blob: 2793b697b4dec57cb45d99598c8cf5ed6bcd563a [file] [log] [blame]
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -08001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
6 * See COPYING for copyright and distribution information.
7 */
8
Alexander Afanasyev44402902014-01-06 00:08:54 -08009#ifdef TEMPRORARILY_DISABLED
10
Yingdi Yu4f324632014-01-15 18:10:03 -080011#include "../c/util/crypto.h"
Alexander Afanasyev09c613f2014-01-29 00:23:58 -080012#include "security/identity-storage.hpp"
13#include "security/sec-policy-self-verify.hpp"
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080014
15using namespace std;
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080016
17namespace ndn {
18
Yingdi Yu4f324632014-01-15 18:10:03 -080019SecPolicySelfVerify::~SecPolicySelfVerify()
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080020{
21}
22
Jeff Thompsonce115762013-12-18 14:59:56 -080023ptr_lib::shared_ptr<ValidationRequest>
Yingdi Yu4f324632014-01-15 18:10:03 -080024SecPolicySelfVerify::checkVerificationPolicy
Jeff Thompsonce115762013-12-18 14:59:56 -080025 (const ptr_lib::shared_ptr<Data>& data, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed)
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080026{
Jeff Thompson36fe1bc2013-12-13 16:03:59 -080027 // Cast to const Data* so that we use the const version of getSignature() and don't reset the default encoding.
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080028 const Sha256WithRsaSignature *signature = dynamic_cast<const Sha256WithRsaSignature*>(((const Data*)data.get())->getSignature());
29 if (!signature)
Yingdi Yu4f324632014-01-15 18:10:03 -080030 throw SecurityException("SecPolicySelfVerify: Signature is not Sha256WithRsaSignature.");
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080031
32 if (signature->getKeyLocator().getType() == ndn_KeyLocatorType_KEY) {
33 // Use the public key DER directly.
34 if (verifySha256WithRsaSignature(*data, signature->getKeyLocator().getKeyData()))
35 onVerified(data);
36 else
37 onVerifyFailed(data);
38 }
39 else if (signature->getKeyLocator().getType() == ndn_KeyLocatorType_KEYNAME && identityStorage_) {
40 // Assume the key name is a certificate name.
41 Blob publicKeyDer = identityStorage_->getKey
42 (IdentityCertificate::certificateNameToPublicKeyName(signature->getKeyLocator().getKeyName()));
43 if (!publicKeyDer)
44 // Can't find the public key with the name.
45 onVerifyFailed(data);
46
47 if (verifySha256WithRsaSignature(*data, publicKeyDer))
48 onVerified(data);
49 else
50 onVerifyFailed(data);
51 }
52 else
53 // Can't find a key to verify.
54 onVerifyFailed(data);
55
56 // No more steps, so return a null ValidationRequest.
Jeff Thompsonce115762013-12-18 14:59:56 -080057 return ptr_lib::shared_ptr<ValidationRequest>();
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080058}
59
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080060}
Alexander Afanasyev44402902014-01-06 00:08:54 -080061
62#endif // TEMPORARILY_DISABLED