blob: a5109a831ad695bb8b17fe30c40564dba5c5fdd5 [file] [log] [blame]
Qiuhan Ding609f0612015-11-04 14:07:14 -08001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyev6aff0242017-08-29 17:14:44 -04002/*
Qiuhan Ding609f0612015-11-04 14:07:14 -08003 * Copyright (c) 2013-2017 Regents of the University of California.
4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#ifndef NDN_SECURITY_V2_CERTIFICATE_CACHE_HPP
23#define NDN_SECURITY_V2_CERTIFICATE_CACHE_HPP
24
25#include "../../interest.hpp"
26#include "certificate.hpp"
27
28#include <boost/multi_index_container.hpp>
29#include <boost/multi_index/ordered_index.hpp>
30#include <boost/multi_index/mem_fun.hpp>
31#include <boost/multi_index/member.hpp>
32
33namespace ndn {
34namespace security {
35namespace v2 {
36
37/**
38 * @brief Represents a container for verified certificates.
39 *
40 * A certificate is removed no later than its NotAfter time, or maxLifetime after it has been
41 * added to the cache.
42 */
43class CertificateCache : noncopyable
44{
45public:
46 /**
47 * @brief Create an object for certificate cache.
48 *
49 * @param maxLifetime the maximum time that certificates could live inside cache (default: 1 hour)
50 */
51 explicit
52 CertificateCache(const time::nanoseconds& maxLifetime = getDefaultLifetime());
53
54 /**
55 * @brief Insert certificate into cache.
56 *
57 * The inserted certificate will be removed no later than its NotAfter time, or maxLifetime
58 * defined during cache construction.
59 *
60 * @param cert the certificate packet.
61 */
62 void
63 insert(const Certificate& cert);
64
65 /**
Alexander Afanasyev6aff0242017-08-29 17:14:44 -040066 * @brief Remove all certificates from cache
67 */
68 void
69 clear();
70
71 /**
Qiuhan Ding609f0612015-11-04 14:07:14 -080072 * @brief Get certificate given key name
Alexander Afanasyev7e721412017-01-11 13:36:08 -080073 * @param certPrefix Certificate prefix for searching the certificate.
Qiuhan Ding609f0612015-11-04 14:07:14 -080074 * @return The found certificate, nullptr if not found.
75 *
76 * @note The returned value may be invalidated after next call to one of find methods.
77 */
78 const Certificate*
Alexander Afanasyev7e721412017-01-11 13:36:08 -080079 find(const Name& certPrefix) const;
Qiuhan Ding609f0612015-11-04 14:07:14 -080080
81 /**
82 * @brief Find certificate given interest
83 * @param interest The input interest packet.
84 * @return The found certificate that matches the interest, nullptr if not found.
85 *
86 * @note ChildSelector is not supported.
87 *
88 * @note The returned value may be invalidated after next call to one of find methods.
89 */
90 const Certificate*
Alexander Afanasyev7e721412017-01-11 13:36:08 -080091 find(const Interest& interest) const;
Qiuhan Ding609f0612015-11-04 14:07:14 -080092
93private:
94 class Entry
95 {
96 public:
97 Entry(const Certificate& cert, const time::system_clock::TimePoint& removalTime)
98 : cert(cert)
99 , removalTime(removalTime)
100 {
101 }
102
103 const Name&
104 getCertName() const
105 {
106 return cert.getName();
107 }
108
109 public:
110 Certificate cert;
111 time::system_clock::TimePoint removalTime;
112 };
113
114 /**
115 * @brief Remove all outdated certificate entries.
116 */
117 void
118 refresh();
119
120public:
121 static const time::nanoseconds&
122 getDefaultLifetime();
123
124private:
125 /// @todo Switch to InMemoryStorateTimeout after it is available (task #3917)
126 typedef boost::multi_index::multi_index_container<
127 Entry,
128 boost::multi_index::indexed_by<
129 boost::multi_index::ordered_non_unique<
130 boost::multi_index::member<Entry, const time::system_clock::TimePoint, &Entry::removalTime>
131 >,
132 boost::multi_index::ordered_unique<
133 boost::multi_index::const_mem_fun<Entry, const Name&, &Entry::getCertName>
134 >
135 >
136 > CertIndex;
137
138 typedef CertIndex::nth_index<0>::type CertIndexByTime;
139 typedef CertIndex::nth_index<1>::type CertIndexByName;
140 CertIndex m_certs;
141 CertIndexByTime& m_certsByTime;
142 CertIndexByName& m_certsByName;
143 time::nanoseconds m_maxLifetime;
144};
145
146} // namespace v2
147} // namespace security
148} // namespace ndn
149
150#endif // NDN_SECURITY_V2_CERTIFICATE_CACHE_HPP