Fixed several ndncert-client bugs and use lower case Challenge ID
refs: #4962
Change-Id: Id10dcc15cb718d6a55f4657884b2c6be3f653867
diff --git a/src/ca-config.cpp b/src/ca-config.cpp
index b8b0d59..3165b2d 100644
--- a/src/ca-config.cpp
+++ b/src/ca-config.cpp
@@ -66,7 +66,7 @@
std::list<std::string> result;
auto it = section.begin();
for (; it != section.end(); it++) {
- result.push_back(it->second.get<std::string>("type"));
+ result.push_back(boost::algorithm::to_lower_copy(it->second.get<std::string>("type")));
}
return result;
}
diff --git a/src/ca-module.cpp b/src/ca-module.cpp
index 20761e0..89bf8a7 100644
--- a/src/ca-module.cpp
+++ b/src/ca-module.cpp
@@ -189,11 +189,9 @@
}
// generate salt for HKDF
auto saltInt = random::generateSecureWord64();
- uint8_t salt[sizeof(saltInt)];
- std::memcpy(salt, &saltInt, sizeof(saltInt));
// hkdf
hkdf(m_ecdh.context->sharedSecret, m_ecdh.context->sharedSecretLen,
- salt, sizeof(saltInt), m_aesKey, 32);
+ (uint8_t*)&saltInt, sizeof(saltInt), m_aesKey, sizeof(m_aesKey));
// parse certificate request
std::string certRequestStr = parameterJson.get(JSON_CLIENT_CERT_REQ, "");
@@ -319,7 +317,7 @@
// decrypt the parameters
Buffer paramJsonPayload;
try {
- paramJsonPayload = parseEncBlock(m_aesKey, 32,
+ paramJsonPayload = parseEncBlock(m_aesKey, sizeof(m_aesKey),
request.getApplicationParameters());
}
catch (const std::exception& e) {
@@ -403,7 +401,7 @@
std::stringstream ss2;
boost::property_tree::write_json(ss2, contentJson);
auto payload = ss2.str();
- auto contentBlock = genEncBlock(tlv::Content, m_aesKey, 32,
+ auto contentBlock = genEncBlock(tlv::Content, m_aesKey, sizeof(m_aesKey),
(const uint8_t*)payload.c_str(), payload.size());
result.setContent(contentBlock);
m_keyChain.sign(result, signingByIdentity(m_config.m_caName));
diff --git a/src/challenge-module/challenge-email.cpp b/src/challenge-module/challenge-email.cpp
index e475b24..b22ec93 100644
--- a/src/challenge-module/challenge-email.cpp
+++ b/src/challenge-module/challenge-email.cpp
@@ -28,7 +28,7 @@
_LOG_INIT(ndncert.ChallengeEmail);
-NDNCERT_REGISTER_CHALLENGE(ChallengeEmail, "Email");
+NDNCERT_REGISTER_CHALLENGE(ChallengeEmail, "email");
const std::string ChallengeEmail::NEED_CODE = "need-code";
const std::string ChallengeEmail::WRONG_CODE = "wrong-code";
@@ -39,7 +39,7 @@
ChallengeEmail::ChallengeEmail(const std::string& scriptPath,
const size_t& maxAttemptTimes,
const time::seconds secretLifetime)
- : ChallengeModule("Email")
+ : ChallengeModule("email")
, m_sendEmailScript(scriptPath)
, m_maxAttemptTimes(maxAttemptTimes)
, m_secretLifetime(secretLifetime)
diff --git a/src/challenge-module/challenge-pin.cpp b/src/challenge-module/challenge-pin.cpp
index 7de32f0..9534b21 100644
--- a/src/challenge-module/challenge-pin.cpp
+++ b/src/challenge-module/challenge-pin.cpp
@@ -27,14 +27,14 @@
_LOG_INIT(ndncert.challenge-pin);
-NDNCERT_REGISTER_CHALLENGE(ChallengePin, "PIN");
+NDNCERT_REGISTER_CHALLENGE(ChallengePin, "pin");
const std::string ChallengePin::NEED_CODE = "need-code";
const std::string ChallengePin::WRONG_CODE = "wrong-code";
const std::string ChallengePin::JSON_PIN_CODE = "pin-code";
ChallengePin::ChallengePin(const size_t& maxAttemptTimes, const time::seconds& secretLifetime)
- : ChallengeModule("PIN")
+ : ChallengeModule("pin")
, m_secretLifetime(secretLifetime)
, m_maxAttemptTimes(maxAttemptTimes)
{
diff --git a/src/client-module.cpp b/src/client-module.cpp
index 28e535b..12d835d 100644
--- a/src/client-module.cpp
+++ b/src/client-module.cpp
@@ -194,12 +194,11 @@
const auto& peerKeyBase64Str = contentJson.get<std::string>(JSON_CA_ECDH, "");
const auto& saltStr = contentJson.get<std::string>(JSON_CA_SALT, "");
uint64_t saltInt = std::stoull(saltStr);
- uint8_t salt[sizeof(saltInt)];
- std::memcpy(salt, &saltInt, sizeof(saltInt));
m_ecdh.deriveSecret(peerKeyBase64Str);
// HKDF
- hkdf(m_ecdh.context->sharedSecret, m_ecdh.context->sharedSecretLen, salt, sizeof(saltInt), m_aesKey, 32);
+ hkdf(m_ecdh.context->sharedSecret, m_ecdh.context->sharedSecretLen,
+ (uint8_t*)&saltInt, sizeof(saltInt), m_aesKey, sizeof(m_aesKey));
// update state
m_status = contentJson.get<int>(JSON_CA_STATUS);
@@ -228,7 +227,7 @@
std::stringstream ss;
boost::property_tree::write_json(ss, paramJson);
auto payload = ss.str();
- auto paramBlock = genEncBlock(tlv::ApplicationParameters, m_aesKey, 32,
+ auto paramBlock = genEncBlock(tlv::ApplicationParameters, m_aesKey, sizeof(m_aesKey),
(const uint8_t*)payload.c_str(), payload.size());
interest->setApplicationParameters(paramBlock);
@@ -243,7 +242,7 @@
_LOG_ERROR("Cannot verify data signature from " << m_ca.m_caName.toUri());
return;
}
- auto result = parseEncBlock(m_aesKey, 32, reply.getContent());
+ auto result = parseEncBlock(m_aesKey, sizeof(m_aesKey), reply.getContent());
std::string payload((const char*)result.data(), result.size());
std::istringstream ss(payload);
JsonSection contentJson;