blob: db3e6537dcbe2a40701cd056ddfd0a83ad374a91 [file] [log] [blame]
Yingdi Yu3715f8d2014-01-30 00:32:20 -08001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Alexander Afanasyeve2dcdfd2014-02-07 15:53:28 -08008#include "common.hpp"
9
Yingdi Yu3715f8d2014-01-30 00:32:20 -080010#include "sec-rule-relative.hpp"
11
12#include "signature-sha256-with-rsa.hpp"
13#include "security-common.hpp"
14
15#include "../util/logging.hpp"
16
17INIT_LOGGER ("SecRuleRelative");
18
19using namespace std;
20
Yingdi Yufc40d872014-02-18 12:56:04 -080021namespace ndn {
Yingdi Yu3715f8d2014-01-30 00:32:20 -080022
23SecRuleRelative::SecRuleRelative (const string& dataRegex, const string& signerRegex, const string& op,
24 const string& dataExpand, const string& signerExpand, bool isPositive)
25 : SecRule(isPositive),
26 m_dataRegex(dataRegex),
27 m_signerRegex(signerRegex),
28 m_op(op),
29 m_dataExpand(dataExpand),
30 m_signerExpand(signerExpand),
31 m_dataNameRegex(dataRegex, dataExpand),
32 m_signerNameRegex(signerRegex, signerExpand)
33{
34 if(op != ">" && op != ">=" && op != "==")
35 throw Error("op is wrong!");
36}
37
38SecRuleRelative::~SecRuleRelative()
39{ }
40
41bool
42SecRuleRelative::satisfy (const Data& data)
43{
44 Name dataName = data.getName();
45 try{
46 SignatureSha256WithRsa sig(data.getSignature());
47 Name signerName = sig.getKeyLocator().getName ();
48 return satisfy (dataName, signerName);
49 }catch(SignatureSha256WithRsa::Error &e){
50 return false;
51 }catch(KeyLocator::Error &e){
52 return false;
53 }
54}
55
56bool
57SecRuleRelative::satisfy (const Name& dataName, const Name& signerName)
58{
59 if(!m_dataNameRegex.match(dataName))
60 return false;
61 Name expandDataName = m_dataNameRegex.expand();
62
63 if(!m_signerNameRegex.match(signerName))
64 return false;
65 Name expandSignerName = m_signerNameRegex.expand();
66
67 bool matched = compare(expandDataName, expandSignerName);
68
69 return matched;
70}
71
72bool
73SecRuleRelative::matchDataName (const Data& data)
74{ return m_dataNameRegex.match(data.getName()); }
75
76bool
77SecRuleRelative::matchSignerName (const Data& data)
78{
79 try{
80 SignatureSha256WithRsa sig(data.getSignature());
81 Name signerName = sig.getKeyLocator().getName ();
82 return m_signerNameRegex.match(signerName);
83 }catch(SignatureSha256WithRsa::Error &e){
84 return false;
85 }catch(KeyLocator::Error &e){
86 return false;
87 }
88}
89
90bool
91SecRuleRelative::compare(const Name & dataName, const Name & signerName)
92{
93 if((dataName == signerName) && ("==" == m_op || ">=" == m_op))
94 return true;
95
96 Name::const_iterator i = dataName.begin ();
97 Name::const_iterator j = signerName.begin ();
98
99 for (; i != dataName.end () && j != signerName.end (); i++, j++)
100 {
101 if ((i->compare(*j)) == 0)
102 continue;
103 else
104 return false;
105 }
106
107 if(i == dataName.end())
108 return false;
109 else
110 return true;
111}
112
Yingdi Yufc40d872014-02-18 12:56:04 -0800113} // namespace ndn