bool SecurityHelper::verifyDataObject(DataObjectRef& dObj, CertificateRef& cert) const
{
RSA *key;
// Cannot verify without signature
if (!dObj->getSignature()) {
HAGGLE_ERR("No signature in data object, cannot verify\n");
return false;
}
writeErrors("(not this): ");
key = cert->getPubKey();
if (RSA_verify(NID_sha1, dObj->getId(), sizeof(DataObjectId_t),
const_cast<unsigned char *>(dObj->getSignature()), dObj->getSignatureLength(), key) != 1) {
char *raw;
size_t len;
writeErrors("");
dObj->getRawMetadataAlloc((unsigned char **)&raw, &len);
if (raw) {
HAGGLE_DBG("Signature is invalid:\n%s\n", raw);
free(raw);
}
dObj->setSignatureStatus(DataObject::SIGNATURE_INVALID);
return false;
}
HAGGLE_DBG("Signature is valid\n");
dObj->setSignatureStatus(DataObject::SIGNATURE_VALID);
return true;
}
bool FragmentationEncoderService::addAttributes(DataObjectRef originalDataObject, DataObjectRef fragmentDataObject,
string sequenceNumberListCsv) {
//copy attributes. though eventually will use rich metadata?
const Attributes* originalAttributes = originalDataObject->getAttributes();
for (Attributes::const_iterator it = originalAttributes->begin(); it != originalAttributes->end(); it++) {
const Attribute attr = (*it).second;
bool addAttribute = fragmentDataObject->addAttribute(attr);
if (!addAttribute) {
HAGGLE_ERR("unable to add attribute\n");
return false;
}
}
//add sequence number attribute
// char sequenceBuffer[33];
// memset(sequenceBuffer, 0, sizeof(sequenceBuffer));
// sprintf(sequenceBuffer, "%d", sequenceNumber);
// HAGGLE_DBG("stringSequenceNumber=%s\n", sequenceBuffer);
// bool addedSequenceNUmber = fragmentDataObject->addAttribute(
// HAGGLE_ATTR_FRAGMENTATION_SEQUENCE_NUMBER, sequenceBuffer, 0);
// if (!addedSequenceNUmber) {
// HAGGLE_ERR("unable to add addedSequenceNUmber attribute\n");
// return false;
// }
HAGGLE_DBG2("stringSequenceNumber=%s\n", sequenceNumberListCsv.c_str());
bool addedSequenceNumber = fragmentDataObject->addAttribute(HAGGLE_ATTR_FRAGMENTATION_SEQUENCE_NUMBER,
sequenceNumberListCsv, 0);
if (!addedSequenceNumber) {
HAGGLE_ERR("Unable to add sequence number attribute\n");
return false;
}
//add attribute to indicate data object is fragmentation block
bool addedIsFragmentationCodedAttribute = fragmentDataObject->addAttribute(HAGGLE_ATTR_FRAGMENTATION_NAME, "TRUE",
0);
if (!addedIsFragmentationCodedAttribute) {
HAGGLE_ERR("Unable to add fragmentation attribute\n");
return false;
}
//add original data len attribute
char lenBuffer[33];
memset(lenBuffer, 0, sizeof(lenBuffer));
int len = fragmentationDataObjectUtility->getFileLength(originalDataObject);
if(len == 0) {
HAGGLE_ERR("Orignal data len is zero - file already deleted\n");
return false;
}
sprintf(lenBuffer, "%d", len);
bool addedDataLenAttribute = fragmentDataObject->addAttribute(HAGGLE_ATTR_FRAGMENTATION_PARENT_ORIG_LEN, lenBuffer,
0);
if (!addedDataLenAttribute) {
HAGGLE_ERR("Unable to add original data len attribute\n");
return false;
}
//add dataobject id
const char* originalId = originalDataObject->getIdStr();
string originalStringId = originalId;
bool addedIdAttribute = fragmentDataObject->addAttribute(HAGGLE_ATTR_FRAGMENTATION_PARENT_DATAOBJECT_ID,
originalStringId, 0);
if (!addedIdAttribute) {
HAGGLE_ERR("Unable to add original data object id attribute\n");
return false;
}
//add dataobject name
string originalName = fragmentationDataObjectUtility->getFileName(originalDataObject);
HAGGLE_DBG2("Add original name %s as attribute\n", originalName.c_str());
bool addedNameAttribute = fragmentDataObject->addAttribute(HAGGLE_ATTR_FRAGMENTATION_PARENT_ORIG_NAME, originalName,
0);
if (!addedNameAttribute) {
HAGGLE_ERR("Unable to add original name attribute\n");
return false;
}
//add create time
string originalCreateTime = originalDataObject->getCreateTime().getAsString();
HAGGLE_DBG2("Add original create time %s as attribute\n", originalCreateTime.c_str());
bool addedCreatedTimeAttribute = fragmentDataObject->addAttribute(HAGGLE_ATTR_FRAGMENTATION_PARENT_CREATION_TIME,
originalCreateTime, 0);
if (!addedCreatedTimeAttribute) {
HAGGLE_ERR("Unable to add original create time attribute\n");
return false;
}
//set create time of fragment to same create time as parent so fragment data object ids can match up
Timeval createTime(originalCreateTime);
fragmentDataObject->setCreateTime(createTime);
if(originalDataObject->getSignature()) { // MOS
//add signee
string parentSignee = originalDataObject->getSignee();
HAGGLE_DBG2("Add original signee %s as attribute\n",parentSignee.c_str());
bool addedSigneeAttribute = fragmentDataObject->
addAttribute(HAGGLE_ATTR_FRAGMENTATION_PARENT_ORIG_SIGNEE,parentSignee,0);
if(!addedSigneeAttribute) {
HAGGLE_ERR("Unable to add original signee attribute\n");
return false;
}
//add signature
char *base64_signature = NULL;
if (base64_encode_alloc((char *)originalDataObject->getSignature(), originalDataObject->getSignatureLength(), &base64_signature) <= 0) {
HAGGLE_ERR("Unable to generate base64 encoded signature\n");
return false;
}
string parentSignature = base64_signature;
HAGGLE_DBG2("Add original signature %s as attribute\n",parentSignature.c_str());
bool addedSignatureAttribute = fragmentDataObject->
addAttribute(HAGGLE_ATTR_FRAGMENTATION_PARENT_ORIG_SIGNATURE,parentSignature,0);
if(!addedSignatureAttribute) {
HAGGLE_ERR("Unable to add original signature attribute\n");
return false;
}
if(base64_signature) {
free(base64_signature);
base64_signature = NULL;
}
}
return true;
}