master/doxygen/signing-info_8cpp_source.html

/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */

/*

 * Copyright (c) 2013-2023 Regents of the University of California.

 *

 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).

 *

 * ndn-cxx library is free software: you can redistribute it and/or modify it under the

 * terms of the GNU Lesser General Public License as published by the Free Software

 * Foundation, either version 3 of the License, or (at your option) any later version.

 *

 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY

 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A

 * PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.

 *

 * You should have received copies of the GNU General Public License and GNU Lesser

 * General Public License along with ndn-cxx, e.g., in COPYING.md file.  If not, see

 * <http://www.gnu.org/licenses/>.

 *

 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.

 */


#include "ndn-cxx/security/signing-info.hpp"


#include "ndn-cxx/encoding/buffer-stream.hpp"

#include "ndn-cxx/security/transform/base64-decode.hpp"

#include "ndn-cxx/security/transform/buffer-source.hpp"

#include "ndn-cxx/security/transform/stream-sink.hpp"


namespace ndn::security {


const Name&


SigningInfo::getDigestSha256Identity()

{

  static Name digestSha256Identity("/localhost/identity/digest-sha256");

  return digestSha256Identity;

}


const Name&


SigningInfo::getHmacIdentity()

{

  static Name hmacIdentity("/localhost/identity/hmac");

  return hmacIdentity;

}


SigningInfo::SigningInfo(SignerType signerType,

                         const Name& signerName,

                         const SignatureInfo& signatureInfo)

  : m_type(signerType)

  , m_name(signerName)

  , m_digestAlgorithm(DigestAlgorithm::SHA256)

  , m_info(signatureInfo)

  , m_signedInterestFormat(SignedInterestFormat::V02)

{

  BOOST_ASSERT(signerType >= SIGNER_TYPE_NULL && signerType <= SIGNER_TYPE_HMAC);

}


SigningInfo::SigningInfo(const Identity& identity)

  : SigningInfo(SIGNER_TYPE_NULL)

{

  this->setPibIdentity(identity);

}


SigningInfo::SigningInfo(const Key& key)

  : SigningInfo(SIGNER_TYPE_NULL)

{

  this->setPibKey(key);

}


SigningInfo::SigningInfo(std::string_view signingStr)

  : SigningInfo(SIGNER_TYPE_NULL)

{

  if (signingStr.empty()) {

    return;

  }


  auto pos = signingStr.find(':');

  if (pos == std::string_view::npos) {

    NDN_THROW(std::invalid_argument("Invalid signing string cannot represent SigningInfo"));

  }


  auto scheme = signingStr.substr(0, pos);

  auto nameArg = signingStr.substr(pos + 1);


  if (scheme == "id") {

    if (nameArg == getDigestSha256Identity().toUri()) {

      setSha256Signing();

    }

    else {

      setSigningIdentity(Name(nameArg));

    }

  }

  else if (scheme == "key") {

    setSigningKeyName(Name(nameArg));

  }

  else if (scheme == "cert") {

    setSigningCertName(Name(nameArg));

  }

  else if (scheme == "hmac-sha256") {

    setSigningHmacKey(nameArg);

    setDigestAlgorithm(DigestAlgorithm::SHA256);

  }

  else {

    NDN_THROW(std::invalid_argument("Invalid signing string scheme"));

  }

}


SigningInfo&


SigningInfo::setSigningIdentity(const Name& identity)

{

  m_type = SIGNER_TYPE_ID;

  m_name = identity;

  m_identity = Identity();

  return *this;

}


SigningInfo&


SigningInfo::setSigningKeyName(const Name& keyName)

{

  m_type = SIGNER_TYPE_KEY;

  m_name = keyName;

  m_key = Key();

  return *this;

}


SigningInfo&


SigningInfo::setSigningCertName(const Name& certificateName)

{

  m_type = SIGNER_TYPE_CERT;

  m_name = certificateName;

  return *this;

}


SigningInfo&


SigningInfo::setSigningHmacKey(std::string_view hmacKey)

{

  m_type = SIGNER_TYPE_HMAC;


  OBufferStream os;

  transform::bufferSource(hmacKey) >>

    transform::base64Decode(false) >>

    transform::streamSink(os);

  m_hmacKey = make_shared<transform::PrivateKey>();

  m_hmacKey->loadRaw(KeyType::HMAC, *os.buf());


  // generate key name

  m_name = getHmacIdentity();

  m_name.append(name::Component(m_hmacKey->getKeyDigest(DigestAlgorithm::SHA256)));


  return *this;

}


SigningInfo&


SigningInfo::setSha256Signing()

{

  m_type = SIGNER_TYPE_SHA256;

  m_name.clear();

  return *this;

}


SigningInfo&


SigningInfo::setPibIdentity(const Identity& identity)

{

  m_type = SIGNER_TYPE_ID;

  m_name = identity ? identity.getName() : Name();

  m_identity = identity;

  return *this;

}


SigningInfo&


SigningInfo::setPibKey(const Key& key)

{

  m_type = SIGNER_TYPE_KEY;

  m_name = key ? key.getName() : Name();

  m_key = key;

  return *this;

}


SigningInfo&


SigningInfo::setSignatureInfo(const SignatureInfo& signatureInfo)

{

  m_info = signatureInfo;

  return *this;

}


std::ostream&

operator<<(std::ostream& os, const SigningInfo& si)

{

  switch (si.getSignerType()) {

    case SigningInfo::SIGNER_TYPE_NULL:

      return os;

    case SigningInfo::SIGNER_TYPE_ID:

      return os << "id:" << si.getSignerName();

    case SigningInfo::SIGNER_TYPE_KEY:

      return os << "key:" << si.getSignerName();

    case SigningInfo::SIGNER_TYPE_CERT:

      return os << "cert:" << si.getSignerName();

    case SigningInfo::SIGNER_TYPE_SHA256:

      return os << "id:" << SigningInfo::getDigestSha256Identity();

    case SigningInfo::SIGNER_TYPE_HMAC:

      return os << "id:" << si.getSignerName();

  }

  return os << "Unknown signer type " << to_underlying(si.getSignerType());

}


std::ostream&

operator<<(std::ostream& os, const SignedInterestFormat& format)

{

  switch (format) {

    case SignedInterestFormat::V03:

      return os << "Signed Interest v0.3";

    case SignedInterestFormat::V02:

      return os << "Signed Interest v0.2";

  }

  return os << "Unknown signed Interest format " << to_underlying(format);

}


} // namespace ndn::security

base64-decode.hpp

buffer-source.hpp

buffer-stream.hpp

ndn::Name
Represents an absolute name.
Definition name.hpp:45

ndn::Name::append
Name & append(const Component &component)
Append a name component.
Definition name.hpp:308

ndn::Name::clear
void clear()
Remove all components.
Definition name.cpp:256

ndn::OBufferStream
An output stream that writes to a Buffer.
Definition buffer-stream.hpp:70

ndn::OBufferStream::buf
std::shared_ptr< Buffer > buf()
Return a shared pointer to the underlying buffer.
Definition buffer-stream.cpp:58

ndn::SignatureInfo
Represents a SignatureInfo or InterestSignatureInfo TLV element.
Definition signature-info.hpp:34

ndn::name::Component
Represents a name component.
Definition name-component.hpp:113

ndn::security::SigningInfo
Signing parameters passed to KeyChain.
Definition signing-info.hpp:52

ndn::security::SigningInfo::SigningInfo
SigningInfo(SignerType signerType=SIGNER_TYPE_NULL, const Name &signerName=Name(), const SignatureInfo &signatureInfo=SignatureInfo())
Constructor.
Definition signing-info.cpp:45

ndn::security::SigningInfo::setPibIdentity
SigningInfo & setPibIdentity(const Identity &identity)
Set signer as a PIB identity handle identity.
Definition signing-info.cpp:161

ndn::security::SigningInfo::setSigningIdentity
SigningInfo & setSigningIdentity(const Name &identity)
Set signer as an identity with name identity.
Definition signing-info.cpp:108

ndn::security::SigningInfo::getDigestSha256Identity
static const Name & getDigestSha256Identity()
A localhost identity to indicate that the signature is generated using SHA-256.
Definition signing-info.cpp:32

ndn::security::SigningInfo::setDigestAlgorithm
SigningInfo & setDigestAlgorithm(const DigestAlgorithm &algorithm)
Set the digest algorithm for signing operations.
Definition signing-info.hpp:219

ndn::security::SigningInfo::setSha256Signing
SigningInfo & setSha256Signing()
Set SHA-256 as the signing method.
Definition signing-info.cpp:153

ndn::security::SigningInfo::setSigningCertName
SigningInfo & setSigningCertName(const Name &certificateName)
Set signer as a certificate with name certificateName.
Definition signing-info.cpp:126

ndn::security::SigningInfo::getHmacIdentity
static const Name & getHmacIdentity()
A localhost identity to indicate that the signature is generated using an HMAC key.
Definition signing-info.cpp:39

ndn::security::SigningInfo::setSignatureInfo
SigningInfo & setSignatureInfo(const SignatureInfo &signatureInfo)
Set a semi-prepared SignatureInfo.
Definition signing-info.cpp:179

ndn::security::SigningInfo::getSignerType
SignerType getSignerType() const
Return the signer type.
Definition signing-info.hpp:171

ndn::security::SigningInfo::setSigningHmacKey
SigningInfo & setSigningHmacKey(std::string_view hmacKey)
Set signer to a base64-encoded HMAC key.
Definition signing-info.cpp:134

ndn::security::SigningInfo::SignerType
SignerType
Definition signing-info.hpp:60

ndn::security::SigningInfo::SIGNER_TYPE_CERT
@ SIGNER_TYPE_CERT
Signer is a certificate, use it directly.
Definition signing-info.hpp:68

ndn::security::SigningInfo::SIGNER_TYPE_SHA256
@ SIGNER_TYPE_SHA256
Use a SHA-256 digest only, no signer needs to be specified.
Definition signing-info.hpp:70

ndn::security::SigningInfo::SIGNER_TYPE_HMAC
@ SIGNER_TYPE_HMAC
Signer is a HMAC key.
Definition signing-info.hpp:72

ndn::security::SigningInfo::SIGNER_TYPE_NULL
@ SIGNER_TYPE_NULL
No signer is specified, use default setting or follow the trust schema.
Definition signing-info.hpp:62

ndn::security::SigningInfo::SIGNER_TYPE_ID
@ SIGNER_TYPE_ID
Signer is an identity, use its default key and default certificate.
Definition signing-info.hpp:64

ndn::security::SigningInfo::SIGNER_TYPE_KEY
@ SIGNER_TYPE_KEY
Signer is a key, use its default certificate.
Definition signing-info.hpp:66

ndn::security::SigningInfo::getSignerName
const Name & getSignerName() const
Definition signing-info.hpp:180

ndn::security::SigningInfo::setSigningKeyName
SigningInfo & setSigningKeyName(const Name &keyName)
Set signer as a key with name keyName.
Definition signing-info.cpp:117

ndn::security::SigningInfo::setPibKey
SigningInfo & setPibKey(const Key &key)
Set signer as a PIB key handle key.
Definition signing-info.cpp:170

ndn::security::pib::Identity
Frontend handle for an identity in the PIB.
Definition identity.hpp:44

ndn::security::pib::Identity::getName
const Name & getName() const
Return the name of the identity.
Definition identity.cpp:35

ndn::security::pib::Key
Frontend handle for a key in the PIB.
Definition key.hpp:45

ndn::security::pib::Key::getName
const Name & getName() const
Return the name of the key.
Definition key.cpp:36

NDN_THROW
#define NDN_THROW(e)
Definition exception.hpp:56

ndn::security::transform::streamSink
unique_ptr< Sink > streamSink(std::ostream &os)
Definition stream-sink.cpp:51

ndn::security::transform::bufferSource
BufferSource bufferSource
Definition buffer-source.hpp:71

ndn::security::transform::base64Decode
unique_ptr< Transform > base64Decode(bool expectNewlineEvery64Bytes)
Definition base64-decode.cpp:124

ndn::security
Contains the ndn-cxx security framework.
Definition additional-description.cpp:26

ndn::security::operator<<
std::ostream & operator<<(std::ostream &os, const AdditionalDescription &desc)
Definition additional-description.cpp:158

ndn::security::SignedInterestFormat
SignedInterestFormat
Definition signing-info.hpp:38

ndn::security::SignedInterestFormat::V03
@ V03
Sign Interest using Packet Specification v0.3 semantics.

ndn::security::SignedInterestFormat::V02
@ V02
Sign Interest using Packet Specification v0.2 semantics.

ndn::tlv::Name
@ Name
Definition tlv.hpp:71

ndn::KeyType::HMAC
@ HMAC
HMAC key, supports sign/verify operations.

ndn::KeyIdType::SHA256
@ SHA256
Use the SHA-256 hash of the public key as key id.

ndn::to_underlying
constexpr std::underlying_type_t< T > to_underlying(T val) noexcept
Definition backports.hpp:44

ndn::DigestAlgorithm
DigestAlgorithm
Definition security-common.hpp:117

ndn::DigestAlgorithm::SHA256
@ SHA256

signing-info.hpp

stream-sink.hpp