NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security Namespace Reference

Namespaces

 detail
 
 pib
 
 tpm
 
 transform
 
 v2
 

Classes

class  CommandInterestPreparer
 Helper class to prepare command interest name. More...
 
class  CommandInterestSigner
 Helper class to create command interests. More...
 
class  DummyPib
 
class  DummyTpm
 
class  SafeBag
 a secured container for sensitive information(certificate, private key) More...
 
class  SigningInfo
 Signing parameters passed to KeyChain. More...
 
class  ValidatorConfig
 Helper for validator that uses CommandInterest + Config policy and NetworkFetcher. More...
 
class  ValidityPeriod
 Abstraction of validity period. More...
 

Functions

 NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND (DummyPib)
 
 NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND (DummyTpm)
 
 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (SafeBag)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (SafeBag)
 
SigningInfo signingByIdentity (const Name &identityName)
 
SigningInfo signingByIdentity (const Identity &identity)
 
SigningInfo signingByKey (const Name &keyName)
 
SigningInfo signingByKey (const Key &key)
 
SigningInfo signingByCertificate (const Name &certName)
 
SigningInfo signingByCertificate (const v2::Certificate &cert)
 
SigningInfo signingWithSha256 ()
 
std::ostream & operator<< (std::ostream &os, const SigningInfo &si)
 
 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (ValidityPeriod)
 
std::ostream & operator<< (std::ostream &os, const ValidityPeriod &period)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (ValidityPeriod)
 
bool verifySignature (const uint8_t *blob, size_t blobLen, const uint8_t *sig, size_t sigLen, const v2::PublicKey &pKey)
 Verify blob using key against sig. More...
 
bool verifySignature (const uint8_t *blob, size_t blobLen, const uint8_t *sig, size_t sigLen, const uint8_t *key, size_t keyLen)
 Verify blob using key against sig. More...
 
static std::tuple< bool, const uint8_t *, size_t, const uint8_t *, size_t > parse (const Data &data)
 
static std::tuple< bool, const uint8_t *, size_t, const uint8_t *, size_t > parse (const Interest &interest)
 
static bool verifySignature (const std::tuple< bool, const uint8_t *, size_t, const uint8_t *, size_t > &params, const v2::PublicKey &pKey)
 
static bool verifySignature (const std::tuple< bool, const uint8_t *, size_t, const uint8_t *, size_t > &params, const uint8_t *key, size_t keyLen)
 
bool verifySignature (const Data &data, const v2::PublicKey &key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const v2::PublicKey &key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const pib::Key &key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const pib::Key &key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const uint8_t *key, size_t keyLen)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const uint8_t *key, size_t keyLen)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const v2::Certificate &cert)
 Verify data using cert. More...
 
bool verifySignature (const Interest &interest, const v2::Certificate &cert)
 Verify interest using cert. More...
 
bool verifyDigest (const uint8_t *blob, size_t blobLen, const uint8_t *digest, size_t digestLen, DigestAlgorithm algorithm)
 Verify blob against digest using algorithm. More...
 
bool verifyDigest (const Data &data, DigestAlgorithm algorithm)
 Verify data against digest algorithm. More...
 
bool verifyDigest (const Interest &interest, DigestAlgorithm algorithm)
 Verify interest against digest algorithm. More...
 

Variables

static const uint8_t DUMMY_CERT []
 
static const uint8_t DUMMY_SIGNATURE []
 
 WireEncodable< SafeBag >
 
 WireDecodable< SafeBag >
 
 WireEncodable< ValidityPeriod >
 
 WireEncodableWithEncodingBuffer< ValidityPeriod >
 
 WireDecodable< ValidityPeriod >
 
static const size_t ISO_DATETIME_SIZE = 15
 
static const size_t NOT_BEFORE_OFFSET = 0
 
static const size_t NOT_AFTER_OFFSET = 1
 

Function Documentation

◆ NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND()

ndn::security::NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND ( DummyPib  )

◆ NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND()

ndn::security::NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND ( DummyTpm  )

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS() [1/2]

ndn::security::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( SafeBag  )

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS() [1/2]

ndn::security::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( SafeBag  )

◆ signingByIdentity() [1/2]

SigningInfo ndn::security::signingByIdentity ( const Name identityName)
Returns
a SigningInfo for signing with an identity

Definition at line 28 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_ID.

Referenced by nfd::rib::HostToGatewayReadvertisePolicy::handleNewRoute().

◆ signingByIdentity() [2/2]

SigningInfo ndn::security::signingByIdentity ( const Identity identity)
Returns
a SigningInfo for signing with an identity

Definition at line 34 of file signing-helpers.cpp.

◆ signingByKey() [1/2]

SigningInfo ndn::security::signingByKey ( const Name keyName)
Returns
a SigningInfo for signing with a key

Definition at line 40 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_KEY.

◆ signingByKey() [2/2]

SigningInfo ndn::security::signingByKey ( const Key key)
Returns
a SigningInfo for signing with a key

Definition at line 46 of file signing-helpers.cpp.

◆ signingByCertificate() [1/2]

SigningInfo ndn::security::signingByCertificate ( const Name certName)
Returns
a SigningInfo for signing with a certificate

Definition at line 52 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_CERT.

◆ signingByCertificate() [2/2]

SigningInfo ndn::security::signingByCertificate ( const v2::Certificate cert)
Returns
a SigningInfo for signing with a certificate

Definition at line 58 of file signing-helpers.cpp.

References ndn::Data::getName(), and ndn::security::SigningInfo::SIGNER_TYPE_CERT.

◆ signingWithSha256()

SigningInfo ndn::security::signingWithSha256 ( )
Returns
a SigningInfo for signing with Sha256

Definition at line 64 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_SHA256.

◆ operator<<() [1/2]

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS() [2/2]

ndn::security::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( ValidityPeriod  )

◆ operator<<() [2/2]

std::ostream & ndn::security::operator<< ( std::ostream &  os,
const ValidityPeriod period 
)

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS() [2/2]

ndn::security::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( ValidityPeriod  )

◆ verifySignature() [1/12]

bool ndn::security::verifySignature ( const uint8_t *  blob,
size_t  blobLen,
const uint8_t *  sig,
size_t  sigLen,
const v2::PublicKey pKey 
)

Verify blob using key against sig.

This is the core function, all other verifySignature overloads are implemented in terms of this function.

Definition at line 41 of file verification-helpers.cpp.

References ndn::security::transform::boolSink(), ndn::SHA256, and ndn::security::transform::verifierFilter().

Referenced by verifySignature().

◆ verifySignature() [2/12]

bool ndn::security::verifySignature ( const uint8_t *  data,
size_t  dataLen,
const uint8_t *  sig,
size_t  sigLen,
const uint8_t *  key,
size_t  keyLen 
)

Verify blob using key against sig.

Definition at line 57 of file verification-helpers.cpp.

References ndn::security::transform::PublicKey::loadPkcs8(), and verifySignature().

◆ parse() [1/2]

static std::tuple<bool, const uint8_t*, size_t, const uint8_t*, size_t> ndn::security::parse ( const Data data)
static

◆ parse() [2/2]

static std::tuple<bool, const uint8_t*, size_t, const uint8_t*, size_t> ndn::security::parse ( const Interest interest)
static

◆ verifySignature() [3/12]

static bool ndn::security::verifySignature ( const std::tuple< bool, const uint8_t *, size_t, const uint8_t *, size_t > &  params,
const v2::PublicKey pKey 
)
static

Definition at line 108 of file verification-helpers.cpp.

References verifySignature().

◆ verifySignature() [4/12]

static bool ndn::security::verifySignature ( const std::tuple< bool, const uint8_t *, size_t, const uint8_t *, size_t > &  params,
const uint8_t *  key,
size_t  keyLen 
)
static

Definition at line 126 of file verification-helpers.cpp.

References verifySignature().

◆ verifySignature() [5/12]

bool ndn::security::verifySignature ( const Data data,
const v2::PublicKey key 
)

Verify data using key.

Definition at line 144 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [6/12]

bool ndn::security::verifySignature ( const Interest interest,
const v2::PublicKey key 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest
See also
docs/specs/signed-interest.rst

Definition at line 150 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [7/12]

bool ndn::security::verifySignature ( const Data data,
const pib::Key key 
)

Verify data using key.

Definition at line 156 of file verification-helpers.cpp.

References ndn::security::pib::Key::getPublicKey(), parse(), and verifySignature().

◆ verifySignature() [8/12]

bool ndn::security::verifySignature ( const Interest interest,
const pib::Key key 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest
See also
docs/specs/signed-interest.rst

Definition at line 162 of file verification-helpers.cpp.

References ndn::security::pib::Key::getPublicKey(), parse(), and verifySignature().

◆ verifySignature() [9/12]

bool ndn::security::verifySignature ( const Data data,
const uint8_t *  key,
size_t  keyLen 
)

Verify data using key.

Definition at line 168 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [10/12]

bool ndn::security::verifySignature ( const Interest interest,
const uint8_t *  key,
size_t  keyLen 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest
See also
docs/specs/signed-interest.rst

Definition at line 174 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [11/12]

bool ndn::security::verifySignature ( const Data data,
const v2::Certificate cert 
)

Verify data using cert.

Definition at line 180 of file verification-helpers.cpp.

References ndn::Data::getContent(), parse(), ndn::Block::value(), ndn::Block::value_size(), and verifySignature().

◆ verifySignature() [12/12]

bool ndn::security::verifySignature ( const Interest interest,
const v2::Certificate cert 
)

Verify interest using cert.

Note
This method verifies only signature of the signed interest
See also
docs/specs/signed-interest.rst

Definition at line 186 of file verification-helpers.cpp.

References ndn::Data::getContent(), parse(), ndn::Block::value(), ndn::Block::value_size(), and verifySignature().

◆ verifyDigest() [1/3]

bool ndn::security::verifyDigest ( const uint8_t *  blob,
size_t  blobLen,
const uint8_t *  digest,
size_t  digestLen,
DigestAlgorithm  algorithm 
)

Verify blob against digest using algorithm.

This is the core function, all other verifyDigest overloads are implemented in terms of this function.

Definition at line 194 of file verification-helpers.cpp.

References ndn::OBufferStream::buf(), ndn::security::transform::digestFilter(), and ndn::security::transform::streamSink().

Referenced by verifyDigest().

◆ verifyDigest() [2/3]

bool ndn::security::verifyDigest ( const Data data,
DigestAlgorithm  algorithm 
)

Verify data against digest algorithm.

Definition at line 216 of file verification-helpers.cpp.

References parse(), and verifyDigest().

◆ verifyDigest() [3/3]

bool ndn::security::verifyDigest ( const Interest interest,
DigestAlgorithm  algorithm 
)

Verify interest against digest algorithm.

Note
This method verifies only signature of the signed interest
See also
docs/specs/signed-interest.rst

Definition at line 235 of file verification-helpers.cpp.

References parse(), and verifyDigest().

Variable Documentation

◆ DUMMY_CERT

const uint8_t ndn::security::DUMMY_CERT[]
static
Initial value:
=
"Bv0CqQclCAVkdW1teQgDS0VZCAgtnChyuKo7YAgCTkEICf0AAAFe3zzGfBQJGAEC"
"GQQANu6AFf0BJjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJSa1j6"
"JAzobrmtlUdJi38EWQZOigLykf9psImvIu7pa29Q3apBXENcV1E9687FmfY85Ec3"
"/onMtN7WG/wiuKiu/9eOr5WslD3VGDgxhesx80ygP0GNsN8FzsMl0lRKduXx3wG4"
"MCT8CX7uA4n4JbHY+0QaKUEEMRCiXcRAtF+yKfr+GaVeSemg+i/LR+6CSgpOyH0K"
"ogH9nlNhBn1Hxyc8X+B/nEu6P6NNEKkSnhT1jAbWtT1eL3BPGK/HNY19w9k2Ln6/"
"OYlhaHfB4m0oR/ePcUguQBwTgYS+40YQYUPivBsSQv3X2/7+gGLhIzA4YppwOooK"
"RGhbmL8zF2evmJ8CAwEAARZHGwEBHBgHFggFZHVtbXkIA0tFWQgILZwocriqO2D9"
"AP0m/QD+DzIwMTcxMDAyVDIyMzczNv0A/w8yMDE4MTAwMlQyMjM3MzUX/QEAMBUV"
"O51BEQwxp646i7IuHkuc1C/LISnOP2+wBFF2Ea1ht9MKjKkyJdmB1/GAOiR3njKd"
"UgRjBlownL11EwYDxkPY39RR05TmhF6PkpP81Ro/Vzv7rtSi/dxFIZXCiyuKPRUx"
"E0pZelPWVs3zMfqQ+8rWG89Kqs1vM0dglLBzlX9Lbim71TyLmaJaMmmBKv8+eQ22"
"CN71sRZOovl1kKcTHpOm61nD3C1n9GRflFtaMAXE/XU4zMJVzBv6XwQl6PCIc9H2"
"vjLa28ruVjhMGxqCGhziTC2eR56SUixrnEcbOKT0R+8+0AFnZIjdYglOZPcVwTVB"
"G6OxECJOuSoREcd1Ww==;"

Definition at line 30 of file dummy-keychain.cpp.

Referenced by ndn::security::DummyPib::getCertificate(), ndn::security::DummyPib::getDefaultCertificateOfKey(), and ndn::security::DummyPib::getKeyBits().

◆ DUMMY_SIGNATURE

const uint8_t ndn::security::DUMMY_SIGNATURE[]
static
Initial value:
=
{0x17, 0xfd, 0x01, 0x00, 0x93, 0x15, 0x09, 0x49, 0x79, 0x9e, 0xb7, 0x9c, 0xd3, 0xc1, 0xbf, 0x61,
0x89, 0xd5, 0xd9, 0xca, 0xf2, 0xb0, 0x14, 0xae, 0x72, 0x7c, 0x1f, 0x8f, 0xf5, 0xb1, 0x70, 0xd6,
0x9b, 0x8f, 0xf8, 0xd7, 0x2d, 0xbc, 0x92, 0x6f, 0x7d, 0x77, 0x96, 0x46, 0xea, 0xd4, 0x7d, 0x90,
0xbc, 0x7a, 0xeb, 0xe2, 0x03, 0x93, 0xb1, 0xd2, 0x62, 0xec, 0x9d, 0xff, 0x9c, 0x9c, 0x2a, 0x14,
0x7d, 0x23, 0xca, 0x29, 0x3d, 0x15, 0x1a, 0x40, 0x42, 0x2c, 0x59, 0x33, 0x8a, 0xf7, 0xc0, 0x6b,
0xc4, 0x9c, 0xf3, 0xc4, 0x99, 0xa4, 0x1a, 0x60, 0xf5, 0x28, 0x7d, 0x4c, 0xef, 0x43, 0x7d, 0xbd,
0x7d, 0x00, 0x51, 0xee, 0x41, 0xf5, 0x25, 0x80, 0xce, 0xe6, 0x64, 0x4f, 0x75, 0x54, 0xf3, 0xb2,
0x99, 0x9a, 0x0f, 0x93, 0x9a, 0x28, 0x1d, 0xfe, 0x12, 0x8a, 0xe0, 0xc1, 0x02, 0xeb, 0xa4, 0x35,
0x52, 0x88, 0xac, 0x44, 0x1a, 0x44, 0x82, 0x97, 0x4f, 0x5f, 0xa8, 0xd8, 0x9f, 0x67, 0x38, 0xa8,
0x64, 0xb6, 0x62, 0x99, 0xbd, 0x96, 0x3c, 0xf5, 0x86, 0x09, 0x5c, 0x97, 0x6b, 0x8f, 0xae, 0xe0,
0x60, 0xe7, 0x23, 0x98, 0x6a, 0xee, 0xc1, 0xb0, 0x14, 0xbe, 0x46, 0x2c, 0xfb, 0xa7, 0x27, 0x73,
0xe4, 0xf3, 0x26, 0x33, 0xba, 0x99, 0xd4, 0x01, 0x38, 0xa8, 0xf2, 0x9e, 0x87, 0xe0, 0x71, 0x0b,
0x25, 0x44, 0x07, 0x35, 0x88, 0xab, 0x67, 0x27, 0x56, 0x0e, 0xb5, 0xb5, 0xe8, 0x27, 0xb4, 0x49,
0xdc, 0xb8, 0x48, 0x31, 0xff, 0x99, 0x48, 0xab, 0x11, 0xb4, 0xa0, 0xdf, 0x8a, 0x6d, 0xff, 0x43,
0x69, 0x32, 0xa7, 0xbc, 0x63, 0x9d, 0x0f, 0xe0, 0x95, 0x34, 0x36, 0x25, 0x4b, 0x3e, 0x36, 0xbd,
0x81, 0x91, 0x0b, 0x91, 0x9f, 0x3a, 0x04, 0xa2, 0x44, 0x28, 0x19, 0xa1, 0x38, 0x21, 0x4f, 0x25,
0x59, 0x8a, 0x48, 0xc2}

Definition at line 47 of file dummy-keychain.cpp.

◆ WireEncodable< SafeBag >

ndn::security::WireEncodable< SafeBag >

Definition at line 32 of file safe-bag.cpp.

◆ WireDecodable< SafeBag >

ndn::security::WireDecodable< SafeBag >

Definition at line 33 of file safe-bag.cpp.

◆ WireEncodable< ValidityPeriod >

ndn::security::WireEncodable< ValidityPeriod >

Definition at line 30 of file validity-period.cpp.

◆ WireEncodableWithEncodingBuffer< ValidityPeriod >

ndn::security::WireEncodableWithEncodingBuffer< ValidityPeriod >

Definition at line 31 of file validity-period.cpp.

◆ WireDecodable< ValidityPeriod >

ndn::security::WireDecodable< ValidityPeriod >

Definition at line 32 of file validity-period.cpp.

◆ ISO_DATETIME_SIZE

const size_t ndn::security::ISO_DATETIME_SIZE = 15
static

Definition at line 36 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().

◆ NOT_BEFORE_OFFSET

const size_t ndn::security::NOT_BEFORE_OFFSET = 0
static

Definition at line 37 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().

◆ NOT_AFTER_OFFSET

const size_t ndn::security::NOT_AFTER_OFFSET = 1
static

Definition at line 38 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().