security: MemoryIdentityStorage: Implement key and certificate stores.
diff --git a/include/ndn-cpp/security/identity/memory-identity-storage.hpp b/include/ndn-cpp/security/identity/memory-identity-storage.hpp
index b86b7d9..60837ff 100644
--- a/include/ndn-cpp/security/identity/memory-identity-storage.hpp
+++ b/include/ndn-cpp/security/identity/memory-identity-storage.hpp
@@ -9,6 +9,7 @@
#define NDN_MEMORY_IDENTITY_STORAGE_HPP
#include <vector>
+#include <map>
#include "identity-storage.hpp"
namespace ndn {
@@ -164,8 +165,26 @@
setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName);
private:
+ class KeyRecord {
+ public:
+ KeyRecord(KeyType keyType, const Blob &keyDer)
+ : keyType_(keyType), keyDer_(keyDer)
+ {
+ }
+
+ const KeyType getKeyType() const { return keyType_; }
+
+ const Blob& getKeyDer() { return keyDer_; }
+
+ private:
+ KeyType keyType_;
+ Blob keyDer_;
+ };
+
std::vector<std::string> identityStore_; /**< A list of name URI. */
std::string defaultIdentity_; /**< The default identity in identityStore_, or "" if not defined. */
+ std::map<std::string, ptr_lib::shared_ptr<KeyRecord> > keyStore_; /**< The map key is the keyName.toUri() */
+ std::map<std::string, Blob> certificateStore_; /**< The map key is the certificateName.toUri() */
};
}
diff --git a/src/security/identity/memory-identity-storage.cpp b/src/security/identity/memory-identity-storage.cpp
index b3b7c69..c5fb409 100644
--- a/src/security/identity/memory-identity-storage.cpp
+++ b/src/security/identity/memory-identity-storage.cpp
@@ -10,6 +10,7 @@
#endif
#include <algorithm>
#include <ndn-cpp/security/security-exception.hpp>
+#include <ndn-cpp/security/certificate/identity-certificate.hpp>
#include <ndn-cpp/security/identity/memory-identity-storage.hpp>
using namespace std;
@@ -49,25 +50,32 @@
bool
MemoryIdentityStorage::doesKeyExist(const Name& keyName)
{
-#if 1
- throw runtime_error("MemoryIdentityStorage::doesKeyExist not implemented");
-#endif
+ return keyStore_.find(keyName.toUri()) != keyStore_.end();
}
void
MemoryIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
{
-#if 1
- throw runtime_error("MemoryIdentityStorage::addKey not implemented");
-#endif
+ Name identityName = keyName.getSubName(0, keyName.size() - 1);
+
+ if (!doesIdentityExist(identityName))
+ addIdentity(identityName);
+
+ if (doesKeyExist(keyName))
+ throw SecurityException("a key with the same name already exists!");
+
+ keyStore_[keyName.toUri()] = make_shared<KeyRecord>(keyType, publicKeyDer);
}
Blob
MemoryIdentityStorage::getKey(const Name& keyName)
{
-#if 1
- throw runtime_error("MemoryIdentityStorage::getKey not implemented");
-#endif
+ map<string, shared_ptr<KeyRecord> >::iterator record = keyStore_.find(keyName.toUri());
+ if (record == keyStore_.end())
+ // Not found. Silently return null.
+ return Blob();
+
+ return record->second->getKeyDer();
}
void
@@ -89,25 +97,44 @@
bool
MemoryIdentityStorage::doesCertificateExist(const Name& certificateName)
{
-#if 1
- throw runtime_error("MemoryIdentityStorage::doesCertificateExist not implemented");
-#endif
+ return certificateStore_.find(certificateName.toUri()) != certificateStore_.end();
}
void
MemoryIdentityStorage::addCertificate(const IdentityCertificate& certificate)
{
-#if 1
- throw runtime_error("MemoryIdentityStorage::addCertificate not implemented");
-#endif
+ const Name& certificateName = certificate.getName();
+ Name keyName = certificate.getPublicKeyName();
+
+ if (!doesKeyExist(keyName))
+ throw SecurityException("No corresponding Key record for certificate! " + keyName.toUri() + " " + certificateName.toUri());
+
+ // Check if certificate has already existed!
+ if (doesCertificateExist(certificateName))
+ throw SecurityException("Certificate has already been installed!");
+
+ // Check if the public key of certificate is the same as the key record.
+ Blob keyBlob = getKey(keyName);
+ if (!keyBlob || (*keyBlob) != *(certificate.getPublicKeyInfo().getKeyDer()))
+ throw SecurityException("Certificate does not match the public key!");
+
+ // Insert the certificate.
+ if (!certificate.getDefaultWireEncoding())
+ certificate.wireEncode();
+ certificateStore_[certificateName.toUri()] = certificate.getDefaultWireEncoding();
}
ptr_lib::shared_ptr<Data>
-MemoryIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
+MemoryIdentityStorage::getCertificate(const Name& certificateName, bool allowAny)
{
-#if 1
- throw runtime_error("MemoryIdentityStorage::getCertificate not implemented");
-#endif
+ map<string, Blob>::iterator record = certificateStore_.find(certificateName.toUri());
+ if (record == certificateStore_.end())
+ // Not found. Silently return null.
+ return shared_ptr<Data>();
+
+ shared_ptr<Data> data(new Data());
+ data->wireDecode(*record->second);
+ return data;
}
Name
diff --git a/src/security/identity/memory-private-key-storage.cpp b/src/security/identity/memory-private-key-storage.cpp
index f461a5b..b2bbcb5 100644
--- a/src/security/identity/memory-private-key-storage.cpp
+++ b/src/security/identity/memory-private-key-storage.cpp
@@ -26,7 +26,7 @@
size_t privateKeyDerLength)
{
publicKeyStore_[keyName.toUri()] = PublicKey::fromDer(Blob(publicKeyDer, publicKeyDerLength));
- privateKeyStore_[keyName.toUri()] = shared_ptr<RsaPrivateKey>(new RsaPrivateKey(privateKeyDer, privateKeyDerLength));
+ privateKeyStore_[keyName.toUri()] = make_shared<RsaPrivateKey>(privateKeyDer, privateKeyDerLength);
}
void