Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 949075ab7b0394c46585721b5852f6fb5207edff / . / tools / ndnsec / util.cpp
blob: d79df47aa1c0a43f87a349339ae4021f452e53c0 [file] [log] [blame]
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]2/*
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]3 * Copyright (c) 2013-2021 Regents of the University of California.
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "util.hpp"
23
Junxiao Shi24c5a002018-12-12 04:47:15 +0000[diff] [blame]24#include "ndn-cxx/security/impl/openssl.hpp"
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]25
Davide Pesaventofa995ac2019-03-27 23:44:46 -0400[diff] [blame]26#include <unistd.h>
27
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]28namespace ndn {
29namespace ndnsec {
30
31bool
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]32getPassword(std::string& password, const std::string& prompt, bool shouldConfirm)
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]33{
34#ifdef NDN_CXX_HAVE_GETPASS
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]35 char* pw0 = getpass(prompt.c_str());
36 if (!pw0 || strlen(pw0) == 0) {
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]37 return false;
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]38 }
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]39 std::string password1 = pw0;
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]40 OPENSSL_cleanse(pw0, strlen(pw0));
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]41
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]42 if (!shouldConfirm) {
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]43 password.swap(password1);
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]44 return true;
45 }
46
Davide Pesaventofa995ac2019-03-27 23:44:46 -0400[diff] [blame]47 pw0 = getpass("Confirm: ");
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]48 if (!pw0) {
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]49 OPENSSL_cleanse(&password1.front(), password1.size());
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]50 return false;
51 }
52
Alexander Afanasyev35109a12017-01-04 15:39:06 -0800[diff] [blame]53 bool isReady = false;
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]54 if (password1.size() == strlen(pw0) &&
55 CRYPTO_memcmp(password1.data(), pw0, password1.size()) == 0) {
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]56 isReady = true;
57 password.swap(password1);
58 }
Alexander Afanasyev22ee0892017-09-02 12:29:16 -0400[diff] [blame]59 else {
60 OPENSSL_cleanse(&password1.front(), password1.size());
61 }
62 OPENSSL_cleanse(pw0, strlen(pw0));
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]63
64 return isReady;
65#else
66 return false;
67#endif // NDN_CXX_HAVE_GETPASS
68}
69
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]70security::Certificate
Junxiao Shibc2e78e2020-05-20 15:01:08 -0600[diff] [blame]71getCertificateFromPib(const security::pib::Pib& pib, const Name& name,
72 bool isIdentityName, bool isKeyName, bool isCertName)
73{
74 if (isIdentityName) {
75 return pib.getIdentity(name)
76 .getDefaultKey()
77 .getDefaultCertificate();
78 }
79 else if (isKeyName) {
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]80 return pib.getIdentity(security::extractIdentityFromKeyName(name))
Junxiao Shibc2e78e2020-05-20 15:01:08 -0600[diff] [blame]81 .getKey(name)
82 .getDefaultCertificate();
83 }
84 else if (isCertName) {
Davide Pesaventof2cae612021-03-24 18:47:05 -0400[diff] [blame]85 return pib.getIdentity(security::extractIdentityFromCertName(name))
86 .getKey(security::extractKeyNameFromCertName(name))
Junxiao Shibc2e78e2020-05-20 15:01:08 -0600[diff] [blame]87 .getCertificate(name);
88 }
89 NDN_CXX_UNREACHABLE;
90}
91
Alexander Afanasyev82c359c2017-01-04 14:48:07 -0800[diff] [blame]92} // namespace ndnsec
93} // namespace ndn