static HashSet *
frt_get_fields(VALUE rfields)
{
VALUE rval;
HashSet *fields;
char *s, *p, *str;
if (rfields == Qnil) return NULL;
fields = hs_new_str(&free);
if (TYPE(rfields) == T_ARRAY) {
int i;
for (i = 0; i < RARRAY(rfields)->len; i++) {
rval = rb_obj_as_string(RARRAY(rfields)->ptr[i]);
hs_add(fields, nstrdup(rval));
}
} else {
rval = rb_obj_as_string(rfields);
if (strcmp("*", rs2s(rval)) == 0) {
hs_destroy(fields);
fields = NULL;
} else {
s = str = nstrdup(rval);
while ((p = strchr(s, '|')) != '\0') {
*p = '\0';
hs_add(fields, estrdup(s));
s = p + 1;
}
hs_add(fields, estrdup(s));
free(str);
}
}
return fields;
}
void PayloadIntegrityBlock::verify(const dtn::data::Bundle &bundle, const SecurityKey &key)
{
// iterate over all PIBs to find the right one
dtn::data::Bundle::const_find_iterator it(bundle.begin(), PayloadIntegrityBlock::BLOCK_TYPE);
while (it.next(bundle.end()))
{
const PayloadIntegrityBlock &sb = dynamic_cast<const PayloadIntegrityBlock&>(**it);
// check if we have the public key of the security source
// skip this block if the given key isn't the right one
if (!sb.isSecuritySource(bundle, key.reference)) continue;
// check the correct algorithm
if (sb._ciphersuite_id != SecurityBlock::PIB_RSA_SHA256)
{
throw VerificationFailedException("can not verify the PIB because of an invalid algorithm");
}
EVP_PKEY *pkey = key.getEVP();
if (pkey == NULL) throw VerificationFailedException("verification error");
ibrcommon::RSASHA256Stream rs2s(pkey, true);
// serialize the bundle in the mutable form
dtn::security::MutableSerializer ms(rs2s, &sb);
(dtn::data::DefaultSerializer&)ms << bundle; rs2s << std::flush;
try {
int ret = rs2s.getVerification(sb._security_result.get(SecurityBlock::integrity_signature));
SecurityKey::free(pkey);
if (ret > 0)
{
// success!
return;
}
else if (ret < 0)
{
throw VerificationFailedException("verification error");
}
} catch (const ElementMissingException&) {
// This PIB can not verified due to a missing integrity signature
throw VerificationFailedException("Integrity signature is missing!");
}
}
throw VerificationFailedException("verification failed");
}
/*
* call-seq:
* query_parser.parse(query_string) -> Query
*
* Parse a query string returning a Query object if parsing was successful.
* Will raise a QueryParseException if unsuccessful.
*/
static VALUE
frt_qp_parse(VALUE self, VALUE rstr)
{
const char *msg = NULL;
volatile VALUE rq;
GET_QP;
rstr = rb_obj_as_string(rstr);
TRY
rq = frt_get_q(qp_parse(qp, rs2s(rstr)));
break;
default:
msg = xcontext.msg;
HANDLED();
XENDTRY
if (msg) {
rb_raise(cQueryParseException, msg);
}
return rq;
}
const std::string PayloadIntegrityBlock::calcHash(const dtn::data::Bundle &bundle, const SecurityKey &key, PayloadIntegrityBlock& ignore)
{
EVP_PKEY *pkey = key.getEVP();
ibrcommon::RSASHA256Stream rs2s(pkey);
// serialize the bundle in the mutable form
dtn::security::MutableSerializer ms(rs2s, &ignore);
(dtn::data::DefaultSerializer&)ms << bundle; rs2s << std::flush;
int return_code = rs2s.getSign().first;
std::string sign_string = rs2s.getSign().second;
SecurityKey::free(pkey);
if (return_code)
return sign_string;
else
{
IBRCOMMON_LOGGER_ex(critical) << "an error occured at the creation of the hash and it is invalid" << IBRCOMMON_LOGGER_ENDL;
ERR_print_errors_fp(stderr);
return std::string("");
}
}
