NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks 		API Documentation
validator.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
25 #ifndef NDN_SECURITY_VALIDATOR_HPP
26 #define NDN_SECURITY_VALIDATOR_HPP
27 
28 #include "../face.hpp"
29 #include "signature-sha256-with-rsa.hpp"
30 #include "signature-sha256-with-ecdsa.hpp"
31 #include "digest-sha256.hpp"
32 #include "validation-request.hpp"
33 #include "v1/public-key.hpp"
34 #include "v1/identity-certificate.hpp"
35 
36 namespace ndn {
37 namespace security {
38 
42 class Validator
43 {
44 public:
45  class Error : public std::runtime_error
46  {
47  public:
48  explicit
49  Error(const std::string& what)
50  : std::runtime_error(what)
51  {
52  }
53  };
54 
63  explicit
64  Validator(Face* face = nullptr);
65 
67  explicit
68  Validator(Face& face);
69 
70  virtual
71  ~Validator();
72 
80  void
81  validate(const Data& data,
82  const OnDataValidated& onValidated,
83  const OnDataValidationFailed& onValidationFailed)
84  {
85  validate(data, onValidated, onValidationFailed, 0);
86  }
87 
95  void
96  validate(const Interest& interest,
97  const OnInterestValidated& onValidated,
98  const OnInterestValidationFailed& onValidationFailed)
99  {
100  validate(interest, onValidated, onValidationFailed, 0);
101  }
102 
103  /*****************************************
104  * verifySignature method set *
105  *****************************************/
106 
108  static bool
109  verifySignature(const Data& data, const v1::PublicKey& publicKey);
110 
116  static bool
117  verifySignature(const Interest& interest, const v1::PublicKey& publicKey);
118 
120  static bool
121  verifySignature(const Buffer& blob, const Signature& sig, const v1::PublicKey& publicKey)
122  {
123  return verifySignature(blob.buf(), blob.size(), sig, publicKey);
124  }
125 
127  static bool
128  verifySignature(const Data& data,
129  const Signature& sig,
130  const v1::PublicKey& publicKey)
131  {
132  return verifySignature(data.wireEncode().value(),
133  data.wireEncode().value_size() - data.getSignature().getValue().size(),
134  sig, publicKey);
135  }
136 
141  static bool
142  verifySignature(const Interest& interest,
143  const Signature& sig,
144  const v1::PublicKey& publicKey)
145  {
146  if (interest.getName().size() < 2)
147  return false;
148 
149  const Name& name = interest.getName();
150 
151  return verifySignature(name.wireEncode().value(),
152  name.wireEncode().value_size() - name[-1].size(),
153  sig, publicKey);
154  }
155 
157  static bool
158  verifySignature(const uint8_t* buf,
159  const size_t size,
160  const Signature& sig,
161  const v1::PublicKey& publicKey);
162 
163 
165  static bool
166  verifySignature(const Data& data, const DigestSha256& sig)
167  {
168  return verifySignature(data.wireEncode().value(),
169  data.wireEncode().value_size() -
170  data.getSignature().getValue().size(),
171  sig);
172  }
173 
178  static bool
179  verifySignature(const Interest& interest, const DigestSha256& sig)
180  {
181  if (interest.getName().size() < 2)
182  return false;
183 
184  const Name& name = interest.getName();
185 
186  return verifySignature(name.wireEncode().value(),
187  name.wireEncode().value_size() - name[-1].size(),
188  sig);
189  }
190 
192  static bool
193  verifySignature(const Buffer& blob, const DigestSha256& sig)
194  {
195  return verifySignature (blob.buf(), blob.size(), sig);
196  }
197 
199  static bool
200  verifySignature(const uint8_t* buf, const size_t size, const DigestSha256& sig);
201 
202 protected:
215  virtual void
216  checkPolicy(const Data& data,
217  int nSteps,
218  const OnDataValidated& onValidated,
219  const OnDataValidationFailed& onValidationFailed,
220  std::vector<shared_ptr<ValidationRequest>>& nextSteps) = 0;
221 
235  virtual void
236  checkPolicy(const Interest& interest,
237  int nSteps,
238  const OnInterestValidated& onValidated,
239  const OnInterestValidationFailed& onValidationFailed,
240  std::vector<shared_ptr<ValidationRequest>>& nextSteps) = 0;
241 
242  typedef function<void(const std::string&)> OnFailure;
243 
245  void
246  onData(const Interest& interest,
247  const Data& data,
248  const shared_ptr<ValidationRequest>& nextStep);
249 
250  void
251  validate(const Data& data,
252  const OnDataValidated& onValidated,
253  const OnDataValidationFailed& onValidationFailed,
254  int nSteps);
255 
256  void
257  validate(const Interest& interest,
258  const OnInterestValidated& onValidated,
259  const OnInterestValidationFailed& onValidationFailed,
260  int nSteps);
261 
263 
277  virtual shared_ptr<const Data>
278  preCertificateValidation(const Data& data)
279  {
280  return data.shared_from_this();
281  }
282 
294  virtual void
295  onNack(const Interest& interest,
296  const lp::Nack& nack,
297  int nRemainingRetries,
298  const OnFailure& onFailure,
299  const shared_ptr<ValidationRequest>& validationRequest);
300 
311  virtual void
312  onTimeout(const Interest& interest,
313  int nRemainingRetries,
314  const OnFailure& onFailure,
315  const shared_ptr<ValidationRequest>& validationRequest);
316 
326  virtual void
327  afterCheckPolicy(const std::vector<shared_ptr<ValidationRequest>>& nextSteps,
328  const OnFailure& onFailure);
329 
330 protected:
331  Face* m_face;
332 };
333 
334 } // namespace security
335 
336 using security::Validator;
337 
338 } // namespace ndn
339 
340 #endif // NDN_SECURITY_VALIDATOR_HPP
ndn::security::OnInterestValidationFailed
function< void(const shared_ptr< const Interest > &, const std::string &)> OnInterestValidationFailed
Callback to report a failed Interest validation.
Definition: validation-request.hpp:37
ndn::security::Validator::validate
void validate(const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed)
Validate Data and call either onValidated or onValidationFailed.
Definition: validator.hpp:81
ndn
Copyright (c) 2011-2015 Regents of the University of California.
Definition: ndn-strategy-choice-helper.hpp:34
ndn::security::Validator::validate
void validate(const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed)
Validate Interest and call either onValidated or onValidationFailed.
Definition: validator.hpp:96
ndn::security::Validator::preCertificateValidation
virtual shared_ptr< const Data > preCertificateValidation(const Data &data)
Hooks.
Definition: validator.hpp:278
ndn::security::Validator::Error::Error
Error(const std::string &what)
Definition: validator.hpp:49
ndn::security::Validator::checkPolicy
virtual void checkPolicy(const Data &data, int nSteps, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest >> &nextSteps)=0
Check the Data against policy and return the next validation step if necessary.
ndn::DigestSha256
Represent a SHA256 digest.
Definition: digest-sha256.hpp:33
ndn::security::Validator::afterCheckPolicy
virtual void afterCheckPolicy(const std::vector< shared_ptr< ValidationRequest >> &nextSteps, const OnFailure &onFailure)
trigger after checkPolicy is done.
Definition: validator.cpp:305
std
STL namespace.
ndn::Interest
represents an Interest packet
Definition: interest.hpp:42
ndn::security::OnDataValidationFailed
function< void(const shared_ptr< const Data > &, const std::string &)> OnDataValidationFailed
Callback to report a failed Data validation.
Definition: validation-request.hpp:44
ndn::security::Validator::verifySignature
static bool verifySignature(const Interest &interest, const Signature &sig, const v1::PublicKey &publicKey)
Verify the interest using the publicKey against the SHA256-RSA signature.
Definition: validator.hpp:142
ndn::security::OnDataValidated
function< void(const shared_ptr< const Data > &)> OnDataValidated
Callback to report a successful Data validation.
Definition: validation-request.hpp:40
ndn::lp::Nack
represents a Network Nack
Definition: nack.hpp:40
ndn::security::OnInterestValidated
function< void(const shared_ptr< const Interest > &)> OnInterestValidated
Callback to report a successful Interest validation.
Definition: validation-request.hpp:33
ndn::Block::size
size_t size() const
Definition: block.cpp:504
ndn::security::Validator::Validator
Validator(Face *face=nullptr)
Validator constructor.
Definition: validator.cpp:36
ndn::security::Validator::verifySignature
static bool verifySignature(const Buffer &blob, const Signature &sig, const v1::PublicKey &publicKey)
Verify the blob using the publicKey against the signature.
Definition: validator.hpp:121
ndn::Buffer::buf
uint8_t * buf()
Definition: buffer.hpp:87
ndn::Signature::getValue
const Block & getValue() const
Get SignatureValue in the wire format.
Definition: signature.hpp:105
ndn::security::Validator
provides the interfaces for packet validation.
Definition: validator.hpp:42
ndn::Face
Provide a communication channel with local or remote NDN forwarder.
Definition: face.hpp:125
ndn::Name
Name abstraction to represent an absolute name.
Definition: name.hpp:46
ndn::security::Validator::OnFailure
function< void(const std::string &)> OnFailure
Definition: validator.hpp:242
ndn::security::Validator::onData
void onData(const Interest &interest, const Data &data, const shared_ptr< ValidationRequest > &nextStep)
Process the received certificate.
Definition: validator.cpp:89
ndn::Name::size
size_t size() const
Get the number of components.
Definition: name.hpp:400
ndn::security::Validator::verifySignature
static bool verifySignature(const Buffer &blob, const DigestSha256 &sig)
Verify the blob against the SHA256 signature.
Definition: validator.hpp:193
ndn::security::Validator::verifySignature
static bool verifySignature(const Data &data, const Signature &sig, const v1::PublicKey &publicKey)
Verify the data using the publicKey against the SHA256-RSA signature.
Definition: validator.hpp:128
ndn::Data::wireEncode
size_t wireEncode(EncodingImpl< TAG > &encoder, bool wantUnsignedPortionOnly=false) const
Fast encoding or block size estimation.
Definition: data.cpp:52
ndn::security::Validator::verifySignature
static bool verifySignature(const Data &data, const DigestSha256 &sig)
Verify the data against the SHA256 signature.
Definition: validator.hpp:166
ndn::Name::wireEncode
size_t wireEncode(EncodingImpl< TAG > &encoder) const
Fast encoding or block size estimation.
Definition: name.cpp:122
ndn::security::Validator::verifySignature
static bool verifySignature(const Interest &interest, const DigestSha256 &sig)
Verify the interest against the SHA256 signature.
Definition: validator.hpp:179
ndn::security::Validator::onNack
virtual void onNack(const Interest &interest, const lp::Nack &nack, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest)
trigger when interest retrieves a Nack.
Definition: validator.cpp:258
ndn::security::Validator::verifySignature
static bool verifySignature(const Data &data, const v1::PublicKey &publicKey)
Verify the data using the publicKey.
Definition: validator.cpp:105
ndn::Data::getSignature
const Signature & getSignature() const
Definition: data.hpp:348
ndn::Data
represents a Data packet
Definition: data.hpp:37
ndn::Buffer
Class representing a general-use automatically managed/resized buffer.
Definition: buffer.hpp:44
ndn::Interest::getName
const Name & getName() const
Definition: interest.hpp:215
ndn::Signature
A Signature is storage for the signature-related information (info and value) in a Data packet...
Definition: signature.hpp:33
ndn::security::Validator::onTimeout
virtual void onTimeout(const Interest &interest, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest)
trigger when interest for certificate times out.
Definition: validator.cpp:282