certificate-store.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
22 #include "certificate-store.hpp"
23 #include "conf-parameter.hpp"
24 #include "logger.hpp"
25 
26 #include <ndn-cxx/util/io.hpp>
27 
28 namespace nlsr {
29 namespace security {
30 
31 INIT_LOGGER(CertificateStore);
32 
33 CertificateStore::CertificateStore(ndn::Face& face, ConfParameter& confParam, Lsdb& lsdb)
34  : m_face(face)
35  , m_confParam(confParam)
36  , m_lsdb(lsdb)
37  , m_validator(m_confParam.getValidator())
38  , m_afterSegmentValidatedConnection(m_lsdb.afterSegmentValidatedSignal.connect(
39  std::bind(&CertificateStore::afterFetcherSignalEmitted,
40  this, _1)))
41 {
42  for (const auto& x: confParam.getIdCerts()) {
43  auto idCert = ndn::io::load<ndn::security::v2::Certificate>(x);
44  insert(*idCert);
45  }
46 
47  registerKeyPrefixes();
48 }
49 
50 void
51 CertificateStore::insert(const ndn::security::v2::Certificate& certificate)
52 {
53  m_certificates[certificate.getKeyName()] = certificate;
54  NLSR_LOG_TRACE("Certificate inserted successfully");
55 }
56 
57 const ndn::security::v2::Certificate*
58 CertificateStore::find(const ndn::Name& keyName) const
59 {
60  auto it = m_certificates.find(keyName);
61  return it != m_certificates.end() ? &it->second : nullptr;
62 }
63 
64 void
65 CertificateStore::clear()
66 {
67  m_certificates.clear();
68 }
69 
70 void
71 CertificateStore::setInterestFilter(const ndn::Name& prefix, bool loopback)
72 {
73  m_face.setInterestFilter(ndn::InterestFilter(prefix).allowLoopback(loopback),
74  std::bind(&CertificateStore::onKeyInterest, this, _1, _2),
75  std::bind(&CertificateStore::onKeyPrefixRegSuccess, this, _1),
76  std::bind(&CertificateStore::registrationFailed, this, _1),
77  m_confParam.getSigningInfo(), ndn::nfd::ROUTE_FLAG_CAPTURE);
78 }
79 
80 void
81 CertificateStore::registerKeyPrefixes()
82 {
83  std::vector<ndn::Name> prefixes;
84 
85  // Router's NLSR certificate
86  ndn::Name nlsrKeyPrefix = m_confParam.getRouterPrefix();
87  nlsrKeyPrefix.append("nlsr");
88  nlsrKeyPrefix.append("KEY");
89  prefixes.push_back(nlsrKeyPrefix);
90 
91  // Router's certificate
92  ndn::Name routerKeyPrefix = m_confParam.getRouterPrefix();
93  routerKeyPrefix.append("KEY");
94  prefixes.push_back(routerKeyPrefix);
95 
96  // Router's operator's certificate
97  ndn::Name operatorKeyPrefix = m_confParam.getNetwork();
98  operatorKeyPrefix.append(m_confParam.getSiteName());
99  operatorKeyPrefix.append(std::string("%C1.Operator"));
100  prefixes.push_back(operatorKeyPrefix);
101 
102  // Router's site's certificate
103  ndn::Name siteKeyPrefix = m_confParam.getNetwork();
104  siteKeyPrefix.append(m_confParam.getSiteName());
105  siteKeyPrefix.append("KEY");
106  prefixes.push_back(siteKeyPrefix);
107 
108  // Start listening for interest of this router's NLSR certificate,
109  // router's certificate and site's certificate
110  for (const auto& i : prefixes) {
111  setInterestFilter(i);
112  }
113 }
114 
115 void
116 CertificateStore::onKeyInterest(const ndn::Name& name, const ndn::Interest& interest)
117 {
118  NLSR_LOG_DEBUG("Got interest for certificate. Interest: " << interest.getName());
119 
120  const auto* cert = find(interest.getName());
121 
122  if (!cert) {
123  NLSR_LOG_TRACE("Certificate is not found for: " << interest);
124  return;
125  }
126  m_face.put(*cert);
127 }
128 
129 void
130 CertificateStore::onKeyPrefixRegSuccess(const ndn::Name& name)
131 {
132  NLSR_LOG_DEBUG("KEY prefix: " << name << " registration is successful.");
133 }
134 
135 void
136 CertificateStore::registrationFailed(const ndn::Name& name)
137 {
138  NLSR_LOG_ERROR("ERROR: Failed to register prefix " << name);
139  BOOST_THROW_EXCEPTION(std::runtime_error("Prefix registration failed"));
140 }
141 
142 void
143 CertificateStore::publishCertFromCache(const ndn::Name& keyName)
144 {
145  const auto* cert = m_validator.getUnverifiedCertCache().find(keyName);
146 
147  if (cert) {
148  insert(*cert);
149  NLSR_LOG_TRACE(*cert);
150  ndn::Name certName = ndn::security::v2::extractKeyNameFromCertName(cert->getName());
151  NLSR_LOG_TRACE("Setting interest filter for: " << certName);
152 
153  setInterestFilter(certName);
154 
155  if (cert->getKeyName() != cert->getSignature().getKeyLocator().getName()) {
156  publishCertFromCache(cert->getSignature().getKeyLocator().getName());
157  }
158  }
159  else {
160  // Happens for root cert
161  NLSR_LOG_TRACE("Cert for " << keyName << " was not found in the Validator's cache. ");
162  }
163 }
164 
165 void
166 CertificateStore::afterFetcherSignalEmitted(const ndn::Data& lsaSegment)
167 {
168  const auto keyName = lsaSegment.getSignature().getKeyLocator().getName();
169  if (!find(keyName)) {
170  NLSR_LOG_TRACE("Publishing certificate for: " << keyName);
171  publishCertFromCache(keyName);
172  }
173  else {
174  NLSR_LOG_TRACE("Certificate is already in the store: " << keyName);
175  }
176 }
177 
178 } // namespace security
179 } // namespace nlsr
nlsr::ConfParameter
A class to house all the configuration parameters for NLSR.
Definition: conf-parameter.hpp:129
nlsr::security::CertificateStore
Store certificates for names.
Definition: certificate-store.hpp:45
nlsr::ConfParameter::getSigningInfo
const ndn::security::SigningInfo & getSigningInfo() const
Definition: conf-parameter.hpp:458
NLSR_LOG_DEBUG
#define NLSR_LOG_DEBUG(x)
Definition: logger.hpp:38
std
STL namespace.
nlsr::ConfParameter::getRouterPrefix
const ndn::Name & getRouterPrefix() const
Definition: conf-parameter.hpp:188
nlsr::security::CertificateStore::CertificateStore
CertificateStore(ndn::Face &face, ConfParameter &confParam, Lsdb &lsdb)
Definition: certificate-store.cpp:33
logger.hpp
Copyright (c) 2014-2018, The University of Memphis, Regents of the University of California.
INIT_LOGGER
#define INIT_LOGGER(name)
Definition: logger.hpp:35
nlsr::security::CertificateStore::publishCertFromCache
void publishCertFromCache(const ndn::Name &keyName)
Retrieves the chain of certificates from Validator&#39;s cache and store them in Nlsr&#39;s own CertificateSt...
Definition: certificate-store.cpp:143
nlsr::security::CertificateStore::insert
void insert(const ndn::security::v2::Certificate &certificate)
Definition: certificate-store.cpp:51
nlsr::ConfParameter::getSiteName
const ndn::Name & getSiteName() const
Definition: conf-parameter.hpp:170
nlsr::ConfParameter::getNetwork
const ndn::Name & getNetwork() const
Definition: conf-parameter.hpp:146
NLSR_LOG_ERROR
#define NLSR_LOG_ERROR(x)
Definition: logger.hpp:41
nlsr
Copyright (c) 2014-2019, The University of Memphis, Regents of the University of California, Arizona Board of Regents.
Definition: adjacency-list.cpp:30
nlsr::ConfParameter::getIdCerts
const std::unordered_set< std::string > & getIdCerts() const
Definition: conf-parameter.hpp:470
nlsr::security::CertificateStore::afterFetcherSignalEmitted
void afterFetcherSignalEmitted(const ndn::Data &lsaSegment)
Definition: certificate-store.cpp:166
nlsr::security::CertificateStore::find
const ndn::security::v2::Certificate * find(const ndn::Name &keyName) const
Find a certificate.
Definition: certificate-store.cpp:58
NLSR_LOG_TRACE
#define NLSR_LOG_TRACE(x)
Definition: logger.hpp:37