Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / c8bcd45be3a8af8342043e626f61fb1cd00132b5 / . / src / security / sec-rule-specific.cpp
blob: 9b44d83a1bbd61851aa2d9a96ceb6ab25e612e68 [file] [log] [blame]
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]3 * Copyright (c) 2013-2014, Regents of the University of California.
4 * All rights reserved.
5 *
6 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
7 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
8 *
9 * This file licensed under New BSD License. See COPYING for detailed information about
10 * ndn-cxx library copyright, permissions, and redistribution restrictions.
11 *
12 * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]13 */
14
Alexander Afanasyeve2dcdfd2014-02-07 15:53:28 -0800[diff] [blame]15#include "common.hpp"
16
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]17#include "sec-rule-specific.hpp"
18#include "signature-sha256-with-rsa.hpp"
19
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]20using namespace std;
21
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]22namespace ndn {
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]23
24SecRuleSpecific::SecRuleSpecific(shared_ptr<Regex> dataRegex,
25 shared_ptr<Regex> signerRegex)
26 : SecRule(true)
27 , m_dataRegex(dataRegex)
28 , m_signerRegex(signerRegex)
Yingdi Yu0fc447c2014-04-29 19:38:32 -0700[diff] [blame]29 , m_isExempted(false)
30{
31}
32
33SecRuleSpecific::SecRuleSpecific(shared_ptr<Regex> dataRegex)
34 : SecRule(true)
35 , m_dataRegex(dataRegex)
36 , m_isExempted(true)
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]37{
38}
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]39
40SecRuleSpecific::SecRuleSpecific(const SecRuleSpecific& rule)
41 : SecRule(true)
42 , m_dataRegex(rule.m_dataRegex)
43 , m_signerRegex(rule.m_signerRegex)
Yingdi Yu0fc447c2014-04-29 19:38:32 -0700[diff] [blame]44 , m_isExempted(rule.m_isExempted)
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]45{
46}
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]47
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]48bool
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]49SecRuleSpecific::matchDataName(const Data& data)
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]50{
51 return m_dataRegex->match(data.getName());
52}
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]53
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]54bool
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]55SecRuleSpecific::matchSignerName(const Data& data)
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]56{
Yingdi Yu0fc447c2014-04-29 19:38:32 -0700[diff] [blame]57 if (m_isExempted)
58 return true;
59
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]60 try
61 {
62 SignatureSha256WithRsa sig(data.getSignature());
63 Name signerName = sig.getKeyLocator().getName();
64 return m_signerRegex->match(signerName);
65 }
66 catch (std::runtime_error& e)
67 {
68 return false;
69 }
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]70}
71
72bool
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]73SecRuleSpecific::satisfy(const Data& data)
74{
75 return (matchDataName(data) && matchSignerName(data)) ? true : false;
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]76}
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]77
78bool
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]79SecRuleSpecific::satisfy(const Name& dataName, const Name& signerName)
80{
Yingdi Yu0fc447c2014-04-29 19:38:32 -0700[diff] [blame]81 bool isSignerMatched = m_isExempted || m_signerRegex->match(signerName);
82 return (m_dataRegex->match(dataName) && isSignerMatched);
Yingdi Yu3715f8d2014-01-30 00:32:20 -0800[diff] [blame]83}
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]84
85} // namespace ndn