NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::v2::CertificateStorage Class Reference

Storage for trusted anchors, verified certificate cache, and unverified certificate cache. More...

#include <certificate-storage.hpp>

Inheritance diagram for ndn::security::v2::CertificateStorage:
Collaboration diagram for ndn::security::v2::CertificateStorage:

Public Member Functions

 CertificateStorage ()
 
const CertificatefindTrustedCert (const Interest &interestForCert) const
 Find a trusted certificate in trust anchor container or in verified cache. More...
 
bool isCertKnown (const Name &certPrefix) const
 Check if certificate exists in verified, unverified cache, or in the set of trust anchors. More...
 
void cacheUnverifiedCert (Certificate &&cert)
 Cache unverified certificate for a period of time (5 minutes) More...
 
const TrustAnchorContainergetTrustAnchors () const
 
const CertificateCachegetVerifiedCertCache () const
 
const CertificateCachegetUnverifiedCertCache () const
 

Protected Member Functions

void loadAnchor (const std::string &groupId, Certificate &&cert)
 load static trust anchor. More...
 
void loadAnchor (const std::string &groupId, const std::string &certfilePath, time::nanoseconds refreshPeriod, bool isDir=false)
 load dynamic trust anchors. More...
 
void resetAnchors ()
 remove any previously loaded static or dynamic trust anchor More...
 
void cacheVerifiedCert (Certificate &&cert)
 Cache verified certificate a period of time (1 hour) More...
 
void resetVerifiedCerts ()
 Remove any cached verified certificates. More...
 

Protected Attributes

TrustAnchorContainer m_trustAnchors
 
CertificateCache m_verifiedCertCache
 
CertificateCache m_unverifiedCertCache
 

Detailed Description

Storage for trusted anchors, verified certificate cache, and unverified certificate cache.

Definition at line 36 of file certificate-storage.hpp.

Constructor & Destructor Documentation

◆ CertificateStorage()

ndn::security::v2::CertificateStorage::CertificateStorage ( )

Definition at line 28 of file certificate-storage.cpp.

Member Function Documentation

◆ findTrustedCert()

const Certificate * ndn::security::v2::CertificateStorage::findTrustedCert ( const Interest interestForCert) const

Find a trusted certificate in trust anchor container or in verified cache.

Parameters
interestForCertInterest for certificate
Returns
found certificate, nullptr if not found.
Note
The returned pointer may get invalidated after next findTrustedCert or findCert calls.

Definition at line 35 of file certificate-storage.cpp.

References ndn::security::v2::CertificateCache::find(), ndn::security::v2::TrustAnchorContainer::find(), m_trustAnchors, and m_verifiedCertCache.

◆ isCertKnown()

bool ndn::security::v2::CertificateStorage::isCertKnown ( const Name certPrefix) const

Check if certificate exists in verified, unverified cache, or in the set of trust anchors.

Definition at line 47 of file certificate-storage.cpp.

References ndn::security::v2::CertificateCache::find(), ndn::security::v2::TrustAnchorContainer::find(), m_trustAnchors, m_unverifiedCertCache, and m_verifiedCertCache.

◆ cacheUnverifiedCert()

void ndn::security::v2::CertificateStorage::cacheUnverifiedCert ( Certificate &&  cert)

Cache unverified certificate for a period of time (5 minutes)

Parameters
certThe certificate packet
Todo:
Add ability to customize time period

Definition at line 86 of file certificate-storage.cpp.

References ndn::security::v2::CertificateCache::insert(), m_unverifiedCertCache, and nonstd::optional_lite::std11::move().

Referenced by ndn::security::v2::CertificateFetcher::fetch().

◆ getTrustAnchors()

const TrustAnchorContainer & ndn::security::v2::CertificateStorage::getTrustAnchors ( ) const
Returns
Trust anchor container

Definition at line 92 of file certificate-storage.cpp.

References m_trustAnchors.

◆ getVerifiedCertCache()

const CertificateCache & ndn::security::v2::CertificateStorage::getVerifiedCertCache ( ) const
Returns
Verified certificate cache

Definition at line 98 of file certificate-storage.cpp.

References m_verifiedCertCache.

◆ getUnverifiedCertCache()

const CertificateCache & ndn::security::v2::CertificateStorage::getUnverifiedCertCache ( ) const
Returns
Unverified certificate cache

Definition at line 104 of file certificate-storage.cpp.

References m_unverifiedCertCache.

Referenced by ndn::security::v2::CertificateFetcher::fetch().

◆ loadAnchor() [1/2]

void ndn::security::v2::CertificateStorage::loadAnchor ( const std::string &  groupId,
Certificate &&  cert 
)
protected

load static trust anchor.

Static trust anchors are permanently associated with the validator and never expire.

Parameters
groupIdCertificate group id.
certCertificate to load as a trust anchor.

Definition at line 55 of file certificate-storage.cpp.

References ndn::security::v2::TrustAnchorContainer::insert(), m_trustAnchors, and nonstd::optional_lite::std11::move().

Referenced by ndn::security::v2::Validator::loadAnchor().

◆ loadAnchor() [2/2]

void ndn::security::v2::CertificateStorage::loadAnchor ( const std::string &  groupId,
const std::string &  certfilePath,
time::nanoseconds  refreshPeriod,
bool  isDir = false 
)
protected

load dynamic trust anchors.

Dynamic trust anchors are associated with the validator for as long as the underlying trust anchor file (set of files) exist(s).

Parameters
groupIdCertificate group id, must not be empty.
certfilePathSpecifies the path to load the trust anchors.
refreshPeriodRefresh period for the trust anchors, must be positive.
isDirTells whether the path is a directory or a single file.

Definition at line 61 of file certificate-storage.cpp.

References ndn::security::v2::TrustAnchorContainer::insert(), and m_trustAnchors.

◆ resetAnchors()

void ndn::security::v2::CertificateStorage::resetAnchors ( )
protected

remove any previously loaded static or dynamic trust anchor

Definition at line 68 of file certificate-storage.cpp.

References ndn::security::v2::TrustAnchorContainer::clear(), and m_trustAnchors.

Referenced by ndn::security::v2::Validator::resetAnchors().

◆ cacheVerifiedCert()

void ndn::security::v2::CertificateStorage::cacheVerifiedCert ( Certificate &&  cert)
protected

Cache verified certificate a period of time (1 hour)

Parameters
certThe certificate packet
Todo:
Add ability to customize time period

Definition at line 74 of file certificate-storage.cpp.

References ndn::security::v2::CertificateCache::insert(), m_verifiedCertCache, and nonstd::optional_lite::std11::move().

Referenced by ndn::security::v2::Validator::cacheVerifiedCertificate().

◆ resetVerifiedCerts()

void ndn::security::v2::CertificateStorage::resetVerifiedCerts ( )
protected

Remove any cached verified certificates.

Definition at line 80 of file certificate-storage.cpp.

References ndn::security::v2::CertificateCache::clear(), and m_verifiedCertCache.

Referenced by ndn::security::v2::Validator::resetVerifiedCertificates().

Member Data Documentation

◆ m_trustAnchors

TrustAnchorContainer ndn::security::v2::CertificateStorage::m_trustAnchors
protected

◆ m_verifiedCertCache

CertificateCache ndn::security::v2::CertificateStorage::m_verifiedCertCache
protected

◆ m_unverifiedCertCache

CertificateCache ndn::security::v2::CertificateStorage::m_unverifiedCertCache
protected

The documentation for this class was generated from the following files: