| Zhiyi Zhang | 3f20f95 | 2020-11-19 19:26:43 -0800 | [diff] [blame^] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
| 2 | /** |
| 3 | * Copyright (c) 2017-2020, Regents of the University of California. |
| 4 | * |
| 5 | * This file is part of ndncert, a certificate management system based on NDN. |
| 6 | * |
| 7 | * ndncert is free software: you can redistribute it and/or modify it under the terms |
| 8 | * of the GNU General Public License as published by the Free Software Foundation, either |
| 9 | * version 3 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY |
| 12 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 13 | * PARTICULAR PURPOSE. See the GNU General Public License for more details. |
| 14 | * |
| 15 | * You should have received copies of the GNU General Public License along with |
| 16 | * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>. |
| 17 | * |
| 18 | * See AUTHORS.md for complete list of ndncert authors and contributors. |
| 19 | */ |
| 20 | |
| 21 | #include "detail/ca-profile.hpp" |
| 22 | #include "identity-challenge/challenge-module.hpp" |
| 23 | #include "name-assignment/assignment-func.hpp" |
| 24 | #include <ndn-cxx/util/io.hpp> |
| 25 | #include <boost/filesystem.hpp> |
| 26 | |
| 27 | namespace ndn { |
| 28 | namespace ndncert { |
| 29 | |
| 30 | void |
| 31 | CaProfile::parse(const JsonSection& configJson) |
| 32 | { |
| 33 | // CA prefix |
| 34 | m_caPrefix = Name(configJson.get(CONFIG_CA_PREFIX, "")); |
| 35 | if (m_caPrefix.empty()) { |
| 36 | NDN_THROW(std::runtime_error("Cannot parse ca-prefix from the config file")); |
| 37 | } |
| 38 | // CA info |
| 39 | m_caInfo = configJson.get(CONFIG_CA_INFO, ""); |
| 40 | // CA max validity period |
| 41 | m_maxValidityPeriod = time::seconds(configJson.get(CONFIG_MAX_VALIDITY_PERIOD, 86400)); |
| 42 | // CA max suffix length |
| 43 | m_maxSuffixLength = nullopt; |
| 44 | auto maxSuffixLength = configJson.get_optional<size_t>(CONFIG_MAX_SUFFIX_LENGTH); |
| 45 | if (maxSuffixLength) { |
| 46 | m_maxSuffixLength = *maxSuffixLength; |
| 47 | } |
| 48 | // probe parameter keys |
| 49 | m_probeParameterKeys.clear(); |
| 50 | auto probeParametersJson = configJson.get_child_optional(CONFIG_PROBE_PARAMETERS); |
| 51 | if (probeParametersJson) { |
| 52 | for (const auto& item : *probeParametersJson) { |
| 53 | auto probeParameter = item.second.get(CONFIG_PROBE_PARAMETER, ""); |
| 54 | probeParameter = boost::algorithm::to_lower_copy(probeParameter); |
| 55 | if (probeParameter == "") { |
| 56 | NDN_THROW(std::runtime_error("Probe parameter key cannot be empty.")); |
| 57 | } |
| 58 | m_probeParameterKeys.push_back(probeParameter); |
| 59 | } |
| 60 | } |
| 61 | // supported challenges |
| 62 | m_supportedChallenges.clear(); |
| 63 | auto challengeListJson = configJson.get_child_optional(CONFIG_SUPPORTED_CHALLENGES); |
| 64 | if (challengeListJson) { |
| 65 | for (const auto& item : *challengeListJson) { |
| 66 | auto challengeType = item.second.get(CONFIG_CHALLENGE, ""); |
| 67 | challengeType = boost::algorithm::to_lower_copy(challengeType); |
| 68 | if (challengeType == "") { |
| 69 | NDN_THROW(std::runtime_error("Challenge type canont be empty.")); |
| 70 | } |
| 71 | if (!ChallengeModule::isChallengeSupported(challengeType)) { |
| 72 | NDN_THROW(std::runtime_error("Challenge " + challengeType + " is not supported.")); |
| 73 | } |
| 74 | m_supportedChallenges.push_back(challengeType); |
| 75 | } |
| 76 | } |
| 77 | // anchor certificate |
| 78 | m_cert = nullptr; |
| 79 | auto certificateStr = configJson.get(CONFIG_CERTIFICATE, ""); |
| 80 | if (certificateStr != "") { |
| 81 | std::istringstream ss(certificateStr); |
| 82 | m_cert = io::load<security::Certificate>(ss); |
| 83 | } |
| 84 | } |
| 85 | |
| 86 | JsonSection |
| 87 | CaProfile::toJson() const |
| 88 | { |
| 89 | JsonSection caItem; |
| 90 | caItem.put(CONFIG_CA_PREFIX, m_caPrefix.toUri()); |
| 91 | caItem.put(CONFIG_CA_INFO, m_caInfo); |
| 92 | caItem.put(CONFIG_MAX_VALIDITY_PERIOD, m_maxValidityPeriod.count()); |
| 93 | if (m_maxSuffixLength) { |
| 94 | caItem.put(CONFIG_MAX_SUFFIX_LENGTH, *m_maxSuffixLength); |
| 95 | } |
| 96 | if (!m_probeParameterKeys.empty()) { |
| 97 | JsonSection probeParametersJson; |
| 98 | for (const auto& key : m_probeParameterKeys) { |
| 99 | JsonSection keyJson; |
| 100 | keyJson.put(CONFIG_PROBE_PARAMETER, key); |
| 101 | probeParametersJson.push_back(std::make_pair("", keyJson)); |
| 102 | } |
| 103 | caItem.add_child("", probeParametersJson); |
| 104 | } |
| 105 | if (!m_supportedChallenges.empty()) { |
| 106 | JsonSection challengeListJson; |
| 107 | for (const auto& challenge : m_supportedChallenges) { |
| 108 | JsonSection challengeJson; |
| 109 | challengeJson.put(CONFIG_CHALLENGE, challenge); |
| 110 | challengeListJson.push_back(std::make_pair("", challengeJson)); |
| 111 | } |
| 112 | caItem.add_child("", challengeListJson); |
| 113 | } |
| 114 | if (m_cert != nullptr) { |
| 115 | std::stringstream ss; |
| 116 | io::save(*m_cert, ss); |
| 117 | caItem.put("certificate", ss.str()); |
| 118 | } |
| 119 | return caItem; |
| 120 | } |
| 121 | |
| 122 | } // namespace ndncert |
| 123 | } // namespace ndn |