d6/def/certificate_8cpp_source.html

 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */

 #include "common.hpp"


 #include "certificate.hpp"

 #include "../util/time.hpp"

 #include "cryptopp.hpp"

 #include "../encoding/cryptopp/asn_ext.hpp"


 using namespace std;


 namespace ndn {


 Certificate::Certificate()

   : m_notBefore(time::system_clock::TimePoint::max())

   , m_notAfter(time::system_clock::TimePoint::min())

 {

 }


 Certificate::Certificate(const Data& data)

   // Use the copy constructor.  It clones the signature object.

   : Data(data)

 {

   decode();

 }


 Certificate::~Certificate()

 {

   //TODO:

 }


 bool

 Certificate::isTooEarly()

 {

   if (time::system_clock::now() < m_notBefore)

     return true;

   else

     return false;

 }


 bool

 Certificate::isTooLate()

 {

   if (time::system_clock::now() > m_notAfter)

     return true;

   else

     return false;

 }


 void

 Certificate::encode()

 {

   // Name

   //    <key_name>/ID-CERT/<id#>

   // Content

   // DER encoded idCert:

   //

   //    idCert ::= SEQUENCE {

   //        validity            Validity,

   //        subject             Name,

   //        subjectPubKeyInfo   SubjectPublicKeyInfo,

   //        extension           Extensions OPTIONAL   }

   //

   //    Validity ::= SEQUENCE {

   //        notBefore           Time,

   //        notAfter            Time   }

   //

   //    Name ::= CHOICE {

   //        RDNSequence   }

   //

   //    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

   //

   //    RelativeDistinguishedName ::=

   //        SET OF AttributeTypeAndValue

   //

   //    SubjectPublicKeyInfo ::= SEQUENCE {

   //        algorithm           AlgorithmIdentifier

   //        keybits             BIT STRING   }

   //

   //    Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension

   //

   // (see http://www.ietf.org/rfc/rfc3280.txt for more detail)

   //

   // KeyLocator

   //    issuer’s certificate name

   // Signature


   using namespace CryptoPP;


   OBufferStream os;

   CryptoPP::FileSink sink(os);


   // idCert ::= SEQUENCE {

   //     validity            Validity,

   //     subject             Name,

   //     subjectPubKeyInfo   SubjectPublicKeyInfo,

   //     extension           Extensions OPTIONAL   }

   DERSequenceEncoder idCert(sink);

   {

     // Validity ::= SEQUENCE {

     //       notBefore           Time,

     //       notAfter            Time   }

     DERSequenceEncoder validity(idCert);

     {

       DEREncodeGeneralTime(validity, m_notBefore);

       DEREncodeGeneralTime(validity, m_notAfter);

     }

     validity.MessageEnd();


     // Name ::= CHOICE {

     //     RDNSequence   }

     //

     // RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

     DERSequenceEncoder name(idCert);

     {

       for (SubjectDescriptionList::iterator it = m_subjectDescriptionList.begin();

            it != m_subjectDescriptionList.end(); ++it)

         {

           it->encode(name);

         }

     }

     name.MessageEnd();


     // SubjectPublicKeyInfo

     m_key.encode(idCert);


     // Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension

     //

     // Extension ::= SEQUENCE {

     //        extnID      OBJECT IDENTIFIER,

     //        critical    BOOLEAN DEFAULT FALSE,

     //        extnValue   OCTET STRING  }

     if (!m_extensionList.empty())

       {

         DERSequenceEncoder extensions(idCert);

         {

           for (ExtensionList::iterator it = m_extensionList.begin();

                it != m_extensionList.end(); ++it)

             {

               it->encode(extensions);

             }

         }

         extensions.MessageEnd();

       }

   }


   idCert.MessageEnd();


   setContent(os.buf());

   setContentType(MetaInfo::TYPE_KEY);

 }


 void

 Certificate::decode()

 {

   using namespace CryptoPP;


   OBufferStream os;

   StringSource source(getContent().value(), getContent().value_size(), true);


   // idCert ::= SEQUENCE {

   //     validity            Validity,

   //     subject             Name,

   //     subjectPubKeyInfo   SubjectPublicKeyInfo,

   //     extension           Extensions OPTIONAL   }

   BERSequenceDecoder idCert(source);

   {

     // Validity ::= SEQUENCE {

     //       notBefore           Time,

     //       notAfter            Time   }

     BERSequenceDecoder validity(idCert);

     {

       BERDecodeTime(validity, m_notBefore);

       BERDecodeTime(validity, m_notAfter);

     }

     validity.MessageEnd();


     // Name ::= CHOICE {

     //     RDNSequence   }

     //

     // RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

     m_subjectDescriptionList.clear();

     BERSequenceDecoder name(idCert);

     {

       while (!name.EndReached())

         {

           m_subjectDescriptionList.push_back(CertificateSubjectDescription(name));

         }

     }

     name.MessageEnd();


     // SubjectPublicKeyInfo ::= SEQUENCE {

     //     algorithm           AlgorithmIdentifier

     //     keybits             BIT STRING   }

     m_key.decode(idCert);


     // Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension

     //

     // Extension ::= SEQUENCE {

     //        extnID      OBJECT IDENTIFIER,

     //        critical    BOOLEAN DEFAULT FALSE,

     //        extnValue   OCTET STRING  }

     m_extensionList.clear();

     if (!idCert.EndReached())

       {

         BERSequenceDecoder extensions(idCert);

         {

           while (!extensions.EndReached())

             {

               m_extensionList.push_back(CertificateExtension(extensions));

             }

         }

         extensions.MessageEnd();

       }

   }


   idCert.MessageEnd();

 }


 void

 Certificate::printCertificate(std::ostream& os) const

 {

   os << "Certificate name:" << endl;

   os << "  " << getName() << endl;

   os << "Validity:" << endl;

   {

     os << "  NotBefore: " << time::toIsoString(m_notBefore) << endl;

     os << "  NotAfter: "  << time::toIsoString(m_notAfter)  << endl;

   }


   os << "Subject Description:" << endl;

   for (SubjectDescriptionList::const_iterator it = m_subjectDescriptionList.begin();

        it != m_subjectDescriptionList.end(); ++it)

     {

       os << "  " << it->getOidString() << ": " << it->getValue() << endl;

     }


   os << "Public key bits:" << endl;

   CryptoPP::Base64Encoder encoder(new CryptoPP::FileSink(os), true, 64);

   m_key.encode(encoder);

 }


 } // namespace ndn

ndn::OBufferStream
Class implementing interface similar to ostringstream, but to construct ndn::Buffer.
Definition: buffer.hpp:176

ndn::Certificate::m_extensionList
ExtensionList m_extensionList
Definition: certificate.hpp:189

ndn::DEREncodeGeneralTime
size_t DEREncodeGeneralTime(CryptoPP::BufferedTransformation &bt, const time::system_clock::TimePoint &time)
Definition: asn_ext.cpp:20

ndn::Data::setContentType
void setContentType(uint32_t type)
Definition: data.hpp:378

ndn::CertificateSubjectDescription
A CertificateSubjectDescription represents the SubjectDescription entry in a Certificate.
Definition: certificate-subject-description.hpp:24

ndn::PublicKey::encode
void encode(CryptoPP::BufferedTransformation &out) const
Definition: public-key.cpp:36

ndn::Certificate::m_key
PublicKey m_key
Definition: certificate.hpp:188

ndn::Certificate::Certificate
Certificate()
The default constructor.
Definition: certificate.cpp:20

ndn::Data::getName
const Name & getName() const
Definition: data.hpp:346

ndn::Certificate::m_notAfter
time::system_clock::TimePoint m_notAfter
Definition: certificate.hpp:187

cryptopp.hpp

ndn::Data::setContent
void setContent(const uint8_t *content, size_t contentLength)
Set the content to a copy of the data in the vector.
Definition: data.hpp:422

ndn::BERDecodeTime
void BERDecodeTime(CryptoPP::BufferedTransformation &bt, time::system_clock::TimePoint &time)
Definition: asn_ext.cpp:36

ndn::Certificate::isTooLate
bool isTooLate()
Check if the certificate is valid.
Definition: certificate.cpp:48

ndn::Certificate::encode
void encode()
encode certificate info into content
Definition: certificate.cpp:57

certificate.hpp

ndn::Certificate::m_notBefore
time::system_clock::TimePoint m_notBefore
Definition: certificate.hpp:186

ndn::time::toIsoString
std::string toIsoString(const system_clock::TimePoint &timePoint)
Convert to the ISO string representation of the time (YYYYMMDDTHHMMSS,fffffffff)
Definition: time.hpp:135

ndn::Certificate::isTooEarly
bool isTooEarly()
Check if the certificate is valid.
Definition: certificate.cpp:39

ndn::PublicKey::decode
void decode(CryptoPP::BufferedTransformation &in)
Definition: public-key.cpp:46

ndn::Certificate::m_subjectDescriptionList
SubjectDescriptionList m_subjectDescriptionList
Definition: certificate.hpp:185

ndn::Data::getContent
const Block & getContent() const
Get content Block.
Definition: data.hpp:411

ndn::Certificate::~Certificate
virtual ~Certificate()
The virtual destructor.
Definition: certificate.cpp:33

ndn::MetaInfo::TYPE_KEY
Definition: meta-info.hpp:23

ndn::CertificateExtension
A CertificateExtension represents the Extension entry in a certificate.
Definition: certificate-extension.hpp:25

ndn::Certificate::decode
void decode()
Definition: certificate.cpp:160

ndn::Data
Definition: data.hpp:21

ndn::Certificate::printCertificate
void printCertificate(std::ostream &os) const
Definition: certificate.cpp:227