blob: ad97b897b5610c38bc08d9b7a8c85d697b43f57f [file] [log] [blame]
Yingdi Yu1b0311c2015-06-10 14:58:47 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Alexander Afanasyevc95f5642017-01-04 17:34:26 -08003 * Copyright (c) 2013-2017 Regents of the University of California.
Yingdi Yu1b0311c2015-06-10 14:58:47 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#ifndef NDN_SECURITY_SIGNING_INFO_HPP
23#define NDN_SECURITY_SIGNING_INFO_HPP
24
25#include "../name.hpp"
26#include "../signature-info.hpp"
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -080027#include "pib/identity.hpp"
28#include "pib/key.hpp"
Yingdi Yu1b0311c2015-06-10 14:58:47 -070029#include "security-common.hpp"
30
Yingdi Yu1b0311c2015-06-10 14:58:47 -070031namespace ndn {
32namespace security {
33
34/**
35 * @brief Signing parameters passed to KeyChain
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -080036 *
37 * A SigningInfo is invalid if the specified identity/key/certificate does not exist,
38 * or the PIB Identity or Key instance is not valid.
Yingdi Yu1b0311c2015-06-10 14:58:47 -070039 */
40class SigningInfo
41{
42public:
43 class Error : public std::runtime_error
44 {
45 public:
46 explicit
47 Error(const std::string& what)
48 : std::runtime_error(what)
49 {
50 }
51 };
52
53 enum SignerType {
54 /// @brief no signer is specified, use default setting or follow the trust schema
55 SIGNER_TYPE_NULL = 0,
56 /// @brief signer is an identity, use its default key and default certificate
57 SIGNER_TYPE_ID = 1,
58 /// @brief signer is a key, use its default certificate
59 SIGNER_TYPE_KEY = 2,
60 /// @brief signer is a certificate, use it directly
61 SIGNER_TYPE_CERT = 3,
62 /// @brief use sha256 digest, no signer needs to be specified
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -080063 SIGNER_TYPE_SHA256 = 4,
Yingdi Yu1b0311c2015-06-10 14:58:47 -070064 };
65
66public:
67 /**
68 * @brief Constructor
69 *
70 * @param signerType The type of signer
71 * @param signerName The name of signer; interpretation differs per signerType
72 * @param signatureInfo A semi-prepared SignatureInfo which contains other information except
73 * SignatureType and KeyLocator. If SignatureType and KeyLocator are
74 * specified, they may be overwritten by KeyChain.
75 */
76 explicit
77 SigningInfo(SignerType signerType = SIGNER_TYPE_NULL,
Yingdi Yufe4733a2015-10-22 14:24:12 -070078 const Name& signerName = getEmptyName(),
79 const SignatureInfo& signatureInfo = getEmptySignatureInfo());
Yingdi Yu1b0311c2015-06-10 14:58:47 -070080
81 /**
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -080082 * @brief Create a signingInfo using pib identity;
83 */
84 explicit
85 SigningInfo(const Identity& identity);
86
87 /**
88 * @brief Create a signingInfo using pib key;
89 */
90 explicit
91 SigningInfo(const Key& key);
92
93 /**
Spencer Lee308bc442015-11-24 02:59:55 -070094 * @brief Construct SigningInfo from its string representation
95 *
96 * @param signingStr The representative signing string for SigningInfo signing method
97 *
98 * Structure of the representative string is as follows:
99 * - default signing: "" (empty string)
100 * - signing with a default certificate of a default key for the identity: `id:/my-identity`
101 * - signing with a default certificate of the key: `key:/my-identity/ksk-1`
102 * - signing with the certificate: `cert:/my-identity/KEY/ksk-1/ID-CERT/%FD%01`
103 * - signing with sha256 digest: `id:/localhost/identity/digest-sha256`
104 */
105 explicit
106 SigningInfo(const std::string& signingStr);
107
108 /**
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700109 * @brief Set signer as an identity with name @p identity
110 * @post Change the signerType to SIGNER_TYPE_ID
111 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800112 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700113 setSigningIdentity(const Name& identity);
114
115 /**
116 * @brief Set signer as a key with name @p keyName
117 * @post Change the signerType to SIGNER_TYPE_KEY
118 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800119 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700120 setSigningKeyName(const Name& keyName);
121
122 /**
123 * @brief Set signer as a certificate with name @p certificateName
124 * @post Change the signerType to SIGNER_TYPE_CERT
125 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800126 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700127 setSigningCertName(const Name& certificateName);
128
129 /**
130 * @brief Set Sha256 as the signing method
131 * @post Reset signerName, also change the signerType to SIGNER_TYPE_SHA256
132 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800133 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700134 setSha256Signing();
135
136 /**
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800137 * @brief Set signer as a PIB identity handler @p identity
Junxiao Shife1239a2017-01-27 20:36:12 +0000138 * @post Change the signerType to SIGNER_TYPE_ID
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800139 */
140 SigningInfo&
141 setPibIdentity(const Identity& identity);
142
143 /**
144 * @brief Set signer as a PIB key handler @p key
Junxiao Shife1239a2017-01-27 20:36:12 +0000145 * @post Change the signerType to SIGNER_TYPE_KEY
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800146 */
147 SigningInfo&
148 setPibKey(const Key& key);
149
150 /**
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700151 * @return Type of the signer
152 */
153 SignerType
154 getSignerType() const
155 {
156 return m_type;
157 }
158
159 /**
160 * @return Name of signer; interpretation differs per signerType
161 */
162 const Name&
163 getSignerName() const
164 {
165 return m_name;
166 }
167
168 /**
Junxiao Shife1239a2017-01-27 20:36:12 +0000169 * @pre signerType must be SIGNER_TYPE_ID
170 * @return the identity handler of signer, or Identity() if getSignerName() should be used
171 * to find the identity
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800172 */
173 const Identity&
174 getPibIdentity() const
175 {
Junxiao Shife1239a2017-01-27 20:36:12 +0000176 BOOST_ASSERT(m_type == SIGNER_TYPE_ID);
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800177 return m_identity;
178 }
179
180 /**
Junxiao Shife1239a2017-01-27 20:36:12 +0000181 * @pre signerType must be SIGNER_TYPE_KEY
182 * @return the key handler of signer, or Key() if getSignerName() should be used to find the key
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800183 */
184 const Key&
185 getPibKey() const
186 {
Junxiao Shife1239a2017-01-27 20:36:12 +0000187 BOOST_ASSERT(m_type == SIGNER_TYPE_KEY);
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800188 return m_key;
189 }
190
191 /**
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700192 * @brief Set the digest algorithm for public key operations
193 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800194 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700195 setDigestAlgorithm(const DigestAlgorithm& algorithm)
196 {
197 m_digestAlgorithm = algorithm;
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800198 return *this;
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700199 }
200
201 /**
202 * @return The digest algorithm for public key operations
203 */
204 DigestAlgorithm
205 getDigestAlgorithm() const
206 {
207 return m_digestAlgorithm;
208 }
209
210 /**
211 * @brief Set a semi-prepared SignatureInfo;
212 */
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800213 SigningInfo&
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700214 setSignatureInfo(const SignatureInfo& signatureInfo);
215
216 /**
217 * @return Semi-prepared SignatureInfo
218 */
219 const SignatureInfo&
220 getSignatureInfo() const
221 {
222 return m_info;
223 }
224
225public:
Yingdi Yufe4733a2015-10-22 14:24:12 -0700226 static const Name&
227 getEmptyName();
228
229 static const SignatureInfo&
230 getEmptySignatureInfo();
231
232 /**
233 * @brief A localhost identity to indicate that the signature is generated using SHA-256.
234 */
235 static const Name&
236 getDigestSha256Identity();
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700237
238private:
239 SignerType m_type;
240 Name m_name;
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800241 Identity m_identity;
242 Key m_key;
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700243 DigestAlgorithm m_digestAlgorithm;
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700244 SignatureInfo m_info;
245};
246
Spencer Lee308bc442015-11-24 02:59:55 -0700247std::ostream&
248operator<<(std::ostream& os, const SigningInfo& si);
249
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700250} // namespace security
251} // namespace ndn
252
253#endif // NDN_SECURITY_SIGNING_INFO_HPP