| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */ |
| 2 | /** |
| 3 | * Copyright (C) 2013 Regents of the University of California. |
| 4 | * @author: Yingdi Yu <yingdi@cs.ucla.edu> |
| 5 | * @author: Jeff Thompson <jefft0@remap.ucla.edu> |
| 6 | * See COPYING for copyright and distribution information. |
| 7 | */ |
| 8 | |
| 9 | #ifndef NDN_VERIFIER_HPP |
| 10 | #define NDN_VERIFIER_HPP |
| 11 | |
| 12 | #include "../data.hpp" |
| 13 | #include "../face.hpp" |
| Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 14 | #include "validation-request.hpp" |
| 15 | #include "public-key.hpp" |
| 16 | #include "signature-sha256-with-rsa.hpp" |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 17 | |
| 18 | namespace ndn { |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 19 | |
| 20 | class SecPolicy; |
| 21 | |
| 22 | /** |
| 23 | * An OnVerified function object is used to pass a callback to verifyData to report a successful verification. |
| 24 | */ |
| 25 | typedef func_lib::function<void()> OnVerified; |
| 26 | |
| 27 | /** |
| 28 | * An OnVerifyFailed function object is used to pass a callback to verifyData to report a failed verification. |
| 29 | */ |
| 30 | typedef func_lib::function<void()> OnVerifyFailed; |
| 31 | |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 32 | |
| 33 | /** |
| 34 | * Verifier is one of the main classes of the security librar . |
| 35 | * |
| 36 | * The Verifier class provides the interfaces for packet verification. |
| 37 | */ |
| 38 | class Verifier { |
| 39 | public: |
| 40 | struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} }; |
| 41 | |
| Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 42 | Verifier(const ptr_lib::shared_ptr<SecPolicy> &policy = DefaultPolicy); |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 43 | |
| 44 | /** |
| 45 | * @brief Set the Face which will be used to fetch required certificates. |
| 46 | * @param face A pointer to the Face object. |
| 47 | * |
| 48 | * Setting face is necessary for verifier operation that involve fetching data. |
| 49 | */ |
| 50 | void |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 51 | setFace(const ptr_lib::shared_ptr<Face> &face) { m_face = face; } |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 52 | |
| 53 | /** |
| Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 54 | * @brief Get the policy. |
| 55 | * @return The Policy. |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 56 | */ |
| Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 57 | inline SecPolicy& |
| Yingdi Yu | b4bb85a | 2014-01-16 10:11:04 -0800 | [diff] [blame] | 58 | policy() |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 59 | { |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 60 | if (static_cast<bool>(m_policy)) |
| Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 61 | throw Error("policy is not assigned to the KeyChain"); |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 62 | |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 63 | return *m_policy; |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 64 | } |
| 65 | |
| 66 | |
| 67 | /** |
| 68 | * Check the signature on the Data object and call either onVerify or onVerifyFailed. |
| 69 | * We use callback functions because verify may fetch information to check the signature. |
| 70 | * @param data The Data object with the signature to check. It is an error if data does not have a wireEncoding. |
| 71 | * To set the wireEncoding, you can call data.wireDecode. |
| 72 | * @param onVerified If the signature is verified, this calls onVerified(data). |
| 73 | * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data). |
| 74 | */ |
| 75 | void |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 76 | verify |
| 77 | (const ptr_lib::shared_ptr<const Data> &data, const OnVerified &onVerified, const OnVerifyFailed &onVerifyFailed, int stepCount = 0); |
| 78 | |
| 79 | void |
| 80 | verify |
| 81 | (const ptr_lib::shared_ptr<const Interest> &Interest, const OnVerified &onVerified, const OnVerifyFailed &onVerifyFailed, int stepCount = 0); |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 82 | |
| 83 | /***************************************** |
| 84 | * verifySignature method set * |
| 85 | *****************************************/ |
| Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame^] | 86 | static bool |
| Yingdi Yu | 913b0c7 | 2014-01-10 18:02:55 -0800 | [diff] [blame] | 87 | verifySignature(const Data &data, const Signature &sig, const PublicKey &publicKey); |
| 88 | |
| 89 | static bool |
| Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame^] | 90 | verifySignature(const Interest &interest, const PublicKey &publicKey); |
| 91 | |
| 92 | static bool |
| Yingdi Yu | 913b0c7 | 2014-01-10 18:02:55 -0800 | [diff] [blame] | 93 | verifySignature(const Buffer &data, const Signature &sig, const PublicKey &publicKey); |
| 94 | |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 95 | static bool |
| 96 | verifySignature(const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& publicKey); |
| 97 | |
| Yingdi Yu | 913b0c7 | 2014-01-10 18:02:55 -0800 | [diff] [blame] | 98 | static bool |
| 99 | verifySignature(const Buffer &data, const SignatureSha256WithRsa &sig, const PublicKey &publicKey); |
| Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame^] | 100 | |
| 101 | static bool |
| 102 | verifySignature(const uint8_t* buf, const size_t size, const SignatureSha256WithRsa &sig, const PublicKey &publicKey); |
| 103 | |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 104 | |
| 105 | public: |
| Yingdi Yu | 4f32463 | 2014-01-15 18:10:03 -0800 | [diff] [blame] | 106 | static const ptr_lib::shared_ptr<SecPolicy> DefaultPolicy; |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 107 | |
| 108 | private: |
| 109 | void |
| 110 | onCertificateData |
| 111 | (const ptr_lib::shared_ptr<const Interest> &interest, const ptr_lib::shared_ptr<Data> &data, ptr_lib::shared_ptr<ValidationRequest> nextStep); |
| 112 | |
| 113 | void |
| 114 | onCertificateInterestTimeout |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 115 | (const ptr_lib::shared_ptr<const Interest> &interest, int retry, const OnVerifyFailed& onVerifyFailed, ptr_lib::shared_ptr<ValidationRequest> nextStep); |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 116 | |
| 117 | private: |
| Yingdi Yu | e07e339 | 2014-01-28 10:29:27 -0800 | [diff] [blame] | 118 | ptr_lib::shared_ptr<SecPolicy> m_policy; |
| 119 | ptr_lib::shared_ptr<Face> m_face; |
| Yingdi Yu | 2abd73f | 2014-01-08 23:34:11 -0800 | [diff] [blame] | 120 | }; |
| 121 | |
| 122 | } |
| 123 | |
| 124 | #endif |