NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::v2::ValidationPolicy Class Referenceabstract

Abstraction that implements validation policy for Data and Interest packets. More...

#include <validation-policy.hpp>

Inheritance diagram for ndn::security::v2::ValidationPolicy:
Collaboration diagram for ndn::security::v2::ValidationPolicy:

Public Types

using ValidationContinuation = std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)>
 

Public Member Functions

virtual ~ValidationPolicy ()=default
 
void setInnerPolicy (unique_ptr< ValidationPolicy > innerPolicy)
 Set inner policy. More...
 
bool hasInnerPolicy () const
 Check if inner policy is set. More...
 
ValidationPolicygetInnerPolicy ()
 Return the inner policy. More...
 
void setValidator (Validator &validator)
 Set validator to which the policy is associated. More...
 
virtual void checkPolicy (const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)=0
 Check data against the policy. More...
 
virtual void checkPolicy (const Interest &interest, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)=0
 Check interest against the policy. More...
 
virtual void checkPolicy (const Certificate &certificate, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)
 Check certificate against the policy. More...
 

Public Attributes

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PROTECTED __pad0__: Validator* m_validator = nullptr
 
unique_ptr< ValidationPolicym_innerPolicy
 

Detailed Description

Abstraction that implements validation policy for Data and Interest packets.

Definition at line 37 of file validation-policy.hpp.

Member Typedef Documentation

◆ ValidationContinuation

using ndn::security::v2::ValidationPolicy::ValidationContinuation = std::function<void(const shared_ptr<CertificateRequest>& certRequest, const shared_ptr<ValidationState>& state)>

Definition at line 41 of file validation-policy.hpp.

Constructor & Destructor Documentation

◆ ~ValidationPolicy()

virtual ndn::security::v2::ValidationPolicy::~ValidationPolicy ( )
virtualdefault

Member Function Documentation

◆ setInnerPolicy()

void ndn::security::v2::ValidationPolicy::setInnerPolicy ( unique_ptr< ValidationPolicy innerPolicy)

Set inner policy.

Multiple assignments of the inner policy will create a "chain" of linked policies. The inner policy from the latest invocation of setInnerPolicy will be at the bottom of the policy list.

For example, sequence of this->setInnerPolicy(policy1) and this->setInnerPolicy(policy2), will result in this->m_innerPolicy == policy1, this->m_innerPolicy->m_innerPolicy == policy2', and this->m_innerPolicy->m_innerPolicy->m_innerPolicy == nullptr.

Exceptions
std::invalid_argumentexception, if innerPolicy is nullptr.

Definition at line 30 of file validation-policy.cpp.

References m_innerPolicy, nonstd::optional_lite::std11::move(), and NDN_THROW.

Referenced by ndn::security::v2::ValidationPolicyCommandInterest::ValidationPolicyCommandInterest(), and ndn::security::v2::ValidationPolicySignedInterest::ValidationPolicySignedInterest().

◆ hasInnerPolicy()

bool ndn::security::v2::ValidationPolicy::hasInnerPolicy ( ) const
inline

◆ getInnerPolicy()

ValidationPolicy & ndn::security::v2::ValidationPolicy::getInnerPolicy ( )

Return the inner policy.

If the inner policy was not set, behavior is undefined.

Definition at line 49 of file validation-policy.cpp.

References m_innerPolicy.

Referenced by ndn::security::v2::ValidationPolicyCommandInterest::checkPolicy(), ndn::security::v2::ValidationPolicySignedInterest::checkPolicy(), and hasInnerPolicy().

◆ setValidator()

void ndn::security::v2::ValidationPolicy::setValidator ( Validator validator)

Set validator to which the policy is associated.

Definition at line 55 of file validation-policy.cpp.

References m_innerPolicy.

Referenced by hasInnerPolicy().

◆ checkPolicy() [1/3]

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Data data,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
pure virtual

Check data against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Implemented in ndn::security::v2::ValidationPolicySignedInterest, ndn::security::v2::ValidationPolicyCommandInterest, ndn::security::v2::validator_config::ValidationPolicyConfig, ndn::security::v2::ValidationPolicyAcceptAll, and ndn::security::v2::ValidationPolicySimpleHierarchy.

Referenced by ndn::security::v2::ValidationPolicyCommandInterest::checkPolicy(), checkPolicy(), ndn::security::v2::ValidationPolicySignedInterest::checkPolicy(), and hasInnerPolicy().

◆ checkPolicy() [2/3]

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Interest interest,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
pure virtual

Check interest against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Implemented in ndn::security::v2::ValidationPolicySignedInterest, ndn::security::v2::ValidationPolicyCommandInterest, ndn::security::v2::validator_config::ValidationPolicyConfig, ndn::security::v2::ValidationPolicyAcceptAll, and ndn::security::v2::ValidationPolicySimpleHierarchy.

◆ checkPolicy() [3/3]

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Certificate certificate,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
inlinevirtual

Check certificate against the policy.

Unless overridden by the policy, this check defaults to checkPolicy(const Data&, ...).

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Definition at line 139 of file validation-policy.hpp.

References checkPolicy(), and NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PROTECTED.

Member Data Documentation

◆ __pad0__

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PROTECTED ndn::security::v2::ValidationPolicy::__pad0__

Definition at line 146 of file validation-policy.hpp.

◆ m_innerPolicy

unique_ptr<ValidationPolicy> ndn::security::v2::ValidationPolicy::m_innerPolicy

The documentation for this class was generated from the following files: