tools: fix a bug in ndnsec-key-gen when --keyid is specified

Refs: #5057 Change-Id: Iaa29b7670d9cb85373d87cae0f0be377e7e65a1d
named-data · Apr 23, 2020 · 4c68b6e · 4c68b6e
1 parent 78338c5
commit 4c68b6e
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 22 deletions.
diff --git a/docs/manpages/ndnsec-key-gen.rst b/docs/manpages/ndnsec-key-gen.rst
@@ -4,7 +4,8 @@ ndnsec-key-gen
 Synopsis
 --------
 
-**ndnsec-key-gen** [**-h**] [**-n**] [**-t** *type*] [**-k** *keyidtype*] *identity*
+**ndnsec-key-gen** [**-h**] [**-n**] [**-t** *type*]
+[**-k** *keyidtype*\|\ **--keyid** *keyid*] *identity*
 
 Description
 -----------
@@ -28,12 +29,16 @@ Options
 
 .. option:: -t <type>, --type <type>
 
-   Type of key to generate. "r" for RSA (default), "e" for ECDSA.
+   Type of key to generate. "r" for RSA (the default), "e" for ECDSA.
 
 .. option:: -k <keyidtype>, --keyid-type <keyidtype>
 
-   Type of KeyId for the generated key. "r" for 64-bit random number (default),
-   "h" for SHA256 of the public key.
+   Type of KeyId for the generated key. "r" for a 64-bit random number (the default
+   unless **--keyid** is specified), "h" for the SHA-256 of the public key.
+
+.. option:: --keyid <keyid>
+
+   User-specified KeyId. Must be a non-empty generic name component.
 
 Example
 -------

diff --git a/ndn-cxx/security/security-common.hpp b/ndn-cxx/security/security-common.hpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2019 Regents of the University of California.
+ * Copyright (c) 2013-2020 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -63,7 +63,7 @@ enum class KeyIdType {
    */
   USER_SPECIFIED = 0,
   /**
-   * @brief Use the SHA256 hash of the public key as key id.
+   * @brief Use the SHA-256 hash of the public key as key id.
    *
    * This KeyIdType guarantees the uniqueness of the key names.
    */

diff --git a/tools/ndnsec/cert-dump.cpp b/tools/ndnsec/cert-dump.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2019 Regents of the University of California.
+ * Copyright (c) 2013-2020 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -62,7 +62,7 @@ ndnsec_cert_dump(int argc, char** argv)
                    "unless overridden by -i/-k/-f, the name of the certificate to be exported "
                    "(e.g., /ndn/edu/ucla/KEY/cs/alice/ksk-1234567890/ID-CERT/%FD%FF%FF%FF%FF%FF%FF%FF)")
     ("repo-output,r", po::bool_switch(&isRepoOut),
-                      "publish the certificate into a repo-ng instance")
+                      "publish the certificate into an NDN repo instance")
     ("repo-host,H",   po::value<std::string>(&repoHost)->default_value("localhost"),
                       "repo hostname if --repo-output is specified")
     ("repo-port,P",   po::value<std::string>(&repoPort)->default_value("7376"),

diff --git a/tools/ndnsec/key-gen.cpp b/tools/ndnsec/key-gen.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /*
- * Copyright (c) 2013-2019 Regents of the University of California.
+ * Copyright (c) 2013-2020 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -37,19 +37,19 @@ ndnsec_key_gen(int argc, char** argv)
   std::string userKeyId;
 
   po::options_description description(
-    "Usage: ndnsec key-gen [-h] [-n] [-t TYPE] [-k IDTYPE] [-i] IDENTITY\n"
+    "Usage: ndnsec key-gen [-h] [-n] [-t TYPE] [-k KEYIDTYPE|--keyid KEYID] [-i] IDENTITY\n"
     "\n"
     "Options");
   description.add_options()
     ("help,h", "produce help message")
     ("identity,i",    po::value<Name>(&identityName), "identity name, e.g., /ndn/edu/ucla/alice")
     ("not-default,n", po::bool_switch(&wantNotDefault), "do not set the identity as default")
     ("type,t",        po::value<char>(&keyTypeChoice)->default_value('r'),
-                      "key type, 'r' for RSA, 'e' for ECDSA")
-    ("keyid-type,k",  po::value<char>(&keyIdTypeChoice)->default_value('r'),
-                      "key id type, 'r' for 64-bit random number, 'h' for SHA256 of the public key")
+                      "key type: 'r' for RSA, 'e' for ECDSA")
+    ("keyid-type,k",  po::value<char>(&keyIdTypeChoice),
+                      "key id type: 'h' for the SHA-256 of the public key, 'r' for a 64-bit "
+                      "random number (the default unless --keyid is specified)")
     ("keyid",         po::value<std::string>(&userKeyId), "user-specified key id")
-    //("size,s",        po::value<int>(&keySize)->default_value(2048), "key size in bits")
     ;
 
   po::positional_options_description p;
@@ -80,6 +80,11 @@ ndnsec_key_gen(int argc, char** argv)
   Name::Component userKeyIdComponent;
 
   if (vm.count("keyid") > 0) {
+    if (vm.count("keyid-type") > 0) {
+      std::cerr << "ERROR: cannot specify both '--keyid' and '--keyid-type'" << std::endl;
+      return 2;
+    }
+
     keyIdType = KeyIdType::USER_SPECIFIED;
     userKeyIdComponent = name::Component::fromEscapedString(userKeyId);
     if (userKeyIdComponent.empty()) {
@@ -93,18 +98,13 @@ ndnsec_key_gen(int argc, char** argv)
   }
 
   if (vm.count("keyid-type") > 0) {
-    if (keyIdType == KeyIdType::USER_SPECIFIED) {
-      std::cerr << "ERROR: cannot specify both '--keyid' and '--keyid-type'" << std::endl;
-      return 2;
-    }
-
     switch (keyIdTypeChoice) {
-    case 'r':
-      // KeyIdType::RANDOM is the default
-      break;
     case 'h':
       keyIdType = KeyIdType::SHA256;
       break;
+    case 'r':
+      // KeyIdType::RANDOM is the default
+      break;
     default:
       std::cerr << "ERROR: unrecognized key id type '" << keyIdTypeChoice << "'" << std::endl;
       return 2;