NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks 		API Documentation
validation-policy-signed-interest.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2021 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #ifndef NDN_CXX_SECURITY_VALIDATION_POLICY_SIGNED_INTEREST_HPP
23 #define NDN_CXX_SECURITY_VALIDATION_POLICY_SIGNED_INTEREST_HPP
24 
25 #include "ndn-cxx/security/validation-policy.hpp"
26 
27 #include <boost/multi_index_container.hpp>
28 #include <boost/multi_index/hashed_index.hpp>
29 #include <boost/multi_index/key_extractors.hpp>
30 #include <boost/multi_index/ordered_index.hpp>
31 #include <boost/multi_index/sequenced_index.hpp>
32 
33 namespace ndn {
34 namespace security {
35 inline namespace v2 {
36 
41 class ValidationPolicySignedInterest : public ValidationPolicy
42 {
43 private:
44  using SigNonce = std::vector<uint8_t>;
45  struct NonceSet {};
46  struct NonceList {};
47 
48 public:
49  class Options
50  {
51  public:
52  Options()
53  {
54  }
55 
56  public:
65  bool shouldValidateTimestamps = true;
66 
80  time::nanoseconds timestampGracePeriod = 2_min;
81 
87  bool shouldValidateSeqNums = false;
88 
97  bool shouldValidateNonces = true;
98 
110  ssize_t maxNonceRecordCount = 1000;
111 
132  ssize_t maxRecordCount = 1000;
133  };
134 
140  explicit
141  ValidationPolicySignedInterest(unique_ptr<ValidationPolicy> inner, const Options& options = {});
142 
143 protected:
144  void
145  checkPolicy(const Data& data, const shared_ptr<ValidationState>& state,
146  const ValidationContinuation& continueValidation) override;
147 
148  void
149  checkPolicy(const Interest& interest, const shared_ptr<ValidationState>& state,
150  const ValidationContinuation& continueValidation) override;
151 
152 private:
153  bool
154  checkIncomingInterest(const shared_ptr<ValidationState>& state, const Interest& interest);
155 
156  void
157  insertRecord(const Name& keyName,
158  optional<time::system_clock::TimePoint> timestamp,
159  optional<uint64_t> seqNum,
160  optional<SigNonce> nonce);
161 
162 private:
163  Options m_options;
164 
165  using NonceContainer = boost::multi_index_container<
166  SigNonce,
167  boost::multi_index::indexed_by<
168  boost::multi_index::hashed_unique<
169  boost::multi_index::tag<NonceSet>,
170  boost::multi_index::identity<SigNonce>
171  >,
172  boost::multi_index::sequenced<
173  boost::multi_index::tag<NonceList>
174  >
175  >
176  >;
177 
178  struct LastInterestRecord
179  {
180  LastInterestRecord(const Name& keyName,
181  optional<time::system_clock::TimePoint> timestamp,
182  optional<uint64_t> seqNum)
183  : keyName(keyName)
184  , timestamp(timestamp)
185  , seqNum(seqNum)
186  , lastRefreshed(time::steady_clock::now())
187  {
188  }
189 
190  Name keyName;
191  optional<time::system_clock::TimePoint> timestamp;
192  optional<uint64_t> seqNum;
193  NonceContainer observedNonces;
194  time::steady_clock::TimePoint lastRefreshed;
195  };
196 
197  using Container = boost::multi_index_container<
198  LastInterestRecord,
199  boost::multi_index::indexed_by<
200  boost::multi_index::ordered_unique<
201  boost::multi_index::member<LastInterestRecord, Name, &LastInterestRecord::keyName>
202  >,
203  boost::multi_index::ordered_non_unique<
204  boost::multi_index::member<LastInterestRecord, time::steady_clock::TimePoint,
205  &LastInterestRecord::lastRefreshed>
206  >
207  >
208  >;
209 
210  Container m_container;
211  Container::nth_index<0>::type& m_byKeyName;
212  Container::nth_index<1>::type& m_byLastRefreshed;
213 };
214 
215 } // inline namespace v2
216 } // namespace security
217 } // namespace ndn
218 
219 #endif // NDN_CXX_SECURITY_VALIDATION_POLICY_SIGNED_INTEREST_HPP
ndn
Copyright (c) 2011-2015 Regents of the University of California.
Definition: ndn-strategy-choice-helper.hpp:34
ndn::time::steady_clock::now
static time_point now() noexcept
Definition: time.cpp:80
ndn::security::v2::ValidationPolicySignedInterest::checkPolicy
void checkPolicy(const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
Check data against the policy.
Definition: validation-policy-signed-interest.cpp:43
ndn::Interest
Represents an Interest packet.
Definition: interest.hpp:48
ndn::security::v2::ValidationPolicy
Abstraction that implements validation policy for Data and Interest packets.
Definition: validation-policy.hpp:37
ndn::security::v2::ValidationPolicy::ValidationContinuation
std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)> ValidationContinuation
Definition: validation-policy.hpp:41
ndn::security::v2::ValidationPolicySignedInterest::ValidationPolicySignedInterest
ValidationPolicySignedInterest(unique_ptr< ValidationPolicy > inner, const Options &options={})
Constructor.
Definition: validation-policy-signed-interest.cpp:28
ndn::Name
Represents an absolute name.
Definition: name.hpp:41
ndn::Data
Represents a Data packet.
Definition: data.hpp:37
ndn::time::nanoseconds
boost::chrono::nanoseconds nanoseconds
Definition: time.hpp:50
ndn::time::steady_clock::TimePoint
time_point TimePoint
Definition: time.hpp:233