trust-anchor-group.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2021 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
23 #include "ndn-cxx/util/io.hpp"
24 #include "ndn-cxx/util/logger.hpp"
25 
26 #if BOOST_VERSION >= 107200
27 #include <boost/filesystem/directory.hpp>
28 #endif
29 #include <boost/filesystem/operations.hpp>
30 #include <boost/range/adaptor/map.hpp>
31 #include <boost/range/algorithm/copy.hpp>
32 #include <boost/range/iterator_range.hpp>
33 
34 namespace ndn {
35 namespace security {
36 inline namespace v2 {
37 
39 
40 namespace fs = boost::filesystem;
41 
42 TrustAnchorGroup::TrustAnchorGroup(CertContainerInterface& certContainer, const std::string& id)
43  : m_certs(certContainer)
44  , m_id(id)
45 {
46 }
47 
49 
50 size_t
52 {
53  return m_anchorNames.size();
54 }
55 
56 void
58 {
59  // base method does nothing
60 }
61 
63 
65  : TrustAnchorGroup(certContainer, id)
66 {
67 }
68 
69 void
71 {
72  if (m_anchorNames.count(cert.getName()) != 0) {
73  return;
74  }
75 
76  m_anchorNames.insert(cert.getName());
77  m_certs.add(std::move(cert));
78 }
79 
80 void
82 {
83  m_anchorNames.erase(certName);
84  m_certs.remove(certName);
85 }
86 
88 
90  const boost::filesystem::path& path,
91  time::nanoseconds refreshPeriod, bool isDir)
92  : TrustAnchorGroup(certContainer, id)
93  , m_isDir(isDir)
94  , m_path(path)
95  , m_refreshPeriod(refreshPeriod)
96 {
97  if (refreshPeriod <= time::nanoseconds::zero()) {
98  NDN_THROW(std::runtime_error("Refresh period for the dynamic group must be positive"));
99  }
100 
101  NDN_LOG_TRACE("Create dynamic trust anchor group " << id << " for file/dir " << path
102  << " with refresh time " << refreshPeriod);
103  refresh();
104 }
105 
106 void
108 {
109  if (m_expireTime > time::steady_clock::now()) {
110  return;
111  }
112  m_expireTime = time::steady_clock::now() + m_refreshPeriod;
113  NDN_LOG_TRACE("Reloading dynamic trust anchor group");
114 
115  std::set<Name> oldAnchorNames = m_anchorNames;
116 
117  auto loadCert = [this, &oldAnchorNames] (const fs::path& file) {
118  auto cert = io::load<Certificate>(file.string());
119  if (cert != nullptr) {
120  if (m_anchorNames.count(cert->getName()) == 0) {
121  m_anchorNames.insert(cert->getName());
122  m_certs.add(std::move(*cert));
123  }
124  else {
125  oldAnchorNames.erase(cert->getName());
126  }
127  }
128  };
129 
130  if (!m_isDir) {
131  loadCert(m_path);
132  }
133  else if (fs::exists(m_path)) {
134  std::for_each(fs::directory_iterator(m_path), fs::directory_iterator(), loadCert);
135  }
136 
137  // remove old certs
138  for (const auto& oldAnchorName : oldAnchorNames) {
139  m_anchorNames.erase(oldAnchorName);
140  m_certs.remove(oldAnchorName);
141  }
142 }
143 
144 } // inline namespace v2
145 } // namespace security
146 } // namespace ndn
Represents an absolute name.
Definition: name.hpp:44
virtual void remove(const Name &certName)=0
virtual void add(Certificate &&cert)=0
Represents an NDN certificate.
Definition: certificate.hpp:60
void refresh() override
Request certificate refresh.
DynamicTrustAnchorGroup(CertContainerInterface &certContainer, const std::string &id, const boost::filesystem::path &path, time::nanoseconds refreshPeriod, bool isDir=false)
Create a dynamic trust anchor group.
void add(Certificate &&cert)
Load static anchor cert.
StaticTrustAnchorGroup(CertContainerInterface &certContainer, const std::string &id)
Create a static trust anchor group.
void remove(const Name &certName)
Remove static anchor certName.
TrustAnchorGroup(CertContainerInterface &certContainer, const std::string &id)
Create an anchor group.
virtual void refresh()
Request certificate refresh.
static time_point now() noexcept
Definition: time.cpp:80
#define NDN_THROW(e)
Definition: exception.hpp:61
#define NDN_LOG_TRACE(expression)
Log at TRACE level.
Definition: logger.hpp:249
#define NDN_LOG_INIT(name)
Define a non-member log module.
Definition: logger.hpp:163
boost::chrono::nanoseconds nanoseconds
Definition: time.hpp:50
Definition: data.cpp:25