security: KeyChain: implement sign for buffers.
diff --git a/include/ndn-cpp/security/identity/identity-manager.hpp b/include/ndn-cpp/security/identity/identity-manager.hpp
index 1d6df04..5b07fa0 100644
--- a/include/ndn-cpp/security/identity/identity-manager.hpp
+++ b/include/ndn-cpp/security/identity/identity-manager.hpp
@@ -198,14 +198,26 @@
/**
* Sign the byte array data based on the certificate name.
- * @param data The data to be signed.
- * @param dataLength the length of data.
+ * @param buffer The byte array to be signed.
+ * @param bufferLength the length of buffer.
* @param certificateName The signing certificate name.
* @return The generated signature.
*/
ptr_lib::shared_ptr<Signature>
- signByCertificate(const uint8_t* data, size_t dataLength, const Name& certificateName);
-
+ signByCertificate(const uint8_t* buffer, size_t bufferLength, const Name& certificateName);
+
+ /**
+ * Sign the byte array data based on the certificate name.
+ * @param buffer The byte array to be signed.
+ * @param certificateName The signing certificate name.
+ * @return The generated signature.
+ */
+ ptr_lib::shared_ptr<Signature>
+ signByCertificate(const std::vector<uint8_t>& buffer, const Name& certificateName)
+ {
+ return signByCertificate(&buffer[0], buffer.size(), certificateName);
+ }
+
/**
* Sign data packet based on the certificate name.
* Note: the caller must make sure the timestamp in data is correct, for example with
diff --git a/include/ndn-cpp/security/key-chain.hpp b/include/ndn-cpp/security/key-chain.hpp
index 40e24fd..758c0fa 100644
--- a/include/ndn-cpp/security/key-chain.hpp
+++ b/include/ndn-cpp/security/key-chain.hpp
@@ -218,6 +218,28 @@
sign(Data& data, const Name& certificateName, WireFormat& wireFormat = *WireFormat::getDefaultWireFormat());
/**
+ * Sign the byte array using a certificate name and return a Signature object.
+ * @param buffer The byte array to be signed.
+ * @param bufferLength the length of buffer.
+ * @param certificateName The certificate name used to get the signing key and which will be put into KeyLocator.
+ * @return The Signature.
+ */
+ ptr_lib::shared_ptr<Signature>
+ sign(const uint8_t* buffer, size_t bufferLength, const Name& certificateName);
+
+ /**
+ * Sign the byte array using a certificate name and return a Signature object.
+ * @param buffer The byte array to be signed.
+ * @param certificateName The certificate name used to get the signing key and which will be put into KeyLocator.
+ * @return The Signature.
+ */
+ ptr_lib::shared_ptr<Signature>
+ sign(const std::vector<uint8_t>& buffer, const Name& certificateName)
+ {
+ return sign(&buffer[0], buffer.size(), certificateName);
+ }
+
+ /**
* Wire encode the Data object, sign it and set its signature.
* Note: the caller must make sure the timestamp is correct, for example with
* data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0).
@@ -229,6 +251,28 @@
signByIdentity(Data& data, const Name& identityName = Name(), WireFormat& wireFormat = *WireFormat::getDefaultWireFormat());
/**
+ * Sign the byte array using an identity name and return a Signature object.
+ * @param buffer The byte array to be signed.
+ * @param bufferLength the length of buffer.
+ * @param identityName The identity name.
+ * @return The Signature.
+ */
+ ptr_lib::shared_ptr<Signature>
+ signByIdentity(const uint8_t* buffer, size_t bufferLength, const Name& identityName);
+
+ /**
+ * Sign the byte array using an identity name and return a Signature object.
+ * @param buffer The byte array to be signed.
+ * @param identityName The identity name.
+ * @return The Signature.
+ */
+ ptr_lib::shared_ptr<Signature>
+ signByIdentity(const std::vector<uint8_t>& buffer, const Name& identityName)
+ {
+ return signByIdentity(&buffer[0], buffer.size(), identityName);
+ }
+
+ /**
* Check the signature on the Data object and call either onVerify or onVerifyFailed.
* We use callback functions because verify may fetch information to check the signature.
* @param data The Data object with the signature to check. It is an error if data does not have a wireEncoding.
diff --git a/ndn-cpp/security/identity/identity-manager.cpp b/ndn-cpp/security/identity/identity-manager.cpp
index c925f8f..eb9966e 100644
--- a/ndn-cpp/security/identity/identity-manager.cpp
+++ b/ndn-cpp/security/identity/identity-manager.cpp
@@ -166,13 +166,13 @@
}
ptr_lib::shared_ptr<Signature>
-IdentityManager::signByCertificate(const uint8_t* data, size_t dataLength, const Name& certificateName)
+IdentityManager::signByCertificate(const uint8_t* buffer, size_t bufferLength, const Name& certificateName)
{
Name keyName = identityStorage_->getKeyNameForCertificate(certificateName);
shared_ptr<PublicKey> publicKey = privateKeyStorage_->getPublicKey(keyName.toUri());
- Blob sigBits = privateKeyStorage_->sign(data, dataLength, keyName.toUri());
+ Blob sigBits = privateKeyStorage_->sign(buffer, bufferLength, keyName.toUri());
//For temporary usage, we support RSA + SHA256 only, but will support more.
shared_ptr<Sha256WithRsaSignature> sha256Sig(new Sha256WithRsaSignature());
diff --git a/ndn-cpp/security/key-chain.cpp b/ndn-cpp/security/key-chain.cpp
index 3fc3f77..c17960d 100644
--- a/ndn-cpp/security/key-chain.cpp
+++ b/ndn-cpp/security/key-chain.cpp
@@ -104,6 +104,12 @@
identityManager_->signByCertificate(data, certificateName, wireFormat);
}
+shared_ptr<Signature>
+KeyChain::sign(const uint8_t* buffer, size_t bufferLength, const Name& certificateName)
+{
+ return identityManager_->signByCertificate(buffer, bufferLength, certificateName);
+}
+
void
KeyChain::signByIdentity(Data& data, const Name& identityName, WireFormat& wireFormat)
{
@@ -128,6 +134,17 @@
identityManager_->signByCertificate(data, signingCertificateName);
}
+ shared_ptr<Signature>
+ KeyChain::signByIdentity(const uint8_t* buffer, size_t bufferLength, const Name& identityName)
+ {
+ Name signingCertificateName = identityManager_->getDefaultCertificateNameForIdentity(identityName);
+
+ if (signingCertificateName.size() == 0)
+ throw SecurityException("No qualified certificate name found!");
+
+ return identityManager_->signByCertificate(buffer, bufferLength, signingCertificateName);
+ }
+
void
KeyChain::verifyData
(const shared_ptr<Data>& data, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed, int stepCount)