/// <summary> /// Override to call onVerified.onVerifiedInterest(interest) and to indicate no /// further verification step. /// </summary> /// /// <param name="interest">The interest with the signature (to ignore).</param> /// <param name="stepCount"></param> /// <param name="onVerified">better error handling the callback should catch and properly handle any exceptions.</param> /// <param name="onValidationFailed">Override to ignore this.</param> /// <returns>null for no further step.</returns> public sealed override ValidationRequest checkVerificationPolicy(Interest interest, int stepCount, OnVerifiedInterest onVerified, OnInterestValidationFailed onValidationFailed, WireFormat wireFormat) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex); } return(null); }
public void verifyInterest(Interest interest, OnVerifiedInterest onVerified, OnVerifyInterestFailed onVerifyFailed, int stepCount) { ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Enter Verify"); if (policyManager_.requireVerify(interest)) { ValidationRequest nextStep = policyManager_ .checkVerificationPolicy(interest, stepCount, onVerified, onVerifyFailed); if (nextStep != null) { KeyChain.VerifyCallbacksForVerifyInterest callbacks = new KeyChain.VerifyCallbacksForVerifyInterest( this, nextStep, nextStep.retry_, onVerifyFailed, interest); try { face_.expressInterest(nextStep.interest_, callbacks, callbacks); } catch (IOException ex) { try { onVerifyFailed.onVerifyInterestFailed(interest); } catch (Exception exception) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed", exception); } } } } else if (policyManager_.skipVerifyAndTrust(interest)) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex_0) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_0); } } else { try { onVerifyFailed.onVerifyInterestFailed(interest); } catch (Exception ex_1) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed", ex_1); } } }
/// <summary> /// Use wireFormat.decodeSignatureInfoAndValue to decode the last two name /// components of the signed interest. Look in the IdentityStorage for the /// public key with the name in the KeyLocator (if available) and use it to /// verify the interest. If the public key can't be found, call onVerifyFailed. /// </summary> /// /// <param name="interest">The interest with the signature to check.</param> /// <param name="stepCount"></param> /// <param name="onVerified">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <param name="onVerifyFailed">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <returns>null for no further step for looking up a certificate chain.</returns> public override ValidationRequest checkVerificationPolicy(Interest interest, int stepCount, OnVerifiedInterest onVerified, OnVerifyInterestFailed onVerifyFailed, WireFormat wireFormat) { // Decode the last two name components of the signed interest net.named_data.jndn.Signature signature; try { signature = wireFormat.decodeSignatureInfoAndValue(interest .getName().get(-2).getValue().buf(), interest.getName() .get(-1).getValue().buf()); } catch (EncodingException ex) { logger_.log( ILOG.J2CsMapping.Util.Logging.Level.INFO, "Cannot decode the signed interest SignatureInfo and value", ex); try { onVerifyFailed.onVerifyInterestFailed(interest); } catch (Exception exception) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed", exception); } return(null); } // wireEncode returns the cached encoding if available. if (verify(signature, interest.wireEncode(wireFormat))) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex_0) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_0); } } else { try { onVerifyFailed.onVerifyInterestFailed(interest); } catch (Exception ex_1) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifyInterestFailed", ex_1); } } // No more steps, so return a null ValidationRequest. return(null); }
/// <summary> /// Use wireFormat.decodeSignatureInfoAndValue to decode the last two name /// components of the signed interest. Look in the IdentityStorage for the /// public key with the name in the KeyLocator (if available) and use it to /// verify the interest. If the public key can't be found, call onVerifyFailed. /// </summary> /// /// <param name="interest">The interest with the signature to check.</param> /// <param name="stepCount"></param> /// <param name="onVerified">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <param name="onValidationFailed">onValidationFailed.onInterestValidationFailed(interest, reason). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <returns>null for no further step for looking up a certificate chain.</returns> public override ValidationRequest checkVerificationPolicy(Interest interest, int stepCount, OnVerifiedInterest onVerified, OnInterestValidationFailed onValidationFailed, WireFormat wireFormat) { if (interest.getName().size() < 2) { try { onValidationFailed.onInterestValidationFailed(interest, "The signed interest has less than 2 components: " + interest.getName().toUri()); } catch (Exception exception) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", exception); } return null; } // Decode the last two name components of the signed interest Signature signature; try { signature = wireFormat.decodeSignatureInfoAndValue(interest .getName().get(-2).getValue().buf(), interest.getName() .get(-1).getValue().buf(), false); } catch (EncodingException ex) { logger_.log( ILOG.J2CsMapping.Util.Logging.Level.INFO, "Cannot decode the signed interest SignatureInfo and value", ex); try { onValidationFailed.onInterestValidationFailed(interest, "Error decoding the signed interest signature: " + ex); } catch (Exception exception_0) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", exception_0); } return null; } String[] failureReason = new String[] { "unknown" }; // wireEncode returns the cached encoding if available. if (verify(signature, interest.wireEncode(wireFormat), failureReason)) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex_1) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_1); } } else { try { onValidationFailed.onInterestValidationFailed(interest, failureReason[0]); } catch (Exception ex_2) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex_2); } } // No more steps, so return a null ValidationRequest. return null; }
public void verifyInterest(Interest interest, OnVerifiedInterest onVerified, OnInterestValidationFailed onValidationFailed, int stepCount) { ILOG.J2CsMapping.Util.Logging.Logger.getLogger(this.GetType().FullName).log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Enter Verify"); if (policyManager_.requireVerify(interest)) { ValidationRequest nextStep = policyManager_ .checkVerificationPolicy(interest, stepCount, onVerified, onValidationFailed); if (nextStep != null) { KeyChain.VerifyCallbacksForVerifyInterest callbacks = new KeyChain.VerifyCallbacksForVerifyInterest ( this, nextStep, nextStep.retry_, onValidationFailed, interest); try { face_.expressInterest(nextStep.interest_, callbacks, callbacks); } catch (IOException ex) { try { onValidationFailed.onInterestValidationFailed(interest, "Error calling expressInterest " + ex); } catch (Exception exception) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", exception); } } } } else if (policyManager_.skipVerifyAndTrust(interest)) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex_0) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_0); } } else { try { onValidationFailed .onInterestValidationFailed(interest, "The packet has no verify rule but skipVerifyAndTrust is false"); } catch (Exception ex_1) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex_1); } } }
/// <summary> /// Use wireFormat.decodeSignatureInfoAndValue to decode the last two name /// components of the signed interest. Look in the IdentityStorage or PibImpl for the /// public key with the name in the KeyLocator (if available) and use it to /// verify the interest. If the public key can't be found, call /// onValidationFailed.onInterestValidationFailed. /// </summary> /// /// <param name="interest">The interest with the signature to check.</param> /// <param name="stepCount"></param> /// <param name="onVerified">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <param name="onValidationFailed">onValidationFailed.onInterestValidationFailed(interest, reason). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <returns>null for no further step for looking up a certificate chain.</returns> public override ValidationRequest checkVerificationPolicy(Interest interest, int stepCount, OnVerifiedInterest onVerified, OnInterestValidationFailed onValidationFailed, WireFormat wireFormat) { if (interest.getName().size() < 2) { try { onValidationFailed.onInterestValidationFailed(interest, "The signed interest has less than 2 components: " + interest.getName().toUri()); } catch (Exception exception) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", exception); } return(null); } // Decode the last two name components of the signed interest Signature signature; try { signature = wireFormat.decodeSignatureInfoAndValue(interest .getName().get(-2).getValue().buf(), interest.getName() .get(-1).getValue().buf(), false); } catch (EncodingException ex) { logger_.log( ILOG.J2CsMapping.Util.Logging.Level.INFO, "Cannot decode the signed interest SignatureInfo and value", ex); try { onValidationFailed.onInterestValidationFailed(interest, "Error decoding the signed interest signature: " + ex); } catch (Exception exception_0) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", exception_0); } return(null); } String[] failureReason = new String[] { "unknown" }; // wireEncode returns the cached encoding if available. if (verify(signature, interest.wireEncode(wireFormat), failureReason)) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex_1) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_1); } } else { try { onValidationFailed.onInterestValidationFailed(interest, failureReason[0]); } catch (Exception ex_2) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex_2); } } // No more steps, so return a null ValidationRequest. return(null); }
/// <summary> /// Check whether the received signed interest complies with the verification /// policy, and get the indication of the next verification step. /// </summary> /// /// <param name="interest">The interest with the signature to check.</param> /// <param name="stepCount"></param> /// <param name="onVerified">better error handling the callback should catch and properly handle any exceptions.</param> /// <param name="onValidationFailed">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param> /// <returns>the indication of next verification step, null if there is no /// further step.</returns> public override sealed ValidationRequest checkVerificationPolicy(Interest interest, int stepCount, OnVerifiedInterest onVerified, OnInterestValidationFailed onValidationFailed, WireFormat wireFormat) { String[] failureReason = new String[] { "unknown" }; Signature signature = extractSignature(interest, wireFormat, failureReason); if (signature == null) { // Can't get the signature from the interest name. try { onValidationFailed.onInterestValidationFailed(interest, failureReason[0]); } catch (Exception ex) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex); } return null; } // For command interests, we need to ignore the last 4 components when // matching the name. Interest certificateInterest = getCertificateInterest(stepCount, "interest", interest.getName().getPrefix(-4), signature, failureReason); if (certificateInterest == null) { try { onValidationFailed.onInterestValidationFailed(interest, failureReason[0]); } catch (Exception ex_0) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex_0); } return null; } if (certificateInterest.getName().size() > 0) return new ValidationRequest(certificateInterest, new ConfigPolicyManager.OnCertificateDownloadCompleteForInterest (this, interest, stepCount, onVerified, onValidationFailed, wireFormat), new ConfigPolicyManager.OnVerifyInterestFailedWrapper ( onValidationFailed, interest), 2, stepCount + 1); else { // For interests, we must check that the timestamp is fresh enough. // This is done after (possibly) downloading the certificate to avoid filling // the cache with bad keys. Name signatureName = net.named_data.jndn.KeyLocator.getFromSignature(signature) .getKeyName(); Name keyName = net.named_data.jndn.security.certificate.IdentityCertificate .certificateNameToPublicKeyName(signatureName); double timestamp = interest.getName().get(-4).toNumber(); if (!interestTimestampIsFresh(keyName, timestamp, failureReason)) { try { onValidationFailed.onInterestValidationFailed(interest, failureReason[0]); } catch (Exception ex_1) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex_1); } return null; } // Certificate is known. Verify the signature. // wireEncode returns the cached encoding if available. if (verify(signature, interest.wireEncode(), failureReason)) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex_2) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex_2); } updateTimestampForKey(keyName, timestamp); } else { try { onValidationFailed.onInterestValidationFailed(interest, failureReason[0]); } catch (Exception ex_3) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onInterestValidationFailed", ex_3); } } return null; } }
/// <summary> /// Override to call onVerified.onVerifiedInterest(interest) and to indicate no /// further verification step. /// </summary> /// /// <param name="interest">The interest with the signature (to ignore).</param> /// <param name="stepCount"></param> /// <param name="onVerified">better error handling the callback should catch and properly handle any exceptions.</param> /// <param name="onValidationFailed">Override to ignore this.</param> /// <returns>null for no further step.</returns> public override sealed ValidationRequest checkVerificationPolicy(Interest interest, int stepCount, OnVerifiedInterest onVerified, OnInterestValidationFailed onValidationFailed, WireFormat wireFormat) { try { onVerified.onVerifiedInterest(interest); } catch (Exception ex) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.SEVERE, "Error in onVerifiedInterest", ex); } return null; }