CCNxInterestReturnInterface *
ccnxInterestReturnInterface_GetInterface(const CCNxTlvDictionary *dictionary)
{
assertTrue(ccnxTlvDictionary_IsInterestReturn(dictionary), "Expected an InterestReturn");
CCNxInterestReturnInterface *impl = ccnxTlvDictionary_GetMessageInterface(dictionary);
if (!impl) {
// If we're here, we need to update the interface pointer. Break the const.
// We're not changing data values, just initializing the Interface pointer.
// Figure out what the typeInterface should be, based on the attributes we know.
int schemaVersion = ccnxTlvDictionary_GetSchemaVersion(dictionary);
switch (schemaVersion) {
case CCNxTlvDictionary_SchemaVersion_V0:
trapUnexpectedState("ccnxInterestReturnInterface_GetInterface() not implemented for V0");
case CCNxTlvDictionary_SchemaVersion_V1:
impl = &CCNxInterestReturnFacadeV1_Implementation;
break;
default:
trapUnexpectedState("Unknown SchemaVersion encountered in ccnxInterestReturnInterface_GetInterface()");
break;
}
if (impl) {
ccnxTlvDictionary_SetMessageInterface((CCNxTlvDictionary *) dictionary, impl); // break the const.
}
}
return impl;
}
void
athena_ProcessMessage(Athena *athena, CCNxMetaMessage *ccnxMessage, PARCBitVector *ingressVector)
{
if (ccnxMetaMessage_IsInterest(ccnxMessage)) {
const char *name = ccnxName_ToString(ccnxInterest_GetName(ccnxMessage));
parcLog_Debug(athena->log, "Processing Interest Message: %s", name);
parcMemory_Deallocate(&name);
CCNxInterest *interest = ccnxMetaMessage_GetInterest(ccnxMessage);
_processInterest(athena, interest, ingressVector);
athena->stats.numProcessedInterests++;
} else if (ccnxMetaMessage_IsContentObject(ccnxMessage)) {
const char *name = ccnxName_ToString(ccnxContentObject_GetName(ccnxMessage));
parcLog_Debug(athena->log, "Processing Content Object Message: %s", name);
parcMemory_Deallocate(&name);
CCNxContentObject *contentObject = ccnxMetaMessage_GetContentObject(ccnxMessage);
_processContentObject(athena, contentObject, ingressVector);
athena->stats.numProcessedContentObjects++;
} else if (ccnxMetaMessage_IsControl(ccnxMessage)) {
parcLog_Debug(athena->log, "Processing Control Message");
CCNxControl *control = ccnxMetaMessage_GetControl(ccnxMessage);
_processControl(athena, control, ingressVector);
athena->stats.numProcessedControlMessages++;
} else if (ccnxMetaMessage_IsInterestReturn(ccnxMessage)) {
parcLog_Debug(athena->log, "Processing Interest Return Message");
CCNxInterestReturn *interestReturn = ccnxMetaMessage_GetInterestReturn(ccnxMessage);
_processInterestReturn(athena, interestReturn, ingressVector);
athena->stats.numProcessedInterestReturns++;
} else {
trapUnexpectedState("Invalid CCNxMetaMessage type");
}
}
static PARCSignature *
_SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign)
{
parcSecurity_AssertIsInitialized();
assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore");
assertNotNull(digestToSign, "Buffer to sign must not be null");
// TODO: what is the best way to expose this?
PARCKeyStore *keyStore = signer->keyStore;
PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore);
EVP_PKEY *privateKey = NULL;
size_t keySize = parcBuffer_Remaining(privateKeyBuffer);
uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, keySize);
privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, keySize);
parcBuffer_Release(&privateKeyBuffer);
RSA *rsa = EVP_PKEY_get1_RSA(privateKey);
int opensslDigestType;
switch (parcCryptoHash_GetDigestType(digestToSign)) {
case PARCCryptoHashType_SHA256:
opensslDigestType = NID_sha256;
break;
case PARCCryptoHashType_SHA512:
opensslDigestType = NID_sha512;
break;
default:
trapUnexpectedState("Unknown digest type: %s",
parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(digestToSign)));
}
uint8_t *sig = parcMemory_Allocate(RSA_size(rsa));
assertNotNull(sig, "parcMemory_Allocate(%u) returned NULL", RSA_size(rsa));
unsigned sigLength = 0;
PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign);
int result = RSA_sign(opensslDigestType,
(unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)),
(int) parcBuffer_Remaining(bb_digest),
sig,
&sigLength,
rsa);
assertTrue(result == 1, "Got error from RSA_sign: %d", result);
RSA_free(rsa);
PARCBuffer *bbSign = parcBuffer_Allocate(sigLength);
parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig));
parcMemory_Deallocate((void **) &sig);
PARCSignature *signature =
parcSignature_Create(_GetSigningAlgorithm(signer),
parcCryptoHash_GetDigestType(digestToSign),
bbSign
);
parcBuffer_Release(&bbSign);
return signature;
}
/**
* Return if the signature and key verify with the local hash.
*
* PRECONDITION:
* - You know the signature and key are RSA.
*
* Example:
* @code
* <#example#>
* @endcode
*/
static bool
_parcInMemoryVerifier_RSAKey_Verify(PARCInMemoryVerifier *verifier, PARCCryptoHash *localHash,
PARCSignature *signatureToVerify, PARCBuffer *derEncodedKey)
{
const uint8_t *der_bytes = parcByteArray_Array(parcBuffer_Array(derEncodedKey));
long der_length = parcBuffer_Remaining(derEncodedKey);
EVP_PKEY *unwrapped_key = d2i_PUBKEY(NULL, &der_bytes, der_length);
if (unwrapped_key != NULL) {
int success = 0;
RSA *rsa = EVP_PKEY_get1_RSA(unwrapped_key);
if (rsa != NULL) {
int openssl_digest_type;
switch (parcCryptoHash_GetDigestType(localHash)) {
case PARC_HASH_SHA256:
openssl_digest_type = NID_sha256;
break;
case PARC_HASH_SHA512:
openssl_digest_type = NID_sha512;
break;
default:
trapUnexpectedState("Unknown digest type: %s",
parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(localHash)));
}
PARCBuffer *sigbits = parcSignature_GetSignature(signatureToVerify);
PARCByteArray *bytearray = parcBuffer_Array(sigbits);
unsigned signatureLength = (unsigned) parcBuffer_Remaining(sigbits);
uint8_t *sigbuffer = parcByteArray_Array(bytearray);
size_t signatureOffset = parcBuffer_ArrayOffset(sigbits);
success = RSA_verify(openssl_digest_type,
(unsigned char *) parcByteArray_Array(parcBuffer_Array(parcCryptoHash_GetDigest(localHash))),
(unsigned) parcBuffer_Remaining(parcCryptoHash_GetDigest(localHash)),
sigbuffer + signatureOffset,
signatureLength,
rsa);
RSA_free(rsa);
}
EVP_PKEY_free(unwrapped_key);
if (success) {
return true;
}
}
return false;
}
static bool
_parcInMemoryVerifier_AllowedCryptoSuite(void *interfaceContext, PARCKeyId *keyid, PARCCryptoSuite suite)
{
PARCInMemoryVerifier *verifier = (PARCInMemoryVerifier *) interfaceContext;
const PARCKey *key = parcCryptoCache_GetKey(verifier->key_cache, keyid);
if (key == NULL) {
return false;
}
switch (parcKey_GetSigningAlgorithm(key)) {
case PARCSigningAlgorithm_RSA:
switch (suite) {
case PARCCryptoSuite_RSA_SHA256:
return true;
case PARCCryptoSuite_RSA_SHA512:
return true;
default:
return false;
}
break;
case PARCSigningAlgorithm_DSA:
switch (suite) {
default:
return false;
}
break;
case PARCSigningAlgorithm_HMAC:
switch (suite) {
case PARCCryptoSuite_HMAC_SHA256:
return true;
default:
return false;
}
break;
default:
trapUnexpectedState("Unknown signing algorithm: %s",
parcSigningAlgorithm_ToString(parcKey_GetSigningAlgorithm(key)));
return false;
}
return false;
}
/**
* Look up the symbolic name of the queue. Do not free the return.
*
* Example:
* @code
* <#example#>
* @endcode
*/
const char *
rtaProtocolStack_GetQueueName(RtaProtocolStack *stack, PARCEventQueue *queue)
{
int component;
for (component = 0; component <= LAST_COMPONENT; component++) {
if (stack->component_queues[component]) {
if (stack->component_queues[component]->up == queue) {
return RtaComponentNames[component];
}
if (stack->component_queues[component]->down == queue) {
return RtaComponentNames[component];
}
}
}
trapUnexpectedState("Could not find queue %p in stack %p", (void *) queue, (void *) stack);
}
uint64_t
ccnxContentObject_GetFinalChunkNumber(const CCNxContentObject *contentObject)
{
ccnxContentObject_OptionalAssertValid(contentObject);
CCNxContentObjectInterface *impl = ccnxContentObjectInterface_GetInterface(contentObject);
if (impl->hasFinalChunkNumber != NULL && !impl->hasFinalChunkNumber((CCNxTlvDictionary *) contentObject)) {
trapUnexpectedState("ContentObject has no final chunk number. Call ccnxContentObject_HasFinalChunkNumber() first.");
}
if (impl->getFinalChunkNumber != NULL) {
return impl->getFinalChunkNumber(contentObject);
} else {
trapNotImplemented("ccnxContentObject_GetFinalChunkNumber");
}
}
uint64_t
ccnxContentObject_GetExpiryTime(const CCNxContentObject *contentObject)
{
ccnxContentObject_OptionalAssertValid(contentObject);
CCNxContentObjectInterface *impl = ccnxContentObjectInterface_GetInterface(contentObject);
if (impl->hasExpiryTime != NULL && !impl->hasExpiryTime((CCNxTlvDictionary *) contentObject)) {
trapUnexpectedState("ContentObject has no ExpiryTime. Call HasExpiryTime() first.");
}
if (impl->getExpiryTime != NULL) {
return impl->getExpiryTime(contentObject);
} else {
trapNotImplemented("ccnxContentObject_HasExpiryTime");
}
}
/**
* The signature verifies if:
* 0) we know the key for keyid
* 1) the signing algorithm of the key corresponding to keyid is same as CCNxSignature
* 2) The hash of the locallyComputedHash is the same type as the content object's ciphersuite
* 3) the signature verifies
*
* Example:
* @code
* <#example#>
* @endcode
*/
static bool
_parcInMemoryVerifier_VerifyDigest(void *interfaceContext, PARCKeyId *keyid, PARCCryptoHash *locallyComputedHash,
PARCCryptoSuite suite, PARCSignature *objectSignature)
{
PARCInMemoryVerifier *verifier = (PARCInMemoryVerifier *) interfaceContext;
const PARCKey *key = parcCryptoCache_GetKey(verifier->key_cache, keyid);
if (key == NULL) {
return false;
}
assertTrue(_parcInMemoryVerifier_AllowedCryptoSuite(interfaceContext, keyid, suite), "Invalid crypto suite for keyid");
if (parcKey_GetSigningAlgorithm(key) != parcSignature_GetSigningAlgorithm(objectSignature)) {
fprintf(stdout, "Signatured failed, signing algorithms do not match: key %s sig %s\n",
parcSigningAlgorithm_ToString(parcKey_GetSigningAlgorithm(key)),
parcSigningAlgorithm_ToString(parcSignature_GetSigningAlgorithm(objectSignature)));
return false;
}
if (parcCryptoHash_GetDigestType(locallyComputedHash) != parcCryptoSuite_GetCryptoHash(suite)) {
fprintf(stdout, "Signatured failed, digest algorithms do not match: digest %s suite %s\n",
parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(locallyComputedHash)),
parcCryptoHashType_ToString(parcCryptoSuite_GetCryptoHash(suite)));
return false;
}
switch (parcSignature_GetSigningAlgorithm(objectSignature)) {
case PARCSigningAlgorithm_RSA:
return _parcInMemoryVerifier_RSAKey_Verify(verifier, locallyComputedHash, objectSignature, parcKey_GetKey(key));
case PARCSigningAlgorithm_DSA:
trapNotImplemented("DSA not supported");
break;
case PARCSigningAlgorithm_HMAC:
trapNotImplemented("HMAC not supported");
break;
default:
trapUnexpectedState("Unknown signing algorithm: %d", parcSignature_GetSigningAlgorithm(objectSignature));
}
return false;
}
static PARCCryptoHasher *
_parcInMemoryVerifier_GetCryptoHasher(void *interfaceContext, PARCKeyId *keyid, PARCCryptoHashType hashType)
{
PARCInMemoryVerifier *verifier = (PARCInMemoryVerifier *) interfaceContext;
const PARCKey *key = parcCryptoCache_GetKey(verifier->key_cache, keyid);
if (key == NULL) {
return false;
}
assertFalse(parcKey_GetSigningAlgorithm(key) == PARCSigningAlgorithm_HMAC, "HMAC not supported yet");
switch (hashType) {
case PARC_HASH_SHA256:
return verifier->hasher_sha256;
case PARC_HASH_SHA512:
return verifier->hasher_sha512;
default:
trapUnexpectedState("unsupported hash type: %d", hashType);
}
}
