Validator is one of the main classes of the security library. More...
#include <validator.hpp>
Classes | |
class | Error |
Public Member Functions | |
Validator (Face *face=nullptr) | |
Validator constructor. More... | |
Validator (Face &face) | |
void | validate (const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed) |
Validate Data and call either onValidated or onValidationFailed. More... | |
void | validate (const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed) |
Validate Interest and call either onValidated or onValidationFailed. More... | |
Static Public Member Functions | |
static bool | verifySignature (const Data &data, const PublicKey &publicKey) |
Verify the data using the publicKey. More... | |
static bool | verifySignature (const Interest &interest, const PublicKey &publicKey) |
Verify the signed Interest using the publicKey. More... | |
static bool | verifySignature (const Buffer &blob, const Signature &sig, const PublicKey &publicKey) |
Verify the blob using the publicKey against the signature. More... | |
static bool | verifySignature (const Data &data, const Signature &sig, const PublicKey &publicKey) |
Verify the data using the publicKey against the SHA256-RSA signature. More... | |
static bool | verifySignature (const Interest &interest, const Signature &sig, const PublicKey &publicKey) |
Verify the interest using the publicKey against the SHA256-RSA signature. More... | |
static bool | verifySignature (const uint8_t *buf, const size_t size, const Signature &sig, const PublicKey &publicKey) |
Verify the blob using the publicKey against the SHA256-RSA signature. More... | |
static bool | verifySignature (const Data &data, const DigestSha256 &sig) |
Verify the data against the SHA256 signature. More... | |
static bool | verifySignature (const Interest &interest, const DigestSha256 &sig) |
Verify the interest against the SHA256 signature. More... | |
static bool | verifySignature (const Buffer &blob, const DigestSha256 &sig) |
Verify the blob against the SHA256 signature. More... | |
static bool | verifySignature (const uint8_t *buf, const size_t size, const DigestSha256 &sig) |
Verify the blob against the SHA256 signature. More... | |
Protected Types | |
typedef function< void(const std::string &)> | OnFailure |
Protected Member Functions | |
virtual void | checkPolicy (const Data &data, int nSteps, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest > > &nextSteps)=0 |
Check the Data against policy and return the next validation step if necessary. More... | |
virtual void | checkPolicy (const Interest &interest, int nSteps, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed, std::vector< shared_ptr< ValidationRequest > > &nextSteps)=0 |
Check the Interest against validation policy and return the next validation step if necessary. More... | |
void | onData (const Interest &interest, const Data &data, const shared_ptr< ValidationRequest > &nextStep) |
Process the received certificate. More... | |
void | validate (const Data &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed, int nSteps) |
void | validate (const Interest &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed, int nSteps) |
virtual shared_ptr< const Data > | preCertificateValidation (const Data &data) |
Hooks. More... | |
virtual void | onTimeout (const Interest &interest, int nRemainingRetries, const OnFailure &onFailure, const shared_ptr< ValidationRequest > &validationRequest) |
trigger when interest for certificate times out. More... | |
virtual void | afterCheckPolicy (const std::vector< shared_ptr< ValidationRequest > > &nextSteps, const OnFailure &onFailure) |
trigger after checkPolicy is done. More... | |
Protected Attributes | |
Face * | m_face |
Validator is one of the main classes of the security library.
The Validator class provides the interfaces for packet validation.
Definition at line 46 of file validator.hpp.
|
protected |
Definition at line 243 of file validator.hpp.
|
explicit |
Validator constructor.
face | Pointer to face through which validator may retrieve certificates. Passing a null pointer implies the validator is in offline mode. |
Definition at line 37 of file validator.cpp.
|
explicit |
Definition at line 42 of file validator.cpp.
|
inline |
Validate Data and call either onValidated or onValidationFailed.
data | The Data with the signature to check. |
onValidated | If the Data is validated, this calls onValidated(data). |
onValidationFailed | If validation fails, this calls onValidationFailed(data). |
Definition at line 82 of file validator.hpp.
Referenced by onData(), nfd::CommandValidator::validate(), and validate().
|
inline |
Validate Interest and call either onValidated or onValidationFailed.
interest | The Interest with the signature to check. |
onValidated | If the Interest is validated, this calls onValidated(interest). |
onValidationFailed | If validation fails, this calls onValidationFailed(interest). |
Definition at line 97 of file validator.hpp.
References validate().
Verify the data using the publicKey.
Definition at line 106 of file validator.cpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Signature::hasKeyLocator(), ndn::Block::size(), and ndn::Data::wireEncode().
Referenced by ndn::ValidatorRegex::checkPolicy(), ndn::CommandInterestValidator::checkPolicy(), ndn::ValidatorRegex::onCertificateValidated(), and verifySignature().
|
static |
Verify the signed Interest using the publicKey.
(Note the signature covers the first n-2 name components).
Definition at line 118 of file validator.cpp.
References ndn::Interest::getName(), ndn::Signature::hasKeyLocator(), ndn::Name::size(), ndn::Block::value(), ndn::Block::value_size(), verifySignature(), and ndn::Name::wireEncode().
|
inlinestatic |
Verify the blob using the publicKey against the signature.
Definition at line 122 of file validator.hpp.
References ndn::Buffer::buf(), and verifySignature().
|
inlinestatic |
Verify the data using the publicKey against the SHA256-RSA signature.
Definition at line 129 of file validator.hpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Block::size(), verifySignature(), and ndn::Data::wireEncode().
|
inlinestatic |
Verify the interest using the publicKey against the SHA256-RSA signature.
(Note the signature covers the first n-2 name components).
Definition at line 143 of file validator.hpp.
References ndn::Interest::getName(), ndn::Name::size(), and verifySignature().
|
static |
Verify the blob using the publicKey against the SHA256-RSA signature.
Definition at line 146 of file validator.cpp.
References ndn::Buffer::buf(), ndn::OID::decode(), ndn::PublicKey::get(), ndn::PublicKey::getKeyType(), ndn::Signature::getType(), ndn::Signature::getValue(), ndn::KEY_TYPE_ECDSA, ndn::KEY_TYPE_RSA, ndn::SECP256R1, ndn::SECP384R1, ndn::tlv::SignatureSha256WithEcdsa, ndn::tlv::SignatureSha256WithRsa, ndn::Block::value(), and ndn::Block::value_size().
|
inlinestatic |
Verify the data against the SHA256 signature.
Definition at line 167 of file validator.hpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Block::size(), verifySignature(), and ndn::Data::wireEncode().
|
inlinestatic |
Verify the interest against the SHA256 signature.
(Note the signature covers the first n-2 name components).
Definition at line 180 of file validator.hpp.
References ndn::Interest::getName(), ndn::Name::size(), and verifySignature().
|
inlinestatic |
Verify the blob against the SHA256 signature.
Definition at line 194 of file validator.hpp.
References ndn::Buffer::buf(), and verifySignature().
|
static |
Verify the blob against the SHA256 signature.
Definition at line 242 of file validator.cpp.
References ndn::Signature::getValue(), ndn::crypto::sha256(), ndn::crypto::SHA256_DIGEST_SIZE, ndn::Block::value(), and ndn::Block::value_size().
|
protectedpure virtual |
Check the Data against policy and return the next validation step if necessary.
If there is no next validation step, that validation MUST have been done. i.e., either onValidated or onValidationFailed callback is invoked.
data | The Data to check. |
nSteps | The number of validation steps that have been done. |
onValidated | If the Data is validated, this calls onValidated(data) |
onValidationFailed | If validation fails, this calls onValidationFailed(data) |
nextSteps | On return, contains the next validation step |
Implemented in ndn::CommandInterestValidator, ndn::ValidatorConfig, ndn::ValidatorRegex, and ndn::ValidatorNull.
Referenced by validate().
|
protectedpure virtual |
Check the Interest against validation policy and return the next validation step if necessary.
If there is no next validation step, that validation MUST have been done. i.e., either onValidated or onValidationFailed callback is invoked.
interest | The Interest to check. |
nSteps | The number of validation steps that have been done. |
onValidated | If the Interest is validated, this calls onValidated(data) |
onValidationFailed | If validation fails, this calls onValidationFailed(data) |
nextSteps | On return, contains the next validation step |
Implemented in ndn::CommandInterestValidator, ndn::ValidatorConfig, ndn::ValidatorRegex, and ndn::ValidatorNull.
|
protected |
Process the received certificate.
Definition at line 90 of file validator.cpp.
References ndn::Data::getName(), preCertificateValidation(), ndn::Name::toUri(), and validate().
Referenced by afterCheckPolicy(), and onTimeout().
|
protected |
Definition at line 69 of file validator.cpp.
References afterCheckPolicy(), and checkPolicy().
|
protected |
Definition at line 48 of file validator.cpp.
References afterCheckPolicy(), and checkPolicy().
|
inlineprotectedvirtual |
Hooks.
trigger before validating requested certificate.
The Data:
This method returns a data (actually certificate) that is will be passed as Data into: Validator::validate(const Data& data, const OnDataValidated& onValidated, const OnDataValidationFailed& onValidationFailed, int nSteps);
Definition at line 279 of file validator.hpp.
Referenced by onData().
|
protectedvirtual |
trigger when interest for certificate times out.
Validator can decide how to handle the timeout, either call onFailure, or retry.
interest | The interest that times out. |
nRemainingRetries | The number of retries left. |
onFailure | Failure callback when there is no more retries remaining. |
validationRequest | The validationRequest containing the context of the interest. |
Definition at line 269 of file validator.cpp.
References ndn::Face::expressInterest(), ndn::Interest::getName(), m_face, onData(), and ndn::Name::toUri().
Referenced by afterCheckPolicy().
|
protectedvirtual |
trigger after checkPolicy is done.
Validator can decide how to handle the set of validation requests according to the trust model.
nextSteps | A set of validation request made by checkPolicy. |
onFailure | Failure callback when errors happen in processing nextSteps. |
Definition at line 286 of file validator.cpp.
References ndn::Face::expressInterest(), m_face, onData(), and onTimeout().
Referenced by validate().
|
protected |
Definition at line 315 of file validator.hpp.
Referenced by afterCheckPolicy(), and onTimeout().