security: Support KeyType in SecPublicInfo
Change-Id: I0c56b849cd9d659a8f6fd0a0225104ea62bbccd6
Refs: #1648
diff --git a/src/security/sec-public-info-sqlite3.cpp b/src/security/sec-public-info-sqlite3.cpp
index db0bdd4..a690bef 100644
--- a/src/security/sec-public-info-sqlite3.cpp
+++ b/src/security/sec-public-info-sqlite3.cpp
@@ -268,9 +268,8 @@
}
void
-SecPublicInfoSqlite3::addPublicKey(const Name& keyName,
- KeyType keyType,
- const PublicKey& publicKeyDer)
+SecPublicInfoSqlite3::addKey(const Name& keyName,
+ const PublicKey& publicKeyDer)
{
if (keyName.empty())
return;
@@ -292,7 +291,7 @@
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
- sqlite3_bind_int(statement, 3, (int)keyType);
+ sqlite3_bind_int(statement, 3, publicKeyDer.getKeyType());
sqlite3_bind_blob(statement, 4,
publicKeyDer.get().buf(),
publicKeyDer.get().size(),
@@ -340,6 +339,39 @@
}
}
+KeyType
+SecPublicInfoSqlite3::getPublicKeyType(const Name& keyName)
+{
+ if (keyName.empty())
+ return KEY_TYPE_NULL;
+
+ string keyId = keyName.get(-1).toUri();
+ Name identityName = keyName.getPrefix(-1);
+
+ sqlite3_stmt* statement;
+ sqlite3_prepare_v2(m_database,
+ "SELECT key_type FROM Key WHERE identity_name=? AND key_identifier=?",
+ -1, &statement, 0);
+
+ sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
+ sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
+
+ int res = sqlite3_step(statement);
+
+ if (res == SQLITE_ROW)
+ {
+ int typeValue = sqlite3_column_int(statement, 0);
+ sqlite3_finalize(statement);
+ return static_cast<KeyType>(typeValue);
+ }
+ else
+ {
+ sqlite3_finalize(statement);
+ return KEY_TYPE_NULL;
+ }
+
+}
+
bool
SecPublicInfoSqlite3::doesCertificateExist(const Name& certificateName)
{
@@ -424,8 +456,7 @@
Name keyName =
IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
- //HACK!!! Assume the key type is RSA, we should check more.
- addPublicKey(keyName, KEY_TYPE_RSA, certificate.getPublicKeyInfo());
+ addKey(keyName, certificate.getPublicKeyInfo());
if (doesCertificateExist(certificateName))
return;
diff --git a/src/security/sec-public-info-sqlite3.hpp b/src/security/sec-public-info-sqlite3.hpp
index 7c3b7b1..f66b188 100644
--- a/src/security/sec-public-info-sqlite3.hpp
+++ b/src/security/sec-public-info-sqlite3.hpp
@@ -66,11 +66,14 @@
doesPublicKeyExist(const Name& keyName);
virtual void
- addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer);
+ addKey(const Name& keyName, const PublicKey& publicKeyDer);
virtual shared_ptr<PublicKey>
getPublicKey(const Name& keyName);
+ virtual KeyType
+ getPublicKeyType(const Name& keyName);
+
virtual bool
doesCertificateExist(const Name& certificateName);
diff --git a/src/security/sec-public-info.hpp b/src/security/sec-public-info.hpp
index 29b8f64..509cd09 100644
--- a/src/security/sec-public-info.hpp
+++ b/src/security/sec-public-info.hpp
@@ -99,12 +99,26 @@
/**
* @brief Add a public key to the identity storage.
*
+ * @deprecated Use addKey instead
+ *
* @param keyName The name of the public key to be added
* @param keyType Type of the public key to be added
* @param publicKey Reference to the PublicKey object
*/
+ void
+ addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey)
+ {
+ addKey(keyName, publicKey);
+ }
+
+ /**
+ * @brief Add a public key to the identity storage.
+ *
+ * @param keyName The name of the public key to be added
+ * @param publicKey Reference to the PublicKey object
+ */
virtual void
- addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey) = 0;
+ addKey(const Name& keyName, const PublicKey& publicKey) = 0;
/**
* @brief Get shared pointer to PublicKey object from the identity storage
@@ -116,6 +130,18 @@
getPublicKey(const Name& keyName) = 0;
/**
+ * @brief Get the type of the queried public key
+ *
+ * @note KeyType is also available from PublicKey instance.
+ * This method is more efficient if only KeyType is needed.
+ *
+ * @param keyName The name of the requested public key
+ * @return the type of the key. If the queried key does not exist, KEY_TYPE_NULL will be returned
+ */
+ virtual KeyType
+ getPublicKeyType(const Name& keyName) = 0;
+
+ /**
* @brief Check if the specified certificate already exists
*
* @param certificateName The name of the certificate
diff --git a/src/security/security-common.hpp b/src/security/security-common.hpp
index f795863..b6b3119 100644
--- a/src/security/security-common.hpp
+++ b/src/security/security-common.hpp
@@ -38,14 +38,14 @@
} // namespace signed_interest
enum KeyType {
- KEY_TYPE_RSA,
- KEY_TYPE_ECDSA,
+ KEY_TYPE_RSA = 0,
+ KEY_TYPE_ECDSA = 1,
// KEY_TYPE_DSA,
- KEY_TYPE_AES,
+ KEY_TYPE_AES = 128,
// KEY_TYPE_DES,
// KEY_TYPE_RC4,
// KEY_TYPE_RC2
- KEY_TYPE_NULL
+ KEY_TYPE_NULL = 255
};
enum KeyClass {