NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks 		API Documentation
certificate-storage.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2018 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #include "ndn-cxx/security/v2/certificate-storage.hpp"
23 
24 namespace ndn {
25 namespace security {
26 namespace v2 {
27 
28 CertificateStorage::CertificateStorage()
29  : m_verifiedCertCache(1_h)
30  , m_unverifiedCertCache(5_min)
31 {
32 }
33 
34 const Certificate*
35 CertificateStorage::findTrustedCert(const Interest& interestForCert) const
36 {
37  auto cert = m_trustAnchors.find(interestForCert);
38  if (cert != nullptr) {
39  return cert;
40  }
41 
42  cert = m_verifiedCertCache.find(interestForCert);
43  return cert;
44 }
45 
46 bool
47 CertificateStorage::isCertKnown(const Name& certName) const
48 {
49  return (m_trustAnchors.find(certName) != nullptr ||
50  m_verifiedCertCache.find(certName) != nullptr ||
51  m_unverifiedCertCache.find(certName) != nullptr);
52 }
53 
54 void
55 CertificateStorage::loadAnchor(const std::string& groupId, Certificate&& cert)
56 {
57  m_trustAnchors.insert(groupId, std::move(cert));
58 }
59 
60 void
61 CertificateStorage::loadAnchor(const std::string& groupId, const std::string& certfilePath,
62  time::nanoseconds refreshPeriod, bool isDir)
63 {
64  m_trustAnchors.insert(groupId, certfilePath, refreshPeriod, isDir);
65 }
66 
67 void
68 CertificateStorage::resetAnchors()
69 {
70  m_trustAnchors.clear();
71 }
72 
73 void
74 CertificateStorage::cacheVerifiedCert(Certificate&& cert)
75 {
76  m_verifiedCertCache.insert(std::move(cert));
77 }
78 
79 void
80 CertificateStorage::resetVerifiedCerts()
81 {
82  m_verifiedCertCache.clear();
83 }
84 
85 void
86 CertificateStorage::cacheUnverifiedCert(Certificate&& cert)
87 {
88  m_unverifiedCertCache.insert(std::move(cert));
89 }
90 
91 const TrustAnchorContainer&
92 CertificateStorage::getTrustAnchors() const
93 {
94  return m_trustAnchors;
95 }
96 
97 const CertificateCache&
98 CertificateStorage::getVerifiedCertCache() const
99 {
100  return m_verifiedCertCache;
101 }
102 
103 const CertificateCache&
104 CertificateStorage::getUnverifiedCertCache() const
105 {
106  return m_unverifiedCertCache;
107 }
108 
109 } // namespace v2
110 } // namespace security
111 } // namespace ndn
ndn::security::v2::CertificateStorage::m_trustAnchors
TrustAnchorContainer m_trustAnchors
Definition: certificate-storage.hpp:134
ndn::security::v2::CertificateStorage::cacheUnverifiedCert
void cacheUnverifiedCert(Certificate &&cert)
Cache unverified certificate for a period of time (5 minutes)
Definition: certificate-storage.cpp:86
ndn::security::v2::CertificateStorage::CertificateStorage
CertificateStorage()
Definition: certificate-storage.cpp:28
certificate-storage.hpp
ndn::security::v2::CertificateStorage::resetVerifiedCerts
void resetVerifiedCerts()
Remove any cached verified certificates.
Definition: certificate-storage.cpp:80
nonstd::optional_lite::std11::move
T & move(T &t)
Definition: optional.hpp:421
ndn::security::v2::CertificateStorage::m_unverifiedCertCache
CertificateCache m_unverifiedCertCache
Definition: certificate-storage.hpp:136
ndn::security::v2::CertificateCache::clear
void clear()
Remove all certificates from cache.
Definition: certificate-cache.cpp:61
ndn::security::v2::CertificateStorage::m_verifiedCertCache
CertificateCache m_verifiedCertCache
Definition: certificate-storage.hpp:135
ndn::security::v2::CertificateCache
Represents a container for verified certificates.
Definition: certificate-cache.hpp:44
ndn::security::v2::CertificateCache::insert
void insert(const Certificate &cert)
Insert certificate into cache.
Definition: certificate-cache.cpp:45
ndn::Name
Represents an absolute name.
Definition: name.hpp:44
ndn::security::v2::Certificate
The certificate following the certificate format naming convention.
Definition: certificate.hpp:82
ndn::security::v2::TrustAnchorContainer::find
const Certificate * find(const Name &keyName) const
Search for certificate across all groups (longest prefix match)
Definition: trust-anchor-container.cpp:81
ndn::security::v2::CertificateStorage::getTrustAnchors
const TrustAnchorContainer & getTrustAnchors() const
Definition: certificate-storage.cpp:92
ndn::Interest
Represents an Interest packet.
Definition: interest.hpp:44
ndn::security::v2::CertificateStorage::isCertKnown
bool isCertKnown(const Name &certPrefix) const
Check if certificate exists in verified, unverified cache, or in the set of trust anchors.
Definition: certificate-storage.cpp:47
ndn::security::v2::CertificateStorage::loadAnchor
void loadAnchor(const std::string &groupId, Certificate &&cert)
load static trust anchor.
Definition: certificate-storage.cpp:55
ndn::security::v2::CertificateStorage::resetAnchors
void resetAnchors()
remove any previously loaded static or dynamic trust anchor
Definition: certificate-storage.cpp:68
ndn::security::v2::TrustAnchorContainer
represents a container for trust anchors.
Definition: trust-anchor-container.hpp:56
ndn::security::v2::CertificateStorage::cacheVerifiedCert
void cacheVerifiedCert(Certificate &&cert)
Cache verified certificate a period of time (1 hour)
Definition: certificate-storage.cpp:74
ndn::security::v2::CertificateCache::find
const Certificate * find(const Name &certPrefix) const
Get certificate given key name.
Definition: certificate-cache.cpp:67
ndn::security::v2::CertificateStorage::getUnverifiedCertCache
const CertificateCache & getUnverifiedCertCache() const
Definition: certificate-storage.cpp:104
ndn::security::v2::CertificateStorage::findTrustedCert
const Certificate * findTrustedCert(const Interest &interestForCert) const
Find a trusted certificate in trust anchor container or in verified cache.
Definition: certificate-storage.cpp:35
ndn::security::v2::CertificateStorage::getVerifiedCertCache
const CertificateCache & getVerifiedCertCache() const
Definition: certificate-storage.cpp:98
ndn::security::v2::TrustAnchorContainer::insert
void insert(const std::string &groupId, Certificate &&cert)
Insert a static trust anchor.
Definition: trust-anchor-container.cpp:49
ndn
Copyright (c) 2011-2015 Regents of the University of California.
Definition: ndn-strategy-choice-helper.hpp:34
ndn::security::v2::TrustAnchorContainer::clear
void clear()
Remove all static or dynamic anchors.
Definition: trust-anchor-container.cpp:74