NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks 		API Documentation
validation-policy.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2019 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #include "ndn-cxx/security/v2/validation-policy.hpp"
23 #include "ndn-cxx/security/signing-info.hpp"
24 
25 namespace ndn {
26 namespace security {
27 namespace v2 {
28 
29 void
30 ValidationPolicy::setInnerPolicy(unique_ptr<ValidationPolicy> innerPolicy)
31 {
32  if (innerPolicy == nullptr) {
33  NDN_THROW(std::invalid_argument("Inner policy argument cannot be nullptr"));
34  }
35 
36  if (m_validator != nullptr) {
37  innerPolicy->setValidator(*m_validator);
38  }
39 
40  if (m_innerPolicy == nullptr) {
41  m_innerPolicy = std::move(innerPolicy);
42  }
43  else {
44  m_innerPolicy->setInnerPolicy(std::move(innerPolicy));
45  }
46 }
47 
48 ValidationPolicy&
49 ValidationPolicy::getInnerPolicy()
50 {
51  return *m_innerPolicy;
52 }
53 
54 void
55 ValidationPolicy::setValidator(Validator& validator)
56 {
57  m_validator = &validator;
58  if (m_innerPolicy != nullptr) {
59  m_innerPolicy->setValidator(validator);
60  }
61 }
62 
63 static Name
64 getKeyLocatorName(const SignatureInfo& si, ValidationState& state)
65 {
66  if (si.getSignatureType() == tlv::DigestSha256) {
67  return SigningInfo::getDigestSha256Identity();
68  }
69 
70  if (!si.hasKeyLocator()) {
71  state.fail({ValidationError::Code::INVALID_KEY_LOCATOR, "KeyLocator is missing"});
72  return Name();
73  }
74 
75  const KeyLocator& kl = si.getKeyLocator();
76  if (kl.getType() != tlv::Name) {
77  state.fail({ValidationError::Code::INVALID_KEY_LOCATOR, "KeyLocator type is not Name"});
78  return Name();
79  }
80 
81  return kl.getName();
82 }
83 
84 Name
85 getKeyLocatorName(const Data& data, ValidationState& state)
86 {
87  return getKeyLocatorName(data.getSignature().getSignatureInfo(), state);
88 }
89 
90 Name
91 getKeyLocatorName(const Interest& interest, ValidationState& state)
92 {
93  const Name& name = interest.getName();
94  if (name.size() < signed_interest::MIN_SIZE) {
95  state.fail({ValidationError::INVALID_KEY_LOCATOR,
96  "Invalid signed Interest: name too short"});
97  return Name();
98  }
99 
100  SignatureInfo si;
101  try {
102  si.wireDecode(name.at(signed_interest::POS_SIG_INFO).blockFromValue());
103  }
104  catch (const tlv::Error& e) {
105  state.fail({ValidationError::Code::INVALID_KEY_LOCATOR,
106  "Invalid signed Interest: " + std::string(e.what())});
107  return Name();
108  }
109 
110  return getKeyLocatorName(si, state);
111 }
112 
113 } // namespace v2
114 } // namespace security
115 } // namespace ndn
ndn::security::v2::Validator
Interface for validating data and interest packets.
Definition: validator.hpp:62
nonstd::optional_lite::std11::move
T & move(T &t)
Definition: optional.hpp:421
ndn::SignatureInfo::wireDecode
void wireDecode(const Block &wire)
Decode from wire format.
Definition: signature-info.cpp:109
ndn::KeyLocator::getType
uint32_t getType() const
Definition: key-locator.cpp:118
ndn::security::v2::ValidationPolicy::setValidator
void setValidator(Validator &validator)
Set validator to which the policy is associated.
Definition: validation-policy.cpp:55
validation-policy.hpp
ndn::security::v2::ValidationPolicy
Abstraction that implements validation policy for Data and Interest packets.
Definition: validation-policy.hpp:38
ndn::Name
Represents an absolute name.
Definition: name.hpp:44
ndn::security::v2::ValidationPolicy::setInnerPolicy
void setInnerPolicy(unique_ptr< ValidationPolicy > innerPolicy)
Set inner policy.
Definition: validation-policy.cpp:30
ndn::Signature::getSignatureInfo
const SignatureInfo & getSignatureInfo() const
Get SignatureInfo.
Definition: signature.hpp:65
ns3::ndn::Name
Name
Definition: ndn-common.cpp:25
ndn::tlv::DigestSha256
@ DigestSha256
Definition: tlv.hpp:130
ndn::security::v2::ValidationError::INVALID_KEY_LOCATOR
@ INVALID_KEY_LOCATOR
Definition: validation-error.hpp:50
ndn::SignatureInfo::getKeyLocator
const KeyLocator & getKeyLocator() const
Get KeyLocator.
Definition: signature-info.cpp:152
NDN_THROW
#define NDN_THROW(e)
Definition: exception.hpp:61
ndn::SignatureInfo
Represents a SignatureInfo TLV element.
Definition: signature-info.hpp:35
ndn::SignatureInfo::getSignatureType
int32_t getSignatureType() const
Get SignatureType.
Definition: signature-info.hpp:85
ndn::security::v2::ValidationState::fail
virtual void fail(const ValidationError &error)=0
Call the failure callback.
ndn::security::v2::ValidationState
Validation state.
Definition: validation-state.hpp:59
ndn::signed_interest::POS_SIG_INFO
const ssize_t POS_SIG_INFO
Definition: security-common.hpp:32
ndn::Interest
Represents an Interest packet.
Definition: interest.hpp:44
ndn::tlv::Name
@ Name
Definition: tlv.hpp:67
ndn::Data
Represents a Data packet.
Definition: data.hpp:36
ndn::name
Definition: name-component-types.hpp:33
ndn::KeyLocator::getName
const Name & getName() const
Get nested Name element.
Definition: key-locator.cpp:143
ndn::signed_interest::MIN_SIZE
const size_t MIN_SIZE
minimal number of components for Signed Interest
Definition: security-common.hpp:37
ndn::Interest::getName
const Name & getName() const noexcept
Definition: interest.hpp:121
ndn::tlv::Error
represents an error in TLV encoding or decoding
Definition: tlv.hpp:53
ndn::security::SigningInfo::getDigestSha256Identity
static const Name & getDigestSha256Identity()
A localhost identity to indicate that the signature is generated using SHA-256.
Definition: signing-info.cpp:48
ndn::KeyLocator
Definition: key-locator.hpp:30
ndn::security::v2::getKeyLocatorName
static Name getKeyLocatorName(const SignatureInfo &si, ValidationState &state)
Definition: validation-policy.cpp:64
ndn::security::v2::ValidationPolicy::getInnerPolicy
ValidationPolicy & getInnerPolicy()
Return the inner policy.
Definition: validation-policy.cpp:49
ndn::SignatureInfo::hasKeyLocator
bool hasKeyLocator() const
Check if KeyLocator exists.
Definition: signature-info.hpp:98
signing-info.hpp
ndn
Copyright (c) 2011-2015 Regents of the University of California.
Definition: ndn-strategy-choice-helper.hpp:34
ndn::Data::getSignature
const Signature & getSignature() const
Get Signature.
Definition: data.hpp:185
ndn::security::v2::ValidationPolicy::m_innerPolicy
unique_ptr< ValidationPolicy > m_innerPolicy
Definition: validation-policy.hpp:147