The validator which can be set up via a configuration file. More...

#include <validator-config.hpp>

Inheritance diagram for ndn::security::ValidatorConfig:

Collaboration diagram for ndn::security::ValidatorConfig:

[legend]

Classes
class	Error

Public Types
typedef security::conf::Rule< Data >	DataRule

typedef std::vector< shared_ptr< InterestRule > >	InterestRuleList

typedef std::vector< shared_ptr< DataRule > >	DataRuleList

typedef std::map< Name, shared_ptr< v1::IdentityCertificate > >	AnchorList

typedef std::list< DynamicTrustAnchorContainer >	DynamicContainers

typedef std::list< shared_ptr< v1::IdentityCertificate > >	CertificateList

typedef std::map< Name, time::system_clock::TimePoint >	LastTimestampMap

Public Member Functions
	ValidatorConfig (Face *face=nullptr, const shared_ptr< CertificateCache > &certificateCache=DEFAULT_CERTIFICATE_CACHE, const time::milliseconds &graceInterval=DEFAULT_GRACE_INTERVAL, const size_t stepLimit=10, const size_t maxTrackedKeys=1000, const time::system_clock::Duration &keyTimestampTtl=DEFAULT_KEY_TIMESTAMP_TTL)

	ValidatorConfig (Face &face, const shared_ptr< CertificateCache > &certificateCache=DEFAULT_CERTIFICATE_CACHE, const time::milliseconds &graceInterval=DEFAULT_GRACE_INTERVAL, const size_t stepLimit=10, const size_t maxTrackedKeys=1000, const time::system_clock::Duration &keyTimestampTtl=DEFAULT_KEY_TIMESTAMP_TTL)

void	load (const std::string &filename)

void	load (const std::string &input, const std::string &filename)

void	load (std::istream &input, const std::string &filename)

void	load (const security::conf::ConfigSection &configSection, const std::string &filename)

void	reset ()

bool	isEmpty ()

Public Member Functions inherited from ndn::security::Validator
	Validator (Face *face=nullptr)
	Validator constructor. More...

	Validator (Face &face)

virtual	~Validator ()

void	validate (const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed)
	Validate Data and call either onValidated or onValidationFailed. More...

void	validate (const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed)
	Validate Interest and call either onValidated or onValidationFailed. More...

Public Attributes
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE	__pad0__: typedef security::conf::Rule<Interest> InterestRule

bool	m_shouldValidate
	gives whether validation should be preformed More...

size_t	m_stepLimit

shared_ptr< CertificateCache >	m_certificateCache

InterestRuleList	m_interestRules

DataRuleList	m_dataRules

AnchorList	m_anchors

TrustAnchorContainer	m_staticContainer

DynamicContainers	m_dynamicContainers

time::milliseconds	m_graceInterval

size_t	m_maxTrackedKeys

LastTimestampMap	m_lastTimestamp

const time::system_clock::Duration &	m_keyTimestampTtl

Static Public Attributes
static const shared_ptr< CertificateCache >	DEFAULT_CERTIFICATE_CACHE

static const time::milliseconds	DEFAULT_GRACE_INTERVAL

static const time::system_clock::Duration	DEFAULT_KEY_TIMESTAMP_TTL = time::hours(1)

Protected Member Functions
virtual void	checkPolicy (const Data &data, int nSteps, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest >> &nextSteps) override
	Check the Data against policy and return the next validation step if necessary. More...

virtual void	checkPolicy (const Interest &interest, int nSteps, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest >> &nextSteps) override
	Check the Interest against validation policy and return the next validation step if necessary. More...

Protected Member Functions inherited from ndn::security::Validator
void	onData (const Interest &interest, const Data &data, const shared_ptr< ValidationRequest > &nextStep)
	Process the received certificate. More...

void	validate (const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, int nSteps)

void	validate (const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed, int nSteps)

virtual shared_ptr< const Data >	preCertificateValidation (const Data &data)
	Hooks. More...

virtual void	onNack (const Interest &interest, const lp::Nack &nack, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest)
	trigger when interest retrieves a Nack. More...

virtual void	onTimeout (const Interest &interest, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest)
	trigger when interest for certificate times out. More...

virtual void	afterCheckPolicy (const std::vector< shared_ptr< ValidationRequest >> &nextSteps, const OnFailure &onFailure)
	trigger after checkPolicy is done. More...

Additional Inherited Members
Static Public Member Functions inherited from ndn::security::Validator
static bool	verifySignature (const Data &data, const v1::PublicKey &publicKey)
	Verify the data using the publicKey. More...

static bool	verifySignature (const Interest &interest, const v1::PublicKey &publicKey)
	Verify the signed Interest using the publicKey. More...

static bool	verifySignature (const Buffer &blob, const Signature &sig, const v1::PublicKey &publicKey)
	Verify the blob using the publicKey against the signature. More...

static bool	verifySignature (const Data &data, const Signature &sig, const v1::PublicKey &publicKey)
	Verify the data using the publicKey against the SHA256-RSA signature. More...

static bool	verifySignature (const Interest &interest, const Signature &sig, const v1::PublicKey &publicKey)
	Verify the interest using the publicKey against the SHA256-RSA signature. More...

static bool	verifySignature (const uint8_t *buf, const size_t size, const Signature &sig, const v1::PublicKey &publicKey)
	Verify the blob using the publicKey against the SHA256-RSA signature. More...

static bool	verifySignature (const Data &data, const DigestSha256 &sig)
	Verify the data against the SHA256 signature. More...

static bool	verifySignature (const Interest &interest, const DigestSha256 &sig)
	Verify the interest against the SHA256 signature. More...

static bool	verifySignature (const Buffer &blob, const DigestSha256 &sig)
	Verify the blob against the SHA256 signature. More...

static bool	verifySignature (const uint8_t *buf, const size_t size, const DigestSha256 &sig)
	Verify the blob against the SHA256 signature. More...

Protected Types inherited from ndn::security::Validator
typedef function< void(const std::string &)>	OnFailure

Protected Attributes inherited from ndn::security::Validator
Face *	m_face

Detailed Description

The validator which can be set up via a configuration file.

Definition at line 39 of file validator-config.hpp.

Member Typedef Documentation

◆ DataRule

typedef security::conf::Rule<Data> ndn::security::ValidatorConfig::DataRule

Definition at line 230 of file validator-config.hpp.

◆ InterestRuleList

typedef std::vector<shared_ptr<InterestRule> > ndn::security::ValidatorConfig::InterestRuleList

Definition at line 231 of file validator-config.hpp.

◆ DataRuleList

typedef std::vector<shared_ptr<DataRule> > ndn::security::ValidatorConfig::DataRuleList

Definition at line 232 of file validator-config.hpp.

◆ AnchorList

typedef std::map<Name, shared_ptr<v1::IdentityCertificate> > ndn::security::ValidatorConfig::AnchorList

Definition at line 233 of file validator-config.hpp.

◆ DynamicContainers

typedef std::list<DynamicTrustAnchorContainer> ndn::security::ValidatorConfig::DynamicContainers

Definition at line 234 of file validator-config.hpp.

◆ CertificateList

typedef std::list<shared_ptr<v1::IdentityCertificate> > ndn::security::ValidatorConfig::CertificateList

Definition at line 235 of file validator-config.hpp.

◆ LastTimestampMap

typedef std::map<Name, time::system_clock::TimePoint> ndn::security::ValidatorConfig::LastTimestampMap

Definition at line 256 of file validator-config.hpp.

Constructor & Destructor Documentation

◆ ValidatorConfig() [1/2]

ndn::security::ValidatorConfig::ValidatorConfig	(	Face *	face = `nullptr`,
		const shared_ptr< CertificateCache > &	certificateCache = `DEFAULT_CERTIFICATE_CACHE`,
		const time::milliseconds &	graceInterval = `DEFAULT_GRACE_INTERVAL`,
		const size_t	stepLimit = `10`,
		const size_t	maxTrackedKeys = `1000`,
		const time::system_clock::Duration &	keyTimestampTtl = `DEFAULT_KEY_TIMESTAMP_TTL`
	)

explicit

Note: When both certificate cache and face are not supplied, no cache will be used. However, if only face is supplied, a default cache will be created and used.

Definition at line 40 of file validator-config.cpp.

References ndn::Face::getIoService(), and m_certificateCache.

Referenced by ndn::security::ValidatorConfig::Error::Error().

◆ ValidatorConfig() [2/2]

ndn::security::ValidatorConfig::ValidatorConfig	(	Face &	face,
		const shared_ptr< CertificateCache > &	certificateCache = `DEFAULT_CERTIFICATE_CACHE`,
		const time::milliseconds &	graceInterval = `DEFAULT_GRACE_INTERVAL`,
		const size_t	stepLimit = `10`,
		const size_t	maxTrackedKeys = `1000`,
		const time::system_clock::Duration &	keyTimestampTtl = `DEFAULT_KEY_TIMESTAMP_TTL`
	)

explicit

Deprecated:: Use the constructor taking Face* as parameter.

Definition at line 59 of file validator-config.cpp.

References ndn::Face::getIoService(), and m_certificateCache.

Member Function Documentation

◆ load() [1/4]

void ndn::security::ValidatorConfig::load ( const std::string & filename )

Definition at line 79 of file validator-config.cpp.

Referenced by ndn::security::ValidatorConfig::Error::Error(), load(), and nfd::rib::RibManager::onRibUpdateFailure().

◆ load() [2/4]

void ndn::security::ValidatorConfig::load	(	const std::string &	input,
		const std::string &	filename
	)

Definition at line 93 of file validator-config.cpp.

References load().

◆ load() [3/4]

void ndn::security::ValidatorConfig::load	(	std::istream &	input,
		const std::string &	filename
	)

Definition at line 101 of file validator-config.cpp.

References load().

◆ load() [4/4]

void ndn::security::ValidatorConfig::load	(	const security::conf::ConfigSection &	configSection,
		const std::string &	filename
	)

Definition at line 119 of file validator-config.cpp.

References ndn::security::file, m_anchors, m_dataRules, m_dynamicContainers, m_interestRules, m_shouldValidate, m_staticContainer, ndn::time::system_clock::now(), and reset().

◆ reset()

void ndn::security::ValidatorConfig::reset ( )

Definition at line 354 of file validator-config.cpp.

References m_anchors, m_certificateCache, m_dataRules, m_dynamicContainers, m_interestRules, and m_staticContainer.

Referenced by ndn::security::ValidatorConfig::Error::Error(), and load().

◆ isEmpty()

bool ndn::security::ValidatorConfig::isEmpty ( )

Definition at line 369 of file validator-config.cpp.

References m_anchors, m_certificateCache, m_dataRules, m_dynamicContainers, m_interestRules, m_staticContainer, and ndn::time::system_clock::now().

Referenced by ndn::security::ValidatorConfig::Error::Error().

◆ checkPolicy() [1/2]

void ndn::security::ValidatorConfig::checkPolicy	(	const Data &	data,
		int	nSteps,
		const OnDataValidated &	onValidated,
		const OnDataValidationFailed &	onValidationFailed,
		std::vector< shared_ptr< ValidationRequest >> &	nextSteps
	)

overrideprotectedvirtual

Check the Data against policy and return the next validation step if necessary.

If there is no next validation step, that validation MUST have been done. i.e., either onValidated or onValidationFailed callback is invoked.

Parameters

data	The Data to check.
nSteps	The number of validation steps that have been done.
onValidated	If the Data is validated, this calls onValidated(data)
onValidationFailed	If validation fails, this calls onValidationFailed(data)
nextSteps	On return, contains the next validation step

Implements ndn::security::Validator.

Definition at line 445 of file validator-config.cpp.

References ndn::Data::getSignature(), m_dataRules, and m_shouldValidate.

Referenced by ndn::security::ValidatorConfig::Error::Error().

◆ checkPolicy() [2/2]

void ndn::security::ValidatorConfig::checkPolicy	(	const Interest &	interest,
		int	nSteps,
		const OnInterestValidated &	onValidated,
		const OnInterestValidationFailed &	onValidationFailed,
		std::vector< shared_ptr< ValidationRequest >> &	nextSteps
	)

overrideprotectedvirtual

Check the Interest against validation policy and return the next validation step if necessary.

If there is no next validation step, that validation MUST have been done. i.e., either onValidated or onValidationFailed callback is invoked.

Parameters

interest	The Interest to check.
nSteps	The number of validation steps that have been done.
onValidated	If the Interest is validated, this calls onValidated(data)
onValidationFailed	If validation fails, this calls onValidationFailed(data)
nextSteps	On return, contains the next validation step

Implements ndn::security::Validator.

Definition at line 476 of file validator-config.cpp.

References ndn::security::v1::IdentityCertificate::certificateNameToPublicKeyName(), ndn::tlv::ContentType_Key, ndn::tlv::DigestSha256, ndn::time::fromUnixTimestamp(), ndn::Name::get(), ndn::Signature::getKeyLocator(), ndn::KeyLocator::getName(), ndn::Interest::getName(), ndn::KeyLocator::getType(), ndn::Signature::getType(), ndn::Signature::hasKeyLocator(), ndn::KeyLocator::KeyLocator_Name, m_anchors, m_certificateCache, m_graceInterval, m_interestRules, m_keyTimestampTtl, m_lastTimestamp, m_maxTrackedKeys, m_shouldValidate, m_stepLimit, ndn::signed_interest::MIN_LENGTH, ndn::time::system_clock::now(), ndn::signed_interest::POS_SIG_INFO, ndn::signed_interest::POS_SIG_VALUE, ndn::tlv::SignatureSha256WithEcdsa, ndn::tlv::SignatureSha256WithRsa, ndn::Name::size(), ndn::name::Component::toNumber(), ndn::Name::toUri(), and ndn::security::Validator::verifySignature().

Member Data Documentation

◆ DEFAULT_CERTIFICATE_CACHE

const shared_ptr< CertificateCache > ndn::security::ValidatorConfig::DEFAULT_CERTIFICATE_CACHE

static

Definition at line 224 of file validator-config.hpp.

Referenced by ndn::security::ValidatorConfig::Error::Error().

◆ DEFAULT_GRACE_INTERVAL

const time::milliseconds ndn::security::ValidatorConfig::DEFAULT_GRACE_INTERVAL

static

Definition at line 225 of file validator-config.hpp.

Referenced by ndn::security::ValidatorConfig::Error::Error().

◆ DEFAULT_KEY_TIMESTAMP_TTL

const time::system_clock::Duration ndn::security::ValidatorConfig::DEFAULT_KEY_TIMESTAMP_TTL = time::hours(1)

static

Definition at line 226 of file validator-config.hpp.

Referenced by ndn::security::ValidatorConfig::Error::Error().

◆ pad0

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE ndn::security::ValidatorConfig::__pad0__

Definition at line 229 of file validator-config.hpp.

◆ m_shouldValidate

bool ndn::security::ValidatorConfig::m_shouldValidate

gives whether validation should be preformed

If false, no validation occurs, and any packet is considered validated immediately.

Definition at line 242 of file validator-config.hpp.

Referenced by checkPolicy(), and load().

◆ m_stepLimit

size_t ndn::security::ValidatorConfig::m_stepLimit

Definition at line 244 of file validator-config.hpp.

Referenced by checkPolicy().

◆ m_certificateCache

shared_ptr<CertificateCache> ndn::security::ValidatorConfig::m_certificateCache

Definition at line 245 of file validator-config.hpp.

Referenced by checkPolicy(), isEmpty(), reset(), and ValidatorConfig().

◆ m_interestRules

InterestRuleList ndn::security::ValidatorConfig::m_interestRules

Definition at line 247 of file validator-config.hpp.

Referenced by checkPolicy(), isEmpty(), load(), and reset().

◆ m_dataRules

DataRuleList ndn::security::ValidatorConfig::m_dataRules

Definition at line 248 of file validator-config.hpp.

Referenced by checkPolicy(), isEmpty(), load(), and reset().

◆ m_anchors

AnchorList ndn::security::ValidatorConfig::m_anchors

Definition at line 250 of file validator-config.hpp.

Referenced by checkPolicy(), isEmpty(), load(), and reset().

◆ m_staticContainer

TrustAnchorContainer ndn::security::ValidatorConfig::m_staticContainer

Definition at line 251 of file validator-config.hpp.

Referenced by isEmpty(), load(), and reset().

◆ m_dynamicContainers

DynamicContainers ndn::security::ValidatorConfig::m_dynamicContainers

Definition at line 252 of file validator-config.hpp.

Referenced by isEmpty(), load(), and reset().

◆ m_graceInterval

time::milliseconds ndn::security::ValidatorConfig::m_graceInterval

Definition at line 254 of file validator-config.hpp.

Referenced by checkPolicy().

◆ m_maxTrackedKeys

size_t ndn::security::ValidatorConfig::m_maxTrackedKeys

Definition at line 255 of file validator-config.hpp.

Referenced by checkPolicy().

◆ m_lastTimestamp

LastTimestampMap ndn::security::ValidatorConfig::m_lastTimestamp

Definition at line 257 of file validator-config.hpp.

Referenced by checkPolicy().

◆ m_keyTimestampTtl

const time::system_clock::Duration& ndn::security::ValidatorConfig::m_keyTimestampTtl

Definition at line 258 of file validator-config.hpp.

Referenced by checkPolicy().

The documentation for this class was generated from the following files:

ndnSIM/ndn-cxx/src/security/validator-config.hpp
ndnSIM/ndn-cxx/src/security/validator-config.cpp

Classes

Public Types

Public Member Functions

Public Attributes

Static Public Attributes

Protected Member Functions

Additional Inherited Members

Detailed Description

Member Typedef Documentation

◆ DataRule

◆ InterestRuleList

◆ DataRuleList

◆ AnchorList

◆ DynamicContainers

◆ CertificateList

◆ LastTimestampMap

Constructor & Destructor Documentation

◆ ValidatorConfig() [1/2]

◆ ValidatorConfig() [2/2]

Member Function Documentation

◆ load() [1/4]

◆ load() [2/4]

◆ load() [3/4]

◆ load() [4/4]

◆ reset()

◆ isEmpty()

◆ checkPolicy() [1/2]

◆ checkPolicy() [2/2]

Member Data Documentation

◆ DEFAULT_CERTIFICATE_CACHE

◆ DEFAULT_GRACE_INTERVAL

◆ DEFAULT_KEY_TIMESTAMP_TTL

◆ __pad0__

◆ m_shouldValidate

◆ m_stepLimit

◆ m_certificateCache

◆ m_interestRules

◆ m_dataRules

◆ m_anchors

◆ m_staticContainer

◆ m_dynamicContainers

◆ m_graceInterval

◆ m_maxTrackedKeys

◆ m_lastTimestamp

◆ m_keyTimestampTtl

◆ pad0