Reduce unnecessary includes in common.hpp
Also, make Decryptor::doDecrypt() static
Refs: #4755
Change-Id: I21b05897e31fc98697b60b7305ac865962e699c4
diff --git a/src/access-manager.cpp b/src/access-manager.cpp
index 0093d57..70ad8be 100644
--- a/src/access-manager.cpp
+++ b/src/access-manager.cpp
@@ -22,6 +22,7 @@
#include <ndn-cxx/security/signing-helpers.hpp>
#include <ndn-cxx/util/logger.hpp>
+#include <ndn-cxx/util/random.hpp>
namespace ndn::nac {
diff --git a/src/common.hpp b/src/common.hpp
index 5aebdeb..24df62f 100644
--- a/src/common.hpp
+++ b/src/common.hpp
@@ -34,34 +34,24 @@
#define NAC_PROTECTED_WITH_TESTS_ELSE_PRIVATE private
#endif
-#include <cstddef>
-#include <list>
-#include <map>
-#include <queue>
-#include <set>
-#include <unordered_map>
-#include <unordered_set>
-#include <vector>
+#include <functional>
+#include <stdexcept>
#include <ndn-cxx/data.hpp>
#include <ndn-cxx/encoding/buffer-stream.hpp>
#include <ndn-cxx/face.hpp>
#include <ndn-cxx/ims/in-memory-storage-persistent.hpp>
#include <ndn-cxx/interest.hpp>
+#include <ndn-cxx/security/certificate.hpp>
#include <ndn-cxx/security/key-chain.hpp>
#include <ndn-cxx/security/signing-info.hpp>
#include <ndn-cxx/security/transform/public-key.hpp>
#include <ndn-cxx/security/validation-callback.hpp>
#include <ndn-cxx/security/validation-error.hpp>
-#include <ndn-cxx/security/validator-null.hpp>
#include <ndn-cxx/security/validator.hpp>
-#include <ndn-cxx/util/random.hpp>
-#include <ndn-cxx/util/signal.hpp>
-#include <boost/algorithm/string.hpp>
#include <boost/assert.hpp>
-#include <boost/lexical_cast.hpp>
-#include <boost/noncopyable.hpp>
+#include <boost/core/noncopyable.hpp>
namespace ndn::nac {
@@ -74,11 +64,11 @@
using security::SigningInfo;
using security::ValidationError;
using security::Validator;
-using security::ValidatorNull;
using security::extractKeyNameFromCertName;
using security::transform::PublicKey;
namespace tlv {
+
using namespace ndn::tlv;
enum {
@@ -90,21 +80,21 @@
} // namespace tlv
-const name::Component ENCRYPTED_BY("ENCRYPTED-BY");
-const name::Component NAC("NAC");
-const name::Component KEK("KEK");
-const name::Component KDK("KDK");
-const name::Component CK("CK");
+inline const name::Component ENCRYPTED_BY{"ENCRYPTED-BY"};
+inline const name::Component NAC{"NAC"};
+inline const name::Component KEK{"KEK"};
+inline const name::Component KDK{"KDK"};
+inline const name::Component CK{"CK"};
-const size_t AES_KEY_SIZE = 32;
-const size_t AES_IV_SIZE = 16;
+inline constexpr size_t AES_KEY_SIZE = 32;
+inline constexpr size_t AES_IV_SIZE = 16;
-const time::seconds DEFAULT_KEK_FRESHNESS_PERIOD = 1_h;
-const time::seconds DEFAULT_KDK_FRESHNESS_PERIOD = 1_h;
-const time::seconds DEFAULT_CK_FRESHNESS_PERIOD = 1_h;
+inline constexpr time::seconds DEFAULT_KEK_FRESHNESS_PERIOD = 1_h;
+inline constexpr time::seconds DEFAULT_KDK_FRESHNESS_PERIOD = 1_h;
+inline constexpr time::seconds DEFAULT_CK_FRESHNESS_PERIOD = 1_h;
-const time::seconds RETRY_DELAY_AFTER_NACK = 1_s;
-const time::seconds RETRY_DELAY_KEK_RETRIEVAL = 60_s;
+inline constexpr time::seconds RETRY_DELAY_AFTER_NACK = 1_s;
+inline constexpr time::seconds RETRY_DELAY_KEK_RETRIEVAL = 60_s;
enum class ErrorCode {
KekRetrievalFailure = 1,
diff --git a/src/decryptor.cpp b/src/decryptor.cpp
index 0becbe2..1372134 100644
--- a/src/decryptor.cpp
+++ b/src/decryptor.cpp
@@ -25,11 +25,13 @@
#include <ndn-cxx/util/exception.hpp>
#include <ndn-cxx/util/logger.hpp>
+#include <boost/lexical_cast.hpp>
+
namespace ndn::nac {
NDN_LOG_INIT(nac.Decryptor);
-const size_t N_RETRIES = 3;
+constexpr size_t N_RETRIES = 3;
Decryptor::Decryptor(const Key& credentialsKey, Validator& validator, KeyChain& keyChain, Face& face)
: m_credentialsKey(credentialsKey)
diff --git a/src/decryptor.hpp b/src/decryptor.hpp
index a8ea7c3..8e6486f 100644
--- a/src/decryptor.hpp
+++ b/src/decryptor.hpp
@@ -23,7 +23,8 @@
#include "common.hpp"
#include "encrypted-content.hpp"
-#include <ndn-cxx/face.hpp>
+#include <list>
+#include <map>
namespace ndn::nac {
@@ -38,6 +39,24 @@
public:
using DecryptSuccessCallback = std::function<void(ConstBufferPtr)>;
+ /**
+ * @brief Constructor
+ * @param credentialsKey Credentials key to be used to retrieve and decrypt KDK
+ * @param validator Validation policy to ensure validity of KDK and CK
+ * @param keyChain KeyChain
+ * @param face Face that will be used to fetch CK and KDK
+ */
+ Decryptor(const Key& credentialsKey, Validator& validator, KeyChain& keyChain, Face& face);
+
+ ~Decryptor();
+
+ /**
+ * @brief Asynchronously decrypt @p encryptedContent
+ */
+ void
+ decrypt(const Block& encryptedContent,
+ const DecryptSuccessCallback& onSuccess, const ErrorCallback& onFailure);
+
private:
struct ContentKey
{
@@ -56,25 +75,6 @@
using ContentKeys = std::map<Name, ContentKey>;
-public:
- /**
- * @brief Constructor
- * @param credentialsKey Credentials key to be used to retrieve and decrypt KDK
- * @param validator Validation policy to ensure validity of KDK and CK
- * @param keyChain KeyChain
- * @param face Face that will be used to fetch CK and KDK
- */
- Decryptor(const Key& credentialsKey, Validator& validator, KeyChain& keyChain, Face& face);
-
- ~Decryptor();
-
- /**
- * @brief Asynchronously decrypt @p encryptedContent
- */
- void
- decrypt(const Block& encryptedContent, const DecryptSuccessCallback& onSuccess, const ErrorCallback& onFailure);
-
-private:
void
fetchCk(ContentKeys::iterator ck, const ErrorCallback& onFailure, size_t nTriesLeft);
@@ -91,9 +91,9 @@
const ErrorCallback& onFailure);
/**
- * @brief Synchronously decrypt (assume CK exists)
+ * @brief Synchronously decrypt
*/
- void
+ static void
doDecrypt(const EncryptedContent& encryptedContent, const Buffer& ckBits,
const DecryptSuccessCallback& onSuccess,
const ErrorCallback& onFailure);
@@ -106,7 +106,7 @@
KeyChain m_internalKeyChain; // internal in-memory keychain for temporarily storing KDKs
// a set of Content Keys
- // @TODO add some expiration, so they are not stored forever
+ // TODO: add some expiration, so they are not stored forever
ContentKeys m_cks;
};
diff --git a/src/encryptor.cpp b/src/encryptor.cpp
index 04febf0..25431bd 100644
--- a/src/encryptor.cpp
+++ b/src/encryptor.cpp
@@ -23,12 +23,15 @@
#include <ndn-cxx/security/transform/buffer-source.hpp>
#include <ndn-cxx/security/transform/stream-sink.hpp>
#include <ndn-cxx/util/logger.hpp>
+#include <ndn-cxx/util/random.hpp>
+
+#include <boost/lexical_cast.hpp>
namespace ndn::nac {
NDN_LOG_INIT(nac.Encryptor);
-const size_t N_RETRIES = 3;
+constexpr size_t N_RETRIES = 3;
Encryptor::Encryptor(const Name& accessPrefix,
const Name& ckPrefix, SigningInfo ckDataSigningInfo,