security: Support ECDSA verification in all related classes.
This commit also addresses some old issues, such as "using namespace std".
Change-Id: I62b8ff97fb2b6f6cfe04b0ad5866bc0797e6e43b
Refs: #1660
diff --git a/src/security/key-chain.hpp b/src/security/key-chain.hpp
index b6b9bbf..0a6c65c 100644
--- a/src/security/key-chain.hpp
+++ b/src/security/key-chain.hpp
@@ -75,14 +75,7 @@
const std::string& tpmName);
virtual
- ~KeyChain()
- {
- if (m_pib != 0)
- delete m_pib;
-
- if (m_tpm != 0)
- delete m_tpm;
- }
+ ~KeyChain();
/**
* @brief Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a
@@ -777,35 +770,20 @@
void
KeyChain::sign(T& packet, const IdentityCertificate& certificate)
{
- switch (certificate.getPublicKeyInfo().getKeyType())
- {
- case KEY_TYPE_RSA:
- {
- // For temporary usage, we support SHA256 only, but will support more.
- SignatureSha256WithRsa signature;
- // implicit conversion should take care
- signature.setKeyLocator(certificate.getName().getPrefix(-1));
- signPacketWrapper(packet, signature,
- certificate.getPublicKeyName(),
- DIGEST_ALGORITHM_SHA256);
- return;
- }
- case KEY_TYPE_ECDSA:
- {
- // For temporary usage, we support SHA256 only, but will support more.
- SignatureSha256WithEcdsa signature;
- // implicit conversion should take care
- signature.setKeyLocator(certificate.getName().getPrefix(-1));
+ shared_ptr<SignatureWithPublicKey> signature =
+ determineSignatureWithPublicKey(certificate.getPublicKeyInfo().getKeyType());
- signPacketWrapper(packet, signature,
- certificate.getPublicKeyName(),
- DIGEST_ALGORITHM_SHA256);
- return;
- }
- default:
- throw SecPublicInfo::Error("unknown key type!");
- }
+ if (!static_cast<bool>(signature))
+ throw SecPublicInfo::Error("unknown key type!");
+
+ signature->setKeyLocator(certificate.getName().getPrefix(-1));
+
+ signPacketWrapper(packet, *signature,
+ certificate.getPublicKeyName(),
+ DIGEST_ALGORITHM_SHA256);
+
+ return;
}
}