Blame - src/security/certificate-store.cpp - NLSR

blob: 3ac5361d547e3a422d43317bd56c10b493d836f0 [file] [log] [blame]

akmhoque	5335346	2014-04-22 08:43:45 -0500	[diff] [blame^]	1	#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
				2	#include <ndn-cpp-dev/security/key-chain.hpp>
				3	#include "certificate-store.hpp"
				4	#include "waiting-list-entry.hpp"
				5	#include "key-manager.hpp"
				6
				7
				8	namespace nlsr {
				9	static bool
				10	nlsrCertificateStoreEntryCompare(CertificateStoreEntry& ncse1,
				11	CertificateStoreEntry& ncse2)
				12
				13	{
				14	int sizeDiff = ncse1.getCert()->getName().size() -
				15	ncse2.getCert()->getName().size();
				16	return (ncse2.getCert()->getName().isPrefixOf(ncse1.getCert()->getName()) &&
				17	(sizeDiff <= 1 && sizeDiff >= 0));
				18	}
				19
				20	static bool
				21	nlsrCertificateStoreEntryCompareByName(CertificateStoreEntry& ncse1,
				22	std::string compCertName)
				23
				24	{
				25	ndn::Name ccn(compCertName);
				26	int sizeDiff = ncse1.getCert()->getName().size() - ccn.size();
				27	return (ccn.isPrefixOf(ncse1.getCert()->getName()) &&
				28	(sizeDiff <= 1 && sizeDiff >= 0));
				29	}
				30
				31	void
				32	CertificateStore::updateWaitingList(std::string respCertName)
				33	{
				34	ndn::Name tmpName(respCertName);
				35	respCertName = tmpName.getPrefix(-1).toUri();
				36	std::pair<WaitingListEntry, bool> chkWle =
				37	m_waitingList.getWaitingListEntry(respCertName);
				38	if (chkWle.second)
				39	{
				40	std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> sc =
				41	getCertificateFromStore(respCertName);
				42	std::list<std::string> waitees = (chkWle.first).getWaitingCerts();
				43	for (std::list<std::string>::iterator it = waitees.begin();
				44	it != waitees.end(); ++it)
				45	{
				46	KeyManager km;
				47	std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool> wc =
				48	getCertificateFromStore(*(it));
				49	if (wc.second && sc.second)
				50	{
				51	if (km.verifySignature(*(wc.first), sc.first->getPublicKeyInfo()))
				52	{
				53	//1. Update Certificate Store
				54	setCertificateIsVerified(*(it), true);
				55	//2. Call updateWaitingList for waitee ( *(it) )
				56	updateWaitingList(*(it));
				57	}
				58	}
				59	}
				60	}
				61
				62	//remove that entry from waiting list
				63	m_waitingList.remove(respCertName);
				64	}
				65
				66	void
				67	CertificateStore::updateWaitingList(CertificateStoreEntry& ncse)
				68	{
				69	if (ncse.getIsSignerVerified())
				70	{
				71	updateWaitingList(ncse.getCert()->getName().toUri());
				72	}
				73	else
				74	{
				75	ndn::SignatureSha256WithRsa signature(ncse.getCert()->getSignature());
				76	m_waitingList.add(signature.getKeyLocator().getName().toUri(),
				77	ncse.getCert()->getName().toUri());
				78	}
				79	}
				80
				81	bool
				82	CertificateStore::addCertificate(CertificateStoreEntry& ncse)
				83	{
				84	std::list<CertificateStoreEntry>::iterator it =
				85	std::find_if(m_certTable.begin(), m_certTable.end(),
				86	bind(&nlsrCertificateStoreEntryCompare, _1, ncse));
				87	if (it == m_certTable.end())
				88	{
				89	m_certTable.push_back(ncse);
				90	updateWaitingList(ncse);
				91	return true;
				92	}
				93	else if (it != m_certTable.end())
				94	{
				95	if ((*it).getCertSeqNum() < ncse.getCertSeqNum())
				96	{
				97	m_certTable.erase(it);
				98	m_certTable.push_back(ncse);
				99	updateWaitingList(ncse);
				100	return true;
				101	}
				102	}
				103	return false;
				104	}
				105
				106	bool
				107	CertificateStore::addCertificate(
				108	ndn::shared_ptr<ndn::IdentityCertificate> pcert, uint32_t csn, bool isv)
				109	{
				110	CertificateStoreEntry ncse(pcert, csn, isv);
				111	return addCertificate(ncse);
				112	}
				113
				114	std::pair<uint32_t, bool>
				115	CertificateStore::getCertificateSeqNum(std::string certName)
				116	{
				117	std::list<CertificateStoreEntry>::iterator it =
				118	std::find_if(m_certTable.begin(), m_certTable.end(),
				119	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				120	if (it == m_certTable.end())
				121	{
				122	return std::make_pair(0, false);
				123	}
				124	return std::make_pair((*it).getCertSeqNum(), true);
				125	}
				126
				127
				128
				129	void
				130	CertificateStore::setCertificateIsVerified(std::string certName,
				131	bool isVerified)
				132	{
				133	std::list<CertificateStoreEntry>::iterator it =
				134	std::find_if(m_certTable.begin(), m_certTable.end(),
				135	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				136	if (it != m_certTable.end())
				137	{
				138	it->setIsSignerVerified(true);
				139	}
				140	}
				141
				142	bool
				143	CertificateStore::getCertificateIsVerified(std::string certName)
				144	{
				145	std::list<CertificateStoreEntry>::iterator it =
				146	std::find_if(m_certTable.begin(), m_certTable.end(),
				147	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				148	if (it != m_certTable.end())
				149	{
				150	return it->getIsSignerVerified();
				151	}
				152
				153	return false;
				154	}
				155
				156	std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
				157	CertificateStore::getCertificateFromStore(const std::string certName)
				158	{
				159	std::list<CertificateStoreEntry>::iterator it =
				160	std::find_if(m_certTable.begin(), m_certTable.end(),
				161	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				162	if (it == m_certTable.end())
				163	{
				164	ndn::shared_ptr<ndn::IdentityCertificate> cert =
				165	ndn::make_shared<ndn::IdentityCertificate>();
				166	return std::make_pair(cert, false);
				167	}
				168	return std::make_pair((*it).getCert(), true);
				169	}
				170
				171	std::pair<ndn::shared_ptr<ndn::IdentityCertificate>, bool>
				172	CertificateStore::getCertificateFromStore(
				173	const std::string certName, uint64_t checkSeqNum)
				174	{
				175	std::list<CertificateStoreEntry>::iterator it =
				176	std::find_if(m_certTable.begin(), m_certTable.end(),
				177	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				178	if (it == m_certTable.end())
				179	{
				180	ndn::shared_ptr<ndn::IdentityCertificate> cert =
				181	ndn::make_shared<ndn::IdentityCertificate>();
				182	return std::make_pair(cert, false);
				183	}
				184	else
				185	{
				186	if ((*it).getCertSeqNum() == checkSeqNum)
				187	{
				188	return std::make_pair((*it).getCert(), true);
				189	}
				190	}
				191	return std::make_pair((*it).getCert(), false);
				192	}
				193
				194	bool
				195	CertificateStore::isCertificateNewInStore(const std::string certName,
				196	int checkSeqNo)
				197	{
				198	std::list<CertificateStoreEntry>::iterator it =
				199	std::find_if(m_certTable.begin(), m_certTable.end(),
				200	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				201	if (it != m_certTable.end())
				202	{
				203	return (*it).getCertSeqNum() < checkSeqNo ;
				204	}
				205	return true;
				206	}
				207
				208	bool
				209	CertificateStore::removeCertificateFromStroe(const std::string certName)
				210	{
				211	std::list<CertificateStoreEntry>::iterator it =
				212	std::find_if(m_certTable.begin(), m_certTable.end(),
				213	bind(&nlsrCertificateStoreEntryCompareByName, _1, certName));
				214	if (it != m_certTable.end())
				215	{
				216	m_certTable.erase(it);
				217	return true;
				218	}
				219	return false;
				220	}
				221
				222	void
				223	CertificateStore::print()
				224	{
				225	std::list<CertificateStoreEntry>::iterator it;
				226	for (it = m_certTable.begin(); it != m_certTable.end(); ++it)
				227	{
				228	std::cout << (*it) << std::endl;
				229	}
				230	std::cout << m_waitingList << std::endl;
				231	}
				232
				233	} //namespace nlsr