signing-info.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2020 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
23 
29 
30 namespace ndn {
31 namespace security {
32 
33 const Name&
35 {
36  static Name emptyName;
37  return emptyName;
38 }
39 
40 const SignatureInfo&
42 {
43  static SignatureInfo emptySignatureInfo;
44  return emptySignatureInfo;
45 }
46 
47 const Name&
49 {
50  static Name digestSha256Identity("/localhost/identity/digest-sha256");
51  return digestSha256Identity;
52 }
53 
54 const Name&
56 {
57  static Name hmacIdentity("/localhost/identity/hmac");
58  return hmacIdentity;
59 }
60 
62  const Name& signerName,
63  const SignatureInfo& signatureInfo)
64  : m_type(signerType)
65  , m_name(signerName)
66  , m_digestAlgorithm(DigestAlgorithm::SHA256)
67  , m_info(signatureInfo)
68  , m_signedInterestFormat(SignedInterestFormat::V02)
69 {
70  BOOST_ASSERT(signerType >= SIGNER_TYPE_NULL && signerType <= SIGNER_TYPE_HMAC);
71 }
72 
75 {
76  this->setPibIdentity(identity);
77 }
78 
81 {
82  this->setPibKey(key);
83 }
84 
85 SigningInfo::SigningInfo(const std::string& signingStr)
87 {
88  if (signingStr.empty()) {
89  return;
90  }
91 
92  size_t pos = signingStr.find(':');
93  if (pos == std::string::npos) {
94  NDN_THROW(std::invalid_argument("Invalid signing string cannot represent SigningInfo"));
95  }
96 
97  std::string scheme = signingStr.substr(0, pos);
98  std::string nameArg = signingStr.substr(pos + 1);
99 
100  if (scheme == "id") {
101  if (nameArg == getDigestSha256Identity().toUri()) {
103  }
104  else {
105  setSigningIdentity(nameArg);
106  }
107  }
108  else if (scheme == "key") {
109  setSigningKeyName(nameArg);
110  }
111  else if (scheme == "cert") {
112  setSigningCertName(nameArg);
113  }
114  else if (scheme == "hmac-sha256") {
115  setSigningHmacKey(nameArg);
117  }
118  else {
119  NDN_THROW(std::invalid_argument("Invalid signing string scheme"));
120  }
121 }
122 
125 {
126  m_type = SIGNER_TYPE_ID;
127  m_name = identity;
128  m_identity = Identity();
129  return *this;
130 }
131 
134 {
135  m_type = SIGNER_TYPE_KEY;
136  m_name = keyName;
137  m_key = Key();
138  return *this;
139 }
140 
142 SigningInfo::setSigningCertName(const Name& certificateName)
143 {
144  m_type = SIGNER_TYPE_CERT;
145  m_name = certificateName;
146  return *this;
147 }
148 
150 SigningInfo::setSigningHmacKey(const std::string& hmacKey)
151 {
152  m_type = SIGNER_TYPE_HMAC;
153 
154  OBufferStream os;
155  transform::bufferSource(hmacKey) >>
156  transform::base64Decode(false) >>
158  m_hmacKey = make_shared<transform::PrivateKey>();
159  m_hmacKey->loadRaw(KeyType::HMAC, os.buf()->data(), os.buf()->size());
160 
161  // generate key name
162  m_name = getHmacIdentity();
163  m_name.append(name::Component(m_hmacKey->getKeyDigest(DigestAlgorithm::SHA256)));
164 
165  return *this;
166 }
167 
170 {
171  m_type = SIGNER_TYPE_SHA256;
172  m_name.clear();
173  return *this;
174 }
175 
178 {
179  m_type = SIGNER_TYPE_ID;
180  m_name = identity ? identity.getName() : Name();
181  m_identity = identity;
182  return *this;
183 }
184 
187 {
188  m_type = SIGNER_TYPE_KEY;
189  m_name = key ? key.getName() : Name();
190  m_key = key;
191  return *this;
192 }
193 
196 {
197  m_info = signatureInfo;
198  return *this;
199 }
200 
201 std::ostream&
202 operator<<(std::ostream& os, const SigningInfo& si)
203 {
204  switch (si.getSignerType()) {
206  return os;
208  return os << "id:" << si.getSignerName();
210  return os << "key:" << si.getSignerName();
212  return os << "cert:" << si.getSignerName();
214  return os << "id:" << SigningInfo::getDigestSha256Identity();
216  return os << "id:" << si.getSignerName();
217  }
218  NDN_THROW(std::invalid_argument("Unknown signer type"));
219  return os;
220 }
221 
222 std::ostream&
223 operator<<(std::ostream& os, const SignedInterestFormat& format)
224 {
225  switch (format) {
227  return os << "Signed Interest v0.3";
229  return os << "Signed Interest v0.2";
230  }
231  NDN_THROW(std::invalid_argument("Unknown signed Interest format"));
232  return os;
233 }
234 
235 } // namespace security
236 } // namespace ndn
SigningInfo & setPibIdentity(const Identity &identity)
Set signer as a PIB identity handler identity.
Sign Interest using Packet Specification v0.3 semantics.
Definition: data.cpp:26
Represents a SignatureInfo or InterestSignatureInfo TLV element.
unique_ptr< Transform > base64Decode(bool expectNewlineEvery64Bytes)
SigningInfo & setDigestAlgorithm(const DigestAlgorithm &algorithm)
Set the digest algorithm for signing operations.
Use a SHA-256 digest only, no signer needs to be specified.
Sign Interest using Packet Specification v0.2 semantics.
Name & append(const Component &component)
Append a component.
Definition: name.hpp:278
Signing parameters passed to KeyChain.
#define NDN_THROW(e)
Definition: exception.hpp:61
HMAC key, supports sign/verify operations.
const Name & getSignerName() const
A frontend handle of a key instance.
Definition: key.hpp:49
SigningInfo & setSha256Signing()
Set SHA-256 as the signing method.
No signer is specified, use default setting or follow the trust schema.
unique_ptr< Sink > streamSink(std::ostream &os)
Definition: stream-sink.cpp:53
static const Name & getDigestSha256Identity()
A localhost identity to indicate that the signature is generated using SHA-256.
Use the SHA-256 hash of the public key as key id.
Represents an absolute name.
Definition: name.hpp:44
const Name & getName() const
Get key name.
Definition: key.cpp:38
Signer is a certificate, use it directly.
static const SignatureInfo & getEmptySignatureInfo()
Get a SignatureInfo constructed with default values.
SigningInfo & setSigningCertName(const Name &certificateName)
Set signer as a certificate with name certificateName.
Signer is a key, use its default certificate.
SigningInfo & setSignatureInfo(const SignatureInfo &signatureInfo)
Set a semi-prepared SignatureInfo.
Represents a name component.
static const Name & getEmptyName()
shared_ptr< Buffer > buf()
Flush written data to the stream and return shared pointer to the underlying buffer.
const Name & getName() const
Get the name of the identity.
Definition: identity.cpp:37
SigningInfo(SignerType signerType=SIGNER_TYPE_NULL, const Name &signerName=Name(), const SignatureInfo &signatureInfo=SignatureInfo())
Constructor.
SigningInfo & setSigningIdentity(const Name &identity)
Set signer as an identity with name identity.
Signer is an identity, use its default key and default certificate.
A frontend handle of an Identity.
Definition: identity.hpp:42
implements an output stream that constructs ndn::Buffer
SigningInfo & setPibKey(const Key &key)
Set signer as a PIB key handler key.
void clear()
Remove all components.
Definition: name.cpp:280
std::ostream & operator<<(std::ostream &os, const SigningInfo &si)
static const Name & getHmacIdentity()
A localhost identity to indicate that the signature is generated using an HMAC key.
SigningInfo & setSigningHmacKey(const std::string &hmacKey)
Set signer to a base64-encoded HMAC key.
SigningInfo & setSigningKeyName(const Name &keyName)
Set signer as a key with name keyName.
SignerType getSignerType() const