commit c5ed63f421f4c07352780a23c1fc19706af76ef3
author Yumin Xia <me@yumin-xia.com> Thu Jan 26 13:44:38 2017 -0800
committer Alex Afanasyev <aa@cs.fiu.edu> Tue Sep 05 10:36:43 2017 -0700
tree 34c2ed1bfb47cb16e42b98f9b69fdc818c098b43
parent d091e31269bd0c8042e89b775b94804651878cad

mgmt: combine ndns-add-rr and ndns-add-rr-from-file to a single command

Change-Id: I5b1410be95710a629d6a2ca401d475b16837d357
Refs: #2229, #2701

src/mgmt/management-tool.cpp

diff --git a/src/mgmt/management-tool.cpp b/src/mgmt/management-tool.cpp
index 186cced..e74c601 100644
--- a/src/mgmt/management-tool.cpp
+++ b/src/mgmt/management-tool.cpp
@@ -35,6 +35,7 @@
 #include <ndn-cxx/encoding/oid.hpp>
 #include <ndn-cxx/security/v1/cryptopp.hpp>
 #include <ndn-cxx/link.hpp>
+#include <ndn-cxx/security/signing-helpers.hpp>
 
 namespace ndn {
 namespace ndns {
@@ -270,11 +271,12 @@
 }
 
 void
-ManagementTool::addRrSet(const Name& zoneName,
-                         const std::string& inFile,
-                         const time::seconds& ttl,
-                         const Name& inputDskCertName,
-                         const ndn::io::IoEncoding encoding)
+ManagementTool::addRrsetFromFile(const Name& zoneName,
+                                 const std::string& inFile,
+                                 const time::seconds& ttl,
+                                 const Name& inputDskCertName,
+                                 const ndn::io::IoEncoding encoding,
+                                 bool needResign)
 {
   //check precondition
   Zone zone(zoneName);
@@ -301,7 +303,7 @@
     }
   }
 
-  //first load the data
+  // load data
   shared_ptr<Data> data;
   if (inFile == DEFAULT_IO)
     data = ndn::io::load<ndn::Data>(std::cin, encoding);
@@ -312,41 +314,8 @@
     throw Error("input does not contain a valid Data packet");
   }
 
-  // determine whether the data is a self-signed certificate
-  shared_ptr<Regex> regex1 = make_shared<Regex>("(<>*)<KEY>(<>+)<ID-CERT><>");
-  if (regex1->match(data->getName())) {
-    IdentityCertificate scert(*data);
-    Name keyName = scert.getPublicKeyName();
-    if (keyName.getPrefix(zoneName.size()) != zoneName) {
-      throw Error("the input key does not belong to the zone");
-    }
-
-    Name keyLocator = scert.getSignature().getKeyLocator().getName();
-
-    // if it is, extract the content and name from the data, and resign it using the dsk.
-    shared_ptr<Regex> regex2 = make_shared<Regex>("(<>*)<KEY>(<>+)<ID-CERT>");
-    BOOST_VERIFY(regex2->match(keyLocator) == true);
-    if (keyName == regex2->expand("\\1\\2")) {
-
-      Name canonicalName;
-      canonicalName
-        .append(zoneName)
-        .append("KEY")
-        .append(keyName.getSubName(zoneName.size(), keyName.size() - zoneName.size()))
-        .append("ID-CERT")
-        .append(data->getName().get(-1));
-
-      if (data->getName() != canonicalName) {
-        // name need to be adjusted
-        auto newData = make_shared<Data>();
-        newData->setName(canonicalName);
-        newData->setMetaInfo(data->getMetaInfo());
-        newData->setContent(data->getContent());
-        m_keyChain.sign(*newData);
-
-        data = newData;
-      }
-    }
+  if (needResign) {
+    m_keyChain.sign(*data, signingByCertificate(dskCertName));
   }
 
   // create response for the input data

src/mgmt/management-tool.hpp

diff --git a/src/mgmt/management-tool.hpp b/src/mgmt/management-tool.hpp
index f147b09..efa8138 100644
--- a/src/mgmt/management-tool.hpp
+++ b/src/mgmt/management-tool.hpp
@@ -124,26 +124,26 @@
   void
   exportCertificate(const Name& certName, const std::string& outFile = DEFAULT_IO);
 
-  /** @brief Add rrset to the NDNS local database
+  /** @brief Add rrset to the NDNS local database from a file
    *
-   *  This overload is capable of adding any data to the rrset as long as the supplied data is
-   *  valid.
-   *  A special case is to add the ID-CERT of KSK to the parent zone. At this case, the SS cert
-   *  should be supplied, and therefore it will use the parent zone's DSK to resign the certificate.
-   *  For other cases, the data will be added directly without any modification.
+   *  The function Loads data from file and then adds it to the rrset without modification
+   *  Loaded data is assummed to be valid
+   *  Data will be resigned by zone's DSK, if needResign is true.
    *
    *  @param zoneName the name of the zone to hold the rrset
    *  @param inFile the path to the supplied data
    *  @param ttl the ttl of the rrset
    *  @param dskCertName the DSK to signed the special case, default is the zone's DSK
    *  @param encoding the encoding of the input file
+   *  @param needResign whether data should be resigned by DSK
    */
   void
-  addRrSet(const Name& zoneName,
-           const std::string& inFile = DEFAULT_IO,
-           const time::seconds& ttl = DEFAULT_RR_TTL,
-           const Name& dskCertName = DEFAULT_CERT,
-           const ndn::io::IoEncoding encoding = ndn::io::BASE64);
+  addRrsetFromFile(const Name& zoneName,
+                   const std::string& inFile = DEFAULT_IO,
+                   const time::seconds& ttl = DEFAULT_RR_TTL,
+                   const Name& dskCertName = DEFAULT_CERT,
+                   const ndn::io::IoEncoding encoding = ndn::io::BASE64,
+                   bool needResign = false);
 
   /** @brief Add rrset to the NDNS local database
    *