Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / d61b4a857cf6f59e2834def81f28a87d1ceda64e / . / src / identity-challenge / challenge-email.cpp
blob: 39dd16288a72101224ff8cba5fa4ec3412b086e5 [file] [log] [blame]
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Zhiyi Zhang74c61142020-10-07 21:00:49 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
21#include "challenge-email.hpp"
Zhiyi Zhang523f0c22020-09-29 14:19:20 -0700[diff] [blame]22#include <regex>
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]23
24namespace ndn {
25namespace ndncert {
26
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]27NDN_LOG_INIT(ndncert.challenge.email);
Zhiyi Zhang36706832019-07-04 21:33:03 -0700[diff] [blame]28NDNCERT_REGISTER_CHALLENGE(ChallengeEmail, "email");
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]29
30const std::string ChallengeEmail::NEED_CODE = "need-code";
31const std::string ChallengeEmail::WRONG_CODE = "wrong-code";
Zhiyi Zhangead9f002020-10-03 15:42:52 -0700[diff] [blame]32const std::string ChallengeEmail::INVALID_EMAIL = "invalid-email";
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]33const std::string ChallengeEmail::PARAMETER_KEY_EMAIL = "email";
34const std::string ChallengeEmail::PARAMETER_KEY_CODE = "code";
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]35
36ChallengeEmail::ChallengeEmail(const std::string& scriptPath,
37 const size_t& maxAttemptTimes,
38 const time::seconds secretLifetime)
Zhiyi Zhangead9f002020-10-03 15:42:52 -0700[diff] [blame]39 : ChallengeModule("email", maxAttemptTimes, secretLifetime)
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]40 , m_sendEmailScript(scriptPath)
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]41{
42}
43
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]44// For CA
Zhiyi Zhangaafc55e2020-09-28 17:54:48 -0700[diff] [blame]45std::tuple<ErrorCode, std::string>
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]46ChallengeEmail::handleChallengeRequest(const Block& params, CaState& request)
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]47{
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]48 params.parse();
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]49 auto currentTime = time::system_clock::now();
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]50 if (request.m_status == Status::BEFORE_CHALLENGE) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]51 // for the first time, init the challenge
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]52 std::string emailAddress = readString(params.get(tlv_parameter_value));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]53 if (!isValidEmailAddress(emailAddress)) {
Zhiyi Zhangead9f002020-10-03 15:42:52 -0700[diff] [blame]54 return returnWithNewChallengeStatus(request, INVALID_EMAIL, JsonSection(), m_maxAttemptTimes - 1, m_secretLifetime);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]55 }
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]56 auto lastComponentRequested = readString(request.m_cert.getIdentity().get(-1));
57 if (lastComponentRequested != emailAddress) {
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]58 NDN_LOG_TRACE("Email and requested name do not match. Email " << emailAddress << "requested last component " << lastComponentRequested);
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]59 }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]60 std::string emailCode = generateSecretCode();
61 JsonSection secretJson;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]62 secretJson.add(PARAMETER_KEY_CODE, emailCode);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]63 // send out the email
64 sendEmail(emailAddress, emailCode, request);
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]65 NDN_LOG_TRACE("Secret for request " << request.m_requestId << " : " << emailCode);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]66 return returnWithNewChallengeStatus(request, NEED_CODE, std::move(secretJson), m_maxAttemptTimes, m_secretLifetime);
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]67 }
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]68 if (request.m_challengeState) {
69 if (request.m_challengeState->m_challengeStatus == NEED_CODE ||
70 request.m_challengeState->m_challengeStatus == WRONG_CODE) {
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]71 NDN_LOG_TRACE("Challenge Interest arrives. Challenge Status: " << request.m_challengeState->m_challengeStatus);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]72 // the incoming interest should bring the pin code
73 std::string givenCode = readString(params.get(tlv_parameter_value));
74 auto secret = request.m_challengeState->m_secrets;
75 // check if run out of time
76 if (currentTime - request.m_challengeState->m_timestamp >= m_secretLifetime) {
77 return returnWithError(request, ErrorCode::OUT_OF_TIME, "Secret expired.");
78 }
79 // check if provided secret is correct
80 if (givenCode == secret.get<std::string>(PARAMETER_KEY_CODE)) {
81 // the code is correct
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]82 NDN_LOG_TRACE("Correct secret code. Challenge succeeded.");
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]83 return returnWithSuccess(request);
84 }
85 // otherwise, check remaining attempt times
86 if (request.m_challengeState->m_remainingTries > 1) {
87 auto remainTime = m_secretLifetime - (currentTime - request.m_challengeState->m_timestamp);
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]88 NDN_LOG_TRACE("Wrong secret code provided. Remaining Tries - 1.");
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]89 return returnWithNewChallengeStatus(request, WRONG_CODE, std::move(secret),
90 request.m_challengeState->m_remainingTries - 1,
91 time::duration_cast<time::seconds>(remainTime));
92 }
93 else {
94 // run out times
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]95 NDN_LOG_TRACE("Wrong secret code provided. Ran out tires. Challenge failed.");
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]96 return returnWithError(request, ErrorCode::OUT_OF_TRIES, "Ran out tires.");
97 }
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]98 }
99 }
Zhiyi Zhangaafc55e2020-09-28 17:54:48 -0700[diff] [blame]100 return returnWithError(request, ErrorCode::INVALID_PARAMETER, "Unexpected status or challenge status");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]101}
102
103// For Client
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]104std::vector<std::tuple<std::string, std::string>>
105ChallengeEmail::getRequestedParameterList(Status status, const std::string& challengeStatus)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]106{
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]107 std::vector<std::tuple<std::string, std::string>> result;
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]108 if (status == Status::BEFORE_CHALLENGE && challengeStatus == "") {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]109 result.push_back(std::make_tuple(PARAMETER_KEY_EMAIL, "Please input your email address"));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]110 }
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]111 else if (status == Status::CHALLENGE && challengeStatus == NEED_CODE) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]112 result.push_back(std::make_tuple(PARAMETER_KEY_CODE, "Please input your verification code"));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]113 }
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]114 else if (status == Status::CHALLENGE && challengeStatus == WRONG_CODE) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]115 result.push_back(std::make_tuple(PARAMETER_KEY_CODE, "Incorrect code, please try again"));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]116 }
117 else {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]118 BOOST_THROW_EXCEPTION(std::runtime_error("Unexpected status or challenge status."));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]119 }
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]120 return result;
121}
122
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]123Block
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]124ChallengeEmail::genChallengeRequestTLV(Status status, const std::string& challengeStatus, std::vector<std::tuple<std::string, std::string>>&& params)
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]125{
126 Block request = makeEmptyBlock(tlv_encrypted_payload);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]127 if (status == Status::BEFORE_CHALLENGE) {
128 if (params.size() != 1 || std::get<0>(params[0]) != PARAMETER_KEY_EMAIL) {
129 BOOST_THROW_EXCEPTION(std::runtime_error("Wrong parameter provided."));
130 }
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]131 request.push_back(makeStringBlock(tlv_selected_challenge, CHALLENGE_TYPE));
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]132 request.push_back(makeStringBlock(tlv_parameter_key, PARAMETER_KEY_EMAIL));
133 request.push_back(makeStringBlock(tlv_parameter_value, std::get<1>(params[0])));
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]134 }
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]135 else if (status == Status::CHALLENGE && (challengeStatus == NEED_CODE || challengeStatus == WRONG_CODE)) {
136 if (params.size() != 1 || std::get<0>(params[0]) != PARAMETER_KEY_CODE) {
137 BOOST_THROW_EXCEPTION(std::runtime_error("Wrong parameter provided."));
138 }
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]139 request.push_back(makeStringBlock(tlv_selected_challenge, CHALLENGE_TYPE));
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]140 request.push_back(makeStringBlock(tlv_parameter_key, PARAMETER_KEY_CODE));
141 request.push_back(makeStringBlock(tlv_parameter_value, std::get<1>(params[0])));
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]142 }
143 else {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]144 BOOST_THROW_EXCEPTION(std::runtime_error("Unexpected status or challenge status."));
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]145 }
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]146 request.encode();
Suyong Won19fba4d2020-05-09 13:39:46 -0700[diff] [blame]147 return request;
148}
149
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]150bool
151ChallengeEmail::isValidEmailAddress(const std::string& emailAddress)
152{
Zhiyi Zhang8ce677b2018-07-13 14:44:06 -0700[diff] [blame]153 const std::string pattern = R"_REGEX_((^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+.[a-zA-Z0-9\-\.]+$))_REGEX_";
154 static const std::regex emailPattern(pattern);
155 return std::regex_match(emailAddress, emailPattern);
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]156}
157
158void
Zhiyi Zhang576aad12017-10-03 15:41:53 -0700[diff] [blame]159ChallengeEmail::sendEmail(const std::string& emailAddress, const std::string& secret,
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]160 const CaState& request) const
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]161{
Zhiyi Zhang576aad12017-10-03 15:41:53 -0700[diff] [blame]162 std::string command = m_sendEmailScript;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]163 command += " \"" + emailAddress + "\" \"" + secret + "\" \"" + request.m_caPrefix.toUri() + "\" \"" + request.m_cert.getName().toUri() + "\"";
Zhiyi Zhang576aad12017-10-03 15:41:53 -0700[diff] [blame]164 int result = system(command.c_str());
165 if (result == -1) {
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]166 NDN_LOG_TRACE("EmailSending Script " + m_sendEmailScript + " fails.");
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]167 }
Zhiyi Zhangd61b4a82020-10-10 15:18:43 -0700[diff] [blame^]168 NDN_LOG_TRACE("EmailSending Script " + m_sendEmailScript +
Zhiyi Zhang576aad12017-10-03 15:41:53 -0700[diff] [blame]169 " was executed successfully with return value" + std::to_string(result) + ".");
Zhiyi Zhangdefa9592017-02-21 10:56:22 -0800[diff] [blame]170 return;
171}
172
Zhiyi Zhange4891b72020-10-10 15:11:57 -0700[diff] [blame]173} // namespace ndncert
174} // namespace ndn