blob: 960796cddbdf32ed9e2459dc489a86b2011b3d7d [file] [log] [blame]
Yingdi Yufe4733a2015-10-22 14:24:12 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
3 * Copyright (c) 2013-2017 Regents of the University of California.
4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "security/transform.hpp"
23#include "encoding/buffer-stream.hpp"
24
25namespace ndn {
26namespace security {
27namespace v2 {
28
29// TODO: Remove after the new validator is merged
30class Validator
31{
32public:
33 static bool
34 verifySignature(const uint8_t* data, size_t dataLen,
35 const uint8_t* sig, size_t sigLen,
36 const Buffer& key)
37 {
38 using namespace transform;
39
40 PublicKey pKey;
41 bool result = false;
42 pKey.loadPkcs8(key.buf(), key.size());
43 bufferSource(data, dataLen) >> verifierFilter(DigestAlgorithm::SHA256, pKey, sig, sigLen) >> boolSink(result);
44
45 return result;
46 }
47
48 static bool
49 verifySignature(const Data& data, const Buffer& key)
50 {
51 return verifySignature(data.wireEncode().value(), data.wireEncode().value_size() - data.getSignature().getValue().size(),
52 data.getSignature().getValue().value(), data.getSignature().getValue().value_size(),
53 key);
54 }
55
56 static bool
57 verifySignature(const Interest& interest, const Buffer& key)
58 {
59 const Name& interestName = interest.getName();
60 const Block& nameBlock = interestName.wireEncode();
61 const Block& sigValue = interestName[-1].blockFromValue();
62
63 return verifySignature(nameBlock.value(), nameBlock.value_size() - interestName[-1].size(),
64 sigValue.value(), sigValue.value_size(),
65 key);
66 }
67
68 static bool
69 verifySha256Digest(const uint8_t* data, size_t dataLen,
70 const uint8_t* sig, size_t sigLen)
71 {
72 using namespace transform;
73
74 OBufferStream os;
75 bufferSource(data, dataLen) >> digestFilter(DigestAlgorithm::SHA256) >> streamSink(os);
76 ConstBufferPtr digest = os.buf();
77
78 return std::equal(digest->begin(), digest->end(), sig);
79 }
80
81 static bool
82 verifySha256Digest(const Data& data)
83 {
84 return verifySha256Digest(data.wireEncode().value(), data.wireEncode().value_size() - data.getSignature().getValue().size(),
85 data.getSignature().getValue().value(), data.getSignature().getValue().value_size());
86 }
87
88 static bool
89 verifySha256Digest(const Interest& interest)
90 {
91 const Name& interestName = interest.getName();
92 const Block& nameBlock = interestName.wireEncode();
93 const Block& sigValue = interestName[-1].blockFromValue();
94
95 return verifySha256Digest(nameBlock.value(), nameBlock.value_size() - interestName[-1].size(),
96 sigValue.value(), sigValue.value_size());
97 }
98};
99
100} // namespace v2
101} // namespace security
102} // namespace ndn