commit 64c3fb454c50f4cad5619f6aeb00d49e69880a39
author Yingdi Yu <yuyingdi@gmail.com> Wed Feb 26 17:30:04 2014 -0800
committer Yingdi Yu <yuyingdi@gmail.com> Wed Feb 26 18:31:42 2014 -0800
tree aa737eecca0d479f686ae2ab409707303417776b
parent c55680b2212a2057f5ba8ca0e088ac0e39ca7f5e

security: Add a wrapper for export/import information.

Change-Id: I5c226b44573cafdbe8ab7cf1dfe2324f0bc96d54

tools/ndnsec-export.hpp

diff --git a/tools/ndnsec-export.hpp b/tools/ndnsec-export.hpp
index c7753f3..ca3662f 100644
--- a/tools/ndnsec-export.hpp
+++ b/tools/ndnsec-export.hpp
@@ -19,11 +19,13 @@
   std::string identityStr;
   std::string output;
   std::string exportPassword;
+  bool privateExport = false;
 
-  po::options_description desc("General Usage\n  ndnsec export [-h] [-o output] identity \nGeneral options");
+  po::options_description desc("General Usage\n  ndnsec export [-h] [-o output] [-p] identity \nGeneral options");
   desc.add_options()
     ("help,h", "Produce help message")
     ("output,o", po::value<std::string>(&output), "(Optional) output file, stdout if not specified")
+    ("private,p", "export info contains private key")
     ("identity,i", po::value<std::string>(&identityStr), "Identity to export")
     ;
 
@@ -48,83 +50,89 @@
       return 0;
     }
 
+  if (vm.count("private"))
+    privateExport = true;
+
   if (!vm.count("output"))
     output = "-";
 
-  Block wire;
   Name identity(identityStr);
-
-  try
+  if(!privateExport)
     {
-      KeyChain keyChain;
-      
-      int count = 3;
-      while(!getPassword(exportPassword, "Passphrase for the private key: "))
+      try
         {
-          count--;
-          if(count <= 0)
-            {
-              std::cerr << "ERROR: invalid password" << std::endl;
-              memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
-              return 1;
-            }
+          KeyChain keyChain;
+          shared_ptr<IdentityCertificate> cert = keyChain.getCertificate(keyChain.getDefaultCertificateNameForIdentity(identity));          
+          if(output == "-")
+            io::save(*cert, std::cout);
+          else
+            io::save(*cert, output);
+            
+          return 0;
         }
-      wire = keyChain.exportIdentity(identity, exportPassword);
-      memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
-      wire.encode();
+      catch(SecPublicInfo::Error& e)
+        {
+          std::cerr << "ERROR: " << e.what() << std::endl;
+          return 1;
+        }
+      catch(SecTpm::Error& e)
+        {
+          std::cerr << "ERROR: " << e.what() << std::endl;
+          return 1;
+        }
+      catch(io::Error& e)
+        {
+          std::cerr << "ERROR: " << e.what() << std::endl;
+          return 1;
+        }
     }
-  catch(Block::Error& e)
-    {
-      std::cerr << "ERROR: " << e.what() << std::endl;
-      memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
-      return 1;
-    }
-  catch(SecPublicInfo::Error& e)
-    {
-      std::cerr << "ERROR: " << e.what() << std::endl;
-      memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
-      return 1;
-    }
-  catch(SecTpm::Error& e)
-    {
-      std::cerr << "ERROR: " << e.what() << std::endl;
-      memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
-      return 1;
-    }
-
-  std::ostream* ofs;
-  std::ostream* ffs = 0;
-  if(output == "-")
-    ofs = &std::cout;
   else
     {
-      ofs = new std::ofstream(output.c_str());
-      ffs = ofs;
+      Block wire;
+      try
+        {
+          KeyChain keyChain;
+
+          int count = 3;
+          while(!getPassword(exportPassword, "Passphrase for the private key: "))
+            {
+              count--;
+              if(count <= 0)
+                {
+                  std::cerr << "ERROR: invalid password" << std::endl;
+                  memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+                  return 1;
+                }
+            }
+          shared_ptr<SecuredBag> securedBag = keyChain.exportIdentity(identity, exportPassword);
+          memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+          
+          if(output == "-")
+            io::save(*securedBag, std::cout);
+          else
+            io::save(*securedBag, output);
+
+          return 0;
+        }
+      catch(io::Error& e)
+        {
+          std::cerr << "ERROR: " << e.what() << std::endl;
+          memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+          return 1;
+        }
+      catch(SecPublicInfo::Error& e)
+        {
+          std::cerr << "ERROR: " << e.what() << std::endl;
+          memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+          return 1;
+        }
+      catch(SecTpm::Error& e)
+        {
+          std::cerr << "ERROR: " << e.what() << std::endl;
+          memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+          return 1;
+        }
     }
-
-  try
-    {
-      using namespace CryptoPP;
-
-      StringSource ss(wire.wire(), wire.size(), true,
-                      new Base64Encoder(new FileSink(*ofs), true, 64));
-      if(ffs)
-        delete ffs;
-      ffs = 0;
-      ofs = 0;
-    }
-  catch(CryptoPP::Exception& e)
-    {
-      if(ffs)
-        delete ffs;
-      ffs = 0;
-      ofs = 0;
-
-      std::cerr << "ERROR: " << e.what() << std::endl;
-      return 1;
-    }
-
-  return 0;
 }
 
 #endif //NDNSEC_EXPORT_HPP