28 #include "../util/crypto.hpp" 34 static OID
SECP256R1(
"1.2.840.10045.3.1.7");
53 std::vector<shared_ptr<ValidationRequest> > nextSteps;
54 checkPolicy(interest, nSteps, onValidated, onValidationFailed, nextSteps);
56 if (nextSteps.empty())
64 OnFailure onFailure = bind(onValidationFailed, interest.shared_from_this(), _1);
74 std::vector<shared_ptr<ValidationRequest> > nextSteps;
75 checkPolicy(data, nSteps, onValidated, onValidationFailed, nextSteps);
77 if (nextSteps.empty())
85 OnFailure onFailure = bind(onValidationFailed, data.shared_from_this(), _1);
92 const shared_ptr<ValidationRequest>& nextStep)
96 if (!static_cast<bool>(certificateData))
97 return nextStep->m_onDataValidationFailed(data.shared_from_this(),
101 nextStep->m_onDataValidated, nextStep->m_onDataValidationFailed,
122 if (interestName.
size() < 2)
129 Signature sig(interestName[-2].blockFromValue(),
130 interestName[-1].blockFromValue());
162 RSA::PublicKey publicKey;
165 queue.Put(reinterpret_cast<const byte*>(key.
get().
buf()), key.
get().size());
166 publicKey.Load(queue);
168 RSASS<PKCS1v15, SHA256>::Verifier verifier(publicKey);
169 return verifier.VerifyMessage(buf, size,
177 ECDSA<ECP, SHA256>::PublicKey publicKey;
180 queue.Put(reinterpret_cast<const byte*>(key.
get().
buf()), key.
get().size());
181 publicKey.Load(queue);
183 ECDSA<ECP, SHA256>::Verifier verifier(publicKey);
186 StringSource src(key.
get().
buf(), key.
get().size(),
true);
187 BERSequenceDecoder subjectPublicKeyInfo(src);
189 BERSequenceDecoder algorithmInfo(subjectPublicKeyInfo);
192 algorithm.
decode(algorithmInfo);
195 curveId.
decode(algorithmInfo);
211 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
215 return verifier.VerifyMessage(buf, size, buffer, usedSize);
220 size_t usedSize = DSAConvertSignatureFormat(buffer, 96, DSA_P1363,
224 return verifier.VerifyMessage(buf, size, buffer, usedSize);
235 catch (CryptoPP::Exception& e)
249 if (static_cast<bool>(buffer) &&
254 const uint8_t* p1 = buffer->buf();
255 const uint8_t* p2 = sigValue.
value();
262 catch (CryptoPP::Exception& e)
270 int remainingRetries,
272 const shared_ptr<ValidationRequest>& validationRequest)
274 if (remainingRetries > 0)
279 remainingRetries - 1, onFailure, validationRequest));
281 onFailure(
"Cannot fetch cert: " + interest.
getName().
toUri());
291 onFailure(
"Require more information to validate the packet!");
295 for (std::vector<shared_ptr<ValidationRequest> >::const_iterator it = nextSteps.begin();
296 it != nextSteps.end(); it++)
301 this, _1, (*it)->m_nRetries,
Copyright (c) 2011-2015 Regents of the University of California.
std::string toUri() const
Encode this name as a URI.
static OID SECP256R1("1.2.840.10045.3.1.7")
Copyright (c) 2013-2014 Regents of the University of California.
virtual void afterCheckPolicy(const std::vector< shared_ptr< ValidationRequest > > &nextSteps, const OnFailure &onFailure)
trigger after checkPolicy is done.
void onData(const Interest &interest, const Data &data, const shared_ptr< ValidationRequest > &nextStep)
Process the received certificate.
size_t value_size() const
const Name & getName() const
Get name of the Data packet.
Validator(Face *face=nullptr)
Validator constructor.
static const size_t SHA256_DIGEST_SIZE
number of octets in a SHA256 digest
Represent a SHA256 digest.
Class representing a wire element of NDN-TLV packet format.
represents an Interest packet
virtual void onTimeout(const Interest &interest, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest)
trigger when interest for certificate times out.
const uint8_t * value() const
bool hasKeyLocator() const
Check if SignatureInfo block has a KeyLocator.
void decode(CryptoPP::BufferedTransformation &in)
function< void(const shared_ptr< const Data > &)> OnDataValidated
Callback to report a successful Data validation.
void validate(const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed)
Validate Data and call either onValidated or onValidationFailed.
virtual void checkPolicy(const Data &data, int nSteps, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest > > &nextSteps)=0
Check the Data against policy and return the next validation step if necessary.
function< void(const shared_ptr< const Data > &, const std::string &)> OnDataValidationFailed
Callback to report a failed Data validation.
const Block & getValue() const
Get SignatureValue in the wire format.
Abstraction to communicate with local or remote NDN forwarder.
Name abstraction to represent an absolute name.
size_t size() const
Get the number of components.
function< void(const shared_ptr< const Interest > &, const std::string &)> OnInterestValidationFailed
Callback to report a failed Interest validation.
static bool verifySignature(const Data &data, const PublicKey &publicKey)
Verify the data using the publicKey.
size_t wireEncode(EncodingImpl< TAG > &encoder, bool wantUnsignedPortionOnly=false) const
Fast encoding or block size estimation.
const Buffer & get() const
function< void(const std::string &)> OnFailure
size_t wireEncode(EncodingImpl< TAG > &encoder) const
Fast encoding or block size estimation.
uint32_t getType() const
Get signature type.
const PendingInterestId * expressInterest(const Interest &interest, const DataCallback &afterSatisfied, const NackCallback &afterNacked, const TimeoutCallback &afterTimeout)
Express Interest.
const Signature & getSignature() const
shared_ptr< const Buffer > ConstBufferPtr
ConstBufferPtr sha256(const uint8_t *data, size_t dataLength)
Compute the sha-256 digest of data.
virtual shared_ptr< const Data > preCertificateValidation(const Data &data)
Hooks.
function< void(const shared_ptr< const Interest > &)> OnInterestValidated
Callback to report a successful Interest validation.
static OID SECP384R1("1.3.132.0.34")
KeyType getKeyType() const
const Name & getName() const
A Signature is storage for the signature-related information (info and value) in a Data packet...