Directory Structuring
diff --git a/src/security/nlsr_cert_store.hpp b/src/security/nlsr_cert_store.hpp
new file mode 100644
index 0000000..5bbef9e
--- /dev/null
+++ b/src/security/nlsr_cert_store.hpp
@@ -0,0 +1,6 @@
+#ifndef NLSR_CERT_STORE_HPP
+#define NLSR_CERT_STORE_HPP
+
+
+
+#endif
diff --git a/src/security/nlsr_km.cpp b/src/security/nlsr_km.cpp
new file mode 100644
index 0000000..69052eb
--- /dev/null
+++ b/src/security/nlsr_km.cpp
@@ -0,0 +1,84 @@
+#include <ndn-cpp-dev/security/identity-certificate.hpp>
+#include <ndn-cpp-dev/encoding/block.hpp>
+#include "nlsr_sm.hpp"
+#include "nlsr_km.hpp"
+
+namespace nlsr
+{
+ void
+ KeyManager::initKeyManager(ConfParameter &cp)
+ {
+ string processIdentityName(cp.getRootKeyPrefix());
+ processIdentityName += "/";
+ processIdentityName += cp.getSiteName();
+ processIdentityName += "/";
+ processIdentityName += "R.Start";
+ processIdentityName += "/";
+ processIdentityName += cp.getRouterName();
+ processIdentityName += "/";
+ processIdentityName += "nlsr";
+ cout<<"Proces Identity Name: "<<processIdentityName<<endl;
+ ndn::Name identityName(processIdentityName);
+ routerIdentity=identityName;
+ ndn::KeyChain::deleteIdentity(routerIdentity);
+ routerCertName = ndn::KeyChain::createIdentity(routerIdentity);
+ cout<<"Certificate Name: "<<routerCertName.toUri()<<endl;
+ routerKeyName=
+ ndn::IdentityCertificate::certificateNameToPublicKeyName(routerCertName);
+ cout<<"Key Name: "<<routerKeyName.toUri()<<endl;
+ initCertSeqFromFile(cp.getSeqFileDir());
+ }
+
+ ndn::Name
+ KeyManager::getRouterCertName()
+ {
+ return routerCertName;
+ }
+
+ uint32_t
+ KeyManager::getCertSeqNo()
+ {
+ return certSeqNo;
+ }
+
+ void
+ KeyManager::setCerSeqNo(uint32_t csn)
+ {
+ certSeqNo=csn;
+ }
+
+ void
+ KeyManager::initCertSeqFromFile(string certSeqFileDir)
+ {
+ certSeqFileNameWithPath=certSeqFileDir;
+ if( certSeqFileNameWithPath.empty() )
+ {
+ SequencingManager sm;
+ certSeqFileNameWithPath=sm.getUserHomeDirectory();
+ }
+ certSeqFileNameWithPath += "/nlsrCertSeqNo.txt";
+ cout<<"Key Seq File Name: "<< certSeqFileNameWithPath<<endl;
+ std::ifstream inputFile(certSeqFileNameWithPath.c_str(),ios::binary);
+ if ( inputFile.good() )
+ {
+ inputFile>>certSeqNo;
+ certSeqNo++;
+ }
+ else
+ {
+ certSeqNo=1;
+ }
+ writeCertSeqToFile();
+ }
+
+ void
+ KeyManager::writeCertSeqToFile()
+ {
+ std::ofstream outputFile(certSeqFileNameWithPath.c_str(),ios::binary);
+ outputFile<<certSeqNo;
+ outputFile.close();
+ }
+}
+
+
+
diff --git a/src/security/nlsr_km.hpp b/src/security/nlsr_km.hpp
new file mode 100644
index 0000000..7b3b7ba
--- /dev/null
+++ b/src/security/nlsr_km.hpp
@@ -0,0 +1,158 @@
+#ifndef NLSR_KM_HPP
+#define NLSR_KM_HPP
+
+#include <ndn-cpp-dev/face.hpp>
+#include <ndn-cpp-dev/data.hpp>
+#include <ndn-cpp-dev/security/key-chain.hpp>
+#include <ndn-cpp-dev/security/validator.hpp>
+#include <ndn-cpp-dev/util/scheduler.hpp>
+#include <ndn-cpp-dev/util/random.hpp>
+#include <ndn-cpp-dev/security/identity-certificate.hpp>
+#include <ndn-cpp-dev/security/signature-sha256-with-rsa.hpp>
+
+#include <ndn-cpp-dev/security/sec-public-info-sqlite3.hpp>
+#include <ndn-cpp-dev/security/sec-public-info-memory.hpp>
+//TPM
+#include <ndn-cpp-dev/security/sec-tpm-file.hpp>
+#include <ndn-cpp-dev/security/sec-tpm-memory.hpp>
+
+#ifdef NDN_CPP_HAVE_OSX_SECURITY
+#include <ndn-cpp-dev/security/sec-tpm-osx.hpp>
+#endif
+
+#include <list>
+#include "nlsr_conf_param.hpp"
+
+namespace nlsr
+{
+ enum nlsrKeyType
+ {
+ KEY_TYPE_ROOT,
+ KEY_TYPE_SITE,
+ KEY_TYPE_OPERATOR,
+ KEY_TYPE_ROUTER,
+ KEY_TYPE_PROCESS
+ };
+
+ class KeyManager: public ndn::KeyChain, public ndn::Validator
+ {
+ typedef SecPublicInfo::Error InfoError;
+ typedef SecTpm::Error TpmError;
+ public:
+ KeyManager()
+ : certSeqNo(1)
+ {
+ }
+
+ void initKeyManager(ConfParameter &cp);
+
+ void
+ checkPolicy (const ndn::Data& data,
+ int stepCount,
+ const ndn::OnDataValidated &onValidated,
+ const ndn::OnDataValidationFailed &onValidationFailed,
+ std::vector<ndn::shared_ptr<ndn::ValidationRequest> > &nextSteps)
+ {}
+
+ void
+ checkPolicy (const ndn::Interest& interest,
+ int stepCount,
+ const ndn::OnInterestValidated &onValidated,
+ const ndn::OnInterestValidationFailed &onValidationFailed,
+ std::vector<ndn::shared_ptr<ndn::ValidationRequest> > &nextSteps)
+ {}
+
+ void signData(ndn::Data& data)
+ {
+ ndn::KeyChain::signByIdentity(data,routerIdentity);
+ //ndn::SignatureSha256WithRsa signature(data.getSignature());
+ //signature.setKeyLocator(routerCertName);
+ }
+
+ ndn::shared_ptr<ndn::IdentityCertificate>
+ getCertificate(ndn::Name certificateName)
+ {
+ return ndn::KeyChain::getCertificate(routerCertName);
+ }
+
+ ndn::Name
+ createIdentity(const ndn::Name identityName, const ndn::Name signee)
+ {
+ ndn::KeyChain::addIdentity(identityName);
+ ndn::Name keyName;
+ try
+ {
+ keyName = ndn::KeyChain::getDefaultKeyNameForIdentity(identityName);
+ }
+ catch(InfoError& e)
+ {
+ keyName = ndn::KeyChain::generateRSAKeyPairAsDefault(identityName, true);
+ }
+ ndn::shared_ptr<ndn::PublicKey> pubKey;
+ try
+ {
+ pubKey = ndn::KeyChain::getPublicKey(keyName);
+ }
+ catch(InfoError& e)
+ {
+ //return ndn::shared_ptr<ndn::IdentityCertificate>()->getName();
+ return identityName;
+ }
+ ndn::Name certName;
+ try
+ {
+ certName = ndn::KeyChain::getDefaultCertificateNameForKey(keyName);
+ }
+ catch(InfoError& e)
+ {
+ ndn::shared_ptr<ndn::IdentityCertificate> certificate =
+ ndn::make_shared<ndn::IdentityCertificate>();
+ ndn::Name certificateName = keyName.getPrefix(-1);
+ certificateName.append("KEY").append(
+ keyName.get(-1)).append("ID-CERT").appendVersion();
+ certificate->setName(certificateName);
+ certificate->setNotBefore(ndn::getNow());
+ certificate->setNotAfter(ndn::getNow() + 31536000 /* 1 year*/);
+ certificate->setPublicKeyInfo(*pubKey);
+ certificate->addSubjectDescription(
+ ndn::CertificateSubjectDescription("2.5.4.41",
+ keyName.toUri()));
+ certificate->encode();
+ try
+ {
+ ndn::KeyChain::signByIdentity(*certificate,signee);
+ }
+ catch(InfoError& e)
+ {
+ try
+ {
+ ndn::KeyChain::deleteIdentity(identityName);
+ }
+ catch(InfoError& e)
+ {
+ }
+ return identityName;
+ }
+ certName=certificate->getName();
+ }
+ return certName;
+ }
+
+ ndn::Name getRouterCertName();
+
+ uint32_t getCertSeqNo();
+ void setCerSeqNo(uint32_t csn);
+ void initCertSeqFromFile(string certSeqFileDir);
+ void writeCertSeqToFile();
+
+ private:
+ ndn::Name routerIdentity;
+ ndn::Name routerCertName;
+ ndn::Name routerKeyName;
+ uint32_t certSeqNo;
+ string certSeqFileNameWithPath;
+
+ };
+}
+
+#endif