Simulates a Zero Trust-based TLS handshake mechanism between NS-3 nodes. More...

#include <zt-tls-handshake.h>

Inheritance diagram for ns3::ZtTlsHandshake:

Collaboration diagram for ns3::ZtTlsHandshake:

Public Member Functions
	ZtTlsHandshake ()
	Constructor.

void	StartHandshake (Ptr< Node > client, Ptr< Node > server, uint32_t clientId, uint32_t serverId)
	Start a simulated TLS handshake between client and server nodes.

bool	HasSession (uint32_t peerId) const
	Check if a session exists for a given peer.

std::string	GetSessionKey (uint32_t peerId) const
	Retrieve the session key for a peer in hexadecimal string format.

void	SetExternalLogger (std::function< void(std::string)> logger)
	Set an external logger for emitting TLS logs.

void	SetPolicyValidator (std::function< bool(uint32_t, std::string)> validator)
	Set a policy validator for enforcing Zero Trust identity checks.

Static Public Member Functions
static TypeId	GetTypeId ()
	Get the NS-3 TypeId.

Private Member Functions
void	Log (const std::string &msg) const
	Emit a log message using the external logger or NS_LOG fallback.

Private Attributes
std::map< uint32_t, std::string >	m_sessionKeys
	Maps node IDs to session keys.

std::function< void(std::string)>	m_logger
	Optional external logger.

std::function< bool(uint32_t, std::string)>	m_policyValidator
	Optional external policy validator.

Detailed Description

Simulates a Zero Trust-based TLS handshake mechanism between NS-3 nodes.

This class is responsible for performing identity-validated TLS-like handshakes between IoT nodes, establishing symmetric session keys, and enforcing policy-based authentication using injected policy validation logic.

Definition at line 23 of file zt-tls-handshake.h.

Constructor & Destructor Documentation

◆ ZtTlsHandshake()

ns3::ZtTlsHandshake::ZtTlsHandshake ( )

Constructor.

Definition at line 30 of file zt-tls-handshake.cc.

                               {
  NS_LOG_FUNCTION(this);
}

Member Function Documentation

◆ GetSessionKey()

std::string ns3::ZtTlsHandshake::GetSessionKey ( uint32_t peerId ) const

Retrieve the session key for a peer in hexadecimal string format.

Retrieve session key for a given peer.

Parameters

peerId Node ID of the peer.

Returns: Hex-encoded session key if it exists, empty string otherwise.

Parameters

peerId Node ID of the peer

Returns: Hex-encoded session key, or empty string if not found

Definition at line 86 of file zt-tls-handshake.cc.

                                                             {
  auto it = m_sessionKeys.find(peerId);
  return (it != m_sessionKeys.end()) ? it->second : "";
}

◆ GetTypeId()

TypeId ns3::ZtTlsHandshake::GetTypeId ( )

static

Get the NS-3 TypeId.

Get the ns-3 TypeId for ZtTlsHandshake.

Returns: TypeId of the ZtTlsHandshake class.; The TypeId

Definition at line 19 of file zt-tls-handshake.cc.

                                 {
  static TypeId tid = TypeId("ns3::ZtTlsHandshake")
    .SetParent<Object>()
    .SetGroupName("ZeroTrust")
    .AddConstructor<ZtTlsHandshake>();
  return tid;
}

◆ HasSession()

bool ns3::ZtTlsHandshake::HasSession ( uint32_t peerId ) const

Check if a session exists for a given peer.

Check if a session key exists for a peer.

Parameters

peerId Node ID of the peer.

Returns: true if a session exists, false otherwise.

Parameters

peerId Node ID of the peer

Returns: True if session exists, otherwise false

Definition at line 76 of file zt-tls-handshake.cc.

                                                     {
  return m_sessionKeys.find(peerId) != m_sessionKeys.end();
}

◆ Log()

void ns3::ZtTlsHandshake::Log ( const std::string & msg ) const

private

Emit a log message using the external logger or NS_LOG fallback.

Internal logging wrapper.

Parameters

msg	The message to log.
msg	Log message

Definition at line 114 of file zt-tls-handshake.cc.

                                                   {
  if (m_logger) {
    m_logger(msg);
  } else {
    NS_LOG_INFO(msg);
  }
}

Here is the caller graph for this function:

◆ SetExternalLogger()

void ns3::ZtTlsHandshake::SetExternalLogger ( std::function< void(std::string)> logger )

Set an external logger for emitting TLS logs.

Set external logging function.

Parameters

logger	Function accepting a string message.
logger	Function to be used for logging

Definition at line 96 of file zt-tls-handshake.cc.

                                                                          {
  m_logger = logger;
}

◆ SetPolicyValidator()

void ns3::ZtTlsHandshake::SetPolicyValidator ( std::function< bool(uint32_t, std::string)> validator )

Set a policy validator for enforcing Zero Trust identity checks.

Set policy validation function for authorization.

Parameters

validator	Function taking node ID and role string, returns true if authorized.
validator	Function that validates (nodeId, role)

Definition at line 105 of file zt-tls-handshake.cc.

                                                                                        {
  m_policyValidator = validator;
}

◆ StartHandshake()

void ns3::ZtTlsHandshake::StartHandshake	(	Ptr< Node >	client,
		Ptr< Node >	server,
		uint32_t	clientId,
		uint32_t	serverId
	)

Start a simulated TLS handshake between client and server nodes.

Start a simulated handshake between client and server.

Performs mutual policy validation and generates a symmetric session key shared by both nodes.

Parameters

client	Pointer to the client node.
server	Pointer to the server node.
clientId	Unique identifier for the client node.
serverId	Unique identifier for the server node.
client	Pointer to the client Node
server	Pointer to the server Node
clientId	ID of the client node
serverId	ID of the server node

Definition at line 42 of file zt-tls-handshake.cc.

                                                                                                            {
  NS_LOG_FUNCTION(this << client << server);
 
  if (m_policyValidator && !m_policyValidator(clientId, "client")) {
    Log("[ZT-HANDSHAKE] Client not authorized by policy");
    return;
  }
 
  if (m_policyValidator && !m_policyValidator(serverId, "server")) {
    Log("[ZT-HANDSHAKE] Server not authorized by policy");
    return;
  }
 
  CryptoPP::AutoSeededRandomPool prng;
  CryptoPP::byte key[CryptoPP::AES::DEFAULT_KEYLENGTH];
  prng.GenerateBlock(key, sizeof(key));
 
  std::string encoded;
  CryptoPP::StringSource ss(key, sizeof(key), true,
    new CryptoPP::HexEncoder(new CryptoPP::StringSink(encoded)));
 
  m_sessionKeys[serverId] = encoded;
  m_sessionKeys[clientId] = encoded;
 
  Log("[ZT-HANDSHAKE] Session established between Client " + std::to_string(clientId) +
      " and Server " + std::to_string(serverId) + " | Key: " + encoded);
}

Here is the call graph for this function:

Field Documentation

◆ m_logger

std::function<void(std::string)> ns3::ZtTlsHandshake::m_logger

private

Optional external logger.

Definition at line 83 of file zt-tls-handshake.h.

◆ m_policyValidator

std::function<bool(uint32_t, std::string)> ns3::ZtTlsHandshake::m_policyValidator

private

Optional external policy validator.

Definition at line 84 of file zt-tls-handshake.h.

◆ m_sessionKeys

std::map<uint32_t, std::string> ns3::ZtTlsHandshake::m_sessionKeys

private

Maps node IDs to session keys.

Definition at line 82 of file zt-tls-handshake.h.

The documentation for this class was generated from the following files:

model/zt-tls-handshake.h
model/zt-tls-handshake.cc

Public Member Functions

Static Public Member Functions

Private Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ ZtTlsHandshake()

Member Function Documentation

◆ GetSessionKey()

◆ GetTypeId()

◆ HasSession()

◆ Log()

◆ SetExternalLogger()

◆ SetPolicyValidator()

◆ StartHandshake()

Field Documentation

◆ m_logger

◆ m_policyValidator

◆ m_sessionKeys