Block
SecTpmMemory::signInTpm(const uint8_t *data, size_t dataLength,
const Name& keyName,
DigestAlgorithm digestAlgorithm)
{
if (digestAlgorithm != DIGEST_ALGORITHM_SHA256)
return ConstBufferPtr();
// Find the private key and sign.
PrivateKeyStore::iterator privateKey = privateKeyStore_.find(keyName.toUri());
if (privateKey == privateKeyStore_.end())
throw Error(string("MemoryPrivateKeyStorage: Cannot find private key ") + keyName.toUri());
uint8_t digest[SHA256_DIGEST_LENGTH];
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256, data, dataLength);
SHA256_Final(digest, &sha256);
BufferPtr signatureBuffer = ptr_lib::make_shared<Buffer>();
signatureBuffer->resize(RSA_size(privateKey->second->getPrivateKey()));
unsigned int signatureBitsLength;
if (!RSA_sign(NID_sha256, digest, sizeof(digest),
signatureBuffer->buf(),
&signatureBitsLength,
privateKey->second->getPrivateKey()))
{
throw Error("Error in RSA_sign");
}
return Block(Tlv::SignatureValue, signatureBuffer);
}
void
ChatDialog::updateLabels(Name newChatPrefix)
{
// Reset DigestTree
m_scene->clearAll();
m_scene->plot("Empty");
// Display chatroom name
QString chatroomName = QString("Chatroom: %1").arg(QString::fromStdString(m_chatroomName));
ui->infoLabel->setStyleSheet("QLabel {color: #630; font-size: 16px; font: bold \"Verdana\";}");
ui->infoLabel->setText(chatroomName);
// Display chat message prefix
QString chatPrefix;
if (PRIVATE_PREFIX.isPrefixOf(newChatPrefix)) {
chatPrefix =
QString("<Warning: no connection to hub or hub does not support prefix autoconfig.>\n"
"<Prefix = %1>")
.arg(QString::fromStdString(newChatPrefix.toUri()));
ui->prefixLabel->setStyleSheet(
"QLabel {color: red; font-size: 12px; font: bold \"Verdana\";}");
}
else {
chatPrefix = QString("<Prefix = %1>")
.arg(QString::fromStdString(newChatPrefix.toUri()));
ui->prefixLabel->setStyleSheet(
"QLabel {color: Green; font-size: 12px; font: bold \"Verdana\";}");
}
ui->prefixLabel->setText(chatPrefix);
fitView();
}
void producerSatisfiedAuthRequest( const Name& producer_name,
const Name& request_name,
const NdnParameterSet& credentials )
{
if( logging_enabled )
{
lock.lock();
log_file << "Producer:SatisfiedAuth" << endl
<< "{" << endl
<< " time = " << time::system_clock::now() << endl
<< " producer = " << producer_name.toUri() << endl
<< " request = " << request_name.toUri() << endl
<< " username = "******"username" ) )
? credentials.getParameter( "username" )
: "none" )
<< endl
<< " password = "******"password" ) )
? credentials.getParameter( "password" )
: "none" )
<< endl
<< "}" << endl;
lock.unlock();
}
}
Name
IdentityCertificate::certificateNameToPublicKeyName(const Name& certificateName)
{
int i = certificateName.size() - 1;
string idString("ID-CERT");
bool foundIdString = false;
for (; i >= 0; i--) {
if (certificateName.get(i).toEscapedString() == idString)
{
foundIdString = true;
break;
}
}
if(!foundIdString)
throw Error("Incorrect identity certificate name " + certificateName.toUri());
Name tmpName = certificateName.getSubName(0, i);
string keyString("KEY");
bool foundKeyString = false;
for (i = 0; i < tmpName.size(); i++) {
if (tmpName.get(i).toEscapedString() == keyString)
{
foundKeyString = true;
break;
}
}
if(!foundKeyString)
throw Error("Incorrect identity certificate name " + certificateName.toUri());
return tmpName.getSubName(0, i).append(tmpName.getSubName(i + 1, tmpName.size() - i - 1));
}
ptr_lib::shared_ptr<PublicKey>
SecTpmMemory::getPublicKeyFromTpm(const Name& keyName)
{
PublicKeyStore::iterator publicKey = publicKeyStore_.find(keyName.toUri());
if (publicKey == publicKeyStore_.end())
throw Error(string("MemoryPrivateKeyStorage: Cannot find public key ") + keyName.toUri());
return publicKey->second;
}
void
SecTpmMemory::setKeyPairForKeyName(const Name& keyName,
uint8_t *publicKeyDer, size_t publicKeyDerLength,
uint8_t *privateKeyDer, size_t privateKeyDerLength)
{
publicKeyStore_[keyName.toUri()] = ptr_lib::make_shared<PublicKey>(publicKeyDer, publicKeyDerLength);
privateKeyStore_[keyName.toUri()] = ptr_lib::make_shared<RsaPrivateKey>(privateKeyDer, privateKeyDerLength);
}
shared_ptr<IdentityCertificate>
SecPublicInfoMemory::getCertificate(const Name& certificateName)
{
CertificateStore::iterator record = m_certificateStore.find(certificateName.toUri());
if (record == m_certificateStore.end())
throw Error("SecPublicInfoMemory::getCertificate " + certificateName.toUri());
return record->second;
}
shared_ptr<PublicKey>
SecPublicInfoMemory::getPublicKey(const Name& keyName)
{
KeyStore::iterator record = m_keyStore.find(keyName.toUri());
if (record == m_keyStore.end())
throw Error("SecPublicInfoMemory::getPublicKey " + keyName.toUri());
return make_shared<PublicKey>(record->second->getKey());
}
bool
SecTpmMemory::doesKeyExistInTpm(const Name& keyName, KeyClass keyClass)
{
if (keyClass == KEY_CLASS_PUBLIC)
return publicKeyStore_.find(keyName.toUri()) != publicKeyStore_.end();
else if (keyClass == KEY_CLASS_PRIVATE)
return privateKeyStore_.find(keyName.toUri()) != privateKeyStore_.end();
else
// KEY_CLASS_SYMMETRIC not implemented yet.
return false;
}
void
SecTpmFile::deleteKeyPairInTpm(const Name& keyName)
{
boost::filesystem::path publicKeyPath(m_impl->transformName(keyName.toUri(), ".pub"));
boost::filesystem::path privateKeyPath(m_impl->transformName(keyName.toUri(), ".pri"));
if (boost::filesystem::exists(publicKeyPath))
boost::filesystem::remove(publicKeyPath);
if (boost::filesystem::exists(privateKeyPath))
boost::filesystem::remove(privateKeyPath);
}
shared_ptr<Data> StorageEngineImpl::read(const Interest &interest)
{
shared_ptr<Data> data;
#if HAVE_PERSISTENT_STORAGE
bool canBePrefix = interest.getCanBePrefix();
if (canBePrefix)
{
// extract by prefix match
Name prefix = interest.getName(), keyName;
auto it = db_->NewIterator(db_namespace::ReadOptions());
std::string key = "";
bool checkMaxSuffixComponents = interest.getMaxSuffixComponents() != -1;
bool checkMinSuffixComponents = interest.getMinSuffixComponents() != -1;
for (it->Seek(prefix.toUri());
it->Valid() && it->key().starts_with(prefix.toUri());
it->Next())
{
if (checkMaxSuffixComponents || checkMinSuffixComponents)
{
keyName = Name(it->key().ToString());
int nSuffixComponents = keyName.size() - prefix.size();
bool passCheck = false;
if (checkMaxSuffixComponents &&
nSuffixComponents <= interest.getMaxSuffixComponents())
passCheck = true;
if (checkMinSuffixComponents &&
nSuffixComponents >= interest.getMinSuffixComponents())
passCheck = true;
if (passCheck)
key = it->key().ToString();
}
else
key = it->key().ToString();
}
if (key != "")
data = get(Name(key));
delete it;
}
else
data = get(interest.getName());
#endif
return data;
}
void producerSatisfiedRequest( const Name& producer_name,
const Name& request_name )
{
if( logging_enabled )
{
lock.lock();
log_file << "Producer:Satisfied" << endl
<< "{" << endl
<< " time = " << time::system_clock::now() << endl
<< " producer = " << producer_name.toUri() << endl
<< " request = " << request_name.toUri() << endl
<< "}" << endl;
lock.unlock();
}
}
bool
SecTpmFile::doesKeyExistInTpm(const Name& keyName, KeyClass keyClass)
{
string keyURI = keyName.toUri();
if (keyClass == KEY_CLASS_PUBLIC)
{
if (boost::filesystem::exists(m_impl->transformName(keyURI, ".pub")))
return true;
else
return false;
}
if (keyClass == KEY_CLASS_PRIVATE)
{
if (boost::filesystem::exists(m_impl->transformName(keyURI, ".pri")))
return true;
else
return false;
}
if (keyClass == KEY_CLASS_SYMMETRIC)
{
if (boost::filesystem::exists(m_impl->transformName(keyURI, ".key")))
return true;
else
return false;
}
return false;
}
ptr_lib::shared_ptr<CertificateV2>
PibCertificateContainer::get(const Name& certificateName)
{
map<Name, ptr_lib::shared_ptr<CertificateV2>>::const_iterator it =
certificates_.find(certificateName);
if (it != certificates_.end())
// Make a copy.
// TODO: Copy is expensive. Can we just tell the caller not to modify it?
return ptr_lib::make_shared<CertificateV2>(*it->second);
// Get from the PIB and cache.
if (!CertificateV2::isValidName(certificateName) ||
CertificateV2::extractKeyNameFromCertName(certificateName) != keyName_)
throw invalid_argument
("Certificate name `" + certificateName.toUri() +
"` is invalid or does not match key name");
ptr_lib::shared_ptr<CertificateV2> certificate =
pibImpl_->getCertificate(certificateName);
certificates_[certificateName] = certificate;
// Make a copy.
// TODO: Copy is expensive. Can we just tell the caller not to modify it?
return ptr_lib::make_shared<CertificateV2>(*certificate);
}
void
MulticastDiscovery::onSetStrategyFailure(const std::string& error)
{
m_nextStageOnFailure("Failed to set multicast strategy for " +
LOCALHOP_HUB_DISCOVERY_PREFIX.toUri() + " namespace (" + error + "). "
"Skipping multicast discovery stage");
}
void
FilePrivateKeyStorage::deleteKeyPair(const Name& keyName)
{
string keyUri = keyName.toUri();
remove(nameTransform(keyUri, ".pub").c_str());
remove(nameTransform(keyUri, ".pri").c_str());
}
void
SecPublicInfoMemory::addIdentity(const Name& identityName)
{
string identityUri = identityName.toUri();
if (find(identityStore_.begin(), identityStore_.end(), identityUri) != identityStore_.end())
throw Error("Identity already exists: " + identityUri);
identityStore_.push_back(identityUri);
}
void
SecPublicInfoMemory::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey)
{
Name identityName = keyName.getPrefix(-1);
addIdentity(identityName);
m_keyStore[keyName.toUri()] = make_shared<KeyRecord>(keyType, publicKey);
}
void
SecPublicInfoMemory::addIdentity(const Name& identityName)
{
string identityUri = identityName.toUri();
if (find(m_identityStore.begin(), m_identityStore.end(), identityUri) != m_identityStore.end())
return;
m_identityStore.push_back(identityUri);
}
ConstBufferPtr
SecTpmFile::exportPrivateKeyPkcs8FromTpm(const Name& keyName)
{
OBufferStream privateKeyOs;
CryptoPP::FileSource(m_impl->transformName(keyName.toUri(), ".pri").string().c_str(), true,
new CryptoPP::Base64Decoder(new CryptoPP::FileSink(privateKeyOs)));
return privateKeyOs.buf();
}
void
MemoryIdentityStorage::addIdentity(const Name& identityName)
{
string identityUri = identityName.toUri();
if (find(identityStore_.begin(), identityStore_.end(), identityUri) != identityStore_.end())
return;
identityStore_.push_back(identityUri);
}
void
MemoryIdentityStorage::setDefaultIdentity(const Name& identityName)
{
string identityUri = identityName.toUri();
if (find(identityStore_.begin(), identityStore_.end(), identityUri) != identityStore_.end())
defaultIdentity_ = identityUri;
else
// The identity doesn't exist, so clear the default.
defaultIdentity_.clear();
}
ptr_lib::shared_ptr<PublicKey>
SecPublicInfoMemory::getPublicKey(const Name& keyName)
{
KeyStore::iterator record = keyStore_.find(keyName.toUri());
if (record == keyStore_.end())
// Not found. Silently return null.
return ptr_lib::shared_ptr<PublicKey>();
return ptr_lib::make_shared<PublicKey> (record->second->getKey());
}
void
SecPublicInfoMemory::setDefaultIdentityInternal(const Name& identityName)
{
string identityUri = identityName.toUri();
if (find(identityStore_.begin(), identityStore_.end(), identityUri) != identityStore_.end())
defaultIdentity_ = identityUri;
else
// The identity doesn't exist, so clear the default.
defaultIdentity_.clear();
}
ptr_lib::shared_ptr<IdentityCertificate>
SecPublicInfoMemory::getCertificate(const Name& certificateName)
{
CertificateStore::iterator record = certificateStore_.find(certificateName.toUri());
if (record == certificateStore_.end())
// Not found. Silently return null.
return ptr_lib::shared_ptr<IdentityCertificate>();
return record->second;
}
Blob
MemoryIdentityStorage::getKey(const Name& keyName)
{
map<string, ptr_lib::shared_ptr<KeyRecord> >::iterator record = keyStore_.find(keyName.toUri());
if (record == keyStore_.end())
// Not found. Silently return null.
return Blob();
return record->second->getKeyDer();
}
bool
matchesFilter(const Name& name)
{
if (nameFilter.empty())
return true;
/// \todo Switch to NDN regular expressions
return boost::regex_match(name.toUri(), nameFilter);
}
void
MemoryIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
{
Name identityName = keyName.getSubName(0, keyName.size() - 1);
addIdentity(identityName);
if (doesKeyExist(keyName))
throw SecurityException("a key with the same name already exists!");
keyStore_[keyName.toUri()] = ptr_lib::make_shared<KeyRecord>(keyType, publicKeyDer);
}
ptr_lib::shared_ptr<IdentityCertificate>
MemoryIdentityStorage::getCertificate(const Name& certificateName, bool allowAny)
{
map<string, Blob>::iterator record = certificateStore_.find(certificateName.toUri());
if (record == certificateStore_.end())
// Not found. Silently return null.
return ptr_lib::shared_ptr<IdentityCertificate>();
ptr_lib::shared_ptr<IdentityCertificate> data(new IdentityCertificate());
data->wireDecode(*record->second);
return data;
}
void
SecPublicInfoMemory::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey)
{
Name identityName = keyName.getSubName(0, keyName.size() - 1);
if (!doesIdentityExist(identityName))
addIdentity(identityName);
if (doesPublicKeyExist(keyName))
throw Error("a key with the same name already exists!");
keyStore_[keyName.toUri()] = ptr_lib::make_shared<KeyRecord>(keyType, publicKey);
}
