HICN-722: Updates on transport, RTC, manifest usage for RTC, infra.

Co-authored-by: Mauro Sardara <msardara@cisco.com> Co-authored-by: Jordan Augé <jordan.auge+fdio@cisco.com> Co-authored-by: Michele Papalini <micpapal@cisco.com> Co-authored-by: Angelo Mantellini <manangel@cisco.com> Co-authored-by: Jacques Samain <jsamain@cisco.com> Co-authored-by: Olivier Roques <oroques+fdio@cisco.com> Co-authored-by: Enrico Loparco <eloparco@cisco.com> Co-authored-by: Giulio Grassi <gigrassi@cisco.com> manifest: optimize manifest processing manifest: add FEC parameters to manifests manifest: refactor verification process manifest: report auth alerts in hiperf instead of aborting manifest: remove FEC buffer callback in consumer manifest: refactor and enable manifests by default manifest: update manifest header with transport parameters manifest: batch interests for first manifest from RTC producer manifest: refactor processing of RTC manifests manifest: update manifest-related socket options of consumers manifest: update unit tests for manifests manifest: pack manifest headers manifest: verify FEC packets auth: add consumer socket option to set max unverified delay manifest: process manifests after full FEC decoding manifest: manage forward jumps in RTC verifier fec: remove useless fec codes rs: add new code rate rs: add new code rate rs: add new code rate rs: add new code rate libtransport: increase internal packet cache size remove internal cisco info in cmake manifest: add option to set manifest capacity data_input_node.c: add information about adj_index[VLIB_RX] on received data packetsi sysrepo plugin: update build Change-Id: I0cf64d91bd0a1b7cad4eeaa9871f58f5f10434af Signed-off-by: Mauro Sardara <msardara@cisco.com> Signed-off-by: Luca Muscariello <muscariello@ieee.org>
author: Luca Muscariello <muscariello@ieee.org> 2022-04-22 17:55:01 +0200
committer: Mauro Sardara <msardara@cisco.com> 2022-04-26 15:30:21 +0200
commit: a1ac96f497719b897793ac14b287cb8d840651c1 (patch)
tree: 12c608fe352c21d944b0340ce8d3f0be0fb23b11 /libtransport/src/auth
parent: 1ac07d842a3a6ce0fb7fa4039241c8ec1a71419b (diff)
3 files changed, 87 insertions, 55 deletions
diff --git a/libtransport/src/auth/crypto_hash.cc b/libtransport/src/auth/crypto_hash.cc
index f60f46051..08be47aff 100644
--- a/libtransport/src/auth/crypto_hash.cc
+++ b/libtransport/src/auth/crypto_hash.cc
@@ -14,6 +14,9 @@
  */
 
 #include <hicn/transport/auth/crypto_hash.h>
+#include <hicn/transport/core/global_object_pool.h>
+
+#include "glog/logging.h"
 
 namespace transport {
 namespace auth {
@@ -27,18 +30,20 @@ CryptoHash::CryptoHash(const CryptoHash &other)
 
 CryptoHash::CryptoHash(CryptoHash &&other)
     : digest_type_(std::move(other.digest_type_)),
-      digest_(other.digest_),
-      digest_size_(other.digest_size_) {
-  other.reset();
-}
+      digest_(std::move(other.digest_)),
+      digest_size_(other.digest_size_) {}
 
-CryptoHash::CryptoHash(CryptoHashType hash_type) { setType(hash_type); }
+CryptoHash::CryptoHash(CryptoHashType hash_type)
+    : digest_(core::PacketManager<>::getInstance().getMemBuf()) {
+  setType(hash_type);
+}
 
 CryptoHash::CryptoHash(const uint8_t *hash, size_t size,
                        CryptoHashType hash_type)
     : digest_type_(hash_type), digest_size_(size) {
-  digest_.resize(size);
-  memcpy(digest_.data(), hash, size);
+  digest_ = core::PacketManager<>::getInstance().getMemBuf();
+  digest_->append(size);
+  memcpy(digest_->writableData(), hash, size);
 }
 
 CryptoHash::CryptoHash(const std::vector<uint8_t> &hash,
@@ -55,7 +60,7 @@ CryptoHash &CryptoHash::operator=(const CryptoHash &other) {
 }
 
 bool CryptoHash::operator==(const CryptoHash &other) const {
-  return (digest_type_ == other.digest_type_ && digest_ == other.digest_);
+  return (digest_type_ == other.digest_type_ && *digest_ == *other.digest_);
 }
 
 void CryptoHash::computeDigest(const uint8_t *buffer, size_t len) {
@@ -65,8 +70,8 @@ void CryptoHash::computeDigest(const uint8_t *buffer, size_t len) {
     throw errors::RuntimeException("Unknown hash type");
   }
 
-  EVP_Digest(buffer, len, digest_.data(), (unsigned int *)&digest_size_,
-             (*hash_evp)(), nullptr);
+  EVP_Digest(buffer, len, digest_->writableData(),
+             (unsigned int *)&digest_size_, (*hash_evp)(), nullptr);
 }
 
 void CryptoHash::computeDigest(const std::vector<uint8_t> &buffer) {
@@ -95,7 +100,7 @@ void CryptoHash::computeDigest(const utils::MemBuf *buffer) {
     p = p->next();
   } while (p != buffer);
 
-  if (EVP_DigestFinal_ex(mcdtx, digest_.data(),
+  if (EVP_DigestFinal_ex(mcdtx, digest_->writableData(),
                          (unsigned int *)&digest_size_) != 1) {
     throw errors::RuntimeException("Digest computation failed");
   }
@@ -103,15 +108,16 @@ void CryptoHash::computeDigest(const utils::MemBuf *buffer) {
   EVP_MD_CTX_free(mcdtx);
 }
 
-std::vector<uint8_t> CryptoHash::getDigest() const { return digest_; }
+const utils::MemBuf::Ptr &CryptoHash::getDigest() const { return digest_; }
 
 std::string CryptoHash::getStringDigest() const {
   std::stringstream string_digest;
 
   string_digest << std::hex << std::setfill('0');
 
-  for (auto byte : digest_) {
-    string_digest << std::hex << std::setw(2) << static_cast<int>(byte);
+  for (size_t i = 0; i < digest_size_; ++i) {
+    string_digest << std::hex << std::setw(2)
+                  << static_cast<int>(digest_->data()[i]);
   }
 
   return string_digest.str();
@@ -122,10 +128,10 @@ CryptoHashType CryptoHash::getType() const { return digest_type_; }
 size_t CryptoHash::getSize() const { return digest_size_; }
 
 void CryptoHash::setType(CryptoHashType hash_type) {
-  reset();
   digest_type_ = hash_type;
   digest_size_ = CryptoHash::getSize(hash_type);
-  digest_.resize(digest_size_);
+  DCHECK(digest_size_ <= digest_->tailroom());
+  digest_->setLength(digest_size_);
 }
 
 void CryptoHash::display() {
@@ -152,8 +158,8 @@ void CryptoHash::display() {
 
 void CryptoHash::reset() {
   digest_type_ = CryptoHashType::UNKNOWN;
-  digest_.clear();
   digest_size_ = 0;
+  digest_->setLength(0);
 }
 
 CryptoHashEVP CryptoHash::getEVP(CryptoHashType hash_type) {
diff --git a/libtransport/src/auth/signer.cc b/libtransport/src/auth/signer.cc
index e74e2f1b8..918e271f5 100644
--- a/libtransport/src/auth/signer.cc
+++ b/libtransport/src/auth/signer.cc
@@ -17,6 +17,8 @@
 #include <hicn/transport/auth/signer.h>
 #include <hicn/transport/utils/chrono_typedefs.h>
 
+#include "hicn/transport/core/global_object_pool.h"
+
 namespace transport {
 namespace auth {
 
@@ -24,7 +26,10 @@ namespace auth {
 // Base Signer
 // ---------------------------------------------------------
 Signer::Signer()
-    : suite_(CryptoSuite::UNKNOWN), signature_len_(0), key_(nullptr) {}
+    : suite_(CryptoSuite::UNKNOWN),
+      signature_(core::PacketManager<>::getInstance().getMemBuf()),
+      signature_len_(0),
+      key_(nullptr) {}
 
 Signer::~Signer() {}
 
@@ -51,8 +56,8 @@ void Signer::signPacket(PacketPtr packet) {
   packet->setValidationAlgorithm(suite_);
 
   // Set key ID
-  std::vector<uint8_t> key_id = key_id_.getDigest();
-  packet->setKeyId({key_id.data(), key_id.size()});
+  const utils::MemBuf::Ptr &key_id = key_id_.getDigest();
+  packet->setKeyId({key_id->writableData(), key_id->length()});
 
   // Reset fields to compute the packet hash
   packet->resetForHash();
@@ -93,14 +98,16 @@ void Signer::signBuffer(const std::vector<uint8_t> &buffer) {
     throw errors::RuntimeException("Digest computation failed");
   }
 
-  signature_.resize(signature_len_);
+  DCHECK(signature_len_ <= signature_->tailroom());
+  signature_->setLength(signature_len_);
 
-  if (EVP_DigestSignFinal(mdctx.get(), signature_.data(), &signature_len_) !=
-      1) {
+  if (EVP_DigestSignFinal(mdctx.get(), signature_->writableData(),
+                          &signature_len_) != 1) {
     throw errors::RuntimeException("Digest computation failed");
   }
 
-  signature_.resize(signature_len_);
+  DCHECK(signature_len_ <= signature_->tailroom());
+  signature_->setLength(signature_len_);
 }
 
 void Signer::signBuffer(const utils::MemBuf *buffer) {
@@ -135,24 +142,27 @@ void Signer::signBuffer(const utils::MemBuf *buffer) {
     throw errors::RuntimeException("Digest computation failed");
   }
 
-  signature_.resize(signature_len_);
+  DCHECK(signature_len_ <= signature_->tailroom());
+  signature_->setLength(signature_len_);
 
-  if (EVP_DigestSignFinal(mdctx.get(), signature_.data(), &signature_len_) !=
-      1) {
+  if (EVP_DigestSignFinal(mdctx.get(), signature_->writableData(),
+                          &signature_len_) != 1) {
     throw errors::RuntimeException("Digest computation failed");
   }
 
-  signature_.resize(signature_len_);
+  DCHECK(signature_len_ <= signature_->tailroom());
+  signature_->setLength(signature_len_);
 }
 
-std::vector<uint8_t> Signer::getSignature() const { return signature_; }
+const utils::MemBuf::Ptr &Signer::getSignature() const { return signature_; }
 
 std::string Signer::getStringSignature() const {
   std::stringstream string_sig;
   string_sig << std::hex << std::setfill('0');
 
-  for (auto byte : signature_) {
-    string_sig << std::hex << std::setw(2) << static_cast<int>(byte);
+  for (size_t i = 0; i < signature_len_; ++i) {
+    string_sig << std::hex << std::setw(2)
+               << static_cast<int>(signature_->data()[i]);
   }
 
   return string_sig.str();
@@ -193,12 +203,14 @@ void VoidSigner::signBuffer(const utils::MemBuf *buffer) {}
 // ---------------------------------------------------------
 AsymmetricSigner::AsymmetricSigner(CryptoSuite suite,
                                    std::shared_ptr<EVP_PKEY> key,
-                                   std::shared_ptr<EVP_PKEY> pub_key) {
+                                   std::shared_ptr<EVP_PKEY> pub_key)
+    : Signer() {
   setKey(suite, key, pub_key);
 }
 
 AsymmetricSigner::AsymmetricSigner(std::string keystore_path,
-                                   std::string password) {
+                                   std::string password)
+    : Signer() {
   FILE *p12file = fopen(keystore_path.c_str(), "r");
 
   if (p12file == nullptr) {
@@ -230,7 +242,8 @@ void AsymmetricSigner::setKey(CryptoSuite suite, std::shared_ptr<EVP_PKEY> key,
   suite_ = suite;
   key_ = key;
   signature_len_ = EVP_PKEY_size(key.get());
-  signature_.resize(signature_len_);
+  DCHECK(signature_len_ <= signature_->tailroom());
+  signature_->setLength(signature_len_);
 
   std::vector<uint8_t> pbk(i2d_PublicKey(pub_key.get(), nullptr));
   uint8_t *pbk_ptr = pbk.data();
@@ -254,7 +267,8 @@ size_t AsymmetricSigner::getSignatureFieldSize() const {
 // Symmetric Signer
 // ---------------------------------------------------------
 SymmetricSigner::SymmetricSigner(CryptoSuite suite,
-                                 const std::string &passphrase) {
+                                 const std::string &passphrase)
+    : Signer() {
   suite_ = suite;
   key_ = std::shared_ptr<EVP_PKEY>(
       EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, nullptr,
@@ -270,7 +284,8 @@ SymmetricSigner::SymmetricSigner(CryptoSuite suite,
   }
 
   signature_len_ = EVP_MD_size((*hash_evp)());
-  signature_.resize(signature_len_);
+  DCHECK(signature_len_ <= signature_->tailroom());
+  signature_->setLength(signature_len_);
   key_id_.computeDigest((uint8_t *)passphrase.c_str(), passphrase.size());
 }
 
diff --git a/libtransport/src/auth/verifier.cc b/libtransport/src/auth/verifier.cc
index 0c35437f3..5d5f01711 100644
--- a/libtransport/src/auth/verifier.cc
+++ b/libtransport/src/auth/verifier.cc
@@ -14,8 +14,11 @@
  */
 
 #include <hicn/transport/auth/verifier.h>
+#include <hicn/transport/core/global_object_pool.h>
 #include <protocols/errors.h>
 
+#include "glog/logging.h"
+
 namespace transport {
 namespace auth {
 
@@ -49,8 +52,10 @@ bool Verifier::verifyPacket(PacketPtr packet) {
   hicn_packet_copy_header(format, packet->packet_start_, &header_copy, false);
 
   // Retrieve packet signature
-  std::vector<uint8_t> signature_raw = packet->getSignature();
-  signature_raw.resize(packet->getSignatureSize());
+  utils::MemBuf::Ptr signature_raw = packet->getSignature();
+  std::size_t signature_len = packet->getSignatureSize();
+  DCHECK(signature_len <= signature_raw->tailroom());
+  signature_raw->setLength(signature_len);
 
   // Reset fields that are not used to compute signature
   packet->resetForHash();
@@ -62,7 +67,7 @@ bool Verifier::verifyPacket(PacketPtr packet) {
   // Restore header
   hicn_packet_copy_header(format, &header_copy, packet->packet_start_, false);
   packet->setSignature(signature_raw);
-  packet->setSignatureSize(signature_raw.size());
+  packet->setSignatureSize(signature_raw->length());
 
   return valid_packet;
 }
@@ -165,13 +170,13 @@ void Verifier::callVerificationFailedCallback(Suffix suffix,
 bool VoidVerifier::verifyPacket(PacketPtr packet) { return true; }
 
 bool VoidVerifier::verifyBuffer(const std::vector<uint8_t> &buffer,
-                                const std::vector<uint8_t> &signature,
+                                const utils::MemBuf::Ptr &signature,
                                 CryptoHashType hash_type) {
   return true;
 }
 
 bool VoidVerifier::verifyBuffer(const utils::MemBuf *buffer,
-                                const std::vector<uint8_t> &signature,
+                                const utils::MemBuf::Ptr &signature,
                                 CryptoHashType hash_type) {
   return true;
 }
@@ -232,7 +237,7 @@ void AsymmetricVerifier::useCertificate(std::shared_ptr<X509> cert) {
 }
 
 bool AsymmetricVerifier::verifyBuffer(const std::vector<uint8_t> &buffer,
-                                      const std::vector<uint8_t> &signature,
+                                      const utils::MemBuf::Ptr &signature,
                                       CryptoHashType hash_type) {
   CryptoHashEVP hash_evp = CryptoHash::getEVP(hash_type);
 
@@ -255,12 +260,12 @@ bool AsymmetricVerifier::verifyBuffer(const std::vector<uint8_t> &buffer,
     throw errors::RuntimeException("Digest update failed");
   }
 
-  return EVP_DigestVerifyFinal(mdctx.get(), signature.data(),
-                               signature.size()) == 1;
+  return EVP_DigestVerifyFinal(mdctx.get(), signature->data(),
+                               signature->length()) == 1;
 }
 
 bool AsymmetricVerifier::verifyBuffer(const utils::MemBuf *buffer,
-                                      const std::vector<uint8_t> &signature,
+                                      const utils::MemBuf::Ptr &signature,
                                       CryptoHashType hash_type) {
   CryptoHashEVP hash_evp = CryptoHash::getEVP(hash_type);
 
@@ -288,8 +293,8 @@ bool AsymmetricVerifier::verifyBuffer(const utils::MemBuf *buffer,
     p = p->next();
   } while (p != buffer);
 
-  return EVP_DigestVerifyFinal(mdctx.get(), signature.data(),
-                               signature.size()) == 1;
+  return EVP_DigestVerifyFinal(mdctx.get(), signature->data(),
+                               signature->length()) == 1;
 }
 
 // ---------------------------------------------------------
@@ -309,7 +314,7 @@ void SymmetricVerifier::setPassphrase(const std::string &passphrase) {
 }
 
 bool SymmetricVerifier::verifyBuffer(const std::vector<uint8_t> &buffer,
-                                     const std::vector<uint8_t> &signature,
+                                     const utils::MemBuf::Ptr &signature,
                                      CryptoHashType hash_type) {
   CryptoHashEVP hash_evp = CryptoHash::getEVP(hash_type);
 
@@ -317,7 +322,9 @@ bool SymmetricVerifier::verifyBuffer(const std::vector<uint8_t> &buffer,
     throw errors::RuntimeException("Unknown hash type");
   }
 
-  std::vector<uint8_t> signature_bis(signature.size());
+  const utils::MemBuf::Ptr &signature_bis =
+      core::PacketManager<>::getInstance().getMemBuf();
+  signature_bis->append(signature->length());
   size_t signature_bis_len;
   std::shared_ptr<EVP_MD_CTX> mdctx(EVP_MD_CTX_create(), EVP_MD_CTX_free);
 
@@ -334,16 +341,17 @@ bool SymmetricVerifier::verifyBuffer(const std::vector<uint8_t> &buffer,
     throw errors::RuntimeException("Digest update failed");
   }
 
-  if (EVP_DigestSignFinal(mdctx.get(), signature_bis.data(),
+  if (EVP_DigestSignFinal(mdctx.get(), signature_bis->writableData(),
                           &signature_bis_len) != 1) {
     throw errors::RuntimeException("Digest computation failed");
   }
 
-  return signature == signature_bis && signature.size() == signature_bis_len;
+  return signature->length() == signature_bis_len &&
+         *signature == *signature_bis;
 }
 
 bool SymmetricVerifier::verifyBuffer(const utils::MemBuf *buffer,
-                                     const std::vector<uint8_t> &signature,
+                                     const utils::MemBuf::Ptr &signature,
                                      CryptoHashType hash_type) {
   CryptoHashEVP hash_evp = CryptoHash::getEVP(hash_type);
 
@@ -352,7 +360,9 @@ bool SymmetricVerifier::verifyBuffer(const utils::MemBuf *buffer,
   }
 
   const utils::MemBuf *p = buffer;
-  std::vector<uint8_t> signature_bis(signature.size());
+  const utils::MemBuf::Ptr &signature_bis =
+      core::PacketManager<>::getInstance().getMemBuf();
+  signature_bis->append(signature->length());
   size_t signature_bis_len;
   std::shared_ptr<EVP_MD_CTX> mdctx(EVP_MD_CTX_create(), EVP_MD_CTX_free);
 
@@ -373,12 +383,13 @@ bool SymmetricVerifier::verifyBuffer(const utils::MemBuf *buffer,
     p = p->next();
   } while (p != buffer);
 
-  if (EVP_DigestSignFinal(mdctx.get(), signature_bis.data(),
+  if (EVP_DigestSignFinal(mdctx.get(), signature_bis->writableData(),
                           &signature_bis_len) != 1) {
     throw errors::RuntimeException("Digest computation failed");
   }
 
-  return signature == signature_bis && signature.size() == signature_bis_len;
+  return signature->length() == signature_bis_len &&
+         *signature == *signature_bis;
 }
 
 }  // namespace auth
author	Luca Muscariello <muscariello@ieee.org>	2022-04-22 17:55:01 +0200
committer	Mauro Sardara <msardara@cisco.com>	2022-04-26 15:30:21 +0200
commit	a1ac96f497719b897793ac14b287cb8d840651c1 (patch)
tree	12c608fe352c21d944b0340ce8d3f0be0fb23b11 /libtransport/src/auth
parent	1ac07d842a3a6ce0fb7fa4039241c8ec1a71419b (diff)