| Zhiyi Zhang | 8617a79 | 2017-01-17 16:45:56 -0800 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
| 2 | /** |
| 3 | * Copyright (c) 2014-2017, Regents of the University of California, |
| 4 | * Arizona Board of Regents, |
| 5 | * Colorado State University, |
| 6 | * University Pierre & Marie Curie, Sorbonne University, |
| 7 | * Washington University in St. Louis, |
| 8 | * Beijing Institute of Technology, |
| 9 | * The University of Memphis. |
| 10 | * |
| 11 | * This file, originally written as part of NFD (Named Data Networking Forwarding Daemon), |
| 12 | * is a part of ndncert, a certificate management system based on NDN. |
| 13 | * |
| 14 | * ndncert is free software: you can redistribute it and/or modify it under the terms |
| 15 | * of the GNU General Public License as published by the Free Software Foundation, either |
| 16 | * version 3 of the License, or (at your option) any later version. |
| 17 | * |
| 18 | * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY |
| 19 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 20 | * PARTICULAR PURPOSE. See the GNU General Public License for more details. |
| 21 | * |
| 22 | * You should have received copies of the GNU General Public License along with |
| 23 | * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>. |
| 24 | * |
| 25 | * See AUTHORS.md for complete list of ndncert authors and contributors. |
| 26 | */ |
| 27 | |
| 28 | #include "identity-management-fixture.hpp" |
| 29 | |
| 30 | #include <ndn-cxx/util/io.hpp> |
| 31 | #include <boost/filesystem.hpp> |
| 32 | |
| 33 | namespace ndn { |
| 34 | namespace ndncert { |
| 35 | namespace tests { |
| 36 | |
| Zhiyi Zhang | a41c573 | 2017-01-18 14:06:44 -0800 | [diff] [blame] | 37 | IdentityManagementV2Fixture::IdentityManagementV2Fixture() |
| 38 | : m_keyChain("pib-memory:", "tpm-memory:") |
| 39 | { |
| 40 | } |
| 41 | |
| 42 | security::Identity |
| 43 | IdentityManagementV2Fixture::addIdentity(const Name& identityName, const KeyParams& params) |
| 44 | { |
| 45 | auto identity = m_keyChain.createIdentity(identityName, params); |
| 46 | m_identities.insert(identityName); |
| 47 | return identity; |
| 48 | } |
| 49 | |
| 50 | bool |
| 51 | IdentityManagementV2Fixture::saveIdentityCertificate(const security::Identity& identity, |
| 52 | const std::string& filename) |
| 53 | { |
| 54 | try { |
| 55 | auto cert = identity.getDefaultKey().getDefaultCertificate(); |
| 56 | return saveCertToFile(cert, filename); |
| 57 | } |
| 58 | catch (const security::Pib::Error&) { |
| 59 | return false; |
| 60 | } |
| 61 | } |
| 62 | |
| 63 | security::Identity |
| 64 | IdentityManagementV2Fixture::addSubCertificate(const Name& subIdentityName, |
| 65 | const security::Identity& issuer, const KeyParams& params) |
| 66 | { |
| 67 | auto subIdentity = addIdentity(subIdentityName, params); |
| 68 | |
| 69 | security::v2::Certificate request = subIdentity.getDefaultKey().getDefaultCertificate(); |
| 70 | |
| 71 | request.setName(request.getKeyName().append("parent").appendVersion()); |
| 72 | |
| 73 | SignatureInfo info; |
| 74 | info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(), |
| 75 | time::system_clock::now() + time::days(7300))); |
| 76 | |
| 77 | security::v2::AdditionalDescription description; |
| 78 | description.set("type", "sub-certificate"); |
| 79 | info.appendTypeSpecificTlv(description.wireEncode()); |
| 80 | |
| 81 | m_keyChain.sign(request, signingByIdentity(issuer).setSignatureInfo(info)); |
| 82 | m_keyChain.setDefaultCertificate(subIdentity.getDefaultKey(), request); |
| 83 | |
| 84 | return subIdentity; |
| 85 | } |
| 86 | |
| 87 | security::v2::Certificate |
| 88 | IdentityManagementV2Fixture::addCertificate(const security::Key& key, const std::string& issuer) |
| 89 | { |
| 90 | Name certificateName = key.getName(); |
| 91 | certificateName |
| 92 | .append(issuer) |
| 93 | .appendVersion(); |
| 94 | security::v2::Certificate certificate; |
| 95 | certificate.setName(certificateName); |
| 96 | |
| 97 | // set metainfo |
| 98 | certificate.setContentType(tlv::ContentType_Key); |
| 99 | certificate.setFreshnessPeriod(time::hours(1)); |
| 100 | |
| 101 | // set content |
| Zhiyi Zhang | 576aad1 | 2017-10-03 15:41:53 -0700 | [diff] [blame] | 102 | certificate.setContent(key.getPublicKey().data(), key.getPublicKey().size()); |
| Zhiyi Zhang | a41c573 | 2017-01-18 14:06:44 -0800 | [diff] [blame] | 103 | |
| 104 | // set signature-info |
| 105 | SignatureInfo info; |
| 106 | info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(), |
| 107 | time::system_clock::now() + time::days(10))); |
| 108 | |
| 109 | m_keyChain.sign(certificate, signingByKey(key).setSignatureInfo(info)); |
| 110 | return certificate; |
| 111 | } |
| 112 | |
| 113 | bool |
| 114 | IdentityManagementV2Fixture::saveCertToFile(const Data& obj, const std::string& filename) |
| 115 | { |
| 116 | m_certFiles.insert(filename); |
| 117 | try { |
| 118 | io::save(obj, filename); |
| 119 | return true; |
| 120 | } |
| 121 | catch (const io::Error&) { |
| 122 | return false; |
| 123 | } |
| 124 | } |
| 125 | |
| Zhiyi Zhang | 8617a79 | 2017-01-17 16:45:56 -0800 | [diff] [blame] | 126 | } // namespace tests |
| 127 | } // namespace ndncert |
| 128 | } // namespace ndn |