Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / d6d78aa0a495e82d427d23e4bd0214c3cf88048d / . / src / security / signing-info.hpp
blob: 6284644cd410fe7cb1c8786b045c0119264e7245 [file] [log] [blame]
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]3 * Copyright (c) 2013-2017 Regents of the University of California.
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#ifndef NDN_SECURITY_SIGNING_INFO_HPP
23#define NDN_SECURITY_SIGNING_INFO_HPP
24
25#include "../name.hpp"
26#include "../signature-info.hpp"
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]27#include "pib/identity.hpp"
28#include "pib/key.hpp"
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]29#include "security-common.hpp"
30
31
32namespace ndn {
33namespace security {
34
35/**
36 * @brief Signing parameters passed to KeyChain
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]37 *
38 * A SigningInfo is invalid if the specified identity/key/certificate does not exist,
39 * or the PIB Identity or Key instance is not valid.
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]40 */
41class SigningInfo
42{
43public:
44 class Error : public std::runtime_error
45 {
46 public:
47 explicit
48 Error(const std::string& what)
49 : std::runtime_error(what)
50 {
51 }
52 };
53
54 enum SignerType {
55 /// @brief no signer is specified, use default setting or follow the trust schema
56 SIGNER_TYPE_NULL = 0,
57 /// @brief signer is an identity, use its default key and default certificate
58 SIGNER_TYPE_ID = 1,
59 /// @brief signer is a key, use its default certificate
60 SIGNER_TYPE_KEY = 2,
61 /// @brief signer is a certificate, use it directly
62 SIGNER_TYPE_CERT = 3,
63 /// @brief use sha256 digest, no signer needs to be specified
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]64 SIGNER_TYPE_SHA256 = 4,
65 /// @brief given PIB identity handle, use its default key and default certificate
66 SIGNER_TYPE_PIB_ID = 5,
67 /// @brief given PIB key handle, use its default certificate
68 SIGNER_TYPE_PIB_KEY = 6
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]69 };
70
71public:
72 /**
73 * @brief Constructor
74 *
75 * @param signerType The type of signer
76 * @param signerName The name of signer; interpretation differs per signerType
77 * @param signatureInfo A semi-prepared SignatureInfo which contains other information except
78 * SignatureType and KeyLocator. If SignatureType and KeyLocator are
79 * specified, they may be overwritten by KeyChain.
80 */
81 explicit
82 SigningInfo(SignerType signerType = SIGNER_TYPE_NULL,
Yingdi Yufe4733a2015-10-22 14:24:12 -0700[diff] [blame]83 const Name& signerName = getEmptyName(),
84 const SignatureInfo& signatureInfo = getEmptySignatureInfo());
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]85
86 /**
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]87 * @brief Create a signingInfo using pib identity;
88 */
89 explicit
90 SigningInfo(const Identity& identity);
91
92 /**
93 * @brief Create a signingInfo using pib key;
94 */
95 explicit
96 SigningInfo(const Key& key);
97
98 /**
Spencer Lee308bc442015-11-24 02:59:55 -0700[diff] [blame]99 * @brief Construct SigningInfo from its string representation
100 *
101 * @param signingStr The representative signing string for SigningInfo signing method
102 *
103 * Structure of the representative string is as follows:
104 * - default signing: "" (empty string)
105 * - signing with a default certificate of a default key for the identity: `id:/my-identity`
106 * - signing with a default certificate of the key: `key:/my-identity/ksk-1`
107 * - signing with the certificate: `cert:/my-identity/KEY/ksk-1/ID-CERT/%FD%01`
108 * - signing with sha256 digest: `id:/localhost/identity/digest-sha256`
109 */
110 explicit
111 SigningInfo(const std::string& signingStr);
112
113 /**
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]114 * @brief Set signer as an identity with name @p identity
115 * @post Change the signerType to SIGNER_TYPE_ID
116 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]117 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]118 setSigningIdentity(const Name& identity);
119
120 /**
121 * @brief Set signer as a key with name @p keyName
122 * @post Change the signerType to SIGNER_TYPE_KEY
123 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]124 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]125 setSigningKeyName(const Name& keyName);
126
127 /**
128 * @brief Set signer as a certificate with name @p certificateName
129 * @post Change the signerType to SIGNER_TYPE_CERT
130 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]131 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]132 setSigningCertName(const Name& certificateName);
133
134 /**
135 * @brief Set Sha256 as the signing method
136 * @post Reset signerName, also change the signerType to SIGNER_TYPE_SHA256
137 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]138 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]139 setSha256Signing();
140
141 /**
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]142 * @brief Set signer as a PIB identity handler @p identity
143 * @post Change the signerType to SIGNER_TYPE_PIB_ID
144 */
145 SigningInfo&
146 setPibIdentity(const Identity& identity);
147
148 /**
149 * @brief Set signer as a PIB key handler @p key
150 * @post Change the signerType to SIGNER_TYPE_PIB_KEY
151 */
152 SigningInfo&
153 setPibKey(const Key& key);
154
155 /**
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]156 * @return Type of the signer
157 */
158 SignerType
159 getSignerType() const
160 {
161 return m_type;
162 }
163
164 /**
165 * @return Name of signer; interpretation differs per signerType
166 */
167 const Name&
168 getSignerName() const
169 {
170 return m_name;
171 }
172
173 /**
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]174 * @pre signerType must be SIGNER_TYPE_PIB_ID
175 * @return the identity handler of signer
176 */
177 const Identity&
178 getPibIdentity() const
179 {
180 BOOST_ASSERT(m_type == SIGNER_TYPE_PIB_ID);
181 return m_identity;
182 }
183
184 /**
185 * @pre signerType must be SIGNER_TYPE_PIB_KEY
186 * @return the key handler of signer
187 */
188 const Key&
189 getPibKey() const
190 {
191 BOOST_ASSERT(m_type == SIGNER_TYPE_PIB_KEY);
192 return m_key;
193 }
194
195 /**
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]196 * @brief Set the digest algorithm for public key operations
197 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]198 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]199 setDigestAlgorithm(const DigestAlgorithm& algorithm)
200 {
201 m_digestAlgorithm = algorithm;
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]202 return *this;
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]203 }
204
205 /**
206 * @return The digest algorithm for public key operations
207 */
208 DigestAlgorithm
209 getDigestAlgorithm() const
210 {
211 return m_digestAlgorithm;
212 }
213
214 /**
215 * @brief Set a semi-prepared SignatureInfo;
216 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800[diff] [blame]217 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]218 setSignatureInfo(const SignatureInfo& signatureInfo);
219
220 /**
221 * @return Semi-prepared SignatureInfo
222 */
223 const SignatureInfo&
224 getSignatureInfo() const
225 {
226 return m_info;
227 }
228
229public:
Yingdi Yufe4733a2015-10-22 14:24:12 -0700[diff] [blame]230 static const Name&
231 getEmptyName();
232
233 static const SignatureInfo&
234 getEmptySignatureInfo();
235
236 /**
237 * @brief A localhost identity to indicate that the signature is generated using SHA-256.
238 */
239 static const Name&
240 getDigestSha256Identity();
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]241
242private:
243 SignerType m_type;
244 Name m_name;
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800[diff] [blame^]245 Identity m_identity;
246 Key m_key;
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]247 DigestAlgorithm m_digestAlgorithm;
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]248 SignatureInfo m_info;
249};
250
Spencer Lee308bc442015-11-24 02:59:55 -0700[diff] [blame]251std::ostream&
252operator<<(std::ostream& os, const SigningInfo& si);
253
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]254} // namespace security
255} // namespace ndn
256
257#endif // NDN_SECURITY_SIGNING_INFO_HPP