NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::v2 Namespace Reference

Namespaces

 validator_config
 

Classes

class  AdditionalDescription
 Represents an AdditionalDescription TLV element. More...
 
class  CertContainerInterface
 
class  Certificate
 Represents an NDN certificate following the version 2.0 format. More...
 
class  CertificateBundleFetcher
 Fetch certificate bundle from the network. More...
 
class  CertificateCache
 Represents a container for verified certificates. More...
 
class  CertificateFetcher
 Interface used by the validator to fetch missing certificates. More...
 
class  CertificateFetcherDirectFetch
 Extends CertificateFetcherFromNetwork to fetch certificates from the incoming face of the packet. More...
 
class  CertificateFetcherFromNetwork
 Fetch missing keys from the network. More...
 
class  CertificateFetcherOffline
 Certificate fetcher realization that does not fetch keys (always offline) More...
 
class  CertificateRequest
 Request for a certificate, associated with the number of attempts. More...
 
class  CertificateStorage
 Storage for trusted anchors, verified certificate cache, and unverified certificate cache. More...
 
class  DataValidationState
 Validation state for a data packet. More...
 
class  DynamicTrustAnchorGroup
 Dynamic trust anchor group. More...
 
class  InterestValidationState
 Validation state for an interest packet. More...
 
class  KeyChain
 The interface of signing key management. More...
 
class  StaticTrustAnchorGroup
 Static trust anchor group. More...
 
class  TrustAnchorContainer
 represents a container for trust anchors. More...
 
class  TrustAnchorGroup
 A group of trust anchors. More...
 
class  ValidationError
 Validation error code and optional detailed error message. More...
 
class  ValidationPolicy
 Abstraction that implements validation policy for Data and Interest packets. More...
 
class  ValidationPolicyAcceptAll
 A validator policy that accepts any signature of data and interest packets. More...
 
class  ValidationPolicyCommandInterest
 Validation policy for stop-and-wait command Interests. More...
 
class  ValidationPolicySignedInterest
 Validation policy for signed Interests. More...
 
class  ValidationPolicySimpleHierarchy
 Validation policy for a simple hierarchical trust model. More...
 
class  ValidationState
 Validation state. More...
 
class  Validator
 Interface for validating data and interest packets. More...
 
class  ValidatorNull
 Validator with "accept-all" policy and offline certificate fetcher. More...
 

Typedefs

typedef function< void(const Data &data)> DataValidationSuccessCallback
 Callback to report a successful Data validation. More...
 
typedef function< void(const Data &data, const ValidationError &error)> DataValidationFailureCallback
 Callback to report a failed Data validation. More...
 
typedef function< void(const Interest &interest)> InterestValidationSuccessCallback
 Callback to report a successful Interest validation. More...
 
typedef function< void(const Interest &interest, const ValidationError &error)> InterestValidationFailureCallback
 Callback to report a failed Interest validation. More...
 
using SignedInterestFormatTag = SimpleTag< SignedInterestFormat, 1002 >
 

Functions

 NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (AdditionalDescription)
 
std::ostream & operator<< (std::ostream &os, const AdditionalDescription &desc)
 
 NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (AdditionalDescription)
 
std::ostream & operator<< (std::ostream &os, const Certificate &cert)
 
Name extractIdentityFromCertName (const Name &certName)
 Extract identity namespace from the certificate name certName. More...
 
Name extractKeyNameFromCertName (const Name &certName)
 Extract key name from the certificate name certName. More...
 
static std::tuple< std::string, std::string > parseLocatorUri (const std::string &uri)
 
Name constructKeyName (const Name &identity, const name::Component &keyId)
 Construct key name based on the appropriate naming conventions. More...
 
bool isValidKeyName (const Name &keyName)
 Check if keyName follow the naming conventions for the key name. More...
 
Name extractIdentityFromKeyName (const Name &keyName)
 Extract identity namespace from the key name keyName. More...
 
std::ostream & operator<< (std::ostream &os, ValidationError::Code code)
 
std::ostream & operator<< (std::ostream &os, const ValidationError &error)
 
static Name getKeyLocatorName (const SignatureInfo &si, ValidationState &state)
 
Name getKeyLocatorName (const Data &data, ValidationState &state)
 extract KeyLocator.Name from a Data packet More...
 
Name getKeyLocatorName (const Interest &interest, ValidationState &state)
 extract KeyLocator.Name from signed Interest More...
 
Name extractIdentityNameFromKeyLocator (const Name &keyLocator)
 Extract identity name from key, version-less certificate, or certificate name. More...
 
ValidatorgetAcceptAllValidator ()
 

Variables

 WireEncodable< AdditionalDescription >
 
 WireEncodableWithEncodingBuffer< AdditionalDescription >
 
 WireDecodable< AdditionalDescription >
 
static const size_t KEY_OFFSET = 0
 
static const size_t VALUE_OFFSET = 1
 
ndn security CertificateBundleFetcher
 
ndn security CertificateCache
 
ndn security v2 CertificateFetcher FromNetwork
 
ndn security CertificateFetcher
 
 WireEncodable< Certificate >
 
 WireDecodable< Certificate >
 
ndn security KeyChain
 
const name::Component SELF ("self")
 
ndn security TrustAnchorGroup
 
ndn security ValidationState
 
ndn security Validator
 

Typedef Documentation

◆ DataValidationSuccessCallback

typedef function<void(const Data& data)> ndn::security::v2::DataValidationSuccessCallback

Callback to report a successful Data validation.

Definition at line 37 of file validation-callback.hpp.

◆ DataValidationFailureCallback

typedef function<void(const Data& data, const ValidationError& error)> ndn::security::v2::DataValidationFailureCallback

Callback to report a failed Data validation.

Definition at line 42 of file validation-callback.hpp.

◆ InterestValidationSuccessCallback

typedef function<void(const Interest& interest)> ndn::security::v2::InterestValidationSuccessCallback

Callback to report a successful Interest validation.

Definition at line 47 of file validation-callback.hpp.

◆ InterestValidationFailureCallback

typedef function<void(const Interest& interest, const ValidationError& error)> ndn::security::v2::InterestValidationFailureCallback

Callback to report a failed Interest validation.

Definition at line 52 of file validation-callback.hpp.

◆ SignedInterestFormatTag

Function Documentation

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS()

ndn::security::v2::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( AdditionalDescription  )

◆ operator<<() [1/4]

std::ostream & ndn::security::v2::operator<< ( std::ostream &  os,
const AdditionalDescription desc 
)

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS()

ndn::security::v2::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( AdditionalDescription  )

◆ operator<<() [2/4]

◆ extractIdentityFromCertName()

Name ndn::security::v2::extractIdentityFromCertName ( const Name certName)

Extract identity namespace from the certificate name certName.

Definition at line 210 of file certificate.cpp.

References ndn::Name::getPrefix(), ndn::security::v2::Certificate::isValidName(), NDN_THROW, and ndn::Name::toUri().

Referenced by parseLocatorUri().

◆ extractKeyNameFromCertName()

◆ parseLocatorUri()

static std::tuple<std::string, std::string> ndn::security::v2::parseLocatorUri ( const std::string &  uri)
inlinestatic

Definition at line 515 of file key-chain.cpp.

References ndn::Name::append(), ndn::Name::appendVersion(), ndn::OBufferStream::buf(), bufs, ndn::tlv::ContentType_Key, ndn::security::transform::digestFilter(), ndn::tlv::DigestSha256, ndn::EC, extractIdentityFromCertName(), extractIdentityFromKeyName(), extractKeyNameFromCertName(), ndn::security::MakeCertificateOptions::freshnessPeriod, ndn::security::pib::Key::getDefaultCertificate(), ndn::security::pib::Identity::getDefaultKey(), ndn::security::SigningInfo::getDigestAlgorithm(), ndn::security::SigningInfo::getDigestSha256Identity(), ndn::security::SigningInfo::getHmacKey(), ndn::security::pib::Key::getIdentity(), ndn::security::pib::Key::getKeyType(), ndn::security::pib::Identity::getName(), ndn::security::pib::Key::getName(), ndn::security::SigningInfo::getPibIdentity(), ndn::security::SigningInfo::getPibKey(), ndn::security::SigningInfo::getSignatureInfo(), ndn::security::SigningInfo::getSignerName(), ndn::security::SigningInfo::getSignerType(), ndn::HMAC, ndn::security::MakeCertificateOptions::issuerId, ndn::security::v2::KeyChain::makeCertificate(), ndn::security::ValidityPeriod::makeRelative(), nonstd::optional_lite::std11::move(), NDN_LOG_TRACE, NDN_THROW, NDN_THROW_NESTED, ndn::security::pib::Pib, ndn::RSA, SELF, ndn::Data::setContent(), ndn::Data::setContentType(), ndn::Data::setFreshnessPeriod(), ndn::SignatureInfo::setKeyLocator(), ndn::Data::setName(), ndn::security::SigningInfo::setSignatureInfo(), ndn::SignatureInfo::setSignatureType(), ndn::SignatureInfo::setValidityPeriod(), ndn::SHA256, ndn::security::v2::KeyChain::sign(), ndn::tlv::SignatureHmacWithSha256, ndn::tlv::SignatureSha256WithEcdsa, ndn::tlv::SignatureSha256WithRsa, ndn::security::SigningInfo::SIGNER_TYPE_CERT, ndn::security::SigningInfo::SIGNER_TYPE_HMAC, ndn::security::SigningInfo::SIGNER_TYPE_ID, ndn::security::SigningInfo::SIGNER_TYPE_KEY, ndn::security::SigningInfo::SIGNER_TYPE_NULL, ndn::security::SigningInfo::SIGNER_TYPE_SHA256, ndn::security::signingByKey(), ndn::security::transform::streamSink(), ndn::to_string(), ndn::Name::toUri(), ndn::security::MakeCertificateOptions::validity, and ndn::security::MakeCertificateOptions::version.

◆ constructKeyName()

Name ndn::security::v2::constructKeyName ( const Name identity,
const name::Component keyId 
)

Construct key name based on the appropriate naming conventions.

Definition at line 143 of file key.cpp.

References ndn::Name::append().

Referenced by ndn::security::tpm::BackEnd::constructAsymmetricKeyName(), ndn::security::tpm::BackEnd::createKey(), and ndn::security::pib::operator==().

◆ isValidKeyName()

bool ndn::security::v2::isValidKeyName ( const Name keyName)

Check if keyName follow the naming conventions for the key name.

Definition at line 153 of file key.cpp.

References ndn::Name::get(), and ndn::Name::size().

Referenced by extractIdentityFromKeyName(), and ndn::security::pib::operator==().

◆ extractIdentityFromKeyName()

◆ operator<<() [3/4]

std::ostream & ndn::security::v2::operator<< ( std::ostream &  os,
ValidationError::Code  code 
)

Definition at line 31 of file validation-error.cpp.

References ndn::to_underlying().

◆ operator<<() [4/4]

std::ostream & ndn::security::v2::operator<< ( std::ostream &  os,
const ValidationError error 
)

◆ getKeyLocatorName() [1/3]

◆ getKeyLocatorName() [2/3]

Name ndn::security::v2::getKeyLocatorName ( const Data data,
ValidationState state 
)

extract KeyLocator.Name from a Data packet

The Data packet must contain a KeyLocator of Name type. Otherwise, state.fail is invoked with INVALID_KEY_LOCATOR error.

Definition at line 85 of file validation-policy.cpp.

References getKeyLocatorName(), and ndn::Data::getSignatureInfo().

◆ getKeyLocatorName() [3/3]

Name ndn::security::v2::getKeyLocatorName ( const Interest interest,
ValidationState state 
)

extract KeyLocator.Name from signed Interest

Signed Interests according to Packet Specification v0.3+, as identified inside the state, must have an InterestSignatureInfo element. Legacy signed Interests must contain a (Data)SignatureInfo name component. In both cases, the included KeyLocator must be of the Name type. otherwise, state.fail will be invoked with an INVALID_KEY_LOCATOR error.

Interests specified to this method must be tagged with a SignedInterestFormatTag to indicate whether they are signed according to Packet Specification v0.3+ or a previous specification.

Definition at line 91 of file validation-policy.cpp.

References ndn::security::v2::ValidationState::fail(), getKeyLocatorName(), ndn::Interest::getName(), ndn::Interest::getSignatureInfo(), ndn::TagHost::getTag(), ndn::security::v2::ValidationError::INVALID_KEY_LOCATOR, ndn::signed_interest::MIN_SIZE, ns3::ndn::Name, ndn::signed_interest::POS_SIG_INFO, ndn::security::V03, and ndn::SignatureInfo::wireDecode().

◆ extractIdentityNameFromKeyLocator()

Name ndn::security::v2::extractIdentityNameFromKeyLocator ( const Name keyLocator)

◆ getAcceptAllValidator()

Validator & ndn::security::v2::getAcceptAllValidator ( )

Definition at line 36 of file validator-null.cpp.

Variable Documentation

◆ WireEncodable< AdditionalDescription >

ndn::security::v2::WireEncodable< AdditionalDescription >

Definition at line 32 of file additional-description.cpp.

◆ WireEncodableWithEncodingBuffer< AdditionalDescription >

ndn::security::v2::WireEncodableWithEncodingBuffer< AdditionalDescription >

Definition at line 33 of file additional-description.cpp.

◆ WireDecodable< AdditionalDescription >

ndn::security::v2::WireDecodable< AdditionalDescription >

Definition at line 34 of file additional-description.cpp.

◆ KEY_OFFSET

const size_t ndn::security::v2::KEY_OFFSET = 0
static

◆ VALUE_OFFSET

const size_t ndn::security::v2::VALUE_OFFSET = 1
static

◆ CertificateBundleFetcher

◆ CertificateCache

Definition at line 29 of file certificate-cache.cpp.

◆ FromNetwork

ndn security v2 CertificateFetcher ndn::security::v2::FromNetwork

Definition at line 33 of file certificate-fetcher-from-network.cpp.

◆ CertificateFetcher

Definition at line 32 of file certificate-fetcher.cpp.

◆ WireEncodable< Certificate >

ndn::security::v2::WireEncodable< Certificate >

Definition at line 34 of file certificate.cpp.

◆ WireDecodable< Certificate >

ndn::security::v2::WireDecodable< Certificate >

Definition at line 35 of file certificate.cpp.

◆ KeyChain

◆ SELF

const name::Component ndn::security::v2::SELF("self")

Referenced by parseLocatorUri().

◆ TrustAnchorGroup

Definition at line 38 of file trust-anchor-group.cpp.

◆ ValidationState

Definition at line 31 of file validation-state.cpp.

◆ Validator

Definition at line 32 of file validator.cpp.

Referenced by ndn::util::SegmentFetcher::Options::validate().