NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
API Documentation
trust-anchor-container.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2017 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
23 
24 #include <boost/filesystem.hpp>
25 
26 namespace ndn {
27 namespace security {
28 namespace v2 {
29 
30 void
31 TrustAnchorContainer::AnchorContainer::add(Certificate&& cert)
32 {
33  AnchorContainerBase::insert(std::move(cert));
34 }
35 
36 void
37 TrustAnchorContainer::AnchorContainer::remove(const Name& certName)
38 {
39  AnchorContainerBase::erase(certName);
40 }
41 
42 void
43 TrustAnchorContainer::AnchorContainer::clear()
44 {
45  AnchorContainerBase::clear();
46 }
47 
48 void
49 TrustAnchorContainer::insert(const std::string& groupId, Certificate&& cert)
50 {
51  auto group = m_groups.find(groupId);
52  if (group == m_groups.end()) {
53  std::tie(group, std::ignore) = m_groups.insert(make_shared<StaticTrustAnchorGroup>(m_anchors, groupId));
54  }
55  auto* staticGroup = dynamic_cast<StaticTrustAnchorGroup*>(&**group);
56  if (staticGroup == nullptr) {
57  BOOST_THROW_EXCEPTION(Error("Cannot add static anchor to a non-static anchor group " + groupId));
58  }
59  staticGroup->add(std::move(cert));
60 }
61 
62 void
63 TrustAnchorContainer::insert(const std::string& groupId, const boost::filesystem::path& path,
64  time::nanoseconds refreshPeriod, bool isDir)
65 {
66  if (m_groups.count(groupId) != 0) {
67  BOOST_THROW_EXCEPTION(Error("Cannot create dynamic group, because group " + groupId + " already exists"));
68  }
69 
70  m_groups.insert(make_shared<DynamicTrustAnchorGroup>(m_anchors, groupId, path, refreshPeriod, isDir));
71 }
72 
73 void
75 {
76  m_groups.clear();
77  m_anchors.clear();
78 }
79 
80 const Certificate*
81 TrustAnchorContainer::find(const Name& keyName) const
82 {
83  const_cast<TrustAnchorContainer*>(this)->refresh();
84 
85  auto cert = m_anchors.lower_bound(keyName);
86  if (cert == m_anchors.end() || !keyName.isPrefixOf(cert->getName()))
87  return nullptr;
88  return &*cert;
89 }
90 
91 const Certificate*
92 TrustAnchorContainer::find(const Interest& interest) const
93 {
94  const_cast<TrustAnchorContainer*>(this)->refresh();
95 
96  for (auto cert = m_anchors.lower_bound(interest.getName());
97  cert != m_anchors.end() && interest.getName().isPrefixOf(cert->getName());
98  ++cert) {
99  if (interest.matchesData(*cert)) {
100  return &*cert;
101  }
102  }
103  return nullptr;
104 }
105 
107 TrustAnchorContainer::getGroup(const std::string& groupId) const
108 {
109  auto group = m_groups.find(groupId);
110  if (group == m_groups.end()) {
111  BOOST_THROW_EXCEPTION(Error("Trust anchor group " + groupId + " does not exist"));
112  }
113  return **group;
114 }
115 
116 size_t
118 {
119  return m_anchors.size();
120 }
121 
122 void
123 TrustAnchorContainer::refresh()
124 {
125  for (auto it = m_groups.begin(); it != m_groups.end(); ++it) {
126  m_groups.modify(it, [] (shared_ptr<TrustAnchorGroup>& group) { group->refresh(); });
127  }
128 }
129 
130 } // namespace v2
131 } // namespace security
132 } // namespace ndn
const Name & getName() const
Definition: interest.hpp:139
Copyright (c) 2011-2015 Regents of the University of California.
The certificate following the certificate format naming convention.
Definition: certificate.hpp:81
const Certificate * find(const Name &keyName) const
Search for certificate across all groups (longest prefix match)
size_t size() const
Get number of trust anchors across all groups.
void insert(const std::string &groupId, Certificate &&cert)
Insert a static trust anchor.
represents an Interest packet
Definition: interest.hpp:42
Catch-all error for security policy errors that don&#39;t fit in other categories.
Definition: base.hpp:79
TrustAnchorGroup & getGroup(const std::string &groupId) const
Get trusted anchor group.
represents a container for trust anchors.
Represents an absolute name.
Definition: name.hpp:42
bool isPrefixOf(const Name &other) const
Check if this name is a prefix of another name.
Definition: name.cpp:260
bool matchesData(const Data &data) const
Check if Interest can be satisfied by data.
Definition: interest.cpp:207
void clear()
Remove all static or dynamic anchors.