security: Allow KeyChain to sign interest using SHA256 digest
Change-Id: I729c5e32aeb1b9e78582becec1bc183aada6ee95
Refs: #2218
diff --git a/src/security/key-chain.cpp b/src/security/key-chain.cpp
index 1809079..f22c5a9 100644
--- a/src/security/key-chain.cpp
+++ b/src/security/key-chain.cpp
@@ -558,6 +558,30 @@
}
void
+KeyChain::signWithSha256(Interest& interest)
+{
+ DigestSha256 sig;
+
+ time::milliseconds timestamp = time::toUnixTimestamp(time::system_clock::now());
+ if (timestamp <= m_lastTimestamp)
+ timestamp = m_lastTimestamp + time::milliseconds(1);
+
+ Name signedName = interest.getName();
+ signedName
+ .append(name::Component::fromNumber(timestamp.count())) // timestamp
+ .append(name::Component::fromNumber(random::generateWord64())) // nonce
+ .append(sig.getInfo()); // signatureInfo
+
+ Block sigValue(tlv::SignatureValue,
+ crypto::sha256(signedName.wireEncode().value(),
+ signedName.wireEncode().value_size()));
+
+ sigValue.encode();
+ signedName.append(sigValue); // signatureValue
+ interest.setName(signedName);
+}
+
+void
KeyChain::deleteCertificate(const Name& certificateName)
{
try