| Line |
Branch |
Exec |
Source |
| 1 |
|
|
/** |
| 2 |
|
|
* This file is part of the CernVM File System. |
| 3 |
|
|
*/ |
| 4 |
|
|
|
| 5 |
|
|
#ifndef CVMFS_LETTER_H_ |
| 6 |
|
|
#define CVMFS_LETTER_H_ |
| 7 |
|
|
|
| 8 |
|
|
#include <string> |
| 9 |
|
|
|
| 10 |
|
|
#include "crypto/hash.h" |
| 11 |
|
|
|
| 12 |
|
|
namespace signature { |
| 13 |
|
|
class SignatureManager; |
| 14 |
|
|
} |
| 15 |
|
|
|
| 16 |
|
|
namespace letter { |
| 17 |
|
|
|
| 18 |
|
|
enum Failures { |
| 19 |
|
|
kFailOk = 0, |
| 20 |
|
|
kFailBadBase64, |
| 21 |
|
|
kFailMalformed, |
| 22 |
|
|
kFailExpired, |
| 23 |
|
|
kFailBadSignature, |
| 24 |
|
|
kFailBadCertificate, |
| 25 |
|
|
kFailNameMismatch, |
| 26 |
|
|
|
| 27 |
|
|
kFailNumEntries |
| 28 |
|
|
}; |
| 29 |
|
|
|
| 30 |
|
✗ |
inline const char *Code2Ascii(const Failures error) { |
| 31 |
|
|
const char *texts[kFailNumEntries + 1]; |
| 32 |
|
✗ |
texts[0] = "OK"; |
| 33 |
|
✗ |
texts[1] = "invalid Base64 input"; |
| 34 |
|
✗ |
texts[2] = "letter malformed"; |
| 35 |
|
✗ |
texts[3] = "letter expired"; |
| 36 |
|
✗ |
texts[4] = "signature verification failed"; |
| 37 |
|
✗ |
texts[5] = "certificate is not whitelisted"; |
| 38 |
|
✗ |
texts[6] = "repository name mismatch"; |
| 39 |
|
✗ |
texts[7] = "no text"; |
| 40 |
|
✗ |
return texts[error]; |
| 41 |
|
|
} |
| 42 |
|
|
|
| 43 |
|
|
class Letter { |
| 44 |
|
|
public: |
| 45 |
|
|
Letter(const std::string &fqrn, |
| 46 |
|
|
const std::string &text, |
| 47 |
|
|
signature::SignatureManager *signature_manager); |
| 48 |
|
|
std::string Sign(const shash::Algorithms hash_algorithm); |
| 49 |
|
|
Failures Verify(uint64_t max_age, std::string *msg, std::string *cert); |
| 50 |
|
|
std::string text() const { return text_; } |
| 51 |
|
|
|
| 52 |
|
|
private: |
| 53 |
|
|
std::string fqrn_; |
| 54 |
|
|
std::string text_; |
| 55 |
|
|
signature::SignatureManager *signature_manager_; |
| 56 |
|
|
}; // class Letter |
| 57 |
|
|
|
| 58 |
|
|
} // namespace letter |
| 59 |
|
|
|
| 60 |
|
|
#endif // CVMFS_LETTER_H_ |
| 61 |
|
|
|