CertificateV2 represents a certificate following the certificate format naming convention. More...

#include <certificate-v2.hpp>

Inheritance diagram for ndn::CertificateV2:

Classes
class	Error
	A CertificateV2::Error extends runtime_error and represents errors for not complying with the certificate format. More...

Public Member Functions
	CertificateV2 ()
	Create a CertificateV2 with content type KEY and default or unspecified values.

	CertificateV2 (const Data &data)
	Create a CertificateV2 from the content in the Data packet. More...

Name	getKeyName () const
	Get key name from the certificate name. More...

Name	getIdentity () const
	Get the identity name from the certificate name. More...

Name::Component	getKeyId () const
	Get the key ID component from the certificate name. More...

Name::Component	getIssuerId () const
	Get issuer ID component from the certificate name. More...

const Blob &	getPublicKey () const
	Get the public key DER encoding. More...

ValidityPeriod &	getValidityPeriod ()
	Get the certificate validity period from the SignatureInfo. More...

const ValidityPeriod &	getValidityPeriod () const

bool	isValid (MillisecondsSince1970 time=-1.0) const
	Check if the time falls within the validity period. More...

void	printCertificate (std::ostream &output) const
	Print the certificate information to the given output stream. More...

void	printCertificate () const
	Print the certificate information to std::cout.

virtual void	wireDecode (const Blob &input, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
	Override to call the base class wireDecode then check the certificate format. More...

void	wireDecode (const uint8_t input, size_t inputLength, WireFormat &wireFormat=WireFormat::getDefaultWireFormat())

void	wireDecode (const std::vector< uint8_t > &input, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())

Public Member Functions inherited from ndn::Data
	Data ()
	Create a new Data object with default values and where the signature is a blank Sha256WithRsaSignature.

	Data (const Name &name)
	Create a new Data object with the given name and default values and where the signature is a blank Sha256WithRsaSignature. More...

	Data (const Data &data)
	The copy constructor: Create a deep copy of the given data object, including a clone of the signature object. More...

virtual	~Data ()
	The virtual destructor.

Data &	operator= (const Data &data)
	The assignment operator: Copy fields and make a clone of the signature. More...

SignedBlob	wireEncode (WireFormat &wireFormat=*WireFormat::getDefaultWireFormat()) const
	Encode this Data for a particular wire format. More...

void	wireDecode (const uint8_t input, size_t inputLength, WireFormat &wireFormat=WireFormat::getDefaultWireFormat())
	Decode the input using a particular wire format and update this Data. More...

void	wireDecode (const std::vector< uint8_t > &input, WireFormat &wireFormat=*WireFormat::getDefaultWireFormat())
	Decode the input using a particular wire format and update this Data. More...

void	get (DataLite &dataLite) const
	Set dataLite to point to the values in this Data object, without copying any memory. More...

void	set (const DataLite &dataLite)
	Clear this data object, and set the values by copying from dataLite. More...

const Signature *	getSignature () const

Signature *	getSignature ()

const Name &	getName () const

Name &	getName ()

const MetaInfo &	getMetaInfo () const

MetaInfo &	getMetaInfo ()

const Blob &	getContent () const

uint64_t	getIncomingFaceId () const
	Get the incoming face ID according to the incoming packet header. More...

uint64_t	getCongestionMark () const
	Get the congestion mark according to the incoming packet header. More...

ptr_lib::shared_ptr< Name >	getFullName (WireFormat &wireFormat=*WireFormat::getDefaultWireFormat()) const
	Get the Data packet's full name, which includes the final ImplicitSha256Digest component based on the wire encoding for a particular wire format. More...

const SignedBlob &	getDefaultWireEncoding () const
	Return a reference to the defaultWireEncoding, which was encoded with getDefaultWireEncodingFormat(). More...

WireFormat *	getDefaultWireEncodingFormat () const
	Get the WireFormat which is used by getDefaultWireEncoding(). More...

Data &	setSignature (const Signature &signature)
	Set the signature to a copy of the given signature. More...

virtual Data &	setName (const Name &name)
	Set name to a copy of the given Name. More...

Data &	setMetaInfo (const MetaInfo &metaInfo)
	Set metaInfo to a copy of the given MetaInfo. More...

Data &	setContent (const std::vector< uint8_t > &content)
	Set the content to a copy of the data in the vector. More...

Data &	setContent (const uint8_t *content, size_t contentLength)

Data &	setContent (const Blob &content)

Data &	setLpPacket (const ptr_lib::shared_ptr< LpPacket > &lpPacket)
	An internal library method to set the LpPacket for an incoming packet. More...

uint64_t	getChangeCount () const
	Get the change count, which is incremented each time this object (or a child object) is changed. More...

Static Public Member Functions
static bool	isValidName (const Name &certificateName)
	Check if certificateName follows the naming convention for a certificate. More...

static Name	extractIdentityFromCertName (const Name &certificateName)
	Extract the identity namespace from certificateName. More...

static Name	extractKeyNameFromCertName (const Name &certificateName)
	Extract key name from certificateName. More...

static const Name::Component &	getKEY_COMPONENT ()
	Get the name component for "KEY". More...

Static Public Attributes
static const int	VERSION_OFFSET = -1

static const int	ISSUER_ID_OFFSET = -2

static const int	KEY_ID_OFFSET = -3

static const int	KEY_COMPONENT_OFFSET = -4

static const int	MIN_CERT_NAME_LENGTH = 4

static const int	MIN_KEY_NAME_LENGTH = 2

Detailed Description

CertificateV2 represents a certificate following the certificate format naming convention.

Overview of the NDN certificate format:

CertificateV2 ::= DATA-TLV TLV-LENGTH
                    Name      (= /<NameSpace>/KEY/[KeyId]/[IssuerId]/[Version])
                    MetaInfo  (.ContentType = KEY)
                    Content   (= X509PublicKeyContent)
                    SignatureInfo (= CertificateV2SignatureInfo)
                    SignatureValue

X509PublicKeyContent ::= CONTENT-TLV TLV-LENGTH
                           BYTE+ (= public key bits in PKCS#8 format)

CertificateV2SignatureInfo ::= SIGNATURE-INFO-TYPE TLV-LENGTH
                                 SignatureType
                                 KeyLocator
                                 ValidityPeriod
                                 ... optional critical or non-critical extension blocks ...

An example of NDN certificate name:

/edu/ucla/cs/yingdi/KEY/%03%CD...%F1/%9F%D3...%B7/%FD%d2...%8E
\_________________/    \___________/ \___________/\___________/

Certificate Namespace Key Id Issuer Id Version (Identity) __________________________________/ Key Name

Notes:

Key Id is an opaque name component to identify the instance of the public key for the certificate namespace. The value of Key ID is controlled by the namespace owner. The library includes helpers for generating key IDs using an 8-byte random number, SHA-256 digest of the public key, timestamp, and the specified numerical identifiers.
Issuer Id is sn opaque name component to identify the issuer of the certificate. The value is controlled by the issuer. The library includes helpers to set issuer the ID to an 8-byte random number, SHA-256 digest of the issuer's public key, and the specified numerical identifiers.
Key Name is a logical name of the key used for management purposes. the Key Name includes the certificate namespace, keyword KEY, and KeyId components.

See Also: https://github.com/named-data/ndn-cxx/blob/master/docs/specs/certificate-format.rst

Constructor & Destructor Documentation

ndn::CertificateV2::CertificateV2 ( const Data & data )

Create a CertificateV2 from the content in the Data packet.

Parameters

data	The data packet with the content to copy.

Exceptions

CertificateV2::Error If data does not follow the certificate format.

Member Function Documentation

Name ndn::CertificateV2::extractIdentityFromCertName ( const Name & certificateName )

static

Extract the identity namespace from certificateName.

Parameters

certificateName The name of the certificate.

Returns: The identity namespace as a new Name.

Name ndn::CertificateV2::extractKeyNameFromCertName ( const Name & certificateName )

static

Extract key name from certificateName.

Parameters

certificateName The name of the certificate.

Returns: The key name as a new Name.

Name ndn::CertificateV2::getIdentity ( ) const

inline

Get the identity name from the certificate name.

Returns: The identity name as a new Name.

Name::Component ndn::CertificateV2::getIssuerId ( ) const

inline

Get issuer ID component from the certificate name.

Returns: The issuer ID component.

const Name::Component & ndn::CertificateV2::getKEY_COMPONENT ( )

static

Get the name component for "KEY".

This is a method because not all C++ environments support static constructors.

Returns: The name component for "KEY".

Name::Component ndn::CertificateV2::getKeyId ( ) const

inline

Get the key ID component from the certificate name.

Returns: The key ID name component.

Name ndn::CertificateV2::getKeyName ( ) const

inline

Get key name from the certificate name.

Returns: The key name as a new Name.

const Blob & ndn::CertificateV2::getPublicKey ( ) const

Get the public key DER encoding.

Returns: The DER encoding Blob.

Exceptions

CertificateV2::Error If the public key is not set.

ValidityPeriod & ndn::CertificateV2::getValidityPeriod ( )

Get the certificate validity period from the SignatureInfo.

Returns: The ValidityPeriod object.

Exceptions

runtime_error If the SignatureInfo doesn't have a ValidityPeriod.

bool ndn::CertificateV2::isValid ( MillisecondsSince1970 time = -1.0 ) const

inline

Check if the time falls within the validity period.

Parameters

time	(optional) The time to check as milliseconds since Jan 1, 1970 UTC. If omitted, use the current time.

Returns: True if the beginning of the validity period is less than or equal to time and time is less than or equal to the end of the validity period.

Exceptions

runtime_error If the SignatureInfo doesn't have a ValidityPeriod.

bool ndn::CertificateV2::isValidName ( const Name & certificateName )

static

Check if certificateName follows the naming convention for a certificate.

Parameters

certificateName The name of the certificate.

Returns: True if certificateName follows the naming convention.

void ndn::CertificateV2::printCertificate ( std::ostream & output ) const

Print the certificate information to the given output stream.

Parameters

output The output stream.

void ndn::CertificateV2::wireDecode	(	const Blob &	input,
		WireFormat &	wireFormat = `*WireFormat::getDefaultWireFormat()`
	)

virtual

Override to call the base class wireDecode then check the certificate format.

Parameters

input	The input byte array to be decoded as an immutable Blob.
wireFormat	A WireFormat object used to decode the input. If omitted, use WireFormat getDefaultWireFormat().

Reimplemented from ndn::Data.

The documentation for this class was generated from the following files:

include/ndn-cpp/security/v2/certificate-v2.hpp
src/security/v2/certificate-v2.cpp

Classes

Public Member Functions

Static Public Member Functions

Static Public Attributes

Detailed Description

Constructor & Destructor Documentation

Member Function Documentation