security: Added headers for der encoding. Added CertificateExtension and CertificateSubjectDescription.
diff --git a/Makefile.am b/Makefile.am
index 807e8f7..3928da1 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -47,6 +47,8 @@
include/ndn-cpp/security/security-common.hpp \
include/ndn-cpp/security/key-chain.hpp \
include/ndn-cpp/security/security-exception.hpp \
+ include/ndn-cpp/security/certificate/certificate-extension.hpp \
+ include/ndn-cpp/security/certificate/certificate-subject-description.hpp \
include/ndn-cpp/security/certificate/certificate.hpp \
include/ndn-cpp/security/certificate/identity-certificate.hpp \
include/ndn-cpp/security/certificate/public-key.hpp \
@@ -114,8 +116,16 @@
ndn-cpp/encoding/element-listener.cpp \
ndn-cpp/encoding/oid.cpp \
ndn-cpp/encoding/wire-format.cpp \
+ ndn-cpp/encoding/der/der.hpp \
+ ndn-cpp/encoding/der/visitor/no-arguments-visitor.hpp \
+ ndn-cpp/encoding/der/visitor/simple-visitor.hpp \
+ ndn-cpp/encoding/der/visitor/visitor.hpp \
+ ndn-cpp/encoding/der/visitor/void-no-arguments-visitor.hpp \
+ ndn-cpp/encoding/der/visitor/void-visitor.hpp \
ndn-cpp/security/key-chain.cpp \
ndn-cpp/security/security-exception.cpp \
+ ndn-cpp/security/certificate/certificate-extension.cpp \
+ ndn-cpp/security/certificate/certificate-subject-description.cpp \
ndn-cpp/security/certificate/public-key.cpp \
ndn-cpp/security/identity/basic-identity-storage.cpp \
ndn-cpp/security/identity/identity-manager.cpp \
diff --git a/Makefile.in b/Makefile.in
index ddbd037..49bb6e2 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -183,6 +183,8 @@
ndn-cpp/encoding/element-listener.lo ndn-cpp/encoding/oid.lo \
ndn-cpp/encoding/wire-format.lo ndn-cpp/security/key-chain.lo \
ndn-cpp/security/security-exception.lo \
+ ndn-cpp/security/certificate/certificate-extension.lo \
+ ndn-cpp/security/certificate/certificate-subject-description.lo \
ndn-cpp/security/certificate/public-key.lo \
ndn-cpp/security/identity/basic-identity-storage.lo \
ndn-cpp/security/identity/identity-manager.lo \
@@ -582,6 +584,8 @@
include/ndn-cpp/security/security-common.hpp \
include/ndn-cpp/security/key-chain.hpp \
include/ndn-cpp/security/security-exception.hpp \
+ include/ndn-cpp/security/certificate/certificate-extension.hpp \
+ include/ndn-cpp/security/certificate/certificate-subject-description.hpp \
include/ndn-cpp/security/certificate/certificate.hpp \
include/ndn-cpp/security/certificate/identity-certificate.hpp \
include/ndn-cpp/security/certificate/public-key.hpp \
@@ -651,8 +655,16 @@
ndn-cpp/encoding/element-listener.cpp \
ndn-cpp/encoding/oid.cpp \
ndn-cpp/encoding/wire-format.cpp \
+ ndn-cpp/encoding/der/der.hpp \
+ ndn-cpp/encoding/der/visitor/no-arguments-visitor.hpp \
+ ndn-cpp/encoding/der/visitor/simple-visitor.hpp \
+ ndn-cpp/encoding/der/visitor/visitor.hpp \
+ ndn-cpp/encoding/der/visitor/void-no-arguments-visitor.hpp \
+ ndn-cpp/encoding/der/visitor/void-visitor.hpp \
ndn-cpp/security/key-chain.cpp \
ndn-cpp/security/security-exception.cpp \
+ ndn-cpp/security/certificate/certificate-extension.cpp \
+ ndn-cpp/security/certificate/certificate-subject-description.cpp \
ndn-cpp/security/certificate/public-key.cpp \
ndn-cpp/security/identity/basic-identity-storage.cpp \
ndn-cpp/security/identity/identity-manager.cpp \
@@ -888,6 +900,12 @@
ndn-cpp/security/certificate/$(DEPDIR)/$(am__dirstamp):
@$(MKDIR_P) ndn-cpp/security/certificate/$(DEPDIR)
@: > ndn-cpp/security/certificate/$(DEPDIR)/$(am__dirstamp)
+ndn-cpp/security/certificate/certificate-extension.lo: \
+ ndn-cpp/security/certificate/$(am__dirstamp) \
+ ndn-cpp/security/certificate/$(DEPDIR)/$(am__dirstamp)
+ndn-cpp/security/certificate/certificate-subject-description.lo: \
+ ndn-cpp/security/certificate/$(am__dirstamp) \
+ ndn-cpp/security/certificate/$(DEPDIR)/$(am__dirstamp)
ndn-cpp/security/certificate/public-key.lo: \
ndn-cpp/security/certificate/$(am__dirstamp) \
ndn-cpp/security/certificate/$(DEPDIR)/$(am__dirstamp)
@@ -1065,6 +1083,8 @@
@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/encoding/$(DEPDIR)/wire-format.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/$(DEPDIR)/key-chain.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/$(DEPDIR)/security-exception.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/certificate/$(DEPDIR)/certificate-extension.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/certificate/$(DEPDIR)/certificate-subject-description.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/certificate/$(DEPDIR)/public-key.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/identity/$(DEPDIR)/basic-identity-storage.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@ndn-cpp/security/identity/$(DEPDIR)/identity-manager.Plo@am__quote@
diff --git a/include/Makefile.am b/include/Makefile.am
index 06d98aa..8ea2630 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -34,6 +34,8 @@
ndn-cpp/security/security-common.hpp \
ndn-cpp/security/key-chain.hpp \
ndn-cpp/security/security-exception.hpp \
+ ndn-cpp/security/certificate/certificate-extension.hpp \
+ ndn-cpp/security/certificate/certificate-subject-description.hpp \
ndn-cpp/security/certificate/certificate.hpp \
ndn-cpp/security/certificate/identity-certificate.hpp \
ndn-cpp/security/certificate/public-key.hpp \
diff --git a/include/Makefile.in b/include/Makefile.in
index 0ede7e9..82fc5c2 100644
--- a/include/Makefile.in
+++ b/include/Makefile.in
@@ -351,6 +351,8 @@
ndn-cpp/security/security-common.hpp \
ndn-cpp/security/key-chain.hpp \
ndn-cpp/security/security-exception.hpp \
+ ndn-cpp/security/certificate/certificate-extension.hpp \
+ ndn-cpp/security/certificate/certificate-subject-description.hpp \
ndn-cpp/security/certificate/certificate.hpp \
ndn-cpp/security/certificate/identity-certificate.hpp \
ndn-cpp/security/certificate/public-key.hpp \
diff --git a/include/ndn-cpp/security/certificate/certificate-extension.hpp b/include/ndn-cpp/security/certificate/certificate-extension.hpp
new file mode 100644
index 0000000..5990cd4
--- /dev/null
+++ b/include/ndn-cpp/security/certificate/certificate-extension.hpp
@@ -0,0 +1,80 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_CERTIFICATE_EXTENSION_HPP
+#define NDN_CERTIFICATE_EXTENSION_HPP
+
+#include "../../common.hpp"
+#include "../../util/blob.hpp"
+#include "../../encoding/oid.hpp"
+
+namespace ndn {
+
+namespace der { class DerNode; }
+
+/**
+ * A CertificateExtension represents the Extension entry in a certificate.
+ */
+class CertificateExtension
+{
+public:
+ /**
+ * Create a new CertificateExtension.
+ * @param oid The oid of subject description entry.
+ * @param isCritical If true, the extension must be handled.
+ * @param value The extension value. This makes a copy of the value.
+ */
+ CertificateExtension(const std::string& oid, const bool isCritical, const std::vector<uint8_t>& value)
+ : extensionId_(oid), isCritical_(isCritical), extensionValue_(value)
+ {
+ }
+
+ /**
+ * Create a new CertificateExtension.
+ * @param oid The oid of subject description entry.
+ * @param isCritical If true, the extension must be handled.
+ * @param value The extension value. This makes a copy of the value.
+ */
+ CertificateExtension(const OID& oid, const bool isCritical, const std::vector<uint8_t>& value)
+ : extensionId_(oid), isCritical_(isCritical), extensionValue_(value)
+ {
+ }
+
+ /**
+ * The virtual destructor.
+ */
+ virtual
+ ~CertificateExtension() {}
+
+ /**
+ * encode the object into DER syntax tree
+ * @return the encoded DER syntax tree
+ */
+ ptr_lib::shared_ptr<der::DerNode>
+ toDer();
+
+ Blob
+ toDerBlob();
+
+ inline const OID&
+ getOid() const { return extensionId_; }
+
+ inline const bool
+ getIsCritical() const { return isCritical_; }
+
+ inline const Blob&
+ getValue() const { return extensionValue_; }
+
+protected:
+ OID extensionId_;
+ bool isCritical_;
+ Blob extensionValue_;
+};
+
+}
+
+#endif
diff --git a/include/ndn-cpp/security/certificate/certificate-subject-description.hpp b/include/ndn-cpp/security/certificate/certificate-subject-description.hpp
new file mode 100644
index 0000000..90ff7fe
--- /dev/null
+++ b/include/ndn-cpp/security/certificate/certificate-subject-description.hpp
@@ -0,0 +1,70 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
+#define NDN_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
+
+#include "../../common.hpp"
+#include "../../encoding/oid.hpp"
+
+namespace ndn {
+
+namespace der { class DerNode; }
+
+/**
+ * A CertificateSubjectDescription represents the SubjectDescription entry in a Certificate.
+ */
+class CertificateSubjectDescription {
+public:
+ /**
+ * Create a new CertificateSubjectDescription.
+ * @param oid The oid of the subject description entry.
+ * @param value The value of the subject description entry.
+ */
+ CertificateSubjectDescription(std::string oid, std::string value)
+ : oid_(oid), value_(value)
+ {
+ }
+
+ /**
+ * Create a new CertificateSubjectDescription.
+ * @param oid The oid of the subject description entry.
+ * @param value The value of the subject description entry.
+ */
+ CertificateSubjectDescription(OID oid, std::string value)
+ : oid_(oid), value_(value)
+ {
+ }
+
+ /**
+ * Encode the object into a DER syntax tree.
+ * @return The encoded DER syntax tree.
+ */
+ ptr_lib::shared_ptr<der::DerNode>
+ toDer();
+
+ std::string
+ getOidString()
+ {
+ return oid_.toString();
+ }
+
+ const std::string &
+ getValue() const
+ {
+ return value_;
+ }
+
+private:
+ OID oid_;
+ std::string value_;
+};
+
+}
+
+#endif
diff --git a/include/ndn-cpp/security/identity/identity-manager.hpp b/include/ndn-cpp/security/identity/identity-manager.hpp
index d461062..9028065 100644
--- a/include/ndn-cpp/security/identity/identity-manager.hpp
+++ b/include/ndn-cpp/security/identity/identity-manager.hpp
@@ -14,11 +14,11 @@
#include "../certificate/public-key.hpp"
#include "private-key-storage.hpp"
+namespace ndn {
+
// TODO: Implement Time values.
class Time;
-namespace ndn {
-
/**
* An IdentityManager is the interface of operations related to identity, keys, and certificates.
*/
diff --git a/ndn-cpp/encoding/der/der.hpp b/ndn-cpp/encoding/der/der.hpp
new file mode 100644
index 0000000..82089d6
--- /dev/null
+++ b/ndn-cpp/encoding/der/der.hpp
@@ -0,0 +1,385 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_DER_HPP
+#define NDN_DER_HPP
+
+#include <vector>
+#include <string>
+#include <istream>
+#include <ostream>
+#include <sstream>
+
+#include <ndn-cpp/common.hpp>
+#include <ndn-cpp/encoding/oid.hpp>
+
+#include "visitor/visitor.hpp"
+#include "visitor/void-visitor.hpp"
+#include "visitor/no-arguments-visitor.hpp"
+#include "visitor/void-no-arguments-visitor.hpp"
+
+namespace ndn {
+
+// TODO: Implement Time values.
+class Time;
+
+namespace der {
+
+enum DerType {
+ DER_EOC = 0,
+ DER_BOOLEAN = 1,
+ DER_INTEGER = 2,
+ DER_BIT_STRING = 3,
+ DER_OCTET_STRING = 4,
+ DER_NULL = 5,
+ DER_OBJECT_IDENTIFIER = 6,
+ DER_OBJECT_DESCRIPTOR = 7,
+ DER_EXTERNAL = 40,
+ DER_REAL = 9,
+ DER_ENUMERATED = 10,
+ DER_EMBEDDED_PDV = 43,
+ DER_UTF8_STRING = 12,
+ DER_RELATIVE_OID = 13,
+ DER_SEQUENCE = 48,
+ DER_SET = 49,
+ DER_NUMERIC_STRING = 18,
+ DER_PRINTABLE_STRING = 19,
+ DER_T61_STRING = 20,
+ DER_VIDEOTEX_STRING = 21,
+ DER_IA5_STRING = 22,
+ DER_UTC_TIME = 23,
+ DER_GENERALIZED_TIME = 24,
+ DER_GRAPHIC_STRING = 25,
+ DER_VISIBLE_STRING = 26,
+ DER_GENERAL_STRING = 27,
+ DER_UNIVERSAL_STRING = 28,
+ DER_CHARACTER_STRING = 29,
+ DER_BMP_STRING = 30,
+};
+
+class DerComplex;
+
+class DerNode
+{
+public:
+ DerNode();
+
+ DerNode(DerType type);
+
+ DerNode(std::istream& start);
+
+ virtual
+ ~DerNode();
+
+ virtual int
+ getSize() { return m_header.size() + m_payload.size(); }
+
+ virtual void
+ encode(std::ostream& start);
+
+ void
+ setParent(DerComplex * parent) { m_parent = parent; }
+
+ static ptr_lib::shared_ptr<DerNode>
+ parse(std::istream& start);
+
+ const std::vector<uint8_t>&
+ getHeader() const { return m_header; }
+
+ std::vector<uint8_t>&
+ getHeader() { return m_header; }
+
+ const std::vector<uint8_t>&
+ getPayload() const { return m_payload; }
+
+ std::vector<uint8_t>&
+ getPayload() { return m_payload; }
+
+ const DerType&
+ getType() { return m_type; }
+
+ virtual ptr_lib::shared_ptr<std::vector<uint8_t> >
+ getRaw()
+ {
+ ptr_lib::shared_ptr<std::vector<uint8_t> > blob(new std::vector<uint8_t>());
+ blob->insert(blob->end(), m_header.begin(), m_header.end());
+ blob->insert(blob->end(), m_payload.begin(), m_payload.end());
+
+ return blob;
+ }
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) = 0;
+ virtual void accept(VoidVisitor& visitor, Any param) = 0;
+ virtual Any accept(NoArgumentsVisitor& visitor) = 0;
+ virtual Any accept(Visitor& visitor, Any param) = 0;
+
+protected:
+ void
+ decode(std::istream& start);
+
+ void
+ encodeHeader(int size);
+
+ int
+ decodeHeader(std::istream& start);
+
+protected:
+ DerType m_type;
+ std::vector<uint8_t> m_header;
+ std::vector<uint8_t> m_payload;
+ DerComplex * m_parent;
+};
+
+
+typedef std::vector<ptr_lib::shared_ptr<DerNode> > DerNodePtrList;
+
+class DerComplex : public DerNode
+{
+public:
+ DerComplex();
+
+ DerComplex(DerType type);
+
+ DerComplex(std::istream& start);
+
+ virtual
+ ~DerComplex();
+
+ virtual int
+ getSize();
+
+ void
+ addChild(ptr_lib::shared_ptr<DerNode> nodePtr, bool notifyParent = true);
+
+ virtual void
+ encode(std::ostream& start);
+
+ const DerNodePtrList&
+ getChildren() const { return m_nodeList; }
+
+ DerNodePtrList&
+ getChildren() { return m_nodeList; }
+
+ virtual ptr_lib::shared_ptr<std::vector<uint8_t> >
+ getRaw();
+
+private:
+ void
+ updateSize();
+
+ void
+ setChildChanged();
+
+private:
+ bool m_childChanged;
+ int m_size;
+ DerNodePtrList m_nodeList;
+};
+
+
+
+class DerByteString : public DerNode
+{
+public:
+ DerByteString(const std::string& str, DerType type);
+
+ DerByteString(const std::vector<uint8_t>& blob, DerType type);
+
+ DerByteString(std::istream& start);
+
+ virtual
+ ~DerByteString();
+};
+
+
+//0x01
+class DerBool : public DerNode
+{
+public:
+ DerBool(bool value);
+
+ DerBool(std::istream& start);
+
+ virtual
+ ~DerBool();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+//0x02
+class DerInteger : public DerNode
+{
+public:
+ DerInteger(const std::vector<uint8_t>& blob);
+
+ DerInteger(std::istream& start);
+
+ virtual
+ ~DerInteger();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+//0x03
+class DerBitString : public DerNode
+{
+public:
+ DerBitString(const std::vector<uint8_t>& blob, uint8_t paddingLen);
+
+ DerBitString(std::istream& start);
+
+ virtual
+ ~DerBitString();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+//0x04
+class DerOctetString : public DerByteString
+{
+public:
+ DerOctetString(const std::string& str);
+
+ DerOctetString(const std::vector<uint8_t>& blob);
+
+ DerOctetString(std::istream& start);
+
+ virtual
+ ~DerOctetString();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+
+//0x05
+class DerNull : public DerNode
+{
+public:
+ DerNull();
+
+ DerNull(std::istream& start);
+
+ virtual
+ ~DerNull();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+
+//0x06
+class DerOid : public DerNode
+{
+public:
+ DerOid(const OID& oid);
+
+ DerOid(const std::string& oidStr);
+
+ DerOid(const std::vector<int>& value);
+
+ DerOid(std::istream& start);
+
+ virtual
+ ~DerOid();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+ int
+ decode128(int& offset);
+
+private:
+ void
+ prepareEncoding(const std::vector<int>& value);
+
+ void
+ encode128(int value, std::ostringstream& os);
+};
+
+
+//0x10
+class DerSequence : public DerComplex
+{
+public:
+ DerSequence();
+
+ DerSequence(std::istream& start);
+
+ virtual
+ ~DerSequence();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+//0x13
+class DerPrintableString : public DerByteString
+{
+public:
+ DerPrintableString(const std::string& str);
+
+ DerPrintableString(const std::vector<uint8_t>& blob);
+
+ DerPrintableString(std::istream& start);
+
+ virtual
+ ~DerPrintableString();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+};
+
+//0x1b
+class DerGtime : public DerNode
+{
+public:
+ DerGtime(const Time& time);
+
+ DerGtime(std::istream& start);
+
+ virtual
+ ~DerGtime();
+
+ virtual void accept(VoidNoArgumentsVisitor& visitor) { visitor.visit(*this); }
+ virtual void accept(VoidVisitor& visitor, Any param) { visitor.visit(*this, param); }
+ virtual Any accept(NoArgumentsVisitor& visitor) { return visitor.visit(*this); }
+ virtual Any accept(Visitor& visitor, Any param) { return visitor.visit(*this, param); }
+
+};
+
+} // der
+
+}
+
+#endif
diff --git a/ndn-cpp/encoding/der/visitor/no-arguments-visitor.hpp b/ndn-cpp/encoding/der/visitor/no-arguments-visitor.hpp
new file mode 100644
index 0000000..61b0a65
--- /dev/null
+++ b/ndn-cpp/encoding/der/visitor/no-arguments-visitor.hpp
@@ -0,0 +1,36 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_DER_NO_ARGUMENTS_VISITOR_HPP
+#define NDN_DER_NO_ARGUMENTS_VISITOR_HPP
+
+#include "visitor.hpp"
+
+namespace ndn {
+
+namespace der {
+
+class NoArgumentsVisitor
+{
+public:
+ virtual Any visit(DerBool& ) = 0;
+ virtual Any visit(DerInteger& ) = 0;
+ virtual Any visit(DerPrintableString&) = 0;
+ virtual Any visit(DerBitString& ) = 0;
+ virtual Any visit(DerNull& ) = 0;
+ virtual Any visit(DerOctetString& ) = 0;
+ virtual Any visit(DerOid& ) = 0;
+ virtual Any visit(DerSequence& ) = 0;
+ virtual Any visit(DerGtime& ) = 0;
+};
+
+} // der
+
+}
+
+#endif
diff --git a/ndn-cpp/encoding/der/visitor/simple-visitor.hpp b/ndn-cpp/encoding/der/visitor/simple-visitor.hpp
new file mode 100644
index 0000000..4ec3a8c
--- /dev/null
+++ b/ndn-cpp/encoding/der/visitor/simple-visitor.hpp
@@ -0,0 +1,36 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_DER_SIMPLE_VISITOR_HPP
+#define NDN_DER_SIMPLE_VISITOR_HPP
+
+#include "no-arguments-visitor.hpp"
+
+namespace ndn {
+
+namespace der {
+
+class NoArgumentsVisitor : public NoArgumentsVisitor
+{
+public:
+ virtual Any visit(DerBool& ) = 0;
+ virtual Any visit(DerInteger& ) = 0;
+ virtual Any visit(DerPrintableString&) = 0;
+ virtual Any visit(DerBitString& ) = 0;
+ virtual Any visit(DerNull& ) = 0;
+ virtual Any visit(DerOctetString& ) = 0;
+ virtual Any visit(DerOid& ) = 0;
+ virtual Any visit(DerSequence& ) = 0;
+ virtual Any visit(DerGtime& ) = 0;
+};
+
+} // der
+
+}
+
+#endif
diff --git a/ndn-cpp/encoding/der/visitor/visitor.hpp b/ndn-cpp/encoding/der/visitor/visitor.hpp
new file mode 100644
index 0000000..a251701
--- /dev/null
+++ b/ndn-cpp/encoding/der/visitor/visitor.hpp
@@ -0,0 +1,47 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_DER_VISITOR_HPP
+#define NDN_DER_VISITOR_HPP
+
+namespace ndn {
+
+namespace der {
+
+// TODO: We want to implement an any type, but avoid boost::any which is not in the C++ standard library.
+typedef void *Any;
+
+class DerBool;
+class DerInteger;
+class DerPrintableString;
+class DerBitString;
+class DerNull;
+class DerOctetString;
+class DerOid;
+class DerSequence;
+class DerGtime;
+
+class Visitor
+{
+public:
+ virtual Any visit(DerBool&, Any) = 0;
+ virtual Any visit(DerInteger&, Any) = 0;
+ virtual Any visit(DerPrintableString&, Any) = 0;
+ virtual Any visit(DerBitString&, Any) = 0;
+ virtual Any visit(DerNull&, Any) = 0;
+ virtual Any visit(DerOctetString&, Any) = 0;
+ virtual Any visit(DerOid&, Any) = 0;
+ virtual Any visit(DerSequence&, Any) = 0;
+ virtual Any visit(DerGtime&, Any) = 0;
+};
+
+} // der
+
+}
+
+#endif
diff --git a/ndn-cpp/encoding/der/visitor/void-no-arguments-visitor.hpp b/ndn-cpp/encoding/der/visitor/void-no-arguments-visitor.hpp
new file mode 100644
index 0000000..7e60d38
--- /dev/null
+++ b/ndn-cpp/encoding/der/visitor/void-no-arguments-visitor.hpp
@@ -0,0 +1,36 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_DER_VOID_NO_ARGUMENTS_VISITOR_HPP
+#define NDN_DER_VOID_NO_ARGUMENTS_VISITOR_HPP
+
+#include "visitor.hpp"
+
+namespace ndn {
+
+namespace der {
+
+class VoidNoArgumentsVisitor
+{
+public:
+ virtual void visit(DerBool& ) = 0;
+ virtual void visit(DerInteger& ) = 0;
+ virtual void visit(DerPrintableString&) = 0;
+ virtual void visit(DerBitString& ) = 0;
+ virtual void visit(DerNull& ) = 0;
+ virtual void visit(DerOctetString& ) = 0;
+ virtual void visit(DerOid& ) = 0;
+ virtual void visit(DerSequence& ) = 0;
+ virtual void visit(DerGtime& ) = 0;
+};
+
+} // der
+
+}
+
+#endif
diff --git a/ndn-cpp/encoding/der/visitor/void-visitor.hpp b/ndn-cpp/encoding/der/visitor/void-visitor.hpp
new file mode 100644
index 0000000..a041c10
--- /dev/null
+++ b/ndn-cpp/encoding/der/visitor/void-visitor.hpp
@@ -0,0 +1,36 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_DER_VOID_VISITOR_HPP
+#define NDN_DER_VOID_VISITOR_HPP
+
+#include "visitor.hpp"
+
+namespace ndn {
+
+namespace der {
+
+class VoidVisitor
+{
+public:
+ virtual void visit(DerBool&, Any) = 0;
+ virtual void visit(DerInteger&, Any) = 0;
+ virtual void visit(DerPrintableString&, Any) = 0;
+ virtual void visit(DerBitString&, Any) = 0;
+ virtual void visit(DerNull&, Any) = 0;
+ virtual void visit(DerOctetString&, Any) = 0;
+ virtual void visit(DerOid&, Any) = 0;
+ virtual void visit(DerSequence&, Any) = 0;
+ virtual void visit(DerGtime&, Any) = 0;
+};
+
+} // der
+
+}
+
+#endif
diff --git a/ndn-cpp/security/certificate/certificate-extension.cpp b/ndn-cpp/security/certificate/certificate-extension.cpp
new file mode 100644
index 0000000..9f6c39a
--- /dev/null
+++ b/ndn-cpp/security/certificate/certificate-extension.cpp
@@ -0,0 +1,50 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#include "../../encoding/der/der.hpp"
+#include <ndn-cpp/security/certificate/certificate-extension.hpp>
+
+using namespace std;
+using namespace ndn::ptr_lib;
+
+namespace ndn {
+
+shared_ptr<der::DerNode>
+CertificateExtension::toDer()
+{
+ shared_ptr<der::DerSequence> root(new der::DerSequence);
+
+ shared_ptr<der::DerOid> extensionId(new der::DerOid(extensionId_));
+ shared_ptr<der::DerBool> isCritical(new der::DerBool(isCritical_));
+ shared_ptr<der::DerOctetString> extensionValue(new der::DerOctetString(*extensionValue_));
+
+ root->addChild(extensionId);
+ root->addChild(isCritical);
+ root->addChild(extensionValue);
+
+ root->getSize();
+
+ return root;
+}
+
+Blob
+CertificateExtension::toDerBlob()
+{
+#if 0 // Need to convert blob_stream.
+ blob_stream blobStream;
+ ostream& start = reinterpret_cast<ostream&>(blobStream);
+
+ toDer()->encode(start);
+
+ return blobStream.buf();
+#else
+ throw std::runtime_error("not implemented");
+#endif
+}
+
+
+}
diff --git a/ndn-cpp/security/certificate/certificate-subject-description.cpp b/ndn-cpp/security/certificate/certificate-subject-description.cpp
new file mode 100644
index 0000000..ee2310c
--- /dev/null
+++ b/ndn-cpp/security/certificate/certificate-subject-description.cpp
@@ -0,0 +1,31 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#include "../../encoding/der/der.hpp"
+#include <ndn-cpp/security/certificate/certificate-subject-description.hpp>
+
+using namespace std;
+using namespace ndn::ptr_lib;
+
+namespace ndn {
+
+shared_ptr<der::DerNode>
+CertificateSubjectDescription::toDer()
+{
+ shared_ptr<der::DerSequence> root(new der::DerSequence());
+
+ shared_ptr<der::DerOid> oid(new der::DerOid(oid_));
+ shared_ptr<der::DerPrintableString> value(new der::DerPrintableString(value_));
+
+ root->addChild(oid);
+ root->addChild(value);
+
+ return root;
+}
+
+}