Gitiles
Code Review Sign In
gerrit.named-data.net / NLSR / b6450b17197e494973808a506888b002a1b713bd / . / src / security / certificate-store.cpp
blob: 6990b075d2edeac44ed37ecb78b4871dd34913b0 [file] [log] [blame]
#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
#include <ndn-cpp-dev/security/key-chain.hpp>
#include "certificate-store.hpp"
#include "waiting-list-entry.hpp"
#include "key-manager.hpp"
namespace nlsr {
static bool
nlsrCertificateStoreEntryCompare(CertificateStoreEntry& ncse1,
CertificateStoreEntry& ncse2)
{
int sizeDiff = ncse1.getCert()->getName().size() -
ncse2.getCert()->getName().size();
return (ncse2.getCert()->getName().isPrefixOf(ncse1.getCert()->getName()) &&
(sizeDiff <= 1 && sizeDiff >= 0));
}
static bool
nlsrCertificateStoreEntryCompareByName(CertificateStoreEntry& ncse1,
std::string compCertName)
{
ndn::Name ccn(compCertName);
int sizeDiff = ncse1.getCert()->getName().size() - ccn.size();
return (ccn.isPrefixOf(ncse1.getCert()->getName()) &&
(sizeDiff <= 1 && sizeDiff >= 0));
}
void
CertificateStore::updateWaitingList(std::string respCertName)
{
ndn::Name tmpName(respCertName);
respCertName = tmpName.getPrefix(-1).toUri();
std::pair<WaitingListEntry, bool> chkWle =
m_waitingList.getWaitingListEntry(respCertName);
if (chkWle.second)
{
std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> sc =
getCertificateFromStore(respCertName);
std::list<std::string> waitees = (chkWle.first).getWaitingCerts();
for (std::list<std::string>::iterator it = waitees.begin();
it != waitees.end(); ++it)
{
KeyManager km;
std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> wc =
getCertificateFromStore(*(it));
if (wc.second && sc.second)
{
if (km.verifySignature(*(wc.first), sc.first->getPublicKeyInfo()))
{
//1. Update Certificate Store
setCertificateIsVerified(*(it), true);
//2. Call updateWaitingList for waitee ( *(it) )
updateWaitingList(*(it));
}
}
}
}
//remove that entry from waiting list
m_waitingList.remove(respCertName);
}
void
CertificateStore::updateWaitingList(CertificateStoreEntry& ncse)
{
if (ncse.getIsSignerVerified())
{
updateWaitingList(ncse.getCert()->getName().toUri());
}
else
{
ndn::SignatureSha256WithRsa signature(ncse.getCert()->getSignature());
m_waitingList.add(signature.getKeyLocator().getName().toUri(),
ncse.getCert()->getName().toUri());
}
}
bool
CertificateStore::addCertificate(CertificateStoreEntry& ncse)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompare, _1, ncse));
if (it == m_certTable.end())
{
m_certTable.push_back(ncse);
updateWaitingList(ncse);
return true;
}
else if (it != m_certTable.end())
{
if ((*it).getCertSeqNum() < ncse.getCertSeqNum())
{
m_certTable.erase(it);
m_certTable.push_back(ncse);
updateWaitingList(ncse);
return true;
}
}
return false;
}
bool
CertificateStore::addCertificate(
ndn::shared_ptr<ndn::IdentityCertificate> pcert, uint32_t csn, bool isv)
{
CertificateStoreEntry ncse(pcert, csn, isv);
return addCertificate(ncse);
}
std::pair<uint32_t, bool>
CertificateStore::getCertificateSeqNum(std::string certName)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it == m_certTable.end())
{
return std::make_pair(0, false);
}
return std::make_pair((*it).getCertSeqNum(), true);
}
void
CertificateStore::setCertificateIsVerified(std::string certName,
bool isVerified)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it != m_certTable.end())
{
it->setIsSignerVerified(true);
}
}
bool
CertificateStore::getCertificateIsVerified(std::string certName)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it != m_certTable.end())
{
return it->getIsSignerVerified();
}
return false;
}
std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
CertificateStore::getCertificateFromStore(const std::string certName)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it == m_certTable.end())
{
ndn::shared_ptr<ndn::IdentityCertificate> cert =
ndn::make_shared<ndn::IdentityCertificate>();
return std::make_pair(cert, false);
}
return std::make_pair((*it).getCert(), true);
}
std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
CertificateStore::getCertificateFromStore(
const std::string certName, uint64_t checkSeqNum)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it == m_certTable.end())
{
ndn::shared_ptr<ndn::IdentityCertificate> cert =
ndn::make_shared<ndn::IdentityCertificate>();
return std::make_pair(cert, false);
}
else
{
if ((*it).getCertSeqNum() == checkSeqNum)
{
return std::make_pair((*it).getCert(), true);
}
}
return std::make_pair((*it).getCert(), false);
}
bool
CertificateStore::isCertificateNewInStore(const std::string certName,
int checkSeqNo)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it != m_certTable.end())
{
return (*it).getCertSeqNum() < checkSeqNo ;
}
return true;
}
bool
CertificateStore::removeCertificateFromStroe(const std::string certName)
{
std::list<CertificateStoreEntry>::iterator it =
std::find_if(m_certTable.begin(), m_certTable.end(),
bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
if (it != m_certTable.end())
{
m_certTable.erase(it);
return true;
}
return false;
}
void
CertificateStore::print()
{
std::list<CertificateStoreEntry>::iterator it;
for (it = m_certTable.begin(); it != m_certTable.end(); ++it)
{
std::cout << (*it) << std::endl;
}
std::cout << m_waitingList << std::endl;
}
} //namespace nlsr