Gitiles
Code Review Sign In
gerrit.named-data.net / NLSR / 427e012304ecb243bed861e718abdbde0ba21291 / . / src / security / certificate-store.hpp
blob: 99b88bf840e2c154f0cd63d2c2c77e465757994e [file] [log] [blame]
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]3 * Copyright (c) 2014-2020, The University of Memphis,
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]4 * Regents of the University of California,
5 * Arizona Board of Regents.
6 *
7 * This file is part of NLSR (Named-data Link State Routing).
8 * See AUTHORS.md for complete list of NLSR authors and contributors.
9 *
10 * NLSR is free software: you can redistribute it and/or modify it under the terms
11 * of the GNU General Public License as published by the Free Software Foundation,
12 * either version 3 of the License, or (at your option) any later version.
13 *
14 * NLSR is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
15 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
16 * PURPOSE. See the GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along with
19 * NLSR, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
20 **/
21
22#ifndef NLSR_CERTIFICATE_STORE_HPP
23#define NLSR_CERTIFICATE_STORE_HPP
24
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]25#include "common.hpp"
26#include "test-access-control.hpp"
27#include "lsdb.hpp"
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]28
29#include <ndn-cxx/interest.hpp>
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]30#include <ndn-cxx/mgmt/nfd/controller.hpp>
Muktadir Chowdhuryf04f9892017-08-20 20:42:56 -0500[diff] [blame]31#include <ndn-cxx/security/v2/certificate.hpp>
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]32#include <ndn-cxx/security/validator-config.hpp>
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]33
34namespace nlsr {
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]35class ConfParameter;
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]36namespace security {
37
Nick Gordond0a7df32017-05-30 16:44:34 -0500[diff] [blame]38/*! \brief Store certificates for names
39 *
40 * Stores certificates that this router claims to be authoritative
41 * for. That is, this stores only the certificates that we will reply
42 * to KEY interests with, e.g. when other routers are verifying data
43 * we have sent.
44 */
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]45class CertificateStore
46{
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]47
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]48public:
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]49 CertificateStore(ndn::Face& face, ConfParameter& confParam, Lsdb& lsdb);
50
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]51 void
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]52 insert(const ndn::security::v2::Certificate& certificate);
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]53
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]54 /*! \brief Find a certificate
55 *
56 * Find a certificate that NLSR has. First it checks against the
57 * certificates this NLSR claims to be authoritative for, usually
58 * something like this specific router's certificate, and then
59 * checks the cache of certificates it has already fetched. If none
60 * can be found, it will return an null pointer.
61 */
Muktadir Chowdhuryf04f9892017-08-20 20:42:56 -0500[diff] [blame]62 const ndn::security::v2::Certificate*
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]63 find(const ndn::Name& keyName) const;
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]64
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]65 /*! \brief Retrieves the chain of certificates from Validator's cache and
66 * store them in Nlsr's own CertificateStore.
67 * \param keyName Name of the first key in the certificate chain.
68 */
69 void
70 publishCertFromCache(const ndn::Name& keyName);
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]71
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]72 void
73 afterFetcherSignalEmitted(const ndn::Data& lsaSegment);
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]74
75PUBLIC_WITH_TESTS_ELSE_PRIVATE:
76 void
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]77 clear();
78
79 void
80 setInterestFilter(const ndn::Name& prefix, const bool loopback = false);
81
82 void
83 registerKeyPrefixes();
84
85 void
86 onKeyInterest(const ndn::Name& name, const ndn::Interest& interest);
87
88 void
89 onKeyPrefixRegSuccess(const ndn::Name& name);
90
91 void
92 registrationFailed(const ndn::Name& name);
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]93
94private:
Muktadir Chowdhuryf04f9892017-08-20 20:42:56 -0500[diff] [blame]95 typedef std::map<ndn::Name, ndn::security::v2::Certificate> CertMap;
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]96 CertMap m_certificates;
Saurab Dulal427e0122019-11-28 11:58:02 -0600[diff] [blame^]97 ndn::Face& m_face;
98 ConfParameter& m_confParam;
99 Lsdb& m_lsdb;
100 ndn::security::ValidatorConfig& m_validator;
101 ndn::util::signal::ScopedConnection m_afterSegmentValidatedConnection;
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500[diff] [blame]102};
103
104} // namespace security
105} // namespace nlsr
106
107#endif // NLSR_CERTIFICATE_STORE_HPP