Gitiles
Code Review Sign In
gerrit.named-data.net / ndnSIM / ndn-cxx / b3b95621351dd919aa2487ee9601a0174e0425df / . / ndn-cxx / security / trust-anchor-group.cpp
blob: 565c7608b60ee77a7dc90235dbcdeac68c21cdc0 [file] [log] [blame]
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]2/*
Davide Pesaventod8e0cad2021-05-26 21:43:47 -0400[diff] [blame]3 * Copyright (c) 2013-2021 Regents of the University of California.
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]22#include "ndn-cxx/security/trust-anchor-group.hpp"
Davide Pesavento7e780642018-11-24 15:51:34 -0500[diff] [blame]23#include "ndn-cxx/util/io.hpp"
24#include "ndn-cxx/util/logger.hpp"
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]25
Davide Pesaventod8e0cad2021-05-26 21:43:47 -0400[diff] [blame]26#if BOOST_VERSION >= 107200
27#include <boost/filesystem/directory.hpp>
28#endif
29#include <boost/filesystem/operations.hpp>
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]30#include <boost/range/adaptor/map.hpp>
31#include <boost/range/algorithm/copy.hpp>
32#include <boost/range/iterator_range.hpp>
33
34namespace ndn {
35namespace security {
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]36inline namespace v2 {
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]37
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]38NDN_LOG_INIT(ndn.security.TrustAnchorGroup);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]39
40namespace fs = boost::filesystem;
41
42TrustAnchorGroup::TrustAnchorGroup(CertContainerInterface& certContainer, const std::string& id)
43 : m_certs(certContainer)
44 , m_id(id)
45{
46}
47
Davide Pesavento7f20d6e2017-01-16 14:43:58 -0500[diff] [blame]48TrustAnchorGroup::~TrustAnchorGroup() = default;
49
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]50size_t
51TrustAnchorGroup::size() const
52{
53 return m_anchorNames.size();
54}
55
56void
57TrustAnchorGroup::refresh()
58{
59 // base method does nothing
60}
61
62//////////////
63
64StaticTrustAnchorGroup::StaticTrustAnchorGroup(CertContainerInterface& certContainer, const std::string& id)
65 : TrustAnchorGroup(certContainer, id)
66{
67}
68
69void
70StaticTrustAnchorGroup::add(Certificate&& cert)
71{
72 if (m_anchorNames.count(cert.getName()) != 0) {
73 return;
74 }
75
76 m_anchorNames.insert(cert.getName());
77 m_certs.add(std::move(cert));
78}
79
80void
81StaticTrustAnchorGroup::remove(const Name& certName)
82{
83 m_anchorNames.erase(certName);
84 m_certs.remove(certName);
85}
86
87/////////////
88
89DynamicTrustAnchorGroup::DynamicTrustAnchorGroup(CertContainerInterface& certContainer, const std::string& id,
90 const boost::filesystem::path& path,
91 time::nanoseconds refreshPeriod, bool isDir)
92 : TrustAnchorGroup(certContainer, id)
93 , m_isDir(isDir)
94 , m_path(path)
95 , m_refreshPeriod(refreshPeriod)
96{
97 if (refreshPeriod <= time::nanoseconds::zero()) {
Davide Pesavento923ba442019-02-12 22:00:38 -0500[diff] [blame]98 NDN_THROW(std::runtime_error("Refresh period for the dynamic group must be positive"));
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]99 }
100
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]101 NDN_LOG_TRACE("Create dynamic trust anchor group " << id << " for file/dir " << path
102 << " with refresh time " << refreshPeriod);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]103 refresh();
104}
105
106void
107DynamicTrustAnchorGroup::refresh()
108{
109 if (m_expireTime > time::steady_clock::now()) {
110 return;
111 }
112 m_expireTime = time::steady_clock::now() + m_refreshPeriod;
113 NDN_LOG_TRACE("Reloading dynamic trust anchor group");
114
115 std::set<Name> oldAnchorNames = m_anchorNames;
116
117 auto loadCert = [this, &oldAnchorNames] (const fs::path& file) {
118 auto cert = io::load<Certificate>(file.string());
119 if (cert != nullptr) {
120 if (m_anchorNames.count(cert->getName()) == 0) {
121 m_anchorNames.insert(cert->getName());
122 m_certs.add(std::move(*cert));
123 }
124 else {
125 oldAnchorNames.erase(cert->getName());
126 }
127 }
128 };
129
130 if (!m_isDir) {
131 loadCert(m_path);
132 }
Davide Pesaventod8e0cad2021-05-26 21:43:47 -0400[diff] [blame]133 else if (fs::exists(m_path)) {
134 std::for_each(fs::directory_iterator(m_path), fs::directory_iterator(), loadCert);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]135 }
136
137 // remove old certs
138 for (const auto& oldAnchorName : oldAnchorNames) {
139 m_anchorNames.erase(oldAnchorName);
140 m_certs.remove(oldAnchorName);
141 }
142}
143
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]144} // inline namespace v2
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]145} // namespace security
146} // namespace ndn