CCNxInterestReturnInterface * ccnxInterestReturnInterface_GetInterface(const CCNxTlvDictionary *dictionary) { assertTrue(ccnxTlvDictionary_IsInterestReturn(dictionary), "Expected an InterestReturn"); CCNxInterestReturnInterface *impl = ccnxTlvDictionary_GetMessageInterface(dictionary); if (!impl) { // If we're here, we need to update the interface pointer. Break the const. // We're not changing data values, just initializing the Interface pointer. // Figure out what the typeInterface should be, based on the attributes we know. int schemaVersion = ccnxTlvDictionary_GetSchemaVersion(dictionary); switch (schemaVersion) { case CCNxTlvDictionary_SchemaVersion_V0: trapUnexpectedState("ccnxInterestReturnInterface_GetInterface() not implemented for V0"); case CCNxTlvDictionary_SchemaVersion_V1: impl = &CCNxInterestReturnFacadeV1_Implementation; break; default: trapUnexpectedState("Unknown SchemaVersion encountered in ccnxInterestReturnInterface_GetInterface()"); break; } if (impl) { ccnxTlvDictionary_SetMessageInterface((CCNxTlvDictionary *) dictionary, impl); // break the const. } } return impl; }
void athena_ProcessMessage(Athena *athena, CCNxMetaMessage *ccnxMessage, PARCBitVector *ingressVector) { if (ccnxMetaMessage_IsInterest(ccnxMessage)) { const char *name = ccnxName_ToString(ccnxInterest_GetName(ccnxMessage)); parcLog_Debug(athena->log, "Processing Interest Message: %s", name); parcMemory_Deallocate(&name); CCNxInterest *interest = ccnxMetaMessage_GetInterest(ccnxMessage); _processInterest(athena, interest, ingressVector); athena->stats.numProcessedInterests++; } else if (ccnxMetaMessage_IsContentObject(ccnxMessage)) { const char *name = ccnxName_ToString(ccnxContentObject_GetName(ccnxMessage)); parcLog_Debug(athena->log, "Processing Content Object Message: %s", name); parcMemory_Deallocate(&name); CCNxContentObject *contentObject = ccnxMetaMessage_GetContentObject(ccnxMessage); _processContentObject(athena, contentObject, ingressVector); athena->stats.numProcessedContentObjects++; } else if (ccnxMetaMessage_IsControl(ccnxMessage)) { parcLog_Debug(athena->log, "Processing Control Message"); CCNxControl *control = ccnxMetaMessage_GetControl(ccnxMessage); _processControl(athena, control, ingressVector); athena->stats.numProcessedControlMessages++; } else if (ccnxMetaMessage_IsInterestReturn(ccnxMessage)) { parcLog_Debug(athena->log, "Processing Interest Return Message"); CCNxInterestReturn *interestReturn = ccnxMetaMessage_GetInterestReturn(ccnxMessage); _processInterestReturn(athena, interestReturn, ingressVector); athena->stats.numProcessedInterestReturns++; } else { trapUnexpectedState("Invalid CCNxMetaMessage type"); } }
static PARCSignature * _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign) { parcSecurity_AssertIsInitialized(); assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore"); assertNotNull(digestToSign, "Buffer to sign must not be null"); // TODO: what is the best way to expose this? PARCKeyStore *keyStore = signer->keyStore; PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore); EVP_PKEY *privateKey = NULL; size_t keySize = parcBuffer_Remaining(privateKeyBuffer); uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, keySize); privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, keySize); parcBuffer_Release(&privateKeyBuffer); RSA *rsa = EVP_PKEY_get1_RSA(privateKey); int opensslDigestType; switch (parcCryptoHash_GetDigestType(digestToSign)) { case PARCCryptoHashType_SHA256: opensslDigestType = NID_sha256; break; case PARCCryptoHashType_SHA512: opensslDigestType = NID_sha512; break; default: trapUnexpectedState("Unknown digest type: %s", parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(digestToSign))); } uint8_t *sig = parcMemory_Allocate(RSA_size(rsa)); assertNotNull(sig, "parcMemory_Allocate(%u) returned NULL", RSA_size(rsa)); unsigned sigLength = 0; PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign); int result = RSA_sign(opensslDigestType, (unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)), (int) parcBuffer_Remaining(bb_digest), sig, &sigLength, rsa); assertTrue(result == 1, "Got error from RSA_sign: %d", result); RSA_free(rsa); PARCBuffer *bbSign = parcBuffer_Allocate(sigLength); parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig)); parcMemory_Deallocate((void **) &sig); PARCSignature *signature = parcSignature_Create(_GetSigningAlgorithm(signer), parcCryptoHash_GetDigestType(digestToSign), bbSign ); parcBuffer_Release(&bbSign); return signature; }
/** * Return if the signature and key verify with the local hash. * * PRECONDITION: * - You know the signature and key are RSA. * * Example: * @code * <#example#> * @endcode */ static bool _parcInMemoryVerifier_RSAKey_Verify(PARCInMemoryVerifier *verifier, PARCCryptoHash *localHash, PARCSignature *signatureToVerify, PARCBuffer *derEncodedKey) { const uint8_t *der_bytes = parcByteArray_Array(parcBuffer_Array(derEncodedKey)); long der_length = parcBuffer_Remaining(derEncodedKey); EVP_PKEY *unwrapped_key = d2i_PUBKEY(NULL, &der_bytes, der_length); if (unwrapped_key != NULL) { int success = 0; RSA *rsa = EVP_PKEY_get1_RSA(unwrapped_key); if (rsa != NULL) { int openssl_digest_type; switch (parcCryptoHash_GetDigestType(localHash)) { case PARC_HASH_SHA256: openssl_digest_type = NID_sha256; break; case PARC_HASH_SHA512: openssl_digest_type = NID_sha512; break; default: trapUnexpectedState("Unknown digest type: %s", parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(localHash))); } PARCBuffer *sigbits = parcSignature_GetSignature(signatureToVerify); PARCByteArray *bytearray = parcBuffer_Array(sigbits); unsigned signatureLength = (unsigned) parcBuffer_Remaining(sigbits); uint8_t *sigbuffer = parcByteArray_Array(bytearray); size_t signatureOffset = parcBuffer_ArrayOffset(sigbits); success = RSA_verify(openssl_digest_type, (unsigned char *) parcByteArray_Array(parcBuffer_Array(parcCryptoHash_GetDigest(localHash))), (unsigned) parcBuffer_Remaining(parcCryptoHash_GetDigest(localHash)), sigbuffer + signatureOffset, signatureLength, rsa); RSA_free(rsa); } EVP_PKEY_free(unwrapped_key); if (success) { return true; } } return false; }
static bool _parcInMemoryVerifier_AllowedCryptoSuite(void *interfaceContext, PARCKeyId *keyid, PARCCryptoSuite suite) { PARCInMemoryVerifier *verifier = (PARCInMemoryVerifier *) interfaceContext; const PARCKey *key = parcCryptoCache_GetKey(verifier->key_cache, keyid); if (key == NULL) { return false; } switch (parcKey_GetSigningAlgorithm(key)) { case PARCSigningAlgorithm_RSA: switch (suite) { case PARCCryptoSuite_RSA_SHA256: return true; case PARCCryptoSuite_RSA_SHA512: return true; default: return false; } break; case PARCSigningAlgorithm_DSA: switch (suite) { default: return false; } break; case PARCSigningAlgorithm_HMAC: switch (suite) { case PARCCryptoSuite_HMAC_SHA256: return true; default: return false; } break; default: trapUnexpectedState("Unknown signing algorithm: %s", parcSigningAlgorithm_ToString(parcKey_GetSigningAlgorithm(key))); return false; } return false; }
/** * Look up the symbolic name of the queue. Do not free the return. * * Example: * @code * <#example#> * @endcode */ const char * rtaProtocolStack_GetQueueName(RtaProtocolStack *stack, PARCEventQueue *queue) { int component; for (component = 0; component <= LAST_COMPONENT; component++) { if (stack->component_queues[component]) { if (stack->component_queues[component]->up == queue) { return RtaComponentNames[component]; } if (stack->component_queues[component]->down == queue) { return RtaComponentNames[component]; } } } trapUnexpectedState("Could not find queue %p in stack %p", (void *) queue, (void *) stack); }
uint64_t ccnxContentObject_GetFinalChunkNumber(const CCNxContentObject *contentObject) { ccnxContentObject_OptionalAssertValid(contentObject); CCNxContentObjectInterface *impl = ccnxContentObjectInterface_GetInterface(contentObject); if (impl->hasFinalChunkNumber != NULL && !impl->hasFinalChunkNumber((CCNxTlvDictionary *) contentObject)) { trapUnexpectedState("ContentObject has no final chunk number. Call ccnxContentObject_HasFinalChunkNumber() first."); } if (impl->getFinalChunkNumber != NULL) { return impl->getFinalChunkNumber(contentObject); } else { trapNotImplemented("ccnxContentObject_GetFinalChunkNumber"); } }
uint64_t ccnxContentObject_GetExpiryTime(const CCNxContentObject *contentObject) { ccnxContentObject_OptionalAssertValid(contentObject); CCNxContentObjectInterface *impl = ccnxContentObjectInterface_GetInterface(contentObject); if (impl->hasExpiryTime != NULL && !impl->hasExpiryTime((CCNxTlvDictionary *) contentObject)) { trapUnexpectedState("ContentObject has no ExpiryTime. Call HasExpiryTime() first."); } if (impl->getExpiryTime != NULL) { return impl->getExpiryTime(contentObject); } else { trapNotImplemented("ccnxContentObject_HasExpiryTime"); } }
/** * The signature verifies if: * 0) we know the key for keyid * 1) the signing algorithm of the key corresponding to keyid is same as CCNxSignature * 2) The hash of the locallyComputedHash is the same type as the content object's ciphersuite * 3) the signature verifies * * Example: * @code * <#example#> * @endcode */ static bool _parcInMemoryVerifier_VerifyDigest(void *interfaceContext, PARCKeyId *keyid, PARCCryptoHash *locallyComputedHash, PARCCryptoSuite suite, PARCSignature *objectSignature) { PARCInMemoryVerifier *verifier = (PARCInMemoryVerifier *) interfaceContext; const PARCKey *key = parcCryptoCache_GetKey(verifier->key_cache, keyid); if (key == NULL) { return false; } assertTrue(_parcInMemoryVerifier_AllowedCryptoSuite(interfaceContext, keyid, suite), "Invalid crypto suite for keyid"); if (parcKey_GetSigningAlgorithm(key) != parcSignature_GetSigningAlgorithm(objectSignature)) { fprintf(stdout, "Signatured failed, signing algorithms do not match: key %s sig %s\n", parcSigningAlgorithm_ToString(parcKey_GetSigningAlgorithm(key)), parcSigningAlgorithm_ToString(parcSignature_GetSigningAlgorithm(objectSignature))); return false; } if (parcCryptoHash_GetDigestType(locallyComputedHash) != parcCryptoSuite_GetCryptoHash(suite)) { fprintf(stdout, "Signatured failed, digest algorithms do not match: digest %s suite %s\n", parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(locallyComputedHash)), parcCryptoHashType_ToString(parcCryptoSuite_GetCryptoHash(suite))); return false; } switch (parcSignature_GetSigningAlgorithm(objectSignature)) { case PARCSigningAlgorithm_RSA: return _parcInMemoryVerifier_RSAKey_Verify(verifier, locallyComputedHash, objectSignature, parcKey_GetKey(key)); case PARCSigningAlgorithm_DSA: trapNotImplemented("DSA not supported"); break; case PARCSigningAlgorithm_HMAC: trapNotImplemented("HMAC not supported"); break; default: trapUnexpectedState("Unknown signing algorithm: %d", parcSignature_GetSigningAlgorithm(objectSignature)); } return false; }
static PARCCryptoHasher * _parcInMemoryVerifier_GetCryptoHasher(void *interfaceContext, PARCKeyId *keyid, PARCCryptoHashType hashType) { PARCInMemoryVerifier *verifier = (PARCInMemoryVerifier *) interfaceContext; const PARCKey *key = parcCryptoCache_GetKey(verifier->key_cache, keyid); if (key == NULL) { return false; } assertFalse(parcKey_GetSigningAlgorithm(key) == PARCSigningAlgorithm_HMAC, "HMAC not supported yet"); switch (hashType) { case PARC_HASH_SHA256: return verifier->hasher_sha256; case PARC_HASH_SHA512: return verifier->hasher_sha512; default: trapUnexpectedState("unsupported hash type: %d", hashType); } }