Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 0251aae8a271f9da49ef9acd6faeb760d6a8ee5b / . / src / detail / challenge-encoder.cpp
blob: 9f360426faa3d0aa6e9b59d841f3a1d26fadc15f [file] [log] [blame]
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento0dc02012021-11-23 22:55:03 -0500[diff] [blame]2/*
Tianyuan Yu13aac732022-03-03 20:59:54 -0800[diff] [blame]3 * Copyright (c) 2017-2022, Regents of the University of California.
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangb041d442020-10-22 21:57:11 -0700[diff] [blame]21#include "detail/challenge-encoder.hpp"
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]22
Davide Pesavento0d1d11c2022-04-11 22:11:34 -0400[diff] [blame]23namespace ndncert::challengetlv {
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]24
25Block
Davide Pesavento0d1d11c2022-04-11 22:11:34 -0400[diff] [blame]26encodeDataContent(ca::RequestState& request, const Name& issuedCertName)
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]27{
tylerliu1f480be2020-11-10 13:02:53 -0800[diff] [blame]28 Block response(tlv::EncryptedPayload);
Davide Pesavento0dc02012021-11-23 22:55:03 -0500[diff] [blame]29 response.push_back(ndn::makeNonNegativeIntegerBlock(tlv::Status, static_cast<uint64_t>(request.status)));
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]30 if (request.challengeState) {
Davide Pesavento0dc02012021-11-23 22:55:03 -0500[diff] [blame]31 response.push_back(ndn::makeStringBlock(tlv::ChallengeStatus, request.challengeState->challengeStatus));
32 response.push_back(ndn::makeNonNegativeIntegerBlock(tlv::RemainingTries,
33 request.challengeState->remainingTries));
34 response.push_back(ndn::makeNonNegativeIntegerBlock(tlv::RemainingTime,
35 request.challengeState->remainingTime.count()));
tylerliuf51e3162020-12-20 19:22:59 -0800[diff] [blame]36 if (request.challengeState->challengeStatus == "need-proof") {
Davide Pesavento0dc02012021-11-23 22:55:03 -0500[diff] [blame]37 response.push_back(ndn::makeStringBlock(tlv::ParameterKey, "nonce"));
38 auto nonce = ndn::fromHex(request.challengeState->secrets.get("nonce", ""));
Davide Pesavento6f1a2ab2022-03-17 03:57:21 -0400[diff] [blame]39 response.push_back(ndn::makeBinaryBlock(tlv::ParameterValue, *nonce));
tylerliuf51e3162020-12-20 19:22:59 -0800[diff] [blame]40 }
tylerliuab9cba22020-10-09 00:13:46 -0700[diff] [blame]41 }
tylerliubb630362020-11-10 11:31:35 -0800[diff] [blame]42 if (!issuedCertName.empty()) {
43 response.push_back(makeNestedBlock(tlv::IssuedCertName, issuedCertName));
Tianyuan Yu60775552022-03-07 17:10:10 -0800[diff] [blame]44 response.push_back(makeNestedBlock(ndn::tlv::ForwardingHint, Name(request.caPrefix).append("CA")));
Zhiyi Zhanga2db7192020-10-30 09:08:19 -0700[diff] [blame]45 }
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]46 response.encode();
Davide Pesavento0dc02012021-11-23 22:55:03 -0500[diff] [blame]47
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]48 return encodeBlockWithAesGcm128(ndn::tlv::Content, request.encryptionKey.data(),
Zhiyi Zhang4c259db2020-10-30 09:36:01 -0700[diff] [blame]49 response.value(), response.value_size(),
Zhiyi Zhang4f1c0102020-12-21 15:08:09 -0800[diff] [blame]50 request.requestId.data(), request.requestId.size(),
51 request.encryptionIv);
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]52}
53
Zhiyi Zhangf2306f72020-10-09 11:26:05 -0700[diff] [blame]54void
Davide Pesavento0d1d11c2022-04-11 22:11:34 -0400[diff] [blame]55decodeDataContent(const Block& contentBlock, requester::Request& state)
Zhiyi Zhangf2306f72020-10-09 11:26:05 -0700[diff] [blame]56{
Zhiyi Zhang6499edd2021-02-17 22:37:21 -0800[diff] [blame]57 auto result = decodeBlockWithAesGcm128(contentBlock, state.m_aesKey.data(),
58 state.m_requestId.data(), state.m_requestId.size(),
Zhiyi Zhang3b9a5032021-02-18 11:15:09 -0800[diff] [blame]59 state.m_decryptionIv, state.m_encryptionIv);
Davide Pesavento6f1a2ab2022-03-17 03:57:21 -0400[diff] [blame]60 auto data = ndn::makeBinaryBlock(tlv::EncryptedPayload, result);
Zhiyi Zhangf2306f72020-10-09 11:26:05 -0700[diff] [blame]61 data.parse();
Davide Pesavento0dc02012021-11-23 22:55:03 -0500[diff] [blame]62
Tianyuan Yu13aac732022-03-03 20:59:54 -0800[diff] [blame]63 int numStatus = 0;
64 bool lookingForNonce = false;
65 for (const auto &item : data.elements()) {
66 if (!lookingForNonce) {
67 switch (item.type()) {
68 case tlv::Status:
69 state.m_status = statusFromBlock(data.get(tlv::Status));
70 numStatus++;
71 break;
72 case tlv::ChallengeStatus:
73 state.m_challengeStatus = readString(item);
74 break;
75 case tlv::RemainingTries:
76 state.m_remainingTries = readNonNegativeInteger(item);
77 break;
78 case tlv::RemainingTime:
79 state.m_freshBefore = time::system_clock::now() +
80 time::seconds(readNonNegativeInteger(item));
81 break;
82 case tlv::IssuedCertName:
83 state.m_issuedCertName = Name(item.blockFromValue());
84 break;
Tianyuan Yu60775552022-03-07 17:10:10 -0800[diff] [blame]85 case ndn::tlv::ForwardingHint:
86 state.m_forwardingHint = Name(item.blockFromValue());
87 break;
Tianyuan Yu13aac732022-03-03 20:59:54 -0800[diff] [blame]88 case tlv::ParameterKey:
89 if (readString(item) == "nonce") {
90 lookingForNonce = true;
91 }
92 else {
93 NDN_THROW(std::runtime_error("Unknown Parameter: " + readString(item)));
94 }
95 break;
96 default:
97 if (ndn::tlv::isCriticalType(item.type())) {
98 NDN_THROW(std::runtime_error("Unrecognized TLV Type: " + std::to_string(item.type())));
99 }
100 else {
101 //ignore
102 }
103 break;
104 }
105 }
106 else {
107 if (item.type() == tlv::ParameterValue) {
108 lookingForNonce = false;
109 if (item.value_size() != 16) {
110 NDN_THROW(std::runtime_error("Wrong nonce length"));
111 }
112 memcpy(state.m_nonce.data(), item.value(), 16);
113 }
114 else {
tylerliuf51e3162020-12-20 19:22:59 -0800[diff] [blame]115 NDN_THROW(std::runtime_error("Parameter Key found, but no value found"));
Tianyuan Yu13aac732022-03-03 20:59:54 -0800[diff] [blame]116 }
tylerliuf51e3162020-12-20 19:22:59 -0800[diff] [blame]117 }
Tianyuan Yu13aac732022-03-03 20:59:54 -0800[diff] [blame]118 }
119 if (numStatus != 1) {
120 NDN_THROW(std::runtime_error("number of status block is not equal to 1; there are " +
121 std::to_string(numStatus) + " status blocks"));
tylerliuf51e3162020-12-20 19:22:59 -0800[diff] [blame]122 }
tylerliu0790bdb2020-10-02 00:50:51 -0700[diff] [blame]123}
124
Davide Pesavento0d1d11c2022-04-11 22:11:34 -0400[diff] [blame]125} // namespace ndncert::challengetlv