face: simplify prefix registration APIs with SigningInfo
refs #2932
Change-Id: I9a29cf2925272b9fc90b4fb69a14035a75291928
diff --git a/src/face.cpp b/src/face.cpp
index be2aaa1..7f3880a 100644
--- a/src/face.cpp
+++ b/src/face.cpp
@@ -194,83 +194,38 @@
const RegisteredPrefixId*
Face::setInterestFilter(const InterestFilter& interestFilter,
- const OnInterest& onInterest,
- const RegisterPrefixSuccessCallback& onSuccess,
- const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
- uint64_t flags)
+ const OnInterest& onInterest,
+ const RegisterPrefixFailureCallback& onFailure,
+ const security::SigningInfo& signingInfo,
+ uint64_t flags)
{
- shared_ptr<InterestFilterRecord> filter =
- make_shared<InterestFilterRecord>(interestFilter, onInterest);
-
- nfd::CommandOptions options;
- if (!certificate.getName().empty()) {
- options.setSigningInfo(signingByCertificate(certificate.getName()));
- }
-
- return m_impl->registerPrefix(interestFilter.getPrefix(), filter,
- onSuccess, onFailure,
- flags, options);
+ return setInterestFilter(interestFilter,
+ onInterest,
+ RegisterPrefixSuccessCallback(),
+ onFailure,
+ signingInfo,
+ flags);
}
const RegisteredPrefixId*
Face::setInterestFilter(const InterestFilter& interestFilter,
- const OnInterest& onInterest,
- const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
- uint64_t flags)
+ const OnInterest& onInterest,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const security::SigningInfo& signingInfo,
+ uint64_t flags)
{
- shared_ptr<InterestFilterRecord> filter =
- make_shared<InterestFilterRecord>(interestFilter, onInterest);
+ shared_ptr<InterestFilterRecord> filter =
+ make_shared<InterestFilterRecord>(interestFilter, onInterest);
- nfd::CommandOptions options;
- if (!certificate.getName().empty()) {
- options.setSigningInfo(signingByCertificate(certificate.getName()));
- }
+ nfd::CommandOptions options;
+ options.setSigningInfo(signingInfo);
- return m_impl->registerPrefix(interestFilter.getPrefix(), filter,
- RegisterPrefixSuccessCallback(), onFailure,
- flags, options);
+ return m_impl->registerPrefix(interestFilter.getPrefix(), filter,
+ onSuccess, onFailure,
+ flags, options);
}
-const RegisteredPrefixId*
-Face::setInterestFilter(const InterestFilter& interestFilter,
- const OnInterest& onInterest,
- const RegisterPrefixSuccessCallback& onSuccess,
- const RegisterPrefixFailureCallback& onFailure,
- const Name& identity,
- uint64_t flags)
-{
- shared_ptr<InterestFilterRecord> filter =
- make_shared<InterestFilterRecord>(interestFilter, onInterest);
-
- nfd::CommandOptions options;
- options.setSigningInfo(signingByIdentity(identity));
-
- return m_impl->registerPrefix(interestFilter.getPrefix(), filter,
- onSuccess, onFailure,
- flags, options);
-}
-
-const RegisteredPrefixId*
-Face::setInterestFilter(const InterestFilter& interestFilter,
- const OnInterest& onInterest,
- const RegisterPrefixFailureCallback& onFailure,
- const Name& identity,
- uint64_t flags)
-{
- shared_ptr<InterestFilterRecord> filter =
- make_shared<InterestFilterRecord>(interestFilter, onInterest);
-
- nfd::CommandOptions options;
- options.setSigningInfo(signingByIdentity(identity));
-
- return m_impl->registerPrefix(interestFilter.getPrefix(), filter,
- RegisterPrefixSuccessCallback(), onFailure,
- flags, options);
-}
-
-
const InterestFilterId*
Face::setInterestFilter(const InterestFilter& interestFilter,
const OnInterest& onInterest)
@@ -283,6 +238,87 @@
return reinterpret_cast<const InterestFilterId*>(filter.get());
}
+#ifdef NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
+
+const RegisteredPrefixId*
+Face::setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const IdentityCertificate& certificate,
+ uint64_t flags)
+{
+ security::SigningInfo signingInfo;
+ if (!certificate.getName().empty()) {
+ signingInfo = signingByCertificate(certificate.getName());
+ }
+ return setInterestFilter(interestFilter, onInterest,
+ onSuccess, onFailure,
+ signingInfo, flags);
+}
+
+const RegisteredPrefixId*
+Face::setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixFailureCallback& onFailure,
+ const IdentityCertificate& certificate,
+ uint64_t flags)
+{
+ security::SigningInfo signingInfo;
+ if (!certificate.getName().empty()) {
+ signingInfo = signingByCertificate(certificate.getName());
+ }
+ return setInterestFilter(interestFilter, onInterest,
+ onFailure, signingInfo, flags);
+}
+
+const RegisteredPrefixId*
+Face::setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const Name& identity,
+ uint64_t flags)
+{
+ security::SigningInfo signingInfo = signingByIdentity(identity);
+
+ return setInterestFilter(interestFilter, onInterest,
+ onSuccess, onFailure,
+ signingInfo, flags);
+}
+
+const RegisteredPrefixId*
+Face::setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixFailureCallback& onFailure,
+ const Name& identity,
+ uint64_t flags)
+{
+ security::SigningInfo signingInfo = signingByIdentity(identity);
+
+ return setInterestFilter(interestFilter, onInterest,
+ onFailure, signingInfo, flags);
+}
+
+#endif // NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
+
+const RegisteredPrefixId*
+Face::registerPrefix(const Name& prefix,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const security::SigningInfo& signingInfo,
+ uint64_t flags)
+{
+
+ nfd::CommandOptions options;
+ options.setSigningInfo(signingInfo);
+
+ return m_impl->registerPrefix(prefix, shared_ptr<InterestFilterRecord>(),
+ onSuccess, onFailure,
+ flags, options);
+}
+
+#ifdef NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
const RegisteredPrefixId*
Face::registerPrefix(const Name& prefix,
const RegisterPrefixSuccessCallback& onSuccess,
@@ -290,14 +326,12 @@
const IdentityCertificate& certificate,
uint64_t flags)
{
- nfd::CommandOptions options;
+ security::SigningInfo signingInfo;
if (!certificate.getName().empty()) {
- options.setSigningInfo(signingByCertificate(certificate.getName()));
+ signingInfo = signingByCertificate(certificate.getName());
}
-
- return m_impl->registerPrefix(prefix, shared_ptr<InterestFilterRecord>(),
- onSuccess, onFailure,
- flags, options);
+ return registerPrefix(prefix, onSuccess,
+ onFailure, signingInfo, flags);
}
const RegisteredPrefixId*
@@ -307,13 +341,11 @@
const Name& identity,
uint64_t flags)
{
- nfd::CommandOptions options;
- options.setSigningInfo(signingByIdentity(identity));
-
- return m_impl->registerPrefix(prefix, shared_ptr<InterestFilterRecord>(),
- onSuccess, onFailure,
- flags, options);
+ security::SigningInfo signingInfo = signingByIdentity(identity);
+ return registerPrefix(prefix, onSuccess,
+ onFailure, signingInfo, flags);
}
+#endif // NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
void
Face::unsetInterestFilter(const RegisteredPrefixId* registeredPrefixId)
diff --git a/src/face.hpp b/src/face.hpp
index 2d76773..ab526c3 100644
--- a/src/face.hpp
+++ b/src/face.hpp
@@ -28,7 +28,13 @@
#include "interest.hpp"
#include "interest-filter.hpp"
#include "data.hpp"
+#include "security/signing-info.hpp"
+
+#define NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
+
+#ifdef NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
#include "security/identity-certificate.hpp"
+#endif // NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
namespace boost {
namespace asio {
@@ -247,58 +253,19 @@
*
* @param interestFilter Interest filter (prefix part will be registered with the forwarder)
* @param onInterest A callback to be called when a matching interest is received
- * @param onSuccess A callback to be called when prefixRegister command succeeds
* @param onFailure A callback to be called when prefixRegister command fails
* @param flags (optional) RIB flags
- * @param certificate (optional) A certificate under which the prefix registration
- * command is signed. When omitted, a default certificate of
- * the default identity is used to sign the registration command
+ * @param signingInfo (optional) Signing parameters. When omitted, a default parameters
+ * used in the signature will be used.
*
* @return Opaque registered prefix ID which can be used with unsetInterestFilter or
* removeRegisteredPrefix
- *
- * @note IdentityCertificate() creates a certificate with an empty name, which is an invalid
- * certificate. A valid IdentityCertificate has at least 4 name components, as it follows
- * `<...>/KEY/<...>/<key-id>/ID-CERT/<version>` naming model.
- */
- const RegisteredPrefixId*
- setInterestFilter(const InterestFilter& interestFilter,
- const OnInterest& onInterest,
- const RegisterPrefixSuccessCallback& onSuccess,
- const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate = IdentityCertificate(),
- uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
-
- /**
- * @brief Set InterestFilter to dispatch incoming matching interest to onInterest
- * callback and register the filtered prefix with the connected NDN forwarder
- *
- * This version of setInterestFilter combines setInterestFilter and registerPrefix
- * operations and is intended to be used when only one filter for the same prefix needed
- * to be set. When multiple names sharing the same prefix should be dispatched to
- * different callbacks, use one registerPrefix call, followed (in onSuccess callback) by
- * a series of setInterestFilter calls.
- *
- * @param interestFilter Interest filter (prefix part will be registered with the forwarder)
- * @param onInterest A callback to be called when a matching interest is received
- * @param onFailure A callback to be called when prefixRegister command fails
- * @param flags (optional) RIB flags
- * @param certificate (optional) A certificate under which the prefix registration
- * command is signed. When omitted, a default certificate of
- * the default identity is used to sign the registration command
- *
- * @return Opaque registered prefix ID which can be used with unsetInterestFilter or
- * removeRegisteredPrefix
- *
- * @note IdentityCertificate() creates a certificate with an empty name, which is an invalid
- * certificate. A valid IdentityCertificate has at least 4 name components, as it follows
- * `<...>/KEY/<...>/<key-id>/ID-CERT/<version>` naming model.
*/
const RegisteredPrefixId*
setInterestFilter(const InterestFilter& interestFilter,
const OnInterest& onInterest,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate = IdentityCertificate(),
+ const security::SigningInfo& signingInfo = security::SigningInfo(),
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
/**
@@ -315,44 +282,19 @@
* @param onInterest A callback to be called when a matching interest is received
* @param onSuccess A callback to be called when prefixRegister command succeeds
* @param onFailure A callback to be called when prefixRegister command fails
- * @param identity A signing identity. A prefix registration command is signed
- * under the default certificate of this identity
* @param flags (optional) RIB flags
+ * @param signingInfo (optional) Signing parameters. When omitted, a default parameters
+ * used in the signature will be used.
*
- * @return Opaque registered prefix ID which can be used with removeRegisteredPrefix
+ * @return Opaque registered prefix ID which can be used with unsetInterestFilter or
+ * removeRegisteredPrefix
*/
const RegisteredPrefixId*
setInterestFilter(const InterestFilter& interestFilter,
const OnInterest& onInterest,
const RegisterPrefixSuccessCallback& onSuccess,
const RegisterPrefixFailureCallback& onFailure,
- const Name& identity,
- uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
-
- /**
- * @brief Set InterestFilter to dispatch incoming matching interest to onInterest
- * callback and register the filtered prefix with the connected NDN forwarder
- *
- * This version of setInterestFilter combines setInterestFilter and registerPrefix
- * operations and is intended to be used when only one filter for the same prefix needed
- * to be set. When multiple names sharing the same prefix should be dispatched to
- * different callbacks, use one registerPrefix call, followed (in onSuccess callback) by
- * a series of setInterestFilter calls.
- *
- * @param interestFilter Interest filter (prefix part will be registered with the forwarder)
- * @param onInterest A callback to be called when a matching interest is received
- * @param onFailure A callback to be called when prefixRegister command fails
- * @param identity A signing identity. A prefix registration command is signed
- * under the default certificate of this identity
- * @param flags (optional) RIB flags
- *
- * @return Opaque registered prefix ID which can be used with removeRegisteredPrefix
- */
- const RegisteredPrefixId*
- setInterestFilter(const InterestFilter& interestFilter,
- const OnInterest& onInterest,
- const RegisterPrefixFailureCallback& onFailure,
- const Name& identity,
+ const security::SigningInfo& signingInfo = security::SigningInfo(),
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
/**
@@ -371,8 +313,149 @@
setInterestFilter(const InterestFilter& interestFilter,
const OnInterest& onInterest);
+#ifdef NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
+ /**
+ * @deprecated Use override with SigningInfo instead of this function
+ * @brief Set InterestFilter to dispatch incoming matching interest to onInterest
+ * callback and register the filtered prefix with the connected NDN forwarder
+ *
+ * This version of setInterestFilter combines setInterestFilter and registerPrefix
+ * operations and is intended to be used when only one filter for the same prefix needed
+ * to be set. When multiple names sharing the same prefix should be dispatched to
+ * different callbacks, use one registerPrefix call, followed (in onSuccess callback) by
+ * a series of setInterestFilter calls.
+ *
+ * @param interestFilter Interest filter (prefix part will be registered with the forwarder)
+ * @param onInterest A callback to be called when a matching interest is received
+ * @param onSuccess A callback to be called when prefixRegister command succeeds
+ * @param onFailure A callback to be called when prefixRegister command fails
+ * @param flags (optional) RIB flags
+ * @param certificate (optional) A certificate under which the prefix registration
+ * command is signed. When omitted, a default certificate of
+ * the default identity is used to sign the registration command
+ *
+ * @return Opaque registered prefix ID which can be used with unsetInterestFilter or
+ * removeRegisteredPrefix
+ */
+ const RegisteredPrefixId*
+ setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const IdentityCertificate& certificate,
+ uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
/**
+ * @deprecated Use override with SigningInfo instead of this function
+ * @brief Set InterestFilter to dispatch incoming matching interest to onInterest
+ * callback and register the filtered prefix with the connected NDN forwarder
+ *
+ * This version of setInterestFilter combines setInterestFilter and registerPrefix
+ * operations and is intended to be used when only one filter for the same prefix needed
+ * to be set. When multiple names sharing the same prefix should be dispatched to
+ * different callbacks, use one registerPrefix call, followed (in onSuccess callback) by
+ * a series of setInterestFilter calls.
+ *
+ * @param interestFilter Interest filter (prefix part will be registered with the forwarder)
+ * @param onInterest A callback to be called when a matching interest is received
+ * @param onFailure A callback to be called when prefixRegister command fails
+ * @param flags (optional) RIB flags
+ * @param certificate (optional) A certificate under which the prefix registration
+ * command is signed. When omitted, a default certificate of
+ * the default identity is used to sign the registration command
+ *
+ * @return Opaque registered prefix ID which can be used with unsetInterestFilter or
+ * removeRegisteredPrefix
+ */
+ const RegisteredPrefixId*
+ setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixFailureCallback& onFailure,
+ const IdentityCertificate& certificate,
+ uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
+
+ /**
+ * @deprecated Use override with SigningInfo instead of this function
+ * @brief Set InterestFilter to dispatch incoming matching interest to onInterest
+ * callback and register the filtered prefix with the connected NDN forwarder
+ *
+ * This version of setInterestFilter combines setInterestFilter and registerPrefix
+ * operations and is intended to be used when only one filter for the same prefix needed
+ * to be set. When multiple names sharing the same prefix should be dispatched to
+ * different callbacks, use one registerPrefix call, followed (in onSuccess callback) by
+ * a series of setInterestFilter calls.
+ *
+ * @param interestFilter Interest filter (prefix part will be registered with the forwarder)
+ * @param onInterest A callback to be called when a matching interest is received
+ * @param onSuccess A callback to be called when prefixRegister command succeeds
+ * @param onFailure A callback to be called when prefixRegister command fails
+ * @param identity A signing identity. A prefix registration command is signed
+ * under the default certificate of this identity
+ * @param flags (optional) RIB flags
+ *
+ * @return Opaque registered prefix ID which can be used with removeRegisteredPrefix
+ */
+ const RegisteredPrefixId*
+ setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const Name& identity,
+ uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
+
+ /**
+ * @deprecated Use override with SigningInfo instead of this function
+ * @brief Set InterestFilter to dispatch incoming matching interest to onInterest
+ * callback and register the filtered prefix with the connected NDN forwarder
+ *
+ * This version of setInterestFilter combines setInterestFilter and registerPrefix
+ * operations and is intended to be used when only one filter for the same prefix needed
+ * to be set. When multiple names sharing the same prefix should be dispatched to
+ * different callbacks, use one registerPrefix call, followed (in onSuccess callback) by
+ * a series of setInterestFilter calls.
+ *
+ * @param interestFilter Interest filter (prefix part will be registered with the forwarder)
+ * @param onInterest A callback to be called when a matching interest is received
+ * @param onFailure A callback to be called when prefixRegister command fails
+ * @param identity A signing identity. A prefix registration command is signed
+ * under the default certificate of this identity
+ * @param flags (optional) RIB flags
+ *
+ * @return Opaque registered prefix ID which can be used with removeRegisteredPrefix
+ */
+ const RegisteredPrefixId*
+ setInterestFilter(const InterestFilter& interestFilter,
+ const OnInterest& onInterest,
+ const RegisterPrefixFailureCallback& onFailure,
+ const Name& identity,
+ uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
+#endif // NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
+
+ /**
+ * @brief Register prefix with the connected NDN forwarder
+ *
+ * This method only modifies forwarder's RIB and does not associate any
+ * onInterest callbacks. Use setInterestFilter method to dispatch incoming Interests to
+ * the right callbacks.
+ *
+ * @param prefix A prefix to register with the connected NDN forwarder
+ * @param onSuccess A callback to be called when prefixRegister command succeeds
+ * @param onFailure A callback to be called when prefixRegister command fails
+ * @param signingInfo (optional) Signing parameters. When omitted, a default parameters
+ * used in the signature will be used.
+ *
+ * @return The registered prefix ID which can be used with unregisterPrefix
+ */
+ const RegisteredPrefixId*
+ registerPrefix(const Name& prefix,
+ const RegisterPrefixSuccessCallback& onSuccess,
+ const RegisterPrefixFailureCallback& onFailure,
+ const security::SigningInfo& signingInfo = security::SigningInfo(),
+ uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
+
+#ifdef NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
+ /**
+ * @deprecated Use override with SigningInfo instead of this function
* @brief Register prefix with the connected NDN forwarder
*
* This method only modifies forwarder's RIB and does not associate any
@@ -388,19 +471,16 @@
* @param flags (optional) RIB flags
*
* @return The registered prefix ID which can be used with unregisterPrefix
- *
- * @note IdentityCertificate() creates a certificate with an empty name, which is an invalid
- * certificate. A valid IdentityCertificate has at least 4 name components, as it follows
- * `<...>/KEY/<...>/<key-id>/ID-CERT/<version>` naming model.
*/
const RegisteredPrefixId*
registerPrefix(const Name& prefix,
const RegisterPrefixSuccessCallback& onSuccess,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate = IdentityCertificate(),
+ const IdentityCertificate& certificate,
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
/**
+ * @deprecated Use override with SigningInfo instead of this function
* @brief Register prefix with the connected NDN forwarder and call onInterest when a matching
* interest is received.
*
@@ -423,6 +503,7 @@
const RegisterPrefixFailureCallback& onFailure,
const Name& identity,
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT);
+#endif // NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
/**
* @brief Remove the registered prefix entry with the registeredPrefixId
diff --git a/src/security/conf/checker.hpp b/src/security/conf/checker.hpp
index 3c4ceb2..1364229 100644
--- a/src/security/conf/checker.hpp
+++ b/src/security/conf/checker.hpp
@@ -29,6 +29,7 @@
#include "key-locator-checker.hpp"
#include "../../util/io.hpp"
#include "../validator.hpp"
+#include "../identity-certificate.hpp"
#include <boost/algorithm/string.hpp>
#include <boost/filesystem.hpp>
diff --git a/src/security/validator.hpp b/src/security/validator.hpp
index 5311795..d0faf22 100644
--- a/src/security/validator.hpp
+++ b/src/security/validator.hpp
@@ -34,8 +34,10 @@
#include "signature-sha256-with-ecdsa.hpp"
#include "digest-sha256.hpp"
#include "validation-request.hpp"
+#include "identity-certificate.hpp"
namespace ndn {
+
/**
* @brief Validator is one of the main classes of the security library.
*