security: Changing Verifier::verifySignature method to be more generalized, so that users can avoid explicit exception processing
Change-Id: I61a7d6b5a4f38626be06bfb43a3e2e49ca749d23
diff --git a/include/ndn-cpp/security/verifier.hpp b/include/ndn-cpp/security/verifier.hpp
index 0682927..537e74d 100644
--- a/include/ndn-cpp/security/verifier.hpp
+++ b/include/ndn-cpp/security/verifier.hpp
@@ -68,9 +68,17 @@
/*****************************************
* verifySignature method set *
*****************************************/
+ static bool
+ verifySignature(const Data &data, const Signature &sig, const PublicKey &publicKey);
+
+ static bool
+ verifySignature(const Buffer &data, const Signature &sig, const PublicKey &publicKey);
+
static bool
verifySignature(const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& publicKey);
+ static bool
+ verifySignature(const Buffer &data, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
public:
static const ptr_lib::shared_ptr<PolicyManager> DefaultPolicyManager;
diff --git a/src/security/verifier.cpp b/src/security/verifier.cpp
index 67a1f33..a2ba790 100644
--- a/src/security/verifier.cpp
+++ b/src/security/verifier.cpp
@@ -115,6 +115,52 @@
}
bool
+Verifier::verifySignature(const Data& data, const Signature& sig, const PublicKey& key)
+{
+ try{
+ switch(sig.getType()){
+ case Signature::Sha256WithRsa:
+ {
+ SignatureSha256WithRsa sigSha256Rsa(sig);
+ return verifySignature(data, sigSha256Rsa, key);
+ }
+ default:
+ {
+ _LOG_DEBUG("verifySignature: Unknown signature type: " << sig.getType());
+ return false;
+ }
+ }
+ }catch(Signature::Error &e){
+ _LOG_DEBUG("verifySignature: " << e.what());
+ return false;
+ }
+ return false;
+}
+
+bool
+Verifier::verifySignature(const Buffer &data, const Signature &sig, const PublicKey &key)
+{
+ try{
+ switch(sig.getType()){
+ case Signature::Sha256WithRsa:
+ {
+ SignatureSha256WithRsa sigSha256Rsa(sig);
+ return verifySignature(data, sigSha256Rsa, key);
+ }
+ default:
+ {
+ _LOG_DEBUG("verifySignature: Unknown signature type: " << sig.getType());
+ return false;
+ }
+ }
+ }catch(Signature::Error &e){
+ _LOG_DEBUG("verifySignature: " << e.what());
+ return false;
+ }
+ return false;
+}
+
+bool
Verifier::verifySignature(const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& key)
{
using namespace CryptoPP;
@@ -136,4 +182,26 @@
return result;
}
+bool
+Verifier::verifySignature(const Buffer& data, const SignatureSha256WithRsa& sig, const PublicKey& key)
+{
+ using namespace CryptoPP;
+
+ bool result = false;
+
+ RSA::PublicKey publicKey;
+ ByteQueue queue;
+
+ queue.Put(reinterpret_cast<const byte*>(key.get().buf()), key.get().size());
+ publicKey.Load(queue);
+
+ RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
+ result = verifier.VerifyMessage(data.buf(), data.size(),
+ sig.getValue().value(), sig.getValue().value_size());
+
+ _LOG_DEBUG("Signature verified? " << data.getName().toUri() << " " << boolalpha << result);
+
+ return result;
+}
+
}