NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::v2::validator_config::ValidationPolicyConfig Class Reference

A validator that can be set up via a configuration file. More...

#include <validation-policy-config.hpp>

Inheritance diagram for ndn::security::v2::validator_config::ValidationPolicyConfig:
Collaboration diagram for ndn::security::v2::validator_config::ValidationPolicyConfig:

Public Member Functions

void load (const std::string &filename)
 Load policy from file filename. More...
 
void load (const std::string &input, const std::string &filename)
 Load policy from direct input. More...
 
void load (std::istream &input, const std::string &filename)
 Load policy from direct input. More...
 
void load (const ConfigSection &configSection, const std::string &filename)
 Load policy from configSection. More...
 
- Public Member Functions inherited from ndn::security::v2::ValidationPolicy
virtual ~ValidationPolicy ()=default
 
void setInnerPolicy (unique_ptr< ValidationPolicy > innerPolicy)
 Set inner policy. More...
 
bool hasInnerPolicy () const
 Check if inner policy is set. More...
 
ValidationPolicygetInnerPolicy ()
 Return the inner policy. More...
 
void setValidator (Validator &validator)
 Set validator to which the policy is associated. More...
 
virtual void checkPolicy (const Certificate &certificate, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)
 Check certificate against the policy. More...
 

Protected Member Functions

void checkPolicy (const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
 Check data against the policy. More...
 
void checkPolicy (const Interest &interest, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
 Check interest against the policy. More...
 

Additional Inherited Members

- Public Types inherited from ndn::security::v2::ValidationPolicy
using ValidationContinuation = std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)>
 
- Public Attributes inherited from ndn::security::v2::ValidationPolicy
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PROTECTED __pad0__: Validator* m_validator = nullptr
 
unique_ptr< ValidationPolicym_innerPolicy
 

Detailed Description

A validator that can be set up via a configuration file.

Note
For command Interest validation, this policy must be combined with ValidationPolicyCommandInterest, in order to guard against replay attacks.
This policy does not support inner policies (a sole policy or a terminal inner policy)
See also
https://named-data.net/doc/ndn-cxx/current/tutorials/security-validator-config.html

Definition at line 41 of file validation-policy-config.hpp.

Member Function Documentation

◆ load() [1/4]

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( const std::string &  filename)

Load policy from file filename.

Exceptions
ErrorValidator instance not assigned to the policy (m_validator == nullptr)

Definition at line 39 of file validation-policy-config.cpp.

References NDN_THROW.

Referenced by load().

◆ load() [2/4]

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( const std::string &  input,
const std::string &  filename 
)

Load policy from direct input.

Exceptions
ErrorValidator instance not assigned to the policy (m_validator == nullptr)

Definition at line 49 of file validation-policy-config.cpp.

References load().

◆ load() [3/4]

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( std::istream &  input,
const std::string &  filename 
)

Load policy from direct input.

Exceptions
ErrorValidator instance not assigned to the policy (m_validator == nullptr)

Definition at line 56 of file validation-policy-config.cpp.

References load(), NDN_THROW, and ndn::to_string().

◆ load() [4/4]

void ndn::security::v2::validator_config::ValidationPolicyConfig::load ( const ConfigSection configSection,
const std::string &  filename 
)

Load policy from configSection.

Exceptions
ErrorValidator instance not assigned to the policy (m_validator == nullptr)

Definition at line 70 of file validation-policy-config.cpp.

References ndn::security::v2::validator_config::Rule::create(), ndn::tlv::Data, ndn::tlv::Interest, nonstd::optional_lite::std11::move(), and NDN_THROW.

◆ checkPolicy() [1/2]

void ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy ( const Data data,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
overrideprotectedvirtual

Check data against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Implements ndn::security::v2::ValidationPolicy.

Definition at line 234 of file validation-policy-config.cpp.

References ndn::tlv::Data, ndn::security::v2::getKeyLocatorName(), ndn::Data::getName(), ndn::security::v2::ValidationPolicy::hasInnerPolicy(), and ndn::security::v2::ValidationError::POLICY_ERROR.

◆ checkPolicy() [2/2]

void ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy ( const Interest interest,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
overrideprotectedvirtual

Check interest against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Implements ndn::security::v2::ValidationPolicy.

Definition at line 263 of file validation-policy-config.cpp.

References ndn::security::v2::getKeyLocatorName(), ndn::Interest::getName(), ndn::security::v2::ValidationPolicy::hasInnerPolicy(), ndn::tlv::Interest, and ndn::security::v2::ValidationError::POLICY_ERROR.


The documentation for this class was generated from the following files: