security: CryptoPP functions are used directly to encode/decode DER/BER
This change eliminates the need for custom der decoder/encoder.
Change-Id: I5be2e55cec2b63157927a4ad87fffe8e8651ed3c
diff --git a/include/ndn-cpp/encoding/oid.hpp b/include/ndn-cpp/encoding/oid.hpp
index f217889..f89339c 100644
--- a/include/ndn-cpp/encoding/oid.hpp
+++ b/include/ndn-cpp/encoding/oid.hpp
@@ -12,6 +12,8 @@
#include <vector>
#include <string>
+namespace CryptoPP { class BufferedTransformation; }
+
namespace ndn {
class OID {
@@ -50,6 +52,12 @@
{
return !equal(oid);
}
+
+ void
+ encode(CryptoPP::BufferedTransformation &out) const;
+
+ void
+ decode(CryptoPP::BufferedTransformation &in);
private:
bool equal(const OID& oid) const;
diff --git a/include/ndn-cpp/security/certificate/certificate-extension.hpp b/include/ndn-cpp/security/certificate/certificate-extension.hpp
index b47b880..697993c 100644
--- a/include/ndn-cpp/security/certificate/certificate-extension.hpp
+++ b/include/ndn-cpp/security/certificate/certificate-extension.hpp
@@ -10,12 +10,12 @@
#define NDN_CERTIFICATE_EXTENSION_HPP
#include "../../common.hpp"
-#include "../../util/blob.hpp"
+#include "../../encoding/buffer.hpp"
#include "../../encoding/oid.hpp"
-namespace ndn {
+namespace CryptoPP { class BufferedTransformation; }
-namespace der { class DerNode; }
+namespace ndn {
/**
* A CertificateExtension represents the Extension entry in a certificate.
@@ -23,13 +23,18 @@
class CertificateExtension
{
public:
+ CertificateExtension(CryptoPP::BufferedTransformation &in)
+ {
+ decode(in);
+ }
+
/**
* Create a new CertificateExtension.
* @param oid The oid of subject description entry.
* @param isCritical If true, the extension must be handled.
* @param value The extension value.
*/
- CertificateExtension(const std::string& oid, const bool isCritical, const Blob& value)
+ CertificateExtension(const std::string& oid, const bool isCritical, const Buffer& value)
: extensionId_(oid), isCritical_(isCritical), extensionValue_(value)
{
}
@@ -40,7 +45,7 @@
* @param isCritical If true, the extension must be handled.
* @param value The extension value.
*/
- CertificateExtension(const OID& oid, const bool isCritical, const Blob& value)
+ CertificateExtension(const OID& oid, const bool isCritical, const Buffer& value)
: extensionId_(oid), isCritical_(isCritical), extensionValue_(value)
{
}
@@ -51,29 +56,25 @@
virtual
~CertificateExtension() {}
- /**
- * encode the object into DER syntax tree
- * @return the encoded DER syntax tree
- */
- ptr_lib::shared_ptr<der::DerNode>
- toDer() const;
+ void
+ encode(CryptoPP::BufferedTransformation &out) const;
- Blob
- toDerBlob() const;
-
+ void
+ decode(CryptoPP::BufferedTransformation &in);
+
inline const OID&
getOid() const { return extensionId_; }
inline const bool
getIsCritical() const { return isCritical_; }
- inline const Blob&
+ inline const Buffer&
getValue() const { return extensionValue_; }
protected:
OID extensionId_;
bool isCritical_;
- Blob extensionValue_;
+ Buffer extensionValue_;
};
}
diff --git a/include/ndn-cpp/security/certificate/certificate-subject-description.hpp b/include/ndn-cpp/security/certificate/certificate-subject-description.hpp
index 30af6bf..9576e0d 100644
--- a/include/ndn-cpp/security/certificate/certificate-subject-description.hpp
+++ b/include/ndn-cpp/security/certificate/certificate-subject-description.hpp
@@ -12,42 +12,46 @@
#include "../../common.hpp"
#include "../../encoding/oid.hpp"
+namespace CryptoPP { class BufferedTransformation; }
+
namespace ndn {
-namespace der { class DerNode; }
-
/**
* A CertificateSubjectDescription represents the SubjectDescription entry in a Certificate.
*/
class CertificateSubjectDescription {
public:
- /**
- * Create a new CertificateSubjectDescription.
- * @param oid The oid of the subject description entry.
- * @param value The value of the subject description entry.
- */
- CertificateSubjectDescription(std::string oid, std::string value)
- : oid_(oid), value_(value)
+ CertificateSubjectDescription(CryptoPP::BufferedTransformation &in)
{
- }
-
- /**
- * Create a new CertificateSubjectDescription.
- * @param oid The oid of the subject description entry.
- * @param value The value of the subject description entry.
- */
- CertificateSubjectDescription(OID oid, std::string value)
- : oid_(oid), value_(value)
- {
+ decode(in);
}
/**
- * Encode the object into a DER syntax tree.
- * @return The encoded DER syntax tree.
+ * Create a new CertificateSubjectDescription.
+ * @param oid The oid of the subject description entry.
+ * @param value The value of the subject description entry.
*/
- ptr_lib::shared_ptr<der::DerNode>
- toDer() const;
+ CertificateSubjectDescription(const std::string &oid, const std::string &value)
+ : oid_(oid), value_(value)
+ {
+ }
+ /**
+ * Create a new CertificateSubjectDescription.
+ * @param oid The oid of the subject description entry.
+ * @param value The value of the subject description entry.
+ */
+ CertificateSubjectDescription(const OID &oid, const std::string &value)
+ : oid_(oid), value_(value)
+ {
+ }
+
+ void
+ encode(CryptoPP::BufferedTransformation &out) const;
+
+ void
+ decode(CryptoPP::BufferedTransformation &in);
+
std::string
getOidString() const
{
diff --git a/include/ndn-cpp/security/certificate/certificate.hpp b/include/ndn-cpp/security/certificate/certificate.hpp
index 025e420..0c7323b 100644
--- a/include/ndn-cpp/security/certificate/certificate.hpp
+++ b/include/ndn-cpp/security/certificate/certificate.hpp
@@ -99,8 +99,8 @@
const PublicKey&
getPublicKeyInfo() const { return key_; }
- virtual Name
- getPublicKeyName() const = 0;
+ // virtual Name
+ // getPublicKeyName() const = 0;
/**
* Check if the certificate is valid.
diff --git a/include/ndn-cpp/security/certificate/public-key.hpp b/include/ndn-cpp/security/certificate/public-key.hpp
index a2237fa..43e1223 100644
--- a/include/ndn-cpp/security/certificate/public-key.hpp
+++ b/include/ndn-cpp/security/certificate/public-key.hpp
@@ -9,64 +9,63 @@
#ifndef NDN_PUBLIC_KEY_HPP
#define NDN_PUBLIC_KEY_HPP
-#include "../../util/blob.hpp"
#include "../../encoding/oid.hpp"
+#include "../../encoding/buffer.hpp"
#include "../security-common.hpp"
namespace ndn {
- namespace der { class DerNode; }
-
class PublicKey {
public:
+ struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
+
/**
* The default constructor.
*/
- PublicKey() {}
+ PublicKey();
/**
* Create a new PublicKey with the given values.
* @param algorithm The algorithm of the public key.
* @param keyDer The blob of the PublicKeyInfo in terms of DER.
+ *
+ * @throws PublicKey::Error If algorithm is not supported or keyDer cannot be decoded
*/
- PublicKey(const OID& algorithm, const Blob& keyDer)
- : algorithm_(algorithm), keyDer_(keyDer)
+ PublicKey(const uint8_t *keyDerBuf, size_t keyDerSize);
+
+ const Buffer&
+ get() const
{
+ return key_;
}
- /**
- * Encode the public key into DER.
- * @return the encoded DER syntax tree.
- */
- ptr_lib::shared_ptr<der::DerNode>
- toDer();
+ void
+ set(const uint8_t *keyDerBuf, size_t keyDerSize)
+ {
+ Buffer buf(keyDerBuf, keyDerSize);
+ key_.swap(buf);
+ }
- /**
- * Decode the public key from DER blob.
- * @param keyDer The DER blob.
- * @return The decoded public key.
- */
- static ptr_lib::shared_ptr<PublicKey>
- fromDer(const Blob& keyDer);
+ void
+ encode(CryptoPP::BufferedTransformation &out) const;
- /*
- * Get the digest of the public key.
- * @param digestAlgorithm The digest algorithm. If omitted, use DIGEST_ALGORITHM_SHA256 by default.
- */
- Blob
- getDigest(DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256) const;
+ void
+ decode(CryptoPP::BufferedTransformation &in);
- /*
- * Get the raw bytes of the public key in DER format.
- */
- const Blob&
- getKeyDer() const { return keyDer_; }
-
+ // /*
+ // * Get the digest of the public key.
+ // * @param digestAlgorithm The digest algorithm. If omitted, use DIGEST_ALGORITHM_SHA256 by default.
+ // */
+ // Blob
+ // getDigest(DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256) const;
+
private:
- OID algorithm_; /**< Algorithm */
- Blob keyDer_; /**< PublicKeyInfo in DER */
+ Buffer key_;
};
+std::ostream &
+operator <<(std::ostream &os, const PublicKey &key);
+
}
#endif