Project

General

Profile

Actions

Task #5075

closed

Refactor Certificate Storage Class

Added by Saurab Dulal almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:

Description

Currently, the certificate management (serving and fetching) is done inside the NLSR class. This complicates testing and also increases complexities.

Actions #1

Updated by Saurab Dulal almost 5 years ago

The primary reason for this refactor is to modularize NLSR. Currently, all the certificate related task is in nlsr.cpp which has unnecessarily bloated the nlsr.cpp and has no logical reason to be there. This refactoring isolates certificate storage from nlsr class and is moved to its own class (CertificateStore), will make code testing much easier, and will also open possibilities of using repo for the certificate management in the future.

Additionally, the refactoring is also supposed to remove several redundant codes and make nlsr key initialization independent of NLSR class.

Actions #2

Updated by Saurab Dulal almost 5 years ago

The function CertificateStore::publishCertFromCache is tested using a minindn integration test using the following 4 node topology.

A ++++++ B 
+        +
+        + 
+        + 
C        D

Notes:
Use case of CertificateStorage::getUnverifiedCertCache , and mechanism on how the cert gets inserted to the validator’s cache.

When the library retrieves a certificate Data packet, the certificate cannot be trusted until the certificate chain starting from a trust anchor has been retrieved and verified. The unverified certificate Data packet needs to stay somewhere when the certificates higher in the hierarchy are being retrieved, hence the library has an unverified cert cache. After the whole certificate chain has been retrieved and verified, the certificates can be moved to a trusted cert cache so that future validations that involve these certificates can be completed faster, without re-fetching the certificate chain. - Junxiao

Actions #3

Updated by Ashlesh Gawande almost 5 years ago

Can be closed?

Actions #4

Updated by Ashlesh Gawande almost 5 years ago

  • Status changed from New to Closed
  • Start date deleted (01/19/2020)
  • % Done changed from 80 to 100
Actions

Also available in: Atom PDF