FilePib

ndn_security::pib

Struct FilePib

pub struct FilePib { /* private fields */ }

Expand description

File-based Public Info Base (PIB) for persistent key and certificate storage.

§Directory layout

<root>/
  keys/<sha256>/
    name.uri          # NDN name in URI form (human-readable)
    private.key       # 32-byte raw Ed25519 seed
    cert.ndnc         # NDNC-format certificate (optional)
  anchors/<sha256>/
    name.uri
    cert.ndnc

Key directories are named by the SHA-256 of the canonical name bytes to avoid filesystem special-character issues. The name.uri file provides the human-readable name for list operations.

§Certificate format (NDNC v1)

[4]  magic "NDNC"
[1]  version = 1
[8]  valid_from  (u64 be, nanoseconds since Unix epoch)
[8]  valid_until (u64 be, nanoseconds since Unix epoch; u64::MAX = never)
[4]  pk_len      (u32 be)
[pk_len] public key bytes

Implementations§

impl FilePib

pub fn new(root: impl Into<PathBuf>) -> Result<Self, PibError>

Create or open a PIB at root, creating the directory tree if needed.

pub fn open(root: impl Into<PathBuf>) -> Result<Self, PibError>

Open an existing PIB without creating it. Returns an error if root does not contain an initialised PIB.

pub fn root(&self) -> &Path

Return the root directory of this PIB.

pub fn generate_ed25519( &self, key_name: &Name, ) -> Result<Ed25519Signer, PibError>

Generate a new Ed25519 key using a cryptographically random seed and persist it to the PIB. Returns the signer so the caller can immediately issue a certificate without re-reading from disk.

pub fn get_signer(&self, key_name: &Name) -> Result<Ed25519Signer, PibError>

Load the signer for key_name from the PIB.

pub fn delete_key(&self, key_name: &Name) -> Result<(), PibError>

Delete a key and its associated certificate from the PIB.

pub fn list_keys(&self) -> Result<Vec<Name>, PibError>

List all key names stored in the PIB.

pub fn store_cert( &self, key_name: &Name, cert: &Certificate, ) -> Result<(), PibError>

Persist a certificate for key_name in its key directory.

pub fn get_cert(&self, key_name: &Name) -> Result<Certificate, PibError>

Load the certificate for key_name.

pub fn add_trust_anchor( &self, key_name: &Name, cert: &Certificate, ) -> Result<(), PibError>

Persist a certificate as a trust anchor.

pub fn remove_trust_anchor(&self, key_name: &Name) -> Result<(), PibError>

Remove a trust anchor from the PIB.

pub fn trust_anchors(&self) -> Result<Vec<Certificate>, PibError>

Load all trust anchor certificates from the PIB.

pub fn list_anchors(&self) -> Result<Vec<Name>, PibError>

List all trust anchor names stored in the PIB.

Auto Trait Implementations§

impl Freeze for FilePib

impl RefUnwindSafe for FilePib

impl Send for FilePib

impl Sync for FilePib

impl Unpin for FilePib

impl UnwindSafe for FilePib

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Pointable for T

const ALIGN: usize

The alignment of pointer.

type Init = T

The type for initializers.

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V