security: Allow Identity and Key abstractions to be used in SigningInfo
Change-Id: Ic1c8d6925557ea5da2011ab68f16587eef2102f3
Refs: #3153
diff --git a/src/security/signing-info.hpp b/src/security/signing-info.hpp
index 499f25b..6284644 100644
--- a/src/security/signing-info.hpp
+++ b/src/security/signing-info.hpp
@@ -24,6 +24,8 @@
#include "../name.hpp"
#include "../signature-info.hpp"
+#include "pib/identity.hpp"
+#include "pib/key.hpp"
#include "security-common.hpp"
@@ -32,6 +34,9 @@
/**
* @brief Signing parameters passed to KeyChain
+ *
+ * A SigningInfo is invalid if the specified identity/key/certificate does not exist,
+ * or the PIB Identity or Key instance is not valid.
*/
class SigningInfo
{
@@ -56,7 +61,11 @@
/// @brief signer is a certificate, use it directly
SIGNER_TYPE_CERT = 3,
/// @brief use sha256 digest, no signer needs to be specified
- SIGNER_TYPE_SHA256 = 4
+ SIGNER_TYPE_SHA256 = 4,
+ /// @brief given PIB identity handle, use its default key and default certificate
+ SIGNER_TYPE_PIB_ID = 5,
+ /// @brief given PIB key handle, use its default certificate
+ SIGNER_TYPE_PIB_KEY = 6
};
public:
@@ -75,6 +84,18 @@
const SignatureInfo& signatureInfo = getEmptySignatureInfo());
/**
+ * @brief Create a signingInfo using pib identity;
+ */
+ explicit
+ SigningInfo(const Identity& identity);
+
+ /**
+ * @brief Create a signingInfo using pib key;
+ */
+ explicit
+ SigningInfo(const Key& key);
+
+ /**
* @brief Construct SigningInfo from its string representation
*
* @param signingStr The representative signing string for SigningInfo signing method
@@ -118,6 +139,20 @@
setSha256Signing();
/**
+ * @brief Set signer as a PIB identity handler @p identity
+ * @post Change the signerType to SIGNER_TYPE_PIB_ID
+ */
+ SigningInfo&
+ setPibIdentity(const Identity& identity);
+
+ /**
+ * @brief Set signer as a PIB key handler @p key
+ * @post Change the signerType to SIGNER_TYPE_PIB_KEY
+ */
+ SigningInfo&
+ setPibKey(const Key& key);
+
+ /**
* @return Type of the signer
*/
SignerType
@@ -136,6 +171,28 @@
}
/**
+ * @pre signerType must be SIGNER_TYPE_PIB_ID
+ * @return the identity handler of signer
+ */
+ const Identity&
+ getPibIdentity() const
+ {
+ BOOST_ASSERT(m_type == SIGNER_TYPE_PIB_ID);
+ return m_identity;
+ }
+
+ /**
+ * @pre signerType must be SIGNER_TYPE_PIB_KEY
+ * @return the key handler of signer
+ */
+ const Key&
+ getPibKey() const
+ {
+ BOOST_ASSERT(m_type == SIGNER_TYPE_PIB_KEY);
+ return m_key;
+ }
+
+ /**
* @brief Set the digest algorithm for public key operations
*/
SigningInfo&
@@ -185,6 +242,8 @@
private:
SignerType m_type;
Name m_name;
+ Identity m_identity;
+ Key m_key;
DigestAlgorithm m_digestAlgorithm;
SignatureInfo m_info;
};