Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 65ba932eb383c6eab5c06210559749fef91327dc / . / src / challenge-module / challenge-pin.hpp
blob: b3e9e2e7a0b4eae2b725bba37964a85718d04821 [file] [log] [blame]
Zhiyi Zhang65ba9322017-01-19 14:15:03 -0800[diff] [blame^]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
3 * Copyright (c) 2017, Regents of the University of California.
4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
21#ifndef NDNCERT_CHALLENGE_PIN_HPP
22#define NDNCERT_CHALLENGE_PIN_HPP
23
24#include "../challenge-module.hpp"
25#include <ndn-cxx/util/time.hpp>
26
27namespace ndn {
28namespace ndncert {
29
30/**
31 * @brief Provide PIN code based challenge
32 *
33 * @sa https://github.com/named-data/ndncert/wiki/NDN-Certificate-Management-Protocol
34 *
35 * The main process of this challenge module is:
36 * 1. End entity provides empty string. The first POLL is only for selection.
37 * 2. The challenge module will generate a PIN code in ChallengeDefinedField.
38 * 3. End entity provides the verification code from some way to challenge module.
39 *
40 * There are four specific status defined in this challenge:
41 * NEED_CODE: When selection is made.
42 * WRONG_CODE: Get wrong verification code but still with secret lifetime and max retry times.
43 * FAILURE_TIMEOUT: When secret is out-dated.
44 * FAILURE_MAXRETRY: When requester tries too many times.
45 */
46class ChallengePin : public ChallengeModule
47{
48public:
49 ChallengePin(const size_t& maxAttemptTimes = 3,
50 const time::seconds& secretLifetime = time::seconds(3600));
51
52PUBLIC_WITH_TESTS_ELSE_PROTECTED:
53 JsonSection
54 processSelectInterest(const Interest& interest, CertificateRequest& request) override;
55
56 JsonSection
57 processValidateInterest(const Interest& interest, CertificateRequest& request) override;
58
59 std::list<std::string>
60 getSelectRequirements() override;
61
62 std::list<std::string>
63 getValidateRequirements(const std::string& status) override;
64
65 JsonSection
66 genChallengeInfo(const std::string& interestType, const std::string& status,
67 const std::list<std::string>& paramList) override;
68
69PUBLIC_WITH_TESTS_ELSE_PRIVATE:
70 static std::tuple<time::system_clock::TimePoint, std::string, int>
71 parseStoredSecrets(const JsonSection& storedSecret);
72
73 static JsonSection
74 generateStoredSecrets(const time::system_clock::TimePoint& tp, const std::string& secretCode,
75 int attempTimes);
76
77 static std::string
78 generateSecureSecretCode();
79
80PUBLIC_WITH_TESTS_ELSE_PRIVATE:
81 static const std::string NEED_CODE;
82 static const std::string WRONG_CODE;
83 static const std::string FAILURE_TIMEOUT;
84 static const std::string FAILURE_MAXRETRY;
85
86 static const std::string JSON_CODE_TP;
87 static const std::string JSON_PIN_CODE;
88 static const std::string JSON_ATTEMPT_TIMES;
89
90private:
91 time::seconds m_secretLifetime;
92 int m_maxAttemptTimes;
93};
94
95} // namespace ndncert
96} // namespace ndn
97
98#endif // NDNCERT_CHALLENGE_PIN_HPP