Public Types | Public Member Functions | Protected Attributes | List of all members
ndn::security::v2::ValidationPolicy Class Referenceabstract

Abstraction that implements a validation policy for Interest and Data packets. More...

#include <ndn-cxx/security/validation-policy.hpp>

+ Inheritance diagram for ndn::security::v2::ValidationPolicy:
+ Collaboration diagram for ndn::security::v2::ValidationPolicy:

Public Types

using ValidationContinuation = std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)>
 

Public Member Functions

virtual ~ValidationPolicy ()=default
 
virtual void checkPolicy (const Certificate &certificate, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)
 Check certificate against the policy. More...
 
virtual void checkPolicy (const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)=0
 Check data against the policy. More...
 
virtual void checkPolicy (const Interest &interest, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)=0
 Check interest against the policy. More...
 
ValidationPolicygetInnerPolicy ()
 Return the inner policy. More...
 
bool hasInnerPolicy () const
 Check if inner policy is set. More...
 
void setInnerPolicy (unique_ptr< ValidationPolicy > innerPolicy)
 Set inner policy. More...
 
void setValidator (Validator &validator)
 Set validator to which the policy is associated. More...
 

Protected Attributes

unique_ptr< ValidationPolicym_innerPolicy
 
Validatorm_validator = nullptr
 

Detailed Description

Abstraction that implements a validation policy for Interest and Data packets.

Definition at line 37 of file validation-policy.hpp.

Member Typedef Documentation

◆ ValidationContinuation

using ndn::security::v2::ValidationPolicy::ValidationContinuation = std::function<void(const shared_ptr<CertificateRequest>& certRequest, const shared_ptr<ValidationState>& state)>

Definition at line 40 of file validation-policy.hpp.

Constructor & Destructor Documentation

◆ ~ValidationPolicy()

virtual ndn::security::v2::ValidationPolicy::~ValidationPolicy ( )
virtualdefault

Member Function Documentation

◆ checkPolicy() [1/3]

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Certificate certificate,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
inlinevirtual

Check certificate against the policy.

Unless overridden by the policy, this check defaults to checkPolicy(const Data&, ...).

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Definition at line 139 of file validation-policy.hpp.

◆ checkPolicy() [2/3]

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Data data,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
pure virtual

Check data against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Implemented in ndn::security::v2::ValidationPolicySimpleHierarchy, ndn::security::v2::ValidationPolicySignedInterest, ndn::security::v2::validator_config::ValidationPolicyConfig, ndn::security::v2::ValidationPolicyCommandInterest, and ndn::security::v2::ValidationPolicyAcceptAll.

◆ checkPolicy() [3/3]

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Interest interest,
const shared_ptr< ValidationState > &  state,
const ValidationContinuation continueValidation 
)
pure virtual

Check interest against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

  • If packet violates policy, the policy should call state->fail with appropriate error code and error description.
  • If packet conforms to the policy and no further certificate retrievals are necessary, the policy should call continueValidation(nullptr, state)
  • If packet conforms to the policy and a certificate needs to be fetched, the policy should call continueValidation(<appropriate-cert-request-instance>, state)

Implemented in ndn::security::v2::ValidationPolicySimpleHierarchy, ndn::security::v2::ValidationPolicySignedInterest, ndn::security::v2::validator_config::ValidationPolicyConfig, ndn::security::v2::ValidationPolicyCommandInterest, and ndn::security::v2::ValidationPolicyAcceptAll.

◆ getInnerPolicy()

ValidationPolicy & ndn::security::v2::ValidationPolicy::getInnerPolicy ( )

Return the inner policy.

If the inner policy was not set, behavior is undefined.

Definition at line 49 of file validation-policy.cpp.

◆ hasInnerPolicy()

bool ndn::security::v2::ValidationPolicy::hasInnerPolicy ( ) const
inline

Check if inner policy is set.

Definition at line 67 of file validation-policy.hpp.

◆ setInnerPolicy()

void ndn::security::v2::ValidationPolicy::setInnerPolicy ( unique_ptr< ValidationPolicy innerPolicy)

Set inner policy.

Multiple assignments of the inner policy will create a "chain" of linked policies. The inner policy from the latest invocation of setInnerPolicy will be at the bottom of the policy list.

For example, sequence of this->setInnerPolicy(policy1) and this->setInnerPolicy(policy2), will result in this->m_innerPolicy == policy1, this->m_innerPolicy->m_innerPolicy == policy2', and this->m_innerPolicy->m_innerPolicy->m_innerPolicy == nullptr.

Exceptions
std::invalid_argumentexception, if innerPolicy is nullptr.

Definition at line 30 of file validation-policy.cpp.

◆ setValidator()

void ndn::security::v2::ValidationPolicy::setValidator ( Validator validator)

Set validator to which the policy is associated.

Definition at line 55 of file validation-policy.cpp.

Member Data Documentation

◆ m_innerPolicy

unique_ptr<ValidationPolicy> ndn::security::v2::ValidationPolicy::m_innerPolicy
protected

Definition at line 147 of file validation-policy.hpp.

◆ m_validator

Validator* ndn::security::v2::ValidationPolicy::m_validator = nullptr
protected

Definition at line 146 of file validation-policy.hpp.