security: Change to use IdentityCertificate instead of Certificate where needed.
diff --git a/include/ndn-cpp/security/identity/identity-manager.hpp b/include/ndn-cpp/security/identity/identity-manager.hpp
index 2dd9b6e..d461062 100644
--- a/include/ndn-cpp/security/identity/identity-manager.hpp
+++ b/include/ndn-cpp/security/identity/identity-manager.hpp
@@ -7,13 +7,16 @@
*/
#ifndef NDN_IDENTITY_MANAGER_HPP
-#define NDN_IDENTITY_MANAGER_HPP
+#define NDN_IDENTITY_MANAGER_HPP
-#include "../certificate/certificate.hpp"
+#include "../certificate/identity-certificate.hpp"
#include "identity-storage.hpp"
#include "../certificate/public-key.hpp"
#include "private-key-storage.hpp"
+// TODO: Implement Time values.
+class Time;
+
namespace ndn {
/**
@@ -98,11 +101,35 @@
}
/**
+ * Create an identity certificate for a public key managed by this IdentityManager.
+ * @param keyName The name of public key to be signed.
+ * @param signerCertificateName The name of signing certificate.
+ * @param notBefore The notBefore value in the validity field of the generated certificate.
+ * @param notAfter The notAfter vallue in validity field of the generated certificate.
+ * @return The name of generated identity certificate.
+ */
+ Name
+ createIdentityCertificate(const Name& keyName, const Name& signerCertificateName, const Time& notBefore, const Time& notAfter);
+
+ /**
+ * Create an identity certificate for a public key supplied by the caller.
+ * @param keyName The name of public key to be signed.
+ * @param publickey The public key to be signed.
+ * @param signerCertificateName The name of signing certificate.
+ * @param notBefore The notBefore value in the validity field of the generated certificate.
+ * @param notAfter The notAfter vallue in validity field of the generated certificate.
+ * @return The generated identity certificate.
+ */
+ ptr_lib::shared_ptr<IdentityCertificate>
+ createIdentityCertificate
+ (const Name& keyName, const PublicKey& publickey, const Name& signerCertificateName, const Time& notBefore, const Time& notAfter);
+
+ /**
* Add a certificate into the public key identity storage.
- * @param certificate The certificate to to added.
+ * @param certificate The certificate to to added. This makes a copy of the certificate.
*/
void
- addCertificate(const Certificate& certificate)
+ addCertificate(const IdentityCertificate& certificate)
{
identityStorage_->addCertificate(certificate);
}
@@ -116,27 +143,27 @@
/**
* Add a certificate into the public key identity storage and set the certificate as the default for its corresponding identity.
- * @param certificate The certificate to be added.
+ * @param certificate The certificate to be added. This makes a copy of the certificate.
*/
void
- addCertificateAsIdentityDefault(const Certificate& certificate);
+ addCertificateAsIdentityDefault(const IdentityCertificate& certificate);
/**
* Add a certificate into the public key identity storage and set the certificate as the default of its corresponding key.
- * certificate the certificate to be added
+ * @param certificate The certificate to be added. This makes a copy of the certificate.
*/
void
- addCertificateAsDefault(const Certificate& certificate);
+ addCertificateAsDefault(const IdentityCertificate& certificate);
/**
* Get a certificate with the specified name.
* @param certificateName The name of the requested certificate.
* @return the requested certificate which is valid.
*/
- ptr_lib::shared_ptr<Certificate>
+ ptr_lib::shared_ptr<IdentityCertificate>
getCertificate(const Name& certificateName)
{
- return identityStorage_->getCertificate(certificateName, false);
+ return ptr_lib::make_shared<IdentityCertificate>(*identityStorage_->getCertificate(certificateName, false));
}
/**
@@ -144,10 +171,10 @@
* @param certificateName The name of the requested certificate.
* @return the requested certificate.
*/
- ptr_lib::shared_ptr<Certificate>
+ ptr_lib::shared_ptr<IdentityCertificate>
getAnyCertificate(const Name& certificateName)
{
- return identityStorage_->getCertificate(certificateName, true);
+ return ptr_lib::make_shared<IdentityCertificate>(*identityStorage_->getCertificate(certificateName, true));
}
/**
@@ -172,16 +199,15 @@
return identityStorage_->getDefaultCertificateNameForIdentity(getDefaultIdentity());
}
-#if 0
/**
- * sign blob based on certificate name
- * @param blob the blob to be signed
- * @param certificateName the signing certificate name
- * @return the generated signature
+ * Sign the byte array data based on the certificate name.
+ * @param data The data to be signed.
+ * @param dataLength the length of data.
+ * @param certificateName The signing certificate name.
+ * @return The generated signature.
*/
- Ptr<Signature>
- signByCertificate(const Blob& blob, const Name& certificateName);
-#endif
+ ptr_lib::shared_ptr<Signature>
+ signByCertificate(const uint8_t* data, size_t dataLength, const Name& certificateName);
/**
* Sign data packet based on the certificate name.
@@ -211,7 +237,7 @@
* @param keyName The name of the public key.
* @return The generated certificate.
*/
- ptr_lib::shared_ptr<Certificate>
+ ptr_lib::shared_ptr<IdentityCertificate>
selfSign(const Name& keyName);
ptr_lib::shared_ptr<IdentityStorage> identityStorage_;