Strict Hierarchical Check of Trust Chain
diff --git a/nlsr.c b/nlsr.c
index c63aa9e..ad30f67 100644
--- a/nlsr.c
+++ b/nlsr.c
@@ -1313,6 +1313,8 @@
nlsr->detailed_logging=0;
nlsr->debugging=0;
+ nlsr->isStrictHierchicalKeyCheck=1;
+
nlsr->interest_retry = INTEREST_RETRY;
nlsr->interest_resend_time = INTEREST_RESEND_TIME;
nlsr->lsa_refresh_time=LSA_REFRESH_TIME;
diff --git a/nlsr.h b/nlsr.h
index cb7a1c3..7ecb9d0 100644
--- a/nlsr.h
+++ b/nlsr.h
@@ -107,6 +107,8 @@
double cor_r;
double cor_theta;
+ int isStrictHierchicalKeyCheck;
+
int tunnel_type;
diff --git a/nlsr_km.c b/nlsr_km.c
index a650ffe..81c4a80 100644
--- a/nlsr_km.c
+++ b/nlsr_km.c
@@ -175,13 +175,191 @@
}
*/
+char *
+get_orig_router_from_lsa_name(struct ccn_charbuf * content_name)
+{
+ int start=0;
+
+ size_t comp_size;
+ const unsigned char *second_last_comp;
+ char *second_comp_type;
+ char *sep=".";
+ char *rem;
+
+ struct ccn_indexbuf *components=ccn_indexbuf_create();
+ struct ccn_charbuf *name=ccn_charbuf_create();
+ ccn_name_from_uri(name,"/ndn/routing/nlsr/LSA");
+ ccn_name_split (name, components);
+ start=components->n-2;
+ ccn_charbuf_destroy(&name);
+ ccn_indexbuf_destroy(&components);
+
+ struct ccn_indexbuf *comps=ccn_indexbuf_create();
+ ccn_name_split (content_name, comps);
+ ccn_name_comp_get( content_name->buf, comps,
+ comps->n-1-2, &second_last_comp, &comp_size);
+
+ second_comp_type=strtok_r((char *)second_last_comp, sep, &rem);
+ if ( strcmp( second_comp_type, "lsId" ) == 0 ){
+ ccn_name_chop(content_name,comps,-3);
+ }
+ else{
+ ccn_name_chop(content_name,comps,-2);
+ }
+
+
+ struct ccn_charbuf *temp=ccn_charbuf_create();
+ ccn_name_init(temp);
+ ccn_name_append_components( temp, content_name->buf,
+ comps->buf[start+1],
+ comps->buf[comps->n - 1]);
+
+ struct ccn_charbuf *temp1=ccn_charbuf_create();
+ ccn_uri_append(temp1, temp->buf, temp->length, 0);
+
+ char *orig_router=(char *)calloc(strlen(ccn_charbuf_as_string(temp1))+1,
+ sizeof(char));
+ memcpy(orig_router,ccn_charbuf_as_string(temp1),
+ strlen(ccn_charbuf_as_string(temp1)));
+ orig_router[strlen(orig_router)]='\0';
+
+ ccn_charbuf_destroy(&temp);
+ ccn_charbuf_destroy(&temp1);
+ ccn_indexbuf_destroy(&comps);
+ return orig_router;
+
+
+}
+
+
+
+int
+check_key_name_hierarchy(const unsigned char *ccnb,
+ struct ccn_parsed_ContentObject *pco,
+ int key_type){
+ printf("check_key_name_hierarchy called\n");
+ if (key_type == UNKNOWN_KEY ){
+ return 1;
+ }
+ int res;
+ struct ccn_charbuf *key_name=get_key_name(ccnb, pco);
+
+ struct ccn_charbuf *key_uri = ccn_charbuf_create();
+ ccn_uri_append(key_uri, key_name->buf, key_name->length, 0);
+ printf("Key Name: %s\n",ccn_charbuf_as_string(key_uri));
+ ccn_charbuf_destroy(&key_uri);
+
+ struct ccn_charbuf *content_name=ccn_charbuf_create();
+ res=ccn_charbuf_append(content_name, ccnb + pco->offset[CCN_PCO_B_Name],
+ pco->offset[CCN_PCO_E_Name] - pco->offset[CCN_PCO_B_Name]);
+
+ struct ccn_charbuf *content_uri = ccn_charbuf_create();
+ ccn_uri_append(content_uri, content_name->buf, content_name->length, 0);
+ printf("Content Name: %s\n",ccn_charbuf_as_string(content_uri));
+ ccn_charbuf_destroy(&content_uri);
+
+ if ( key_type == NLSR_KEY){
+ char *orig_router_key_name=get_orig_router_from_key_name(key_name,0,0);
+ char *orig_router_content_name=get_orig_router_from_lsa_name(content_name);
+ printf("Orig Router (Key Name):%s\n",orig_router_key_name);
+ printf("Orig Router (Content Name):%s\n",orig_router_content_name);
+
+ if (strcmp(orig_router_key_name,orig_router_content_name) == 0 ){
+ free(orig_router_key_name);
+ free(orig_router_content_name);
+ ccn_charbuf_destroy(&key_name);
+ ccn_charbuf_destroy(&content_name);
+ return 1;
+ }
+ }
+
+ if ( key_type == ROUTING_KEY){
+ char *orig_router_key_name=get_orig_router_from_key_name(key_name,1,0);
+ char *orig_router_content_name=get_orig_router_from_key_name(content_name,1,1);
+ printf("Orig Router (Key Name):%s\n",orig_router_key_name);
+ printf("Orig Router (Content Name):%s\n",orig_router_content_name);
+
+ if (strcmp(orig_router_key_name,orig_router_content_name) == 0 ){
+ free(orig_router_key_name);
+ free(orig_router_content_name);
+ ccn_charbuf_destroy(&key_name);
+ ccn_charbuf_destroy(&content_name);
+ return 1;
+ }
+ }
+ if ( key_type == OPERATOR_KEY){
+ struct ccn_indexbuf *key_name_comps;
+ key_name_comps = ccn_indexbuf_create();
+ res = ccn_name_split(key_name, key_name_comps);
+ int last_indx=check_for_tag_component_in_name(key_name,key_name_comps,"O.N.Start");
+ char *site_key_prefix_key=get_name_segments_from_name(key_name,0,last_indx);
+ printf("Site key prefix(key Name):%s\n",site_key_prefix_key);
+ ccn_indexbuf_destroy(&key_name_comps);
+
+ struct ccn_indexbuf *content_name_comps;
+ content_name_comps = ccn_indexbuf_create();
+ res = ccn_name_split(content_name, content_name_comps);
+ int last_indx_rtr=check_for_tag_component_in_name(content_name,content_name_comps,"R.N.Start");
+ char *site_key_prefix_content=get_name_segments_from_name(key_name,0,last_indx_rtr);
+ printf("Site key prefix(Content Name):%s\n",site_key_prefix_content);
+ ccn_indexbuf_destroy(&content_name_comps);
+
+ if( strcmp(site_key_prefix_key,site_key_prefix_content) == 0 ){
+ free(site_key_prefix_key);
+ free(site_key_prefix_content);
+ ccn_charbuf_destroy(&key_name);
+ ccn_charbuf_destroy(&content_name);
+ return 1;
+ }
+
+ }
+
+ if ( key_type == SITE_KEY){
+ struct ccn_indexbuf *key_name_comps;
+ key_name_comps = ccn_indexbuf_create();
+ res = ccn_name_split(key_name, key_name_comps);
+ int last_indx=check_for_tag_component_in_name(key_name,key_name_comps,"M.K");
+ char *site_key_prefix_key=get_name_segments_from_name(key_name,0,last_indx);
+ printf("Site key prefix(key Name):%s\n",site_key_prefix_key);
+ ccn_indexbuf_destroy(&key_name_comps);
+
+ struct ccn_indexbuf *content_name_comps;
+ content_name_comps = ccn_indexbuf_create();
+ res = ccn_name_split(content_name, content_name_comps);
+ int last_indx_rtr=check_for_tag_component_in_name(content_name,content_name_comps,"O.N.Start");
+ char *site_key_prefix_content=get_name_segments_from_name(key_name,0,last_indx_rtr);
+ printf("Site key prefix(Content Name):%s\n",site_key_prefix_content);
+ ccn_indexbuf_destroy(&content_name_comps);
+
+ if( strcmp(site_key_prefix_key,site_key_prefix_content) == 0 ){
+ free(site_key_prefix_key);
+ free(site_key_prefix_content);
+ ccn_charbuf_destroy(&key_name);
+ ccn_charbuf_destroy(&content_name);
+ return 1;
+ }
+
+ }
+
+ if ( key_type == ROOT_KEY){
+ ccn_charbuf_destroy(&key_name);
+ ccn_charbuf_destroy(&content_name);
+ return 1;
+ }
+
+ ccn_charbuf_destroy(&key_name);
+ ccn_charbuf_destroy(&content_name);
+ return 0;
+}
+
int
verify_key(const unsigned char *ccnb,
struct ccn_parsed_ContentObject *pco){
if ( nlsr->debugging )
printf("verify key called\n");
int ret=-1;
-
+ //int res;
+
if ( contain_key_name(ccnb, pco) == 1){
struct ccn_charbuf *key_name=get_key_name(ccnb, pco);
@@ -189,9 +367,9 @@
ccn_uri_append(key_uri, key_name->buf, key_name->length, 0);
if ( nlsr->debugging )
printf("Key Name from Incoming Content: %s\n",ccn_charbuf_as_string(key_uri));
- int res=get_key_type_from_key_name(key_name);
+ int key_type=get_key_type_from_key_name(key_name);
if ( nlsr->debugging )
- printf("Key Type: %d \n",res);
+ printf("Key Type: %d \n",key_type);
struct ccn_charbuf *result = ccn_charbuf_create();
struct ccn_parsed_ContentObject temp_pco = {0};
@@ -212,11 +390,20 @@
printf("Could not retrieve key by name !!!\n");
}
else{
- if ( res == ROOT_KEY ){
+ if ( key_type == ROOT_KEY ){
ret=0;
}
else{
- ret=verify_key(result->buf,&temp_pco);
+ //ret=verify_key(result->buf,&temp_pco);
+ if ( nlsr->isStrictHierchicalKeyCheck ){
+ int key_name_test=check_key_name_hierarchy(ccnb,pco,key_type);
+ if ( key_name_test == 1){
+ ret=verify_key(result->buf,&temp_pco);
+ }
+ }
+ else{
+ ret=verify_key(result->buf,&temp_pco);
+ }
}
}
}
diff --git a/nlsr_km_util.c b/nlsr_km_util.c
index 6750c67..f799873 100644
--- a/nlsr_km_util.c
+++ b/nlsr_km_util.c
@@ -66,43 +66,6 @@
}
-int
-get_orig_router_from_key_name(struct ccn_charbuf *orig_router ,struct ccn_charbuf *name)
-{
- int res;
- struct ccn_indexbuf *name_comps;
-
- name_comps = ccn_indexbuf_create();
- res = ccn_name_split(name, name_comps);
- if ( res < 0 ){
- ccn_indexbuf_destroy(&name_comps);
- return res;
- }
- else{
- res=ccn_name_chop(name, name_comps, -2);
- if ( res < 0 ){
- ccn_indexbuf_destroy(&name_comps);
- return res;
- }
- else{
- res=check_for_tag_component_in_name(name,name_comps,"R.N.Start");
- if ( res > 0 ){
- ccn_name_init(orig_router);
- ccn_name_append_components(orig_router,name->buf,
- name_comps->buf[res+1],
- name_comps->buf[name_comps->n - 1]);
- }
- else{
- ccn_indexbuf_destroy(&name_comps);
- return -1;
- }
- }
- }
-
- ccn_indexbuf_destroy(&name_comps);
- return 0;
-}
-
int
check_for_name_component_in_name(const struct ccn_charbuf *name,
const struct ccn_indexbuf *indx,
@@ -205,3 +168,93 @@
ccn_indexbuf_destroy(&indx);
return return_key;
}
+
+
+char *
+get_name_segments_from_name(struct ccn_charbuf *name, int start_indx, int end_indx)
+{
+ int res;
+ struct ccn_indexbuf *name_comps;
+ struct ccn_charbuf *orig_router;
+ char *name_seg=NULL;
+
+ name_comps = ccn_indexbuf_create();
+ res = ccn_name_split(name, name_comps);
+ if ( res < 0 ){
+ ccn_indexbuf_destroy(&name_comps);
+ return name_seg;
+ }
+ else{
+ orig_router=ccn_charbuf_create();
+ ccn_name_init(orig_router);
+ ccn_name_append_components(orig_router,name->buf,
+ name_comps->buf[start_indx],
+ name_comps->buf[end_indx]);
+ struct ccn_charbuf *temp1=ccn_charbuf_create();
+ ccn_uri_append(temp1, orig_router->buf, orig_router->length, 0);
+
+ name_seg=(char *)calloc(strlen(ccn_charbuf_as_string(temp1))+1,
+ sizeof(char));
+ memcpy(name_seg,ccn_charbuf_as_string(temp1),
+ strlen(ccn_charbuf_as_string(temp1)));
+ name_seg[strlen(name_seg)]='\0';
+ ccn_charbuf_destroy(&orig_router);
+ ccn_charbuf_destroy(&temp1);
+
+ }
+
+ ccn_indexbuf_destroy(&name_comps);
+ return name_seg;
+}
+
+
+char *
+get_orig_router_from_key_name(struct ccn_charbuf *name, int more, int type)
+{
+ int res;
+ struct ccn_indexbuf *name_comps;
+ struct ccn_charbuf *orig_router;
+ char *router=NULL;
+
+ name_comps = ccn_indexbuf_create();
+ res = ccn_name_split(name, name_comps);
+ if ( res < 0 ){
+ ccn_indexbuf_destroy(&name_comps);
+ return router;
+ }
+ else{
+ res=ccn_name_chop(name, name_comps, -(2-more));
+ if ( more > 0 && type==1)
+ res=ccn_name_chop(name, name_comps, -3);
+ if ( res < 0 ){
+ ccn_indexbuf_destroy(&name_comps);
+ return NULL;
+ }
+ else{
+ res=check_for_tag_component_in_name(name,name_comps,"R.N.Start");
+ if ( res > 0 ){
+ orig_router=ccn_charbuf_create();
+ ccn_name_init(orig_router);
+ ccn_name_append_components(orig_router,name->buf,
+ name_comps->buf[res+1],
+ name_comps->buf[name_comps->n - 1]);
+ struct ccn_charbuf *temp1=ccn_charbuf_create();
+ ccn_uri_append(temp1, orig_router->buf, orig_router->length, 0);
+
+ router=(char *)calloc(strlen(ccn_charbuf_as_string(temp1))+1,
+ sizeof(char));
+ memcpy(router,ccn_charbuf_as_string(temp1),
+ strlen(ccn_charbuf_as_string(temp1)));
+ router[strlen(router)]='\0';
+ }
+ else{
+ ccn_indexbuf_destroy(&name_comps);
+ return NULL;
+ }
+ }
+ }
+
+ ccn_indexbuf_destroy(&name_comps);
+ return router;
+}
+
diff --git a/nlsr_km_util.h b/nlsr_km_util.h
index 204a592..750cbe9 100644
--- a/nlsr_km_util.h
+++ b/nlsr_km_util.h
@@ -20,12 +20,17 @@
enum key_type
get_key_type_from_key_name(struct ccn_charbuf *keyname);
-int
-get_orig_router_from_key_name(struct ccn_charbuf *orig_router,
- struct ccn_charbuf *name);
-
int
appendLifetime(struct ccn_charbuf *cb, int lifetime);
+char *
+get_orig_router_from_key_name(struct ccn_charbuf *name, int more, int type);
+
+
+
+char *
+get_name_segments_from_name(struct ccn_charbuf *name,
+ int start_indx, int end_indx);
+
#endif
diff --git a/nlsr_ndn.c b/nlsr_ndn.c
index 66e15c9..aa58904 100644
--- a/nlsr_ndn.c
+++ b/nlsr_ndn.c
@@ -499,7 +499,7 @@
writeLogg(__FILE__,__FUNCTION__,__LINE__,"process_incoming_content_info"
" called \n");
- int res;
+ //int res;
struct name_prefix *nbr=(struct name_prefix *)malloc(sizeof(struct name_prefix ));
get_nbr(nbr,selfp,info);
@@ -513,17 +513,17 @@
if ( contain_key_name(info->content_ccnb, info->pco) == 1){
- struct ccn_charbuf *key_name=get_key_name(info->content_ccnb, info->pco);
- struct ccn_charbuf *orig_router_kn=ccn_charbuf_create();
- res=get_orig_router_from_key_name(orig_router_kn,key_name);
- if( res == 0){
- struct ccn_charbuf *rtr_uri = ccn_charbuf_create();
- ccn_uri_append(rtr_uri, orig_router_kn->buf,
- orig_router_kn->length, 0);
- printf("Orig Router from Key name: %s\n",
- ccn_charbuf_as_string(rtr_uri));
+ //struct ccn_charbuf *key_name=get_key_name(info->content_ccnb, info->pco);
+ //struct ccn_charbuf *orig_router_kn=ccn_charbuf_create();
+ //res=get_orig_router_from_key_name(orig_router_kn,key_name);
+ //if( res == 0){
+ //struct ccn_charbuf *rtr_uri = ccn_charbuf_create();
+ //ccn_uri_append(rtr_uri, orig_router_kn->buf,
+ // orig_router_kn->length, 0);
+ //printf("Orig Router from Key name: %s\n",
+ // ccn_charbuf_as_string(rtr_uri));
- if( strcmp(nbr->name,ccn_charbuf_as_string(rtr_uri)) == 0){
+ //if( strcmp(nbr->name,ccn_charbuf_as_string(rtr_uri)) == 0){
int res_verify=verify_key(info->content_ccnb,info->pco);
@@ -556,11 +556,11 @@
}
}
- }
- ccn_charbuf_destroy(&rtr_uri);
- }
- ccn_charbuf_destroy(&key_name);
- ccn_charbuf_destroy(&orig_router_kn);
+ //}
+ //ccn_charbuf_destroy(&rtr_uri);
+ //}
+ //ccn_charbuf_destroy(&key_name);
+ //ccn_charbuf_destroy(&orig_router_kn);
}
/*
update_adjacent_timed_out_zero_to_adl(nbr);
diff --git a/nlsr_sync.c b/nlsr_sync.c
index 4ae6c82..bc5eb43 100644
--- a/nlsr_sync.c
+++ b/nlsr_sync.c
@@ -239,17 +239,17 @@
int chk_cont=ccn_parse_ContentObject(ptr,length,&pcobuf1,NULL);
printf("Content Parsing result: %d\n",chk_cont);
if ( contain_key_name(ptr, &pcobuf1) == 1){
- struct ccn_charbuf *key_name=get_key_name(ptr, &pcobuf1);
- struct ccn_charbuf *orig_router_kn=ccn_charbuf_create();
- res=get_orig_router_from_key_name(orig_router_kn,key_name);
- if( res == 0){
- struct ccn_charbuf *rtr_uri = ccn_charbuf_create();
- ccn_uri_append(rtr_uri, orig_router_kn->buf,
- orig_router_kn->length, 0);
- printf("Orig Router from Key name: %s\n",
- ccn_charbuf_as_string(rtr_uri));
+ //struct ccn_charbuf *key_name=get_key_name(ptr, &pcobuf1);
+ //struct ccn_charbuf *orig_router_kn=ccn_charbuf_create();
+ //res=get_orig_router_from_key_name(orig_router_kn,key_name);
+ //if( res == 0){
+ //struct ccn_charbuf *rtr_uri = ccn_charbuf_create();
+ //ccn_uri_append(rtr_uri, orig_router_kn->buf,
+ // orig_router_kn->length, 0);
+ //printf("Orig Router from Key name: %s\n",
+ // ccn_charbuf_as_string(rtr_uri));
- if( strcmp(orig_router,ccn_charbuf_as_string(rtr_uri)) == 0){
+ //if( strcmp(orig_router,ccn_charbuf_as_string(rtr_uri)) == 0){
int res_verify=verify_key(ptr,&pcobuf1);
@@ -267,11 +267,11 @@
memcpy (*content_data, ptr_in, length_in);
ret=0;
}
- }
- ccn_charbuf_destroy(&rtr_uri);
- }
- ccn_charbuf_destroy(&key_name);
- ccn_charbuf_destroy(&orig_router_kn);
+ //}
+ //ccn_charbuf_destroy(&rtr_uri);
+ //}
+ //ccn_charbuf_destroy(&key_name);
+ //ccn_charbuf_destroy(&orig_router_kn);
}
}
}