|
NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
|
API Documentation |
|
|
NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
|
API Documentation |
provides the interfaces for packet validation. More...
#include <validator.hpp>
Classes | |
| class | Error |
Public Member Functions | |
| Validator (Face *face=nullptr) | |
| Validator constructor. More... | |
| Validator (Face &face) | |
| virtual | ~Validator () |
| void | validate (const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed) |
| Validate Data and call either onValidated or onValidationFailed. More... | |
| void | validate (const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed) |
| Validate Interest and call either onValidated or onValidationFailed. More... | |
Static Public Member Functions | |
| static bool | verifySignature (const Data &data, const v1::PublicKey &publicKey) |
| Verify the data using the publicKey. More... | |
| static bool | verifySignature (const Interest &interest, const v1::PublicKey &publicKey) |
| Verify the signed Interest using the publicKey. More... | |
| static bool | verifySignature (const Buffer &blob, const Signature &sig, const v1::PublicKey &publicKey) |
| Verify the blob using the publicKey against the signature. More... | |
| static bool | verifySignature (const Data &data, const Signature &sig, const v1::PublicKey &publicKey) |
| Verify the data using the publicKey against the SHA256-RSA signature. More... | |
| static bool | verifySignature (const Interest &interest, const Signature &sig, const v1::PublicKey &publicKey) |
| Verify the interest using the publicKey against the SHA256-RSA signature. More... | |
| static bool | verifySignature (const uint8_t *buf, const size_t size, const Signature &sig, const v1::PublicKey &publicKey) |
| Verify the blob using the publicKey against the SHA256-RSA signature. More... | |
| static bool | verifySignature (const Data &data, const DigestSha256 &sig) |
| Verify the data against the SHA256 signature. More... | |
| static bool | verifySignature (const Interest &interest, const DigestSha256 &sig) |
| Verify the interest against the SHA256 signature. More... | |
| static bool | verifySignature (const Buffer &blob, const DigestSha256 &sig) |
| Verify the blob against the SHA256 signature. More... | |
| static bool | verifySignature (const uint8_t *buf, const size_t size, const DigestSha256 &sig) |
| Verify the blob against the SHA256 signature. More... | |
Protected Types | |
| typedef function< void(const std::string &)> | OnFailure |
Protected Member Functions | |
| virtual void | checkPolicy (const Data &data, int nSteps, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest >> &nextSteps)=0 |
| Check the Data against policy and return the next validation step if necessary. More... | |
| virtual void | checkPolicy (const Interest &interest, int nSteps, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest >> &nextSteps)=0 |
| Check the Interest against validation policy and return the next validation step if necessary. More... | |
| void | onData (const Interest &interest, const Data &data, const shared_ptr< ValidationRequest > &nextStep) |
| Process the received certificate. More... | |
| void | validate (const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, int nSteps) |
| void | validate (const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed, int nSteps) |
| virtual shared_ptr< const Data > | preCertificateValidation (const Data &data) |
| Hooks. More... | |
| virtual void | onNack (const Interest &interest, const lp::Nack &nack, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest) |
| trigger when interest retrieves a Nack. More... | |
| virtual void | onTimeout (const Interest &interest, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest) |
| trigger when interest for certificate times out. More... | |
| virtual void | afterCheckPolicy (const std::vector< shared_ptr< ValidationRequest >> &nextSteps, const OnFailure &onFailure) |
| trigger after checkPolicy is done. More... | |
Protected Attributes | |
| Face * | m_face |
provides the interfaces for packet validation.
Definition at line 42 of file validator.hpp.
|
protected |
Definition at line 242 of file validator.hpp.
|
explicit |
Validator constructor.
| face | Pointer to face through which validator may retrieve certificates. Passing a null pointer implies the validator is in offline mode. |
Definition at line 36 of file validator.cpp.
Referenced by ndn::security::Validator::Error::Error().
|
explicit |
Definition at line 41 of file validator.cpp.
References ~Validator().
|
virtualdefault |
Referenced by ndn::security::Validator::Error::Error(), and Validator().
|
inline |
Validate Data and call either onValidated or onValidationFailed.
| data | The Data with the signature to check. |
| onValidated | If the Data is validated, this calls onValidated(data). |
| onValidationFailed | If validation fails, this calls onValidationFailed(data). |
Definition at line 81 of file validator.hpp.
Referenced by ndn::nfd::Controller::Controller(), onData(), nfd::rib::RibManager::onRibUpdateFailure(), and validate().
|
inline |
Validate Interest and call either onValidated or onValidationFailed.
| interest | The Interest with the signature to check. |
| onValidated | If the Interest is validated, this calls onValidated(interest). |
| onValidationFailed | If validation fails, this calls onValidationFailed(interest). |
Definition at line 96 of file validator.hpp.
References validate(), and verifySignature().
|
static |
Verify the data using the publicKey.
Definition at line 105 of file validator.cpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Signature::hasKeyLocator(), ndn::Block::size(), and ndn::Data::wireEncode().
Referenced by ndn::security::conf::FixedSignerChecker::check(), ndn::security::ValidatorRegex::checkPolicy(), ndn::security::ValidatorConfig::checkPolicy(), nfd::CommandAuthenticator::makeAuthorization(), ndn::security::ValidatorRegex::onCertificateValidated(), validate(), and verifySignature().
|
static |
Verify the signed Interest using the publicKey.
(Note the signature covers the first n-2 name components).
Definition at line 117 of file validator.cpp.
References ndn::Interest::getName(), ndn::Signature::hasKeyLocator(), ndn::signed_interest::MIN_LENGTH_SIG_ONLY, ndn::signed_interest::POS_SIG_INFO, ndn::signed_interest::POS_SIG_VALUE, ndn::Signature::setInfo(), ndn::Signature::setValue(), ndn::Name::size(), ndn::Block::value(), ndn::Block::value_size(), verifySignature(), and ndn::Name::wireEncode().
|
inlinestatic |
Verify the blob using the publicKey against the signature.
Definition at line 121 of file validator.hpp.
References ndn::Buffer::buf(), and verifySignature().
|
inlinestatic |
Verify the data using the publicKey against the SHA256-RSA signature.
Definition at line 128 of file validator.hpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Block::size(), verifySignature(), and ndn::Data::wireEncode().
|
inlinestatic |
Verify the interest using the publicKey against the SHA256-RSA signature.
(Note the signature covers the first n-2 name components).
Definition at line 142 of file validator.hpp.
References ndn::Interest::getName(), ndn::Name::size(), verifySignature(), and ndn::Name::wireEncode().
|
static |
Verify the blob using the publicKey against the SHA256-RSA signature.
Definition at line 143 of file validator.cpp.
References ndn::Buffer::buf(), ndn::Oid::decode(), ndn::EC, ndn::security::v1::PublicKey::get(), ndn::security::v1::PublicKey::getKeyType(), ndn::Signature::getType(), ndn::Signature::getValue(), ndn::RSA, ndn::security::SECP256R1, ndn::security::SECP384R1, ndn::tlv::SignatureSha256WithEcdsa, ndn::tlv::SignatureSha256WithRsa, ndn::Block::value(), and ndn::Block::value_size().
|
inlinestatic |
Verify the data against the SHA256 signature.
Definition at line 166 of file validator.hpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Block::size(), verifySignature(), and ndn::Data::wireEncode().
|
inlinestatic |
Verify the interest against the SHA256 signature.
(Note the signature covers the first n-2 name components).
Definition at line 179 of file validator.hpp.
References ndn::Interest::getName(), ndn::Name::size(), verifySignature(), and ndn::Name::wireEncode().
|
inlinestatic |
Verify the blob against the SHA256 signature.
Definition at line 193 of file validator.hpp.
References ndn::Buffer::buf(), checkPolicy(), and verifySignature().
|
static |
Verify the blob against the SHA256 signature.
Definition at line 235 of file validator.cpp.
References ndn::crypto::computeSha256Digest(), ndn::Signature::getValue(), ndn::crypto::SHA256_DIGEST_SIZE, ndn::Block::value(), and ndn::Block::value_size().
|
protectedpure virtual |
Check the Data against policy and return the next validation step if necessary.
If there is no next validation step, that validation MUST have been done. i.e., either onValidated or onValidationFailed callback is invoked.
| data | The Data to check. |
| nSteps | The number of validation steps that have been done. |
| onValidated | If the Data is validated, this calls onValidated(data) |
| onValidationFailed | If validation fails, this calls onValidationFailed(data) |
| nextSteps | On return, contains the next validation step |
Implemented in ndn::security::CommandInterestValidator, and ndn::security::ValidatorConfig.
Referenced by validate(), and verifySignature().
|
protectedpure virtual |
Check the Interest against validation policy and return the next validation step if necessary.
If there is no next validation step, that validation MUST have been done. i.e., either onValidated or onValidationFailed callback is invoked.
| interest | The Interest to check. |
| nSteps | The number of validation steps that have been done. |
| onValidated | If the Interest is validated, this calls onValidated(data) |
| onValidationFailed | If validation fails, this calls onValidationFailed(data) |
| nextSteps | On return, contains the next validation step |
Implemented in ndn::security::CommandInterestValidator, and ndn::security::ValidatorConfig.
|
protected |
Process the received certificate.
Definition at line 89 of file validator.cpp.
References ndn::Data::getName(), preCertificateValidation(), ndn::Name::toUri(), and validate().
Referenced by afterCheckPolicy(), onNack(), and onTimeout().
|
protected |
Definition at line 69 of file validator.cpp.
References afterCheckPolicy(), and checkPolicy().
|
protected |
Definition at line 49 of file validator.cpp.
References afterCheckPolicy(), and checkPolicy().
|
inlineprotectedvirtual |
Hooks.
trigger before validating requested certificate.
The Data:
This method returns a data (actually certificate) that is will be passed as Data into: Validator::validate(const Data& data, const OnDataValidated& onValidated, const OnDataValidationFailed& onValidationFailed, int nSteps);
Definition at line 278 of file validator.hpp.
References afterCheckPolicy(), onNack(), and onTimeout().
Referenced by onData().
|
protectedvirtual |
trigger when interest retrieves a Nack.
Validator can decide how to handle a Nack, either call onFailure, or retry.
| interest | The interest that retrieves a Nack. |
| nack | The Nack that is retrieved. |
| nRemainingRetries | The number of retries left. |
| onFailure | Failure callback when there is no more retries remaining. |
| validationRequest | The validationRequest containing the context of the interest. |
Definition at line 258 of file validator.cpp.
References ndn::Face::expressInterest(), ndn::Interest::getName(), ndn::tlv::Interest, m_face, onData(), onTimeout(), ndn::Interest::refreshNonce(), and ndn::Name::toUri().
Referenced by afterCheckPolicy(), onTimeout(), and preCertificateValidation().
|
protectedvirtual |
trigger when interest for certificate times out.
Validator can decide how to handle the timeout, either call onFailure, or retry.
| interest | The interest that times out. |
| nRemainingRetries | The number of retries left. |
| onFailure | Failure callback when there is no more retries remaining. |
| validationRequest | The validationRequest containing the context of the interest. |
Definition at line 282 of file validator.cpp.
References ndn::Face::expressInterest(), ndn::Interest::getName(), ndn::tlv::Interest, m_face, onData(), onNack(), ndn::Interest::refreshNonce(), and ndn::Name::toUri().
Referenced by afterCheckPolicy(), onNack(), and preCertificateValidation().
|
protectedvirtual |
trigger after checkPolicy is done.
Validator can decide how to handle the set of validation requests according to the trust model.
| nextSteps | A set of validation request made by checkPolicy. |
| onFailure | Failure callback when errors happen in processing nextSteps. |
Definition at line 305 of file validator.cpp.
References ndn::Face::expressInterest(), m_face, onData(), onNack(), and onTimeout().
Referenced by preCertificateValidation(), and validate().
|
protected |
Definition at line 331 of file validator.hpp.
Referenced by afterCheckPolicy(), onNack(), and onTimeout().
1.8.13