Blame - ndn-cpp/security/identity/identity-manager.cpp - ndn-cxx

blob: 93e61d481bcec95c813f483f7ddfcd244e18bcbe [file] [log] [blame]

Jeff Thompson	25b4e61	2013-10-10 16:03:24 -0700	[diff] [blame]	1	/* -- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -- */
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	2	/**
Jeff Thompson	7687dc0	2013-09-13 11:54:07 -0700	[diff] [blame]	3	* Copyright (C) 2013 Regents of the University of California.
Jeff Thompson	06e787d	2013-09-12 19:00:55 -0700	[diff] [blame]	4	* @author: Yingdi Yu <yingdi@cs.ucla.edu>
Jeff Thompson	7687dc0	2013-09-13 11:54:07 -0700	[diff] [blame]	5	* @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	6	* See COPYING for copyright and distribution information.
				7	*/
				8
Jeff Thompson	0f2096f	2013-10-01 14:49:42 -0700	[diff] [blame]	9	#if 1
				10	#include <stdexcept>
				11	#endif
Jeff Thompson	e7e069b	2013-09-27 15:48:48 -0700	[diff] [blame]	12	#include "../../util/logging.hpp"
Jeff Thompson	25b4e61	2013-10-10 16:03:24 -0700	[diff] [blame]	13	#include <ndn-cpp/sha256-with-rsa-signature.hpp>
				14	#include <ndn-cpp/security/security-exception.hpp>
				15	#include <ndn-cpp/security/identity/identity-manager.hpp>
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	16
Jeff Thompson	9296f0c	2013-09-23 18:10:27 -0700	[diff] [blame]	17	using namespace std;
				18	using namespace ndn::ptr_lib;
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	19
Jeff Thompson	9296f0c	2013-09-23 18:10:27 -0700	[diff] [blame]	20	namespace ndn {
Jeff Thompson	86e1d75	2013-09-17 17:22:38 -0700	[diff] [blame]	21
Jeff Thompson	e7e069b	2013-09-27 15:48:48 -0700	[diff] [blame]	22	Name
				23	IdentityManager::createIdentity(const Name& identityName)
				24	{
				25	if (!identityStorage_->doesIdentityExist(identityName)) {
				26	_LOG_DEBUG("Create Identity");
				27	identityStorage_->addIdentity(identityName);
				28
				29	_LOG_DEBUG("Create Default RSA key pair");
				30	Name keyName = generateRSAKeyPairAsDefault(identityName, true);
				31
				32	_LOG_DEBUG("Create self-signed certificate");
				33	shared_ptr<Certificate> selfCert = selfSign(keyName);
				34
				35	_LOG_DEBUG("Add self-signed certificate as default");
				36	addCertificateAsDefault(*selfCert);
				37
				38	return keyName;
				39	}
				40	else
				41	throw SecurityException("Identity has already been created!");
				42	}
				43
				44	Name
				45	IdentityManager::generateRSAKeyPair(const Name& identityName, bool isKsk, int keySize)
				46	{
				47	Name keyName = generateKeyPair(identityName, isKsk, KEY_TYPE_RSA, keySize);
				48	_LOG_DEBUG("OK2");
				49	return keyName;
				50	}
				51
				52	Name
				53	IdentityManager::generateRSAKeyPairAsDefault(const Name& identityName, bool isKsk, int keySize)
				54	{
				55	Name keyName = generateKeyPair(identityName, isKsk, KEY_TYPE_RSA, keySize);
				56
				57	identityStorage_->setDefaultKeyNameForIdentity(keyName, identityName);
				58
				59	return keyName;
				60	}
				61
				62	void
				63	IdentityManager::setDefaultCertificateForKey(const Name& certificateName)
				64	{
				65	Name keyName = identityStorage_->getKeyNameForCertificate(certificateName);
				66
				67	if (!identityStorage_->doesKeyExist(keyName))
				68	throw SecurityException("No corresponding Key record for certificaite!");
				69
				70	identityStorage_->setDefaultCertificateNameForKey (keyName, certificateName);
				71	}
				72
				73	void
				74	IdentityManager::addCertificateAsIdentityDefault(const Certificate& certificate)
				75	{
				76	identityStorage_->addCertificate(certificate);
				77
				78	Name keyName = identityStorage_->getKeyNameForCertificate(certificate.getName());
				79
				80	setDefaultKeyForIdentity(keyName);
				81	setDefaultCertificateForKey(certificate.getName());
				82	}
				83
Jeff Thompson	f39a536	2013-10-10 16:22:44 -0700	[diff] [blame]	84	void
				85	IdentityManager::addCertificateAsDefault(const Certificate& certificate)
				86	{
				87	identityStorage_->addCertificate(certificate);
				88	setDefaultCertificateForKey(certificate.getName());
				89	}
				90
Jeff Thompson	0050abe	2013-09-17 12:50:25 -0700	[diff] [blame]	91	void
Jeff Thompson	86e1d75	2013-09-17 17:22:38 -0700	[diff] [blame]	92	IdentityManager::signByCertificate(Data &data, const Name &certificateName, WireFormat& wireFormat)
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	93	{
Jeff Thompson	9296f0c	2013-09-23 18:10:27 -0700	[diff] [blame]	94	Name keyName = identityStorage_->getKeyNameForCertificate(certificateName);
				95
				96	shared_ptr<PublicKey> publicKey = privateKeyStorage_->getPublicKey(keyName);
Jeff Thompson	86e1d75	2013-09-17 17:22:38 -0700	[diff] [blame]	97
				98	// For temporary usage, we support RSA + SHA256 only, but will support more.
				99	data.setSignature(Sha256WithRsaSignature());
				100	// Get a pointer to the clone which Data made.
				101	Sha256WithRsaSignature signature = dynamic_cast<Sha256WithRsaSignature>(data.getSignature());
				102	DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256;
				103
				104	signature->getKeyLocator().setType(ndn_KeyLocatorType_KEYNAME);
				105	signature->getKeyLocator().setKeyName(certificateName);
Jeff Thompson	9296f0c	2013-09-23 18:10:27 -0700	[diff] [blame]	106	// Omit the certificate digest.
				107	signature->getKeyLocator().setKeyNameType((ndn_KeyNameType)-1);
Jeff Thompson	86e1d75	2013-09-17 17:22:38 -0700	[diff] [blame]	108	// Ignore witness and leave the digestAlgorithm as the default.
Jeff Thompson	9296f0c	2013-09-23 18:10:27 -0700	[diff] [blame]	109	signature->getPublisherPublicKeyDigest().setPublisherPublicKeyDigest(publicKey->getDigest());
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	110
Jeff Thompson	86e1d75	2013-09-17 17:22:38 -0700	[diff] [blame]	111	// Encode once to get the signed portion.
				112	SignedBlob encoding = data.wireEncode(wireFormat);
				113
				114	signature->setSignature
Jeff Thompson	9296f0c	2013-09-23 18:10:27 -0700	[diff] [blame]	115	(privateKeyStorage_->sign(encoding.signedBuf(), encoding.signedSize(), keyName, digestAlgorithm));
Jeff Thompson	86e1d75	2013-09-17 17:22:38 -0700	[diff] [blame]	116
				117	// Encode again to include the signature.
				118	data.wireEncode(wireFormat);
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	119	}
				120
Jeff Thompson	e7e069b	2013-09-27 15:48:48 -0700	[diff] [blame]	121	Name
				122	IdentityManager::generateKeyPair (const Name& identityName, bool isKsk, KeyType keyType, int keySize)
				123	{
				124	_LOG_DEBUG("Get new key ID");
				125	Name keyName = identityStorage_->getNewKeyName(identityName, isKsk);
				126
				127	_LOG_DEBUG("Generate key pair in private storage");
				128	privateKeyStorage_->generateKeyPair(keyName.toUri(), keyType, keySize);
				129
				130	_LOG_DEBUG("Create a key record in public storage");
				131	shared_ptr<PublicKey> publicKey = privateKeyStorage_->getPublicKey(keyName);
				132	identityStorage_->addKey(keyName, keyType, publicKey->getKeyDer());
				133	_LOG_DEBUG("OK");
				134	return keyName;
				135	}
				136
				137	shared_ptr<Certificate>
				138	IdentityManager::selfSign (const Name& keyName)
				139	{
				140	#if 1
				141	throw std::runtime_error("MemoryIdentityStorage::getNewKeyName not implemented");
				142	#endif
				143	}
				144
Jeff Thompson	4147191	2013-09-12 16:21:50 -0700	[diff] [blame]	145	}