security: New generalized signing API in KeyChain
A new API in KeyChain introduces a general interface to sign interest
and data packets and supply necessary signing information, such as
signing identity name, signing key name, or signing certificate name.
In addition, the supplied signing information can include additional
information that signer wants to include in the SignatureInfo of the
signed packet.
Old sign methods `KeyChain::sign(Packet, Name)`, `KeyChain::sign(uint8_t*, size_t, Name)`,
`KeyChain::signByIdentity(Packet, Name)`, `KeyChain::signByIdentity(uint8_t*, size_t, Name)`,
`KeyChain::signWithSha256(Data)`, and `KeyChain::signWithSha256(Interest)`
are now deprecated and will be removed in the next release.
Change-Id: I086e6c6522f70bcb7799e7dfc4cc4b2f8a3816a0
Refs: #2871, #1705
diff --git a/src/signature.hpp b/src/signature.hpp
index 9d7749b..5970270 100644
--- a/src/signature.hpp
+++ b/src/signature.hpp
@@ -50,9 +50,7 @@
Sha256WithEcdsa = tlv::SignatureSha256WithEcdsa
};
- Signature()
- {
- }
+ Signature() = default;
explicit
Signature(const Block& info, const Block& value = Block());
@@ -65,7 +63,9 @@
return m_info.getSignatureType() != -1;
}
- /// @brief Get SignatureInfo in the wire format
+ /**
+ * @brief Get SignatureInfo in the wire format
+ */
const Block&
getInfo() const
{
@@ -80,13 +80,18 @@
void
setInfo(const Block& info);
- /// @brief Set SignatureInfo
+ /**
+ * @brief Set SignatureInfo
+ */
void
setInfo(const SignatureInfo& info)
{
m_info = info;
}
+ /**
+ * @brief Get SignatureValue in the wire format
+ */
const Block&
getValue() const
{
@@ -94,18 +99,26 @@
return m_value;
}
+ /**
+ * @brief Get SignatureValue from a block
+ *
+ * @throws tlv::Error if supplied block has type different from SignatureValue
+ */
void
- setValue(const Block& value)
- {
- m_value = value;
- }
+ setValue(const Block& value);
+ /**
+ * @brief Get signature type
+ */
uint32_t
getType() const
{
return m_info.getSignatureType();
}
+ /**
+ * @brief Check if SignatureInfo block has a KeyLocator
+ */
bool
hasKeyLocator() const
{
@@ -115,7 +128,7 @@
/**
* @brief Get KeyLocator
*
- * @throws Signature::Error if keyLocator does not exist
+ * @throws Signature::Error if KeyLocator does not exist
*/
const KeyLocator&
getKeyLocator() const
@@ -123,7 +136,9 @@
return m_info.getKeyLocator();
}
- /// @brief Set KeyLocator
+ /**
+ * @brief Set KeyLocator
+ */
void
setKeyLocator(const KeyLocator& keyLocator)
{