Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 79a2d5d5e3482ffa95d47a3bd7202837ae99bbc2 / . / ndn-cpp / security / identity / identity-manager.hpp
blob: fee8b99ba37c49d71bc85b30622dd97712ced118 [file] [log] [blame]
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]1/**
Jeff Thompson7687dc02013-09-13 11:54:07 -0700[diff] [blame]2 * Copyright (C) 2013 Regents of the University of California.
Jeff Thompson06e787d2013-09-12 19:00:55 -0700[diff] [blame]3 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
Jeff Thompson7687dc02013-09-13 11:54:07 -0700[diff] [blame]4 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]5 * See COPYING for copyright and distribution information.
6 */
7
8#ifndef NDN_IDENTITY_MANAGER_HPP
9#define NDN_IDENTITY_MANAGER_HPP
10
Jeff Thompson7b79eb62013-09-12 18:48:29 -0700[diff] [blame]11#include "../../data.hpp"
Jeff Thompson9296f0c2013-09-23 18:10:27 -0700[diff] [blame]12#include "identity-storage.hpp"
Jeff Thompson86e1d752013-09-17 17:22:38 -0700[diff] [blame]13#include "private-key-storage.hpp"
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]14
15namespace ndn {
16
Jeff Thompsonffa36f92013-09-20 08:42:41 -0700[diff] [blame]17/**
18 * An IdentityManager is the interface of operations related to identity, keys, and certificates.
19 */
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]20class IdentityManager {
21public:
Jeff Thompson9296f0c2013-09-23 18:10:27 -0700[diff] [blame]22 IdentityManager(const ptr_lib::shared_ptr<IdentityStorage>& identityStorage, const ptr_lib::shared_ptr<PrivateKeyStorage>& privateKeyStorage)
23 : identityStorage_(identityStorage), privateKeyStorage_(privateKeyStorage)
Jeff Thompson86e1d752013-09-17 17:22:38 -0700[diff] [blame]24 {
25 }
26
Jeff Thompson9296f0c2013-09-23 18:10:27 -0700[diff] [blame]27#if 0
28 /**
29 * Create identity, by default it will create a pair of Key-Signing-Key(KSK) for this identity and a self-signed certificate of the KSK
30 * @param identityName the name of the identity
31 * @return the key name of the auto-generated KSK of the identity
32 */
33 Name
34 createIdentity(const Name& identityName);
35#endif
36
37 /**
38 * Get the default identity.
39 * @return The default identity name.
40 */
41 Name
42 getDefaultIdentity()
43 {
44 return identityStorage_->getDefaultIdentity();
45 }
46
47#if 0
48 /**
49 * Generate a pair of RSA keys for the specified identity
50 * @param identityName the name of the identity
51 * @param ksk create a KSK or not, true for KSK, false for DSK
52 * @param keySize the size of the key
53 * @return the generated key name
54 */
55 Name
56 generateRSAKeyPair(const Name& identityName, bool ksk = false, int keySize = 2048);
57
58 /**
59 * Set a key as the default key of an identity
60 * @param keyName the name of the key
61 * @param identityName the name of the identity, if not specified the identity name can be inferred from the keyName
62 */
63 void
64 setDefaultKeyForIdentity(const Name& keyName, const Name& identityName = Name());
65
66 /**
67 * Generate a pair of RSA keys for the specified identity and set it as default key of the identity
68 * @param identityName the name of the identity
69 * @param ksk create a KSK or not, true for KSK, false for DSK
70 * @param keySize the size of the key
71 * @return the generated key name
72 */
73 Name
74 generateRSAKeyPairAsDefault(const Name& identityName, bool ksk = false, int keySize = 2048);
75
76 /**
77 * Get public key with the specified name
78 * @param keyName name of the key
79 * @return the public key
80 */
81 Ptr<Publickey>
82 getPublickey(const Name& keyName);
83
84 /**
85 * Add a certificate into the public storage
86 * @param certificate the certificate to to added
87 */
88 void
89 addCertificate(Ptr<Certificate> certificate);
90
91 /**
92 * Set the certificate as the default of its corresponding key
93 * @param certificateName name of the certificate
94 */
95 void
96 setDefaultCertificateForKey(const Name& certificateName);
97
98 /**
99 * Add a certificate into the public storage and set the certificate as the default of its corresponding identity
100 * @param certificate the certificate to be added
101 */
102 void
103 addCertificateAsIdentityDefault(const Certificate& certificate);
104
105 /**
106 * Add a certificate into the public storage and set the certificate as the default of its corresponding key
107 * certificate the certificate to be added
108 */
109 void
110 addCertificateAsDefault(const Certificate& certificate);
111
112 /**
113 * Get a certificate with the specified name
114 * @param certificateName name of the requested certificate
115 * @return the requested certificate
116 */
117 Ptr<Certificate>
118 getCertificate(const Name& certificateName);
119
120 /**
121 * Get a certificate even if the certificate is not valid anymore
122 * @param certificateName name of the requested certificate
123 * @return the requested certificate
124 */
125 Ptr<Certificate>
126 getAnyCertificate(const Name& certificateName);
127#endif
128
129 /**
130 * Get the default certificate name for the specified identity, which will be used when signing is performed based on identity.
131 * @param identityName The name of the specified identity.
132 * @return The requested certificate name.
133 */
134 Name
135 getDefaultCertificateNameForIdentity(const Name& identityName)
136 {
137 return identityStorage_->getDefaultCertificateNameForIdentity(identityName);
138 }
139
140 /**
141 * Get the default certificate name of the default identity, which will be used when signing is based on identity and
142 * the identity is not specified.
143 * @return The requested certificate name.
144 */
145 Name
146 getDefaultCertificateName()
147 {
148 return identityStorage_->getDefaultCertificateNameForIdentity(getDefaultIdentity());
149 }
150
151#if 0
152 /**
153 * Sign blob based on identity
154 * @param blob the blob to be signed
155 * @param identityName the signing identity name
156 * @return the generated signature
157 */
158 Ptr<Signature>
159 signByIdentity(const Blob& blob, const Name& identityName);
160
161 /**
162 * Sign data based on identity
163 * @param data the data packet to be signed, on return the Signature inside the data packet will be set
164 * @param identityName the signing identity name
165 */
166 void
167 signByIdentity(Data& data, const Name& identityName);
168
169 /**
170 * sign blob based on certificate name
171 * @param blob the blob to be signed
172 * @param certificateName the signing certificate name
173 * @return the generated signature
174 */
175 Ptr<Signature>
176 signByCertificate(const Blob& blob, const Name& certificateName);
177#endif
178
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]179 /**
Jeff Thompson86e1d752013-09-17 17:22:38 -0700[diff] [blame]180 * Sign data packet based on the certificate name.
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]181 * Note: the caller must make sure the timestamp in data is correct, for example with
182 * data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0).
183 * @param data The Data object to sign and update its signature.
184 * @param certificateName The Name identifying the certificate which identifies the signing key.
185 * @param wireFormat The WireFormat for calling encodeData, or WireFormat::getDefaultWireFormat() if omitted.
186 */
Jeff Thompson0050abe2013-09-17 12:50:25 -0700[diff] [blame]187 void
Jeff Thompson86e1d752013-09-17 17:22:38 -0700[diff] [blame]188 signByCertificate(Data& data, const Name& certificateName, WireFormat& wireFormat = *WireFormat::getDefaultWireFormat());
189
190private:
Jeff Thompson9296f0c2013-09-23 18:10:27 -0700[diff] [blame]191 ptr_lib::shared_ptr<IdentityStorage> identityStorage_;
Jeff Thompson86e1d752013-09-17 17:22:38 -0700[diff] [blame]192 ptr_lib::shared_ptr<PrivateKeyStorage> privateKeyStorage_;
Jeff Thompson41471912013-09-12 16:21:50 -0700[diff] [blame]193};
194
195}
196
197#endif