Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */ |
| 2 | /** |
| 3 | * Copyright (C) 2013 Regents of the University of California. |
| 4 | * @author: Yingdi Yu <yingdi@cs.ucla.edu> |
| 5 | * @author: Jeff Thompson <jefft0@remap.ucla.edu> |
| 6 | * See COPYING for copyright and distribution information. |
| 7 | */ |
| 8 | |
Alexander Afanasyev | 4440290 | 2014-01-06 00:08:54 -0800 | [diff] [blame] | 9 | #ifdef TEMPRORARILY_DISABLED |
| 10 | |
Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 11 | #include "../c/util/crypto.h" |
Alexander Afanasyev | 09c613f | 2014-01-29 00:23:58 -0800 | [diff] [blame] | 12 | #include "security/identity-storage.hpp" |
| 13 | #include "security/sec-policy-self-verify.hpp" |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 14 | |
| 15 | using namespace std; |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 16 | |
| 17 | namespace ndn { |
| 18 | |
Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 19 | SecPolicySelfVerify::~SecPolicySelfVerify() |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 20 | { |
| 21 | } |
| 22 | |
Jeff Thompson | ce11576 | 2013-12-18 14:59:56 -0800 | [diff] [blame] | 23 | ptr_lib::shared_ptr<ValidationRequest> |
Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 24 | SecPolicySelfVerify::checkVerificationPolicy |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame^] | 25 | (const ptr_lib::shared_ptr<const Data>& data, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed) |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 26 | { |
Jeff Thompson | 36fe1bc | 2013-12-13 16:03:59 -0800 | [diff] [blame] | 27 | // Cast to const Data* so that we use the const version of getSignature() and don't reset the default encoding. |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 28 | const Sha256WithRsaSignature *signature = dynamic_cast<const Sha256WithRsaSignature*>(((const Data*)data.get())->getSignature()); |
| 29 | if (!signature) |
Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 30 | throw SecurityException("SecPolicySelfVerify: Signature is not Sha256WithRsaSignature."); |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 31 | |
| 32 | if (signature->getKeyLocator().getType() == ndn_KeyLocatorType_KEY) { |
| 33 | // Use the public key DER directly. |
| 34 | if (verifySha256WithRsaSignature(*data, signature->getKeyLocator().getKeyData())) |
| 35 | onVerified(data); |
| 36 | else |
| 37 | onVerifyFailed(data); |
| 38 | } |
| 39 | else if (signature->getKeyLocator().getType() == ndn_KeyLocatorType_KEYNAME && identityStorage_) { |
| 40 | // Assume the key name is a certificate name. |
| 41 | Blob publicKeyDer = identityStorage_->getKey |
| 42 | (IdentityCertificate::certificateNameToPublicKeyName(signature->getKeyLocator().getKeyName())); |
| 43 | if (!publicKeyDer) |
| 44 | // Can't find the public key with the name. |
| 45 | onVerifyFailed(data); |
| 46 | |
| 47 | if (verifySha256WithRsaSignature(*data, publicKeyDer)) |
| 48 | onVerified(data); |
| 49 | else |
| 50 | onVerifyFailed(data); |
| 51 | } |
| 52 | else |
| 53 | // Can't find a key to verify. |
| 54 | onVerifyFailed(data); |
| 55 | |
| 56 | // No more steps, so return a null ValidationRequest. |
Jeff Thompson | ce11576 | 2013-12-18 14:59:56 -0800 | [diff] [blame] | 57 | return ptr_lib::shared_ptr<ValidationRequest>(); |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 58 | } |
| 59 | |
Jeff Thompson | 3a2eb2f | 2013-12-11 11:00:27 -0800 | [diff] [blame] | 60 | } |
Alexander Afanasyev | 4440290 | 2014-01-06 00:08:54 -0800 | [diff] [blame] | 61 | |
| 62 | #endif // TEMPORARILY_DISABLED |