Storage for trusted anchors, verified certificate cache, and unverified certificate cache. More...
#include <certificate-storage.hpp>
Public Member Functions | |
CertificateStorage () | |
const Certificate * | findTrustedCert (const Interest &interestForCert) const |
Find a trusted certificate in trust anchor container or in verified cache. More... | |
bool | isCertKnown (const Name &certPrefix) const |
Check if certificate exists in verified, unverified cache, or in the set of trust anchors. More... | |
void | cacheUnverifiedCert (Certificate &&cert) |
Cache unverified certificate for a period of time (5 minutes) More... | |
const TrustAnchorContainer & | getTrustAnchors () const |
const CertificateCache & | getVerifiedCertCache () const |
const CertificateCache & | getUnverifiedCertCache () const |
Protected Member Functions | |
void | loadAnchor (const std::string &groupId, Certificate &&cert) |
load static trust anchor. More... | |
void | loadAnchor (const std::string &groupId, const std::string &certfilePath, time::nanoseconds refreshPeriod, bool isDir=false) |
load dynamic trust anchors. More... | |
void | resetAnchors () |
remove any previously loaded static or dynamic trust anchor More... | |
void | cacheVerifiedCert (Certificate &&cert) |
Cache verified certificate a period of time (1 hour) More... | |
void | resetVerifiedCerts () |
Remove any cached verified certificates. More... | |
Protected Attributes | |
TrustAnchorContainer | m_trustAnchors |
CertificateCache | m_verifiedCertCache |
CertificateCache | m_unverifiedCertCache |
Storage for trusted anchors, verified certificate cache, and unverified certificate cache.
Definition at line 36 of file certificate-storage.hpp.
ndn::security::v2::CertificateStorage::CertificateStorage | ( | ) |
Definition at line 28 of file certificate-storage.cpp.
const Certificate * ndn::security::v2::CertificateStorage::findTrustedCert | ( | const Interest & | interestForCert | ) | const |
Find a trusted certificate in trust anchor container or in verified cache.
interestForCert | Interest for certificate |
Definition at line 35 of file certificate-storage.cpp.
References ndn::security::v2::CertificateCache::find(), ndn::security::v2::TrustAnchorContainer::find(), m_trustAnchors, and m_verifiedCertCache.
bool ndn::security::v2::CertificateStorage::isCertKnown | ( | const Name & | certPrefix | ) | const |
Check if certificate exists in verified, unverified cache, or in the set of trust anchors.
Definition at line 47 of file certificate-storage.cpp.
References ndn::security::v2::CertificateCache::find(), ndn::security::v2::TrustAnchorContainer::find(), m_trustAnchors, m_unverifiedCertCache, and m_verifiedCertCache.
void ndn::security::v2::CertificateStorage::cacheUnverifiedCert | ( | Certificate && | cert | ) |
Cache unverified certificate for a period of time (5 minutes)
cert | The certificate packet |
Definition at line 86 of file certificate-storage.cpp.
References ndn::security::v2::CertificateCache::insert(), m_unverifiedCertCache, and nonstd::optional_lite::std11::move().
Referenced by ndn::security::v2::CertificateFetcher::fetch().
const TrustAnchorContainer & ndn::security::v2::CertificateStorage::getTrustAnchors | ( | ) | const |
Definition at line 92 of file certificate-storage.cpp.
References m_trustAnchors.
const CertificateCache & ndn::security::v2::CertificateStorage::getVerifiedCertCache | ( | ) | const |
Definition at line 98 of file certificate-storage.cpp.
References m_verifiedCertCache.
const CertificateCache & ndn::security::v2::CertificateStorage::getUnverifiedCertCache | ( | ) | const |
Definition at line 104 of file certificate-storage.cpp.
References m_unverifiedCertCache.
Referenced by ndn::security::v2::CertificateFetcher::fetch().
|
protected |
load static trust anchor.
Static trust anchors are permanently associated with the validator and never expire.
groupId | Certificate group id. |
cert | Certificate to load as a trust anchor. |
Definition at line 55 of file certificate-storage.cpp.
References ndn::security::v2::TrustAnchorContainer::insert(), m_trustAnchors, and nonstd::optional_lite::std11::move().
Referenced by ndn::security::v2::Validator::loadAnchor().
|
protected |
load dynamic trust anchors.
Dynamic trust anchors are associated with the validator for as long as the underlying trust anchor file (set of files) exist(s).
groupId | Certificate group id, must not be empty. |
certfilePath | Specifies the path to load the trust anchors. |
refreshPeriod | Refresh period for the trust anchors, must be positive. |
isDir | Tells whether the path is a directory or a single file. |
Definition at line 61 of file certificate-storage.cpp.
References ndn::security::v2::TrustAnchorContainer::insert(), and m_trustAnchors.
|
protected |
remove any previously loaded static or dynamic trust anchor
Definition at line 68 of file certificate-storage.cpp.
References ndn::security::v2::TrustAnchorContainer::clear(), and m_trustAnchors.
Referenced by ndn::security::v2::Validator::resetAnchors().
|
protected |
Cache verified certificate a period of time (1 hour)
cert | The certificate packet |
Definition at line 74 of file certificate-storage.cpp.
References ndn::security::v2::CertificateCache::insert(), m_verifiedCertCache, and nonstd::optional_lite::std11::move().
Referenced by ndn::security::v2::Validator::cacheVerifiedCertificate().
|
protected |
Remove any cached verified certificates.
Definition at line 80 of file certificate-storage.cpp.
References ndn::security::v2::CertificateCache::clear(), and m_verifiedCertCache.
Referenced by ndn::security::v2::Validator::resetVerifiedCertificates().
|
protected |
Definition at line 134 of file certificate-storage.hpp.
Referenced by findTrustedCert(), getTrustAnchors(), isCertKnown(), loadAnchor(), and resetAnchors().
|
protected |
Definition at line 135 of file certificate-storage.hpp.
Referenced by cacheVerifiedCert(), findTrustedCert(), getVerifiedCertCache(), isCertKnown(), and resetVerifiedCerts().
|
protected |
Definition at line 136 of file certificate-storage.hpp.
Referenced by cacheUnverifiedCert(), getUnverifiedCertCache(), and isCertKnown().