make: Global change: Move all public headers to include folder. Change source to including public headers using #include <ndn-cpp/*>. Split some header files to minimize exposing C .h files.
diff --git a/ndn-cpp/security/identity/basic-identity-storage.cpp b/ndn-cpp/security/identity/basic-identity-storage.cpp
index e383a32..3cad5cc 100644
--- a/ndn-cpp/security/identity/basic-identity-storage.cpp
+++ b/ndn-cpp/security/identity/basic-identity-storage.cpp
@@ -15,9 +15,9 @@
#include <stdlib.h>
#include <sstream>
#include <fstream>
-#include "basic-identity-storage.hpp"
+#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
#include "../../util/logging.hpp"
-#include "../security-exception.hpp"
+#include <ndn-cpp/security//security-exception.hpp>
#include "ndn-cpp/data.hpp"
#if 0
diff --git a/ndn-cpp/security/identity/basic-identity-storage.hpp b/ndn-cpp/security/identity/basic-identity-storage.hpp
deleted file mode 100644
index 2e0db30..0000000
--- a/ndn-cpp/security/identity/basic-identity-storage.hpp
+++ /dev/null
@@ -1,211 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Yingdi Yu <yingdi@cs.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_BASIC_IDENTITY_STORAGE_H
-#define NDN_BASIC_IDENTITY_STORAGE_H
-
-// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
-#include <ndn-cpp/ndn-cpp-config.h>
-#ifdef NDN_CPP_HAVE_SQLITE3
-
-#include <sqlite3.h>
-#include "../../common.hpp"
-#include "identity-storage.hpp"
-
-namespace ndn
-{
-
-/**
- * BasicIdentityStorage extends IdentityStorage to implement a basic storage of identity, public keys and certificates
- * using SQLite.
- */
-class BasicIdentityStorage : public IdentityStorage {
-public:
- BasicIdentityStorage();
-
- /**
- * The virtual Destructor.
- */
- virtual
- ~BasicIdentityStorage();
-
- /**
- * Check if the specified identity already exists.
- * @param identityName The identity name.
- * @return true if the identity exists, otherwise false.
- */
- virtual bool
- doesIdentityExist(const Name& identityName);
-
- /**
- * Add a new identity. An exception will be thrown if the identity already exists.
- * @param identityName The identity name to be added.
- */
- virtual void
- addIdentity(const Name& identityName);
-
- /**
- * Revoke the identity.
- * @return true if the identity was revoked, false if not.
- */
- virtual bool
- revokeIdentity();
-
- /**
- * Generate a name for a new key belonging to the identity.
- * @param identityName The identity name.
- * @param useKsk If true, generate a KSK name, otherwise a DSK name.
- * @return The generated key name.
- */
- virtual Name
- getNewKeyName(const Name& identityName, bool useKsk);
-
- /**
- * Check if the specified key already exists.
- * @param keyName The name of the key.
- * @return true if the key exists, otherwise false.
- */
- virtual bool
- doesKeyExist(const Name& keyName);
-
- /**
- * Extract the key name from the certificate name.
- * @param certificateName The certificate name to be processed.
- */
- virtual Name
- getKeyNameForCertificate(const Name& certificateName);
-
- /**
- * Add a public key to the identity storage.
- * @param keyName The name of the public key to be added.
- * @param keyType Type of the public key to be added.
- * @param publicKeyDer A blob of the public key DER to be added.
- */
- virtual void
- addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer);
-
- /**
- * Get the public key DER blob from the identity storage.
- * @param keyName The name of the requested public key.
- * @return The DER Blob. If not found, return a Blob with a null pointer.
- */
- virtual Blob
- getKey(const Name& keyName);
-
- /**
- * Activate a key. If a key is marked as inactive, its private part will not be used in packet signing.
- * @param keyName name of the key
- */
- virtual void
- activateKey(const Name& keyName);
-
- /**
- * Deactivate a key. If a key is marked as inactive, its private part will not be used in packet signing.
- * @param keyName name of the key
- */
- virtual void
- deactivateKey(const Name& keyName);
-
- /**
- * Check if the specified certificate already exists.
- * @param certificateName The name of the certificate.
- * @return true if the certificate exists, otherwise false.
- */
- virtual bool
- doesCertificateExist(const Name& certificateName);
-
- /**
- * Add a certificate in to the identity storage without checking if the identity and key exists.
- * @param certificate The certificate to be added.
- */
- void
- addAnyCertificate (const Certificate& certificate);
-
- /**
- * Add a certificate to the identity storage.
- * @param certificate The certificate to be added.
- */
- virtual void
- addCertificate(const Certificate& certificate);
-
- /**
- * Get a certificate from the identity storage.
- * @param certificateName The name of the requested certificate.
- * @param allowAny If false, only a valid certificate will be returned, otherwise validity is disregarded.
- * @return The requested certificate. If not found, return a shared_ptr with a null pointer.
- */
- virtual ptr_lib::shared_ptr<Certificate>
- getCertificate(const Name &certificateName, bool allowAny = false);
-
-
- /*****************************************
- * Get/Set Default *
- *****************************************/
-
- /**
- * Get the default identity.
- * @param return The name of default identity, or an empty name if there is no default.
- */
- virtual Name
- getDefaultIdentity();
-
- /**
- * Get the default key name for the specified identity.
- * @param identityName The identity name.
- * @return The default key name.
- */
- virtual Name
- getDefaultKeyNameForIdentity(const Name& identityName);
-
- /**
- * Get the default certificate name for the specified key.
- * @param keyName The key name.
- * @return The default certificate name.
- */
- virtual Name
- getDefaultCertificateNameForKey(const Name& keyName);
-
- /**
- * Set the default identity. If the identityName does not exist, then clear the default identity
- * so that getDefaultIdentity() returns an empty name.
- * @param identityName The default identity name.
- */
- virtual void
- setDefaultIdentity(const Name& identityName);
-
- /**
- * Set the default key name for the specified identity.
- * @param keyName The key name.
- * @param identityNameCheck (optional) The identity name to check the keyName.
- */
- virtual void
- setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck = Name());
-
- /**
- * Set the default key name for the specified identity.
- * @param keyName The key name.
- * @param certificateName The certificate name.
- */
- virtual void
- setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName);
-
-private:
-
- virtual void
- updateKeyStatus(const Name& keyName, bool isActive);
-
- sqlite3 *database_;
-#if 0
- Time lastUpdated_;
-#endif
-};
-
-}
-
-#endif // NDN_CPP_HAVE_SQLITE3
-
-#endif
diff --git a/ndn-cpp/security/identity/identity-manager.cpp b/ndn-cpp/security/identity/identity-manager.cpp
index e669a20..e07b483 100644
--- a/ndn-cpp/security/identity/identity-manager.cpp
+++ b/ndn-cpp/security/identity/identity-manager.cpp
@@ -1,3 +1,4 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
/**
* Copyright (C) 2013 Regents of the University of California.
* @author: Yingdi Yu <yingdi@cs.ucla.edu>
@@ -9,9 +10,9 @@
#include <stdexcept>
#endif
#include "../../util/logging.hpp"
-#include "../../sha256-with-rsa-signature.hpp"
-#include "../security-exception.hpp"
-#include "identity-manager.hpp"
+#include <ndn-cpp/sha256-with-rsa-signature.hpp>
+#include <ndn-cpp/security/security-exception.hpp>
+#include <ndn-cpp/security/identity/identity-manager.hpp>
using namespace std;
using namespace ndn::ptr_lib;
diff --git a/ndn-cpp/security/identity/identity-manager.hpp b/ndn-cpp/security/identity/identity-manager.hpp
deleted file mode 100644
index c53607f..0000000
--- a/ndn-cpp/security/identity/identity-manager.hpp
+++ /dev/null
@@ -1,226 +0,0 @@
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Yingdi Yu <yingdi@cs.ucla.edu>
- * @author: Jeff Thompson <jefft0@remap.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_IDENTITY_MANAGER_HPP
-#define NDN_IDENTITY_MANAGER_HPP
-
-#include "../certificate/certificate.hpp"
-#include "identity-storage.hpp"
-#include "../certificate/public-key.hpp"
-#include "private-key-storage.hpp"
-
-namespace ndn {
-
-/**
- * An IdentityManager is the interface of operations related to identity, keys, and certificates.
- */
-class IdentityManager {
-public:
- IdentityManager(const ptr_lib::shared_ptr<IdentityStorage>& identityStorage, const ptr_lib::shared_ptr<PrivateKeyStorage>& privateKeyStorage)
- : identityStorage_(identityStorage), privateKeyStorage_(privateKeyStorage)
- {
- }
-
- /**
- * Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK.
- * @param identityName The name of the identity.
- * @return The key name of the auto-generated KSK of the identity.
- */
- Name
- createIdentity(const Name& identityName);
-
- /**
- * Get the default identity.
- * @return The default identity name.
- */
- Name
- getDefaultIdentity()
- {
- return identityStorage_->getDefaultIdentity();
- }
-
- /**
- * Generate a pair of RSA keys for the specified identity.
- * @param identityName The name of the identity.
- * @param isKsk true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).
- * @param keySize The size of the key.
- * @return The generated key name.
- */
- Name
- generateRSAKeyPair(const Name& identityName, bool isKsk = false, int keySize = 2048);
-
- /**
- * Set a key as the default key of an identity.
- * @param keyName The name of the key.
- * @param identityName the name of the identity. If not specified, the identity name is inferred from the keyName.
- */
- void
- setDefaultKeyForIdentity(const Name& keyName, const Name& identityName = Name())
- {
- identityStorage_->setDefaultKeyNameForIdentity(keyName, identityName);
- }
-
- /**
- * Get the default key for an identity.
- * @param identityName the name of the identity. If omitted, the identity name is inferred from the keyName.
- * @return The default key name.
- */
- Name
- getDefaultKeyNameForIdentity(const Name& identityName = Name())
- {
- return identityStorage_->getDefaultKeyNameForIdentity(identityName);
- }
-
- /**
- * Generate a pair of RSA keys for the specified identity and set it as default key for the identity.
- * @param identityName The name of the identity.
- * @param isKsk true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).
- * @param keySize The size of the key.
- * @return The generated key name.
- */
- Name
- generateRSAKeyPairAsDefault(const Name& identityName, bool isKsk = false, int keySize = 2048);
-
- /**
- * Get the public key with the specified name.
- * @param keyName The name of the key.
- * @return The public key.
- */
- ptr_lib::shared_ptr<PublicKey>
- getPublicKey(const Name& keyName)
- {
- return PublicKey::fromDer(identityStorage_->getKey(keyName));
- }
-
- /**
- * Add a certificate into the public key identity storage.
- * @param certificate The certificate to to added.
- */
- void
- addCertificate(const Certificate& certificate)
- {
- identityStorage_->addCertificate(certificate);
- }
-
- /**
- * Set the certificate as the default for its corresponding key.
- * @param certificateName The name of the certificate.
- */
- void
- setDefaultCertificateForKey(const Name& certificateName);
-
- /**
- * Add a certificate into the public key identity storage and set the certificate as the default for its corresponding identity.
- * @param certificate The certificate to be added.
- */
- void
- addCertificateAsIdentityDefault(const Certificate& certificate);
-
- /**
- * Add a certificate into the public key identity storage and set the certificate as the default of its corresponding key.
- * certificate the certificate to be added
- */
- void
- addCertificateAsDefault(const Certificate& certificate)
- {
- identityStorage_->addCertificate(certificate);
- setDefaultCertificateForKey(certificate.getName());
- }
-
- /**
- * Get a certificate with the specified name.
- * @param certificateName The name of the requested certificate.
- * @return the requested certificate which is valid.
- */
- ptr_lib::shared_ptr<Certificate>
- getCertificate(const Name& certificateName)
- {
- return identityStorage_->getCertificate(certificateName, false);
- }
-
- /**
- * Get a certificate even if the certificate is not valid anymore.
- * @param certificateName The name of the requested certificate.
- * @return the requested certificate.
- */
- ptr_lib::shared_ptr<Certificate>
- getAnyCertificate(const Name& certificateName)
- {
- return identityStorage_->getCertificate(certificateName, true);
- }
-
- /**
- * Get the default certificate name for the specified identity, which will be used when signing is performed based on identity.
- * @param identityName The name of the specified identity.
- * @return The requested certificate name.
- */
- Name
- getDefaultCertificateNameForIdentity(const Name& identityName)
- {
- return identityStorage_->getDefaultCertificateNameForIdentity(identityName);
- }
-
- /**
- * Get the default certificate name of the default identity, which will be used when signing is based on identity and
- * the identity is not specified.
- * @return The requested certificate name.
- */
- Name
- getDefaultCertificateName()
- {
- return identityStorage_->getDefaultCertificateNameForIdentity(getDefaultIdentity());
- }
-
-#if 0
- /**
- * sign blob based on certificate name
- * @param blob the blob to be signed
- * @param certificateName the signing certificate name
- * @return the generated signature
- */
- Ptr<Signature>
- signByCertificate(const Blob& blob, const Name& certificateName);
-#endif
-
- /**
- * Sign data packet based on the certificate name.
- * Note: the caller must make sure the timestamp in data is correct, for example with
- * data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0).
- * @param data The Data object to sign and update its signature.
- * @param certificateName The Name identifying the certificate which identifies the signing key.
- * @param wireFormat The WireFormat for calling encodeData, or WireFormat::getDefaultWireFormat() if omitted.
- */
- void
- signByCertificate(Data& data, const Name& certificateName, WireFormat& wireFormat = *WireFormat::getDefaultWireFormat());
-
-private:
- /**
- * Generate a key pair for the specified identity.
- * @param identityName The name of the specified identity.
- * @param isKsk true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK).
- * @param keyType The type of the key pair, e.g. KEY_TYPE_RSA.
- * @param keySize The size of the key pair.
- * @return The name of the generated key.
- */
- Name
- generateKeyPair(const Name& identityName, bool isKsk = false, KeyType keyType = KEY_TYPE_RSA, int keySize = 2048);
-
- /**
- * Generate a self-signed certificate for a public key.
- * @param keyName The name of the public key.
- * @return The generated certificate.
- */
- ptr_lib::shared_ptr<Certificate>
- selfSign(const Name& keyName);
-
- ptr_lib::shared_ptr<IdentityStorage> identityStorage_;
- ptr_lib::shared_ptr<PrivateKeyStorage> privateKeyStorage_;
-};
-
-}
-
-#endif
diff --git a/ndn-cpp/security/identity/identity-storage.hpp b/ndn-cpp/security/identity/identity-storage.hpp
deleted file mode 100644
index db6ab0e..0000000
--- a/ndn-cpp/security/identity/identity-storage.hpp
+++ /dev/null
@@ -1,200 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Yingdi Yu <yingdi@cs.ucla.edu>
- * @author: Jeff Thompson <jefft0@remap.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_IDENTITY_STORAGE_HPP
-#define NDN_IDENTITY_STORAGE_HPP
-
-#include "../../name.hpp"
-#include "../security-common.hpp"
-
-namespace ndn {
-
-class Certificate;
-class Data;
-
-/**
- * IdentityStorage is a base class for the storage of identity, public keys and certificates.
- * Private keys are stored in PrivateKeyStorage.
- * This is an abstract base class. A subclass must implement the methods.
- */
-class IdentityStorage {
-public:
- /**
- * The virtual Destructor.
- */
- virtual
- ~IdentityStorage() {}
-
- /**
- * Check if the specified identity already exists.
- * @param identityName The identity name.
- * @return true if the identity exists, otherwise false.
- */
- virtual bool
- doesIdentityExist(const Name& identityName) = 0;
-
- /**
- * Add a new identity. An exception will be thrown if the identity already exists.
- * @param identityName The identity name to be added.
- */
- virtual void
- addIdentity(const Name& identityName) = 0;
-
- /**
- * Revoke the identity.
- * @return true if the identity was revoked, false if not.
- */
- virtual bool
- revokeIdentity() = 0;
-
- /**
- * Generate a name for a new key belonging to the identity.
- * @param identityName The identity name.
- * @param useKsk If true, generate a KSK name, otherwise a DSK name.
- * @return The generated key name.
- */
- virtual Name
- getNewKeyName(const Name& identityName, bool useKsk) = 0;
-
- /**
- * Check if the specified key already exists.
- * @param keyName The name of the key.
- * @return true if the key exists, otherwise false.
- */
- virtual bool
- doesKeyExist(const Name& keyName) = 0;
-
- /**
- * Extract the key name from the certificate name.
- * @param certificateName The certificate name to be processed.
- */
- virtual Name
- getKeyNameForCertificate(const Name& certificateName) = 0;
-
- /**
- * Add a public key to the identity storage.
- * @param keyName The name of the public key to be added.
- * @param keyType Type of the public key to be added.
- * @param publicKeyDer A blob of the public key DER to be added.
- */
- virtual void
- addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer) = 0;
-
- /**
- * Get the public key DER blob from the identity storage.
- * @param keyName The name of the requested public key.
- * @return The DER Blob. If not found, return a Blob with a null pointer.
- */
- virtual Blob
- getKey(const Name& keyName) = 0;
-
- /**
- * Activate a key. If a key is marked as inactive, its private part will not be used in packet signing.
- * @param keyName name of the key
- */
- virtual void
- activateKey(const Name& keyName) = 0;
-
- /**
- * Deactivate a key. If a key is marked as inactive, its private part will not be used in packet signing.
- * @param keyName name of the key
- */
- virtual void
- deactivateKey(const Name& keyName) = 0;
-
- /**
- * Check if the specified certificate already exists.
- * @param certificateName The name of the certificate.
- * @return true if the certificate exists, otherwise false.
- */
- virtual bool
- doesCertificateExist(const Name& certificateName) = 0;
-
- /**
- * Add a certificate to the identity storage.
- * @param certificate The certificate to be added.
- */
- virtual void
- addCertificate(const Certificate& certificate) = 0;
-
- /**
- * Get a certificate from the identity storage.
- * @param certificateName The name of the requested certificate.
- * @param allowAny If false, only a valid certificate will be returned, otherwise validity is disregarded.
- * @return The requested certificate. If not found, return a shared_ptr with a null pointer.
- */
- virtual ptr_lib::shared_ptr<Certificate>
- getCertificate(const Name &certificateName, bool allowAny = false) = 0;
-
-
- /*****************************************
- * Get/Set Default *
- *****************************************/
-
- /**
- * Get the default identity.
- * @param return The name of default identity, or an empty name if there is no default.
- */
- virtual Name
- getDefaultIdentity() = 0;
-
- /**
- * Get the default key name for the specified identity.
- * @param identityName The identity name.
- * @return The default key name.
- */
- virtual Name
- getDefaultKeyNameForIdentity(const Name& identityName) = 0;
-
- /**
- * Get the default certificate name for the specified identity.
- * @param identityName The identity name.
- * @return The default certificate name.
- */
- Name
- getDefaultCertificateNameForIdentity(const Name& identityName)
- {
- return getDefaultCertificateNameForKey(getDefaultKeyNameForIdentity(identityName));
- }
-
- /**
- * Get the default certificate name for the specified key.
- * @param keyName The key name.
- * @return The default certificate name.
- */
- virtual Name
- getDefaultCertificateNameForKey(const Name& keyName) = 0;
-
- /**
- * Set the default identity. If the identityName does not exist, then clear the default identity
- * so that getDefaultIdentity() returns an empty name.
- * @param identityName The default identity name.
- */
- virtual void
- setDefaultIdentity(const Name& identityName) = 0;
-
- /**
- * Set the default key name for the specified identity.
- * @param keyName The key name.
- * @param identityNameCheck (optional) The identity name to check the keyName.
- */
- virtual void
- setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck = Name()) = 0;
-
- /**
- * Set the default key name for the specified identity.
- * @param keyName The key name.
- * @param certificateName The certificate name.
- */
- virtual void
- setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName) = 0;
-};
-
-}
-
-#endif
diff --git a/ndn-cpp/security/identity/memory-identity-storage.cpp b/ndn-cpp/security/identity/memory-identity-storage.cpp
index bc2bd34..97b18f4 100644
--- a/ndn-cpp/security/identity/memory-identity-storage.cpp
+++ b/ndn-cpp/security/identity/memory-identity-storage.cpp
@@ -9,8 +9,8 @@
#include <stdexcept>
#endif
#include <algorithm>
-#include "../security-exception.hpp"
-#include "memory-identity-storage.hpp"
+#include <ndn-cpp/security/security-exception.hpp>
+#include <ndn-cpp/security/identity/memory-identity-storage.hpp>
using namespace std;
using namespace ndn::ptr_lib;
diff --git a/ndn-cpp/security/identity/memory-identity-storage.hpp b/ndn-cpp/security/identity/memory-identity-storage.hpp
deleted file mode 100644
index ba0ea5a..0000000
--- a/ndn-cpp/security/identity/memory-identity-storage.hpp
+++ /dev/null
@@ -1,189 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Jeff Thompson <jefft0@remap.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_MEMORY_IDENTITY_STORAGE_HPP
-#define NDN_MEMORY_IDENTITY_STORAGE_HPP
-
-#include <vector>
-#include "identity-storage.hpp"
-
-namespace ndn {
-
-/**
- * MemoryIdentityStorage extends IdentityStorage and implements its methods to store identity, public key and certificate objects in memory.
- * The application must get the objects through its own means and add the objects to the MemoryIdentityStorage object.
- * To use permanent file-based storage, see BasicIdentityStorage.
- */
-class MemoryIdentityStorage : public IdentityStorage {
-public:
- /**
- * The virtual Destructor.
- */
- virtual
- ~MemoryIdentityStorage();
-
- /**
- * Check if the specified identity already exists.
- * @param identityName The identity name.
- * @return true if the identity exists, otherwise false.
- */
- virtual bool
- doesIdentityExist(const Name& identityName);
-
- /**
- * Add a new identity. An exception will be thrown if the identity already exists.
- * @param identityName The identity name to be added.
- */
- virtual void
- addIdentity(const Name& identityName);
-
- /**
- * Revoke the identity.
- * @return true if the identity was revoked, false if not.
- */
- virtual bool
- revokeIdentity();
-
- /**
- * Generate a name for a new key belonging to the identity.
- * @param identityName The identity name.
- * @param useKsk If true, generate a KSK name, otherwise a DSK name.
- * @return The generated key name.
- */
- virtual Name
- getNewKeyName(const Name& identityName, bool useKsk);
-
- /**
- * Check if the specified key already exists.
- * @param keyName The name of the key.
- * @return true if the key exists, otherwise false.
- */
- virtual bool
- doesKeyExist(const Name& keyName);
-
- /**
- * Extract the key name from the certificate name.
- * @param certificateName The certificate name to be processed.
- */
- virtual Name
- getKeyNameForCertificate(const Name& certificateName);
-
- /**
- * Add a public key to the identity storage.
- * @param keyName The name of the public key to be added.
- * @param keyType Type of the public key to be added.
- * @param publicKeyDer A blob of the public key DER to be added.
- */
- virtual void
- addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer);
-
- /**
- * Get the public key DER blob from the identity storage.
- * @param keyName The name of the requested public key.
- * @return The DER Blob. If not found, return a Blob with a null pointer.
- */
- virtual Blob
- getKey(const Name& keyName);
-
- /**
- * Activate a key. If a key is marked as inactive, its private part will not be used in packet signing.
- * @param keyName name of the key
- */
- virtual void
- activateKey(const Name& keyName);
-
- /**
- * Deactivate a key. If a key is marked as inactive, its private part will not be used in packet signing.
- * @param keyName name of the key
- */
- virtual void
- deactivateKey(const Name& keyName);
-
- /**
- * Check if the specified certificate already exists.
- * @param certificateName The name of the certificate.
- * @return true if the certificate exists, otherwise false.
- */
- virtual bool
- doesCertificateExist(const Name& certificateName);
-
- /**
- * Add a certificate to the identity storage.
- * @param certificate The certificate to be added.
- */
- virtual void
- addCertificate(const Certificate& certificate);
-
- /**
- * Get a certificate from the identity storage.
- * @param certificateName The name of the requested certificate.
- * @param allowAny If false, only a valid certificate will be returned, otherwise validity is disregarded.
- * @return The requested certificate. If not found, return a shared_ptr with a null pointer.
- */
- virtual ptr_lib::shared_ptr<Certificate>
- getCertificate(const Name &certificateName, bool allowAny = false);
-
-
- /*****************************************
- * Get/Set Default *
- *****************************************/
-
- /**
- * Get the default identity.
- * @param return The name of default identity, or an empty name if there is no default.
- */
- virtual Name
- getDefaultIdentity();
-
- /**
- * Get the default key name for the specified identity.
- * @param identityName The identity name.
- * @return The default key name.
- */
- virtual Name
- getDefaultKeyNameForIdentity(const Name& identityName);
-
- /**
- * Get the default certificate name for the specified key.
- * @param keyName The key name.
- * @return The default certificate name.
- */
- virtual Name
- getDefaultCertificateNameForKey(const Name& keyName);
-
- /**
- * Set the default identity. If the identityName does not exist, then clear the default identity
- * so that getDefaultIdentity() returns an empty name.
- * @param identityName The default identity name.
- */
- virtual void
- setDefaultIdentity(const Name& identityName);
-
- /**
- * Set the default key name for the specified identity.
- * @param keyName The key name.
- * @param identityNameCheck (optional) The identity name to check the keyName.
- */
- virtual void
- setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck = Name());
-
- /**
- * Set the default key name for the specified identity.
- * @param keyName The key name.
- * @param certificateName The certificate name.
- */
- virtual void
- setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName);
-
-private:
- std::vector<std::string> identityStore_; /**< A list of name URI. */
- std::string defaultIdentity_; /**< The default identity in identityStore_, or "" if not defined. */
-};
-
-}
-
-#endif
diff --git a/ndn-cpp/security/identity/memory-private-key-storage.cpp b/ndn-cpp/security/identity/memory-private-key-storage.cpp
index af2ac13..09f1c66 100644
--- a/ndn-cpp/security/identity/memory-private-key-storage.cpp
+++ b/ndn-cpp/security/identity/memory-private-key-storage.cpp
@@ -9,8 +9,8 @@
#include <stdexcept>
#endif
#include "../../c/util/crypto.h"
-#include "../security-exception.hpp"
-#include "memory-private-key-storage.hpp"
+#include <ndn-cpp/security/security-exception.hpp>
+#include <ndn-cpp/security/identity/memory-private-key-storage.hpp>
using namespace std;
using namespace ndn::ptr_lib;
diff --git a/ndn-cpp/security/identity/memory-private-key-storage.hpp b/ndn-cpp/security/identity/memory-private-key-storage.hpp
deleted file mode 100644
index 02f8fbc..0000000
--- a/ndn-cpp/security/identity/memory-private-key-storage.hpp
+++ /dev/null
@@ -1,132 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Jeff Thompson <jefft0@remap.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_MEMORY_PRIVATE_KEY_STORAGE_HPP
-#define NDN_MEMORY_PRIVATE_KEY_STORAGE_HPP
-
-#include <map>
-#include "private-key-storage.hpp"
-
-struct rsa_st;
-
-namespace ndn {
-
-/**
- * MemoryPrivateKeyStorage extends PrivateKeyStorage to implement a simple in-memory private key store. You should
- * initialize by calling setKeyPairForKeyName.
- */
-class MemoryPrivateKeyStorage : public PrivateKeyStorage {
-public:
- /**
- * The virtual destructor
- */
- virtual
- ~MemoryPrivateKeyStorage();
-
- /**
- * Set the public and private key for the keyName.
- * @param keyName The key name.
- * @param publicKeyDer The public key DER byte array.
- * @param publicKeyDerLength The length of publicKeyDer.
- * @param privateKeyDer The private key DER byte array.
- * @param privateKeyDerLength The length of privateKeyDer.
- */
- void setKeyPairForKeyName
- (const Name& keyName, uint8_t *publicKeyDer, size_t publicKeyDerLength, uint8_t *privateKeyDer,
- size_t privateKeyDerLength);
-
- /**
- * Generate a pair of asymmetric keys.
- * @param keyName The name of the key pair.
- * @param keyType The type of the key pair, e.g. KEY_TYPE_RSA.
- * @param keySize The size of the key pair.
- */
- virtual void
- generateKeyPair(const Name& keyName, KeyType keyType, int keySize);
-
- /**
- * Get the public key
- * @param keyName The name of public key.
- * @return The public key.
- */
- virtual ptr_lib::shared_ptr<PublicKey>
- getPublicKey(const Name& keyName);
-
- /**
- * Fetch the private key for keyName and sign the data, returning a signature Blob.
- * @param data Pointer to the input byte array.
- * @param dataLength The length of data.
- * @param keyName The name of the signing key.
- * @param digestAlgorithm the digest algorithm.
- * @return The signature, or a null pointer if signing fails.
- */
- virtual Blob
- sign(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm);
-
- /**
- * Decrypt data.
- * @param keyName The name of the decrypting key.
- * @param data The byte to be decrypted.
- * @param dataLength the length of data.
- * @param isSymmetric If true symmetric encryption is used, otherwise asymmetric decryption is used.
- * @return The decrypted data.
- */
- virtual Blob
- decrypt(const Name& keyName, const uint8_t* data, size_t dataLength, bool isSymmetric);
-
- /**
- * Encrypt data.
- * @param keyName The name of the encrypting key.
- * @param data The byte to be encrypted.
- * @param dataLength the length of data.
- * @param isSymmetric If true symmetric encryption is used, otherwise asymmetric decryption is used.
- * @return The encrypted data.
- */
- virtual Blob
- encrypt(const Name& keyName, const uint8_t* data, size_t dataLength, bool isSymmetric);
-
- /**
- * @brief Generate a symmetric key.
- * @param keyName The name of the key.
- * @param keyType The type of the key, e.g. KEY_TYPE_AES.
- * @param keySize The size of the key.
- */
- virtual void
- generateKey(const Name& keyName, KeyType keyType, int keySize);
-
- /**
- * Check if a particular key exists.
- * @param keyName The name of the key.
- * @param keyClass The class of the key, e.g. KEY_CLASS_PUBLIC, KEY_CLASS_PRIVATE, or KEY_CLASS_SYMMETRIC.
- * @return True if the key exists, otherwise false.
- */
- virtual bool
- doesKeyExist(const Name& keyName, KeyClass keyClass);
-
-private:
- /**
- * RsaPrivateKey is a simple class to hold an RSA private key.
- */
- class RsaPrivateKey {
- public:
- RsaPrivateKey(uint8_t *keyDer, size_t keyDerLength);
-
- ~RsaPrivateKey();
-
- struct rsa_st* getPrivateKey() { return privateKey_; }
-
- private:
- struct rsa_st* privateKey_;
- };
-
- std::map<std::string, ptr_lib::shared_ptr<PublicKey> > publicKeyStore_; /**< The map key is the keyName.toUri() */
- std::map<std::string, ptr_lib::shared_ptr<RsaPrivateKey> > privateKeyStore_; /**< The map key is the keyName.toUri() */
-};
-
-}
-
-#endif
diff --git a/ndn-cpp/security/identity/osx-private-key-storage.cpp b/ndn-cpp/security/identity/osx-private-key-storage.cpp
index 5cca7ca..5728ad7 100644
--- a/ndn-cpp/security/identity/osx-private-key-storage.cpp
+++ b/ndn-cpp/security/identity/osx-private-key-storage.cpp
@@ -14,8 +14,8 @@
#include <CoreFoundation/CoreFoundation.h>
#include "../../util/logging.hpp"
-#include "osx-private-key-storage.hpp"
-#include "../security-exception.hpp"
+#include <ndn-cpp/security/identity/osx-private-key-storage.hpp>
+#include <ndn-cpp/security/security-exception.hpp>
using namespace std;
using namespace ndn::ptr_lib;
diff --git a/ndn-cpp/security/identity/osx-private-key-storage.hpp b/ndn-cpp/security/identity/osx-private-key-storage.hpp
deleted file mode 100644
index 729bf9e..0000000
--- a/ndn-cpp/security/identity/osx-private-key-storage.hpp
+++ /dev/null
@@ -1,205 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Yingdi Yu <yingdi@cs.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_OSX_PRIVATEKEY_STORAGE_H
-#define NDN_OSX_PRIVATEKEY_STORAGE_H
-
-// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_OSX_SECURITY 1.
-#include <ndn-cpp/ndn-cpp-config.h>
-#if NDN_CPP_HAVE_OSX_SECURITY
-
-#include "../../common.hpp"
-#include "private-key-storage.hpp"
-
-#include <CoreFoundation/CoreFoundation.h>
-#include <Security/Security.h>
-#include <CoreServices/CoreServices.h>
-
-namespace ndn
-{
-
-class OSXPrivateKeyStorage : public PrivateKeyStorage {
-public:
- /**
- * constructor of OSXPrivateKeyStorage
- * @param keychainName the name of keychain
- */
- OSXPrivateKeyStorage(const std::string & keychainName = "");
-
- /**
- * destructor of OSXPrivateKeyStore
- */
- virtual
- ~OSXPrivateKeyStorage();
-
- /**
- * Generate a pair of asymmetric keys.
- * @param keyName The name of the key pair.
- * @param keyType The type of the key pair, e.g. KEY_TYPE_RSA.
- * @param keySize The size of the key pair.
- */
- virtual void
- generateKeyPair(const Name& keyName, KeyType keyType = KEY_TYPE_RSA, int keySize = 2048);
-
- /**
- * Get the public key
- * @param keyName The name of public key.
- * @return The public key.
- */
- virtual ptr_lib::shared_ptr<PublicKey>
- getPublicKey(const Name& keyName);
-
- /**
- * Fetch the private key for keyName and sign the data, returning a signature Blob.
- * @param data Pointer to the input byte array.
- * @param dataLength The length of data.
- * @param keyName The name of the signing key.
- * @param digestAlgorithm the digest algorithm.
- * @return The signature, or a null pointer if signing fails.
- */
- virtual Blob
- sign(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256);
-
- /**
- * Decrypt data.
- * @param keyName The name of the decrypting key.
- * @param data The byte to be decrypted.
- * @param dataLength the length of data.
- * @param isSymmetric If true symmetric encryption is used, otherwise asymmetric decryption is used.
- * @return The decrypted data.
- */
- virtual Blob
- decrypt(const Name& keyName, const uint8_t* data, size_t dataLength, bool isSymmetric = false);
-
- /**
- * Encrypt data.
- * @param keyName The name of the encrypting key.
- * @param data The byte to be encrypted.
- * @param dataLength the length of data.
- * @param isSymmetric If true symmetric encryption is used, otherwise asymmetric decryption is used.
- * @return The encrypted data.
- */
- virtual Blob
- encrypt(const Name& keyName, const uint8_t* data, size_t dataLength, bool isSymmetric = false);
-
- /**
- * Generate a symmetric key.
- * @param keyName The name of the key.
- * @param keyType The type of the key, e.g. KEY_TYPE_AES.
- * @param keySize The size of the key.
- */
- virtual void
- generateKey(const Name& keyName, KeyType keyType = KEY_TYPE_AES, int keySize = 256);
-
- /**
- * Check if a particular key exists.
- * @param keyName The name of the key.
- * @param keyClass The class of the key, e.g. KEY_CLASS_PUBLIC, KEY_CLASS_PRIVATE, or KEY_CLASS_SYMMETRIC.
- * @return True if the key exists, otherwise false.
- */
- virtual bool
- doesKeyExist(const Name& keyName, KeyClass keyClass);
-
- /**
- * configure ACL of a particular key
- * @param keyName the name of key
- * @param keyClass the class of key, e.g. Private Key
- * @param acl the new acl of the key
- * @param appPath the absolute path to the application
- * @returns true if setting succeeds
- */
- bool
- setACL(const Name & keyName, KeyClass keyClass, int acl, const std::string & appPath);
-
- /**
- * verify data (test only)
- * @param keyName the name of key
- * @param pData the data to be verified
- * @param pSig the signature associated with the data
- * @param digestAlgo digest algorithm
- * @return true if signature can be verified, otherwise false
- */
- bool
- verifyData(const Name & keyName, const Blob & pData, const Blob & pSig, DigestAlgorithm digestAlgo = DIGEST_ALGORITHM_SHA256);
-
- private:
- /**
- * convert NDN name of a key to internal name of the key
- * @param keyName the NDN name of the key
- * @param keyClass the class of the key
- * @return the internal key name
- */
- std::string
- toInternalKeyName(const Name & keyName, KeyClass keyClass);
-
- /**
- * Get key
- * @param keyName the name of the key
- * @param keyClass the class of the key
- * @returns pointer to the key
- */
- SecKeychainItemRef
- getKey(const Name & keyName, KeyClass keyClass);
-
- /**
- * convert keyType to MAC OS symmetric key key type
- * @param keyType
- * @returns MAC OS key type
- */
- const CFTypeRef
- getSymKeyType(KeyType keyType);
-
- /**
- * convert keyType to MAC OS asymmetirc key type
- * @param keyType
- * @returns MAC OS key type
- */
- const CFTypeRef
- getAsymKeyType(KeyType keyType);
-
- /**
- * convert keyClass to MAC OS key class
- * @param keyClass
- * @returns MAC OS key class
- */
- const CFTypeRef
- getKeyClass(KeyClass keyClass);
-
- /**
- * convert digestAlgo to MAC OS algorithm id
- * @param digestAlgo
- * @returns MAC OS algorithm id
- */
- const CFStringRef
- getDigestAlgorithm(DigestAlgorithm digestAlgo);
-
- /**
- * convert format to MAC OS key format
- * @param format
- * @returns MAC OS keyformat
- */
- SecExternalFormat
- getFormat(KeyFormat format);
-
- /**
- * get the digest size of the corresponding algorithm
- * @param digestAlgo the digest algorithm
- * @return digest size
- */
- long
- getDigestSize(DigestAlgorithm digestAlgo);
-
- const std::string keyChainName_;
- SecKeychainRef keyChainRef_;
- SecKeychainRef originalDefaultKeyChain_;
-};
-
-}
-
-#endif NDN_CPP_HAVE_OSX_SECURITY
-
-#endif
diff --git a/ndn-cpp/security/identity/private-key-storage.hpp b/ndn-cpp/security/identity/private-key-storage.hpp
deleted file mode 100644
index 0ff0077..0000000
--- a/ndn-cpp/security/identity/private-key-storage.hpp
+++ /dev/null
@@ -1,116 +0,0 @@
-/**
- * Copyright (C) 2013 Regents of the University of California.
- * @author: Yingdi Yu <yingdi@cs.ucla.edu>
- * @author: Jeff Thompson <jefft0@remap.ucla.edu>
- * See COPYING for copyright and distribution information.
- */
-
-#ifndef NDN_PRIVATE_KEY_STORAGE_HPP
-#define NDN_PRIVATE_KEY_STORAGE_HPP
-
-#include <string>
-#include "../../util/blob.hpp"
-#include "../certificate/public-key.hpp"
-#include "../security-common.hpp"
-#include "../../name.hpp"
-
-namespace ndn {
-
-class PrivateKeyStorage {
-public:
- /**
- * The virtual destructor.
- */
- virtual
- ~PrivateKeyStorage() {}
-
- /**
- * Generate a pair of asymmetric keys.
- * @param keyName The name of the key pair.
- * @param keyType The type of the key pair, e.g. KEY_TYPE_RSA.
- * @param keySize The size of the key pair.
- */
- virtual void
- generateKeyPair(const Name& keyName, KeyType keyType = KEY_TYPE_RSA, int keySize = 2048) = 0;
-
- /**
- * Get the public key
- * @param keyName The name of public key.
- * @return The public key.
- */
- virtual ptr_lib::shared_ptr<PublicKey>
- getPublicKey(const Name& keyName) = 0;
-
- /**
- * Fetch the private key for keyName and sign the data, returning a signature Blob.
- * @param data Pointer to the input byte array.
- * @param dataLength The length of data.
- * @param keyName The name of the signing key.
- * @param digestAlgorithm the digest algorithm.
- * @return The signature, or a null pointer if signing fails.
- */
- virtual Blob
- sign(const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256) = 0;
-
- Blob
- sign(const Blob& data, const Name& keyName, DigestAlgorithm digestAlgorithm = DIGEST_ALGORITHM_SHA256)
- {
- sign(data.buf(), data.size(), keyName, digestAlgorithm);
- }
-
- /**
- * Decrypt data.
- * @param keyName The name of the decrypting key.
- * @param data The byte to be decrypted.
- * @param dataLength the length of data.
- * @param isSymmetric If true symmetric encryption is used, otherwise asymmetric decryption is used.
- * @return The decrypted data.
- */
- virtual Blob
- decrypt(const Name& keyName, const uint8_t* data, size_t dataLength, bool isSymmetric = false) = 0;
-
- Blob
- decrypt(const Name& keyName, const Blob& data, bool isSymmetric = false)
- {
- decrypt(keyName, data.buf(), data.size(), isSymmetric);
- }
-
- /**
- * Encrypt data.
- * @param keyName The name of the encrypting key.
- * @param data The byte to be encrypted.
- * @param dataLength the length of data.
- * @param isSymmetric If true symmetric encryption is used, otherwise asymmetric decryption is used.
- * @return The encrypted data.
- */
- virtual Blob
- encrypt(const Name& keyName, const uint8_t* data, size_t dataLength, bool isSymmetric = false) = 0;
-
- Blob
- encrypt(const Name& keyName, const Blob& data, bool isSymmetric = false)
- {
- encrypt(keyName, data.buf(), data.size(), isSymmetric);
- }
-
- /**
- * @brief Generate a symmetric key.
- * @param keyName The name of the key.
- * @param keyType The type of the key, e.g. KEY_TYPE_AES.
- * @param keySize The size of the key.
- */
- virtual void
- generateKey(const Name& keyName, KeyType keyType = KEY_TYPE_AES, int keySize = 256) = 0;
-
- /**
- * Check if a particular key exists.
- * @param keyName The name of the key.
- * @param keyClass The class of the key, e.g. KEY_CLASS_PUBLIC, KEY_CLASS_PRIVATE, or KEY_CLASS_SYMMETRIC.
- * @return True if the key exists, otherwise false.
- */
- virtual bool
- doesKeyExist(const Name& keyName, KeyClass keyClass) = 0;
-};
-
-}
-
-#endif