ndn::security::v2::validator_config::ValidationPolicyConfig Class Reference

The validator which can be set up via a configuration file. More...

#include <validation-policy-config.hpp>

Inheritance diagram for ndn::security::v2::validator_config::ValidationPolicyConfig:

Collaboration diagram for ndn::security::v2::validator_config::ValidationPolicyConfig:

Public Types
using	ValidationContinuation = std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)>

Public Member Functions
	ValidationPolicyConfig ()
virtual void	checkPolicy (const Certificate &certificate, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)
	Check certificate against the policy. More...
ValidationPolicy &	getInnerPolicy ()
	Return the inner policy. More...
bool	hasInnerPolicy () const
	Check if inner policy is set. More...
void	load (const std::string &filename)
void	load (const std::string &input, const std::string &filename)
void	load (std::istream &input, const std::string &filename)
void	load (const ConfigSection &configSection, const std::string &filename)
void	setInnerPolicy (unique_ptr< ValidationPolicy > innerPolicy)
	Set inner policy. More...
void	setValidator (Validator &validator)
	Set validator to which the policy is associated. More...

Protected Member Functions
void	checkPolicy (const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
	Check data against the policy. More...
void	checkPolicy (const Interest &interest, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
	Check interest against the policy. More...

Protected Attributes
unique_ptr< ValidationPolicy >	m_innerPolicy
Validator *	m_validator

Detailed Description

The validator which can be set up via a configuration file.

Note

For command Interest validation, this policy must be combined with ValidationPolicyCommandInterest, in order to guard against replay attacks.

This policy does not support inner policies (a sole policy or a terminal inner policy)

See also

https://named-data.net/doc/ndn-cxx/current/tutorials/security-validator-config.html

Definition at line 42 of file validation-policy-config.hpp.

Member Typedef Documentation

using ndn::security::v2::ValidationPolicy::ValidationContinuation = std::function<void(const shared_ptr<CertificateRequest>& certRequest, const shared_ptr<ValidationState>& state)>

inherited

Definition at line 41 of file validation-policy.hpp.

Constructor & Destructor Documentation

ndn::security::v2::validator_config::ValidationPolicyConfig::ValidationPolicyConfig

(

)

Definition at line 36 of file validation-policy-config.cpp.

Member Function Documentation

void ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy ( const Data &  data, const shared_ptr< ValidationState > &  state, const ValidationContinuation &  continueValidation  )

overrideprotectedvirtual

Check data against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

• If packet violates policy, the policy should call state->fail with appropriate error code and error description.
• If packet conforms to the policy and no further key retrievals are necessary, the policy should call continueValidation(state, nullptr)
• If packet conforms to the policy and a key needs to be fetched, the policy should call continueValidation(state, <appropriate-key-request-instance>)

Implements ndn::security::v2::ValidationPolicy.

Definition at line 261 of file validation-policy-config.cpp.

void ndn::security::v2::validator_config::ValidationPolicyConfig::checkPolicy ( const Interest &  interest, const shared_ptr< ValidationState > &  state, const ValidationContinuation &  continueValidation  )

overrideprotectedvirtual

Check interest against the policy.

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

• If packet violates policy, the policy should call state->fail with appropriate error code and error description.
• If packet conforms to the policy and no further key retrievals are necessary, the policy should call continueValidation(state, nullptr)
• If packet conforms to the policy and a key needs to be fetched, the policy should call continueValidation(state, <appropriate-key-request-instance>)

Implements ndn::security::v2::ValidationPolicy.

Definition at line 289 of file validation-policy-config.cpp.

virtual void ndn::security::v2::ValidationPolicy::checkPolicy ( const Certificate &  certificate, const shared_ptr< ValidationState > &  state, const ValidationContinuation &  continueValidation  )

inlinevirtualinherited

Check certificate against the policy.

Unless overridden by the policy, this check defaults to checkPolicy(const Data&, ...).

Depending on implementation of the policy, this check can be done synchronously or asynchronously.

Semantics of checkPolicy has changed from v1::Validator

• If packet violates policy, the policy should call state->fail with appropriate error code and error description.
• If packet conforms to the policy and no further key retrievals are necessary, the policy should call continueValidation(state, nullptr)
• If packet conforms to the policy and a key needs to be fetched, the policy should call continueValidation(state, <appropriate-key-request-instance>)

Definition at line 144 of file validation-policy.hpp.

ValidationPolicy & ndn::security::v2::ValidationPolicy::getInnerPolicy ( )

inherited

Return the inner policy.

If the inner policy was not set, behavior is undefined.

Definition at line 48 of file validation-policy.cpp.

bool ndn::security::v2::ValidationPolicy::hasInnerPolicy ( ) const

inlineinherited

Check if inner policy is set.

Definition at line 72 of file validation-policy.hpp.

void ndn::security::v2::validator_config::ValidationPolicyConfig::load

(

const std::string &

filename

)

Definition at line 43 of file validation-policy-config.cpp.

void ndn::security::v2::validator_config::ValidationPolicyConfig::load	(	const std::string &	input,
		const std::string &	filename
	)

Definition at line 57 of file validation-policy-config.cpp.

void ndn::security::v2::validator_config::ValidationPolicyConfig::load	(	std::istream &	input,
		const std::string &	filename
	)

Definition at line 64 of file validation-policy-config.cpp.

void ndn::security::v2::validator_config::ValidationPolicyConfig::load	(	const ConfigSection &	configSection,
		const std::string &	filename
	)

Definition at line 82 of file validation-policy-config.cpp.

void ndn::security::v2::ValidationPolicy::setInnerPolicy ( unique_ptr< ValidationPolicy >  innerPolicy )

inherited

Set inner policy.

Multiple assignments of the inner policy will create a "chain" of linked policies. The inner policy from the latest invocation of setInnerPolicy will be at the bottom of the policy list.

For example, sequence of this->setInnerPolicy(policy1) and this->setInnerPolicy(policy2), will result in this->m_innerPolicy == policy1, this->m_innerPolicy->m_innerPolicy == policy2', and this->m_innerPolicy->m_innerPolicy->m_innerPolicy == nullptr.

Exceptions

std::invalid_argument

exception, if innerPolicy is nullptr.

Definition at line 29 of file validation-policy.cpp.

void ndn::security::v2::ValidationPolicy::setValidator ( Validator &  validator )

inherited

Set validator to which the policy is associated.

Definition at line 54 of file validation-policy.cpp.

Member Data Documentation

unique_ptr<ValidationPolicy> ndn::security::v2::ValidationPolicy::m_innerPolicy

protectedinherited

Definition at line 152 of file validation-policy.hpp.

Validator* ndn::security::v2::ValidationPolicy::m_validator

protectedinherited

Definition at line 151 of file validation-policy.hpp.