commit 1e90d8c9ca6e6ed5e26fb37763e4dd43dccd0da8
author Jeff Thompson <jefft0@gmail.com> Mon Aug 12 16:09:25 2013 -0700
committer Jeff Thompson <jefft0@gmail.com> Mon Aug 12 16:09:25 2013 -0700
tree c6c2d361d9250c9650d0448e7fd71aebfadaac1b
parent eced58017665537b260618cb4bbfebc1615de90f

Added KeyChain::selfVerifyData.

ndn-cpp/key-chain.cpp

diff --git a/ndn-cpp/key-chain.cpp b/ndn-cpp/key-chain.cpp
index 1da6f9d..fc656c0 100644
--- a/ndn-cpp/key-chain.cpp
+++ b/ndn-cpp/key-chain.cpp
@@ -126,8 +126,7 @@
   // TODO: use RSA_size to get the proper size of the signature buffer.
   unsigned char signature[1000];
   unsigned int signatureLength;
-  const unsigned char *keyPointer = privateKeyDer;
-  RSA *privateKey = d2i_RSAPrivateKey(NULL, &keyPointer, privateKeyDerLength);
+  RSA *privateKey = d2i_RSAPrivateKey(NULL, &privateKeyDer, privateKeyDerLength);
   if (!privateKey)
     throw std::runtime_error("Error decoding private key in d2i_RSAPrivateKey");
   int success = RSA_sign(NID_sha256, dataFieldsDigest, sizeof(dataFieldsDigest), signature, &signatureLength, privateKey);
@@ -144,4 +143,40 @@
   sign(data, DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER), DEFAULT_PRIVATE_KEY_DER, sizeof(DEFAULT_PRIVATE_KEY_DER));
 }
 
+bool KeyChain::selfVerifyData(const unsigned char *input, unsigned int inputLength, WireFormat &wireFormat)
+{
+  // Decode the data packet and digest the data fields.
+  Data data;
+  unsigned int signedFieldsBeginOffset, signedFieldsEndOffset;
+  wireFormat.decodeData(data, input, inputLength, &signedFieldsBeginOffset, &signedFieldsEndOffset);
+  if (data.getSignature().getDigestAlgorithm().size() != 0)
+    // TODO: Allow a non-default digest algorithm.
+    throw std::runtime_error("Cannot verify a data packet with a non-default digest algorithm");
+  unsigned char dataFieldsDigest[SHA256_DIGEST_LENGTH];
+  digestSha256(input + signedFieldsBeginOffset, signedFieldsEndOffset - signedFieldsBeginOffset, dataFieldsDigest);
+  
+  // Find the public key.
+  const unsigned char *publicKeyDer;
+  unsigned int publicKeyDerLength;
+  if (data.getSignedInfo().getKeyLocator().getType() == ndn_KeyLocatorType_KEY) {
+    publicKeyDer = &data.getSignedInfo().getKeyLocator().getKeyOrCertificate().front();
+    publicKeyDerLength = data.getSignedInfo().getKeyLocator().getKeyOrCertificate().size();
+  }
+  else
+    // Can't find a public key.
+    return false;
+
+  // Verify the dataFieldsDigest.
+  RSA *publicKey = d2i_RSA_PUBKEY(NULL, &publicKeyDer, publicKeyDerLength);
+  if (!publicKey)
+    throw std::runtime_error("Error decoding public key in d2i_RSAPublicKey");
+  int success = RSA_verify
+    (NID_sha256, dataFieldsDigest, sizeof(dataFieldsDigest), &data.getSignature().getSignature().front(), 
+     data.getSignature().getSignature().size(), publicKey);
+  // Free the public key before checking for success.
+  RSA_free(publicKey);
+  
+  return (success == 1);
+}
+
 }