| tylerliu | 729212e | 2020-09-26 14:31:25 -0700 | [diff] [blame^] | 1 | /** |
| 2 | * Copyright (c) 2017-2020, Regents of the University of California. |
| 3 | * |
| 4 | * This file is part of ndncert, a certificate management system based on NDN. |
| 5 | * |
| 6 | * ndncert is free software: you can redistribute it and/or modify it under the terms |
| 7 | * of the GNU General Public License as published by the Free Software Foundation, either |
| 8 | * version 3 of the License, or (at your option) any later version. |
| 9 | * |
| 10 | * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY |
| 11 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 12 | * PARTICULAR PURPOSE. See the GNU General Public License for more details. |
| 13 | * |
| 14 | * You should have received copies of the GNU General Public License along with |
| 15 | * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>. |
| 16 | * |
| 17 | * See AUTHORS.md for complete list of ndncert authors and contributors. |
| 18 | */ |
| 19 | |
| 20 | #ifndef NDNCERT_CHALLENGE_PRIVATE_KEY_HPP |
| 21 | #define NDNCERT_CHALLENGE_PRIVATE_KEY_HPP |
| 22 | |
| 23 | #include "../challenge-module.hpp" |
| 24 | |
| 25 | namespace ndn { |
| 26 | namespace ndncert { |
| 27 | |
| 28 | /** |
| 29 | * @brief Private Key based challenge (for renewal and revocation) |
| 30 | * |
| 31 | * Once the requester could proof his/her possession of the private key corresponds to |
| 32 | * the current CA's previous issued certificate, the requester could finish the challenge. |
| 33 | * |
| 34 | * The requester needs to provide the proof of the possession the private for the certificate |
| 35 | * for the previous cerificate. The challenge require the requester to a BASE64 Data packet |
| 36 | * signed by the credential pub key and whose content is the request id. |
| 37 | * |
| 38 | * The main process of this challenge module is: |
| 39 | * 1. The requester sign a Data packet which content is the request id. |
| 40 | * 2. The challenge module will verify the signature of the credential. |
| 41 | * |
| 42 | * Failure info when application fails: |
| 43 | * FAILURE_INVALID_CREDENTIAL: When the signature cannot be validated. |
| 44 | * FAILURE_INVALID_FORMAT: When the credential format is wrong. |
| 45 | */ |
| 46 | class ChallengePrivateKey : public ChallengeModule |
| 47 | { |
| 48 | public: |
| 49 | ChallengePrivateKey(); |
| 50 | |
| 51 | // For CA |
| 52 | void |
| 53 | handleChallengeRequest(const Block& params, CertificateRequest& request) override; |
| 54 | |
| 55 | // For Client |
| 56 | JsonSection |
| 57 | getRequirementForChallenge(int status, const std::string& challengeStatus) override; |
| 58 | |
| 59 | JsonSection |
| 60 | genChallengeRequestJson(int status, const std::string& challengeStatus, const JsonSection& params) override; |
| 61 | |
| 62 | Block |
| 63 | genChallengeRequestTLV(int status, const std::string& challengeStatus, const JsonSection& params) override; |
| 64 | |
| 65 | PUBLIC_WITH_TESTS_ELSE_PRIVATE: |
| 66 | static const std::string FAILURE_INVALID_REQUEST_TYPE; |
| 67 | static const std::string FAILURE_INVALID_CREDENTIAL; |
| 68 | static const std::string FAILURE_INVALID_FORMAT_SELF_SIGNED; |
| 69 | static const std::string JSON_PROOF_OF_PRIVATE_KEY; |
| 70 | }; |
| 71 | |
| 72 | } // namespace ndncert |
| 73 | } // namespace ndn |
| 74 | |
| 75 | #endif // NDNCERT_CHALLENGE_PRIVATE_KEY_HPP |