master/doxygen/validation-state_8hpp_source.html

/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */

/*

 * Copyright (c) 2013-2023 Regents of the University of California.

 *

 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).

 *

 * ndn-cxx library is free software: you can redistribute it and/or modify it under the

 * terms of the GNU Lesser General Public License as published by the Free Software

 * Foundation, either version 3 of the License, or (at your option) any later version.

 *

 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY

 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A

 * PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.

 *

 * You should have received copies of the GNU General Public License and GNU Lesser

 * General Public License along with ndn-cxx, e.g., in COPYING.md file.  If not, see

 * <http://www.gnu.org/licenses/>.

 *

 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.

 */


#ifndef NDN_CXX_SECURITY_VALIDATION_STATE_HPP

#define NDN_CXX_SECURITY_VALIDATION_STATE_HPP


#include "ndn-cxx/detail/tag-host.hpp"

#include "ndn-cxx/security/certificate.hpp"

#include "ndn-cxx/security/signing-info.hpp"

#include "ndn-cxx/security/validation-callback.hpp"

#include "ndn-cxx/util/signal/signal.hpp"


#include <list>

#include <unordered_set>

#include <boost/logic/tribool.hpp>


namespace ndn::security {


class Validator;


class ValidationState : public TagHost, noncopyable

{

public:

  virtual

  ~ValidationState();


  boost::logic::tribool


  getOutcome() const noexcept

  {

    return m_outcome;

  }


  virtual void

  fail(const ValidationError& error) = 0;


  size_t


  getDepth() const noexcept

  {

    return m_certificateChain.size();

  }


  bool

  hasSeenCertificateName(const Name& certName);


  void

  addCertificate(const Certificate& cert);


private: // Interface intended to be used only by Validator class

  virtual void

  verifyOriginalPacket(const std::optional<Certificate>& trustedCert) = 0;


  virtual void

  bypassValidation() = 0;


  const Certificate*

  verifyCertificateChain(const Certificate& trustedCert);


protected:

  boost::logic::tribool m_outcome{boost::logic::indeterminate};


private:

  std::unordered_set<Name> m_seenCertificateNames;


  std::list<Certificate> m_certificateChain;


  friend Validator;

};


class DataValidationState final : public ValidationState

{

public:

  DataValidationState(const Data& data,

                      const DataValidationSuccessCallback& successCb,

                      const DataValidationFailureCallback& failureCb);


  ~DataValidationState() final;


  void

  fail(const ValidationError& error) final;


  const Data&


  getOriginalData() const

  {

    return m_data;

  }


private:

  void

  verifyOriginalPacket(const std::optional<Certificate>& trustedCert) final;


  void

  bypassValidation() final;


private:

  Data m_data;

  DataValidationSuccessCallback m_successCb;

  DataValidationFailureCallback m_failureCb;

};


class InterestValidationState final : public ValidationState

{

public:

  InterestValidationState(const Interest& interest,

                          const InterestValidationSuccessCallback& successCb,

                          const InterestValidationFailureCallback& failureCb);


  ~InterestValidationState() final;


  void

  fail(const ValidationError& error) final;


  const Interest&


  getOriginalInterest() const

  {

    return m_interest;

  }


public:

  signal::Signal<InterestValidationState, Interest> afterSuccess;


private:

  void

  verifyOriginalPacket(const std::optional<Certificate>& trustedCert) final;


  void

  bypassValidation() final;


private:

  Interest m_interest;

  InterestValidationSuccessCallback m_successCb;

  InterestValidationFailureCallback m_failureCb;

};


using SignedInterestFormatTag = SimpleTag<SignedInterestFormat, 1002>;


} // namespace ndn::security


#endif // NDN_CXX_SECURITY_VALIDATION_STATE_HPP

certificate.hpp

ndn::Data
Represents a Data packet.
Definition data.hpp:39

ndn::Interest
Represents an Interest packet.
Definition interest.hpp:50

ndn::Name
Represents an absolute name.
Definition name.hpp:45

ndn::SimpleTag
Provides a tag type for simple types.
Definition tag.hpp:56

ndn::TagHost
Base class to store tag information, e.g., inside Interest and Data packets.
Definition tag-host.hpp:37

ndn::security::Certificate
Represents an NDN certificate.
Definition certificate.hpp:58

ndn::security::DataValidationState
Validation state for a data packet.
Definition validation-state.hpp:158

ndn::security::DataValidationState::fail
void fail(const ValidationError &error) final
Call the failure callback.
Definition validation-state.cpp:116

ndn::security::DataValidationState::getOriginalData
const Data & getOriginalData() const
Definition validation-state.hpp:185

ndn::security::DataValidationState::~DataValidationState
~DataValidationState() final
Destructor.
Definition validation-state.cpp:84

ndn::security::InterestValidationState
Validation state for an interest packet.
Definition validation-state.hpp:207

ndn::security::InterestValidationState::afterSuccess
signal::Signal< InterestValidationState, Interest > afterSuccess
Definition validation-state.hpp:240

ndn::security::InterestValidationState::getOriginalInterest
const Interest & getOriginalInterest() const
Definition validation-state.hpp:234

ndn::security::ValidationError
Validation error code and optional detailed error message.
Definition validation-error.hpp:35

ndn::security::ValidationState
Validation state.
Definition validation-state.hpp:58

ndn::security::ValidationState::getDepth
size_t getDepth() const noexcept
Definition validation-state.hpp:79

ndn::security::ValidationState::getOutcome
boost::logic::tribool getOutcome() const noexcept
Definition validation-state.hpp:64

ndn::security::ValidationState::~ValidationState
virtual ~ValidationState()
Definition validation-state.cpp:34

ndn::security::ValidationState::hasSeenCertificateName
bool hasSeenCertificateName(const Name &certName)
Check if certName has been previously seen and record the supplied name.
Definition validation-state.cpp:41

ndn::security::ValidationState::fail
virtual void fail(const ValidationError &error)=0
Call the failure callback.

ndn::security::ValidationState::addCertificate
void addCertificate(const Certificate &cert)
Add cert to the top of the certificate chain.
Definition validation-state.cpp:47

ndn::security::ValidationState::m_outcome
boost::logic::tribool m_outcome
Definition validation-state.hpp:138

ndn::security::Validator
Interface for validating data and interest packets.
Definition validator.hpp:61

ndn::signal::Signal
Provides a lightweight signal / event system.
Definition signal.hpp:51

ndn::security
Contains the ndn-cxx security framework.
Definition additional-description.cpp:26

ndn::security::InterestValidationSuccessCallback
std::function< void(const Interest &)> InterestValidationSuccessCallback
Callback to report a successful Interest validation.
Definition validation-callback.hpp:44

ndn::security::InterestValidationFailureCallback
std::function< void(const Interest &, const ValidationError &)> InterestValidationFailureCallback
Callback to report a failed Interest validation.
Definition validation-callback.hpp:49

ndn::security::DataValidationSuccessCallback
std::function< void(const Data &)> DataValidationSuccessCallback
Callback to report a successful Data validation.
Definition validation-callback.hpp:34

ndn::security::SignedInterestFormat
SignedInterestFormat
Definition signing-info.hpp:38

ndn::security::DataValidationFailureCallback
std::function< void(const Data &, const ValidationError &)> DataValidationFailureCallback
Callback to report a failed Data validation.
Definition validation-callback.hpp:39

signal.hpp

signing-info.hpp

tag-host.hpp

validation-callback.hpp