Make Signature an abstract base class and added subclass Sha256WithRsaSignature. Change Data.signature to a pointer to a Signature.
diff --git a/ndn-cpp/data.cpp b/ndn-cpp/data.cpp
index 0fb13d6..8dbdab6 100644
--- a/ndn-cpp/data.cpp
+++ b/ndn-cpp/data.cpp
@@ -5,44 +5,16 @@
#include "common.hpp"
#include "data.hpp"
+#include "sha256-with-rsa-signature.hpp"
using namespace std;
namespace ndn {
-void Signature::get(struct ndn_Signature& signatureStruct) const
+Signature::~Signature()
{
- signatureStruct.digestAlgorithmLength = digestAlgorithm_.size();
- if (digestAlgorithm_.size() > 0)
- signatureStruct.digestAlgorithm = (unsigned char *)digestAlgorithm_.buf();
- else
- signatureStruct.digestAlgorithm = 0;
-
- signatureStruct.witnessLength = witness_.size();
- if (witness_.size() > 0)
- signatureStruct.witness = (unsigned char *)witness_.buf();
- else
- signatureStruct.witness = 0;
-
- signatureStruct.signatureLength = signature_.size();
- if (signature_.size() > 0)
- signatureStruct.signature = (unsigned char *)signature_.buf();
- else
- signatureStruct.signature = 0;
+}
- publisherPublicKeyDigest_.get(signatureStruct.publisherPublicKeyDigest);
- keyLocator_.get(signatureStruct.keyLocator);
-}
-
-void Signature::set(const struct ndn_Signature& signatureStruct)
-{
- digestAlgorithm_ = Blob(signatureStruct.digestAlgorithm, signatureStruct.digestAlgorithmLength);
- witness_ = Blob(signatureStruct.witness, signatureStruct.witnessLength);
- signature_ = Blob(signatureStruct.signature, signatureStruct.signatureLength);
- publisherPublicKeyDigest_.set(signatureStruct.publisherPublicKeyDigest);
- keyLocator_.set(signatureStruct.keyLocator);
-}
-
void MetaInfo::get(struct ndn_MetaInfo& metaInfoStruct) const
{
metaInfoStruct.timestampMilliseconds = timestampMilliseconds_;
@@ -59,9 +31,19 @@
finalBlockID_.setValue(Blob(metaInfoStruct.finalBlockID.value, metaInfoStruct.finalBlockID.valueLength));
}
+Data::Data()
+: signature_(new Sha256WithRsaSignature())
+{
+}
+
+Data::Data(const Name& name)
+: name_(name), signature_(new Sha256WithRsaSignature())
+{
+}
+
void Data::get(struct ndn_Data& dataStruct) const
{
- signature_.get(dataStruct.signature);
+ signature_->get(dataStruct.signature);
name_.get(dataStruct.name);
metaInfo_.get(dataStruct.metaInfo);
@@ -74,7 +56,7 @@
void Data::set(const struct ndn_Data& dataStruct)
{
- signature_.set(dataStruct.signature);
+ signature_->set(dataStruct.signature);
name_.set(dataStruct.name);
metaInfo_.set(dataStruct.metaInfo);
content_ = Blob(dataStruct.content, dataStruct.contentLength);
diff --git a/ndn-cpp/data.hpp b/ndn-cpp/data.hpp
index bca4507..cb0e559 100644
--- a/ndn-cpp/data.hpp
+++ b/ndn-cpp/data.hpp
@@ -8,82 +8,41 @@
#include "common.hpp"
#include "name.hpp"
-#include "publisher-public-key-digest.hpp"
#include "key.hpp"
#include "c/data.h"
namespace ndn {
/**
- * A Signature holds the signature bits and other info representing the signature in a data packet.
+ * A Signature is an abstract base class providing an methods to work with the signature information in a Data packet.
*/
class Signature {
public:
/**
+ * Return a pointer to a new Signature which is a copy of this signature.
+ * This is pure virtual, the subclass must implement it.
+ */
+ virtual ptr_lib::shared_ptr<Signature> clone() const = 0;
+
+ /**
+ * The virtual destructor.
+ */
+ virtual ~Signature();
+
+ /**
* Set the signatureStruct to point to the values in this signature object, without copying any memory.
* WARNING: The resulting pointers in signatureStruct are invalid after a further use of this object which could reallocate memory.
+ * This is pure virtual, the subclass must implement it.
* @param signatureStruct a C ndn_Signature struct where the name components array is already allocated.
*/
- void get(struct ndn_Signature& signatureStruct) const;
+ virtual void get(struct ndn_Signature& signatureStruct) const = 0;
/**
* Clear this signature, and set the values by copying from the ndn_Signature struct.
+ * This is pure virtual, the subclass must implement it.
* @param signatureStruct a C ndn_Signature struct
*/
- void set(const struct ndn_Signature& signatureStruct);
-
- const Blob& getDigestAlgorithm() const { return digestAlgorithm_; }
-
- const Blob& getWitness() const { return witness_; }
-
- const Blob& getSignature() const { return signature_; }
-
- const PublisherPublicKeyDigest& getPublisherPublicKeyDigest() const { return publisherPublicKeyDigest_; }
- PublisherPublicKeyDigest& getPublisherPublicKeyDigest() { return publisherPublicKeyDigest_; }
-
- const KeyLocator& getKeyLocator() const { return keyLocator_; }
- KeyLocator& getKeyLocator() { return keyLocator_; }
-
- void setDigestAlgorithm(const std::vector<unsigned char>& digestAlgorithm) { digestAlgorithm_ = digestAlgorithm; }
- void setDigestAlgorithm(const unsigned char *digestAlgorithm, unsigned int digestAlgorithmLength)
- {
- digestAlgorithm_ = Blob(digestAlgorithm, digestAlgorithmLength);
- }
-
- void setWitness(const std::vector<unsigned char>& witness) { witness_ = witness; }
- void setWitness(const unsigned char *witness, unsigned int witnessLength)
- {
- witness_ = Blob(witness, witnessLength);
- }
-
- void setSignature(const std::vector<unsigned char>& signature) { signature_ = signature; }
- void setSignature(const unsigned char *signature, unsigned int signatureLength)
- {
- signature_ = Blob(signature, signatureLength);
- }
-
- void setPublisherPublicKeyDigest(const PublisherPublicKeyDigest& publisherPublicKeyDigest) { publisherPublicKeyDigest_ = publisherPublicKeyDigest; }
-
- void setKeyLocator(const KeyLocator& keyLocator) { keyLocator_ = keyLocator; }
-
- /**
- * Clear all the fields.
- */
- void clear()
- {
- digestAlgorithm_.reset();
- witness_.reset();
- signature_.reset();
- publisherPublicKeyDigest_.clear();
- keyLocator_.clear();
- }
-
-private:
- Blob digestAlgorithm_; /**< if empty, the default is 2.16.840.1.101.3.4.2.1 (sha-256) */
- Blob witness_;
- Blob signature_;
- PublisherPublicKeyDigest publisherPublicKeyDigest_;
- KeyLocator keyLocator_;
+ virtual void set(const struct ndn_Signature& signatureStruct) = 0;
};
/**
@@ -139,14 +98,16 @@
class Data {
public:
- Data()
- {
- }
-
- Data(const Name& name)
- : name_(name)
- {
- }
+ /**
+ * Create a new Data object with default values and where the signature is a blank Sha256WithRsaSignature.
+ */
+ Data();
+
+ /**
+ * Create a new Data object with the given name and default values and where the signature is a blank Sha256WithRsaSignature.
+ * @param name A reference to the name which is copied.
+ */
+ Data(const Name& name);
Blob wireEncode(WireFormat& wireFormat = *WireFormat::getDefaultWireFormat()) const
{
@@ -174,8 +135,8 @@
*/
void set(const struct ndn_Data& dataStruct);
- const Signature& getSignature() const { return signature_; }
- Signature& getSignature() { return signature_; }
+ const Signature* getSignature() const { return signature_.get(); }
+ Signature* getSignature() { return signature_.get(); }
const Name& getName() const { return name_; }
Name& getName() { return name_; }
@@ -185,7 +146,11 @@
const Blob& getContent() const { return content_; }
- void setSignature(const Signature& signature) { signature_ = signature; }
+ /**
+ * Set the signature to a copy of the given signature.
+ * @param signature The signature object which is cloned.
+ */
+ void setSignature(const Signature& signature) { signature_ = signature.clone(); }
void setName(const Name& name) { name_ = name; }
@@ -210,7 +175,7 @@
void setContent(const ptr_lib::shared_ptr<const std::vector<unsigned char> > &content) { content_ = content; }
private:
- Signature signature_;
+ ptr_lib::shared_ptr<Signature> signature_;
Name name_;
MetaInfo metaInfo_;
Blob content_;
diff --git a/ndn-cpp/node.cpp b/ndn-cpp/node.cpp
index 2170fe9..7c7c5f0 100644
--- a/ndn-cpp/node.cpp
+++ b/ndn-cpp/node.cpp
@@ -8,6 +8,7 @@
#include "c/encoding/binary-xml.h"
#include "forwarding-entry.hpp"
#include "security/key-chain.hpp"
+#include "sha256-with-rsa-signature.hpp"
#include "node.hpp"
using namespace std;
@@ -55,10 +56,11 @@
void Node::NdndIdFetcher::operator()(const ptr_lib::shared_ptr<const Interest>& interest, const ptr_lib::shared_ptr<Data>& ndndIdData)
{
- if (ndndIdData->getSignature().getPublisherPublicKeyDigest().getPublisherPublicKeyDigest().size() > 0) {
+ Sha256WithRsaSignature *signature = dynamic_cast<Sha256WithRsaSignature*>(ndndIdData->getSignature());
+ if (signature && signature->getPublisherPublicKeyDigest().getPublisherPublicKeyDigest().size() > 0) {
// Set the ndndId_ and continue.
// TODO: If there are multiple connected hubs, the NDN ID is really stored per connected hub.
- info_->node_.ndndId_ = ndndIdData->getSignature().getPublisherPublicKeyDigest().getPublisherPublicKeyDigest();
+ info_->node_.ndndId_ = signature->getPublisherPublicKeyDigest().getPublisherPublicKeyDigest();
info_->node_.registerPrefixHelper(info_->prefix_, info_->onInterest_, info_->flags_);
}
// TODO: else need to log not getting the ndndId.
diff --git a/ndn-cpp/security/key-chain.cpp b/ndn-cpp/security/key-chain.cpp
index ba36071..f4b5df3 100644
--- a/ndn-cpp/security/key-chain.cpp
+++ b/ndn-cpp/security/key-chain.cpp
@@ -7,6 +7,7 @@
#include "../c/util/crypto.h"
#include "../c/encoding/binary-xml-data.h"
#include "../encoding/binary-xml-encoder.hpp"
+#include "../sha256-with-rsa-signature.hpp"
#include "key-chain.hpp"
using namespace std;
@@ -76,33 +77,37 @@
(Data& data, const unsigned char *publicKeyDer, unsigned int publicKeyDerLength,
const unsigned char *privateKeyDer, unsigned int privateKeyDerLength, WireFormat& wireFormat)
{
+ Sha256WithRsaSignature *signature = dynamic_cast<Sha256WithRsaSignature*>(data.getSignature());
+ if (!signature)
+ throw std::runtime_error("signature is not Sha256WithRsaSignature");
+
// Clear the signature so we don't encode it below.
- data.getSignature().clear();
+ signature->clear();
// Set the public key.
unsigned char publicKeyDigest[SHA256_DIGEST_LENGTH];
ndn_digestSha256(publicKeyDer, publicKeyDerLength, publicKeyDigest);
- data.getSignature().getPublisherPublicKeyDigest().setPublisherPublicKeyDigest(publicKeyDigest, sizeof(publicKeyDigest));
- data.getSignature().getKeyLocator().setType(ndn_KeyLocatorType_KEY);
- data.getSignature().getKeyLocator().setKeyData(publicKeyDer, publicKeyDerLength);
+ signature->getPublisherPublicKeyDigest().setPublisherPublicKeyDigest(publicKeyDigest, sizeof(publicKeyDigest));
+ signature->getKeyLocator().setType(ndn_KeyLocatorType_KEY);
+ signature->getKeyLocator().setKeyData(publicKeyDer, publicKeyDerLength);
// Sign the fields.
unsigned char dataFieldsDigest[SHA256_DIGEST_LENGTH];
digestDataFieldsSha256(data, wireFormat, dataFieldsDigest);
// TODO: use RSA_size to get the proper size of the signature buffer.
- unsigned char signature[1000];
- unsigned int signatureLength;
+ unsigned char signatureBits[1000];
+ unsigned int signatureBitsLength;
// Use a temporary pointer since d2i updates it.
const unsigned char *derPointer = privateKeyDer;
RSA *privateKey = d2i_RSAPrivateKey(NULL, &derPointer, privateKeyDerLength);
if (!privateKey)
throw std::runtime_error("Error decoding private key in d2i_RSAPrivateKey");
- int success = RSA_sign(NID_sha256, dataFieldsDigest, sizeof(dataFieldsDigest), signature, &signatureLength, privateKey);
+ int success = RSA_sign(NID_sha256, dataFieldsDigest, sizeof(dataFieldsDigest), signatureBits, &signatureBitsLength, privateKey);
// Free the private key before checking for success.
RSA_free(privateKey);
if (!success)
throw std::runtime_error("Error in RSA_sign");
- data.getSignature().setSignature(signature, signatureLength);
+ signature->setSignature(signatureBits, signatureBitsLength);
}
void KeyChain::defaultSign(Data& data, WireFormat& wireFormat)
@@ -116,7 +121,11 @@
Data data;
unsigned int signedFieldsBeginOffset, signedFieldsEndOffset;
wireFormat.decodeData(data, input, inputLength, &signedFieldsBeginOffset, &signedFieldsEndOffset);
- if (data.getSignature().getDigestAlgorithm().size() != 0)
+ Sha256WithRsaSignature *signature = dynamic_cast<Sha256WithRsaSignature*>(data.getSignature());
+ if (!signature)
+ throw std::runtime_error("signature is not Sha256WithRsaSignature");
+
+ if (signature->getDigestAlgorithm().size() != 0)
// TODO: Allow a non-default digest algorithm.
throw std::runtime_error("Cannot verify a data packet with a non-default digest algorithm");
unsigned char dataFieldsDigest[SHA256_DIGEST_LENGTH];
@@ -125,9 +134,9 @@
// Find the public key.
const unsigned char *publicKeyDer;
unsigned int publicKeyDerLength;
- if (data.getSignature().getKeyLocator().getType() == ndn_KeyLocatorType_KEY) {
- publicKeyDer = data.getSignature().getKeyLocator().getKeyData().buf();
- publicKeyDerLength = data.getSignature().getKeyLocator().getKeyData().size();
+ if (signature->getKeyLocator().getType() == ndn_KeyLocatorType_KEY) {
+ publicKeyDer = signature->getKeyLocator().getKeyData().buf();
+ publicKeyDerLength = signature->getKeyLocator().getKeyData().size();
}
else
// Can't find a public key.
@@ -140,8 +149,8 @@
if (!publicKey)
throw std::runtime_error("Error decoding public key in d2i_RSAPublicKey");
int success = RSA_verify
- (NID_sha256, dataFieldsDigest, sizeof(dataFieldsDigest), (unsigned char *)data.getSignature().getSignature().buf(),
- data.getSignature().getSignature().size(), publicKey);
+ (NID_sha256, dataFieldsDigest, sizeof(dataFieldsDigest), (unsigned char *)signature->getSignature().buf(),
+ signature->getSignature().size(), publicKey);
// Free the public key before checking for success.
RSA_free(publicKey);
diff --git a/ndn-cpp/sha256-with-rsa-signature.cpp b/ndn-cpp/sha256-with-rsa-signature.cpp
new file mode 100644
index 0000000..e15bbf2
--- /dev/null
+++ b/ndn-cpp/sha256-with-rsa-signature.cpp
@@ -0,0 +1,50 @@
+/**
+ * @author: Jeff Thompson
+ * See COPYING for copyright and distribution information.
+ */
+
+#include "sha256-with-rsa-signature.hpp"
+
+using namespace std;
+
+namespace ndn {
+
+ptr_lib::shared_ptr<Signature> Sha256WithRsaSignature::clone() const
+{
+ return ptr_lib::shared_ptr<Signature>(new Sha256WithRsaSignature(*this));
+}
+
+void Sha256WithRsaSignature::get(struct ndn_Signature& signatureStruct) const
+{
+ signatureStruct.digestAlgorithmLength = digestAlgorithm_.size();
+ if (digestAlgorithm_.size() > 0)
+ signatureStruct.digestAlgorithm = (unsigned char *)digestAlgorithm_.buf();
+ else
+ signatureStruct.digestAlgorithm = 0;
+
+ signatureStruct.witnessLength = witness_.size();
+ if (witness_.size() > 0)
+ signatureStruct.witness = (unsigned char *)witness_.buf();
+ else
+ signatureStruct.witness = 0;
+
+ signatureStruct.signatureLength = signature_.size();
+ if (signature_.size() > 0)
+ signatureStruct.signature = (unsigned char *)signature_.buf();
+ else
+ signatureStruct.signature = 0;
+
+ publisherPublicKeyDigest_.get(signatureStruct.publisherPublicKeyDigest);
+ keyLocator_.get(signatureStruct.keyLocator);
+}
+
+void Sha256WithRsaSignature::set(const struct ndn_Signature& signatureStruct)
+{
+ digestAlgorithm_ = Blob(signatureStruct.digestAlgorithm, signatureStruct.digestAlgorithmLength);
+ witness_ = Blob(signatureStruct.witness, signatureStruct.witnessLength);
+ signature_ = Blob(signatureStruct.signature, signatureStruct.signatureLength);
+ publisherPublicKeyDigest_.set(signatureStruct.publisherPublicKeyDigest);
+ keyLocator_.set(signatureStruct.keyLocator);
+}
+
+}
diff --git a/ndn-cpp/sha256-with-rsa-signature.hpp b/ndn-cpp/sha256-with-rsa-signature.hpp
new file mode 100644
index 0000000..64b62b6
--- /dev/null
+++ b/ndn-cpp/sha256-with-rsa-signature.hpp
@@ -0,0 +1,94 @@
+/**
+ * @author: Jeff Thompson
+ * See COPYING for copyright and distribution information.
+ */
+
+#ifndef NDN_SHA256_WITH_RSA_SIGNATURE_HPP
+#define NDN_SHA256_WITH_RSA_SIGNATURE_HPP
+
+#include "data.hpp"
+#include "publisher-public-key-digest.hpp"
+
+namespace ndn {
+
+/**
+ * A Sha256WithRsaSignature extends Signature and holds the signature bits and other info representing a
+ * SHA256-with-RSA signature in a data packet.
+ */
+class Sha256WithRsaSignature : public Signature {
+public:
+ /**
+ * Return a pointer to a new Sha256WithRsaSignature which is a copy of this signature.
+ */
+ virtual ptr_lib::shared_ptr<Signature> clone() const;
+
+ /**
+ * Set the signatureStruct to point to the values in this signature object, without copying any memory.
+ * WARNING: The resulting pointers in signatureStruct are invalid after a further use of this object which could reallocate memory.
+ * @param signatureStruct a C ndn_Signature struct where the name components array is already allocated.
+ */
+ virtual void get(struct ndn_Signature& signatureStruct) const;
+
+ /**
+ * Clear this signature, and set the values by copying from the ndn_Signature struct.
+ * @param signatureStruct a C ndn_Signature struct
+ */
+ virtual void set(const struct ndn_Signature& signatureStruct);
+
+ const Blob& getDigestAlgorithm() const { return digestAlgorithm_; }
+
+ const Blob& getWitness() const { return witness_; }
+
+ const Blob& getSignature() const { return signature_; }
+
+ const PublisherPublicKeyDigest& getPublisherPublicKeyDigest() const { return publisherPublicKeyDigest_; }
+ PublisherPublicKeyDigest& getPublisherPublicKeyDigest() { return publisherPublicKeyDigest_; }
+
+ const KeyLocator& getKeyLocator() const { return keyLocator_; }
+ KeyLocator& getKeyLocator() { return keyLocator_; }
+
+ void setDigestAlgorithm(const std::vector<unsigned char>& digestAlgorithm) { digestAlgorithm_ = digestAlgorithm; }
+ void setDigestAlgorithm(const unsigned char *digestAlgorithm, unsigned int digestAlgorithmLength)
+ {
+ digestAlgorithm_ = Blob(digestAlgorithm, digestAlgorithmLength);
+ }
+
+ void setWitness(const std::vector<unsigned char>& witness) { witness_ = witness; }
+ void setWitness(const unsigned char *witness, unsigned int witnessLength)
+ {
+ witness_ = Blob(witness, witnessLength);
+ }
+
+ void setSignature(const std::vector<unsigned char>& signature) { signature_ = signature; }
+ void setSignature(const unsigned char *signature, unsigned int signatureLength)
+ {
+ signature_ = Blob(signature, signatureLength);
+ }
+
+ void setPublisherPublicKeyDigest(const PublisherPublicKeyDigest& publisherPublicKeyDigest) { publisherPublicKeyDigest_ = publisherPublicKeyDigest; }
+
+ void setKeyLocator(const KeyLocator& keyLocator) { keyLocator_ = keyLocator; }
+
+ /**
+ * Clear all the fields.
+ */
+ void clear()
+ {
+ digestAlgorithm_.reset();
+ witness_.reset();
+ signature_.reset();
+ publisherPublicKeyDigest_.clear();
+ keyLocator_.clear();
+ }
+
+private:
+ Blob digestAlgorithm_; /**< if empty, the default is 2.16.840.1.101.3.4.2.1 (sha-256) */
+ Blob witness_;
+ Blob signature_;
+ PublisherPublicKeyDigest publisherPublicKeyDigest_;
+ KeyLocator keyLocator_;
+};
+
+}
+
+#endif