Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 79ba55cee45999b4c80dc672f69ff44c8ac714f1 / . / ndn-cpp / security / keychain.h
blob: 83a09dd1c1ac22a506921fad45d1439666bd38b7 [file] [log] [blame]
Jeff Thompsonfa306642013-06-17 15:06:57 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/*
3 * Copyright (c) 2013, Regents of the University of California
4 * Alexander Afanasyev
5 *
6 * BSD license, See the LICENSE file for more information
7 *
8 * Author: Alexander Afanasyev <alexander.afanasyev@ucla.edu>
9 */
10
11#ifndef NDN_KEYCHAIN_H
12#define NDN_KEYCHAIN_H
13
14// #include "ndn-cpp/fields/blob.h"
15// #include "ndn-cpp/fields/name.h"
16
17#include "identity.h"
18#include "certificate.h"
19
20#include <iostream>
21
22namespace ndn {
23
24/**
25 * @brief Interface for a keychain operations
26 *
27 * Keychain has the following set of operations:
28 *
29 * --- interface to manage certificates and identities
30 * - identities are permanently stored
31 * - certificates can be cached (or stored permanently, if user is willing to)
32 * --- interface to sign and encrypt data
33 *
34 */
35class Keychain
36{
37public:
38 /**
39 * @brief Virtual destructor
40 */
41 virtual
42 ~Keychain ();
43
44 /////////////////////////////////////////////////////
45 // interface to manage certificates and identities //
46 /////////////////////////////////////////////////////
47
48 /**
49 * @brief Get default identity
50 */
51 virtual Ptr<const Identity>
52 getDefaultIdentity () = 0;
53
54 /**
55 * @brief Get identity by name
56 * @param identityName name of the requested identity
57 */
58 virtual Ptr<const Identity>
59 getIdentity (const Name &identityName) = 0;
60
61 /**
62 * @brief Create a self-certified identity
63 * @param identityName name of the identity to create
64 */
65 virtual Ptr<const Identity>
66 generateIdentity (const Name &identityName) = 0;
67
68 /**
69 * @brief Create identity certification request
70 * @param identity identity for which create the request
71 * @param os output stream which will receive the request
72 */
73 virtual void
74 requestIdentityCertificate (const Identity &identity, std::ostream &os) = 0;
75
76 /**
77 * @brief Issue a certificate using parameters from the input stream (formatted as request)
78 * @param identity Identity which will be used to issue the certificate
79 * @param is input stream from which to read parameters of the certificate
80 *
81 * @returns smart pointer to a signed certificate
82 */
83 virtual Ptr<const Certificate>
84 issueCertificate (const Identity &identity, std::istream &is) = 0;
85
86 /**
87 * @brief Issue a certificate using parameters from the input stream (formatted as request)
88 *
89 * Same as another version, but using the default identity
90 *
91 * @returns smart pointer to a signed certificate
92 */
93 virtual Ptr<const Certificate>
94 issueCertificate (std::istream &is) = 0;
95
96 /**
97 * @brief Install identity certificate
98 * @param cert certificate to install
99 */
100 virtual void
101 installIdentityCertificate (const Certificate &cert) = 0;
102
103public:
104 /////////////////////////////////////////////////////
105 // interface to sign and encrypt data //
106 /////////////////////////////////////////////////////
107
108 /**
109 * @brief Sign data using specified identity
110 * @param identity selected identity to sign data
111 * @param buffer pointer to the data to sign
112 * @param size length of data to sign
113 *
114 * @return pointer to base class of a signature object (depending on identity,
115 * different types signature can be produced)
116 */
117 virtual Ptr<Signature>
118 sign (const Identity &identity, const void *buffer, size_t size) = 0;
119
120 // TBD
121 // /**
122 // * @brief Decrypt data using the specified identity
123 // */
124 // virtual ?
125 // decrypt (Ptr<Identity> identity, const void *buffer, size_t size, ?) = 0;
126};
127
128} // ndn
129
130#endif // NDN_KEYCHAIN_H