37 #include <openssl/crypto.h>
46 ParseResult() =
default;
58 span<const uint8_t>
sig;
68 using namespace transform;
94 parse(
const Data& data)
100 catch (
const tlv::Error&) {
109 interest.wireEncode();
111 if (interest.getSignatureInfo() && interest.getSignatureValue().isValid()) {
113 return {*interest.getSignatureInfo(), interest.extractSignedRanges(),
114 interest.getSignatureValue().value_bytes()};
118 const Name& interestName = interest.getName();
123 const Block& nameBlock = interestName.wireEncode();
129 sigValue.value_bytes()};
132 catch (
const tlv::Error&) {
138 verifySignature(
const ParseResult& params,
const transform::PublicKey& key)
140 return !params.bufs.empty() &&
verifySignature(params.bufs, params.sig, key);
146 return !params.bufs.empty() &&
verifySignature(params.bufs, params.sig, key);
153 return !params.bufs.empty() && bool(tpm.verify(params.bufs, params.sig, keyName, digestAlgorithm));
159 if (params.bufs.empty()) {
165 using namespace transform;
168 catch (
const transform::Error&) {
171 auto result = os.buf();
173 if (result->size() != params.sig.size()) {
178 return CRYPTO_memcmp(result->data(), params.sig.data(), params.sig.size()) == 0;
220 auto parsed = parse(data);
236 auto parsed = parse(interest);
260 return verifySignature(parse(interest), tpm, keyName, digestAlgorithm);
span< const uint8_t > value_bytes() const noexcept
Return a read-only view of TLV-VALUE as a contiguous range of bytes.
Represents a Data packet.
InputBuffers extractSignedRanges() const
Extract ranges of Data covered by the signature.
const SignatureInfo & getSignatureInfo() const noexcept
Get the SignatureInfo element.
const Block & getSignatureValue() const noexcept
Get the SignatureValue element.
Represents an Interest packet.
Represents an absolute name.
Frontend handle for a key in the PIB.
span< const uint8_t > getPublicKey() const
Return the raw public key bits.
Contains the ndn-cxx security framework.
bool verifySignature(const InputBuffers &blobs, span< const uint8_t > sig, const transform::PublicKey &key)
Verify blobs using key against sig.
constexpr ssize_t POS_SIG_VALUE
constexpr size_t MIN_SIZE
Minimum number of name components for an old-style Signed Interest.
constexpr ssize_t POS_SIG_INFO
span< const uint8_t > sig