Namespaces
	validator_config

Classes
class	AdditionalDescription
	Represents an AdditionalDescription TLV element. More...

class	CertContainerInterface

class	Certificate
	Represents an NDN certificate following the version 2.0 format. More...

class	CertificateBundleFetcher
	Fetch certificate bundle from the network. More...

class	CertificateCache
	Represents a container for verified certificates. More...

class	CertificateFetcher
	Interface used by the validator to fetch missing certificates. More...

class	CertificateFetcherDirectFetch
	Extends CertificateFetcherFromNetwork to fetch certificates from the incoming face of the packet. More...

class	CertificateFetcherFromNetwork
	Fetch missing keys from the network. More...

class	CertificateFetcherOffline
	Certificate fetcher realization that does not fetch keys (always offline) More...

class	CertificateRequest
	Request for a certificate, associated with the number of attempts. More...

class	CertificateStorage
	Storage for trusted anchors, verified certificate cache, and unverified certificate cache. More...

class	DataValidationState
	Validation state for a data packet. More...

class	DynamicTrustAnchorGroup
	Dynamic trust anchor group. More...

class	InterestValidationState
	Validation state for an interest packet. More...

class	KeyChain
	The interface of signing key management. More...

class	StaticTrustAnchorGroup
	Static trust anchor group. More...

class	TrustAnchorContainer
	represents a container for trust anchors. More...

class	TrustAnchorGroup
	A group of trust anchors. More...

class	ValidationError
	Validation error code and optional detailed error message. More...

class	ValidationPolicy
	Abstraction that implements validation policy for Data and Interest packets. More...

class	ValidationPolicyAcceptAll
	A validator policy that accepts any signature of data and interest packets. More...

class	ValidationPolicyCommandInterest
	Validation policy for stop-and-wait command Interests. More...

class	ValidationPolicySignedInterest
	Validation policy for signed Interests. More...

class	ValidationPolicySimpleHierarchy
	Validation policy for a simple hierarchical trust model. More...

class	ValidationState
	Validation state. More...

class	Validator
	Interface for validating data and interest packets. More...

class	ValidatorNull
	Validator with "accept-all" policy and offline certificate fetcher. More...

Typedefs
typedef function< void(const Data &data)>	DataValidationSuccessCallback
	Callback to report a successful Data validation. More...

typedef function< void(const Data &data, const ValidationError &error)>	DataValidationFailureCallback
	Callback to report a failed Data validation. More...

typedef function< void(const Interest &interest)>	InterestValidationSuccessCallback
	Callback to report a successful Interest validation. More...

typedef function< void(const Interest &interest, const ValidationError &error)>	InterestValidationFailureCallback
	Callback to report a failed Interest validation. More...

using	SignedInterestFormatTag = SimpleTag< SignedInterestFormat, 1002 >

Functions
	NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS (AdditionalDescription)

std::ostream &	operator<< (std::ostream &os, const AdditionalDescription &desc)

	NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS (AdditionalDescription)

std::ostream &	operator<< (std::ostream &os, const Certificate &cert)

Name	extractIdentityFromCertName (const Name &certName)
	Extract identity namespace from the certificate name `certName`. More...

Name	extractKeyNameFromCertName (const Name &certName)
	Extract key name from the certificate name `certName`. More...

static std::tuple< std::string, std::string >	parseLocatorUri (const std::string &uri)

Name	constructKeyName (const Name &identity, const name::Component &keyId)
	Construct key name based on the appropriate naming conventions. More...

bool	isValidKeyName (const Name &keyName)
	Check if `keyName` follow the naming conventions for the key name. More...

Name	extractIdentityFromKeyName (const Name &keyName)
	Extract identity namespace from the key name `keyName`. More...

std::ostream &	operator<< (std::ostream &os, ValidationError::Code code)

std::ostream &	operator<< (std::ostream &os, const ValidationError &error)

static Name	getKeyLocatorName (const SignatureInfo &si, ValidationState &state)

Name	getKeyLocatorName (const Data &data, ValidationState &state)
	extract KeyLocator.Name from a Data packet More...

Name	getKeyLocatorName (const Interest &interest, ValidationState &state)
	extract KeyLocator.Name from signed Interest More...

Name	extractIdentityNameFromKeyLocator (const Name &keyLocator)
	Extract identity name from key, version-less certificate, or certificate name. More...

Validator &	getAcceptAllValidator ()

Variables
	WireEncodable< AdditionalDescription >

	WireEncodableWithEncodingBuffer< AdditionalDescription >

	WireDecodable< AdditionalDescription >

static const size_t	KEY_OFFSET = 0

static const size_t	VALUE_OFFSET = 1

ndn security	CertificateBundleFetcher

ndn security	CertificateCache

ndn security v2 CertificateFetcher	FromNetwork

ndn security	CertificateFetcher

	WireEncodable< Certificate >

	WireDecodable< Certificate >

ndn security	KeyChain

const name::Component	SELF ("self")

ndn security	TrustAnchorGroup

ndn security	ValidationState

ndn security	Validator

Typedef Documentation

◆ DataValidationSuccessCallback

typedef function<void(const Data& data)> ndn::security::v2::DataValidationSuccessCallback

Callback to report a successful Data validation.

Definition at line 37 of file validation-callback.hpp.

◆ DataValidationFailureCallback

typedef function<void(const Data& data, const ValidationError& error)> ndn::security::v2::DataValidationFailureCallback

Callback to report a failed Data validation.

Definition at line 42 of file validation-callback.hpp.

◆ InterestValidationSuccessCallback

typedef function<void(const Interest& interest)> ndn::security::v2::InterestValidationSuccessCallback

Callback to report a successful Interest validation.

Definition at line 47 of file validation-callback.hpp.

◆ InterestValidationFailureCallback

typedef function<void(const Interest& interest, const ValidationError& error)> ndn::security::v2::InterestValidationFailureCallback

Callback to report a failed Interest validation.

Definition at line 52 of file validation-callback.hpp.

◆ SignedInterestFormatTag

using ndn::security::v2::SignedInterestFormatTag = typedef SimpleTag<SignedInterestFormat, 1002>

Definition at line 253 of file validation-state.hpp.

Function Documentation

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS()

ndn::security::v2::NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS ( AdditionalDescription )

Referenced by ndn::security::v2::AdditionalDescription::wireEncode().

◆ operator<<() [1/4]

std::ostream & ndn::security::v2::operator<<	(	std::ostream &	os,
		const AdditionalDescription &	desc
	)

Definition at line 167 of file additional-description.cpp.

References ndn::make_ostream_joiner().

Referenced by ndn::security::v2::ValidationError::getInfo(), and ndn::security::pib::operator==().

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS()

ndn::security::v2::NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS ( AdditionalDescription )

◆ operator<<() [2/4]

std::ostream & ndn::security::v2::operator<<	(	std::ostream &	os,
		const Certificate &	cert
	)

Definition at line 143 of file certificate.cpp.

References ndn::tlv::AdditionalDescription, ndn::security::transform::base64Encode(), ndn::Data::getContent(), ndn::SignatureInfo::getCustomTlv(), ndn::Data::getKeyLocator(), ndn::security::v2::Certificate::getKeyName(), ndn::Data::getName(), ndn::security::ValidityPeriod::getPeriod(), ndn::security::v2::Certificate::getPublicKey(), ndn::Data::getSignatureInfo(), ndn::Data::getSignatureType(), ndn::security::v2::Certificate::getValidityPeriod(), ndn::tlv::Name, ndn::security::transform::streamSink(), ndn::time::toIsoExtendedString(), and ndn::Block::value_size().

◆ extractIdentityFromCertName()

Name ndn::security::v2::extractIdentityFromCertName ( const Name & certName )

Extract identity namespace from the certificate name certName.

Definition at line 210 of file certificate.cpp.

References ndn::Name::getPrefix(), ndn::security::v2::Certificate::isValidName(), NDN_THROW, and ndn::Name::toUri().

Referenced by parseLocatorUri().

◆ extractKeyNameFromCertName()

Name ndn::security::v2::extractKeyNameFromCertName ( const Name & certName )

Extract key name from the certificate name certName.

Definition at line 221 of file certificate.cpp.

References ndn::Name::getPrefix(), ndn::security::v2::Certificate::isValidName(), NDN_THROW, and ndn::Name::toUri().

Referenced by ndn::security::pib::CertificateContainer::get(), ndn::security::pib::PibMemory::getCertificatesOfKey(), ndn::security::v2::KeyChain::makeCertificate(), parseLocatorUri(), ndn::security::pib::CertificateContainer::remove(), and ndn::security::pib::PibMemory::removeCertificate().

◆ parseLocatorUri()

static std::tuple<std::string, std::string> ndn::security::v2::parseLocatorUri ( const std::string & uri )

inlinestatic

Definition at line 515 of file key-chain.cpp.

◆ constructKeyName()

Name ndn::security::v2::constructKeyName	(	const Name &	identity,
		const name::Component &	keyId
	)

Construct key name based on the appropriate naming conventions.

Definition at line 143 of file key.cpp.

References ndn::Name::append().

Referenced by ndn::security::tpm::BackEnd::constructAsymmetricKeyName(), ndn::security::tpm::BackEnd::createKey(), and ndn::security::pib::operator==().

◆ isValidKeyName()

bool ndn::security::v2::isValidKeyName ( const Name & keyName )

Check if keyName follow the naming conventions for the key name.

Definition at line 153 of file key.cpp.

References ndn::Name::get(), and ndn::Name::size().

Referenced by extractIdentityFromKeyName(), and ndn::security::pib::operator==().

◆ extractIdentityFromKeyName()

Name ndn::security::v2::extractIdentityFromKeyName ( const Name & keyName )

Extract identity namespace from the key name keyName.

Definition at line 160 of file key.cpp.

References ndn::Name::getPrefix(), isValidKeyName(), NDN_THROW, and ndn::Name::toUri().

Referenced by ndn::security::pib::KeyContainer::add(), ndn::security::pib::KeyContainer::get(), ndn::security::pib::PibMemory::getKeysOfIdentity(), ndn::security::pib::operator==(), parseLocatorUri(), ndn::security::pib::KeyContainer::remove(), and ndn::security::pib::PibMemory::removeKey().

◆ operator<<() [3/4]

std::ostream & ndn::security::v2::operator<<	(	std::ostream &	os,
		ValidationError::Code	code
	)

Definition at line 31 of file validation-error.cpp.

References ndn::to_underlying().

◆ operator<<() [4/4]

std::ostream & ndn::security::v2::operator<<	(	std::ostream &	os,
		const ValidationError &	error
	)

Definition at line 68 of file validation-error.cpp.

References ndn::security::v2::ValidationError::getCode(), and ndn::security::v2::ValidationError::getInfo().

◆ getKeyLocatorName() [1/3]

static Name ndn::security::v2::getKeyLocatorName	(	const SignatureInfo &	si,
		ValidationState &	state
	)

static

Definition at line 64 of file validation-policy.cpp.

References ndn::tlv::DigestSha256, ndn::security::v2::ValidationState::fail(), ndn::security::SigningInfo::getDigestSha256Identity(), ndn::SignatureInfo::getKeyLocator(), ndn::KeyLocator::getName(), ndn::SignatureInfo::getSignatureType(), ndn::KeyLocator::getType(), ndn::SignatureInfo::hasKeyLocator(), ns3::ndn::Name, and ndn::tlv::Name.

Referenced by ndn::security::v2::ValidationPolicySimpleHierarchy::checkPolicy(), nfd::CommandAuthenticatorValidationPolicy::checkPolicy(), ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy(), ndn::security::v2::ValidationPolicyCommandInterest::checkPolicy(), ndn::security::v2::ValidationPolicySignedInterest::checkPolicy(), and getKeyLocatorName().

◆ getKeyLocatorName() [2/3]

Name ndn::security::v2::getKeyLocatorName	(	const Data &	data,
		ValidationState &	state
	)

extract KeyLocator.Name from a Data packet

The Data packet must contain a KeyLocator of Name type. Otherwise, state.fail is invoked with INVALID_KEY_LOCATOR error.

Definition at line 85 of file validation-policy.cpp.

References getKeyLocatorName(), and ndn::Data::getSignatureInfo().

◆ getKeyLocatorName() [3/3]

Name ndn::security::v2::getKeyLocatorName	(	const Interest &	interest,
		ValidationState &	state
	)

extract KeyLocator.Name from signed Interest

Signed Interests according to Packet Specification v0.3+, as identified inside the state, must have an InterestSignatureInfo element. Legacy signed Interests must contain a (Data)SignatureInfo name component. In both cases, the included KeyLocator must be of the Name type. otherwise, state.fail will be invoked with an INVALID_KEY_LOCATOR error.

Interests specified to this method must be tagged with a SignedInterestFormatTag to indicate whether they are signed according to Packet Specification v0.3+ or a previous specification.

Definition at line 91 of file validation-policy.cpp.

References ndn::security::v2::ValidationState::fail(), getKeyLocatorName(), ndn::Interest::getName(), ndn::Interest::getSignatureInfo(), ndn::TagHost::getTag(), ndn::security::v2::ValidationError::INVALID_KEY_LOCATOR, ndn::signed_interest::MIN_SIZE, ns3::ndn::Name, ndn::signed_interest::POS_SIG_INFO, ndn::security::V03, and ndn::SignatureInfo::wireDecode().

◆ extractIdentityNameFromKeyLocator()

Name ndn::security::v2::extractIdentityNameFromKeyLocator ( const Name & keyLocator )

Extract identity name from key, version-less certificate, or certificate name.

Exceptions

KeyLocator::Error If keyLocator does not follow the naming conventions

Definition at line 122 of file validation-policy.cpp.

References ndn::security::SigningInfo::getDigestSha256Identity(), ndn::security::SigningInfo::getHmacIdentity(), ndn::Name::getPrefix(), ndn::security::v2::Certificate::KEY_COMPONENT, ndn::security::v2::Certificate::KEY_COMPONENT_OFFSET, NDN_THROW, ndn::Name::size(), and ndn::Name::toUri().

Referenced by ndn::security::v2::validator_config::NameRelationChecker::checkNames(), and ndn::security::v2::ValidationPolicySimpleHierarchy::checkPolicy().

◆ getAcceptAllValidator()

Validator & ndn::security::v2::getAcceptAllValidator ( )

Definition at line 36 of file validator-null.cpp.

Variable Documentation

◆ WireEncodable< AdditionalDescription >

ndn::security::v2::WireEncodable< AdditionalDescription >

Definition at line 32 of file additional-description.cpp.

◆ WireEncodableWithEncodingBuffer< AdditionalDescription >

ndn::security::v2::WireEncodableWithEncodingBuffer< AdditionalDescription >

Definition at line 33 of file additional-description.cpp.

◆ WireDecodable< AdditionalDescription >

ndn::security::v2::WireDecodable< AdditionalDescription >

Definition at line 34 of file additional-description.cpp.

◆ KEY_OFFSET

const size_t ndn::security::v2::KEY_OFFSET = 0

static

Definition at line 38 of file additional-description.cpp.

Referenced by ndn::security::v2::AdditionalDescription::wireDecode().

◆ VALUE_OFFSET

const size_t ndn::security::v2::VALUE_OFFSET = 1

static

Definition at line 39 of file additional-description.cpp.

Referenced by ndn::security::v2::AdditionalDescription::wireDecode().

◆ CertificateBundleFetcher

ndn security ndn::security::v2::CertificateBundleFetcher

Definition at line 34 of file certificate-bundle-fetcher.cpp.

◆ CertificateCache

ndn security ndn::security::v2::CertificateCache

Definition at line 29 of file certificate-cache.cpp.

◆ FromNetwork

ndn security v2 CertificateFetcher ndn::security::v2::FromNetwork

Definition at line 33 of file certificate-fetcher-from-network.cpp.

◆ CertificateFetcher

ndn security ndn::security::v2::CertificateFetcher

Definition at line 32 of file certificate-fetcher.cpp.

◆ WireEncodable< Certificate >

ndn::security::v2::WireEncodable< Certificate >

Definition at line 34 of file certificate.cpp.

◆ WireDecodable< Certificate >

ndn::security::v2::WireDecodable< Certificate >

Definition at line 35 of file certificate.cpp.

◆ KeyChain

ndn security ndn::security::v2::KeyChain

Definition at line 70 of file key-chain.cpp.

Referenced by ndn::security::tpm::Tpm::clearKeyCache(), ndn::Face::Face(), ndn::PrefixAnnouncement::getData(), ns3::ndn::StackHelper::getKeyChain(), nfd::rib::Service::getRibManager(), ndn::util::NotificationStream< Notification >::postNotification(), nfd::NfdRunner::run(), nfd::rib::Service::Service(), nfd::NfdRunner::systemdNotify(), and ns3::ndn::StackHelper::~StackHelper().

◆ SELF

const name::Component ndn::security::v2::SELF("self")

Referenced by parseLocatorUri().

◆ TrustAnchorGroup

ndn security ndn::security::v2::TrustAnchorGroup

Definition at line 38 of file trust-anchor-group.cpp.

◆ ValidationState

ndn security ndn::security::v2::ValidationState

Definition at line 31 of file validation-state.cpp.

◆ Validator

ndn security ndn::security::v2::Validator

Definition at line 32 of file validator.cpp.

Referenced by ndn::util::SegmentFetcher::Options::validate().

Namespaces

Classes

Typedefs

Functions

Variables

Typedef Documentation

◆ DataValidationSuccessCallback

◆ DataValidationFailureCallback

◆ InterestValidationSuccessCallback

◆ InterestValidationFailureCallback

◆ SignedInterestFormatTag

Function Documentation

◆ NDN_CXX_DEFINE_WIRE_ENCODE_INSTANTIATIONS()

◆ operator<<() [1/4]

◆ NDN_CXX_DECLARE_WIRE_ENCODE_INSTANTIATIONS()

◆ operator<<() [2/4]

◆ extractIdentityFromCertName()

◆ extractKeyNameFromCertName()

◆ parseLocatorUri()

◆ constructKeyName()

◆ isValidKeyName()

◆ extractIdentityFromKeyName()

◆ operator<<() [3/4]

◆ operator<<() [4/4]

◆ getKeyLocatorName() [1/3]

◆ getKeyLocatorName() [2/3]

◆ getKeyLocatorName() [3/3]

◆ extractIdentityNameFromKeyLocator()

◆ getAcceptAllValidator()

Variable Documentation

◆ WireEncodable< AdditionalDescription >

◆ WireEncodableWithEncodingBuffer< AdditionalDescription >

◆ WireDecodable< AdditionalDescription >

◆ KEY_OFFSET

◆ VALUE_OFFSET

◆ CertificateBundleFetcher

◆ CertificateCache

◆ FromNetwork

◆ CertificateFetcher

◆ WireEncodable< Certificate >

◆ WireDecodable< Certificate >

◆ KeyChain

◆ SELF

◆ TrustAnchorGroup

◆ ValidationState

◆ Validator