Gitiles
Code Review Sign In
gerrit.named-data.net / ndnSIM / ndn-cxx / 198c381393c672201749d2d7d738d9074a6ef43f^! / . / src / security / validator.cpp
commit198c381393c672201749d2d7d738d9074a6ef43f[log] [tgz]
authorJunxiao Shi <git@mail1.yoursunny.com>Fri Aug 12 19:24:18 2016 +0000
committerJunxiao Shi <git@mail1.yoursunny.com>Fri Aug 12 19:24:18 2016 +0000
treef5ec944dd8e7fad54aef13260bc473cf65975601
parent7f8e8febfefc3f41e1e6205a71e4fc4affe9434a [diff] [blame]
security: Validator::verifySignature don't throw on Interest with malformed signature

refs #3723

Change-Id: I7de6ab667ffbcc531a5ea8bccae1551e1699cefd

diff --git a/src/security/validator.cpp b/src/security/validator.cpp
index 488d0d7..1ef7a05 100644
--- a/src/security/validator.cpp
+++ b/src/security/validator.cpp

@@ -22,8 +22,6 @@
  * @author Jeff Thompson <jefft0@remap.ucla.edu>
  */
 
-#include "common.hpp"
-
 #include "validator.hpp"
 #include "../util/crypto.hpp"
 
@@ -115,27 +113,27 @@
 bool
 Validator::verifySignature(const Interest& interest, const PublicKey& key)
 {
-  const Name& interestName = interest.getName();
+  const Name& name = interest.getName();
 
-  if (interestName.size() < 2)
+  if (name.size() < signed_interest::MIN_LENGTH_SIG_ONLY)
     return false;
 
+  Signature sig;
   try {
-    const Block& nameBlock = interestName.wireEncode();
-
-    Signature sig(interestName[signed_interest::POS_SIG_INFO].blockFromValue(),
-                  interestName[signed_interest::POS_SIG_VALUE].blockFromValue());
-
-    if (!sig.hasKeyLocator())
-      return false;
-
-    return verifySignature(nameBlock.value(),
-                           nameBlock.value_size() - interestName[signed_interest::POS_SIG_VALUE].size(),
-                           sig, key);
+    sig.setInfo(name[signed_interest::POS_SIG_INFO].blockFromValue());
+    sig.setValue(name[signed_interest::POS_SIG_VALUE].blockFromValue());
   }
-  catch (const Block::Error& e) {
+  catch (const tlv::Error&) {
     return false;
   }
+
+  if (!sig.hasKeyLocator())
+    return false;
+
+  const Block& nameWire = name.wireEncode();
+  return verifySignature(nameWire.value(),
+                         nameWire.value_size() - name[signed_interest::POS_SIG_VALUE].size(),
+                         sig, key);
 }
 
 bool