26 #include <ndn-cxx/util/io.hpp>
36 , m_confParam(confParam)
37 , m_validator(m_confParam.getValidator())
39 for (
const auto& certfile : confParam.
getIdCerts()) {
40 std::ifstream ifs(certfile);
41 insert(ndn::io::loadTlv<ndn::security::Certificate>(ifs));
44 registerKeyPrefixes();
53 m_certificates[certificate.getKeyName()] = certificate;
57 const ndn::security::Certificate*
60 if (ndn::security::Certificate::isValidName(name)) {
61 return findByCertName(name);
63 return findByKeyName(name);
66 const ndn::security::Certificate*
67 CertificateStore::findByKeyName(
const ndn::Name& keyName)
const
69 auto it = m_certificates.find(keyName);
70 return it != m_certificates.end() ? &it->second :
nullptr;
73 const ndn::security::Certificate*
74 CertificateStore::findByCertName(
const ndn::Name& certName)
const
76 auto found = findByKeyName(ndn::security::extractKeyNameFromCertName(certName));
77 if (found ==
nullptr || found->getName() != certName) {
84 CertificateStore::clear()
86 m_certificates.clear();
90 CertificateStore::setInterestFilter(
const ndn::Name& prefix,
bool loopback)
92 m_face.setInterestFilter(ndn::InterestFilter(prefix).allowLoopback(loopback),
93 std::bind(&CertificateStore::onKeyInterest,
this, _1, _2),
94 std::bind(&CertificateStore::onKeyPrefixRegSuccess,
this, _1),
95 std::bind(&CertificateStore::registrationFailed,
this, _1),
100 CertificateStore::registerKeyPrefixes()
102 std::vector<ndn::Name> prefixes;
106 nlsrKeyPrefix.append(
"nlsr");
107 nlsrKeyPrefix.append(ndn::security::Certificate::KEY_COMPONENT);
108 prefixes.push_back(nlsrKeyPrefix);
112 routerKeyPrefix.append(ndn::security::Certificate::KEY_COMPONENT);
113 prefixes.push_back(routerKeyPrefix);
116 ndn::Name operatorKeyPrefix = m_confParam.
getNetwork();
117 operatorKeyPrefix.append(m_confParam.
getSiteName());
118 operatorKeyPrefix.append(std::string(
"%C1.Operator"));
119 prefixes.push_back(operatorKeyPrefix);
122 ndn::Name siteKeyPrefix = m_confParam.
getNetwork();
124 siteKeyPrefix.append(ndn::security::Certificate::KEY_COMPONENT);
125 prefixes.push_back(siteKeyPrefix);
129 for (
const auto& i : prefixes) {
130 setInterestFilter(i);
135 CertificateStore::onKeyInterest(
const ndn::Name&,
const ndn::Interest& interest)
137 NLSR_LOG_DEBUG(
"Got interest for certificate. Interest: " << interest.getName());
139 const auto* cert =
find(interest.getName());
149 CertificateStore::onKeyPrefixRegSuccess(
const ndn::Name& name)
151 NLSR_LOG_DEBUG(
"KEY prefix: " << name <<
" registration is successful");
155 CertificateStore::registrationFailed(
const ndn::Name& name)
158 NDN_THROW(std::runtime_error(
"Prefix registration failed"));
164 const auto* cert = m_validator.getUnverifiedCertCache().find(keyName);
169 ndn::Name certName = ndn::security::extractKeyNameFromCertName(cert->getName());
172 setInterestFilter(certName);
174 const ndn::Name& keyLocatorName = cert->getSignatureInfo().getKeyLocator().getName();
175 if (cert->getKeyName() != keyLocatorName) {
181 NLSR_LOG_TRACE(
"Cert for " << keyName <<
" was not found in the Validator's cache. ");
188 const auto keyName = lsaSegment.getSignatureInfo().getKeyLocator().getName();
189 if (!
find(keyName)) {
194 NLSR_LOG_TRACE(
"Certificate is already in the store: " << keyName);
A class to house all the configuration parameters for NLSR.
const ndn::security::SigningInfo & getSigningInfo() const
const ndn::Name & getSiteName() const
const std::unordered_set< std::string > & getIdCerts() const
const ndn::Name & getNetwork() const
const ndn::Name & getRouterPrefix() const
ndn::util::Signal< Lsdb, ndn::Data > afterSegmentValidatedSignal
Store certificates for names.
const ndn::security::Certificate * find(const ndn::Name &name) const
Find a certificate.
void insert(const ndn::security::Certificate &certificate)
void afterFetcherSignalEmitted(const ndn::Data &lsaSegment)
CertificateStore(ndn::Face &face, ConfParameter &confParam, Lsdb &lsdb)
void publishCertFromCache(const ndn::Name &keyName)
Retrieves the chain of certificates from Validator's cache and store them in Nlsr's own CertificateSt...
Copyright (c) 2014-2018, The University of Memphis, Regents of the University of California.
#define NLSR_LOG_DEBUG(x)
#define INIT_LOGGER(name)
#define NLSR_LOG_ERROR(x)
#define NLSR_LOG_TRACE(x)
Copyright (c) 2014-2020, The University of Memphis, Regents of the University of California.