security: convert more functions to span
Update span-lite to commit 2962cb925c2323b936e4d5f366d2cddfb1b8dc68
and enable the initializer_list constructor.
Change-Id: Ie679315fe2dd69a8b9760c3b7dd47e97fcdc04c2
diff --git a/ndn-cxx/detail/nonstd/span-lite.hpp b/ndn-cxx/detail/nonstd/span-lite.hpp
index 5e611ce..17f87c8 100644
--- a/ndn-cxx/detail/nonstd/span-lite.hpp
+++ b/ndn-cxx/detail/nonstd/span-lite.hpp
@@ -60,6 +60,10 @@
// span configuration (features):
+#ifndef span_FEATURE_WITH_INITIALIZER_LIST_P2447
+# define span_FEATURE_WITH_INITIALIZER_LIST_P2447 0
+#endif
+
#ifndef span_FEATURE_WITH_CONTAINER
#ifdef span_FEATURE_WITH_CONTAINER_TO_STD
# define span_FEATURE_WITH_CONTAINER span_IN_STD( span_FEATURE_WITH_CONTAINER_TO_STD )
@@ -1058,6 +1062,50 @@
{}
#endif
+#if span_FEATURE( WITH_INITIALIZER_LIST_P2447 ) && span_HAVE( INITIALIZER_LIST )
+
+ // constexpr explicit(extent != dynamic_extent) span(std::initializer_list<value_type> il) noexcept;
+
+#if !span_BETWEEN( span_COMPILER_MSVC_VERSION, 120, 130 )
+
+#if span_COMPILER_GNUC_VERSION >= 900
+# pragma GCC diagnostic push
+# pragma GCC diagnostic ignored "-Winit-list-lifetime"
+#endif
+ template< extent_t U = Extent
+ span_REQUIRES_T((
+ U != dynamic_extent
+ ))
+ >
+ span_constexpr explicit span( std::initializer_list<value_type> il ) span_noexcept
+ : data_( il.begin() )
+ , size_( il.size() )
+ {}
+#if span_COMPILER_GNUC_VERSION >= 900
+# pragma GCC diagnostic pop
+#endif
+
+#endif // MSVC 120 (VS2013)
+
+#if span_COMPILER_GNUC_VERSION >= 900
+# pragma GCC diagnostic push
+# pragma GCC diagnostic ignored "-Winit-list-lifetime"
+#endif
+ template< extent_t U = Extent
+ span_REQUIRES_T((
+ U == dynamic_extent
+ ))
+ >
+ span_constexpr /*explicit*/ span( std::initializer_list<value_type> il ) span_noexcept
+ : data_( il.begin() )
+ , size_( il.size() )
+ {}
+#if span_COMPILER_GNUC_VERSION >= 900
+# pragma GCC diagnostic pop
+#endif
+
+#endif // P2447
+
#if span_HAVE( IS_DEFAULT )
span_constexpr span( span const & other ) span_noexcept = default;
@@ -1587,6 +1635,17 @@
#endif // span_HAVE( ARRAY )
+#if span_USES_STD_SPAN || span_HAVE( INITIALIZER_LIST )
+
+template< class T >
+inline span_constexpr span< const T >
+make_span( std::initializer_list<T> il ) span_noexcept
+{
+ return span<const T>( il.begin(), il.size() );
+}
+
+#endif // span_HAVE( INITIALIZER_LIST )
+
#if span_USES_STD_SPAN
template< class Container, class EP = decltype( std::data(std::declval<Container&>())) >
diff --git a/ndn-cxx/metadata-object.cpp b/ndn-cxx/metadata-object.cpp
index e5da47c..b764aba 100644
--- a/ndn-cxx/metadata-object.cpp
+++ b/ndn-cxx/metadata-object.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -81,8 +81,7 @@
const name::Component&
MetadataObject::getKeywordComponent()
{
- static const name::Component nc(tlv::KeywordNameComponent,
- std::array<uint8_t, 8>({'m', 'e', 't', 'a', 'd', 'a', 't', 'a'}));
+ static const name::Component nc(tlv::KeywordNameComponent, {'m', 'e', 't', 'a', 'd', 'a', 't', 'a'});
return nc;
}
diff --git a/ndn-cxx/prefix-announcement.cpp b/ndn-cxx/prefix-announcement.cpp
index cfad221..d5a0049 100644
--- a/ndn-cxx/prefix-announcement.cpp
+++ b/ndn-cxx/prefix-announcement.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -122,7 +122,7 @@
const name::Component&
PrefixAnnouncement::getKeywordComponent()
{
- static const name::Component nc(tlv::KeywordNameComponent, std::array<uint8_t, 2>({'P', 'A'}));
+ static const name::Component nc(tlv::KeywordNameComponent, {'P', 'A'});
return nc;
}
diff --git a/ndn-cxx/security/key-chain.cpp b/ndn-cxx/security/key-chain.cpp
index 9c98c64..1c649dc 100644
--- a/ndn-cxx/security/key-chain.cpp
+++ b/ndn-cxx/security/key-chain.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -263,8 +263,7 @@
Name keyName = m_tpm->createKey(identity.getName(), params);
// set up key info in PIB
- ConstBufferPtr pubKey = m_tpm->getPublicKey(keyName);
- Key key = identity.addKey(pubKey->data(), pubKey->size(), keyName);
+ Key key = identity.addKey(*m_tpm->getPublicKey(keyName), keyName);
NDN_LOG_DEBUG("Requesting self-signing for newly created key " << key.getName());
selfSign(key);
@@ -397,7 +396,7 @@
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
ConstBufferPtr sigBits;
try {
- sigBits = m_tpm->sign(content, 4, keyName, DigestAlgorithm::SHA256);
+ sigBits = m_tpm->sign({content}, keyName, DigestAlgorithm::SHA256);
}
catch (const std::runtime_error&) {
m_tpm->deleteKey(keyName);
@@ -408,8 +407,7 @@
using namespace transform;
PublicKey publicKey;
publicKey.loadPkcs8(publicKeyBits);
- bufferSource(content) >> verifierFilter(DigestAlgorithm::SHA256, publicKey,
- sigBits->data(), sigBits->size())
+ bufferSource(content) >> verifierFilter(DigestAlgorithm::SHA256, publicKey, *sigBits)
>> boolSink(isVerified);
}
if (!isVerified) {
@@ -419,7 +417,7 @@
}
Identity id = m_pib->addIdentity(identity);
- Key key = id.addKey(cert.getPublicKey().data(), cert.getPublicKey().size(), keyName);
+ Key key = id.addKey(cert.getPublicKey(), keyName);
key.addCertificate(cert);
}
diff --git a/ndn-cxx/security/pib/identity.cpp b/ndn-cxx/security/pib/identity.cpp
index 3b972b1..8776ad2 100644
--- a/ndn-cxx/security/pib/identity.cpp
+++ b/ndn-cxx/security/pib/identity.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -40,9 +40,9 @@
}
Key
-Identity::addKey(const uint8_t* key, size_t keyLen, const Name& keyName) const
+Identity::addKey(span<const uint8_t> key, const Name& keyName) const
{
- return lock()->addKey({key, keyLen}, keyName);
+ return lock()->addKey(key, keyName);
}
void
@@ -70,9 +70,9 @@
}
const Key&
-Identity::setDefaultKey(const uint8_t* key, size_t keyLen, const Name& keyName) const
+Identity::setDefaultKey(span<const uint8_t> key, const Name& keyName) const
{
- return lock()->setDefaultKey({key, keyLen}, keyName);
+ return lock()->setDefaultKey(key, keyName);
}
const Key&
diff --git a/ndn-cxx/security/pib/identity.hpp b/ndn-cxx/security/pib/identity.hpp
index 5ab5aa1..d39d161 100644
--- a/ndn-cxx/security/pib/identity.hpp
+++ b/ndn-cxx/security/pib/identity.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -110,14 +110,14 @@
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE: // write operations should be private
/**
- * @brief Add a @p key of @p keyLen bytes (in PKCS#8 format) with @p keyName.
- * @return the handle of added key
+ * @brief Add @p key (in PKCS#8 format) with name @p keyName.
+ * @return Handle of the added key.
* @throw std::invalid_argument key name does not match identity
*
* If a key with the same name already exists, overwrite the key.
*/
Key
- addKey(const uint8_t* key, size_t keyLen, const Name& keyName) const;
+ addKey(span<const uint8_t> key, const Name& keyName) const;
/**
* @brief Remove a key with @p keyName
@@ -127,22 +127,22 @@
removeKey(const Name& keyName) const;
/**
- * @brief Set an existing key with @p keyName as the default key.
- * @throw std::invalid_argument @p keyName does not match identity
+ * @brief Set an existing key with name @p keyName as the default key.
+ * @return The default key.
+ * @throw std::invalid_argument @p keyName does not match identity.
* @throw Pib::Error the key does not exist.
- * @return The default key
*/
const Key&
setDefaultKey(const Name& keyName) const;
/**
- * @brief Add a @p key of @p keyLen bytes with @p keyName and set it as the default key
- * @throw std::invalid_argument @p keyName does not match identity
+ * @brief Add @p key with name @p keyName and set it as the default key.
+ * @return The default key.
+ * @throw std::invalid_argument @p keyName does not match identity.
* @throw Pib::Error the key with the same name already exists.
- * @return the default key
*/
const Key&
- setDefaultKey(const uint8_t* key, size_t keyLen, const Name& keyName) const;
+ setDefaultKey(span<const uint8_t> key, const Name& keyName) const;
private:
/**
diff --git a/ndn-cxx/security/tpm/impl/key-handle-mem.cpp b/ndn-cxx/security/tpm/impl/key-handle-mem.cpp
index 12f6c54..9a801e3 100644
--- a/ndn-cxx/security/tpm/impl/key-handle-mem.cpp
+++ b/ndn-cxx/security/tpm/impl/key-handle-mem.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -55,7 +55,7 @@
using namespace transform;
bool result = false;
- bufferSource(bufs) >> verifierFilter(digestAlgo, *m_key, sig.data(), sig.size())
+ bufferSource(bufs) >> verifierFilter(digestAlgo, *m_key, sig)
>> boolSink(result);
return result;
}
diff --git a/ndn-cxx/security/tpm/tpm.cpp b/ndn-cxx/security/tpm/tpm.cpp
index 7966ee0..9722adf 100644
--- a/ndn-cxx/security/tpm/tpm.cpp
+++ b/ndn-cxx/security/tpm/tpm.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -73,49 +73,32 @@
Tpm::getPublicKey(const Name& keyName) const
{
const KeyHandle* key = findKey(keyName);
-
- if (key == nullptr)
- return nullptr;
- else
- return key->derivePublicKey();
+ return key ? key->derivePublicKey() : nullptr;
}
ConstBufferPtr
Tpm::sign(const InputBuffers& bufs, const Name& keyName, DigestAlgorithm digestAlgorithm) const
{
const KeyHandle* key = findKey(keyName);
-
- if (key == nullptr) {
- return nullptr;
- }
- else {
- return key->sign(digestAlgorithm, bufs);
- }
+ return key ? key->sign(digestAlgorithm, bufs) : nullptr;
}
boost::logic::tribool
-Tpm::verify(const InputBuffers& bufs, const uint8_t* sig, size_t sigLen, const Name& keyName,
+Tpm::verify(const InputBuffers& bufs, span<const uint8_t> sig, const Name& keyName,
DigestAlgorithm digestAlgorithm) const
{
const KeyHandle* key = findKey(keyName);
-
- if (key == nullptr) {
+ if (key == nullptr)
return boost::logic::indeterminate;
- }
- else {
- return key->verify(digestAlgorithm, bufs, {sig, sigLen});
- }
+
+ return key->verify(digestAlgorithm, bufs, sig);
}
ConstBufferPtr
-Tpm::decrypt(const uint8_t* buf, size_t size, const Name& keyName) const
+Tpm::decrypt(span<const uint8_t> buf, const Name& keyName) const
{
const KeyHandle* key = findKey(keyName);
-
- if (key == nullptr)
- return nullptr;
- else
- return key->decrypt({buf, size});
+ return key ? key->decrypt(buf) : nullptr;
}
bool
diff --git a/ndn-cxx/security/tpm/tpm.hpp b/ndn-cxx/security/tpm/tpm.hpp
index b6b02f2..61848ce 100644
--- a/ndn-cxx/security/tpm/tpm.hpp
+++ b/ndn-cxx/security/tpm/tpm.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -105,9 +105,10 @@
/**
* @brief Sign blob using the key with name @p keyName and using the digest @p digestAlgorithm.
- *
+ * @deprecated
* @return The signature, or nullptr if the key does not exist.
*/
+ [[deprecated("use the overload that takes InputBuffers")]]
ConstBufferPtr
sign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const
{
@@ -122,22 +123,23 @@
* @retval false the signature is not valid
* @retval indeterminate the key does not exist
*/
- boost::logic::tribool
- verify(const InputBuffers& bufs, const uint8_t* sig, size_t sigLen, const Name& keyName,
+ NDN_CXX_NODISCARD boost::logic::tribool
+ verify(const InputBuffers& bufs, span<const uint8_t> sig, const Name& keyName,
DigestAlgorithm digestAlgorithm) const;
/**
* @brief Verify blob using the key with name @p keyName and using the digest @p digestAlgorithm.
- *
+ * @deprecated
* @retval true the signature is valid
* @retval false the signature is not valid
* @retval indeterminate the key does not exist
*/
+ [[deprecated("use the overload that takes InputBuffers and span")]]
boost::logic::tribool
verify(const uint8_t* buf, size_t bufLen, const uint8_t* sig, size_t sigLen,
const Name& keyName, DigestAlgorithm digestAlgorithm) const
{
- return verify({{buf, bufLen}}, sig, sigLen, keyName, digestAlgorithm);
+ return verify({{buf, bufLen}}, {sig, sigLen}, keyName, digestAlgorithm);
}
/**
@@ -146,7 +148,19 @@
* @return The decrypted data, or nullptr if the key does not exist.
*/
ConstBufferPtr
- decrypt(const uint8_t* buf, size_t size, const Name& keyName) const;
+ decrypt(span<const uint8_t> buf, const Name& keyName) const;
+
+ /**
+ * @brief Decrypt blob using the key with name @p keyName.
+ * @deprecated
+ * @return The decrypted data, or nullptr if the key does not exist.
+ */
+ [[deprecated("use the overload that takes a span<>")]]
+ ConstBufferPtr
+ decrypt(const uint8_t* buf, size_t size, const Name& keyName) const
+ {
+ return decrypt({buf, size}, keyName);
+ }
public: // Management
/**
diff --git a/ndn-cxx/security/transform/block-cipher.cpp b/ndn-cxx/security/transform/block-cipher.cpp
index ec3be08..1857776 100644
--- a/ndn-cxx/security/transform/block-cipher.cpp
+++ b/ndn-cxx/security/transform/block-cipher.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -50,13 +50,12 @@
BlockCipher::BlockCipher(BlockCipherAlgorithm algo, CipherOperator op,
- const uint8_t* key, size_t keyLen,
- const uint8_t* iv, size_t ivLen)
+ span<const uint8_t> key, span<const uint8_t> iv)
: m_impl(make_unique<Impl>())
{
switch (algo) {
case BlockCipherAlgorithm::AES_CBC:
- initializeAesCbc(key, keyLen, iv, ivLen, op);
+ initializeAesCbc(key, iv, op);
break;
default:
NDN_THROW(Error(getIndex(), "Unsupported block cipher algorithm " +
@@ -131,11 +130,10 @@
}
void
-BlockCipher::initializeAesCbc(const uint8_t* key, size_t keyLen,
- const uint8_t* iv, size_t ivLen, CipherOperator op)
+BlockCipher::initializeAesCbc(span<const uint8_t> key, span<const uint8_t> iv, CipherOperator op)
{
const EVP_CIPHER* cipherType = nullptr;
- switch (keyLen) {
+ switch (key.size()) {
case 16:
cipherType = EVP_aes_128_cbc();
break;
@@ -146,22 +144,22 @@
cipherType = EVP_aes_256_cbc();
break;
default:
- NDN_THROW(Error(getIndex(), "Unsupported key length " + to_string(keyLen)));
+ NDN_THROW(Error(getIndex(), "Unsupported key length " + to_string(key.size())));
}
- size_t requiredIvLen = static_cast<size_t>(EVP_CIPHER_iv_length(cipherType));
- if (ivLen != requiredIvLen)
+ auto requiredIvLen = static_cast<size_t>(EVP_CIPHER_iv_length(cipherType));
+ if (iv.size() != requiredIvLen)
NDN_THROW(Error(getIndex(), "IV length must be " + to_string(requiredIvLen)));
- BIO_set_cipher(m_impl->m_cipher, cipherType, key, iv, op == CipherOperator::ENCRYPT ? 1 : 0);
+ BIO_set_cipher(m_impl->m_cipher, cipherType, key.data(), iv.data(),
+ op == CipherOperator::ENCRYPT ? 1 : 0);
}
unique_ptr<Transform>
blockCipher(BlockCipherAlgorithm algo, CipherOperator op,
- const uint8_t* key, size_t keyLen,
- const uint8_t* iv, size_t ivLen)
+ span<const uint8_t> key, span<const uint8_t> iv)
{
- return make_unique<BlockCipher>(algo, op, key, keyLen, iv, ivLen);
+ return make_unique<BlockCipher>(algo, op, key, iv);
}
} // namespace transform
diff --git a/ndn-cxx/security/transform/block-cipher.hpp b/ndn-cxx/security/transform/block-cipher.hpp
index 9834f47..18ca402 100644
--- a/ndn-cxx/security/transform/block-cipher.hpp
+++ b/ndn-cxx/security/transform/block-cipher.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -39,18 +39,15 @@
{
public:
/**
- * @brief Create a block cipher
+ * @brief Create a block cipher.
*
- * @param algo The block cipher algorithm to use.
- * @param op Whether to encrypt or decrypt.
- * @param key Pointer to the key.
- * @param keyLen Size of the key.
- * @param iv Pointer to the initialization vector.
- * @param ivLen Length of the initialization vector.
+ * @param algo The block cipher algorithm to use.
+ * @param op The operation to perform (encrypt or decrypt).
+ * @param key The symmetric key.
+ * @param iv The initialization vector.
*/
BlockCipher(BlockCipherAlgorithm algo, CipherOperator op,
- const uint8_t* key, size_t keyLen,
- const uint8_t* iv, size_t ivLen);
+ span<const uint8_t> key, span<const uint8_t> iv);
~BlockCipher() final;
@@ -89,8 +86,7 @@
private:
void
- initializeAesCbc(const uint8_t* key, size_t keyLen,
- const uint8_t* iv, size_t ivLen, CipherOperator op);
+ initializeAesCbc(span<const uint8_t> key, span<const uint8_t> iv, CipherOperator op);
private:
class Impl;
@@ -99,8 +95,16 @@
unique_ptr<Transform>
blockCipher(BlockCipherAlgorithm algo, CipherOperator op,
+ span<const uint8_t> key, span<const uint8_t> iv);
+
+[[deprecated("use the overload that takes span<>")]]
+inline unique_ptr<Transform>
+blockCipher(BlockCipherAlgorithm algo, CipherOperator op,
const uint8_t* key, size_t keyLen,
- const uint8_t* iv, size_t ivLen);
+ const uint8_t* iv, size_t ivLen)
+{
+ return blockCipher(algo, op, {key, keyLen}, {iv, ivLen});
+}
} // namespace transform
} // namespace security
diff --git a/ndn-cxx/security/transform/private-key.cpp b/ndn-cxx/security/transform/private-key.cpp
index d0300a1..63e3854 100644
--- a/ndn-cxx/security/transform/private-key.cpp
+++ b/ndn-cxx/security/transform/private-key.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -175,7 +175,7 @@
NDN_THROW(Error("Failed to load private key"));
#if OPENSSL_VERSION_NUMBER < 0x1010100fL
- m_impl->keySize = size * 8;
+ m_impl->keySize = buf.size() * 8;
#endif
}
diff --git a/ndn-cxx/security/transform/verifier-filter.cpp b/ndn-cxx/security/transform/verifier-filter.cpp
index a78c403..4d4c6f0 100644
--- a/ndn-cxx/security/transform/verifier-filter.cpp
+++ b/ndn-cxx/security/transform/verifier-filter.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -33,30 +33,27 @@
class VerifierFilter::Impl
{
public:
- Impl(const uint8_t* sig, size_t siglen)
+ explicit
+ Impl(span<const uint8_t> sig)
: sig(sig)
- , siglen(siglen)
{
}
public:
detail::EvpMdCtx ctx;
- const uint8_t* sig;
- size_t siglen;
+ span<const uint8_t> sig;
};
-VerifierFilter::VerifierFilter(DigestAlgorithm algo, const PublicKey& key,
- const uint8_t* sig, size_t sigLen)
- : m_impl(make_unique<Impl>(sig, sigLen))
+VerifierFilter::VerifierFilter(DigestAlgorithm algo, const PublicKey& key, span<const uint8_t> sig)
+ : m_impl(make_unique<Impl>(sig))
, m_keyType(key.getKeyType())
{
init(algo, key.getEvpPkey());
}
-VerifierFilter::VerifierFilter(DigestAlgorithm algo, const PrivateKey& key,
- const uint8_t* sig, size_t sigLen)
- : m_impl(make_unique<Impl>(sig, sigLen))
+VerifierFilter::VerifierFilter(DigestAlgorithm algo, const PrivateKey& key, span<const uint8_t> sig)
+ : m_impl(make_unique<Impl>(sig))
, m_keyType(key.getKeyType())
{
if (m_keyType != KeyType::HMAC)
@@ -113,10 +110,10 @@
if (EVP_DigestSignFinal(m_impl->ctx, hmacBuf->data(), &hmacLen) != 1)
NDN_THROW(Error(getIndex(), "Failed to finalize HMAC"));
- ok = CRYPTO_memcmp(hmacBuf->data(), m_impl->sig, std::min(hmacLen, m_impl->siglen)) == 0;
+ ok = CRYPTO_memcmp(hmacBuf->data(), m_impl->sig.data(), std::min(hmacLen, m_impl->sig.size())) == 0;
}
else {
- ok = EVP_DigestVerifyFinal(m_impl->ctx, m_impl->sig, m_impl->siglen) == 1;
+ ok = EVP_DigestVerifyFinal(m_impl->ctx, m_impl->sig.data(), m_impl->sig.size()) == 1;
}
auto buffer = make_unique<OBuffer>(1);
@@ -127,15 +124,15 @@
}
unique_ptr<Transform>
-verifierFilter(DigestAlgorithm algo, const PublicKey& key, const uint8_t* sig, size_t sigLen)
+verifierFilter(DigestAlgorithm algo, const PublicKey& key, span<const uint8_t> sig)
{
- return make_unique<VerifierFilter>(algo, key, sig, sigLen);
+ return make_unique<VerifierFilter>(algo, key, sig);
}
unique_ptr<Transform>
-verifierFilter(DigestAlgorithm algo, const PrivateKey& key, const uint8_t* sig, size_t sigLen)
+verifierFilter(DigestAlgorithm algo, const PrivateKey& key, span<const uint8_t> sig)
{
- return make_unique<VerifierFilter>(algo, key, sig, sigLen);
+ return make_unique<VerifierFilter>(algo, key, sig);
}
} // namespace transform
diff --git a/ndn-cxx/security/transform/verifier-filter.hpp b/ndn-cxx/security/transform/verifier-filter.hpp
index 7a64f47..d5072f6 100644
--- a/ndn-cxx/security/transform/verifier-filter.hpp
+++ b/ndn-cxx/security/transform/verifier-filter.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -43,12 +43,12 @@
/**
* @brief Create a verifier module to verify signature @p sig using algorithm @p algo and public key @p key
*/
- VerifierFilter(DigestAlgorithm algo, const PublicKey& key, const uint8_t* sig, size_t sigLen);
+ VerifierFilter(DigestAlgorithm algo, const PublicKey& key, span<const uint8_t> sig);
/**
* @brief Create a verifier module to verify signature @p sig using algorithm @p algo and HMAC key @p key
*/
- VerifierFilter(DigestAlgorithm algo, const PrivateKey& key, const uint8_t* sig, size_t sigLen);
+ VerifierFilter(DigestAlgorithm algo, const PrivateKey& key, span<const uint8_t> sig);
~VerifierFilter() final;
@@ -78,10 +78,10 @@
};
unique_ptr<Transform>
-verifierFilter(DigestAlgorithm algo, const PublicKey& key, const uint8_t* sig, size_t sigLen);
+verifierFilter(DigestAlgorithm algo, const PublicKey& key, span<const uint8_t> sig);
unique_ptr<Transform>
-verifierFilter(DigestAlgorithm algo, const PrivateKey& key, const uint8_t* sig, size_t sigLen);
+verifierFilter(DigestAlgorithm algo, const PrivateKey& key, span<const uint8_t> sig);
} // namespace transform
} // namespace security
diff --git a/ndn-cxx/security/verification-helpers.cpp b/ndn-cxx/security/verification-helpers.cpp
index b996aae..2a8cd29 100644
--- a/ndn-cxx/security/verification-helpers.cpp
+++ b/ndn-cxx/security/verification-helpers.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -61,13 +61,12 @@
} // namespace
bool
-verifySignature(const InputBuffers& blobs, const uint8_t* sig, size_t sigLen,
- const transform::PublicKey& key)
+verifySignature(const InputBuffers& blobs, span<const uint8_t> sig, const transform::PublicKey& key)
{
bool result = false;
try {
using namespace transform;
- bufferSource(blobs) >> verifierFilter(DigestAlgorithm::SHA256, key, sig, sigLen)
+ bufferSource(blobs) >> verifierFilter(DigestAlgorithm::SHA256, key, sig)
>> boolSink(result);
}
catch (const transform::Error&) {
@@ -78,18 +77,17 @@
}
bool
-verifySignature(const InputBuffers& blobs, const uint8_t* sig, size_t sigLen,
- const uint8_t* key, size_t keyLen)
+verifySignature(const InputBuffers& blobs, span<const uint8_t> sig, span<const uint8_t> key)
{
transform::PublicKey pKey;
try {
- pKey.loadPkcs8({key, keyLen});
+ pKey.loadPkcs8(key);
}
catch (const transform::Error&) {
return false;
}
- return verifySignature(blobs, sig, sigLen, pKey);
+ return verifySignature(blobs, sig, pKey);
}
static ParseResult
@@ -143,22 +141,20 @@
static bool
verifySignature(const ParseResult& params, const transform::PublicKey& key)
{
- return !params.bufs.empty() && verifySignature(params.bufs, params.sig.data(), params.sig.size(), key);
+ return !params.bufs.empty() && verifySignature(params.bufs, params.sig, key);
}
static bool
verifySignature(const ParseResult& params, span<const uint8_t> key)
{
- return !params.bufs.empty() && verifySignature(params.bufs, params.sig.data(), params.sig.size(),
- key.data(), key.size());
+ return !params.bufs.empty() && verifySignature(params.bufs, params.sig, key);
}
static bool
verifySignature(const ParseResult& params, const tpm::Tpm& tpm, const Name& keyName,
DigestAlgorithm digestAlgorithm)
{
- return !params.bufs.empty() && bool(tpm.verify(params.bufs, params.sig.data(), params.sig.size(),
- keyName, digestAlgorithm));
+ return !params.bufs.empty() && bool(tpm.verify(params.bufs, params.sig, keyName, digestAlgorithm));
}
static bool
@@ -187,15 +183,15 @@
}
bool
-verifySignature(const Data& data, const uint8_t* key, size_t keyLen)
+verifySignature(const Data& data, span<const uint8_t> key)
{
- return verifySignature(parse(data), make_span(key, keyLen));
+ return verifySignature(parse(data), key);
}
bool
-verifySignature(const Interest& interest, const uint8_t* key, size_t keyLen)
+verifySignature(const Interest& interest, span<const uint8_t> key)
{
- return verifySignature(parse(interest), make_span(key, keyLen));
+ return verifySignature(parse(interest), key);
}
bool
@@ -227,7 +223,7 @@
{
auto parsed = parse(data);
if (cert) {
- return verifySignature(parsed, make_span(cert->getContent().value(), cert->getContent().value_size()));
+ return verifySignature(parsed, {cert->getContent().value(), cert->getContent().value_size()});
}
else if (parsed.info.getSignatureType() == tlv::SignatureTypeValue::DigestSha256) {
return verifyDigest(parsed, DigestAlgorithm::SHA256);
@@ -243,7 +239,7 @@
{
auto parsed = parse(interest);
if (cert) {
- return verifySignature(parsed, make_span(cert->getContent().value(), cert->getContent().value_size()));
+ return verifySignature(parsed, {cert->getContent().value(), cert->getContent().value_size()});
}
else if (parsed.info.getSignatureType() == tlv::SignatureTypeValue::DigestSha256) {
return verifyDigest(parsed, DigestAlgorithm::SHA256);
diff --git a/ndn-cxx/security/verification-helpers.hpp b/ndn-cxx/security/verification-helpers.hpp
index 7c32265..7d5f042 100644
--- a/ndn-cxx/security/verification-helpers.hpp
+++ b/ndn-cxx/security/verification-helpers.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -51,57 +51,67 @@
/**
* @brief Verify @p blobs using @p key against @p sig.
*/
-bool
+NDN_CXX_NODISCARD bool
+verifySignature(const InputBuffers& blobs, span<const uint8_t> sig, const transform::PublicKey& key);
+
+/**
+ * @brief Verify @p blobs using @p key against @p sig.
+ * @deprecated
+ */
+[[deprecated("use the overload that takes a span<>")]]
+inline bool
verifySignature(const InputBuffers& blobs, const uint8_t* sig, size_t sigLen,
- const transform::PublicKey& key);
+ const transform::PublicKey& key)
+{
+ return verifySignature(blobs, {sig, sigLen}, key);
+}
/**
* @brief Verify @p blobs using @p key against @p sig.
* @note @p key must be a public key in PKCS #8 format.
*/
-bool
-verifySignature(const InputBuffers& blobs, const uint8_t* sig, size_t sigLen,
- const uint8_t* key, size_t keyLen);
+NDN_CXX_NODISCARD bool
+verifySignature(const InputBuffers& blobs, span<const uint8_t> sig, span<const uint8_t> key);
/**
* @brief Verify @p data using @p key.
* @note @p key must be a public key in PKCS #8 format.
*/
-bool
-verifySignature(const Data& data, const uint8_t* key, size_t keyLen);
+NDN_CXX_NODISCARD bool
+verifySignature(const Data& data, span<const uint8_t> key);
/**
* @brief Verify @p interest using @p key.
* @note @p key must be a public key in PKCS #8 format.
* @note This method verifies only signature of the signed interest.
*/
-bool
-verifySignature(const Interest& interest, const uint8_t* key, size_t keyLen);
+NDN_CXX_NODISCARD bool
+verifySignature(const Interest& interest, span<const uint8_t> key);
/**
* @brief Verify @p data using @p key.
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Data& data, const transform::PublicKey& key);
/**
* @brief Verify @p interest using @p key.
* @note This method verifies only signature of the signed interest.
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Interest& interest, const transform::PublicKey& key);
/**
* @brief Verify @p data using @p key.
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Data& data, const pib::Key& key);
/**
* @brief Verify @p interest using @p key.
* @note This method verifies only signature of the signed interest.
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Interest& interest, const pib::Key& key);
/**
@@ -109,7 +119,7 @@
*
* If @p cert is nullopt, @p data assumed to be self-verifiable (with digest or attributes)
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Data& data, const optional<Certificate>& cert);
/**
@@ -118,13 +128,13 @@
*
* If @p cert is nullptr, @p interest assumed to be self-verifiable (with digest or attributes)
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Interest& interest, const optional<Certificate>& cert);
/**
* @brief Verify @p data using @p tpm and @p keyName with the @p digestAlgorithm.
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Data& data, const tpm::Tpm& tpm, const Name& keyName,
DigestAlgorithm digestAlgorithm);
@@ -132,7 +142,7 @@
* @brief Verify @p interest using @p tpm and @p keyName with the @p digestAlgorithm.
* @note This method verifies only signature of the signed interest.
*/
-bool
+NDN_CXX_NODISCARD bool
verifySignature(const Interest& interest, const tpm::Tpm& tpm, const Name& keyName,
DigestAlgorithm digestAlgorithm);
diff --git a/ndn-cxx/util/span.hpp b/ndn-cxx/util/span.hpp
index a4d2ae2..c6a2a5e 100644
--- a/ndn-cxx/util/span.hpp
+++ b/ndn-cxx/util/span.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -24,10 +24,12 @@
#define span_CONFIG_SELECT_SPAN span_SPAN_NONSTD
#ifdef NDEBUG
-#define span_CONFIG_CONTRACT_LEVEL_OFF
+#define span_CONFIG_CONTRACT_LEVEL_OFF 1
#else
-#define span_CONFIG_CONTRACT_LEVEL_ON
+#define span_CONFIG_CONTRACT_LEVEL_ON 1
#endif
+#define span_FEATURE_WITH_INITIALIZER_LIST_P2447 1
+#define span_FEATURE_MEMBER_BACK_FRONT 1
#define span_FEATURE_MAKE_SPAN 1
#include "ndn-cxx/detail/nonstd/span-lite.hpp"
diff --git a/tests/unit/security/pib/identity.t.cpp b/tests/unit/security/pib/identity.t.cpp
index 4d79bbc..0198816 100644
--- a/tests/unit/security/pib/identity.t.cpp
+++ b/tests/unit/security/pib/identity.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2019 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -62,12 +62,12 @@
BOOST_CHECK_NE(identity1, Identity());
BOOST_CHECK_EQUAL(Identity(), Identity());
- identity1.addKey(id1Key1.data(), id1Key1.size(), id1Key1Name);
+ identity1.addKey(id1Key1, id1Key1Name);
BOOST_CHECK_NO_THROW(identity2.getKey(id1Key1Name));
identity2.removeKey(id1Key1Name);
BOOST_CHECK_THROW(identity1.getKey(id1Key1Name), pib::Pib::Error);
- identity1.setDefaultKey(id1Key1.data(), id1Key1.size(), id1Key1Name);
+ identity1.setDefaultKey(id1Key1, id1Key1Name);
BOOST_CHECK_NO_THROW(identity2.getDefaultKey());
}
diff --git a/tests/unit/security/pib/pib.t.cpp b/tests/unit/security/pib/pib.t.cpp
index c40cddc..bcd90f9 100644
--- a/tests/unit/security/pib/pib.t.cpp
+++ b/tests/unit/security/pib/pib.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2019 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -46,7 +46,7 @@
BOOST_CHECK(id);
BOOST_CHECK_EQUAL(!id, false);
- Key key = id.addKey(id1Key1.data(), id1Key1.size(), id1Key1Name);
+ Key key = id.addKey(id1Key1, id1Key1Name);
BOOST_CHECK(key);
BOOST_CHECK_EQUAL(!key, false);
}
diff --git a/tests/unit/security/tpm/back-end.t.cpp b/tests/unit/security/tpm/back-end.t.cpp
index 0b22d54..9101aa3 100644
--- a/tests/unit/security/tpm/back-end.t.cpp
+++ b/tests/unit/security/tpm/back-end.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -133,7 +133,7 @@
{
using namespace transform;
bufferSource(content1)
- >> verifierFilter(DigestAlgorithm::SHA256, pubKey, sigValueSingle->data(), sigValueSingle->size())
+ >> verifierFilter(DigestAlgorithm::SHA256, pubKey, *sigValueSingle)
>> boolSink(resultSingle);
}
BOOST_CHECK_EQUAL(resultSingle, true);
@@ -147,7 +147,7 @@
{
using namespace transform;
bufferSource(InputBuffers{content1, content2})
- >> verifierFilter(DigestAlgorithm::SHA256, pubKey, sigValueVector->data(), sigValueVector->size())
+ >> verifierFilter(DigestAlgorithm::SHA256, pubKey, *sigValueVector)
>> boolSink(resultVector);
}
BOOST_CHECK_EQUAL(resultVector, true);
@@ -205,7 +205,7 @@
{
using namespace transform;
bufferSource(content1)
- >> verifierFilter(DigestAlgorithm::SHA256, pubKey, sigValueSingle->data(), sigValueSingle->size())
+ >> verifierFilter(DigestAlgorithm::SHA256, pubKey, *sigValueSingle)
>> boolSink(resultSingle);
}
BOOST_CHECK_EQUAL(resultSingle, true);
@@ -219,7 +219,7 @@
{
using namespace transform;
bufferSource(InputBuffers{content1, content2})
- >> verifierFilter(DigestAlgorithm::SHA256, pubKey, sigValueVector->data(), sigValueVector->size())
+ >> verifierFilter(DigestAlgorithm::SHA256, pubKey, *sigValueVector)
>> boolSink(resultVector);
}
BOOST_CHECK_EQUAL(resultVector, true);
diff --git a/tests/unit/security/transform/block-cipher.t.cpp b/tests/unit/security/transform/block-cipher.t.cpp
index 60944ad..d8b3c3b 100644
--- a/tests/unit/security/transform/block-cipher.t.cpp
+++ b/tests/unit/security/transform/block-cipher.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -67,9 +67,9 @@
// encrypt
OBufferStream os;
- bufferSource(plainText) >>
- blockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::ENCRYPT,
- key, sizeof(key), iv, sizeof(iv)) >> streamSink(os);
+ bufferSource(plainText)
+ >> blockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::ENCRYPT, key, iv)
+ >> streamSink(os);
auto buf = os.buf();
BOOST_CHECK_EQUAL_COLLECTIONS(cipherText, cipherText + sizeof(cipherText),
@@ -77,9 +77,9 @@
// decrypt
OBufferStream os2;
- bufferSource(cipherText) >>
- blockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::DECRYPT,
- key, sizeof(key), iv, sizeof(iv)) >> streamSink(os2);
+ bufferSource(cipherText)
+ >> blockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::DECRYPT, key, iv)
+ >> streamSink(os2);
auto buf2 = os2.buf();
BOOST_CHECK_EQUAL_COLLECTIONS(plainText, plainText + sizeof(plainText),
@@ -87,19 +87,19 @@
// invalid key length
const uint8_t badKey[] = {0x00, 0x01, 0x02, 0x03};
- BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::ENCRYPT,
- badKey, sizeof(badKey), iv, sizeof(iv)), Error);
+ BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::ENCRYPT, badKey, iv),
+ Error);
// wrong iv length
const uint8_t badIv[] = {0x00, 0x01, 0x02, 0x03};
- BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::ENCRYPT,
- key, sizeof(key), badIv, sizeof(badIv)), Error);
+ BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::ENCRYPT, key, badIv),
+ Error);
}
BOOST_AUTO_TEST_CASE(InvalidAlgorithm)
{
- BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::NONE, CipherOperator::ENCRYPT,
- nullptr, 0, nullptr, 0), Error);
+ BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::NONE, CipherOperator::DECRYPT, {}, {}), Error);
+ BOOST_CHECK_THROW(BlockCipher(BlockCipherAlgorithm::NONE, CipherOperator::ENCRYPT, {}, {}), Error);
}
BOOST_AUTO_TEST_SUITE_END() // TestBlockCipher
diff --git a/tests/unit/security/transform/buffer-source.t.cpp b/tests/unit/security/transform/buffer-source.t.cpp
index 4c56591..f957282 100644
--- a/tests/unit/security/transform/buffer-source.t.cpp
+++ b/tests/unit/security/transform/buffer-source.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -76,7 +76,7 @@
std::string out3 = os3.str();
BOOST_CHECK_EQUAL_COLLECTIONS(out3.begin(), out3.end(), in3.begin(), in3.end());
- InputBuffers in4{make_span(in), {reinterpret_cast<const uint8_t*>(in2.data()), in2.size()}};
+ InputBuffers in4{{in}, {reinterpret_cast<const uint8_t*>(in2.data()), in2.size()}};
std::ostringstream os4;
bufferSource(in4) >> streamSink(os4);
std::string out4 = os4.str();
diff --git a/tests/unit/security/transform/private-key.t.cpp b/tests/unit/security/transform/private-key.t.cpp
index 87d39fe..4be078b 100644
--- a/tests/unit/security/transform/private-key.t.cpp
+++ b/tests/unit/security/transform/private-key.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -681,7 +681,7 @@
PublicKey pKey;
pKey.loadPkcs8(*pKeyBits);
BOOST_CHECK_NO_THROW(bufferSource(data) >>
- verifierFilter(DigestAlgorithm::SHA256, pKey, sig->data(), sig->size()) >>
+ verifierFilter(DigestAlgorithm::SHA256, pKey, *sig) >>
boolSink(result));
}
else {
@@ -689,7 +689,7 @@
BOOST_CHECK_THROW(sKey->derivePublicKey(), PrivateKey::Error);
#endif
BOOST_CHECK_NO_THROW(bufferSource(data) >>
- verifierFilter(DigestAlgorithm::SHA256, *sKey, sig->data(), sig->size()) >>
+ verifierFilter(DigestAlgorithm::SHA256, *sKey, *sig) >>
boolSink(result));
}
BOOST_CHECK(result);
diff --git a/tests/unit/security/transform/public-key.t.cpp b/tests/unit/security/transform/public-key.t.cpp
index d572ecc..c888482 100644
--- a/tests/unit/security/transform/public-key.t.cpp
+++ b/tests/unit/security/transform/public-key.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -71,14 +71,14 @@
{
T dataSet;
- auto pKeyPkcs8Base64 = reinterpret_cast<const uint8_t*>(dataSet.publicKeyPkcs8.data());
- size_t pKeyPkcs8Base64Len = dataSet.publicKeyPkcs8.size();
+ auto pKeyPkcs8Base64 = make_span(reinterpret_cast<const uint8_t*>(dataSet.publicKeyPkcs8.data()),
+ dataSet.publicKeyPkcs8.size());
OBufferStream os;
- bufferSource(make_span(pKeyPkcs8Base64, pKeyPkcs8Base64Len)) >> base64Decode() >> streamSink(os);
+ bufferSource(pKeyPkcs8Base64) >> base64Decode() >> streamSink(os);
auto pKeyPkcs8 = os.buf();
PublicKey pKey1;
- BOOST_CHECK_NO_THROW(pKey1.loadPkcs8Base64({pKeyPkcs8Base64, pKeyPkcs8Base64Len}));
+ BOOST_CHECK_NO_THROW(pKey1.loadPkcs8Base64(pKeyPkcs8Base64));
std::stringstream ss2(dataSet.publicKeyPkcs8);
PublicKey pKey2;
@@ -94,7 +94,7 @@
OBufferStream os5;
BOOST_REQUIRE_NO_THROW(pKey1.savePkcs8Base64(os5));
- BOOST_CHECK_EQUAL_COLLECTIONS(pKeyPkcs8Base64, pKeyPkcs8Base64 + pKeyPkcs8Base64Len,
+ BOOST_CHECK_EQUAL_COLLECTIONS(pKeyPkcs8Base64.begin(), pKeyPkcs8Base64.end(),
os5.buf()->begin(), os5.buf()->end());
OBufferStream os6;
diff --git a/tests/unit/security/transform/signer-filter.t.cpp b/tests/unit/security/transform/signer-filter.t.cpp
index 063e3fc..cad6f04 100644
--- a/tests/unit/security/transform/signer-filter.t.cpp
+++ b/tests/unit/security/transform/signer-filter.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -92,7 +92,7 @@
bufferSource(data) >> signerFilter(DigestAlgorithm::SHA256, sKey) >> streamSink(os2);
auto sig = os2.buf();
- BOOST_TEST(verifySignature({{data, sizeof(data)}}, sig->data(), sig->size(), pubKey->data(), pubKey->size()));
+ BOOST_TEST(verifySignature({data}, *sig, *pubKey));
}
BOOST_AUTO_TEST_CASE(Ecdsa)
@@ -130,7 +130,7 @@
bufferSource(data) >> signerFilter(DigestAlgorithm::SHA256, sKey) >> streamSink(os2);
auto sig = os2.buf();
- BOOST_TEST(verifySignature({{data, sizeof(data)}}, sig->data(), sig->size(), pubKey->data(), pubKey->size()));
+ BOOST_TEST(verifySignature({data}, *sig, *pubKey));
}
BOOST_AUTO_TEST_SUITE(Hmac)
@@ -192,7 +192,7 @@
BOOST_AUTO_TEST_CASE(Rfc4231Test2)
{
// Test case 2 (HMAC-SHA-256 only)
- const char rawKey[] = "Jefe";
+ const uint8_t rawKey[] = {'J', 'e', 'f', 'e'};
const std::string data("what do ya want for nothing?");
const uint8_t hmacSha256[] = {0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 0x6a, 0x04,
0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08,
@@ -200,7 +200,7 @@
0x38, 0x43};
PrivateKey key;
- key.loadRaw(KeyType::HMAC, {reinterpret_cast<const uint8_t*>(rawKey), std::strlen(rawKey)});
+ key.loadRaw(KeyType::HMAC, rawKey);
OBufferStream os256;
bufferSource(data) >> signerFilter(DigestAlgorithm::SHA256, key) >> streamSink(os256);
diff --git a/tests/unit/security/transform/verifier-filter.t.cpp b/tests/unit/security/transform/verifier-filter.t.cpp
index 8feabfc..882890f 100644
--- a/tests/unit/security/transform/verifier-filter.t.cpp
+++ b/tests/unit/security/transform/verifier-filter.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -98,12 +98,12 @@
bufferSource(DATA) >> signerFilter(DigestAlgorithm::SHA256, sKey) >> streamSink(os2);
auto sig = os2.buf();
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, pKey, sig->data(), sig->size()), Error);
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, sKey, sig->data(), sig->size()), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, pKey, *sig), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, sKey, *sig), Error);
bool result = false;
bufferSource(DATA) >>
- verifierFilter(DigestAlgorithm::SHA256, pKey, sig->data(), sig->size()) >>
+ verifierFilter(DigestAlgorithm::SHA256, pKey, *sig) >>
boolSink(result);
BOOST_CHECK_EQUAL(result, true);
@@ -144,12 +144,12 @@
bufferSource(DATA) >> signerFilter(DigestAlgorithm::SHA256, sKey) >> streamSink(os2);
auto sig = os2.buf();
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, pKey, sig->data(), sig->size()), Error);
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, sKey, sig->data(), sig->size()), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, pKey, *sig), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, sKey, *sig), Error);
bool result = false;
bufferSource(DATA) >>
- verifierFilter(DigestAlgorithm::SHA256, pKey, sig->data(), sig->size()) >>
+ verifierFilter(DigestAlgorithm::SHA256, pKey, *sig) >>
boolSink(result);
BOOST_CHECK_EQUAL(result, true);
@@ -163,12 +163,12 @@
bufferSource(DATA) >> signerFilter(DigestAlgorithm::SHA256, *sKey) >> streamSink(os);
auto sig = os.buf();
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, *sKey, sig->data(), sig->size()), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, *sKey, *sig), Error);
#if OPENSSL_VERSION_NUMBER < 0x30000000L // FIXME #5154
bool result = false;
bufferSource(DATA) >>
- verifierFilter(DigestAlgorithm::SHA256, *sKey, sig->data(), sig->size()) >>
+ verifierFilter(DigestAlgorithm::SHA256, *sKey, *sig) >>
boolSink(result);
BOOST_CHECK_EQUAL(result, true);
@@ -178,9 +178,9 @@
BOOST_AUTO_TEST_CASE(InvalidKey)
{
PublicKey pubKey;
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, pubKey, nullptr, 0), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, pubKey, {}), Error);
PrivateKey privKey;
- BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, privKey, nullptr, 0), Error);
+ BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, privKey, {}), Error);
}
BOOST_AUTO_TEST_SUITE_END() // TestVerifierFilter
diff --git a/tests/unit/security/verification-helpers.t.cpp b/tests/unit/security/verification-helpers.t.cpp
index 9925bb2..479a655 100644
--- a/tests/unit/security/verification-helpers.t.cpp
+++ b/tests/unit/security/verification-helpers.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -561,23 +561,23 @@
dataset.badSigInterestOldFormat.size()));
BOOST_CHECK(verifySignature(data, key));
- BOOST_CHECK(verifySignature(data, keyRaw.data(), keyRaw.size()));
+ BOOST_CHECK(verifySignature(data, keyRaw));
BOOST_CHECK(verifySignature(data, cert));
BOOST_CHECK(verifySignature(interest, key));
- BOOST_CHECK(verifySignature(interest, keyRaw.data(), keyRaw.size()));
+ BOOST_CHECK(verifySignature(interest, keyRaw));
BOOST_CHECK(verifySignature(interest, cert));
BOOST_CHECK(verifySignature(interestOldFormat, key));
- BOOST_CHECK(verifySignature(interestOldFormat, keyRaw.data(), keyRaw.size()));
+ BOOST_CHECK(verifySignature(interestOldFormat, keyRaw));
BOOST_CHECK(verifySignature(interestOldFormat, cert));
BOOST_CHECK(!verifySignature(badSigData, key));
- BOOST_CHECK(!verifySignature(badSigData, keyRaw.data(), keyRaw.size()));
+ BOOST_CHECK(!verifySignature(badSigData, keyRaw));
BOOST_CHECK(!verifySignature(badSigData, cert));
BOOST_CHECK(!verifySignature(badSigInterest, key));
- BOOST_CHECK(!verifySignature(badSigInterest, keyRaw.data(), keyRaw.size()));
+ BOOST_CHECK(!verifySignature(badSigInterest, keyRaw));
BOOST_CHECK(!verifySignature(badSigInterest, cert));
BOOST_CHECK(!verifySignature(badSigInterestOldFormat, key));
- BOOST_CHECK(!verifySignature(badSigInterestOldFormat, keyRaw.data(), keyRaw.size()));
+ BOOST_CHECK(!verifySignature(badSigInterestOldFormat, keyRaw));
BOOST_CHECK(!verifySignature(badSigInterestOldFormat, cert));
Data unsignedData("/some/data");
@@ -593,9 +593,9 @@
BOOST_CHECK(!verifySignature(unsignedInterest2, cert));
BOOST_CHECK(!verifySignature(unsignedInterest2, key));
- uint8_t invalidKey[] = {0x00, 0x00};
- BOOST_CHECK(!verifySignature(unsignedData, invalidKey, sizeof(invalidKey)));
- BOOST_CHECK(!verifySignature(unsignedInterest1, invalidKey, sizeof(invalidKey)));
+ const uint8_t invalidKey[] = {0x00, 0x00};
+ BOOST_CHECK(!verifySignature(unsignedData, invalidKey));
+ BOOST_CHECK(!verifySignature(unsignedInterest1, invalidKey));
// - base version of verifySignature is tested transitively
// - pib::Key version is tested as part of key-chain.t.cpp (Security/TestKeyChain)
diff --git a/tests/unit/util/sha256.t.cpp b/tests/unit/util/sha256.t.cpp
index f6e0ec3..501a015 100644
--- a/tests/unit/util/sha256.t.cpp
+++ b/tests/unit/util/sha256.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2018 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -196,7 +196,7 @@
0x01, 0xCC, 0x4B, 0xF9, 0x06, 0x13, 0xE0, 0x81,
0x4F, 0x00, 0xA7, 0xB0, 0x8B, 0xC7, 0xC6, 0x48,
0xFD, 0x86, 0x5A, 0x2A, 0xF6, 0xA2, 0x2C, 0xC2};
- std::string expected = toHex(origin, sizeof(origin));
+ const auto expected = toHex(origin);
Sha256 digest;
digest << "TEST";