esp8266ndn
NDN Arduino library for ESP8266 and more
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
client.hpp
Go to the documentation of this file.
1#ifndef NDNPH_APP_NDNCERT_CLIENT_HPP
2#define NDNPH_APP_NDNCERT_CLIENT_HPP
3#ifdef NDNPH_HAVE_MBED
4
5#include "../../face/packet-handler.hpp"
6#include "an.hpp"
7#include "common.hpp"
8
9namespace ndnph {
10namespace ndncert {
11namespace client {
12
13class ChallengeRequest;
14class ChallengeResponse;
15
22class Challenge {
23public:
24 virtual ~Challenge() = default;
25
27 virtual tlv::Value getId() const = 0;
28
35 virtual void start(Region& region, ChallengeRequest& request, void (*cb)(void*, bool),
36 void* arg) = 0;
37
44 virtual void next(Region& region, const ChallengeResponse& response, ChallengeRequest& request,
45 void (*cb)(void*, bool), void* arg) = 0;
46};
47
48using ChallengeList = std::array<Challenge*, detail::MaxChallenges::value>;
49
51class CaProfile : public packet_struct::CaProfile {
52public:
54 static bool isName(const Name& name) {
55 return name.size() >= 4 && name[-4] == getCaComponent() && name[-3] == getInfoComponent() &&
56 name[-2].is<convention::Version>() && name[-1].is<convention::Segment>() &&
57 name[-1].as<convention::Segment>() == 0;
58 }
59
65 bool fromData(Region& region, const Data& data) {
66 return isName(data.getName()) &&
67 EvDecoder::decodeValue(
68 data.getContent().makeDecoder(),
69 EvDecoder::def<TT::CaPrefix>([&](const Decoder::Tlv& d) {
70 if (!d.vd().decode(prefix) || data.getName().getPrefix(-4) != prefix) {
71 return false;
72 }
73 prefix = prefix.clone(region);
74 return !!prefix;
75 }),
76 EvDecoder::defIgnore<TT::CaInfo>(), EvDecoder::defIgnore<TT::ParameterKey, true>(),
77 EvDecoder::defNni<TT::MaxValidityPeriod>(&maxValidityPeriod),
78 EvDecoder::def<TT::CaCertificate>([&](const Decoder::Tlv& d) {
79 cert = region.create<Data>();
80 return !!cert && cert.decodeFrom(tlv::Value(d.value, d.length)) // copying
81 && pub.import(region, cert);
82 })) &&
83 data.verify(pub);
84 }
85
86public:
88 EcPublicKey pub;
89};
90
92class NewRequest : public packet_struct::NewRequest {
93public:
99 Interest::Signed toInterest(Region& region, const CaProfile& profile,
100 detail::ISigPolicy& signingPolicy, const EcPrivateKey& signer) const {
101 Encoder encoder(region);
102 encoder.prepend([this](Encoder& encoder) { encoder.prependTlv(TT::EcdhPub, ecdhPub); },
103 [this](Encoder& encoder) { encoder.prependTlv(TT::CertRequest, certRequest); });
104 encoder.trim();
105
106 Name name = profile.prefix.append(region, getCaComponent(), getNewComponent());
107 Interest interest = region.create<Interest>();
108 if (!encoder || !name || !interest) {
109 return Interest::Signed();
110 }
111 interest.setName(name);
112 interest.setMustBeFresh(true);
113 return interest.parameterize(tlv::Value(encoder)).sign(signer, region, signingPolicy);
114 }
115};
116
118class NewResponse : public packet_struct::NewResponse {
119public:
126 bool fromData(Region&, const Data& data, const CaProfile& profile,
127 const ChallengeList& challenges) {
128 hasChallenge.reset();
129 return data.verify(profile.pub) &&
130 EvDecoder::decodeValue(
131 data.getContent().makeDecoder(), EvDecoder::def<TT::EcdhPub>(&ecdhPub),
132 EvDecoder::def<TT::Salt>([this](const Decoder::Tlv& d) {
133 if (d.length == sizeof(salt)) {
134 std::copy_n(d.value, d.length, salt);
135 return true;
136 }
137 return false;
138 }),
139 EvDecoder::def<TT::RequestId>([this](const Decoder::Tlv& d) {
140 if (d.length == sizeof(requestId)) {
141 std::copy_n(d.value, d.length, requestId);
142 return true;
143 }
144 return false;
145 }),
146 EvDecoder::def<TT::Challenge, true>([this, &challenges](const Decoder::Tlv& d) {
147 for (size_t i = 0; i < challenges.size(); ++i) {
148 const Challenge* ch = challenges[i];
149 if (ch == nullptr) {
150 continue;
151 }
152 if (ch->getId() == tlv::Value(d.value, d.length)) {
153 hasChallenge.set(i);
154 return;
155 }
156 }
157 }));
158 }
159
160public:
162 std::bitset<detail::MaxChallenges::value> hasChallenge;
163};
164
166class ChallengeRequest : public packet_struct::ChallengeRequest<Challenge> {
167public:
174 Interest::Signed toInterest(Region& region, const CaProfile& profile, const uint8_t* requestId,
175 detail::SessionKey& sessionKey, detail::ISigPolicy& signingPolicy,
176 const EcPrivateKey& signer) const {
177 NDNPH_ASSERT(challenge != nullptr);
178 Encoder encoder(region);
179 encoder.prepend(
180 [this](Encoder& encoder) { encoder.prependTlv(TT::SelectedChallenge, challenge->getId()); },
181 params);
182 encoder.trim();
183 if (!encoder) {
184 return Interest::Signed();
185 }
186 auto encrypted = sessionKey.encrypt(region, tlv::Value(encoder), requestId);
187
188 Name name = profile.prefix.append(region, getCaComponent(), getChallengeComponent(),
189 Component(region, detail::RequestIdLen::value, requestId));
190 Interest interest = region.create<Interest>();
191 if (!encrypted || !name || !interest) {
192 return Interest::Signed();
193 }
194 interest.setName(name);
195 interest.setMustBeFresh(true);
196 return interest.parameterize(encrypted).sign(signer, region, signingPolicy);
197 }
198};
199
201class ChallengeResponse : public packet_struct::ChallengeResponse {
202public:
208 bool fromData(Region& region, const Data& data, const CaProfile& profile,
209 const uint8_t* requestId, detail::SessionKey& sessionKey) {
210 if (!data.verify(profile.pub)) {
211 return false;
212 }
213
214 auto decrypted = sessionKey.decrypt(region, data.getContent(), requestId);
215 uint32_t remainingTime = 0;
216 packet_struct::ParameterKV::Parser paramsParser(params);
217 bool ok =
218 !!decrypted && EvDecoder::decodeValue(
219 decrypted.makeDecoder(), EvDecoder::defNni<TT::Status, tlv::NNI, 1>(&status),
220 EvDecoder::def<TT::ChallengeStatus, false, 2>(&challengeStatus),
221 EvDecoder::defNni<TT::RemainingTries, tlv::NNI, 3>(&remainingTries),
222 EvDecoder::defNni<TT::RemainingTime, tlv::NNI, 4>(&remainingTime),
223 EvDecoder::def<TT::ParameterKey, true, 5>(
224 [&](const Decoder::Tlv& d) { return paramsParser.parseKey(d); }),
225 EvDecoder::def<TT::ParameterValue, true, 5>(
226 [&](const Decoder::Tlv& d) { return paramsParser.parseValue(d); }),
227 EvDecoder::def<TT::IssuedCertName, false, 6>(
228 [this](const Decoder::Tlv& d) { return d.vd().decode(issuedCertName); }),
229 EvDecoder::def<TT::ForwardingHint, false, 7>([this](const Decoder::Tlv& d) {
230 return detail::decodeFwHint(d, &fwHint);
231 }));
232 if (!ok) {
233 return false;
234 }
235 expireTime = port::Clock::add(port::Clock::now(), remainingTime * 1000);
236 return true;
237 }
238};
239
241class Client : public PacketHandler {
242public:
248 using Callback = void (*)(void* ctx, Data cert);
249
250 struct Options {
252 Face& face;
253
255 const CaProfile& profile;
256
258 const ChallengeList& challenges;
259
261 const EcPublicKey& pub;
262
264 const EcPrivateKey& pvt;
265
267 Callback cb;
268
270 void* ctx;
271 };
272
274 static void requestCertificate(const Options& opts) {
275 new Client(opts);
276 }
277
278private:
279 enum class State {
280 SendNewRequest,
281 WaitNewResponse,
282 ExecuteChallenge,
283 SendChallengeRequest,
284 WaitChallengeResponse,
285 FetchIssuedCert,
286 WaitIssuedCert,
287 Success,
288 Failure,
289 };
290
291 class GotoState {
292 public:
293 explicit GotoState(Client* client)
294 : m_client(client) {}
295
296 bool operator()(State state) {
297 NDNPH_NDNCERT_LOG("client state %d => %d", static_cast<int>(m_client->m_state),
298 static_cast<int>(state));
299 m_client->m_state = state;
300 m_set = true;
301 return true;
302 }
303
304 ~GotoState() {
305 if (!m_set) {
306 NDNPH_NDNCERT_LOG("client state %d => %d", static_cast<int>(m_client->m_state),
307 static_cast<int>(State::Failure));
308 m_client->m_state = State::Failure;
309 }
310 }
311
312 private:
313 Client* m_client = nullptr;
314 bool m_set = false;
315 };
316
317 explicit Client(const Options& opts)
318 : PacketHandler(opts.face)
319 , m_pending(this)
320 , m_profile(opts.profile)
321 , m_challenges(opts.challenges)
322 , m_pvt(opts.pvt)
323 , m_cb(opts.cb)
324 , m_cbCtx(opts.ctx) {
325 sendNewRequest(opts.pub);
326 }
327
328 void loop() final {
329 switch (m_state) {
330 case State::SendChallengeRequest: {
331 sendChallengeRequest();
332 break;
333 }
334 case State::FetchIssuedCert: {
335 sendFetchInterest();
336 break;
337 }
338 case State::WaitNewResponse:
339 case State::WaitChallengeResponse:
340 case State::WaitIssuedCert: {
341 if (m_pending.expired()) {
342 m_state = State::Failure;
343 }
344 break;
345 }
346 case State::Success: {
347 delete this;
348 return;
349 }
350 case State::Failure: {
351 m_cb(m_cbCtx, Data());
352 delete this;
353 return;
354 }
355 default:
356 break;
357 }
358 }
359
360 bool processData(Data data) final {
361 if (!m_pending.matchPitToken()) {
362 return false;
363 }
364
365 switch (m_state) {
366 case State::WaitNewResponse: {
367 return handleNewResponse(data);
368 }
369 case State::WaitChallengeResponse: {
370 return handleChallengeResponse(data);
371 }
372 case State::WaitIssuedCert: {
373 return handleIssuedCert(data);
374 }
375 default:
376 break;
377 }
378 return false;
379 }
380
381 void sendNewRequest(const EcPublicKey& pub) {
382 StaticRegion<2048> region;
383 GotoState gotoState(this);
384 int res = mbedtls_ecdh_gen_public(mbedtls::P256::group(), m_ecdhPvt, m_newRequest.ecdhPub,
385 mbedtls::rng, nullptr);
386 if (res != 0) {
387 NDNPH_NDNCERT_LOG("NewRequest ECDH error");
388 return;
389 }
390
391 auto validity = certificate::getValidity(m_profile.cert)
392 .intersect(ValidityPeriod::secondsFromNow(m_profile.maxValidityPeriod));
393 if (!validity.includesUnix()) {
394 NDNPH_NDNCERT_LOG("NewRequest validity expired");
395 return;
396 }
397
398 auto cert = pub.selfSign(m_region, validity, m_pvt);
399 m_newRequest.certRequest = m_region.create<Data>();
400 if (!m_newRequest.certRequest || !m_newRequest.certRequest.decodeFrom(cert)) {
401 NDNPH_NDNCERT_LOG("NewRequest cert request error");
402 return;
403 }
404
405 m_pending.send(m_newRequest.toInterest(region, m_profile, m_signingPolicy, m_pvt)) &&
406 gotoState(State::WaitNewResponse);
407 }
408
409 bool handleNewResponse(Data data) {
410 bool ok = m_newResponse.fromData(m_region, data, m_profile, m_challenges);
411 if (!ok) {
412 NDNPH_NDNCERT_LOG("NewResponse parse error");
413 return false;
414 }
415
416 GotoState gotoState(this);
417 for (size_t i = 0; i < m_newResponse.hasChallenge.size(); ++i) {
418 if (m_newResponse.hasChallenge.test(i)) {
419 m_challengeRequest.challenge = m_challenges[i];
420 break;
421 }
422 }
423 if (m_challengeRequest.challenge == nullptr) {
424 NDNPH_NDNCERT_LOG("NewResponse no common challenge");
425 return true;
426 }
427
428 ok = m_sessionKey.makeKey(m_ecdhPvt, m_newResponse.ecdhPub, m_newResponse.salt,
429 m_newResponse.requestId);
430 if (!ok) {
431 NDNPH_NDNCERT_LOG("NewResponse session key error");
432 return true;
433 }
434 prepareChallengeRequest(gotoState);
435 return true;
436 }
437
438 static void challengeCallback(void* self, bool ok) {
439 static_cast<Client*>(self)->m_state = ok ? State::SendChallengeRequest : State::Failure;
440 }
441
442 void prepareChallengeRequest(GotoState& gotoState) {
443 gotoState(State::ExecuteChallenge);
444 m_challengeRequest.params.clear();
445 if (m_challengeResponse.status == Status::BEFORE_CHALLENGE) {
446 m_challengeRequest.challenge->start(m_challengeRegion, m_challengeRequest, challengeCallback,
447 this);
448 } else {
449 m_challengeRequest.challenge->next(m_challengeRegion, m_challengeResponse, m_challengeRequest,
450 challengeCallback, this);
451 }
452 }
453
454 void sendChallengeRequest() {
455 StaticRegion<2048> region;
456 GotoState gotoState(this);
457 m_pending.send(m_challengeRequest.toInterest(region, m_profile, m_newResponse.requestId,
458 m_sessionKey, m_signingPolicy, m_pvt)) &&
459 gotoState(State::WaitChallengeResponse);
460 }
461
462 bool handleChallengeResponse(Data data) {
463 m_challengeRegion.reset();
464 bool ok = m_challengeResponse.fromData(m_challengeRegion, data, m_profile,
465 m_newResponse.requestId, m_sessionKey);
466 if (!ok) {
467 NDNPH_NDNCERT_LOG("ChallengeResponse parse error");
468 return false;
469 }
470
471 GotoState gotoState(this);
472 switch (m_challengeResponse.status) {
473 case Status::CHALLENGE:
474 prepareChallengeRequest(gotoState);
475 break;
476 case Status::SUCCESS:
477 return gotoState(State::FetchIssuedCert);
478 default:
479 break;
480 }
481 return true;
482 }
483
484 void sendFetchInterest() {
485 ndnph::StaticRegion<2048> region;
486 GotoState gotoState(this);
487 auto interest = region.create<ndnph::Interest>();
488 NDNPH_ASSERT(!!interest);
489 interest.setName(m_challengeResponse.issuedCertName);
490 interest.setFwHint(m_challengeResponse.fwHint);
491 m_pending.send(interest) && gotoState(State::WaitIssuedCert);
492 }
493
494 bool handleIssuedCert(Data data) {
495 ndnph::StaticRegion<512> region;
496 if (data.getFullName(region) != m_challengeResponse.issuedCertName) {
497 NDNPH_NDNCERT_LOG("IssuedCert full name mismatch");
498 return false;
499 }
500
501 GotoState gotoState(this);
502 if (!ec::isCertificate(data)) {
503 NDNPH_NDNCERT_LOG("IssuedCert parse error");
504 return true;
505 }
506 m_cb(m_cbCtx, data);
507 return gotoState(State::Success);
508 }
509
510private:
511 OutgoingPendingInterest m_pending;
512 State m_state = State::SendNewRequest;
513
514 const CaProfile& m_profile;
515 ChallengeList m_challenges;
516 const EcPrivateKey& m_pvt;
517 Callback m_cb;
518 void* m_cbCtx;
519
520 StaticRegion<2048> m_region;
521 StaticRegion<512> m_challengeRegion;
522 detail::ISigPolicy m_signingPolicy;
523 mbedtls::Mpi m_ecdhPvt;
524 NewRequest m_newRequest;
525 NewResponse m_newResponse;
526 detail::SessionKey m_sessionKey;
527 ChallengeRequest m_challengeRequest;
528 ChallengeResponse m_challengeResponse;
529};
530
532class NopChallenge : public Challenge {
533public:
534 tlv::Value getId() const override {
535 return challenge_consts::nop();
536 }
537
538 void start(Region&, ChallengeRequest&, void (*cb)(void*, bool), void* arg) override {
539 cb(arg, true);
540 }
541
542 void next(Region&, const ChallengeResponse&, ChallengeRequest&, void (*cb)(void*, bool),
543 void* arg) override {
544 cb(arg, false);
545 }
546};
547
549class PossessionChallenge : public Challenge {
550public:
551 explicit PossessionChallenge(Data cert, const PrivateKey& signer)
552 : m_cert(std::move(cert))
553 , m_signer(signer) {}
554
555 tlv::Value getId() const override {
556 return challenge_consts::possession();
557 }
558
559 void start(Region& region, ChallengeRequest& request, void (*cb)(void*, bool),
560 void* arg) override {
561 Encoder encoder(region);
562 encoder.prepend(m_cert);
563 encoder.trim();
564 if (!encoder) {
565 NDNPH_NDNCERT_LOG("PossessionChallenge encode error");
566 cb(arg, false);
567 return;
568 }
569
570 request.params.set(challenge_consts::issuedcert(), tlv::Value(encoder));
571 cb(arg, true);
572 }
573
574 void next(Region& region, const ChallengeResponse& response, ChallengeRequest& request,
575 void (*cb)(void*, bool), void* arg) override {
576 tlv::Value nonce = response.params.get(challenge_consts::nonce());
577 uint8_t* sig = region.alloc(m_signer.getMaxSigLen());
578 if (nonce.size() != 16 || sig == nullptr) {
579 NDNPH_NDNCERT_LOG("PossessionChallenge bad nonce or sig");
580 cb(arg, false);
581 return;
582 }
583
584 ssize_t sigLen = m_signer.sign({nonce}, sig);
585 if (sigLen < 0) {
586 NDNPH_NDNCERT_LOG("PossessionChallenge signing error");
587 cb(arg, false);
588 return;
589 }
590
591 request.params.set(challenge_consts::proof(), tlv::Value(sig, sigLen));
592 cb(arg, true);
593 }
594
595private:
596 Data m_cert;
597 const PrivateKey& m_signer;
598};
599
600} // namespace client
601
602using Client = client::Client;
603
604} // namespace ndncert
605} // namespace ndnph
606
607#endif // NDNPH_HAVE_MBED
608#endif // NDNPH_APP_NDNCERT_CLIENT_HPP
NDNPH_NDNCERT_LOG
#define NDNPH_NDNCERT_LOG(...)
Definition common.hpp:15
ndnph::Component
Name component.
Definition component.hpp:16
ndnph::Data
Data packet.
Definition data.hpp:136
ndnph::Data::getContent
tlv::Value getContent() const
Definition data.hpp:172
ndnph::Data::getName
const Name & getName() const
Definition data.hpp:140
ndnph::Data::verify
bool verify(const PublicKey &key) const
Verify the packet with a public key.
Definition data.hpp:263
ndnph::Data::decodeFrom
bool decodeFrom(const Decoder::Tlv &input)
Decode packet.
Definition data.hpp:201
ndnph::Decoder::Tlv
Decoded TLV.
Definition decoder.hpp:13
ndnph::Decoder::Tlv::length
size_t length
Definition decoder.hpp:39
ndnph::Decoder::Tlv::value
const uint8_t * value
Definition decoder.hpp:40
ndnph::Encoder
TLV encoder that accepts items in reverse order.
Definition encoder.hpp:10
ndnph::Encoder::prepend
bool prepend(const First &first, const Arg &... arg)
Prepend a sequence of values.
Definition encoder.hpp:123
ndnph::Encoder::trim
void trim() const
Release unused space to the Region.
Definition encoder.hpp:58
ndnph::Encoder::prependTlv
bool prependTlv(uint32_t type, OmitEmptyTag omitEmpty, const Arg &... arg)
Prepend TLV, measuring TLV-LENGTH automatically.
Definition encoder.hpp:143
ndnph::EvDecoder::decodeValue
static bool decodeValue(const Decoder &input, const E &... defs)
Decode input TLV-VALUE with a sequence of element definitions.
Definition ev-decoder.hpp:126
ndnph::Face
Network layer face.
Definition face.hpp:12
ndnph::Interest::Parameterized::sign
Signed sign(const PrivateKey &key, ISigInfo sigInfo=ISigInfo()) const
Definition interest.hpp:350
ndnph::Interest
Interest packet.
Definition interest.hpp:284
ndnph::Interest::parameterize
Parameterized parameterize(tlv::Value appParameters) const
Add AppParameters to the packet.
Definition interest.hpp:374
ndnph::Interest::setMustBeFresh
void setMustBeFresh(bool v)
Definition interest.hpp:296
ndnph::Interest::setName
void setName(const Name &v)
Definition interest.hpp:288
ndnph::Name
Name.
Definition name.hpp:14
ndnph::Name::size
size_t size() const
Get number of components.
Definition name.hpp:86
ndnph::PacketHandler
Base class to receive packets from Face.
Definition packet-handler.hpp:10
ndnph::PrivateKey
Private key.
Definition private-key.hpp:9
ndnph::Region
Region-based memory allocator thats owns memory of NDNph objects.
Definition region.hpp:9
ndnph::Region::create
RefType create(Arg &&... arg)
Allocate and create an object, and return its reference.
Definition region.hpp:90
ndnph::Region::alloc
uint8_t * alloc(size_t size)
Allocate a buffer with no alignment requirement.
Definition region.hpp:27
ndnph::StaticRegion
Region with statically allocated memory.
Definition region.hpp:143
ndnph::convention::detail::TypedNumber
Definition convention.hpp:111
ndnph::detail::SignedInterestRef
Definition interest.hpp:206
ndnph::ec::EcPrivateKey
EC private key.
Definition ec.hpp:180
ndnph::ec::EcPublicKey
EC public key.
Definition ec.hpp:65
ndnph::ec::EcPublicKey::import
bool import(const Name &name, const uint8_t raw[KeyLen::value])
Import from raw key bits.
Definition ec.hpp:80
ndnph::ec::EcPublicKey::selfSign
Data::Signed selfSign(Region &region, const ValidityPeriod &validity, const Signer &signer) const
Generate self-signed certificate of this public key.
Definition ec.hpp:154
ndnph::ndncert::client::CaProfile
CA profile packet.
Definition client.hpp:51
ndnph::ndncert::client::CaProfile::isName
static bool isName(const Name &name)
Determine whether name is a valid CA profile packet name.
Definition client.hpp:54
ndnph::ndncert::client::CaProfile::fromData
bool fromData(Region &region, const Data &data)
Extract CA profile from Data packet.
Definition client.hpp:65
ndnph::ndncert::client::CaProfile::pub
EcPublicKey pub
CA public key.
Definition client.hpp:88
ndnph::ndncert::client::ChallengeRequest
CHALLENGE request packet.
Definition client.hpp:166
ndnph::ndncert::client::ChallengeRequest::toInterest
Interest::Signed toInterest(Region &region, const CaProfile &profile, const uint8_t *requestId, detail::SessionKey &sessionKey, detail::ISigPolicy &signingPolicy, const EcPrivateKey &signer) const
Build CHALLENGE request packet.
Definition client.hpp:174
ndnph::ndncert::client::ChallengeResponse
CHALLENGE response packet.
Definition client.hpp:201
ndnph::ndncert::client::ChallengeResponse::fromData
bool fromData(Region &region, const Data &data, const CaProfile &profile, const uint8_t *requestId, detail::SessionKey &sessionKey)
Extract CHALLENGE response from Data packet.
Definition client.hpp:208
ndnph::ndncert::client::Challenge
Client side of a challenge.
Definition client.hpp:22
ndnph::ndncert::client::Challenge::start
virtual void start(Region &region, ChallengeRequest &request, void(*cb)(void *, bool), void *arg)=0
Create a message to select and start the challenge.
ndnph::ndncert::client::Challenge::getId
virtual tlv::Value getId() const =0
Return challenge identifier.
ndnph::ndncert::client::Challenge::next
virtual void next(Region &region, const ChallengeResponse &response, ChallengeRequest &request, void(*cb)(void *, bool), void *arg)=0
Create a message to continue the challenge.
ndnph::ndncert::client::Client
Client application.
Definition client.hpp:241
ndnph::ndncert::client::Client::processData
bool processData(Data data) final
Override to receive Data packets.
Definition client.hpp:360
ndnph::ndncert::client::Client::loop
void loop() final
Override to be invoked periodically.
Definition client.hpp:328
ndnph::ndncert::client::Client::requestCertificate
static void requestCertificate(const Options &opts)
Request a certificate.
Definition client.hpp:274
ndnph::ndncert::client::Client::Callback
void(*)(void *ctx, Data cert) Callback
Callback to be invoked upon completion of a certificate request procedure.
Definition client.hpp:248
ndnph::ndncert::client::NewRequest
NEW request packet.
Definition client.hpp:92
ndnph::ndncert::client::NewRequest::toInterest
Interest::Signed toInterest(Region &region, const CaProfile &profile, detail::ISigPolicy &signingPolicy, const EcPrivateKey &signer) const
Build NEW request packet.
Definition client.hpp:99
ndnph::ndncert::client::NewResponse
NEW response packet.
Definition client.hpp:118
ndnph::ndncert::client::NewResponse::hasChallenge
std::bitset< detail::MaxChallenges::value > hasChallenge
List of client challenges offered by server.
Definition client.hpp:162
ndnph::ndncert::client::NewResponse::fromData
bool fromData(Region &, const Data &data, const CaProfile &profile, const ChallengeList &challenges)
Extract NEW response from Data packet.
Definition client.hpp:126
ndnph::ndncert::client::NopChallenge
The "nop" challenge where the server would approve every request.
Definition client.hpp:532
ndnph::ndncert::client::NopChallenge::start
void start(Region &, ChallengeRequest &, void(*cb)(void *, bool), void *arg) override
Create a message to select and start the challenge.
Definition client.hpp:538
ndnph::ndncert::client::NopChallenge::next
void next(Region &, const ChallengeResponse &, ChallengeRequest &, void(*cb)(void *, bool), void *arg) override
Create a message to continue the challenge.
Definition client.hpp:542
ndnph::ndncert::client::NopChallenge::getId
tlv::Value getId() const override
Return challenge identifier.
Definition client.hpp:534
ndnph::ndncert::client::PossessionChallenge
The "possession" challenge where client must present an existing certificate.
Definition client.hpp:549
ndnph::ndncert::client::PossessionChallenge::start
void start(Region &region, ChallengeRequest &request, void(*cb)(void *, bool), void *arg) override
Create a message to select and start the challenge.
Definition client.hpp:559
ndnph::ndncert::client::PossessionChallenge::next
void next(Region &region, const ChallengeResponse &response, ChallengeRequest &request, void(*cb)(void *, bool), void *arg) override
Create a message to continue the challenge.
Definition client.hpp:574
ndnph::ndncert::client::PossessionChallenge::getId
tlv::Value getId() const override
Return challenge identifier.
Definition client.hpp:555
ndnph::ndncert::client::PossessionChallenge::PossessionChallenge
PossessionChallenge(Data cert, const PrivateKey &signer)
Definition client.hpp:551
ndnph::ndncert::detail::SessionKey
Symmetric key used in CHALLENGE step.
Definition common.hpp:33
ndnph::ndncert::detail::SessionKey::decrypt
tlv::Value decrypt(Region &region, tlv::Value message, const uint8_t *requestId)
Decrypt from encrypted-message.
Definition common.hpp:53
ndnph::ndncert::detail::SessionKey::encrypt
tlv::Value encrypt(Region &region, tlv::Value plaintext, const uint8_t *requestId)
Encrypt to encrypted-message.
Definition common.hpp:48
ndnph::ndncert::packet_struct::ParameterKV::Parser
Definition common.hpp:85
ndnph::tlv::Value
A sequence of bytes, usually TLV-VALUE.
Definition value.hpp:11
ndnph::tlv::Value::makeDecoder
Decoder makeDecoder() const
Create a Decoder over this value buffer.
Definition value.hpp:64
ndnph::tlv::Value::size
size_t size() const
Definition value.hpp:46
NDNPH_ASSERT
#define NDNPH_ASSERT(x)
Definition common.hpp:30
ndnph::ndncert::client::ChallengeList
std::array< Challenge *, detail::MaxChallenges::value > ChallengeList
Definition client.hpp:48
ndnph::ndncert::getInfoComponent
Component getInfoComponent()
Return 'INFO' component.
Definition an.hpp:53
ndnph::ndncert::Client
client::Client Client
Definition client.hpp:602
ndnph::ndncert::getCaComponent
Component getCaComponent()
Return 'CA' component.
Definition an.hpp:45
ndnph::ndncert::getNewComponent
Component getNewComponent()
Return 'NEW' component.
Definition an.hpp:69
ndnph::ndncert::getChallengeComponent
Component getChallengeComponent()
Return 'CHALLENGE' component.
Definition an.hpp:77
ndnph
Definition fs.hpp:33
ndnph::EcPrivateKey
ec::EcPrivateKey EcPrivateKey
Definition ec.hpp:326
ndnph::ndncert::client::Client::Options::face
Face & face
Face for communication.
Definition client.hpp:252
ndnph::ndncert::client::Client::Options::ctx
void * ctx
Context pointer.
Definition client.hpp:270
ndnph::ndncert::client::Client::Options::pvt
const EcPrivateKey & pvt
Corresponding private key.
Definition client.hpp:264
ndnph::ndncert::client::Client::Options::cb
Callback cb
Completion callback.
Definition client.hpp:267
ndnph::ndncert::client::Client::Options::pub
const EcPublicKey & pub
Public key to appear in the certificate.
Definition client.hpp:261
ndnph::ndncert::client::Client::Options::challenges
const ChallengeList & challenges
List of acceptable challenges.
Definition client.hpp:258
ndnph::ndncert::client::Client::Options::profile
const CaProfile & profile
CA profile.
Definition client.hpp:255
Generated by doxygen 1.9.8