void NdnSigner::sign( Interest& interest ) const
{
//////// configure key locator ///////////
// encode public key
std::string keystr;
CryptoPP::StringSink sink(keystr);
m_public_key.Save(sink);
// make key locator and insert key as key digest
KeyLocator loc;
auto buffer = make_shared<const Buffer>( (uint8_t*)keystr.c_str(), keystr.length() );
loc.setKeyDigest( buffer );
// setup signature info
Signature sig = interest.getSignature();
SignatureInfo sinfo = sig.getSignatureInfo();
sinfo.setSignatureType( tlv::SignatureSha256WithRsa);
sinfo.setKeyLocator( loc );
sig.setInfo( sinfo );
interest.setSignature( sig );
// sign interest
Block sig_block = signBlock( interest.wireEncode() );
// set signature
sig.setValue( sig_block );
interest.setSignature( sig );
interest.wireEncode();
}
bool
operator==(const Interest& lhs, const Interest& rhs)
{
bool wasCanBePrefixSetOnLhs = lhs.m_isCanBePrefixSet;
bool wasCanBePrefixSetOnRhs = rhs.m_isCanBePrefixSet;
lhs.m_isCanBePrefixSet = true;
rhs.m_isCanBePrefixSet = true;
BOOST_SCOPE_EXIT_ALL(&) {
lhs.m_isCanBePrefixSet = wasCanBePrefixSetOnLhs;
rhs.m_isCanBePrefixSet = wasCanBePrefixSetOnRhs;
};
return lhs.wireEncode() == rhs.wireEncode();
}
void
GenericLinkService::doSendInterest(const Interest& interest, const EndpointId& endpointId)
{
lp::Packet lpPacket(interest.wireEncode());
encodeLpFields(interest, lpPacket);
this->sendNetPacket(std::move(lpPacket), endpointId, true);
}
void
DummyClientFace::receive(const Interest& interest)
{
lp::Packet lpPacket(interest.wireEncode());
addFieldFromTag<lp::IncomingFaceIdField, lp::IncomingFaceIdTag>(lpPacket, interest);
addFieldFromTag<lp::NextHopFaceIdField, lp::NextHopFaceIdTag>(lpPacket, interest);
addFieldFromTag<lp::CongestionMarkField, lp::CongestionMarkTag>(lpPacket, interest);
static_pointer_cast<Transport>(getTransport())->receive(lpPacket.wireEncode());
}
TEST_F(TestInterestDump, CreateFresh)
{
Interest freshInterest = createFreshInterest();
vector<string> freshDump = dumpInterest(freshInterest);
ASSERT_TRUE(interestDumpsEqual(initialDump, freshDump)) << "Fresh interest does not match original";
Interest reDecodedFreshInterest;
reDecodedFreshInterest.wireDecode(freshInterest.wireEncode());
vector<string> reDecodedFreshDump = dumpInterest(reDecodedFreshInterest);
ASSERT_TRUE(interestDumpsEqual(freshDump, reDecodedFreshDump)) << "Redecoded fresh interest does not match original";
}
TEST_F(TestLink, EncodeDecodeInterestWithLink)
{
Link link1;
link1.setName(Name("test"));
link1.addDelegation(10, Name("/test1"));
link1.addDelegation(20, Name("/test2"));
link1.addDelegation(100, Name("/test3"));
keyChain_->sign(link1, certificateName_);
Interest interestA;
interestA.setName(Name("/Test/Encode/Decode/With/Link"));
interestA.setChildSelector(1);
interestA.setInterestLifetimeMilliseconds(10000);
interestA.setLinkWireEncoding(link1.wireEncode());
Blob interestEncoding = interestA.wireEncode();
Interest interestB;
interestB.wireDecode(interestEncoding);
ASSERT_EQ(interestA.getName(), interestB.getName());
Link* link2 = interestB.getLink();
ASSERT_TRUE(link2) << "Interest link object not specified";
const DelegationSet& delegations = link2->getDelegations();
for (size_t i = 0; i < delegations.size(); ++i) {
if (i == 0) {
ASSERT_EQ(10, delegations.get(i).getPreference());
ASSERT_EQ(Name("/test1"), delegations.get(i).getName());
}
if (i == 1) {
ASSERT_EQ(20, delegations.get(i).getPreference());
ASSERT_EQ(Name("/test2"), delegations.get(i).getName());
}
if (i == 2) {
ASSERT_EQ(100, delegations.get(i).getPreference());
ASSERT_EQ(Name("/test3"), delegations.get(i).getName());
}
}
}
void
KeyChain::sign
(Interest& interest, const Name& certificateName, WireFormat& wireFormat)
{
// TODO: Handle signature algorithms other than Sha256WithRsa.
Sha256WithRsaSignature signature;
signature.getKeyLocator().setType(ndn_KeyLocatorType_KEYNAME);
signature.getKeyLocator().setKeyName(certificateName.getPrefix(-1));
// Append the encoded SignatureInfo.
interest.getName().append(wireFormat.encodeSignatureInfo(signature));
// Append an empty signature so that the "signedPortion" is correct.
interest.getName().append(Name::Component());
// Encode once to get the signed portion, and sign.
SignedBlob encoding = interest.wireEncode(wireFormat);
ptr_lib::shared_ptr<Signature> signedSignature = sign
(encoding.signedBuf(), encoding.signedSize(), certificateName);
// Remove the empty signature and append the real one.
interest.setName(interest.getName().getPrefix(-1).append
(wireFormat.encodeSignatureValue(*signedSignature)));
}
void
IdentityManager::signInterestWithSha256
(Interest& interest, WireFormat& wireFormat)
{
DigestSha256Signature signature;
// Append the encoded SignatureInfo.
interest.getName().append(wireFormat.encodeSignatureInfo(signature));
// Append an empty signature so that the "signedPortion" is correct.
interest.getName().append(Name::Component());
// Encode once to get the signed portion.
SignedBlob encoding = interest.wireEncode(wireFormat);
// Digest and set the signature.
uint8_t signedPortionDigest[ndn_SHA256_DIGEST_SIZE];
ndn_digestSha256
(encoding.signedBuf(), encoding.signedSize(), signedPortionDigest);
signature.setSignature(Blob(signedPortionDigest, sizeof(signedPortionDigest)));
// Remove the empty signature and append the real one.
interest.setName(interest.getName().getPrefix(-1).append
(wireFormat.encodeSignatureValue(signature)));
}
void
IdentityManager::signInterestByCertificate
(Interest& interest, const Name& certificateName, WireFormat& wireFormat)
{
DigestAlgorithm digestAlgorithm;
ptr_lib::shared_ptr<Signature> signature = makeSignatureByCertificate
(certificateName, digestAlgorithm);
// Append the encoded SignatureInfo.
interest.getName().append(wireFormat.encodeSignatureInfo(*signature));
// Append an empty signature so that the "signedPortion" is correct.
interest.getName().append(Name::Component());
// Encode once to get the signed portion, and sign.
SignedBlob encoding = interest.wireEncode(wireFormat);
signature->setSignature
(privateKeyStorage_->sign(encoding.signedBuf(), encoding.signedSize(),
IdentityCertificate::certificateNameToPublicKeyName(certificateName),
digestAlgorithm));
// Remove the empty signature and append the real one.
interest.setName(interest.getName().getPrefix(-1).append
(wireFormat.encodeSignatureValue(*signature)));
}
int main(int argc, char** argv)
{
try {
Interest interest;
interest.wireDecode(TlvInterest, sizeof(TlvInterest));
cout << "Interest:" << endl;
dumpInterest(interest);
// Set the name again to clear the cached encoding so we encode again.
interest.setName(interest.getName());
Blob encoding = interest.wireEncode();
cout << endl << "Re-encoded interest " << encoding.toHex() << endl;
Interest reDecodedInterest;
reDecodedInterest.wireDecode(encoding);
cout << "Re-decoded Interest:" << endl;
dumpInterest(reDecodedInterest);
Interest freshInterest(Name("/ndn/abc"));
freshInterest.setMinSuffixComponents(4)
.setMaxSuffixComponents(6)
.setInterestLifetimeMilliseconds(30000)
.setChildSelector(1)
.setMustBeFresh(true);
freshInterest.getKeyLocator().setType(ndn_KeyLocatorType_KEY_LOCATOR_DIGEST);
uint8_t digest[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F };
freshInterest.getKeyLocator().setKeyData(Blob(digest, sizeof(digest)));
freshInterest.getExclude().appendComponent(Name("abc")[0]).appendAny();
ptr_lib::shared_ptr<MemoryIdentityStorage> identityStorage
(new MemoryIdentityStorage());
ptr_lib::shared_ptr<MemoryPrivateKeyStorage> privateKeyStorage
(new MemoryPrivateKeyStorage());
KeyChain keyChain
(ptr_lib::make_shared<IdentityManager>(identityStorage, privateKeyStorage),
ptr_lib::make_shared<SelfVerifyPolicyManager>(identityStorage.get()));
// Initialize the storage.
Name keyName("/testname/DSK-123");
Name certificateName = keyName.getSubName(0, keyName.size() - 1).append
("KEY").append(keyName[-1]).append("ID-CERT").append("0");
identityStorage->addKey
(keyName, KEY_TYPE_RSA, Blob(DEFAULT_RSA_PUBLIC_KEY_DER,
sizeof(DEFAULT_RSA_PUBLIC_KEY_DER)));
privateKeyStorage->setKeyPairForKeyName
(keyName, KEY_TYPE_RSA, DEFAULT_RSA_PUBLIC_KEY_DER,
sizeof(DEFAULT_RSA_PUBLIC_KEY_DER), DEFAULT_RSA_PRIVATE_KEY_DER,
sizeof(DEFAULT_RSA_PRIVATE_KEY_DER));
// Make a Face just so that we can sign the interest.
Face face("localhost");
face.setCommandSigningInfo(keyChain, certificateName);
face.makeCommandInterest(freshInterest);
ptr_lib::shared_ptr<Interest> reDecodedFreshInterest(new Interest());
reDecodedFreshInterest->wireDecode(freshInterest.wireEncode());
cout << endl << "Re-decoded fresh Interest:" << endl;
dumpInterest(*reDecodedFreshInterest);
keyChain.verifyInterest
(reDecodedFreshInterest, bind(&onVerified, "Freshly-signed Interest", _1),
bind(&onVerifyFailed, "Freshly-signed Interest", _1));
} catch (std::exception& e) {
cout << "exception: " << e.what() << endl;
}
return 0;
}
void
ClientFace::sendInterestOrNack(const Interest& interestOrNack)
{
this->sendElement(interestOrNack.wireEncode());
}
