Helper for validator that uses SignedInterest + CommandInterest + Config policy and NetworkFetcher. More...
#include <ndn-cxx/security/validator-config.hpp>
Inheritance diagram for ndn::security::ValidatorConfig: Collaboration diagram for ndn::security::ValidatorConfig:Public Types | |
| using | CommandInterestOptions = ValidationPolicyCommandInterest::Options |
| using | SignedInterestOptions = ValidationPolicySignedInterest::Options |
Public Member Functions | |
| ValidatorConfig (Face &face, const CommandInterestOptions &ciOptions={}, const SignedInterestOptions &siOptions={}) | |
| ValidatorConfig (std::unique_ptr< CertificateFetcher > fetcher, const CommandInterestOptions &ciOptions={}, const SignedInterestOptions &siOptions={}) | |
| void | cacheUnverifiedCert (Certificate &&cert) |
| Cache unverified certificate for a period of time (5 minutes). More... | |
| void | cacheVerifiedCertificate (Certificate &&cert) |
Cache verified cert a period of time (1 hour). More... | |
| const Certificate * | findTrustedCert (const Interest &interestForCert) const |
| Find a trusted certificate in trust anchor container or in verified cache. More... | |
| CertificateFetcher & | getFetcher () const noexcept |
| size_t | getMaxDepth () const noexcept |
| Return the maximum depth of the certificate chain. More... | |
| ValidationPolicy & | getPolicy () const noexcept |
| const TrustAnchorContainer & | getTrustAnchors () const |
| const CertificateCache & | getUnverifiedCertCache () const |
| const CertificateCache & | getVerifiedCertCache () const |
| bool | isCertKnown (const Name &certPrefix) const |
| Check if certificate exists in the verified/unverified cache or in the set of trust anchors. More... | |
| void | load (const std::string &filename) |
| void | load (const std::string &input, const std::string &filename) |
| void | load (const validator_config::ConfigSection &configSection, const std::string &filename) |
| void | load (std::istream &input, const std::string &filename) |
| void | loadAnchor (const std::string &groupId, Certificate &&cert) |
| Load static trust anchor. More... | |
| void | loadAnchor (const std::string &groupId, const std::string &certfilePath, time::nanoseconds refreshPeriod, bool isDir=false) |
| Load dynamic trust anchors. More... | |
| void | resetAnchors () |
| Remove any previously loaded static or dynamic trust anchor. More... | |
| void | resetVerifiedCertificates () |
| Remove any cached verified certificates. More... | |
| void | setMaxDepth (size_t depth) noexcept |
| Set the maximum depth of the certificate chain. More... | |
| void | validate (const Data &data, const DataValidationSuccessCallback &successCb, const DataValidationFailureCallback &failureCb) |
Asynchronously validate data. More... | |
| void | validate (const Interest &interest, const InterestValidationSuccessCallback &successCb, const InterestValidationFailureCallback &failureCb) |
Asynchronously validate interest. More... | |
| Validator (unique_ptr< ValidationPolicy > policy, unique_ptr< CertificateFetcher > certFetcher) | |
| Validator constructor. More... | |
Protected Member Functions | |
| void | cacheVerifiedCert (Certificate &&cert) |
| Cache verified certificate a period of time (1 hour). More... | |
| void | resetVerifiedCerts () |
| Remove any cached verified certificates. More... | |
Protected Attributes | |
| TrustAnchorContainer | m_trustAnchors |
| CertificateCache | m_unverifiedCertCache |
| CertificateCache | m_verifiedCertCache |
Helper for validator that uses SignedInterest + CommandInterest + Config policy and NetworkFetcher.
Definition at line 37 of file validator-config.hpp.
| using ndn::security::ValidatorConfig::CommandInterestOptions = ValidationPolicyCommandInterest::Options |
Definition at line 42 of file validator-config.hpp.
| using ndn::security::ValidatorConfig::SignedInterestOptions = ValidationPolicySignedInterest::Options |
Definition at line 41 of file validator-config.hpp.
|
explicit |
Definition at line 27 of file validator-config.cpp.
|
explicit |
Definition at line 40 of file validator-config.cpp.
|
inherited |
Cache unverified certificate for a period of time (5 minutes).
| cert | The certificate packet |
Definition at line 81 of file certificate-storage.cpp.
|
protectedinherited |
Cache verified certificate a period of time (1 hour).
| cert | The certificate packet |
Definition at line 69 of file certificate-storage.cpp.
|
inherited |
Cache verified cert a period of time (1 hour).
Definition at line 188 of file validator.cpp.
|
inherited |
Find a trusted certificate in trust anchor container or in verified cache.
| interestForCert | Interest for certificate |
Definition at line 33 of file certificate-storage.cpp.
|
inlinenoexceptinherited |
Definition at line 80 of file validator.hpp.
|
inlinenoexceptinherited |
Return the maximum depth of the certificate chain.
Definition at line 89 of file validator.hpp.
|
inlinenoexceptinherited |
Definition at line 74 of file validator.hpp.
|
inherited |
Definition at line 87 of file certificate-storage.cpp.
|
inherited |
Definition at line 99 of file certificate-storage.cpp.
|
inherited |
Definition at line 93 of file certificate-storage.cpp.
|
inherited |
Check if certificate exists in the verified/unverified cache or in the set of trust anchors.
Definition at line 42 of file certificate-storage.cpp.
| void ndn::security::ValidatorConfig::load | ( | const std::string & | filename | ) |
Definition at line 48 of file validator-config.cpp.
| void ndn::security::ValidatorConfig::load | ( | const std::string & | input, |
| const std::string & | filename | ||
| ) |
Definition at line 54 of file validator-config.cpp.
| void ndn::security::ValidatorConfig::load | ( | const validator_config::ConfigSection & | configSection, |
| const std::string & | filename | ||
| ) |
Definition at line 66 of file validator-config.cpp.
| void ndn::security::ValidatorConfig::load | ( | std::istream & | input, |
| const std::string & | filename | ||
| ) |
Definition at line 60 of file validator-config.cpp.
|
inherited |
Load static trust anchor.
Static trust anchors are permanently associated with the validator and never expire.
| groupId | Certificate group id. |
| cert | Certificate to load as a trust anchor. |
Definition at line 169 of file validator.cpp.
|
inherited |
Load dynamic trust anchors.
Dynamic trust anchors are associated with the validator for as long as the underlying trust anchor file (set of files) exist(s).
| groupId | Certificate group id, must not be empty. |
| certfilePath | Specifies the path to load the trust anchors. |
| refreshPeriod | Refresh period for the trust anchors, must be positive. |
| isDir | Tells whether the path is a directory or a single file. |
Definition at line 175 of file validator.cpp.
|
inherited |
Remove any previously loaded static or dynamic trust anchor.
Definition at line 182 of file validator.cpp.
|
inherited |
Remove any cached verified certificates.
Definition at line 194 of file validator.cpp.
|
protectedinherited |
Remove any cached verified certificates.
Definition at line 75 of file certificate-storage.cpp.
|
inlinenoexceptinherited |
Set the maximum depth of the certificate chain.
Definition at line 98 of file validator.hpp.
|
inherited |
Asynchronously validate data.
successCb and failureCb must not be nullptr Definition at line 47 of file validator.cpp.
|
inherited |
Asynchronously validate interest.
successCb and failureCb must not be nullptr Definition at line 60 of file validator.cpp.
| ndn::security::Validator::Validator |
Validator constructor.
| policy | Validation policy to be associated with the validator. |
| certFetcher | Certificate fetcher implementation. |
Definition at line 69 of file validator.cpp.
|
protectedinherited |
Definition at line 131 of file certificate-storage.hpp.
|
protectedinherited |
Definition at line 133 of file certificate-storage.hpp.
|
protectedinherited |
Definition at line 132 of file certificate-storage.hpp.
1.9.1