Project

General

Profile

Feature #5005

CertificateBundle publisher

Added by Junxiao Shi 9 months ago. Updated 3 days ago.

Status:
New
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
6.00 h

Description

Implement CertificateBundle publisher API, as specified in #2766-30.

This issue includes these types:

  • CertBundleHandle
  • ScopedCertBundleHandle
  • CertBundleBuilder

Checklist

  • CertBundleHandle
  • ScopedCertBundleHandle
  • CertBundleBuilder

Related issues

Blocks ndn-cxx - Feature #5006: CertificateBundle producerNewJeremy Clark

Actions
Blocked by ndn-cxx - Feature #5004: CertificateBundle encoding and decodingIn ProgressJeremy Clark

Actions
#1

Updated by Junxiao Shi 9 months ago

#2

Updated by Junxiao Shi 9 months ago

  • Blocked by Feature #5004: CertificateBundle encoding and decoding added
#3

Updated by Junxiao Shi 9 months ago

  • Tags set to CertificateBundle
#4

Updated by Jeremy Clark 24 days ago

/** \brief Unpublish certificate bundle upon destruction.
*/
class ScopedCertBundleHandle;

Is there an example of how I would implemented this?

// The CertBundleBuilder can collect intermediate certificates from the local KeyChain, caches in a
// CertificateStorage, or the network via a fetcher.

Does this mean the builder can search through all three for the same certificate if they were set by the application?

#5

Updated by Jeremy Clark 23 days ago

/** \brief Emitted when state has changed.
*/
signal::Signal& afterStateChange;
// CertBundleHandle type must be copyable. Thus, this signal must live elsewhere
// (e.g. an internal struct owned by CertBundleBuilder) and only a reference is stored.

I'm also not sure how this should work. According to the documentation, only the owner of a signal can emit it. (https://github.com/named-data/ndn-cxx/blob/master/ndn-cxx/util/signal/signal.hpp#L46).
Why must the handle be copyable?

I can house the signal in the Handle class and have the builder possess a shared pointer to the handle instead. Is there an issue with this implementation?

#6

Updated by Junxiao Shi 18 days ago

// The CertBundleBuilder can collect intermediate certificates from the local KeyChain, caches in a
// CertificateStorage, or the network via a fetcher.

Does this mean the builder can search through all three for the same certificate if they were set by the application?

Yes.

Why must the handle be copyable?

It simplifies calling code, and allows CertBundleBuilder to control lifetime of the handle.

You can have CertBundleHandle hold a weak pointer to some internal structure, and forward every function call to methods on that internal structure. The CertBundleBuilder is the only entity that has a shared pointer to that internal structure.

#7

Updated by Jeremy Clark 16 days ago

\brief Enable retrieving certificates using a CertificateFetcher.
\pre setStorage has been invoked.

void
setFetcher(CertificateFetcher& fetcher);

Could you give a brief overview of how the CertBundleBuilder would use the CertificateFetcher? From what I understand, the CertificateFetcher requires a Validator. Specifically, the fetch function needs to be passed ValidationContinuation and ValidationState in addition to a CertificateRequest.

#8

Updated by Junxiao Shi 16 days ago

the CertificateFetcher requires a Validator.

CertificateFetcher is normally used in the context of a Validator, but it does not require a Validator.

the fetch function needs to be passed ValidationContinuation and ValidationState in addition to a CertificateRequest.

Pass a callback function as ValidationContinuation, to receive the certificate that has been retrieved.
Make a subclass of ValidationState, and override its fail method, to get notified when certificate retrieval has failed.

#9

Updated by Jeremy Clark 9 days ago

/** \brief Unpublish certificate bundle upon destruction.
*/
class ScopedCertBundleHandle;

Could you explain how this class works a little more? What exactly does "unpublish" mean here? Just deleting the CertBundleHandle? What else needs to be done?

#10

Updated by Junxiao Shi 9 days ago

Destructor of ScopedCertBundleHandle invokes CertBundleHandle::cancel(). Both function would set the state of CertBundleHandle to UNPUBLISHED.
Depending on where a certificate bundle is published, this triggers the following actions:

  • CertBundleImsInserter(wantDelete=false) does nothing.
  • CertBundleImsInserter(wantDelete=true) deletes Data packets associated with the certificate bundle from the IMS.
  • CertBundleProducer stops responding to Interests with Data packets associated with the certificate bundle, and unregisters the prefix if it's not needed from any other published Data.
  • CertBundleRepongInserter(wantDelete=false) does nothing.
  • CertBundleRepongInserter(wantDelete=true) deletes Data packets associated with the certificate bundle from the repo.

Regarding CertBundleRepongInserter: please hold off on implementing this class. ndn-python-repo is being designed to replace repo-ng software, and it uses a different protocol.
CertBundleRepongInserter will be replaced with CertBundlePyRepoInserter, once ndn-python-repo resolves their protocol issues.
API design of CertBundleRepongInserter is directly adoptable to CertBundlePyRepoInserter.

#11

Updated by Jeremy Clark 8 days ago

Should the CertBundleBuilder maintain the CertBundleHandles returned by add internally at all?

#12

Updated by Junxiao Shi 8 days ago

Should the CertBundleBuilder maintain the CertBundleHandles returned by add internally at all?

CertBundleHandle is a copyable handle. Each handle has a weak pointer to some internal object that reflects the publishing state of the CertBundle. Every copy of CertBundleHandle points to the same internal object.
The only shared pointer of that internal object is owned by CertBundleBuilder, and is deleted when the CertBundle is unpublished.
When CertBundleHandle finds its weak pointer becomes empty, its state becomes UNPUBLISHED, and its cancel() method becomes a no-op.

#13

Updated by Alex Afanasyev 3 days ago

  • Tags changed from CertificateBundle to CertificateBundle, security

Also available in: Atom PDF