Gitiles
Code Review Sign In
gerrit.named-data.net / ndns / 948c50c68bf5a459dd3645d39d098438ed901ed8 / . / src / validator / certificate-fetcher-ndns-cert.hpp
blob: f0df9182a8521dea024382597f8d56cacf350847 [file] [log] [blame]
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]2/*
3 * Copyright (c) 2014-2020, Regents of the University of California.
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]4 *
5 * This file is part of NDNS (Named Data Networking Domain Name Service).
6 * See AUTHORS.md for complete list of NDNS authors and contributors.
7 *
8 * NDNS is free software: you can redistribute it and/or modify it under the terms
9 * of the GNU General Public License as published by the Free Software Foundation,
10 * either version 3 of the License, or (at your option) any later version.
11 *
12 * NDNS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
14 * PURPOSE. See the GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * NDNS, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20#ifndef NDNS_VALIDATOR_CERTIFICATE_FETCHER_NDNS_CERT_HPP
21#define NDNS_VALIDATOR_CERTIFICATE_FETCHER_NDNS_CERT_HPP
22
23#include <ndn-cxx/face.hpp>
24#include <ndn-cxx/ims/in-memory-storage.hpp>
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]25#include <ndn-cxx/security/certificate-fetcher.hpp>
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]26
27namespace ndn {
28namespace ndns {
29
30/**
31 * @brief Fetch NDNS-owned certificate by an iterative query process
32 */
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]33class CertificateFetcherNdnsCert : public security::CertificateFetcher
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]34{
35public:
36 explicit
37 CertificateFetcherNdnsCert(Face& face,
38 size_t nsCacheSize = 100,
39 size_t startComponentIndex = 0);
40
41 InMemoryStorage*
42 getNsCache()
43 {
44 return m_nsCache.get();
45 }
46
47protected:
48 void
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]49 doFetch(const shared_ptr<security::CertificateRequest>& certRequest,
50 const shared_ptr<security::ValidationState>& state,
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]51 const ValidationContinuation& continueValidation) override;
52
53private:
54 /**
55 * @brief Callback invoked when NS rrset of the domain is retrived, including nack rrset
56 */
57 void
58 nsSuccessCallback(const Data& data,
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]59 const shared_ptr<security::CertificateRequest>& certRequest,
60 const shared_ptr<security::ValidationState>& state,
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]61 const ValidationContinuation& continueValidation);
62
63 /**
64 * @brief Callback invoked when iterative query failed
65 *
66 * @todo retry for some amount of time
67 */
68 void
69 nsFailCallback(const std::string& errMsg,
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]70 const shared_ptr<security::CertificateRequest>& certRequest,
71 const shared_ptr<security::ValidationState>& state,
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]72 const ValidationContinuation& continueValidation);
73
74 /**
75 * @brief get NDNS query's domainName and label name by parsing keylocator
76 *
77 * The return result is the name prefix before "/NDNS"
78 */
79 Name
80 calculateDomain(const Name& key);
81
82 /**
83 * @brief Callback invoked when certificate is retrieved.
84 */
85 void
86 dataCallback(const Data& data,
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]87 const shared_ptr<security::CertificateRequest>& certRequest,
88 const shared_ptr<security::ValidationState>& state,
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]89 const ValidationContinuation& continueValidation);
90 /**
91 * @brief Callback invoked when interest for fetching certificate gets NACKed.
92 *
93 * It will retry if certRequest->m_nRetriesLeft > 0
94 *
95 * @todo Delay retry for some amount of time
96 */
97 void
98 nackCallback(const lp::Nack& nack,
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]99 const shared_ptr<security::CertificateRequest>& certRequest,
100 const shared_ptr<security::ValidationState>& state,
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]101 const ValidationContinuation& continueValidation);
102
103 /**
104 * @brief Callback invoked when interest for fetching certificate times out.
105 *
106 * It will retry if certRequest->m_nRetriesLeft > 0
107 */
108 void
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]109 timeoutCallback(const shared_ptr<security::CertificateRequest>& certRequest,
110 const shared_ptr<security::ValidationState>& state,
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]111 const ValidationContinuation& continueValidation);
112protected:
113 Face& m_face;
114 unique_ptr<InMemoryStorage> m_nsCache;
115
116private:
117 size_t m_startComponentIndex;
118};
119
120} // namespace ndns
121} // namespace ndn
122
Alexander Afanasyev60514ec2020-06-03 14:18:53 -0400[diff] [blame]123#endif // NDNS_VALIDATOR_CERTIFICATE_FETCHER_NDNS_CERT_HPP