Feature #2218
closed
KeyChain: sign Interest with SHA256 digest
Description
Add a method overload: KeyChain::signWithSha256(Interest)
Updated by Junxiao Shi over 9 years ago
- Tracker changed from Task to Feature
- Subject changed from Extend signWithSha256 method (in security/key-chain.hpp) to accept interests as an argument. to KeyChain: sign Interest with SHA256 digest
- Description updated (diff)
- Category set to Security
- Start date deleted (
11/24/2014) - Estimated time set to 2.00 h
I don't think this feature is necessary.
Signed Interest should be signed with a real signature. Otherwise, the application can just send an unsigned Interest.
However, after #1705, this feature would implicitly be supported, but in a different API.
Updated by Alex Afanasyev over 9 years ago
- Assignee set to Yingdi Yu
- Target version set to v0.3
Yes, it would be supported implicitly. However, KeyChain::signWithSha256 will be the baseline implementation, to which "KeyChain::sign" will redirect.
Also. I would suggest changing KeyChain::signWithRsa to be static method, as there is no state that is used by it.
Updated by Yingdi Yu over 9 years ago
Could you provide a use case of signing an interest using sha256 digest?
Updated by Alex Afanasyev over 9 years ago
This is primarily for simulator use.
Given we have sha256 signature for data packets, we should (for symmetry) provide the same for Interests as well.
Updated by Yingdi Yu over 9 years ago
If it is for simulation, do we really even need a signature?
The digest for data provide some integrity check, but do we need integrity check for interest?
Updated by Alex Afanasyev over 9 years ago
The same reason. It may be useful in some cases to provide integrity check for interests.
Inside the simulator we don't need signatures. But, my objective is to have virtually no modifications to NFD code, which implies that there should be some external way to "disable" them (or at least reduce overhead).
Updated by Junxiao Shi over 9 years ago
- Blocks Feature #1705: Select DigestSha256 signing method with Identity Name added
Updated by Yingdi Yu over 9 years ago
- Status changed from New to Code review
- % Done changed from 0 to 100
Updated by Junxiao Shi over 9 years ago
- Status changed from Code review to Closed