trust-anchor-container.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2023 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #include "ndn-cxx/security/trust-anchor-container.hpp"
23 
24 namespace ndn::security {
25 
26 void
27 TrustAnchorContainer::AnchorContainer::add(Certificate&& cert)
28 {
29  AnchorContainerBase::insert(std::move(cert));
30 }
31 
32 void
33 TrustAnchorContainer::AnchorContainer::remove(const Name& certName)
34 {
35  AnchorContainerBase::erase(certName);
36 }
37 
38 void
39 TrustAnchorContainer::AnchorContainer::clear()
40 {
41  AnchorContainerBase::clear();
42 }
43 
44 void
45 TrustAnchorContainer::insert(const std::string& groupId, Certificate&& cert)
46 {
47  auto group = m_groups.find(groupId);
48  if (group == m_groups.end()) {
49  std::tie(group, std::ignore) = m_groups.insert(std::make_shared<StaticTrustAnchorGroup>(m_anchors,
50  groupId));
51  }
52  auto* staticGroup = dynamic_cast<StaticTrustAnchorGroup*>(&**group);
53  if (staticGroup == nullptr) {
54  NDN_THROW(Error("Cannot add static anchor to a non-static anchor group " + groupId));
55  }
56  staticGroup->add(std::move(cert));
57 }
58 
59 void
60 TrustAnchorContainer::insert(const std::string& groupId, const boost::filesystem::path& path,
61  time::nanoseconds refreshPeriod, bool isDir)
62 {
63  if (m_groups.count(groupId) != 0) {
64  NDN_THROW(Error("Cannot create dynamic group, because group " + groupId + " already exists"));
65  }
66 
67  m_groups.insert(std::make_shared<DynamicTrustAnchorGroup>(m_anchors, groupId, path,
68  refreshPeriod, isDir));
69 }
70 
71 void
72 TrustAnchorContainer::clear()
73 {
74  m_groups.clear();
75  m_anchors.clear();
76 }
77 
78 const Certificate*
79 TrustAnchorContainer::find(const Name& keyName) const
80 {
81  const_cast<TrustAnchorContainer*>(this)->refresh();
82 
83  auto cert = m_anchors.lower_bound(keyName);
84  if (cert == m_anchors.end() || !keyName.isPrefixOf(cert->getName()))
85  return nullptr;
86 
87  return &*cert;
88 }
89 
90 const Certificate*
91 TrustAnchorContainer::find(const Interest& interest) const
92 {
93  const_cast<TrustAnchorContainer*>(this)->refresh();
94 
95  for (auto cert = m_anchors.lower_bound(interest.getName());
96  cert != m_anchors.end() && interest.getName().isPrefixOf(cert->getName());
97  ++cert) {
98  if (interest.matchesData(*cert)) {
99  return &*cert;
100  }
101  }
102  return nullptr;
103 }
104 
105 TrustAnchorGroup&
106 TrustAnchorContainer::getGroup(const std::string& groupId) const
107 {
108  auto group = m_groups.find(groupId);
109  if (group == m_groups.end()) {
110  NDN_THROW(Error("Trust anchor group " + groupId + " does not exist"));
111  }
112  return **group;
113 }
114 
115 size_t
116 TrustAnchorContainer::size() const
117 {
118  return m_anchors.size();
119 }
120 
121 void
122 TrustAnchorContainer::refresh()
123 {
124  for (auto it = m_groups.begin(); it != m_groups.end(); ++it) {
125  m_groups.modify(it, [] (const auto& group) { group->refresh(); });
126  }
127 }
128 
129 } // namespace ndn::security
ndn::Interest
Represents an Interest packet.
Definition: interest.hpp:50
ndn::Interest::getName
const Name & getName() const noexcept
Get the Interest name.
Definition: interest.hpp:179
ndn::Interest::matchesData
bool matchesData(const Data &data) const
Check if this Interest can be satisfied by data.
Definition: interest.cpp:319
ndn::Name
Represents an absolute name.
Definition: name.hpp:45
ndn::Name::isPrefixOf
bool isPrefixOf(const Name &other) const noexcept
Check if this name is a prefix of another name.
Definition: name.cpp:275
ndn::security::Certificate
Represents an NDN certificate.
Definition: certificate.hpp:58
ndn::security::TrustAnchorContainer::find
const Certificate * find(const Name &keyName) const
Search for certificate across all groups (longest prefix match).
Definition: trust-anchor-container.cpp:79
ndn::security::TrustAnchorContainer::insert
void insert(const std::string &groupId, Certificate &&cert)
Insert a static trust anchor.
Definition: trust-anchor-container.cpp:45
ndn::security::TrustAnchorContainer::size
size_t size() const
Get number of trust anchors across all groups.
Definition: trust-anchor-container.cpp:116
ndn::security::TrustAnchorContainer::getGroup
TrustAnchorGroup & getGroup(const std::string &groupId) const
Get trusted anchor group.
Definition: trust-anchor-container.cpp:106
ndn::security::TrustAnchorContainer::clear
void clear()
Remove all static or dynamic anchors.
Definition: trust-anchor-container.cpp:72
NDN_THROW
#define NDN_THROW(e)
Definition: exception.hpp:56
ndn::security
Contains the ndn-cxx security framework.
Definition: additional-description.cpp:26
ndn::time::nanoseconds
::boost::chrono::nanoseconds nanoseconds
Definition: time.hpp:54
ndn::tlv::Name
@ Name
Definition: tlv.hpp:71