security: Remove IdentityStorage::getKeyNameForCertificate. Make getNewKeyName not virtual.
diff --git a/Makefile.am b/Makefile.am
index d6654b6..75cc28b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -136,6 +136,7 @@
src/security/certificate/public-key.cpp \
src/security/identity/basic-identity-storage.cpp \
src/security/identity/identity-manager.cpp \
+ src/security/identity/identity-storage.cpp \
src/security/identity/memory-identity-storage.cpp \
src/security/identity/memory-private-key-storage.cpp \
src/security/identity/osx-private-key-storage.cpp \
diff --git a/Makefile.in b/Makefile.in
index 4b4f7ea..47b6a9e 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -196,6 +196,7 @@
src/security/certificate/public-key.lo \
src/security/identity/basic-identity-storage.lo \
src/security/identity/identity-manager.lo \
+ src/security/identity/identity-storage.lo \
src/security/identity/memory-identity-storage.lo \
src/security/identity/memory-private-key-storage.lo \
src/security/identity/osx-private-key-storage.lo \
@@ -682,6 +683,7 @@
src/security/certificate/public-key.cpp \
src/security/identity/basic-identity-storage.cpp \
src/security/identity/identity-manager.cpp \
+ src/security/identity/identity-storage.cpp \
src/security/identity/memory-identity-storage.cpp \
src/security/identity/memory-private-key-storage.cpp \
src/security/identity/osx-private-key-storage.cpp \
@@ -959,6 +961,9 @@
src/security/identity/identity-manager.lo: \
src/security/identity/$(am__dirstamp) \
src/security/identity/$(DEPDIR)/$(am__dirstamp)
+src/security/identity/identity-storage.lo: \
+ src/security/identity/$(am__dirstamp) \
+ src/security/identity/$(DEPDIR)/$(am__dirstamp)
src/security/identity/memory-identity-storage.lo: \
src/security/identity/$(am__dirstamp) \
src/security/identity/$(DEPDIR)/$(am__dirstamp)
@@ -1141,6 +1146,7 @@
@AMDEP_TRUE@@am__include@ @am__quote@src/security/certificate/$(DEPDIR)/public-key.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@src/security/identity/$(DEPDIR)/basic-identity-storage.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@src/security/identity/$(DEPDIR)/identity-manager.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/security/identity/$(DEPDIR)/identity-storage.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@src/security/identity/$(DEPDIR)/memory-identity-storage.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@src/security/identity/$(DEPDIR)/memory-private-key-storage.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@src/security/identity/$(DEPDIR)/osx-private-key-storage.Plo@am__quote@
diff --git a/include/ndn-cpp/security/identity/basic-identity-storage.hpp b/include/ndn-cpp/security/identity/basic-identity-storage.hpp
index 84f5374..476df56 100644
--- a/include/ndn-cpp/security/identity/basic-identity-storage.hpp
+++ b/include/ndn-cpp/security/identity/basic-identity-storage.hpp
@@ -2,6 +2,7 @@
/**
* Copyright (C) 2013 Regents of the University of California.
* @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
* See COPYING for copyright and distribution information.
*/
@@ -56,15 +57,6 @@
revokeIdentity();
/**
- * Generate a name for a new key belonging to the identity.
- * @param identityName The identity name.
- * @param useKsk If true, generate a KSK name, otherwise a DSK name.
- * @return The generated key name.
- */
- virtual Name
- getNewKeyName(const Name& identityName, bool useKsk);
-
- /**
* Check if the specified key already exists.
* @param keyName The name of the key.
* @return true if the key exists, otherwise false.
@@ -73,13 +65,6 @@
doesKeyExist(const Name& keyName);
/**
- * Extract the key name from the certificate name.
- * @param certificateName The certificate name to be processed.
- */
- virtual Name
- getKeyNameForCertificate(const Name& certificateName);
-
- /**
* Add a public key to the identity storage.
* @param keyName The name of the public key to be added.
* @param keyType Type of the public key to be added.
diff --git a/include/ndn-cpp/security/identity/identity-storage.hpp b/include/ndn-cpp/security/identity/identity-storage.hpp
index fdf3d0c..d54bc10 100644
--- a/include/ndn-cpp/security/identity/identity-storage.hpp
+++ b/include/ndn-cpp/security/identity/identity-storage.hpp
@@ -59,8 +59,8 @@
* @param useKsk If true, generate a KSK name, otherwise a DSK name.
* @return The generated key name.
*/
- virtual Name
- getNewKeyName(const Name& identityName, bool useKsk) = 0;
+ Name
+ getNewKeyName(const Name& identityName, bool useKsk);
/**
* Check if the specified key already exists.
@@ -71,13 +71,6 @@
doesKeyExist(const Name& keyName) = 0;
/**
- * Extract the key name from the certificate name.
- * @param certificateName The certificate name to be processed.
- */
- virtual Name
- getKeyNameForCertificate(const Name& certificateName) = 0;
-
- /**
* Add a public key to the identity storage.
* @param keyName The name of the public key to be added.
* @param keyType Type of the public key to be added.
@@ -158,10 +151,7 @@
* @return The default certificate name.
*/
Name
- getDefaultCertificateNameForIdentity(const Name& identityName)
- {
- return getDefaultCertificateNameForKey(getDefaultKeyNameForIdentity(identityName));
- }
+ getDefaultCertificateNameForIdentity(const Name& identityName);
/**
* Get the default certificate name for the specified key.
diff --git a/include/ndn-cpp/security/identity/memory-identity-storage.hpp b/include/ndn-cpp/security/identity/memory-identity-storage.hpp
index 0fb09c0..b86b7d9 100644
--- a/include/ndn-cpp/security/identity/memory-identity-storage.hpp
+++ b/include/ndn-cpp/security/identity/memory-identity-storage.hpp
@@ -49,15 +49,6 @@
revokeIdentity();
/**
- * Generate a name for a new key belonging to the identity.
- * @param identityName The identity name.
- * @param useKsk If true, generate a KSK name, otherwise a DSK name.
- * @return The generated key name.
- */
- virtual Name
- getNewKeyName(const Name& identityName, bool useKsk);
-
- /**
* Check if the specified key already exists.
* @param keyName The name of the key.
* @return true if the key exists, otherwise false.
@@ -66,13 +57,6 @@
doesKeyExist(const Name& keyName);
/**
- * Extract the key name from the certificate name.
- * @param certificateName The certificate name to be processed.
- */
- virtual Name
- getKeyNameForCertificate(const Name& certificateName);
-
- /**
* Add a public key to the identity storage.
* @param keyName The name of the public key to be added.
* @param keyType Type of the public key to be added.
diff --git a/src/security/identity/basic-identity-storage.cpp b/src/security/identity/basic-identity-storage.cpp
index f453cfb..67a68f0 100644
--- a/src/security/identity/basic-identity-storage.cpp
+++ b/src/security/identity/basic-identity-storage.cpp
@@ -2,6 +2,7 @@
/**
* Copyright (C) 2013 Regents of the University of California.
* @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
* See COPYING for copyright and distribution information.
*/
@@ -68,7 +69,7 @@
not_before TIMESTAMP, \n \
not_after TIMESTAMP, \n \
certificate_data BLOB NOT NULL, \n \
- valid_flag INTEGER DEFAULT 0, \n \
+ valid_flag INTEGER DEFAULT 1, \n \
default_cert INTEGER DEFAULT 0, \n \
\
PRIMARY KEY (cert_name) \n \
@@ -219,30 +220,6 @@
return false;
}
-Name
-BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
-{
- MillisecondsSince1970 ti = ::ndn_getNowMilliseconds();
- // Get the number of seconds.
- ostringstream oss;
- oss << floor(ti / 1000.0);
-
- string keyIdStr;
-
- if (useKsk)
- keyIdStr = ("KSK-" + oss.str());
- else
- keyIdStr = ("DSK-" + oss.str());
-
-
- Name keyName = Name(identityName).append(keyIdStr);
-
- if (doesKeyExist(keyName))
- throw SecurityException("Key name already exists");
-
- return keyName;
-}
-
bool
BasicIdentityStorage::doesKeyExist(const Name& keyName)
{
@@ -269,19 +246,6 @@
return keyIdExist;
}
-Name
-BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
-{
- int i = certificateName.size() - 1;
-
- for (; i >= 0; --i) {
- if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
- break;
- }
-
- return certificateName.getSubName(0, i);
-}
-
void
BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
{
@@ -392,7 +356,7 @@
BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
- Name keyName = getKeyNameForCertificate(certificateName);
+ Name keyName = certificate.getPublicKeyName();
string keyId = keyName.get(keyName.size() - 1).toEscapedString();
Name identityName = keyName.getSubName(0, keyName.size() - 1);
@@ -430,22 +394,16 @@
void
BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
{
- _LOG_DEBUG("1");
const Name& certificateName = certificate.getName();
- Name keyName = getKeyNameForCertificate(certificateName);
+ Name keyName = certificate.getPublicKeyName();
- _LOG_DEBUG("2");
if (!doesKeyExist(keyName))
- {
- _LOG_DEBUG("here wrong");
- throw SecurityException("No corresponding Key record for the certificate!");
- }
+ throw SecurityException("No corresponding Key record for certificate!" + keyName.toUri() + " " + certificateName.toUri());
// Check if certificate has already existed!
if (doesCertificateExist(certificateName))
throw SecurityException("Certificate has already been installed!");
- _LOG_DEBUG("3");
string keyId = keyName.get(keyName.size() - 1).toEscapedString();
Name identity = keyName.getSubName(0, keyName.size() - 1);
@@ -456,7 +414,6 @@
if (!keyBlob || (*keyBlob) != *(certificate.getPublicKeyInfo().getKeyDer()))
throw SecurityException("Certificate does not match the public key!");
- _LOG_DEBUG("4");
// Insert the certificate
sqlite3_stmt *statement;
sqlite3_prepare_v2(database_,
diff --git a/src/security/identity/identity-storage.cpp b/src/security/identity/identity-storage.cpp
new file mode 100644
index 0000000..6859332
--- /dev/null
+++ b/src/security/identity/identity-storage.cpp
@@ -0,0 +1,48 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi@cs.ucla.edu>
+ * @author: Jeff Thompson <jefft0@remap.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#include <math.h>
+#include "../../c/util/time.h"
+#include <ndn-cpp/security/security-exception.hpp>
+#include <ndn-cpp/security/identity/identity-storage.hpp>
+
+using namespace std;
+
+namespace ndn {
+
+Name
+IdentityStorage::getNewKeyName (const Name& identityName, bool useKsk)
+{
+ MillisecondsSince1970 ti = ::ndn_getNowMilliseconds();
+ // Get the number of seconds.
+ ostringstream oss;
+ oss << floor(ti / 1000.0);
+
+ string keyIdStr;
+
+ if (useKsk)
+ keyIdStr = ("KSK-" + oss.str());
+ else
+ keyIdStr = ("DSK-" + oss.str());
+
+ Name keyName = Name(identityName).append(keyIdStr);
+
+ if (doesKeyExist(keyName))
+ throw SecurityException("Key name already exists");
+
+ return keyName;
+}
+
+Name
+IdentityStorage::getDefaultCertificateNameForIdentity (const Name& identityName)
+{
+ Name keyName = getDefaultKeyNameForIdentity(identityName);
+ return getDefaultCertificateNameForKey(keyName);
+}
+
+}
diff --git a/src/security/identity/memory-identity-storage.cpp b/src/security/identity/memory-identity-storage.cpp
index eb77865..b3b7c69 100644
--- a/src/security/identity/memory-identity-storage.cpp
+++ b/src/security/identity/memory-identity-storage.cpp
@@ -46,14 +46,6 @@
#endif
}
-Name
-MemoryIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
-{
-#if 1
- throw runtime_error("MemoryIdentityStorage::getNewKeyName not implemented");
-#endif
-}
-
bool
MemoryIdentityStorage::doesKeyExist(const Name& keyName)
{
@@ -62,19 +54,6 @@
#endif
}
-Name
-MemoryIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
-{
- int i = certificateName.getComponentCount() - 1;
-
- for (; i >= 0; --i) {
- if(certificateName.getComponent(i).toEscapedString() == string("ID-CERT"))
- break;
- }
-
- return certificateName.getSubName(0, i);
-}
-
void
MemoryIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
{