security: Reorganizing source code to prepare for support of two version of NDN certificates
This commit also removes unused ndn_digestSha256 function and deprecates
crypto::sha256 in favor of crypto::computeSha256Digest in util/crypto.hpp.
Change-Id: I24ee50ff073a96b868633bdf2cfade412d3605f3
Refs: #3098
diff --git a/.waf-tools/cryptopp.py b/.waf-tools/cryptopp.py
index 4035693..1632ab6 100644
--- a/.waf-tools/cryptopp.py
+++ b/.waf-tools/cryptopp.py
@@ -27,7 +27,7 @@
CRYPTOPP_VERSION_FILE = 'config.h'
CRYPTOPP_CHECK_FRAGMENT = '''
-#include "../../src/security/cryptopp.hpp"
+#include "../../src/security/v1/cryptopp.hpp"
#include <iostream>
int
diff --git a/docs/doxygen.conf.in b/docs/doxygen.conf.in
index 2779491..d1ab057 100644
--- a/docs/doxygen.conf.in
+++ b/docs/doxygen.conf.in
@@ -1924,7 +1924,8 @@
PROTECTED_WITH_TESTS_ELSE_PRIVATE=private \
VIRTUAL_WITH_TESTS \
NDN_CXX_KEYCHAIN_REGISTER_PIB \
- NDN_CXX_KEYCHAIN_REGISTER_TPM
+ NDN_CXX_KEYCHAIN_REGISTER_TPM \
+ DEPRECATED(x)=x
# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then this
# tag can be used to specify a list of macro names that should be expanded. The
diff --git a/src/common-pch.hpp b/src/common-pch.hpp
index 06e8912..ad4bbff 100644
--- a/src/common-pch.hpp
+++ b/src/common-pch.hpp
@@ -51,6 +51,6 @@
#include <boost/system/error_code.hpp>
// Other useful headers to precompile
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#endif // NDN_COMMON_PCH_HPP
diff --git a/src/data.cpp b/src/data.cpp
index 724335e..054c975 100644
--- a/src/data.cpp
+++ b/src/data.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -184,7 +184,7 @@
"(e.g., not signed)"));
}
m_fullName = m_name;
- m_fullName.appendImplicitSha256Digest(crypto::sha256(m_wire.wire(), m_wire.size()));
+ m_fullName.appendImplicitSha256Digest(crypto::computeSha256Digest(m_wire.wire(), m_wire.size()));
}
return m_fullName;
diff --git a/src/encoding/cryptopp/asn_ext.hpp b/src/encoding/cryptopp/asn_ext.hpp
index 8b6cafc..359aa8b 100644
--- a/src/encoding/cryptopp/asn_ext.hpp
+++ b/src/encoding/cryptopp/asn_ext.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -26,7 +26,7 @@
#define NDN_ASN_EXT_HPP
#include "../../common.hpp"
-#include "../../security/cryptopp.hpp"
+#include "../../security/v1/cryptopp.hpp"
#include "../../util/time.hpp"
diff --git a/src/encoding/oid.cpp b/src/encoding/oid.cpp
index 1e623a5..da5ee5c 100644
--- a/src/encoding/oid.cpp
+++ b/src/encoding/oid.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -17,47 +17,35 @@
* <http://www.gnu.org/licenses/>.
*
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- *
*/
-#include "common.hpp"
-
#include "oid.hpp"
-#include "../security/cryptopp.hpp"
+#include "../security/v1/cryptopp.hpp"
#include <sstream>
namespace ndn {
-using std::string;
-using std::vector;
-
static const int OID_MAGIC_NUMBER = 40;
-OID::OID(const char* oid)
+Oid::Oid(const char* oid)
+ : Oid(std::string(oid))
{
- construct(oid);
}
-OID::OID(const string& oid)
+Oid::Oid(const std::string& oid)
{
- construct(oid);
-}
-
-void
-OID::construct(const std::string& oid)
-{
- string str = oid + ".";
+ std::string str = oid + ".";
size_t pos = 0;
size_t ppos = 0;
- while (string::npos != pos) {
+ while (std::string::npos != pos) {
ppos = pos;
pos = str.find_first_of('.', pos);
- if (pos == string::npos)
+ if (pos == std::string::npos)
break;
m_oid.push_back(atoi(str.substr(ppos, pos - ppos).c_str()));
@@ -66,12 +54,12 @@
}
}
-string
-OID::toString() const
+std::string
+Oid::toString() const
{
std::ostringstream convert;
- for (vector<int>::const_iterator it = m_oid.begin(); it != m_oid.end(); ++it) {
+ for (std::vector<int>::const_iterator it = m_oid.begin(); it != m_oid.end(); ++it) {
if (it != m_oid.begin())
convert << ".";
convert << *it;
@@ -81,10 +69,10 @@
}
bool
-OID::equal(const OID& oid) const
+Oid::equal(const Oid& oid) const
{
- vector<int>::const_iterator i = m_oid.begin();
- vector<int>::const_iterator j = oid.m_oid.begin();
+ std::vector<int>::const_iterator i = m_oid.begin();
+ std::vector<int>::const_iterator j = oid.m_oid.begin();
for (; i != m_oid.end() && j != oid.m_oid.end(); i++, j++) {
if (*i != *j)
@@ -127,7 +115,7 @@
}
void
-OID::encode(CryptoPP::BufferedTransformation& out) const
+Oid::encode(CryptoPP::BufferedTransformation& out) const
{
using namespace CryptoPP;
@@ -144,7 +132,7 @@
}
void
-OID::decode(CryptoPP::BufferedTransformation& in)
+Oid::decode(CryptoPP::BufferedTransformation& in)
{
using namespace CryptoPP;
@@ -176,10 +164,10 @@
}
namespace oid {
-const OID RSA("1.2.840.113549.1.1.1");
-const OID ECDSA("1.2.840.10045.2.1");
+const Oid RSA("1.2.840.113549.1.1.1");
+const Oid ECDSA("1.2.840.10045.2.1");
-const OID ATTRIBUTE_NAME("2.5.4.41");
-}
+const Oid ATTRIBUTE_NAME("2.5.4.41");
+} // namespace oid
} // namespace ndn
diff --git a/src/encoding/oid.hpp b/src/encoding/oid.hpp
index d5f99ca..2f89484 100644
--- a/src/encoding/oid.hpp
+++ b/src/encoding/oid.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -28,25 +28,23 @@
namespace CryptoPP {
class BufferedTransformation;
-}
+} // namespace CryptoPP
namespace ndn {
-class OID
+class Oid
{
public:
- OID()
- {
- }
+ Oid() = default;
explicit
- OID(const char* oid);
+ Oid(const char* oid);
explicit
- OID(const std::string& oid);
+ Oid(const std::string& oid);
explicit
- OID(const std::vector<int>& oid)
+ Oid(const std::vector<int>& oid)
: m_oid(oid)
{
}
@@ -67,13 +65,13 @@
toString() const;
bool
- operator==(const OID& oid) const
+ operator==(const Oid& oid) const
{
return equal(oid);
}
bool
- operator!=(const OID& oid) const
+ operator!=(const Oid& oid) const
{
return !equal(oid);
}
@@ -86,25 +84,27 @@
private:
- void
- construct(const std::string& value);
-
bool
- equal(const OID& oid) const;
+ equal(const Oid& oid) const;
private:
std::vector<int> m_oid;
};
+/**
+ * @deprecated Use Oid type instead
+ */
+typedef Oid OID;
+
namespace oid {
-//crypto algorithm
-extern const OID RSA;
-extern const OID ECDSA;
+// crypto algorithm
+extern const Oid RSA;
+extern const Oid ECDSA;
-//certificate entries
-extern const OID ATTRIBUTE_NAME;
-}
+// certificate entries
+extern const Oid ATTRIBUTE_NAME;
+} // namespace oid
-}
+} // namespace ndn
#endif // NDN_ENCODING_OID_HPP
diff --git a/src/face.cpp b/src/face.cpp
index fbaee26..bbb9f08 100644
--- a/src/face.cpp
+++ b/src/face.cpp
@@ -321,7 +321,7 @@
const OnInterest& onInterest,
const RegisterPrefixSuccessCallback& onSuccess,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
+ const security::v1::IdentityCertificate& certificate,
uint64_t flags)
{
security::SigningInfo signingInfo;
@@ -335,7 +335,7 @@
Face::setInterestFilter(const InterestFilter& interestFilter,
const OnInterest& onInterest,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
+ const security::v1::IdentityCertificate& certificate,
uint64_t flags)
{
security::SigningInfo signingInfo;
@@ -390,7 +390,7 @@
Face::registerPrefix(const Name& prefix,
const RegisterPrefixSuccessCallback& onSuccess,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
+ const security::v1::IdentityCertificate& certificate,
uint64_t flags)
{
security::SigningInfo signingInfo;
diff --git a/src/face.hpp b/src/face.hpp
index 51a5270..27af415 100644
--- a/src/face.hpp
+++ b/src/face.hpp
@@ -35,7 +35,7 @@
#define NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
#ifdef NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
-#include "security/identity-certificate.hpp"
+#include "security/v1/identity-certificate.hpp"
#endif // NDN_FACE_KEEP_DEPRECATED_REGISTRATION_SIGNING
namespace boost {
@@ -414,7 +414,7 @@
const OnInterest& onInterest,
const RegisterPrefixSuccessCallback& onSuccess,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
+ const security::v1::IdentityCertificate& certificate,
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT));
/**
@@ -444,7 +444,7 @@
setInterestFilter(const InterestFilter& interestFilter,
const OnInterest& onInterest,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
+ const security::v1::IdentityCertificate& certificate,
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT));
/**
@@ -554,7 +554,7 @@
registerPrefix(const Name& prefix,
const RegisterPrefixSuccessCallback& onSuccess,
const RegisterPrefixFailureCallback& onFailure,
- const IdentityCertificate& certificate,
+ const security::v1::IdentityCertificate& certificate,
uint64_t flags = nfd::ROUTE_FLAG_CHILD_INHERIT));
/**
diff --git a/src/management/nfd-command-options.cpp b/src/management/nfd-command-options.cpp
index 1c7a252..6794483 100644
--- a/src/management/nfd-command-options.cpp
+++ b/src/management/nfd-command-options.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,7 +22,7 @@
#include "nfd-command-options.hpp"
#ifdef NDN_MANAGEMENT_NFD_COMMAND_OPTIONS_KEEP_DEPRECATED_SIGNING_PARAMS
-#include "../security/identity-certificate.hpp"
+#include "../security/v1/identity-certificate.hpp"
#include "../security/signing-helpers.hpp"
#endif // NDN_MANAGEMENT_NFD_COMMAND_OPTIONS_KEEP_DEPRECATED_SIGNING_PARAMS
@@ -129,7 +129,7 @@
}
CommandOptions&
-CommandOptions::setSigningCertificate(const IdentityCertificate& certificate)
+CommandOptions::setSigningCertificate(const security::v1::IdentityCertificate& certificate)
{
m_signingInfo = makeSigningInfoFromIdentityCertificate(certificate.getName());
return *this;
diff --git a/src/management/nfd-command-options.hpp b/src/management/nfd-command-options.hpp
index eb69e03..4ca0a6b 100644
--- a/src/management/nfd-command-options.hpp
+++ b/src/management/nfd-command-options.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -28,7 +28,11 @@
namespace ndn {
+namespace security {
+namespace v1 {
class IdentityCertificate;
+} // namespace v1
+} // namespace security
namespace nfd {
@@ -167,7 +171,7 @@
*/
DEPRECATED(
CommandOptions&
- setSigningCertificate(const IdentityCertificate& certificate));
+ setSigningCertificate(const security::v1::IdentityCertificate& certificate));
#endif // NDN_MANAGEMENT_NFD_COMMAND_OPTIONS_KEEP_DEPRECATED_SIGNING_PARAMS
diff --git a/src/management/nfd-controller.hpp b/src/management/nfd-controller.hpp
index 297f113..8674a61 100644
--- a/src/management/nfd-controller.hpp
+++ b/src/management/nfd-controller.hpp
@@ -32,9 +32,9 @@
namespace security {
class KeyChain;
+class Validator;
} // namespace security
class Face;
-class Validator;
namespace nfd {
@@ -66,7 +66,7 @@
/** \brief construct a Controller that uses face for transport,
* and uses the passed KeyChain to sign commands
*/
- Controller(Face& face, security::KeyChain& keyChain, Validator& validator = s_validatorNull);
+ Controller(Face& face, security::KeyChain& keyChain, security::Validator& validator = s_validatorNull);
/** \brief start command execution
*/
@@ -171,7 +171,7 @@
protected:
Face& m_face;
security::KeyChain& m_keyChain;
- Validator& m_validator;
+ security::Validator& m_validator;
private:
static ValidatorNull s_validatorNull;
diff --git a/src/name-component.cpp b/src/name-component.cpp
index 7941225..8259dd9 100644
--- a/src/name-component.cpp
+++ b/src/name-component.cpp
@@ -28,7 +28,6 @@
#include "encoding/block-helpers.hpp"
#include "encoding/encoding-buffer.hpp"
#include "util/string-helper.hpp"
-#include "security/cryptopp.hpp"
#include "util/crypto.hpp"
#include <boost/lexical_cast.hpp>
diff --git a/src/security/certificate-cache-ttl.cpp b/src/security/certificate-cache-ttl.cpp
index 2ab13c9..c1ad631 100644
--- a/src/security/certificate-cache-ttl.cpp
+++ b/src/security/certificate-cache-ttl.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -24,6 +24,7 @@
#include "certificate-cache-ttl.hpp"
namespace ndn {
+namespace security {
CertificateCacheTtl::CertificateCacheTtl(boost::asio::io_service& io,
const time::seconds& defaultTtl/* = time::seconds(3600)*/)
@@ -38,19 +39,19 @@
}
void
-CertificateCacheTtl::insertCertificate(shared_ptr<const IdentityCertificate> certificate)
+CertificateCacheTtl::insertCertificate(shared_ptr<const v1::IdentityCertificate> certificate)
{
m_io.dispatch([this, certificate] { this->insert(certificate); });
}
-shared_ptr<const IdentityCertificate>
+shared_ptr<const v1::IdentityCertificate>
CertificateCacheTtl::getCertificate(const Name& certificateName)
{
Cache::iterator it = m_cache.find(certificateName);
if (it != m_cache.end())
return it->second.first;
else
- return shared_ptr<IdentityCertificate>();
+ return shared_ptr<v1::IdentityCertificate>();
}
void
@@ -66,7 +67,7 @@
}
void
-CertificateCacheTtl::insert(shared_ptr<const IdentityCertificate> certificate)
+CertificateCacheTtl::insert(shared_ptr<const v1::IdentityCertificate> certificate)
{
time::milliseconds expire = (certificate->getFreshnessPeriod() >= time::seconds::zero() ?
certificate->getFreshnessPeriod() : m_defaultTtl);
@@ -102,4 +103,5 @@
m_cache.clear();
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/certificate-cache-ttl.hpp b/src/security/certificate-cache-ttl.hpp
index 55cbc5a..e0ef837 100644
--- a/src/security/certificate-cache-ttl.hpp
+++ b/src/security/certificate-cache-ttl.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -29,6 +29,7 @@
#include "../util/scheduler.hpp"
namespace ndn {
+namespace security {
/**
* @brief Cache of validated certificates with freshness-based eviction policy
@@ -47,9 +48,9 @@
~CertificateCacheTtl();
virtual void
- insertCertificate(shared_ptr<const IdentityCertificate> certificate);
+ insertCertificate(shared_ptr<const v1::IdentityCertificate> certificate);
- virtual shared_ptr<const IdentityCertificate>
+ virtual shared_ptr<const v1::IdentityCertificate>
getCertificate(const Name& certificateNameWithoutVersion);
virtual void
@@ -60,7 +61,7 @@
private:
void
- insert(shared_ptr<const IdentityCertificate> certificate);
+ insert(shared_ptr<const v1::IdentityCertificate> certificate);
void
remove(const Name& certificateName);
@@ -69,7 +70,7 @@
removeAll();
protected:
- typedef std::map<Name, std::pair<shared_ptr<const IdentityCertificate>, EventId> > Cache;
+ typedef std::map<Name, std::pair<shared_ptr<const v1::IdentityCertificate>, EventId> > Cache;
time::seconds m_defaultTtl;
Cache m_cache;
@@ -77,6 +78,10 @@
Scheduler m_scheduler;
};
+} // namespace security
+
+using security::CertificateCacheTtl;
+
} // namespace ndn
#endif // NDN_SECURITY_CERTIFICATE_CACHE_TTL_HPP
diff --git a/src/security/certificate-cache.hpp b/src/security/certificate-cache.hpp
index 42f3b88..fa6cb79 100644
--- a/src/security/certificate-cache.hpp
+++ b/src/security/certificate-cache.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -25,9 +25,10 @@
#define NDN_SECURITY_CERTIFICATE_CACHE_HPP
#include "../name.hpp"
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
namespace ndn {
+namespace security {
/**
* @brief Interface for the cache of validated certificates
@@ -41,9 +42,9 @@
}
virtual void
- insertCertificate(shared_ptr<const IdentityCertificate> certificate) = 0;
+ insertCertificate(shared_ptr<const v1::IdentityCertificate> certificate) = 0;
- virtual shared_ptr<const IdentityCertificate>
+ virtual shared_ptr<const v1::IdentityCertificate>
getCertificate(const Name& certificateNameWithoutVersion) = 0;
virtual void
@@ -59,6 +60,10 @@
}
};
+} // namespace security
+
+using security::CertificateCache;
+
} // namespace ndn
#endif // NDN_SECURITY_CERTIFICATE_CACHE_HPP
diff --git a/src/security/certificate-container.cpp b/src/security/certificate-container.cpp
index b18bbcb..a05dd52 100644
--- a/src/security/certificate-container.cpp
+++ b/src/security/certificate-container.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -32,7 +32,7 @@
{
}
-IdentityCertificate
+v1::IdentityCertificate
CertificateContainer::const_iterator::operator*()
{
return m_impl->getCertificate(*m_it);
diff --git a/src/security/certificate-container.hpp b/src/security/certificate-container.hpp
index 1d7b6b4..f0cc408 100644
--- a/src/security/certificate-container.hpp
+++ b/src/security/certificate-container.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,7 +23,7 @@
#define NDN_SECURITY_CERTIFICATE_CONTAINER_HPP
#include <set>
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
namespace ndn {
namespace security {
@@ -40,7 +40,7 @@
friend class CertificateContainer;
public:
- IdentityCertificate
+ v1::IdentityCertificate
operator*();
const_iterator&
diff --git a/src/security/command-interest-validator.cpp b/src/security/command-interest-validator.cpp
index ddba90e..f877f41 100644
--- a/src/security/command-interest-validator.cpp
+++ b/src/security/command-interest-validator.cpp
@@ -20,7 +20,7 @@
*/
#include "command-interest-validator.hpp"
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
#include <boost/lexical_cast.hpp>
namespace ndn {
@@ -146,9 +146,9 @@
}
try {
- keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
+ keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
}
- catch (const IdentityCertificate::Error&) {
+ catch (const v1::IdentityCertificate::Error&) {
return ErrorCode::BAD_CERT_NAME;
}
diff --git a/src/security/conf/checker.hpp b/src/security/conf/checker.hpp
index c2c4244..c4ec3ca 100644
--- a/src/security/conf/checker.hpp
+++ b/src/security/conf/checker.hpp
@@ -29,7 +29,7 @@
#include "key-locator-checker.hpp"
#include "../../util/io.hpp"
#include "../validator.hpp"
-#include "../identity-certificate.hpp"
+#include "../v1/identity-certificate.hpp"
#include <boost/algorithm/string.hpp>
#include <boost/filesystem.hpp>
@@ -198,10 +198,10 @@
{
public:
FixedSignerChecker(uint32_t sigType,
- const std::vector<shared_ptr<IdentityCertificate>>& signers)
+ const std::vector<shared_ptr<v1::IdentityCertificate>>& signers)
: m_sigType(sigType)
{
- for (std::vector<shared_ptr<IdentityCertificate>>::const_iterator it = signers.begin();
+ for (std::vector<shared_ptr<v1::IdentityCertificate>>::const_iterator it = signers.begin();
it != signers.end(); it++)
m_signers[(*it)->getName().getPrefix(-1)] = (*it);
@@ -295,7 +295,7 @@
}
private:
- typedef std::map<Name, shared_ptr<IdentityCertificate>> SignerList;
+ typedef std::map<Name, shared_ptr<v1::IdentityCertificate>> SignerList;
uint32_t m_sigType;
SignerList m_signers;
};
@@ -394,7 +394,7 @@
std::string sigType = propertyIt->second.data();
propertyIt++;
- std::vector<shared_ptr<IdentityCertificate>> signers;
+ std::vector<shared_ptr<v1::IdentityCertificate>> signers;
for (; propertyIt != configSection.end(); propertyIt++) {
if (!boost::iequals(propertyIt->first, "signer"))
BOOST_THROW_EXCEPTION(Error("Expect <checker.signer> but get <checker." +
@@ -410,7 +410,7 @@
signers));
}
- static shared_ptr<IdentityCertificate>
+ static shared_ptr<v1::IdentityCertificate>
getSigner(const ConfigSection& configSection, const std::string& configFilename)
{
using namespace boost::filesystem;
@@ -436,8 +436,8 @@
if (propertyIt != configSection.end())
BOOST_THROW_EXCEPTION(Error("Expect the end of checker.signer"));
- shared_ptr<IdentityCertificate> idCert
- = io::load<IdentityCertificate>(certfilePath.c_str());
+ shared_ptr<v1::IdentityCertificate> idCert
+ = io::load<v1::IdentityCertificate>(certfilePath.c_str());
if (static_cast<bool>(idCert))
return idCert;
@@ -457,7 +457,7 @@
if (propertyIt != configSection.end())
BOOST_THROW_EXCEPTION(Error("Expect the end of checker.signer"));
- shared_ptr<IdentityCertificate> idCert = io::load<IdentityCertificate>(ss);
+ shared_ptr<v1::IdentityCertificate> idCert = io::load<v1::IdentityCertificate>(ss);
if (static_cast<bool>(idCert))
return idCert;
diff --git a/src/security/cryptopp.hpp b/src/security/cryptopp.hpp
index d7342cf..4c9e959 100644
--- a/src/security/cryptopp.hpp
+++ b/src/security/cryptopp.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -19,27 +19,15 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#ifndef NDN_SECURITY_CRYPTOPP_HPP
-#define NDN_SECURITY_CRYPTOPP_HPP
+/**
+ * @file security/cryptopp.hpp
+ * @deprecated Use security/v1/cryptopp.hpp
+ */
-// suppress CryptoPP warnings
-#pragma GCC system_header
-#pragma clang system_header
+#include "security-common.hpp"
-#include <cryptopp/asn.h>
-#include <cryptopp/base64.h>
-#include <cryptopp/des.h>
-#include <cryptopp/files.h>
-#include <cryptopp/filters.h>
-#include <cryptopp/hex.h>
-#include <cryptopp/modes.h>
-#include <cryptopp/osrng.h>
-#include <cryptopp/pssr.h>
-#include <cryptopp/pwdbased.h>
-#include <cryptopp/rsa.h>
-#include <cryptopp/sha.h>
-#include <cryptopp/eccrypto.h>
-#include <cryptopp/oids.h>
-#include <cryptopp/dsa.h>
-
-#endif // NDN_SECURITY_CRYPTOPP_HPP
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+#include "v1/cryptopp.hpp"
+#else
+#error "Deprecated. Use v1/cryptopp.hpp instead."
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
diff --git a/src/security/identity-certificate.hpp b/src/security/identity-certificate.hpp
index b416080..42553a6 100644
--- a/src/security/identity-certificate.hpp
+++ b/src/security/identity-certificate.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -17,84 +17,17 @@
* <http://www.gnu.org/licenses/>.
*
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- *
- * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
*/
-#ifndef NDN_SECURITY_IDENTITY_CERTIFICATE_HPP
-#define NDN_SECURITY_IDENTITY_CERTIFICATE_HPP
+/**
+ * @file security/identity-certificate.hpp
+ * @deprecated Use security/v1/identity-certificate.hpp
+ */
-#include "../common.hpp"
-#include "certificate.hpp"
+#include "security-common.hpp"
-namespace ndn {
-
-class IdentityCertificate : public Certificate
-{
-public:
- class Error : public Certificate::Error
- {
- public:
- explicit
- Error(const std::string& what)
- : Certificate::Error(what)
- {
- }
- };
-
- /**
- * @brief The default constructor.
- */
- IdentityCertificate();
-
- /**
- * @brief Create an IdentityCertificate from the content in the data packet.
- * @param data The data packet with the content to decode.
- */
- explicit
- IdentityCertificate(const Data& data);
-
- /**
- * @brief Create an IdentityCertificate from a block.
- * @param block The raw block of the certificate.
- */
- explicit
- IdentityCertificate(const Block& block);
-
- void
- wireDecode(const Block& wire);
-
- void
- setName(const Name& name);
-
- const Name&
- getPublicKeyName() const
- {
- return m_publicKeyName;
- }
-
- static bool
- isIdentityCertificate(const Certificate& certificate);
-
- /**
- * @brief Get the public key name from the full certificate name.
- * @param certificateName The full certificate name.
- * @return The related public key name.
- */
- static Name
- certificateNameToPublicKeyName(const Name& certificateName);
-
-private:
- static bool
- isCorrectName(const Name& name);
-
- void
- setPublicKeyName();
-
-protected:
- Name m_publicKeyName;
-};
-
-} // namespace ndn
-
-#endif // NDN_SECURITY_IDENTITY_CERTIFICATE_HPP
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+#include "v1/identity-certificate.hpp"
+#else
+#error "Deprecated. Use `v1/identity-certificate.hpp` instead."
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
diff --git a/src/security/identity.cpp b/src/security/identity.cpp
index 9b42ec5..176814c 100644
--- a/src/security/identity.cpp
+++ b/src/security/identity.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -58,7 +58,7 @@
}
Key
-Identity::addKey(const PublicKey& publicKey, const name::Component& keyId)
+Identity::addKey(const v1::PublicKey& publicKey, const name::Component& keyId)
{
validityCheck();
@@ -123,7 +123,7 @@
}
Key&
-Identity::setDefaultKey(const PublicKey& publicKey, const name::Component& keyId)
+Identity::setDefaultKey(const v1::PublicKey& publicKey, const name::Component& keyId)
{
const Key& keyEntry = addKey(publicKey, keyId);
return setDefaultKey(keyEntry.getKeyId());
diff --git a/src/security/identity.hpp b/src/security/identity.hpp
index 0ac8201..1e4bd2c 100644
--- a/src/security/identity.hpp
+++ b/src/security/identity.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -116,7 +116,7 @@
* @return the added key or existing key with the same key id.
*/
Key
- addKey(const PublicKey& publicKey, const name::Component& keyId = EMPTY_KEY_ID);
+ addKey(const v1::PublicKey& publicKey, const name::Component& keyId = EMPTY_KEY_ID);
/**
* @brief Remove a key.
@@ -147,7 +147,7 @@
* @return the default key
*/
Key&
- setDefaultKey(const PublicKey& publicKey, const name::Component& keyId = EMPTY_KEY_ID);
+ setDefaultKey(const v1::PublicKey& publicKey, const name::Component& keyId = EMPTY_KEY_ID);
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE:
/**
diff --git a/src/security/key-chain.cpp b/src/security/key-chain.cpp
index 8369cb1..827f9df 100644
--- a/src/security/key-chain.cpp
+++ b/src/security/key-chain.cpp
@@ -298,7 +298,7 @@
try {
keyName = m_pib->getDefaultKeyNameForIdentity(identityName);
- shared_ptr<PublicKey> key = m_pib->getPublicKey(keyName);
+ shared_ptr<v1::PublicKey> key = m_pib->getPublicKey(keyName);
if (key->getKeyType() != params.getKeyType()) {
keyName = generateKeyPair(identityName, true, params);
@@ -315,7 +315,7 @@
certName = m_pib->getDefaultCertificateNameForKey(keyName);
}
catch (const SecPublicInfo::Error& e) {
- shared_ptr<IdentityCertificate> selfCert = selfSign(keyName);
+ shared_ptr<v1::IdentityCertificate> selfCert = selfSign(keyName);
m_pib->addCertificateAsIdentityDefault(*selfCert);
certName = selfCert->getName();
}
@@ -362,15 +362,15 @@
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
KeyChain::prepareUnsignedIdentityCertificate(const Name& keyName,
const Name& signingIdentity,
const time::system_clock::TimePoint& notBefore,
const time::system_clock::TimePoint& notAfter,
- const std::vector<CertificateSubjectDescription>& subjectDescription,
+ const std::vector<v1::CertificateSubjectDescription>& subjectDescription,
const Name& certPrefix)
{
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
try {
publicKey = m_pib->getPublicKey(keyName);
}
@@ -383,13 +383,13 @@
subjectDescription, certPrefix);
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
KeyChain::prepareUnsignedIdentityCertificate(const Name& keyName,
- const PublicKey& publicKey,
+ const v1::PublicKey& publicKey,
const Name& signingIdentity,
const time::system_clock::TimePoint& notBefore,
const time::system_clock::TimePoint& notAfter,
- const std::vector<CertificateSubjectDescription>& subjectDescription,
+ const std::vector<v1::CertificateSubjectDescription>& subjectDescription,
const Name& certPrefix)
{
if (keyName.size() < 1)
@@ -428,21 +428,19 @@
return nullptr;
}
- auto certificate = make_shared<IdentityCertificate>();
+ auto certificate = make_shared<v1::IdentityCertificate>();
certificate->setName(certName);
certificate->setNotBefore(notBefore);
certificate->setNotAfter(notAfter);
certificate->setPublicKeyInfo(publicKey);
if (subjectDescription.empty()) {
- CertificateSubjectDescription subjectName(oid::ATTRIBUTE_NAME, keyName.getPrefix(-1).toUri());
+ v1::CertificateSubjectDescription subjectName(oid::ATTRIBUTE_NAME, keyName.getPrefix(-1).toUri());
certificate->addSubjectDescription(subjectName);
}
else {
- std::vector<CertificateSubjectDescription>::const_iterator sdIt =
- subjectDescription.begin();
- std::vector<CertificateSubjectDescription>::const_iterator sdEnd =
- subjectDescription.end();
+ std::vector<v1::CertificateSubjectDescription>::const_iterator sdIt = subjectDescription.begin();
+ std::vector<v1::CertificateSubjectDescription>::const_iterator sdEnd = subjectDescription.end();
for(; sdIt != sdEnd; sdIt++)
certificate->addSubjectDescription(*sdIt);
}
@@ -457,7 +455,7 @@
{
SignatureInfo sigInfo = params.getSignatureInfo();
- shared_ptr<IdentityCertificate> signingCert;
+ shared_ptr<v1::IdentityCertificate> signingCert;
switch (params.getSignerType()) {
case SigningInfo::SIGNER_TYPE_NULL: {
@@ -539,7 +537,7 @@
Signature
KeyChain::sign(const uint8_t* buffer, size_t bufferLength, const Name& certificateName)
{
- shared_ptr<IdentityCertificate> certificate = m_pib->getCertificate(certificateName);
+ shared_ptr<v1::IdentityCertificate> certificate = m_pib->getCertificate(certificateName);
if (certificate == nullptr) {
BOOST_THROW_EXCEPTION(SecPublicInfo::Error("certificate does not exist"));
@@ -555,10 +553,10 @@
return sig;
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
KeyChain::selfSign(const Name& keyName)
{
- shared_ptr<PublicKey> pubKey;
+ shared_ptr<v1::PublicKey> pubKey;
try {
pubKey = m_pib->getPublicKey(keyName); // may throw an exception.
}
@@ -566,7 +564,7 @@
return nullptr;
}
- auto certificate = make_shared<IdentityCertificate>();
+ auto certificate = make_shared<v1::IdentityCertificate>();
Name certificateName = keyName.getPrefix(-1);
certificateName.append("KEY").append(keyName.get(-1)).append("ID-CERT").appendVersion();
@@ -575,8 +573,8 @@
certificate->setNotBefore(time::system_clock::now());
certificate->setNotAfter(time::system_clock::now() + time::days(7300)); // ~20 years
certificate->setPublicKeyInfo(*pubKey);
- certificate->addSubjectDescription(CertificateSubjectDescription(oid::ATTRIBUTE_NAME,
- keyName.toUri()));
+ certificate->addSubjectDescription(v1::CertificateSubjectDescription(oid::ATTRIBUTE_NAME,
+ keyName.toUri()));
certificate->encode();
certificate->setSignature(Signature(SignatureInfo()));
@@ -586,7 +584,7 @@
}
void
-KeyChain::selfSign(IdentityCertificate& cert)
+KeyChain::selfSign(v1::IdentityCertificate& cert)
{
Name keyName = cert.getPublicKeyName();
@@ -617,7 +615,7 @@
BOOST_THROW_EXCEPTION(SecPublicInfo::Error("Fail to export PKCS5 of private key"));
}
- shared_ptr<IdentityCertificate> cert;
+ shared_ptr<v1::IdentityCertificate> cert;
try {
cert = m_pib->getCertificate(m_pib->getDefaultCertificateNameForKey(keyName));
}
@@ -634,7 +632,7 @@
KeyChain::importIdentity(const SecuredBag& securedBag, const std::string& passwordStr)
{
Name certificateName = securedBag.getCertificate().getName();
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificateName);
+ Name keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(certificateName);
Name identity = keyName.getPrefix(-1);
// Add identity
@@ -646,7 +644,7 @@
securedBag.getKey()->size(),
passwordStr);
- shared_ptr<PublicKey> pubKey = m_tpm->getPublicKeyFromTpm(keyName.toUri());
+ shared_ptr<v1::PublicKey> pubKey = m_tpm->getPublicKeyFromTpm(keyName.toUri());
// HACK! We should set key type according to the pkcs8 info.
m_pib->addKey(keyName, *pubKey);
m_pib->setDefaultKeyNameForIdentity(keyName);
@@ -711,7 +709,7 @@
m_tpm->generateKeyPairInTpm(keyName.toUri(), params);
- shared_ptr<PublicKey> pubKey = m_tpm->getPublicKeyFromTpm(keyName.toUri());
+ shared_ptr<v1::PublicKey> pubKey = m_tpm->getPublicKeyFromTpm(keyName.toUri());
m_pib->addKey(keyName, *pubKey);
return keyName;
@@ -761,7 +759,7 @@
const Name& keyName, DigestAlgorithm digestAlgorithm) const
{
if (keyName == DIGEST_SHA256_IDENTITY)
- return Block(tlv::SignatureValue, crypto::sha256(buf, size));
+ return Block(tlv::SignatureValue, crypto::computeSha256Digest(buf, size));
return m_tpm->signInTpm(buf, size, keyName, digestAlgorithm);
}
@@ -796,8 +794,8 @@
.append(sig.getInfo()); // signatureInfo
Block sigValue(tlv::SignatureValue,
- crypto::sha256(signedName.wireEncode().value(),
- signedName.wireEncode().value_size()));
+ crypto::computeSha256Digest(signedName.wireEncode().value(),
+ signedName.wireEncode().value_size()));
sigValue.encode();
signedName.append(sigValue); // signatureValue
diff --git a/src/security/key-chain.hpp b/src/security/key-chain.hpp
index d9963cd..796aa33 100644
--- a/src/security/key-chain.hpp
+++ b/src/security/key-chain.hpp
@@ -38,7 +38,6 @@
#include "../util/random.hpp"
#include <initializer_list>
-
namespace ndn {
namespace security {
@@ -210,22 +209,22 @@
*
* @param keyName Key name, e.g., `/<identity_name>/ksk-123456`.
* @param signingIdentity The signing identity.
- * @param notBefore Refer to IdentityCertificate.
- * @param notAfter Refer to IdentityCertificate.
- * @param subjectDescription Refer to IdentityCertificate.
+ * @param notBefore Refer to v1::IdentityCertificate.
+ * @param notAfter Refer to v1::IdentityCertificate.
+ * @param subjectDescription Refer to v1::IdentityCertificate.
* @param certPrefix Prefix before `KEY` component. By default, KeyChain will infer the
* certificate name according to the relation between the signingIdentity and
* the subject identity. If signingIdentity is a prefix of the subject identity,
* `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted
* after subject identity (i.e., before `ksk-....`).
- * @return IdentityCertificate.
+ * @return v1::IdentityCertificate.
*/
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
prepareUnsignedIdentityCertificate(const Name& keyName,
const Name& signingIdentity,
const time::system_clock::TimePoint& notBefore,
const time::system_clock::TimePoint& notAfter,
- const std::vector<CertificateSubjectDescription>& subjectDescription,
+ const std::vector<security::v1::CertificateSubjectDescription>& subjectDescription,
const Name& certPrefix = DEFAULT_PREFIX);
/**
@@ -234,23 +233,23 @@
* @param keyName Key name, e.g., `/<identity_name>/ksk-123456`.
* @param publicKey Public key to sign.
* @param signingIdentity The signing identity.
- * @param notBefore Refer to IdentityCertificate.
- * @param notAfter Refer to IdentityCertificate.
- * @param subjectDescription Refer to IdentityCertificate.
+ * @param notBefore Refer to v1::IdentityCertificate.
+ * @param notAfter Refer to v1::IdentityCertificate.
+ * @param subjectDescription Refer to v1::IdentityCertificate.
* @param certPrefix Prefix before `KEY` component. By default, KeyChain will infer the
* certificate name according to the relation between the signingIdentity and
* the subject identity. If signingIdentity is a prefix of the subject identity,
* `KEY` will be inserted after the signingIdentity, otherwise `KEY` is inserted
* after subject identity (i.e., before `ksk-....`).
- * @return IdentityCertificate.
+ * @return v1::IdentityCertificate.
*/
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
prepareUnsignedIdentityCertificate(const Name& keyName,
- const PublicKey& publicKey,
+ const v1::PublicKey& publicKey,
const Name& signingIdentity,
const time::system_clock::TimePoint& notBefore,
const time::system_clock::TimePoint& notAfter,
- const std::vector<CertificateSubjectDescription>& subjectDescription,
+ const std::vector<security::v1::CertificateSubjectDescription>& subjectDescription,
const Name& certPrefix = DEFAULT_PREFIX);
/**
@@ -373,9 +372,9 @@
* @brief Generate a self-signed certificate for a public key.
*
* @param keyName The name of the public key
- * @return The generated certificate, shared_ptr<IdentityCertificate>() if selfSign fails
+ * @return The generated certificate, shared_ptr<v1::IdentityCertificate>() if selfSign fails
*/
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
selfSign(const Name& keyName);
/**
@@ -385,7 +384,7 @@
* @throws SecTpm::Error if the private key does not exist.
*/
void
- selfSign(IdentityCertificate& cert);
+ selfSign(v1::IdentityCertificate& cert);
/**
* @brief delete a certificate.
@@ -480,18 +479,18 @@
}
void
- addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer)
+ addPublicKey(const Name& keyName, KeyType keyType, const v1::PublicKey& publicKeyDer)
{
return m_pib->addKey(keyName, publicKeyDer);
}
void
- addKey(const Name& keyName, const PublicKey& publicKeyDer)
+ addKey(const Name& keyName, const v1::PublicKey& publicKeyDer)
{
return m_pib->addKey(keyName, publicKeyDer);
}
- shared_ptr<PublicKey>
+ shared_ptr<v1::PublicKey>
getPublicKey(const Name& keyName) const
{
return m_pib->getPublicKey(keyName);
@@ -504,12 +503,12 @@
}
void
- addCertificate(const IdentityCertificate& certificate)
+ addCertificate(const v1::IdentityCertificate& certificate)
{
return m_pib->addCertificate(certificate);
}
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
getCertificate(const Name& certificateName) const
{
return m_pib->getCertificate(certificateName);
@@ -630,24 +629,24 @@
}
void
- addCertificateAsKeyDefault(const IdentityCertificate& certificate)
+ addCertificateAsKeyDefault(const v1::IdentityCertificate& certificate)
{
return m_pib->addCertificateAsKeyDefault(certificate);
}
void
- addCertificateAsIdentityDefault(const IdentityCertificate& certificate)
+ addCertificateAsIdentityDefault(const v1::IdentityCertificate& certificate)
{
return m_pib->addCertificateAsIdentityDefault(certificate);
}
void
- addCertificateAsSystemDefault(const IdentityCertificate& certificate)
+ addCertificateAsSystemDefault(const v1::IdentityCertificate& certificate)
{
return m_pib->addCertificateAsSystemDefault(certificate);
}
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
getDefaultCertificate() const
{
if (!static_cast<bool>(m_pib->getDefaultCertificate()))
@@ -714,7 +713,7 @@
return m_tpm->deleteKeyPairInTpm(keyName);
}
- shared_ptr<PublicKey>
+ shared_ptr<v1::PublicKey>
getPublicKeyFromTpm(const Name& keyName) const
{
return m_tpm->getPublicKeyFromTpm(keyName);
diff --git a/src/security/key.cpp b/src/security/key.cpp
index 3d91cad..c59a39d 100644
--- a/src/security/key.cpp
+++ b/src/security/key.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -34,7 +34,7 @@
}
Key::Key(const Name& identityName, const name::Component& keyId,
- const PublicKey& publicKey, shared_ptr<PibImpl> impl)
+ const v1::PublicKey& publicKey, shared_ptr<PibImpl> impl)
: m_id(identityName)
, m_keyId(keyId)
, m_key(publicKey)
@@ -91,7 +91,7 @@
return m_keyId;
}
-const PublicKey&
+const v1::PublicKey&
Key::getPublicKey() const
{
validityCheck();
@@ -100,7 +100,7 @@
}
void
-Key::addCertificate(const IdentityCertificate& certificate)
+Key::addCertificate(const v1::IdentityCertificate& certificate)
{
validityCheck();
@@ -126,7 +126,7 @@
m_needRefreshCerts = true;
}
-IdentityCertificate
+v1::IdentityCertificate
Key::getCertificate(const Name& certName) const
{
validityCheck();
@@ -147,7 +147,7 @@
return m_certificates;
}
-const IdentityCertificate&
+const v1::IdentityCertificate&
Key::setDefaultCertificate(const Name& certName)
{
validityCheck();
@@ -158,14 +158,14 @@
return m_defaultCertificate;
}
-const IdentityCertificate&
-Key::setDefaultCertificate(const IdentityCertificate& certificate)
+const v1::IdentityCertificate&
+Key::setDefaultCertificate(const v1::IdentityCertificate& certificate)
{
addCertificate(certificate);
return setDefaultCertificate(certificate.getName());
}
-const IdentityCertificate&
+const v1::IdentityCertificate&
Key::getDefaultCertificate() const
{
validityCheck();
diff --git a/src/security/key.hpp b/src/security/key.hpp
index 31d7fe7..a237a38 100644
--- a/src/security/key.hpp
+++ b/src/security/key.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,7 +22,7 @@
#ifndef NDN_SECURITY_KEY_HPP
#define NDN_SECURITY_KEY_HPP
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
#include "certificate-container.hpp"
namespace ndn {
@@ -83,7 +83,7 @@
getKeyId() const;
/// @brief Get public key
- const PublicKey&
+ const v1::PublicKey&
getPublicKey() const;
/**
@@ -92,7 +92,7 @@
* @return the certificate
* @throws Pib::Error if the certificate does not exist.
*/
- IdentityCertificate
+ v1::IdentityCertificate
getCertificate(const Name& certName) const;
/// @brief Get all the certificates for this key.
@@ -104,7 +104,7 @@
*
* @throws Pib::Error if the default certificate does not exist.
*/
- const IdentityCertificate&
+ const v1::IdentityCertificate&
getDefaultCertificate() const;
/// @brief Check if the Key instance is valid
@@ -122,7 +122,7 @@
* @param certificate The certificate to add.
*/
void
- addCertificate(const IdentityCertificate& certificate);
+ addCertificate(const v1::IdentityCertificate& certificate);
/**
* @brief Remove a certificate.
@@ -139,7 +139,7 @@
* @return the default certificate
* @throws Pib::Error if the certificate does not exist.
*/
- const IdentityCertificate&
+ const v1::IdentityCertificate&
setDefaultCertificate(const Name& certName);
/**
@@ -151,8 +151,8 @@
* @param certificate The certificate to add.
* @return the default certificate
*/
- const IdentityCertificate&
- setDefaultCertificate(const IdentityCertificate& certificate);
+ const v1::IdentityCertificate&
+ setDefaultCertificate(const v1::IdentityCertificate& certificate);
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE:
/**
@@ -166,7 +166,7 @@
* @param impl The actual backend implementation.
*/
Key(const Name& identityName, const name::Component& keyId,
- const PublicKey& publicKey, shared_ptr<PibImpl> impl);
+ const v1::PublicKey& publicKey, shared_ptr<PibImpl> impl);
/**
* @brief Create an KeyEntry with @p identityName and @p keyId.
@@ -190,10 +190,10 @@
Name m_id;
name::Component m_keyId;
Name m_keyName;
- PublicKey m_key;
+ v1::PublicKey m_key;
mutable bool m_hasDefaultCertificate;
- mutable IdentityCertificate m_defaultCertificate;
+ mutable v1::IdentityCertificate m_defaultCertificate;
mutable bool m_needRefreshCerts;
mutable CertificateContainer m_certificates;
diff --git a/src/security/pib-impl.hpp b/src/security/pib-impl.hpp
index 90e7dfc..d2b2324 100644
--- a/src/security/pib-impl.hpp
+++ b/src/security/pib-impl.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,7 +23,7 @@
#define NDN_SECURITY_PIB_IMPL_HPP
#include <set>
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
namespace ndn {
namespace security {
@@ -161,7 +161,7 @@
* @param publicKey The public key bits.
*/
virtual void
- addKey(const Name& identity, const name::Component& keyId, const PublicKey& publicKey) = 0;
+ addKey(const Name& identity, const name::Component& keyId, const v1::PublicKey& publicKey) = 0;
/**
* @brief Remove a key.
@@ -183,7 +183,7 @@
* @return key bits
* @throws Pib::Error if the key does not exist.
*/
- virtual PublicKey
+ virtual v1::PublicKey
getKeyBits(const Name& identity, const name::Component& keyId) const = 0;
/**
@@ -238,7 +238,7 @@
* @param certificate The certificate to add.
*/
virtual void
- addCertificate(const IdentityCertificate& certificate) = 0;
+ addCertificate(const v1::IdentityCertificate& certificate) = 0;
/**
* @brief Remove a certificate with name @p certName.
@@ -257,7 +257,7 @@
* @return the certificate.
* @throws Pib::Error if the certificate does not exist.
*/
- virtual IdentityCertificate
+ virtual v1::IdentityCertificate
getCertificate(const Name& certName) const = 0;
/**
@@ -293,7 +293,7 @@
* @return a pointer to the certificate, null if no default certificate for the key.
* @throws Pib::Error if the default certificate does not exist.
*/
- virtual IdentityCertificate
+ virtual v1::IdentityCertificate
getDefaultCertificateOfKey(const Name& identity, const name::Component& keyId) const = 0;
};
diff --git a/src/security/pib-memory.cpp b/src/security/pib-memory.cpp
index 09300f1..c472863 100644
--- a/src/security/pib-memory.cpp
+++ b/src/security/pib-memory.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -102,7 +102,7 @@
}
void
-PibMemory::addKey(const Name& identity, const name::Component& keyId, const PublicKey& publicKey)
+PibMemory::addKey(const Name& identity, const name::Component& keyId, const v1::PublicKey& publicKey)
{
this->addIdentity(identity);
@@ -127,7 +127,7 @@
}
}
-PublicKey
+v1::PublicKey
PibMemory::getKeyBits(const Name& identity, const name::Component& keyId) const
{
if (!hasKey(identity, keyId))
@@ -184,7 +184,7 @@
}
void
-PibMemory::addCertificate(const IdentityCertificate& certificate)
+PibMemory::addCertificate(const v1::IdentityCertificate& certificate)
{
this->addKey(certificate.getPublicKeyName().getPrefix(-1),
certificate.getPublicKeyName().get(-1),
@@ -201,10 +201,10 @@
PibMemory::removeCertificate(const Name& certName)
{
m_certs.erase(certName);
- m_defaultCert.erase(IdentityCertificate::certificateNameToPublicKeyName(certName));
+ m_defaultCert.erase(v1::IdentityCertificate::certificateNameToPublicKeyName(certName));
}
-IdentityCertificate
+v1::IdentityCertificate
PibMemory::getCertificate(const Name& certName) const
{
if (!hasCertificate(certName))
@@ -237,7 +237,7 @@
m_defaultCert[keyName] = certName;
}
-IdentityCertificate
+v1::IdentityCertificate
PibMemory::getDefaultCertificateOfKey(const Name& identity, const name::Component& keyId) const
{
Name keyName = getKeyName(identity, keyId);
diff --git a/src/security/pib-memory.hpp b/src/security/pib-memory.hpp
index 377d52d..1a859ce 100644
--- a/src/security/pib-memory.hpp
+++ b/src/security/pib-memory.hpp
@@ -83,12 +83,12 @@
hasKey(const Name& identity, const name::Component& keyId) const override;
virtual void
- addKey(const Name& identity, const name::Component& keyId, const PublicKey& publicKey) override;
+ addKey(const Name& identity, const name::Component& keyId, const v1::PublicKey& publicKey) override;
virtual void
removeKey(const Name& identity, const name::Component& keyId) override;
- virtual PublicKey
+ virtual v1::PublicKey
getKeyBits(const Name& identity, const name::Component& keyId) const override;
virtual std::set<name::Component>
@@ -106,12 +106,12 @@
hasCertificate(const Name& certName) const override;
virtual void
- addCertificate(const IdentityCertificate& certificate) override;
+ addCertificate(const v1::IdentityCertificate& certificate) override;
virtual void
removeCertificate(const Name& certName) override;
- virtual IdentityCertificate
+ virtual v1::IdentityCertificate
getCertificate(const Name& certName) const override;
virtual std::set<Name>
@@ -120,7 +120,7 @@
virtual void
setDefaultCertificateOfKey(const Name& identity, const name::Component& keyId, const Name& certName) override;
- virtual IdentityCertificate
+ virtual v1::IdentityCertificate
getDefaultCertificateOfKey(const Name& identity, const name::Component& keyId) const override;
private: // Key management
@@ -135,13 +135,13 @@
Name m_defaultIdentity;
/// @brief keyName => keyBits
- std::map<Name, PublicKey> m_keys;
+ std::map<Name, v1::PublicKey> m_keys;
/// @brief identity => default key Name
std::map<Name, Name> m_defaultKey;
/// @brief certificate Name => certificate
- std::map<Name, IdentityCertificate> m_certs;
+ std::map<Name, v1::IdentityCertificate> m_certs;
/// @brief keyName => default certificate Name
std::map<Name, Name> m_defaultCert;
diff --git a/src/security/pib-sqlite3.cpp b/src/security/pib-sqlite3.cpp
index cbded5b..dc21610 100644
--- a/src/security/pib-sqlite3.cpp
+++ b/src/security/pib-sqlite3.cpp
@@ -360,7 +360,7 @@
}
void
-PibSqlite3::addKey(const Name& identity, const name::Component& keyId, const PublicKey& publicKey)
+PibSqlite3::addKey(const Name& identity, const name::Component& keyId, const v1::PublicKey& publicKey)
{
if (hasKey(identity, keyId)) {
return;
@@ -392,7 +392,7 @@
statement.step();
}
-PublicKey
+v1::PublicKey
PibSqlite3::getKeyBits(const Name& identity, const name::Component& keyId) const
{
Name keyName = getKeyName(identity, keyId);
@@ -401,7 +401,7 @@
statement.bind(1, keyName.wireEncode(), SQLITE_TRANSIENT);
if (statement.step() == SQLITE_ROW)
- return PublicKey(statement.getBlob(0), statement.getSize(0));
+ return v1::PublicKey(statement.getBlob(0), statement.getSize(0));
else
BOOST_THROW_EXCEPTION(Pib::Error("Key does not exist"));
}
@@ -469,7 +469,7 @@
}
void
-PibSqlite3::addCertificate(const IdentityCertificate& certificate)
+PibSqlite3::addCertificate(const v1::IdentityCertificate& certificate)
{
const Name& certName = certificate.getName();
const Name& keyName = certificate.getPublicKeyName();
@@ -498,7 +498,7 @@
statement.step();
}
-IdentityCertificate
+v1::IdentityCertificate
PibSqlite3::getCertificate(const Name& certName) const
{
Sqlite3Statement statement(m_database,
@@ -506,7 +506,7 @@
statement.bind(1, certName.wireEncode(), SQLITE_TRANSIENT);
if (statement.step() == SQLITE_ROW)
- return IdentityCertificate(statement.getBlock(0));
+ return v1::IdentityCertificate(statement.getBlock(0));
else
BOOST_THROW_EXCEPTION(Pib::Error("Certificate does not exit"));
}
@@ -544,7 +544,7 @@
statement.step();
}
-IdentityCertificate
+v1::IdentityCertificate
PibSqlite3::getDefaultCertificateOfKey(const Name& identity, const name::Component& keyId) const
{
Name keyName = getKeyName(identity, keyId);
@@ -556,7 +556,7 @@
statement.bind(1, keyName.wireEncode(), SQLITE_TRANSIENT);
if (statement.step() == SQLITE_ROW)
- return IdentityCertificate(statement.getBlock(0));
+ return v1::IdentityCertificate(statement.getBlock(0));
else
BOOST_THROW_EXCEPTION(Pib::Error("Certificate does not exit"));
}
diff --git a/src/security/pib-sqlite3.hpp b/src/security/pib-sqlite3.hpp
index 7e867cd..f8665c5 100644
--- a/src/security/pib-sqlite3.hpp
+++ b/src/security/pib-sqlite3.hpp
@@ -92,12 +92,12 @@
hasKey(const Name& identity, const name::Component& keyId) const final;
virtual void
- addKey(const Name& identity, const name::Component& keyId, const PublicKey& publicKey) final;
+ addKey(const Name& identity, const name::Component& keyId, const v1::PublicKey& publicKey) final;
virtual void
removeKey(const Name& identity, const name::Component& keyId) final;
- virtual PublicKey
+ virtual v1::PublicKey
getKeyBits(const Name& identity, const name::Component& keyId) const final;
virtual std::set<name::Component>
@@ -115,12 +115,12 @@
hasCertificate(const Name& certName) const final;
virtual void
- addCertificate(const IdentityCertificate& certificate) final;
+ addCertificate(const v1::IdentityCertificate& certificate) final;
virtual void
removeCertificate(const Name& certName) final;
- virtual IdentityCertificate
+ virtual v1::IdentityCertificate
getCertificate(const Name& certName) const final;
virtual std::set<Name>
@@ -130,7 +130,7 @@
setDefaultCertificateOfKey(const Name& identity, const name::Component& keyId,
const Name& certName) final;
- virtual IdentityCertificate
+ virtual v1::IdentityCertificate
getDefaultCertificateOfKey(const Name& identity, const name::Component& keyId) const final;
private:
diff --git a/src/security/public-key.hpp b/src/security/public-key.hpp
index 3f90783..8e1a09b 100644
--- a/src/security/public-key.hpp
+++ b/src/security/public-key.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -17,107 +17,17 @@
* <http://www.gnu.org/licenses/>.
*
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- *
- * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
- * @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
- * @author Jeff Thompson <jefft0@remap.ucla.edu>
*/
-#ifndef NDN_SECURITY_PUBLIC_KEY_HPP
-#define NDN_SECURITY_PUBLIC_KEY_HPP
+/**
+ * @file security/public-key.hpp
+ * @deprecated Use security/v1/public-key.hpp
+ */
-#include "../common.hpp"
-
-#include "../encoding/buffer.hpp"
-#include "../encoding/block.hpp"
#include "security-common.hpp"
-namespace CryptoPP {
-class BufferedTransformation;
-}
-
-namespace ndn {
-
-class PublicKey
-{
-public:
- class Error : public std::runtime_error
- {
- public:
- explicit
- Error(const std::string& what)
- : std::runtime_error(what)
- {
- }
- };
-
- /**
- * The default constructor.
- */
- PublicKey();
-
- /**
- * @brief Create a new PublicKey from @p keyDerBuf in DER buffer
- *
- * @param keyDerBuf The pointer to the first byte of buffer containing DER of public key
- * @param keyDerSize Size of the buffer
- *
- * @throws PublicKey::Error If DER in buffer cannot be decoded
- */
- PublicKey(const uint8_t* keyDerBuf, size_t keyDerSize);
-
- const Buffer&
- get() const
- {
- return m_key;
- }
-
- void
- set(const uint8_t* keyDerBuf, size_t keyDerSize)
- {
- Buffer buf(keyDerBuf, keyDerSize);
- m_key.swap(buf);
- }
-
- KeyType
- getKeyType() const
- {
- return m_type;
- }
-
- /**
- * @return a KeyDigest block that matches this public key
- */
- const Block&
- computeDigest() const;
-
- void
- encode(CryptoPP::BufferedTransformation& out) const;
-
- void
- decode(CryptoPP::BufferedTransformation& in);
-
- bool
- operator==(const PublicKey& key) const
- {
- return m_key == key.m_key;
- }
-
- bool
- operator!=(const PublicKey& key) const
- {
- return m_key != key.m_key;
- }
-
-private:
- KeyType m_type;
- Buffer m_key;
- mutable Block m_digest;
-};
-
-std::ostream&
-operator<<(std::ostream& os, const PublicKey& key);
-
-} // namespace ndn
-
-#endif //NDN_SECURITY_PUBLIC_KEY_HPP
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+#include "v1/public-key.hpp"
+#else
+#error "Deprecated. Use `v1/public-key.hpp` instead."
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
diff --git a/src/security/sec-public-info-sqlite3.cpp b/src/security/sec-public-info-sqlite3.cpp
index 1be311f..b392ba1 100644
--- a/src/security/sec-public-info-sqlite3.cpp
+++ b/src/security/sec-public-info-sqlite3.cpp
@@ -23,7 +23,7 @@
*/
#include "sec-public-info-sqlite3.hpp"
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
#include "signature-sha256-with-rsa.hpp"
#include "signature-sha256-with-ecdsa.hpp"
#include "../data.hpp"
@@ -36,6 +36,7 @@
#include <boost/filesystem.hpp>
namespace ndn {
+namespace security {
using std::string;
using std::vector;
@@ -363,7 +364,7 @@
void
SecPublicInfoSqlite3::addKey(const Name& keyName,
- const PublicKey& publicKeyDer)
+ const v1::PublicKey& publicKeyDer)
{
if (keyName.empty())
return;
@@ -396,7 +397,7 @@
sqlite3_finalize(statement);
}
-shared_ptr<PublicKey>
+shared_ptr<v1::PublicKey>
SecPublicInfoSqlite3::getPublicKey(const Name& keyName)
{
if (keyName.empty())
@@ -415,10 +416,10 @@
int res = sqlite3_step(statement);
- shared_ptr<PublicKey> result;
+ shared_ptr<v1::PublicKey> result;
if (res == SQLITE_ROW) {
- result = make_shared<PublicKey>(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)),
- sqlite3_column_bytes(statement, 0));
+ result = make_shared<v1::PublicKey>(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)),
+ sqlite3_column_bytes(statement, 0));
sqlite3_finalize(statement);
return result;
}
@@ -483,12 +484,12 @@
}
void
-SecPublicInfoSqlite3::addCertificate(const IdentityCertificate& certificate)
+SecPublicInfoSqlite3::addCertificate(const v1::IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
- // KeyName is from IdentityCertificate name, so should be qualified.
+ // KeyName is from v1::IdentityCertificate name, so should be qualified.
Name keyName =
- IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
+ v1::IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
addKey(keyName, certificate.getPublicKeyInfo());
@@ -537,7 +538,7 @@
sqlite3_finalize(statement);
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
SecPublicInfoSqlite3::getCertificate(const Name& certificateName)
{
sqlite3_stmt* statement = nullptr;
@@ -551,7 +552,7 @@
int res = sqlite3_step(statement);
if (res == SQLITE_ROW) {
- shared_ptr<IdentityCertificate> certificate = make_shared<IdentityCertificate>();
+ shared_ptr<v1::IdentityCertificate> certificate = make_shared<v1::IdentityCertificate>();
try {
certificate->wireDecode(Block(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)),
sqlite3_column_bytes(statement, 0)));
@@ -723,7 +724,7 @@
if (!doesCertificateExist(certificateName))
BOOST_THROW_EXCEPTION(Error("certificate does not exist:" + certificateName.toUri()));
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificateName);
+ Name keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(certificateName);
string keyId = keyName.get(-1).toUri();
Name identityName = keyName.getPrefix(-1);
@@ -951,4 +952,5 @@
return SCHEME;
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/sec-public-info-sqlite3.hpp b/src/security/sec-public-info-sqlite3.hpp
index 697ff12..fbe7d7e 100644
--- a/src/security/sec-public-info-sqlite3.hpp
+++ b/src/security/sec-public-info-sqlite3.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -31,6 +31,7 @@
struct sqlite3;
namespace ndn {
+namespace security {
class SecPublicInfoSqlite3 : public SecPublicInfo
{
@@ -77,9 +78,9 @@
doesPublicKeyExist(const Name& keyName);
virtual void
- addKey(const Name& keyName, const PublicKey& publicKeyDer);
+ addKey(const Name& keyName, const v1::PublicKey& publicKeyDer);
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKey(const Name& keyName);
virtual KeyType
@@ -89,9 +90,9 @@
doesCertificateExist(const Name& certificateName);
virtual void
- addCertificate(const IdentityCertificate& certificate);
+ addCertificate(const v1::IdentityCertificate& certificate);
- virtual shared_ptr<IdentityCertificate>
+ virtual shared_ptr<v1::IdentityCertificate>
getCertificate(const Name& certificateName);
@@ -162,6 +163,10 @@
sqlite3* m_database;
};
+} // namespace security
+
+using security::SecPublicInfoSqlite3;
+
} // namespace ndn
#endif // NDN_SECURITY_SEC_PUBLIC_INFO_SQLITE3_HPP
diff --git a/src/security/sec-public-info.cpp b/src/security/sec-public-info.cpp
index 2226f51..7002d36 100644
--- a/src/security/sec-public-info.cpp
+++ b/src/security/sec-public-info.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,6 +22,7 @@
#include "sec-public-info.hpp"
namespace ndn {
+namespace security {
SecPublicInfo::SecPublicInfo(const std::string& location)
: m_location(location)
@@ -39,7 +40,7 @@
}
void
-SecPublicInfo::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey)
+SecPublicInfo::addPublicKey(const Name& keyName, KeyType keyType, const v1::PublicKey& publicKey)
{
addKey(keyName, publicKey);
}
@@ -104,7 +105,7 @@
}
void
-SecPublicInfo::addCertificateAsKeyDefault(const IdentityCertificate& certificate)
+SecPublicInfo::addCertificateAsKeyDefault(const v1::IdentityCertificate& certificate)
{
addCertificate(certificate);
setDefaultCertificateNameForKeyInternal(certificate.getName());
@@ -112,35 +113,35 @@
}
void
-SecPublicInfo::addCertificateAsIdentityDefault(const IdentityCertificate& certificate)
+SecPublicInfo::addCertificateAsIdentityDefault(const v1::IdentityCertificate& certificate)
{
addCertificate(certificate);
Name certName = certificate.getName();
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certName);
+ Name keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(certName);
setDefaultKeyNameForIdentityInternal(keyName);
setDefaultCertificateNameForKeyInternal(certName);
refreshDefaultCertificate();
}
void
-SecPublicInfo::addCertificateAsSystemDefault(const IdentityCertificate& certificate)
+SecPublicInfo::addCertificateAsSystemDefault(const v1::IdentityCertificate& certificate)
{
addCertificate(certificate);
Name certName = certificate.getName();
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certName);
+ Name keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(certName);
setDefaultIdentityInternal(keyName.getPrefix(-1));
setDefaultKeyNameForIdentityInternal(keyName);
setDefaultCertificateNameForKeyInternal(certName);
refreshDefaultCertificate();
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
SecPublicInfo::defaultCertificate()
{
return getDefaultCertificate();
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
SecPublicInfo::getDefaultCertificate()
{
return m_defaultCertificate;
@@ -158,4 +159,5 @@
}
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/sec-public-info.hpp b/src/security/sec-public-info.hpp
index c4b7175..9f24538 100644
--- a/src/security/sec-public-info.hpp
+++ b/src/security/sec-public-info.hpp
@@ -24,11 +24,11 @@
#include "../name.hpp"
#include "security-common.hpp"
-#include "public-key.hpp"
-#include "identity-certificate.hpp"
-
+#include "v1/public-key.hpp"
+#include "v1/identity-certificate.hpp"
namespace ndn {
+namespace security {
/**
* @brief SecPublicInfo is a base class for the storage of public information.
@@ -132,7 +132,7 @@
*/
DEPRECATED(
void
- addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKey));
+ addPublicKey(const Name& keyName, KeyType keyType, const v1::PublicKey& publicKey));
/**
* @brief Add a public key to the identity storage.
@@ -141,7 +141,7 @@
* @param publicKey Reference to the PublicKey object
*/
virtual void
- addKey(const Name& keyName, const PublicKey& publicKey) = 0;
+ addKey(const Name& keyName, const v1::PublicKey& publicKey) = 0;
/**
* @brief Get shared pointer to PublicKey object from the identity storage
@@ -149,7 +149,7 @@
* @param keyName The name of the requested public key
* @throws SecPublicInfo::Error if public key does not exist
*/
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKey(const Name& keyName) = 0;
/**
@@ -180,7 +180,7 @@
* @param certificate The certificate to be added
*/
virtual void
- addCertificate(const IdentityCertificate& certificate) = 0;
+ addCertificate(const v1::IdentityCertificate& certificate) = 0;
/**
* @brief Get a shared pointer to identity certificate object from the identity storage
@@ -188,7 +188,7 @@
* @param certificateName The name of the requested certificate
* @throws SecPublicInfo::Error if the certificate does not exist
*/
- virtual shared_ptr<IdentityCertificate>
+ virtual shared_ptr<v1::IdentityCertificate>
getCertificate(const Name& certificateName) = 0;
@@ -404,7 +404,7 @@
* @throws SecPublicInfo::Error if the certificate cannot be added (though it is really rare)
*/
void
- addCertificateAsKeyDefault(const IdentityCertificate& certificate);
+ addCertificateAsKeyDefault(const v1::IdentityCertificate& certificate);
/**
* @brief Add a certificate into the public key identity storage and set the certificate as the
@@ -414,7 +414,7 @@
* @throws SecPublicInfo::Error if the certificate cannot be added (though it is really rare)
*/
void
- addCertificateAsIdentityDefault(const IdentityCertificate& certificate);
+ addCertificateAsIdentityDefault(const v1::IdentityCertificate& certificate);
/**
* @brief Add a certificate into the public key identity storage and set the certificate as the
@@ -424,24 +424,24 @@
* @throws SecPublicInfo::Error if the certificate cannot be added (though it is really rare)
*/
void
- addCertificateAsSystemDefault(const IdentityCertificate& certificate);
+ addCertificateAsSystemDefault(const v1::IdentityCertificate& certificate);
/**
* @brief Get cached default certificate of the default identity
*
- * @return The certificate which might be empty shared_ptr<IdentityCertificate>()
+ * @return The certificate which might be empty shared_ptr<v1::IdentityCertificate>()
* @deprecated Use getDefaultCertificate instead
*/
DEPRECATED(
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
defaultCertificate());
/**
* @brief Get cached default certificate of the default identity
*
- * @return The certificate which might be empty shared_ptr<IdentityCertificate>()
+ * @return The certificate which might be empty shared_ptr<v1::IdentityCertificate>()
*/
- shared_ptr<IdentityCertificate>
+ shared_ptr<v1::IdentityCertificate>
getDefaultCertificate();
/**
@@ -451,10 +451,14 @@
refreshDefaultCertificate();
protected:
- shared_ptr<IdentityCertificate> m_defaultCertificate;
+ shared_ptr<v1::IdentityCertificate> m_defaultCertificate;
std::string m_location;
};
+} // namespace security
+
+using security::SecPublicInfo;
+
} // namespace ndn
#endif // NDN_SECURITY_SEC_PUBLIC_INFO_HPP
diff --git a/src/security/sec-tpm-file.cpp b/src/security/sec-tpm-file.cpp
index adb5938..931d8fd 100644
--- a/src/security/sec-tpm-file.cpp
+++ b/src/security/sec-tpm-file.cpp
@@ -30,7 +30,7 @@
#include <boost/filesystem.hpp>
#include <boost/algorithm/string.hpp>
-#include "cryptopp.hpp"
+#include "v1/cryptopp.hpp"
#include <sys/types.h>
#include <sys/stat.h>
@@ -38,6 +38,7 @@
#include <algorithm>
namespace ndn {
+namespace security {
using std::string;
using std::ostringstream;
@@ -231,7 +232,7 @@
boost::filesystem::remove(privateKeyPath);
}
-shared_ptr<PublicKey>
+shared_ptr<v1::PublicKey>
SecTpmFile::getPublicKeyFromTpm(const Name& keyName)
{
string keyURI = keyName.toUri();
@@ -250,7 +251,7 @@
BOOST_THROW_EXCEPTION(Error(e.what()));
}
- return make_shared<PublicKey>(reinterpret_cast<const uint8_t*>(os.str().c_str()),
+ return make_shared<v1::PublicKey>(reinterpret_cast<const uint8_t*>(os.str().c_str()),
os.str().size());
}
@@ -320,7 +321,7 @@
AutoSeededRandomPool rng;
// Read public key
- shared_ptr<PublicKey> pubkeyPtr;
+ shared_ptr<v1::PublicKey> pubkeyPtr;
pubkeyPtr = getPublicKeyFromTpm(keyName);
switch (pubkeyPtr->getKeyType()) {
@@ -586,4 +587,5 @@
}
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/sec-tpm-file.hpp b/src/security/sec-tpm-file.hpp
index e934fd7..ed25d2d 100644
--- a/src/security/sec-tpm-file.hpp
+++ b/src/security/sec-tpm-file.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -31,6 +31,7 @@
#include "sec-tpm.hpp"
namespace ndn {
+namespace security {
class SecTpmFile : public SecTpm
{
@@ -91,7 +92,7 @@
virtual void
deleteKeyPairInTpm(const Name& keyName);
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKeyFromTpm(const Name& keyName);
virtual Block
@@ -143,6 +144,10 @@
bool m_inTerminal;
};
+} // namespace security
+
+using security::SecTpmFile;
+
} // namespace ndn
#endif // NDN_SECURITY_SEC_TPM_FILE_HPP
diff --git a/src/security/sec-tpm-osx.cpp b/src/security/sec-tpm-osx.cpp
index 92c6add..671a6f1 100644
--- a/src/security/sec-tpm-osx.cpp
+++ b/src/security/sec-tpm-osx.cpp
@@ -22,11 +22,11 @@
*/
#include "sec-tpm-osx.hpp"
-#include "public-key.hpp"
+#include "v1/public-key.hpp"
#include "../encoding/oid.hpp"
#include "../encoding/buffer-stream.hpp"
-#include "cryptopp.hpp"
+#include "v1/cryptopp.hpp"
#include <pwd.h>
#include <unistd.h>
@@ -43,6 +43,7 @@
#include <Security/SecDigestTransform.h>
namespace ndn {
+namespace security {
using std::string;
@@ -498,7 +499,7 @@
// throw Error("Fail to create a symmetric key");
}
-shared_ptr<PublicKey>
+shared_ptr<v1::PublicKey>
SecTpmOsx::getPublicKeyFromTpm(const Name& keyName)
{
CFReleaser<SecKeychainItemRef> publicKey = m_impl->getKey(keyName, KeyClass::PUBLIC);
@@ -517,8 +518,8 @@
BOOST_THROW_EXCEPTION(Error("Cannot export requested public key from OSX Keychain"));
}
- shared_ptr<PublicKey> key = make_shared<PublicKey>(CFDataGetBytePtr(exportedKey.get()),
- CFDataGetLength(exportedKey.get()));
+ shared_ptr<v1::PublicKey> key = make_shared<v1::PublicKey>(CFDataGetBytePtr(exportedKey.get()),
+ CFDataGetLength(exportedKey.get()));
return key;
}
@@ -540,7 +541,7 @@
"in OSX Keychain"));
}
- shared_ptr<PublicKey> publicKey = getPublicKeyFromTpm(keyName);
+ shared_ptr<v1::PublicKey> publicKey = getPublicKeyFromTpm(keyName);
CFReleaser<CFDataRef> exportedKey;
OSStatus res = SecItemExport(privateKey.get(),
@@ -561,9 +562,9 @@
}
uint32_t version = 0;
- OID algorithm;
+ Oid algorithm;
bool hasParameters = false;
- OID algorithmParameter;
+ Oid algorithmParameter;
switch (publicKey->getKeyType()) {
case KeyType::RSA: {
algorithm = oid::RSA; // "RSA encryption"
@@ -646,14 +647,14 @@
BERDecodeUnsigned<uint32_t>(privateKeyInfo, versionNum, INTEGER);
BERSequenceDecoder sequenceDecoder(privateKeyInfo);
{
- OID keyTypeOID;
- keyTypeOID.decode(sequenceDecoder);
+ Oid keyTypeOid;
+ keyTypeOid.decode(sequenceDecoder);
- if (keyTypeOID == oid::RSA)
+ if (keyTypeOid == oid::RSA)
BERDecodeNull(sequenceDecoder);
- else if (keyTypeOID == oid::ECDSA) {
- OID parameterOID;
- parameterOID.decode(sequenceDecoder);
+ else if (keyTypeOid == oid::ECDSA) {
+ Oid parameterOid;
+ parameterOid.decode(sequenceDecoder);
}
else
return false; // Unsupported key type;
@@ -1138,4 +1139,5 @@
}
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/sec-tpm-osx.hpp b/src/security/sec-tpm-osx.hpp
index 5ed93d5..1713f06 100644
--- a/src/security/sec-tpm-osx.hpp
+++ b/src/security/sec-tpm-osx.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -33,6 +33,7 @@
#include "sec-tpm.hpp"
namespace ndn {
+namespace security {
class SecTpmOsx : public SecTpm
{
@@ -84,7 +85,7 @@
deleteKeyPairInTpmInternal(keyName, false);
}
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKeyFromTpm(const Name& keyName);
virtual Block
@@ -160,6 +161,10 @@
shared_ptr<Impl> m_impl;
};
+} // namespace security
+
+using security::SecTpmOsx;
+
} // namespace ndn
#endif // NDN_SECURITY_SEC_TPM_OSX_HPP
diff --git a/src/security/sec-tpm.cpp b/src/security/sec-tpm.cpp
index 14e71fa..2ce3d66 100644
--- a/src/security/sec-tpm.cpp
+++ b/src/security/sec-tpm.cpp
@@ -25,14 +25,13 @@
#include "../encoding/oid.hpp"
#include "../encoding/buffer-stream.hpp"
-#include "cryptopp.hpp"
+#include "v1/cryptopp.hpp"
#include <unistd.h>
namespace ndn {
+namespace security {
-using std::string;
-
-SecTpm::SecTpm(const string& location)
+SecTpm::SecTpm(const std::string& location)
: m_location(location)
{
}
@@ -48,7 +47,7 @@
}
ConstBufferPtr
-SecTpm::exportPrivateKeyPkcs5FromTpm(const Name& keyName, const string& passwordStr)
+SecTpm::exportPrivateKeyPkcs5FromTpm(const Name& keyName, const std::string& passwordStr)
{
using namespace CryptoPP;
@@ -94,9 +93,9 @@
}
// encode
- OID pbes2Id("1.2.840.113549.1.5.13");
- OID pbkdf2Id("1.2.840.113549.1.5.12");
- OID pbes2encsId("1.2.840.113549.3.7");
+ Oid pbes2Id("1.2.840.113549.1.5.13");
+ Oid pbkdf2Id("1.2.840.113549.1.5.12");
+ Oid pbes2encsId("1.2.840.113549.3.7");
OBufferStream pkcs8Os;
try {
@@ -167,15 +166,15 @@
bool
SecTpm::importPrivateKeyPkcs5IntoTpm(const Name& keyName,
const uint8_t* buf, size_t size,
- const string& passwordStr)
+ const std::string& passwordStr)
{
using namespace CryptoPP;
- OID pbes2Id;
- OID pbkdf2Id;
+ Oid pbes2Id;
+ Oid pbkdf2Id;
SecByteBlock saltBlock;
uint32_t iterationCount;
- OID pbes2encsId;
+ Oid pbes2encsId;
SecByteBlock ivBlock;
SecByteBlock encryptedDataBlock;
@@ -290,11 +289,11 @@
BERDecodeUnsigned<uint32_t>(privateKeyInfo, versionNum, INTEGER);
BERSequenceDecoder sequenceDecoder(privateKeyInfo);
{
- OID keyTypeOID;
- keyTypeOID.decode(sequenceDecoder);
- if (keyTypeOID == oid::RSA)
+ Oid keyTypeOid;
+ keyTypeOid.decode(sequenceDecoder);
+ if (keyTypeOid == oid::RSA)
publicKeyType = KeyType::RSA;
- else if (keyTypeOID == oid::ECDSA)
+ else if (keyTypeOid == oid::ECDSA)
publicKeyType = KeyType::EC;
else
return false; // Unsupported key type;
@@ -382,5 +381,5 @@
return isInitialized;
}
-
+} // namespace security
} // namespace ndn
diff --git a/src/security/sec-tpm.hpp b/src/security/sec-tpm.hpp
index 1ade1d6..3da278e 100644
--- a/src/security/sec-tpm.hpp
+++ b/src/security/sec-tpm.hpp
@@ -28,10 +28,11 @@
#include "security-common.hpp"
#include "../name.hpp"
#include "../data.hpp"
-#include "public-key.hpp"
#include "key-params.hpp"
+#include "v1/public-key.hpp"
namespace ndn {
+namespace security {
/**
* @brief SecTpm is the base class of the TPM classes.
@@ -136,7 +137,7 @@
* @return The public key.
* @throws SecTpm::Error if public key does not exist in TPM.
*/
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKeyFromTpm(const Name& keyName) = 0;
/**
@@ -300,6 +301,10 @@
std::string m_location;
};
+} // namespace security
+
+using security::SecTpm;
+
} // namespace ndn
#endif // NDN_SECURITY_SEC_TPM_HPP
diff --git a/src/security/secured-bag.cpp b/src/security/secured-bag.cpp
index 1780c3a..66fad02 100644
--- a/src/security/secured-bag.cpp
+++ b/src/security/secured-bag.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -41,7 +41,7 @@
this->wireDecode(wire);
}
-SecuredBag::SecuredBag(const IdentityCertificate& cert, ConstBufferPtr key)
+SecuredBag::SecuredBag(const v1::IdentityCertificate& cert, ConstBufferPtr key)
: m_cert(cert)
, m_key(key)
, m_wire(tlv::security::IdentityPackage)
diff --git a/src/security/secured-bag.hpp b/src/security/secured-bag.hpp
index 3393e8a..5dd27fc 100644
--- a/src/security/secured-bag.hpp
+++ b/src/security/secured-bag.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,9 +23,10 @@
#define NDN_SECURITY_SECURED_BAG_HPP
#include "../common.hpp"
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
namespace ndn {
+namespace security {
class SecuredBag
{
@@ -45,7 +46,7 @@
explicit
SecuredBag(const Block& wire);
- SecuredBag(const IdentityCertificate& cert,
+ SecuredBag(const v1::IdentityCertificate& cert,
ConstBufferPtr key);
virtual
@@ -57,7 +58,7 @@
const Block&
wireEncode() const;
- const IdentityCertificate&
+ const v1::IdentityCertificate&
getCertificate() const
{
return m_cert;
@@ -70,12 +71,16 @@
}
private:
- IdentityCertificate m_cert;
+ v1::IdentityCertificate m_cert;
ConstBufferPtr m_key;
mutable Block m_wire;
};
+} // namespace security
+
+using security::SecuredBag;
+
} // namespace ndn
#endif // NDN_SECURITY_SECURED_BAG_HPP
diff --git a/src/security/security-common.hpp b/src/security/security-common.hpp
index 542e169..bd709f5 100644
--- a/src/security/security-common.hpp
+++ b/src/security/security-common.hpp
@@ -24,6 +24,8 @@
#include "../common.hpp"
+#define NDN_CXX_KEEP_SECURITY_V1_ALIASES
+
namespace ndn {
namespace signed_interest {
diff --git a/src/security/certificate-extension.cpp b/src/security/v1/certificate-extension.cpp
similarity index 94%
rename from src/security/certificate-extension.cpp
rename to src/security/v1/certificate-extension.cpp
index d215662..d871eac 100644
--- a/src/security/certificate-extension.cpp
+++ b/src/security/v1/certificate-extension.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,12 +22,12 @@
* @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
*/
-#include "common.hpp"
-
#include "certificate-extension.hpp"
#include "cryptopp.hpp"
namespace ndn {
+namespace security {
+namespace v1 {
void
CertificateExtension::encode(CryptoPP::BufferedTransformation& out) const
@@ -72,4 +72,6 @@
extension.MessageEnd();
}
+} // namespace v1
+} // namespace security
} // namespace ndn
diff --git a/src/security/certificate-extension.hpp b/src/security/v1/certificate-extension.hpp
similarity index 76%
rename from src/security/certificate-extension.hpp
rename to src/security/v1/certificate-extension.hpp
index 4a42eac..c898835 100644
--- a/src/security/certificate-extension.hpp
+++ b/src/security/v1/certificate-extension.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,18 +23,20 @@
* @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
*/
-#ifndef NDN_SECURITY_CERTIFICATE_EXTENSION_HPP
-#define NDN_SECURITY_CERTIFICATE_EXTENSION_HPP
+#ifndef NDN_SECURITY_V1_CERTIFICATE_EXTENSION_HPP
+#define NDN_SECURITY_V1_CERTIFICATE_EXTENSION_HPP
-#include "../common.hpp"
-#include "../encoding/buffer.hpp"
-#include "../encoding/oid.hpp"
+#include "../../common.hpp"
+#include "../../encoding/buffer.hpp"
+#include "../../encoding/oid.hpp"
namespace CryptoPP {
class BufferedTransformation;
-}
+} // namespace CryptoPP
namespace ndn {
+namespace security {
+namespace v1 {
/**
* A CertificateExtension represents the Extension entry in a certificate.
@@ -64,12 +66,12 @@
* @param isCritical If true, the extension must be handled.
* @param value The extension value.
*/
- CertificateExtension(const OID& oid, const bool isCritical, const Buffer& value)
+ CertificateExtension(const Oid& oid, const bool isCritical, const Buffer& value)
: m_extensionId(oid), m_isCritical(isCritical), m_extensionValue(value)
{
}
- CertificateExtension(const OID& oid, const bool isCritical,
+ CertificateExtension(const Oid& oid, const bool isCritical,
const uint8_t* value, size_t valueSize)
: m_extensionId(oid), m_isCritical(isCritical), m_extensionValue(value, valueSize)
{
@@ -89,7 +91,7 @@
void
decode(CryptoPP::BufferedTransformation& in);
- inline const OID&
+ inline const Oid&
getOid() const
{
return m_extensionId;
@@ -108,11 +110,19 @@
}
protected:
- OID m_extensionId;
+ Oid m_extensionId;
bool m_isCritical;
Buffer m_extensionValue;
};
+} // namespace v1
+} // namespace security
+
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+/// @deprecated When needed, use explicit namespace
+using security::v1::CertificateExtension;
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
+
} // namespace ndn
-#endif //NDN_SECURITY_CERTIFICATE_EXTENSION_HPP
+#endif // NDN_SECURITY_V1_CERTIFICATE_EXTENSION_HPP
diff --git a/src/security/certificate-subject-description.cpp b/src/security/v1/certificate-subject-description.cpp
similarity index 94%
rename from src/security/certificate-subject-description.cpp
rename to src/security/v1/certificate-subject-description.cpp
index 60f7dbb..1e910c2 100644
--- a/src/security/certificate-subject-description.cpp
+++ b/src/security/v1/certificate-subject-description.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,13 +23,13 @@
* @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
*/
-#include "common.hpp"
-
#include "certificate-subject-description.hpp"
#include "cryptopp.hpp"
namespace ndn {
+namespace security {
+namespace v1 {
void
CertificateSubjectDescription::encode(CryptoPP::BufferedTransformation& out) const
@@ -79,4 +79,6 @@
attributeTypeAndValue.MessageEnd();
}
+} // namespace v1
+} // namespace security
} // namespace ndn
diff --git a/src/security/certificate-subject-description.hpp b/src/security/v1/certificate-subject-description.hpp
similarity index 74%
rename from src/security/certificate-subject-description.hpp
rename to src/security/v1/certificate-subject-description.hpp
index 0e56dfa..00eab76 100644
--- a/src/security/certificate-subject-description.hpp
+++ b/src/security/v1/certificate-subject-description.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,17 +23,19 @@
* @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
*/
-#ifndef NDN_SECURITY_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
-#define NDN_SECURITY_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
+#ifndef NDN_SECURITY_V1_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
+#define NDN_SECURITY_V1_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
-#include "../common.hpp"
-#include "../encoding/oid.hpp"
+#include "../../common.hpp"
+#include "../../encoding/oid.hpp"
namespace CryptoPP {
class BufferedTransformation;
-}
+} // namespace CryptoPP
namespace ndn {
+namespace security {
+namespace v1 {
/**
* A CertificateSubjectDescription represents the SubjectDescription entry in a Certificate.
@@ -52,7 +54,7 @@
* @param oid The oid of the subject description entry.
* @param value The value of the subject description entry.
*/
- CertificateSubjectDescription(const OID& oid, const std::string& value)
+ CertificateSubjectDescription(const Oid& oid, const std::string& value)
: m_oid(oid), m_value(value)
{
}
@@ -76,10 +78,18 @@
}
private:
- OID m_oid;
+ Oid m_oid;
std::string m_value;
};
+} // namespace v1
+} // namespace security
+
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+/// @deprecated When needed, use explicit namespace
+using security::v1::CertificateSubjectDescription;
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
+
} // namespace ndn
-#endif //NDN_SECURITY_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
+#endif // NDN_SECURITY_V1_CERTIFICATE_SUBJECT_DESCRIPTION_HPP
diff --git a/src/security/certificate.cpp b/src/security/v1/certificate.cpp
similarity index 96%
rename from src/security/certificate.cpp
rename to src/security/v1/certificate.cpp
index 1b004ed..823c994 100644
--- a/src/security/certificate.cpp
+++ b/src/security/v1/certificate.cpp
@@ -23,19 +23,19 @@
* @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
*/
-#include "common.hpp"
-
#include "certificate.hpp"
-#include "../util/time.hpp"
+#include "../../util/time.hpp"
#include "cryptopp.hpp"
-#include "../encoding/cryptopp/asn_ext.hpp"
-#include "../encoding/buffer-stream.hpp"
-#include "../util/concepts.hpp"
-#include "../util/indented-stream.hpp"
+#include "../../encoding/cryptopp/asn_ext.hpp"
+#include "../../encoding/buffer-stream.hpp"
+#include "../../util/concepts.hpp"
+#include "../../util/indented-stream.hpp"
#include <boost/algorithm/string/split.hpp>
namespace ndn {
+namespace security {
+namespace v1 {
BOOST_CONCEPT_ASSERT((WireEncodable<Certificate>));
BOOST_CONCEPT_ASSERT((WireDecodable<Certificate>));
@@ -354,5 +354,6 @@
return os;
}
-
+} // namespace v1
+} // namespace security
} // namespace ndn
diff --git a/src/security/certificate.hpp b/src/security/v1/certificate.hpp
similarity index 89%
rename from src/security/certificate.hpp
rename to src/security/v1/certificate.hpp
index 51efb7d..f2f70bf 100644
--- a/src/security/certificate.hpp
+++ b/src/security/v1/certificate.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,16 +23,18 @@
* @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
*/
-#ifndef NDN_SECURITY_CERTIFICATE_HPP
-#define NDN_SECURITY_CERTIFICATE_HPP
+#ifndef NDN_SECURITY_V1_CERTIFICATE_HPP
+#define NDN_SECURITY_V1_CERTIFICATE_HPP
-#include "../common.hpp"
-#include "../data.hpp"
+#include "../../common.hpp"
+#include "../../data.hpp"
#include "certificate-subject-description.hpp"
#include "certificate-extension.hpp"
#include "public-key.hpp"
namespace ndn {
+namespace security {
+namespace v1 {
class Certificate : public Data
{
@@ -210,6 +212,15 @@
std::ostream&
operator<<(std::ostream& os, const Certificate& cert);
+
+} // namespace v1
+} // namespace security
+
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+/// @deprecated When needed, use explicit namespace
+using security::v1::Certificate;
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
+
} // namespace ndn
-#endif // NDN_SECURITY_CERTIFICATE_HPP
+#endif // NDN_SECURITY_V1_CERTIFICATE_HPP
diff --git a/src/security/v1/cryptopp.hpp b/src/security/v1/cryptopp.hpp
new file mode 100644
index 0000000..4de66bb
--- /dev/null
+++ b/src/security/v1/cryptopp.hpp
@@ -0,0 +1,45 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2016 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V1_CRYPTOPP_HPP
+#define NDN_SECURITY_V1_CRYPTOPP_HPP
+
+// suppress CryptoPP warnings
+#pragma GCC system_header
+#pragma clang system_header
+
+#include <cryptopp/asn.h>
+#include <cryptopp/base64.h>
+#include <cryptopp/des.h>
+#include <cryptopp/files.h>
+#include <cryptopp/filters.h>
+#include <cryptopp/hex.h>
+#include <cryptopp/modes.h>
+#include <cryptopp/osrng.h>
+#include <cryptopp/pssr.h>
+#include <cryptopp/pwdbased.h>
+#include <cryptopp/rsa.h>
+#include <cryptopp/sha.h>
+#include <cryptopp/eccrypto.h>
+#include <cryptopp/oids.h>
+#include <cryptopp/dsa.h>
+
+#endif // NDN_SECURITY_V1_CRYPTOPP_HPP
diff --git a/src/security/identity-certificate.cpp b/src/security/v1/identity-certificate.cpp
similarity index 95%
rename from src/security/identity-certificate.cpp
rename to src/security/v1/identity-certificate.cpp
index 7a7180d..ea8a946 100644
--- a/src/security/identity-certificate.cpp
+++ b/src/security/v1/identity-certificate.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -19,12 +19,12 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#include "common.hpp"
-
#include "identity-certificate.hpp"
-#include "../util/concepts.hpp"
+#include "../../util/concepts.hpp"
namespace ndn {
+namespace security {
+namespace v1 {
using std::string;
@@ -143,4 +143,6 @@
tmpName.size() - keyComponentIndex - 1));
}
+} // namespace v1
+} // namespace security
} // namespace ndn
diff --git a/src/security/v1/identity-certificate.hpp b/src/security/v1/identity-certificate.hpp
new file mode 100644
index 0000000..7ea4fe4
--- /dev/null
+++ b/src/security/v1/identity-certificate.hpp
@@ -0,0 +1,110 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2016 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ *
+ * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
+ */
+
+#ifndef NDN_SECURITY_V1_IDENTITY_CERTIFICATE_HPP
+#define NDN_SECURITY_V1_IDENTITY_CERTIFICATE_HPP
+
+#include "../../common.hpp"
+#include "certificate.hpp"
+
+namespace ndn {
+namespace security {
+namespace v1 {
+
+class IdentityCertificate : public Certificate
+{
+public:
+ class Error : public Certificate::Error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : Certificate::Error(what)
+ {
+ }
+ };
+
+ /**
+ * @brief The default constructor.
+ */
+ IdentityCertificate();
+
+ /**
+ * @brief Create an IdentityCertificate from the content in the data packet.
+ * @param data The data packet with the content to decode.
+ */
+ explicit
+ IdentityCertificate(const Data& data);
+
+ /**
+ * @brief Create an IdentityCertificate from a block.
+ * @param block The raw block of the certificate.
+ */
+ explicit
+ IdentityCertificate(const Block& block);
+
+ void
+ wireDecode(const Block& wire);
+
+ void
+ setName(const Name& name);
+
+ const Name&
+ getPublicKeyName() const
+ {
+ return m_publicKeyName;
+ }
+
+ static bool
+ isIdentityCertificate(const Certificate& certificate);
+
+ /**
+ * @brief Get the public key name from the full certificate name.
+ * @param certificateName The full certificate name.
+ * @return The related public key name.
+ */
+ static Name
+ certificateNameToPublicKeyName(const Name& certificateName);
+
+private:
+ static bool
+ isCorrectName(const Name& name);
+
+ void
+ setPublicKeyName();
+
+protected:
+ Name m_publicKeyName;
+};
+
+} // namespace v1
+} // namespace security
+
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+/// @deprecated When needed, use explicit namespace
+using security::v1::IdentityCertificate;
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
+
+} // namespace ndn
+
+#endif // NDN_SECURITY_V1_IDENTITY_CERTIFICATE_HPP
diff --git a/src/security/public-key.cpp b/src/security/v1/public-key.cpp
similarity index 93%
rename from src/security/public-key.cpp
rename to src/security/v1/public-key.cpp
index e366a47..2721dee 100644
--- a/src/security/public-key.cpp
+++ b/src/security/v1/public-key.cpp
@@ -24,11 +24,13 @@
#include "public-key.hpp"
-#include "../encoding/oid.hpp"
-#include "../util/crypto.hpp"
+#include "../../encoding/oid.hpp"
+#include "../../util/crypto.hpp"
#include "cryptopp.hpp"
namespace ndn {
+namespace security {
+namespace v1 {
PublicKey::PublicKey()
: m_type(KeyType::NONE)
@@ -51,7 +53,7 @@
if (m_digest.hasWire())
return m_digest;
else {
- m_digest = Block(tlv::KeyDigest, crypto::sha256(m_key.buf(), m_key.size()));
+ m_digest = Block(tlv::KeyDigest, crypto::computeSha256Digest(m_key.buf(), m_key.size()));
m_digest.encode();
return m_digest;
}
@@ -102,7 +104,7 @@
{
BERSequenceDecoder algorithmInfo(subjectPublicKeyInfo);
{
- OID algorithm;
+ Oid algorithm;
algorithm.decode(algorithmInfo);
if (algorithm == oid::RSA)
@@ -148,4 +150,6 @@
return os;
}
+} // namespace v1
+} // namespace security
} // namespace ndn
diff --git a/src/security/v1/public-key.hpp b/src/security/v1/public-key.hpp
new file mode 100644
index 0000000..6b67535
--- /dev/null
+++ b/src/security/v1/public-key.hpp
@@ -0,0 +1,133 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2016 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ *
+ * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
+ * @author Alexander Afanasyev <http://lasr.cs.ucla.edu/afanasyev/index.html>
+ * @author Jeff Thompson <jefft0@remap.ucla.edu>
+ */
+
+#ifndef NDN_SECURITY_V1_PUBLIC_KEY_HPP
+#define NDN_SECURITY_V1_PUBLIC_KEY_HPP
+
+#include "../../common.hpp"
+
+#include "../../encoding/buffer.hpp"
+#include "../../encoding/block.hpp"
+#include "../security-common.hpp"
+
+namespace CryptoPP {
+class BufferedTransformation;
+} // namespace CryptoPP
+
+namespace ndn {
+namespace security {
+namespace v1 {
+
+class PublicKey
+{
+public:
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
+
+ /**
+ * The default constructor.
+ */
+ PublicKey();
+
+ /**
+ * @brief Create a new PublicKey from @p keyDerBuf in DER buffer
+ *
+ * @param keyDerBuf The pointer to the first byte of buffer containing DER of public key
+ * @param keyDerSize Size of the buffer
+ *
+ * @throws PublicKey::Error If DER in buffer cannot be decoded
+ */
+ PublicKey(const uint8_t* keyDerBuf, size_t keyDerSize);
+
+ const Buffer&
+ get() const
+ {
+ return m_key;
+ }
+
+ void
+ set(const uint8_t* keyDerBuf, size_t keyDerSize)
+ {
+ Buffer buf(keyDerBuf, keyDerSize);
+ m_key.swap(buf);
+ }
+
+ KeyType
+ getKeyType() const
+ {
+ return m_type;
+ }
+
+ /**
+ * @return a KeyDigest block that matches this public key
+ */
+ const Block&
+ computeDigest() const;
+
+ void
+ encode(CryptoPP::BufferedTransformation& out) const;
+
+ void
+ decode(CryptoPP::BufferedTransformation& in);
+
+ bool
+ operator==(const PublicKey& key) const
+ {
+ return m_key == key.m_key;
+ }
+
+ bool
+ operator!=(const PublicKey& key) const
+ {
+ return m_key != key.m_key;
+ }
+
+private:
+ KeyType m_type;
+ Buffer m_key;
+ mutable Block m_digest;
+};
+
+std::ostream&
+operator<<(std::ostream& os, const PublicKey& key);
+
+} // namespace v1
+} // namespace security
+
+#ifdef NDN_CXX_KEEP_SECURITY_V1_ALIASES
+/// @deprecated When needed, use explicit namespace
+using security::v1::PublicKey;
+#endif // NDN_CXX_KEEP_SECURITY_V1_ALIASES
+
+} // namespace ndn
+
+#endif // NDN_SECURITY_V1_PUBLIC_KEY_HPP
diff --git a/src/security/additional-description.cpp b/src/security/v2/additional-description.cpp
similarity index 96%
rename from src/security/additional-description.cpp
rename to src/security/v2/additional-description.cpp
index c912638..6fdfd53 100644
--- a/src/security/additional-description.cpp
+++ b/src/security/v2/additional-description.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -20,11 +20,12 @@
*/
#include "additional-description.hpp"
-#include "../util/concepts.hpp"
-#include "../encoding/block-helpers.hpp"
+#include "../../util/concepts.hpp"
+#include "../../encoding/block-helpers.hpp"
namespace ndn {
namespace security {
+namespace v2 {
BOOST_CONCEPT_ASSERT((boost::EqualityComparable<AdditionalDescription>));
BOOST_CONCEPT_ASSERT((WireEncodable<AdditionalDescription>));
@@ -193,5 +194,6 @@
return os;
}
+} // namespace v2
} // namespace security
} // namespace ndn
diff --git a/src/security/additional-description.hpp b/src/security/v2/additional-description.hpp
similarity index 87%
rename from src/security/additional-description.hpp
rename to src/security/v2/additional-description.hpp
index b34cb74..d5142ae 100644
--- a/src/security/additional-description.hpp
+++ b/src/security/v2/additional-description.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -19,16 +19,17 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#ifndef NDN_SECURITY_ADDITIONAL_DESCRIPTION_HPP
-#define NDN_SECURITY_ADDITIONAL_DESCRIPTION_HPP
+#ifndef NDN_SECURITY_V2_ADDITIONAL_DESCRIPTION_HPP
+#define NDN_SECURITY_V2_ADDITIONAL_DESCRIPTION_HPP
-#include "../common.hpp"
-#include "../encoding/tlv.hpp"
-#include "../encoding/block.hpp"
+#include "../../common.hpp"
+#include "../../encoding/tlv.hpp"
+#include "../../encoding/block.hpp"
#include <map>
namespace ndn {
namespace security {
+namespace v2 {
/**
* @brief Abstraction of AdditionalDescription
@@ -125,7 +126,11 @@
std::ostream&
operator<<(std::ostream& os, const AdditionalDescription& period);
+} // namespace v2
+
+using v2::AdditionalDescription;
+
} // namespace security
} // namespace ndn
-#endif // NDN_SECURITY_ADDITIONAL_DESCRIPTION_HPP
+#endif // NDN_SECURITY_V2_ADDITIONAL_DESCRIPTION_HPP
diff --git a/src/security/validation-request.hpp b/src/security/validation-request.hpp
index d9aae80..000f61b 100644
--- a/src/security/validation-request.hpp
+++ b/src/security/validation-request.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -27,6 +27,8 @@
#include "../interest.hpp"
namespace ndn {
+namespace security {
+
/// @brief Callback to report a successful Interest validation.
typedef function<void(const shared_ptr<const Interest>&)> OnInterestValidated;
@@ -82,6 +84,14 @@
int m_nSteps;
};
+} // namespace security
+
+using security::ValidationRequest;
+using security::OnInterestValidated;
+using security::OnInterestValidationFailed;
+using security::OnDataValidated;
+using security::OnDataValidationFailed;
+
} // namespace ndn
#endif //NDN_SECURITY_VALIDATION_REQUEST_HPP
diff --git a/src/security/validator-config.cpp b/src/security/validator-config.cpp
index ba37a5a..f643c84 100644
--- a/src/security/validator-config.cpp
+++ b/src/security/validator-config.cpp
@@ -31,6 +31,7 @@
#include <boost/algorithm/string.hpp>
namespace ndn {
+namespace security {
const shared_ptr<CertificateCache> ValidatorConfig::DEFAULT_CERTIFICATE_CACHE;
const time::milliseconds ValidatorConfig::DEFAULT_GRACE_INTERVAL(3000);
@@ -275,8 +276,8 @@
BOOST_THROW_EXCEPTION(Error("Expect the end of trust-anchor!"));
path certfilePath = absolute(file, path(filename).parent_path());
- shared_ptr<IdentityCertificate> idCert =
- io::load<IdentityCertificate>(certfilePath.string());
+ shared_ptr<v1::IdentityCertificate> idCert =
+ io::load<v1::IdentityCertificate>(certfilePath.string());
if (static_cast<bool>(idCert))
{
@@ -303,7 +304,7 @@
if (propertyIt != configSection.end())
BOOST_THROW_EXCEPTION(Error("Expect the end of trust-anchor!"));
- shared_ptr<IdentityCertificate> idCert = io::load<IdentityCertificate>(ss);
+ shared_ptr<v1::IdentityCertificate> idCert = io::load<v1::IdentityCertificate>(ss);
if (static_cast<bool>(idCert))
{
@@ -357,8 +358,8 @@
for (directory_iterator it(dirPath); it != end; it++)
{
- shared_ptr<IdentityCertificate> idCert =
- io::load<IdentityCertificate>(it->path().string());
+ shared_ptr<v1::IdentityCertificate> idCert =
+ io::load<v1::IdentityCertificate>(it->path().string());
if (static_cast<bool>(idCert))
m_staticContainer.add(idCert);
@@ -552,7 +553,7 @@
return onValidationFailed(interest.shared_from_this(),
"Key Locator is not a name");
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
+ Name keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
bool isMatched = false;
int8_t checkResult = -1;
@@ -594,7 +595,7 @@
return onValidationFailed(interest.shared_from_this(),
"No valid KeyLocator");
}
- catch (IdentityCertificate::Error& e)
+ catch (v1::IdentityCertificate::Error& e)
{
return onValidationFailed(interest.shared_from_this(),
"Cannot determine the signing key");
@@ -710,8 +711,8 @@
for (directory_iterator it(m_path); it != end; it++)
{
- shared_ptr<IdentityCertificate> idCert =
- io::load<IdentityCertificate>(it->path().string());
+ shared_ptr<v1::IdentityCertificate> idCert =
+ io::load<v1::IdentityCertificate>(it->path().string());
if (static_cast<bool>(idCert))
m_certificates.push_back(idCert);
@@ -719,8 +720,8 @@
}
else
{
- shared_ptr<IdentityCertificate> idCert =
- io::load<IdentityCertificate>(m_path.string());
+ shared_ptr<v1::IdentityCertificate> idCert =
+ io::load<v1::IdentityCertificate>(m_path.string());
if (static_cast<bool>(idCert))
m_certificates.push_back(idCert);
@@ -779,7 +780,7 @@
const Name& keyLocatorName = signature.getKeyLocator().getName();
- shared_ptr<const Certificate> trustedCert;
+ shared_ptr<const v1::Certificate> trustedCert;
refreshAnchors();
@@ -838,9 +839,9 @@
"Cannot retrieve signer's cert: " +
signCertificate->getName().toUri());
- shared_ptr<IdentityCertificate> certificate;
+ shared_ptr<v1::IdentityCertificate> certificate;
try {
- certificate = make_shared<IdentityCertificate>(*signCertificate);
+ certificate = make_shared<v1::IdentityCertificate>(*signCertificate);
}
catch (tlv::Error&) {
return onValidationFailed(packet,
@@ -879,4 +880,5 @@
onValidationFailed(packet, failureInfo);
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/validator-config.hpp b/src/security/validator-config.hpp
index db8d17d..8d801ad 100644
--- a/src/security/validator-config.hpp
+++ b/src/security/validator-config.hpp
@@ -31,6 +31,7 @@
#include "conf/common.hpp"
namespace ndn {
+namespace security {
class ValidatorConfig : public Validator
{
@@ -160,20 +161,20 @@
{
}
- const std::list<shared_ptr<IdentityCertificate>>&
+ const std::list<shared_ptr<v1::IdentityCertificate>>&
getAll() const
{
return m_certificates;
}
void
- add(shared_ptr<IdentityCertificate> certificate)
+ add(shared_ptr<v1::IdentityCertificate> certificate)
{
m_certificates.push_back(certificate);
}
protected:
- std::list<shared_ptr<IdentityCertificate>> m_certificates;
+ std::list<shared_ptr<v1::IdentityCertificate>> m_certificates;
};
class DynamicTrustAnchorContainer : public TrustAnchorContainer
@@ -233,9 +234,9 @@
typedef security::conf::Rule<Data> DataRule;
typedef std::vector<shared_ptr<InterestRule>> InterestRuleList;
typedef std::vector<shared_ptr<DataRule>> DataRuleList;
- typedef std::map<Name, shared_ptr<IdentityCertificate>> AnchorList;
+ typedef std::map<Name, shared_ptr<v1::IdentityCertificate>> AnchorList;
typedef std::list<DynamicTrustAnchorContainer> DynamicContainers; // sorted by m_lastRefresh
- typedef std::list<shared_ptr<IdentityCertificate>> CertificateList;
+ typedef std::list<shared_ptr<v1::IdentityCertificate>> CertificateList;
/**
@@ -262,6 +263,10 @@
const time::system_clock::Duration& m_keyTimestampTtl;
};
+} // namespace security
+
+using security::ValidatorConfig;
+
} // namespace ndn
#endif // NDN_SECURITY_VALIDATOR_CONFIG_HPP
diff --git a/src/security/validator-null.hpp b/src/security/validator-null.hpp
index 34b18c8..36448af 100644
--- a/src/security/validator-null.hpp
+++ b/src/security/validator-null.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -28,6 +28,7 @@
#include "validator.hpp"
namespace ndn {
+namespace security {
class ValidatorNull : public Validator
{
@@ -59,6 +60,10 @@
}
};
+} // namespace security
+
+using security::ValidatorNull;
+
} // namespace ndn
#endif //NDN_SECURITY_VALIDATOR_NULL_HPP
diff --git a/src/security/validator-regex.cpp b/src/security/validator-regex.cpp
index 08f4c73..caa2e6c 100644
--- a/src/security/validator-regex.cpp
+++ b/src/security/validator-regex.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -28,6 +28,7 @@
#include "certificate-cache-ttl.hpp"
namespace ndn {
+namespace security {
const shared_ptr<CertificateCache> ValidatorRegex::DEFAULT_CERTIFICATE_CACHE;
@@ -49,7 +50,7 @@
, m_stepLimit(stepLimit)
, m_certificateCache(certificateCache)
{
- if (!static_cast<bool>(m_certificateCache))
+ if (certificateCache == nullptr)
m_certificateCache = make_shared<CertificateCacheTtl>(ref(face.getIoService()));
}
@@ -60,7 +61,7 @@
}
void
-ValidatorRegex::addTrustAnchor(shared_ptr<IdentityCertificate> certificate)
+ValidatorRegex::addTrustAnchor(shared_ptr<v1::IdentityCertificate> certificate)
{
m_trustAnchors[certificate->getName().getPrefix(-1)] = certificate;
}
@@ -71,28 +72,26 @@
const OnDataValidated& onValidated,
const OnDataValidationFailed& onValidationFailed)
{
- shared_ptr<IdentityCertificate> certificate =
- make_shared<IdentityCertificate>(*signCertificate);
+ shared_ptr<v1::IdentityCertificate> certificate =
+ make_shared<v1::IdentityCertificate>(*signCertificate);
- if (!certificate->isTooLate() && !certificate->isTooEarly())
- {
- if (static_cast<bool>(m_certificateCache))
- m_certificateCache->insertCertificate(certificate);
+ if (!certificate->isTooLate() && !certificate->isTooEarly()) {
+ if (m_certificateCache != nullptr)
+ m_certificateCache->insertCertificate(certificate);
- if (verifySignature(*data, certificate->getPublicKeyInfo()))
- return onValidated(data);
- else
- return onValidationFailed(data,
- "Cannot verify signature: " +
- data->getName().toUri());
- }
- else
- {
+ if (verifySignature(*data, certificate->getPublicKeyInfo()))
+ return onValidated(data);
+ else
return onValidationFailed(data,
- "Signing certificate " +
- signCertificate->getName().toUri() +
- " is no longer valid.");
- }
+ "Cannot verify signature: " +
+ data->getName().toUri());
+ }
+ else {
+ return onValidationFailed(data,
+ "Signing certificate " +
+ signCertificate->getName().toUri() +
+ " is no longer valid.");
+ }
}
void
@@ -126,82 +125,76 @@
for (RuleList::iterator it = m_verifyPolicies.begin();
it != m_verifyPolicies.end();
- it++)
- {
- if ((*it)->satisfy(data))
- {
- try
- {
- if (!data.getSignature().hasKeyLocator())
- return onValidationFailed(data.shared_from_this(),
- "Key Locator is missing in Data packet: " +
- data.getName().toUri());
+ it++) {
+ if ((*it)->satisfy(data)) {
+ try {
+ if (!data.getSignature().hasKeyLocator())
+ return onValidationFailed(data.shared_from_this(),
+ "Key Locator is missing in Data packet: " +
+ data.getName().toUri());
- const KeyLocator& keyLocator = data.getSignature().getKeyLocator();
- if (keyLocator.getType() != KeyLocator::KeyLocator_Name)
- return onValidationFailed(data.shared_from_this(),
- "Key Locator is not a name: " +
- data.getName().toUri());
+ const KeyLocator& keyLocator = data.getSignature().getKeyLocator();
+ if (keyLocator.getType() != KeyLocator::KeyLocator_Name)
+ return onValidationFailed(data.shared_from_this(),
+ "Key Locator is not a name: " +
+ data.getName().toUri());
- const Name& keyLocatorName = keyLocator.getName();
- shared_ptr<const Certificate> trustedCert;
- if (m_trustAnchors.end() == m_trustAnchors.find(keyLocatorName) &&
- static_cast<bool>(m_certificateCache))
- trustedCert = m_certificateCache->getCertificate(keyLocatorName);
- else
- trustedCert = m_trustAnchors[keyLocatorName];
+ const Name& keyLocatorName = keyLocator.getName();
+ shared_ptr<const v1::Certificate> trustedCert;
+ if (m_trustAnchors.end() == m_trustAnchors.find(keyLocatorName) &&
+ m_certificateCache != nullptr)
+ trustedCert = m_certificateCache->getCertificate(keyLocatorName);
+ else
+ trustedCert = m_trustAnchors[keyLocatorName];
- if (static_cast<bool>(trustedCert))
- {
- if (verifySignature(data, data.getSignature(), trustedCert->getPublicKeyInfo()))
- return onValidated(data.shared_from_this());
- else
- return onValidationFailed(data.shared_from_this(),
- "Cannot verify signature: " +
- data.getName().toUri());
- }
- else
- {
- // KeyLocator is not a trust anchor
-
- OnDataValidated onKeyValidated =
- bind(&ValidatorRegex::onCertificateValidated, this, _1,
- data.shared_from_this(), onValidated, onValidationFailed);
-
- OnDataValidationFailed onKeyValidationFailed =
- bind(&ValidatorRegex::onCertificateValidationFailed, this, _1, _2,
- data.shared_from_this(), onValidationFailed);
-
- Interest interest(keyLocatorName);
- shared_ptr<ValidationRequest> nextStep =
- make_shared<ValidationRequest>(interest,
- onKeyValidated,
- onKeyValidationFailed,
- 3,
- nSteps + 1);
-
- nextSteps.push_back(nextStep);
-
- return;
- }
- }
- catch (KeyLocator::Error& e)
- {
- return onValidationFailed(data.shared_from_this(),
- "Key Locator is not a name: " +
- data.getName().toUri());
- }
- catch (tlv::Error& e)
- {
- return onValidationFailed(data.shared_from_this(),
- "Cannot decode signature");
- }
+ if (trustedCert != nullptr) {
+ if (verifySignature(data, data.getSignature(), trustedCert->getPublicKeyInfo()))
+ return onValidated(data.shared_from_this());
+ else
+ return onValidationFailed(data.shared_from_this(),
+ "Cannot verify signature: " +
+ data.getName().toUri());
}
+ else {
+ // KeyLocator is not a trust anchor
+
+ OnDataValidated onKeyValidated =
+ bind(&ValidatorRegex::onCertificateValidated, this, _1,
+ data.shared_from_this(), onValidated, onValidationFailed);
+
+ OnDataValidationFailed onKeyValidationFailed =
+ bind(&ValidatorRegex::onCertificateValidationFailed, this, _1, _2,
+ data.shared_from_this(), onValidationFailed);
+
+ Interest interest(keyLocatorName);
+ shared_ptr<ValidationRequest> nextStep =
+ make_shared<ValidationRequest>(interest,
+ onKeyValidated,
+ onKeyValidationFailed,
+ 3,
+ nSteps + 1);
+
+ nextSteps.push_back(nextStep);
+
+ return;
+ }
+ }
+ catch (const KeyLocator::Error& e) {
+ return onValidationFailed(data.shared_from_this(),
+ "Key Locator is not a name: " +
+ data.getName().toUri());
+ }
+ catch (const tlv::Error& e) {
+ return onValidationFailed(data.shared_from_this(),
+ "Cannot decode signature");
+ }
}
+ }
return onValidationFailed(data.shared_from_this(),
"No policy found for data: " + data.getName().toUri());
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/validator-regex.hpp b/src/security/validator-regex.hpp
index b207bbc..7d97f22 100644
--- a/src/security/validator-regex.hpp
+++ b/src/security/validator-regex.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -25,12 +25,13 @@
#define NDN_SECURITY_VALIDATOR_REGEX_HPP
#include "validator.hpp"
-#include "identity-certificate.hpp"
+#include "v1/identity-certificate.hpp"
#include "sec-rule-relative.hpp"
#include "certificate-cache.hpp"
#include "../util/regex.hpp"
namespace ndn {
+namespace security {
class ValidatorRegex : public Validator
{
@@ -79,7 +80,7 @@
* @param certificate The trust anchor
*/
void
- addTrustAnchor(shared_ptr<IdentityCertificate> certificate);
+ addTrustAnchor(shared_ptr<v1::IdentityCertificate> certificate);
protected:
virtual void
@@ -122,9 +123,13 @@
shared_ptr<CertificateCache> m_certificateCache;
RuleList m_mustFailVerify;
RuleList m_verifyPolicies;
- std::map<Name, shared_ptr<IdentityCertificate> > m_trustAnchors;
+ std::map<Name, shared_ptr<v1::IdentityCertificate> > m_trustAnchors;
};
+} // namespace security
+
+using security::ValidatorRegex;
+
} // namespace ndn
#endif // NDN_SECURITY_VALIDATOR_REGEX_HPP
diff --git a/src/security/validator.cpp b/src/security/validator.cpp
index ffb9501..84aaa0f 100644
--- a/src/security/validator.cpp
+++ b/src/security/validator.cpp
@@ -25,12 +25,13 @@
#include "validator.hpp"
#include "../util/crypto.hpp"
-#include "cryptopp.hpp"
+#include "v1/cryptopp.hpp"
namespace ndn {
+namespace security {
-static OID SECP256R1("1.2.840.10045.3.1.7");
-static OID SECP384R1("1.3.132.0.34");
+static Oid SECP256R1("1.2.840.10045.3.1.7");
+static Oid SECP384R1("1.3.132.0.34");
Validator::Validator(Face* face)
: m_face(face)
@@ -101,7 +102,7 @@
}
bool
-Validator::verifySignature(const Data& data, const PublicKey& key)
+Validator::verifySignature(const Data& data, const v1::PublicKey& key)
{
if (!data.getSignature().hasKeyLocator())
return false;
@@ -113,7 +114,7 @@
}
bool
-Validator::verifySignature(const Interest& interest, const PublicKey& key)
+Validator::verifySignature(const Interest& interest, const v1::PublicKey& key)
{
const Name& name = interest.getName();
@@ -142,7 +143,7 @@
Validator::verifySignature(const uint8_t* buf,
const size_t size,
const Signature& sig,
- const PublicKey& key)
+ const v1::PublicKey& key)
{
try {
using namespace CryptoPP;
@@ -181,10 +182,10 @@
{
BERSequenceDecoder algorithmInfo(subjectPublicKeyInfo);
{
- OID algorithm;
+ Oid algorithm;
algorithm.decode(algorithmInfo);
- OID curveId;
+ Oid curveId;
curveId.decode(algorithmInfo);
if (curveId == SECP256R1)
@@ -234,7 +235,7 @@
Validator::verifySignature(const uint8_t* buf, const size_t size, const DigestSha256& sig)
{
try {
- ConstBufferPtr buffer = crypto::sha256(buf, size);
+ ConstBufferPtr buffer = crypto::computeSha256Digest(buf, size);
const Block& sigValue = sig.getValue();
if (buffer != nullptr &&
@@ -321,4 +322,5 @@
}
}
+} // namespace security
} // namespace ndn
diff --git a/src/security/validator.hpp b/src/security/validator.hpp
index e6eec8d..edc0365 100644
--- a/src/security/validator.hpp
+++ b/src/security/validator.hpp
@@ -26,14 +26,15 @@
#define NDN_SECURITY_VALIDATOR_HPP
#include "../face.hpp"
-#include "public-key.hpp"
#include "signature-sha256-with-rsa.hpp"
#include "signature-sha256-with-ecdsa.hpp"
#include "digest-sha256.hpp"
#include "validation-request.hpp"
-#include "identity-certificate.hpp"
+#include "v1/public-key.hpp"
+#include "v1/identity-certificate.hpp"
namespace ndn {
+namespace security {
/**
* @brief provides the interfaces for packet validation.
@@ -105,7 +106,7 @@
/// @brief Verify the data using the publicKey.
static bool
- verifySignature(const Data& data, const PublicKey& publicKey);
+ verifySignature(const Data& data, const v1::PublicKey& publicKey);
/**
* @brief Verify the signed Interest using the publicKey.
@@ -113,11 +114,11 @@
* (Note the signature covers the first n-2 name components).
*/
static bool
- verifySignature(const Interest& interest, const PublicKey& publicKey);
+ verifySignature(const Interest& interest, const v1::PublicKey& publicKey);
/// @brief Verify the blob using the publicKey against the signature.
static bool
- verifySignature(const Buffer& blob, const Signature& sig, const PublicKey& publicKey)
+ verifySignature(const Buffer& blob, const Signature& sig, const v1::PublicKey& publicKey)
{
return verifySignature(blob.buf(), blob.size(), sig, publicKey);
}
@@ -126,7 +127,7 @@
static bool
verifySignature(const Data& data,
const Signature& sig,
- const PublicKey& publicKey)
+ const v1::PublicKey& publicKey)
{
return verifySignature(data.wireEncode().value(),
data.wireEncode().value_size() - data.getSignature().getValue().size(),
@@ -140,7 +141,7 @@
static bool
verifySignature(const Interest& interest,
const Signature& sig,
- const PublicKey& publicKey)
+ const v1::PublicKey& publicKey)
{
if (interest.getName().size() < 2)
return false;
@@ -157,7 +158,7 @@
verifySignature(const uint8_t* buf,
const size_t size,
const Signature& sig,
- const PublicKey& publicKey);
+ const v1::PublicKey& publicKey);
/// @brief Verify the data against the SHA256 signature.
@@ -330,6 +331,10 @@
Face* m_face;
};
+} // namespace security
+
+using security::Validator;
+
} // namespace ndn
#endif // NDN_SECURITY_VALIDATOR_HPP
diff --git a/src/util/command-interest-validator.hpp b/src/util/command-interest-validator.hpp
index b7c3494..a6cd465 100644
--- a/src/util/command-interest-validator.hpp
+++ b/src/util/command-interest-validator.hpp
@@ -23,7 +23,6 @@
#define NDN_UTIL_COMMAND_INTEREST_VALIDATOR_HPP
#include "../security/validator.hpp"
-#include "../security/identity-certificate.hpp"
#include "../security/sec-rule-specific.hpp"
#include <list>
@@ -67,7 +66,7 @@
* @param certificate trusted certificate
*/
void
- addInterestRule(const std::string& regex, const IdentityCertificate& certificate);
+ addInterestRule(const std::string& regex, const security::v1::IdentityCertificate& certificate);
/**
* @brief add an Interest rule that allows a specific public key
@@ -77,7 +76,7 @@
* @param publicKey public key
*/
void
- addInterestRule(const std::string& regex, const Name& keyName, const PublicKey& publicKey);
+ addInterestRule(const std::string& regex, const Name& keyName, const security::v1::PublicKey& publicKey);
/**
* @brief add an Interest rule that allows any signer
@@ -114,7 +113,7 @@
private:
time::milliseconds m_graceInterval; //ms
- std::map<Name, PublicKey> m_trustAnchorsForInterest;
+ std::map<Name, security::v1::PublicKey> m_trustAnchorsForInterest;
std::list<SecRuleSpecific> m_trustScopeForInterest;
typedef std::map<Name, time::system_clock::TimePoint> LastTimestampMap;
@@ -123,16 +122,16 @@
inline void
CommandInterestValidator::addInterestRule(const std::string& regex,
- const IdentityCertificate& certificate)
+ const security::v1::IdentityCertificate& certificate)
{
- Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
+ Name keyName = security::v1::IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
addInterestRule(regex, keyName, certificate.getPublicKeyInfo());
}
inline void
CommandInterestValidator::addInterestRule(const std::string& regex,
const Name& keyName,
- const PublicKey& publicKey)
+ const security::v1::PublicKey& publicKey)
{
m_trustAnchorsForInterest[keyName] = publicKey;
shared_ptr<Regex> interestRegex = make_shared<Regex>(regex);
@@ -185,7 +184,7 @@
return onValidationFailed(interest.shared_from_this(),
"Key Locator is not a name");
- keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
+ keyName = security::v1::IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName());
//Check if command is in the trusted scope
bool isInScope = false;
@@ -256,7 +255,7 @@
return onValidationFailed(interest.shared_from_this(),
"No valid signature");
}
- catch (const IdentityCertificate::Error&)
+ catch (const security::v1::IdentityCertificate::Error&)
{
return onValidationFailed(interest.shared_from_this(),
"Cannot locate the signing key");
diff --git a/src/util/crypto.cpp b/src/util/crypto.cpp
index c480401..1e22c0e 100644
--- a/src/util/crypto.cpp
+++ b/src/util/crypto.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -19,52 +19,28 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#include "../common.hpp"
-
#include "crypto.hpp"
#include "../encoding/buffer-stream.hpp"
-#include "../security/cryptopp.hpp"
+
+#include "../security/v1/cryptopp.hpp"
namespace ndn {
-
-void ndn_digestSha256(const uint8_t* data, size_t dataLength, uint8_t* digest)
-{
- try
- {
- using namespace CryptoPP;
-
- CryptoPP::SHA256 hash;
- OBufferStream os;
- StringSource(data, dataLength, true,
- new HashFilter(hash, new ArraySink(digest, crypto::SHA256_DIGEST_SIZE)));
- }
- catch (CryptoPP::Exception& e)
- {
- return;
- }
-
-}
-
namespace crypto {
ConstBufferPtr
-sha256(const uint8_t* data, size_t dataLength)
+computeSha256Digest(const uint8_t* data, size_t dataLength)
{
- try
- {
- using namespace CryptoPP;
-
- SHA256 hash;
- OBufferStream os;
- StringSource(data, dataLength, true, new HashFilter(hash, new FileSink(os)));
- return os.buf();
- }
- catch (CryptoPP::Exception& e)
- {
- return ConstBufferPtr();
- }
+ try {
+ CryptoPP::SHA256 hash;
+ OBufferStream os;
+ CryptoPP::StringSource(data, dataLength, true,
+ new CryptoPP::HashFilter(hash, new CryptoPP::FileSink(os)));
+ return os.buf();
+ }
+ catch (CryptoPP::Exception& e) {
+ return ConstBufferPtr();
+ }
}
} // namespace crypto
-
} // namespace ndn
diff --git a/src/util/crypto.hpp b/src/util/crypto.hpp
index dc0a754..e406006 100644
--- a/src/util/crypto.hpp
+++ b/src/util/crypto.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -26,17 +26,6 @@
#include "../encoding/buffer.hpp"
namespace ndn {
-
-/**
- * @brief Compute the sha-256 digest of data.
- *
- * @param data Pointer to the input byte array.
- * @param dataLength The length of data.
- * @param digest A pointer to a buffer of size crypto::SHA256_DIGEST_SIZE to receive the data.
- */
-void
-ndn_digestSha256(const uint8_t* data, size_t dataLength, uint8_t* digest);
-
namespace crypto {
/// @brief number of octets in a SHA256 digest
@@ -50,7 +39,18 @@
* @return A pointer to a buffer of SHA256_DIGEST.
*/
ConstBufferPtr
-sha256(const uint8_t* data, size_t dataLength);
+computeSha256Digest(const uint8_t* data, size_t dataLength);
+
+/**
+ * @brief Compute the sha-256 digest of data.
+ *
+ * @deprecated Use computeSha256Digest function instead
+ */
+inline ConstBufferPtr
+sha256(const uint8_t* data, size_t dataLength)
+{
+ return computeSha256Digest(data, dataLength);
+}
} // namespace crypto
diff --git a/src/util/digest.hpp b/src/util/digest.hpp
index ea1538e..ce86e1d 100644
--- a/src/util/digest.hpp
+++ b/src/util/digest.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -24,7 +24,7 @@
#include "../encoding/buffer.hpp"
#include "../encoding/block.hpp"
-#include "../security/cryptopp.hpp"
+#include "../security/v1/cryptopp.hpp"
#include "concepts.hpp"
namespace ndn {
diff --git a/src/util/string-helper.cpp b/src/util/string-helper.cpp
index 16064b0..0f54e14 100644
--- a/src/util/string-helper.cpp
+++ b/src/util/string-helper.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -21,7 +21,7 @@
#include "string-helper.hpp"
#include "../encoding/buffer-stream.hpp"
-#include "../security/cryptopp.hpp"
+#include "../security/v1/cryptopp.hpp"
#include <sstream>
#include <iomanip>
diff --git a/tests/unit-tests/data.t.cpp b/tests/unit-tests/data.t.cpp
index 19b3493..aa1a6c8 100644
--- a/tests/unit-tests/data.t.cpp
+++ b/tests/unit-tests/data.t.cpp
@@ -21,7 +21,7 @@
#include "data.hpp"
#include "security/key-chain.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "encoding/buffer-stream.hpp"
#include "boost-test.hpp"
diff --git a/tests/unit-tests/link.t.cpp b/tests/unit-tests/link.t.cpp
index 6071158..1627b3c 100644
--- a/tests/unit-tests/link.t.cpp
+++ b/tests/unit-tests/link.t.cpp
@@ -21,7 +21,7 @@
#include "link.hpp"
#include "security/key-chain.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "encoding/buffer-stream.hpp"
#include "boost-test.hpp"
diff --git a/tests/unit-tests/meta-info.t.cpp b/tests/unit-tests/meta-info.t.cpp
index 77bdd3e..d07acaf 100644
--- a/tests/unit-tests/meta-info.t.cpp
+++ b/tests/unit-tests/meta-info.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -23,7 +23,7 @@
#include "data.hpp"
#include "security/key-chain.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "encoding/buffer-stream.hpp"
#include "boost-test.hpp"
diff --git a/tests/unit-tests/security/certificate-cache-ttl.t.cpp b/tests/unit-tests/security/certificate-cache-ttl.t.cpp
index 6d35811..2bf11f4 100644
--- a/tests/unit-tests/security/certificate-cache-ttl.t.cpp
+++ b/tests/unit-tests/security/certificate-cache-ttl.t.cpp
@@ -27,8 +27,11 @@
#include "../unit-test-time-fixture.hpp"
namespace ndn {
+namespace security {
namespace tests {
+using namespace ndn::tests;
+
BOOST_AUTO_TEST_SUITE(Security)
BOOST_AUTO_TEST_SUITE(TestCertificateCacheTtl)
@@ -39,12 +42,12 @@
: scheduler(io)
, cache(make_shared<CertificateCacheTtl>(ref(io), time::seconds(1)))
{
- cert1 = make_shared<IdentityCertificate>();
+ cert1 = make_shared<v1::IdentityCertificate>();
Name certName1("/tmp/KEY/ksk-1/ID-CERT/1");
cert1->setName(certName1);
cert1->setFreshnessPeriod(time::milliseconds(500));
- cert2 = make_shared<IdentityCertificate>();
+ cert2 = make_shared<v1::IdentityCertificate>();
Name certName2("/tmp/KEY/ksk-2/ID-CERT/2");
cert2->setName(certName2);
cert2->setFreshnessPeriod(time::milliseconds(1000));
@@ -58,8 +61,8 @@
shared_ptr<CertificateCacheTtl> cache;
- shared_ptr<IdentityCertificate> cert1;
- shared_ptr<IdentityCertificate> cert2;
+ shared_ptr<v1::IdentityCertificate> cert1;
+ shared_ptr<v1::IdentityCertificate> cert2;
Name name1;
Name name2;
@@ -135,4 +138,5 @@
BOOST_AUTO_TEST_SUITE_END() // Security
} // namespace tests
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/security/certificate.t.cpp b/tests/unit-tests/security/certificate.t.cpp
deleted file mode 100644
index b975cf0..0000000
--- a/tests/unit-tests/security/certificate.t.cpp
+++ /dev/null
@@ -1,380 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2015 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/certificate.hpp"
-#include "security/public-key.hpp"
-
-#include "security/key-chain.hpp"
-
-#include "security/cryptopp.hpp"
-
-#include "boost-test.hpp"
-
-using namespace std;
-namespace ndn {
-
-using namespace CryptoPP;
-
-BOOST_AUTO_TEST_SUITE(SecurityEncodeDecodeCertificate)
-
-const uint8_t PUBLIC_KEY[] = {
-0x30, 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
-0x01, 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e,
-0x06, 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5,
-0x9c, 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22,
-0xac, 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c,
-0xaa, 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88,
-0x9a, 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad,
-0xc1, 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe,
-0x62, 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1,
-0xc5, 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62,
-0xea, 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11
-};
-
-const uint8_t CERT[] = {
-0x30, 0x81, 0xff, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x32, 0x32, 0x36,
-0x32, 0x33, 0x32, 0x32, 0x35, 0x34, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x32,
-0x32, 0x36, 0x32, 0x33, 0x32, 0x32, 0x35, 0x34, 0x5a, 0x30, 0x12, 0x30, 0x10, 0x06, 0x03,
-0x55, 0x04, 0x29, 0x13, 0x09, 0x54, 0x45, 0x53, 0x54, 0x20, 0x4e, 0x41, 0x4d, 0x45, 0x30,
-0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
-0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x06,
-0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5, 0x9c,
-0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22, 0xac,
-0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c, 0xaa,
-0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88, 0x9a,
-0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad, 0xc1,
-0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe, 0x62,
-0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1, 0xc5,
-0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62, 0xea,
-0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11, 0x30, 0x25, 0x30, 0x23, 0x06, 0x06,
-0x2b, 0x06, 0x01, 0x05, 0x20, 0x01, 0x01, 0x01, 0xff, 0x04, 0x16, 0x30, 0x14, 0x04, 0x0c,
-0x2f, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2f, 0x6b, 0x69, 0x74, 0x74, 0x79, 0x02, 0x01, 0x00,
-0x02, 0x01, 0x0a
-};
-
-const std::string CERT_INFO = "Certificate name:\n"
- " /\n"
- "Validity:\n"
- " NotBefore: 20131226T232254\n"
- " NotAfter: 20131226T232254\n"
- "Subject Description:\n"
- " 2.5.4.41: TEST NAME\n"
- "Public key bits: (RSA)\n"
- " MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF\n"
- " OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV\n"
- " C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf\n"
- " 7+0153pi6nZ8uwgmxwIB\n"
- "Signature Information:\n"
- " Signature Type: Unknown Signature Type\n";
-
-BOOST_AUTO_TEST_CASE(Encode)
-{
- ndn::Certificate certificate;
-
- // validity
- // not before 12/26/2013 @ 11:22pm
- certificate.setNotBefore(time::fromUnixTimestamp(time::milliseconds(1388100174000LL)));
- // not after 12/26/2013 @ 11:22pm
- certificate.setNotAfter(time::fromUnixTimestamp(time::milliseconds(1388100174000LL)));
-
- // subject
- certificate.addSubjectDescription(CertificateSubjectDescription(oid::ATTRIBUTE_NAME,
- "TEST NAME"));
-
- // publicKeyInfo
- ndn::PublicKey key(PUBLIC_KEY, sizeof(PUBLIC_KEY));
- certificate.setPublicKeyInfo(key);
-
- // extensions
- BOOST_REQUIRE_NO_THROW({
- std::string extenstionValue;
- StringSink sink(extenstionValue);
- DERSequenceEncoder seq(sink);
- {
- std::string name("/hello/kitty");
- DEREncodeOctetString(seq, reinterpret_cast<const uint8_t*>(name.c_str()), name.size());
- // trustClass
- DEREncodeUnsigned<uint32_t>(seq, 0);
- // trustLevel
- DEREncodeUnsigned<uint32_t>(seq, 10);
- }
- seq.MessageEnd();
-
- //create a randome extension
- certificate.addExtension(CertificateExtension(OID("1.3.6.1.5.32.1"), true,
- reinterpret_cast<const uint8_t*>(extenstionValue.c_str()),
- extenstionValue.size()));
- });
- // RSA::PublicKey p;
- // StringSource source(T, sizeof(T), true);
- // p.Load(source);
-
- BOOST_REQUIRE_NO_THROW(certificate.encode());
-
- // ofstream of("cert.out");
- // of.write((const char*certificate.getContent().value(), certificate.getContent().value_size());
-
- // const Block &wire = i.wireEncode();
- BOOST_REQUIRE_EQUAL_COLLECTIONS(CERT, CERT+sizeof(CERT),
- certificate.getContent().value_begin(),
- certificate.getContent().value_end());
-
- std::ostringstream os;
- os << certificate;
- std::string info(os.str());
-
- BOOST_CHECK_EQUAL(CERT_INFO, info);
-}
-
-const unsigned char REAL_CERT[] = {
-0x30, 0x82, 0x01, 0x63, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x31, 0x30,
-0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31,
-0x31, 0x30, 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x30, 0x19, 0x30, 0x17, 0x06,
-0x03, 0x55, 0x04, 0x29, 0x13, 0x10, 0x4e, 0x44, 0x4e, 0x20, 0x54, 0x65, 0x73, 0x74, 0x62,
-0x65, 0x64, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09,
-0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0d,
-0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd3, 0xac, 0x7e, 0x7a, 0x5c,
-0x33, 0x58, 0x21, 0xda, 0xe0, 0x8d, 0xdb, 0xca, 0xb6, 0x02, 0x30, 0x02, 0x15, 0xc5, 0x0a,
-0x51, 0x54, 0xbb, 0x8e, 0x5e, 0x9d, 0x21, 0xf8, 0x14, 0xbe, 0xe4, 0x63, 0x60, 0x31, 0x53,
-0xe2, 0xef, 0xee, 0x34, 0xa3, 0x8c, 0xd2, 0x24, 0x6f, 0xa4, 0x89, 0x4f, 0x02, 0x20, 0x7d,
-0x66, 0xb6, 0x3f, 0x11, 0x40, 0x0c, 0xc1, 0x5f, 0xd8, 0x45, 0x23, 0x95, 0x40, 0xc8, 0xe0,
-0xbc, 0x9d, 0x2f, 0x03, 0xf1, 0x83, 0x9f, 0x07, 0x0b, 0x76, 0xc9, 0x10, 0xd9, 0x3e, 0x0b,
-0x75, 0x13, 0x93, 0xe9, 0xc9, 0x85, 0x01, 0x88, 0x36, 0x2e, 0xab, 0xfc, 0xe6, 0x24, 0x32,
-0xfc, 0xc6, 0x3c, 0x40, 0x97, 0x1a, 0xcc, 0xcd, 0x53, 0xaa, 0x0f, 0xfb, 0xa3, 0xfe, 0xf9,
-0x24, 0x70, 0x13, 0x3f, 0x4f, 0x5b, 0x7d, 0x43, 0xaa, 0x75, 0x0a, 0x94, 0x72, 0xab, 0xe1,
-0x8c, 0x45, 0xb5, 0x78, 0x10, 0x01, 0xef, 0x1f, 0xb3, 0x05, 0x6f, 0xa6, 0xc3, 0xac, 0x7f,
-0x6d, 0xf0, 0x31, 0xc4, 0x83, 0xb3, 0x4f, 0x50, 0x26, 0x92, 0x40, 0x1a, 0xdd, 0xec, 0xfb,
-0xcb, 0xef, 0x63, 0xfe, 0x41, 0xd8, 0x8d, 0x1f, 0xdc, 0xec, 0xfc, 0x48, 0x95, 0xcc, 0x09,
-0x1e, 0x30, 0x6e, 0x22, 0x9e, 0x24, 0x97, 0x2e, 0xe6, 0x0c, 0xdf, 0x3d, 0x20, 0x32, 0xaa,
-0x9c, 0xc9, 0x45, 0x14, 0xaf, 0xaa, 0xf5, 0x17, 0xd2, 0x01, 0x98, 0x33, 0xbe, 0x2a, 0x9f,
-0x7b, 0x9d, 0x98, 0x7c, 0x54, 0x22, 0xfe, 0x72, 0x72, 0x04, 0xc3, 0x2c, 0xc0, 0x14, 0x0b,
-0xa9, 0x40, 0x7e, 0x46, 0xa1, 0x75, 0x16, 0x1a, 0x27, 0x9e, 0xf2, 0x82, 0x96, 0xc0, 0x7d,
-0xaf, 0x18, 0x75, 0xfb, 0xbb, 0xab, 0x16, 0x66, 0xc0, 0xa9, 0xd7, 0x93, 0x4c, 0x48, 0x6d,
-0xce, 0x0b, 0x88, 0xd4, 0x21, 0x93, 0x84, 0x89, 0x55, 0x05, 0xd5, 0x02, 0x01, 0x11
-};
-
-const std::string REAL_CERT_INFO = "Certificate name:\n"
-" /tmp\n"
-"Validity:\n"
-" NotBefore: 20131101T171122\n"
-" NotAfter: 20141101T171122\n"
-"Subject Description:\n"
-" 2.5.4.41: NDN Testbed Root\n"
-"Public key bits: (RSA)\n"
-" MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA06x+elwzWCHa4I3byrYC\n"
-" MAIVxQpRVLuOXp0h+BS+5GNgMVPi7+40o4zSJG+kiU8CIH1mtj8RQAzBX9hFI5VA\n"
-" yOC8nS8D8YOfBwt2yRDZPgt1E5PpyYUBiDYuq/zmJDL8xjxAlxrMzVOqD/uj/vkk\n"
-" cBM/T1t9Q6p1CpRyq+GMRbV4EAHvH7MFb6bDrH9t8DHEg7NPUCaSQBrd7PvL72P+\n"
-" QdiNH9zs/EiVzAkeMG4iniSXLuYM3z0gMqqcyUUUr6r1F9IBmDO+Kp97nZh8VCL+\n"
-" cnIEwyzAFAupQH5GoXUWGiee8oKWwH2vGHX7u6sWZsCp15NMSG3OC4jUIZOEiVUF\n"
-" 1QIB\n"
-"Signature Information:\n"
-" Signature Type: Unknown Signature Type\n";
-
-const uint8_t SELF_SIGNED_ECDSA_CERT[] = {
-0x06, 0xfd, 0x01, 0x5b, 0x07, 0x33, 0x08, 0x05, 0x65, 0x63, 0x64, 0x73, 0x61, 0x08, 0x03,
-0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39,
-0x34, 0x35, 0x35, 0x32, 0x38, 0x32, 0x37, 0x08, 0x07, 0x49, 0x44, 0x2d, 0x43, 0x45, 0x52,
-0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xd3, 0x9d, 0x78, 0x00, 0x14, 0x03, 0x18,
-0x01, 0x02, 0x15, 0xa5, 0x30, 0x81, 0xa2, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34,
-0x31, 0x31, 0x32, 0x31, 0x31, 0x38, 0x32, 0x39, 0x31, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30,
-0x33, 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x38, 0x32, 0x39, 0x31, 0x32, 0x5a, 0x30, 0x21,
-0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x29, 0x13, 0x18, 0x2f, 0x65, 0x63, 0x64, 0x73, 0x61,
-0x2f, 0x6b, 0x73, 0x6b, 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39, 0x34, 0x35, 0x35, 0x32,
-0x38, 0x32, 0x37, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
-0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04,
-0x83, 0xe5, 0x81, 0x19, 0xd9, 0xfa, 0x64, 0x40, 0xad, 0x7c, 0x93, 0xfc, 0x15, 0x90, 0x6b,
-0x38, 0x1e, 0xc5, 0xca, 0xb1, 0x6b, 0x0b, 0x1f, 0x64, 0xbf, 0x48, 0xaa, 0xd0, 0x91, 0x5c,
-0x24, 0xd6, 0x78, 0x40, 0xfd, 0x95, 0x5d, 0x54, 0x64, 0xe1, 0x2d, 0x0e, 0x98, 0x66, 0x1d,
-0x7a, 0xb0, 0x61, 0x17, 0x05, 0x26, 0x13, 0x63, 0x25, 0x7c, 0xda, 0x87, 0x11, 0xc9, 0x67,
-0xcd, 0x12, 0x05, 0xf0, 0x16, 0x2f, 0x1b, 0x01, 0x03, 0x1c, 0x2a, 0x07, 0x28, 0x08, 0x05,
-0x65, 0x63, 0x64, 0x73, 0x61, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b,
-0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39, 0x34, 0x35, 0x35, 0x32, 0x38, 0x32, 0x37, 0x08,
-0x07, 0x49, 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0x47, 0x30, 0x45, 0x02, 0x21, 0x00,
-0x9b, 0xae, 0xf4, 0x87, 0x55, 0xaa, 0x78, 0xbf, 0x00, 0xff, 0x1a, 0xbe, 0x90, 0x46, 0x6e,
-0xdd, 0xe6, 0x3b, 0x44, 0xfd, 0x41, 0x04, 0x86, 0xcc, 0x6a, 0x8b, 0x5a, 0x25, 0xbb, 0xf1,
-0x55, 0xcd, 0x02, 0x20, 0x0e, 0x67, 0xd8, 0x86, 0xe8, 0x7c, 0x90, 0x3c, 0x13, 0xfd, 0x36,
-0x9c, 0xbc, 0xa1, 0xc3, 0x7c, 0xe0, 0x0c, 0x6d, 0x64, 0xac, 0xdb, 0x69, 0x99, 0xde, 0x80,
-0x35, 0x3f, 0xf4, 0x6a, 0xcd, 0x6f
-};
-
-const std::string SELF_SIGNED_ECDSA_CERT_INFO =
-"Certificate name:\n"
-" /ecdsa/KEY/ksk-1416594552827/ID-CERT/%FD%00%00%01I%D3%9Dx%00\n"
-"Validity:\n"
-" NotBefore: 20141121T182912\n"
-" NotAfter: 20341116T182912\n"
-"Subject Description:\n"
-" 2.5.4.41: /ecdsa/ksk-1416594552827\n"
-"Public key bits: (ECDSA)\n"
-" MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEg+WBGdn6ZECtfJP8FZBrOB7FyrFr\n"
-" Cx9kv0iq0JFcJNZ4QP2VXVRk4S0OmGYderBhFwUmE2MlfNqHEclnzRIF\n"
-"Signature Information:\n"
-" Signature Type: SignatureSha256WithEcdsa\n"
-" Key Locator: (Self-Signed) /ecdsa/KEY/ksk-1416594552827/ID-CERT\n";
-
-const uint8_t RSA_CERT[] = {
-0x06, 0xfd, 0x02, 0xd7, 0x07, 0x38, 0x08, 0x03, 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45,
-0x59, 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
-0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x07, 0x49,
-0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xc9, 0x8b,
-0x2e, 0x73, 0x14, 0x03, 0x18, 0x01, 0x02, 0x15, 0xfd, 0x01, 0x61, 0x30, 0x82, 0x01, 0x5d,
-0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31, 0x31, 0x31, 0x39, 0x31, 0x39, 0x33,
-0x33, 0x30, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x35, 0x31, 0x31, 0x31, 0x39, 0x31,
-0x39, 0x33, 0x33, 0x30, 0x32, 0x5a, 0x30, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x29,
-0x13, 0x0a, 0x2f, 0x6e, 0x64, 0x6e, 0x2f, 0x73, 0x69, 0x74, 0x65, 0x31, 0x30, 0x82, 0x01,
-0x20, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
-0x00, 0x03, 0x82, 0x01, 0x0d, 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00,
-0xb6, 0x54, 0x7e, 0xe8, 0xf2, 0x91, 0x7d, 0xc1, 0x6d, 0xcb, 0x25, 0x44, 0x97, 0x90, 0xdc,
-0x78, 0x15, 0x0e, 0xef, 0xb5, 0xe7, 0xfd, 0x09, 0x2c, 0xf8, 0xd5, 0x9c, 0x2f, 0xe5, 0xa6,
-0xae, 0x9d, 0x7e, 0x95, 0x2d, 0xfc, 0xc7, 0xc3, 0x43, 0x46, 0xb0, 0x6f, 0x53, 0xcd, 0xcd,
-0x6a, 0x29, 0x1d, 0x95, 0xa1, 0x62, 0xcd, 0xa9, 0xf2, 0xf8, 0xe2, 0xfa, 0x8b, 0x5d, 0xfe,
-0xa1, 0x2b, 0x15, 0x3f, 0x7f, 0x71, 0xe6, 0x3e, 0xb9, 0xb1, 0x29, 0xd1, 0x22, 0x6f, 0x56,
-0xdf, 0xb6, 0x85, 0xaf, 0xd4, 0xb3, 0x67, 0x8b, 0x94, 0xb8, 0x83, 0xcb, 0x72, 0x86, 0xc4,
-0xf2, 0x86, 0xb2, 0x7c, 0x94, 0xbc, 0x38, 0x7b, 0x8c, 0x92, 0x86, 0x36, 0x83, 0x0e, 0x11,
-0x8c, 0x95, 0x49, 0xff, 0xcc, 0x16, 0x62, 0xdb, 0x55, 0x40, 0x7f, 0xc8, 0x8d, 0xe4, 0x3f,
-0x87, 0x02, 0x87, 0xaf, 0xf6, 0x2f, 0x8a, 0x7d, 0x74, 0x10, 0xd3, 0xbb, 0xa3, 0xfe, 0x5a,
-0x7b, 0x8f, 0x56, 0x09, 0x8b, 0x49, 0x46, 0x9f, 0x7d, 0x55, 0xa3, 0x4a, 0xe8, 0x22, 0x7b,
-0x80, 0x8a, 0x6f, 0xde, 0x9f, 0xfb, 0x2f, 0xeb, 0xf7, 0x29, 0x8a, 0x38, 0x67, 0x41, 0xae,
-0x21, 0x7a, 0xe3, 0x7b, 0x96, 0x1a, 0x90, 0x35, 0x7d, 0x04, 0xaa, 0x4d, 0x9f, 0xe6, 0xd6,
-0x00, 0x17, 0x4e, 0x02, 0x34, 0x6c, 0x56, 0x3a, 0x81, 0x3c, 0xb4, 0x7f, 0x98, 0x48, 0x22,
-0xa0, 0x9f, 0x53, 0x35, 0xf9, 0x4e, 0xae, 0x8f, 0xc3, 0xfa, 0x0b, 0x93, 0xd4, 0x55, 0x78,
-0x05, 0xb0, 0x40, 0x44, 0x48, 0x74, 0xb7, 0x9b, 0x2d, 0x65, 0xf0, 0x3d, 0x2e, 0x87, 0x2b,
-0x48, 0x29, 0x12, 0x85, 0xf0, 0xaf, 0xc4, 0xdc, 0x73, 0xce, 0x18, 0x8b, 0xd9, 0x4c, 0x60,
-0x15, 0x51, 0xae, 0x47, 0x1e, 0x2b, 0x54, 0xde, 0xf6, 0xba, 0x77, 0x30, 0x5d, 0x68, 0x9a,
-0xfb, 0x02, 0x01, 0x11, 0x16, 0x2d, 0x1b, 0x01, 0x01, 0x1c, 0x28, 0x07, 0x26, 0x08, 0x03,
-0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
-0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x32, 0x39, 0x35, 0x35, 0x34, 0x36, 0x08, 0x07, 0x49,
-0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0xfd, 0x01, 0x00, 0x26, 0x40, 0xbc, 0xf0, 0x28,
-0x12, 0x69, 0x94, 0x11, 0x13, 0xff, 0x47, 0x2c, 0x6b, 0x12, 0xdd, 0xfa, 0x60, 0x92, 0xe9,
-0x59, 0x10, 0x98, 0xd8, 0x11, 0x2a, 0xf0, 0x25, 0xb0, 0x03, 0xb2, 0xda, 0xd3, 0xb6, 0xa9,
-0xfb, 0x8b, 0xc3, 0x6f, 0xfb, 0xb4, 0x93, 0x9b, 0x24, 0x9f, 0x7e, 0x63, 0x8a, 0x37, 0xea,
-0x88, 0x74, 0xac, 0x0c, 0x04, 0x5b, 0xa2, 0x39, 0x0c, 0xa1, 0x9e, 0x0e, 0xa2, 0xd6, 0x74,
-0xca, 0xc4, 0x92, 0x64, 0x9f, 0xc2, 0x68, 0x56, 0xef, 0xc5, 0x11, 0xe8, 0x7a, 0xf3, 0x21,
-0xde, 0x88, 0x40, 0x70, 0x2b, 0x44, 0xe0, 0xcb, 0x3b, 0x33, 0xc6, 0x53, 0x65, 0x70, 0x56,
-0x08, 0xe2, 0x22, 0x70, 0x9e, 0xe0, 0x38, 0x18, 0xa8, 0x7c, 0x7d, 0x09, 0x15, 0xac, 0xf1,
-0x44, 0x63, 0x5d, 0xd5, 0x59, 0xf4, 0xeb, 0x60, 0x6c, 0x6e, 0x77, 0x36, 0x20, 0x2a, 0xe2,
-0xd1, 0x2d, 0xa1, 0x7d, 0xd4, 0x6d, 0x29, 0x2d, 0x88, 0xde, 0x9e, 0xf8, 0x64, 0x41, 0x6a,
-0xeb, 0x9f, 0x3b, 0x52, 0x06, 0xb1, 0x94, 0x09, 0x3b, 0xc9, 0xba, 0xa0, 0x05, 0x31, 0x2d,
-0x49, 0x17, 0x5b, 0xc1, 0x62, 0xf5, 0x19, 0xce, 0x27, 0x7b, 0xe8, 0x4b, 0xeb, 0x80, 0x36,
-0xf3, 0xd7, 0xe9, 0x59, 0x22, 0x50, 0x5a, 0x14, 0xb0, 0x1a, 0xa5, 0x6b, 0x33, 0xb2, 0x83,
-0x72, 0x11, 0xf4, 0xd5, 0xd2, 0x32, 0x93, 0x94, 0xb6, 0x8d, 0xed, 0xcd, 0xce, 0x54, 0x79,
-0xe8, 0xc3, 0x3c, 0xa8, 0xc6, 0x71, 0xa7, 0x61, 0xba, 0x70, 0x44, 0x94, 0xc9, 0xfc, 0xd0,
-0x20, 0x00, 0x87, 0xdc, 0xf3, 0x3c, 0x47, 0x1b, 0x4f, 0x91, 0x4c, 0xc7, 0x49, 0xb7, 0xe4,
-0xe3, 0x84, 0xb7, 0x82, 0x52, 0xec, 0x91, 0xa9, 0x28, 0x38, 0x2d, 0x48, 0x89, 0xc7, 0xcf,
-0xfa, 0x63, 0x0b, 0xf0, 0x62, 0x51, 0xac, 0xe9, 0xdb, 0xfd, 0x1c
-};
-
-const std::string RSA_CERT_INFO =
-"Certificate name:\n"
-" /ndn/KEY/site1/ksk-1416425377094/ID-CERT/%FD%00%00%01I%C9%8B.s\n"
-"Validity:\n"
-" NotBefore: 20141119T193302\n"
-" NotAfter: 20151119T193302\n"
-"Subject Description:\n"
-" 2.5.4.41: /ndn/site1\n"
-"Public key bits: (RSA)\n"
-" MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAtlR+6PKRfcFtyyVEl5Dc\n"
-" eBUO77Xn/Qks+NWcL+Wmrp1+lS38x8NDRrBvU83NaikdlaFizany+OL6i13+oSsV\n"
-" P39x5j65sSnRIm9W37aFr9SzZ4uUuIPLcobE8oayfJS8OHuMkoY2gw4RjJVJ/8wW\n"
-" YttVQH/IjeQ/hwKHr/Yvin10ENO7o/5ae49WCYtJRp99VaNK6CJ7gIpv3p/7L+v3\n"
-" KYo4Z0GuIXrje5YakDV9BKpNn+bWABdOAjRsVjqBPLR/mEgioJ9TNflOro/D+guT\n"
-" 1FV4BbBAREh0t5stZfA9LocrSCkShfCvxNxzzhiL2UxgFVGuRx4rVN72uncwXWia\n"
-" +wIB\n"
-"Signature Information:\n"
-" Signature Type: SignatureSha256WithRsa\n"
-" Key Locator: (Name) /ndn/KEY/ksk-1416425295546/ID-CERT\n";
-
-BOOST_AUTO_TEST_CASE(Decode)
-{
- ndn::Data data("/tmp");
- data.setContent(REAL_CERT, sizeof(REAL_CERT));
-
- ndn::Certificate certificate(data);
-
- std::ostringstream os;
- os << certificate;
- std::string info(os.str());
-
- BOOST_CHECK_EQUAL(REAL_CERT_INFO, info);
-
-
- ndn::Block selfSignedCertBlock(SELF_SIGNED_ECDSA_CERT, sizeof(SELF_SIGNED_ECDSA_CERT));
- ndn::Certificate selfSignedCert;
- selfSignedCert.wireDecode(selfSignedCertBlock);
-
- std::ostringstream selfSignedCertOs;
- selfSignedCertOs << selfSignedCert;
- std::string selfSignedCertInfo(selfSignedCertOs.str());
-
- BOOST_CHECK_EQUAL(SELF_SIGNED_ECDSA_CERT_INFO, selfSignedCertInfo);
-
-
- ndn::Block rsaCertBlock(RSA_CERT, sizeof(RSA_CERT));
- ndn::Certificate rsaCert;
- rsaCert.wireDecode(rsaCertBlock);
-
- std::ostringstream rsaCertOs;
- rsaCertOs << rsaCert;
- std::string rsaCertInfo(rsaCertOs.str());
-
- BOOST_CHECK_EQUAL(RSA_CERT_INFO, rsaCertInfo);
-}
-
-const uint8_t WRONG_CERT[] = { // first byte is wrong and an error will be thrown out
-0x31, 0x82, 0x01, 0x63, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x31, 0x30,
-0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31,
-0x31, 0x30, 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x30, 0x19, 0x30, 0x17, 0x06,
-0x03, 0x55, 0x04, 0x29, 0x13, 0x10, 0x4e, 0x44, 0x4e, 0x20, 0x54, 0x65, 0x73, 0x74, 0x62,
-0x65, 0x64, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09,
-0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0d,
-0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd3, 0xac, 0x7e, 0x7a, 0x5c,
-0x33, 0x58, 0x21, 0xda, 0xe0, 0x8d, 0xdb, 0xca, 0xb6, 0x02, 0x30, 0x02, 0x15, 0xc5, 0x0a,
-0x51, 0x54, 0xbb, 0x8e, 0x5e, 0x9d, 0x21, 0xf8, 0x14, 0xbe, 0xe4, 0x63, 0x60, 0x31, 0x53,
-0xe2, 0xef, 0xee, 0x34, 0xa3, 0x8c, 0xd2, 0x24, 0x6f, 0xa4, 0x89, 0x4f, 0x02, 0x20, 0x7d,
-0x66, 0xb6, 0x3f, 0x11, 0x40, 0x0c, 0xc1, 0x5f, 0xd8, 0x45, 0x23, 0x95, 0x40, 0xc8, 0xe0,
-0xbc, 0x9d, 0x2f, 0x03, 0xf1, 0x83, 0x9f, 0x07, 0x0b, 0x76, 0xc9, 0x10, 0xd9, 0x3e, 0x0b,
-0x75, 0x13, 0x93, 0xe9, 0xc9, 0x85, 0x01, 0x88, 0x36, 0x2e, 0xab, 0xfc, 0xe6, 0x24, 0x32,
-0xfc, 0xc6, 0x3c, 0x40, 0x97, 0x1a, 0xcc, 0xcd, 0x53, 0xaa, 0x0f, 0xfb, 0xa3, 0xfe, 0xf9,
-0x24, 0x70, 0x13, 0x3f, 0x4f, 0x5b, 0x7d, 0x43, 0xaa, 0x75, 0x0a, 0x94, 0x72, 0xab, 0xe1,
-0x8c, 0x45, 0xb5, 0x78, 0x10, 0x01, 0xef, 0x1f, 0xb3, 0x05, 0x6f, 0xa6, 0xc3, 0xac, 0x7f,
-0x6d, 0xf0, 0x31, 0xc4, 0x83, 0xb3, 0x4f, 0x50, 0x26, 0x92, 0x40, 0x1a, 0xdd, 0xec, 0xfb,
-0xcb, 0xef, 0x63, 0xfe, 0x41, 0xd8, 0x8d, 0x1f, 0xdc, 0xec, 0xfc, 0x48, 0x95, 0xcc, 0x09,
-0x1e, 0x30, 0x6e, 0x22, 0x9e, 0x24, 0x97, 0x2e, 0xe6, 0x0c, 0xdf, 0x3d, 0x20, 0x32, 0xaa,
-0x9c, 0xc9, 0x45, 0x14, 0xaf, 0xaa, 0xf5, 0x17, 0xd2, 0x01, 0x98, 0x33, 0xbe, 0x2a, 0x9f,
-0x7b, 0x9d, 0x98, 0x7c, 0x54, 0x22, 0xfe, 0x72, 0x72, 0x04, 0xc3, 0x2c, 0xc0, 0x14, 0x0b,
-0xa9, 0x40, 0x7e, 0x46, 0xa1, 0x75, 0x16, 0x1a, 0x27, 0x9e, 0xf2, 0x82, 0x96, 0xc0, 0x7d,
-0xaf, 0x18, 0x75, 0xfb, 0xbb, 0xab, 0x16, 0x66, 0xc0, 0xa9, 0xd7, 0x93, 0x4c, 0x48, 0x6d,
-0xce, 0x0b, 0x88, 0xd4, 0x21, 0x93, 0x84, 0x89, 0x55, 0x05, 0xd5, 0x02, 0x01, 0x11
-};
-
-BOOST_AUTO_TEST_CASE(DecodeError)
-{
- ndn::Data data("/tmp");
- data.setContent(WRONG_CERT, sizeof(WRONG_CERT));
-
- BOOST_CHECK_THROW(ndn::Certificate certificate(data), Certificate::Error);
-}
-
-
-BOOST_AUTO_TEST_SUITE_END()
-
-} // namespace ndn
diff --git a/tests/unit-tests/security/conf/checker.t.cpp b/tests/unit-tests/security/conf/checker.t.cpp
index ba18323..fddfb83 100644
--- a/tests/unit-tests/security/conf/checker.t.cpp
+++ b/tests/unit-tests/security/conf/checker.t.cpp
@@ -363,12 +363,12 @@
Name identity("/SecurityTestConfChecker/FixedSignerCheckerTest1");
BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> cert1 = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> cert1 = m_keyChain.getCertificate(certName);
Name identity2("/SecurityTestConfChecker/FixedSignerCheckerTest1Wrong");
BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
- shared_ptr<IdentityCertificate> cert2 = m_keyChain.getCertificate(certName2);
+ shared_ptr<v1::IdentityCertificate> cert2 = m_keyChain.getCertificate(certName2);
Name packetName("/Test/Data");
@@ -382,10 +382,10 @@
security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
identity2));
- std::vector<shared_ptr<IdentityCertificate> > certSet1;
+ std::vector<shared_ptr<v1::IdentityCertificate> > certSet1;
certSet1.push_back(cert1);
- std::vector<shared_ptr<IdentityCertificate> > certSet2;
+ std::vector<shared_ptr<v1::IdentityCertificate> > certSet2;
certSet2.push_back(cert2);
diff --git a/tests/unit-tests/security/digest-sha256.t.cpp b/tests/unit-tests/security/digest-sha256.t.cpp
index f6e2eb0..67b6730 100644
--- a/tests/unit-tests/security/digest-sha256.t.cpp
+++ b/tests/unit-tests/security/digest-sha256.t.cpp
@@ -39,7 +39,7 @@
using namespace CryptoPP;
char content[6] = "1234\n";
- ConstBufferPtr buf = crypto::sha256(reinterpret_cast<uint8_t*>(content), 5);
+ ConstBufferPtr buf = crypto::computeSha256Digest(reinterpret_cast<uint8_t*>(content), 5);
BOOST_CHECK_EQUAL(SHA256_RESULT, toHex(buf->buf(), buf->size(), false));
}
diff --git a/tests/unit-tests/security/dummy-keychain.cpp b/tests/unit-tests/security/dummy-keychain.cpp
index 27eccb2..524fc0c 100644
--- a/tests/unit-tests/security/dummy-keychain.cpp
+++ b/tests/unit-tests/security/dummy-keychain.cpp
@@ -105,20 +105,20 @@
}
void
-DummyPublicInfo::addKey(const Name& keyName, const PublicKey& publicKey)
+DummyPublicInfo::addKey(const Name& keyName, const v1::PublicKey& publicKey)
{
}
-shared_ptr<PublicKey>
+shared_ptr<v1::PublicKey>
DummyPublicInfo::getPublicKey(const Name& keyName)
{
- static shared_ptr<PublicKey> publicKey = nullptr;
+ static shared_ptr<v1::PublicKey> publicKey = nullptr;
if (publicKey == nullptr) {
typedef boost::iostreams::stream<boost::iostreams::array_source> arrayStream;
arrayStream
is(reinterpret_cast<const char*>(DUMMY_CERT), sizeof(DUMMY_CERT));
- auto cert = io::load<IdentityCertificate>(is, io::NO_ENCODING);
- publicKey = make_shared<PublicKey>(cert->getPublicKeyInfo());
+ auto cert = io::load<v1::IdentityCertificate>(is, io::NO_ENCODING);
+ publicKey = make_shared<v1::PublicKey>(cert->getPublicKeyInfo());
}
return publicKey;
@@ -137,19 +137,19 @@
}
void
-DummyPublicInfo::addCertificate(const IdentityCertificate& certificate)
+DummyPublicInfo::addCertificate(const v1::IdentityCertificate& certificate)
{
}
-shared_ptr<IdentityCertificate>
+shared_ptr<v1::IdentityCertificate>
DummyPublicInfo::getCertificate(const Name& certificateName)
{
- static shared_ptr<IdentityCertificate> cert = nullptr;
+ static shared_ptr<v1::IdentityCertificate> cert = nullptr;
if (cert == nullptr) {
typedef boost::iostreams::stream<boost::iostreams::array_source> arrayStream;
arrayStream
is(reinterpret_cast<const char*>(DUMMY_CERT), sizeof(DUMMY_CERT));
- cert = io::load<IdentityCertificate>(is, io::BASE_64);
+ cert = io::load<v1::IdentityCertificate>(is, io::BASE_64);
}
return cert;
@@ -316,7 +316,7 @@
{
}
-shared_ptr<PublicKey>
+shared_ptr<v1::PublicKey>
DummyTpm::getPublicKeyFromTpm(const Name& keyName)
{
return nullptr;
diff --git a/tests/unit-tests/security/dummy-keychain.hpp b/tests/unit-tests/security/dummy-keychain.hpp
index 5c95edf..7d5682e 100644
--- a/tests/unit-tests/security/dummy-keychain.hpp
+++ b/tests/unit-tests/security/dummy-keychain.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -46,9 +46,9 @@
doesPublicKeyExist(const Name& keyName);
virtual void
- addKey(const Name& keyName, const PublicKey& publicKey);
+ addKey(const Name& keyName, const v1::PublicKey& publicKey);
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKey(const Name& keyName);
virtual KeyType
@@ -58,9 +58,9 @@
doesCertificateExist(const Name& certificateName);
virtual void
- addCertificate(const IdentityCertificate& certificate);
+ addCertificate(const v1::IdentityCertificate& certificate);
- virtual shared_ptr<IdentityCertificate>
+ virtual shared_ptr<v1::IdentityCertificate>
getCertificate(const Name& certificateName);
virtual Name
@@ -155,7 +155,7 @@
virtual void
deleteKeyPairInTpm(const Name& keyName);
- virtual shared_ptr<PublicKey>
+ virtual shared_ptr<v1::PublicKey>
getPublicKeyFromTpm(const Name& keyName);
virtual Block
diff --git a/tests/unit-tests/security/key-chain.t.cpp b/tests/unit-tests/security/key-chain.t.cpp
index 5d8195a..eff1ab3 100644
--- a/tests/unit-tests/security/key-chain.t.cpp
+++ b/tests/unit-tests/security/key-chain.t.cpp
@@ -181,11 +181,11 @@
identity.appendVersion();
addIdentity(identity);
- std::vector<CertificateSubjectDescription> subjectDescription;
+ std::vector<v1::CertificateSubjectDescription> subjectDescription;
Name lowerIdentity = identity;
lowerIdentity.append("Lower").appendVersion();
Name lowerKeyName = m_keyChain.generateRsaKeyPair(lowerIdentity, true);
- shared_ptr<IdentityCertificate> idCert =
+ shared_ptr<v1::IdentityCertificate> idCert =
m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
@@ -195,7 +195,7 @@
Name().append(identity).append("KEY").append("Lower"));
BOOST_CHECK(idCert->getFreshnessPeriod() >= time::milliseconds::zero());
- shared_ptr<IdentityCertificate> idCert11 =
+ shared_ptr<v1::IdentityCertificate> idCert11 =
m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
@@ -208,7 +208,7 @@
Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
anotherIdentity.appendVersion();
Name anotherKeyName = m_keyChain.generateRsaKeyPair(anotherIdentity, true);
- shared_ptr<IdentityCertificate> idCert2 =
+ shared_ptr<v1::IdentityCertificate> idCert2 =
m_keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
@@ -218,7 +218,7 @@
Name wrongKeyName1;
- shared_ptr<IdentityCertificate> idCert3 =
+ shared_ptr<v1::IdentityCertificate> idCert3 =
m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
@@ -227,7 +227,7 @@
Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
- shared_ptr<IdentityCertificate> idCert4 =
+ shared_ptr<v1::IdentityCertificate> idCert4 =
m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
@@ -236,7 +236,7 @@
Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
- shared_ptr<IdentityCertificate> idCert5 =
+ shared_ptr<v1::IdentityCertificate> idCert5 =
m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
@@ -252,11 +252,11 @@
Name certName1;
BOOST_REQUIRE_NO_THROW(certName1 = m_keyChain.createIdentity(identity));
- Name keyName1 = IdentityCertificate::certificateNameToPublicKeyName(certName1);
+ Name keyName1 = v1::IdentityCertificate::certificateNameToPublicKeyName(certName1);
Name keyName2;
BOOST_REQUIRE_NO_THROW(keyName2 = m_keyChain.generateRsaKeyPairAsDefault(identity));
- shared_ptr<IdentityCertificate> cert2;
+ shared_ptr<v1::IdentityCertificate> cert2;
BOOST_REQUIRE_NO_THROW(cert2 = m_keyChain.selfSign(keyName2));
Name certName2 = cert2->getName();
BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert2));
@@ -264,15 +264,15 @@
Name keyName3;
BOOST_REQUIRE_NO_THROW(keyName3 = m_keyChain.generateRsaKeyPairAsDefault(identity));
- shared_ptr<IdentityCertificate> cert3;
+ shared_ptr<v1::IdentityCertificate> cert3;
BOOST_REQUIRE_NO_THROW(cert3 = m_keyChain.selfSign(keyName3));
Name certName3 = cert3->getName();
BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert3));
- shared_ptr<IdentityCertificate> cert4;
+ shared_ptr<v1::IdentityCertificate> cert4;
BOOST_REQUIRE_NO_THROW(cert4 = m_keyChain.selfSign(keyName3));
Name certName4 = cert4->getName();
BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert4));
- shared_ptr<IdentityCertificate> cert5;
+ shared_ptr<v1::IdentityCertificate> cert5;
BOOST_REQUIRE_NO_THROW(cert5 = m_keyChain.selfSign(keyName3));
Name certName5 = cert5->getName();
BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert5));
@@ -328,13 +328,13 @@
{
Name id("/id");
Name certName = m_keyChain.createIdentity(id);
- shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
Name keyName = idCert->getPublicKeyName();
m_keyChain.setDefaultIdentity(id);
Name id2("/id2");
Name cert2Name = m_keyChain.createIdentity(id2);
- shared_ptr<IdentityCertificate> id2Cert = m_keyChain.getCertificate(cert2Name);
+ shared_ptr<v1::IdentityCertificate> id2Cert = m_keyChain.getCertificate(cert2Name);
// SigningInfo is set to default
Data data1("/data1");
diff --git a/tests/unit-tests/security/key.t.cpp b/tests/unit-tests/security/key.t.cpp
index 27db02c..681c43c 100644
--- a/tests/unit-tests/security/key.t.cpp
+++ b/tests/unit-tests/security/key.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -74,7 +74,7 @@
BOOST_REQUIRE_NO_THROW(key11.setDefaultCertificate(id1Key1Cert1));
BOOST_REQUIRE_NO_THROW(key11.getDefaultCertificate());
- const IdentityCertificate& defaultCert = key11.getDefaultCertificate();
+ const v1::IdentityCertificate& defaultCert = key11.getDefaultCertificate();
BOOST_CHECK_EQUAL_COLLECTIONS(defaultCert.wireEncode().wire(),
defaultCert.wireEncode().wire() + defaultCert.wireEncode().size(),
id1Key1Cert1.wireEncode().wire(),
diff --git a/tests/unit-tests/security/pib-data-fixture.hpp b/tests/unit-tests/security/pib-data-fixture.hpp
index 2f43113..04db21d 100644
--- a/tests/unit-tests/security/pib-data-fixture.hpp
+++ b/tests/unit-tests/security/pib-data-fixture.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,7 +22,7 @@
#ifndef NDN_TESTS_PIB_DATA_FIXTURE_HPP
#define NDN_TESTS_PIB_DATA_FIXTURE_HPP
-#include "security/identity-certificate.hpp"
+#include "security/v1/identity-certificate.hpp"
#include "boost-test.hpp"
@@ -43,19 +43,19 @@
Name id2Key1Name;
Name id2Key2Name;
- PublicKey id1Key1;
- PublicKey id1Key2;
- PublicKey id2Key1;
- PublicKey id2Key2;
+ v1::PublicKey id1Key1;
+ v1::PublicKey id1Key2;
+ v1::PublicKey id2Key1;
+ v1::PublicKey id2Key2;
- IdentityCertificate id1Key1Cert1;
- IdentityCertificate id1Key1Cert2;
- IdentityCertificate id1Key2Cert1;
- IdentityCertificate id1Key2Cert2;
- IdentityCertificate id2Key1Cert1;
- IdentityCertificate id2Key1Cert2;
- IdentityCertificate id2Key2Cert1;
- IdentityCertificate id2Key2Cert2;
+ v1::IdentityCertificate id1Key1Cert1;
+ v1::IdentityCertificate id1Key1Cert2;
+ v1::IdentityCertificate id1Key2Cert1;
+ v1::IdentityCertificate id1Key2Cert2;
+ v1::IdentityCertificate id2Key1Cert1;
+ v1::IdentityCertificate id2Key1Cert2;
+ v1::IdentityCertificate id2Key2Cert1;
+ v1::IdentityCertificate id2Key2Cert2;
};
} // namespace security
diff --git a/tests/unit-tests/security/pib-impl.t.cpp b/tests/unit-tests/security/pib-impl.t.cpp
index 4c01033..40de0f2 100644
--- a/tests/unit-tests/security/pib-impl.t.cpp
+++ b/tests/unit-tests/security/pib-impl.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -119,7 +119,7 @@
pibImpl.addKey(id1, id1Key1Name.get(-1), id1Key1);
BOOST_CHECK_EQUAL(pibImpl.hasKey(id1, id1Key1Name.get(-1)), true);
BOOST_CHECK_EQUAL(pibImpl.hasIdentity(id1), true);
- const PublicKey& keyBits = pibImpl.getKeyBits(id1, id1Key1Name.get(-1));
+ const v1::PublicKey& keyBits = pibImpl.getKeyBits(id1, id1Key1Name.get(-1));
BOOST_CHECK_EQUAL_COLLECTIONS(keyBits.get().buf(), keyBits.get().buf() + keyBits.get().size(),
id1Key1.get().buf(), id1Key1.get().buf() + id1Key1.get().size());
BOOST_CHECK_NO_THROW(pibImpl.getDefaultKeyOfIdentity(id1));
@@ -179,7 +179,7 @@
BOOST_CHECK_EQUAL(pibImpl.hasCertificate(id1Key1Cert1.getName()), true);
BOOST_CHECK_EQUAL(pibImpl.hasIdentity(id1), true);
BOOST_CHECK_EQUAL(pibImpl.hasKey(id1, id1Key1Name.get(-1)), true);
- const IdentityCertificate& cert = pibImpl.getCertificate(id1Key1Cert1.getName());
+ const v1::IdentityCertificate& cert = pibImpl.getCertificate(id1Key1Cert1.getName());
BOOST_CHECK_EQUAL_COLLECTIONS(cert.wireEncode().wire(),
cert.wireEncode().wire() + cert.wireEncode().size(),
id1Key1Cert1.wireEncode().wire(),
diff --git a/tests/unit-tests/security/pib-sqlite3.t.cpp b/tests/unit-tests/security/pib-sqlite3.t.cpp
index 52d5ff1..3ae16cb 100644
--- a/tests/unit-tests/security/pib-sqlite3.t.cpp
+++ b/tests/unit-tests/security/pib-sqlite3.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -84,8 +84,8 @@
BOOST_AUTO_TEST_CASE(TpmTest)
{
- ndn::Block selfSignedCertBlock(SELF_SIGNED_ECDSA_CERT, sizeof(SELF_SIGNED_ECDSA_CERT));
- ndn::IdentityCertificate cert;
+ Block selfSignedCertBlock(SELF_SIGNED_ECDSA_CERT, sizeof(SELF_SIGNED_ECDSA_CERT));
+ v1::IdentityCertificate cert;
cert.wireDecode(selfSignedCertBlock);
Name identity = cert.getPublicKeyName().getPrefix(-1);
name::Component keyId = cert.getPublicKeyName().get(-1);
diff --git a/tests/unit-tests/security/sec-public-info-sqlite3.t.cpp b/tests/unit-tests/security/sec-public-info-sqlite3.t.cpp
index b57747c..aa2a748 100644
--- a/tests/unit-tests/security/sec-public-info-sqlite3.t.cpp
+++ b/tests/unit-tests/security/sec-public-info-sqlite3.t.cpp
@@ -21,7 +21,7 @@
#include "security/sec-public-info-sqlite3.hpp"
#include "security/key-chain.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "encoding/buffer-stream.hpp"
#include "util/time.hpp"
@@ -30,6 +30,7 @@
#include "boost-test.hpp"
namespace ndn {
+namespace security {
namespace tests {
class PibTmpPathFixture
@@ -104,9 +105,8 @@
StringSource ss(reinterpret_cast<const uint8_t*>(RSA_DER.c_str()), RSA_DER.size(),
true, new Base64Decoder(new FileSink(os)));
- shared_ptr<PublicKey> rsaKey;
- BOOST_REQUIRE_NO_THROW(rsaKey = shared_ptr<PublicKey>(new PublicKey(os.buf()->buf(),
- os.buf()->size())));
+ shared_ptr<v1::PublicKey> rsaKey;
+ BOOST_REQUIRE_NO_THROW(rsaKey = make_shared<v1::PublicKey>(os.buf()->buf(), os.buf()->size()));
Name rsaKeyName("/TestSecPublicInfoSqlite3/KeyType/RSA/ksk-123");
SecPublicInfoSqlite3 pib;
pib.addKey(rsaKeyName, *rsaKey);
@@ -124,9 +124,8 @@
StringSource ss(reinterpret_cast<const uint8_t*>(ECDSA_DER.c_str()), ECDSA_DER.size(),
true, new Base64Decoder(new FileSink(os)));
- shared_ptr<PublicKey> ecdsaKey;
- BOOST_REQUIRE_NO_THROW(ecdsaKey = shared_ptr<PublicKey>(new PublicKey(os.buf()->buf(),
- os.buf()->size())));
+ shared_ptr<v1::PublicKey> ecdsaKey;
+ BOOST_REQUIRE_NO_THROW(ecdsaKey = make_shared<v1::PublicKey>(os.buf()->buf(), os.buf()->size()));
Name ecdsaKeyName("/TestSecPublicInfoSqlite3/KeyType/ECDSA/ksk-123");
SecPublicInfoSqlite3 pib;
pib.addKey(ecdsaKeyName, *ecdsaKey);
@@ -147,4 +146,5 @@
BOOST_AUTO_TEST_SUITE_END()
} // namespace tests
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/security/sec-tpm-file.t.cpp b/tests/unit-tests/security/sec-tpm-file.t.cpp
index ca73c70..56f8ba7 100644
--- a/tests/unit-tests/security/sec-tpm-file.t.cpp
+++ b/tests/unit-tests/security/sec-tpm-file.t.cpp
@@ -21,7 +21,7 @@
#include "security/sec-tpm-file.hpp"
#include "security/key-chain.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "util/time.hpp"
@@ -30,6 +30,7 @@
#include "boost-test.hpp"
namespace ndn {
+namespace security {
namespace tests {
BOOST_AUTO_TEST_SUITE(SecuritySecTpmFile)
@@ -67,7 +68,7 @@
Block sigBlock;
BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
keyName, DigestAlgorithm::SHA256));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
try
@@ -169,7 +170,7 @@
BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
@@ -258,7 +259,7 @@
BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
keyName, DigestAlgorithm::SHA256));
- shared_ptr<PublicKey> pubkeyPtr;
+ shared_ptr<v1::PublicKey> pubkeyPtr;
BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
try
@@ -320,7 +321,7 @@
BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
@@ -406,4 +407,5 @@
BOOST_AUTO_TEST_SUITE_END()
} // namespace tests
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/security/sec-tpm-osx.t.cpp b/tests/unit-tests/security/sec-tpm-osx.t.cpp
index ee9f96b..6bb283a 100644
--- a/tests/unit-tests/security/sec-tpm-osx.t.cpp
+++ b/tests/unit-tests/security/sec-tpm-osx.t.cpp
@@ -20,7 +20,7 @@
*/
#include "security/sec-tpm-osx.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "util/time.hpp"
@@ -30,6 +30,7 @@
#include "boost-test.hpp"
namespace ndn {
+namespace security {
namespace tests {
class OsxKeyChainTestFixture
@@ -100,7 +101,7 @@
BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
keyName, DigestAlgorithm::SHA256));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
try
{
@@ -168,7 +169,7 @@
ConstBufferPtr exported;
BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
BOOST_REQUIRE_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
tpm.deleteKeyPairInTpm(keyName);
@@ -253,7 +254,7 @@
BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
keyName, DigestAlgorithm::SHA256));
- shared_ptr<PublicKey> pubkeyPtr;
+ shared_ptr<v1::PublicKey> pubkeyPtr;
BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
try
@@ -303,7 +304,7 @@
ConstBufferPtr exported;
BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<v1::PublicKey> publicKey;
BOOST_REQUIRE_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
tpm.deleteKeyPairInTpm(keyName);
@@ -362,4 +363,5 @@
BOOST_AUTO_TEST_SUITE_END()
} // namespace tests
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp b/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp
index 648af1d..e6bd97f 100644
--- a/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp
+++ b/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp
@@ -107,7 +107,7 @@
{
Name identityName("/SecurityTestSignatureSha256WithEcdsa/DataSignature");
BOOST_REQUIRE(addIdentity(identityName, EcdsaKeyParams()));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<security::v1::PublicKey> publicKey;
BOOST_REQUIRE_NO_THROW(publicKey = m_keyChain.getPublicKeyFromTpm(
m_keyChain.getDefaultKeyNameForIdentity(identityName)));
@@ -129,7 +129,7 @@
{
Name identityName("/SecurityTestSignatureSha256WithEcdsa/InterestSignature");
BOOST_REQUIRE(addIdentity(identityName, EcdsaKeyParams()));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<security::v1::PublicKey> publicKey;
BOOST_REQUIRE_NO_THROW(publicKey = m_keyChain.getPublicKeyFromTpm(
m_keyChain.getDefaultKeyNameForIdentity(identityName)));
diff --git a/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp b/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp
index ea3a40f..ec9e936 100644
--- a/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp
+++ b/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp
@@ -112,7 +112,7 @@
{
Name identityName("/SecurityTestSignatureSha256WithRsa/DataSignature");
BOOST_REQUIRE(addIdentity(identityName, RsaKeyParams()));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<security::v1::PublicKey> publicKey;
BOOST_REQUIRE_NO_THROW(publicKey = m_keyChain.getPublicKeyFromTpm(
m_keyChain.getDefaultKeyNameForIdentity(identityName)));
@@ -133,7 +133,7 @@
{
Name identityName("/SecurityTestSignatureSha256WithRsa/InterestSignature");
BOOST_REQUIRE(addIdentity(identityName, RsaKeyParams()));
- shared_ptr<PublicKey> publicKey;
+ shared_ptr<security::v1::PublicKey> publicKey;
BOOST_REQUIRE_NO_THROW(publicKey = m_keyChain.getPublicKeyFromTpm(
m_keyChain.getDefaultKeyNameForIdentity(identityName)));
diff --git a/tests/unit-tests/security/transform/signer-filter.t.cpp b/tests/unit-tests/security/transform/signer-filter.t.cpp
index 204bf81..dc173e3 100644
--- a/tests/unit-tests/security/transform/signer-filter.t.cpp
+++ b/tests/unit-tests/security/transform/signer-filter.t.cpp
@@ -24,7 +24,7 @@
#include "encoding/buffer-stream.hpp"
// TODO: remove CryptoPP dependency
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "boost-test.hpp"
diff --git a/tests/unit-tests/security/transform/verifier-filter.t.cpp b/tests/unit-tests/security/transform/verifier-filter.t.cpp
index c450f3f..cd496df 100644
--- a/tests/unit-tests/security/transform/verifier-filter.t.cpp
+++ b/tests/unit-tests/security/transform/verifier-filter.t.cpp
@@ -24,7 +24,7 @@
#include "encoding/buffer-stream.hpp"
// TODO: remove CryptoPP dependency
-#include "security/cryptopp.hpp"
+#include "security/v1/cryptopp.hpp"
#include "boost-test.hpp"
diff --git a/tests/unit-tests/security/v1/certificate.t.cpp b/tests/unit-tests/security/v1/certificate.t.cpp
new file mode 100644
index 0000000..043a1fb
--- /dev/null
+++ b/tests/unit-tests/security/v1/certificate.t.cpp
@@ -0,0 +1,389 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2016 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "security/v1/certificate.hpp"
+#include "security/v1/public-key.hpp"
+
+#include "security/key-chain.hpp"
+
+#include "security/v1/cryptopp.hpp"
+
+#include "boost-test.hpp"
+
+namespace ndn {
+namespace security {
+namespace v1 {
+namespace tests {
+
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(V1)
+BOOST_AUTO_TEST_SUITE(TestCertificate)
+
+using namespace CryptoPP;
+
+const uint8_t PUBLIC_KEY[] = {
+ 0x30, 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+ 0x01, 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e,
+ 0x06, 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5,
+ 0x9c, 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22,
+ 0xac, 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c,
+ 0xaa, 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88,
+ 0x9a, 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad,
+ 0xc1, 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe,
+ 0x62, 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1,
+ 0xc5, 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62,
+ 0xea, 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11
+};
+
+const uint8_t CERT[] = {
+ 0x30, 0x81, 0xff, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x32, 0x32, 0x36,
+ 0x32, 0x33, 0x32, 0x32, 0x35, 0x34, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x32,
+ 0x32, 0x36, 0x32, 0x33, 0x32, 0x32, 0x35, 0x34, 0x5a, 0x30, 0x12, 0x30, 0x10, 0x06, 0x03,
+ 0x55, 0x04, 0x29, 0x13, 0x09, 0x54, 0x45, 0x53, 0x54, 0x20, 0x4e, 0x41, 0x4d, 0x45, 0x30,
+ 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
+ 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x06,
+ 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5, 0x9c,
+ 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22, 0xac,
+ 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c, 0xaa,
+ 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88, 0x9a,
+ 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad, 0xc1,
+ 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe, 0x62,
+ 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1, 0xc5,
+ 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62, 0xea,
+ 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11, 0x30, 0x25, 0x30, 0x23, 0x06, 0x06,
+ 0x2b, 0x06, 0x01, 0x05, 0x20, 0x01, 0x01, 0x01, 0xff, 0x04, 0x16, 0x30, 0x14, 0x04, 0x0c,
+ 0x2f, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2f, 0x6b, 0x69, 0x74, 0x74, 0x79, 0x02, 0x01, 0x00,
+ 0x02, 0x01, 0x0a
+};
+
+const std::string CERT_INFO =
+ "Certificate name:\n"
+ " /\n"
+ "Validity:\n"
+ " NotBefore: 20131226T232254\n"
+ " NotAfter: 20131226T232254\n"
+ "Subject Description:\n"
+ " 2.5.4.41: TEST NAME\n"
+ "Public key bits: (RSA)\n"
+ " MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF\n"
+ " OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV\n"
+ " C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf\n"
+ " 7+0153pi6nZ8uwgmxwIB\n"
+ "Signature Information:\n"
+ " Signature Type: Unknown Signature Type\n";
+
+BOOST_AUTO_TEST_CASE(Encode)
+{
+ Certificate certificate;
+
+ // validity
+ // not before 12/26/2013 @ 11:22pm
+ certificate.setNotBefore(time::fromUnixTimestamp(time::milliseconds(1388100174000LL)));
+ // not after 12/26/2013 @ 11:22pm
+ certificate.setNotAfter(time::fromUnixTimestamp(time::milliseconds(1388100174000LL)));
+
+ // subject
+ certificate.addSubjectDescription(CertificateSubjectDescription(oid::ATTRIBUTE_NAME,
+ "TEST NAME"));
+
+ // publicKeyInfo
+ PublicKey key(PUBLIC_KEY, sizeof(PUBLIC_KEY));
+ certificate.setPublicKeyInfo(key);
+
+ // extensions
+ BOOST_REQUIRE_NO_THROW({
+ std::string extenstionValue;
+ StringSink sink(extenstionValue);
+ DERSequenceEncoder seq(sink);
+ {
+ std::string name("/hello/kitty");
+ DEREncodeOctetString(seq, reinterpret_cast<const uint8_t*>(name.c_str()), name.size());
+ // trustClass
+ DEREncodeUnsigned<uint32_t>(seq, 0);
+ // trustLevel
+ DEREncodeUnsigned<uint32_t>(seq, 10);
+ }
+ seq.MessageEnd();
+
+ //create a randome extension
+ certificate.addExtension(CertificateExtension(Oid("1.3.6.1.5.32.1"), true,
+ reinterpret_cast<const uint8_t*>(extenstionValue.c_str()),
+ extenstionValue.size()));
+ });
+ // RSA::PublicKey p;
+ // StringSource source(T, sizeof(T), true);
+ // p.Load(source);
+
+ BOOST_REQUIRE_NO_THROW(certificate.encode());
+
+ // ofstream of("cert.out");
+ // of.write((const char*certificate.getContent().value(), certificate.getContent().value_size());
+
+ // const Block &wire = i.wireEncode();
+ BOOST_REQUIRE_EQUAL_COLLECTIONS(CERT, CERT+sizeof(CERT),
+ certificate.getContent().value_begin(),
+ certificate.getContent().value_end());
+
+ std::ostringstream os;
+ os << certificate;
+ std::string info(os.str());
+
+ BOOST_CHECK_EQUAL(CERT_INFO, info);
+}
+
+const unsigned char REAL_CERT[] = {
+ 0x30, 0x82, 0x01, 0x63, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x31, 0x30,
+ 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31,
+ 0x31, 0x30, 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x30, 0x19, 0x30, 0x17, 0x06,
+ 0x03, 0x55, 0x04, 0x29, 0x13, 0x10, 0x4e, 0x44, 0x4e, 0x20, 0x54, 0x65, 0x73, 0x74, 0x62,
+ 0x65, 0x64, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0d,
+ 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd3, 0xac, 0x7e, 0x7a, 0x5c,
+ 0x33, 0x58, 0x21, 0xda, 0xe0, 0x8d, 0xdb, 0xca, 0xb6, 0x02, 0x30, 0x02, 0x15, 0xc5, 0x0a,
+ 0x51, 0x54, 0xbb, 0x8e, 0x5e, 0x9d, 0x21, 0xf8, 0x14, 0xbe, 0xe4, 0x63, 0x60, 0x31, 0x53,
+ 0xe2, 0xef, 0xee, 0x34, 0xa3, 0x8c, 0xd2, 0x24, 0x6f, 0xa4, 0x89, 0x4f, 0x02, 0x20, 0x7d,
+ 0x66, 0xb6, 0x3f, 0x11, 0x40, 0x0c, 0xc1, 0x5f, 0xd8, 0x45, 0x23, 0x95, 0x40, 0xc8, 0xe0,
+ 0xbc, 0x9d, 0x2f, 0x03, 0xf1, 0x83, 0x9f, 0x07, 0x0b, 0x76, 0xc9, 0x10, 0xd9, 0x3e, 0x0b,
+ 0x75, 0x13, 0x93, 0xe9, 0xc9, 0x85, 0x01, 0x88, 0x36, 0x2e, 0xab, 0xfc, 0xe6, 0x24, 0x32,
+ 0xfc, 0xc6, 0x3c, 0x40, 0x97, 0x1a, 0xcc, 0xcd, 0x53, 0xaa, 0x0f, 0xfb, 0xa3, 0xfe, 0xf9,
+ 0x24, 0x70, 0x13, 0x3f, 0x4f, 0x5b, 0x7d, 0x43, 0xaa, 0x75, 0x0a, 0x94, 0x72, 0xab, 0xe1,
+ 0x8c, 0x45, 0xb5, 0x78, 0x10, 0x01, 0xef, 0x1f, 0xb3, 0x05, 0x6f, 0xa6, 0xc3, 0xac, 0x7f,
+ 0x6d, 0xf0, 0x31, 0xc4, 0x83, 0xb3, 0x4f, 0x50, 0x26, 0x92, 0x40, 0x1a, 0xdd, 0xec, 0xfb,
+ 0xcb, 0xef, 0x63, 0xfe, 0x41, 0xd8, 0x8d, 0x1f, 0xdc, 0xec, 0xfc, 0x48, 0x95, 0xcc, 0x09,
+ 0x1e, 0x30, 0x6e, 0x22, 0x9e, 0x24, 0x97, 0x2e, 0xe6, 0x0c, 0xdf, 0x3d, 0x20, 0x32, 0xaa,
+ 0x9c, 0xc9, 0x45, 0x14, 0xaf, 0xaa, 0xf5, 0x17, 0xd2, 0x01, 0x98, 0x33, 0xbe, 0x2a, 0x9f,
+ 0x7b, 0x9d, 0x98, 0x7c, 0x54, 0x22, 0xfe, 0x72, 0x72, 0x04, 0xc3, 0x2c, 0xc0, 0x14, 0x0b,
+ 0xa9, 0x40, 0x7e, 0x46, 0xa1, 0x75, 0x16, 0x1a, 0x27, 0x9e, 0xf2, 0x82, 0x96, 0xc0, 0x7d,
+ 0xaf, 0x18, 0x75, 0xfb, 0xbb, 0xab, 0x16, 0x66, 0xc0, 0xa9, 0xd7, 0x93, 0x4c, 0x48, 0x6d,
+ 0xce, 0x0b, 0x88, 0xd4, 0x21, 0x93, 0x84, 0x89, 0x55, 0x05, 0xd5, 0x02, 0x01, 0x11
+};
+
+const std::string REAL_CERT_INFO = "Certificate name:\n"
+ " /tmp\n"
+ "Validity:\n"
+ " NotBefore: 20131101T171122\n"
+ " NotAfter: 20141101T171122\n"
+ "Subject Description:\n"
+ " 2.5.4.41: NDN Testbed Root\n"
+ "Public key bits: (RSA)\n"
+ " MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA06x+elwzWCHa4I3byrYC\n"
+ " MAIVxQpRVLuOXp0h+BS+5GNgMVPi7+40o4zSJG+kiU8CIH1mtj8RQAzBX9hFI5VA\n"
+ " yOC8nS8D8YOfBwt2yRDZPgt1E5PpyYUBiDYuq/zmJDL8xjxAlxrMzVOqD/uj/vkk\n"
+ " cBM/T1t9Q6p1CpRyq+GMRbV4EAHvH7MFb6bDrH9t8DHEg7NPUCaSQBrd7PvL72P+\n"
+ " QdiNH9zs/EiVzAkeMG4iniSXLuYM3z0gMqqcyUUUr6r1F9IBmDO+Kp97nZh8VCL+\n"
+ " cnIEwyzAFAupQH5GoXUWGiee8oKWwH2vGHX7u6sWZsCp15NMSG3OC4jUIZOEiVUF\n"
+ " 1QIB\n"
+ "Signature Information:\n"
+ " Signature Type: Unknown Signature Type\n";
+
+const uint8_t SELF_SIGNED_ECDSA_CERT[] = {
+ 0x06, 0xfd, 0x01, 0x5b, 0x07, 0x33, 0x08, 0x05, 0x65, 0x63, 0x64, 0x73, 0x61, 0x08, 0x03,
+ 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39,
+ 0x34, 0x35, 0x35, 0x32, 0x38, 0x32, 0x37, 0x08, 0x07, 0x49, 0x44, 0x2d, 0x43, 0x45, 0x52,
+ 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xd3, 0x9d, 0x78, 0x00, 0x14, 0x03, 0x18,
+ 0x01, 0x02, 0x15, 0xa5, 0x30, 0x81, 0xa2, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34,
+ 0x31, 0x31, 0x32, 0x31, 0x31, 0x38, 0x32, 0x39, 0x31, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30,
+ 0x33, 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x38, 0x32, 0x39, 0x31, 0x32, 0x5a, 0x30, 0x21,
+ 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x29, 0x13, 0x18, 0x2f, 0x65, 0x63, 0x64, 0x73, 0x61,
+ 0x2f, 0x6b, 0x73, 0x6b, 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39, 0x34, 0x35, 0x35, 0x32,
+ 0x38, 0x32, 0x37, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+ 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04,
+ 0x83, 0xe5, 0x81, 0x19, 0xd9, 0xfa, 0x64, 0x40, 0xad, 0x7c, 0x93, 0xfc, 0x15, 0x90, 0x6b,
+ 0x38, 0x1e, 0xc5, 0xca, 0xb1, 0x6b, 0x0b, 0x1f, 0x64, 0xbf, 0x48, 0xaa, 0xd0, 0x91, 0x5c,
+ 0x24, 0xd6, 0x78, 0x40, 0xfd, 0x95, 0x5d, 0x54, 0x64, 0xe1, 0x2d, 0x0e, 0x98, 0x66, 0x1d,
+ 0x7a, 0xb0, 0x61, 0x17, 0x05, 0x26, 0x13, 0x63, 0x25, 0x7c, 0xda, 0x87, 0x11, 0xc9, 0x67,
+ 0xcd, 0x12, 0x05, 0xf0, 0x16, 0x2f, 0x1b, 0x01, 0x03, 0x1c, 0x2a, 0x07, 0x28, 0x08, 0x05,
+ 0x65, 0x63, 0x64, 0x73, 0x61, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b,
+ 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39, 0x34, 0x35, 0x35, 0x32, 0x38, 0x32, 0x37, 0x08,
+ 0x07, 0x49, 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0x47, 0x30, 0x45, 0x02, 0x21, 0x00,
+ 0x9b, 0xae, 0xf4, 0x87, 0x55, 0xaa, 0x78, 0xbf, 0x00, 0xff, 0x1a, 0xbe, 0x90, 0x46, 0x6e,
+ 0xdd, 0xe6, 0x3b, 0x44, 0xfd, 0x41, 0x04, 0x86, 0xcc, 0x6a, 0x8b, 0x5a, 0x25, 0xbb, 0xf1,
+ 0x55, 0xcd, 0x02, 0x20, 0x0e, 0x67, 0xd8, 0x86, 0xe8, 0x7c, 0x90, 0x3c, 0x13, 0xfd, 0x36,
+ 0x9c, 0xbc, 0xa1, 0xc3, 0x7c, 0xe0, 0x0c, 0x6d, 0x64, 0xac, 0xdb, 0x69, 0x99, 0xde, 0x80,
+ 0x35, 0x3f, 0xf4, 0x6a, 0xcd, 0x6f
+};
+
+const std::string SELF_SIGNED_ECDSA_CERT_INFO =
+ "Certificate name:\n"
+ " /ecdsa/KEY/ksk-1416594552827/ID-CERT/%FD%00%00%01I%D3%9Dx%00\n"
+ "Validity:\n"
+ " NotBefore: 20141121T182912\n"
+ " NotAfter: 20341116T182912\n"
+ "Subject Description:\n"
+ " 2.5.4.41: /ecdsa/ksk-1416594552827\n"
+ "Public key bits: (ECDSA)\n"
+ " MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEg+WBGdn6ZECtfJP8FZBrOB7FyrFr\n"
+ " Cx9kv0iq0JFcJNZ4QP2VXVRk4S0OmGYderBhFwUmE2MlfNqHEclnzRIF\n"
+ "Signature Information:\n"
+ " Signature Type: SignatureSha256WithEcdsa\n"
+ " Key Locator: (Self-Signed) /ecdsa/KEY/ksk-1416594552827/ID-CERT\n";
+
+const uint8_t RSA_CERT[] = {
+ 0x06, 0xfd, 0x02, 0xd7, 0x07, 0x38, 0x08, 0x03, 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45,
+ 0x59, 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
+ 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x07, 0x49,
+ 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xc9, 0x8b,
+ 0x2e, 0x73, 0x14, 0x03, 0x18, 0x01, 0x02, 0x15, 0xfd, 0x01, 0x61, 0x30, 0x82, 0x01, 0x5d,
+ 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31, 0x31, 0x31, 0x39, 0x31, 0x39, 0x33,
+ 0x33, 0x30, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x35, 0x31, 0x31, 0x31, 0x39, 0x31,
+ 0x39, 0x33, 0x33, 0x30, 0x32, 0x5a, 0x30, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x29,
+ 0x13, 0x0a, 0x2f, 0x6e, 0x64, 0x6e, 0x2f, 0x73, 0x69, 0x74, 0x65, 0x31, 0x30, 0x82, 0x01,
+ 0x20, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
+ 0x00, 0x03, 0x82, 0x01, 0x0d, 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00,
+ 0xb6, 0x54, 0x7e, 0xe8, 0xf2, 0x91, 0x7d, 0xc1, 0x6d, 0xcb, 0x25, 0x44, 0x97, 0x90, 0xdc,
+ 0x78, 0x15, 0x0e, 0xef, 0xb5, 0xe7, 0xfd, 0x09, 0x2c, 0xf8, 0xd5, 0x9c, 0x2f, 0xe5, 0xa6,
+ 0xae, 0x9d, 0x7e, 0x95, 0x2d, 0xfc, 0xc7, 0xc3, 0x43, 0x46, 0xb0, 0x6f, 0x53, 0xcd, 0xcd,
+ 0x6a, 0x29, 0x1d, 0x95, 0xa1, 0x62, 0xcd, 0xa9, 0xf2, 0xf8, 0xe2, 0xfa, 0x8b, 0x5d, 0xfe,
+ 0xa1, 0x2b, 0x15, 0x3f, 0x7f, 0x71, 0xe6, 0x3e, 0xb9, 0xb1, 0x29, 0xd1, 0x22, 0x6f, 0x56,
+ 0xdf, 0xb6, 0x85, 0xaf, 0xd4, 0xb3, 0x67, 0x8b, 0x94, 0xb8, 0x83, 0xcb, 0x72, 0x86, 0xc4,
+ 0xf2, 0x86, 0xb2, 0x7c, 0x94, 0xbc, 0x38, 0x7b, 0x8c, 0x92, 0x86, 0x36, 0x83, 0x0e, 0x11,
+ 0x8c, 0x95, 0x49, 0xff, 0xcc, 0x16, 0x62, 0xdb, 0x55, 0x40, 0x7f, 0xc8, 0x8d, 0xe4, 0x3f,
+ 0x87, 0x02, 0x87, 0xaf, 0xf6, 0x2f, 0x8a, 0x7d, 0x74, 0x10, 0xd3, 0xbb, 0xa3, 0xfe, 0x5a,
+ 0x7b, 0x8f, 0x56, 0x09, 0x8b, 0x49, 0x46, 0x9f, 0x7d, 0x55, 0xa3, 0x4a, 0xe8, 0x22, 0x7b,
+ 0x80, 0x8a, 0x6f, 0xde, 0x9f, 0xfb, 0x2f, 0xeb, 0xf7, 0x29, 0x8a, 0x38, 0x67, 0x41, 0xae,
+ 0x21, 0x7a, 0xe3, 0x7b, 0x96, 0x1a, 0x90, 0x35, 0x7d, 0x04, 0xaa, 0x4d, 0x9f, 0xe6, 0xd6,
+ 0x00, 0x17, 0x4e, 0x02, 0x34, 0x6c, 0x56, 0x3a, 0x81, 0x3c, 0xb4, 0x7f, 0x98, 0x48, 0x22,
+ 0xa0, 0x9f, 0x53, 0x35, 0xf9, 0x4e, 0xae, 0x8f, 0xc3, 0xfa, 0x0b, 0x93, 0xd4, 0x55, 0x78,
+ 0x05, 0xb0, 0x40, 0x44, 0x48, 0x74, 0xb7, 0x9b, 0x2d, 0x65, 0xf0, 0x3d, 0x2e, 0x87, 0x2b,
+ 0x48, 0x29, 0x12, 0x85, 0xf0, 0xaf, 0xc4, 0xdc, 0x73, 0xce, 0x18, 0x8b, 0xd9, 0x4c, 0x60,
+ 0x15, 0x51, 0xae, 0x47, 0x1e, 0x2b, 0x54, 0xde, 0xf6, 0xba, 0x77, 0x30, 0x5d, 0x68, 0x9a,
+ 0xfb, 0x02, 0x01, 0x11, 0x16, 0x2d, 0x1b, 0x01, 0x01, 0x1c, 0x28, 0x07, 0x26, 0x08, 0x03,
+ 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
+ 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x32, 0x39, 0x35, 0x35, 0x34, 0x36, 0x08, 0x07, 0x49,
+ 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0xfd, 0x01, 0x00, 0x26, 0x40, 0xbc, 0xf0, 0x28,
+ 0x12, 0x69, 0x94, 0x11, 0x13, 0xff, 0x47, 0x2c, 0x6b, 0x12, 0xdd, 0xfa, 0x60, 0x92, 0xe9,
+ 0x59, 0x10, 0x98, 0xd8, 0x11, 0x2a, 0xf0, 0x25, 0xb0, 0x03, 0xb2, 0xda, 0xd3, 0xb6, 0xa9,
+ 0xfb, 0x8b, 0xc3, 0x6f, 0xfb, 0xb4, 0x93, 0x9b, 0x24, 0x9f, 0x7e, 0x63, 0x8a, 0x37, 0xea,
+ 0x88, 0x74, 0xac, 0x0c, 0x04, 0x5b, 0xa2, 0x39, 0x0c, 0xa1, 0x9e, 0x0e, 0xa2, 0xd6, 0x74,
+ 0xca, 0xc4, 0x92, 0x64, 0x9f, 0xc2, 0x68, 0x56, 0xef, 0xc5, 0x11, 0xe8, 0x7a, 0xf3, 0x21,
+ 0xde, 0x88, 0x40, 0x70, 0x2b, 0x44, 0xe0, 0xcb, 0x3b, 0x33, 0xc6, 0x53, 0x65, 0x70, 0x56,
+ 0x08, 0xe2, 0x22, 0x70, 0x9e, 0xe0, 0x38, 0x18, 0xa8, 0x7c, 0x7d, 0x09, 0x15, 0xac, 0xf1,
+ 0x44, 0x63, 0x5d, 0xd5, 0x59, 0xf4, 0xeb, 0x60, 0x6c, 0x6e, 0x77, 0x36, 0x20, 0x2a, 0xe2,
+ 0xd1, 0x2d, 0xa1, 0x7d, 0xd4, 0x6d, 0x29, 0x2d, 0x88, 0xde, 0x9e, 0xf8, 0x64, 0x41, 0x6a,
+ 0xeb, 0x9f, 0x3b, 0x52, 0x06, 0xb1, 0x94, 0x09, 0x3b, 0xc9, 0xba, 0xa0, 0x05, 0x31, 0x2d,
+ 0x49, 0x17, 0x5b, 0xc1, 0x62, 0xf5, 0x19, 0xce, 0x27, 0x7b, 0xe8, 0x4b, 0xeb, 0x80, 0x36,
+ 0xf3, 0xd7, 0xe9, 0x59, 0x22, 0x50, 0x5a, 0x14, 0xb0, 0x1a, 0xa5, 0x6b, 0x33, 0xb2, 0x83,
+ 0x72, 0x11, 0xf4, 0xd5, 0xd2, 0x32, 0x93, 0x94, 0xb6, 0x8d, 0xed, 0xcd, 0xce, 0x54, 0x79,
+ 0xe8, 0xc3, 0x3c, 0xa8, 0xc6, 0x71, 0xa7, 0x61, 0xba, 0x70, 0x44, 0x94, 0xc9, 0xfc, 0xd0,
+ 0x20, 0x00, 0x87, 0xdc, 0xf3, 0x3c, 0x47, 0x1b, 0x4f, 0x91, 0x4c, 0xc7, 0x49, 0xb7, 0xe4,
+ 0xe3, 0x84, 0xb7, 0x82, 0x52, 0xec, 0x91, 0xa9, 0x28, 0x38, 0x2d, 0x48, 0x89, 0xc7, 0xcf,
+ 0xfa, 0x63, 0x0b, 0xf0, 0x62, 0x51, 0xac, 0xe9, 0xdb, 0xfd, 0x1c
+};
+
+const std::string RSA_CERT_INFO =
+ "Certificate name:\n"
+ " /ndn/KEY/site1/ksk-1416425377094/ID-CERT/%FD%00%00%01I%C9%8B.s\n"
+ "Validity:\n"
+ " NotBefore: 20141119T193302\n"
+ " NotAfter: 20151119T193302\n"
+ "Subject Description:\n"
+ " 2.5.4.41: /ndn/site1\n"
+ "Public key bits: (RSA)\n"
+ " MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAtlR+6PKRfcFtyyVEl5Dc\n"
+ " eBUO77Xn/Qks+NWcL+Wmrp1+lS38x8NDRrBvU83NaikdlaFizany+OL6i13+oSsV\n"
+ " P39x5j65sSnRIm9W37aFr9SzZ4uUuIPLcobE8oayfJS8OHuMkoY2gw4RjJVJ/8wW\n"
+ " YttVQH/IjeQ/hwKHr/Yvin10ENO7o/5ae49WCYtJRp99VaNK6CJ7gIpv3p/7L+v3\n"
+ " KYo4Z0GuIXrje5YakDV9BKpNn+bWABdOAjRsVjqBPLR/mEgioJ9TNflOro/D+guT\n"
+ " 1FV4BbBAREh0t5stZfA9LocrSCkShfCvxNxzzhiL2UxgFVGuRx4rVN72uncwXWia\n"
+ " +wIB\n"
+ "Signature Information:\n"
+ " Signature Type: SignatureSha256WithRsa\n"
+ " Key Locator: (Name) /ndn/KEY/ksk-1416425295546/ID-CERT\n";
+
+BOOST_AUTO_TEST_CASE(Decode)
+{
+ ndn::Data data("/tmp");
+ data.setContent(REAL_CERT, sizeof(REAL_CERT));
+
+ Certificate certificate(data);
+
+ std::ostringstream os;
+ os << certificate;
+ std::string info(os.str());
+
+ BOOST_CHECK_EQUAL(REAL_CERT_INFO, info);
+
+
+ ndn::Block selfSignedCertBlock(SELF_SIGNED_ECDSA_CERT, sizeof(SELF_SIGNED_ECDSA_CERT));
+ Certificate selfSignedCert;
+ selfSignedCert.wireDecode(selfSignedCertBlock);
+
+ std::ostringstream selfSignedCertOs;
+ selfSignedCertOs << selfSignedCert;
+ std::string selfSignedCertInfo(selfSignedCertOs.str());
+
+ BOOST_CHECK_EQUAL(SELF_SIGNED_ECDSA_CERT_INFO, selfSignedCertInfo);
+
+
+ ndn::Block rsaCertBlock(RSA_CERT, sizeof(RSA_CERT));
+ Certificate rsaCert;
+ rsaCert.wireDecode(rsaCertBlock);
+
+ std::ostringstream rsaCertOs;
+ rsaCertOs << rsaCert;
+ std::string rsaCertInfo(rsaCertOs.str());
+
+ BOOST_CHECK_EQUAL(RSA_CERT_INFO, rsaCertInfo);
+}
+
+const uint8_t WRONG_CERT[] = { // first byte is wrong and an error will be thrown out
+ 0x31, 0x82, 0x01, 0x63, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x31, 0x30,
+ 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31,
+ 0x31, 0x30, 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x30, 0x19, 0x30, 0x17, 0x06,
+ 0x03, 0x55, 0x04, 0x29, 0x13, 0x10, 0x4e, 0x44, 0x4e, 0x20, 0x54, 0x65, 0x73, 0x74, 0x62,
+ 0x65, 0x64, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0d,
+ 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd3, 0xac, 0x7e, 0x7a, 0x5c,
+ 0x33, 0x58, 0x21, 0xda, 0xe0, 0x8d, 0xdb, 0xca, 0xb6, 0x02, 0x30, 0x02, 0x15, 0xc5, 0x0a,
+ 0x51, 0x54, 0xbb, 0x8e, 0x5e, 0x9d, 0x21, 0xf8, 0x14, 0xbe, 0xe4, 0x63, 0x60, 0x31, 0x53,
+ 0xe2, 0xef, 0xee, 0x34, 0xa3, 0x8c, 0xd2, 0x24, 0x6f, 0xa4, 0x89, 0x4f, 0x02, 0x20, 0x7d,
+ 0x66, 0xb6, 0x3f, 0x11, 0x40, 0x0c, 0xc1, 0x5f, 0xd8, 0x45, 0x23, 0x95, 0x40, 0xc8, 0xe0,
+ 0xbc, 0x9d, 0x2f, 0x03, 0xf1, 0x83, 0x9f, 0x07, 0x0b, 0x76, 0xc9, 0x10, 0xd9, 0x3e, 0x0b,
+ 0x75, 0x13, 0x93, 0xe9, 0xc9, 0x85, 0x01, 0x88, 0x36, 0x2e, 0xab, 0xfc, 0xe6, 0x24, 0x32,
+ 0xfc, 0xc6, 0x3c, 0x40, 0x97, 0x1a, 0xcc, 0xcd, 0x53, 0xaa, 0x0f, 0xfb, 0xa3, 0xfe, 0xf9,
+ 0x24, 0x70, 0x13, 0x3f, 0x4f, 0x5b, 0x7d, 0x43, 0xaa, 0x75, 0x0a, 0x94, 0x72, 0xab, 0xe1,
+ 0x8c, 0x45, 0xb5, 0x78, 0x10, 0x01, 0xef, 0x1f, 0xb3, 0x05, 0x6f, 0xa6, 0xc3, 0xac, 0x7f,
+ 0x6d, 0xf0, 0x31, 0xc4, 0x83, 0xb3, 0x4f, 0x50, 0x26, 0x92, 0x40, 0x1a, 0xdd, 0xec, 0xfb,
+ 0xcb, 0xef, 0x63, 0xfe, 0x41, 0xd8, 0x8d, 0x1f, 0xdc, 0xec, 0xfc, 0x48, 0x95, 0xcc, 0x09,
+ 0x1e, 0x30, 0x6e, 0x22, 0x9e, 0x24, 0x97, 0x2e, 0xe6, 0x0c, 0xdf, 0x3d, 0x20, 0x32, 0xaa,
+ 0x9c, 0xc9, 0x45, 0x14, 0xaf, 0xaa, 0xf5, 0x17, 0xd2, 0x01, 0x98, 0x33, 0xbe, 0x2a, 0x9f,
+ 0x7b, 0x9d, 0x98, 0x7c, 0x54, 0x22, 0xfe, 0x72, 0x72, 0x04, 0xc3, 0x2c, 0xc0, 0x14, 0x0b,
+ 0xa9, 0x40, 0x7e, 0x46, 0xa1, 0x75, 0x16, 0x1a, 0x27, 0x9e, 0xf2, 0x82, 0x96, 0xc0, 0x7d,
+ 0xaf, 0x18, 0x75, 0xfb, 0xbb, 0xab, 0x16, 0x66, 0xc0, 0xa9, 0xd7, 0x93, 0x4c, 0x48, 0x6d,
+ 0xce, 0x0b, 0x88, 0xd4, 0x21, 0x93, 0x84, 0x89, 0x55, 0x05, 0xd5, 0x02, 0x01, 0x11
+};
+
+BOOST_AUTO_TEST_CASE(DecodeError)
+{
+ ndn::Data data("/tmp");
+ data.setContent(WRONG_CERT, sizeof(WRONG_CERT));
+
+ BOOST_CHECK_THROW(Certificate certificate(data), Certificate::Error);
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestCertificate
+BOOST_AUTO_TEST_SUITE_END() // V1
+BOOST_AUTO_TEST_SUITE_END() // Security
+
+} // namespace tests
+} // namespace v1
+} // namespace security
+} // namespace ndn
diff --git a/tests/unit-tests/security/public-key.t.cpp b/tests/unit-tests/security/v1/public-key.t.cpp
similarity index 90%
rename from tests/unit-tests/security/public-key.t.cpp
rename to tests/unit-tests/security/v1/public-key.t.cpp
index ae85d4c..53df40c 100644
--- a/tests/unit-tests/security/public-key.t.cpp
+++ b/tests/unit-tests/security/v1/public-key.t.cpp
@@ -19,16 +19,20 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#include "security/public-key.hpp"
-#include "security/cryptopp.hpp"
+#include "security/v1/public-key.hpp"
+#include "security/v1/cryptopp.hpp"
#include "encoding/buffer-stream.hpp"
#include "boost-test.hpp"
namespace ndn {
+namespace security {
+namespace v1 {
namespace tests {
-BOOST_AUTO_TEST_SUITE(SecurityPublicKey)
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(V1)
+BOOST_AUTO_TEST_SUITE(TestPublicKey)
const std::string RSA_DER("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFoDcNtffwbfFix64fw0\
hI2tKMkFrc6Ex7yw0YLMK9vGE8lXOyBl/qXabow6RCz+GldmFN6E2Qhm1+AX3Zm5\
@@ -57,7 +61,7 @@
0xb5, 0x9d, 0x80, 0x65, 0x80, 0x6b, 0x4b, 0x63
};
-BOOST_AUTO_TEST_CASE(RSA)
+BOOST_AUTO_TEST_CASE(Rsa)
{
using namespace CryptoPP;
@@ -79,7 +83,7 @@
digest.wire() + digest.size());
}
-BOOST_AUTO_TEST_CASE(ECDSA)
+BOOST_AUTO_TEST_CASE(Ecdsa)
{
using namespace CryptoPP;
@@ -101,8 +105,11 @@
digest.wire() + digest.size());
}
-
-BOOST_AUTO_TEST_SUITE_END()
+BOOST_AUTO_TEST_SUITE_END() // TestPublicKey
+BOOST_AUTO_TEST_SUITE_END() // V1
+BOOST_AUTO_TEST_SUITE_END() // Security
} // namespace tests
+} // namespace v1
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/security/additional-info.t.cpp b/tests/unit-tests/security/v2/additional-info.t.cpp
similarity index 96%
rename from tests/unit-tests/security/additional-info.t.cpp
rename to tests/unit-tests/security/v2/additional-info.t.cpp
index 63320f7..b82d56d 100644
--- a/tests/unit-tests/security/additional-info.t.cpp
+++ b/tests/unit-tests/security/v2/additional-info.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -19,7 +19,7 @@
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
-#include "security/additional-description.hpp"
+#include "security/v2/additional-description.hpp"
#include "boost-test.hpp"
diff --git a/tests/unit-tests/security/validator-config.t.cpp b/tests/unit-tests/security/validator-config.t.cpp
index 63b0142..2065a7c 100644
--- a/tests/unit-tests/security/validator-config.t.cpp
+++ b/tests/unit-tests/security/validator-config.t.cpp
@@ -49,7 +49,7 @@
identity.appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
io::save(*idCert, "trust-anchor-1.cert");
Name dataName1("/simple/equal");
@@ -119,7 +119,7 @@
identity.appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
io::save(*idCert, "trust-anchor-2.cert");
Name dataName1("/simple/isPrefixOf");
@@ -197,7 +197,7 @@
identity.appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
io::save(*idCert, "trust-anchor-3.cert");
Name dataName1("/simple/isStrictPrefixOf");
@@ -275,7 +275,7 @@
identity.appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
io::save(*idCert, "trust-anchor-4.cert");
Name dataName1("/simple/regex");
@@ -352,7 +352,7 @@
identity.appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
+ shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
io::save(*idCert, "trust-anchor-5.cert");
Name dataName1 = identity;
@@ -428,7 +428,7 @@
identity1.append("1").appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity1));
Name certName1 = m_keyChain.getDefaultCertificateNameForIdentity(identity1);
- shared_ptr<IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
+ shared_ptr<v1::IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
io::save(*idCert1, "trust-anchor-7.cert");
Name identity2 = identity;
@@ -541,7 +541,7 @@
identity1.appendVersion();
addIdentity(identity1);
Name certName1 = m_keyChain.getDefaultCertificateNameForIdentity(identity1);
- shared_ptr<IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
+ shared_ptr<v1::IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
std::string certDir1 = certDir + "trust-anchor-multi-1.cert";
io::save(*idCert1, certDir1);
@@ -549,7 +549,7 @@
identity2.appendVersion();
addIdentity(identity2);
Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
- shared_ptr<IdentityCertificate> idCert2 = m_keyChain.getCertificate(certName2);
+ shared_ptr<v1::IdentityCertificate> idCert2 = m_keyChain.getCertificate(certName2);
std::string certDir2 = certDir + "trust-anchor-multi-2.cert";
io::save(*idCert2, certDir2);
@@ -662,7 +662,7 @@
Name root("/TestValidatorConfig/Reload");
BOOST_REQUIRE_NO_THROW(addIdentity(root));
Name rootCertName = m_keyChain.getDefaultCertificateNameForIdentity(root);
- shared_ptr<IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
+ shared_ptr<v1::IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
io::save(*rootCert, "trust-anchor-8.cert");
Face face(nullptr, m_keyChain);
@@ -761,7 +761,7 @@
identity1.appendVersion();
BOOST_REQUIRE_NO_THROW(addIdentity(identity1));
Name certName1 = m_keyChain.getDefaultCertificateNameForIdentity(identity1);
- shared_ptr<IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
+ shared_ptr<v1::IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
io::save(*idCert1, "trust-anchor-9.cert");
Name interestName("/TestValidatorConfig/SignedInterestTest");
@@ -831,21 +831,21 @@
identity1.append("Key1");
BOOST_REQUIRE_NO_THROW(addIdentity(identity1));
Name certName1 = m_keyChain.getDefaultCertificateNameForIdentity(identity1);
- shared_ptr<IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
+ shared_ptr<v1::IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
io::save(*idCert1, "trust-anchor-10-1.cert");
Name identity2 = identity;
identity2.append("Key2");
BOOST_REQUIRE_NO_THROW(addIdentity(identity2));
Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
- shared_ptr<IdentityCertificate> idCert2 = m_keyChain.getCertificate(certName2);
+ shared_ptr<v1::IdentityCertificate> idCert2 = m_keyChain.getCertificate(certName2);
io::save(*idCert2, "trust-anchor-10-2.cert");
Name identity3 = identity;
identity3.append("Key3");
BOOST_REQUIRE_NO_THROW(addIdentity(identity3));
Name certName3 = m_keyChain.getDefaultCertificateNameForIdentity(identity3);
- shared_ptr<IdentityCertificate> idCert3 = m_keyChain.getCertificate(certName3);
+ shared_ptr<v1::IdentityCertificate> idCert3 = m_keyChain.getCertificate(certName3);
io::save(*idCert3, "trust-anchor-10-3.cert");
@@ -952,28 +952,28 @@
identity1.append("Key1");
BOOST_REQUIRE_NO_THROW(addIdentity(identity1));
Name certName1 = m_keyChain.getDefaultCertificateNameForIdentity(identity1);
- shared_ptr<IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
+ shared_ptr<v1::IdentityCertificate> idCert1 = m_keyChain.getCertificate(certName1);
io::save(*idCert1, "trust-anchor-10-1.cert");
Name identity2 = identity;
identity2.append("Key2");
BOOST_REQUIRE_NO_THROW(addIdentity(identity2));
Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
- shared_ptr<IdentityCertificate> idCert2 = m_keyChain.getCertificate(certName2);
+ shared_ptr<v1::IdentityCertificate> idCert2 = m_keyChain.getCertificate(certName2);
io::save(*idCert2, "trust-anchor-10-2.cert");
Name identity3 = identity;
identity3.append("Key3");
BOOST_REQUIRE_NO_THROW(addIdentity(identity3));
Name certName3 = m_keyChain.getDefaultCertificateNameForIdentity(identity3);
- shared_ptr<IdentityCertificate> idCert3 = m_keyChain.getCertificate(certName3);
+ shared_ptr<v1::IdentityCertificate> idCert3 = m_keyChain.getCertificate(certName3);
io::save(*idCert3, "trust-anchor-10-3.cert");
Name identity4 = identity;
identity4.append("Key4");
BOOST_REQUIRE_NO_THROW(addIdentity(identity4));
Name certName4 = m_keyChain.getDefaultCertificateNameForIdentity(identity4);
- shared_ptr<IdentityCertificate> idCert4 = m_keyChain.getCertificate(certName4);
+ shared_ptr<v1::IdentityCertificate> idCert4 = m_keyChain.getCertificate(certName4);
io::save(*idCert4, "trust-anchor-10-4.cert");
@@ -1119,7 +1119,7 @@
Name ecdsaIdentity("/TestValidatorConfig/FixedSignerChecker2/Ecdsa");
BOOST_REQUIRE_NO_THROW(addIdentity(ecdsaIdentity, EcdsaKeyParams()));
Name ecdsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecdsaIdentity);
- shared_ptr<IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
+ shared_ptr<v1::IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
io::save(*ecdsaCert, "trust-anchor-11.cert");
@@ -1261,12 +1261,12 @@
BOOST_FIXTURE_TEST_CASE(HierarchicalChecker, FacesFixture)
{
- std::vector<CertificateSubjectDescription> subjectDescription;
+ std::vector<v1::CertificateSubjectDescription> subjectDescription;
Name root("/TestValidatorConfig");
BOOST_REQUIRE_NO_THROW(addIdentity(root));
Name rootCertName = m_keyChain.getDefaultCertificateNameForIdentity(root);
- shared_ptr<IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
+ shared_ptr<v1::IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
io::save(*rootCert, "trust-anchor-6.cert");
@@ -1274,7 +1274,7 @@
BOOST_REQUIRE_NO_THROW(addIdentity(sld));
advanceClocks(time::milliseconds(100));
Name sldKeyName = m_keyChain.generateRsaKeyPairAsDefault(sld, true);
- shared_ptr<IdentityCertificate> sldCert =
+ shared_ptr<v1::IdentityCertificate> sldCert =
m_keyChain.prepareUnsignedIdentityCertificate(sldKeyName,
root,
time::system_clock::now(),
@@ -1287,7 +1287,7 @@
BOOST_REQUIRE_NO_THROW(addIdentity(nld));
advanceClocks(time::milliseconds(100));
Name nldKeyName = m_keyChain.generateRsaKeyPairAsDefault(nld, true);
- shared_ptr<IdentityCertificate> nldCert =
+ shared_ptr<v1::IdentityCertificate> nldCert =
m_keyChain.prepareUnsignedIdentityCertificate(nldKeyName,
sld,
time::system_clock::now(),
@@ -1366,12 +1366,12 @@
{
advanceClocks(time::nanoseconds(1));
- std::vector<CertificateSubjectDescription> subjectDescription;
+ std::vector<v1::CertificateSubjectDescription> subjectDescription;
Name root("/TestValidatorConfig");
BOOST_REQUIRE_NO_THROW(addIdentity(root));
Name rootCertName = m_keyChain.getDefaultCertificateNameForIdentity(root);
- shared_ptr<IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
+ shared_ptr<v1::IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
io::save(*rootCert, "trust-anchor-8.cert");
@@ -1379,7 +1379,7 @@
BOOST_REQUIRE_NO_THROW(addIdentity(sld));
advanceClocks(time::milliseconds(100));
Name sldKeyName = m_keyChain.generateRsaKeyPairAsDefault(sld, true);
- shared_ptr<IdentityCertificate> sldCert =
+ shared_ptr<v1::IdentityCertificate> sldCert =
m_keyChain.prepareUnsignedIdentityCertificate(sldKeyName,
root,
time::system_clock::now(),
@@ -1392,7 +1392,7 @@
BOOST_REQUIRE_NO_THROW(addIdentity(nld));
advanceClocks(time::milliseconds(100));
Name nldKeyName = m_keyChain.generateRsaKeyPairAsDefault(nld, true);
- shared_ptr<IdentityCertificate> nldCert =
+ shared_ptr<v1::IdentityCertificate> nldCert =
m_keyChain.prepareUnsignedIdentityCertificate(nldKeyName,
sld,
time::system_clock::now(),
@@ -1563,8 +1563,8 @@
Name firstIdentity;
Name secondIdentity;
- shared_ptr<IdentityCertificate> firstCert;
- shared_ptr<IdentityCertificate> secondCert;
+ shared_ptr<v1::IdentityCertificate> firstCert;
+ shared_ptr<v1::IdentityCertificate> secondCert;
util::DummyClientFace face;
ValidatorConfig validator;
diff --git a/tests/unit-tests/security/validator.t.cpp b/tests/unit-tests/security/validator.t.cpp
index 8fa26ec..65c5095 100644
--- a/tests/unit-tests/security/validator.t.cpp
+++ b/tests/unit-tests/security/validator.t.cpp
@@ -27,8 +27,11 @@
#include "../make-interest-data.hpp"
namespace ndn {
+namespace security {
namespace tests {
+using namespace ndn::tests;
+
BOOST_AUTO_TEST_SUITE(Security)
BOOST_FIXTURE_TEST_SUITE(TestValidator, IdentityManagementFixture)
@@ -94,12 +97,12 @@
Name identity("/TestValidator/RsaSignatureVerification");
BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
- shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
+ shared_ptr<v1::PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Name identity2("/TestValidator/RsaSignatureVerification/id2");
BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
- shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
+ shared_ptr<v1::PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Data data("/TestData/1");
BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
@@ -157,12 +160,12 @@
Name identity("/TestValidator/EcdsaSignatureVerification");
BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
- shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
+ shared_ptr<v1::PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
BOOST_REQUIRE(addIdentity(identity2, EcdsaKeyParams()));
Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
- shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
+ shared_ptr<v1::PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Data data("/TestData/1");
@@ -192,12 +195,12 @@
Name ecdsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/ecdsa");
BOOST_REQUIRE(addIdentity(ecdsaIdentity, EcdsaKeyParams()));
Name ecdsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecdsaIdentity);
- shared_ptr<IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
+ shared_ptr<v1::IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
Name rsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/rsa");
BOOST_REQUIRE(addIdentity(rsaIdentity, RsaKeyParams()));
Name rsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(rsaIdentity);
- shared_ptr<IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
+ shared_ptr<v1::IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
Name packetName("/Test/Packet/Name");
@@ -243,7 +246,7 @@
setNameComponent(*interest, signed_interest::POS_SIG_INFO, "not-SignatureInfo");
- PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
+ v1::PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
}
@@ -254,7 +257,7 @@
setNameComponent(*interest, signed_interest::POS_SIG_VALUE, "bad-signature-bits");
- PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
+ v1::PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
}
@@ -262,4 +265,5 @@
BOOST_AUTO_TEST_SUITE_END() // Security
} // namespace tests
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/util/command-interest-validator.t.cpp b/tests/unit-tests/util/command-interest-validator.t.cpp
new file mode 100644
index 0000000..029a163
--- /dev/null
+++ b/tests/unit-tests/util/command-interest-validator.t.cpp
@@ -0,0 +1,33 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2016 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "util/command-interest-validator.hpp"
+
+namespace ndn {
+namespace util {
+namespace tests {
+
+// CommandInterestValidator is deprecated, therefore no tests added
+// (just checking that code with header can be compiled)
+
+} // namespace tests
+} // namespace util
+} // namespace ndn
diff --git a/tests/unit-tests/util/crypto.t.cpp b/tests/unit-tests/util/crypto.t.cpp
new file mode 100644
index 0000000..9bf9f59
--- /dev/null
+++ b/tests/unit-tests/util/crypto.t.cpp
@@ -0,0 +1,55 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2016 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "util/crypto.hpp"
+
+#include "boost-test.hpp"
+
+namespace ndn {
+namespace crypto {
+namespace tests {
+
+BOOST_AUTO_TEST_SUITE(Util)
+BOOST_AUTO_TEST_SUITE(TestCrypto)
+
+BOOST_AUTO_TEST_CASE(Basic)
+{
+ const std::string testString = "Hello, world!";
+ ConstBufferPtr result;
+ BOOST_CHECK_NO_THROW(result = computeSha256Digest(reinterpret_cast<const uint8_t*>(testString.data()),
+ testString.size()));
+
+ BOOST_CHECK_EQUAL(result->size(), SHA256_DIGEST_SIZE);
+
+ const uint8_t expectedSha256[] = {0x31, 0x5f, 0x5b, 0xdb, 0x76, 0xd0, 0x78, 0xc4,
+ 0x3b, 0x8a, 0xc0, 0x06, 0x4e, 0x4a, 0x01, 0x64,
+ 0x61, 0x2b, 0x1f, 0xce, 0x77, 0xc8, 0x69, 0x34,
+ 0x5b, 0xfc, 0x94, 0xc7, 0x58, 0x94, 0xed, 0xd3};
+ BOOST_CHECK_EQUAL_COLLECTIONS(result->begin(), result->end(),
+ expectedSha256, expectedSha256 + sizeof(expectedSha256));
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestCrypto
+BOOST_AUTO_TEST_SUITE_END() // Util
+
+} // namespace tests
+} // namespace crypto
+} // namespace ndn
diff --git a/tests/unit-tests/util/digest.t.cpp b/tests/unit-tests/util/digest.t.cpp
index e1b3278..62be5d4 100644
--- a/tests/unit-tests/util/digest.t.cpp
+++ b/tests/unit-tests/util/digest.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -34,7 +34,7 @@
BOOST_AUTO_TEST_CASE(Sha256Digest)
{
uint8_t origin[4] = {0x01, 0x02, 0x03, 0x04};
- ConstBufferPtr digest1 = crypto::sha256(origin, 4);
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(origin, 4);
Sha256 statefulSha256;
statefulSha256.update(origin, 1);
@@ -52,8 +52,8 @@
BOOST_AUTO_TEST_CASE(Compute)
{
std::string input = "Hello, World!";
- ConstBufferPtr digest1 = crypto::sha256(reinterpret_cast<const uint8_t*>(input.data()),
- input.size());
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(reinterpret_cast<const uint8_t*>(input.data()),
+ input.size());
Sha256 hashObject;
hashObject << input;
@@ -69,8 +69,8 @@
BOOST_AUTO_TEST_CASE(ConstructFromStream)
{
std::string input = "Hello, World!";
- ConstBufferPtr digest1 = crypto::sha256(reinterpret_cast<const uint8_t*>(input.data()),
- input.size());
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(reinterpret_cast<const uint8_t*>(input.data()),
+ input.size());
std::istringstream is(input);
Sha256 hashObject(is);
@@ -107,7 +107,7 @@
0x01, 0xCC, 0x4B, 0xF9, 0x06, 0x13, 0xE0, 0x81,
0x4F, 0x00, 0xA7, 0xB0, 0x8B, 0xC7, 0xC6, 0x48,
0xFD, 0x86, 0x5A, 0x2A, 0xF6, 0xA2, 0x2C, 0xC2};
- ConstBufferPtr digest1 = crypto::sha256(origin, 32);
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(origin, 32);
std::string str("TEST");
Sha256 metaDigest;
@@ -126,7 +126,7 @@
BOOST_AUTO_TEST_CASE(OperatorString)
{
uint8_t origin[4] = {0x54, 0x45, 0x53, 0x54};
- ConstBufferPtr digest1 = crypto::sha256(origin, 4);
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(origin, 4);
std::string str("TEST");
Sha256 statefulSha256;
@@ -154,7 +154,7 @@
0x08, 0x07,
0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
};
- ConstBufferPtr digest1 = crypto::sha256(origin, sizeof(origin));
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(origin, sizeof(origin));
Sha256 statefulSha256;
Block block(origin, sizeof(origin));
@@ -170,7 +170,7 @@
BOOST_AUTO_TEST_CASE(OperatorUint64t)
{
uint64_t origin[4] = {1, 2, 3, 4};
- ConstBufferPtr digest1 = crypto::sha256(reinterpret_cast<uint8_t*>(origin), 32);
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(reinterpret_cast<uint8_t*>(origin), 32);
Sha256 statefulSha256;
statefulSha256 << origin[0];
@@ -204,7 +204,7 @@
BOOST_AUTO_TEST_CASE(ComputeDigest)
{
uint8_t origin[4] = {0x01, 0x02, 0x03, 0x04};
- ConstBufferPtr digest1 = crypto::sha256(origin, 4);
+ ConstBufferPtr digest1 = crypto::computeSha256Digest(origin, 4);
ConstBufferPtr digest2 = Sha256::computeDigest(origin, 4);
diff --git a/tests/unit-tests/util/in-memory-storage-common.t.cpp b/tests/unit-tests/util/in-memory-storage-common.t.cpp
index 9e7c814..da87929 100644
--- a/tests/unit-tests/util/in-memory-storage-common.t.cpp
+++ b/tests/unit-tests/util/in-memory-storage-common.t.cpp
@@ -278,8 +278,8 @@
{
shared_ptr<Data> data = makeData("/digest/compute");
- ndn::ConstBufferPtr digest1 = ndn::crypto::sha256(data->wireEncode().wire(),
- data->wireEncode().size());
+ ndn::ConstBufferPtr digest1 = ndn::crypto::computeSha256Digest(data->wireEncode().wire(),
+ data->wireEncode().size());
BOOST_CHECK_EQUAL(digest1->size(), 32);
InMemoryStorageEntry* entry = new InMemoryStorageEntry();
@@ -374,8 +374,8 @@
shared_ptr<Data> data7 = makeData("/c/c/1");
ims.insert(*data7);
- ndn::ConstBufferPtr digest1 = ndn::crypto::sha256(data->wireEncode().wire(),
- data->wireEncode().size());
+ ndn::ConstBufferPtr digest1 = ndn::crypto::computeSha256Digest(data->wireEncode().wire(),
+ data->wireEncode().size());
Name name("/a");
ims.erase(name);
@@ -396,8 +396,8 @@
shared_ptr<Data> data3 = makeData("/z/z/z");
ims.insert(*data3);
- ndn::ConstBufferPtr digest1 = ndn::crypto::sha256(data->wireEncode().wire(),
- data->wireEncode().size());
+ ndn::ConstBufferPtr digest1 = ndn::crypto::computeSha256Digest(data->wireEncode().wire(),
+ data->wireEncode().size());
shared_ptr<Interest> interest = makeInterest("");
interest->setName(Name(name).appendImplicitSha256Digest(digest1->buf(), digest1->size()));
diff --git a/tests/unit-tests/util/io.t.cpp b/tests/unit-tests/util/io.t.cpp
index f8ea2ae..b789020 100644
--- a/tests/unit-tests/util/io.t.cpp
+++ b/tests/unit-tests/util/io.t.cpp
@@ -248,11 +248,11 @@
identity.appendVersion();
BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
- shared_ptr<IdentityCertificate> idCert;
+ shared_ptr<security::v1::IdentityCertificate> idCert;
BOOST_REQUIRE_NO_THROW(idCert = m_keyChain.getCertificate(certName));
io::save(*idCert, filename);
- shared_ptr<IdentityCertificate> readCert = io::load<IdentityCertificate>(filename);
+ shared_ptr<security::v1::IdentityCertificate> readCert = io::load<security::v1::IdentityCertificate>(filename);
BOOST_CHECK(readCert != nullptr);
BOOST_CHECK_EQUAL(idCert->getName(), readCert->getName());
diff --git a/tools/ndnsec/cert-dump.hpp b/tools/ndnsec/cert-dump.hpp
index 414c098..cd56e6e 100644
--- a/tools/ndnsec/cert-dump.hpp
+++ b/tools/ndnsec/cert-dump.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -30,6 +30,7 @@
ndnsec_cert_dump(int argc, char** argv)
{
using namespace ndn;
+ using namespace ndn::security;
namespace po = boost::program_options;
std::string name;
@@ -72,134 +73,114 @@
p.add("name", 1);
po::variables_map vm;
- try
- {
- po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
- vm);
- po::notify(vm);
- }
- catch (const std::exception& e)
- {
- std::cerr << "ERROR: " << e.what() << std::endl;
- std::cerr << description << std::endl;
- return 1;
- }
+ try {
+ po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
+ vm);
+ po::notify(vm);
+ }
+ catch (const std::exception& e) {
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ std::cerr << description << std::endl;
+ return 1;
+ }
- if (vm.count("help") != 0)
- {
- std::cerr << description << std::endl;
- return 0;
- }
+ if (vm.count("help") != 0) {
+ std::cerr << description << std::endl;
+ return 0;
+ }
- if (vm.count("name") == 0)
- {
- std::cerr << "identity_name must be specified" << std::endl;
- std::cerr << description << std::endl;
- return 1;
- }
+ if (vm.count("name") == 0) {
+ std::cerr << "identity_name must be specified" << std::endl;
+ std::cerr << description << std::endl;
+ return 1;
+ }
- if (vm.count("key") != 0)
- {
- isCertName = false;
- isKeyName = true;
- }
- else if (vm.count("identity") != 0)
- {
- isCertName = false;
- isIdentityName = true;
- }
- else if (vm.count("file") != 0)
- {
- isCertName = false;
- // isFileName = true;
- }
+ if (vm.count("key") != 0) {
+ isCertName = false;
+ isKeyName = true;
+ }
+ else if (vm.count("identity") != 0) {
+ isCertName = false;
+ isIdentityName = true;
+ }
+ else if (vm.count("file") != 0) {
+ isCertName = false;
+ // isFileName = true;
+ }
if (vm.count("pretty") != 0)
isPretty = true;
- if (vm.count("repo-output") != 0)
- {
- isRepoOut = true;
- isStdOut = false;
- }
- else if (vm.count("dns-output") != 0)
- {
- // isDnsOut = true;
- isStdOut = false;
- std::cerr << "Error: DNS output is not supported yet!" << std::endl;
- return 1;
- }
+ if (vm.count("repo-output") != 0) {
+ isRepoOut = true;
+ isStdOut = false;
+ }
+ else if (vm.count("dns-output") != 0) {
+ // isDnsOut = true;
+ isStdOut = false;
+ std::cerr << "Error: DNS output is not supported yet!" << std::endl;
+ return 1;
+ }
- if (isPretty && !isStdOut)
- {
- std::cerr << "Error: pretty option can only be specified when other "
- << "output option is specified" << std::endl;
- return 1;
- }
+ if (isPretty && !isStdOut) {
+ std::cerr << "Error: pretty option can only be specified when other "
+ << "output option is specified" << std::endl;
+ return 1;
+ }
- shared_ptr<IdentityCertificate> certificate;
+ shared_ptr<v1::IdentityCertificate> certificate;
KeyChain keyChain;
- if (isIdentityName || isKeyName || isCertName)
- {
- if (isIdentityName)
- {
- Name certName = keyChain.getDefaultCertificateNameForIdentity(name);
- certificate = keyChain.getCertificate(certName);
- }
- else if (isKeyName)
- {
- Name certName = keyChain.getDefaultCertificateNameForKey(name);
- certificate = keyChain.getCertificate(certName);
- }
- else
- certificate = keyChain.getCertificate(name);
+ if (isIdentityName || isKeyName || isCertName) {
+ if (isIdentityName) {
+ Name certName = keyChain.getDefaultCertificateNameForIdentity(name);
+ certificate = keyChain.getCertificate(certName);
+ }
+ else if (isKeyName) {
+ Name certName = keyChain.getDefaultCertificateNameForKey(name);
+ certificate = keyChain.getCertificate(certName);
+ }
+ else
+ certificate = keyChain.getCertificate(name);
- if (!static_cast<bool>(certificate))
- {
- std::cerr << "No certificate found!" << std::endl;
- return 1;
- }
+ if (!static_cast<bool>(certificate)) {
+ std::cerr << "No certificate found!" << std::endl;
+ return 1;
}
- else
- {
- certificate = getIdentityCertificate(name);
- if (!static_cast<bool>(certificate))
- {
- std::cerr << "No certificate read!" << std::endl;
- return 1;
- }
- }
+ }
+ else {
+ certificate = getIdentityCertificate(name);
+ if (!static_cast<bool>(certificate))
+ {
+ std::cerr << "No certificate read!" << std::endl;
+ return 1;
+ }
+ }
- if (isPretty)
- {
- std::cout << *certificate << std::endl;
+ if (isPretty) {
+ std::cout << *certificate << std::endl;
+ }
+ else {
+ if (isStdOut) {
+ io::save(*certificate, std::cout);
+ return 0;
}
- else
- {
- if (isStdOut)
- {
- io::save(*certificate, std::cout);
- return 0;
- }
- if (isRepoOut)
- {
- using namespace boost::asio::ip;
- tcp::iostream request_stream;
- request_stream.expires_from_now(boost::posix_time::milliseconds(3000));
- request_stream.connect(repoHost, repoPort);
- if (!request_stream)
- {
- std::cerr << "fail to open the stream!" << std::endl;
- return 1;
- }
- request_stream.write(reinterpret_cast<const char*>(certificate->wireEncode().wire()),
- certificate->wireEncode().size());
+ if (isRepoOut) {
+ using namespace boost::asio::ip;
+ tcp::iostream request_stream;
+ request_stream.expires_from_now(boost::posix_time::milliseconds(3000));
+ request_stream.connect(repoHost, repoPort);
+ if (!request_stream) {
+ std::cerr << "fail to open the stream!" << std::endl;
+ return 1;
+ }
+ request_stream.write(reinterpret_cast<const char*>(certificate->wireEncode().wire()),
+ certificate->wireEncode().size());
- return 0;
- }
+ return 0;
}
+ }
return 0;
}
diff --git a/tools/ndnsec/cert-gen.hpp b/tools/ndnsec/cert-gen.hpp
index 0016333..04da040 100644
--- a/tools/ndnsec/cert-gen.hpp
+++ b/tools/ndnsec/cert-gen.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -34,6 +34,7 @@
using namespace ndn;
using namespace ndn::time;
+ using namespace ndn::security;
namespace po = boost::program_options;
KeyChain keyChain;
@@ -107,8 +108,8 @@
return 1;
}
- std::vector<CertificateSubjectDescription> subjectDescription;
- subjectDescription.push_back(CertificateSubjectDescription(oid::ATTRIBUTE_NAME, subjectName));
+ std::vector<v1::CertificateSubjectDescription> subjectDescription;
+ subjectDescription.push_back(v1::CertificateSubjectDescription(oid::ATTRIBUTE_NAME, subjectName));
// 'subjectInfo' is deprecated and the following block will be removed eventually
tokenizer<escaped_list_separator<char> > subjectInfoItems
@@ -130,7 +131,7 @@
std::string value = *it;
- subjectDescription.push_back(CertificateSubjectDescription(OID(oid), value));
+ subjectDescription.push_back(v1::CertificateSubjectDescription(Oid(oid), value));
it++;
}
@@ -143,10 +144,10 @@
std::cerr << "ERROR: incorrectly formatted signed info block [" << *info << "]" << std::endl;
return 1;
}
- OID oid(info->substr(0, pos));
+ Oid oid(info->substr(0, pos));
std::string value = info->substr(pos + 1);
- subjectDescription.push_back(CertificateSubjectDescription(oid, value));
+ subjectDescription.push_back(v1::CertificateSubjectDescription(oid, value));
}
system_clock::TimePoint notBefore;
@@ -188,7 +189,7 @@
return 1;
}
- shared_ptr<IdentityCertificate> selfSignedCertificate
+ shared_ptr<v1::IdentityCertificate> selfSignedCertificate
= getIdentityCertificate(requestFile);
if (!static_cast<bool>(selfSignedCertificate))
@@ -199,7 +200,7 @@
Name keyName = selfSignedCertificate->getPublicKeyName();
- shared_ptr<IdentityCertificate> certificate =
+ shared_ptr<v1::IdentityCertificate> certificate =
keyChain.prepareUnsignedIdentityCertificate(keyName, selfSignedCertificate->getPublicKeyInfo(),
signId, notBefore, notAfter,
subjectDescription, certPrefix);
@@ -219,17 +220,13 @@
Block wire = certificate->wireEncode();
- try
- {
- using namespace CryptoPP;
- StringSource ss(wire.wire(), wire.size(), true,
- new Base64Encoder(new FileSink(std::cout), true, 64));
- }
- catch (const CryptoPP::Exception& e)
- {
- std::cerr << "ERROR: " << e.what() << std::endl;
- return 1;
- }
+ try {
+ transform::bufferSource(wire.wire(), wire.size()) >> transform::base64Encode(true) >> transform::streamSink(std::cout);
+ }
+ catch (const transform::Error& e) {
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ return 1;
+ }
return 0;
}
diff --git a/tools/ndnsec/cert-install.hpp b/tools/ndnsec/cert-install.hpp
index c8eb052..a1416ff 100644
--- a/tools/ndnsec/cert-install.hpp
+++ b/tools/ndnsec/cert-install.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -26,7 +26,6 @@
#include "util.hpp"
-
class HttpException : public std::runtime_error
{
public:
@@ -37,7 +36,7 @@
}
};
-ndn::shared_ptr<ndn::IdentityCertificate>
+ndn::shared_ptr<ndn::security::v1::IdentityCertificate>
getCertificateHttp(const std::string& host, const std::string& port, const std::string& path)
{
using namespace boost::asio::ip;
@@ -46,10 +45,9 @@
requestStream.expires_from_now(boost::posix_time::milliseconds(3000));
requestStream.connect(host, port);
- if (!static_cast<bool>(requestStream))
- {
- throw HttpException("HTTP connection error");
- }
+ if (!static_cast<bool>(requestStream)) {
+ throw HttpException("HTTP connection error");
+ }
requestStream << "GET " << path << " HTTP/1.0\r\n";
requestStream << "Host: " << host << "\r\n";
requestStream << "Accept: */*\r\n";
@@ -72,26 +70,23 @@
std::string statusMessage;
std::getline(responseStream, statusMessage);
- if (!static_cast<bool>(requestStream) || httpVersion.substr(0, 5) != "HTTP/")
- {
- throw HttpException("HTTP communication error");
- }
- if (statusCode != 200)
- {
- throw HttpException("HTTP server error");
- }
+ if (!static_cast<bool>(requestStream) || httpVersion.substr(0, 5) != "HTTP/") {
+ throw HttpException("HTTP communication error");
+ }
+ if (statusCode != 200) {
+ throw HttpException("HTTP server error");
+ }
std::string header;
while (std::getline(requestStream, header) && header != "\r")
;
ndn::OBufferStream os;
{
- using namespace CryptoPP;
- FileSource ss2(requestStream, true, new Base64Decoder(new FileSink(os)));
+ using namespace ndn::security::transform;
+ streamSource(requestStream) >> base64Decode(true) >> streamSink(os);
}
- ndn::shared_ptr<ndn::IdentityCertificate> identityCertificate =
- ndn::make_shared<ndn::IdentityCertificate>();
+ auto identityCertificate = std::make_shared<ndn::security::v1::IdentityCertificate>();
identityCertificate->wireDecode(ndn::Block(os.buf()));
return identityCertificate;
@@ -101,6 +96,7 @@
ndnsec_cert_install(int argc, char** argv)
{
using namespace ndn;
+ using namespace ndn::security;
namespace po = boost::program_options;
std::string certFileName;
@@ -122,107 +118,93 @@
p.add("cert-file", 1);
po::variables_map vm;
- try
- {
+ try {
po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
vm);
po::notify(vm);
}
- catch (const std::exception& e)
- {
+ catch (const std::exception& e) {
std::cerr << "ERROR: " << e.what() << std::endl;
return 1;
}
- if (vm.count("help") != 0)
- {
+ if (vm.count("help") != 0) {
std::cerr << description << std::endl;
return 0;
}
- if (vm.count("cert-file") == 0)
- {
- std::cerr << "cert_file must be specified" << std::endl;
- std::cerr << description << std::endl;
- return 1;
+ if (vm.count("cert-file") == 0) {
+ std::cerr << "cert_file must be specified" << std::endl;
+ std::cerr << description << std::endl;
+ return 1;
+ }
+
+ if (vm.count("identity-default") != 0) {
+ isIdentityDefault = true;
+ isSystemDefault = false;
+ }
+ else if (vm.count("key-default") != 0) {
+ isKeyDefault = true;
+ isSystemDefault = false;
+ }
+ else if (vm.count("no-default") != 0) {
+ // noDefault = true;
+ isSystemDefault = false;
+ }
+
+ shared_ptr<v1::IdentityCertificate> cert;
+
+ if (certFileName.find("http://") == 0) {
+ std::string host;
+ std::string port;
+ std::string path;
+
+ size_t pos = 7; // offset of "http://"
+ size_t posSlash = certFileName.find("/", pos);
+
+ if (posSlash == std::string::npos)
+ throw HttpException("Request line is not correctly formatted");
+
+ size_t posPort = certFileName.find(":", pos);
+
+ if (posPort != std::string::npos && posPort < posSlash) {
+ // port is specified
+ port = certFileName.substr(posPort + 1, posSlash - posPort - 1);
+ host = certFileName.substr(pos, posPort - pos);
+ }
+ else {
+ port = "80";
+ host = certFileName.substr(pos, posSlash - pos);
}
- if (vm.count("identity-default") != 0)
- {
- isIdentityDefault = true;
- isSystemDefault = false;
- }
- else if (vm.count("key-default") != 0)
- {
- isKeyDefault = true;
- isSystemDefault = false;
- }
- else if (vm.count("no-default") != 0)
- {
- // noDefault = true;
- isSystemDefault = false;
- }
+ path = certFileName.substr(posSlash, certFileName.size () - posSlash);
- shared_ptr<IdentityCertificate> cert;
-
- if (certFileName.find("http://") == 0)
- {
- std::string host;
- std::string port;
- std::string path;
-
- size_t pos = 7; // offset of "http://"
- size_t posSlash = certFileName.find("/", pos);
-
- if (posSlash == std::string::npos)
- throw HttpException("Request line is not correctly formatted");
-
- size_t posPort = certFileName.find(":", pos);
-
- if (posPort != std::string::npos && posPort < posSlash) // port is specified
- {
- port = certFileName.substr(posPort + 1, posSlash - posPort - 1);
- host = certFileName.substr(pos, posPort - pos);
- }
- else
- {
- port = "80";
- host = certFileName.substr(pos, posSlash - pos);
- }
-
- path = certFileName.substr(posSlash, certFileName.size () - posSlash);
-
- cert = getCertificateHttp(host, port, path);
- }
- else
- {
- cert = getIdentityCertificate(certFileName);
- }
+ cert = getCertificateHttp(host, port, path);
+ }
+ else {
+ cert = getIdentityCertificate(certFileName);
+ }
if (!static_cast<bool>(cert))
return 1;
KeyChain keyChain;
- if (isSystemDefault)
- {
- keyChain.addCertificateAsIdentityDefault(*cert);
- Name keyName = cert->getPublicKeyName();
- Name identity = keyName.getSubName(0, keyName.size()-1);
- keyChain.setDefaultIdentity(identity);
- }
- else if (isIdentityDefault)
- {
- keyChain.addCertificateAsIdentityDefault(*cert);
- }
- else if (isKeyDefault)
- {
- keyChain.addCertificateAsKeyDefault(*cert);
- }
- else
- {
- keyChain.addCertificate(*cert);
- }
+ if (isSystemDefault) {
+ keyChain.addCertificateAsIdentityDefault(*cert);
+ Name keyName = cert->getPublicKeyName();
+ Name identity = keyName.getSubName(0, keyName.size()-1);
+ keyChain.setDefaultIdentity(identity);
+ }
+ else if (isIdentityDefault) {
+ keyChain.addCertificateAsIdentityDefault(*cert);
+ }
+ else if (isKeyDefault) {
+ keyChain.addCertificateAsKeyDefault(*cert);
+ }
+ else {
+ keyChain.addCertificate(*cert);
+ }
std::cerr << "OK: certificate with name ["
<< cert->getName().toUri()
diff --git a/tools/ndnsec/cert-revoke.hpp b/tools/ndnsec/cert-revoke.hpp
index c2b20c8..6aa8d02 100644
--- a/tools/ndnsec/cert-revoke.hpp
+++ b/tools/ndnsec/cert-revoke.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -30,6 +30,7 @@
ndnsec_cert_revoke(int argc, char** argv)
{
using namespace ndn;
+ using namespace ndn::security;
namespace po = boost::program_options;
KeyChain keyChain;
@@ -56,136 +57,118 @@
p.add("request", 1);
po::variables_map vm;
- try
- {
- po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
- vm);
- po::notify(vm);
- }
- catch (const std::exception& e)
- {
- std::cerr << "ERROR: " << e.what() << std::endl;
- return 1;
- }
+ try {
+ po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
+ vm);
+ po::notify(vm);
+ }
+ catch (const std::exception& e) {
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ return 1;
+ }
- if (vm.count("help") != 0)
- {
- std::cerr << description << std::endl;
- return 0;
- }
+ if (vm.count("help") != 0) {
+ std::cerr << description << std::endl;
+ return 0;
+ }
hasSignId = (vm.count("sign-id") != 0);
- if (vm.count("request") == 0)
- {
- std::cerr << "request file must be specified" << std::endl;
- return 1;
- }
+ if (vm.count("request") == 0) {
+ std::cerr << "request file must be specified" << std::endl;
+ return 1;
+ }
- shared_ptr<IdentityCertificate> revokedCertificate
- = getIdentityCertificate(requestFile);
+ shared_ptr<v1::IdentityCertificate> revokedCertificate = getIdentityCertificate(requestFile);
- if (!static_cast<bool>(revokedCertificate))
- {
- std::cerr << "ERROR: input error" << std::endl;
- return 1;
- }
+ if (!static_cast<bool>(revokedCertificate)) {
+ std::cerr << "ERROR: input error" << std::endl;
+ return 1;
+ }
Block wire;
- try
- {
- Name keyName;
+ try {
+ Name keyName;
- if (hasSignId) {
- keyName = keyChain.getDefaultKeyNameForIdentity(signId);
- }
- else {
- const Signature& signature = revokedCertificate->getSignature();
- if (!signature.hasKeyLocator() ||
- signature.getKeyLocator().getType() != KeyLocator::KeyLocator_Name)
- {
- std::cerr << "ERROR: Invalid certificate to revoke" << std::endl;
- return 1;
- }
-
- keyName = IdentityCertificate::certificateNameToPublicKeyName(
- signature.getKeyLocator().getName());
- }
-
- Name certName;
- if (certPrefix == KeyChain::DEFAULT_PREFIX) {
- certName = revokedCertificate->getName().getPrefix(-1);
- }
- else {
- Name revokedKeyName = revokedCertificate->getPublicKeyName();
-
- if (certPrefix.isPrefixOf(revokedKeyName) && certPrefix != revokedKeyName) {
- certName.append(certPrefix)
- .append("KEY")
- .append(revokedKeyName.getSubName(certPrefix.size()))
- .append("ID-CERT");
- }
- else {
- std::cerr << "ERROR: certificate prefix does not match the revoked certificate"
- << std::endl;
- return 1;
- }
- }
- certName
- .appendVersion()
- .append("REVOKED");
-
- Data revocationCert;
- revocationCert.setName(certName);
-
- if (keyChain.doesPublicKeyExist(keyName))
+ if (hasSignId) {
+ keyName = keyChain.getDefaultKeyNameForIdentity(signId);
+ }
+ else {
+ const Signature& signature = revokedCertificate->getSignature();
+ if (!signature.hasKeyLocator() ||
+ signature.getKeyLocator().getType() != KeyLocator::KeyLocator_Name)
{
- Name signingCertificateName = keyChain.getDefaultCertificateNameForKey(keyName);
- keyChain.sign(revocationCert,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_CERT,
- signingCertificateName));
- }
- else
- {
- std::cerr << "ERROR: Cannot find the signing key!" << std::endl;
+ std::cerr << "ERROR: Invalid certificate to revoke" << std::endl;
return 1;
}
- wire = revocationCert.wireEncode();
+ keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(
+ signature.getKeyLocator().getName());
}
- catch (Signature::Error& e)
- {
- std::cerr << "ERROR: No valid signature!" << std::endl;
- return 1;
+
+ Name certName;
+ if (certPrefix == KeyChain::DEFAULT_PREFIX) {
+ certName = revokedCertificate->getName().getPrefix(-1);
}
- catch (KeyLocator::Error& e)
- {
- std::cerr << "ERROR: No valid KeyLocator!" << std::endl;
- return 1;
+ else {
+ Name revokedKeyName = revokedCertificate->getPublicKeyName();
+
+ if (certPrefix.isPrefixOf(revokedKeyName) && certPrefix != revokedKeyName) {
+ certName.append(certPrefix)
+ .append("KEY")
+ .append(revokedKeyName.getSubName(certPrefix.size()))
+ .append("ID-CERT");
+ }
+ else {
+ std::cerr << "ERROR: certificate prefix does not match the revoked certificate"
+ << std::endl;
+ return 1;
+ }
}
- catch (IdentityCertificate::Error& e)
- {
- std::cerr << "ERROR: Cannot determine the signing key!" << std::endl;
- return 1;
+ certName
+ .appendVersion()
+ .append("REVOKED");
+
+ Data revocationCert;
+ revocationCert.setName(certName);
+
+ if (keyChain.doesPublicKeyExist(keyName)) {
+ Name signingCertificateName = keyChain.getDefaultCertificateNameForKey(keyName);
+ keyChain.sign(revocationCert,
+ SigningInfo(SigningInfo::SIGNER_TYPE_CERT, signingCertificateName));
}
- catch (SecPublicInfo::Error& e)
- {
- std::cerr << "ERROR: Incomplete or corrupted PIB (" << e.what() << ")" << std::endl;
+ else {
+ std::cerr << "ERROR: Cannot find the signing key!" << std::endl;
return 1;
}
- try
- {
- using namespace CryptoPP;
- StringSource ss(wire.wire(), wire.size(), true,
- new Base64Encoder(new FileSink(std::cout), true, 64));
+ wire = revocationCert.wireEncode();
+ }
+ catch (const Signature::Error& e) {
+ std::cerr << "ERROR: No valid signature!" << std::endl;
+ return 1;
+ }
+ catch (const KeyLocator::Error& e) {
+ std::cerr << "ERROR: No valid KeyLocator!" << std::endl;
+ return 1;
+ }
+ catch (const v1::IdentityCertificate::Error& e) {
+ std::cerr << "ERROR: Cannot determine the signing key!" << std::endl;
+ return 1;
+ }
+ catch (const SecPublicInfo::Error& e) {
+ std::cerr << "ERROR: Incomplete or corrupted PIB (" << e.what() << ")" << std::endl;
+ return 1;
+ }
+
+ try {
+ transform::bufferSource(wire.wire(), wire.size()) >> transform::base64Encode(true) >> transform::streamSink(std::cout);
}
- catch (const CryptoPP::Exception& e)
- {
- std::cerr << "ERROR: " << e.what() << std::endl;
- return 1;
- }
+ catch (const transform::Error& e) {
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ return 1;
+ }
return 0;
}
diff --git a/tools/ndnsec/dsk-gen.hpp b/tools/ndnsec/dsk-gen.hpp
index 80a31ed..4f994c3 100644
--- a/tools/ndnsec/dsk-gen.hpp
+++ b/tools/ndnsec/dsk-gen.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -30,6 +30,7 @@
ndnsec_dsk_gen(int argc, char** argv)
{
using namespace ndn;
+ using namespace ndn::security;
namespace po = boost::program_options;
std::string identityName;
@@ -73,7 +74,7 @@
return 1;
}
- shared_ptr<IdentityCertificate> kskCert;
+ shared_ptr<v1::IdentityCertificate> kskCert;
Name signingCertName;
KeyChain keyChain;
@@ -92,14 +93,14 @@
}
if (isDefaultDsk) {
- shared_ptr<IdentityCertificate> dskCert = keyChain.getCertificate(defaultCertName);
+ shared_ptr<v1::IdentityCertificate> dskCert = keyChain.getCertificate(defaultCertName);
if (static_cast<bool>(dskCert)) {
SignatureSha256WithRsa sha256sig(dskCert->getSignature());
Name keyLocatorName = sha256sig.getKeyLocator().getName();
- Name kskName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
+ Name kskName = v1::IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
Name kskCertName = keyChain.getDefaultCertificateNameForKey(kskName);
signingCertName = kskCertName;
kskCert = keyChain.getCertificate(kskCertName);
@@ -153,7 +154,7 @@
.append("ID-CERT")
.appendVersion();
- shared_ptr<IdentityCertificate> certificate =
+ shared_ptr<v1::IdentityCertificate> certificate =
keyChain.prepareUnsignedIdentityCertificate(newKeyName,
Name(identityName),
kskCert->getNotBefore(),
diff --git a/tools/ndnsec/export.hpp b/tools/ndnsec/export.hpp
index 62933b8..cd0c786 100644
--- a/tools/ndnsec/export.hpp
+++ b/tools/ndnsec/export.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -49,31 +49,27 @@
p.add("identity", 1);
po::variables_map vm;
- try
- {
- po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
- vm);
- po::notify(vm);
- }
- catch (const std::exception& e)
- {
- std::cerr << "ERROR: " << e.what() << std::endl;
- std::cerr << description << std::endl;
- return 1;
- }
+ try {
+ po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(),
+ vm);
+ po::notify(vm);
+ }
+ catch (const std::exception& e) {
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ std::cerr << description << std::endl;
+ return 1;
+ }
- if (vm.count("help") != 0)
- {
- std::cerr << description << std::endl;
- return 0;
- }
+ if (vm.count("help") != 0) {
+ std::cerr << description << std::endl;
+ return 0;
+ }
- if (vm.count("identity") == 0)
- {
- std::cerr << "ERROR: identity must be specified" << std::endl;
- std::cerr << description << std::endl;
- return 1;
- }
+ if (vm.count("identity") == 0) {
+ std::cerr << "ERROR: identity must be specified" << std::endl;
+ std::cerr << description << std::endl;
+ return 1;
+ }
if (vm.count("private") != 0)
isPrivateExport = true;
@@ -82,54 +78,48 @@
output = "-";
Name identity(identityStr);
- if (!isPrivateExport)
- {
+ if (!isPrivateExport) {
+ KeyChain keyChain;
+ shared_ptr<security::v1::IdentityCertificate> cert
+ = keyChain.getCertificate(keyChain.getDefaultCertificateNameForIdentity(identity));
+
+ if (output == "-")
+ io::save(*cert, std::cout);
+ else
+ io::save(*cert, output);
+
+ return 0;
+ }
+ else {
+ Block wire;
+ try {
KeyChain keyChain;
- shared_ptr<IdentityCertificate> cert
- = keyChain.getCertificate(keyChain.getDefaultCertificateNameForIdentity(identity));
- if (output == "-")
- io::save(*cert, std::cout);
- else
- io::save(*cert, output);
-
- return 0;
- }
- else
- {
- Block wire;
- try
- {
- KeyChain keyChain;
-
- int count = 3;
- while (!getPassword(exportPassword, "Passphrase for the private key: "))
- {
- count--;
- if (count <= 0)
- {
- std::cerr << "ERROR: invalid password" << std::endl;
- memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
- return 1;
- }
- }
- shared_ptr<SecuredBag> securedBag = keyChain.exportIdentity(identity, exportPassword);
- memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
-
- if (output == "-")
- io::save(*securedBag, std::cout);
- else
- io::save(*securedBag, output);
-
- return 0;
- }
- catch (const std::runtime_error& e)
- {
- std::cerr << "ERROR: " << e.what() << std::endl;
+ int count = 3;
+ while (!getPassword(exportPassword, "Passphrase for the private key: ")) {
+ count--;
+ if (count <= 0) {
+ std::cerr << "ERROR: invalid password" << std::endl;
memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
return 1;
}
+ }
+ shared_ptr<SecuredBag> securedBag = keyChain.exportIdentity(identity, exportPassword);
+ memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+
+ if (output == "-")
+ io::save(*securedBag, std::cout);
+ else
+ io::save(*securedBag, output);
+
+ return 0;
}
+ catch (const std::runtime_error& e) {
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ memset(const_cast<char*>(exportPassword.c_str()), 0, exportPassword.size());
+ return 1;
+ }
+ }
}
#endif // NDN_TOOLS_NDNSEC_EXPORT_HPP
diff --git a/tools/ndnsec/key-gen.hpp b/tools/ndnsec/key-gen.hpp
index 16ce9c2..1384ac8 100644
--- a/tools/ndnsec/key-gen.hpp
+++ b/tools/ndnsec/key-gen.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -110,7 +110,7 @@
keyChain.setDefaultKeyNameForIdentity(keyName);
- shared_ptr<IdentityCertificate> identityCert = keyChain.selfSign(keyName);
+ shared_ptr<security::v1::IdentityCertificate> identityCert = keyChain.selfSign(keyName);
if (isDefault)
keyChain.setDefaultIdentity(Name(identityName));
diff --git a/tools/ndnsec/list.hpp b/tools/ndnsec/list.hpp
index 90b4757..8a750f2 100644
--- a/tools/ndnsec/list.hpp
+++ b/tools/ndnsec/list.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -40,7 +40,7 @@
std::cout << certName << std::endl;
if (verboseLevel >= 3) {
- ndn::shared_ptr<ndn::IdentityCertificate> certificate = keyChain.getCertificate(certName);
+ ndn::shared_ptr<ndn::security::v1::IdentityCertificate> certificate = keyChain.getCertificate(certName);
if (static_cast<bool>(certificate))
certificate->printCertificate(std::cout, " ");
}
diff --git a/tools/ndnsec/sign-req.hpp b/tools/ndnsec/sign-req.hpp
index d3ec904..bb8906e 100644
--- a/tools/ndnsec/sign-req.hpp
+++ b/tools/ndnsec/sign-req.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -30,6 +30,7 @@
ndnsec_sign_req(int argc, char** argv)
{
using namespace ndn;
+ using namespace ndn::security;
namespace po = boost::program_options;
std::string name;
@@ -75,7 +76,7 @@
if (vm.count("key") != 0)
isKeyName = true;
- shared_ptr<IdentityCertificate> selfSignCert;
+ shared_ptr<v1::IdentityCertificate> selfSignCert;
KeyChain keyChain;
diff --git a/tools/ndnsec/util.hpp b/tools/ndnsec/util.hpp
index 253f170..696d348 100644
--- a/tools/ndnsec/util.hpp
+++ b/tools/ndnsec/util.hpp
@@ -37,9 +37,6 @@
#include <boost/asio.hpp>
#include <boost/exception/all.hpp>
-
-#include "security/cryptopp.hpp"
-
#include "security/key-chain.hpp"
#include "util/io.hpp"
@@ -84,14 +81,14 @@
#endif // NDN_CXX_HAVE_GETPASS
}
-ndn::shared_ptr<ndn::IdentityCertificate>
+ndn::shared_ptr<ndn::security::v1::IdentityCertificate>
getIdentityCertificate(const std::string& fileName)
{
if (fileName == "-")
- return ndn::io::load<ndn::IdentityCertificate>(std::cin);
+ return ndn::io::load<ndn::security::v1::IdentityCertificate>(std::cin);
else
- return ndn::io::load<ndn::IdentityCertificate>(fileName);
+ return ndn::io::load<ndn::security::v1::IdentityCertificate>(fileName);
}