NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security Namespace Reference

Namespaces

 detail
 
 pib
 
 tpm
 
 transform
 
 v2
 

Classes

class  CommandInterestPreparer
 Helper class to prepare command interest name. More...
 
class  CommandInterestSigner
 Helper class to create command interests. More...
 
class  DummyPib
 
class  DummyTpm
 
class  SafeBag
 a secured container for sensitive information(certificate, private key) More...
 
class  SigningInfo
 Signing parameters passed to KeyChain. More...
 
class  ValidatorConfig
 Helper for validator that uses CommandInterest + Config policy and NetworkFetcher. More...
 
class  ValidityPeriod
 Abstraction of validity period. More...
 

Functions

 NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND (DummyPib)
 
 NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND (DummyTpm)
 
 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (SafeBag)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (SafeBag)
 
SigningInfo signingByIdentity (const Name &identityName)
 
SigningInfo signingByIdentity (const Identity &identity)
 
SigningInfo signingByKey (const Name &keyName)
 
SigningInfo signingByKey (const Key &key)
 
SigningInfo signingByCertificate (const Name &certName)
 
SigningInfo signingByCertificate (const v2::Certificate &cert)
 
SigningInfo signingWithSha256 ()
 
std::ostream & operator<< (std::ostream &os, const SigningInfo &si)
 
 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (ValidityPeriod)
 
std::ostream & operator<< (std::ostream &os, const ValidityPeriod &period)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (ValidityPeriod)
 
bool verifySignature (const uint8_t *blob, size_t blobLen, const uint8_t *sig, size_t sigLen, const transform::PublicKey &key)
 Verify blob using key against sig. More...
 
bool verifySignature (const uint8_t *blob, size_t blobLen, const uint8_t *sig, size_t sigLen, const uint8_t *key, size_t keyLen)
 Verify blob using key against sig. More...
 
static ParseResult parse (const Data &data)
 
static ParseResult parse (const Interest &interest)
 
static bool verifySignature (ParseResult params, const transform::PublicKey &key)
 
static bool verifySignature (ParseResult params, const tpm::Tpm &tpm, const Name &keyName, DigestAlgorithm digestAlgorithm)
 
static bool verifySignature (ParseResult params, const uint8_t *key, size_t keyLen)
 
bool verifySignature (const Data &data, const transform::PublicKey &key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const transform::PublicKey &key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const pib::Key &key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const pib::Key &key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const uint8_t *key, size_t keyLen)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const uint8_t *key, size_t keyLen)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const v2::Certificate &cert)
 Verify data using cert. More...
 
bool verifySignature (const Interest &interest, const v2::Certificate &cert)
 Verify interest using cert. More...
 
bool verifySignature (const Data &data, const tpm::Tpm &tpm, const Name &keyName, DigestAlgorithm digestAlgorithm)
 Verify data using tpm and keyName with the digestAlgorithm. More...
 
bool verifySignature (const Interest &interest, const tpm::Tpm &tpm, const Name &keyName, DigestAlgorithm digestAlgorithm)
 Verify interest using tpm and keyName with the digestAlgorithm. More...
 
bool verifyDigest (const uint8_t *blob, size_t blobLen, const uint8_t *digest, size_t digestLen, DigestAlgorithm algorithm)
 Verify blob against digest using algorithm. More...
 
bool verifyDigest (const Data &data, DigestAlgorithm algorithm)
 Verify data against digest algorithm. More...
 
bool verifyDigest (const Interest &interest, DigestAlgorithm algorithm)
 Verify interest against digest algorithm. More...
 

Variables

static const uint8_t DUMMY_CERT []
 
static const uint8_t DUMMY_SIGNATURE []
 
 WireEncodable< SafeBag >
 
 WireDecodable< SafeBag >
 
 WireEncodable< ValidityPeriod >
 
 WireEncodableWithEncodingBuffer< ValidityPeriod >
 
 WireDecodable< ValidityPeriod >
 
static const size_t ISO_DATETIME_SIZE = 15
 
static const size_t NOT_BEFORE_OFFSET = 0
 
static const size_t NOT_AFTER_OFFSET = 1
 

Function Documentation

◆ NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND()

ndn::security::NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND ( DummyPib  )

◆ NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND()

ndn::security::NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND ( DummyTpm  )

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS() [1/2]

ndn::security::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( SafeBag  )

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS() [1/2]

ndn::security::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( SafeBag  )

◆ signingByIdentity() [1/2]

SigningInfo ndn::security::signingByIdentity ( const Name identityName)
Returns
a SigningInfo for signing with an identity

Definition at line 28 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_ID.

Referenced by nfd::rib::HostToGatewayReadvertisePolicy::handleNewRoute().

◆ signingByIdentity() [2/2]

SigningInfo ndn::security::signingByIdentity ( const Identity identity)
Returns
a SigningInfo for signing with an identity

Definition at line 34 of file signing-helpers.cpp.

◆ signingByKey() [1/2]

SigningInfo ndn::security::signingByKey ( const Name keyName)
Returns
a SigningInfo for signing with a key

Definition at line 40 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_KEY.

◆ signingByKey() [2/2]

SigningInfo ndn::security::signingByKey ( const Key key)
Returns
a SigningInfo for signing with a key

Definition at line 46 of file signing-helpers.cpp.

◆ signingByCertificate() [1/2]

SigningInfo ndn::security::signingByCertificate ( const Name certName)
Returns
a SigningInfo for signing with a certificate

Definition at line 52 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_CERT.

◆ signingByCertificate() [2/2]

SigningInfo ndn::security::signingByCertificate ( const v2::Certificate cert)
Returns
a SigningInfo for signing with a certificate

Definition at line 58 of file signing-helpers.cpp.

References ndn::Data::getName(), and ndn::security::SigningInfo::SIGNER_TYPE_CERT.

◆ signingWithSha256()

SigningInfo ndn::security::signingWithSha256 ( )
Returns
a SigningInfo for signing with Sha256

Definition at line 64 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_SHA256.

◆ operator<<() [1/2]

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS() [2/2]

ndn::security::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( ValidityPeriod  )

◆ operator<<() [2/2]

std::ostream & ndn::security::operator<< ( std::ostream &  os,
const ValidityPeriod period 
)

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS() [2/2]

ndn::security::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( ValidityPeriod  )

◆ verifySignature() [1/15]

bool ndn::security::verifySignature ( const uint8_t *  blob,
size_t  blobLen,
const uint8_t *  sig,
size_t  sigLen,
const transform::PublicKey key 
)

Verify blob using key against sig.

Definition at line 56 of file verification-helpers.cpp.

References ndn::security::transform::boolSink(), ndn::SHA256, sig, sigLen, and ndn::security::transform::verifierFilter().

Referenced by verifySignature().

◆ verifySignature() [2/15]

bool ndn::security::verifySignature ( const uint8_t *  blob,
size_t  blobLen,
const uint8_t *  sig,
size_t  sigLen,
const uint8_t *  key,
size_t  keyLen 
)

Verify blob using key against sig.

Note
key must be a public key in PKCS #8 format.

Definition at line 72 of file verification-helpers.cpp.

References ndn::security::transform::PublicKey::loadPkcs8(), sig, sigLen, and verifySignature().

◆ parse() [1/2]

static ParseResult ndn::security::parse ( const Data data)
static

◆ parse() [2/2]

◆ verifySignature() [3/15]

static bool ndn::security::verifySignature ( ParseResult  params,
const transform::PublicKey key 
)
static

Definition at line 123 of file verification-helpers.cpp.

References verifySignature().

◆ verifySignature() [4/15]

static bool ndn::security::verifySignature ( ParseResult  params,
const tpm::Tpm tpm,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)
static

Definition at line 130 of file verification-helpers.cpp.

References ndn::security::tpm::Tpm::verify().

◆ verifySignature() [5/15]

static bool ndn::security::verifySignature ( ParseResult  params,
const uint8_t *  key,
size_t  keyLen 
)
static

Definition at line 138 of file verification-helpers.cpp.

References verifySignature().

◆ verifySignature() [6/15]

bool ndn::security::verifySignature ( const Data data,
const transform::PublicKey key 
)

Verify data using key.

Definition at line 145 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [7/15]

bool ndn::security::verifySignature ( const Interest interest,
const transform::PublicKey key 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest.
See also
docs/specs/signed-interest.rst

Definition at line 151 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [8/15]

bool ndn::security::verifySignature ( const Data data,
const pib::Key key 
)

Verify data using key.

Definition at line 157 of file verification-helpers.cpp.

References ndn::security::pib::Key::getPublicKey(), parse(), and verifySignature().

◆ verifySignature() [9/15]

bool ndn::security::verifySignature ( const Interest interest,
const pib::Key key 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest.
See also
docs/specs/signed-interest.rst

Definition at line 163 of file verification-helpers.cpp.

References ndn::security::pib::Key::getPublicKey(), parse(), and verifySignature().

◆ verifySignature() [10/15]

bool ndn::security::verifySignature ( const Data data,
const uint8_t *  key,
size_t  keyLen 
)

Verify data using key.

Note
key must be a public key in PKCS #8 format.

Definition at line 169 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [11/15]

bool ndn::security::verifySignature ( const Interest interest,
const uint8_t *  key,
size_t  keyLen 
)

Verify interest using key.

Note
key must be a public key in PKCS #8 format.
This method verifies only signature of the signed interest.
See also
docs/specs/signed-interest.rst

Definition at line 175 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [12/15]

bool ndn::security::verifySignature ( const Data data,
const v2::Certificate cert 
)

Verify data using cert.

Definition at line 181 of file verification-helpers.cpp.

References ndn::Data::getContent(), parse(), ndn::Block::value(), ndn::Block::value_size(), and verifySignature().

◆ verifySignature() [13/15]

bool ndn::security::verifySignature ( const Interest interest,
const v2::Certificate cert 
)

Verify interest using cert.

Note
This method verifies only signature of the signed interest.
See also
docs/specs/signed-interest.rst

Definition at line 187 of file verification-helpers.cpp.

References ndn::Data::getContent(), parse(), ndn::Block::value(), ndn::Block::value_size(), and verifySignature().

◆ verifySignature() [14/15]

bool ndn::security::verifySignature ( const Data data,
const tpm::Tpm tpm,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)

Verify data using tpm and keyName with the digestAlgorithm.

Definition at line 193 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [15/15]

bool ndn::security::verifySignature ( const Interest interest,
const tpm::Tpm tpm,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)

Verify interest using tpm and keyName with the digestAlgorithm.

Note
This method verifies only signature of the signed interest.
See also
docs/specs/signed-interest.rst

Definition at line 200 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifyDigest() [1/3]

bool ndn::security::verifyDigest ( const uint8_t *  blob,
size_t  blobLen,
const uint8_t *  digest,
size_t  digestLen,
DigestAlgorithm  algorithm 
)

Verify blob against digest using algorithm.

Definition at line 209 of file verification-helpers.cpp.

References ndn::OBufferStream::buf(), ndn::security::transform::digestFilter(), and ndn::security::transform::streamSink().

Referenced by verifyDigest().

◆ verifyDigest() [2/3]

bool ndn::security::verifyDigest ( const Data data,
DigestAlgorithm  algorithm 
)

Verify data against digest algorithm.

Definition at line 231 of file verification-helpers.cpp.

References parse(), and verifyDigest().

◆ verifyDigest() [3/3]

bool ndn::security::verifyDigest ( const Interest interest,
DigestAlgorithm  algorithm 
)

Verify interest against digest algorithm.

Note
This method verifies only signature of the signed interest.
See also
docs/specs/signed-interest.rst

Definition at line 239 of file verification-helpers.cpp.

References parse(), and verifyDigest().

Variable Documentation

◆ DUMMY_CERT

const uint8_t ndn::security::DUMMY_CERT[]
static
Initial value:
=
"Bv0CqQclCAVkdW1teQgDS0VZCAgtnChyuKo7YAgCTkEICf0AAAFe3zzGfBQJGAEC"
"GQQANu6AFf0BJjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJSa1j6"
"JAzobrmtlUdJi38EWQZOigLykf9psImvIu7pa29Q3apBXENcV1E9687FmfY85Ec3"
"/onMtN7WG/wiuKiu/9eOr5WslD3VGDgxhesx80ygP0GNsN8FzsMl0lRKduXx3wG4"
"MCT8CX7uA4n4JbHY+0QaKUEEMRCiXcRAtF+yKfr+GaVeSemg+i/LR+6CSgpOyH0K"
"ogH9nlNhBn1Hxyc8X+B/nEu6P6NNEKkSnhT1jAbWtT1eL3BPGK/HNY19w9k2Ln6/"
"OYlhaHfB4m0oR/ePcUguQBwTgYS+40YQYUPivBsSQv3X2/7+gGLhIzA4YppwOooK"
"RGhbmL8zF2evmJ8CAwEAARZHGwEBHBgHFggFZHVtbXkIA0tFWQgILZwocriqO2D9"
"AP0m/QD+DzIwMTcxMDAyVDIyMzczNv0A/w8yMDE4MTAwMlQyMjM3MzUX/QEAMBUV"
"O51BEQwxp646i7IuHkuc1C/LISnOP2+wBFF2Ea1ht9MKjKkyJdmB1/GAOiR3njKd"
"UgRjBlownL11EwYDxkPY39RR05TmhF6PkpP81Ro/Vzv7rtSi/dxFIZXCiyuKPRUx"
"E0pZelPWVs3zMfqQ+8rWG89Kqs1vM0dglLBzlX9Lbim71TyLmaJaMmmBKv8+eQ22"
"CN71sRZOovl1kKcTHpOm61nD3C1n9GRflFtaMAXE/XU4zMJVzBv6XwQl6PCIc9H2"
"vjLa28ruVjhMGxqCGhziTC2eR56SUixrnEcbOKT0R+8+0AFnZIjdYglOZPcVwTVB"
"G6OxECJOuSoREcd1Ww==;"

Definition at line 30 of file dummy-keychain.cpp.

Referenced by ndn::security::DummyPib::getCertificate(), ndn::security::DummyPib::getDefaultCertificateOfKey(), and ndn::security::DummyPib::getKeyBits().

◆ DUMMY_SIGNATURE

const uint8_t ndn::security::DUMMY_SIGNATURE[]
static
Initial value:
=
{0x17, 0xfd, 0x01, 0x00, 0x93, 0x15, 0x09, 0x49, 0x79, 0x9e, 0xb7, 0x9c, 0xd3, 0xc1, 0xbf, 0x61,
0x89, 0xd5, 0xd9, 0xca, 0xf2, 0xb0, 0x14, 0xae, 0x72, 0x7c, 0x1f, 0x8f, 0xf5, 0xb1, 0x70, 0xd6,
0x9b, 0x8f, 0xf8, 0xd7, 0x2d, 0xbc, 0x92, 0x6f, 0x7d, 0x77, 0x96, 0x46, 0xea, 0xd4, 0x7d, 0x90,
0xbc, 0x7a, 0xeb, 0xe2, 0x03, 0x93, 0xb1, 0xd2, 0x62, 0xec, 0x9d, 0xff, 0x9c, 0x9c, 0x2a, 0x14,
0x7d, 0x23, 0xca, 0x29, 0x3d, 0x15, 0x1a, 0x40, 0x42, 0x2c, 0x59, 0x33, 0x8a, 0xf7, 0xc0, 0x6b,
0xc4, 0x9c, 0xf3, 0xc4, 0x99, 0xa4, 0x1a, 0x60, 0xf5, 0x28, 0x7d, 0x4c, 0xef, 0x43, 0x7d, 0xbd,
0x7d, 0x00, 0x51, 0xee, 0x41, 0xf5, 0x25, 0x80, 0xce, 0xe6, 0x64, 0x4f, 0x75, 0x54, 0xf3, 0xb2,
0x99, 0x9a, 0x0f, 0x93, 0x9a, 0x28, 0x1d, 0xfe, 0x12, 0x8a, 0xe0, 0xc1, 0x02, 0xeb, 0xa4, 0x35,
0x52, 0x88, 0xac, 0x44, 0x1a, 0x44, 0x82, 0x97, 0x4f, 0x5f, 0xa8, 0xd8, 0x9f, 0x67, 0x38, 0xa8,
0x64, 0xb6, 0x62, 0x99, 0xbd, 0x96, 0x3c, 0xf5, 0x86, 0x09, 0x5c, 0x97, 0x6b, 0x8f, 0xae, 0xe0,
0x60, 0xe7, 0x23, 0x98, 0x6a, 0xee, 0xc1, 0xb0, 0x14, 0xbe, 0x46, 0x2c, 0xfb, 0xa7, 0x27, 0x73,
0xe4, 0xf3, 0x26, 0x33, 0xba, 0x99, 0xd4, 0x01, 0x38, 0xa8, 0xf2, 0x9e, 0x87, 0xe0, 0x71, 0x0b,
0x25, 0x44, 0x07, 0x35, 0x88, 0xab, 0x67, 0x27, 0x56, 0x0e, 0xb5, 0xb5, 0xe8, 0x27, 0xb4, 0x49,
0xdc, 0xb8, 0x48, 0x31, 0xff, 0x99, 0x48, 0xab, 0x11, 0xb4, 0xa0, 0xdf, 0x8a, 0x6d, 0xff, 0x43,
0x69, 0x32, 0xa7, 0xbc, 0x63, 0x9d, 0x0f, 0xe0, 0x95, 0x34, 0x36, 0x25, 0x4b, 0x3e, 0x36, 0xbd,
0x81, 0x91, 0x0b, 0x91, 0x9f, 0x3a, 0x04, 0xa2, 0x44, 0x28, 0x19, 0xa1, 0x38, 0x21, 0x4f, 0x25,
0x59, 0x8a, 0x48, 0xc2}

Definition at line 47 of file dummy-keychain.cpp.

◆ WireEncodable< SafeBag >

ndn::security::WireEncodable< SafeBag >

Definition at line 1 of file safe-bag.cpp.

◆ WireDecodable< SafeBag >

ndn::security::WireDecodable< SafeBag >

Definition at line 1 of file safe-bag.cpp.

◆ WireEncodable< ValidityPeriod >

ndn::security::WireEncodable< ValidityPeriod >

Definition at line 1 of file validity-period.cpp.

◆ WireEncodableWithEncodingBuffer< ValidityPeriod >

ndn::security::WireEncodableWithEncodingBuffer< ValidityPeriod >

Definition at line 1 of file validity-period.cpp.

◆ WireDecodable< ValidityPeriod >

ndn::security::WireDecodable< ValidityPeriod >

Definition at line 1 of file validity-period.cpp.

◆ ISO_DATETIME_SIZE

const size_t ndn::security::ISO_DATETIME_SIZE = 15
static

Definition at line 36 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().

◆ NOT_BEFORE_OFFSET

const size_t ndn::security::NOT_BEFORE_OFFSET = 0
static

Definition at line 37 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().

◆ NOT_AFTER_OFFSET

const size_t ndn::security::NOT_AFTER_OFFSET = 1
static

Definition at line 38 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().