Gitiles
Code Review Sign In
gerrit.named-data.net / NLSR / 40cd1c35c452d61f2ce47949ffaa60166877734e / . / src / security / nlsr_cert_store.cpp
blob: fa84ad966a7a56c47e91585ac29bccdcc49753d8 [file] [log] [blame]
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]1#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
2#include <ndn-cpp-dev/security/key-chain.hpp>
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]3#include "nlsr_cert_store.hpp"
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]4#include "nlsr_wle.hpp"
5#include "nlsr_km.hpp"
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]6
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]7#define THIS_FILE "nlsr_cert_store.cpp"
8
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]9namespace nlsr
10{
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]11 static bool
12 nlsrCertificateStoreEntryCompare(NlsrCertificateStoreEntry& ncse1,
13 NlsrCertificateStoreEntry& ncse2)
14
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]15 {
16 int sizeDiff=ncse1.getCert()->getName().size()-
17 ncse2.getCert()->getName().size();
18 return (ncse2.getCert()->getName().isPrefixOf(ncse1.getCert()->getName()) &&
19 (sizeDiff <= 1 && sizeDiff>= 0));
20
21
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]22 }
23
24 static bool
25 nlsrCertificateStoreEntryCompareByName(NlsrCertificateStoreEntry& ncse1,
26 std::string compCertName)
27
28 {
29 ndn::Name ccn(compCertName);
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]30 int sizeDiff= ncse1.getCert()->getName().size() -ccn.size();
31 return ( ccn.isPrefixOf(ncse1.getCert()->getName()) &&
32 (sizeDiff <= 1 && sizeDiff>= 0));
33 }
34
35 void
36 NlsrCertificateStore::updateWaitingList(std::string respCertName)
37 {
38 ndn::Name tmpName(respCertName);
39 respCertName=tmpName.getPrefix(-1).toUri();
40 std::pair<WaitingListEntry, bool> chkWle=
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]41 m_waitingList.getWaitingListEntry(respCertName);
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]42 if( chkWle.second )
43 {
44 std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> sc=
45 getCertificateFromStore(respCertName);
46 std::list<std::string> waitees=(chkWle.first).getWaitingCerts();
47 for(std::list<std::string>::iterator it = waitees.begin();
48 it != waitees.end();++it)
49 {
50 KeyManager km;
51 std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> wc=
52 getCertificateFromStore(*(it));
53 if( wc.second && sc.second )
54 {
55 if(km.verifySignature(*(wc.first),sc.first->getPublicKeyInfo()))
56 {
57 //1. Update Certificate Store
58 setCertificateIsVerified(*(it),true);
59 //2. Call updateWaitingList for waitee ( *(it) )
60 updateWaitingList(*(it));
61 }
62 }
63 }
64 }
65
66 //remove that entry from waiting list
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]67 m_waitingList.remove(respCertName);
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]68 }
69
70 void
71 NlsrCertificateStore::updateWaitingList(NlsrCertificateStoreEntry& ncse)
72 {
73 if( ncse.getIsSignerVerified())
74 {
75 updateWaitingList(ncse.getCert()->getName().toUri());
76 }
77 else
78 {
79 ndn::SignatureSha256WithRsa signature(ncse.getCert()->getSignature());
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]80 m_waitingList.add(signature.getKeyLocator().getName().toUri(),
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]81 ncse.getCert()->getName().toUri());
82 }
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]83 }
84
85 bool
86 NlsrCertificateStore::addCertificate(NlsrCertificateStoreEntry & ncse)
87 {
88 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]89 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]90 bind(&nlsrCertificateStoreEntryCompare, _1, ncse));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]91 if(it == m_certTable.end())
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]92 {
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]93 m_certTable.push_back(ncse);
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]94 updateWaitingList(ncse);
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]95 return true;
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]96 }
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]97 else if( it != m_certTable.end() )
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]98 {
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]99 if ( (*it).getCertSeqNum() < ncse.getCertSeqNum() )
100 {
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]101 m_certTable.erase(it);
102 m_certTable.push_back(ncse);
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]103 updateWaitingList(ncse);
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]104 return true;
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]105 }
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]106 }
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]107 return false;
108 }
109
110 bool
111 NlsrCertificateStore::addCertificate(
112 ndn::shared_ptr<ndn::IdentityCertificate> pcert, uint32_t csn, bool isv)
113 {
114 NlsrCertificateStoreEntry ncse(pcert, csn, isv);
115 return addCertificate(ncse);
116 }
117
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]118 std::pair<uint32_t, bool>
119 NlsrCertificateStore::getCertificateSeqNum(std::string certName)
120 {
121 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]122 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]123 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]124 if(it == m_certTable.end())
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]125 {
126 return std::make_pair(0,false);
127 }
128 return std::make_pair((*it).getCertSeqNum(),true);
129 }
130
131
132
133 void
134 NlsrCertificateStore::setCertificateIsVerified(std::string certName,
135 bool isVerified)
136 {
137 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]138 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]139 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]140 if(it != m_certTable.end())
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]141 {
142 it->setIsSignerVerified(true);
143 }
144 }
145
146 bool
147 NlsrCertificateStore::getCertificateIsVerified( std::string certName )
148 {
149 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]150 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]151 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]152 if(it != m_certTable.end())
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]153 {
154 return it->getIsSignerVerified();
155 }
156
157 return false;
158 }
159
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]160 std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
161 NlsrCertificateStore::getCertificateFromStore(const std::string certName)
162 {
163 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]164 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]165 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]166 if(it == m_certTable.end())
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]167 {
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]168 ndn::shared_ptr<ndn::IdentityCertificate> cert=
akmhoquefa8ee9b2014-03-14 09:06:24 -0500[diff] [blame]169 ndn::make_shared<ndn::IdentityCertificate>();
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]170 return std::make_pair(cert,false);
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]171 }
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]172 return std::make_pair((*it).getCert(),true);
173 }
174
175 std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
176 NlsrCertificateStore::getCertificateFromStore(
177 const std::string certName, int checkSeqNum)
178 {
179 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]180 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]181 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]182 if(it == m_certTable.end())
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]183 {
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]184 ndn::shared_ptr<ndn::IdentityCertificate> cert=
185 ndn::make_shared<ndn::IdentityCertificate>();
186 return std::make_pair(cert,false);
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]187 }
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]188 else
189 {
190 if( (*it).getCertSeqNum() == checkSeqNum )
191 {
192 return std::make_pair((*it).getCert(),true);
193 }
194 }
195 return std::make_pair((*it).getCert(),false);
196 }
197
198 bool
199 NlsrCertificateStore::isCertificateNewInStore(const std::string certName,
200 int checkSeqNo)
201 {
202 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]203 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]204 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]205 if(it != m_certTable.end())
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]206 {
207 return (*it).getCertSeqNum() < checkSeqNo ;
208 }
209 return true;
210 }
211
212 bool
213 NlsrCertificateStore::removeCertificateFromStroe(const std::string certName)
214 {
215 std::list<NlsrCertificateStoreEntry>::iterator it =
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]216 std::find_if( m_certTable.begin(), m_certTable.end(),
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]217 bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]218 if(it != m_certTable.end())
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]219 {
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]220 m_certTable.erase(it);
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]221 return true;
222 }
223 return false;
224 }
225
226 void
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]227 NlsrCertificateStore::print()
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]228 {
229 std::list<NlsrCertificateStoreEntry>::iterator it;
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]230 for(it=m_certTable.begin(); it!=m_certTable.end(); ++it)
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]231 {
232 std::cout<<(*it)<<std::endl;
233 }
akmhoque05d5fcf2014-04-15 14:58:45 -0500[diff] [blame]234 std::cout<<m_waitingList<<std::endl;
akmhoque5a44dd42014-03-12 18:11:32 -0500[diff] [blame]235 }
akmhoque099495b2014-03-11 16:01:19 -0500[diff] [blame]236}