34 #define NDN_LOG_DEBUG_DEPTH(x) NDN_LOG_DEBUG(std::string(state->getDepth() + 1, '>') << " " << x)
35 #define NDN_LOG_TRACE_DEPTH(x) NDN_LOG_TRACE(std::string(state->getDepth() + 1, '>') << " " << x)
38 : m_policy(
std::move(policy))
39 , m_certFetcher(
std::move(certFetcher))
42 BOOST_ASSERT(m_policy !=
nullptr);
43 BOOST_ASSERT(m_certFetcher !=
nullptr);
44 m_certFetcher->setCertificateStorage(*
this);
66 auto state = make_shared<DataValidationState>(data, successCb, failureCb);
69 m_policy->checkPolicy(data, state,
70 [
this] (
const shared_ptr<CertificateRequest>& certRequest,
const shared_ptr<ValidationState>& state) {
71 if (certRequest ==
nullptr) {
72 state->bypassValidation();
76 requestCertificate(certRequest, state);
86 auto state = make_shared<InterestValidationState>(interest, successCb, failureCb);
89 m_policy->checkPolicy(interest, state,
90 [
this] (
const shared_ptr<CertificateRequest>& certRequest,
const shared_ptr<ValidationState>& state) {
91 if (certRequest ==
nullptr) {
92 state->bypassValidation();
96 requestCertificate(certRequest, state);
107 return state->fail({ValidationError::Code::EXPIRED_CERT,
"Retrieved certificate is not yet valid or expired "
111 m_policy->checkPolicy(cert, state,
112 [
this, cert] (
const shared_ptr<CertificateRequest>& certRequest,
const shared_ptr<ValidationState>& state) {
113 if (certRequest ==
nullptr) {
119 state->addCertificate(cert);
120 requestCertificate(certRequest, state);
126 Validator::requestCertificate(
const shared_ptr<CertificateRequest>& certRequest,
127 const shared_ptr<ValidationState>& state)
130 if (state->getDepth() >= m_maxDepth) {
131 state->fail({ValidationError::Code::EXCEEDED_DEPTH_LIMIT,
132 "Exceeded validation depth limit (" +
to_string(m_maxDepth) +
")"});
139 if (cert !=
nullptr) {
142 cert = state->verifyCertificateChain(*cert);
143 if (cert !=
nullptr) {
144 state->verifyOriginalPacket(*cert);
146 for (
auto trustedCert = std::make_move_iterator(state->m_certificateChain.begin());
147 trustedCert != std::make_move_iterator(state->m_certificateChain.end());
154 m_certFetcher->fetch(certRequest, state, [
this] (
const Certificate& cert,
const shared_ptr<ValidationState>& state) {
173 time::nanoseconds refreshPeriod,
bool isDir)
bool isValid(const time::system_clock::TimePoint &ts=time::system_clock::now()) const
Check if the certificate is valid at ts.
void loadAnchor(const std::string &groupId, Certificate &&cert)
load static trust anchor.
Copyright (c) 2013-2016 Regents of the University of California.
The certificate following the certificate format naming convention.
function< void(const Data &data)> DataValidationSuccessCallback
Callback to report a successful Data validation.
void cacheVerifiedCertificate(Certificate &&cert)
Cache verified cert a period of time (1 hour)
#define NDN_LOG_DEBUG_DEPTH(x)
represents an Interest packet
function< void(const Data &data, const ValidationError &error)> DataValidationFailureCallback
Callback to report a failed Data validation.
#define NDN_LOG_TRACE_DEPTH(x)
#define NDN_LOG_INIT(name)
declare a log module
void setMaxDepth(size_t depth)
Set the maximum depth of the certificate chain.
const Name & getName() const
Get name of the Data packet.
std::string toUri() const
Encode this name as a URI.
void cacheVerifiedCert(Certificate &&cert)
Cache verified certificate a period of time (1 hour)
void validate(const Data &data, const DataValidationSuccessCallback &successCb, const DataValidationFailureCallback &failureCb)
Asynchronously validate data.
void loadAnchor(const std::string &groupId, Certificate &&cert)
load static trust anchor.
size_t getMaxDepth() const
const Certificate * findTrustedCert(const Interest &interestForCert) const
Find a trusted certificate in trust anchor container or in verified cache.
Validator(unique_ptr< ValidationPolicy > policy, unique_ptr< CertificateFetcher > certFetcher)
Validator constructor.
function< void(const Interest &interest, const ValidationError &error)> InterestValidationFailureCallback
Callback to report a failed Interest validation.
std::string to_string(const V &v)
function< void(const Interest &interest)> InterestValidationSuccessCallback
Callback to report a successful Interest validation.
Interface for validating data and interest packets.