code review fix
Change-Id: Ie616543094aaa31d596980ba7a3cef05de4351fc
diff --git a/src/ca-module.cpp b/src/ca-module.cpp
index e40a62d..39642bf 100644
--- a/src/ca-module.cpp
+++ b/src/ca-module.cpp
@@ -50,10 +50,10 @@
{
// load the config and create storage
m_config.load(configPath);
- m_storage = CaStorage::createCaStorage(storageType, m_config.m_caProfile.m_caPrefix, "");
+ m_storage = CaStorage::createCaStorage(storageType, m_config.caProfile.m_caPrefix, "");
random::generateSecureBytes(m_requestIdGenKey, 32);
- if (m_config.m_nameAssignmentFuncs.size() == 0) {
- m_config.m_nameAssignmentFuncs.push_back(NameAssignmentFunc::createNameAssignmentFunc("random"));
+ if (m_config.nameAssignmentFuncs.size() == 0) {
+ m_config.nameAssignmentFuncs.push_back(NameAssignmentFunc::createNameAssignmentFunc("random"));
}
registerPrefix();
}
@@ -72,7 +72,7 @@
CaModule::registerPrefix()
{
// register prefixes
- Name prefix = m_config.m_caProfile.m_caPrefix;
+ Name prefix = m_config.caProfile.m_caPrefix;
prefix.append("CA");
auto prefixId = m_face.registerPrefix(
@@ -120,16 +120,16 @@
{
if (m_profileData == nullptr) {
const auto& pib = m_keyChain.getPib();
- const auto& identity = pib.getIdentity( m_config.m_caProfile.m_caPrefix);
+ const auto& identity = pib.getIdentity( m_config.caProfile.m_caPrefix);
const auto& cert = identity.getDefaultKey().getDefaultCertificate();
- Block contentTLV = infotlv::encodeDataContent( m_config.m_caProfile, cert);
+ Block contentTLV = infotlv::encodeDataContent(m_config.caProfile, cert);
- Name infoPacketName( m_config.m_caProfile.m_caPrefix);
+ Name infoPacketName( m_config.caProfile.m_caPrefix);
infoPacketName.append("CA").append("INFO").appendVersion().appendSegment(0);
m_profileData = std::make_unique<Data>(infoPacketName);
m_profileData->setContent(contentTLV);
m_profileData->setFreshnessPeriod(DEFAULT_DATA_FRESHNESS_PERIOD);
- m_keyChain.sign(*m_profileData, signingByIdentity( m_config.m_caProfile.m_caPrefix));
+ m_keyChain.sign(*m_profileData, signingByIdentity( m_config.caProfile.m_caPrefix));
}
return *m_profileData;
}
@@ -146,7 +146,7 @@
Name discoveryInterestName(m_profileData->getName().getPrefix(-2));
name::Component metadataComponent(32, reinterpret_cast<const uint8_t*>("metadata"), std::strlen("metadata"));
discoveryInterestName.append(metadataComponent);
- m_face.put(metadata.makeData(discoveryInterestName, m_keyChain, signingByIdentity( m_config.m_caProfile.m_caPrefix)));
+ m_face.put(metadata.makeData(discoveryInterestName, m_keyChain, signingByIdentity( m_config.caProfile.m_caPrefix)));
}
void
@@ -158,7 +158,7 @@
// process PROBE requests: collect probe parameters
auto parameters = probetlv::decodeApplicationParameters(request.getApplicationParameters());
std::vector<PartialName> availableComponents;
- for (auto& item : m_config.m_nameAssignmentFuncs) {
+ for (auto& item : m_config.nameAssignmentFuncs) {
auto names = item->assignName(parameters);
availableComponents.insert(availableComponents.end(), names.begin(), names.end());
}
@@ -169,16 +169,16 @@
}
std::vector<Name> availableNames;
for (const auto& component : availableComponents) {
- Name newIdentityName = m_config.m_caProfile.m_caPrefix;
+ Name newIdentityName = m_config.caProfile.m_caPrefix;
newIdentityName.append(component);
availableNames.push_back(newIdentityName);
}
Data result;
result.setName(request.getName());
- result.setContent(probetlv::encodeDataContent(availableNames, m_config.m_caProfile.m_maxSuffixLength, m_config.m_redirection));
+ result.setContent(probetlv::encodeDataContent(availableNames, m_config.caProfile.m_maxSuffixLength, m_config.redirection));
result.setFreshnessPeriod(DEFAULT_DATA_FRESHNESS_PERIOD);
- m_keyChain.sign(result, signingByIdentity( m_config.m_caProfile.m_caPrefix));
+ m_keyChain.sign(result, signingByIdentity( m_config.caProfile.m_caPrefix));
m_face.put(result);
NDN_LOG_TRACE("Handle PROBE: send out the PROBE response");
}
@@ -237,16 +237,16 @@
hkdf(sharedSecret.data(), sharedSecret.size(), salt.data(), salt.size(), aesKey.data(), aesKey.size());
// verify identity name
- if (! m_config.m_caProfile.m_caPrefix.isPrefixOf(clientCert->getIdentity())
+ if (! m_config.caProfile.m_caPrefix.isPrefixOf(clientCert->getIdentity())
|| !security::Certificate::isValidName(clientCert->getName())
- || clientCert->getIdentity().size() <= m_config.m_caProfile.m_caPrefix.size()) {
+ || clientCert->getIdentity().size() <= m_config.caProfile.m_caPrefix.size()) {
NDN_LOG_ERROR("An invalid certificate name is being requested " << clientCert->getName());
m_face.put(generateErrorDataPacket(request.getName(), ErrorCode::NAME_NOT_ALLOWED,
"An invalid certificate name is being requested."));
return;
}
- if ( m_config.m_caProfile.m_maxSuffixLength) {
- if (clientCert->getIdentity().size() > m_config.m_caProfile.m_caPrefix.size() + * m_config.m_caProfile.m_maxSuffixLength) {
+ if ( m_config.caProfile.m_maxSuffixLength) {
+ if (clientCert->getIdentity().size() > m_config.caProfile.m_caPrefix.size() + * m_config.caProfile.m_maxSuffixLength) {
NDN_LOG_ERROR("An invalid certificate name is being requested " << clientCert->getName());
m_face.put(generateErrorDataPacket(request.getName(), ErrorCode::NAME_NOT_ALLOWED,
"An invalid certificate name is being requested."));
@@ -259,7 +259,7 @@
auto expectedPeriod = clientCert->getValidityPeriod().getPeriod();
auto currentTime = time::system_clock::now();
if (expectedPeriod.first < currentTime - REQUEST_VALIDITY_PERIOD_NOT_BEFORE_GRACE_PERIOD ||
- expectedPeriod.second > currentTime + m_config.m_caProfile.m_maxValidityPeriod ||
+ expectedPeriod.second > currentTime + m_config.caProfile.m_maxValidityPeriod ||
expectedPeriod.second <= expectedPeriod.first) {
NDN_LOG_ERROR("An invalid validity period is being requested.");
m_face.put(generateErrorDataPacket(request.getName(), ErrorCode::BAD_VALIDITY_PERIOD,
@@ -283,7 +283,7 @@
}
else if (requestType == RequestType::REVOKE) {
//verify cert is from this CA
- const auto& cert = m_keyChain.getPib().getIdentity( m_config.m_caProfile.m_caPrefix).getDefaultKey().getDefaultCertificate();
+ const auto& cert = m_keyChain.getPib().getIdentity( m_config.caProfile.m_caPrefix).getDefaultKey().getDefaultCertificate();
if (!security::verifySignature(*clientCert, cert)) {
NDN_LOG_ERROR("Invalid signature in the certificate to revoke.");
m_face.put(generateErrorDataPacket(request.getName(), ErrorCode::BAD_SIGNATURE,
@@ -308,7 +308,7 @@
std::memcpy(id.data(), requestIdData, id.size());
// initialize request state
RequestState requestState;
- requestState.caPrefix = m_config.m_caProfile.m_caPrefix;
+ requestState.caPrefix = m_config.caProfile.m_caPrefix;
requestState.requestId = id;
requestState.requestType = requestType;
requestState.cert = *clientCert;
@@ -328,8 +328,8 @@
result.setContent(requesttlv::encodeDataContent(myEcdhPubKeyBase64,
salt,
requestState.requestId, requestState.status,
- m_config.m_caProfile.m_supportedChallenges));
- m_keyChain.sign(result, signingByIdentity( m_config.m_caProfile.m_caPrefix));
+ m_config.caProfile.m_supportedChallenges));
+ m_keyChain.sign(result, signingByIdentity( m_config.caProfile.m_caPrefix));
m_face.put(result);
if (m_statusUpdateCallback) {
m_statusUpdateCallback(requestState);
@@ -427,7 +427,7 @@
result.setName(request.getName());
result.setFreshnessPeriod(DEFAULT_DATA_FRESHNESS_PERIOD);
result.setContent(payload);
- m_keyChain.sign(result, signingByIdentity( m_config.m_caProfile.m_caPrefix));
+ m_keyChain.sign(result, signingByIdentity( m_config.caProfile.m_caPrefix));
m_face.put(result);
if (m_statusUpdateCallback) {
m_statusUpdateCallback(*requestState);
@@ -449,7 +449,7 @@
SignatureInfo signatureInfo;
signatureInfo.setValidityPeriod(period);
security::SigningInfo signingInfo(security::SigningInfo::SIGNER_TYPE_ID,
- m_config.m_caProfile.m_caPrefix, signatureInfo);
+ m_config.caProfile.m_caPrefix, signatureInfo);
m_keyChain.sign(newCert, signingInfo);
NDN_LOG_TRACE("new cert got signed" << newCert);
@@ -461,7 +461,7 @@
{
RequestId requestId;
try {
- auto& component = request.getName().at( m_config.m_caProfile.m_caPrefix.size() + 2);
+ auto& component = request.getName().at(m_config.caProfile.m_caPrefix.size() + 2);
std::memcpy(requestId.data(), component.value(), component.value_size());
}
catch (const std::exception& e) {
@@ -491,7 +491,7 @@
result.setName(name);
result.setFreshnessPeriod(DEFAULT_DATA_FRESHNESS_PERIOD);
result.setContent(errortlv::encodeDataContent(error, errorInfo));
- m_keyChain.sign(result, signingByIdentity( m_config.m_caProfile.m_caPrefix));
+ m_keyChain.sign(result, signingByIdentity( m_config.caProfile.m_caPrefix));
return result;
}
diff --git a/src/challenge/challenge-credential.cpp b/src/challenge/challenge-credential.cpp
index cac5aa0..51ba94c 100644
--- a/src/challenge/challenge-credential.cpp
+++ b/src/challenge/challenge-credential.cpp
@@ -135,7 +135,7 @@
Block
ChallengeCredential::genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params)
+ const std::multimap<std::string, std::string>& params)
{
Block request(tlv::EncryptedPayload);
if (status == Status::BEFORE_CHALLENGE) {
diff --git a/src/challenge/challenge-credential.hpp b/src/challenge/challenge-credential.hpp
index 7b48483..30fb933 100644
--- a/src/challenge/challenge-credential.hpp
+++ b/src/challenge/challenge-credential.hpp
@@ -61,7 +61,7 @@
Block
genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params) override;
+ const std::multimap<std::string, std::string>& params) override;
static void
fulfillParameters(std::multimap<std::string, std::string>& params,
diff --git a/src/challenge/challenge-email.cpp b/src/challenge/challenge-email.cpp
index ba0a0e8..af0303e 100644
--- a/src/challenge/challenge-email.cpp
+++ b/src/challenge/challenge-email.cpp
@@ -124,7 +124,7 @@
Block
ChallengeEmail::genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params)
+ const std::multimap<std::string, std::string>& params)
{
Block request(tlv::EncryptedPayload);
if (status == Status::BEFORE_CHALLENGE) {
diff --git a/src/challenge/challenge-email.hpp b/src/challenge/challenge-email.hpp
index c005b7e..e2c7267 100644
--- a/src/challenge/challenge-email.hpp
+++ b/src/challenge/challenge-email.hpp
@@ -65,7 +65,7 @@
Block
genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params) override;
+ const std::multimap<std::string, std::string>& params) override;
// challenge status
static const std::string NEED_CODE;
diff --git a/src/challenge/challenge-module.cpp b/src/challenge/challenge-module.cpp
index 708cbb6..f184ca9 100644
--- a/src/challenge/challenge-module.cpp
+++ b/src/challenge/challenge-module.cpp
@@ -73,7 +73,7 @@
}
std::tuple<ErrorCode, std::string>
-ChallengeModule::returnWithError(ca::RequestState& request, ErrorCode errorCode, std::string&& errorInfo)
+ChallengeModule::returnWithError(ca::RequestState& request, ErrorCode errorCode, std::string errorInfo)
{
request.status = Status::FAILURE;
request.challengeType = "";
@@ -83,12 +83,13 @@
std::tuple<ErrorCode, std::string>
ChallengeModule::returnWithNewChallengeStatus(ca::RequestState& request, const std::string& challengeStatus,
- JsonSection&& challengeSecret, size_t remainingTries, time::seconds remainingTime)
+ JsonSection challengeSecret, size_t remainingTries,
+ time::seconds remainingTime)
{
request.status = Status::CHALLENGE;
request.challengeType = CHALLENGE_TYPE;
- request.challengeState = ca::ChallengeState(challengeStatus, time::system_clock::now(), remainingTries, remainingTime,
- std::move(challengeSecret));
+ request.challengeState = ca::ChallengeState(challengeStatus, time::system_clock::now(), remainingTries,
+ remainingTime, std::move(challengeSecret));
return std::make_tuple(ErrorCode::NO_ERROR, "");
}
diff --git a/src/challenge/challenge-module.hpp b/src/challenge/challenge-module.hpp
index 02e5027..9d7d859 100644
--- a/src/challenge/challenge-module.hpp
+++ b/src/challenge/challenge-module.hpp
@@ -59,7 +59,7 @@
virtual Block
genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params) = 0;
+ const std::multimap<std::string, std::string>& params) = 0;
// helpers
static std::string
@@ -68,11 +68,11 @@
protected:
// used by challenge modules
std::tuple<ErrorCode, std::string>
- returnWithError(ca::RequestState& request, ErrorCode errorCode, std::string&& errorInfo);
+ returnWithError(ca::RequestState& request, ErrorCode errorCode, std::string errorInfo);
std::tuple<ErrorCode, std::string>
returnWithNewChallengeStatus(ca::RequestState& request, const std::string& challengeStatus,
- JsonSection&& challengeSecret, size_t remainingTries, time::seconds remainingTime);
+ JsonSection challengeSecret, size_t remainingTries, time::seconds remainingTime);
std::tuple<ErrorCode, std::string>
returnWithSuccess(ca::RequestState& request);
diff --git a/src/challenge/challenge-pin.cpp b/src/challenge/challenge-pin.cpp
index 26e5317..5d3ea8a 100644
--- a/src/challenge/challenge-pin.cpp
+++ b/src/challenge/challenge-pin.cpp
@@ -105,7 +105,7 @@
Block
ChallengePin::genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params)
+ const std::multimap<std::string, std::string>& params)
{
Block request(tlv::EncryptedPayload);
if (status == Status::BEFORE_CHALLENGE) {
diff --git a/src/challenge/challenge-pin.hpp b/src/challenge/challenge-pin.hpp
index 757870d..61e0fb6 100644
--- a/src/challenge/challenge-pin.hpp
+++ b/src/challenge/challenge-pin.hpp
@@ -60,7 +60,7 @@
Block
genChallengeRequestTLV(Status status, const std::string& challengeStatus,
- std::multimap<std::string, std::string>&& params) override;
+ const std::multimap<std::string, std::string>& params) override;
// challenge status
static const std::string NEED_CODE;
diff --git a/src/detail/ca-configuration.cpp b/src/detail/ca-configuration.cpp
index 857c6a8..d44b36b 100644
--- a/src/detail/ca-configuration.cpp
+++ b/src/detail/ca-configuration.cpp
@@ -39,12 +39,12 @@
if (configJson.begin() == configJson.end()) {
NDN_THROW(std::runtime_error("No JSON configuration found in file: " + fileName));
}
- m_caProfile = CaProfile::fromJson(configJson);
- if (m_caProfile.m_supportedChallenges.size() == 0) {
+ caProfile = CaProfile::fromJson(configJson);
+ if (caProfile.m_supportedChallenges.size() == 0) {
NDN_THROW(std::runtime_error("At least one challenge should be specified."));
}
// parse redirection section if appears
- m_redirection.clear();
+ redirection.clear();
auto redirectionItems = configJson.get_child_optional(CONFIG_REDIRECTION);
if (redirectionItems) {
for (const auto& item : *redirectionItems) {
@@ -55,11 +55,11 @@
}
std::istringstream ss(caCertStr);
auto caCert = io::load<security::Certificate>(ss);
- m_redirection.push_back(caCert);
+ redirection.push_back(caCert);
}
}
// parse name assignment if appears
- m_nameAssignmentFuncs.clear();
+ nameAssignmentFuncs.clear();
auto nameAssignmentItems = configJson.get_child_optional(CONFIG_NAME_ASSIGNMENT);
if (nameAssignmentItems) {
for (const auto& item : *nameAssignmentItems) {
@@ -67,7 +67,7 @@
if (func == nullptr) {
NDN_THROW(std::runtime_error("Error on creating name assignment function"));
}
- m_nameAssignmentFuncs.push_back(std::move(func));
+ nameAssignmentFuncs.push_back(std::move(func));
}
}
}
diff --git a/src/detail/ca-configuration.hpp b/src/detail/ca-configuration.hpp
index 9623464..ba3de47 100644
--- a/src/detail/ca-configuration.hpp
+++ b/src/detail/ca-configuration.hpp
@@ -63,15 +63,15 @@
/**
* @brief the CA's profile
*/
- CaProfile m_caProfile;
+ CaProfile caProfile;
/**
* @brief Used for CA redirection
*/
- std::vector<std::shared_ptr<security::Certificate>> m_redirection;
+ std::vector<std::shared_ptr<security::Certificate>> redirection;
/**
* @brief Name Assignment Functions
*/
- std::vector<std::unique_ptr<NameAssignmentFunc>> m_nameAssignmentFuncs;
+ std::vector<std::unique_ptr<NameAssignmentFunc>> nameAssignmentFuncs;
};
} // namespace ca
diff --git a/src/detail/ca-profile.hpp b/src/detail/ca-profile.hpp
index 3fe0180..b3e31be 100644
--- a/src/detail/ca-profile.hpp
+++ b/src/detail/ca-profile.hpp
@@ -39,12 +39,13 @@
const std::string CONFIG_REDIRECTION = "redirect-to";
const std::string CONFIG_NAME_ASSIGNMENT = "name-assignment";
-struct CaProfile
+class CaProfile
{
public:
/**
- * Parse the configuration json and modify current struct to the result.
+ * Parse the configuration json.
* @param configJson the configuration json to parse
+ * @return the CaProfile according to this json
*/
static CaProfile
fromJson(const JsonSection& json);
@@ -67,7 +68,7 @@
/**
* @brief A list of parameter-keys for PROBE.
*/
- std::list<std::string> m_probeParameterKeys;
+ std::vector<std::string> m_probeParameterKeys;
/**
* @brief Maximum allowed validity period of the certificate being requested.
*
@@ -85,7 +86,7 @@
/**
* @brief A list of supported challenges. Only CA side will have m_supportedChallenges.
*/
- std::list<std::string> m_supportedChallenges;
+ std::vector<std::string> m_supportedChallenges;
/**
* @brief CA's certificate. Only Client side will have m_cert.
*/
diff --git a/src/detail/challenge-encoder.cpp b/src/detail/challenge-encoder.cpp
index 12eb7cf..023b2c1 100644
--- a/src/detail/challenge-encoder.cpp
+++ b/src/detail/challenge-encoder.cpp
@@ -47,23 +47,23 @@
void
challengetlv::decodeDataContent(const Block& contentBlock, requester::RequestState& state)
{
- auto result = decodeBlockWithAesGcm128(contentBlock, state.m_aesKey.data(),
- state.m_requestId.data(), state.m_requestId.size());
+ auto result = decodeBlockWithAesGcm128(contentBlock, state.aesKey.data(),
+ state.requestId.data(), state.requestId.size());
auto data = makeBinaryBlock(tlv::EncryptedPayload, result.data(), result.size());
data.parse();
- state.m_status = statusFromBlock(data.get(tlv::Status));
+ state.status = statusFromBlock(data.get(tlv::Status));
if (data.find(tlv::ChallengeStatus) != data.elements_end()) {
- state.m_challengeStatus = readString(data.get(tlv::ChallengeStatus));
+ state.challengeStatus = readString(data.get(tlv::ChallengeStatus));
}
if (data.find(tlv::RemainingTries) != data.elements_end()) {
- state.m_remainingTries = readNonNegativeInteger(data.get(tlv::RemainingTries));
+ state.remainingTries = readNonNegativeInteger(data.get(tlv::RemainingTries));
}
if (data.find(tlv::RemainingTime) != data.elements_end()) {
- state.m_freshBefore = time::system_clock::now() + time::seconds(readNonNegativeInteger(data.get(tlv::RemainingTime)));
+ state.freshBefore = time::system_clock::now() + time::seconds(readNonNegativeInteger(data.get(tlv::RemainingTime)));
}
if (data.find(tlv::IssuedCertName) != data.elements_end()) {
Block issuedCertNameBlock = data.get(tlv::IssuedCertName);
- state.m_issuedCertName = Name(issuedCertNameBlock.blockFromValue());
+ state.issuedCertName = Name(issuedCertNameBlock.blockFromValue());
}
}
diff --git a/src/detail/new-renew-revoke-encoder.cpp b/src/detail/new-renew-revoke-encoder.cpp
index fa4626c..a2645e9 100644
--- a/src/detail/new-renew-revoke-encoder.cpp
+++ b/src/detail/new-renew-revoke-encoder.cpp
@@ -82,7 +82,7 @@
Block
requesttlv::encodeDataContent(const std::vector<uint8_t>& ecdhKey, const std::array<uint8_t, 32>& salt,
const RequestId& requestId, const Status& status,
- const std::list<std::string>& challenges)
+ const std::vector<std::string>& challenges)
{
Block response(ndn::tlv::Content);
response.push_back(makeBinaryBlock(tlv::EcdhPub, ecdhKey.data(), ecdhKey.size()));
diff --git a/src/detail/new-renew-revoke-encoder.hpp b/src/detail/new-renew-revoke-encoder.hpp
index 563e562..2b8e0e2 100644
--- a/src/detail/new-renew-revoke-encoder.hpp
+++ b/src/detail/new-renew-revoke-encoder.hpp
@@ -38,7 +38,7 @@
Block
encodeDataContent(const std::vector<uint8_t>& ecdhKey, const std::array<uint8_t, 32>& salt,
const RequestId& requestId, const Status& status,
- const std::list<std::string>& challenges);
+ const std::vector<std::string>& challenges);
std::list<std::string>
decodeDataContent(const Block& content, std::vector<uint8_t>& ecdhKey,
diff --git a/src/detail/probe-encoder.cpp b/src/detail/probe-encoder.cpp
index d671aef..24471a7 100644
--- a/src/detail/probe-encoder.cpp
+++ b/src/detail/probe-encoder.cpp
@@ -51,7 +51,7 @@
Block
probetlv::encodeDataContent(const std::vector<Name>& identifiers, optional<size_t> maxSuffixLength,
- optional<std::vector<std::shared_ptr<security::Certificate>>> redirectionItems)
+ std::vector<std::shared_ptr<security::Certificate>> redirectionItems)
{
Block content(ndn::tlv::Content);
for (const auto& name : identifiers) {
@@ -62,10 +62,8 @@
}
content.push_back(item);
}
- if (redirectionItems) {
- for (const auto& item : *redirectionItems) {
- content.push_back(makeNestedBlock(tlv::ProbeRedirect, item->getFullName()));
- }
+ for (const auto& item : redirectionItems) {
+ content.push_back(makeNestedBlock(tlv::ProbeRedirect, item->getFullName()));
}
content.encode();
return content;
@@ -83,18 +81,18 @@
Name elementName;
int maxSuffixLength = 0;
for (const auto& subBlock : item.elements()) {
- if (subBlock.type() == ndn::tlv::Name) {
- if (!elementName.empty()) {
- NDN_THROW(std::runtime_error("Invalid probe format"));
- }
- elementName.wireDecode(subBlock);
+ if (subBlock.type() == ndn::tlv::Name) {
+ if (!elementName.empty()) {
+ NDN_THROW(std::runtime_error("Invalid probe format"));
}
- else if (subBlock.type() == tlv::MaxSuffixLength) {
- maxSuffixLength = readNonNegativeInteger(subBlock);
- }
+ elementName.wireDecode(subBlock);
+ }
+ else if (subBlock.type() == tlv::MaxSuffixLength) {
+ maxSuffixLength = readNonNegativeInteger(subBlock);
+ }
}
if (elementName.empty()) {
- NDN_THROW(std::runtime_error("Invalid probe format"));
+ NDN_THROW(std::runtime_error("Invalid probe format"));
}
availableNames.emplace_back(elementName, maxSuffixLength);
}
diff --git a/src/detail/probe-encoder.hpp b/src/detail/probe-encoder.hpp
index bde8a87..58bcb44 100644
--- a/src/detail/probe-encoder.hpp
+++ b/src/detail/probe-encoder.hpp
@@ -39,7 +39,8 @@
Block
encodeDataContent(const std::vector<Name>& identifiers,
optional<size_t> maxSuffixLength = nullopt,
- optional<std::vector<std::shared_ptr<security::Certificate>>> redirectionItems = nullopt);
+ std::vector<std::shared_ptr<security::Certificate>> redirectionItems =
+ std::vector<std::shared_ptr<security::Certificate>>());
std::multimap<std::string, std::string>
decodeApplicationParameters(const Block& block);
diff --git a/src/requester-request-state.cpp b/src/requester-request-state.cpp
index 032e56c..04b87e8 100644
--- a/src/requester-request-state.cpp
+++ b/src/requester-request-state.cpp
@@ -24,10 +24,10 @@
namespace ndncert {
namespace requester {
-RequestState::RequestState(security::KeyChain& keyChain, const CaProfile& caItem, RequestType requestType)
- : m_caItem(caItem)
- , m_keyChain(keyChain)
- , m_type(requestType)
+RequestState::RequestState(security::KeyChain& keyChain, const CaProfile& profile, RequestType requestType)
+ : caProfile(profile)
+ , keyChain(keyChain)
+ , type(requestType)
{
}
diff --git a/src/requester-request-state.hpp b/src/requester-request-state.hpp
index 815e7cc..af09012 100644
--- a/src/requester-request-state.hpp
+++ b/src/requester-request-state.hpp
@@ -31,73 +31,73 @@
struct RequestState {
explicit
- RequestState(security::KeyChain& keyChain, const CaProfile& caItem, RequestType requestType);
+ RequestState(security::KeyChain& keyChain, const CaProfile& profile, RequestType requestType);
/**
* @brief The CA profile for this request.
*/
- CaProfile m_caItem;
+ CaProfile caProfile;
/**
* @brief The local keychain to generate and install identities, keys and certificates
*/
- security::KeyChain& m_keyChain;
+ security::KeyChain& keyChain;
/**
* @brief The type of request. Either NEW, RENEW, or REVOKE.
*/
- RequestType m_type;
+ RequestType type;
/**
* @brief The identity name for the requesting certificate.
*/
- Name m_identityName;
+ Name identityName;
/**
* @brief The keypair for the request.
*/
- security::Key m_keyPair;
+ security::Key keyPair;
/**
* @brief The CA-generated request ID for the request.
*/
- RequestId m_requestId;
+ RequestId requestId;
/**
* @brief The current status of the request.
*/
- Status m_status = Status::BEFORE_CHALLENGE;
+ Status status = Status::BEFORE_CHALLENGE;
/**
* @brief The type of challenge chosen.
*/
- std::string m_challengeType;
+ std::string challengeType;
/**
* @brief The status of the current challenge.
*/
- std::string m_challengeStatus;
+ std::string challengeStatus;
/**
* @brief The remaining number of tries left for the challenge
*/
- int m_remainingTries = 0;
+ int remainingTries = 0;
/**
* @brief The time this challenge will remain fresh
*/
- time::system_clock::TimePoint m_freshBefore;
+ time::system_clock::TimePoint freshBefore;
/**
* @brief the name of the certificate being issued.
*/
- Name m_issuedCertName;
+ Name issuedCertName;
/**
* @brief ecdh state.
*/
- ECDHState m_ecdh;
+ ECDHState ecdh;
/**
* @brief AES key derived from the ecdh shared secret.
*/
- std::array<uint8_t, 16> m_aesKey = {};
+ std::array<uint8_t, 16> aesKey = {};
/**
* @brief The counter of AES blocks that have been encrypted.
*/
- uint32_t m_aesBlockCounter = 0;
+ uint32_t aesBlockCounter = 0;
/**
* @brief State about how identity/key is generated.
*/
- bool m_isNewlyCreatedIdentity = false;
- bool m_isNewlyCreatedKey = false;
+ bool isNewlyCreatedIdentity = false;
+ bool isNewlyCreatedKey = false;
};
} // namespace requester
diff --git a/src/requester.cpp b/src/requester.cpp
index 7cfa992..ca75708 100644
--- a/src/requester.cpp
+++ b/src/requester.cpp
@@ -117,82 +117,82 @@
const time::system_clock::TimePoint& notBefore,
const time::system_clock::TimePoint& notAfter)
{
- if (!state.m_caItem.m_caPrefix.isPrefixOf(identityName)) {
+ if (!state.caProfile.m_caPrefix.isPrefixOf(identityName)) {
return nullptr;
}
if (identityName.empty()) {
NDN_LOG_TRACE("Randomly create a new name because identityName is empty and the param is empty.");
- state.m_identityName = state.m_caItem.m_caPrefix;
- state.m_identityName.append(std::to_string(random::generateSecureWord64()));
+ state.identityName = state.caProfile.m_caPrefix;
+ state.identityName.append(std::to_string(random::generateSecureWord64()));
}
else {
- state.m_identityName = identityName;
+ state.identityName = identityName;
}
// generate a newly key pair or use an existing key
- const auto& pib = state.m_keyChain.getPib();
+ const auto& pib = state.keyChain.getPib();
security::pib::Identity identity;
try {
- identity = pib.getIdentity(state.m_identityName);
+ identity = pib.getIdentity(state.identityName);
}
catch (const security::Pib::Error& e) {
- identity = state.m_keyChain.createIdentity(state.m_identityName);
- state.m_isNewlyCreatedIdentity = true;
- state.m_isNewlyCreatedKey = true;
+ identity = state.keyChain.createIdentity(state.identityName);
+ state.isNewlyCreatedIdentity = true;
+ state.isNewlyCreatedKey = true;
}
try {
- state.m_keyPair = identity.getDefaultKey();
+ state.keyPair = identity.getDefaultKey();
}
catch (const security::Pib::Error& e) {
- state.m_keyPair = state.m_keyChain.createKey(identity);
- state.m_isNewlyCreatedKey = true;
+ state.keyPair = state.keyChain.createKey(identity);
+ state.isNewlyCreatedKey = true;
}
- auto& keyName = state.m_keyPair.getName();
+ auto& keyName = state.keyPair.getName();
// generate certificate request
security::Certificate certRequest;
certRequest.setName(Name(keyName).append("cert-request").appendVersion());
certRequest.setContentType(ndn::tlv::ContentType_Key);
- certRequest.setContent(state.m_keyPair.getPublicKey().data(), state.m_keyPair.getPublicKey().size());
+ certRequest.setContent(state.keyPair.getPublicKey().data(), state.keyPair.getPublicKey().size());
SignatureInfo signatureInfo;
signatureInfo.setValidityPeriod(security::ValidityPeriod(notBefore, notAfter));
- state.m_keyChain.sign(certRequest, signingByKey(keyName).setSignatureInfo(signatureInfo));
+ state.keyChain.sign(certRequest, signingByKey(keyName).setSignatureInfo(signatureInfo));
// generate Interest packet
- Name interestName = state.m_caItem.m_caPrefix;
+ Name interestName = state.caProfile.m_caPrefix;
interestName.append("CA").append("NEW");
auto interest =std::make_shared<Interest>(interestName);
interest->setMustBeFresh(true);
interest->setCanBePrefix(false);
interest->setApplicationParameters(
- requesttlv::encodeApplicationParameters(RequestType::NEW, state.m_ecdh.getSelfPubKey(), certRequest));
+ requesttlv::encodeApplicationParameters(RequestType::NEW, state.ecdh.getSelfPubKey(), certRequest));
// sign the Interest packet
- state.m_keyChain.sign(*interest, signingByKey(keyName));
+ state.keyChain.sign(*interest, signingByKey(keyName));
return interest;
}
shared_ptr<Interest>
Requester::genRevokeInterest(RequestState& state, const security::Certificate& certificate)
{
- if (!state.m_caItem.m_caPrefix.isPrefixOf(certificate.getName())) {
+ if (!state.caProfile.m_caPrefix.isPrefixOf(certificate.getName())) {
return nullptr;
}
// generate Interest packet
- Name interestName = state.m_caItem.m_caPrefix;
+ Name interestName = state.caProfile.m_caPrefix;
interestName.append("CA").append("REVOKE");
auto interest =std::make_shared<Interest>(interestName);
interest->setMustBeFresh(true);
interest->setCanBePrefix(false);
interest->setApplicationParameters(
- requesttlv::encodeApplicationParameters(RequestType::REVOKE, state.m_ecdh.getSelfPubKey(), certificate));
+ requesttlv::encodeApplicationParameters(RequestType::REVOKE, state.ecdh.getSelfPubKey(), certificate));
return interest;
}
std::list<std::string>
Requester::onNewRenewRevokeResponse(RequestState& state, const Data& reply)
{
- if (!security::verifySignature(reply, *state.m_caItem.m_cert)) {
+ if (!security::verifySignature(reply, *state.caProfile.m_cert)) {
NDN_LOG_ERROR("Cannot verify replied Data packet signature.");
NDN_THROW(std::runtime_error("Cannot verify replied Data packet signature."));
}
@@ -201,12 +201,12 @@
auto contentTLV = reply.getContent();
std::vector<uint8_t> ecdhKey;
std::array<uint8_t, 32> salt;
- auto challenges = requesttlv::decodeDataContent(contentTLV, ecdhKey, salt, state.m_requestId, state.m_status);
+ auto challenges = requesttlv::decodeDataContent(contentTLV, ecdhKey, salt, state.requestId, state.status);
// ECDH and HKDF
- auto sharedSecret = state.m_ecdh.deriveSecret(ecdhKey);
+ auto sharedSecret = state.ecdh.deriveSecret(ecdhKey);
hkdf(sharedSecret.data(), sharedSecret.size(),
- salt.data(), salt.size(), state.m_aesKey.data(), state.m_aesKey.size());
+ salt.data(), salt.size(), state.aesKey.data(), state.aesKey.size());
// update state
return challenges;
@@ -219,44 +219,44 @@
if (challenge == nullptr) {
NDN_THROW(std::runtime_error("The challenge selected is not supported by your current version of NDNCERT."));
}
- state.m_challengeType = challengeSelected;
- return challenge->getRequestedParameterList(state.m_status, state.m_challengeStatus);
+ state.challengeType = challengeSelected;
+ return challenge->getRequestedParameterList(state.status, state.challengeStatus);
}
shared_ptr<Interest>
Requester::genChallengeInterest(RequestState& state,
std::multimap<std::string, std::string>&& parameters)
{
- if (state.m_challengeType == "") {
+ if (state.challengeType == "") {
NDN_THROW(std::runtime_error("The challenge has not been selected."));
}
- auto challenge = ChallengeModule::createChallengeModule(state.m_challengeType);
+ auto challenge = ChallengeModule::createChallengeModule(state.challengeType);
if (challenge == nullptr) {
NDN_THROW(std::runtime_error("The challenge selected is not supported by your current version of NDNCERT."));
}
- auto challengeParams = challenge->genChallengeRequestTLV(state.m_status, state.m_challengeStatus, std::move(parameters));
+ auto challengeParams = challenge->genChallengeRequestTLV(state.status, state.challengeStatus, std::move(parameters));
- Name interestName = state.m_caItem.m_caPrefix;
- interestName.append("CA").append("CHALLENGE").append(state.m_requestId.data(), state.m_requestId.size());
+ Name interestName = state.caProfile.m_caPrefix;
+ interestName.append("CA").append("CHALLENGE").append(state.requestId.data(), state.requestId.size());
auto interest =std::make_shared<Interest>(interestName);
interest->setMustBeFresh(true);
interest->setCanBePrefix(false);
// encrypt the Interest parameters
- auto paramBlock = encodeBlockWithAesGcm128(ndn::tlv::ApplicationParameters, state.m_aesKey.data(),
+ auto paramBlock = encodeBlockWithAesGcm128(ndn::tlv::ApplicationParameters, state.aesKey.data(),
challengeParams.value(), challengeParams.value_size(),
- state.m_requestId.data(),
- state.m_requestId.size(),
- state.m_aesBlockCounter);
+ state.requestId.data(),
+ state.requestId.size(),
+ state.aesBlockCounter);
interest->setApplicationParameters(paramBlock);
- state.m_keyChain.sign(*interest, signingByKey(state.m_keyPair.getName()));
+ state.keyChain.sign(*interest, signingByKey(state.keyPair.getName()));
return interest;
}
void
Requester::onChallengeResponse(RequestState& state, const Data& reply)
{
- if (!security::verifySignature(reply, *state.m_caItem.m_cert)) {
+ if (!security::verifySignature(reply, *state.caProfile.m_cert)) {
NDN_LOG_ERROR("Cannot verify replied Data packet signature.");
NDN_THROW(std::runtime_error("Cannot verify replied Data packet signature."));
}
@@ -267,7 +267,7 @@
shared_ptr<Interest>
Requester::genCertFetchInterest(const RequestState& state)
{
- Name interestName = state.m_issuedCertName;
+ Name interestName = state.issuedCertName;
auto interest =std::make_shared<Interest>(interestName);
interest->setMustBeFresh(false);
interest->setCanBePrefix(false);
@@ -290,18 +290,18 @@
void
Requester::endSession(RequestState& state)
{
- if (state.m_status == Status::SUCCESS) {
+ if (state.status == Status::SUCCESS) {
return;
}
- if (state.m_isNewlyCreatedIdentity) {
+ if (state.isNewlyCreatedIdentity) {
// put the identity into the if scope is because it may cause an error
// outside since when endSession is called, identity may not have been created yet.
- auto identity = state.m_keyChain.getPib().getIdentity(state.m_identityName);
- state.m_keyChain.deleteIdentity(identity);
+ auto identity = state.keyChain.getPib().getIdentity(state.identityName);
+ state.keyChain.deleteIdentity(identity);
}
- else if (state.m_isNewlyCreatedKey) {
- auto identity = state.m_keyChain.getPib().getIdentity(state.m_identityName);
- state.m_keyChain.deleteKey(identity, state.m_keyPair);
+ else if (state.isNewlyCreatedKey) {
+ auto identity = state.keyChain.getPib().getIdentity(state.identityName);
+ state.keyChain.deleteKey(identity, state.keyPair);
}
}