Avoid deprecated ndn-cxx functions
Change-Id: Ib148262999a691760821a2ce1c05a5e6332e7e34
diff --git a/src/access-manager.cpp b/src/access-manager.cpp
index a759f2d..3602c98 100644
--- a/src/access-manager.cpp
+++ b/src/access-manager.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2020, Regents of the University of California
+ * Copyright (c) 2014-2022, Regents of the University of California
*
* NAC library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
@@ -87,7 +87,7 @@
const size_t secretLength = 32;
uint8_t secret[secretLength + 1];
- random::generateSecureBytes(secret, secretLength);
+ random::generateSecureBytes({secret, secretLength});
// because of stupid bug in ndn-cxx, remove all \0 in generated secret, replace with 1
for (size_t i = 0; i < secretLength; ++i) {
if (secret[i] == 0) {
@@ -100,11 +100,11 @@
reinterpret_cast<const char*>(secret), secretLength);
PublicKey memberKey;
- memberKey.loadPkcs8(memberCert.getPublicKey().data(), memberCert.getPublicKey().size());
+ memberKey.loadPkcs8(memberCert.getPublicKey());
EncryptedContent content;
content.setPayload(kdkData->wireEncode());
- content.setPayloadKey(memberKey.encrypt(secret, secretLength));
+ content.setPayloadKey(memberKey.encrypt({secret, secretLength}));
auto kdk = make_shared<Data>(kdkName);
kdk->setContent(content.wireEncode());
diff --git a/src/decryptor.cpp b/src/decryptor.cpp
index 1630080..74290c8 100644
--- a/src/decryptor.cpp
+++ b/src/decryptor.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2020, Regents of the University of California
+ * Copyright (c) 2014-2022, Regents of the University of California
*
* NAC library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
@@ -109,7 +109,7 @@
.setCanBePrefix(true),
[=] (const Interest& ckInterest, const Data& ckData) {
ck->second.pendingInterest = nullopt;
- // @TODO verify if the key is legit
+ // TODO: verify that the key is legit
Name kdkPrefix, kdkIdentity, kdkKeyName;
std::tie(kdkPrefix, kdkIdentity, kdkKeyName) =
extractKdkInfoFromCkName(ckData.getName(), ckInterest.getName(), onFailure);
@@ -165,12 +165,10 @@
NDN_LOG_DEBUG("Fetching KDK " << kdkName);
- ck->second.pendingInterest = m_face.expressInterest(Interest(kdkName)
- .setMustBeFresh(true)
- .setCanBePrefix(false),
+ ck->second.pendingInterest = m_face.expressInterest(Interest(kdkName).setMustBeFresh(true),
[=] (const Interest&, const Data& kdkData) {
ck->second.pendingInterest = nullopt;
- // @TODO verify if the key is legit
+ // TODO: verify that the key is legit
bool isOk = decryptAndImportKdk(kdkData, onFailure);
if (!isOk)
@@ -205,8 +203,7 @@
EncryptedContent content(kdkData.getContent().blockFromValue());
SafeBag safeBag(content.getPayload().blockFromValue());
- auto secret = m_keyChain.getTpm().decrypt(content.getPayloadKey().value(),
- content.getPayloadKey().value_size(),
+ auto secret = m_keyChain.getTpm().decrypt(content.getPayloadKey().value_bytes(),
m_credentialsKey.getName());
if (secret == nullptr) {
onFailure(ErrorCode::TpmKeyNotFound,
@@ -233,8 +230,7 @@
EncryptedContent content(ckData.getContent().blockFromValue());
- auto ckBits = m_internalKeyChain.getTpm().decrypt(content.getPayload().value(), content.getPayload().value_size(),
- kdkKeyName);
+ auto ckBits = m_internalKeyChain.getTpm().decrypt(content.getPayload().value_bytes(), kdkKeyName);
if (ckBits == nullptr) {
onFailure(ErrorCode::TpmKeyNotFound, "Could not decrypt secret, " + kdkKeyName.toUri() + " not found in TPM");
return;
@@ -259,11 +255,10 @@
}
OBufferStream os;
- security::transform::bufferSource(content.getPayload().value(), content.getPayload().value_size())
+ security::transform::bufferSource(content.getPayload().value_bytes())
>> security::transform::blockCipher(BlockCipherAlgorithm::AES_CBC,
CipherOperator::DECRYPT,
- ckBits.data(), ckBits.size(),
- content.getIv().value(), content.getIv().value_size())
+ ckBits, content.getIv().value_bytes())
>> security::transform::streamSink(os);
onSuccess(os.buf());
diff --git a/src/encrypted-content.cpp b/src/encrypted-content.cpp
index 4bc3d44..beaeda5 100644
--- a/src/encrypted-content.cpp
+++ b/src/encrypted-content.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2020, Regents of the University of California
+ * Copyright (c) 2014-2022, Regents of the University of California
*
* NAC library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
@@ -26,7 +26,6 @@
namespace ndn {
namespace nac {
-BOOST_CONCEPT_ASSERT((boost::EqualityComparable<EncryptedContent>));
BOOST_CONCEPT_ASSERT((WireEncodable<EncryptedContent>));
BOOST_CONCEPT_ASSERT((WireDecodable<EncryptedContent>));
static_assert(std::is_base_of<ndn::tlv::Error, EncryptedContent::Error>::value,
@@ -42,7 +41,7 @@
{
m_wire.reset();
if (payload.type() != tlv::EncryptedPayload) {
- m_payload = Block(tlv::EncryptedPayload, std::move(payload));
+ m_payload = Block(tlv::EncryptedPayload, payload);
}
else {
m_payload = std::move(payload);
@@ -63,7 +62,7 @@
{
m_wire.reset();
if (iv.type() != tlv::InitializationVector) {
- m_iv = Block(tlv::InitializationVector, std::move(iv));
+ m_iv = Block(tlv::InitializationVector, iv);
}
else {
m_iv = std::move(iv);
@@ -75,7 +74,7 @@
EncryptedContent::setIv(ConstBufferPtr iv)
{
m_wire.reset();
- m_iv = Block(tlv::InitializationVector, iv);
+ m_iv = Block(tlv::InitializationVector, std::move(iv));
return *this;
}
@@ -83,7 +82,7 @@
EncryptedContent::unsetIv()
{
m_wire.reset();
- m_iv = Block();
+ m_iv = {};
return *this;
}
@@ -92,7 +91,7 @@
{
m_wire.reset();
if (key.type() != tlv::EncryptedPayloadKey) {
- m_payloadKey = Block(tlv::EncryptedPayloadKey, std::move(key));
+ m_payloadKey = Block(tlv::EncryptedPayloadKey, key);
}
else {
m_payloadKey = std::move(key);
@@ -112,7 +111,7 @@
EncryptedContent::unsetPayloadKey()
{
m_wire.reset();
- m_payloadKey = Block();
+ m_payloadKey = {};
return *this;
}
@@ -128,37 +127,37 @@
EncryptedContent::unsetKeyLocator()
{
m_wire.reset();
- m_keyLocator = Name();
+ m_keyLocator = {};
return *this;
}
template<encoding::Tag TAG>
size_t
-EncryptedContent::wireEncode(EncodingImpl<TAG>& block) const
+EncryptedContent::wireEncode(EncodingImpl<TAG>& encoder) const
{
size_t totalLength = 0;
if (hasKeyLocator()) {
- totalLength += m_keyLocator.wireEncode(block);
+ totalLength += m_keyLocator.wireEncode(encoder);
}
if (hasPayloadKey()) {
- totalLength += block.prependBlock(m_payloadKey);
+ totalLength += prependBlock(encoder, m_payloadKey);
}
if (hasIv()) {
- totalLength += block.prependBlock(m_iv);
+ totalLength += prependBlock(encoder, m_iv);
}
if (m_payload.isValid()) {
- totalLength += block.prependBlock(m_payload);
+ totalLength += prependBlock(encoder, m_payload);
}
else {
NDN_THROW(Error("Required EncryptedPayload is not set on EncryptedContent"));
}
- totalLength += block.prependVarNumber(totalLength);
- totalLength += block.prependVarNumber(tlv::EncryptedContent);
+ totalLength += encoder.prependVarNumber(totalLength);
+ totalLength += encoder.prependVarNumber(tlv::EncryptedContent);
return totalLength;
}
@@ -221,11 +220,5 @@
}
}
-bool
-EncryptedContent::operator==(const EncryptedContent& rhs) const
-{
- return wireEncode() == rhs.wireEncode();
-}
-
} // namespace nac
} // namespace ndn
diff --git a/src/encrypted-content.hpp b/src/encrypted-content.hpp
index 0f014c7..5ba0ab1 100644
--- a/src/encrypted-content.hpp
+++ b/src/encrypted-content.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2020, Regents of the University of California
+ * Copyright (c) 2014-2022, Regents of the University of California
*
* NAC library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
@@ -139,16 +139,6 @@
void
wireDecode(const Block& wire);
-public:
- bool
- operator==(const EncryptedContent& rhs) const;
-
- bool
- operator!=(const EncryptedContent& rhs) const
- {
- return !(*this == rhs);
- }
-
private:
Block m_iv;
Block m_payload;
diff --git a/src/encryptor.cpp b/src/encryptor.cpp
index 5059eba..b35a744 100644
--- a/src/encryptor.cpp
+++ b/src/encryptor.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2020, Regents of the University of California
+ * Copyright (c) 2014-2022, Regents of the University of California
*
* NAC library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
@@ -100,7 +100,7 @@
.append(CK)
.appendVersion(); // version = ID of CK
NDN_LOG_DEBUG("Generating new CK: " << m_ckName);
- random::generateSecureBytes(m_ckBits.data(), m_ckBits.size());
+ random::generateSecureBytes(m_ckBits);
// one implication: if CK updated before KEK fetched, KDK for the old CK will not be published
if (!m_kek) {
@@ -112,17 +112,17 @@
}
EncryptedContent
-Encryptor::encrypt(const uint8_t* data, size_t size)
+Encryptor::encrypt(span<const uint8_t> data)
{
// Generate IV
auto iv = make_shared<Buffer>(AES_IV_SIZE);
- random::generateSecureBytes(iv->data(), iv->size());
+ random::generateSecureBytes(*iv);
OBufferStream os;
- security::transform::bufferSource(data, size)
+ security::transform::bufferSource(data)
>> security::transform::blockCipher(BlockCipherAlgorithm::AES_CBC,
CipherOperator::ENCRYPT,
- m_ckBits.data(), m_ckBits.size(), iv->data(), iv->size())
+ m_ckBits, *iv)
>> security::transform::streamSink(os);
EncryptedContent content;
@@ -185,10 +185,10 @@
{
try {
PublicKey kek;
- kek.loadPkcs8(m_kek->getContent().value(), m_kek->getContent().value_size());
+ kek.loadPkcs8(m_kek->getContent().value_bytes());
EncryptedContent content;
- content.setPayload(kek.encrypt(m_ckBits.data(), m_ckBits.size()));
+ content.setPayload(kek.encrypt(m_ckBits));
auto ckData = make_shared<Data>(Name(m_ckName).append(ENCRYPTED_BY).append(m_kek->getName()));
ckData->setContent(content.wireEncode());
diff --git a/src/encryptor.hpp b/src/encryptor.hpp
index 9656674..1b177eb 100644
--- a/src/encryptor.hpp
+++ b/src/encryptor.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2019, Regents of the University of California
+ * Copyright (c) 2014-2022, Regents of the University of California
*
* NAC library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
@@ -56,7 +56,7 @@
~Encryptor();
/**
- * Synchronously encrypt supplied data
+ * @brief Synchronously encrypt supplied data
*
* If KEK has not been fetched already, this method will trigger async fetching of it.
* After KEK successfully fetched, CK data will be automatically published.
@@ -72,7 +72,7 @@
* @return Encrypted content
*/
EncryptedContent
- encrypt(const uint8_t* data, size_t size);
+ encrypt(span<const uint8_t> data);
/**
* @brief Create a new content key and publish the corresponding CK data
@@ -84,8 +84,8 @@
regenerateCk();
public: // accessor interface for published data packets
-
- /** @return{ number of packets stored in in-memory storage }
+ /**
+ * @return number of packets stored in in-memory storage
*/
size_t
size() const
@@ -93,10 +93,10 @@
return m_ims.size();
}
- /** @brief Returns begin iterator of the in-memory storage ordered by
- * name with digest
+ /**
+ * @brief Returns begin iterator of the in-memory storage ordered by name with digest
*
- * @return{ const_iterator pointing to the beginning of m_cache }
+ * @return const_iterator pointing to the beginning of m_cache
*/
InMemoryStorage::const_iterator
begin() const
@@ -104,10 +104,10 @@
return m_ims.begin();
}
- /** @brief Returns end iterator of the in-memory storage ordered by
- * name with digest
+ /**
+ * @brief Returns end iterator of the in-memory storage ordered by name with digest
*
- * @return{ const_iterator pointing to the end of m_cache }
+ * @return const_iterator pointing to the end of m_cache
*/
InMemoryStorage::const_iterator
end() const