security: define new abstraction for identity, key, and certificate
Refs: #2451
Change-Id: I85dc7e0508bf10e2b73b0e9793dfc8e909e1a6e3
diff --git a/src/security/key.hpp b/src/security/key.hpp
new file mode 100644
index 0000000..b3e4f96
--- /dev/null
+++ b/src/security/key.hpp
@@ -0,0 +1,204 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2015 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_KEY_HPP
+#define NDN_SECURITY_KEY_HPP
+
+#include "identity-certificate.hpp"
+#include "certificate-container.hpp"
+
+namespace ndn {
+namespace security {
+
+class PibImpl;
+class Identity;
+class KeyContainer;
+
+/**
+ * @brief represents a key
+ *
+ * Key is at the second level in PIB's Identity-Key-Certificate hierarchy.
+ * An Key has a Name (identity + keyId), and contains one or more certificates,
+ * one of which is set as the default certificate of this key. A certificate
+ * can be directly accessed from a Key object.
+ *
+ * @throw PibImpl::Error when underlying implementation has non-semantic error.
+ */
+class Key
+{
+public:
+ friend class Identity;
+ friend class KeyContainer;
+
+public:
+ /**
+ * @brief Default Constructor
+ *
+ * Key created using this default constructor is just a place holder.
+ * It must obtain an actual instance from Identity::getKey(...). A typical
+ * usage would be for exception handling:
+ *
+ * Key key;
+ * try {
+ * key = Identity.getKey(...);
+ * }
+ * catch (Pib::Error&) {
+ * ...
+ * }
+ *
+ * A Key instance created using the constructor is invalid. Calling a
+ * member method on an invalid Key instance may cause an std::domain_error.
+ */
+ Key();
+
+ /// @brief Get the name of the key.
+ const Name&
+ getName() const;
+
+ /// @brief Get the name of the belonging identity.
+ const Name&
+ getIdentity() const;
+
+ /// @brief Get the key id of the key.
+ const name::Component&
+ getKeyId() const;
+
+ /// @brief Get public key
+ const PublicKey&
+ getPublicKey() const;
+
+ /**
+ * @brief Add a certificate.
+ *
+ * @param certificate The certificate to add.
+ */
+ void
+ addCertificate(const IdentityCertificate& certificate);
+
+ /**
+ * @brief Remove a certificate.
+ *
+ * @param certName The name of the certificate to delete.
+ */
+ void
+ removeCertificate(const Name& certName);
+
+ /**
+ * @brief Get a certificate.
+ *
+ * @return the certificate
+ * @throws Pib::Error if the certificate does not exist.
+ */
+ IdentityCertificate
+ getCertificate(const Name& certName);
+
+ /// @brief Get all the certificates for this key.
+ CertificateContainer
+ getCertificates();
+
+ /**
+ * @brief Set the default certificate.
+ *
+ * @param certName The name of the default certificate of the key.
+ * @return the default certificate
+ * @throws Pib::Error if the certificate does not exist.
+ */
+ const IdentityCertificate&
+ setDefaultCertificate(const Name& certName);
+
+ /**
+ * @brief Set the default certificate.
+ *
+ * If the certificate does not exist, add it and set it as the default certificate of the key.
+ * If the certificate exists, simply set it as the default certificate of the key.
+ *
+ * @param certificate The certificate to add.
+ * @return the default certificate
+ */
+ const IdentityCertificate&
+ setDefaultCertificate(const IdentityCertificate& certificate);
+
+ /**
+ * @brief Get the default certificate for this Key.
+ *
+ * @throws Pib::Error if the default certificate does not exist.
+ */
+ const IdentityCertificate&
+ getDefaultCertificate();
+
+ /// @brief Check if the Key instance is valid
+ operator bool() const;
+
+ /// @brief Check if the Key instance is invalid
+ bool
+ operator!() const;
+
+NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE:
+ /**
+ * @brief Create a Key with @p identityName and @p keyId.
+ *
+ * If the key/identity does not exist in the backend, create it in backend.
+ *
+ * @param identityName The name of the Identity.
+ * @param keyId The key id of the key.
+ * @param publicKey The public key to add.
+ * @param impl The actual backend implementation.
+ */
+ Key(const Name& identityName, const name::Component& keyId,
+ const PublicKey& publicKey, shared_ptr<PibImpl> impl);
+
+ /**
+ * @brief Create an KeyEntry with @p identityName and @p keyId.
+ *
+ * @param identityName The name of the Identity.
+ * @param keyId The key id of the key.
+ * @param impl The actual backend implementation.
+ * @throws Pib::Error if the key does not exist.
+ */
+ Key(const Name& identityName, const name::Component& keyId, shared_ptr<PibImpl> impl);
+
+ /**
+ * @brief Check the validity of this instance
+ *
+ * @throws std::domain_error if the instance is invalid
+ */
+ void
+ validityCheck() const;
+
+private:
+ Name m_id;
+ name::Component m_keyId;
+ Name m_keyName;
+ PublicKey m_key;
+
+ bool m_hasDefaultCertificate;
+ IdentityCertificate m_defaultCertificate;
+
+ bool m_needRefreshCerts;
+ CertificateContainer m_certificates;
+
+ shared_ptr<PibImpl> m_impl;
+};
+
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_PIB_HPP