From db1afad8749fce983636456c16c9df9c24d73af4 Mon Sep 17 00:00:00 2001 From: Alberto Compagno Date: Thu, 7 Feb 2019 13:12:19 +0100 Subject: [HICN-39] Added api that return a pointer to the signature hold in a packet [HICN-40] Fixed signature calculation by allocating a contiguous portion of memory that holds the entire hICN header (IP+TCP+AH) Change-Id: I9d40bab0e3ecb82949b8b3a00e2cc1214457e4e3 Signed-off-by: Alberto Compagno --- lib/src/compat.c | 7 ++++ lib/src/compat.h | 2 +- lib/src/ops.c | 1 + lib/src/ops.h | 16 +++++++- lib/src/protocol/ah.c | 8 ++++ lib/src/protocol/icmp.c | 4 +- lib/src/protocol/ipv4.c | 7 ++++ lib/src/protocol/ipv6.c | 7 ++++ lib/src/protocol/tcp.c | 7 ++++ libtransport/src/hicn/transport/core/packet.cc | 30 +++++++++------ libtransport/src/hicn/transport/core/packet.h | 2 + .../src/hicn/transport/http/server_acceptor.cc | 2 +- .../src/hicn/transport/http/server_acceptor.h | 2 +- .../src/hicn/transport/interfaces/socket.h | 5 +-- .../hicn/transport/interfaces/socket_producer.cc | 2 +- .../hicn/transport/interfaces/socket_producer.h | 6 ++- libtransport/src/hicn/transport/utils/signer.cc | 44 ++++------------------ libtransport/src/hicn/transport/utils/signer.h | 2 + 18 files changed, 94 insertions(+), 60 deletions(-) diff --git a/lib/src/compat.c b/lib/src/compat.c index 07f92105e..56504fe5e 100644 --- a/lib/src/compat.c +++ b/lib/src/compat.c @@ -1142,6 +1142,13 @@ hicn_data_reset_for_hash (hicn_format_t format, hicn_header_t * packet) } +int hicn_packet_get_signature(hicn_format_t format, hicn_header_t * packet, uint8_t ** sign_buf) +{ + hicn_type_t type = hicn_format_to_type (format); + return hicn_ops_vft[type.l1]->get_signature (type, + &packet->protocol, sign_buf); +} + /* * fd.io coding-style-patch-verification: ON * diff --git a/lib/src/compat.h b/lib/src/compat.h index 1a1743de2..52dd41f1e 100644 --- a/lib/src/compat.h +++ b/lib/src/compat.h @@ -387,9 +387,9 @@ int hicn_packet_set_src_port (hicn_header_t * packet, u16 src_port); int hicn_packet_get_src_port (const hicn_header_t * packet, u16 * src_port); int hicn_packet_set_dst_port (hicn_header_t * packet, u16 dst_port); int hicn_packet_get_dst_port (const hicn_header_t * packet, u16 * dst_port); +int hicn_packet_get_signature(hicn_format_t format, hicn_header_t * packet, uint8_t ** sign_buf); /* Interest */ - int hicn_interest_get_name (hicn_format_t format, const hicn_header_t * interest, hicn_name_t * name); diff --git a/lib/src/ops.c b/lib/src/ops.c index 4ccf131b5..3e272572a 100644 --- a/lib/src/ops.c +++ b/lib/src/ops.c @@ -70,6 +70,7 @@ DECLARE_set_validation_algorithm (none, NONE); DECLARE_get_validation_algorithm (none, NONE); DECLARE_set_key_id (none, NONE); DECLARE_get_key_id (none, NONE); +DECLARE_get_signature (none, NONE); DECLARE_HICN_OPS (none); /** diff --git a/lib/src/ops.h b/lib/src/ops.h index b698a53fd..47795efd5 100644 --- a/lib/src/ops.h +++ b/lib/src/ops.h @@ -418,7 +418,15 @@ typedef struct hicn_ops_s int (*set_key_id) (hicn_type_t type, hicn_protocol_t * h, uint8_t *key_id); - + /** + * @brief Get a pointer to the signature field in the packet + * @param [in] type - hICN packet type + * @param [in,out] h - Buffer holding the Interest or Data packet + * @param [out] signature - Pointer to the memory region holding the signature + * @return hICN error code + */ + int (*get_signature) (hicn_type_t type, hicn_protocol_t * h, + uint8_t ** signature); } hicn_ops_t; #define DECLARE_HICN_OPS(protocol) \ @@ -459,7 +467,8 @@ typedef struct hicn_ops_s ATTR_INIT(get_validation_algorithm, protocol ## _get_validation_algorithm), \ ATTR_INIT(set_validation_algorithm, protocol ## _set_validation_algorithm), \ ATTR_INIT(get_key_id, protocol ## _get_key_id), \ - ATTR_INIT(set_key_id, protocol ## _set_key_id), \ + ATTR_INIT(set_key_id, protocol ## _set_key_id), \ + ATTR_INIT(get_signature, protocol ## _get_signature), \ } /** @@ -618,6 +627,9 @@ PAYLOAD (hicn_type_t type, const hicn_protocol_t * h) #define DECLARE_get_key_id(protocol, error) \ int protocol ## _get_key_id(hicn_type_t type, hicn_protocol_t * h, uint8_t ** key_id, uint8_t *key_id_size) { return HICN_LIB_ERROR_ ## error ; } +#define DECLARE_get_signature(protocol, error) \ + int protocol ## _get_signature(hicn_type_t type, hicn_protocol_t * h, uint8_t ** signature) { return HICN_LIB_ERROR_ ## error ; } + #endif /* HICN_OPS_H */ /* diff --git a/lib/src/protocol/ah.c b/lib/src/protocol/ah.c index 3711a3f95..c1395dee8 100644 --- a/lib/src/protocol/ah.c +++ b/lib/src/protocol/ah.c @@ -143,6 +143,14 @@ ah_get_header_length (hicn_type_t type, const hicn_protocol_t * h, return HICN_LIB_ERROR_NONE; } +int +ah_get_signature (hicn_type_t type, hicn_protocol_t * h, + uint8_t ** signature) +{ + *signature = h->ah.validationPayload; + return HICN_LIB_ERROR_NONE; +} + int ah_get_signature_size (hicn_type_t type, const hicn_protocol_t * h, size_t * signature_size) diff --git a/lib/src/protocol/icmp.c b/lib/src/protocol/icmp.c index 44b646fb2..45a28959c 100644 --- a/lib/src/protocol/icmp.c +++ b/lib/src/protocol/icmp.c @@ -39,7 +39,9 @@ DECLARE_set_lifetime (icmp, UNEXPECTED) DECLARE_get_length (icmp, UNEXPECTED) DECLARE_get_payload_length (icmp, UNEXPECTED) DECLARE_set_payload_length (icmp, UNEXPECTED) - int icmp_init_packet_header (hicn_type_t type, hicn_protocol_t * h) +DECLARE_get_signature (icmp, UNEXPECTED) + +int icmp_init_packet_header (hicn_type_t type, hicn_protocol_t * h) { h->icmp = (_icmp_header_t) { diff --git a/lib/src/protocol/ipv4.c b/lib/src/protocol/ipv4.c index c0b2aaa8c..4e4c47f5b 100644 --- a/lib/src/protocol/ipv4.c +++ b/lib/src/protocol/ipv4.c @@ -443,6 +443,13 @@ ipv4_get_key_id (hicn_type_t type, hicn_protocol_t * h, return CHILD_OPS (get_key_id, type, h, key_id, key_id_size); } +int +ipv4_get_signature (hicn_type_t type, hicn_protocol_t * h, + uint8_t ** signature) +{ + return CHILD_OPS (get_signature, type, h, signature); +} + DECLARE_HICN_OPS (ipv4); /* diff --git a/lib/src/protocol/ipv6.c b/lib/src/protocol/ipv6.c index 41b00ec92..1cdcc75c0 100644 --- a/lib/src/protocol/ipv6.c +++ b/lib/src/protocol/ipv6.c @@ -401,6 +401,13 @@ ipv6_get_key_id (hicn_type_t type, hicn_protocol_t * h, return CHILD_OPS (get_key_id, type, h, key_id, key_id_size); } +int +ipv6_get_signature (hicn_type_t type, hicn_protocol_t * h, + uint8_t ** signature) +{ + return CHILD_OPS (get_signature, type, h, signature); +} + DECLARE_HICN_OPS (ipv6); /* diff --git a/lib/src/protocol/tcp.c b/lib/src/protocol/tcp.c index 2afc4f6f4..08a1c73ef 100644 --- a/lib/src/protocol/tcp.c +++ b/lib/src/protocol/tcp.c @@ -359,6 +359,13 @@ tcp_get_key_id (hicn_type_t type, hicn_protocol_t * h, return CHILD_OPS (get_key_id, type, h, key_id, key_id_size); } +int +tcp_get_signature (hicn_type_t type, hicn_protocol_t * h, + uint8_t ** signature) +{ + return CHILD_OPS (get_signature, type, h, signature); +} + DECLARE_HICN_OPS (tcp); /* diff --git a/libtransport/src/hicn/transport/core/packet.cc b/libtransport/src/hicn/transport/core/packet.cc index dd150d723..3872510ec 100644 --- a/libtransport/src/hicn/transport/core/packet.cc +++ b/libtransport/src/hicn/transport/core/packet.cc @@ -32,7 +32,7 @@ namespace core { const core::Name Packet::base_name("0::0|0"); Packet::Packet(Format format) - : packet_(utils::MemBuf::create(getHeaderSizeFromFormat(format)).release()), + : packet_(utils::MemBuf::create(getHeaderSizeFromFormat(format, 256)).release()), packet_start_(packet_->writableData()), header_head_(packet_.get()), payload_head_(nullptr), @@ -50,28 +50,22 @@ Packet::Packet(MemBufPtr &&buffer) header_head_(packet_.get()), payload_head_(nullptr), format_(getFormatFromBuffer(packet_start_)) { - auto header_size = getHeaderSizeFromFormat(format_); - int signature_size = 0; + int signature_size = 0; if (_is_ah(format_)) { signature_size = getSignatureSize(); } + auto header_size = getHeaderSizeFromFormat(format_, signature_size); + auto payload_length = packet_->length() - header_size - signature_size; - if (!payload_length && !signature_size) { + if (!payload_length) { return; } packet_->trimEnd(packet_->length()); - if (signature_size) { - auto sig = packet_->cloneOne(); - sig->advance(header_size); - sig->append(signature_size); - packet_->appendChain(std::move(sig)); - } - if (payload_length) { auto payload = packet_->cloneOne(); payload_head_ = payload.get(); @@ -285,6 +279,20 @@ void Packet::setSignatureSize(std::size_t size_bytes) { if (ret < 0) { throw errors::RuntimeException("Packet without Authentication Header."); } + + packet_->append(size_bytes); +} + +uint8_t * Packet::getSignature() const { + uint8_t * signature; + int ret = hicn_packet_get_signature( + format_, (hicn_header_t *)packet_start_, &signature); + + if (ret < 0) { + throw errors::RuntimeException("Packet without Authentication Header."); + } + + return signature; } std::size_t Packet::getSignatureSize() const { diff --git a/libtransport/src/hicn/transport/core/packet.h b/libtransport/src/hicn/transport/core/packet.h index bc23588dc..038676540 100644 --- a/libtransport/src/hicn/transport/core/packet.h +++ b/libtransport/src/hicn/transport/core/packet.h @@ -133,6 +133,8 @@ class Packet : public std::enable_shared_from_this { std::size_t getSignatureSize() const; + uint8_t * getSignature() const; + void setSignatureTimestamp(const uint64_t ×tamp); uint64_t getSignatureTimestamp() const; diff --git a/libtransport/src/hicn/transport/http/server_acceptor.cc b/libtransport/src/hicn/transport/http/server_acceptor.cc index 717dfb642..615fa80d8 100644 --- a/libtransport/src/hicn/transport/http/server_acceptor.cc +++ b/libtransport/src/hicn/transport/http/server_acceptor.cc @@ -83,7 +83,7 @@ void HTTPServerAcceptor::listen(bool async) { } void HTTPServerAcceptor::processIncomingInterest(ProducerSocket &p, - const Interest &interest) { + Interest &interest) { // Temporary solution. With utils::Array payload = interest.getPayload(); diff --git a/libtransport/src/hicn/transport/http/server_acceptor.h b/libtransport/src/hicn/transport/http/server_acceptor.h index 549962414..99480028a 100644 --- a/libtransport/src/hicn/transport/http/server_acceptor.h +++ b/libtransport/src/hicn/transport/http/server_acceptor.h @@ -48,7 +48,7 @@ class HTTPServerAcceptor { // HTTPResponse&& response(); private: - void processIncomingInterest(ProducerSocket &p, const Interest &interest); + void processIncomingInterest(ProducerSocket &p, Interest &interest); OnHttpRequest callback_; asio::io_service io_service_; diff --git a/libtransport/src/hicn/transport/interfaces/socket.h b/libtransport/src/hicn/transport/interfaces/socket.h index 22757810a..14ef86422 100644 --- a/libtransport/src/hicn/transport/interfaces/socket.h +++ b/libtransport/src/hicn/transport/interfaces/socket.h @@ -104,10 +104,7 @@ using ProducerContentObjectCallback = std::function; using ProducerInterestCallback = - std::function; - -using ProducerInterestCallback = - std::function; + std::function; using namespace protocol; diff --git a/libtransport/src/hicn/transport/interfaces/socket_producer.cc b/libtransport/src/hicn/transport/interfaces/socket_producer.cc index 5bd522faf..ab9de4a95 100644 --- a/libtransport/src/hicn/transport/interfaces/socket_producer.cc +++ b/libtransport/src/hicn/transport/interfaces/socket_producer.cc @@ -401,7 +401,7 @@ void ProducerSocket::asyncProduce( } } -void ProducerSocket::onInterest(const Interest &interest) { +void ProducerSocket::onInterest(Interest &interest) { if (on_interest_input_ != VOID_HANDLER) { on_interest_input_(*this, interest); } diff --git a/libtransport/src/hicn/transport/interfaces/socket_producer.h b/libtransport/src/hicn/transport/interfaces/socket_producer.h index 06c47d973..bd7d3f35f 100644 --- a/libtransport/src/hicn/transport/interfaces/socket_producer.h +++ b/libtransport/src/hicn/transport/interfaces/socket_producer.h @@ -69,7 +69,7 @@ class ProducerSocket : public Socket, asio::io_service &getIoService() override; - virtual void onInterest(const Interest &interest); + virtual void onInterest(Interest &interest); virtual void onInterest(Interest::Ptr &&interest) override { onInterest(*interest); @@ -206,6 +206,8 @@ class ProducerSocket : public Socket, // buffers utils::ContentStore output_buffer_; + std::unique_ptr identity_; + private: utils::EventThread async_thread_; @@ -221,7 +223,7 @@ class ProducerSocket : public Socket, HashAlgorithm hash_algorithm_; utils::CryptoSuite crypto_suite_; - std::unique_ptr identity_; + //std::unique_ptr identity_; // utils::Signer& signer_; // buffers diff --git a/libtransport/src/hicn/transport/utils/signer.cc b/libtransport/src/hicn/transport/utils/signer.cc index 005236c2e..9c06a051c 100644 --- a/libtransport/src/hicn/transport/utils/signer.cc +++ b/libtransport/src/hicn/transport/utils/signer.cc @@ -76,10 +76,10 @@ Signer::~Signer() { } void Signer::sign(Packet &packet) { - // header chain points to the IP + TCP hicn header + // header chain points to the IP + TCP hicn header + AH Header utils::MemBuf *header_chain = packet.header_head_; utils::MemBuf *payload_chain = packet.payload_head_; - uint8_t *hicn_packet = header_chain->writableData(); + uint8_t *hicn_packet = (uint8_t *)header_chain->writableData(); Packet::Format format = packet.getFormat(); std::size_t sign_len_bytes = parcSigner_GetSignatureSize(signer_); @@ -98,35 +98,26 @@ void Signer::sign(Packet &packet) { std::size_t header_len = Packet::getHeaderSizeFromFormat(format); packet.resetForHash(); - packet.setSignatureSize(sign_len_bytes); /* Fill the hicn_ah header */ using namespace std::chrono; auto now = duration_cast(system_clock::now().time_since_epoch()) .count(); packet.setSignatureTimestamp(now); - // *reinterpret_cast(ah->signTime) = utils::hton(now); - // // std::memcpy(&ah->hicn_ah.signTime, &sign_time, - // sizeof(ah->hicn_ah.signTime)); packet.setValidationAlgorithm( CryptoSuite(parcSigner_GetCryptoSuite(this->signer_))); - // ah->validationAlgorithm = parcSigner_GetCryptoSuite(this->signer_); KeyId key_id; key_id.first = (uint8_t *)parcBuffer_Overlay( (PARCBuffer *)parcKeyId_GetKeyId(this->key_id_), 0); packet.setKeyId(key_id); - // memcpy(ah->keyId, - // parcBuffer_Overlay((PARCBuffer *) parcKeyId_GetKeyId(this->key_id_), - // 0), sizeof(_ah_header_t::keyId)); - // Calculate hash utils::CryptoHasher hasher(parcSigner_GetCryptoHasher(signer_)); hasher.init(); - hasher.updateBytes(hicn_packet, header_len); - hasher.updateBytes(zeros, sign_len_bytes); + hasher.updateBytes(hicn_packet, header_len + sign_len_bytes); + //hasher.updateBytes(zeros, sign_len_bytes); for (utils::MemBuf *current = payload_chain; current != header_chain; current = current->next()) { @@ -135,11 +126,8 @@ void Signer::sign(Packet &packet) { utils::CryptoHash hash = hasher.finalize(); - PARCSignature *signature = parcSigner_SignDigest(this->signer_, hash.hash_); + PARCSignature *signature = parcSigner_SignDigest(this->signer_, hash.hash_, packet.getSignature(), sign_len_bytes); PARCBuffer *buffer = parcSignature_GetSignature(signature); - - PARCByteArray *byte_array = parcBuffer_Array(buffer); - uint8_t *bytes = parcByteArray_Array(byte_array); size_t bytes_len = parcBuffer_Remaining(buffer); if (bytes_len > sign_len_bytes) { @@ -153,26 +141,10 @@ void Signer::sign(Packet &packet) { memcpy(hicn_packet, &header_copy, sizeof(hicn_v6_hdr_t)); } - int offset = sign_len_bytes - bytes_len; - - std::unique_ptr signature_buffer; - std::unique_ptr tmp_buf = utils::MemBuf::takeOwnership( - bytes, bytes_len, bytes_len, - [](void *buf, void *userData) { - parcSignature_Release((PARCSignature **)&userData); - }, - signature, true); - - if (offset) { - signature_buffer = utils::MemBuf::create(offset); - memset(signature_buffer->writableData(), 0, offset); - signature_buffer->append(offset); - signature_buffer->appendChain(std::move(tmp_buf)); - } else { - signature_buffer = std::move(tmp_buf); - } +} - packet.setSignature(std::move(signature_buffer)); +PARCKeyStore * Signer::getKeyStore() { + return parcSigner_GetKeyStore(this->signer_); } } // namespace utils diff --git a/libtransport/src/hicn/transport/utils/signer.h b/libtransport/src/hicn/transport/utils/signer.h index 7b54b63c8..10b1bfe8c 100644 --- a/libtransport/src/hicn/transport/utils/signer.h +++ b/libtransport/src/hicn/transport/utils/signer.h @@ -60,6 +60,8 @@ class Signer { */ void sign(Packet &packet); + PARCKeyStore * getKeyStore(); + private: PARCSigner *signer_; PARCKeyId *key_id_; -- cgit 1.2.3-korg