VerifyAtomic.java example

Explorer
Security-Service-Validation-and-Verification-master
/**
 * Copyright 2014 Liverpool John Moores University <http://www.ljmu.ac.uk/cmp/>
 * Aniketos Project FP7-ICT-257930 <http://www.aniketos.eu>
 * David Llewellyn-Jones <D.Llewellyn-Jones@ljmu.ac.uk>
 * 
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either 
 * version 3 of the License, or (at your option) any later version.
 * 
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library. If not, see <http://www.gnu.org/licenses/>.
 *
 */

package eu.aniketos.ncvm.impl;

import org.apache.commons.codec.binary.Base64;

//import eu.aniketos.components.verification.propertyverification.PropertyVerificationResult;
import eu.aniketos.data.SPState;
import eu.aniketos.ncvm.IVerificationResult;
import eu.aniketos.ncvm.impl.NestedCompositionVerification.AniketosServices;

/**
 * Class for verifying atomic services. This is particularly useful when verifying a service that
 * is already registered in the Marketplace.
 * @author LJMU/David Llewellyn-Jones
 *
 */
public class VerifyAtomic {
	private String conspec;
	private String propertyID;
	private String serviceID;
	private AniketosServices call;
	private String details;
	private String serviceFilter;

	/**
	 * Initialise the class.
	 * @param serviceID the ID of the service to check.
	 * @param propertyID the security property to check.
	 * @param conspec a ConSpec file for the property to be checked.
	 * @param call object for managing the external services.
	 * @param details details of the service to be checked.
	 * @param serviceFilter apply a filter in case only services with a given ID should be checked.
	 */
	public VerifyAtomic(String serviceID, String propertyID, String conspec, AniketosServices call, String details, String serviceFilter) {
		this.serviceID = serviceID;
		this.propertyID = propertyID;
		this.conspec = conspec;
		this.call = call;
		this.details = details;
		this.serviceFilter = serviceFilter;
	}
	
	/**
	 * Set the ConSpec file of the security property to be checked.
	 * @param conspec the ConSpec file contents to set.
	 */
	public void setConspec(String conspec) {
		this.conspec = conspec;
	}

	/**
	 * Set the property ID of the security property to be checked.
	 * @param propertyID the property ID to set.
	 */
	public void setPropertyID(String propertyID) {
		this.propertyID = propertyID;
	}

	/**
	 * Set the ID of the service to be checked.
	 * @param serviceID the serviceID of the service to check.
	 */
	public void setServiceID(String serviceID) {
		this.serviceID = serviceID;
	}

	/**
	 * Set the stored details of the external services to use.
	 * @param call object holding details of the external services to use.
	 */
	public void setCall(AniketosServices call) {
		this.call = call;
	}

	/**
	 * Details for the verification process.
	 * @param details the details to set.
	 */
	public void setDetails(String details) {
		this.details = details;
	}

	/**
	 * Verify an atomic service that has already been registered in the Marketplace.
	 * The details for the verification should be set as class variables using the class setters.
	 * @return true if the verification process verifies that the property holds for the service.
	 */
	public IVerificationResult verify () {
		IVerificationResult result = new VerificationResult();
		boolean filterMatches = (serviceFilter.isEmpty() || serviceFilter.equalsIgnoreCase(serviceID));

		if (!propertyID.equals("Confidentiality") && !propertyID.equals("DangerousFunctions")) {
			Activator.logLine("Property doesn't apply to atomic services: " + propertyID);
		}
		
		if (filterMatches) {
			SPState state = CacheSupport.CheckCachedProperty (call.spdm, serviceID, propertyID, result);
			if (state == SPState.Verified) {
				Activator.logLine("Property already verified and cached");
				result.setResult(1);
			}
			else {
				Activator.logLine("Calling PVM, service task ID: " + serviceID);
				if (call.pvm != null) {
		            Base64 encoder = new Base64();
		            String agreementTemplateEncoded = encoder.encodeToString(conspec.getBytes());
		
		            try {
		            	eu.aniketos.components.verification.propertyverification.PropertyVerificationResult verificationProperty = call.pvm.verifyTechnicalTrustProperties(agreementTemplateEncoded, details);
		    			Activator.logLine("PVM result: " + verificationProperty.getVerificationResult() + "; " + verificationProperty.getVerificationExplaination());
		    			int verified = verificationProperty.getVerificationResult();
		    			if (verified != 0) {
		    				result.setResult(0);
							Activator.logLine("Atomic property verification unsuccessful");
		    			}
		    			else {
		    				result.setResult(1);
							CacheSupport.SetCachedProperty (call.spdm, serviceID, propertyID, Integer.toString(result.getResult()), SPState.Verified);
							Activator.logLine("Atomic property verification successful, result cached in SPDM");
		    			}            	
		            }
		            catch (Exception e) {
		    			Activator.logLine("PVM error: " + e.getMessage());
		    			Activator.logLine("The PVM is not accessible without authentication using dummy mode.");
		    			result.setError(3, "PVM error");
		            }
				}
				else {
					Activator.logLine("PVM not found");
					result.setError(3, "PVM not found");
				}
			}
		}
		else {
			Activator.logLine("ConSpec only applies to " + serviceFilter);
			Activator.logLine("Therefore skipping for " + serviceID);
			result.setResult(1);
		}
		
		return result;
	}
}