ndn_config/

nfd_command.rs

/// NFD management command name builder and parser.
///
/// Management command Interests use the name structure:
/// ```text
/// /localhost/nfd/<module>/<verb>/<ControlParameters>
/// ```
///
/// where `<ControlParameters>` is a generic name component containing the
/// binary TLV-encoded ControlParameters block (the value bytes only, without
/// the outer type 0x68 and length — those are implicit in the name component).
use bytes::Bytes;
use ndn_packet::{Name, NameComponent};

use crate::control_parameters::ControlParameters;

/// The standard NFD management prefix: `/localhost/nfd`.
pub const NFD_PREFIX: &[&[u8]] = &[b"localhost", b"nfd"];

// ─── Command modules and verbs ───────────────────────────────────────────────

/// Management module names.
pub mod module {
    pub const FACES: &[u8] = b"faces";
    pub const FIB: &[u8] = b"fib";
    pub const RIB: &[u8] = b"rib";
    pub const ROUTING: &[u8] = b"routing";
    pub const DISCOVERY: &[u8] = b"discovery";
    pub const CS: &[u8] = b"cs";
    pub const STRATEGY: &[u8] = b"strategy-choice";
    pub const STATUS: &[u8] = b"status";
    pub const NEIGHBORS: &[u8] = b"neighbors";
    pub const SERVICE: &[u8] = b"service";
    pub const MEASUREMENTS: &[u8] = b"measurements";
    pub const CONFIG: &[u8] = b"config";
    pub const SECURITY: &[u8] = b"security";
    pub const LOG: &[u8] = b"log";
}

/// Command verbs per module.
pub mod verb {
    // config
    pub const GET: &[u8] = b"get";

    // faces
    pub const CREATE: &[u8] = b"create";
    pub const UPDATE: &[u8] = b"update";
    pub const DESTROY: &[u8] = b"destroy";
    pub const LIST: &[u8] = b"list";

    // fib
    pub const ADD_NEXTHOP: &[u8] = b"add-nexthop";
    pub const REMOVE_NEXTHOP: &[u8] = b"remove-nexthop";

    // rib
    pub const REGISTER: &[u8] = b"register";
    pub const UNREGISTER: &[u8] = b"unregister";

    // strategy-choice
    pub const SET: &[u8] = b"set";
    pub const UNSET: &[u8] = b"unset";

    // cs
    pub const CONFIG: &[u8] = b"config";
    pub const INFO: &[u8] = b"info";
    pub const ERASE: &[u8] = b"erase";

    // service
    pub const ANNOUNCE: &[u8] = b"announce";
    pub const WITHDRAW: &[u8] = b"withdraw";
    pub const BROWSE: &[u8] = b"browse";

    // faces extension
    pub const COUNTERS: &[u8] = b"counters";

    // security — identity
    pub const IDENTITY_LIST: &[u8] = b"identity-list";
    pub const IDENTITY_GENERATE: &[u8] = b"identity-generate";
    pub const IDENTITY_DID: &[u8] = b"identity-did";
    /// Dataset that returns the active identity status (name, is_ephemeral, pib_path).
    pub const IDENTITY_STATUS: &[u8] = b"identity-status";
    pub const ANCHOR_LIST: &[u8] = b"anchor-list";
    pub const KEY_DELETE: &[u8] = b"key-delete";

    // security — NDNCERT CA
    pub const CA_INFO: &[u8] = b"ca-info";
    pub const CA_ENROLL: &[u8] = b"ca-enroll";
    pub const CA_TOKEN_ADD: &[u8] = b"ca-token-add";
    pub const CA_REQUESTS: &[u8] = b"ca-requests";

    // security — YubiKey PIV
    pub const YUBIKEY_DETECT: &[u8] = b"yubikey-detect";
    pub const YUBIKEY_GENERATE: &[u8] = b"yubikey-generate";

    // security — trust schema management
    /// Add a rule to the active trust schema.
    /// ControlParameters.uri = `"<data_pattern> => <key_pattern>"`.
    pub const SCHEMA_RULE_ADD: &[u8] = b"schema-rule-add";
    /// Remove the rule at the given index.
    /// ControlParameters.count = `rule_index`.
    pub const SCHEMA_RULE_REMOVE: &[u8] = b"schema-rule-remove";
    /// List all active trust schema rules (dataset, no parameters).
    pub const SCHEMA_LIST: &[u8] = b"schema-list";
    /// Replace the entire schema.
    /// ControlParameters.uri = newline-separated rule strings.
    pub const SCHEMA_SET: &[u8] = b"schema-set";

    // log
    pub const GET_FILTER: &[u8] = b"get-filter";
    pub const SET_FILTER: &[u8] = b"set-filter";
    pub const GET_RECENT: &[u8] = b"get-recent";

    // discovery
    pub const DVR_STATUS: &[u8] = b"dvr-status";
    pub const DVR_CONFIG: &[u8] = b"dvr-config";
}

// ─── Name builder ────────────────────────────────────────────────────────────

/// Build a management command name with embedded ControlParameters.
///
/// Result: `/localhost/nfd/<module>/<verb>/<params-component>`
///
/// The ControlParameters name component contains the **full** TLV block
/// (type 0x68 + length + fields), matching the NFD management protocol spec
/// and what NFD/ndnd expect.
pub fn command_name(module: &[u8], verb: &[u8], params: &ControlParameters) -> Name {
    let params_tlv = params.encode();
    Name::from_components([
        NameComponent::generic(Bytes::from_static(b"localhost")),
        NameComponent::generic(Bytes::from_static(b"nfd")),
        NameComponent::generic(Bytes::copy_from_slice(module)),
        NameComponent::generic(Bytes::copy_from_slice(verb)),
        NameComponent::generic(params_tlv),
    ])
}

/// Build a dataset (status) name without parameters.
///
/// Result: `/localhost/nfd/<module>/<verb>`
pub fn dataset_name(module: &[u8], verb: &[u8]) -> Name {
    Name::from_components([
        NameComponent::generic(Bytes::from_static(b"localhost")),
        NameComponent::generic(Bytes::from_static(b"nfd")),
        NameComponent::generic(Bytes::copy_from_slice(module)),
        NameComponent::generic(Bytes::copy_from_slice(verb)),
    ])
}

// ─── Name parser ─────────────────────────────────────────────────────────────

/// Parsed management command extracted from an Interest name.
#[derive(Debug)]
pub struct ParsedCommand {
    pub module: Bytes,
    pub verb: Bytes,
    pub params: Option<ControlParameters>,
}

/// Parse a management command from an Interest name.
///
/// Expects: `/localhost/nfd/<module>/<verb>[/<params>][/<signed-interest-components>]`
///
/// Returns `None` if the name doesn't match the management prefix or has
/// too few components.
pub fn parse_command_name(name: &Name) -> Option<ParsedCommand> {
    let comps = name.components();
    if comps.len() < 4 {
        return None;
    }

    // Check /localhost/nfd prefix.
    if comps[0].value.as_ref() != b"localhost" || comps[1].value.as_ref() != b"nfd" {
        return None;
    }

    let module = comps[2].value.clone();
    let verb = comps[3].value.clone();

    // The 5th component (index 4), if present, is the ControlParameters TLV
    // (full block including the 0x68 type byte, per NFD management spec).
    // Components beyond index 4 (e.g. ParametersSha256DigestComponent from a
    // signed Interest) are ignored — the router does not validate signatures.
    let params = if comps.len() >= 5 {
        ControlParameters::decode(comps[4].value.clone()).ok()
    } else {
        None
    };

    Some(ParsedCommand {
        module,
        verb,
        params,
    })
}

// ─── Tests ───────────────────────────────────────────────────────────────────

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn command_name_structure() {
        let params = ControlParameters {
            name: Some(Name::from_components([NameComponent::generic(
                Bytes::from_static(b"test"),
            )])),
            cost: Some(10),
            ..Default::default()
        };
        let name = command_name(module::RIB, verb::REGISTER, &params);
        let comps = name.components();
        assert_eq!(comps.len(), 5);
        assert_eq!(comps[0].value.as_ref(), b"localhost");
        assert_eq!(comps[1].value.as_ref(), b"nfd");
        assert_eq!(comps[2].value.as_ref(), b"rib");
        assert_eq!(comps[3].value.as_ref(), b"register");
        // 5th component is the full ControlParameters TLV (type 0x68 + length + fields).
        let decoded = ControlParameters::decode(comps[4].value.clone()).unwrap();
        assert_eq!(decoded.cost, Some(10));
    }

    #[test]
    fn dataset_name_structure() {
        let name = dataset_name(module::FACES, verb::LIST);
        let comps = name.components();
        assert_eq!(comps.len(), 4);
        assert_eq!(comps[2].value.as_ref(), b"faces");
        assert_eq!(comps[3].value.as_ref(), b"list");
    }

    #[test]
    fn parse_command_roundtrip() {
        let params = ControlParameters {
            uri: Some("shm://myapp".to_owned()),
            ..Default::default()
        };
        let name = command_name(module::FACES, verb::CREATE, &params);
        let parsed = parse_command_name(&name).unwrap();
        assert_eq!(parsed.module.as_ref(), b"faces");
        assert_eq!(parsed.verb.as_ref(), b"create");
        let p = parsed.params.unwrap();
        assert_eq!(p.uri.as_deref(), Some("shm://myapp"));
    }

    #[test]
    fn parse_command_too_short() {
        let name = Name::from_components([
            NameComponent::generic(Bytes::from_static(b"localhost")),
            NameComponent::generic(Bytes::from_static(b"nfd")),
        ]);
        assert!(parse_command_name(&name).is_none());
    }

    #[test]
    fn parse_command_wrong_prefix() {
        let name = Name::from_components([
            NameComponent::generic(Bytes::from_static(b"localhop")),
            NameComponent::generic(Bytes::from_static(b"nfd")),
            NameComponent::generic(Bytes::from_static(b"rib")),
            NameComponent::generic(Bytes::from_static(b"register")),
        ]);
        assert!(parse_command_name(&name).is_none());
    }

    #[test]
    fn parse_command_no_params() {
        let name = dataset_name(module::FACES, verb::LIST);
        let parsed = parse_command_name(&name).unwrap();
        assert_eq!(parsed.module.as_ref(), b"faces");
        assert_eq!(parsed.verb.as_ref(), b"list");
        assert!(parsed.params.is_none());
    }
}