Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 47ce2eed3ad667074c2a6a39f1cb5b866459dae5 / . / tools / ndnsec / util.cpp
blob: a85b9e35ade8a3d594db5892ef2c75a6627492af [file] [log] [blame]
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]2/*
Davide Pesavento47ce2ee2023-05-09 01:33:33 -0400[diff] [blame^]3 * Copyright (c) 2013-2023 Regents of the University of California.
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "util.hpp"
23
Davide Pesavento80d671f2022-06-08 04:04:52 -0400[diff] [blame]24#include <openssl/crypto.h>
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]25
Davide Pesaventofa995ac2019-03-27 23:44:46 -0400[diff] [blame]26#include <unistd.h>
27
Davide Pesavento47ce2ee2023-05-09 01:33:33 -0400[diff] [blame^]28namespace ndn::ndnsec {
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]29
30bool
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]31getPassword(std::string& password, const std::string& prompt, bool shouldConfirm)
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]32{
33#ifdef NDN_CXX_HAVE_GETPASS
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]34 char* pw0 = getpass(prompt.c_str());
35 if (!pw0 || strlen(pw0) == 0) {
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]36 return false;
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]37 }
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]38 std::string password1 = pw0;
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]39 OPENSSL_cleanse(pw0, strlen(pw0));
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]40
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]41 if (!shouldConfirm) {
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]42 password.swap(password1);
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]43 return true;
44 }
45
Davide Pesaventofa995ac2019-03-27 23:44:46 -0400[diff] [blame]46 pw0 = getpass("Confirm: ");
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]47 if (!pw0) {
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]48 OPENSSL_cleanse(&password1.front(), password1.size());
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]49 return false;
50 }
51
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]52 bool isReady = false;
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]53 if (password1.size() == strlen(pw0) &&
54 CRYPTO_memcmp(password1.data(), pw0, password1.size()) == 0) {
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]55 isReady = true;
56 password.swap(password1);
57 }
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]58 else {
59 OPENSSL_cleanse(&password1.front(), password1.size());
60 }
61 OPENSSL_cleanse(pw0, strlen(pw0));
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]62
63 return isReady;
64#else
65 return false;
66#endif // NDN_CXX_HAVE_GETPASS
67}
68
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]69security::Certificate
Junxiao Shibc2e78e2020-05-20 15:01:08 -0600[diff] [blame]70getCertificateFromPib(const security::pib::Pib& pib, const Name& name,
71 bool isIdentityName, bool isKeyName, bool isCertName)
72{
73 if (isIdentityName) {
74 return pib.getIdentity(name)
75 .getDefaultKey()
76 .getDefaultCertificate();
77 }
78 else if (isKeyName) {
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]79 return pib.getIdentity(security::extractIdentityFromKeyName(name))
Junxiao Shibc2e78e2020-05-20 15:01:08 -0600[diff] [blame]80 .getKey(name)
81 .getDefaultCertificate();
82 }
83 else if (isCertName) {
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]84 return pib.getIdentity(security::extractIdentityFromCertName(name))
85 .getKey(security::extractKeyNameFromCertName(name))
Junxiao Shibc2e78e2020-05-20 15:01:08 -0600[diff] [blame]86 .getCertificate(name);
87 }
88 NDN_CXX_UNREACHABLE;
89}
90
Davide Pesavento47ce2ee2023-05-09 01:33:33 -0400[diff] [blame^]91} // namespace ndn::ndnsec