A container for trust anchors. More...
#include <ndn-cxx/security/trust-anchor-container.hpp>
Classes | |
class | Error |
Public Member Functions | |
void | clear () |
Remove all static or dynamic anchors. More... | |
const Certificate * | find (const Interest &interest) const |
Find certificate given interest. More... | |
const Certificate * | find (const Name &keyName) const |
Search for certificate across all groups (longest prefix match). More... | |
TrustAnchorGroup & | getGroup (const std::string &groupId) const |
Get trusted anchor group. More... | |
void | insert (const std::string &groupId, Certificate &&cert) |
Insert a static trust anchor. More... | |
void | insert (const std::string &groupId, const std::filesystem::path &path, time::nanoseconds refreshPeriod, bool isDir=false) |
Insert dynamic trust anchors from path. More... | |
size_t | size () const |
Get number of trust anchors across all groups. More... | |
A container for trust anchors.
There are two kinds of anchors:
Trust anchors are organized in groups. Each group has a unique group id. The same anchor certificate (same name without considering the implicit digest) can be inserted into multiple groups, but no more than once into each.
Dynamic groups are created using the appropriate TrustAnchorContainer::insert method. Once created, the dynamic anchor group cannot be updated.
The returned pointer to Certificate from find
methods is only guaranteed to be valid until the next invocation of find
and may be invalidated afterwards.
Definition at line 53 of file trust-anchor-container.hpp.
void ndn::security::TrustAnchorContainer::clear | ( | ) |
Remove all static or dynamic anchors.
Definition at line 72 of file trust-anchor-container.cpp.
const Certificate * ndn::security::TrustAnchorContainer::find | ( | const Interest & | interest | ) | const |
Find certificate given interest.
interest | The input interest packet. |
find
methods. Definition at line 91 of file trust-anchor-container.cpp.
const Certificate * ndn::security::TrustAnchorContainer::find | ( | const Name & | keyName | ) | const |
Search for certificate across all groups (longest prefix match).
keyName | Key name prefix for searching the certificate. |
find
methods. Definition at line 79 of file trust-anchor-container.cpp.
TrustAnchorGroup & ndn::security::TrustAnchorContainer::getGroup | ( | const std::string & | groupId | ) | const |
Get trusted anchor group.
Error | groupId does not exist |
Definition at line 106 of file trust-anchor-container.cpp.
void ndn::security::TrustAnchorContainer::insert | ( | const std::string & | groupId, |
Certificate && | cert | ||
) |
Insert a static trust anchor.
groupId | Certificate group id. |
cert | Certificate to insert. |
If cert
(same name without considering implicit digest) already exists in the group groupId
, this method has no effect.
Error | groupId is a dynamic anchor group . |
Definition at line 45 of file trust-anchor-container.cpp.
void ndn::security::TrustAnchorContainer::insert | ( | const std::string & | groupId, |
const std::filesystem::path & | path, | ||
time::nanoseconds | refreshPeriod, | ||
bool | isDir = false |
||
) |
Insert dynamic trust anchors from path.
groupId | Certificate group id, must not be empty. |
path | Specifies the path to load the trust anchors. |
refreshPeriod | Refresh period for the trust anchors, must be positive. Relevant trust anchors will only be updated when find is called |
isDir | Tells whether the path is a directory or a single file. |
std::invalid_argument | refreshPeriod is not positive |
Error | a group with groupId already exists |
Definition at line 60 of file trust-anchor-container.cpp.
size_t ndn::security::TrustAnchorContainer::size | ( | ) | const |
Get number of trust anchors across all groups.
Definition at line 116 of file trust-anchor-container.cpp.