NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks 		API Documentation
Namespaces | Classes | Enumerations | Functions | Variables
ndn::security Namespace Reference

Namespaces

 detail
 
 pib
 
 tpm
 
 transform
 
 v2
 

Classes

class  DummyPib
 
class  DummyTpm
 
class  InterestSigner
 Helper class to create signed Interests. More...
 
struct  MakeCertificateOptions
 Options to KeyChain::makeCertificate() . More...
 
class  SafeBag
 A secured container for sensitive information (certificate, private key) More...
 
class  SigningInfo
 Signing parameters passed to KeyChain. More...
 
class  ValidatorConfig
 Helper for validator that uses SignedInterest + CommandInterest + Config policy and NetworkFetcher. More...
 
class  ValidityPeriod
 Represents a ValidityPeriod TLV element. More...
 

Enumerations

enum  SignedInterestFormat { SignedInterestFormat::V03, SignedInterestFormat::V02 }
 

Functions

 NDN_CXX_KEYCHAIN_REGISTER_PIB_BACKEND (DummyPib)
 
 NDN_CXX_KEYCHAIN_REGISTER_TPM_BACKEND (DummyTpm)
 
 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (SafeBag)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (SafeBag)
 
SigningInfo signingByIdentity (const Name &identityName)
 
SigningInfo signingByIdentity (const Identity &identity)
 
SigningInfo signingByKey (const Name &keyName)
 
SigningInfo signingByKey (const Key &key)
 
SigningInfo signingByCertificate (const Name &certName)
 
SigningInfo signingByCertificate (const Certificate &cert)
 
SigningInfo signingWithSha256 ()
 
std::ostream & operator<< (std::ostream &os, const SigningInfo &si)
 
std::ostream & operator<< (std::ostream &os, const SignedInterestFormat &format)
 
 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (ValidityPeriod)
 
std::ostream & operator<< (std::ostream &os, const ValidityPeriod &period)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (ValidityPeriod)
 
bool verifySignature (const InputBuffers &blobs, span< const uint8_t > sig, const transform::PublicKey &key)
 Verify blobs using key against sig. More...
 
bool verifySignature (const InputBuffers &blobs, span< const uint8_t > sig, span< const uint8_t > key)
 Verify blobs using key against sig. More...
 
static ParseResult parse (const Data &data)
 
static ParseResult parse (const Interest &interest)
 
static bool verifySignature (const ParseResult &params, const transform::PublicKey &key)
 
static bool verifySignature (const ParseResult &params, span< const uint8_t > key)
 
static bool verifySignature (const ParseResult &params, const tpm::Tpm &tpm, const Name &keyName, DigestAlgorithm digestAlgorithm)
 
static bool verifyDigest (const ParseResult &params, DigestAlgorithm algorithm)
 
bool verifySignature (const Data &data, span< const uint8_t > key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, span< const uint8_t > key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const transform::PublicKey &key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const transform::PublicKey &key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const pib::Key &key)
 Verify data using key. More...
 
bool verifySignature (const Interest &interest, const pib::Key &key)
 Verify interest using key. More...
 
bool verifySignature (const Data &data, const optional< Certificate > &cert)
 Verify data using cert. More...
 
bool verifySignature (const Interest &interest, const optional< Certificate > &cert)
 Verify interest using cert. More...
 
bool verifySignature (const Data &data, const tpm::Tpm &tpm, const Name &keyName, DigestAlgorithm digestAlgorithm)
 Verify data using tpm and keyName with the digestAlgorithm. More...
 
bool verifySignature (const Interest &interest, const tpm::Tpm &tpm, const Name &keyName, DigestAlgorithm digestAlgorithm)
 Verify interest using tpm and keyName with the digestAlgorithm. More...
 

Variables

static const uint8_t DUMMY_CERT []
 
static const uint8_t DUMMY_SIGNATURE []
 
 WireEncodable< SafeBag >
 
 WireDecodable< SafeBag >
 
 WireEncodable< ValidityPeriod >
 
 WireEncodableWithEncodingBuffer< ValidityPeriod >
 
 WireDecodable< ValidityPeriod >
 
static const size_t ISO_DATETIME_SIZE = 15
 
static const size_t NOT_BEFORE_OFFSET = 0
 
static const size_t NOT_AFTER_OFFSET = 1
 

Enumeration Type Documentation

◆ SignedInterestFormat

enum ndn::security::SignedInterestFormat
strong
Note
This is a transitional API to handle the change in signed Interest format and will disappear after a few releases.
Enumerator
V03 

Sign Interest using Packet Specification v0.3 semantics.

V02 

Sign Interest using Packet Specification v0.2 semantics.

Definition at line 39 of file signing-info.hpp.

Function Documentation

◆ NDN_CXX_KEYCHAIN_REGISTER_PIB_BACKEND()

ndn::security::NDN_CXX_KEYCHAIN_REGISTER_PIB_BACKEND ( DummyPib  )

◆ NDN_CXX_KEYCHAIN_REGISTER_TPM_BACKEND()

ndn::security::NDN_CXX_KEYCHAIN_REGISTER_TPM_BACKEND ( DummyTpm  )

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS() [1/2]

ndn::security::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( SafeBag  )

Referenced by ndn::security::SafeBag::wireEncode(), and ndn::security::ValidityPeriod::wireEncode().

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS() [1/2]

ndn::security::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( SafeBag  )

Referenced by ndn::security::SafeBag::getEncryptedKey().

◆ signingByIdentity() [1/2]

SigningInfo ndn::security::signingByIdentity ( const Name identityName)
Returns
a SigningInfo for signing with an identity

Definition at line 28 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_ID.

Referenced by nfd::rib::HostToGatewayReadvertisePolicy::handleNewRoute().

◆ signingByIdentity() [2/2]

SigningInfo ndn::security::signingByIdentity ( const Identity identity)
Returns
a SigningInfo for signing with an identity

Definition at line 34 of file signing-helpers.cpp.

◆ signingByKey() [1/2]

SigningInfo ndn::security::signingByKey ( const Name keyName)
Returns
a SigningInfo for signing with a key

Definition at line 40 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_KEY.

Referenced by ndn::security::v2::parseLocatorUri().

◆ signingByKey() [2/2]

SigningInfo ndn::security::signingByKey ( const Key key)
Returns
a SigningInfo for signing with a key

Definition at line 46 of file signing-helpers.cpp.

◆ signingByCertificate() [1/2]

SigningInfo ndn::security::signingByCertificate ( const Name certName)
Returns
a SigningInfo for signing with a certificate

Definition at line 52 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_CERT.

◆ signingByCertificate() [2/2]

SigningInfo ndn::security::signingByCertificate ( const Certificate &  cert)
Returns
a SigningInfo for signing with a certificate

Definition at line 58 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_CERT.

◆ signingWithSha256()

SigningInfo ndn::security::signingWithSha256 ( )
Returns
a SigningInfo for signing with Sha256

Definition at line 64 of file signing-helpers.cpp.

References ndn::security::SigningInfo::SIGNER_TYPE_SHA256.

◆ operator<<() [1/3]

std::ostream & ndn::security::operator<< ( std::ostream &  os,
const SigningInfo si 
)

Definition at line 188 of file signing-info.cpp.

References ndn::security::SigningInfo::getDigestSha256Identity(), ndn::security::SigningInfo::getSignerName(), ndn::security::SigningInfo::getSignerType(), ndn::security::SigningInfo::SIGNER_TYPE_CERT, ndn::security::SigningInfo::SIGNER_TYPE_HMAC, ndn::security::SigningInfo::SIGNER_TYPE_ID, ndn::security::SigningInfo::SIGNER_TYPE_KEY, ndn::security::SigningInfo::SIGNER_TYPE_NULL, ndn::security::SigningInfo::SIGNER_TYPE_SHA256, and ndn::to_underlying().

◆ operator<<() [2/3]

std::ostream & ndn::security::operator<< ( std::ostream &  os,
const SignedInterestFormat format 
)

Definition at line 208 of file signing-info.cpp.

References ndn::to_underlying(), V02, and V03.

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS() [2/2]

ndn::security::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( ValidityPeriod  )

◆ operator<<() [3/3]

std::ostream & ndn::security::operator<< ( std::ostream &  os,
const ValidityPeriod period 
)

Definition at line 160 of file validity-period.cpp.

References ndn::security::ValidityPeriod::getPeriod(), and ndn::time::toIsoString().

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS() [2/2]

ndn::security::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( ValidityPeriod  )

◆ verifySignature() [1/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const InputBuffers &  blobs,
span< const uint8_t >  sig,
const transform::PublicKey key 
)

Verify blobs using key against sig.

Definition at line 64 of file verification-helpers.cpp.

References ndn::security::transform::boolSink(), ndn::SHA256, and ndn::security::transform::verifierFilter().

Referenced by ndn::security::v2::ValidationState::addCertificate(), verifySignature(), ndn::security::v2::DataValidationState::~DataValidationState(), and ndn::security::v2::InterestValidationState::~InterestValidationState().

◆ verifySignature() [2/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const InputBuffers &  blobs,
span< const uint8_t >  sig,
span< const uint8_t >  key 
)

Verify blobs using key against sig.

Note
key must be a public key in PKCS #8 format.

Definition at line 80 of file verification-helpers.cpp.

References ndn::security::transform::PublicKey::loadPkcs8(), and verifySignature().

◆ parse() [1/2]

static ParseResult ndn::security::parse ( const Data data)
static

Definition at line 94 of file verification-helpers.cpp.

References ndn::Data::extractSignedRanges(), ndn::Data::getSignatureInfo(), ndn::Data::getSignatureValue(), and ndn::Block::value_bytes().

Referenced by ndn::Block::value_bytes(), and verifySignature().

◆ parse() [2/2]

static ParseResult ndn::security::parse ( const Interest interest)
static

Definition at line 106 of file verification-helpers.cpp.

References ndn::Interest::extractSignedRanges(), ndn::Interest::getName(), ndn::Interest::getSignatureInfo(), ndn::Interest::getSignatureValue(), info, ndn::Block::isValid(), ndn::signed_interest::MIN_SIZE, ndn::signed_interest::POS_SIG_INFO, ndn::signed_interest::POS_SIG_VALUE, ndn::Name::size(), ndn::Block::value(), ndn::Block::value_bytes(), ndn::Block::value_size(), ndn::Name::wireEncode(), and ndn::Interest::wireEncode().

◆ verifySignature() [3/15]

static bool ndn::security::verifySignature ( const ParseResult &  params,
const transform::PublicKey key 
)
static

Definition at line 138 of file verification-helpers.cpp.

References verifySignature().

◆ verifySignature() [4/15]

static bool ndn::security::verifySignature ( const ParseResult &  params,
span< const uint8_t >  key 
)
static

Definition at line 144 of file verification-helpers.cpp.

References verifySignature().

◆ verifySignature() [5/15]

static bool ndn::security::verifySignature ( const ParseResult &  params,
const tpm::Tpm tpm,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)
static

Definition at line 150 of file verification-helpers.cpp.

References ndn::security::tpm::Tpm::verify().

◆ verifyDigest()

static bool ndn::security::verifyDigest ( const ParseResult &  params,
DigestAlgorithm  algorithm 
)
static

Definition at line 157 of file verification-helpers.cpp.

References ndn::OBufferStream::buf(), ndn::security::transform::digestFilter(), and ndn::security::transform::streamSink().

Referenced by verifySignature().

◆ verifySignature() [6/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Data data,
span< const uint8_t >  key 
)

Verify data using key.

Note
key must be a public key in PKCS #8 format.

Definition at line 182 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [7/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Interest interest,
span< const uint8_t >  key 
)

Verify interest using key.

Note
key must be a public key in PKCS #8 format.
This method verifies only signature of the signed interest.

Definition at line 188 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [8/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Data data,
const transform::PublicKey key 
)

Verify data using key.

Definition at line 194 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [9/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Interest interest,
const transform::PublicKey key 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest.

Definition at line 200 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [10/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Data data,
const pib::Key key 
)

Verify data using key.

Definition at line 206 of file verification-helpers.cpp.

References ndn::security::pib::Key::getPublicKey(), parse(), and verifySignature().

◆ verifySignature() [11/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Interest interest,
const pib::Key key 
)

Verify interest using key.

Note
This method verifies only signature of the signed interest.

Definition at line 212 of file verification-helpers.cpp.

References ndn::security::pib::Key::getPublicKey(), parse(), and verifySignature().

◆ verifySignature() [12/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Data data,
const optional< Certificate > &  cert 
)

Verify data using cert.

If cert is nullopt, data assumed to be self-verifiable (with digest or attributes)

Definition at line 218 of file verification-helpers.cpp.

References ndn::tlv::DigestSha256, parse(), ndn::SHA256, verifyDigest(), and verifySignature().

◆ verifySignature() [13/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Interest interest,
const optional< Certificate > &  cert 
)

Verify interest using cert.

Note
This method verifies only signature of the signed interest.

If cert is nullptr, interest assumed to be self-verifiable (with digest or attributes)

Definition at line 234 of file verification-helpers.cpp.

References ndn::tlv::DigestSha256, parse(), ndn::SHA256, verifyDigest(), and verifySignature().

◆ verifySignature() [14/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Data data,
const tpm::Tpm tpm,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)

Verify data using tpm and keyName with the digestAlgorithm.

Definition at line 250 of file verification-helpers.cpp.

References parse(), and verifySignature().

◆ verifySignature() [15/15]

NDN_CXX_NODISCARD bool ndn::security::verifySignature ( const Interest interest,
const tpm::Tpm tpm,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)

Verify interest using tpm and keyName with the digestAlgorithm.

Note
This method verifies only signature of the signed interest.

Definition at line 257 of file verification-helpers.cpp.

References parse(), and verifySignature().

Variable Documentation

◆ DUMMY_CERT

const uint8_t ndn::security::DUMMY_CERT[]
static
Initial value:
=
"Bv0CqQclCAVkdW1teQgDS0VZCAgtnChyuKo7YAgCTkEICf0AAAFe3zzGfBQJGAEC"
"GQQANu6AFf0BJjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJSa1j6"
"JAzobrmtlUdJi38EWQZOigLykf9psImvIu7pa29Q3apBXENcV1E9687FmfY85Ec3"
"/onMtN7WG/wiuKiu/9eOr5WslD3VGDgxhesx80ygP0GNsN8FzsMl0lRKduXx3wG4"
"MCT8CX7uA4n4JbHY+0QaKUEEMRCiXcRAtF+yKfr+GaVeSemg+i/LR+6CSgpOyH0K"
"ogH9nlNhBn1Hxyc8X+B/nEu6P6NNEKkSnhT1jAbWtT1eL3BPGK/HNY19w9k2Ln6/"
"OYlhaHfB4m0oR/ePcUguQBwTgYS+40YQYUPivBsSQv3X2/7+gGLhIzA4YppwOooK"
"RGhbmL8zF2evmJ8CAwEAARZHGwEBHBgHFggFZHVtbXkIA0tFWQgILZwocriqO2D9"
"AP0m/QD+DzIwMTcxMDAyVDIyMzczNv0A/w8yMDE4MTAwMlQyMjM3MzUX/QEAMBUV"
"O51BEQwxp646i7IuHkuc1C/LISnOP2+wBFF2Ea1ht9MKjKkyJdmB1/GAOiR3njKd"
"UgRjBlownL11EwYDxkPY39RR05TmhF6PkpP81Ro/Vzv7rtSi/dxFIZXCiyuKPRUx"
"E0pZelPWVs3zMfqQ+8rWG89Kqs1vM0dglLBzlX9Lbim71TyLmaJaMmmBKv8+eQ22"
"CN71sRZOovl1kKcTHpOm61nD3C1n9GRflFtaMAXE/XU4zMJVzBv6XwQl6PCIc9H2"
"vjLa28ruVjhMGxqCGhziTC2eR56SUixrnEcbOKT0R+8+0AFnZIjdYglOZPcVwTVB"
"G6OxECJOuSoREcd1Ww==;"

Definition at line 30 of file dummy-keychain.cpp.

◆ DUMMY_SIGNATURE

const uint8_t ndn::security::DUMMY_SIGNATURE[]
static
Initial value:
=
{0x17, 0xfd, 0x01, 0x00, 0x93, 0x15, 0x09, 0x49, 0x79, 0x9e, 0xb7, 0x9c, 0xd3, 0xc1, 0xbf, 0x61,
0x89, 0xd5, 0xd9, 0xca, 0xf2, 0xb0, 0x14, 0xae, 0x72, 0x7c, 0x1f, 0x8f, 0xf5, 0xb1, 0x70, 0xd6,
0x9b, 0x8f, 0xf8, 0xd7, 0x2d, 0xbc, 0x92, 0x6f, 0x7d, 0x77, 0x96, 0x46, 0xea, 0xd4, 0x7d, 0x90,
0xbc, 0x7a, 0xeb, 0xe2, 0x03, 0x93, 0xb1, 0xd2, 0x62, 0xec, 0x9d, 0xff, 0x9c, 0x9c, 0x2a, 0x14,
0x7d, 0x23, 0xca, 0x29, 0x3d, 0x15, 0x1a, 0x40, 0x42, 0x2c, 0x59, 0x33, 0x8a, 0xf7, 0xc0, 0x6b,
0xc4, 0x9c, 0xf3, 0xc4, 0x99, 0xa4, 0x1a, 0x60, 0xf5, 0x28, 0x7d, 0x4c, 0xef, 0x43, 0x7d, 0xbd,
0x7d, 0x00, 0x51, 0xee, 0x41, 0xf5, 0x25, 0x80, 0xce, 0xe6, 0x64, 0x4f, 0x75, 0x54, 0xf3, 0xb2,
0x99, 0x9a, 0x0f, 0x93, 0x9a, 0x28, 0x1d, 0xfe, 0x12, 0x8a, 0xe0, 0xc1, 0x02, 0xeb, 0xa4, 0x35,
0x52, 0x88, 0xac, 0x44, 0x1a, 0x44, 0x82, 0x97, 0x4f, 0x5f, 0xa8, 0xd8, 0x9f, 0x67, 0x38, 0xa8,
0x64, 0xb6, 0x62, 0x99, 0xbd, 0x96, 0x3c, 0xf5, 0x86, 0x09, 0x5c, 0x97, 0x6b, 0x8f, 0xae, 0xe0,
0x60, 0xe7, 0x23, 0x98, 0x6a, 0xee, 0xc1, 0xb0, 0x14, 0xbe, 0x46, 0x2c, 0xfb, 0xa7, 0x27, 0x73,
0xe4, 0xf3, 0x26, 0x33, 0xba, 0x99, 0xd4, 0x01, 0x38, 0xa8, 0xf2, 0x9e, 0x87, 0xe0, 0x71, 0x0b,
0x25, 0x44, 0x07, 0x35, 0x88, 0xab, 0x67, 0x27, 0x56, 0x0e, 0xb5, 0xb5, 0xe8, 0x27, 0xb4, 0x49,
0xdc, 0xb8, 0x48, 0x31, 0xff, 0x99, 0x48, 0xab, 0x11, 0xb4, 0xa0, 0xdf, 0x8a, 0x6d, 0xff, 0x43,
0x69, 0x32, 0xa7, 0xbc, 0x63, 0x9d, 0x0f, 0xe0, 0x95, 0x34, 0x36, 0x25, 0x4b, 0x3e, 0x36, 0xbd,
0x81, 0x91, 0x0b, 0x91, 0x9f, 0x3a, 0x04, 0xa2, 0x44, 0x28, 0x19, 0xa1, 0x38, 0x21, 0x4f, 0x25,
0x59, 0x8a, 0x48, 0xc2}

Definition at line 47 of file dummy-keychain.cpp.

Referenced by ndn::security::tpm::DummyKeyHandle::DummyKeyHandle().

◆ WireEncodable< SafeBag >

ndn::security::WireEncodable< SafeBag >

Definition at line 32 of file safe-bag.cpp.

◆ WireDecodable< SafeBag >

ndn::security::WireDecodable< SafeBag >

Definition at line 33 of file safe-bag.cpp.

◆ WireEncodable< ValidityPeriod >

ndn::security::WireEncodable< ValidityPeriod >

Definition at line 30 of file validity-period.cpp.

◆ WireEncodableWithEncodingBuffer< ValidityPeriod >

ndn::security::WireEncodableWithEncodingBuffer< ValidityPeriod >

Definition at line 31 of file validity-period.cpp.

◆ WireDecodable< ValidityPeriod >

ndn::security::WireDecodable< ValidityPeriod >

Definition at line 32 of file validity-period.cpp.

◆ ISO_DATETIME_SIZE

const size_t ndn::security::ISO_DATETIME_SIZE = 15
static

Definition at line 36 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().

◆ NOT_BEFORE_OFFSET

const size_t ndn::security::NOT_BEFORE_OFFSET = 0
static

Definition at line 37 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().

◆ NOT_AFTER_OFFSET

const size_t ndn::security::NOT_AFTER_OFFSET = 1
static

Definition at line 38 of file validity-period.cpp.

Referenced by ndn::security::ValidityPeriod::wireDecode().