commit 6ab6781b0335bfb288de44558bee5bd9765a83c8
author Yingdi Yu <yuyingdi@gmail.com> Thu Nov 27 15:00:34 2014 -0800
committer Yingdi Yu <yuyingdi@gmail.com> Thu Nov 27 22:41:05 2014 -0800
tree f3407af04bba0177d3f9f745a9dcb3828002edfe
parent 3e8b52e5bd948a58d04d67dc9ed49dc7f9383233

security: Allow KeyChain to sign interest using SHA256 digest

Change-Id: I729c5e32aeb1b9e78582becec1bc183aada6ee95
Refs: #2218

src/security/key-chain.cpp

diff --git a/src/security/key-chain.cpp b/src/security/key-chain.cpp
index 1809079..f22c5a9 100644
--- a/src/security/key-chain.cpp
+++ b/src/security/key-chain.cpp
@@ -558,6 +558,30 @@
 }
 
 void
+KeyChain::signWithSha256(Interest& interest)
+{
+  DigestSha256 sig;
+
+  time::milliseconds timestamp = time::toUnixTimestamp(time::system_clock::now());
+  if (timestamp <= m_lastTimestamp)
+    timestamp = m_lastTimestamp + time::milliseconds(1);
+
+  Name signedName = interest.getName();
+  signedName
+    .append(name::Component::fromNumber(timestamp.count()))        // timestamp
+    .append(name::Component::fromNumber(random::generateWord64())) // nonce
+    .append(sig.getInfo());                                        // signatureInfo
+
+  Block sigValue(tlv::SignatureValue,
+                 crypto::sha256(signedName.wireEncode().value(),
+                                signedName.wireEncode().value_size()));
+
+  sigValue.encode();
+  signedName.append(sigValue);                                     // signatureValue
+  interest.setName(signedName);
+}
+
+void
 KeyChain::deleteCertificate(const Name& certificateName)
 {
   try

src/security/key-chain.hpp

diff --git a/src/security/key-chain.hpp b/src/security/key-chain.hpp
index 0cc3cb3..5d348c4 100644
--- a/src/security/key-chain.hpp
+++ b/src/security/key-chain.hpp
@@ -226,12 +226,18 @@
   signByIdentity(const uint8_t* buffer, size_t bufferLength, const Name& identityName);
 
   /**
-   * @brief Set Sha256 weak signature for @param data
+   * @brief Set Sha256 weak signature for @p data
    */
   void
   signWithSha256(Data& data);
 
   /**
+   * @brief Set Sha256 weak signature for @p interest
+   */
+  void
+  signWithSha256(Interest& interest);
+
+  /**
    * @brief Generate a self-signed certificate for a public key.
    *
    * @param keyName The name of the public key
@@ -789,6 +795,6 @@
   return;
 }
 
-}
+} // namespace ndn
 
 #endif // NDN_SECURITY_KEY_CHAIN_HPP

src/security/validator.hpp

diff --git a/src/security/validator.hpp b/src/security/validator.hpp
index 3fe58f3..5311795 100644
--- a/src/security/validator.hpp
+++ b/src/security/validator.hpp
@@ -180,10 +180,10 @@
     if (interest.getName().size() < 2)
       return false;
 
-    Name signedName = interest.getName().getPrefix(-2);
+    const Name& name = interest.getName();
 
-    return verifySignature(signedName.wireEncode().value(),
-                           signedName.wireEncode().value_size(),
+    return verifySignature(name.wireEncode().value(),
+                           name.wireEncode().value_size() - name[-1].size(),
                            sig);
   }