validator.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2022 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #ifndef NDN_CXX_SECURITY_VALIDATOR_HPP
23 #define NDN_CXX_SECURITY_VALIDATOR_HPP
24 
31 
32 namespace ndn {
33 
34 class Face;
35 
36 namespace security {
37 inline namespace v2 {
38 
62 {
63 public:
70  Validator(unique_ptr<ValidationPolicy> policy, unique_ptr<CertificateFetcher> certFetcher);
71 
72  ~Validator() noexcept;
73 
75  getPolicy() const noexcept
76  {
77  return *m_policy;
78  }
79 
81  getFetcher() const noexcept
82  {
83  return *m_certFetcher;
84  }
85 
89  size_t
90  getMaxDepth() const noexcept
91  {
92  return m_maxDepth;
93  }
94 
98  void
99  setMaxDepth(size_t depth) noexcept
100  {
101  m_maxDepth = depth;
102  }
103 
109  void
110  validate(const Data& data,
111  const DataValidationSuccessCallback& successCb,
112  const DataValidationFailureCallback& failureCb);
113 
119  void
120  validate(const Interest& interest,
121  const InterestValidationSuccessCallback& successCb,
122  const InterestValidationFailureCallback& failureCb);
123 
124 public: // anchor management
133  void
134  loadAnchor(const std::string& groupId, Certificate&& cert);
135 
147  void
148  loadAnchor(const std::string& groupId, const std::string& certfilePath,
149  time::nanoseconds refreshPeriod, bool isDir = false);
150 
154  void
155  resetAnchors();
156 
162  void
164 
168  void
170 
171 private: // Common validator operations
178  void
179  validate(const Certificate& cert, const shared_ptr<ValidationState>& state);
180 
187  void
188  continueValidation(const shared_ptr<CertificateRequest>& certRequest,
189  const shared_ptr<ValidationState>& state);
190 
197  void
198  requestCertificate(const shared_ptr<CertificateRequest>& certRequest,
199  const shared_ptr<ValidationState>& state);
200 
201 private:
202  unique_ptr<ValidationPolicy> m_policy;
203  unique_ptr<CertificateFetcher> m_certFetcher;
204  size_t m_maxDepth{25};
205 };
206 
207 } // inline namespace v2
208 } // namespace security
209 } // namespace ndn
210 
211 #endif // NDN_CXX_SECURITY_VALIDATOR_HPP
Represents a Data packet.
Definition: data.hpp:39
Represents an Interest packet.
Definition: interest.hpp:50
Interface used by the validator to fetch missing certificates.
Storage for trusted anchors, verified certificate cache, and unverified certificate cache.
Represents an NDN certificate.
Definition: certificate.hpp:60
Abstraction that implements a validation policy for Interest and Data packets.
Interface for validating data and interest packets.
Definition: validator.hpp:62
void setMaxDepth(size_t depth) noexcept
Set the maximum depth of the certificate chain.
Definition: validator.hpp:99
void cacheVerifiedCertificate(Certificate &&cert)
Cache verified cert a period of time (1 hour).
Definition: validator.cpp:190
void resetAnchors()
Remove any previously loaded static or dynamic trust anchor.
Definition: validator.cpp:184
Validator(unique_ptr< ValidationPolicy > policy, unique_ptr< CertificateFetcher > certFetcher)
Validator constructor.
Definition: validator.cpp:36
ValidationPolicy & getPolicy() const noexcept
Definition: validator.hpp:75
void resetVerifiedCertificates()
Remove any cached verified certificates.
Definition: validator.cpp:196
void validate(const Data &data, const DataValidationSuccessCallback &successCb, const DataValidationFailureCallback &failureCb)
Asynchronously validate data.
Definition: validator.cpp:49
size_t getMaxDepth() const noexcept
Return the maximum depth of the certificate chain.
Definition: validator.hpp:90
CertificateFetcher & getFetcher() const noexcept
Definition: validator.hpp:81
void loadAnchor(const std::string &groupId, Certificate &&cert)
Load static trust anchor.
Definition: validator.cpp:171
std::function< void(const Data &)> DataValidationSuccessCallback
Callback to report a successful Data validation.
std::function< void(const Data &, const ValidationError &)> DataValidationFailureCallback
Callback to report a failed Data validation.
std::function< void(const Interest &)> InterestValidationSuccessCallback
Callback to report a successful Interest validation.
std::function< void(const Interest &, const ValidationError &)> InterestValidationFailureCallback
Callback to report a failed Interest validation.
boost::chrono::nanoseconds nanoseconds
Definition: time.hpp:50
Definition: data.cpp:25