Project

General

Profile

Actions

Feature #3281

closed

Represent SigningInfo as string

Added by Junxiao Shi about 9 years ago. Updated almost 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
3.00 h

Description

Develop a string representation for SigningInfo.

Currently, SigningInfo can be constructed from two value:

  • signerType chooses whether to use default signing or follow trust model, use a specific signing identity/key/certificate, or perform SHA256 digest signing
  • signerName picks the signing identity or key or certificate; its semantics is dependent upon the value of signerType

In certain cases, an application may want to allow configuration of SigningInfo from its configuration file or from command line options.

Although it's possible to define two configuration or command line options, separately for signerType or signerName, the definition for signerName field can cause confusion because its semantics is dependent.

It's desirable to represent SigningInfo with a single string.

This issue includes:

  • design the string representation of SigningInfo
  • implement the parsing procedure as a SigningInfo constructor overload
  • implement the encoding procedure as the stream output operator of SigningInfo type

Related issues 1 (0 open1 closed)

Blocks ndn-cxx - Bug #3365: SigningInfo(std::string) does not set DigestAlgorithmClosedSpencer Lee12/20/2015

Actions
Actions #1

Updated by Junxiao Shi about 9 years ago

As I proposed in #1705 note-13, the string representation can have the following form:

default:
id:/my-identity
key:/my-identity/ksk-1
cert:/my-identity/KEY/ksk-1/ID-CERT/%FD%01
sha256:
Actions #2

Updated by Junxiao Shi about 9 years ago

20151027 conference call approves this feature.

The design is changed to:

  • Empty string represents default signing.
  • id key cert (as in note-1 design) represents signing by identity/key/certificate.
  • id:/localhost/identity/digest-sha256 (#1705) represents signing with SHA256 digest.
Actions #3

Updated by Junxiao Shi about 9 years ago

  • Assignee set to Spencer Lee
  • Target version set to v0.5

See note-2 for design.

This Change shall target ndn-cxx master branch.

Actions #4

Updated by Spencer Lee almost 9 years ago

Here is a rough change I made based on my understanding:
http://gerrit.named-data.net/#/c/2601/1

A couple questions I had regarding this issue: -- editted after gaining more implied information

  1. Is the new string an alternative to the current SignerType and Name constructor? (Original should not be replaced)

    alternative, storing the SignerType and SignerName properties the same way as the original

  2. Would it be a good idea to use the for parsing the input signing string? Will it compile on all platforms?

    regex does not need to be used in this case

  3. How should the default signing for SigningInfo be represented, denoted by empty string input?

    use the default constructor, SigningInfo()

  4. What does 'implement the encoding procedure as the stream output operator of SigningInfo type' in the issue statement refer to?

    used in representing SigningInfo constructor strings that were passed in to create the SigningInfo

  5. What kind of error-handling should occur when an input string does not match any of the conditions (not matching default, id, sha, key or cert)?

    throw std::invalid_argument is to be used

  6. Are the prefixes 'id:', 'key:' and 'cert:' apart of the signing string input?

    Are scheme identifiers, but are not a part of the actual signing names that start with '/'

  7. Once a match indicating the kind of signing method to be used has been detected, should the currently implemented set signing methods be used?

    seems to be the way to go

  8. How should digest algorithm and signature info of SigningInfo be represented in the output stream operator overloading?
    output stream operator is for using SigningInfo and outputting the string representation format that the constructor would take

new questions

  1. Should the == operator be overloaded to be used for SigningInfo comparison?
Actions #5

Updated by Spencer Lee almost 9 years ago

  • Status changed from New to In Progress
Actions #6

Updated by Spencer Lee almost 9 years ago

  • Status changed from In Progress to Code review
Actions #7

Updated by Alex Afanasyev almost 9 years ago

  • Status changed from Code review to Closed
  • % Done changed from 0 to 100
Actions #8

Updated by Junxiao Shi almost 9 years ago

  • Blocks Bug #3365: SigningInfo(std::string) does not set DigestAlgorithm added
Actions

Also available in: Atom PDF