Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 1 | /** |
Jeff Thompson | 7687dc0 | 2013-09-13 11:54:07 -0700 | [diff] [blame] | 2 | * Copyright (C) 2013 Regents of the University of California. |
Jeff Thompson | 06e787d | 2013-09-12 19:00:55 -0700 | [diff] [blame] | 3 | * @author: Yingdi Yu <yingdi@cs.ucla.edu> |
Jeff Thompson | 7687dc0 | 2013-09-13 11:54:07 -0700 | [diff] [blame] | 4 | * @author: Jeff Thompson <jefft0@remap.ucla.edu> |
Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 5 | * See COPYING for copyright and distribution information. |
| 6 | */ |
| 7 | |
| 8 | #ifndef NDN_IDENTITY_MANAGER_HPP |
| 9 | #define NDN_IDENTITY_MANAGER_HPP |
| 10 | |
Jeff Thompson | 7b79eb6 | 2013-09-12 18:48:29 -0700 | [diff] [blame] | 11 | #include "../../data.hpp" |
Jeff Thompson | 9296f0c | 2013-09-23 18:10:27 -0700 | [diff] [blame^] | 12 | #include "identity-storage.hpp" |
Jeff Thompson | 86e1d75 | 2013-09-17 17:22:38 -0700 | [diff] [blame] | 13 | #include "private-key-storage.hpp" |
Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 14 | |
| 15 | namespace ndn { |
| 16 | |
Jeff Thompson | ffa36f9 | 2013-09-20 08:42:41 -0700 | [diff] [blame] | 17 | /** |
| 18 | * An IdentityManager is the interface of operations related to identity, keys, and certificates. |
| 19 | */ |
Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 20 | class IdentityManager { |
| 21 | public: |
Jeff Thompson | 9296f0c | 2013-09-23 18:10:27 -0700 | [diff] [blame^] | 22 | IdentityManager(const ptr_lib::shared_ptr<IdentityStorage>& identityStorage, const ptr_lib::shared_ptr<PrivateKeyStorage>& privateKeyStorage) |
| 23 | : identityStorage_(identityStorage), privateKeyStorage_(privateKeyStorage) |
Jeff Thompson | 86e1d75 | 2013-09-17 17:22:38 -0700 | [diff] [blame] | 24 | { |
| 25 | } |
| 26 | |
Jeff Thompson | 9296f0c | 2013-09-23 18:10:27 -0700 | [diff] [blame^] | 27 | #if 0 |
| 28 | /** |
| 29 | * Create identity, by default it will create a pair of Key-Signing-Key(KSK) for this identity and a self-signed certificate of the KSK |
| 30 | * @param identityName the name of the identity |
| 31 | * @return the key name of the auto-generated KSK of the identity |
| 32 | */ |
| 33 | Name |
| 34 | createIdentity(const Name& identityName); |
| 35 | #endif |
| 36 | |
| 37 | /** |
| 38 | * Get the default identity. |
| 39 | * @return The default identity name. |
| 40 | */ |
| 41 | Name |
| 42 | getDefaultIdentity() |
| 43 | { |
| 44 | return identityStorage_->getDefaultIdentity(); |
| 45 | } |
| 46 | |
| 47 | #if 0 |
| 48 | /** |
| 49 | * Generate a pair of RSA keys for the specified identity |
| 50 | * @param identityName the name of the identity |
| 51 | * @param ksk create a KSK or not, true for KSK, false for DSK |
| 52 | * @param keySize the size of the key |
| 53 | * @return the generated key name |
| 54 | */ |
| 55 | Name |
| 56 | generateRSAKeyPair(const Name& identityName, bool ksk = false, int keySize = 2048); |
| 57 | |
| 58 | /** |
| 59 | * Set a key as the default key of an identity |
| 60 | * @param keyName the name of the key |
| 61 | * @param identityName the name of the identity, if not specified the identity name can be inferred from the keyName |
| 62 | */ |
| 63 | void |
| 64 | setDefaultKeyForIdentity(const Name& keyName, const Name& identityName = Name()); |
| 65 | |
| 66 | /** |
| 67 | * Generate a pair of RSA keys for the specified identity and set it as default key of the identity |
| 68 | * @param identityName the name of the identity |
| 69 | * @param ksk create a KSK or not, true for KSK, false for DSK |
| 70 | * @param keySize the size of the key |
| 71 | * @return the generated key name |
| 72 | */ |
| 73 | Name |
| 74 | generateRSAKeyPairAsDefault(const Name& identityName, bool ksk = false, int keySize = 2048); |
| 75 | |
| 76 | /** |
| 77 | * Get public key with the specified name |
| 78 | * @param keyName name of the key |
| 79 | * @return the public key |
| 80 | */ |
| 81 | Ptr<Publickey> |
| 82 | getPublickey(const Name& keyName); |
| 83 | |
| 84 | /** |
| 85 | * Add a certificate into the public storage |
| 86 | * @param certificate the certificate to to added |
| 87 | */ |
| 88 | void |
| 89 | addCertificate(Ptr<Certificate> certificate); |
| 90 | |
| 91 | /** |
| 92 | * Set the certificate as the default of its corresponding key |
| 93 | * @param certificateName name of the certificate |
| 94 | */ |
| 95 | void |
| 96 | setDefaultCertificateForKey(const Name& certificateName); |
| 97 | |
| 98 | /** |
| 99 | * Add a certificate into the public storage and set the certificate as the default of its corresponding identity |
| 100 | * @param certificate the certificate to be added |
| 101 | */ |
| 102 | void |
| 103 | addCertificateAsIdentityDefault(const Certificate& certificate); |
| 104 | |
| 105 | /** |
| 106 | * Add a certificate into the public storage and set the certificate as the default of its corresponding key |
| 107 | * certificate the certificate to be added |
| 108 | */ |
| 109 | void |
| 110 | addCertificateAsDefault(const Certificate& certificate); |
| 111 | |
| 112 | /** |
| 113 | * Get a certificate with the specified name |
| 114 | * @param certificateName name of the requested certificate |
| 115 | * @return the requested certificate |
| 116 | */ |
| 117 | Ptr<Certificate> |
| 118 | getCertificate(const Name& certificateName); |
| 119 | |
| 120 | /** |
| 121 | * Get a certificate even if the certificate is not valid anymore |
| 122 | * @param certificateName name of the requested certificate |
| 123 | * @return the requested certificate |
| 124 | */ |
| 125 | Ptr<Certificate> |
| 126 | getAnyCertificate(const Name& certificateName); |
| 127 | #endif |
| 128 | |
| 129 | /** |
| 130 | * Get the default certificate name for the specified identity, which will be used when signing is performed based on identity. |
| 131 | * @param identityName The name of the specified identity. |
| 132 | * @return The requested certificate name. |
| 133 | */ |
| 134 | Name |
| 135 | getDefaultCertificateNameForIdentity(const Name& identityName) |
| 136 | { |
| 137 | return identityStorage_->getDefaultCertificateNameForIdentity(identityName); |
| 138 | } |
| 139 | |
| 140 | /** |
| 141 | * Get the default certificate name of the default identity, which will be used when signing is based on identity and |
| 142 | * the identity is not specified. |
| 143 | * @return The requested certificate name. |
| 144 | */ |
| 145 | Name |
| 146 | getDefaultCertificateName() |
| 147 | { |
| 148 | return identityStorage_->getDefaultCertificateNameForIdentity(getDefaultIdentity()); |
| 149 | } |
| 150 | |
| 151 | #if 0 |
| 152 | /** |
| 153 | * Sign blob based on identity |
| 154 | * @param blob the blob to be signed |
| 155 | * @param identityName the signing identity name |
| 156 | * @return the generated signature |
| 157 | */ |
| 158 | Ptr<Signature> |
| 159 | signByIdentity(const Blob& blob, const Name& identityName); |
| 160 | |
| 161 | /** |
| 162 | * Sign data based on identity |
| 163 | * @param data the data packet to be signed, on return the Signature inside the data packet will be set |
| 164 | * @param identityName the signing identity name |
| 165 | */ |
| 166 | void |
| 167 | signByIdentity(Data& data, const Name& identityName); |
| 168 | |
| 169 | /** |
| 170 | * sign blob based on certificate name |
| 171 | * @param blob the blob to be signed |
| 172 | * @param certificateName the signing certificate name |
| 173 | * @return the generated signature |
| 174 | */ |
| 175 | Ptr<Signature> |
| 176 | signByCertificate(const Blob& blob, const Name& certificateName); |
| 177 | #endif |
| 178 | |
Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 179 | /** |
Jeff Thompson | 86e1d75 | 2013-09-17 17:22:38 -0700 | [diff] [blame] | 180 | * Sign data packet based on the certificate name. |
Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 181 | * Note: the caller must make sure the timestamp in data is correct, for example with |
| 182 | * data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0). |
| 183 | * @param data The Data object to sign and update its signature. |
| 184 | * @param certificateName The Name identifying the certificate which identifies the signing key. |
| 185 | * @param wireFormat The WireFormat for calling encodeData, or WireFormat::getDefaultWireFormat() if omitted. |
| 186 | */ |
Jeff Thompson | 0050abe | 2013-09-17 12:50:25 -0700 | [diff] [blame] | 187 | void |
Jeff Thompson | 86e1d75 | 2013-09-17 17:22:38 -0700 | [diff] [blame] | 188 | signByCertificate(Data& data, const Name& certificateName, WireFormat& wireFormat = *WireFormat::getDefaultWireFormat()); |
| 189 | |
| 190 | private: |
Jeff Thompson | 9296f0c | 2013-09-23 18:10:27 -0700 | [diff] [blame^] | 191 | ptr_lib::shared_ptr<IdentityStorage> identityStorage_; |
Jeff Thompson | 86e1d75 | 2013-09-17 17:22:38 -0700 | [diff] [blame] | 192 | ptr_lib::shared_ptr<PrivateKeyStorage> privateKeyStorage_; |
Jeff Thompson | 4147191 | 2013-09-12 16:21:50 -0700 | [diff] [blame] | 193 | }; |
| 194 | |
| 195 | } |
| 196 | |
| 197 | #endif |