The certificate following the certificate format naming convention. More...

#include <certificate.hpp>

Inheritance diagram for ndn::security::v2::Certificate:

Collaboration diagram for ndn::security::v2::Certificate:

Public Member Functions
	Certificate ()

	Certificate (Data &&data)
	Construct certificate from a data object. More...

	Certificate (const Data &data)
	Construct certificate from a data object. More...

	Certificate (const Block &block)
	Construct certificate from a wire encoding. More...

Name	getKeyName () const
	Get key name. More...

Name	getIdentity () const
	Get identity name. More...

name::Component	getKeyId () const
	Get key ID. More...

name::Component	getIssuerId () const
	Get issuer ID. More...

Buffer	getPublicKey () const
	Get public key bits (in PKCS#8 format) More...

ValidityPeriod	getValidityPeriod () const
	Get validity period of the certificate. More...

bool	isValid (const time::system_clock::TimePoint &ts=time::system_clock::now()) const
	Check if the certificate is valid at `ts`. More...

const Block &	getExtension (uint32_t type) const
	Get extension with TLV `type`. More...

template<encoding::Tag TAG>
size_t	wireEncode (EncodingImpl< TAG > &encoder, bool wantUnsignedPortionOnly=false) const
	Fast encoding or block size estimation. More...

const Block &	wireEncode () const
	Encode to a wire format. More...

const Block &	wireEncode (EncodingBuffer &encoder, const Block &signatureValue) const
	Finalize Data packet encoding with the specified SignatureValue. More...

void	wireDecode (const Block &wire)
	Decode from the wire format. More...

bool	hasWire () const
	Check if Data is already has wire encoding. More...

const Name &	getName () const
	Get name of the Data packet. More...

Data &	setName (const Name &name)
	Set name to a copy of the given Name. More...

const Name &	getFullName () const
	Get full name of Data packet, including the implicit digest. More...

const MetaInfo &	getMetaInfo () const
	Get MetaInfo block from Data packet. More...

Data &	setMetaInfo (const MetaInfo &metaInfo)
	Set metaInfo to a copy of the given MetaInfo. More...

uint32_t	getContentType () const

Data &	setContentType (uint32_t type)

const time::milliseconds &	getFreshnessPeriod () const

Data &	setFreshnessPeriod (const time::milliseconds &freshnessPeriod)

const name::Component &	getFinalBlockId () const

Data &	setFinalBlockId (const name::Component &finalBlockId)

const Block &	getContent () const
	Get content Block. More...

Data &	setContent (const uint8_t *buffer, size_t bufferSize)
	Set the content from the buffer (buffer will be copied) More...

Data &	setContent (const Block &block)
	Set the content from the block. More...

Data &	setContent (const ConstBufferPtr &contentValue)
	Set the content from the pointer to immutable buffer. More...

const Signature &	getSignature () const

Data &	setSignature (const Signature &signature)
	Set the signature to a copy of the given signature. More...

Data &	setSignatureValue (const Block &value)

bool	operator== (const Data &other) const

bool	operator!= (const Data &other) const

template<typename T >
shared_ptr< T >	getTag () const
	get a tag item More...

template<typename T >
void	setTag (shared_ptr< T > tag) const
	set a tag item More...

template<typename T >
void	removeTag () const
	remove tag item More...

Static Public Member Functions
static bool	isValidName (const Name &certName)
	Check if the specified name follows the naming convention for the certificate. More...

Static Public Attributes
static const ssize_t	VERSION_OFFSET = -1

static const ssize_t	ISSUER_ID_OFFSET = -2

static const ssize_t	KEY_COMPONENT_OFFSET = -4

static const ssize_t	KEY_ID_OFFSET = -3

static const size_t	MIN_CERT_NAME_LENGTH = 4

static const size_t	MIN_KEY_NAME_LENGTH = 2

static const name::Component	KEY_COMPONENT

Protected Member Functions
void	onChanged ()
	Clear the wire encoding. More...

Detailed Description

The certificate following the certificate format naming convention.

Overview of NDN certificate format:

CertificateV2 ::= DATA-TLV TLV-LENGTH
                    Name      (= /<NameSpace>/KEY/[KeyId]/[IssuerId]/[Version])
                    MetaInfo  (.ContentType = KEY)
                    Content   (= X509PublicKeyContent)
                    SignatureInfo (= CertificateV2SignatureInfo)
                    SignatureValue

X509PublicKeyContent ::= CONTENT-TLV TLV-LENGTH
                           BYTE+ (= public key bits in PKCS#8 format)

CertificateV2SignatureInfo ::= SIGNATURE-INFO-TYPE TLV-LENGTH
                                 SignatureType
                                 KeyLocator
                                 ValidityPeriod
                                 ... optional critical or non-critical extension blocks ...

An example of NDN certificate name:

/edu/ucla/cs/yingdi/KEY/%03%CD...%F1/%9F%D3...%B7/%FD%d2...%8E
\_________________/    \___________/ \___________/\___________/

Certificate Namespace Key Id Issuer Id Version (Identity) __________________________________/ Key Name

Notes:

Key Id is opaque name component to identify an instance of the public key for the certificate namespace. The value of Key ID is controlled by the namespace owner. The library includes helpers for generation of key IDs using 8-byte random number, SHA-256 digest of the public key, timestamp, and the specified numerical identifiers.
Issuer Id is opaque name component to identify issuer of the certificate. The value is controlled by the issuer. The library includes helpers to set issuer ID to a 8-byte random number, SHA-256 digest of the issuer's public key, and the specified numerical identifiers.
Key Name is a logical name of the key used for management pursposes. Key Name includes the certificate namespace, keyword KEY, and KeyId components.

See also: doc/specs/certificate-format.rst

Definition at line 81 of file v2/certificate.hpp.

Constructor & Destructor Documentation

ndn::security::v2::Certificate::Certificate ( )

Definition at line 48 of file v2/certificate.cpp.

ndn::security::v2::Certificate::Certificate ( Data && data )

explicit

Construct certificate from a data object.

Exceptions

tlv::Error if data does not follow certificate format

Definition at line 53 of file v2/certificate.cpp.

ndn::security::v2::Certificate::Certificate ( const Data & data )

explicit

Construct certificate from a data object.

Exceptions

tlv::Error if data does not follow certificate format

Definition at line 70 of file v2/certificate.cpp.

ndn::security::v2::Certificate::Certificate ( const Block & block )

explicit

Construct certificate from a wire encoding.

Exceptions

tlv::Error if wire encoding is invalid or does not follow certificate format

Definition at line 75 of file v2/certificate.cpp.

Member Function Documentation

const Block & ndn::Data::getContent ( ) const

inherited

Get content Block.

To access content value, one can use value()/value_size() or value_begin()/value_end() methods of the Block class

Definition at line 230 of file data.cpp.

uint32_t ndn::Data::getContentType ( ) const

inlineinherited

Definition at line 330 of file data.hpp.

const Block & ndn::security::v2::Certificate::getExtension ( uint32_t type ) const

Get extension with TLV type.

Exceptions

ndn::SignatureInfo::Error if the specified block type does not exist

Definition at line 125 of file v2/certificate.cpp.

const name::Component & ndn::Data::getFinalBlockId ( ) const

inlineinherited

Definition at line 342 of file data.hpp.

const time::milliseconds & ndn::Data::getFreshnessPeriod ( ) const

inlineinherited

Definition at line 336 of file data.hpp.

const Name & ndn::Data::getFullName ( ) const

inherited

Get full name of Data packet, including the implicit digest.

Exceptions

Error if Data packet doesn't have a full name yet (wire encoding has not been yet created)

Definition at line 179 of file data.cpp.

Name ndn::security::v2::Certificate::getIdentity ( ) const

Get identity name.

Definition at line 87 of file v2/certificate.cpp.

name::Component ndn::security::v2::Certificate::getIssuerId ( ) const

Get issuer ID.

Definition at line 99 of file v2/certificate.cpp.

name::Component ndn::security::v2::Certificate::getKeyId ( ) const

Get key ID.

Definition at line 93 of file v2/certificate.cpp.

Name ndn::security::v2::Certificate::getKeyName ( ) const

Get key name.

Definition at line 81 of file v2/certificate.cpp.

const MetaInfo & ndn::Data::getMetaInfo ( ) const

inlineinherited

Get MetaInfo block from Data packet.

Definition at line 324 of file data.hpp.

const Name & ndn::Data::getName ( ) const

inlineinherited

Get name of the Data packet.

Definition at line 318 of file data.hpp.

Buffer ndn::security::v2::Certificate::getPublicKey ( ) const

Get public key bits (in PKCS#8 format)

Exceptions

Error If content is empty

Definition at line 105 of file v2/certificate.cpp.

const Signature & ndn::Data::getSignature ( ) const

inlineinherited

Definition at line 348 of file data.hpp.

template<typename T >

shared_ptr< T > ndn::TagHost::getTag ( ) const

inlineinherited

get a tag item

Template Parameters

T	type of the tag, which must be a subclass of ndn::Tag

Return values

nullptr if no Tag of type T is stored

Definition at line 67 of file tag-host.hpp.

ValidityPeriod ndn::security::v2::Certificate::getValidityPeriod ( ) const

Get validity period of the certificate.

Definition at line 113 of file v2/certificate.cpp.

bool ndn::Data::hasWire ( ) const

inlineinherited

Check if Data is already has wire encoding.

Definition at line 312 of file data.hpp.

bool ndn::security::v2::Certificate::isValid ( const time::system_clock::TimePoint & ts = time::system_clock::now() ) const

Check if the certificate is valid at ts.

Definition at line 119 of file v2/certificate.cpp.

bool ndn::security::v2::Certificate::isValidName ( const Name & certName )

static

Check if the specified name follows the naming convention for the certificate.

Definition at line 131 of file v2/certificate.cpp.

void ndn::Data::onChanged ( )

protectedinherited

Clear the wire encoding.

Definition at line 293 of file data.cpp.

bool ndn::Data::operator!= ( const Data & other ) const

inherited

Definition at line 314 of file data.cpp.

bool ndn::Data::operator== ( const Data & other ) const

inherited

Definition at line 305 of file data.cpp.

template<typename T >

void ndn::TagHost::removeTag ( ) const

inlineinherited

remove tag item

Note: Tag can be removed even on a const tag host instance

Definition at line 94 of file tag-host.hpp.

Data & ndn::Data::setContent	(	const uint8_t *	buffer,
		size_t	bufferSize
	)

inherited

Set the content from the buffer (buffer will be copied)

Parameters

buffer	Pointer to first byte of the buffer
bufferSize	Size of the buffer

Returns: This Data so that you can chain calls to update values.

Definition at line 241 of file data.cpp.

Data & ndn::Data::setContent ( const Block & block )

inherited

Set the content from the block.

Depending on type of the supplied block, there are two cases:

if block.type() == tlv::Content, then block will be used directly as Data packet's content (no extra copying)
if block.type() != tlv::Content, then this method will create a new Block with type tlv::Content and put block as a nested element in the content Block.

Parameters

block The Block containing the content to assign

Returns: This Data so that you can chain calls to update values.

Definition at line 261 of file data.cpp.

Data & ndn::Data::setContent ( const ConstBufferPtr & contentValue )

inherited

Set the content from the pointer to immutable buffer.

This method will create a Block with tlv::Content and set contentValue as a payload for this block. Note that this method is very different from setContent(const Block&), since it does not require that payload should be a valid TLV element.

Parameters

contentValue The pointer to immutable buffer containing the content to assign

Returns: This Data so that you can chain calls to update values.

Definition at line 251 of file data.cpp.

Data & ndn::Data::setContentType ( uint32_t type )

inherited

Definition at line 203 of file data.cpp.

Data & ndn::Data::setFinalBlockId ( const name::Component & finalBlockId )

inherited

Definition at line 221 of file data.cpp.

Data & ndn::Data::setFreshnessPeriod ( const time::milliseconds & freshnessPeriod )

inherited

Definition at line 212 of file data.cpp.

Data & ndn::Data::setMetaInfo ( const MetaInfo & metaInfo )

inherited

Set metaInfo to a copy of the given MetaInfo.

Returns: This Data so that you can chain calls to update values.

Definition at line 194 of file data.cpp.

Data & ndn::Data::setName ( const Name & name )

inherited

Set name to a copy of the given Name.

Returns: This Data so that you can chain calls to update values

Definition at line 170 of file data.cpp.

Data & ndn::Data::setSignature ( const Signature & signature )

inherited

Set the signature to a copy of the given signature.

Parameters

signature The signature object which is cloned.

Definition at line 275 of file data.cpp.

Data & ndn::Data::setSignatureValue ( const Block & value )

inherited

Definition at line 284 of file data.cpp.

template<typename T >

void ndn::TagHost::setTag ( shared_ptr< T > tag ) const

inlineinherited

set a tag item

Template Parameters

T	type of the tag, which must be a subclass of ndn::Tag

Note: Tag can be set even on a const tag host instance

Definition at line 80 of file tag-host.hpp.

void ndn::Data::wireDecode ( const Block & wire )

inherited

Decode from the wire format.

Definition at line 135 of file data.cpp.

template<encoding::Tag TAG>

size_t ndn::Data::wireEncode	(	EncodingImpl< TAG > &	encoder,
		bool	wantUnsignedPortionOnly = `false`
	)		const

inherited

Fast encoding or block size estimation.

Parameters

encoder	EncodingEstimator or EncodingBuffer instance
wantUnsignedPortionOnly	Request only unsigned portion to be encoded in block. If true, only Name, MetaInfo, Content, and SignatureInfo blocks will be encoded into the block. Note that there will be no outer TLV header of the Data packet.

Definition at line 52 of file data.cpp.

const Block & ndn::Data::wireEncode ( ) const

inherited

Encode to a wire format.

Definition at line 119 of file data.cpp.

const Block & ndn::Data::wireEncode	(	EncodingBuffer &	encoder,
		const Block &	signatureValue
	)		const

inherited

Finalize Data packet encoding with the specified SignatureValue.

Parameters

encoder	EncodingBuffer instance, containing Name, MetaInfo, Content, and SignatureInfo (without outer TLV header of the Data packet).
signatureValue	SignatureValue block to be added to Data packet to finalize the wire encoding

This method is intended to be used in concert with Data::wireEncode(EncodingBuffer&, true) method to optimize Data packet wire format creation:

Data data;
...
EncodingBuffer encoder;
data.wireEncode(encoder, true);
...
Block signatureValue = <sign_over_unsigned_portion>(encoder.buf(), encoder.size());
data.wireEncode(encoder, signatureValue)

Definition at line 106 of file data.cpp.

Field Documentation

const ssize_t ndn::security::v2::Certificate::ISSUER_ID_OFFSET = -2

static

Definition at line 167 of file v2/certificate.hpp.

const name::Component ndn::security::v2::Certificate::KEY_COMPONENT

static

Definition at line 172 of file v2/certificate.hpp.

const ssize_t ndn::security::v2::Certificate::KEY_COMPONENT_OFFSET = -4

static

Definition at line 168 of file v2/certificate.hpp.

const ssize_t ndn::security::v2::Certificate::KEY_ID_OFFSET = -3

static

Definition at line 169 of file v2/certificate.hpp.

const size_t ndn::security::v2::Certificate::MIN_CERT_NAME_LENGTH = 4

static

Definition at line 170 of file v2/certificate.hpp.

const size_t ndn::security::v2::Certificate::MIN_KEY_NAME_LENGTH = 2

static

Definition at line 171 of file v2/certificate.hpp.

const ssize_t ndn::security::v2::Certificate::VERSION_OFFSET = -1

static

Definition at line 166 of file v2/certificate.hpp.

ndn-cxx: NDN C++ library with eXperimental eXtensions 0.5.1 documentation

Public Member Functions

Static Public Member Functions

Static Public Attributes

Protected Member Functions

Detailed Description

Constructor & Destructor Documentation

Member Function Documentation

Field Documentation