Avoid deprecated Data::getSignature()
Change-Id: Id644d5bd4414ed97d70ed108637516199d806be9
diff --git a/.travis.yml b/.travis.yml
index 7c63efd..9eb8ffe 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -38,6 +38,12 @@
- os: osx
osx_image: xcode11.3
env: # default compiler
+ - os: osx
+ osx_image: xcode11.6
+ env: # default compiler
+ - os: osx
+ osx_image: xcode12
+ env: # default compiler
allow_failures:
- env: COMPILER=clang++-11
diff --git a/src/ca-detail/ca-memory.cpp b/src/ca-detail/ca-memory.cpp
index ce5bd98..d6f6563 100644
--- a/src/ca-detail/ca-memory.cpp
+++ b/src/ca-detail/ca-memory.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2017-2019, Regents of the University of California.
+/*
+ * Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
*
@@ -20,6 +20,8 @@
#include "ca-memory.hpp"
+#include <ndn-cxx/security/validation-policy.hpp>
+
namespace ndn {
namespace ndncert {
@@ -103,22 +105,18 @@
}
// certificate related
-security::v2::Certificate
+security::Certificate
CaMemory::getCertificate(const std::string& certId)
{
- security::v2::Certificate cert;
auto search = m_issuedCerts.find(certId);
if (search != m_issuedCerts.end()) {
- cert = search->second;
- return cert;
+ return search->second;
}
- else {
- BOOST_THROW_EXCEPTION(Error("Certificate with ID " + certId + " does not exists"));
- }
+ BOOST_THROW_EXCEPTION(Error("Certificate with ID " + certId + " does not exists"));
}
void
-CaMemory::addCertificate(const std::string& certId, const security::v2::Certificate& cert)
+CaMemory::addCertificate(const std::string& certId, const security::Certificate& cert)
{
auto search = m_issuedCerts.find(certId);
if (search == m_issuedCerts.end()) {
@@ -130,7 +128,7 @@
}
void
-CaMemory::updateCertificate(const std::string& certId, const security::v2::Certificate& cert)
+CaMemory::updateCertificate(const std::string& certId, const security::Certificate& cert)
{
m_issuedCerts[certId] = cert;
}
@@ -144,22 +142,23 @@
}
}
-std::list<security::v2::Certificate>
+std::list<security::Certificate>
CaMemory::listAllIssuedCertificates()
{
- std::list<security::v2::Certificate> result;
+ std::list<security::Certificate> result;
for (const auto& entry : m_issuedCerts) {
result.push_back(entry.second);
}
return result;
}
-std::list<security::v2::Certificate>
+std::list<security::Certificate>
CaMemory::listAllIssuedCertificates(const Name& caName)
{
- std::list<security::v2::Certificate> result;
+ std::list<security::Certificate> result;
for (const auto& entry : m_issuedCerts) {
- if (entry.second.getSignature().getKeyLocator().getName().getPrefix(-2) == caName) {
+ const auto& klName = entry.second.getSignatureInfo().getKeyLocator().getName();
+ if (security::extractIdentityNameFromKeyLocator(klName) == caName) {
result.push_back(entry.second);
}
}
diff --git a/src/ca-detail/ca-memory.hpp b/src/ca-detail/ca-memory.hpp
index d695359..fb61218 100644
--- a/src/ca-detail/ca-memory.hpp
+++ b/src/ca-detail/ca-memory.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2017, Regents of the University of California.
+/*
+ * Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
*
@@ -52,27 +52,27 @@
listAllRequests(const Name& caName) override;
// certificate related
- security::v2::Certificate
+ security::Certificate
getCertificate(const std::string& certId) override;
void
- addCertificate(const std::string& certId, const security::v2::Certificate& cert) override;
+ addCertificate(const std::string& certId, const security::Certificate& cert) override;
void
- updateCertificate(const std::string& certId, const security::v2::Certificate& cert) override;
+ updateCertificate(const std::string& certId, const security::Certificate& cert) override;
void
deleteCertificate(const std::string& certId) override;
- std::list<security::v2::Certificate>
+ std::list<security::Certificate>
listAllIssuedCertificates() override;
- std::list<security::v2::Certificate>
+ std::list<security::Certificate>
listAllIssuedCertificates(const Name& caName) override;
private:
std::map<std::string, CertificateRequest> m_requests;
- std::map<std::string, security::v2::Certificate> m_issuedCerts;
+ std::map<std::string, security::Certificate> m_issuedCerts;
};
} // namespace ndncert
diff --git a/src/ca-detail/ca-sqlite.cpp b/src/ca-detail/ca-sqlite.cpp
index cf53022..6b5b4a2 100644
--- a/src/ca-detail/ca-sqlite.cpp
+++ b/src/ca-detail/ca-sqlite.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2017-2019, Regents of the University of California.
+/*
+ * Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
*
@@ -19,6 +19,8 @@
*/
#include "ca-sqlite.hpp"
+
+#include <ndn-cxx/security/validation-policy.hpp>
#include <ndn-cxx/util/sqlite3-statement.hpp>
#include <sqlite3.h>
@@ -27,8 +29,7 @@
namespace ndn {
namespace ndncert {
-const std::string
-CaSqlite::STORAGE_TYPE = "ca-storage-sqlite3";
+const std::string CaSqlite::STORAGE_TYPE = "ca-storage-sqlite3";
NDNCERT_REGISTER_CA_STORAGE(CaSqlite);
@@ -99,7 +100,7 @@
// initialize database specific tables
char* errorMessage = nullptr;
- result = sqlite3_exec(m_database, INITIALIZATION.c_str(),
+ result = sqlite3_exec(m_database, INITIALIZATION.data(),
nullptr, nullptr, &errorMessage);
if (result != SQLITE_OK && errorMessage != nullptr) {
sqlite3_free(errorMessage);
@@ -124,7 +125,7 @@
Name caName(statement.getBlock(2));
int status = statement.getInt(3);
std::string challengeStatus = statement.getString(4);
- security::v2::Certificate cert(statement.getBlock(6));
+ security::Certificate cert(statement.getBlock(6));
std::string challengeType = statement.getString(7);
std::string challengeSecrets = statement.getString(8);
std::string challengeTp = statement.getString(9);
@@ -244,12 +245,12 @@
std::list<CertificateRequest> result;
Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT * FROM CertRequests)_SQLTEXT_");
- while(statement.step() == SQLITE_ROW) {
+ while (statement.step() == SQLITE_ROW) {
std::string requestId = statement.getString(1);
Name caName(statement.getBlock(2));
int status = statement.getInt(3);
std::string challengeStatus = statement.getString(4);
- security::v2::Certificate cert(statement.getBlock(6));
+ security::Certificate cert(statement.getBlock(6));
std::string challengeType = statement.getString(7);
std::string challengeSecrets = statement.getString(8);
std::string challengeTp = statement.getString(9);
@@ -271,12 +272,12 @@
R"_SQLTEXT_(SELECT * FROM CertRequests WHERE ca_name = ?)_SQLTEXT_");
statement.bind(1, caName.wireEncode(), SQLITE_TRANSIENT);
- while(statement.step() == SQLITE_ROW) {
+ while (statement.step() == SQLITE_ROW) {
std::string requestId = statement.getString(1);
Name caName(statement.getBlock(2));
int status = statement.getInt(3);
std::string challengeStatus = statement.getString(4);
- security::v2::Certificate cert(statement.getBlock(6));
+ security::Certificate cert(statement.getBlock(6));
std::string challengeType = statement.getString(7);
std::string challengeSecrets = statement.getString(8);
std::string challengeTp = statement.getString(9);
@@ -299,7 +300,7 @@
statement.step();
}
-security::v2::Certificate
+security::Certificate
CaSqlite::getCertificate(const std::string& certId)
{
Sqlite3Statement statement(m_database,
@@ -307,8 +308,7 @@
statement.bind(1, certId, SQLITE_TRANSIENT);
if (statement.step() == SQLITE_ROW) {
- security::v2::Certificate cert(statement.getBlock(0));
- return cert;
+ return security::Certificate(statement.getBlock(0));
}
else {
BOOST_THROW_EXCEPTION(Error("Certificate with ID " + certId + " cannot be fetched from database"));
@@ -316,7 +316,7 @@
}
void
-CaSqlite::addCertificate(const std::string& certId, const security::v2::Certificate& cert)
+CaSqlite::addCertificate(const std::string& certId, const security::Certificate& cert)
{
Sqlite3Statement statement(m_database,
R"_SQLTEXT_(INSERT INTO IssuedCerts (cert_id, cert_key_name, cert)
@@ -331,7 +331,7 @@
}
void
-CaSqlite::updateCertificate(const std::string& certId, const security::v2::Certificate& cert)
+CaSqlite::updateCertificate(const std::string& certId, const security::Certificate& cert)
{
Sqlite3Statement statement(m_database,
R"_SQLTEXT_(UPDATE IssuedCerts SET cert = ? WHERE cert_id = ?)_SQLTEXT_");
@@ -352,26 +352,26 @@
statement.step();
}
-std::list<security::v2::Certificate>
+std::list<security::Certificate>
CaSqlite::listAllIssuedCertificates()
{
- std::list<security::v2::Certificate> result;
+ std::list<security::Certificate> result;
Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT * FROM IssuedCerts)_SQLTEXT_");
while (statement.step() == SQLITE_ROW) {
- security::v2::Certificate cert(statement.getBlock(3));
- result.push_back(cert);
+ result.emplace_back(statement.getBlock(3));
}
return result;
}
-std::list<security::v2::Certificate>
+std::list<security::Certificate>
CaSqlite::listAllIssuedCertificates(const Name& caName)
{
auto allCerts = listAllIssuedCertificates();
- std::list<security::v2::Certificate> result;
+ std::list<security::Certificate> result;
for (const auto& entry : allCerts) {
- if (entry.getSignature().getKeyLocator().getName().getPrefix(-2) == caName) {
+ const auto& klName = entry.getSignatureInfo().getKeyLocator().getName();
+ if (security::extractIdentityNameFromKeyLocator(klName) == caName) {
result.push_back(entry);
}
}
diff --git a/src/ca-detail/ca-sqlite.hpp b/src/ca-detail/ca-sqlite.hpp
index 6249db5..9b09e1a 100644
--- a/src/ca-detail/ca-sqlite.hpp
+++ b/src/ca-detail/ca-sqlite.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2017, Regents of the University of California.
+/*
+ * Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
*
@@ -60,22 +60,22 @@
listAllRequests(const Name& caName) override;
// certificate related
- security::v2::Certificate
+ security::Certificate
getCertificate(const std::string& certId) override;
void
- addCertificate(const std::string& certId, const security::v2::Certificate& cert) override;
+ addCertificate(const std::string& certId, const security::Certificate& cert) override;
void
- updateCertificate(const std::string& certId, const security::v2::Certificate& cert) override;
+ updateCertificate(const std::string& certId, const security::Certificate& cert) override;
void
deleteCertificate(const std::string& certId) override;
- std::list<security::v2::Certificate>
+ std::list<security::Certificate>
listAllIssuedCertificates() override;
- std::list<security::v2::Certificate>
+ std::list<security::Certificate>
listAllIssuedCertificates(const Name& caName) override;
PUBLIC_WITH_TESTS_ELSE_PRIVATE:
diff --git a/src/ca-module.cpp b/src/ca-module.cpp
index 7dbb053..5e789f7 100644
--- a/src/ca-module.cpp
+++ b/src/ca-module.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2017-2019, Regents of the University of California.
+/*
+ * Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
*
@@ -127,7 +127,7 @@
}
else {
// if not a PROBE INFO, find an available name
- std::string availableId = "";
+ std::string availableId;
const auto& parameterJson = jsonFromBlock(request.getApplicationParameters());
if (parameterJson.empty()) {
_LOG_ERROR("Empty JSON obtained from the Interest parameter.");
@@ -459,7 +459,7 @@
CertificateRequest
CaModule::getCertificateRequest(const Interest& request)
{
- std::string requestId = "";
+ std::string requestId;
CertificateRequest certRequest;
try {
requestId = readString(request.getName().at(m_config.m_caName.size() + 2));
@@ -539,9 +539,9 @@
const auto& pib = m_keyChain.getPib();
const auto& identity = pib.getIdentity(m_config.m_caName);
const auto& cert = identity.getDefaultKey().getDefaultCertificate();
- std::string caInfo = "";
- if (m_config.m_caInfo == "") {
- caInfo = "Issued by " + cert.getSignature().getKeyLocator().getName().toUri();
+ std::string caInfo;
+ if (m_config.m_caInfo.empty()) {
+ caInfo = "Issued by " + cert.getSignatureInfo().getKeyLocator().getName().toUri();
}
else {
caInfo = m_config.m_caInfo;
diff --git a/src/challenge-module/challenge-credential.cpp b/src/challenge-module/challenge-credential.cpp
index f5d7434..69a6bbe 100644
--- a/src/challenge-module/challenge-credential.cpp
+++ b/src/challenge-module/challenge-credential.cpp
@@ -1,5 +1,5 @@
-/**
- * Copyright (c) 2017-2019, Regents of the University of California.
+/*
+ * Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
*
@@ -38,7 +38,7 @@
ChallengeCredential::ChallengeCredential(const std::string& configPath)
: ChallengeModule("Credential")
{
- if (configPath == "") {
+ if (configPath.empty()) {
m_configFile = std::string(SYSCONFDIR) + "/ndncert/challenge-credential.conf";
}
else {
@@ -109,7 +109,7 @@
ss2.clear();
// verify the credential and the self-signed cert
- Name signingKeyName = cert->getSignature().getKeyLocator().getName();
+ Name signingKeyName = cert->getSignatureInfo().getKeyLocator().getName();
for (auto anchor : m_trustAnchors) {
if (anchor.getKeyName() == signingKeyName) {
if (security::verifySignature(*cert, anchor) && security::verifySignature(*self, *cert)
diff --git a/tests/identity-management-fixture.cpp b/tests/identity-management-fixture.cpp
index a9251b4..db99d5a 100644
--- a/tests/identity-management-fixture.cpp
+++ b/tests/identity-management-fixture.cpp
@@ -92,7 +92,7 @@
v2::AdditionalDescription description;
description.set("type", "sub-certificate");
- info.appendTypeSpecificTlv(description.wireEncode());
+ info.addCustomTlv(description.wireEncode());
m_keyChain.sign(request, signingByIdentity(issuer).setSignatureInfo(info));
m_keyChain.setDefaultCertificate(subIdentity.getDefaultKey(), request);
diff --git a/tools/ndncert-client.cpp b/tools/ndncert-client.cpp
index bc5bb5a..d276fb1 100644
--- a/tools/ndncert-client.cpp
+++ b/tools/ndncert-client.cpp
@@ -1,5 +1,5 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
+/*
* Copyright (c) 2017-2020, Regents of the University of California.
*
* This file is part of ndncert, a certificate management system based on NDN.
@@ -18,15 +18,18 @@
* See AUTHORS.md for complete list of ndncert authors and contributors.
*/
-#include "client-module.hpp"
#include "challenge-module.hpp"
+#include "client-module.hpp"
+
+#include <csignal>
#include <iostream>
#include <string>
-#include <csignal>
-#include <boost/program_options/options_description.hpp>
-#include <boost/program_options/variables_map.hpp>
-#include <boost/program_options/parsers.hpp>
+
#include <boost/asio.hpp>
+#include <boost/program_options/options_description.hpp>
+#include <boost/program_options/parsers.hpp>
+#include <boost/program_options/variables_map.hpp>
+
#include <ndn-cxx/security/verification-helpers.hpp>
namespace ndn {
@@ -36,7 +39,7 @@
int nStep;
Face face;
-security::v2::KeyChain keyChain;
+security::KeyChain keyChain;
std::string challengeType;
int validityPeriod = -1;
ClientModule client(keyChain);
@@ -226,9 +229,10 @@
auto caItem = ClientConfig::extractCaItem(contentJson);
std::cerr << "Will use a new trust anchor, please double check the identity info: \n"
- << "This trust anchor information is signed by " << reply.getSignature().getKeyLocator() << std::endl
- << "The certificate is " << caItem.m_anchor << std::endl;
- std::cerr << "Do you trust the information? Type in YES or NO" << std::endl;
+ << "This trust anchor information is signed by " << reply.getSignatureInfo().getKeyLocator()
+ << std::endl
+ << "The certificate is " << caItem.m_anchor << std::endl
+ << "Do you trust the information? Type in YES or NO" << std::endl;
std::string answer;
getline(std::cin, answer);
@@ -380,8 +384,9 @@
po::options_description description("General Usage\n ndncert-client [-h] [-c] [-v]\n");
description.add_options()
("help,h", "produce help message")
- ("config-file,c", po::value<std::string>(&configFilePath), "config file name")
- ("validity-period,v", po::value<int>(&validityPeriod)->default_value(-1), "the validity period of your certificate being requested");
+ ("config-file,c", po::value<std::string>(&configFilePath), "configuration file name")
+ ("validity-period,v", po::value<int>(&validityPeriod)->default_value(-1),
+ "desired validity period (hours) of the certificate being requested");
po::positional_options_description p;
po::variables_map vm;