Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 23564c854d96abdaec056b8ed71f88f000e74819 / . / src / challenge-module / challenge-pin.hpp
blob: d6094c70b3574d03bd9aab94d2c4e4a5c5857794 [file] [log] [blame]
Zhiyi Zhang65ba9322017-01-19 14:15:03 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
3 * Copyright (c) 2017, Regents of the University of California.
4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
21#ifndef NDNCERT_CHALLENGE_PIN_HPP
22#define NDNCERT_CHALLENGE_PIN_HPP
23
24#include "../challenge-module.hpp"
25#include <ndn-cxx/util/time.hpp>
26
27namespace ndn {
28namespace ndncert {
29
30/**
31 * @brief Provide PIN code based challenge
32 *
33 * @sa https://github.com/named-data/ndncert/wiki/NDN-Certificate-Management-Protocol
34 *
35 * The main process of this challenge module is:
36 * 1. End entity provides empty string. The first POLL is only for selection.
37 * 2. The challenge module will generate a PIN code in ChallengeDefinedField.
38 * 3. End entity provides the verification code from some way to challenge module.
39 *
40 * There are four specific status defined in this challenge:
41 * NEED_CODE: When selection is made.
42 * WRONG_CODE: Get wrong verification code but still with secret lifetime and max retry times.
43 * FAILURE_TIMEOUT: When secret is out-dated.
44 * FAILURE_MAXRETRY: When requester tries too many times.
45 */
46class ChallengePin : public ChallengeModule
47{
48public:
49 ChallengePin(const size_t& maxAttemptTimes = 3,
50 const time::seconds& secretLifetime = time::seconds(3600));
51
52PUBLIC_WITH_TESTS_ELSE_PROTECTED:
53 JsonSection
54 processSelectInterest(const Interest& interest, CertificateRequest& request) override;
55
56 JsonSection
57 processValidateInterest(const Interest& interest, CertificateRequest& request) override;
58
59 std::list<std::string>
60 getSelectRequirements() override;
61
62 std::list<std::string>
63 getValidateRequirements(const std::string& status) override;
64
65 JsonSection
66 genChallengeInfo(const std::string& interestType, const std::string& status,
67 const std::list<std::string>& paramList) override;
68
69PUBLIC_WITH_TESTS_ELSE_PRIVATE:
70 static std::tuple<time::system_clock::TimePoint, std::string, int>
71 parseStoredSecrets(const JsonSection& storedSecret);
72
73 static JsonSection
74 generateStoredSecrets(const time::system_clock::TimePoint& tp, const std::string& secretCode,
75 int attempTimes);
76
Zhiyi Zhang65ba9322017-01-19 14:15:03 -0800[diff] [blame]77PUBLIC_WITH_TESTS_ELSE_PRIVATE:
78 static const std::string NEED_CODE;
79 static const std::string WRONG_CODE;
80 static const std::string FAILURE_TIMEOUT;
81 static const std::string FAILURE_MAXRETRY;
82
83 static const std::string JSON_CODE_TP;
84 static const std::string JSON_PIN_CODE;
85 static const std::string JSON_ATTEMPT_TIMES;
86
87private:
88 time::seconds m_secretLifetime;
89 int m_maxAttemptTimes;
90};
91
92} // namespace ndncert
93} // namespace ndn
94
95#endif // NDNCERT_CHALLENGE_PIN_HPP