ndn::ValidationState Class Reference

ValidationState is an abstract base class for DataValidationState and InterestValidationState. More...

#include <validation-state.hpp>

Inheritance diagram for ndn::ValidationState:

Public Member Functions
bool	hasOutcome ()
	Check if validation failed or success has been called. More...
bool	isOutcomeFailed ()
	Check if validation failed has been called. More...
bool	isOutcomeSuccess ()
	Check if validation success has been called. More...
virtual void	fail (const ValidationError &error)=0
	Call the failure callback.
size_t	getDepth () const
	Get the depth of the certificate chain. More...
bool	hasSeenCertificateName (const Name &certificateName)
	Check if certificateName has been previously seen, and record the supplied name. More...
void	addCertificate (const CertificateV2 &certificate)
	Add the certificate to the top of the certificate chain. More...

Protected Member Functions
void	setOutcome (bool outcome)
	Set the outcome to the given value, and set hasOutcome_ true. More...

Friends
class	Validator

Detailed Description

ValidationState is an abstract base class for DataValidationState and InterestValidationState.

One instance of the validation state is kept for the validation of the whole certificate chain.

The state collects the certificate chain that adheres to the selected validation policy to validate data or interest packets. Certificate, data, and interest packet signatures are verified only after the validator determines that the chain terminates with a trusted certificate (a trusted anchor or a previously validated certificate). This model allows filtering out invalid certificate chains without incurring (costly) cryptographic signature verification overhead and mitigates some forms of denial-of-service attacks.

A validation policy and/or key fetcher may add custom information associated with the validation state using tags.

Member Function Documentation

void ndn::ValidationState::addCertificate ( const CertificateV2 &  certificate )

inline

Add the certificate to the top of the certificate chain.

If the certificate chain is empty, then the certificate should be the signer of the original packet. If the certificate chain is not empty, then the certificate should be the signer of the front of the certificate chain.

Note

This function does not verify the signature bits.

Parameters

certificate

The certificate to add, which is copied.

size_t ndn::ValidationState::getDepth ( ) const

inline

Get the depth of the certificate chain.

Returns

The depth of the certificate chain.

bool ndn::ValidationState::hasOutcome ( )

inline

Check if validation failed or success has been called.

Returns

True if validation failed or success has been called.

bool ndn::ValidationState::hasSeenCertificateName ( const Name &  certificateName )

inline

Check if certificateName has been previously seen, and record the supplied name.

Parameters

certificateName

The certificate name, which is copied.

Returns

True if certificateName has been previously seen.

bool ndn::ValidationState::isOutcomeFailed ( )

inline

Check if validation failed has been called.

Returns

True if validation failed has been called, false if no validation callbacks have been called or validation success was called.

bool ndn::ValidationState::isOutcomeSuccess ( )

inline

Check if validation success has been called.

Returns

True if validation success has been called, false if no validation callbacks have been called or validation failed was called.

void ndn::ValidationState::setOutcome ( bool  outcome )

protected

Set the outcome to the given value, and set hasOutcome_ true.

Parameters

outcome

The outcome.

Exceptions

std::runtime_error

If this ValidationState already has an outcome.

---

The documentation for this class was generated from the following files:

• include/ndn-cpp/security/v2/validation-state.hpp
• src/security/v2/validation-state.cpp