security: merge SIGNER_TYPE_PIB_* into SIGNER_TYPE_ID and SIGNER_TYPE_KEY
refs #3932
Change-Id: I73d2f479567e590fa3fa60d035b9275b69043b3e
diff --git a/src/security/signing-info.cpp b/src/security/signing-info.cpp
index d02b0bd..eb8232b 100644
--- a/src/security/signing-info.cpp
+++ b/src/security/signing-info.cpp
@@ -61,29 +61,25 @@
}
SigningInfo::SigningInfo(const Identity& identity)
- : m_type(SIGNER_TYPE_PIB_ID)
- , m_identity(identity)
- , m_digestAlgorithm(DigestAlgorithm::SHA256)
+ : SigningInfo(SIGNER_TYPE_NULL)
{
+ this->setPibIdentity(identity);
}
SigningInfo::SigningInfo(const Key& key)
- : m_type(SIGNER_TYPE_PIB_KEY)
- , m_key(key)
- , m_digestAlgorithm(DigestAlgorithm::SHA256)
+ : SigningInfo(SIGNER_TYPE_NULL)
{
+ this->setPibKey(key);
}
SigningInfo::SigningInfo(const std::string& signingStr)
+ : SigningInfo(SIGNER_TYPE_NULL)
{
- *this = SigningInfo();
-
if (signingStr.empty()) {
return;
}
size_t pos = signingStr.find(':');
-
if (pos == std::string::npos) {
BOOST_THROW_EXCEPTION(std::invalid_argument("Invalid signing string cannot represent SigningInfo"));
}
@@ -115,6 +111,7 @@
{
m_type = SIGNER_TYPE_ID;
m_name = identity;
+ m_identity = Identity();
return *this;
}
@@ -123,6 +120,7 @@
{
m_type = SIGNER_TYPE_KEY;
m_name = keyName;
+ m_key = Key();
return *this;
}
@@ -145,8 +143,8 @@
SigningInfo&
SigningInfo::setPibIdentity(const Identity& identity)
{
- m_type = SIGNER_TYPE_PIB_ID;
- m_name.clear();
+ m_type = SIGNER_TYPE_ID;
+ m_name = identity ? identity.getName() : Name();
m_identity = identity;
return *this;
}
@@ -154,8 +152,8 @@
SigningInfo&
SigningInfo::setPibKey(const Key& key)
{
- m_type = SIGNER_TYPE_PIB_KEY;
- m_name.clear();
+ m_type = SIGNER_TYPE_KEY;
+ m_name = key ? key.getName() : Name();
m_key = key;
return *this;
}
@@ -181,10 +179,6 @@
return os << "cert:" << si.getSignerName();
case SigningInfo::SIGNER_TYPE_SHA256:
return os << "id:" << SigningInfo::getDigestSha256Identity();
- case SigningInfo::SIGNER_TYPE_PIB_ID:
- return os << "id:" << si.getPibIdentity().getName();
- case SigningInfo::SIGNER_TYPE_PIB_KEY:
- return os << "key:" << si.getPibKey().getName();
}
BOOST_THROW_EXCEPTION(std::invalid_argument("Unknown signer type"));
diff --git a/src/security/signing-info.hpp b/src/security/signing-info.hpp
index fc91410..ad97b89 100644
--- a/src/security/signing-info.hpp
+++ b/src/security/signing-info.hpp
@@ -61,10 +61,6 @@
SIGNER_TYPE_CERT = 3,
/// @brief use sha256 digest, no signer needs to be specified
SIGNER_TYPE_SHA256 = 4,
- /// @brief given PIB identity handle, use its default key and default certificate
- SIGNER_TYPE_PIB_ID = 5,
- /// @brief given PIB key handle, use its default certificate
- SIGNER_TYPE_PIB_KEY = 6
};
public:
@@ -139,14 +135,14 @@
/**
* @brief Set signer as a PIB identity handler @p identity
- * @post Change the signerType to SIGNER_TYPE_PIB_ID
+ * @post Change the signerType to SIGNER_TYPE_ID
*/
SigningInfo&
setPibIdentity(const Identity& identity);
/**
* @brief Set signer as a PIB key handler @p key
- * @post Change the signerType to SIGNER_TYPE_PIB_KEY
+ * @post Change the signerType to SIGNER_TYPE_KEY
*/
SigningInfo&
setPibKey(const Key& key);
@@ -170,24 +166,25 @@
}
/**
- * @pre signerType must be SIGNER_TYPE_PIB_ID
- * @return the identity handler of signer
+ * @pre signerType must be SIGNER_TYPE_ID
+ * @return the identity handler of signer, or Identity() if getSignerName() should be used
+ * to find the identity
*/
const Identity&
getPibIdentity() const
{
- BOOST_ASSERT(m_type == SIGNER_TYPE_PIB_ID);
+ BOOST_ASSERT(m_type == SIGNER_TYPE_ID);
return m_identity;
}
/**
- * @pre signerType must be SIGNER_TYPE_PIB_KEY
- * @return the key handler of signer
+ * @pre signerType must be SIGNER_TYPE_KEY
+ * @return the key handler of signer, or Key() if getSignerName() should be used to find the key
*/
const Key&
getPibKey() const
{
- BOOST_ASSERT(m_type == SIGNER_TYPE_PIB_KEY);
+ BOOST_ASSERT(m_type == SIGNER_TYPE_KEY);
return m_key;
}
diff --git a/src/security/v2/key-chain.cpp b/src/security/v2/key-chain.cpp
index 47cb75d..954231c 100644
--- a/src/security/v2/key-chain.cpp
+++ b/src/security/v2/key-chain.cpp
@@ -603,26 +603,32 @@
break;
}
case SigningInfo::SIGNER_TYPE_ID: {
- try {
- identity = m_pib->getIdentity(params.getSignerName());
- }
- catch (const Pib::Error&) {
- BOOST_THROW_EXCEPTION(InvalidSigningInfoError("Signing identity `" +
- params.getSignerName().toUri() + "` does not exist"));
+ identity = params.getPibIdentity();
+ if (!identity) {
+ try {
+ identity = m_pib->getIdentity(params.getSignerName());
+ }
+ catch (const Pib::Error&) {
+ BOOST_THROW_EXCEPTION(InvalidSigningInfoError("Signing identity `" +
+ params.getSignerName().toUri() + "` does not exist"));
+ }
}
break;
}
case SigningInfo::SIGNER_TYPE_KEY: {
- Name identityName = extractIdentityFromKeyName(params.getSignerName());
+ key = params.getPibKey();
+ if (!key) {
+ Name identityName = extractIdentityFromKeyName(params.getSignerName());
- try {
- identity = m_pib->getIdentity(identityName);
- key = identity.getKey(params.getSignerName());
- identity = Identity(); // we will use the PIB key instance, so reset identity;
- }
- catch (const Pib::Error&) {
- BOOST_THROW_EXCEPTION(InvalidSigningInfoError("Signing key `" +
- params.getSignerName().toUri() + "` does not exist"));
+ try {
+ identity = m_pib->getIdentity(identityName);
+ key = identity.getKey(params.getSignerName());
+ identity = Identity(); // we will use the PIB key instance, so reset identity;
+ }
+ catch (const Pib::Error&) {
+ BOOST_THROW_EXCEPTION(InvalidSigningInfoError("Signing key `" +
+ params.getSignerName().toUri() + "` does not exist"));
+ }
}
break;
}
@@ -645,18 +651,6 @@
sigInfo.setSignatureType(tlv::DigestSha256);
return std::make_tuple(SigningInfo::getDigestSha256Identity(), sigInfo);
}
- case SigningInfo::SIGNER_TYPE_PIB_ID: {
- identity = params.getPibIdentity();
- if (!identity)
- BOOST_THROW_EXCEPTION(InvalidSigningInfoError("PIB identity is invalid"));
- break;
- }
- case SigningInfo::SIGNER_TYPE_PIB_KEY: {
- key = params.getPibKey();
- if (!key)
- BOOST_THROW_EXCEPTION(InvalidSigningInfoError("PIB key is invalid"));
- break;
- }
default: {
BOOST_THROW_EXCEPTION(InvalidSigningInfoError("Unrecognized signer type " +
boost::lexical_cast<std::string>(params.getSignerType())));
diff --git a/tests/unit-tests/security/verification-helpers.t.cpp b/tests/unit-tests/security/verification-helpers.t.cpp
index 208f555..0f0809e 100644
--- a/tests/unit-tests/security/verification-helpers.t.cpp
+++ b/tests/unit-tests/security/verification-helpers.t.cpp
@@ -73,7 +73,7 @@
// std::cout << "struct " + type + "Dataset\n{\n";
// std::cout << " const std::string name = \"" << type << "\";\n";
-// if (signingInfo.getSignerType() == SigningInfo::SIGNER_TYPE_PIB_ID) {
+// if (signingInfo.getSignerType() == SigningInfo::SIGNER_TYPE_ID) {
// print("cert", signingInfo.getPibIdentity().getDefaultKey().getDefaultCertificate().wireEncode().wire(),
// signingInfo.getPibIdentity().getDefaultKey().getDefaultCertificate().wireEncode().size());
// }