23 #ifndef NDN_KEY_CHAIN_HPP
24 #define NDN_KEY_CHAIN_HPP
26 #include "../data.hpp"
27 #include "../interest.hpp"
28 #include "../face.hpp"
29 #include "identity/identity-manager.hpp"
30 #include "policy/validation-request.hpp"
31 #include "key-params.hpp"
53 (
const ptr_lib::shared_ptr<IdentityManager>& identityManager,
54 const ptr_lib::shared_ptr<PolicyManager>& policyManager);
61 KeyChain(
const ptr_lib::shared_ptr<IdentityManager>& identityManager);
84 (
const Name& identityName,
const KeyParams& params = DEFAULT_KEY_PARAMS)
86 return identityManager_->createIdentityAndCertificate(identityName, params);
119 identityManager_->deleteIdentity(identityName);
130 return identityManager_->getDefaultIdentity();
143 return identityManager_->getDefaultCertificateName();
158 return identityManager_->generateRSAKeyPair(identityName, isKsk, keySize);
173 return identityManager_->generateEcdsaKeyPair(identityName, isKsk, keySize);
186 return identityManager_->setDefaultKeyForIdentity(keyName, identityNameCheck);
201 return identityManager_->generateRSAKeyPairAsDefault(identityName, isKsk, keySize);
216 return identityManager_->generateEcdsaKeyPairAsDefault(identityName, isKsk, keySize);
227 return identityManager_->getPublicKey(keyName)->getKeyDer();
237 identityManager_->addCertificate(certificate);
247 identityManager_->setDefaultCertificateForKey(certificate);
255 ptr_lib::shared_ptr<IdentityCertificate>
258 return identityManager_->getCertificate(certificateName);
264 ptr_lib::shared_ptr<IdentityCertificate>
267 return identityManager_->getCertificate(certificateName);
294 const ptr_lib::shared_ptr<IdentityManager>&
305 const ptr_lib::shared_ptr<PolicyManager>&
322 identityManager_->signByCertificate(data, certificateName, wireFormat);
336 identityManager_->signByCertificate
337 (data, prepareDefaultCertificateName(), wireFormat);
354 identityManager_->signInterestByCertificate
355 (interest, certificateName, wireFormat);
372 identityManager_->signInterestByCertificate
373 (interest, prepareDefaultCertificateName(), wireFormat);
383 ptr_lib::shared_ptr<Signature>
384 sign(
const uint8_t* buffer,
size_t bufferLength,
const Name& certificateName)
386 return identityManager_->signByCertificate
387 (buffer, bufferLength, certificateName);
396 ptr_lib::shared_ptr<Signature>
397 sign(
const std::vector<uint8_t>& buffer,
const Name& certificateName)
399 return sign(&buffer[0], buffer.size(), certificateName);
418 ptr_lib::shared_ptr<Signature>
427 ptr_lib::shared_ptr<Signature>
445 identityManager_->signWithSha256(data, wireFormat);
461 identityManager_->signInterestWithSha256(interest, wireFormat);
479 (
const ptr_lib::shared_ptr<Data>& data,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed,
int stepCount = 0);
497 (
const ptr_lib::shared_ptr<Interest>& interest,
544 (
const ptr_lib::shared_ptr<const Interest> &interest,
const ptr_lib::shared_ptr<Data> &data, ptr_lib::shared_ptr<ValidationRequest> nextStep);
547 onCertificateInterestTimeout
548 (
const ptr_lib::shared_ptr<const Interest> &interest,
int retry,
const OnVerifyFailed& onVerifyFailed,
549 const ptr_lib::shared_ptr<Data> &data, ptr_lib::shared_ptr<ValidationRequest> nextStep);
556 onCertificateInterestTimeoutForVerifyInterest
557 (
const ptr_lib::shared_ptr<const Interest> &interest,
int retry,
559 const ptr_lib::shared_ptr<Interest>& originalInterest,
560 ptr_lib::shared_ptr<ValidationRequest> nextStep);
568 prepareDefaultCertificateName();
575 setDefaultCertificate();
577 ptr_lib::shared_ptr<IdentityManager> identityManager_;
578 ptr_lib::shared_ptr<PolicyManager> policyManager_;
void revokeKey(const Name &keyName)
Revoke a key.
Definition: key-chain.hpp:275
const ptr_lib::shared_ptr< PolicyManager > & getPolicyManager()
Get the policy manager given to or created by the constructor.
Definition: key-chain.hpp:306
func_lib::function< void(const ptr_lib::shared_ptr< Interest > &interest)> OnVerifyInterestFailed
An OnVerifyInterestFailed function object is used to pass a callback to verifyInterest to report a fa...
Definition: validation-request.hpp:52
Copyright (C) 2013-2016 Regents of the University of California.
Definition: common.hpp:35
func_lib::function< void(const ptr_lib::shared_ptr< Interest > &interest)> OnVerifiedInterest
An OnVerifiedInterest function object is used to pass a callback to verifyInterest to report a succes...
Definition: validation-request.hpp:45
Name getDefaultIdentity()
Get the default identity.
Definition: key-chain.hpp:128
static bool verifyDataWithHmacWithSha256(const Data &data, const Blob &key, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Compute a new HmacWithSha256 for the data packet and verify it against the signature value...
void verifyData(const ptr_lib::shared_ptr< Data > &data, const OnVerified &onVerified, const OnVerifyFailed &onVerifyFailed, int stepCount=0)
Check the signature on the Data object and call either onVerify or onVerifyFailed.
Definition: key-chain.cpp:100
void installIdentityCertificate(const IdentityCertificate &certificate)
Install an identity certificate into the public key identity storage.
Definition: key-chain.hpp:235
void signWithSha256(Data &data, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Wire encode the Data object, digest it and set its SignatureInfo to a DigestSha256.
Definition: key-chain.hpp:443
Definition: key-params.hpp:58
The Face class provides the main methods for NDN communication.
Definition: face.hpp:86
Definition: identity-certificate.hpp:30
ptr_lib::shared_ptr< Signature > sign(const std::vector< uint8_t > &buffer, const Name &certificateName)
Sign the byte array using a certificate name and return a Signature object.
Definition: key-chain.hpp:397
Name createIdentityAndCertificate(const Name &identityName, const KeyParams ¶ms=DEFAULT_KEY_PARAMS)
Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed ce...
Definition: key-chain.hpp:84
static void signWithHmacWithSha256(Data &data, const Blob &key, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Wire encode the Data object, compute an HmacWithSha256 and update the signature value.
void signByIdentity(Data &data, const Name &identityName=Name(), WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Wire encode the Data object, sign it and set its signature.
Definition: key-chain.cpp:64
Name generateEcdsaKeyPairAsDefault(const Name &identityName, bool isKsk=false, int keySize=256)
Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity...
Definition: key-chain.hpp:214
func_lib::function< void(const ptr_lib::shared_ptr< Data > &data)> OnVerified
An OnVerified function object is used to pass a callback to verifyData to report a successful verific...
Definition: validation-request.hpp:33
Name generateRSAKeyPairAsDefault(const Name &identityName, bool isKsk=false, int keySize=2048)
Generate a pair of RSA keys for the specified identity and set it as default key for the identity...
Definition: key-chain.hpp:199
void setFace(Face *face)
Set the Face which will be used to fetch required certificates.
Definition: key-chain.hpp:507
ptr_lib::shared_ptr< Signature > signByIdentity(const std::vector< uint8_t > &buffer, const Name &identityName)
Sign the byte array using an identity name and return a Signature object.
Definition: key-chain.hpp:428
ptr_lib::shared_ptr< IdentityCertificate > getCertificate(const Name &certificateName)
Get a certificate with the specified name.
Definition: key-chain.hpp:256
static Name certificateNameToPublicKeyName(const Name &certificateName)
Get the public key name from the full certificate name.
Definition: identity-certificate.cpp:101
ptr_lib::shared_ptr< IdentityCertificate > DEPRECATED_IN_NDN_CPP getIdentityCertificate(const Name &certificateName)
Definition: key-chain.hpp:265
void sign(Data &data, const Name &certificateName, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Wire encode the Data object, sign it and set its signature.
Definition: key-chain.hpp:319
KeyChain is the main class of the security library.
Definition: key-chain.hpp:45
A Name holds an array of Name::Component and represents an NDN name.
Definition: name.hpp:40
void deleteIdentity(const Name &identityName)
Delete the identity from the public and private key storage.
Definition: key-chain.hpp:117
void verifyInterest(const ptr_lib::shared_ptr< Interest > &interest, const OnVerifiedInterest &onVerified, const OnVerifyInterestFailed &onVerifyFailed, int stepCount=0, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Check the signature on the signed interest and call either onVerify or onVerifyFailed.
Definition: key-chain.cpp:135
ptr_lib::shared_ptr< Signature > sign(const uint8_t *buffer, size_t bufferLength, const Name &certificateName)
Sign the byte array using a certificate name and return a Signature object.
Definition: key-chain.hpp:384
Blob createSigningRequest(const Name &keyName)
Create a public key signing request.
Definition: key-chain.hpp:225
A Blob holds a pointer to an immutable byte array implemented as const std::vector.
Definition: blob.hpp:42
An Interest holds a Name and other fields for an interest.
Definition: interest.hpp:41
void sign(Data &data, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
Wire encode the Data object, sign it with the default identity and set its signature.
Definition: key-chain.hpp:334
void setDefaultKeyForIdentity(const Name &keyName, const Name &identityNameCheck=Name())
Set a key as the default key of an identity.
Definition: key-chain.hpp:184
KeyChain()
Create a new KeyChain with the the default IdentityManager and a NoVerifyPolicyManager.
Definition: key-chain.cpp:56
void setDefaultCertificateForKey(const IdentityCertificate &certificate)
Set the certificate as the default for its corresponding key.
Definition: key-chain.hpp:245
Name DEPRECATED_IN_NDN_CPP createIdentity(const Name &identityName, const KeyParams ¶ms=DEFAULT_KEY_PARAMS)
Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed ce...
Definition: key-chain.hpp:104
KeyParams is a base class for key parameters.
Definition: key-params.hpp:34
Name generateEcdsaKeyPair(const Name &identityName, bool isKsk=false, int keySize=256)
Generate a pair of ECDSA keys for the specified identity.
Definition: key-chain.hpp:171
func_lib::function< void(const ptr_lib::shared_ptr< Data > &data)> OnVerifyFailed
An OnVerifyFailed function object is used to pass a callback to verifyData to report a failed verific...
Definition: validation-request.hpp:38
Name generateRSAKeyPair(const Name &identityName, bool isKsk=false, int keySize=2048)
Generate a pair of RSA keys for the specified identity.
Definition: key-chain.hpp:156
Name getDefaultCertificateName()
Get the default certificate name of the default identity.
Definition: key-chain.hpp:141
const ptr_lib::shared_ptr< IdentityManager > & getIdentityManager()
Get the identity manager given to or created by the constructor.
Definition: key-chain.hpp:295
void revokeCertificate(const Name &certificateName)
Revoke a certificate.
Definition: key-chain.hpp:285