Task #5075

Refactor Certificate Storage Class

Added by Saurab Dulal 8 months ago. Updated 7 months ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:


Currently, the certificate management (serving and fetching) is done inside the NLSR class. This complicates testing and also increases complexities.


Updated by Saurab Dulal 8 months ago

The primary reason for this refactor is to modularize NLSR. Currently, all the certificate related task is in nlsr.cpp which has unnecessarily bloated the nlsr.cpp and has no logical reason to be there. This refactoring isolates certificate storage from nlsr class and is moved to its own class (CertificateStore), will make code testing much easier, and will also open possibilities of using repo for the certificate management in the future.

Additionally, the refactoring is also supposed to remove several redundant codes and make nlsr key initialization independent of NLSR class.


Updated by Saurab Dulal 7 months ago

The function CertificateStore::publishCertFromCache is tested using a minindn integration test using the following 4 node topology.

A ++++++ B 
+        +
+        + 
+        + 
C        D

Use case of CertificateStorage::getUnverifiedCertCache , and mechanism on how the cert gets inserted to the validator’s cache.

When the library retrieves a certificate Data packet, the certificate cannot be trusted until the certificate chain starting from a trust anchor has been retrieved and verified. The unverified certificate Data packet needs to stay somewhere when the certificates higher in the hierarchy are being retrieved, hence the library has an unverified cert cache. After the whole certificate chain has been retrieved and verified, the certificates can be moved to a trusted cert cache so that future validations that involve these certificates can be completed faster, without re-fetching the certificate chain. - Junxiao


Updated by Ashlesh Gawande 7 months ago

Can be closed?


Updated by Ashlesh Gawande 7 months ago

  • Status changed from New to Closed
  • Start date deleted (01/19/2020)
  • % Done changed from 80 to 100

Also available in: Atom PDF