예제 #1
0
 /// <summary>
 /// Override to call onVerified.onVerifiedInterest(interest) and to indicate no
 /// further verification step.
 /// </summary>
 ///
 /// <param name="interest">The interest with the signature (to ignore).</param>
 /// <param name="stepCount"></param>
 /// <param name="onVerified">better error handling the callback should catch and properly handle any exceptions.</param>
 /// <param name="onValidationFailed">Override to ignore this.</param>
 /// <returns>null for no further step.</returns>
 public sealed override ValidationRequest checkVerificationPolicy(Interest interest,
                                                                  int stepCount, OnVerifiedInterest onVerified,
                                                                  OnInterestValidationFailed onValidationFailed, WireFormat wireFormat)
 {
     try {
         onVerified.onVerifiedInterest(interest);
     } catch (Exception ex) {
         logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex);
     }
     return(null);
 }
예제 #2
0
        public void verifyInterest(Interest interest,
                                   OnVerifiedInterest onVerified,
                                   OnVerifyInterestFailed onVerifyFailed, int stepCount)
        {
            ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO,
                                                                                        "Enter Verify");

            if (policyManager_.requireVerify(interest))
            {
                ValidationRequest nextStep = policyManager_
                                             .checkVerificationPolicy(interest, stepCount, onVerified,
                                                                      onVerifyFailed);
                if (nextStep != null)
                {
                    KeyChain.VerifyCallbacksForVerifyInterest callbacks = new KeyChain.VerifyCallbacksForVerifyInterest(
                        this, nextStep, nextStep.retry_, onVerifyFailed, interest);
                    try {
                        face_.expressInterest(nextStep.interest_, callbacks,
                                              callbacks);
                    } catch (IOException ex) {
                        try {
                            onVerifyFailed.onVerifyInterestFailed(interest);
                        } catch (Exception exception) {
                            logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                        "Error in onVerifyInterestFailed", exception);
                        }
                    }
                }
            }
            else if (policyManager_.skipVerifyAndTrust(interest))
            {
                try {
                    onVerified.onVerifiedInterest(interest);
                } catch (Exception ex_0) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_0);
                }
            }
            else
            {
                try {
                    onVerifyFailed.onVerifyInterestFailed(interest);
                } catch (Exception ex_1) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed", ex_1);
                }
            }
        }
        /// <summary>
        /// Use wireFormat.decodeSignatureInfoAndValue to decode the last two name
        /// components of the signed interest. Look in the IdentityStorage for the
        /// public key with the name in the KeyLocator (if available) and use it to
        /// verify the interest. If the public key can't be found, call onVerifyFailed.
        /// </summary>
        ///
        /// <param name="interest">The interest with the signature to check.</param>
        /// <param name="stepCount"></param>
        /// <param name="onVerified">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <param name="onVerifyFailed">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <returns>null for no further step for looking up a certificate chain.</returns>
        public override ValidationRequest checkVerificationPolicy(Interest interest,
                                                                  int stepCount, OnVerifiedInterest onVerified,
                                                                  OnVerifyInterestFailed onVerifyFailed, WireFormat wireFormat)
        {
            // Decode the last two name components of the signed interest
            net.named_data.jndn.Signature signature;
            try {
                signature = wireFormat.decodeSignatureInfoAndValue(interest
                                                                   .getName().get(-2).getValue().buf(), interest.getName()
                                                                   .get(-1).getValue().buf());
            } catch (EncodingException ex) {
                logger_.log(
                    ILOG.J2CsMapping.Util.Logging.Level.INFO,
                    "Cannot decode the signed interest SignatureInfo and value",
                    ex);
                try {
                    onVerifyFailed.onVerifyInterestFailed(interest);
                } catch (Exception exception) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed",
                                exception);
                }
                return(null);
            }

            // wireEncode returns the cached encoding if available.
            if (verify(signature, interest.wireEncode(wireFormat)))
            {
                try {
                    onVerified.onVerifiedInterest(interest);
                } catch (Exception ex_0) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_0);
                }
            }
            else
            {
                try {
                    onVerifyFailed.onVerifyInterestFailed(interest);
                } catch (Exception ex_1) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed", ex_1);
                }
            }

            // No more steps, so return a null ValidationRequest.
            return(null);
        }
        /// <summary>
        /// Use wireFormat.decodeSignatureInfoAndValue to decode the last two name
        /// components of the signed interest. Look in the IdentityStorage for the
        /// public key with the name in the KeyLocator (if available) and use it to
        /// verify the interest. If the public key can't be found, call onVerifyFailed.
        /// </summary>
        ///
        /// <param name="interest">The interest with the signature to check.</param>
        /// <param name="stepCount"></param>
        /// <param name="onVerified">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <param name="onValidationFailed">onValidationFailed.onInterestValidationFailed(interest, reason). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <returns>null for no further step for looking up a certificate chain.</returns>
        public override ValidationRequest checkVerificationPolicy(Interest interest,
				int stepCount, OnVerifiedInterest onVerified,
				OnInterestValidationFailed onValidationFailed, WireFormat wireFormat)
        {
            if (interest.getName().size() < 2) {
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                            "The signed interest has less than 2 components: "
                                    + interest.getName().toUri());
                } catch (Exception exception) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                            "Error in onInterestValidationFailed", exception);
                }
                return null;
            }

            // Decode the last two name components of the signed interest
            Signature signature;
            try {
                signature = wireFormat.decodeSignatureInfoAndValue(interest
                        .getName().get(-2).getValue().buf(), interest.getName()
                        .get(-1).getValue().buf(), false);
            } catch (EncodingException ex) {
                logger_.log(
                        ILOG.J2CsMapping.Util.Logging.Level.INFO,
                        "Cannot decode the signed interest SignatureInfo and value",
                        ex);
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                            "Error decoding the signed interest signature: " + ex);
                } catch (Exception exception_0) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                            "Error in onInterestValidationFailed", exception_0);
                }
                return null;
            }

            String[] failureReason = new String[] { "unknown" };
            // wireEncode returns the cached encoding if available.
            if (verify(signature, interest.wireEncode(wireFormat), failureReason)) {
                try {
                    onVerified.onVerifiedInterest(interest);
                } catch (Exception ex_1) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_1);
                }
            } else {
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                            failureReason[0]);
                } catch (Exception ex_2) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                            "Error in onInterestValidationFailed", ex_2);
                }
            }

            // No more steps, so return a null ValidationRequest.
            return null;
        }
예제 #5
0
        public void verifyInterest(Interest interest,
				OnVerifiedInterest onVerified,
				OnInterestValidationFailed onValidationFailed, int stepCount)
        {
            ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO,
                    "Enter Verify");

            if (policyManager_.requireVerify(interest)) {
                ValidationRequest nextStep = policyManager_
                        .checkVerificationPolicy(interest, stepCount, onVerified,
                                onValidationFailed);
                if (nextStep != null) {
                    KeyChain.VerifyCallbacksForVerifyInterest  callbacks = new KeyChain.VerifyCallbacksForVerifyInterest (
                            this, nextStep, nextStep.retry_, onValidationFailed, interest);
                    try {
                        face_.expressInterest(nextStep.interest_, callbacks,
                                callbacks);
                    } catch (IOException ex) {
                        try {
                            onValidationFailed.onInterestValidationFailed(interest,
                                    "Error calling expressInterest " + ex);
                        } catch (Exception exception) {
                            logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                    "Error in onInterestValidationFailed",
                                    exception);
                        }
                    }
                }
            } else if (policyManager_.skipVerifyAndTrust(interest)) {
                try {
                    onVerified.onVerifiedInterest(interest);
                } catch (Exception ex_0) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_0);
                }
            } else {
                try {
                    onValidationFailed
                            .onInterestValidationFailed(interest,
                                    "The packet has no verify rule but skipVerifyAndTrust is false");
                } catch (Exception ex_1) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                            "Error in onInterestValidationFailed", ex_1);
                }
            }
        }
        /// <summary>
        /// Use wireFormat.decodeSignatureInfoAndValue to decode the last two name
        /// components of the signed interest. Look in the IdentityStorage or PibImpl for the
        /// public key with the name in the KeyLocator (if available) and use it to
        /// verify the interest. If the public key can't be found, call
        /// onValidationFailed.onInterestValidationFailed.
        /// </summary>
        ///
        /// <param name="interest">The interest with the signature to check.</param>
        /// <param name="stepCount"></param>
        /// <param name="onVerified">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <param name="onValidationFailed">onValidationFailed.onInterestValidationFailed(interest, reason). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <returns>null for no further step for looking up a certificate chain.</returns>
        public override ValidationRequest checkVerificationPolicy(Interest interest,
                                                                  int stepCount, OnVerifiedInterest onVerified,
                                                                  OnInterestValidationFailed onValidationFailed, WireFormat wireFormat)
        {
            if (interest.getName().size() < 2)
            {
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                                                                  "The signed interest has less than 2 components: "
                                                                  + interest.getName().toUri());
                } catch (Exception exception) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                "Error in onInterestValidationFailed", exception);
                }
                return(null);
            }

            // Decode the last two name components of the signed interest
            Signature signature;

            try {
                signature = wireFormat.decodeSignatureInfoAndValue(interest
                                                                   .getName().get(-2).getValue().buf(), interest.getName()
                                                                   .get(-1).getValue().buf(), false);
            } catch (EncodingException ex) {
                logger_.log(
                    ILOG.J2CsMapping.Util.Logging.Level.INFO,
                    "Cannot decode the signed interest SignatureInfo and value",
                    ex);
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                                                                  "Error decoding the signed interest signature: " + ex);
                } catch (Exception exception_0) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                "Error in onInterestValidationFailed", exception_0);
                }
                return(null);
            }

            String[] failureReason = new String[] { "unknown" };
            // wireEncode returns the cached encoding if available.
            if (verify(signature, interest.wireEncode(wireFormat), failureReason))
            {
                try {
                    onVerified.onVerifiedInterest(interest);
                } catch (Exception ex_1) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_1);
                }
            }
            else
            {
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                                                                  failureReason[0]);
                } catch (Exception ex_2) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                "Error in onInterestValidationFailed", ex_2);
                }
            }

            // No more steps, so return a null ValidationRequest.
            return(null);
        }
예제 #7
0
        /// <summary>
        /// Check whether the received signed interest complies with the verification
        /// policy, and get the indication of the next verification step.
        /// </summary>
        ///
        /// <param name="interest">The interest with the signature to check.</param>
        /// <param name="stepCount"></param>
        /// <param name="onVerified">better error handling the callback should catch and properly handle any exceptions.</param>
        /// <param name="onValidationFailed">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
        /// <returns>the indication of next verification step, null if there is no
        /// further step.</returns>
        public override sealed ValidationRequest checkVerificationPolicy(Interest interest,
				int stepCount, OnVerifiedInterest onVerified,
				OnInterestValidationFailed onValidationFailed, WireFormat wireFormat)
        {
            String[] failureReason = new String[] { "unknown" };
            Signature signature = extractSignature(interest, wireFormat,
                    failureReason);
            if (signature == null) {
                // Can't get the signature from the interest name.
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                            failureReason[0]);
                } catch (Exception ex) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                            "Error in onInterestValidationFailed", ex);
                }
                return null;
            }

            // For command interests, we need to ignore the last 4 components when
            //   matching the name.
            Interest certificateInterest = getCertificateInterest(stepCount,
                    "interest", interest.getName().getPrefix(-4), signature,
                    failureReason);
            if (certificateInterest == null) {
                try {
                    onValidationFailed.onInterestValidationFailed(interest,
                            failureReason[0]);
                } catch (Exception ex_0) {
                    logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                            "Error in onInterestValidationFailed", ex_0);
                }
                return null;
            }

            if (certificateInterest.getName().size() > 0)
                return new ValidationRequest(certificateInterest,
                        new ConfigPolicyManager.OnCertificateDownloadCompleteForInterest (this, interest,
                                stepCount, onVerified, onValidationFailed,
                                wireFormat), new ConfigPolicyManager.OnVerifyInterestFailedWrapper (
                                onValidationFailed, interest), 2, stepCount + 1);
            else {
                // For interests, we must check that the timestamp is fresh enough.
                // This is done after (possibly) downloading the certificate to avoid filling
                // the cache with bad keys.
                Name signatureName = net.named_data.jndn.KeyLocator.getFromSignature(signature)
                        .getKeyName();
                Name keyName = net.named_data.jndn.security.certificate.IdentityCertificate
                        .certificateNameToPublicKeyName(signatureName);
                double timestamp = interest.getName().get(-4).toNumber();

                if (!interestTimestampIsFresh(keyName, timestamp, failureReason)) {
                    try {
                        onValidationFailed.onInterestValidationFailed(interest,
                                failureReason[0]);
                    } catch (Exception ex_1) {
                        logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                "Error in onInterestValidationFailed", ex_1);
                    }
                    return null;
                }

                // Certificate is known. Verify the signature.
                // wireEncode returns the cached encoding if available.
                if (verify(signature, interest.wireEncode(), failureReason)) {
                    try {
                        onVerified.onVerifiedInterest(interest);
                    } catch (Exception ex_2) {
                        logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_2);
                    }
                    updateTimestampForKey(keyName, timestamp);
                } else {
                    try {
                        onValidationFailed.onInterestValidationFailed(interest,
                                failureReason[0]);
                    } catch (Exception ex_3) {
                        logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE,
                                "Error in onInterestValidationFailed", ex_3);
                    }
                }

                return null;
            }
        }
        /// <summary>
        /// Override to call onVerified.onVerifiedInterest(interest) and to indicate no
        /// further verification step.
        /// </summary>
        ///
        /// <param name="interest">The interest with the signature (to ignore).</param>
        /// <param name="stepCount"></param>
        /// <param name="onVerified">better error handling the callback should catch and properly handle any exceptions.</param>
        /// <param name="onValidationFailed">Override to ignore this.</param>
        /// <returns>null for no further step.</returns>
        public override sealed ValidationRequest checkVerificationPolicy(Interest interest,
				int stepCount, OnVerifiedInterest onVerified,
				OnInterestValidationFailed onValidationFailed, WireFormat wireFormat)
        {
            try {
                onVerified.onVerifiedInterest(interest);
            } catch (Exception ex) {
                logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex);
            }
            return null;
        }