Jeff Thompson | 25b4e61 | 2013-10-10 16:03:24 -0700 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */ |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 2 | /** |
Jeff Thompson | 7687dc0 | 2013-09-13 11:54:07 -0700 | [diff] [blame] | 3 | * Copyright (C) 2013 Regents of the University of California. |
| 4 | * @author: Jeff Thompson <jefft0@remap.ucla.edu> |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 5 | * See COPYING for copyright and distribution information. |
| 6 | */ |
| 7 | |
| 8 | #ifndef NDN_KEY_CHAIN_HPP |
Jeff Thompson | 2d27e2f | 2013-08-09 12:55:00 -0700 | [diff] [blame] | 9 | #define NDN_KEY_CHAIN_HPP |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 10 | |
Jeff Thompson | 7a67cb6 | 2013-08-26 11:43:18 -0700 | [diff] [blame] | 11 | #include "../data.hpp" |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 12 | #include "../face.hpp" |
| 13 | #include "identity/identity-manager.hpp" |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 14 | #include "encryption/encryption-manager.hpp" |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 15 | |
| 16 | namespace ndn { |
| 17 | |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 18 | class PolicyManager; |
| 19 | |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 20 | /** |
| 21 | * An OnVerified function object is used to pass a callback to verifyData to report a successful verification. |
| 22 | */ |
| 23 | typedef func_lib::function<void(const ptr_lib::shared_ptr<Data>& data)> OnVerified; |
| 24 | |
| 25 | /** |
| 26 | * An OnVerifyFailed function object is used to pass a callback to verifyData to report a failed verification. |
| 27 | */ |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 28 | typedef func_lib::function<void(const ptr_lib::shared_ptr<Data>& data)> OnVerifyFailed; |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 29 | |
Jeff Thompson | ffa36f9 | 2013-09-20 08:42:41 -0700 | [diff] [blame] | 30 | /** |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 31 | * Keychain is the main class of the security library. |
Jeff Thompson | ffa36f9 | 2013-09-20 08:42:41 -0700 | [diff] [blame] | 32 | * |
| 33 | * The Keychain class provides a set of interfaces to the security library such as identity management, policy configuration |
| 34 | * and packet signing and verification. |
| 35 | */ |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 36 | class KeyChain { |
| 37 | public: |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 38 | KeyChain |
| 39 | (const ptr_lib::shared_ptr<IdentityManager>& identityManager, const ptr_lib::shared_ptr<PolicyManager>& policyManager); |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 40 | |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 41 | /***************************************** |
| 42 | * Identity Management * |
| 43 | *****************************************/ |
| 44 | |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 45 | /** |
| 46 | * Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK. |
| 47 | * @param identityName The name of the identity. |
| 48 | * @return The key name of the auto-generated KSK of the identity. |
| 49 | */ |
| 50 | Name |
| 51 | createIdentity(const Name& identityName) |
| 52 | { |
| 53 | return identityManager_->createIdentity(identityName); |
| 54 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 55 | |
| 56 | /** |
| 57 | * Get the default identity. |
| 58 | * @return The default identity name. |
| 59 | */ |
| 60 | Name |
| 61 | getDefaultIdentity() |
| 62 | { |
| 63 | return identityManager_->getDefaultIdentity(); |
| 64 | } |
| 65 | |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 66 | /** |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 67 | * Generate a pair of RSA keys for the specified identity. |
| 68 | * @param identityName The name of the identity. |
| 69 | * @param isKsk true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| 70 | * @param keySize The size of the key. |
| 71 | * @return The generated key name. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 72 | */ |
| 73 | Name |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 74 | generateRSAKeyPair(const Name& identityName, bool isKsk = false, int keySize = 2048) |
| 75 | { |
| 76 | return identityManager_->generateRSAKeyPair(identityName, isKsk, keySize); |
| 77 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 78 | |
| 79 | /** |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 80 | * Set a key as the default key of an identity. |
| 81 | * @param keyName The name of the key. |
| 82 | * @param identityName the name of the identity. If not specified, the identity name is inferred from the keyName. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 83 | */ |
| 84 | void |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 85 | setDefaultKeyForIdentity(const Name& keyName, const Name& identityName = Name()) |
| 86 | { |
| 87 | return identityManager_->setDefaultKeyForIdentity(keyName, identityName); |
| 88 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 89 | |
| 90 | /** |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 91 | * Generate a pair of RSA keys for the specified identity and set it as default key for the identity. |
| 92 | * @param identityName The name of the identity. |
| 93 | * @param isKsk true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| 94 | * @param keySize The size of the key. |
| 95 | * @return The generated key name. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 96 | */ |
| 97 | Name |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 98 | generateRSAKeyPairAsDefault(const Name& identityName, bool isKsk = false, int keySize = 2048) |
| 99 | { |
| 100 | return identityManager_->generateRSAKeyPairAsDefault(identityName, isKsk, keySize); |
| 101 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 102 | |
| 103 | /** |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 104 | * Create a public key signing request. |
| 105 | * @param keyName The name of the key. |
| 106 | * @returns The signing request data. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 107 | */ |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 108 | Blob |
| 109 | createSigningRequest(const Name& keyName) |
| 110 | { |
| 111 | return identityManager_->getPublicKey(keyName)->getKeyDer(); |
| 112 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 113 | |
| 114 | /** |
Jeff Thompson | b63abf5 | 2013-10-04 11:23:34 -0700 | [diff] [blame] | 115 | * Install an identity certificate into the public key identity storage. |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 116 | * @param certificate The certificate to to added. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 117 | */ |
| 118 | void |
Jeff Thompson | c69163b | 2013-10-12 13:49:50 -0700 | [diff] [blame] | 119 | installIdentityCertificate(const IdentityCertificate& certificate) |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 120 | { |
| 121 | identityManager_->addCertificate(certificate); |
| 122 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 123 | |
| 124 | /** |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 125 | * Set the certificate as the default for its corresponding key. |
Jeff Thompson | 418b05a | 2013-10-22 17:48:54 -0700 | [diff] [blame] | 126 | * @param certificateName The certificate. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 127 | */ |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 128 | void |
Jeff Thompson | 418b05a | 2013-10-22 17:48:54 -0700 | [diff] [blame] | 129 | setDefaultCertificateForKey(const IdentityCertificate& certificate) |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 130 | { |
Jeff Thompson | 418b05a | 2013-10-22 17:48:54 -0700 | [diff] [blame] | 131 | identityManager_->setDefaultCertificateForKey(certificate); |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 132 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 133 | |
| 134 | /** |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 135 | * Get a certificate with the specified name. |
| 136 | * @param certificateName The name of the requested certificate. |
Jeff Thompson | c69163b | 2013-10-12 13:49:50 -0700 | [diff] [blame] | 137 | * @return the requested certificate which is valid. |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 138 | */ |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 139 | ptr_lib::shared_ptr<Certificate> |
| 140 | getCertificate(const Name& certificateName) |
| 141 | { |
| 142 | return identityManager_->getCertificate(certificateName); |
| 143 | } |
| 144 | |
| 145 | /** |
| 146 | * Get a certificate even if the certificate is not valid anymore. |
| 147 | * @param certificateName The name of the requested certificate. |
| 148 | * @return the requested certificate. |
| 149 | */ |
| 150 | ptr_lib::shared_ptr<Certificate> |
| 151 | getAnyCertificate(const Name& certificateName) |
| 152 | { |
| 153 | return identityManager_->getAnyCertificate(certificateName); |
| 154 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 155 | |
| 156 | /** |
Jeff Thompson | c69163b | 2013-10-12 13:49:50 -0700 | [diff] [blame] | 157 | * Get an identity certificate with the specified name. |
| 158 | * @param certificateName The name of the requested certificate. |
| 159 | * @return the requested certificate which is valid. |
| 160 | */ |
| 161 | ptr_lib::shared_ptr<IdentityCertificate> |
| 162 | getIdentityCertificate(const Name& certificateName) |
| 163 | { |
| 164 | return identityManager_->getCertificate(certificateName); |
| 165 | } |
| 166 | |
| 167 | /** |
| 168 | * Get an identity certificate even if the certificate is not valid anymore. |
| 169 | * @param certificateName The name of the requested certificate. |
| 170 | * @return the requested certificate. |
| 171 | */ |
| 172 | ptr_lib::shared_ptr<IdentityCertificate> |
| 173 | getAnyIdentityCertificate(const Name& certificateName) |
| 174 | { |
| 175 | return identityManager_->getAnyCertificate(certificateName); |
| 176 | } |
| 177 | |
| 178 | /** |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 179 | * Revoke a key |
| 180 | * @param keyName the name of the key that will be revoked |
| 181 | */ |
| 182 | void |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 183 | revokeKey(const Name & keyName) |
| 184 | { |
| 185 | //TODO: Implement |
| 186 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 187 | |
| 188 | /** |
| 189 | * Revoke a certificate |
| 190 | * @param certificateName the name of the certificate that will be revoked |
| 191 | */ |
| 192 | void |
Jeff Thompson | e7e069b | 2013-09-27 15:48:48 -0700 | [diff] [blame] | 193 | revokeCertificate(const Name & certificateName) |
| 194 | { |
| 195 | //TODO: Implement |
| 196 | } |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 197 | |
Jeff Thompson | 418b05a | 2013-10-22 17:48:54 -0700 | [diff] [blame] | 198 | ptr_lib::shared_ptr<IdentityManager> |
| 199 | getIdentityManager() { return identityManager_; } |
| 200 | |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 201 | /***************************************** |
| 202 | * Policy Management * |
| 203 | *****************************************/ |
| 204 | |
| 205 | const ptr_lib::shared_ptr<PolicyManager>& |
| 206 | getPolicyManager() { return policyManager_; } |
| 207 | |
| 208 | /***************************************** |
| 209 | * Sign/Verify * |
| 210 | *****************************************/ |
| 211 | |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 212 | /** |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 213 | * Wire encode the Data object, sign it and set its signature. |
Jeff Thompson | ade5b1e | 2013-08-09 12:16:45 -0700 | [diff] [blame] | 214 | * Note: the caller must make sure the timestamp is correct, for example with |
Jeff Thompson | fec716d | 2013-09-11 13:54:36 -0700 | [diff] [blame] | 215 | * data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0). |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 216 | * @param data The Data object to be signed. This updates its signature and key locator field and wireEncoding. |
Jeff Thompson | 9296f0c | 2013-09-23 18:10:27 -0700 | [diff] [blame] | 217 | * @param certificateName The certificate name of the key to use for signing. If omitted, infer the signing identity from the data packet name. |
Jeff Thompson | 8d24fe1 | 2013-09-18 15:54:51 -0700 | [diff] [blame] | 218 | * @param wireFormat A WireFormat object used to encode the input. If omitted, use WireFormat getDefaultWireFormat(). |
Jeff Thompson | 3c73da4 | 2013-08-12 11:19:05 -0700 | [diff] [blame] | 219 | */ |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 220 | void |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 221 | sign(Data& data, const Name& certificateName, WireFormat& wireFormat = *WireFormat::getDefaultWireFormat()); |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 222 | |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 223 | /** |
Jeff Thompson | c01e178 | 2013-10-21 14:08:42 -0700 | [diff] [blame] | 224 | * Sign the byte array using a certificate name and return a Signature object. |
| 225 | * @param buffer The byte array to be signed. |
| 226 | * @param bufferLength the length of buffer. |
| 227 | * @param certificateName The certificate name used to get the signing key and which will be put into KeyLocator. |
| 228 | * @return The Signature. |
| 229 | */ |
| 230 | ptr_lib::shared_ptr<Signature> |
| 231 | sign(const uint8_t* buffer, size_t bufferLength, const Name& certificateName); |
| 232 | |
| 233 | /** |
| 234 | * Sign the byte array using a certificate name and return a Signature object. |
| 235 | * @param buffer The byte array to be signed. |
| 236 | * @param certificateName The certificate name used to get the signing key and which will be put into KeyLocator. |
| 237 | * @return The Signature. |
| 238 | */ |
| 239 | ptr_lib::shared_ptr<Signature> |
| 240 | sign(const std::vector<uint8_t>& buffer, const Name& certificateName) |
| 241 | { |
| 242 | return sign(&buffer[0], buffer.size(), certificateName); |
| 243 | } |
| 244 | |
| 245 | /** |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 246 | * Wire encode the Data object, sign it and set its signature. |
| 247 | * Note: the caller must make sure the timestamp is correct, for example with |
| 248 | * data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0). |
| 249 | * @param data The Data object to be signed. This updates its signature and key locator field and wireEncoding. |
| 250 | * @param identityName The identity name for the key to use for signing. If omitted, infer the signing identity from the data packet name. |
| 251 | * @param wireFormat A WireFormat object used to encode the input. If omitted, use WireFormat getDefaultWireFormat(). |
| 252 | */ |
| 253 | void |
| 254 | signByIdentity(Data& data, const Name& identityName = Name(), WireFormat& wireFormat = *WireFormat::getDefaultWireFormat()); |
Jeff Thompson | 3c73da4 | 2013-08-12 11:19:05 -0700 | [diff] [blame] | 255 | |
| 256 | /** |
Jeff Thompson | c01e178 | 2013-10-21 14:08:42 -0700 | [diff] [blame] | 257 | * Sign the byte array using an identity name and return a Signature object. |
| 258 | * @param buffer The byte array to be signed. |
| 259 | * @param bufferLength the length of buffer. |
| 260 | * @param identityName The identity name. |
| 261 | * @return The Signature. |
| 262 | */ |
| 263 | ptr_lib::shared_ptr<Signature> |
| 264 | signByIdentity(const uint8_t* buffer, size_t bufferLength, const Name& identityName); |
| 265 | |
| 266 | /** |
| 267 | * Sign the byte array using an identity name and return a Signature object. |
| 268 | * @param buffer The byte array to be signed. |
| 269 | * @param identityName The identity name. |
| 270 | * @return The Signature. |
| 271 | */ |
| 272 | ptr_lib::shared_ptr<Signature> |
| 273 | signByIdentity(const std::vector<uint8_t>& buffer, const Name& identityName) |
| 274 | { |
| 275 | return signByIdentity(&buffer[0], buffer.size(), identityName); |
| 276 | } |
| 277 | |
| 278 | /** |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 279 | * Check the signature on the Data object and call either onVerify or onVerifyFailed. |
| 280 | * We use callback functions because verify may fetch information to check the signature. |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 281 | * @param data The Data object with the signature to check. It is an error if data does not have a wireEncoding. |
| 282 | * To set the wireEncoding, you can call data.wireDecode. |
| 283 | * @param onVerified If the signature is verified, this calls onVerified(data). |
| 284 | * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data). |
Jeff Thompson | 8efe5ad | 2013-08-20 17:36:38 -0700 | [diff] [blame] | 285 | */ |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 286 | void |
Jeff Thompson | 7c5d231 | 2013-09-25 16:07:15 -0700 | [diff] [blame] | 287 | verifyData |
| 288 | (const ptr_lib::shared_ptr<Data>& data, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed, int stepCount = 0); |
Jeff Thompson | 8efe5ad | 2013-08-20 17:36:38 -0700 | [diff] [blame] | 289 | |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 290 | /***************************************** |
| 291 | * Encrypt/Decrypt * |
| 292 | *****************************************/ |
| 293 | |
| 294 | /** |
| 295 | * Generate a symmetric key. |
| 296 | * @param keyName The name of the generated key. |
| 297 | * @param keyType The type of the key, e.g. KEY_TYPE_AES |
| 298 | */ |
| 299 | void |
| 300 | generateSymmetricKey(const Name& keyName, KeyType keyType) |
| 301 | { |
| 302 | encryptionManager_->createSymmetricKey(keyName, keyType); |
| 303 | } |
| 304 | |
| 305 | /** |
| 306 | * Encrypt a byte array. |
| 307 | * @param keyName The name of the encrypting key. |
| 308 | * @param data The byte array that will be encrypted. |
| 309 | * @param dataLength The length of data. |
| 310 | * @param useSymmetric If true then symmetric encryption is used, otherwise asymmetric encryption is used. |
| 311 | * @param encryptMode the encryption mode |
| 312 | * @return the encrypted data as an immutable Blob. |
| 313 | */ |
| 314 | Blob |
| 315 | encrypt(const Name &keyName, const uint8_t* data, size_t dataLength, bool useSymmetric = true, |
| 316 | EncryptMode encryptMode = ENCRYPT_MODE_DEFAULT) |
| 317 | { |
| 318 | return encryptionManager_->encrypt(keyName, data, dataLength, useSymmetric, encryptMode); |
| 319 | } |
| 320 | |
| 321 | /** |
| 322 | * Decrypt a byte array. |
| 323 | * @param keyName The name of the decrypting key. |
| 324 | * @param data The byte array that will be decrypted. |
| 325 | * @param dataLength The length of data. |
| 326 | * @param useSymmetric If true then symmetric encryption is used, otherwise asymmetric encryption is used. |
| 327 | * @param encryptMode the encryption mode |
| 328 | * @return the decrypted data as an immutable Blob. |
| 329 | */ |
| 330 | Blob |
| 331 | decrypt(const Name &keyName, const uint8_t* data, size_t dataLength, bool useSymmetric = true, |
| 332 | EncryptMode encryptMode = ENCRYPT_MODE_DEFAULT) |
| 333 | { |
| 334 | return encryptionManager_->decrypt(keyName, data, dataLength, useSymmetric, encryptMode); |
| 335 | } |
| 336 | |
Jeff Thompson | 8efe5ad | 2013-08-20 17:36:38 -0700 | [diff] [blame] | 337 | /** |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 338 | * Set the Face which will be used to fetch required certificates. |
| 339 | * @param face A pointer to the Face object. |
Jeff Thompson | 1e90d8c | 2013-08-12 16:09:25 -0700 | [diff] [blame] | 340 | */ |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 341 | void |
| 342 | setFace(Face* face) { face_ = face; } |
| 343 | |
| 344 | private: |
Jeff Thompson | 40f361a | 2013-09-25 13:12:48 -0700 | [diff] [blame] | 345 | ptr_lib::shared_ptr<IdentityManager> identityManager_; |
Jeff Thompson | 29ce310 | 2013-09-27 11:47:48 -0700 | [diff] [blame] | 346 | ptr_lib::shared_ptr<PolicyManager> policyManager_; |
Jeff Thompson | 79a2d5d | 2013-09-27 14:32:23 -0700 | [diff] [blame] | 347 | ptr_lib::shared_ptr<EncryptionManager> encryptionManager_; |
Jeff Thompson | 2ce8f49 | 2013-09-17 18:01:25 -0700 | [diff] [blame] | 348 | Face* face_; |
| 349 | const int maxSteps_; |
Jeff Thompson | 47c93cf | 2013-08-09 00:38:48 -0700 | [diff] [blame] | 350 | }; |
| 351 | |
| 352 | } |
| 353 | |
| 354 | #endif |