security: New generalized signing API in KeyChain
A new API in KeyChain introduces a general interface to sign interest
and data packets and supply necessary signing information, such as
signing identity name, signing key name, or signing certificate name.
In addition, the supplied signing information can include additional
information that signer wants to include in the SignatureInfo of the
signed packet.
Old sign methods `KeyChain::sign(Packet, Name)`, `KeyChain::sign(uint8_t*, size_t, Name)`,
`KeyChain::signByIdentity(Packet, Name)`, `KeyChain::signByIdentity(uint8_t*, size_t, Name)`,
`KeyChain::signWithSha256(Data)`, and `KeyChain::signWithSha256(Interest)`
are now deprecated and will be removed in the next release.
Change-Id: I086e6c6522f70bcb7799e7dfc4cc4b2f8a3816a0
Refs: #2871, #1705
diff --git a/tools/ndnsec/op-tool.hpp b/tools/ndnsec/op-tool.hpp
index 65bb665..d72b014 100644
--- a/tools/ndnsec/op-tool.hpp
+++ b/tools/ndnsec/op-tool.hpp
@@ -78,17 +78,17 @@
Buffer dataToSign((istreambuf_iterator<char>(cin)), istreambuf_iterator<char>());
- Signature signature = keyChain.sign(dataToSign.buf(), dataToSign.size(),
- keyChain.getDefaultCertificateName());
+ Block value = keyChain.sign(dataToSign.buf(), dataToSign.size(),
+ security::SigningInfo(security::SigningInfo::SIGNER_TYPE_CERT,
+ keyChain.getDefaultCertificateName()));
- if (signature.getValue().value_size() == 0)
+ if (value.value_size() == 0)
{
std::cerr << "Error signing with default key" << std::endl;
return -1;
}
- std::cout.write(reinterpret_cast<const char*>(signature.getValue().wire()),
- signature.getValue().size());
+ std::cout.write(reinterpret_cast<const char*>(value.wire()), value.size());
}
return 0;