NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::v2::TrustAnchorContainer Class Reference

represents a container for trust anchors. More...

#include <trust-anchor-container.hpp>

Inheritance diagram for ndn::security::v2::TrustAnchorContainer:
Collaboration diagram for ndn::security::v2::TrustAnchorContainer:

Classes

class  Error
 

Public Member Functions

void insert (const std::string &groupId, Certificate &&cert)
 Insert a static trust anchor. More...
 
void insert (const std::string &groupId, const boost::filesystem::path &path, time::nanoseconds refreshPeriod, bool isDir=false)
 Insert dynamic trust anchors from path. More...
 
void clear ()
 Remove all static or dynamic anchors. More...
 
const Certificatefind (const Name &keyName) const
 Search for certificate across all groups (longest prefix match) More...
 
const Certificatefind (const Interest &interest) const
 Find certificate given interest. More...
 
TrustAnchorGroupgetGroup (const std::string &groupId) const
 Get trusted anchor group. More...
 
size_t size () const
 Get number of trust anchors across all groups. More...
 

Detailed Description

represents a container for trust anchors.

There are two kinds of anchors:

  • static anchors that are permanent for the lifetime of the container
  • dynamic anchors that are periodically updated.

Trust anchors are organized in groups. Each group has a unique group id. The same anchor certificate (same name without considering the implicit digest) can be inserted into multiple groups, but no more than once into each.

Dynamic groups are created using the appropriate TrustAnchorContainer::insert method. Once created, the dynamic anchor group cannot be updated.

The returned pointer to Certificate from find methods is only guaranteed to be valid until the next invocation of find and may be invalidated afterwards.

Definition at line 55 of file trust-anchor-container.hpp.

Member Function Documentation

◆ insert() [1/2]

void ndn::security::v2::TrustAnchorContainer::insert ( const std::string &  groupId,
Certificate &&  cert 
)

Insert a static trust anchor.

Parameters
groupIdCertificate group id.
certCertificate to insert.

If cert (same name without considering implicit digest) already exists in the group groupId, this method has no effect.

Exceptions
ErrorgroupId is a dynamic anchor group .

Definition at line 49 of file trust-anchor-container.cpp.

Referenced by ndn::security::v2::CertificateStorage::loadAnchor().

◆ insert() [2/2]

void ndn::security::v2::TrustAnchorContainer::insert ( const std::string &  groupId,
const boost::filesystem::path &  path,
time::nanoseconds  refreshPeriod,
bool  isDir = false 
)

Insert dynamic trust anchors from path.

Parameters
groupIdCertificate group id, must not be empty.
pathSpecifies the path to load the trust anchors.
refreshPeriodRefresh period for the trust anchors, must be positive. Relevant trust anchors will only be updated when find is called
isDirTells whether the path is a directory or a single file.
Exceptions
std::invalid_argumentrefreshPeriod is not positive
Errora group with groupId already exists

Definition at line 63 of file trust-anchor-container.cpp.

◆ clear()

void ndn::security::v2::TrustAnchorContainer::clear ( )

Remove all static or dynamic anchors.

Definition at line 74 of file trust-anchor-container.cpp.

Referenced by ndn::security::v2::CertificateStorage::resetAnchors().

◆ find() [1/2]

const Certificate * ndn::security::v2::TrustAnchorContainer::find ( const Name keyName) const

Search for certificate across all groups (longest prefix match)

Parameters
keyNameKey name prefix for searching the certificate.
Returns
The found certificate, nullptr if not found.
Note
The returned value may be invalidated after next call to one of find methods.

Definition at line 81 of file trust-anchor-container.cpp.

References ndn::Name::isPrefixOf().

Referenced by ndn::security::v2::CertificateStorage::findTrustedCert(), and ndn::security::v2::CertificateStorage::isCertKnown().

◆ find() [2/2]

const Certificate * ndn::security::v2::TrustAnchorContainer::find ( const Interest interest) const

Find certificate given interest.

Parameters
interestThe input interest packet.
Returns
The found certificate, nullptr if not found.
Note
The returned value may be invalidated after next call to one of find methods.
Interest with implicit digest is not supported.
ChildSelector is not supported.

Definition at line 92 of file trust-anchor-container.cpp.

References ndn::Interest::getName(), ndn::Name::isPrefixOf(), and ndn::Interest::matchesData().

◆ getGroup()

TrustAnchorGroup & ndn::security::v2::TrustAnchorContainer::getGroup ( const std::string &  groupId) const

Get trusted anchor group.

Exceptions
ErrorgroupId does not exist

Definition at line 107 of file trust-anchor-container.cpp.

◆ size()

size_t ndn::security::v2::TrustAnchorContainer::size ( ) const

Get number of trust anchors across all groups.

Definition at line 117 of file trust-anchor-container.cpp.


The documentation for this class was generated from the following files: