master/doxygen/signing-info_8cpp_source.html

 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */

 /*

  * Copyright (c) 2013-2023 Regents of the University of California.

  *

  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).

  *

  * ndn-cxx library is free software: you can redistribute it and/or modify it under the

  * terms of the GNU Lesser General Public License as published by the Free Software

  * Foundation, either version 3 of the License, or (at your option) any later version.

  *

  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY

  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A

  * PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.

  *

  * You should have received copies of the GNU General Public License and GNU Lesser

  * General Public License along with ndn-cxx, e.g., in COPYING.md file.  If not, see

  * <http://www.gnu.org/licenses/>.

  *

  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.

  */


 #include "ndn-cxx/security/signing-info.hpp"


 #include "ndn-cxx/encoding/buffer-stream.hpp"

 #include "ndn-cxx/security/transform/base64-decode.hpp"

 #include "ndn-cxx/security/transform/buffer-source.hpp"

 #include "ndn-cxx/security/transform/stream-sink.hpp"


 namespace ndn::security {


 const Name&

 SigningInfo::getDigestSha256Identity()

 {

   static Name digestSha256Identity("/localhost/identity/digest-sha256");

   return digestSha256Identity;

 }


 const Name&

 SigningInfo::getHmacIdentity()

 {

   static Name hmacIdentity("/localhost/identity/hmac");

   return hmacIdentity;

 }


 SigningInfo::SigningInfo(SignerType signerType,

                          const Name& signerName,

                          const SignatureInfo& signatureInfo)

   : m_type(signerType)

   , m_name(signerName)

   , m_digestAlgorithm(DigestAlgorithm::SHA256)

   , m_info(signatureInfo)

   , m_signedInterestFormat(SignedInterestFormat::V02)

 {

   BOOST_ASSERT(signerType >= SIGNER_TYPE_NULL && signerType <= SIGNER_TYPE_HMAC);

 }


 SigningInfo::SigningInfo(const Identity& identity)

   : SigningInfo(SIGNER_TYPE_NULL)

 {

   this->setPibIdentity(identity);

 }


 SigningInfo::SigningInfo(const Key& key)

   : SigningInfo(SIGNER_TYPE_NULL)

 {

   this->setPibKey(key);

 }


 SigningInfo::SigningInfo(std::string_view signingStr)

   : SigningInfo(SIGNER_TYPE_NULL)

 {

   if (signingStr.empty()) {

     return;

   }


   auto pos = signingStr.find(':');

   if (pos == std::string_view::npos) {

     NDN_THROW(std::invalid_argument("Invalid signing string cannot represent SigningInfo"));

   }


   auto scheme = signingStr.substr(0, pos);

   auto nameArg = signingStr.substr(pos + 1);


   if (scheme == "id") {

     if (nameArg == getDigestSha256Identity().toUri()) {

       setSha256Signing();

     }

     else {

       setSigningIdentity(Name(nameArg));

     }

   }

   else if (scheme == "key") {

     setSigningKeyName(Name(nameArg));

   }

   else if (scheme == "cert") {

     setSigningCertName(Name(nameArg));

   }

   else if (scheme == "hmac-sha256") {

     setSigningHmacKey(nameArg);

     setDigestAlgorithm(DigestAlgorithm::SHA256);

   }

   else {

     NDN_THROW(std::invalid_argument("Invalid signing string scheme"));

   }

 }


 SigningInfo&

 SigningInfo::setSigningIdentity(const Name& identity)

 {

   m_type = SIGNER_TYPE_ID;

   m_name = identity;

   m_identity = Identity();

   return *this;

 }


 SigningInfo&

 SigningInfo::setSigningKeyName(const Name& keyName)

 {

   m_type = SIGNER_TYPE_KEY;

   m_name = keyName;

   m_key = Key();

   return *this;

 }


 SigningInfo&

 SigningInfo::setSigningCertName(const Name& certificateName)

 {

   m_type = SIGNER_TYPE_CERT;

   m_name = certificateName;

   return *this;

 }


 SigningInfo&

 SigningInfo::setSigningHmacKey(std::string_view hmacKey)

 {

   m_type = SIGNER_TYPE_HMAC;


   OBufferStream os;

   transform::bufferSource(hmacKey) >>

     transform::base64Decode(false) >>

     transform::streamSink(os);

   m_hmacKey = make_shared<transform::PrivateKey>();

   m_hmacKey->loadRaw(KeyType::HMAC, *os.buf());


   // generate key name

   m_name = getHmacIdentity();

   m_name.append(name::Component(m_hmacKey->getKeyDigest(DigestAlgorithm::SHA256)));


   return *this;

 }


 SigningInfo&

 SigningInfo::setSha256Signing()

 {

   m_type = SIGNER_TYPE_SHA256;

   m_name.clear();

   return *this;

 }


 SigningInfo&

 SigningInfo::setPibIdentity(const Identity& identity)

 {

   m_type = SIGNER_TYPE_ID;

   m_name = identity ? identity.getName() : Name();

   m_identity = identity;

   return *this;

 }


 SigningInfo&

 SigningInfo::setPibKey(const Key& key)

 {

   m_type = SIGNER_TYPE_KEY;

   m_name = key ? key.getName() : Name();

   m_key = key;

   return *this;

 }


 SigningInfo&

 SigningInfo::setSignatureInfo(const SignatureInfo& signatureInfo)

 {

   m_info = signatureInfo;

   return *this;

 }


 std::ostream&

 operator<<(std::ostream& os, const SigningInfo& si)

 {

   switch (si.getSignerType()) {

     case SigningInfo::SIGNER_TYPE_NULL:

       return os;

     case SigningInfo::SIGNER_TYPE_ID:

       return os << "id:" << si.getSignerName();

     case SigningInfo::SIGNER_TYPE_KEY:

       return os << "key:" << si.getSignerName();

     case SigningInfo::SIGNER_TYPE_CERT:

       return os << "cert:" << si.getSignerName();

     case SigningInfo::SIGNER_TYPE_SHA256:

       return os << "id:" << SigningInfo::getDigestSha256Identity();

     case SigningInfo::SIGNER_TYPE_HMAC:

       return os << "id:" << si.getSignerName();

   }

   return os << "Unknown signer type " << to_underlying(si.getSignerType());

 }


 std::ostream&

 operator<<(std::ostream& os, const SignedInterestFormat& format)

 {

   switch (format) {

     case SignedInterestFormat::V03:

       return os << "Signed Interest v0.3";

     case SignedInterestFormat::V02:

       return os << "Signed Interest v0.2";

   }

   return os << "Unknown signed Interest format " << to_underlying(format);

 }


 } // namespace ndn::security

base64-decode.hpp

buffer-source.hpp

buffer-stream.hpp

ndn::Name
Represents an absolute name.
Definition: name.hpp:45

ndn::Name::clear
void clear()
Remove all components.
Definition: name.cpp:256

ndn::Name::append
Name & append(const Component &component)
Append a name component.
Definition: name.hpp:308

ndn::OBufferStream
An output stream that writes to a Buffer.
Definition: buffer-stream.hpp:70

ndn::OBufferStream::buf
std::shared_ptr< Buffer > buf()
Return a shared pointer to the underlying buffer.
Definition: buffer-stream.cpp:58

ndn::SignatureInfo
Represents a SignatureInfo or InterestSignatureInfo TLV element.
Definition: signature-info.hpp:34

ndn::name::Component
Represents a name component.
Definition: name-component.hpp:113

ndn::security::SigningInfo
Signing parameters passed to KeyChain.
Definition: signing-info.hpp:52

ndn::security::SigningInfo::SigningInfo
SigningInfo(SignerType signerType=SIGNER_TYPE_NULL, const Name &signerName=Name(), const SignatureInfo &signatureInfo=SignatureInfo())
Constructor.
Definition: signing-info.cpp:45

ndn::security::SigningInfo::setPibIdentity
SigningInfo & setPibIdentity(const Identity &identity)
Set signer as a PIB identity handle identity.
Definition: signing-info.cpp:161

ndn::security::SigningInfo::getSignerName
const Name & getSignerName() const
Definition: signing-info.hpp:180

ndn::security::SigningInfo::setSigningIdentity
SigningInfo & setSigningIdentity(const Name &identity)
Set signer as an identity with name identity.
Definition: signing-info.cpp:108

ndn::security::SigningInfo::getDigestSha256Identity
static const Name & getDigestSha256Identity()
A localhost identity to indicate that the signature is generated using SHA-256.
Definition: signing-info.cpp:32

ndn::security::SigningInfo::setSha256Signing
SigningInfo & setSha256Signing()
Set SHA-256 as the signing method.
Definition: signing-info.cpp:153

ndn::security::SigningInfo::setSigningCertName
SigningInfo & setSigningCertName(const Name &certificateName)
Set signer as a certificate with name certificateName.
Definition: signing-info.cpp:126

ndn::security::SigningInfo::getHmacIdentity
static const Name & getHmacIdentity()
A localhost identity to indicate that the signature is generated using an HMAC key.
Definition: signing-info.cpp:39

ndn::security::SigningInfo::setSignatureInfo
SigningInfo & setSignatureInfo(const SignatureInfo &signatureInfo)
Set a semi-prepared SignatureInfo.
Definition: signing-info.cpp:179

ndn::security::SigningInfo::getSignerType
SignerType getSignerType() const
Return the signer type.
Definition: signing-info.hpp:171

ndn::security::SigningInfo::setSigningHmacKey
SigningInfo & setSigningHmacKey(std::string_view hmacKey)
Set signer to a base64-encoded HMAC key.
Definition: signing-info.cpp:134

ndn::security::SigningInfo::SignerType
SignerType
Definition: signing-info.hpp:60

ndn::security::SigningInfo::SIGNER_TYPE_CERT
@ SIGNER_TYPE_CERT
Signer is a certificate, use it directly.
Definition: signing-info.hpp:68

ndn::security::SigningInfo::SIGNER_TYPE_SHA256
@ SIGNER_TYPE_SHA256
Use a SHA-256 digest only, no signer needs to be specified.
Definition: signing-info.hpp:70

ndn::security::SigningInfo::SIGNER_TYPE_HMAC
@ SIGNER_TYPE_HMAC
Signer is a HMAC key.
Definition: signing-info.hpp:72

ndn::security::SigningInfo::SIGNER_TYPE_NULL
@ SIGNER_TYPE_NULL
No signer is specified, use default setting or follow the trust schema.
Definition: signing-info.hpp:62

ndn::security::SigningInfo::SIGNER_TYPE_ID
@ SIGNER_TYPE_ID
Signer is an identity, use its default key and default certificate.
Definition: signing-info.hpp:64

ndn::security::SigningInfo::SIGNER_TYPE_KEY
@ SIGNER_TYPE_KEY
Signer is a key, use its default certificate.
Definition: signing-info.hpp:66

ndn::security::SigningInfo::setDigestAlgorithm
SigningInfo & setDigestAlgorithm(const DigestAlgorithm &algorithm)
Set the digest algorithm for signing operations.
Definition: signing-info.hpp:219

ndn::security::SigningInfo::setSigningKeyName
SigningInfo & setSigningKeyName(const Name &keyName)
Set signer as a key with name keyName.
Definition: signing-info.cpp:117

ndn::security::SigningInfo::setPibKey
SigningInfo & setPibKey(const Key &key)
Set signer as a PIB key handle key.
Definition: signing-info.cpp:170

ndn::security::pib::Identity
Frontend handle for an identity in the PIB.
Definition: identity.hpp:44

ndn::security::pib::Identity::getName
const Name & getName() const
Return the name of the identity.
Definition: identity.cpp:35

ndn::security::pib::Key
Frontend handle for a key in the PIB.
Definition: key.hpp:45

ndn::security::pib::Key::getName
const Name & getName() const
Return the name of the key.
Definition: key.cpp:36

NDN_THROW
#define NDN_THROW(e)
Definition: exception.hpp:56

ndn::security::transform::streamSink
unique_ptr< Sink > streamSink(std::ostream &os)
Definition: stream-sink.cpp:51

ndn::security::transform::bufferSource
BufferSource bufferSource
Definition: buffer-source.hpp:71

ndn::security::transform::base64Decode
unique_ptr< Transform > base64Decode(bool expectNewlineEvery64Bytes)
Definition: base64-decode.cpp:124

ndn::security
Contains the ndn-cxx security framework.
Definition: additional-description.cpp:26

ndn::security::operator<<
std::ostream & operator<<(std::ostream &os, const AdditionalDescription &desc)
Definition: additional-description.cpp:157

ndn::security::SignedInterestFormat
SignedInterestFormat
Definition: signing-info.hpp:38

ndn::security::SignedInterestFormat::V03
@ V03
Sign Interest using Packet Specification v0.3 semantics.

ndn::security::SignedInterestFormat::V02
@ V02
Sign Interest using Packet Specification v0.2 semantics.

ndn::tlv::Name
@ Name
Definition: tlv.hpp:71

ndn::KeyType::HMAC
@ HMAC
HMAC key, supports sign/verify operations.

ndn::KeyIdType::SHA256
@ SHA256
Use the SHA-256 hash of the public key as key id.

ndn::to_underlying
constexpr std::underlying_type_t< T > to_underlying(T val) noexcept
Definition: backports.hpp:44

ndn::DigestAlgorithm
DigestAlgorithm
Definition: security-common.hpp:117

ndn::DigestAlgorithm::SHA256
@ SHA256

signing-info.hpp

stream-sink.hpp