NdnIdentity

ndn_identity::identity

Struct NdnIdentity 

Source 
pub struct NdnIdentity { /* private fields */ }
Expand description

A named NDN identity with full lifecycle management.

NdnIdentity extends KeyChain with identity lifecycle operations: NDNCERT enrollment, fleet provisioning, DID-based trust, and background certificate renewal.

For the vast majority of applications — signing data and validating incoming packets — use KeyChain directly (available as ndn_app::KeyChain or ndn_security::KeyChain). Reach for NdnIdentity when you need:

  • enroll / provision — NDNCERT certificate issuance
  • from_did — trust bootstrapping from a DID document
  • diddid:ndn URI for this identity

Implementations§

Source§

impl NdnIdentity

Source

pub fn ephemeral(name: impl AsRef<str>) -> Result<Self, IdentityError>

Create an ephemeral, in-memory, self-signed identity.

Suitable for testing and short-lived producers. Keys are not persisted.

Source

pub fn open_or_create( path: &Path, name: impl AsRef<str>, ) -> Result<Self, IdentityError>

Open a persistent identity from a PIB directory, creating it if absent.

On first run, generates an Ed25519 key and self-signed certificate. On subsequent runs, loads the existing key and certificate.

Source

pub async fn enroll(config: EnrollConfig) -> Result<Self, IdentityError>

Enroll via NDNCERT using the given configuration.

Performs the full NDNCERT exchange: INFO → NEW → CHALLENGE. The issued certificate is persisted if config.storage is set.

Source

pub async fn provision(config: DeviceConfig) -> Result<Self, IdentityError>

Zero-touch device provisioning.

Selects a challenge type based on FactoryCredential, enrolls with the CA, and starts a background renewal task if requested.

Source

pub async fn from_did( did: &str, name: impl AsRef<str>, resolver: &UniversalResolver, ) -> Result<Self, IdentityError>

Bootstrap trust from a DID document and create a local ephemeral identity that trusts it.

  • did:key:… — public key used directly as a trust anchor.
  • did:ndn:… / did:web:… — document resolved via resolver.
Source

pub fn did(&self) -> String

The did:ndn URI for this identity.

Source

pub fn into_keychain(self) -> KeyChain

Convert this NdnIdentity into the underlying KeyChain.

The renewal task (if any) is dropped and its background task cancelled.

Methods from Deref<Target = KeyChain>§

Source

pub fn name(&self) -> &Name

The NDN name of this identity (e.g. /com/acme/alice).

Source

pub fn key_name(&self) -> &Name

The name of the active signing key (e.g. /com/acme/alice/KEY/v=0).

Source

pub fn signer(&self) -> Result<Arc<dyn Signer>, TrustError>

Get the signer for this identity.

Source

pub fn validator(&self) -> Validator

Build a Validator pre-configured with this identity’s trust anchors.

Uses TrustSchema::accept_all by default (any correctly-signed packet whose certificate chain terminates in a known anchor is accepted). For stricter namespace-based policy, call Validator::set_schema on the result or use TrustSchema::hierarchical.

Source

pub fn add_trust_anchor(&self, cert: Certificate)

Add an external trust anchor certificate.

Use this to accept data signed by a CA that was not issued by this identity (e.g., a network-wide trust anchor discovered via NDNCERT).

Source

pub fn cert_cache(&self) -> &CertCache

Access the certificate cache.

Useful for pre-populating the cache with known intermediate certificates before validation.

Source

pub fn sign_data(&self, builder: DataBuilder) -> Result<Bytes, TrustError>

Sign a Data packet using this KeyChain’s signing key.

Returns the encoded, signed Data wire bytes. Uses Ed25519 with the key locator set to this identity’s key name.

§Errors

Returns TrustError if the signing key is not available.

Source

pub fn sign_interest( &self, builder: InterestBuilder, ) -> Result<Bytes, TrustError>

Sign an Interest using this KeyChain’s signing key.

Returns the encoded, signed Interest wire bytes. Uses Ed25519 with the key locator set to this identity’s key name.

§Errors

Returns TrustError if the signing key is not available.

Source

pub fn build_validator(&self) -> Validator

Build a Validator pre-configured with this identity’s trust anchors.

Alias for validator. Provided for API symmetry with the trust_only constructor.

Source

pub fn manager_arc(&self) -> Arc<SecurityManager>

The Arc-wrapped SecurityManager backing this keychain.

Intended for framework code (e.g., background renewal tasks) that needs to share the manager across async tasks. Prefer the higher-level methods for application code.

Trait Implementations§

Source§

impl Debug for NdnIdentity

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Deref for NdnIdentity

Source§

type Target = KeyChain

The resulting type after dereferencing.
Source§

fn deref(&self) -> &KeyChain

Dereferences the value.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<P, T> Receiver for P
where P: Deref<Target = T> + ?Sized, T: ?Sized,

Source§

type Target = T

🔬This is a nightly-only experimental API. (arbitrary_self_types)
The target type on which the method may be called.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more