security: Reorganizing source code to prepare for support of two version of NDN certificates
This commit also removes unused ndn_digestSha256 function and deprecates
crypto::sha256 in favor of crypto::computeSha256Digest in util/crypto.hpp.
Change-Id: I24ee50ff073a96b868633bdf2cfade412d3605f3
Refs: #3098
diff --git a/src/util/command-interest-validator.hpp b/src/util/command-interest-validator.hpp
index b7c3494..a6cd465 100644
--- a/src/util/command-interest-validator.hpp
+++ b/src/util/command-interest-validator.hpp
@@ -23,7 +23,6 @@
#define NDN_UTIL_COMMAND_INTEREST_VALIDATOR_HPP
#include "../security/validator.hpp"
-#include "../security/identity-certificate.hpp"
#include "../security/sec-rule-specific.hpp"
#include <list>
@@ -67,7 +66,7 @@
* @param certificate trusted certificate
*/
void
- addInterestRule(const std::string& regex, const IdentityCertificate& certificate);
+ addInterestRule(const std::string& regex, const security::v1::IdentityCertificate& certificate);
/**
* @brief add an Interest rule that allows a specific public key
@@ -77,7 +76,7 @@
* @param publicKey public key
*/
void
- addInterestRule(const std::string& regex, const Name& keyName, const PublicKey& publicKey);
+ addInterestRule(const std::string& regex, const Name& keyName, const security::v1::PublicKey& publicKey);
/**
* @brief add an Interest rule that allows any signer
@@ -114,7 +113,7 @@
private:
time::milliseconds m_graceInterval; //ms
- std::map<Name, PublicKey> m_trustAnchorsForInterest;
+ std::map<Name, security::v1::PublicKey> m_trustAnchorsForInterest;
std::list<SecRuleSpecific> m_trustScopeForInterest;
typedef std::map<Name, time::system_clock::TimePoint> LastTimestampMap;
@@ -123,16 +122,16 @@
inline void
CommandInterestValidator::addInterestRule(const std::string& regex,
- const IdentityCertificate& certificate)
+ const security::v1::IdentityCertificate& certificate)
{
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
+ Name keyName = security::v1::IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
addInterestRule(regex, keyName, certificate.getPublicKeyInfo());
}
inline void
CommandInterestValidator::addInterestRule(const std::string& regex,
const Name& keyName,
- const PublicKey& publicKey)
+ const security::v1::PublicKey& publicKey)
{
m_trustAnchorsForInterest[keyName] = publicKey;
shared_ptr<Regex> interestRegex = make_shared<Regex>(regex);
@@ -185,7 +184,7 @@
return onValidationFailed(interest.shared_from_this(),
"Key Locator is not a name");
- keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
+ keyName = security::v1::IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
//Check if command is in the trusted scope
bool isInScope = false;
@@ -256,7 +255,7 @@
return onValidationFailed(interest.shared_from_this(),
"No valid signature");
}
- catch (const IdentityCertificate::Error&)
+ catch (const security::v1::IdentityCertificate::Error&)
{
return onValidationFailed(interest.shared_from_this(),
"Cannot locate the signing key");
diff --git a/src/util/crypto.cpp b/src/util/crypto.cpp
index c480401..1e22c0e 100644
--- a/src/util/crypto.cpp
+++ b/src/util/crypto.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -19,52 +19,28 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#include "../common.hpp"
-
#include "crypto.hpp"
#include "../encoding/buffer-stream.hpp"
-#include "../security/cryptopp.hpp"
+
+#include "../security/v1/cryptopp.hpp"
namespace ndn {
-
-void ndn_digestSha256(const uint8_t* data, size_t dataLength, uint8_t* digest)
-{
- try
- {
- using namespace CryptoPP;
-
- CryptoPP::SHA256 hash;
- OBufferStream os;
- StringSource(data, dataLength, true,
- new HashFilter(hash, new ArraySink(digest, crypto::SHA256_DIGEST_SIZE)));
- }
- catch (CryptoPP::Exception& e)
- {
- return;
- }
-
-}
-
namespace crypto {
ConstBufferPtr
-sha256(const uint8_t* data, size_t dataLength)
+computeSha256Digest(const uint8_t* data, size_t dataLength)
{
- try
- {
- using namespace CryptoPP;
-
- SHA256 hash;
- OBufferStream os;
- StringSource(data, dataLength, true, new HashFilter(hash, new FileSink(os)));
- return os.buf();
- }
- catch (CryptoPP::Exception& e)
- {
- return ConstBufferPtr();
- }
+ try {
+ CryptoPP::SHA256 hash;
+ OBufferStream os;
+ CryptoPP::StringSource(data, dataLength, true,
+ new CryptoPP::HashFilter(hash, new CryptoPP::FileSink(os)));
+ return os.buf();
+ }
+ catch (CryptoPP::Exception& e) {
+ return ConstBufferPtr();
+ }
}
} // namespace crypto
-
} // namespace ndn
diff --git a/src/util/crypto.hpp b/src/util/crypto.hpp
index dc0a754..e406006 100644
--- a/src/util/crypto.hpp
+++ b/src/util/crypto.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -26,17 +26,6 @@
#include "../encoding/buffer.hpp"
namespace ndn {
-
-/**
- * @brief Compute the sha-256 digest of data.
- *
- * @param data Pointer to the input byte array.
- * @param dataLength The length of data.
- * @param digest A pointer to a buffer of size crypto::SHA256_DIGEST_SIZE to receive the data.
- */
-void
-ndn_digestSha256(const uint8_t* data, size_t dataLength, uint8_t* digest);
-
namespace crypto {
/// @brief number of octets in a SHA256 digest
@@ -50,7 +39,18 @@
* @return A pointer to a buffer of SHA256_DIGEST.
*/
ConstBufferPtr
-sha256(const uint8_t* data, size_t dataLength);
+computeSha256Digest(const uint8_t* data, size_t dataLength);
+
+/**
+ * @brief Compute the sha-256 digest of data.
+ *
+ * @deprecated Use computeSha256Digest function instead
+ */
+inline ConstBufferPtr
+sha256(const uint8_t* data, size_t dataLength)
+{
+ return computeSha256Digest(data, dataLength);
+}
} // namespace crypto
diff --git a/src/util/digest.hpp b/src/util/digest.hpp
index ea1538e..ce86e1d 100644
--- a/src/util/digest.hpp
+++ b/src/util/digest.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -24,7 +24,7 @@
#include "../encoding/buffer.hpp"
#include "../encoding/block.hpp"
-#include "../security/cryptopp.hpp"
+#include "../security/v1/cryptopp.hpp"
#include "concepts.hpp"
namespace ndn {
diff --git a/src/util/string-helper.cpp b/src/util/string-helper.cpp
index 16064b0..0f54e14 100644
--- a/src/util/string-helper.cpp
+++ b/src/util/string-helper.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -21,7 +21,7 @@
#include "string-helper.hpp"
#include "../encoding/buffer-stream.hpp"
-#include "../security/cryptopp.hpp"
+#include "../security/v1/cryptopp.hpp"
#include <sstream>
#include <iomanip>