Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 91e47cdbe72210a0b92810fe5e71be8e89f06c44 / . / src / client-module.cpp
blob: 9ae71c03046c40768d2cf68911f273bbd6f6367b [file] [log] [blame]
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]3 * Copyright (c) 2017-2019, Regents of the University of California.
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
21#include "client-module.hpp"
22#include "logging.hpp"
Zhiyi Zhanga9bda732017-05-20 22:58:55 -0700[diff] [blame]23#include "challenge-module.hpp"
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]24#include "crypto-support/enc-tlv.hpp"
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]25#include <ndn-cxx/util/io.hpp>
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]26#include <ndn-cxx/security/signing-helpers.hpp>
27#include <ndn-cxx/security/verification-helpers.hpp>
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]28#include <ndn-cxx/util/random.hpp>
29#include <ndn-cxx/security/transform/base64-encode.hpp>
30#include <ndn-cxx/security/transform/buffer-source.hpp>
31#include <ndn-cxx/security/transform/stream-sink.hpp>
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]32
33namespace ndn {
34namespace ndncert {
35
36_LOG_INIT(ndncert.client);
37
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]38ClientModule::ClientModule(security::v2::KeyChain& keyChain)
39 : m_keyChain(keyChain)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]40{
41}
42
Davide Pesavento08994782018-01-22 12:13:41 -0500[diff] [blame]43ClientModule::~ClientModule() = default;
44
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]45shared_ptr<Interest>
46ClientModule::generateProbeInfoInterest(const Name& caName)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]47{
48 Name interestName = caName;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]49 if (readString(caName.at(-1)) != "CA")
50 interestName.append("CA");
51 interestName.append("_PROBE").append("INFO");
52 auto interest = make_shared<Interest>(interestName);
53 interest->setMustBeFresh(true);
54 interest->setCanBePrefix(false);
55 return interest;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]56}
57
Zhiyi Zhangcaab5462019-10-18 13:41:02 -0700[diff] [blame]58bool
59ClientModule::verifyProbeInfoResponse(const Data& reply)
60{
61 // parse the ca item
62 auto contentJson = getJsonFromData(reply);
63 auto caItem = ClientConfig::extractCaItem(contentJson);
64
65 // verify the probe Data's sig
66 if (!security::verifySignature(reply, caItem.m_anchor)) {
67 _LOG_ERROR("Cannot verify data signature from " << m_ca.m_caName.toUri());
68 return false;
69 }
70 return true;
71}
72
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]73void
Zhiyi Zhangcaab5462019-10-18 13:41:02 -0700[diff] [blame]74ClientModule::addCaFromProbeInfoResponse(const Data& reply)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]75{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]76 // parse the ca item
77 auto contentJson = getJsonFromData(reply);
78 auto caItem = ClientConfig::extractCaItem(contentJson);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]79
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]80 // update the local config
81 bool findItem = false;
82 for (auto& item : m_config.m_caItems) {
83 if (item.m_caName == caItem.m_caName) {
84 findItem = true;
85 item = caItem;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]86 }
87 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]88 if (!findItem) {
89 m_config.m_caItems.push_back(caItem);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]90 }
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]91}
92
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]93shared_ptr<Interest>
94ClientModule::generateProbeInterest(const ClientCaItem& ca, const std::string& probeInfo)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]95{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]96 Name interestName = ca.m_caName;
97 interestName.append("CA").append("_PROBE");
98 auto interest = make_shared<Interest>(interestName);
99 interest->setMustBeFresh(true);
100 interest->setCanBePrefix(false);
Yufeng Zhang424d0362019-06-12 16:48:27 -0700[diff] [blame]101 auto paramJson = genProbeRequestJson(ca, probeInfo);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]102 interest->setApplicationParameters(paramFromJson(paramJson));
103
104 // update local state
105 m_ca = ca;
106 return interest;
107}
108
109void
110ClientModule::onProbeResponse(const Data& reply)
111{
112 if (!security::verifySignature(reply, m_ca.m_anchor)) {
113 _LOG_ERROR("Cannot verify data signature from " << m_ca.m_caName.toUri());
114 return;
115 }
116 auto contentJson = getJsonFromData(reply);
117
118 // read the available name and put it into the state
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]119 auto nameUri = contentJson.get(JSON_CA_NAME, "");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]120 if (nameUri != "") {
121 m_identityName = Name(nameUri);
122 }
Zhiyi Zhang781a5602019-06-26 19:05:04 -0700[diff] [blame]123 else {
124 NDN_LOG_TRACE("The JSON_CA_NAME is empty.");
125 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]126}
127
128shared_ptr<Interest>
129ClientModule::generateNewInterest(const time::system_clock::TimePoint& notBefore,
130 const time::system_clock::TimePoint& notAfter,
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]131 const Name& identityName, const shared_ptr<Data>& probeToken)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]132{
133 // Name requestedName = identityName;
134 if (!identityName.empty()) { // if identityName is not empty, find the corresponding CA
135 bool findCa = false;
136 for (const auto& caItem : m_config.m_caItems) {
137 if (caItem.m_caName.isPrefixOf(identityName)) {
138 m_ca = caItem;
139 findCa = true;
140 }
141 }
142 if (!findCa) { // if cannot find, cannot proceed
143 return nullptr;
144 }
145 m_identityName = identityName;
146 }
147 else { // if identityName is empty, check m_identityName or generate a random name
148 if (!m_identityName.empty()) {
149 // do nothing
150 }
151 else {
Zhiyi Zhang781a5602019-06-26 19:05:04 -0700[diff] [blame]152 NDN_LOG_TRACE("Randomly create a new name because m_identityName is empty and the param is empty.");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]153 auto id = std::to_string(random::generateSecureWord64());
154 m_identityName = m_ca.m_caName;
155 m_identityName.append(id);
156 }
157 }
158
159 // generate a newly key pair or use an existing key
Zhiyi Zhang10130782018-02-01 18:28:49 -0800[diff] [blame]160 const auto& pib = m_keyChain.getPib();
Zhiyi Zhang10130782018-02-01 18:28:49 -0800[diff] [blame]161 try {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]162 auto identity = pib.getIdentity(m_identityName);
163 m_key = m_keyChain.createKey(identity);
Zhiyi Zhang10130782018-02-01 18:28:49 -0800[diff] [blame]164 }
165 catch (const security::Pib::Error& e) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]166 auto identity = m_keyChain.createIdentity(m_identityName);
167 m_key = identity.getDefaultKey();
Zhiyi Zhang10130782018-02-01 18:28:49 -0800[diff] [blame]168 }
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]169
170 // generate certificate request
171 security::v2::Certificate certRequest;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]172 certRequest.setName(Name(m_key.getName()).append("cert-request").appendVersion());
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]173 certRequest.setContentType(tlv::ContentType_Key);
174 certRequest.setFreshnessPeriod(time::hours(24));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]175 certRequest.setContent(m_key.getPublicKey().data(), m_key.getPublicKey().size());
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]176 SignatureInfo signatureInfo;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]177 signatureInfo.setValidityPeriod(security::ValidityPeriod(notBefore, notAfter));
178 m_keyChain.sign(certRequest, signingByKey(m_key.getName()).setSignatureInfo(signatureInfo));
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]179
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]180 // generate Interest packet
181 Name interestName = m_ca.m_caName;
182 interestName.append("CA").append("_NEW");
183 auto interest = make_shared<Interest>(interestName);
184 interest->setMustBeFresh(true);
185 interest->setCanBePrefix(false);
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]186 interest->setApplicationParameters(paramFromJson(genNewRequestJson(m_ecdh.getBase64PubKey(), certRequest, probeToken)));
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]187
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]188 // sign the Interest packet
189 m_keyChain.sign(*interest, signingByKey(m_key.getName()));
190 return interest;
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]191}
192
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]193std::list<std::string>
194ClientModule::onNewResponse(const Data& reply)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]195{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]196 if (!security::verifySignature(reply, m_ca.m_anchor)) {
197 _LOG_ERROR("Cannot verify data signature from " << m_ca.m_caName.toUri());
198 return std::list<std::string>();
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]199 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]200 auto contentJson = getJsonFromData(reply);
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]201
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]202 // ECDH
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]203 const auto& peerKeyBase64Str = contentJson.get(JSON_CA_ECDH, "");
204 const auto& saltStr = contentJson.get(JSON_CA_SALT, "");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]205 uint64_t saltInt = std::stoull(saltStr);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]206 m_ecdh.deriveSecret(peerKeyBase64Str);
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]207
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]208 // HKDF
Zhiyi Zhang36706832019-07-04 21:33:03 -0700[diff] [blame]209 hkdf(m_ecdh.context->sharedSecret, m_ecdh.context->sharedSecretLen,
210 (uint8_t*)&saltInt, sizeof(saltInt), m_aesKey, sizeof(m_aesKey));
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]211
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]212 // update state
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]213 m_status = contentJson.get(JSON_CA_STATUS, 0);
214 m_requestId = contentJson.get(JSON_CA_REQUEST_ID, "");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]215
216 auto challengesJson = contentJson.get_child(JSON_CA_CHALLENGES);
217 m_challengeList.clear();
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]218 for (const auto& challengeJson : challengesJson) {
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]219 m_challengeList.push_back(challengeJson.second.get(JSON_CA_CHALLENGE_ID, ""));
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]220 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]221 return m_challengeList;
222}
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]223
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]224shared_ptr<Interest>
225ClientModule::generateChallengeInterest(const JsonSection& paramJson)
226{
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]227 m_challengeType = paramJson.get(JSON_CLIENT_SELECTED_CHALLENGE, "");
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]228
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]229 Name interestName = m_ca.m_caName;
230 interestName.append("CA").append("_CHALLENGE").append(m_requestId);
231 auto interest = make_shared<Interest>(interestName);
232 interest->setMustBeFresh(true);
233 interest->setCanBePrefix(false);
234
235 // encrypt the Interest parameters
236 std::stringstream ss;
237 boost::property_tree::write_json(ss, paramJson);
238 auto payload = ss.str();
Zhiyi Zhang36706832019-07-04 21:33:03 -0700[diff] [blame]239 auto paramBlock = genEncBlock(tlv::ApplicationParameters, m_aesKey, sizeof(m_aesKey),
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]240 (const uint8_t*)payload.c_str(), payload.size());
241 interest->setApplicationParameters(paramBlock);
242
243 m_keyChain.sign(*interest, signingByKey(m_key.getName()));
244 return interest;
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]245}
246
247void
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]248ClientModule::onChallengeResponse(const Data& reply)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]249{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]250 if (!security::verifySignature(reply, m_ca.m_anchor)) {
251 _LOG_ERROR("Cannot verify data signature from " << m_ca.m_caName.toUri());
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]252 return;
253 }
Zhiyi Zhang36706832019-07-04 21:33:03 -0700[diff] [blame]254 auto result = parseEncBlock(m_aesKey, sizeof(m_aesKey), reply.getContent());
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]255 std::string payload((const char*)result.data(), result.size());
256 std::istringstream ss(payload);
257 JsonSection contentJson;
258 boost::property_tree::json_parser::read_json(ss, contentJson);
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]259
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]260 // update state
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]261 m_status = contentJson.get(JSON_CA_STATUS, 0);
262 m_challengeStatus = contentJson.get(JSON_CHALLENGE_STATUS, "");
263 m_remainingTries = contentJson.get(JSON_CHALLENGE_REMAINING_TRIES, 0);
264 m_freshBefore = time::system_clock::now() + time::seconds(contentJson.get(JSON_CHALLENGE_REMAINING_TIME, 0));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]265}
Zhiyi Zhange30eb352017-04-13 15:26:14 -0700[diff] [blame]266
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]267shared_ptr<Interest>
268ClientModule::generateDownloadInterest()
269{
270 Name interestName = m_ca.m_caName;
271 interestName.append("CA").append("_DOWNLOAD").append(m_requestId);
272 auto interest = make_shared<Interest>(interestName);
273 interest->setMustBeFresh(true);
274 interest->setCanBePrefix(false);
275 return interest;
276}
Zhiyi Zhange30eb352017-04-13 15:26:14 -0700[diff] [blame]277
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]278shared_ptr<Interest>
279ClientModule::generateCertFetchInterest()
280{
281 Name interestName = m_identityName;
282 interestName.append("KEY").append(m_certId);
283 auto interest = make_shared<Interest>(interestName);
284 interest->setMustBeFresh(true);
285 interest->setCanBePrefix(false);
286 return interest;
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]287}
288
289void
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]290ClientModule::onDownloadResponse(const Data& reply)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]291{
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]292 try {
293 security::v2::Certificate cert(reply.getContent().blockFromValue());
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]294 m_keyChain.addCertificate(m_key, cert);
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]295 _LOG_TRACE("Got DOWNLOAD response and installed the cert " << cert.getName());
296 }
297 catch (const std::exception& e) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]298 _LOG_ERROR("Cannot add replied certificate into the keychain " << e.what());
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]299 return;
300 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]301 m_isCertInstalled = true;
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]302}
303
304void
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]305ClientModule::onCertFetchResponse(const Data& reply)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]306{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]307 onDownloadResponse(reply);
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]308}
309
310JsonSection
311ClientModule::getJsonFromData(const Data& data)
312{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]313 std::istringstream ss(encoding::readString(data.getContent()));
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]314 JsonSection json;
315 boost::property_tree::json_parser::read_json(ss, json);
316 return json;
317}
318
Zhiyi Zhang547c8512019-06-18 23:46:14 -0700[diff] [blame]319std::vector<std::string>
320ClientModule::parseProbeComponents(const std::string& probe)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]321{
Zhiyi Zhang547c8512019-06-18 23:46:14 -0700[diff] [blame]322 std::vector<std::string> components;
Yufeng Zhang424d0362019-06-12 16:48:27 -0700[diff] [blame]323 std::string delimiter = ":";
324 size_t last = 0;
325 size_t next = 0;
Zhiyi Zhang547c8512019-06-18 23:46:14 -0700[diff] [blame]326 while ((next = probe.find(delimiter, last)) != std::string::npos) {
327 components.push_back(probe.substr(last, next - last));
328 last = next + 1;
329 }
330 components.push_back(probe.substr(last));
331 return components;
332}
Yufeng Zhang424d0362019-06-12 16:48:27 -0700[diff] [blame]333
Zhiyi Zhang547c8512019-06-18 23:46:14 -0700[diff] [blame]334const JsonSection
335ClientModule::genProbeRequestJson(const ClientCaItem& ca, const std::string& probeInfo)
336{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]337 JsonSection root;
Zhiyi Zhang547c8512019-06-18 23:46:14 -0700[diff] [blame]338 std::vector<std::string> fields = parseProbeComponents(ca.m_probe);
339 std::vector<std::string> arguments = parseProbeComponents(probeInfo);;
Yufeng Zhang424d0362019-06-12 16:48:27 -0700[diff] [blame]340
341 if (arguments.size() != fields.size()) {
342 BOOST_THROW_EXCEPTION(Error("Error in genProbeRequestJson: argument list does not match field list in the config file."));
343 }
Yufeng Zhang424d0362019-06-12 16:48:27 -0700[diff] [blame]344 for (size_t i = 0; i < fields.size(); ++i) {
345 root.put(fields.at(i), arguments.at(i));
346 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]347 return root;
348}
349
350const JsonSection
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]351ClientModule::genNewRequestJson(const std::string& ecdhPub, const security::v2::Certificate& certRequest,
352 const shared_ptr<Data>& probeToken)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]353{
354 JsonSection root;
355 std::stringstream ss;
356 try {
357 security::transform::bufferSource(certRequest.wireEncode().wire(), certRequest.wireEncode().size())
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]358 >> security::transform::base64Encode(false)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]359 >> security::transform::streamSink(ss);
360 }
361 catch (const security::transform::Error& e) {
362 _LOG_ERROR("Cannot convert self-signed cert into BASE64 string " << e.what());
363 return root;
364 }
365 root.put(JSON_CLIENT_ECDH, ecdhPub);
366 root.put(JSON_CLIENT_CERT_REQ, ss.str());
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]367 if (probeToken != nullptr) {
368 // clear the stringstream
369 ss.str("");
370 ss.clear();
371 // transform the probe data into a base64 string
372 try {
373 security::transform::bufferSource(probeToken->wireEncode().wire(), probeToken->wireEncode().size())
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]374 >> security::transform::base64Encode(false)
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]375 >> security::transform::streamSink(ss);
376 }
377 catch (const security::transform::Error& e) {
378 _LOG_ERROR("Cannot convert self-signed cert into BASE64 string " << e.what());
379 return root;
380 }
381 // add the token into the JSON
382 root.put("probe-token", ss.str());
383 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]384 return root;
385}
386
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]387Block
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]388ClientModule::paramFromJson(const JsonSection& json)
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]389{
390 std::stringstream ss;
391 boost::property_tree::write_json(ss, json);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]392 return makeStringBlock(ndn::tlv::ApplicationParameters, ss.str());
Zhiyi Zhang23564c82017-03-01 10:22:22 -0800[diff] [blame]393}
394
395} // namespace ndncert
396} // namespace ndn