NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::v2::validator_config::ValidationPolicyConfig Class Reference

The validator which can be set up via a configuration file. More...

#include <validation-policy-config.hpp>

Inheritance diagram for ndn::security::v2::validator_config::ValidationPolicyConfig:
Collaboration diagram for ndn::security::v2::validator_config::ValidationPolicyConfig:

Public Member Functions

 ValidationPolicyConfig ()
 
void load (const std::string &filename)
 
void load (const std::string &input, const std::string &filename)
 
void load (std::istream &input, const std::string &filename)
 
void load (const ConfigSection &configSection, const std::string &filename)
 
- Public Member Functions inherited from ndn::security::v2::ValidationPolicy
 ValidationPolicy ()
 
virtual ~ValidationPolicy ()=default
 
void setInnerPolicy (unique_ptr< ValidationPolicy > innerPolicy)
 Set inner policy. More...
 
bool hasInnerPolicy () const
 Check if inner policy is set. More...
 
ValidationPolicygetInnerPolicy ()
 Return the inner policy. More...
 
void setValidator (Validator &validator)
 Set validator to which the policy is associated. More...
 
virtual void checkPolicy (const Certificate &certificate, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)
 Check certificate against the policy. More...
 

Protected Member Functions

void checkPolicy (const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
 Check data against the policy. More...
 
void checkPolicy (const Interest &interest, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
 Check interest against the policy. More...
 

Additional Inherited Members

- Public Types inherited from ndn::security::v2::ValidationPolicy
using ValidationContinuation = std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)>
 
- Public Attributes inherited from ndn::security::v2::ValidationPolicy
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PROTECTED __pad0__: Validator* m_validator
 
unique_ptr< ValidationPolicym_innerPolicy
 

Detailed Description

The validator which can be set up via a configuration file.

Note
For command Interest validation, this policy must be combined with ValidationPolicyCommandInterest, in order to guard against replay attacks.
This policy does not support inner policies (a sole policy or a terminal inner policy)
See also
https://named-data.net/doc/ndn-cxx/current/tutorials/security-validator-config.html

Definition at line 42 of file validation-policy-config.hpp.

Constructor & Destructor Documentation

ndn::security::v2::validator_config::ValidationPolicyConfig::ValidationPolicyConfig ( )

Definition at line 36 of file validation-policy-config.cpp.

Member Function Documentation

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( const std::string &  filename)

Definition at line 43 of file validation-policy-config.cpp.

Referenced by load().

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( const std::string &  input,
const std::string &  filename 
)

Definition at line 57 of file validation-policy-config.cpp.

References load().

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( std::istream &  input,
const std::string &  filename 
)

Definition at line 64 of file validation-policy-config.cpp.

References load().

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( const ConfigSection configSection,
const std::string &  filename 
)
void ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy ( const Data data,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
overrideprotectedvirtual

Check data against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further key retrievals are necessary, the policy should call continueValidation(state, nullptr)
  • If packet conforms to the policy and a key needs to be fetched, the policy should call continueValidation(state, <appropriate-key-request-instance>)

Implements ndn::security::v2::ValidationPolicy.

Definition at line 261 of file validation-policy-config.cpp.

References ndn::tlv::Data, ndn::security::v2::getKeyLocatorName(), ndn::Data::getName(), ndn::security::v2::ValidationPolicy::hasInnerPolicy(), ndn::tlv::Interest, ndn::security::v2::ValidationError::POLICY_ERROR, and ndn::Name::toUri().

void ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy ( const Interest interest,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
overrideprotectedvirtual

Check interest against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further key retrievals are necessary, the policy should call continueValidation(state, nullptr)
  • If packet conforms to the policy and a key needs to be fetched, the policy should call continueValidation(state, <appropriate-key-request-instance>)

Implements ndn::security::v2::ValidationPolicy.

Definition at line 289 of file validation-policy-config.cpp.

References ndn::security::v2::getKeyLocatorName(), ndn::Interest::getName(), ndn::security::v2::ValidationPolicy::hasInnerPolicy(), ndn::tlv::Interest, ndn::security::v2::ValidationError::POLICY_ERROR, and ndn::Name::toUri().


The documentation for this class was generated from the following files: