NFD » ndn-cxx

TrustAnchorContainer is a member of validator::KeyManager, which manages pre-trusted keys.

There are two types of pre trusted keys: static which once loaded will stay in the container forever, and dynamic which will be refreshed every certain period.
Keys can be reloaded from a file path. When the path points to a file, a key will be loaded from the file; when the path points to a directory, all the keys under the directory will be loaded.

TrustAnchors can be searched by key name and interest, it can also be searched by group. Each group of dynamic keys are assigned an ID. For example, if all dynamic keys under a directory could be grouped together and share the same ID.

class TrustAnchorContainer
{
public:
  TrustAnchorContainer();

  ~TrustAnchorContainer();

  // @brief Insert static trust anchor from data packet.
  void
  insert(const shared_ptr<Data> idCert, const std::string& id = "");

  //@brief Insert dynamic trust anchor from path.
  void
  insert(const std::string& groupId, const std::string& certfilePath,
         const time::nanoseconds& refreshPeriod, bool isDir = false);

  // @brief Get certificate given key name
  shared_ptr<const Data>
  find(const Name& keyName);

  // @brief   Get certificate given interest
  shared_ptr<const Data>
  find(const Interest& interest);

  // @brief Get certificates under id
  const std::list<shared_ptr<const Data>>
  findById(const std::string& id);

private:
  // @brief Refresh anchors, triggered by find
  void
  refreshAnchors();

private:
  AnchorList m_anchors; // List of anchors indexed by name
  AnchorIndex m_anchorIndex; // Anchor index, indexed on id and expire time
};