src: Improving consistency and correcting code style
As of this commit, all data structures can be directly constructed from
wire format.
This commit excludes full correction of code style in security/ and
tools/ndnsec*, which will be part of a different commit.
Change-Id: I121ac1f81948bc7468990df52cdefeb2988d91a1
Refs: #1403
diff --git a/src/security/certificate-cache-ttl.cpp b/src/security/certificate-cache-ttl.cpp
index 8dea438..0a9002e 100644
--- a/src/security/certificate-cache-ttl.cpp
+++ b/src/security/certificate-cache-ttl.cpp
@@ -50,7 +50,7 @@
}
void
-CertificateCacheTtl::remove(const Name &certificateName)
+CertificateCacheTtl::remove(const Name& certificateName)
{
Name name = certificateName.getPrefix(-1);
Cache::iterator it = m_cache.find(name);
@@ -59,7 +59,7 @@
}
ptr_lib::shared_ptr<const IdentityCertificate>
-CertificateCacheTtl::getCertificate(const Name & certificateName)
+CertificateCacheTtl::getCertificate(const Name& certificateName)
{
Cache::iterator it = m_cache.find(certificateName);
if(it != m_cache.end())
diff --git a/src/security/certificate-cache-ttl.hpp b/src/security/certificate-cache-ttl.hpp
index 1e31e9c..4f65d17 100644
--- a/src/security/certificate-cache-ttl.hpp
+++ b/src/security/certificate-cache-ttl.hpp
@@ -27,14 +27,14 @@
insertCertificate(ptr_lib::shared_ptr<const IdentityCertificate> certificate);
virtual ptr_lib::shared_ptr<const IdentityCertificate>
- getCertificate(const Name & certificateNameWithoutVersion);
+ getCertificate(const Name& certificateNameWithoutVersion);
private:
void
insert(ptr_lib::shared_ptr<const IdentityCertificate> certificate);
void
- remove(const Name &certificateName);
+ remove(const Name& certificateName);
protected:
typedef std::map<Name, ptr_lib::shared_ptr<const IdentityCertificate> > Cache;
diff --git a/src/security/certificate-extension.cpp b/src/security/certificate-extension.cpp
index 7ee0de9..3a23a80 100644
--- a/src/security/certificate-extension.cpp
+++ b/src/security/certificate-extension.cpp
@@ -17,7 +17,7 @@
namespace ndn {
void
-CertificateExtension::encode(CryptoPP::BufferedTransformation &out) const
+CertificateExtension::encode(CryptoPP::BufferedTransformation& out) const
{
// Extension ::= SEQUENCE {
// extnID OBJECT IDENTIFIER,
@@ -34,7 +34,7 @@
}
void
-CertificateExtension::decode(CryptoPP::BufferedTransformation &in)
+CertificateExtension::decode(CryptoPP::BufferedTransformation& in)
{
// Extension ::= SEQUENCE {
// extnID OBJECT IDENTIFIER,
@@ -54,5 +54,5 @@
}
extension.MessageEnd();
}
-
+
} // namespace ndn
diff --git a/src/security/certificate-extension.hpp b/src/security/certificate-extension.hpp
index 4eba4f2..1388107 100644
--- a/src/security/certificate-extension.hpp
+++ b/src/security/certificate-extension.hpp
@@ -23,9 +23,17 @@
class CertificateExtension
{
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
- CertificateExtension(CryptoPP::BufferedTransformation &in)
+ CertificateExtension(CryptoPP::BufferedTransformation& in)
{
decode(in);
}
@@ -45,7 +53,7 @@
: extensionId_(oid), isCritical_(isCritical), extensionValue_(value, valueSize)
{
}
-
+
/**
* The virtual destructor.
*/
@@ -53,20 +61,20 @@
~CertificateExtension() {}
void
- encode(CryptoPP::BufferedTransformation &out) const;
+ encode(CryptoPP::BufferedTransformation& out) const;
void
- decode(CryptoPP::BufferedTransformation &in);
-
- inline const OID&
+ decode(CryptoPP::BufferedTransformation& in);
+
+ inline const OID&
getOid() const { return extensionId_; }
- inline const bool
+ inline const bool
getIsCritical() const { return isCritical_; }
- inline const Buffer&
+ inline const Buffer&
getValue() const { return extensionValue_; }
-
+
protected:
OID extensionId_;
bool isCritical_;
diff --git a/src/security/certificate-subject-description.cpp b/src/security/certificate-subject-description.cpp
index fc6478f..44cd8c5 100644
--- a/src/security/certificate-subject-description.cpp
+++ b/src/security/certificate-subject-description.cpp
@@ -18,17 +18,17 @@
namespace ndn {
void
-CertificateSubjectDescription::encode(CryptoPP::BufferedTransformation &out) const
+CertificateSubjectDescription::encode(CryptoPP::BufferedTransformation& out) const
{
// RelativeDistinguishedName ::=
// SET OF AttributeTypeAndValue
- //
+ //
// AttributeTypeAndValue ::= SEQUENCE {
// type AttributeType,
// value AttributeValue }
- //
+ //
// AttributeType ::= OBJECT IDENTIFIER
- //
+ //
// AttributeValue ::= ANY DEFINED BY AttributeType
DERSequenceEncoder attributeTypeAndValue(out);
{
@@ -39,17 +39,17 @@
}
void
-CertificateSubjectDescription::decode(CryptoPP::BufferedTransformation &in)
+CertificateSubjectDescription::decode(CryptoPP::BufferedTransformation& in)
{
// RelativeDistinguishedName ::=
// SET OF AttributeTypeAndValue
- //
+ //
// AttributeTypeAndValue ::= SEQUENCE {
// type AttributeType,
// value AttributeValue }
- //
+ //
// AttributeType ::= OBJECT IDENTIFIER
- //
+ //
// AttributeValue ::= ANY DEFINED BY AttributeType
BERSequenceDecoder attributeTypeAndValue(in);
diff --git a/src/security/certificate-subject-description.hpp b/src/security/certificate-subject-description.hpp
index 5510f6e..859aed3 100644
--- a/src/security/certificate-subject-description.hpp
+++ b/src/security/certificate-subject-description.hpp
@@ -21,39 +21,39 @@
*/
class CertificateSubjectDescription {
public:
- CertificateSubjectDescription(CryptoPP::BufferedTransformation &in)
+ CertificateSubjectDescription(CryptoPP::BufferedTransformation& in)
{
decode(in);
}
-
+
/**
* Create a new CertificateSubjectDescription.
* @param oid The oid of the subject description entry.
* @param value The value of the subject description entry.
*/
- CertificateSubjectDescription(const OID &oid, const std::string &value)
+ CertificateSubjectDescription(const OID& oid, const std::string& value)
: oid_(oid), value_(value)
{
}
void
- encode(CryptoPP::BufferedTransformation &out) const;
+ encode(CryptoPP::BufferedTransformation& out) const;
void
- decode(CryptoPP::BufferedTransformation &in);
-
+ decode(CryptoPP::BufferedTransformation& in);
+
std::string
getOidString() const
{
return oid_.toString();
}
- const std::string &
+ const std::string&
getValue() const
{
return value_;
}
-
+
private:
OID oid_;
std::string value_;
diff --git a/src/security/certificate.cpp b/src/security/certificate.cpp
index eb45d6f..3c4ed2d 100644
--- a/src/security/certificate.cpp
+++ b/src/security/certificate.cpp
@@ -45,7 +45,7 @@
bool
Certificate::isTooEarly()
{
- if(time::system_clock::now() < notBefore_)
+ if (time::system_clock::now() < notBefore_)
return true;
else
return false;
@@ -54,7 +54,7 @@
bool
Certificate::isTooLate()
{
- if(time::system_clock::now() > notAfter_)
+ if (time::system_clock::now() > notAfter_)
return true;
else
return false;
@@ -143,7 +143,7 @@
// extnID OBJECT IDENTIFIER,
// critical BOOLEAN DEFAULT FALSE,
// extnValue OCTET STRING }
- if(!extensionList_.empty())
+ if (!extensionList_.empty())
{
DERSequenceEncoder extensions(idCert);
{
@@ -215,7 +215,7 @@
// critical BOOLEAN DEFAULT FALSE,
// extnValue OCTET STRING }
extensionList_.clear();
- if(!idCert.EndReached())
+ if (!idCert.EndReached())
{
BERSequenceDecoder extensions(idCert);
{
@@ -232,7 +232,7 @@
}
void
-Certificate::printCertificate(std::ostream &os) const
+Certificate::printCertificate(std::ostream& os) const
{
os << "Certificate name:" << endl;
os << " " << getName() << endl;
diff --git a/src/security/certificate.hpp b/src/security/certificate.hpp
index d27f7a4..3470134 100644
--- a/src/security/certificate.hpp
+++ b/src/security/certificate.hpp
@@ -20,7 +20,15 @@
class Certificate : public Data {
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
typedef std::vector<CertificateSubjectDescription> SubjectDescriptionList;
typedef std::vector<CertificateExtension> ExtensionList;
@@ -43,7 +51,7 @@
~Certificate();
inline void
- wireDecode(const Block &wire);
+ wireDecode(const Block& wire);
/**
* encode certificate info into content
@@ -122,7 +130,7 @@
isTooLate();
void
- printCertificate(std::ostream &os) const;
+ printCertificate(std::ostream& os) const;
protected:
void
@@ -137,7 +145,7 @@
};
inline void
-Certificate::wireDecode(const Block &wire)
+Certificate::wireDecode(const Block& wire)
{
Data::wireDecode(wire);
decode();
@@ -145,7 +153,7 @@
inline std::ostream&
-operator <<(std::ostream &os, const Certificate &cert)
+operator <<(std::ostream& os, const Certificate& cert)
{
cert.printCertificate(os);
return os;
diff --git a/src/security/conf/checker.hpp b/src/security/conf/checker.hpp
index 48664ea..3fa8d94 100644
--- a/src/security/conf/checker.hpp
+++ b/src/security/conf/checker.hpp
@@ -224,7 +224,7 @@
return -1;
}
- switch(signature.getType())
+ switch (signature.getType())
{
case Signature::Sha256WithRsa:
{
diff --git a/src/security/identity-certificate.cpp b/src/security/identity-certificate.cpp
index b4d5cb5..75693b0 100644
--- a/src/security/identity-certificate.cpp
+++ b/src/security/identity-certificate.cpp
@@ -20,21 +20,21 @@
string idString("ID-CERT");
int i = name.size() - 1;
for (; i >= 0; i--) {
- if(name.get(i).toEscapedString() == idString)
+ if (name.get(i).toEscapedString() == idString)
break;
}
if (i < 0)
return false;
-
- size_t keyIdx = 0;
+
string keyString("KEY");
- for (; keyIdx < name.size(); keyIdx++) {
- if(name.get(keyIdx).toEscapedString() == keyString)
+ size_t keyIndex = 0;
+ for (; keyIndex < name.size(); keyIndex++) {
+ if (name.get(keyIndex).toEscapedString() == keyString)
break;
}
- if (keyIdx >= name.size())
+ if (keyIndex >= name.size())
return false;
return true;
@@ -45,7 +45,7 @@
{
if (!isCorrectName(getName()))
throw Error("Wrong Identity Certificate Name!");
-
+
publicKeyName_ = certificateNameToPublicKeyName(getName());
}
@@ -69,9 +69,9 @@
}
}
- if(!foundIdString)
+ if (!foundIdString)
throw Error("Incorrect identity certificate name " + certificateName.toUri());
-
+
Name tmpName = certificateName.getSubName(0, idCertComponentIndex);
string keyString("KEY");
bool foundKeyString = false;
@@ -84,7 +84,7 @@
}
}
- if(!foundKeyString)
+ if (!foundKeyString)
throw Error("Incorrect identity certificate name " + certificateName.toUri());
return tmpName
diff --git a/src/security/identity-certificate.hpp b/src/security/identity-certificate.hpp
index 6d6d334..01427d4 100644
--- a/src/security/identity-certificate.hpp
+++ b/src/security/identity-certificate.hpp
@@ -17,7 +17,15 @@
class IdentityCertificate : public Certificate
{
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
/**
* The default constructor.
@@ -33,20 +41,20 @@
*/
inline
IdentityCertificate(const Data& data);
-
+
/**
* The virtual destructor.
*/
- inline virtual
+ inline virtual
~IdentityCertificate();
-
- inline void
- wireDecode(const Block &wire);
inline void
- setName(const Name &name);
-
- inline const Name &
+ wireDecode(const Block& wire);
+
+ inline void
+ setName(const Name& name);
+
+ inline const Name&
getPublicKeyName () const;
static bool
@@ -59,14 +67,14 @@
*/
static Name
certificateNameToPublicKeyName(const Name& certificateName);
-
+
private:
static bool
isCorrectName(const Name& name);
-
+
void
setPublicKeyName();
-
+
protected:
Name publicKeyName_;
};
@@ -82,27 +90,27 @@
{
setPublicKeyName();
}
-
+
inline
IdentityCertificate::~IdentityCertificate()
{
}
inline void
-IdentityCertificate::wireDecode(const Block &wire)
+IdentityCertificate::wireDecode(const Block& wire)
{
Certificate::wireDecode(wire);
setPublicKeyName();
}
inline void
-IdentityCertificate::setName(const Name &name)
+IdentityCertificate::setName(const Name& name)
{
Certificate::setName(name);
setPublicKeyName();
}
-inline const Name &
+inline const Name&
IdentityCertificate::getPublicKeyName () const
{
return publicKeyName_;
diff --git a/src/security/key-chain.hpp b/src/security/key-chain.hpp
index ac03ce4..70593a9 100644
--- a/src/security/key-chain.hpp
+++ b/src/security/key-chain.hpp
@@ -59,7 +59,7 @@
{
keyName = Info::getDefaultKeyNameForIdentity(identityName);
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
keyName = generateRSAKeyPairAsDefault(identityName, true);
}
@@ -69,7 +69,7 @@
{
certName = Info::getDefaultCertificateNameForKey(keyName);
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
shared_ptr<IdentityCertificate> selfCert = selfSign(keyName);
Info::addCertificateAsIdentityDefault(*selfCert);
@@ -129,17 +129,17 @@
const std::vector<CertificateSubjectDescription>& subjectDescription)
{
- if(keyName.size() < 1)
+ if (keyName.size() < 1)
return shared_ptr<IdentityCertificate>();
std::string keyIdPrefix = keyName.get(-1).toEscapedString().substr(0, 4);
- if(keyIdPrefix != "ksk-" && keyIdPrefix != "dsk-")
+ if (keyIdPrefix != "ksk-" && keyIdPrefix != "dsk-")
return shared_ptr<IdentityCertificate>();
shared_ptr<IdentityCertificate> certificate = make_shared<IdentityCertificate>();
Name certName;
- if(signingIdentity.isPrefixOf(keyName))
+ if (signingIdentity.isPrefixOf(keyName))
{
certName.append(signingIdentity).append("KEY").append(keyName.getSubName(signingIdentity.size())).append("ID-CERT").appendVersion();
}
@@ -157,13 +157,13 @@
{
publicKey = Info::getPublicKey(keyName);
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
return shared_ptr<IdentityCertificate>();
}
certificate->setPublicKeyInfo(*publicKey);
- if(subjectDescription.empty())
+ if (subjectDescription.empty())
{
CertificateSubjectDescription subDescryptName("2.5.4.41", keyName.getPrefix(-1).toUri());
certificate->addSubjectDescription(subDescryptName);
@@ -285,7 +285,7 @@
{
signingCertificateName = Info::getDefaultCertificateNameForIdentity(identityName);
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
signingCertificateName = createIdentity(identityName);
// Ideally, no exception will be thrown out, unless something goes wrong in the TPM, which is a fatal error.
@@ -311,7 +311,7 @@
{
signingCertificateName = Info::getDefaultCertificateNameForIdentity(identityName);
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
signingCertificateName = createIdentity(identityName);
// Ideally, no exception will be thrown out, unless something goes wrong in the TPM, which is a fatal error.
@@ -353,7 +353,7 @@
{
pubKey = Info::getPublicKey(keyName); // may throw an exception.
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
return shared_ptr<IdentityCertificate>();
}
@@ -384,7 +384,7 @@
selfSign (IdentityCertificate& cert)
{
Name keyName = IdentityCertificate::certificateNameToPublicKeyName(cert.getName());
- if(!Tpm::doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
+ if (!Tpm::doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
throw TpmError("private key does not exist!");
SignatureSha256WithRsa signature;
@@ -407,10 +407,10 @@
{
try
{
- if(Info::getDefaultCertificateName() == certificateName)
+ if (Info::getDefaultCertificateName() == certificateName)
return;
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
// Not a real error, just try to delete the certificate
}
@@ -431,10 +431,10 @@
{
try
{
- if(Info::getDefaultKeyNameForIdentity(Info::getDefaultIdentity()) == keyName)
+ if (Info::getDefaultKeyNameForIdentity(Info::getDefaultIdentity()) == keyName)
return;
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
// Not a real error, just try to delete the key
}
@@ -456,10 +456,10 @@
{
try
{
- if(Info::getDefaultIdentity() == identity)
+ if (Info::getDefaultIdentity() == identity)
return;
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
// Not a real error, just try to delete the identity
}
@@ -496,7 +496,7 @@
{
pkcs8 = Tpm::exportPrivateKeyPkcs8FromTpm(keyName, passwordStr);
}
- catch(TpmError& e)
+ catch (TpmError& e)
{
throw InfoError("Fail to export PKCS8 of private key");
}
@@ -506,7 +506,7 @@
{
cert = Info::getCertificate(Info::getDefaultCertificateNameForKey(keyName));
}
- catch(InfoError& e)
+ catch (InfoError& e)
{
cert = selfSign(keyName);
Info::addCertificateAsIdentityDefault(*cert);
diff --git a/src/security/public-key.cpp b/src/security/public-key.cpp
index f6b2fdf..b9b7cf3 100644
--- a/src/security/public-key.cpp
+++ b/src/security/public-key.cpp
@@ -28,14 +28,14 @@
* @param algorithm The algorithm of the public key.
* @param keyDer The blob of the PublicKeyInfo in terms of DER.
*/
-PublicKey::PublicKey(const uint8_t *keyDerBuf, size_t keyDerSize)
+PublicKey::PublicKey(const uint8_t* keyDerBuf, size_t keyDerSize)
{
StringSource src(keyDerBuf, keyDerSize, true);
decode(src);
}
void
-PublicKey::encode(CryptoPP::BufferedTransformation &out) const
+PublicKey::encode(CryptoPP::BufferedTransformation& out) const
{
// SubjectPublicKeyInfo ::= SEQUENCE {
// algorithm AlgorithmIdentifier
@@ -45,7 +45,7 @@
}
void
-PublicKey::decode(CryptoPP::BufferedTransformation &in)
+PublicKey::decode(CryptoPP::BufferedTransformation& in)
{
// SubjectPublicKeyInfo ::= SEQUENCE {
// algorithm AlgorithmIdentifier
@@ -86,7 +86,7 @@
key_.assign(out.begin(), out.end());
}
- catch (CryptoPP::BERDecodeErr &err) {
+ catch (CryptoPP::BERDecodeErr& err) {
throw Error("PublicKey decoding error");
}
}
@@ -97,15 +97,15 @@
// if (digestAlgorithm == DIGEST_ALGORITHM_SHA256) {
// uint8_t digest[SHA256_DIGEST_LENGTH];
// ndn_digestSha256(keyDer_.buf(), keyDer_.size(), digest);
-
+
// return Blob(digest, sizeof(digest));
// }
// else
// throw UnrecognizedDigestAlgorithmException("Wrong format!");
// }
-std::ostream &
-operator <<(std::ostream &os, const PublicKey &key)
+std::ostream&
+operator <<(std::ostream& os, const PublicKey& key)
{
CryptoPP::StringSource(key.get().buf(), key.get().size(), true,
new CryptoPP::Base64Encoder(new CryptoPP::FileSink(os), true, 64));
diff --git a/src/security/public-key.hpp b/src/security/public-key.hpp
index a332f02..8d6b7c5 100644
--- a/src/security/public-key.hpp
+++ b/src/security/public-key.hpp
@@ -18,8 +18,16 @@
namespace ndn {
class PublicKey {
-public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+public:
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
/**
* The default constructor.
@@ -49,36 +57,36 @@
}
void
- encode(CryptoPP::BufferedTransformation &out) const;
+ encode(CryptoPP::BufferedTransformation& out) const;
void
- decode(CryptoPP::BufferedTransformation &in);
+ decode(CryptoPP::BufferedTransformation& in);
// /*
// * Get the digest of the public key.
// * @param digestAlgorithm The digest algorithm. If omitted, use DIGEST_ALGORITHM_SHA256 by default.
// */
- // Blob
+ // Blob
// getDigest(DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256) const;
inline bool
- operator ==(const PublicKey &key) const
+ operator ==(const PublicKey& key) const
{
return key_ == key.key_;
}
inline bool
- operator !=(const PublicKey &key) const
+ operator !=(const PublicKey& key) const
{
return key_ != key.key_;
}
-
+
private:
Buffer key_;
};
-std::ostream &
-operator <<(std::ostream &os, const PublicKey &key);
+std::ostream&
+operator <<(std::ostream& os, const PublicKey& key);
} // namespace ndn
diff --git a/src/security/sec-public-info-memory.cpp b/src/security/sec-public-info-memory.cpp
index 82affaa..f2a35ee 100644
--- a/src/security/sec-public-info-memory.cpp
+++ b/src/security/sec-public-info-memory.cpp
@@ -18,7 +18,7 @@
{
}
-bool
+bool
SecPublicInfoMemory::doesIdentityExist(const Name& identityName)
{
string identityUri = identityName.toUri();
@@ -31,11 +31,11 @@
string identityUri = identityName.toUri();
if (find(identityStore_.begin(), identityStore_.end(), identityUri) != identityStore_.end())
return;
-
+
identityStore_.push_back(identityUri);
}
-bool
+bool
SecPublicInfoMemory::revokeIdentity()
{
#if 1
@@ -43,19 +43,19 @@
#endif
}
-bool
+bool
SecPublicInfoMemory::doesPublicKeyExist(const Name& keyName)
{
return keyStore_.find(keyName.toUri()) != keyStore_.end();
}
-void
+void
SecPublicInfoMemory::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey)
{
Name identityName = keyName.getSubName(0, keyName.size() - 1);
addIdentity(identityName);
-
+
keyStore_[keyName.toUri()] = make_shared<KeyRecord>(keyType, publicKey);
}
@@ -65,7 +65,7 @@
KeyStore::iterator record = keyStore_.find(keyName.toUri());
if (record == keyStore_.end())
throw Error("SecPublicInfoMemory::getPublicKey " + keyName.toUri());
-
+
return make_shared<PublicKey> (record->second->getKey());
}
@@ -75,7 +75,7 @@
return certificateStore_.find(certificateName.toUri()) != certificateStore_.end();
}
-void
+void
SecPublicInfoMemory::addCertificate(const IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
@@ -87,7 +87,7 @@
certificateStore_[certificateName.toUri()] = make_shared<IdentityCertificate> (certificate);
}
-shared_ptr<IdentityCertificate>
+shared_ptr<IdentityCertificate>
SecPublicInfoMemory::getCertificate(const Name& certificateName)
{
CertificateStore::iterator record = certificateStore_.find(certificateName.toUri());
@@ -97,13 +97,13 @@
return record->second;
}
-Name
+Name
SecPublicInfoMemory::getDefaultIdentity()
{
return Name(defaultIdentity_);
}
-void
+void
SecPublicInfoMemory::setDefaultIdentityInternal(const Name& identityName)
{
string identityUri = identityName.toUri();
@@ -114,75 +114,75 @@
defaultIdentity_.clear();
}
-Name
+Name
SecPublicInfoMemory::getDefaultKeyNameForIdentity(const Name& identityName)
{
return defaultKeyName_;
}
-void
+void
SecPublicInfoMemory::setDefaultKeyNameForIdentityInternal(const Name& keyName)
{
defaultKeyName_ = keyName;
}
-Name
+Name
SecPublicInfoMemory::getDefaultCertificateNameForKey(const Name& keyName)
{
return defaultCert_;
}
-void
-SecPublicInfoMemory::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
+void
+SecPublicInfoMemory::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
{
defaultCert_ = certificateName;
}
void
-SecPublicInfoMemory::getAllIdentities(std::vector<Name> &nameList, bool isDefault)
+SecPublicInfoMemory::getAllIdentities(std::vector<Name>& nameList, bool isDefault)
{
throw Error("SecPublicInfoMemory::getAllIdentities not implemented");
}
void
-SecPublicInfoMemory::getAllKeyNames(std::vector<Name> &nameList, bool isDefault)
+SecPublicInfoMemory::getAllKeyNames(std::vector<Name>& nameList, bool isDefault)
{
throw Error("SecPublicInfoMemory::getAllKeyNames not implemented");
}
void
-SecPublicInfoMemory::getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name> &nameList, bool isDefault)
+SecPublicInfoMemory::getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList, bool isDefault)
{
throw Error("SecPublicInfoMemory::getAllKeyNamesOfIdentity not implemented");
}
-
+
void
-SecPublicInfoMemory::getAllCertificateNames(std::vector<Name> &nameList, bool isDefault)
+SecPublicInfoMemory::getAllCertificateNames(std::vector<Name>& nameList, bool isDefault)
{
throw Error("SecPublicInfoMemory::getAllCertificateNames not implemented");
}
void
-SecPublicInfoMemory::getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name> &nameList, bool isDefault)
+SecPublicInfoMemory::getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name>& nameList, bool isDefault)
{
throw Error("SecPublicInfoMemory::getAllCertificateNamesOfKey not implemented");
}
void
-SecPublicInfoMemory::deleteCertificateInfo(const Name &certName)
+SecPublicInfoMemory::deleteCertificateInfo(const Name& certName)
{
throw Error("SecPublicInfoMemory::deleteCertificateInfo not implemented");
}
void
-SecPublicInfoMemory::deletePublicKeyInfo(const Name &keyName)
+SecPublicInfoMemory::deletePublicKeyInfo(const Name& keyName)
{
throw Error("SecPublicInfoMemory::deletePublicKeyInfo not implemented");
}
void
-SecPublicInfoMemory::deleteIdentityInfo(const Name &identityName)
+SecPublicInfoMemory::deleteIdentityInfo(const Name& identityName)
{
throw Error("SecPublicInfoMemory::deleteIdentityInfo not implemented");
}
diff --git a/src/security/sec-public-info-memory.hpp b/src/security/sec-public-info-memory.hpp
index 16001c8..58d8529 100644
--- a/src/security/sec-public-info-memory.hpp
+++ b/src/security/sec-public-info-memory.hpp
@@ -18,7 +18,15 @@
*/
class SecPublicInfoMemory : public SecPublicInfo {
public:
- struct Error : public SecPublicInfo::Error { Error(const std::string &what) : SecPublicInfo::Error(what) {} };
+ class Error : public SecPublicInfo::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : SecPublicInfo::Error(what)
+ {
+ }
+ };
virtual
~SecPublicInfoMemory();
@@ -32,10 +40,10 @@
virtual bool
revokeIdentity();
- virtual bool
+ virtual bool
doesPublicKeyExist(const Name& keyName);
- virtual void
+ virtual void
addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer);
virtual ptr_lib::shared_ptr<PublicKey>
@@ -44,74 +52,74 @@
virtual bool
doesCertificateExist(const Name& certificateName);
- virtual void
+ virtual void
addCertificate(const IdentityCertificate& certificate);
- virtual ptr_lib::shared_ptr<IdentityCertificate>
- getCertificate(const Name &certificateName);
+ virtual ptr_lib::shared_ptr<IdentityCertificate>
+ getCertificate(const Name& certificateName);
- virtual Name
+ virtual Name
getDefaultIdentity();
- virtual Name
+ virtual Name
getDefaultKeyNameForIdentity(const Name& identityName);
- virtual Name
+ virtual Name
getDefaultCertificateNameForKey(const Name& keyName);
virtual void
- getAllIdentities(std::vector<Name> &nameList, bool isDefault);
+ getAllIdentities(std::vector<Name>& nameList, bool isDefault);
virtual void
- getAllKeyNames(std::vector<Name> &nameList, bool isDefault);
+ getAllKeyNames(std::vector<Name>& nameList, bool isDefault);
virtual void
- getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name> &nameList, bool isDefault);
-
- virtual void
- getAllCertificateNames(std::vector<Name> &nameList, bool isDefault);
+ getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList, bool isDefault);
virtual void
- getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name> &nameList, bool isDefault);
+ getAllCertificateNames(std::vector<Name>& nameList, bool isDefault);
+
+ virtual void
+ getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name>& nameList, bool isDefault);
protected:
- virtual void
+ virtual void
setDefaultIdentityInternal(const Name& identityName);
- virtual void
+ virtual void
setDefaultKeyNameForIdentityInternal(const Name& keyName);
- virtual void
- setDefaultCertificateNameForKeyInternal(const Name& certificateName);
+ virtual void
+ setDefaultCertificateNameForKeyInternal(const Name& certificateName);
virtual void
- deleteCertificateInfo(const Name &certificateName);
+ deleteCertificateInfo(const Name& certificateName);
virtual void
- deletePublicKeyInfo(const Name &keyName);
+ deletePublicKeyInfo(const Name& keyName);
virtual void
- deleteIdentityInfo(const Name &identity);
+ deleteIdentityInfo(const Name& identity);
-
+
private:
class KeyRecord {
public:
- KeyRecord(KeyType keyType, const PublicKey &key)
+ KeyRecord(KeyType keyType, const PublicKey& key)
: keyType_(keyType), key_(key)
{
}
-
+
const KeyType getKeyType() const { return keyType_; }
-
+
const PublicKey& getKey() { return key_; }
-
+
private:
KeyType keyType_;
PublicKey key_;
};
-
+
std::vector<std::string> identityStore_; /**< A list of name URI. */
std::string defaultIdentity_; /**< The default identity in identityStore_, or "" if not defined. */
Name defaultKeyName_;
@@ -119,9 +127,9 @@
typedef std::map< std::string, ptr_lib::shared_ptr<KeyRecord> > KeyStore; /**< The map key is the keyName.toUri() */
typedef std::map< std::string, ptr_lib::shared_ptr<IdentityCertificate> > CertificateStore; /**< The map key is the certificateName.toUri() */
-
- KeyStore keyStore_;
- CertificateStore certificateStore_;
+
+ KeyStore keyStore_;
+ CertificateStore certificateStore_;
};
} // namespace ndn
diff --git a/src/security/sec-public-info-sqlite3.cpp b/src/security/sec-public-info-sqlite3.cpp
index 712bf7d..b8b5af3 100644
--- a/src/security/sec-public-info-sqlite3.cpp
+++ b/src/security/sec-public-info-sqlite3.cpp
@@ -104,9 +104,9 @@
);
if (res != SQLITE_OK)
throw Error("identity DB cannot be opened/created");
-
+
//Check if Key table exists;
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
res = sqlite3_step(statement);
@@ -117,9 +117,9 @@
sqlite3_finalize(statement);
if (!idTableExists) {
- char *errorMessage = 0;
+ char* errorMessage = 0;
res = sqlite3_exec(m_database, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
-
+
if (res != SQLITE_OK && errorMessage != 0) {
_LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
sqlite3_free(errorMessage);
@@ -137,9 +137,9 @@
sqlite3_finalize(statement);
if (!keyTableExists) {
- char *errorMessage = 0;
+ char* errorMessage = 0;
res = sqlite3_exec(m_database, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
-
+
if (res != SQLITE_OK && errorMessage != 0) {
_LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
sqlite3_free(errorMessage);
@@ -153,13 +153,13 @@
bool idCertificateTableExists = false;
if (res == SQLITE_ROW)
idCertificateTableExists = true;
-
+
sqlite3_finalize(statement);
if (!idCertificateTableExists) {
- char *errorMessage = 0;
+ char* errorMessage = 0;
res = sqlite3_exec(m_database, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
-
+
if (res != SQLITE_OK && errorMessage != 0) {
_LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
sqlite3_free(errorMessage);
@@ -171,59 +171,59 @@
{
}
-bool
+bool
SecPublicInfoSqlite3::doesIdentityExist(const Name& identityName)
{
bool result = false;
-
- sqlite3_stmt *statement;
+
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
int res = sqlite3_step(statement);
-
+
if (res == SQLITE_ROW) {
int countAll = sqlite3_column_int(statement, 0);
if (countAll > 0)
result = true;
}
-
+
sqlite3_finalize(statement);
return result;
}
-void
+void
SecPublicInfoSqlite3::addIdentity(const Name& identityName)
{
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "INSERT OR REPLACE INTO Identity (identity_name) values (?)", -1, &statement, 0);
-
+
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
-
+
sqlite3_step(statement);
-
+
sqlite3_finalize(statement);
}
-bool
+bool
SecPublicInfoSqlite3::revokeIdentity()
{
//TODO:
return false;
}
-bool
+bool
SecPublicInfoSqlite3::doesPublicKeyExist(const Name& keyName)
{
- if(keyName.empty())
+ if (keyName.empty())
throw Error("Incorrect key name " + keyName.toUri());
string keyId = keyName.get(-1).toEscapedString();
Name identityName = keyName.getPrefix(-1);
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
@@ -237,7 +237,7 @@
if (countAll > 0)
keyIdExist = true;
}
-
+
sqlite3_finalize(statement);
return keyIdExist;
@@ -246,7 +246,7 @@
void
SecPublicInfoSqlite3::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer)
{
- if(keyName.empty())
+ if (keyName.empty())
return;
string keyId = keyName.get(-1).toEscapedString();
@@ -254,7 +254,7 @@
addIdentity(identityName);
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "INSERT OR REPLACE INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
@@ -270,7 +270,7 @@
shared_ptr<PublicKey>
SecPublicInfoSqlite3::getPublicKey(const Name& keyName)
{
- if (keyName.empty())
+ if (keyName.empty())
{
_LOG_DEBUG("SecPublicInfoSqlite3::getPublicKey Empty keyName");
throw Error("SecPublicInfoSqlite3::getPublicKey Empty keyName");
@@ -278,8 +278,8 @@
string keyId = keyName.get(-1).toEscapedString();
Name identityName = keyName.getPrefix(-1);
-
- sqlite3_stmt *statement;
+
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
@@ -304,7 +304,7 @@
bool
SecPublicInfoSqlite3::doesCertificateExist(const Name& certificateName)
{
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
@@ -317,9 +317,9 @@
if (countAll > 0)
certExist = true;
}
-
+
sqlite3_finalize(statement);
-
+
return certExist;
}
@@ -329,14 +329,14 @@
// std::string certificateName = certificate.getName().toUri();
// Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
-// if(keyName.empty())
+// if (keyName.empty())
// return;
// std::string keyId = keyName.get(-1).toEscapedString();
// std::string identityName = keyName.getPrefix(-1).toUri();
-// sqlite3_stmt *statement;
-// sqlite3_prepare_v2(m_database,
+// sqlite3_stmt* statement;
+// sqlite3_prepare_v2(m_database,
// "INSERT OR REPLACE INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data) "
// "VALUES (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
// -1, &statement, 0);
@@ -351,12 +351,12 @@
// sqlite3_bind_text(statement, 2, signerName, SQLITE_STATIC);
// }
-// catch(KeyLocator::Error& e)
+// catch (KeyLocator::Error& e)
// {
// _LOG_DEBUG("SecPublicInfoSqlite3::addAnyCertificate unsupported keylocator type");
// return;
// }
-// catch(SignatureSha256WithRsa::Error& e)
+// catch (SignatureSha256WithRsa::Error& e)
// {
// _LOG_DEBUG("SecPublicInfoSqlite3::addAnyCertificate unsupported signature type");
// return;
@@ -378,11 +378,11 @@
// sqlite3_finalize(statement);
// }
-void
+void
SecPublicInfoSqlite3::addCertificate(const IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
- Name keyName =
+ Name keyName =
IdentityCertificate::certificateNameToPublicKeyName(certificate.getName()); // KeyName is from IdentityCertificate name, so should be qualified.
addPublicKey(keyName, KEY_TYPE_RSA, certificate.getPublicKeyInfo()); //HACK!!! Assume the key type is RSA, we should check more.
@@ -391,8 +391,8 @@
Name identity = keyName.getPrefix(-1);
// Insert the certificate
- sqlite3_stmt *statement;
- sqlite3_prepare_v2(m_database,
+ sqlite3_stmt* statement;
+ sqlite3_prepare_v2(m_database,
"INSERT OR REPLACE INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
-1, &statement, 0);
@@ -408,12 +408,12 @@
sqlite3_bind_text(statement, 2, signerName, SQLITE_STATIC);
}
- catch(KeyLocator::Error& e)
+ catch (KeyLocator::Error& e)
{
_LOG_DEBUG("SecPublicInfoSqlite3::addAnyCertificate unsupported keylocator type");
return;
}
- catch(SignatureSha256WithRsa::Error& e)
+ catch (SignatureSha256WithRsa::Error& e)
{
_LOG_DEBUG("SecPublicInfoSqlite3::addAnyCertificate unsupported signature type");
return;
@@ -434,19 +434,19 @@
sqlite3_finalize(statement);
}
-shared_ptr<IdentityCertificate>
-SecPublicInfoSqlite3::getCertificate(const Name &certificateName)
+shared_ptr<IdentityCertificate>
+SecPublicInfoSqlite3::getCertificate(const Name& certificateName)
{
- sqlite3_stmt *statement;
-
- sqlite3_prepare_v2(m_database,
+ sqlite3_stmt* statement;
+
+ sqlite3_prepare_v2(m_database,
"SELECT certificate_data FROM Certificate WHERE cert_name=?",
-1, &statement, 0);
-
+
sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
-
+
int res = sqlite3_step(statement);
-
+
if (res == SQLITE_ROW)
{
shared_ptr<IdentityCertificate> certificate = make_shared<IdentityCertificate>();
@@ -461,16 +461,16 @@
throw Error("SecPublicInfoSqlite3::getCertificate certificate does not exist");
}
}
-
-Name
+
+Name
SecPublicInfoSqlite3::getDefaultIdentity()
{
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
int res = sqlite3_step(statement);
-
+
if (res == SQLITE_ROW)
{
Name identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
@@ -484,35 +484,35 @@
}
}
-void
+void
SecPublicInfoSqlite3::setDefaultIdentityInternal(const Name& identityName)
{
addIdentity(identityName);
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
//Reset previous default identity
sqlite3_prepare_v2(m_database, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
while (sqlite3_step(statement) == SQLITE_ROW)
{}
-
+
sqlite3_finalize(statement);
//Set current default identity
sqlite3_prepare_v2(m_database, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
-
+
sqlite3_step(statement);
sqlite3_finalize(statement);
}
-Name
+Name
SecPublicInfoSqlite3::getDefaultKeyNameForIdentity(const Name& identityName)
{
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
@@ -521,7 +521,7 @@
if (res == SQLITE_ROW)
{
- Name keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)),
+ Name keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)),
sqlite3_column_bytes(statement, 0)));
sqlite3_finalize(statement);
return keyName;
@@ -533,16 +533,16 @@
}
}
-void
+void
SecPublicInfoSqlite3::setDefaultKeyNameForIdentityInternal(const Name& keyName)
{
- if(!doesPublicKeyExist(keyName))
+ if (!doesPublicKeyExist(keyName))
throw Error("SecPublicInfoSqlite3::setDefaultKeyNameForIdentityInternal Key does not exist:" + keyName.toUri());
string keyId = keyName.get(-1).toEscapedString();
Name identityName = keyName.getPrefix(-1);
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
//Reset previous default Key
sqlite3_prepare_v2(m_database, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
@@ -551,7 +551,7 @@
while (sqlite3_step(statement) == SQLITE_ROW)
{}
-
+
sqlite3_finalize(statement);
//Set current default Key
@@ -559,22 +559,22 @@
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
-
+
sqlite3_step(statement);
sqlite3_finalize(statement);
}
-Name
+Name
SecPublicInfoSqlite3::getDefaultCertificateNameForKey(const Name& keyName)
{
- if(keyName.empty())
+ if (keyName.empty())
throw Error("SecPublicInfoSqlite3::getDefaultCertificateNameForKey wrong key");
string keyId = keyName.get(-1).toEscapedString();
Name identityName = keyName.getPrefix(-1);
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
@@ -595,17 +595,17 @@
}
}
-void
+void
SecPublicInfoSqlite3::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
{
- if(!doesCertificateExist(certificateName))
+ if (!doesCertificateExist(certificateName))
throw Error("SecPublicInfoSqlite3::setDefaultCertificateNameForKeyInternal certificate does not exist:" + certificateName.toUri());
Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificateName);
string keyId = keyName.get(-1).toEscapedString();
Name identityName = keyName.getPrefix(-1);
- sqlite3_stmt *statement;
+ sqlite3_stmt* statement;
//Reset previous default Key
sqlite3_prepare_v2(m_database, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
@@ -615,7 +615,7 @@
while (sqlite3_step(statement) == SQLITE_ROW)
{}
-
+
sqlite3_finalize(statement);
//Set current default Key
@@ -624,32 +624,32 @@
sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
-
+
sqlite3_step(statement);
sqlite3_finalize(statement);
}
void
-SecPublicInfoSqlite3::getAllIdentities(vector<Name> &nameList, bool isDefault)
+SecPublicInfoSqlite3::getAllIdentities(vector<Name>& nameList, bool isDefault)
{
- sqlite3_stmt *stmt;
- if(isDefault)
+ sqlite3_stmt* stmt;
+ if (isDefault)
sqlite3_prepare_v2 (m_database, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &stmt, 0);
else
sqlite3_prepare_v2 (m_database, "SELECT identity_name FROM Identity WHERE default_identity=0", -1, &stmt, 0);
while(sqlite3_step (stmt) == SQLITE_ROW)
nameList.push_back(Name(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0))));
-
- sqlite3_finalize (stmt);
+
+ sqlite3_finalize (stmt);
}
void
-SecPublicInfoSqlite3::getAllKeyNames(vector<Name> &nameList, bool isDefault)
+SecPublicInfoSqlite3::getAllKeyNames(vector<Name>& nameList, bool isDefault)
{
- sqlite3_stmt *stmt;
- if(isDefault)
+ sqlite3_stmt* stmt;
+ if (isDefault)
sqlite3_prepare_v2 (m_database, "SELECT identity_name, key_identifier FROM Key WHERE default_key=1", -1, &stmt, 0);
else
sqlite3_prepare_v2 (m_database, "SELECT identity_name, key_identifier FROM Key WHERE default_key=0", -1, &stmt, 0);
@@ -659,19 +659,19 @@
Name keyName(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 1)), sqlite3_column_bytes (stmt, 1)));
nameList.push_back(keyName);
- }
- sqlite3_finalize (stmt);
+ }
+ sqlite3_finalize (stmt);
}
void
-SecPublicInfoSqlite3::getAllKeyNamesOfIdentity(const Name& identity, vector<Name> &nameList, bool isDefault)
+SecPublicInfoSqlite3::getAllKeyNamesOfIdentity(const Name& identity, vector<Name>& nameList, bool isDefault)
{
- sqlite3_stmt *stmt;
- if(isDefault)
+ sqlite3_stmt* stmt;
+ if (isDefault)
sqlite3_prepare_v2 (m_database, "SELECT key_identifier FROM Key WHERE default_key=1 and identity_name=?", -1, &stmt, 0);
else
sqlite3_prepare_v2 (m_database, "SELECT key_identifier FROM Key WHERE default_key=0 and identity_name=?", -1, &stmt, 0);
-
+
sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
while(sqlite3_step (stmt) == SQLITE_ROW)
@@ -679,15 +679,15 @@
Name keyName(identity);
keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
nameList.push_back(keyName);
- }
- sqlite3_finalize (stmt);
+ }
+ sqlite3_finalize (stmt);
}
-
+
void
-SecPublicInfoSqlite3::getAllCertificateNames(vector<Name> &nameList, bool isDefault)
+SecPublicInfoSqlite3::getAllCertificateNames(vector<Name>& nameList, bool isDefault)
{
- sqlite3_stmt *stmt;
- if(isDefault)
+ sqlite3_stmt* stmt;
+ if (isDefault)
sqlite3_prepare_v2 (m_database, "SELECT cert_name FROM Certificate WHERE default_cert=1", -1, &stmt, 0);
else
sqlite3_prepare_v2 (m_database, "SELECT cert_name FROM Certificate WHERE default_cert=0", -1, &stmt, 0);
@@ -695,17 +695,17 @@
while(sqlite3_step (stmt) == SQLITE_ROW)
nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
- sqlite3_finalize (stmt);
+ sqlite3_finalize (stmt);
}
void
-SecPublicInfoSqlite3::getAllCertificateNamesOfKey(const Name& keyName, vector<Name> &nameList, bool isDefault)
+SecPublicInfoSqlite3::getAllCertificateNamesOfKey(const Name& keyName, vector<Name>& nameList, bool isDefault)
{
- if(keyName.empty())
+ if (keyName.empty())
return;
- sqlite3_stmt *stmt;
- if(isDefault)
+ sqlite3_stmt* stmt;
+ if (isDefault)
sqlite3_prepare_v2 (m_database, "SELECT cert_name FROM Certificate WHERE default_cert=1 and identity_name=? and key_identifier=?", -1, &stmt, 0);
else
sqlite3_prepare_v2 (m_database, "SELECT cert_name FROM Certificate WHERE default_cert=0 and identity_name=? and key_identifier=?", -1, &stmt, 0);
@@ -718,16 +718,16 @@
while(sqlite3_step (stmt) == SQLITE_ROW)
nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
- sqlite3_finalize (stmt);
+ sqlite3_finalize (stmt);
}
void
-SecPublicInfoSqlite3::deleteCertificateInfo(const Name &certName)
+SecPublicInfoSqlite3::deleteCertificateInfo(const Name& certName)
{
- if(certName.empty())
+ if (certName.empty())
return;
-
- sqlite3_stmt *stmt;
+
+ sqlite3_stmt* stmt;
sqlite3_prepare_v2(m_database, "DELETE FROM Certificate WHERE cert_name=?", -1, &stmt, 0);
sqlite3_bind_text(stmt, 1, certName.toUri().c_str(), certName.toUri().size (), SQLITE_TRANSIENT);
sqlite3_step(stmt);
@@ -735,15 +735,15 @@
}
void
-SecPublicInfoSqlite3::deletePublicKeyInfo(const Name &keyName)
+SecPublicInfoSqlite3::deletePublicKeyInfo(const Name& keyName)
{
- if(keyName.empty())
+ if (keyName.empty())
return;
string identity = keyName.getPrefix(-1).toUri();
string keyId = keyName.get(-1).toEscapedString();
- sqlite3_stmt *stmt;
+ sqlite3_stmt* stmt;
sqlite3_prepare_v2(m_database, "DELETE FROM Certificate WHERE identity_name=? and key_identifier=?", -1, &stmt, 0);
sqlite3_bind_text(stmt, 1, identity.c_str(), identity.size (), SQLITE_TRANSIENT);
sqlite3_bind_text(stmt, 2, keyId.c_str(), keyId.size(), SQLITE_TRANSIENT);
@@ -758,11 +758,11 @@
}
void
-SecPublicInfoSqlite3::deleteIdentityInfo(const Name &identityName)
+SecPublicInfoSqlite3::deleteIdentityInfo(const Name& identityName)
{
string identity = identityName.toUri();
- sqlite3_stmt *stmt;
+ sqlite3_stmt* stmt;
sqlite3_prepare_v2(m_database, "DELETE FROM Certificate WHERE identity_name=?", -1, &stmt, 0);
sqlite3_bind_text(stmt, 1, identity.c_str(), identity.size (), SQLITE_TRANSIENT);
sqlite3_step(stmt);
@@ -780,4 +780,3 @@
}
} // namespace ndn
-
diff --git a/src/security/sec-public-info-sqlite3.hpp b/src/security/sec-public-info-sqlite3.hpp
index feb07a5..b89859a 100644
--- a/src/security/sec-public-info-sqlite3.hpp
+++ b/src/security/sec-public-info-sqlite3.hpp
@@ -15,32 +15,40 @@
struct sqlite3;
namespace ndn {
-
+
class SecPublicInfoSqlite3 : public SecPublicInfo {
public:
- struct Error : public SecPublicInfo::Error { Error(const std::string &what) : SecPublicInfo::Error(what) {} };
+ class Error : public SecPublicInfo::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : SecPublicInfo::Error(what)
+ {
+ }
+ };
SecPublicInfoSqlite3();
-
- virtual
+
+ virtual
~SecPublicInfoSqlite3();
/**********************
* from SecPublicInfo *
**********************/
- virtual bool
+ virtual bool
doesIdentityExist(const Name& identityName);
virtual void
addIdentity(const Name& identityName);
- virtual bool
+ virtual bool
revokeIdentity();
- virtual bool
+ virtual bool
doesPublicKeyExist(const Name& keyName);
- virtual void
+ virtual void
addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer);
virtual ptr_lib::shared_ptr<PublicKey>
@@ -49,57 +57,57 @@
virtual bool
doesCertificateExist(const Name& certificateName);
- virtual void
+ virtual void
addCertificate(const IdentityCertificate& certificate);
- virtual ptr_lib::shared_ptr<IdentityCertificate>
- getCertificate(const Name &certificateName);
+ virtual ptr_lib::shared_ptr<IdentityCertificate>
+ getCertificate(const Name& certificateName);
- virtual Name
+ virtual Name
getDefaultIdentity();
- virtual Name
+ virtual Name
getDefaultKeyNameForIdentity(const Name& identityName);
- virtual Name
+ virtual Name
getDefaultCertificateNameForKey(const Name& keyName);
virtual void
- getAllIdentities(std::vector<Name> &nameList, bool isDefault);
+ getAllIdentities(std::vector<Name>& nameList, bool isDefault);
virtual void
- getAllKeyNames(std::vector<Name> &nameList, bool isDefault);
+ getAllKeyNames(std::vector<Name>& nameList, bool isDefault);
virtual void
- getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name> &nameList, bool isDefault);
-
- virtual void
- getAllCertificateNames(std::vector<Name> &nameList, bool isDefault);
+ getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList, bool isDefault);
virtual void
- getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name> &nameList, bool isDefault);
-
+ getAllCertificateNames(std::vector<Name>& nameList, bool isDefault);
+
+ virtual void
+ getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name>& nameList, bool isDefault);
+
protected:
- virtual void
+ virtual void
setDefaultIdentityInternal(const Name& identityName);
virtual void
setDefaultKeyNameForIdentityInternal(const Name& keyName);
- virtual void
- setDefaultCertificateNameForKeyInternal(const Name& certificateName);
+ virtual void
+ setDefaultCertificateNameForKeyInternal(const Name& certificateName);
virtual void
- deleteCertificateInfo(const Name &certificateName);
+ deleteCertificateInfo(const Name& certificateName);
virtual void
- deletePublicKeyInfo(const Name &keyName);
+ deletePublicKeyInfo(const Name& keyName);
virtual void
- deleteIdentityInfo(const Name &identity);
-
+ deleteIdentityInfo(const Name& identity);
+
private:
sqlite3 * m_database;
};
diff --git a/src/security/sec-public-info.hpp b/src/security/sec-public-info.hpp
index 0861b67..5fe7b3c 100644
--- a/src/security/sec-public-info.hpp
+++ b/src/security/sec-public-info.hpp
@@ -24,12 +24,20 @@
*/
class SecPublicInfo {
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
/**
* @brief The virtual Destructor.
*/
- virtual
+ virtual
~SecPublicInfo() {}
/**
@@ -38,7 +46,7 @@
* @param identityName The identity name.
* @return true if the identity exists, otherwise false.
*/
- virtual bool
+ virtual bool
doesIdentityExist(const Name& identityName) = 0;
/**
@@ -56,7 +64,7 @@
*
* @return true if the identity was revoked, otherwise false.
*/
- virtual bool
+ virtual bool
revokeIdentity() = 0;
/**
@@ -65,7 +73,7 @@
* @param keyName The name of the key.
* @return true if the key exists, otherwise false.
*/
- virtual bool
+ virtual bool
doesPublicKeyExist(const Name& keyName) = 0;
/**
@@ -75,7 +83,7 @@
* @param keyType Type of the public key to be added.
* @param publicKeyDer A blob of the public key DER to be added.
*/
- virtual void
+ virtual void
addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer) = 0;
/**
@@ -104,18 +112,18 @@
*
* @param certificate The certificate to be added.
*/
- virtual void
+ virtual void
addCertificate(const IdentityCertificate& certificate) = 0;
/**
* @brief Get a certificate from the identity storage.
*
* @param certificateName The name of the requested certificate.
- * @return The requested certificate.
+ * @return The requested certificate.
* @throws SecPublicInfo::Error if the certificate does not exist.
*/
- virtual shared_ptr<IdentityCertificate>
- getCertificate(const Name &certificateName) = 0;
+ virtual shared_ptr<IdentityCertificate>
+ getCertificate(const Name& certificateName) = 0;
/*****************************************
@@ -123,12 +131,12 @@
*****************************************/
/**
- * @brief Get the default identity.
+ * @brief Get the default identity.
*
- * @param return The name of default identity,
+ * @param return The name of default identity,
* @throws SecPublicInfo::Error if there is no default.
*/
- virtual Name
+ virtual Name
getDefaultIdentity() = 0;
/**
@@ -138,7 +146,7 @@
* @return The default key name.
* @throws SecPublicInfo::Error if there is no default.
*/
- virtual Name
+ virtual Name
getDefaultKeyNameForIdentity(const Name& identityName) = 0;
/**
@@ -148,7 +156,7 @@
* @return The default certificate name.
* @throws SecPublicInfo::Error if there is no default.
*/
- virtual Name
+ virtual Name
getDefaultCertificateNameForKey(const Name& keyName) = 0;
/**
@@ -158,7 +166,7 @@
* @param isDefault If specified, only the default identity is returned.
*/
virtual void
- getAllIdentities(std::vector<Name> &nameList, bool isDefault) = 0;
+ getAllIdentities(std::vector<Name>& nameList, bool isDefault) = 0;
/**
* @brief Get all the key name in public info.
@@ -167,7 +175,7 @@
* @param isDefault If specified, only the default keys are returned.
*/
virtual void
- getAllKeyNames(std::vector<Name> &nameList, bool isDefault) = 0;
+ getAllKeyNames(std::vector<Name>& nameList, bool isDefault) = 0;
/**
* @brief Get all the key name of a particular identity.
@@ -177,7 +185,7 @@
* @param isDefault If specified, only the default key is returned.
*/
virtual void
- getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name> &nameList, bool isDefault) = 0;
+ getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList, bool isDefault) = 0;
/**
* @brief Get all the certificate name in public info.
@@ -186,8 +194,8 @@
* @param isDefault If specified, only the default certificates are returned.
*/
virtual void
- getAllCertificateNames(std::vector<Name> &nameList, bool isDefault) = 0;
-
+ getAllCertificateNames(std::vector<Name>& nameList, bool isDefault) = 0;
+
/**
* @brief Get all the certificate name of a particular key.
*
@@ -196,25 +204,25 @@
* @param isDefault If specified, only the default certificate is returned.
*/
virtual void
- getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name> &nameList, bool isDefault) = 0;
+ getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name>& nameList, bool isDefault) = 0;
protected:
/*****************************************
* Default Setter *
*****************************************/
-
+
/**
* @brief Set the default identity.
*
* @param identityName The default identity name.
*/
- virtual void
+ virtual void
setDefaultIdentityInternal(const Name& identityName) = 0;
-
+
/**
* @brief Set the default key name for the corresponding identity.
- *
+ *
* @param keyName The key name.
* @throws SecPublicInfo::Error if the key does not exist.
*/
@@ -227,8 +235,8 @@
* @param certificateName The certificate name.
* @throws SecPublicInfo::Error if the certificatedoes not exist.
*/
- virtual void
- setDefaultCertificateNameForKeyInternal(const Name& certificateName) = 0;
+ virtual void
+ setDefaultCertificateNameForKeyInternal(const Name& certificateName) = 0;
/*****************************************
* Delete Methods *
@@ -240,7 +248,7 @@
* @param certificateName The certificate name.
*/
virtual void
- deleteCertificateInfo(const Name &certificateName) = 0;
+ deleteCertificateInfo(const Name& certificateName) = 0;
/**
* @brief Delete a public key and related certificates.
@@ -248,7 +256,7 @@
* @param keyName The key name.
*/
virtual void
- deletePublicKeyInfo(const Name &keyName) = 0;
+ deletePublicKeyInfo(const Name& keyName) = 0;
/**
* @brief Delete an identity and related public keys and certificates.
@@ -256,30 +264,30 @@
* @param identity The identity name.
*/
virtual void
- deleteIdentityInfo(const Name &identity) = 0;
+ deleteIdentityInfo(const Name& identity) = 0;
public:
-
+
/*****************************************
* Helper Methods *
*****************************************/
/**
- * @brief Set the default identity.
+ * @brief Set the default identity.
*
* @param identityName The default identity name.
* @throws SecPublicInfo::Error if the identity does not exist.
*/
- inline void
+ inline void
setDefaultIdentity(const Name& identityName);
/**
* @brief Set the default key name for the corresponding identity.
- *
+ *
* @param keyName The key name.
* @throws SecPublicInfo::Error if either the identity or key does not exist.
*/
- inline void
+ inline void
setDefaultKeyNameForIdentity(const Name& keyName);
/**
@@ -288,8 +296,8 @@
* @param certificateName The certificate name.
* @throws SecPublicInfo::Error if either the certificate or key does not exist.
*/
- inline void
- setDefaultCertificateNameForKey(const Name& certificateName);
+ inline void
+ setDefaultCertificateNameForKey(const Name& certificateName);
/**
* @brief Generate a key name for the identity.
@@ -298,7 +306,7 @@
* @param useKsk If true, generate a KSK name, otherwise a DSK name.
* @return The generated key name.
*/
- inline Name
+ inline Name
getNewKeyName(const Name& identityName, bool useKsk);
/**
@@ -308,7 +316,7 @@
* @return The default certificate name.
* @throws SecPublicInfo::Error if no certificate is found.
*/
- inline Name
+ inline Name
getDefaultCertificateNameForIdentity(const Name& identityName);
/**
@@ -354,7 +362,7 @@
*/
inline shared_ptr<IdentityCertificate>
defaultCertificate();
-
+
/**
* @brief try to get the default certificate of the default identity from the public info.
*/
@@ -379,14 +387,14 @@
refreshDefaultCertificate();
}
-inline void
+inline void
SecPublicInfo::setDefaultCertificateNameForKey(const Name& certificateName)
{
setDefaultCertificateNameForKeyInternal(certificateName);
refreshDefaultCertificate();
}
-inline Name
+inline Name
SecPublicInfo::getDefaultCertificateNameForIdentity(const Name& identityName)
{
return getDefaultCertificateNameForKey(getDefaultKeyNameForIdentity(identityName));
@@ -403,7 +411,7 @@
oss << "dsk-";
oss << time::toUnixTimestamp(time::system_clock::now()).count();
-
+
Name keyName = Name(identityName).append(oss.str());
if (doesPublicKeyExist(keyName))
@@ -415,10 +423,10 @@
inline Name
SecPublicInfo::getDefaultCertificateName()
{
- if(!static_cast<bool>(m_defaultCertificate))
+ if (!static_cast<bool>(m_defaultCertificate))
refreshDefaultCertificate();
- if(!static_cast<bool>(m_defaultCertificate))
+ if (!static_cast<bool>(m_defaultCertificate))
throw Error("No default certificate is set");
return m_defaultCertificate->getName();
@@ -437,7 +445,7 @@
{
addCertificate(certificate);
Name certName = certificate.getName();
- setDefaultKeyNameForIdentityInternal(IdentityCertificate::certificateNameToPublicKeyName(certName));
+ setDefaultKeyNameForIdentityInternal(IdentityCertificate::certificateNameToPublicKeyName(certName));
setDefaultCertificateNameForKeyInternal(certName);
refreshDefaultCertificate();
}
@@ -468,7 +476,7 @@
Name certName = getDefaultCertificateNameForIdentity(getDefaultIdentity());
m_defaultCertificate = getCertificate(certName);
}
- catch(SecPublicInfo::Error& e)
+ catch (SecPublicInfo::Error& e)
{
m_defaultCertificate.reset();
}
diff --git a/src/security/sec-rule-relative.cpp b/src/security/sec-rule-relative.cpp
index 1fdfa7d..6133aac 100644
--- a/src/security/sec-rule-relative.cpp
+++ b/src/security/sec-rule-relative.cpp
@@ -20,7 +20,7 @@
namespace ndn {
-SecRuleRelative::SecRuleRelative (const string& dataRegex, const string& signerRegex, const string& op,
+SecRuleRelative::SecRuleRelative (const string& dataRegex, const string& signerRegex, const string& op,
const string& dataExpand, const string& signerExpand, bool isPositive)
: SecRule(isPositive),
m_dataRegex(dataRegex),
@@ -31,68 +31,73 @@
m_dataNameRegex(dataRegex, dataExpand),
m_signerNameRegex(signerRegex, signerExpand)
{
- if(op != ">" && op != ">=" && op != "==")
+ if (op != ">" && op != ">=" && op != "==")
throw Error("op is wrong!");
}
SecRuleRelative::~SecRuleRelative()
-{ }
+{
+}
-bool
+bool
SecRuleRelative::satisfy (const Data& data)
{
Name dataName = data.getName();
- try{
+ try {
SignatureSha256WithRsa sig(data.getSignature());
Name signerName = sig.getKeyLocator().getName ();
- return satisfy (dataName, signerName);
- }catch(SignatureSha256WithRsa::Error &e){
+ return satisfy (dataName, signerName);
+ }
+ catch (SignatureSha256WithRsa::Error& e){
return false;
- }catch(KeyLocator::Error &e){
+ }
+ catch (KeyLocator::Error& e){
return false;
}
}
-
-bool
+
+bool
SecRuleRelative::satisfy (const Name& dataName, const Name& signerName)
{
- if(!m_dataNameRegex.match(dataName))
+ if (!m_dataNameRegex.match(dataName))
return false;
Name expandDataName = m_dataNameRegex.expand();
- if(!m_signerNameRegex.match(signerName))
+ if (!m_signerNameRegex.match(signerName))
return false;
Name expandSignerName = m_signerNameRegex.expand();
-
+
bool matched = compare(expandDataName, expandSignerName);
-
+
return matched;
}
-bool
+bool
SecRuleRelative::matchDataName (const Data& data)
{ return m_dataNameRegex.match(data.getName()); }
bool
SecRuleRelative::matchSignerName (const Data& data)
-{
- try{
+{
+ try {
SignatureSha256WithRsa sig(data.getSignature());
Name signerName = sig.getKeyLocator().getName ();
- return m_signerNameRegex.match(signerName);
- }catch(SignatureSha256WithRsa::Error &e){
+ return m_signerNameRegex.match(signerName);
+ }
+ catch (SignatureSha256WithRsa::Error& e){
return false;
- }catch(KeyLocator::Error &e){
+ }
+ catch (KeyLocator::Error& e){
return false;
}
}
-bool
-SecRuleRelative::compare(const Name & dataName, const Name & signerName)
-{
- if((dataName == signerName) && ("==" == m_op || ">=" == m_op))
+bool
+SecRuleRelative::compare(const Name& dataName, const Name& signerName)
+{
+ if ((dataName == signerName) && ("==" == m_op || ">=" == m_op))
return true;
-
+
Name::const_iterator i = dataName.begin ();
Name::const_iterator j = signerName.begin ();
@@ -103,10 +108,10 @@
else
return false;
}
-
- if(i == dataName.end())
+
+ if (i == dataName.end())
return false;
- else
+ else
return true;
}
diff --git a/src/security/sec-rule-relative.hpp b/src/security/sec-rule-relative.hpp
index 59c8f09..7ea4c51 100644
--- a/src/security/sec-rule-relative.hpp
+++ b/src/security/sec-rule-relative.hpp
@@ -13,41 +13,49 @@
#include "../util/regex.hpp"
namespace ndn {
-
+
class SecRuleRelative : public SecRule
{
public:
- struct Error : public SecRule::Error { Error(const std::string &what) : SecRule::Error(what) {} };
-
- SecRuleRelative(const std::string& dataRegex, const std::string& signerRegex, const std::string& op,
+ class Error : public SecRule::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : SecRule::Error(what)
+ {
+ }
+ };
+
+ SecRuleRelative(const std::string& dataRegex, const std::string& signerRegex, const std::string& op,
const std::string& dataExpand, const std::string& signerExpand, bool isPositive);
-
+
virtual
~SecRuleRelative();
-
- virtual bool
+
+ virtual bool
matchDataName(const Data& data);
-
- virtual bool
+
+ virtual bool
matchSignerName(const Data& data);
-
+
virtual bool
satisfy(const Data& data);
-
+
virtual bool
satisfy(const Name& dataName, const Name& signerName);
-
+
private:
- bool
+ bool
compare(const Name& dataName, const Name& signerName);
-
+
private:
const std::string m_dataRegex;
const std::string m_signerRegex;
const std::string m_op;
const std::string m_dataExpand;
const std::string m_signerExpand;
-
+
Regex m_dataNameRegex;
Regex m_signerNameRegex;
};
diff --git a/src/security/sec-rule-specific.cpp b/src/security/sec-rule-specific.cpp
index 484a08e..a9fee4e 100644
--- a/src/security/sec-rule-specific.cpp
+++ b/src/security/sec-rule-specific.cpp
@@ -27,34 +27,36 @@
, m_signerRegex(rule.m_signerRegex)
{}
-bool
+bool
SecRuleSpecific::matchDataName(const Data& data)
{ return m_dataRegex->match(data.getName()); }
-bool
+bool
SecRuleSpecific::matchSignerName(const Data& data)
-{
- try{
+{
+ try {
SignatureSha256WithRsa sig(data.getSignature());
Name signerName = sig.getKeyLocator().getName ();
- return m_signerRegex->match(signerName);
- }catch(SignatureSha256WithRsa::Error &e){
+ return m_signerRegex->match(signerName);
+ }
+ catch (SignatureSha256WithRsa::Error& e) {
return false;
- }catch(KeyLocator::Error &e){
+ }
+ catch (KeyLocator::Error& e) {
return false;
}
}
bool
-SecRuleSpecific::satisfy(const Data & data)
-{
- return (matchDataName(data) && matchSignerName(data)) ? true : false ;
+SecRuleSpecific::satisfy(const Data& data)
+{
+ return (matchDataName(data) && matchSignerName(data)) ? true : false;
}
bool
-SecRuleSpecific::satisfy(const Name & dataName, const Name & signerName)
-{
- return (m_dataRegex->match(dataName) && m_signerRegex->match(signerName));
+SecRuleSpecific::satisfy(const Name& dataName, const Name& signerName)
+{
+ return (m_dataRegex->match(dataName) && m_signerRegex->match(signerName));
}
} // namespace ndn
diff --git a/src/security/sec-rule.hpp b/src/security/sec-rule.hpp
index 496b33d..ecb9686 100644
--- a/src/security/sec-rule.hpp
+++ b/src/security/sec-rule.hpp
@@ -16,31 +16,39 @@
class SecRule
{
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
-
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
+
SecRule(bool isPositive)
: m_isPositive(isPositive)
{}
-
- virtual
- ~SecRule()
+
+ virtual
+ ~SecRule()
{}
-
- virtual bool
+
+ virtual bool
matchDataName(const Data& data) = 0;
-
- virtual bool
+
+ virtual bool
matchSignerName(const Data& data) = 0;
-
+
virtual bool
satisfy(const Data& data) = 0;
-
+
virtual bool
satisfy(const Name& dataName, const Name& signerName) = 0;
-
+
inline bool
isPositive();
-
+
protected:
bool m_isPositive;
};
@@ -50,7 +58,7 @@
{
return m_isPositive;
}
-
+
} // namespace ndn
#endif //NDN_SECURITY_SEC_RULE_HPP
diff --git a/src/security/sec-tpm-file.cpp b/src/security/sec-tpm-file.cpp
index 98e117f..3a05282 100644
--- a/src/security/sec-tpm-file.cpp
+++ b/src/security/sec-tpm-file.cpp
@@ -29,11 +29,11 @@
public:
Impl(const string& dir)
{
- if(dir.empty())
+ if (dir.empty())
m_keystorePath = boost::filesystem::path(getenv("HOME")) / ".ndn" / "ndnsec-tpm-file";
else
m_keystorePath = dir;
-
+
boost::filesystem::create_directories (m_keystorePath);
}
@@ -47,22 +47,22 @@
boost::algorithm::trim(digest);
std::replace(digest.begin(), digest.end(), '/', '%');
-
+
return m_keystorePath / (digest + extension);
}
- string
+ string
maintainMapping(const string& keyName)
{
string keyFileName = nameTransform(keyName, "").string();
-
+
ofstream outfile;
string dirFile = (m_keystorePath / "mapping.txt").string();
-
+
outfile.open(dirFile.c_str(), std::ios_base::app);
outfile << keyName << ' ' << keyFileName << '\n';
outfile.close();
-
+
return keyFileName;
}
@@ -77,19 +77,19 @@
{}
void
-SecTpmFile::generateKeyPairInTpm(const Name & keyName, KeyType keyType, int keySize)
+SecTpmFile::generateKeyPairInTpm(const Name& keyName, KeyType keyType, int keySize)
{
string keyURI = keyName.toUri();
- if(doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
+ if (doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
throw Error("public key exists");
- if(doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
+ if (doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
throw Error("private key exists");
string keyFileName = m_impl->maintainMapping(keyURI);
try{
- switch(keyType){
+ switch (keyType){
case KEY_TYPE_RSA:
{
using namespace CryptoPP;
@@ -97,18 +97,18 @@
InvertibleRSAFunction privateKey;
privateKey.Initialize(rng, keySize);
-
+
string privateKeyFileName = keyFileName + ".pri";
Base64Encoder privateKeySink(new FileSink(privateKeyFileName.c_str()));
privateKey.DEREncode(privateKeySink);
privateKeySink.MessageEnd();
-
+
RSAFunction publicKey(privateKey);
string publicKeyFileName = keyFileName + ".pub";
Base64Encoder publicKeySink(new FileSink(publicKeyFileName.c_str()));
publicKey.DEREncode(publicKeySink);
publicKeySink.MessageEnd();
-
+
/*set file permission*/
chmod(privateKeyFileName.c_str(), 0000400);
chmod(publicKeyFileName.c_str(), 0000444);
@@ -117,37 +117,37 @@
default:
throw Error("Unsupported key type!");
}
- }catch(const CryptoPP::Exception& e){
+ }catch (const CryptoPP::Exception& e){
throw Error(e.what());
}
}
void
-SecTpmFile::deleteKeyPairInTpm(const Name &keyName)
+SecTpmFile::deleteKeyPairInTpm(const Name& keyName)
{
boost::filesystem::path publicKeyPath(m_impl->nameTransform(keyName.toUri(), ".pub"));
boost::filesystem::path privateKeyPath(m_impl->nameTransform(keyName.toUri(), ".pri"));
- if(boost::filesystem::exists(publicKeyPath))
+ if (boost::filesystem::exists(publicKeyPath))
boost::filesystem::remove(publicKeyPath);
- if(boost::filesystem::exists(privateKeyPath))
+ if (boost::filesystem::exists(privateKeyPath))
boost::filesystem::remove(privateKeyPath);
}
shared_ptr<PublicKey>
-SecTpmFile::getPublicKeyFromTpm(const Name & keyName)
+SecTpmFile::getPublicKeyFromTpm(const Name& keyName)
{
string keyURI = keyName.toUri();
- if(!doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
+ if (!doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
throw Error("Public Key already exist");
ostringstream os;
try{
using namespace CryptoPP;
FileSource(m_impl->nameTransform(keyURI, ".pub").string().c_str(), true, new Base64Decoder(new FileSink(os)));
- }catch(const CryptoPP::Exception& e){
+ }catch (const CryptoPP::Exception& e){
throw Error(e.what());
}
@@ -158,9 +158,9 @@
SecTpmFile::exportPrivateKeyPkcs1FromTpm(const Name& keyName)
{
OBufferStream privateKeyOs;
- CryptoPP::FileSource(m_impl->nameTransform(keyName.toUri(), ".pri").string().c_str(), true,
+ CryptoPP::FileSource(m_impl->nameTransform(keyName.toUri(), ".pri").string().c_str(), true,
new CryptoPP::Base64Decoder(new CryptoPP::FileSink(privateKeyOs)));
-
+
return privateKeyOs.buf();
}
@@ -173,7 +173,7 @@
CryptoPP::StringSource(buf, size, true,
new CryptoPP::Base64Encoder(new CryptoPP::FileSink(keyFileName.c_str())));
return true;
- }catch(...){
+ }catch (...){
return false;
}
}
@@ -187,19 +187,19 @@
CryptoPP::StringSource(buf, size, true,
new CryptoPP::Base64Encoder(new CryptoPP::FileSink(keyFileName.c_str())));
return true;
- }catch(...){
+ }catch (...){
return false;
}
}
Block
-SecTpmFile::signInTpm(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm)
+SecTpmFile::signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm)
{
string keyURI = keyName.toUri();
- if(!doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
+ if (!doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
throw Error("private key doesn't exists");
-
+
try{
using namespace CryptoPP;
AutoSeededRandomPool rng;
@@ -211,22 +211,22 @@
bytes.MessageEnd();
RSA::PrivateKey privateKey;
privateKey.Load(bytes);
-
+
//Sign message
- switch(digestAlgorithm){
+ switch (digestAlgorithm){
case DIGEST_ALGORITHM_SHA256:
{
RSASS<PKCS1v15, SHA256>::Signer signer(privateKey);
-
+
OBufferStream os;
StringSource(data, dataLength, true, new SignerFilter(rng, signer, new FileSink(os)));
-
+
return Block(Tlv::SignatureValue, os.buf());
}
default:
throw Error("Unsupported digest algorithm!");
}
- }catch(const CryptoPP::Exception& e){
+ }catch (const CryptoPP::Exception& e){
throw Error(e.what());
}
}
@@ -239,7 +239,7 @@
// string keyURI = keyName.toUri();
// if (!isSymmetric)
// {
- // if(!doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
+ // if (!doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE))
// throw Error("private key doesn't exist");
// try{
@@ -254,27 +254,27 @@
// RSA::PrivateKey privateKey;
// privateKey.Load(bytes);
// RSAES_PKCS1v15_Decryptor decryptor(privateKey);
-
+
// OBufferStream os;
// StringSource(data, dataLength, true, new PK_DecryptorFilter(rng, decryptor, new FileSink(os)));
-
+
// return os.buf();
// }
- // catch(const CryptoPP::Exception& e){
+ // catch (const CryptoPP::Exception& e){
// throw Error(e.what());
// }
// }
// else
// {
// throw Error("Symmetric encryption is not implemented!");
- // // if(!doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
+ // // if (!doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
// // throw Error("symmetric key doesn't exist");
// // try{
// // string keyBits;
// // string symKeyFileName = m_impl->nameTransform(keyURI, ".key");
// // FileSource(symKeyFileName, true, new HexDecoder(new StringSink(keyBits)));
-
+
// // using CryptoPP::AES;
// // AutoSeededRandomPool rnd;
// // byte iv[AES::BLOCKSIZE];
@@ -282,12 +282,12 @@
// // CFB_Mode<AES>::Decryption decryptor;
// // decryptor.SetKeyWithIV(reinterpret_cast<const uint8_t*>(keyBits.c_str()), keyBits.size(), iv);
-
+
// // OBufferStream os;
// // StringSource(data, dataLength, true, new StreamTransformationFilter(decryptor,new FileSink(os)));
// // return os.buf();
- // // }catch(const CryptoPP::Exception& e){
+ // // }catch (const CryptoPP::Exception& e){
// // throw Error(e.what());
// // }
// }
@@ -301,7 +301,7 @@
// if (!isSymmetric)
// {
- // if(!doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
+ // if (!doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
// throw Error("public key doesn't exist");
// try
// {
@@ -322,14 +322,14 @@
// StringSource(data, dataLength, true, new PK_EncryptorFilter(rng, encryptor, new FileSink(os)));
// return os.buf();
// }
- // catch(const CryptoPP::Exception& e){
+ // catch (const CryptoPP::Exception& e){
// throw Error(e.what());
// }
// }
// else
// {
// throw Error("Symmetric encryption is not implemented!");
- // // if(!doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
+ // // if (!doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
// // throw Error("symmetric key doesn't exist");
// // try{
@@ -348,7 +348,7 @@
// // OBufferStream os;
// // StringSource(data, dataLength, true, new StreamTransformationFilter(encryptor, new FileSink(os)));
// // return os.buf();
- // // }catch(const CryptoPP::Exception& e){
+ // // }catch (const CryptoPP::Exception& e){
// // throw Error(e.what());
// // }
// }
@@ -356,19 +356,19 @@
void
-SecTpmFile::generateSymmetricKeyInTpm(const Name & keyName, KeyType keyType, int keySize)
+SecTpmFile::generateSymmetricKeyInTpm(const Name& keyName, KeyType keyType, int keySize)
{
throw Error("SecTpmFile::generateSymmetricKeyInTpm is not supported!");
// string keyURI = keyName.toUri();
- // if(doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
+ // if (doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
// throw Error("symmetric key exists");
// string keyFileName = m_impl->maintainMapping(keyURI);
// string symKeyFileName = keyFileName + ".key";
// try{
- // switch(keyType){
+ // switch (keyType){
// case KEY_TYPE_AES:
// {
// using namespace CryptoPP;
@@ -376,41 +376,41 @@
// SecByteBlock key(0x00, keySize);
// rng.GenerateBlock(key, keySize);
-
+
// StringSource(key, key.size(), true, new HexEncoder(new FileSink(symKeyFileName.c_str())));
-
+
// chmod(symKeyFileName.c_str(), 0000400);
// return;
// }
// default:
// throw Error("Unsupported symmetric key type!");
// }
- // }catch(const CryptoPP::Exception& e){
+ // }catch (const CryptoPP::Exception& e){
// throw Error(e.what());
// }
}
bool
-SecTpmFile::doesKeyExistInTpm(const Name & keyName, KeyClass keyClass)
+SecTpmFile::doesKeyExistInTpm(const Name& keyName, KeyClass keyClass)
{
string keyURI = keyName.toUri();
if (keyClass == KEY_CLASS_PUBLIC)
{
- if(boost::filesystem::exists(m_impl->nameTransform(keyURI, ".pub")))
+ if (boost::filesystem::exists(m_impl->nameTransform(keyURI, ".pub")))
return true;
else
return false;
}
if (keyClass == KEY_CLASS_PRIVATE)
{
- if(boost::filesystem::exists(m_impl->nameTransform(keyURI, ".pri")))
+ if (boost::filesystem::exists(m_impl->nameTransform(keyURI, ".pri")))
return true;
else
return false;
}
if (keyClass == KEY_CLASS_SYMMETRIC)
{
- if(boost::filesystem::exists(m_impl->nameTransform(keyURI, ".key")))
+ if (boost::filesystem::exists(m_impl->nameTransform(keyURI, ".key")))
return true;
else
return false;
@@ -421,11 +421,12 @@
bool
SecTpmFile::generateRandomBlock(uint8_t* res, size_t size)
{
- try{
+ try {
CryptoPP::AutoSeededRandomPool rng;
rng.GenerateBlock(res, size);
return true;
- }catch(const CryptoPP::Exception& e){
+ }
+ catch (const CryptoPP::Exception& e) {
return false;
}
}
diff --git a/src/security/sec-tpm-file.hpp b/src/security/sec-tpm-file.hpp
index 8a108c5..fc1e410 100644
--- a/src/security/sec-tpm-file.hpp
+++ b/src/security/sec-tpm-file.hpp
@@ -18,9 +18,17 @@
class SecTpmFile : public SecTpm
{
public:
- struct Error : public SecTpm::Error { Error(const std::string &what) : SecTpm::Error(what) {} };
+ class Error : public SecTpm::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : SecTpm::Error(what)
+ {
+ }
+ };
- SecTpmFile(const std::string & dir = "");
+ SecTpmFile(const std::string& dir = "");
virtual
~SecTpmFile() {};
@@ -58,24 +66,24 @@
}
virtual void
- generateKeyPairInTpm(const Name & keyName, KeyType keyType, int keySize);
+ generateKeyPairInTpm(const Name& keyName, KeyType keyType, int keySize);
virtual void
- deleteKeyPairInTpm(const Name &keyName);
+ deleteKeyPairInTpm(const Name& keyName);
virtual shared_ptr<PublicKey>
- getPublicKeyFromTpm(const Name & keyName);
+ getPublicKeyFromTpm(const Name& keyName);
virtual Block
- signInTpm(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm);
+ signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm);
- virtual ConstBufferPtr
+ virtual ConstBufferPtr
decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric);
virtual ConstBufferPtr
encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric);
- virtual void
+ virtual void
generateSymmetricKeyInTpm(const Name& keyName, KeyType keyType, int keySize);
virtual bool
@@ -84,7 +92,7 @@
virtual bool
generateRandomBlock(uint8_t* res, size_t size);
- virtual void
+ virtual void
addAppToACL(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl)
{}
@@ -97,7 +105,7 @@
virtual bool
importPrivateKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size);
-
+
virtual bool
importPublicKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size);
diff --git a/src/security/sec-tpm-memory.cpp b/src/security/sec-tpm-memory.cpp
index 3c77c15..e196f88 100644
--- a/src/security/sec-tpm-memory.cpp
+++ b/src/security/sec-tpm-memory.cpp
@@ -174,11 +174,12 @@
bool
SecTpmMemory::generateRandomBlock(uint8_t* res, size_t size)
{
- try{
+ try {
CryptoPP::AutoSeededRandomPool rng;
rng.GenerateBlock(res, size);
return true;
- }catch(const CryptoPP::Exception& e){
+ }
+ catch (const CryptoPP::Exception& e) {
return false;
}
}
diff --git a/src/security/sec-tpm-memory.hpp b/src/security/sec-tpm-memory.hpp
index 2c8cc2b..605d7c8 100644
--- a/src/security/sec-tpm-memory.hpp
+++ b/src/security/sec-tpm-memory.hpp
@@ -21,7 +21,15 @@
*/
class SecTpmMemory : public SecTpm {
public:
- struct Error : public SecTpm::Error { Error(const std::string &what) : SecTpm::Error(what) {} };
+ class Error : public SecTpm::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : SecTpm::Error(what)
+ {
+ }
+ };
virtual
~SecTpmMemory();
@@ -69,7 +77,7 @@
getPublicKeyFromTpm(const Name& keyName);
virtual void
- deleteKeyPairInTpm(const Name &keyName);
+ deleteKeyPairInTpm(const Name& keyName);
virtual Block
signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm);
diff --git a/src/security/sec-tpm-osx.cpp b/src/security/sec-tpm-osx.cpp
index 96c9034..6a5250c 100644
--- a/src/security/sec-tpm-osx.cpp
+++ b/src/security/sec-tpm-osx.cpp
@@ -46,7 +46,7 @@
* @return the internal key name
*/
std::string
- toInternalKeyName(const Name & keyName, KeyClass keyClass);
+ toInternalKeyName(const Name& keyName, KeyClass keyClass);
/**
* @brief Get key.
@@ -56,7 +56,7 @@
* @returns pointer to the key
*/
SecKeychainItemRef
- getKey(const Name & keyName, KeyClass keyClass);
+ getKey(const Name& keyName, KeyClass keyClass);
/**
* @brief Convert keyType to MAC OS symmetric key key type
@@ -117,7 +117,7 @@
SecTpmOsx::SecTpmOsx()
: m_impl(new Impl)
{
- if(m_impl->m_inTerminal)
+ if (m_impl->m_inTerminal)
SecKeychainSetUserInteractionAllowed (false);
else
SecKeychainSetUserInteractionAllowed (true);
@@ -153,7 +153,7 @@
SecTpmOsx::setInTerminal(bool inTerminal)
{
m_impl->m_inTerminal = inTerminal;
- if(inTerminal)
+ if (inTerminal)
SecKeychainSetUserInteractionAllowed (false);
else
SecKeychainSetUserInteractionAllowed (true);
@@ -171,7 +171,7 @@
SecKeychainStatus keychainStatus;
OSStatus res = SecKeychainGetStatus(m_impl->m_keyChainRef, &keychainStatus);
- if(res != errSecSuccess)
+ if (res != errSecSuccess)
return true;
else
return ((kSecUnlockStateStatus & keychainStatus) == 0);
@@ -183,11 +183,11 @@
OSStatus res;
// If the default key chain is already unlocked, return immediately.
- if(!locked())
+ if (!locked())
return true;
// If the default key chain is locked, unlock the key chain.
- if(usePassword)
+ if (usePassword)
{
// Use the supplied password.
res = SecKeychainUnlock(m_impl->m_keyChainRef,
@@ -195,7 +195,7 @@
password,
true);
}
- else if(m_impl->m_passwordSet)
+ else if (m_impl->m_passwordSet)
{
// If no password supplied, then use the configured password if exists.
SecKeychainUnlock(m_impl->m_keyChainRef,
@@ -203,7 +203,7 @@
m_impl->m_password.c_str(),
true);
}
- else if(m_impl->m_inTerminal)
+ else if (m_impl->m_inTerminal)
{
// If no configured password, get password from terminal if inTerminal set.
bool locked = true;
@@ -212,7 +212,7 @@
while(locked)
{
- if(count > 2)
+ if (count > 2)
break;
char* getPassword = NULL;
@@ -229,7 +229,7 @@
memset(getPassword, 0, strlen(getPassword));
- if(res == errSecSuccess)
+ if (res == errSecSuccess)
break;
}
}
@@ -243,10 +243,10 @@
}
void
-SecTpmOsx::generateKeyPairInTpmInternal(const Name & keyName, KeyType keyType, int keySize, bool retry)
+SecTpmOsx::generateKeyPairInTpmInternal(const Name& keyName, KeyType keyType, int keySize, bool retry)
{
- if(doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC)){
+ if (doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC)){
_LOG_DEBUG("keyName has existed");
throw Error("keyName has existed");
}
@@ -279,7 +279,7 @@
if (res == errSecAuthFailed && !retry)
{
- if(unlockTpm(0, 0, false))
+ if (unlockTpm(0, 0, false))
generateKeyPairInTpmInternal(keyName, keyType, keySize, true);
else
throw Error("Fail to unlock the keychain");
@@ -292,7 +292,7 @@
}
void
-SecTpmOsx::deleteKeyPairInTpmInternal(const Name &keyName, bool retry)
+SecTpmOsx::deleteKeyPairInTpmInternal(const Name& keyName, bool retry)
{
CFStringRef keyLabel = CFStringCreateWithCString(NULL,
keyName.toUri().c_str(),
@@ -311,16 +311,16 @@
if (res == errSecAuthFailed && !retry)
{
- if(unlockTpm(0, 0, false))
+ if (unlockTpm(0, 0, false))
deleteKeyPairInTpmInternal(keyName, true);
}
}
void
-SecTpmOsx::generateSymmetricKeyInTpm(const Name & keyName, KeyType keyType, int keySize)
+SecTpmOsx::generateSymmetricKeyInTpm(const Name& keyName, KeyType keyType, int keySize)
{
throw Error("SecTpmOsx::generateSymmetricKeyInTpm is not supported");
- // if(doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
+ // if (doesKeyExistInTpm(keyName, KEY_CLASS_SYMMETRIC))
// throw Error("keyName has existed!");
// string keyNameUri = m_impl->toInternalKeyName(keyName, KEY_CLASS_SYMMETRIC);
@@ -348,7 +348,7 @@
}
shared_ptr<PublicKey>
-SecTpmOsx::getPublicKeyFromTpm(const Name & keyName)
+SecTpmOsx::getPublicKeyFromTpm(const Name& keyName)
{
_LOG_TRACE("OSXPrivateKeyStorage::getPublickey");
@@ -384,11 +384,11 @@
NULL,
&exportedKey);
- if(res != errSecSuccess)
+ if (res != errSecSuccess)
{
- if(res == errSecAuthFailed && !retry)
+ if (res == errSecAuthFailed && !retry)
{
- if(unlockTpm(0, 0, false))
+ if (unlockTpm(0, 0, false))
return exportPrivateKeyPkcs1FromTpmInternal(keyName, true);
else
return shared_ptr<Buffer>();
@@ -493,11 +493,11 @@
#pragma clang diagnostic pop
#endif // __clang__
- if(res != errSecSuccess)
+ if (res != errSecSuccess)
{
- if(res == errSecAuthFailed && !retry)
+ if (res == errSecAuthFailed && !retry)
{
- if(unlockTpm(0, 0, false))
+ if (unlockTpm(0, 0, false))
return importPrivateKeyPkcs1IntoTpmInternal(keyName, buf, size, true);
else
return false;
@@ -522,7 +522,7 @@
0,
NULL);
- if(res != errSecSuccess)
+ if (res != errSecSuccess)
{
return false;
}
@@ -556,7 +556,7 @@
m_impl->m_keyChainRef,
&outItems);
- if(res != errSecSuccess)
+ if (res != errSecSuccess)
return false;
SecKeychainItemRef publicKey = (SecKeychainItemRef)CFArrayGetValueAtIndex(outItems, 0);
@@ -575,7 +575,7 @@
0,
NULL);
- if(res != errSecSuccess)
+ if (res != errSecSuccess)
return false;
CFRelease(importedKey);
@@ -583,7 +583,7 @@
}
Block
-SecTpmOsx::signInTpmInternal(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm, bool retry)
+SecTpmOsx::signInTpmInternal(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm, bool retry)
{
_LOG_TRACE("OSXPrivateKeyStorage::Sign");
@@ -631,9 +631,9 @@
CFDataRef signature = (CFDataRef) SecTransformExecute(signer, &error);
if (error)
{
- if(!retry)
+ if (!retry)
{
- if(unlockTpm(0, 0, false))
+ if (unlockTpm(0, 0, false))
return signInTpmInternal(data, dataLength, keyName, digestAlgorithm, true);
else
throw Error("Fail to unlock the keychain");
@@ -652,13 +652,13 @@
}
ConstBufferPtr
-SecTpmOsx::decryptInTpm(const uint8_t* data, size_t dataLength, const Name & keyName, bool sym)
+SecTpmOsx::decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool sym)
{
throw Error("SecTpmOsx::decryptInTpm is not supported");
// _LOG_TRACE("OSXPrivateKeyStorage::Decrypt");
// KeyClass keyClass;
- // if(sym)
+ // if (sym)
// keyClass = KEY_CLASS_SYMMETRIC;
// else
// keyClass = KEY_CLASS_PRIVATE;
@@ -696,9 +696,9 @@
}
void
-SecTpmOsx::addAppToACL(const Name & keyName, KeyClass keyClass, const string & appPath, AclType acl)
+SecTpmOsx::addAppToACL(const Name& keyName, KeyClass keyClass, const string& appPath, AclType acl)
{
- if(keyClass == KEY_CLASS_PRIVATE && acl == ACL_TYPE_PRIVATE)
+ if (keyClass == KEY_CLASS_PRIVATE && acl == ACL_TYPE_PRIVATE)
{
SecKeychainItemRef privateKey = m_impl->getKey(keyName, keyClass);
@@ -738,13 +738,13 @@
}
ConstBufferPtr
-SecTpmOsx::encryptInTpm(const uint8_t* data, size_t dataLength, const Name & keyName, bool sym)
+SecTpmOsx::encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool sym)
{
throw Error("SecTpmOsx::encryptInTpm is not supported");
// _LOG_TRACE("OSXPrivateKeyStorage::Encrypt");
// KeyClass keyClass;
- // if(sym)
+ // if (sym)
// keyClass = KEY_CLASS_SYMMETRIC;
// else
// keyClass = KEY_CLASS_PUBLIC;
@@ -775,7 +775,7 @@
}
bool
-SecTpmOsx::doesKeyExistInTpm(const Name & keyName, KeyClass keyClass)
+SecTpmOsx::doesKeyExistInTpm(const Name& keyName, KeyClass keyClass)
{
_LOG_TRACE("OSXPrivateKeyStorage::doesKeyExist");
@@ -798,7 +798,7 @@
SecKeychainItemRef itemRef;
OSStatus res = SecItemCopyMatching((CFDictionaryRef)attrDict, (CFTypeRef*)&itemRef);
- if(res == errSecSuccess)
+ if (res == errSecSuccess)
return true;
else
return false;
@@ -816,7 +816,7 @@
////////////////////////////////
SecKeychainItemRef
-SecTpmOsx::Impl::getKey(const Name & keyName, KeyClass keyClass)
+SecTpmOsx::Impl::getKey(const Name& keyName, KeyClass keyClass)
{
string keyNameUri = toInternalKeyName(keyName, keyClass);
@@ -838,7 +838,7 @@
OSStatus res = SecItemCopyMatching((CFDictionaryRef) attrDict, (CFTypeRef*)&keyItem);
- if(res != errSecSuccess){
+ if (res != errSecSuccess){
_LOG_DEBUG("Fail to find the key!");
return NULL;
}
@@ -847,11 +847,11 @@
}
string
-SecTpmOsx::Impl::toInternalKeyName(const Name & keyName, KeyClass keyClass)
+SecTpmOsx::Impl::toInternalKeyName(const Name& keyName, KeyClass keyClass)
{
string keyUri = keyName.toUri();
- if(KEY_CLASS_SYMMETRIC == keyClass)
+ if (KEY_CLASS_SYMMETRIC == keyClass)
return keyUri + "/symmetric";
else
return keyUri;
@@ -860,7 +860,7 @@
const CFTypeRef
SecTpmOsx::Impl::getAsymKeyType(KeyType keyType)
{
- switch(keyType){
+ switch (keyType){
case KEY_TYPE_RSA:
return kSecAttrKeyTypeRSA;
default:
@@ -872,7 +872,7 @@
const CFTypeRef
SecTpmOsx::Impl::getSymKeyType(KeyType keyType)
{
- switch(keyType){
+ switch (keyType){
case KEY_TYPE_AES:
return kSecAttrKeyTypeAES;
default:
@@ -884,7 +884,7 @@
const CFTypeRef
SecTpmOsx::Impl::getKeyClass(KeyClass keyClass)
{
- switch(keyClass){
+ switch (keyClass){
case KEY_CLASS_PRIVATE:
return kSecAttrKeyClassPrivate;
case KEY_CLASS_PUBLIC:
@@ -900,7 +900,7 @@
const CFStringRef
SecTpmOsx::Impl::getDigestAlgorithm(DigestAlgorithm digestAlgo)
{
- switch(digestAlgo){
+ switch (digestAlgo){
// case DIGEST_MD2:
// return kSecDigestMD2;
// case DIGEST_MD5:
@@ -918,7 +918,7 @@
long
SecTpmOsx::Impl::getDigestSize(DigestAlgorithm digestAlgo)
{
- switch(digestAlgo){
+ switch (digestAlgo){
case DIGEST_ALGORITHM_SHA256:
return 256;
// case DIGEST_SHA1:
diff --git a/src/security/sec-tpm-osx.hpp b/src/security/sec-tpm-osx.hpp
index f9cfc57..3dc6877 100644
--- a/src/security/sec-tpm-osx.hpp
+++ b/src/security/sec-tpm-osx.hpp
@@ -12,14 +12,22 @@
#include "sec-tpm.hpp"
namespace ndn {
-
+
class SecTpmOsx : public SecTpm {
public:
- struct Error : public SecTpm::Error { Error(const std::string& what) : SecTpm::Error(what) {} };
+ class Error : public SecTpm::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : SecTpm::Error(what)
+ {
+ }
+ };
SecTpmOsx();
- virtual
+ virtual
~SecTpmOsx();
@@ -45,7 +53,7 @@
virtual bool
unlockTpm(const char* password, size_t passwordLength, bool usePassword);
- virtual void
+ virtual void
generateKeyPairInTpm(const Name& keyName, KeyType keyType, int keySize)
{
generateKeyPairInTpmInternal(keyName, keyType, keySize, false);
@@ -57,31 +65,31 @@
deleteKeyPairInTpmInternal(keyName, false);
}
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<PublicKey>
getPublicKeyFromTpm(const Name& keyName);
-
+
virtual Block
signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm)
{
return signInTpmInternal(data, dataLength, keyName, digestAlgorithm, false);
}
- virtual ConstBufferPtr
+ virtual ConstBufferPtr
decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric);
virtual ConstBufferPtr
encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric);
- virtual void
+ virtual void
generateSymmetricKeyInTpm(const Name& keyName, KeyType keyType, int keySize);
virtual bool
- doesKeyExistInTpm(const Name& keyName, KeyClass keyClass);
+ doesKeyExistInTpm(const Name& keyName, KeyClass keyClass);
virtual bool
- generateRandomBlock(uint8_t* res, size_t size);
+ generateRandomBlock(uint8_t* res, size_t size);
- virtual void
+ virtual void
addAppToACL(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl);
protected:
@@ -107,10 +115,10 @@
* OSX-specifics *
******************************/
void
- generateKeyPairInTpmInternal(const Name & keyName, KeyType keyType, int keySize, bool retry);
-
+ generateKeyPairInTpmInternal(const Name& keyName, KeyType keyType, int keySize, bool retry);
+
void
- deleteKeyPairInTpmInternal(const Name &keyName, bool retry);
+ deleteKeyPairInTpmInternal(const Name& keyName, bool retry);
ConstBufferPtr
exportPrivateKeyPkcs1FromTpmInternal(const Name& keyName, bool retry);
@@ -119,13 +127,13 @@
importPrivateKeyPkcs1IntoTpmInternal(const Name& keyName, const uint8_t* buf, size_t size, bool retry);
Block
- signInTpmInternal(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm, bool retry);
-
+ signInTpmInternal(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm, bool retry);
+
private:
class Impl;
shared_ptr<Impl> m_impl;
};
-
+
} // namespace ndn
#endif // NDN_SECURITY_SEC_TPM_OSX_HPP
diff --git a/src/security/sec-tpm.cpp b/src/security/sec-tpm.cpp
index e19196c..3638ca1 100644
--- a/src/security/sec-tpm.cpp
+++ b/src/security/sec-tpm.cpp
@@ -17,28 +17,28 @@
SecTpm::exportPrivateKeyPkcs8FromTpm(const Name& keyName, const string& passwordStr)
{
using namespace CryptoPP;
-
+
uint8_t salt[8] = {0};
uint8_t iv[8] = {0};
-
+
// derive key
- if(!generateRandomBlock(salt, 8) || !generateRandomBlock(iv, 8))
+ if (!generateRandomBlock(salt, 8) || !generateRandomBlock(iv, 8))
throw Error("Cannot generate salt or iv");
uint32_t iterationCount = 2048;
-
+
PKCS5_PBKDF2_HMAC<SHA1> keyGenerator;
size_t derivedLen = 24; //For DES-EDE3-CBC-PAD
byte derived[24] = {0};
byte purpose = 0;
-
+
try
{
- keyGenerator.DeriveKey(derived, derivedLen, purpose,
- reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
+ keyGenerator.DeriveKey(derived, derivedLen, purpose,
+ reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
salt, 8, iterationCount);
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
throw Error("Cannot derived the encryption key");
}
@@ -46,18 +46,18 @@
//encrypt
CBC_Mode< DES_EDE3 >::Encryption e;
e.SetKeyWithIV(derived, derivedLen, iv);
-
+
ConstBufferPtr pkcs1PrivateKey = exportPrivateKeyPkcs1FromTpm(keyName);
- if(!static_cast<bool>(pkcs1PrivateKey))
+ if (!static_cast<bool>(pkcs1PrivateKey))
throw Error("Cannot export the private key, #1");
OBufferStream encryptedOs;
try
{
- StringSource stringSource(pkcs1PrivateKey->buf(), pkcs1PrivateKey->size(), true,
+ StringSource stringSource(pkcs1PrivateKey->buf(), pkcs1PrivateKey->size(), true,
new StreamTransformationFilter(e, new FileSink(encryptedOs)));
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
throw Error("Cannot export the private key, #2");
}
@@ -71,7 +71,7 @@
try
{
FileSink sink(pkcs8Os);
-
+
// EncryptedPrivateKeyInfo ::= SEQUENCE {
// encryptionAlgorithm EncryptionAlgorithmIdentifier,
// encryptedData OCTET STRING }
@@ -107,7 +107,7 @@
pbkdf2Params.MessageEnd();
}
pbes2KDFs.MessageEnd();
-
+
// AlgorithmIdentifier ::= SEQUENCE {
// algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}},
// parameters OCTET STRING} {{iv}} }
@@ -121,14 +121,14 @@
pbes2Params.MessageEnd();
}
encryptionAlgorithm.MessageEnd();
-
+
DEREncodeOctetString(encryptedPrivateKeyInfo, encryptedOs.buf()->buf(), encryptedOs.buf()->size());
}
encryptedPrivateKeyInfo.MessageEnd();
-
+
return pkcs8Os.buf();
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
throw Error("Cannot export the private key, #3");
}
@@ -138,7 +138,7 @@
SecTpm::importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size, const string& passwordStr)
{
using namespace CryptoPP;
-
+
OID pbes2Id;
OID pbkdf2Id;
SecByteBlock saltBlock;
@@ -146,12 +146,12 @@
OID pbes2encsId;
SecByteBlock ivBlock;
SecByteBlock encryptedDataBlock;
-
+
try
{
//decode some decoding processes are not necessary for now, because we assume only one encryption scheme.
StringSource source(buf, size, true);
-
+
// EncryptedPrivateKeyInfo ::= SEQUENCE {
// encryptionAlgorithm EncryptionAlgorithmIdentifier,
// encryptedData OCTET STRING }
@@ -187,7 +187,7 @@
pbkdf2Params.MessageEnd();
}
pbes2KDFs.MessageEnd();
-
+
// AlgorithmIdentifier ::= SEQUENCE {
// algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}},
// parameters OCTET STRING} {{iv}} }
@@ -206,48 +206,48 @@
}
encryptedPrivateKeyInfo.MessageEnd();
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
return false;
}
-
+
PKCS5_PBKDF2_HMAC<SHA1> keyGenerator;
size_t derivedLen = 24; //For DES-EDE3-CBC-PAD
byte derived[24] = {0};
byte purpose = 0;
-
+
try
{
- keyGenerator.DeriveKey(derived, derivedLen,
- purpose,
- reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
- saltBlock.BytePtr(), saltBlock.size(),
+ keyGenerator.DeriveKey(derived, derivedLen,
+ purpose,
+ reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
+ saltBlock.BytePtr(), saltBlock.size(),
iterationCount);
}
- catch(CryptoPP::Exception& e)
- {
- return false;
- }
-
- //decrypt
- CBC_Mode< DES_EDE3 >::Decryption d;
- d.SetKeyWithIV(derived, derivedLen, ivBlock.BytePtr());
-
- OBufferStream privateKeyOs;
- try
- {
- StringSource encryptedSource(encryptedDataBlock.BytePtr(), encryptedDataBlock.size(), true,
- new StreamTransformationFilter(d, new FileSink(privateKeyOs)));
- }
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
return false;
}
- if(!importPrivateKeyPkcs1IntoTpm(keyName, privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()))
+ //decrypt
+ CBC_Mode< DES_EDE3 >::Decryption d;
+ d.SetKeyWithIV(derived, derivedLen, ivBlock.BytePtr());
+
+ OBufferStream privateKeyOs;
+ try
+ {
+ StringSource encryptedSource(encryptedDataBlock.BytePtr(), encryptedDataBlock.size(), true,
+ new StreamTransformationFilter(d, new FileSink(privateKeyOs)));
+ }
+ catch (CryptoPP::Exception& e)
+ {
+ return false;
+ }
+
+ if (!importPrivateKeyPkcs1IntoTpm(keyName, privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()))
return false;
-
+
//derive public key
OBufferStream publicKeyOs;
@@ -256,19 +256,19 @@
RSA::PrivateKey privateKey;
privateKey.Load(StringStore(privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()).Ref());
RSAFunction publicKey(privateKey);
-
+
FileSink publicKeySink(publicKeyOs);
publicKey.DEREncode(publicKeySink);
publicKeySink.MessageEnd();
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
return false;
}
- if(!importPublicKeyPkcs1IntoTpm(keyName, publicKeyOs.buf()->buf(), publicKeyOs.buf()->size()))
+ if (!importPublicKeyPkcs1IntoTpm(keyName, publicKeyOs.buf()->buf(), publicKeyOs.buf()->size()))
return false;
-
+
return true;
}
diff --git a/src/security/sec-tpm.hpp b/src/security/sec-tpm.hpp
index 97547a4..bb7e44b 100644
--- a/src/security/sec-tpm.hpp
+++ b/src/security/sec-tpm.hpp
@@ -24,14 +24,22 @@
*/
class SecTpm {
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
- virtual
+ virtual
~SecTpm() {}
/**
* @brief set password of TPM
- *
+ *
* Password is used to unlock TPM when it is locked.
* You should be cautious when using this method, because remembering password is kind of dangerous.
*
@@ -49,7 +57,7 @@
/**
* @brief set inTerminal flag
- *
+ *
* If the inTerminal flag is set, and password is not set, TPM may ask for password via terminal.
* inTerminal flag is set by default.
*
@@ -60,7 +68,7 @@
/**
* @brief get inTerminal flag
- *
+ *
* @return inTerminal flag.
*/
virtual bool
@@ -68,7 +76,7 @@
/**
* @brief check if TPM is locked.
- *
+ *
* @return true if locked, false otherwise
*/
virtual bool
@@ -93,16 +101,16 @@
* @param keySize The size of the key pair.
* @throws SecTpm::Error if fails.
*/
- virtual void
+ virtual void
generateKeyPairInTpm(const Name& keyName, KeyType keyType, int keySize) = 0;
-
+
/**
* @brief Delete a key pair of asymmetric keys.
*
* @param keyName The name of the key pair.
*/
virtual void
- deleteKeyPairInTpm(const Name &keyName) = 0;
+ deleteKeyPairInTpm(const Name& keyName) = 0;
/**
* @brief Get a public key.
@@ -111,9 +119,9 @@
* @return The public key.
* @throws SecTpm::Error if public key does not exist in TPM.
*/
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<PublicKey>
getPublicKeyFromTpm(const Name& keyName) = 0;
-
+
/**
* @brief Sign data.
*
@@ -123,10 +131,10 @@
* @param digestAlgorithm the digest algorithm.
* @return The signature block.
* @throws SecTpm::Error if signing fails.
- */
+ */
virtual Block
- signInTpm(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm) = 0;
-
+ signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm) = 0;
+
/**
* @brief Decrypt data.
*
@@ -137,7 +145,7 @@
* @return The decrypted data.
* @throws SecTpm::Error if decryption fails.
*/
- virtual ConstBufferPtr
+ virtual ConstBufferPtr
decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric) = 0;
/**
@@ -161,7 +169,7 @@
* @param keySize The size of the key.
* @throws SecTpm::Error if key generating fails.
*/
- virtual void
+ virtual void
generateSymmetricKeyInTpm(const Name& keyName, KeyType keyType, int keySize) = 0;
/**
@@ -172,11 +180,11 @@
* @return True if the key exists, otherwise false.
*/
virtual bool
- doesKeyExistInTpm(const Name& keyName, KeyClass keyClass) = 0;
+ doesKeyExistInTpm(const Name& keyName, KeyClass keyClass) = 0;
/**
* @brief Generate a random block.
- *
+ *
* @param res The pointer to the generated block.
* @param size The random block size.
* @return true for success, otherwise false.
@@ -192,12 +200,12 @@
* @param appPath the absolute path to the application
* @param acl the new acl of the key
*/
- virtual void
+ virtual void
addAppToACL(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl) = 0;
/**
* @brief Export a private key in PKCS#8 format.
- *
+ *
* @param keyName The private key name.
* @param password The password to encrypt the private key.
* @return The private key info (in PKCS8 format) if exist.
@@ -208,9 +216,9 @@
/**
* @brief Import a private key in PKCS#8 format.
- *
+ *
* Also recover the public key and installed it in TPM.
- *
+ *
* @param keyName The private key name.
* @param key The encoded private key info.
* @param password The password to encrypt the private key.
@@ -222,7 +230,7 @@
protected:
/**
* @brief Export a private key in PKCS#1 format.
- *
+ *
* @param keyName The private key name.
* @return The private key info (in PKCS#1 format) if exist, otherwise a NULL pointer.
*/
@@ -231,7 +239,7 @@
/**
* @brief Import a private key in PKCS#1 format.
- *
+ *
* @param keyName The private key name.
* @param key The encoded private key info.
* @return False if import fails.
@@ -241,7 +249,7 @@
/**
* @brief Import a public key in PKCS#1 format.
- *
+ *
* @param keyName The public key name.
* @param key The encoded public key info.
* @return False if import fails.
@@ -267,22 +275,22 @@
int result = false;
char* pw0 = NULL;
-
+
pw0 = getpass(prompt.c_str());
- if(!pw0)
+ if (!pw0)
return false;
std::string password1 = pw0;
memset(pw0, 0, strlen(pw0));
pw0 = getpass("Confirm:");
- if(!pw0)
+ if (!pw0)
{
char* pw1 = const_cast<char*>(password1.c_str());
memset(pw1, 0, password1.size());
return false;
}
- if(!password1.compare(pw0))
+ if (!password1.compare(pw0))
{
result = true;
password.swap(password1);
@@ -292,7 +300,7 @@
memset(pw1, 0, password1.size());
memset(pw0, 0, strlen(pw0));
- if(password.empty())
+ if (password.empty())
return false;
return result;
diff --git a/src/security/secured-bag.hpp b/src/security/secured-bag.hpp
index 3a8cd29..5848981 100644
--- a/src/security/secured-bag.hpp
+++ b/src/security/secured-bag.hpp
@@ -16,9 +16,17 @@
class SecuredBag
{
public:
- struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
- SecuredBag()
+ SecuredBag()
: m_wire(tlv::security::IdentityPackage)
{}
@@ -34,12 +42,12 @@
m_wire.push_back(wireKey);
}
- virtual
+ virtual
~SecuredBag()
{}
-
+
void
- wireDecode(const Block &wire)
+ wireDecode(const Block& wire)
{
m_wire = wire;
m_wire.parse();
@@ -63,13 +71,13 @@
{
return m_cert;
}
-
+
ConstBufferPtr
getKey() const
{
return m_key;
}
-
+
private:
IdentityCertificate m_cert;
ConstBufferPtr m_key;
diff --git a/src/security/signature-sha256.hpp b/src/security/signature-sha256.hpp
index 11b7cdf..8ef37a8 100644
--- a/src/security/signature-sha256.hpp
+++ b/src/security/signature-sha256.hpp
@@ -25,7 +25,7 @@
m_info.push_back(nonNegativeIntegerBlock(Tlv::SignatureType, Tlv::DigestSha256));
}
- SignatureSha256(const Signature &signature)
+ SignatureSha256(const Signature& signature)
: Signature(signature)
{
if (getType() != Signature::Sha256)
diff --git a/src/security/validation-request.hpp b/src/security/validation-request.hpp
index f64082b..0bc0d59 100644
--- a/src/security/validation-request.hpp
+++ b/src/security/validation-request.hpp
@@ -16,7 +16,7 @@
* An OnVerified function object is used to pass a callback to report a successful Interest validation.
*/
typedef function< void (const shared_ptr<const Interest>&) > OnInterestValidated;
-
+
/**
* An OnVerifyFailed function object is used to pass a callback to report a failed Interest validation.
*/
@@ -26,7 +26,7 @@
* An OnVerified function object is used to pass a callback to report a successful Data validation.
*/
typedef function< void (const shared_ptr<const Data>&) > OnDataValidated;
-
+
/**
* An OnVerifyFailed function object is used to pass a callback to report a failed Data validation.
*/
@@ -35,9 +35,9 @@
class ValidationRequest {
public:
- ValidationRequest(const Interest &interest,
- const OnDataValidated &onValidated,
- const OnDataValidationFailed &onDataValidated,
+ ValidationRequest(const Interest& interest,
+ const OnDataValidated& onValidated,
+ const OnDataValidationFailed& onDataValidated,
int retry, int stepCount)
: m_interest(interest)
, m_onValidated(onValidated)
@@ -45,7 +45,7 @@
, m_retry(retry)
, m_stepCount(stepCount)
{}
-
+
virtual
~ValidationRequest() {}
diff --git a/src/security/validator-null.hpp b/src/security/validator-null.hpp
index eb186c6..4d7b56b 100644
--- a/src/security/validator-null.hpp
+++ b/src/security/validator-null.hpp
@@ -18,22 +18,22 @@
virtual
~ValidatorNull()
{}
-
+
protected:
virtual void
- checkPolicy (const Data& data,
- int stepCount,
- const OnDataValidated &onValidated,
- const OnDataValidationFailed &onValidationFailed,
- std::vector<shared_ptr<ValidationRequest> > &nextSteps)
+ checkPolicy (const Data& data,
+ int stepCount,
+ const OnDataValidated& onValidated,
+ const OnDataValidationFailed& onValidationFailed,
+ std::vector<shared_ptr<ValidationRequest> >& nextSteps)
{ onValidated(data.shared_from_this()); }
-
+
virtual void
- checkPolicy (const Interest& interest,
- int stepCount,
- const OnInterestValidated &onValidated,
- const OnInterestValidationFailed &onValidationFailed,
- std::vector<shared_ptr<ValidationRequest> > &nextSteps)
+ checkPolicy (const Interest& interest,
+ int stepCount,
+ const OnInterestValidated& onValidated,
+ const OnInterestValidationFailed& onValidationFailed,
+ std::vector<shared_ptr<ValidationRequest> >& nextSteps)
{ onValidated(interest.shared_from_this()); }
};