Feature #2922
closed
Helpers to create SigningInfo
Added by Alex Afanasyev over 9 years ago. Updated over 9 years ago.
100%
Description
Currently, it requires too much typing to write a signing command.
For example, to sign with a cert name, one has to write
keyChain.sign(packet, security::SigningInfo(security::SigningInfo::SIGNER_TYPE_CERT, certName));
We should create helper functions for SigningInfo creation.
SigningInfo
signingByIdentity(const Name& identityName);
SigningInfo
signingByKey(const Name& keyName);
SigningInfo
signingByCertificate(const Name& certName);
SigningInfo
signingWithSha256();
These free functions should be declared in ndn::security namespace, and exported to ndn namespace.
After this change, the above example can be written as:
keyChain.sign(packet, signingByCertificate(certName));
Updated by Junxiao Shi over 9 years ago
- Tracker changed from Task to Feature
- Subject changed from Implement helpers to create SigningInfo to Helpers to create SigningInfo
I disagree with creating helper classes. They should be free functions that returns SigningInfo type.
Updated by Alex Afanasyev over 9 years ago
Free functions also could be good. My only objective is to have a simple and straightforward syntax for signing operation.
Updated by Junxiao Shi over 9 years ago
- Description updated (diff)
- Estimated time set to 3.00 h
Function names shouldn't start with verb sign, because the intuitive meaning would be "sign the argument and return the signed object".
I made the function names start with signing. This is an intentional violation of rule 2.5.
A proper name that conforms to rule 2.5 would be makeSigningInfoByIdentity, which is again too long.
Updated by Alex Afanasyev over 9 years ago
can we remove "signing" prefix? It would be more meaningful to write
keyChain.sign(packet, byCertificate(certName));
keyChain.sign(packet, byIdentity(identityName));
keyChain.sign(packet, byKey(keyName));
It would a little clutter ndn:: namespace, but more clear.
Updated by Junxiao Shi over 9 years ago
Answer to note-4:
No, they look weird in ndn namespace.
I could put them into ndn::security::signing namespace, but the application needs to manually import them with using.
Updated by Junxiao Shi over 9 years ago
- Assignee set to Eric Newberry
20150619 conference call approves the design in Description.
Updated by Junxiao Shi over 9 years ago
- Blocks Bug #2919: poke and pingserver use deprecated signing API added
Updated by Junxiao Shi over 9 years ago
- Blocked by Feature #2871: KeyChain: general signing API added
Updated by Eric Newberry over 9 years ago
- Status changed from New to In Progress
Updated by Eric Newberry over 9 years ago
How do I get the keyName from the keyId?
Updated by Eric Newberry over 9 years ago
- Status changed from In Progress to Code review
Updated by Alex Afanasyev over 9 years ago
I have not noticed that before, but signingByKey should accept key name. Identity and "id" are irrelevant for the purpose of signing.
Updated by Junxiao Shi over 9 years ago
- Description updated (diff)
signingByKeyshould accept key name. Identity and "id" are irrelevant for the purpose of signing.
Agreed. I used to believed "key name" has no definition, until I see Key::getName method.
Updated by Junxiao Shi over 9 years ago
Should KeyChain and other unit tests (modified in #2871) be updated to use signing helpers, instead of creating SigningInfo with the long syntax?
Updated by Eric Newberry over 9 years ago
Junxiao Shi wrote:
Should
KeyChainand other unit tests (modified in #2871) be updated to use signing helpers, instead of creating SigningInfo with the long syntax?
I would agree with this proposal, as it would simply the test commands. However, it would also require the inclusion of an extra header in the unit test (signing-helpers.hpp).
Updated by Eric Newberry over 9 years ago
- Status changed from Code review to Closed
- % Done changed from 0 to 100
Updated by Eric Newberry over 9 years ago
I forgot about Junxiao's question when I closed this issue. Could it please be changed to Resolved until all questions are sorted out?
Updated by Junxiao Shi over 9 years ago
- Status changed from Closed to Resolved
note-14 must be discussed before this issue can close.
Updated by
Updated by Alex Afanasyev over 9 years ago
I see no reason to do any modifications, as the code is equivalent. The new code can use either, though I would suspect developers would choose to use helpers.
Updated by Joao Pereira over 9 years ago
Looking into these functions for another task I am not sure why do we need to supply the name. Shouldn't the interface be like this:
SigningInfo
signingBy(const Name& identity);
SigningInfo
signingBy(const KeyChain& key);
SigningInfo
signingBy(const IdentityCertificate& certificate);
Like this the functions would be more usefull, because at this point these functions only abstract the caller from the enum.
Updated by Alex Afanasyev over 9 years ago
Because identity, key, and certificates all are identified by name. I think what you're suggesting would require additional lookup to keychain, with code size only increasing
Updated by Joao Pereira over 9 years ago
At this point we are just using only the identity and the certificate signers and we call the certificate like this:
security::SigningInfo signingInfo;
if (!certificate.getName().empty()) {
signingInfo = signingByCertificate(certificate.getName());
}
What I was proposing was to remove this logic from every place we are trying to sign and move it to the helper.
The KeyChain at this point have no call, will it be used? How are we getting the name from the KeyChain when we want to call the signer using the signingByKey?
Updated by Junxiao Shi over 9 years ago
Reply to note-24:
The quoted snippet comes from a \deprecated function to support legacy API.
New code shouldn't load Certificate in order to construct SigningInfo.
Updated by Joao Pereira over 9 years ago
Yes you are right, so this code will be moved to the application right? Because the setInterestFilter will be receiving the SigningInfo object already.
Looking at what was said in note-25 I think that it make even more sense to have override helper functions instead of having one function per type.
But if you guys think that this logic should be passed to the application then we can close this discussion
Updated by Junxiao Shi over 9 years ago
Reply to note-26:
Application shouldn't load Certificate either.
Updated by Alex Afanasyev over 9 years ago
The input that application provides is Name (it is what user supplies either in configuration or command line parameters). Any looking up procedures will be done inside the keychain during thr signing (how to optimize the number of lookups is another good question).
Neither key or certificate can really be used directly for signing operations. To sign one needs to find a corresponding private key, for which we are using name of identity/key/certificate, just in a slightly different ways.