NAC Encryptor. More...

#include <encryptor.hpp>

Public Member Functions
	Encryptor (const Name &accessPrefix, const Name &ckPrefix, SigningInfo ckDataSigningInfo, const ErrorCallback &onFailure, Validator &validator, KeyChain &keyChain, Face &face)

	~Encryptor ()

InMemoryStorage::const_iterator	begin () const
	Returns begin iterator of the in-memory storage ordered by name with digest. More...

EncryptedContent	encrypt (span< const uint8_t > data)
	Synchronously encrypt supplied data. More...

InMemoryStorage::const_iterator	end () const
	Returns end iterator of the in-memory storage ordered by name with digest. More...

void	regenerateCk ()
	Create a new content key and publish the corresponding CK data. More...

size_t	size () const

Detailed Description

NAC Encryptor.

Encryptor encrypts the requested content and returns an EncryptedContent element.

Definition at line 33 of file encryptor.hpp.

Constructor & Destructor Documentation

◆ Encryptor()

ndn::nac::Encryptor::Encryptor	(	const Name &	accessPrefix,
		const Name &	ckPrefix,
		SigningInfo	ckDataSigningInfo,
		const ErrorCallback &	onFailure,
		Validator &	validator,
		KeyChain &	keyChain,
		Face &	face
	)

Parameters

accessPrefix	NAC prefix to fetch KEK (e.g., /access/prefix/NAC/data/subset)
ckPrefix	Prefix under which Content Keys will be generated (each will have unique version appended)
ckDataSigningInfo	SigningInfo parameters to sign CK Data
onFailure	Callback to notify application of a failure to create CK data (failed to fetch KEK, failed to encrypt with KEK, etc.). Note that Encryptor will continue trying to retrieve KEK until success (each attempt separated by `RETRY_DELAY_KEK_RETRIEVAL`) and `onFailure` may be called multiple times.
validator	Validation policy to ensure correctness of KEK
keyChain	KeyChain
face	Face that will be used to fetch KEK and publish CK data

Definition at line 36 of file encryptor.cpp.

◆ ~Encryptor()

ndn::nac::Encryptor::~Encryptor ( )

Definition at line 71 of file encryptor.cpp.

Member Function Documentation

◆ begin()

InMemoryStorage::const_iterator ndn::nac::Encryptor::begin ( ) const

inline

Returns begin iterator of the in-memory storage ordered by name with digest.

Returns: const_iterator pointing to the beginning of m_cache

Definition at line 101 of file encryptor.hpp.

◆ encrypt()

EncryptedContent ndn::nac::Encryptor::encrypt ( span< const uint8_t > data )

Synchronously encrypt supplied data.

If KEK has not been fetched already, this method will trigger async fetching of it. After KEK successfully fetched, CK data will be automatically published.

Todo:: For now, CK is being published in InMemoryStorage and can be fetched only while Encryptor instance is alive.

The actual encryption is done synchronously, but the exact KDK name is not known until KEK is fetched.

Note that if the KDK name is already known, this method will call onReady right away.

Returns: Encrypted content

Definition at line 117 of file encryptor.cpp.

◆ end()

InMemoryStorage::const_iterator ndn::nac::Encryptor::end ( ) const

inline

Returns end iterator of the in-memory storage ordered by name with digest.

Returns: const_iterator pointing to the end of m_cache

Definition at line 112 of file encryptor.hpp.

◆ regenerateCk()

void ndn::nac::Encryptor::regenerateCk ( )

Create a new content key and publish the corresponding CK data.

Todo:: Ensure that CK data packet for the old CK is published, when CK updated before KEK fetched

Definition at line 98 of file encryptor.cpp.

◆ size()

size_t ndn::nac::Encryptor::size ( ) const

inline

Returns: number of packets stored in in-memory storage

Definition at line 90 of file encryptor.hpp.

NAC: Name-Based Access Control library 0.1.0+git.fb0d7cd9 documentation

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ Encryptor()

◆ ~Encryptor()

Member Function Documentation

◆ begin()

◆ encrypt()

◆ end()

◆ regenerateCk()

◆ size()