntRkp.getTokenNumber(),
- nt.getTokenPosition(KEY) - 1);
- }
- return siteName;
-}
-
-std::string
-KeyManager::getRootName(const std::string name)
-{
- std::string rName;
- Tokenizer nt(name, "/");
- std::string rkp(m_nlsrRootKeyPrefix);
- Tokenizer ntRkp(rkp, "/");
- rName = nt.getTokenString(0, ntRkp.getTokenNumber() - 1);
- return rName;
-}
-
-
-bool
-KeyManager::verifyCertPacket(Nlsr& pnlsr, ndn::IdentityCertificate& packet)
-{
- std::cout << "KeyManager::verifyCertPacket Called" << std::endl;
- ndn::SignatureSha256WithRsa signature(packet.getSignature());
- std::string signingCertName = signature.getKeyLocator().getName().toUri();
- std::string packetName = packet.getName().toUri();
- std::cout << "Packet Name: " << packetName << std::endl;
- std::cout << "Signee Name: " << signingCertName << std::endl;
- int paketCertType = getKeyTypeFromName(packetName);
- int signingCertType = getKeyTypeFromName(signingCertName);
- if (signingCertType > paketCertType) //lower level Cert can not sign
- {
- //upper level Cert
- return false;
- }
- if ((signingCertType == paketCertType) && (paketCertType != KEY_TYPE_ROOT))
- {
- return false;
- }
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> signee =
- m_certStore.getCertificateFromStore(signingCertName);
- if (signee.second)
- {
- switch (paketCertType)
- {
- case KEY_TYPE_ROOT:
- return ((getRootName(packetName) == m_nlsrRootKeyPrefix) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()));
- break;
- case KEY_TYPE_SITE:
- return ((getRootName(packetName) == getRootName(signingCertName)) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- case KEY_TYPE_OPERATOR:
- return ((getSiteName(packetName) == getSiteName(signingCertName)) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- case KEY_TYPE_ROUTER:
- return ((getSiteName(packetName) == getSiteName(signingCertName)) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- case KEY_TYPE_PROCESS:
- return ((getRouterName(packetName) == getRouterName(signingCertName)) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- break;
- }
- }
- else
- {
- std::cout << "Certificate Not Found in store. Sending Interest" << std::endl;
- pnlsr.getIm().expressInterest(signingCertName, 3,
- pnlsr.getConfParameter().getInterestResendTime());
- return false;
- }
- return false;
-}
-
-}//namespace nlsr
-
-
-
diff --git a/src/security/key-manager.hpp.disable b/src/security/key-manager.hpp.disable
deleted file mode 100644
index c343108..0000000
--- a/src/security/key-manager.hpp.disable
+++ /dev/null
@@ -1,273 +0,0 @@
-#ifndef NLSR_KM_HPP
-#define NLSR_KM_HPP
-
-#include <ndn-cpp-dev/face.hpp>
-#include <ndn-cpp-dev/data.hpp>
-#include <ndn-cpp-dev/security/key-chain.hpp>
-#include <ndn-cpp-dev/security/validator.hpp>
-#include <ndn-cpp-dev/util/random.hpp>
-#include <ndn-cpp-dev/security/identity-certificate.hpp>
-#include <list>
-#include "conf-parameter.hpp"
-#include "certificate-store.hpp"
-#include "utility/tokenizer.hpp"
-
-namespace nlsr {
-class Nlsr;
-enum nlsrKeyType
-{
- KEY_TYPE_ROOT,
- KEY_TYPE_SITE,
- KEY_TYPE_OPERATOR,
- KEY_TYPE_ROUTER,
- KEY_TYPE_PROCESS,
- KEY_TYPE_UNKNOWN
-};
-
-enum nlsrContentType
-{
- CONTENT_TYPE_DATA,
- CONTENT_TYPE_CERT
-};
-
-class KeyManager: public ndn::KeyChain, public ndn::Validator
-{
- typedef SecPublicInfo::Error InfoError;
- typedef SecTpm::Error TpmError;
-public:
- using ndn::KeyChain::addCertificate;
- KeyManager()
- : m_certSeqNo(1)
- , m_nlsrRootKeyPrefix()
- , m_certStore()
- {
- }
-
- bool
- initialize(ConfParameter& cp);
-
-
-
- void
- checkPolicy(const ndn::Data& data,
- int stepCount,
- const ndn::OnDataValidated& onValidated,
- const ndn::OnDataValidationFailed& onValidationFailed,
- std::vector<ndn::shared_ptr<ndn::ValidationRequest> >& nextSteps)
- {}
-
- void
- checkPolicy(const ndn::Interest& interest,
- int stepCount,
- const ndn::OnInterestValidated& onValidated,
- const ndn::OnInterestValidationFailed& onValidationFailed,
- std::vector<ndn::shared_ptr<ndn::ValidationRequest> >& nextSteps)
- {}
-
- void
- signData(ndn::Data& data)
- {
- ndn::KeyChain::signByIdentity(data, m_processIdentity);
- }
-
- template<typename T> void
- signByIdentity(T& packet, ndn::Name signeeIdentity)
- {
- ndn::KeyChain::signByIdentity(packet, signeeIdentity);
- }
-
- ndn::Name
- createIdentity(const ndn::Name identityName)
- {
- return ndn::KeyChain::createIdentity(identityName);
- }
-
- ndn::Name
- createIdentity(const ndn::Name identityName, const ndn::Name signee)
- {
- ndn::KeyChain::addIdentity(identityName);
- ndn::Name keyName;
- try
- {
- keyName = ndn::KeyChain::getDefaultKeyNameForIdentity(identityName);
- }
- catch (InfoError& e)
- {
- keyName = ndn::KeyChain::generateRSAKeyPairAsDefault(identityName, true);
- }
- ndn::shared_ptr<ndn::PublicKey> pubKey;
- try
- {
- pubKey = ndn::KeyChain::getPublicKey(keyName);
- }
- catch (InfoError& e)
- {
- return identityName;
- }
- ndn::Name certName;
- try
- {
- certName = ndn::KeyChain::getDefaultCertificateNameForKey(keyName);
- }
- catch (InfoError& e)
- {
- ndn::shared_ptr<ndn::IdentityCertificate> certificate =
- ndn::make_shared<ndn::IdentityCertificate>();
- ndn::Name certificateName = keyName.getPrefix(-1);
- certificateName.append("KEY").append(
- keyName.get(-1)).append("ID-CERT").appendVersion();
- certificate->setName(certificateName);
- certificate->setNotBefore(ndn::time::system_clock::now());
- certificate->setNotAfter(ndn::time::system_clock::now() + ndn::time::days(
- 7300) /* 1 year*/);
- certificate->setPublicKeyInfo(*pubKey);
- certificate->addSubjectDescription(
- ndn::CertificateSubjectDescription("2.5.4.41",
- keyName.toUri()));
- certificate->encode();
- try
- {
- ndn::KeyChain::signByIdentity(*certificate, signee);
- }
- catch (InfoError& e)
- {
- try
- {
- ndn::KeyChain::deleteIdentity(identityName);
- }
- catch (InfoError& e)
- {
- }
- return identityName;
- }
- certName = certificate->getName();
- }
- return certName;
- }
-
- void
- printCertStore()
- {
- m_certStore.print();
- }
-
-private:
- bool
- verifyDataPacket(ndn::Data packet)
- {
- std::cout << "KeyManager::verifyDataPacket Called" << std::endl;
- ndn::SignatureSha256WithRsa signature(packet.getSignature());
- std::string signingCertName = signature.getKeyLocator().getName().toUri();
- std::string packetName = packet.getName().toUri();
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> signee =
- m_certStore.getCertificateFromStore(signingCertName);
- if (signee.second)
- {
- std::string routerNameFromPacketName = getRouterName(packetName);
- std::string routerNameFromCertName = getRouterName(signingCertName);
- return ((routerNameFromPacketName == routerNameFromCertName) &&
- verifySignature(packet, signee.first->getPublicKeyInfo()) &&
- m_certStore.getCertificateIsVerified(signingCertName));
- }
- return false;
- }
-
- bool
- verifyCertPacket(Nlsr& pnlsr, ndn::IdentityCertificate& packet);
-
-public:
- template<typename T> bool
- verify(T& packet)
- {
- std::cout << "KeyManager::verify Called" << std::endl;
- return verifyDataPacket(packet);
- return false;
- }
-
- bool
- verify(Nlsr& pnlsr, ndn::IdentityCertificate& packet)
- {
- return verifyCertPacket(pnlsr, packet);
- }
-
- ndn::Name
- getProcessCertName();
-
- ndn::Name
- getRouterCertName();
-
- ndn::Name
- getOperatorCertName();
-
- ndn::Name
- getSiteCertName();
-
- ndn::Name
- getRootCertName();
-
- uint32_t
- getCertSeqNo();
-
- std::pair<uint32_t, bool>
- getCertificateSeqNum(std::string certName);
-
- void
- setCerSeqNo(uint32_t csn);
-
- void
- initCertSeqFromFile(std::string certSeqFileDir);
-
- void
- writeCertSeqToFile();
-
- bool
- isNewCertificate(std::string certName, int checkSeqNum);
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName, int checkSeqNum);
-
- std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
- getCertificateFromStore(const std::string certName);
-
- bool
- addCertificate(ndn::shared_ptr<ndn::IdentityCertificate> pcert,
- uint32_t csn, bool isv);
-
-
-private:
- bool
- loadAllCertificates(std::string certDirPath);
-
- bool
- loadCertificate(std::string inputFile, nlsrKeyType keyType);
-
- nlsrKeyType
- getKeyTypeFromName(const std::string keyName);
-
- std::string
- getRouterName(const std::string name);
-
- std::string
- getSiteName(const std::string name);
-
- std::string
- getRootName(const std::string name);
-
-private:
- ndn::Name m_processIdentity;
- ndn::Name m_routerIdentity;
- ndn::Name m_processCertName;
- ndn::Name m_routerCertName;
- ndn::Name m_opCertName;
- ndn::Name m_siteCertName;
- ndn::Name m_rootCertName;
- ndn::Name m_processKeyName;
- uint32_t m_certSeqNo;
- std::string m_certSeqFileNameWithPath;
- std::string m_nlsrRootKeyPrefix;
- CertificateStore m_certStore;
-
-};
-}//namespace nlsr
-
-#endif //NLSR_KM_HPP
diff --git a/src/security/waiting-list-entry.cpp.disable b/src/security/waiting-list-entry.cpp.disable
deleted file mode 100644
index 6b83904..0000000
--- a/src/security/waiting-list-entry.cpp.disable
+++ /dev/null
@@ -1,40 +0,0 @@
-#include <iostream>
-#include <list>
-#include <ndn-cpp-dev/face.hpp>
-#include "waiting-list-entry.hpp"
-
-namespace nlsr {
-static bool
-waiteeCompare(std::string& w1, std::string& w2)
-{
- return w1 == w2 ;
-}
-
-bool
-WaitingListEntry::addWaitee(std::string waiteeName)
-{
- std::list<std::string>::iterator it = std::find_if(m_waitingCerts.begin(),
- m_waitingCerts.end(), ndn::bind(&waiteeCompare, _1, waiteeName));
- if (it == m_waitingCerts.end())
- {
- m_waitingCerts.push_back(waiteeName);
- return true;
- }
- return false;
-}
-
-std::ostream&
-operator<<(std::ostream& os, const WaitingListEntry& we)
-{
- os << "-------------Wiating List Entry-------------" << std::endl;
- os << "Responsible Certificate: " << we.getResponsibleCert() << std::endl;
- std::list<std::string> waitee = we.getWaitingCerts();
- int i = 1;
- for (std::list<std::string>::iterator it = waitee.begin();
- it != waitee.end(); ++i, ++it)
- {
- os << "Waite " << i << ": " << *(it) << std::endl;
- }
- return os;
-}
-}//namespace nlsr
diff --git a/src/security/waiting-list-entry.hpp.disable b/src/security/waiting-list-entry.hpp.disable
deleted file mode 100644
index 66b0a95..0000000
--- a/src/security/waiting-list-entry.hpp.disable
+++ /dev/null
@@ -1,51 +0,0 @@
-#ifndef NLSR_WLE_HPP
-#define NLSR_WLE_HPP
-
-#include <list>
-#include <iostream>
-
-namespace nlsr {
-class WaitingListEntry
-{
-public:
- WaitingListEntry()
- : m_responsibleCert()
- , m_waitingCerts()
- {}
-
- WaitingListEntry(std::string resCert)
- : m_responsibleCert(resCert)
- , m_waitingCerts()
- {}
-
- std::string
- getResponsibleCert() const
- {
- return m_responsibleCert;
- }
-
- void
- setResponsibleCert(std::string resCert)
- {
- m_responsibleCert = resCert;
- }
-
- std::list<std::string>
- getWaitingCerts() const
- {
- return m_waitingCerts;
- }
-
- bool
- addWaitee(std::string waiteeName);
-
-private:
- std::string m_responsibleCert;
- std::list<std::string> m_waitingCerts;
-};
-
-std::ostream&
-operator<<(std::ostream& os, const WaitingListEntry& we);
-} //end name space
-
-#endif //NLSR_WLE_HPP
diff --git a/src/security/waiting-list.cpp.disable b/src/security/waiting-list.cpp.disable
deleted file mode 100644
index 39a7192..0000000
--- a/src/security/waiting-list.cpp.disable
+++ /dev/null
@@ -1,72 +0,0 @@
-#include <ndn-cpp-dev/face.hpp>
-#include "waiting-list.hpp"
-
-namespace nlsr {
-static bool
-waitingListCompare(const WaitingListEntry& w1, const std::string& respCert)
-{
- return w1.getResponsibleCert() == respCert;
-}
-
-std::pair<WaitingListEntry, bool>
-WaitingList::getWaitingListEntry(std::string respCert)
-{
- std::list<WaitingListEntry>::iterator it = std::find_if(m_waitingTable.begin(),
- m_waitingTable.end(), ndn::bind(&waitingListCompare, _1, respCert));
- if (it != m_waitingTable.end())
- {
- return std::make_pair(*(it), true);
- }
- WaitingListEntry wle;
- return std::make_pair(wle, false);
-}
-
-bool
-WaitingList::add(std::string respCert, std::string waitee)
-{
- std::list<WaitingListEntry>::iterator it = std::find_if(m_waitingTable.begin(),
- m_waitingTable.end(), ndn::bind(&waitingListCompare, _1, respCert));
- if (it == m_waitingTable.end())
- {
- WaitingListEntry newWle(respCert);
- newWle.addWaitee(waitee);
- m_waitingTable.push_back(newWle);
- return true;
- }
- else
- {
- return it->addWaitee(waitee);
- }
- return false;
-}
-
-bool
-WaitingList::remove(std::string respCert)
-{
- std::list<WaitingListEntry>::iterator it = std::find_if(m_waitingTable.begin(),
- m_waitingTable.end(), ndn::bind(&waitingListCompare, _1, respCert));
- if (it == m_waitingTable.end())
- {
- return false;
- }
- else
- {
- m_waitingTable.erase(it);
- return true;
- }
- return false;
-}
-
-std::ostream&
-operator<<(std::ostream& os, WaitingList wl)
-{
- os << "-------Waiting List--------" << std::endl;
- std::list<WaitingListEntry> wles = wl.getWaitingTable();
- for (std::list<WaitingListEntry> ::iterator it = wles.begin();
- it != wles.end(); ++it)
- {
- os << *(it) << std::endl;
- }
- return os;
-}
-}//namespace nlsr
diff --git a/src/security/waiting-list.hpp.disable b/src/security/waiting-list.hpp.disable
deleted file mode 100644
index d7e89ce..0000000
--- a/src/security/waiting-list.hpp.disable
+++ /dev/null
@@ -1,38 +0,0 @@
-#ifndef NLSR_WL_HPP
-#define NLSR_WL_HPP
-
-#include "waiting-list-entry.hpp"
-
-namespace nlsr {
-class WaitingList
-{
-public:
- WaitingList()
- : m_waitingTable()
- {}
-
- std::list<WaitingListEntry>&
- getWaitingTable()
- {
- return m_waitingTable;
- }
-
- bool
- add(std::string respCert, std::string waitee);
-
- std::pair<WaitingListEntry, bool>
- getWaitingListEntry(std::string respCert);
-
- bool
- remove(std::string respCert);
-
-private:
- std::list<WaitingListEntry> m_waitingTable;
-};
-
-std::ostream&
-operator<<(std::ostream& os, WaitingList wl);
-
-}//namespace nlsr
-
-#endif //NLSR_WL_HPP