security: Add v2::Validator implementation
Based on the code originally written by Qiuhan Ding
Change-Id: Ib66e24f49d0b6fb2ae21ea1fca7b9ec62ecb753a
Refs: #3289, #1872
diff --git a/docs/index.rst b/docs/index.rst
index f73ad84..fae38ab 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -46,6 +46,7 @@
+ :doc:`specs/signed-interest`
+ :doc:`specs/certificate-format`
+ :doc:`specs/safe-bag`
+ + :doc:`specs/validation-error-code`
- :doc:`manpages`
diff --git a/docs/specs.rst b/docs/specs.rst
index ca5810b..65803db 100644
--- a/docs/specs.rst
+++ b/docs/specs.rst
@@ -7,3 +7,4 @@
specs/signed-interest
specs/certificate-format
specs/safe-bag
+ specs/validation-error-code
diff --git a/docs/specs/validation-error-code.rst b/docs/specs/validation-error-code.rst
new file mode 100644
index 0000000..4610cd4
--- /dev/null
+++ b/docs/specs/validation-error-code.rst
@@ -0,0 +1,33 @@
+Validation Error Code
+=====================
+
+The following table defines a list of known codes and their description, which can be returned from the :ndn-cxx:`v2::Validator` interface.
+Other error codes can be returned by validator implementations outside ndn-cxx codebase.
+
++------------+--------------------------+-----------------------------------------------------+
+| Error code | Short ID | Description |
++============+==========================+=====================================================+
+| 0 | NO_ERROR | No error |
++------------+--------------------------+-----------------------------------------------------+
+| 1 | INVALID_SIGNATURE | Invalid signature |
++------------+--------------------------+-----------------------------------------------------+
+| 2 | NO_SIGNATURE | Missing signature |
++------------+--------------------------+-----------------------------------------------------+
+| 3 | CANNOT_RETRIEVE_CERT | Cannot retrieve certificate |
++------------+--------------------------+-----------------------------------------------------+
+| 4 | EXPIRED_CERT | Certificate expired |
++------------+--------------------------+-----------------------------------------------------+
+| 5 | LOOP_DETECTED | Loop detected in certification chain |
++------------+--------------------------+-----------------------------------------------------+
+| 6 | MALFORMED_CERT | Malformed certificate |
++------------+--------------------------+-----------------------------------------------------+
+| 7 | EXCEEDED_DEPTH_LIMIT | Exceeded validation depth limit |
++------------+--------------------------+-----------------------------------------------------+
+| 8 | INVALID_KEY_LOCATOR | Key locator violates validation policy |
++------------+--------------------------+-----------------------------------------------------+
+| .. | ... | ... |
++------------+--------------------------+-----------------------------------------------------+
+| 255 | IMPLEMENTATION_ERROR | Internal implementation error |
++------------+--------------------------+-----------------------------------------------------+
+
+Specialized validator implementations can use error codes >= 256 to indicate a specialized error.
diff --git a/docs/tutorials/security-library.rst b/docs/tutorials/security-library.rst
index 8ee8d40..1da1e61 100644
--- a/docs/tutorials/security-library.rst
+++ b/docs/tutorials/security-library.rst
@@ -132,7 +132,7 @@
~~~~~~~~~~~~~~~~~~~~
One can call :ndn-cxx:`KeyChain::generateRsaKeyPair` to generate an RSA key pair or
-:ndn-cxx:`KeyChain::generateEcdsaKeyPair` to generate an ECDSA key. Note that generated
+:ndn-cxx:`KeyChain::generateEcKeyPair` to generate an EC key. Note that generated
key pair is not set as the default key of the identity, so you need to set it manually by
calling :ndn-cxx:`KeyChain::setDefaultKeyNameForIdentity`. There is also a helper method
:ndn-cxx:`KeyChain::generateRsaKeyPairAsDefault`, which combines the two steps into one.
diff --git a/src/security/v2/certificate-cache.cpp b/src/security/v2/certificate-cache.cpp
index b3b745d..b9d15aa 100644
--- a/src/security/v2/certificate-cache.cpp
+++ b/src/security/v2/certificate-cache.cpp
@@ -59,28 +59,28 @@
}
const Certificate*
-CertificateCache::find(const Name& keyName)
+CertificateCache::find(const Name& certPrefix) const
{
- refresh();
- if (keyName.size() > 0 && keyName[-1].isImplicitSha256Digest()) {
+ const_cast<CertificateCache*>(this)->refresh();
+ if (certPrefix.size() > 0 && certPrefix[-1].isImplicitSha256Digest()) {
NDN_LOG_INFO("Certificate search using name with the implicit digest is not yet supported");
}
- auto itr = m_certsByName.lower_bound(keyName);
- if (itr == m_certsByName.end() || !keyName.isPrefixOf(itr->getCertName()))
+ auto itr = m_certsByName.lower_bound(certPrefix);
+ if (itr == m_certsByName.end() || !certPrefix.isPrefixOf(itr->getCertName()))
return nullptr;
return &itr->cert;
}
const Certificate*
-CertificateCache::find(const Interest& interest)
+CertificateCache::find(const Interest& interest) const
{
if (interest.getChildSelector() >= 0) {
- NDN_LOG_DEBUG("Certificate search using ChildSelector is not supported, search as if selector not specified");
+ NDN_LOG_DEBUG("Certificate search using ChildSelector is not supported, searching as if selector not specified");
}
if (interest.getName().size() > 0 && interest.getName()[-1].isImplicitSha256Digest()) {
- NDN_LOG_INFO("Certificate search using name with the implicit digest is not yet supported");
+ NDN_LOG_INFO("Certificate search using name with implicit digest is not yet supported");
}
- refresh();
+ const_cast<CertificateCache*>(this)->refresh();
for (auto i = m_certsByName.lower_bound(interest.getName());
i != m_certsByName.end() && interest.getName().isPrefixOf(i->getCertName());
diff --git a/src/security/v2/certificate-cache.hpp b/src/security/v2/certificate-cache.hpp
index 4bf9f3c..f649776 100644
--- a/src/security/v2/certificate-cache.hpp
+++ b/src/security/v2/certificate-cache.hpp
@@ -64,13 +64,13 @@
/**
* @brief Get certificate given key name
- * @param keyName Key name for searching the certificate.
+ * @param certPrefix Certificate prefix for searching the certificate.
* @return The found certificate, nullptr if not found.
*
* @note The returned value may be invalidated after next call to one of find methods.
*/
const Certificate*
- find(const Name& keyName);
+ find(const Name& certPrefix) const;
/**
* @brief Find certificate given interest
@@ -82,7 +82,7 @@
* @note The returned value may be invalidated after next call to one of find methods.
*/
const Certificate*
- find(const Interest& interest);
+ find(const Interest& interest) const;
private:
class Entry
diff --git a/src/security/v2/certificate-request.hpp b/src/security/v2/certificate-request.hpp
new file mode 100644
index 0000000..863d7c3
--- /dev/null
+++ b/src/security/v2/certificate-request.hpp
@@ -0,0 +1,60 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_CERTIFICATE_REQUEST_HPP
+#define NDN_SECURITY_V2_CERTIFICATE_REQUEST_HPP
+
+#include "../../interest.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+/**
+ * @brief Request for a certificate, associated with the number of attempts
+ */
+class CertificateRequest : noncopyable
+{
+public:
+ CertificateRequest()
+ : m_nRetriesLeft(0)
+ {
+ }
+
+ explicit
+ CertificateRequest(const Interest& interest, uint64_t requesterFaceId = 0)
+ : m_interest(interest)
+ , m_nRetriesLeft(3)
+ {
+ }
+
+public:
+ /// @brief the name for the requested data/certificate.
+ Interest m_interest;
+ /// @brief the number of remaining retries after time out or NACK
+ int m_nRetriesLeft;
+};
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_CERTIFICATE_REQUEST_HPP
diff --git a/src/security/v2/key-chain.cpp b/src/security/v2/key-chain.cpp
index 850ad58..47cb75d 100644
--- a/src/security/v2/key-chain.cpp
+++ b/src/security/v2/key-chain.cpp
@@ -681,6 +681,8 @@
sigInfo.setSignatureType(getSignatureType(key.getKeyType(), params.getDigestAlgorithm()));
sigInfo.setKeyLocator(KeyLocator(key.getName()));
+
+ NDN_LOG_TRACE("Prepared signature info: " << sigInfo);
return std::make_tuple(key.getName(), sigInfo);
}
diff --git a/src/security/v2/key-chain.hpp b/src/security/v2/key-chain.hpp
index 0e8402e..7cb71f2 100644
--- a/src/security/v2/key-chain.hpp
+++ b/src/security/v2/key-chain.hpp
@@ -22,6 +22,7 @@
#ifndef NDN_SECURITY_V2_KEY_CHAIN_HPP
#define NDN_SECURITY_V2_KEY_CHAIN_HPP
+#include "../security-common.hpp"
#include "certificate.hpp"
#include "../key-params.hpp"
#include "../pib/pib.hpp"
diff --git a/src/security/v2/validation-callback.hpp b/src/security/v2/validation-callback.hpp
new file mode 100644
index 0000000..7ef4564
--- /dev/null
+++ b/src/security/v2/validation-callback.hpp
@@ -0,0 +1,58 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATION_CALLBACK_HPP
+#define NDN_SECURITY_V2_VALIDATION_CALLBACK_HPP
+
+#include "../../interest.hpp"
+#include "../../data.hpp"
+#include "../security-common.hpp"
+#include "validation-error.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+/**
+ * @brief Callback to report a successful Data validation.
+ */
+typedef function<void(const Data& data)> DataValidationSuccessCallback;
+
+/**
+ * @brief Callback to report a failed Data validation.
+ */
+typedef function<void(const Data& data, const ValidationError& error)> DataValidationFailureCallback;
+
+/**
+ * @brief Callback to report a successful Interest validation.
+ */
+typedef function<void(const Interest& interest)> InterestValidationSuccessCallback;
+
+/**
+ * @brief Callback to report a failed Interest validation.
+ */
+typedef function<void(const Interest& interest, const ValidationError& error)> InterestValidationFailureCallback;
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATION_CALLBACK_HPP
diff --git a/src/security/v2/validation-error.cpp b/src/security/v2/validation-error.cpp
new file mode 100644
index 0000000..5868a6d
--- /dev/null
+++ b/src/security/v2/validation-error.cpp
@@ -0,0 +1,79 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "validation-error.hpp"
+
+#include <ostream>
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+std::ostream&
+operator<<(std::ostream& os, ValidationError::Code code)
+{
+ switch (code) {
+ case ValidationError::Code::NO_ERROR:
+ return os << "No error";
+ case ValidationError::Code::INVALID_SIGNATURE:
+ return os << "Invalid signature";
+ case ValidationError::Code::NO_SIGNATURE:
+ return os << "Missing signature";
+ case ValidationError::Code::CANNOT_RETRIEVE_CERT:
+ return os << "Cannot retrieve certificate";
+ case ValidationError::Code::EXPIRED_CERT:
+ return os << "Certificate expired";
+ case ValidationError::Code::LOOP_DETECTED:
+ return os << "Loop detected in certification chain";
+ case ValidationError::Code::MALFORMED_CERT:
+ return os << "Malformed certificate";
+ case ValidationError::Code::EXCEEDED_DEPTH_LIMIT:
+ return os << "Exceeded validation depth limit";
+ case ValidationError::Code::INVALID_KEY_LOCATOR:
+ return os << "Key locator violates validation policy";
+ case ValidationError::Code::POLICY_ERROR:
+ return os << "Validation policy error";
+ case ValidationError::Code::IMPLEMENTATION_ERROR:
+ return os << "Internal implementation error";
+ case ValidationError::Code::USER_MIN:
+ break;
+ }
+ if (code >= ValidationError::Code::USER_MIN) {
+ return os << "Custom error code " << static_cast<uint32_t>(code);
+ }
+ else {
+ return os << "Unrecognized error code " << static_cast<uint32_t>(code);
+ }
+}
+
+std::ostream&
+operator<<(std::ostream& os, const ValidationError& error)
+{
+ os << static_cast<ValidationError::Code>(error.getCode());
+ if (!error.getInfo().empty()) {
+ os << " (" << error.getInfo() << ")";
+ }
+ return os;
+}
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/src/security/v2/validation-error.hpp b/src/security/v2/validation-error.hpp
new file mode 100644
index 0000000..e737e87
--- /dev/null
+++ b/src/security/v2/validation-error.hpp
@@ -0,0 +1,93 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATION_ERROR_HPP
+#define NDN_SECURITY_V2_VALIDATION_ERROR_HPP
+
+#include "../../common.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+/**
+ * @brief Validation error code and optional detailed error message
+ */
+class ValidationError
+{
+public:
+ /**
+ * @brief Known validation error code
+ * @sa specs/validation-error-code.rst
+ */
+ enum Code : uint32_t {
+ NO_ERROR = 0,
+ INVALID_SIGNATURE = 1,
+ NO_SIGNATURE = 2,
+ CANNOT_RETRIEVE_CERT = 3,
+ EXPIRED_CERT = 4,
+ LOOP_DETECTED = 5,
+ MALFORMED_CERT = 6,
+ EXCEEDED_DEPTH_LIMIT = 7,
+ INVALID_KEY_LOCATOR = 8,
+ POLICY_ERROR = 9,
+ IMPLEMENTATION_ERROR = 255,
+ USER_MIN = 256 // custom error codes should use >=256
+ };
+
+public:
+ /**
+ * @brief Validation error, implicitly convertible from an error code and info
+ */
+ ValidationError(uint32_t code, const std::string& info = "")
+ : m_code(code)
+ , m_info(info)
+ {
+ }
+
+ uint32_t
+ getCode() const
+ {
+ return m_code;
+ }
+
+ const std::string&
+ getInfo() const
+ {
+ return m_info;
+ }
+
+private:
+ uint32_t m_code;
+ std::string m_info;
+};
+
+std::ostream&
+operator<<(std::ostream& os, ValidationError::Code code);
+
+std::ostream&
+operator<<(std::ostream& os, const ValidationError& error);
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATION_ERROR_HPP
diff --git a/src/security/v2/validation-policy-accept-all.hpp b/src/security/v2/validation-policy-accept-all.hpp
new file mode 100644
index 0000000..0d955db
--- /dev/null
+++ b/src/security/v2/validation-policy-accept-all.hpp
@@ -0,0 +1,56 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATION_POLICY_ACCEPT_ALL_HPP
+#define NDN_SECURITY_V2_VALIDATION_POLICY_ACCEPT_ALL_HPP
+
+#include "validation-policy.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+/**
+ * @brief A validator policy that accepts any signature of data and interest packets
+ */
+class ValidationPolicyAcceptAll : public ValidationPolicy
+{
+public:
+ void
+ checkPolicy(const Data& data, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) final
+ {
+ continueValidation(nullptr, state);
+ }
+
+ void
+ checkPolicy(const Interest& interest, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) final
+ {
+ continueValidation(nullptr, state);
+ }
+};
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATION_POLICY_ACCEPT_ALL_HPP
diff --git a/src/security/v2/validation-policy-simple-hierarchy.cpp b/src/security/v2/validation-policy-simple-hierarchy.cpp
new file mode 100644
index 0000000..ee1ad94
--- /dev/null
+++ b/src/security/v2/validation-policy-simple-hierarchy.cpp
@@ -0,0 +1,78 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "validation-policy-simple-hierarchy.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+void
+ValidationPolicySimpleHierarchy::checkPolicy(const Data& data, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation)
+{
+ if (!data.getSignature().hasKeyLocator()) {
+ return state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Required key locator is missing"});
+ }
+ const KeyLocator& locator = data.getSignature().getKeyLocator();
+ if (locator.getType() != KeyLocator::KeyLocator_Name) {
+ return state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Key locator not Name"});
+ }
+ if (locator.getName().getPrefix(-2).isPrefixOf(data.getName())) {
+ continueValidation(make_shared<CertificateRequest>(Interest(locator.getName())), state);
+ }
+ else {
+ state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Data signing policy violation for " +
+ data.getName().toUri() + " by " + locator.getName().toUri()});
+ }
+}
+
+void
+ValidationPolicySimpleHierarchy::checkPolicy(const Interest& interest, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation)
+{
+ SignatureInfo info;
+ try {
+ info.wireDecode(interest.getName().at(signed_interest::POS_SIG_INFO).blockFromValue());
+ }
+ catch (const tlv::Error& e) {
+ return state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Invalid signed interest (" +
+ std::string(e.what()) + ")"});
+ }
+ if (!info.hasKeyLocator()) {
+ return state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Required key locator is missing"});
+ }
+ const KeyLocator& locator = info.getKeyLocator();
+ if (locator.getType() != KeyLocator::KeyLocator_Name) {
+ return state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Key locator not Name"});
+ }
+ if (locator.getName().getPrefix(-2).isPrefixOf(interest.getName())) {
+ continueValidation(make_shared<CertificateRequest>(Interest(locator.getName())), state);
+ }
+ else {
+ state->fail({ValidationError::Code::INVALID_KEY_LOCATOR, "Interest signing policy violation for " +
+ interest.getName().toUri() + " by " + locator.getName().toUri()});
+ }
+}
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/src/security/v2/validation-policy-simple-hierarchy.hpp b/src/security/v2/validation-policy-simple-hierarchy.hpp
new file mode 100644
index 0000000..ac08c8a
--- /dev/null
+++ b/src/security/v2/validation-policy-simple-hierarchy.hpp
@@ -0,0 +1,50 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATION_POLICY_SIMPLE_HIERARCHY_HPP
+#define NDN_SECURITY_V2_VALIDATION_POLICY_SIMPLE_HIERARCHY_HPP
+
+#include "validation-policy.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+/**
+ * @brief Validation policy for a simple hierarchical trust model
+ */
+class ValidationPolicySimpleHierarchy : public ValidationPolicy
+{
+public:
+ void
+ checkPolicy(const Data& data, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) override;
+
+ void
+ checkPolicy(const Interest& interest, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) override;
+};
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATION_POLICY_SIMPLE_HIERARCHY_HPP
diff --git a/src/security/v2/validation-policy.hpp b/src/security/v2/validation-policy.hpp
new file mode 100644
index 0000000..7d85803
--- /dev/null
+++ b/src/security/v2/validation-policy.hpp
@@ -0,0 +1,110 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATION_POLICY_HPP
+#define NDN_SECURITY_V2_VALIDATION_POLICY_HPP
+
+#include "validation-state.hpp"
+#include "certificate-request.hpp"
+#include "../../data.hpp"
+#include "../../interest.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+/**
+ * @brief Abstraction that implements validation policy for Data and Interest packets
+ */
+class ValidationPolicy : noncopyable
+{
+public:
+ using ValidationContinuation = std::function<void(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state)>;
+
+ virtual
+ ~ValidationPolicy() = default;
+
+ /**
+ * @brief Check @p data against the policy
+ *
+ * Depending on implementation of the policy, this check can be done synchronously or
+ * asynchronously.
+ *
+ * Semantics of checkPolicy has changed from v1::Validator
+ * - If packet violates policy, the policy should call `state->fail` with appropriate error
+ * code and error description.
+ * - If packet conforms to the policy and no further key retrievals are necessary,
+ * the policy should call continueValidation(state, nullptr)
+ * - If packet conforms to the policy and a key needs to be fetched, the policy should call
+ * continueValidation(state, <appropriate-key-request-instance>)
+ */
+ virtual void
+ checkPolicy(const Data& data, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) = 0;
+
+ /**
+ * @brief Check @p interest against the policy
+ *
+ * Depending on implementation of the policy, this check can be done synchronously or
+ * asynchronously.
+ *
+ * Semantics of checkPolicy has changed from v1::Validator
+ * - If packet violates policy, the policy should call `state->fail` with appropriate error
+ * code and error description.
+ * - If packet conforms to the policy and no further key retrievals are necessary,
+ * the policy should call continueValidation(state, nullptr)
+ * - If packet conforms to the policy and a key needs to be fetched, the policy should call
+ * continueValidation(state, <appropriate-key-request-instance>)
+ */
+ virtual void
+ checkPolicy(const Interest& interest, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) = 0;
+
+ /**
+ * @brief Check @p certificate against the policy
+ *
+ * Unless overridden by the policy, this check defaults to `checkPolicy(const Data&, ...)`.
+ *
+ * Depending on implementation of the policy, this check can be done synchronously or
+ * asynchronously.
+ *
+ * Semantics of checkPolicy has changed from v1::Validator
+ * - If packet violates policy, the policy should call `state->fail` with appropriate error
+ * code and error description.
+ * - If packet conforms to the policy and no further key retrievals are necessary,
+ * the policy should call continueValidation(state, nullptr)
+ * - If packet conforms to the policy and a key needs to be fetched, the policy should call
+ * continueValidation(state, <appropriate-key-request-instance>)
+ */
+ virtual void
+ checkPolicy(const Certificate& certificate, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation)
+ {
+ checkPolicy(static_cast<const Data&>(certificate), state, continueValidation);
+ }
+};
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATION_POLICY_HPP
diff --git a/src/security/v2/validation-state.cpp b/src/security/v2/validation-state.cpp
new file mode 100644
index 0000000..269ef2d
--- /dev/null
+++ b/src/security/v2/validation-state.cpp
@@ -0,0 +1,208 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "validation-state.hpp"
+#include "validator.hpp"
+#include "../verification-helpers.hpp"
+#include "util/logger.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+NDN_LOG_INIT(ndn.security.v2.ValidationState);
+
+#define NDN_LOG_DEBUG_DEPTH(x) NDN_LOG_DEBUG(std::string(this->getDepth() + 1, '>') << " " << x)
+#define NDN_LOG_TRACE_DEPTH(x) NDN_LOG_TRACE(std::string(this->getDepth() + 1, '>') << " " << x)
+
+ValidationState::ValidationState()
+ : m_hasOutcome(false)
+{
+}
+
+ValidationState::~ValidationState()
+{
+ NDN_LOG_TRACE(__func__);
+ BOOST_ASSERT(m_hasOutcome);
+}
+
+size_t
+ValidationState::getDepth() const
+{
+ return m_certificateChain.size();
+}
+
+bool
+ValidationState::hasSeenCertificateName(const Name& certName)
+{
+ return !m_seenCertificateNames.insert(certName).second;
+}
+
+void
+ValidationState::addCertificate(const Certificate& cert)
+{
+ m_certificateChain.push_front(cert);
+}
+
+const Certificate*
+ValidationState::verifyCertificateChain(const Certificate& trustedCert)
+{
+ const Certificate* validatedCert = &trustedCert;
+ for (auto it = m_certificateChain.begin(); it != m_certificateChain.end(); ++it) {
+ const auto& certToValidate = *it;
+
+ if (!verifySignature(certToValidate, *validatedCert)) {
+ this->fail({ValidationError::Code::INVALID_SIGNATURE, "Invalid signature of certificate `" +
+ certToValidate.getName().toUri() + "`"});
+ m_certificateChain.erase(it, m_certificateChain.end());
+ return nullptr;
+ }
+ else {
+ NDN_LOG_TRACE_DEPTH("OK signature for certificate `" << certToValidate.getName() << "`");
+ validatedCert = &certToValidate;
+ }
+ }
+ return validatedCert;
+}
+
+/////// DataValidationState
+
+DataValidationState::DataValidationState(const Data& data,
+ const DataValidationSuccessCallback& successCb,
+ const DataValidationFailureCallback& failureCb)
+ : m_data(data)
+ , m_successCb(successCb)
+ , m_failureCb(failureCb)
+{
+ BOOST_ASSERT(m_successCb != nullptr);
+ BOOST_ASSERT(m_failureCb != nullptr);
+}
+
+DataValidationState::~DataValidationState()
+{
+ if (!m_hasOutcome) {
+ this->fail({ValidationError::Code::IMPLEMENTATION_ERROR,
+ "Validator/policy did not invoke success or failure callback"});
+ }
+}
+
+void
+DataValidationState::verifyOriginalPacket(const Certificate& trustedCert)
+{
+ if (verifySignature(m_data, trustedCert)) {
+ NDN_LOG_TRACE_DEPTH("OK signature for data `" << m_data.getName() << "`");
+ m_successCb(m_data);
+ BOOST_ASSERT(!m_hasOutcome);
+ m_hasOutcome = true;
+ }
+ else {
+ this->fail({ValidationError::Code::INVALID_SIGNATURE, "Invalid signature of data `" +
+ m_data.getName().toUri() + "`"});
+ }
+}
+
+void
+DataValidationState::bypassValidation()
+{
+ NDN_LOG_TRACE_DEPTH("Signature verification bypassed for data `" << m_data.getName() << "`");
+ m_successCb(m_data);
+ BOOST_ASSERT(!m_hasOutcome);
+ m_hasOutcome = true;
+}
+
+void
+DataValidationState::fail(const ValidationError& error)
+{
+ NDN_LOG_DEBUG_DEPTH(error);
+ m_failureCb(m_data, error);
+ BOOST_ASSERT(!m_hasOutcome);
+ m_hasOutcome = true;
+}
+
+const Data&
+DataValidationState::getOriginalData() const
+{
+ return m_data;
+}
+
+/////// InterestValidationState
+
+InterestValidationState::InterestValidationState(const Interest& interest,
+ const InterestValidationSuccessCallback& successCb,
+ const InterestValidationFailureCallback& failureCb)
+ : m_interest(interest)
+ , m_successCb(successCb)
+ , m_failureCb(failureCb)
+{
+ BOOST_ASSERT(m_successCb != nullptr);
+ BOOST_ASSERT(m_failureCb != nullptr);
+}
+
+InterestValidationState::~InterestValidationState()
+{
+ if (!m_hasOutcome) {
+ this->fail({ValidationError::Code::IMPLEMENTATION_ERROR,
+ "Validator/policy did not invoke success or failure callback"});
+ }
+}
+
+void
+InterestValidationState::verifyOriginalPacket(const Certificate& trustedCert)
+{
+ if (verifySignature(m_interest, trustedCert)) {
+ NDN_LOG_TRACE_DEPTH("OK signature for interest `" << m_interest.getName() << "`");
+ m_successCb(m_interest);
+ BOOST_ASSERT(!m_hasOutcome);
+ m_hasOutcome = true;
+ }
+ else {
+ this->fail({ValidationError::Code::INVALID_SIGNATURE, "Invalid signature of interest `" +
+ m_interest.getName().toUri() + "`"});
+ }
+}
+
+void
+InterestValidationState::bypassValidation()
+{
+ NDN_LOG_TRACE_DEPTH("Signature verification bypassed for interest `" << m_interest.getName() << "`");
+ m_successCb(m_interest);
+ BOOST_ASSERT(!m_hasOutcome);
+ m_hasOutcome = true;
+}
+
+void
+InterestValidationState::fail(const ValidationError& error)
+{
+ NDN_LOG_DEBUG_DEPTH(error);
+ m_failureCb(m_interest, error);
+ BOOST_ASSERT(!m_hasOutcome);
+ m_hasOutcome = true;
+}
+
+const Interest&
+InterestValidationState::getOriginalInterest() const
+{
+ return m_interest;
+}
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/src/security/v2/validation-state.hpp b/src/security/v2/validation-state.hpp
new file mode 100644
index 0000000..2181fae
--- /dev/null
+++ b/src/security/v2/validation-state.hpp
@@ -0,0 +1,243 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATION_STATE_HPP
+#define NDN_SECURITY_V2_VALIDATION_STATE_HPP
+
+#include "../../tag-host.hpp"
+#include "validation-callback.hpp"
+#include "certificate.hpp"
+
+#include <unordered_set>
+#include <list>
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+class Validator;
+
+/**
+ * @brief Validation state
+ *
+ * One instance of the validation state is kept for the validation of the whole certificate
+ * chain.
+ *
+ * The state collects the certificate chain that adheres to the selected validation policy to
+ * validate data or interest packets. Certificate, data, and interest packet signatures are
+ * verified only after the validator determines that the chain terminates with a trusted
+ * certificate (a trusted anchor or a previously validated certificate). This model allows
+ * filtering out invalid certificate chains without incurring (costly) cryptographic signature
+ * verification overhead and mitigates some forms of denial-of-service attacks.
+ *
+ * Validation policy and/or key fetcher may add custom information associated with the
+ * validation state using tags (@sa TagHost)
+ *
+ * @sa DataValidationState, InterestValidationState
+ */
+class ValidationState : public TagHost, noncopyable
+{
+public:
+ /**
+ * @brief Create validation state
+ */
+ ValidationState();
+
+ virtual
+ ~ValidationState();
+
+ /**
+ * @brief Call the failure callback
+ */
+ virtual void
+ fail(const ValidationError& error) = 0;
+
+ /**
+ * @return Depth of certificate chain
+ */
+ size_t
+ getDepth() const;
+
+ /**
+ * @brief Check if @p certName has been previously seen and record the supplied name
+ */
+ bool
+ hasSeenCertificateName(const Name& certName);
+
+ /**
+ * @brief Add @p cert to the top of the certificate chain
+ *
+ * If m_certificateChain is empty, @p cert should be the signer of the original
+ * packet. If m_certificateChain is not empty, @p cert should be the signer of
+ * m_certificateChain.front().
+ *
+ * @post m_certificateChain.front() == cert
+ * @note This function does not verify the signature bits.
+ */
+ void
+ addCertificate(const Certificate& cert);
+
+private: // Interface intended to be used only by Validator class
+ /**
+ * @brief Verify signature of the original packet
+ *
+ * @param trustCert The certificate that signs the original packet
+ */
+ virtual void
+ verifyOriginalPacket(const Certificate& trustedCert) = 0;
+
+ /**
+ * @brief Call success callback of the original packet without signature validation
+ */
+ virtual void
+ bypassValidation() = 0;
+
+ /**
+ * @brief Verify signatures of certificates in the certificate chain
+ *
+ * When certificate chain cannot be verified, this method will call this->fail() with
+ * INVALID_SIGNATURE error code and the appropriate diagnostic message.
+ *
+ * @retval nullptr Signatures of at least one certificate in the chain is invalid. All unverified
+ * certificates have been removed from m_certificateChain.
+ * @retval Certificate to validate original data packet, either m_certificateChain.back() or
+ * trustedCert if the certificate chain is empty.
+ *
+ * @post m_certificateChain includes a list of certificates successfully verified by
+ * @p trustedCert.
+ */
+ const Certificate*
+ verifyCertificateChain(const Certificate& trustedCert);
+
+protected:
+ bool m_hasOutcome;
+
+private:
+ std::unordered_set<Name> m_seenCertificateNames;
+
+ /**
+ * @brief the certificate chain
+ *
+ * Each certificate in the chain signs the next certificate. The last certificate signs the
+ * original packet.
+ */
+ std::list<v2::Certificate> m_certificateChain;
+
+ friend class Validator;
+};
+
+/**
+ * @brief Validation state for a data packet
+ */
+class DataValidationState final : public ValidationState
+{
+public:
+ /**
+ * @brief Create validation state for @p data
+ *
+ * The caller must ensure that state instance is valid until validation finishes (i.e., until
+ * after validateCertificateChain() and validateOriginalPacket() are called)
+ */
+ DataValidationState(const Data& data,
+ const DataValidationSuccessCallback& successCb,
+ const DataValidationFailureCallback& failureCb);
+
+ /**
+ * @brief Destructor
+ *
+ * If neither success callback nor failure callback was called, the destructor will call
+ * failure callback with IMPLEMENTATION_ERROR error code.
+ */
+ ~DataValidationState() final;
+
+ void
+ fail(const ValidationError& error) final;
+
+ /**
+ * @return Original data being validated
+ */
+ const Data&
+ getOriginalData() const;
+
+private:
+ void
+ verifyOriginalPacket(const Certificate& trustedCert) final;
+
+ void
+ bypassValidation() final;
+
+private:
+ Data m_data;
+ DataValidationSuccessCallback m_successCb;
+ DataValidationFailureCallback m_failureCb;
+};
+
+/**
+ * @brief Validation state for an interest packet
+ */
+class InterestValidationState final : public ValidationState
+{
+public:
+ /**
+ * @brief Create validation state for @p interest
+ *
+ * The caller must ensure that state instance is valid until validation finishes (i.e., until
+ * after validateCertificateChain() and validateOriginalPacket() are called)
+ */
+ InterestValidationState(const Interest& interest,
+ const InterestValidationSuccessCallback& successCb,
+ const InterestValidationFailureCallback& failureCb);
+
+ /**
+ * @brief Destructor
+ *
+ * If neither success callback nor failure callback was called, the destructor will call
+ * failure callback with IMPLEMENTATION_ERROR error code.
+ */
+ ~InterestValidationState() final;
+
+ void
+ fail(const ValidationError& error) final;
+
+ /**
+ * @return Original interest being validated
+ */
+ const Interest&
+ getOriginalInterest() const;
+
+private:
+ void
+ verifyOriginalPacket(const Certificate& trustedCert) final;
+
+ void
+ bypassValidation() final;
+
+private:
+ Interest m_interest;
+ InterestValidationSuccessCallback m_successCb;
+ InterestValidationFailureCallback m_failureCb;
+};
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATION_STATE_HPP
diff --git a/src/security/v2/validator.cpp b/src/security/v2/validator.cpp
new file mode 100644
index 0000000..b18fc75
--- /dev/null
+++ b/src/security/v2/validator.cpp
@@ -0,0 +1,320 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "validator.hpp"
+
+#include "face.hpp"
+#include "security/transform/public-key.hpp"
+#include "util/logger.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+
+NDN_LOG_INIT(ndn.security.v2.Validator);
+
+#define NDN_LOG_DEBUG_DEPTH(x) NDN_LOG_DEBUG(std::string(state->getDepth() + 1, '>') << " " << x)
+#define NDN_LOG_TRACE_DEPTH(x) NDN_LOG_TRACE(std::string(state->getDepth() + 1, '>') << " " << x)
+
+Validator::Validator(unique_ptr<ValidationPolicy> policy, Face* face)
+ : m_policy(std::move(policy))
+ , m_face(face)
+ , m_verifiedCertificateCache(time::hours(1))
+ , m_unverifiedCertificateCache(time::minutes(5))
+ , m_maxDepth(25)
+{
+}
+
+Validator::~Validator() = default;
+
+void
+Validator::setMaxDepth(size_t depth)
+{
+ m_maxDepth = depth;
+}
+
+size_t
+Validator::getMaxDepth() const
+{
+ return m_maxDepth;
+}
+
+void
+Validator::validate(const Data& data,
+ const DataValidationSuccessCallback& successCb,
+ const DataValidationFailureCallback& failureCb)
+{
+ auto state = make_shared<DataValidationState>(data, successCb, failureCb);
+ NDN_LOG_DEBUG_DEPTH("Start validating data " << data.getName());
+
+ m_policy->checkPolicy(data, state,
+ [this] (const shared_ptr<CertificateRequest>& certRequest, const shared_ptr<ValidationState>& state) {
+ if (certRequest == nullptr) {
+ state->bypassValidation();
+ }
+ else {
+ // need to fetch key and validate it
+ requestCertificate(certRequest, state);
+ }
+ });
+}
+
+void
+Validator::validate(const Interest& interest,
+ const InterestValidationSuccessCallback& successCb,
+ const InterestValidationFailureCallback& failureCb)
+{
+ auto state = make_shared<InterestValidationState>(interest, successCb, failureCb);
+ NDN_LOG_DEBUG_DEPTH("Start validating interest " << interest.getName());
+
+ m_policy->checkPolicy(interest, state,
+ [this] (const shared_ptr<CertificateRequest>& certRequest, const shared_ptr<ValidationState>& state) {
+ if (certRequest == nullptr) {
+ state->bypassValidation();
+ }
+ else {
+ // need to fetch key and validate it
+ requestCertificate(certRequest, state);
+ }
+ });
+}
+
+void
+Validator::validate(const Certificate& cert, const shared_ptr<ValidationState>& state)
+{
+ NDN_LOG_DEBUG_DEPTH("Start validating certificate " << cert.getName());
+ m_policy->checkPolicy(cert, state,
+ [this, cert] (const shared_ptr<CertificateRequest>& certRequest, const shared_ptr<ValidationState>& state) {
+ if (certRequest == nullptr) {
+ state->fail({ValidationError::POLICY_ERROR, "Validation policy is not allowed to designate `" +
+ cert.getName().toUri() + "` as a trust anchor"});
+ }
+ else {
+ // need to fetch key and validate it
+ state->addCertificate(cert);
+ requestCertificate(certRequest, state);
+ }
+ });
+}
+
+const Certificate*
+Validator::findTrustedCert(const Interest& interestForCertificate, const shared_ptr<ValidationState>& state)
+{
+ auto anchor = m_trustAnchors.find(interestForCertificate);
+ if (anchor != nullptr) {
+ NDN_LOG_TRACE_DEPTH("Found certificate in anchor cache " << anchor->getName());
+ return anchor;
+ }
+
+ auto key = m_verifiedCertificateCache.find(interestForCertificate);
+ if (key != nullptr) {
+ NDN_LOG_TRACE_DEPTH("Found certificate in verified key cache " << key->getName());
+ return key;
+ }
+ return nullptr;
+}
+
+void
+Validator::requestCertificate(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state)
+{
+ // TODO configurable check for the maximum number of steps
+ if (state->getDepth() >= m_maxDepth) {
+ state->fail({ValidationError::Code::EXCEEDED_DEPTH_LIMIT,
+ "Exceeded validation depth limit (" + to_string(m_maxDepth) + ")"});
+ return;
+ }
+
+ NDN_LOG_DEBUG_DEPTH("Retrieving " << certRequest->m_interest.getName());
+
+ // Check the trusted cache
+ auto cert = findTrustedCert(certRequest->m_interest, state);
+ if (cert != nullptr) {
+ cert = state->verifyCertificateChain(*cert);
+ if (cert != nullptr) {
+ state->verifyOriginalPacket(*cert);
+ }
+ for (auto trustedCert = std::make_move_iterator(state->m_certificateChain.begin());
+ trustedCert != std::make_move_iterator(state->m_certificateChain.end());
+ ++trustedCert) {
+ cacheVerifiedCertificate(*trustedCert);
+ }
+ return;
+ }
+
+ if (state->hasSeenCertificateName(certRequest->m_interest.getName())) {
+ state->fail({ValidationError::Code::LOOP_DETECTED,
+ "Loop detected at " + certRequest->m_interest.getName().toUri()});
+ return;
+ }
+
+ // Check untrusted cache
+ cert = m_unverifiedCertificateCache.find(certRequest->m_interest);
+ if (cert != nullptr) {
+ NDN_LOG_DEBUG_DEPTH("Found certificate in **un**verified key cache " << cert->getName());
+ return dataCallback(*cert, certRequest, state, false); // to avoid caching the cached key
+ }
+
+ // Attempt to retrieve certificate from the network
+ fetchCertificateFromNetwork(certRequest, state);
+}
+
+void
+Validator::fetchCertificateFromNetwork(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state)
+{
+ if (m_face == nullptr) {
+ state->fail({ValidationError::Code::CANNOT_RETRIEVE_CERT, "Cannot fetch certificate in offline mode "
+ "`" + certRequest->m_interest.getName().toUri() + "`"});
+ return;
+ }
+
+ m_face->expressInterest(certRequest->m_interest,
+ [=] (const Interest& interest, const Data& data) {
+ dataCallback(data, certRequest, state);
+ },
+ [=] (const Interest& interest, const lp::Nack& nack) {
+ nackCallback(nack, certRequest, state);
+ },
+ [=] (const Interest& interest) {
+ timeoutCallback(certRequest, state);
+ });
+}
+
+void
+Validator::dataCallback(const Data& data,
+ const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state,
+ bool isFromNetwork)
+{
+ NDN_LOG_DEBUG_DEPTH("Retrieved certificate " << (isFromNetwork ? "from network " : "from cache ") << data.getName());
+
+ Certificate cert;
+ try {
+ cert = Certificate(data);
+ }
+ catch (const tlv::Error& e) {
+ return state->fail({ValidationError::Code::MALFORMED_CERT, "Retrieved a malformed certificate "
+ "`" + data.getName().toUri() + "` (" + e.what() + ")"});
+ }
+
+ if (!cert.isValid()) {
+ return state->fail({ValidationError::Code::EXPIRED_CERT, "Retrieved certificate is not yet "
+ "valid or has expired `" + cert.getName().toUri() + "`"});
+ }
+ if (isFromNetwork) {
+ cacheUnverifiedCertificate(Certificate(cert));
+ }
+ return validate(cert, state); // recursion step
+}
+
+void
+Validator::nackCallback(const lp::Nack& nack, const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state)
+{
+ NDN_LOG_DEBUG_DEPTH("NACK (" << nack.getReason() << ") while retrieving certificate "
+ << certRequest->m_interest.getName());
+
+ --certRequest->m_nRetriesLeft;
+ if (certRequest->m_nRetriesLeft > 0) {
+ // TODO implement delay for the the next fetch
+ fetchCertificateFromNetwork(certRequest, state);
+ }
+ else {
+ state->fail({ValidationError::Code::CANNOT_RETRIEVE_CERT, "Cannot fetch certificate after all "
+ "retries `" + certRequest->m_interest.getName().toUri() + "`"});
+ }
+}
+
+void
+Validator::timeoutCallback(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state)
+{
+ NDN_LOG_DEBUG_DEPTH("Timeout while retrieving certificate "
+ << certRequest->m_interest.getName() << ", retrying");
+
+ --certRequest->m_nRetriesLeft;
+ if (certRequest->m_nRetriesLeft > 0) {
+ fetchCertificateFromNetwork(certRequest, state);
+ }
+ else {
+ state->fail({ValidationError::Code::CANNOT_RETRIEVE_CERT, "Cannot fetch certificate after all "
+ "retries `" + certRequest->m_interest.getName().toUri() + "`"});
+ }
+}
+
+////////////////////////////////////////////////////////////////////////
+// Trust anchor management
+////////////////////////////////////////////////////////////////////////
+
+void
+Validator::loadAnchor(const std::string& groupId, Certificate&& cert)
+{
+ m_trustAnchors.insert(groupId, std::move(cert));
+}
+
+void
+Validator::loadAnchor(const std::string& groupId, const std::string& certfilePath,
+ time::nanoseconds refreshPeriod, bool isDir)
+{
+ m_trustAnchors.insert(groupId, certfilePath, refreshPeriod, isDir);
+}
+
+void
+Validator::cacheVerifiedCertificate(Certificate&& cert)
+{
+ m_verifiedCertificateCache.insert(std::move(cert));
+}
+
+void
+Validator::cacheUnverifiedCertificate(Certificate&& cert)
+{
+ m_unverifiedCertificateCache.insert(std::move(cert));
+}
+
+const TrustAnchorContainer&
+Validator::getTrustAnchors() const
+{
+ return m_trustAnchors;
+}
+
+const CertificateCache&
+Validator::getVerifiedCertificateCache() const
+{
+ return m_verifiedCertificateCache;
+}
+
+const CertificateCache&
+Validator::getUnverifiedCertificateCache() const
+{
+ return m_unverifiedCertificateCache;
+}
+
+bool
+Validator::isCertificateCached(const Name& certName) const
+{
+ return (getVerifiedCertificateCache().find(certName) != nullptr ||
+ getVerifiedCertificateCache().find(certName) != nullptr);
+}
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/src/security/v2/validator.hpp b/src/security/v2/validator.hpp
new file mode 100644
index 0000000..c17ce82
--- /dev/null
+++ b/src/security/v2/validator.hpp
@@ -0,0 +1,276 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_SECURITY_V2_VALIDATOR_HPP
+#define NDN_SECURITY_V2_VALIDATOR_HPP
+
+#include "certificate.hpp"
+#include "certificate-cache.hpp"
+#include "certificate-request.hpp"
+#include "trust-anchor-container.hpp"
+#include "validation-callback.hpp"
+#include "validation-policy.hpp"
+#include "validation-state.hpp"
+
+namespace ndn {
+
+class Face;
+
+namespace lp {
+class Nack;
+} // namespace lp
+
+namespace security {
+namespace v2 {
+
+/**
+ * @brief Interface for validating data and interest packets.
+ *
+ * Every time a validation process initiated, it creates a ValidationState that exist until
+ * validation finishes with either success or failure. This state serves several purposes:
+ * - record Interest or Data packet being validated
+ * - record failure callback
+ * - record certificates in the certification chain for the Interest or Data packet being validated
+ * - record names of the requested certificates to detect loops in the certificate chain
+ * - keep track of the validation chain size (aka validation "depth")
+ *
+ * During validation, policy can augment validation state with policy- and fetcher-specific
+ * information using ndn::Tag's.
+ *
+ * A validator has a trust anchor cache to save static and dynamic trust anchors, a verified
+ * certificate cache for saving certificates that are already verified and an unverified
+ * certificate cache for saving prefetched but not yet verified certificates.
+ *
+ * @todo Limit the maximum time the validation process is allowed to run before declaring failure
+ * @todo Ability to customize maximum lifetime for trusted and untrusted certificate caches.
+ * Current implementation hard-codes them to be 1 hour and 5 minutes.
+ */
+class Validator : noncopyable
+{
+public:
+ /**
+ * @brief Validator constructor.
+ *
+ * @param policy Validation policy to be associated with the validator
+ * @param face Face for fetching certificates from network. If provided, the Validator
+ * operates in online mode; otherwise, the Validator operates in offline mode.
+ */
+ explicit
+ Validator(unique_ptr<ValidationPolicy> policy, Face* face = nullptr);
+
+ ~Validator();
+
+ /**
+ * @brief Set the maximum depth of the certificate chain
+ */
+ void
+ setMaxDepth(size_t depth);
+
+ /**
+ * @return The maximum depth of the certificate chain
+ */
+ size_t
+ getMaxDepth() const;
+
+ /**
+ * @brief Asynchronously validate @p data
+ *
+ * @note @p successCb and @p failureCb must not be nullptr
+ */
+ void
+ validate(const Data& data,
+ const DataValidationSuccessCallback& successCb,
+ const DataValidationFailureCallback& failureCb);
+
+ /**
+ * @brief Asynchronously validate @p interest
+ *
+ * @note @p successCb and @p failureCb must not be nullptr
+ */
+ void
+ validate(const Interest& interest,
+ const InterestValidationSuccessCallback& successCb,
+ const InterestValidationFailureCallback& failureCb);
+
+public: // anchor management
+ /**
+ * @brief load static trust anchor.
+ *
+ * Static trust anchors are permanently associated with the validator and never expire.
+ *
+ * @param groupId Certificate group id.
+ * @param cert Certificate to load as a trust anchor.
+ */
+ void
+ loadAnchor(const std::string& groupId, Certificate&& cert);
+
+ /**
+ * @brief load dynamic trust anchors.
+ *
+ * Dynamic trust anchors are associated with the validator for as long as the underlying
+ * trust anchor file (set of files) exist(s).
+ *
+ * @param groupId Certificate group id, must not be empty.
+ * @param certfilePath Specifies the path to load the trust anchors.
+ * @param refreshPeriod Refresh period for the trust anchors, must be positive.
+ * @param isDir Tells whether the path is a directory or a single file.
+ */
+ void
+ loadAnchor(const std::string& groupId, const std::string& certfilePath,
+ time::nanoseconds refreshPeriod, bool isDir = false);
+
+ /**
+ * @brief Cache verified @p cert a period of time (1 hour)
+ *
+ * @todo Add ability to customize time period
+ */
+ void
+ cacheVerifiedCertificate(Certificate&& cert);
+
+ /**
+ * @brief Cache unverified @p cert for a period of time (5 minutes)
+ *
+ * @todo Add ability to customize time period
+ */
+ void
+ cacheUnverifiedCertificate(Certificate&& cert);
+
+ /**
+ * @return Trust anchor container
+ */
+ const TrustAnchorContainer&
+ getTrustAnchors() const;
+
+ /**
+ * @return Verified certificate cache
+ */
+ const CertificateCache&
+ getVerifiedCertificateCache() const;
+
+ /**
+ * @return Unverified certificate cache
+ */
+ const CertificateCache&
+ getUnverifiedCertificateCache() const;
+
+ /**
+ * @brief Check if certificate with @p certName exists in verified or unverified cache
+ */
+ bool
+ isCertificateCached(const Name& certName) const;
+
+private: // Common validator operations
+ /**
+ * @brief Recursive validation of the certificate in the certification chain
+ *
+ * @param cert The certificate to check.
+ * @param state The current validation state.
+ */
+ void
+ validate(const Certificate& cert, const shared_ptr<ValidationState>& state);
+
+ /**
+ * @brief Request certificate for further validation.
+ *
+ * @param certRequest Certificate request.
+ * @param state The current validation state.
+ */
+ void
+ requestCertificate(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state);
+
+ /**
+ * @brief Find trusted certificate among trust anchors and verified certificates.
+ *
+ * @param interestForCertificate Interest for certificate
+ * @param state The current validation state.
+ *
+ * @return found certificate, nullptr if not found.
+ *
+ * @note The returned pointer may get invalidated after next findTrustedCert call.
+ */
+ const Certificate*
+ findTrustedCert(const Interest& interestForCertificate,
+ const shared_ptr<ValidationState>& state);
+
+ /**
+ * @brief fetch certificate from network based on certificate request.
+ *
+ * @param certRequest Certificate request.
+ * @param state The current validation state.
+ */
+ void
+ fetchCertificateFromNetwork(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state);
+
+ /**
+ * @brief Callback invoked when certificated is retrieved.
+ *
+ * @param data Retrieved certificate.
+ * @param certRequest Certificate request.
+ * @param state The current validation state.
+ * @param isFromNetwork Flag to indicate that the data packet is retrieved (to avoid re-caching).
+ */
+ void
+ dataCallback(const Data& data,
+ const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state,
+ bool isFromNetwork = true);
+
+ /**
+ * @brief Callback invoked when interest for fetching certificate gets NACKed.
+ *
+ * It will retry for pre-configured amount of retries.
+ *
+ * @param nack Received NACK
+ * @param certRequest Certificate request.
+ * @param state The current validation state.
+ */
+ void
+ nackCallback(const lp::Nack& nack, const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state);
+
+ /**
+ * @brief Callback invoked when interest for fetching certificate times out.
+ *
+ * It will retry for pre-configured amount of retries.
+ *
+ * @param certRequest Certificate request.
+ * @param state The current validation state.
+ */
+ void
+ timeoutCallback(const shared_ptr<CertificateRequest>& certRequest,
+ const shared_ptr<ValidationState>& state);
+
+private:
+ unique_ptr<ValidationPolicy> m_policy;
+ Face* m_face;
+ TrustAnchorContainer m_trustAnchors;
+ CertificateCache m_verifiedCertificateCache;
+ CertificateCache m_unverifiedCertificateCache;
+ size_t m_maxDepth;
+};
+
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_SECURITY_V2_VALIDATOR_HPP
diff --git a/tests/unit-tests/security/v2/validation-error.t.cpp b/tests/unit-tests/security/v2/validation-error.t.cpp
new file mode 100644
index 0000000..aac7ca1
--- /dev/null
+++ b/tests/unit-tests/security/v2/validation-error.t.cpp
@@ -0,0 +1,61 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "security/v2/validation-error.hpp"
+
+#include "boost-test.hpp"
+#include <boost/lexical_cast.hpp>
+
+namespace ndn {
+namespace security {
+namespace v2 {
+namespace tests {
+
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(V2)
+BOOST_AUTO_TEST_SUITE(TestValidationError)
+
+BOOST_AUTO_TEST_CASE(Basic)
+{
+ ValidationError e1{ValidationError::Code::INVALID_SIGNATURE};
+ BOOST_CHECK_EQUAL(e1.getCode(), 1);
+ BOOST_CHECK_EQUAL(e1.getInfo(), "");
+ BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(e1), "Invalid signature");
+
+ ValidationError e2{ValidationError::Code::NO_SIGNATURE, "message"};
+ BOOST_CHECK_EQUAL(e2.getCode(), 2);
+ BOOST_CHECK_EQUAL(e2.getInfo(), "message");
+ BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(e2), "Missing signature (message)");
+
+ ValidationError e3{65535, "other message"};
+ BOOST_CHECK_EQUAL(e3.getCode(), 65535);
+ BOOST_CHECK_EQUAL(e3.getInfo(), "other message");
+ BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(e3), "Custom error code 65535 (other message)");
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestValidationError
+BOOST_AUTO_TEST_SUITE_END() // V2
+BOOST_AUTO_TEST_SUITE_END() // Security
+
+} // namespace tests
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/tests/unit-tests/security/v2/validation-policy-accept-all.t.cpp b/tests/unit-tests/security/v2/validation-policy-accept-all.t.cpp
new file mode 100644
index 0000000..5cefa9b
--- /dev/null
+++ b/tests/unit-tests/security/v2/validation-policy-accept-all.t.cpp
@@ -0,0 +1,79 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "security/v2/validation-policy-accept-all.hpp"
+
+#include "boost-test.hpp"
+#include "validator-fixture.hpp"
+
+#include <boost/mpl/vector.hpp>
+
+namespace ndn {
+namespace security {
+namespace v2 {
+namespace tests {
+
+using namespace ndn::tests;
+
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(V2)
+
+class ValidationPolicyAcceptAllFixture : public ValidatorFixture<ValidationPolicyAcceptAll>
+{
+public:
+ ValidationPolicyAcceptAllFixture()
+ {
+ identity = addIdentity("/Security/V2/TestValidationPolicyAcceptAll");
+ // don't add trust anchors
+ }
+
+public:
+ Identity identity;
+};
+
+BOOST_FIXTURE_TEST_SUITE(TestValidationPolicyAcceptAll, ValidationPolicyAcceptAllFixture)
+
+typedef boost::mpl::vector<Interest, Data> Packets;
+
+BOOST_AUTO_TEST_CASE_TEMPLATE(Validate, Packet, Packets)
+{
+ Packet unsignedPacket("/Security/V2/TestValidationPolicyAcceptAll/Sub/Packet");
+
+ Packet packet = unsignedPacket;
+ VALIDATE_SUCCESS(packet, "Should accept unsigned");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingWithSha256());
+ VALIDATE_SUCCESS(packet, "Should accept Sha256Digest signature");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingByIdentity(identity));
+ VALIDATE_SUCCESS(packet, "Should accept signature while no trust anchors configured");
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestValidationPolicyAcceptAll
+BOOST_AUTO_TEST_SUITE_END() // V2
+BOOST_AUTO_TEST_SUITE_END() // Security
+
+} // namespace tests
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/tests/unit-tests/security/v2/validation-policy-simple-hierarchy.t.cpp b/tests/unit-tests/security/v2/validation-policy-simple-hierarchy.t.cpp
new file mode 100644
index 0000000..cd8c466
--- /dev/null
+++ b/tests/unit-tests/security/v2/validation-policy-simple-hierarchy.t.cpp
@@ -0,0 +1,80 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "security/v2/validation-policy-simple-hierarchy.hpp"
+
+#include "boost-test.hpp"
+#include "validator-fixture.hpp"
+
+#include <boost/mpl/vector.hpp>
+
+namespace ndn {
+namespace security {
+namespace v2 {
+namespace tests {
+
+using namespace ndn::tests;
+
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(V2)
+BOOST_FIXTURE_TEST_SUITE(TestValidationPolicySimpleHierarchy,
+ HierarchicalValidatorFixture<ValidationPolicySimpleHierarchy>)
+
+typedef boost::mpl::vector<Interest, Data> Packets;
+
+BOOST_AUTO_TEST_CASE_TEMPLATE(Validate, Packet, Packets)
+{
+ Packet unsignedPacket("/Security/V2/ValidatorFixture/Sub1/Sub2/Packet");
+
+ Packet packet = unsignedPacket;
+ VALIDATE_FAILURE(packet, "Unsigned");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingWithSha256());
+ VALIDATE_FAILURE(packet, "Policy doesn't accept Sha256Digest signature");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingByIdentity(identity));
+ VALIDATE_SUCCESS(packet, "Should get accepted, as signed by the anchor");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingByIdentity(subIdentity));
+ VALIDATE_SUCCESS(packet, "Should get accepted, as signed by the policy-compliant cert");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingByIdentity(otherIdentity));
+ VALIDATE_FAILURE(packet, "Should fail, as signed by the policy-violating cert");
+
+ packet = unsignedPacket;
+ m_keyChain.sign(packet, signingByIdentity(subSelfSignedIdentity));
+ VALIDATE_FAILURE(packet, "Should fail, because subSelfSignedIdentity is not a trust anchor");
+
+ // TODO add checks with malformed packets
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestValidator
+BOOST_AUTO_TEST_SUITE_END() // V2
+BOOST_AUTO_TEST_SUITE_END() // Security
+
+} // namespace tests
+} // namespace v2
+} // namespace security
+} // namespace ndn
diff --git a/tests/unit-tests/security/v2/validator-fixture.hpp b/tests/unit-tests/security/v2/validator-fixture.hpp
new file mode 100644
index 0000000..8fac880
--- /dev/null
+++ b/tests/unit-tests/security/v2/validator-fixture.hpp
@@ -0,0 +1,133 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#ifndef NDN_TESTS_SECURITY_V2_VALIDATOR_FIXTURE_HPP
+#define NDN_TESTS_SECURITY_V2_VALIDATOR_FIXTURE_HPP
+
+#include "security/v2/validator.hpp"
+#include "util/dummy-client-face.hpp"
+
+#include "../../identity-management-time-fixture.hpp"
+
+#include <boost/lexical_cast.hpp>
+
+namespace ndn {
+namespace security {
+namespace v2 {
+namespace tests {
+
+template<class ValidationPolicy>
+class ValidatorFixture : public ndn::tests::IdentityManagementTimeFixture
+{
+public:
+ ValidatorFixture()
+ : face(io, {true, true})
+ , validator(make_unique<ValidationPolicy>(), &face)
+ , cache(time::days(100))
+ {
+ processInterest = [this] (const Interest& interest) {
+ auto cert = cache.find(interest);
+ if (cert != nullptr) {
+ face.receive(*cert);
+ }
+ };
+ }
+
+ virtual
+ ~ValidatorFixture() = default;
+
+ template<class Packet>
+ void
+ validate(const Packet& packet, const std::string& msg, bool expectSuccess, int line)
+ {
+ std::string detailedInfo = msg + " on line " + to_string(line);
+ size_t nCallbacks = 0;
+ this->validator.validate(packet,
+ [&] (const Packet&) {
+ ++nCallbacks;
+ BOOST_CHECK_MESSAGE(expectSuccess,
+ (expectSuccess ? "OK: " : "FAILED: ") + detailedInfo);
+ },
+ [&] (const Packet&, const ValidationError& error) {
+ ++nCallbacks;
+ BOOST_CHECK_MESSAGE(!expectSuccess,
+ (!expectSuccess ? "OK: " : "FAILED: ") + detailedInfo +
+ (expectSuccess ? " (" + boost::lexical_cast<std::string>(error) + ")" : ""));
+ });
+
+ mockNetworkOperations();
+ BOOST_CHECK_EQUAL(nCallbacks, 1);
+ }
+
+ void
+ mockNetworkOperations()
+ {
+ util::signal::ScopedConnection connection = face.onSendInterest.connect([this] (const Interest& interest) {
+ if (processInterest != nullptr) {
+ io.post(bind(processInterest, interest));
+ }
+ });
+ advanceClocks(time::milliseconds(250), 200);
+ }
+
+public:
+ util::DummyClientFace face;
+ std::function<void(const Interest& interest)> processInterest;
+ Validator validator;
+
+ CertificateCache cache;
+};
+
+template<class ValidationPolicy>
+class HierarchicalValidatorFixture : public ValidatorFixture<ValidationPolicy>
+{
+public:
+ HierarchicalValidatorFixture()
+ {
+ identity = this->addIdentity("/Security/V2/ValidatorFixture");
+ subIdentity = this->addSubCertificate("/Security/V2/ValidatorFixture/Sub1", identity);
+ subSelfSignedIdentity = this->addIdentity("/Security/V2/ValidatorFixture/Sub1/Sub2");
+ otherIdentity = this->addIdentity("/Security/V2/OtherIdentity");
+
+ this->validator.loadAnchor("", Certificate(identity.getDefaultKey().getDefaultCertificate()));
+
+ this->cache.insert(identity.getDefaultKey().getDefaultCertificate());
+ this->cache.insert(subIdentity.getDefaultKey().getDefaultCertificate());
+ this->cache.insert(subSelfSignedIdentity.getDefaultKey().getDefaultCertificate());
+ this->cache.insert(otherIdentity.getDefaultKey().getDefaultCertificate());
+ }
+
+public:
+ Identity identity;
+ Identity subIdentity;
+ Identity subSelfSignedIdentity;
+ Identity otherIdentity;
+};
+
+#define VALIDATE_SUCCESS(packet, message) this->template validate(packet, message, true, __LINE__)
+#define VALIDATE_FAILURE(packet, message) this->template validate(packet, message, false, __LINE__)
+
+} // namespace tests
+} // namespace v2
+} // namespace security
+} // namespace ndn
+
+#endif // NDN_TESTS_SECURITY_V2_VALIDATOR_FIXTURE_HPP
diff --git a/tests/unit-tests/security/v2/validator.t.cpp b/tests/unit-tests/security/v2/validator.t.cpp
new file mode 100644
index 0000000..51ff7fa
--- /dev/null
+++ b/tests/unit-tests/security/v2/validator.t.cpp
@@ -0,0 +1,277 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2013-2017 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "security/v2/validator.hpp"
+#include "security/v2/validation-policy-simple-hierarchy.hpp"
+
+#include "boost-test.hpp"
+#include "validator-fixture.hpp"
+
+namespace ndn {
+namespace security {
+namespace v2 {
+namespace tests {
+
+using namespace ndn::tests;
+
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(V2)
+BOOST_FIXTURE_TEST_SUITE(TestValidator, HierarchicalValidatorFixture<ValidationPolicySimpleHierarchy>)
+
+BOOST_AUTO_TEST_CASE(Timeouts)
+{
+ processInterest = nullptr; // no response for all interests
+
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+
+ VALIDATE_FAILURE(data, "Should fail to retrieve certificate");
+ BOOST_CHECK_GT(face.sentInterests.size(), 1);
+}
+
+BOOST_AUTO_TEST_CASE(NackedInterests)
+{
+ processInterest = [this] (const Interest& interest) {
+ lp::Nack nack(interest);
+ nack.setReason(lp::NackReason::NO_ROUTE);
+ face.receive(nack);
+ };
+
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+
+ VALIDATE_FAILURE(data, "All interests should get NACKed");
+ BOOST_CHECK_GT(face.sentInterests.size(), 1);
+}
+
+BOOST_AUTO_TEST_CASE(MalformedCert)
+{
+ Data malformedCert = subIdentity.getDefaultKey().getDefaultCertificate();
+ malformedCert.setContentType(tlv::ContentType_Blob);
+ m_keyChain.sign(malformedCert, signingByIdentity(identity));
+ // wrong content type & missing ValidityPeriod
+ BOOST_REQUIRE_THROW(Certificate(malformedCert.wireEncode()), tlv::Error);
+
+ auto originalProcessInterest = processInterest;
+ processInterest = [this, &originalProcessInterest, &malformedCert] (const Interest& interest) {
+ if (interest.getName().isPrefixOf(malformedCert.getName())) {
+ face.receive(malformedCert);
+ }
+ else {
+ originalProcessInterest(interest);
+ }
+ };
+
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+
+ VALIDATE_FAILURE(data, "Signed by a malformed certificate");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 1);
+}
+
+
+BOOST_AUTO_TEST_CASE(ExpiredCert)
+{
+ Data expiredCert = subIdentity.getDefaultKey().getDefaultCertificate();
+ SignatureInfo info;
+ info.setValidityPeriod(ValidityPeriod(time::system_clock::now() - time::hours(2),
+ time::system_clock::now() - time::hours(1)));
+ m_keyChain.sign(expiredCert, signingByIdentity(identity).setSignatureInfo(info));
+ BOOST_REQUIRE_NO_THROW(Certificate(expiredCert.wireEncode()));
+
+ auto originalProcessInterest = processInterest;
+ processInterest = [this, &originalProcessInterest, &expiredCert] (const Interest& interest) {
+ if (interest.getName().isPrefixOf(expiredCert.getName())) {
+ face.receive(expiredCert);
+ }
+ else {
+ processInterest(interest);
+ }
+ };
+
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+
+ VALIDATE_FAILURE(data, "Signed by an expired certificate");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 1);
+}
+
+BOOST_AUTO_TEST_CASE(TrustedCertCaching)
+{
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+
+ VALIDATE_SUCCESS(data, "Should get accepted, as signed by the policy-compliant cert");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 1);
+ face.sentInterests.clear();
+
+ processInterest = nullptr; // disable data responses from mocked network
+
+ VALIDATE_SUCCESS(data, "Should get accepted, based on the cached trusted cert");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 0);
+ face.sentInterests.clear();
+
+ advanceClocks(time::hours(1), 2); // expire trusted cache
+
+ VALIDATE_FAILURE(data, "Should try and fail to retrieve certs");
+ BOOST_CHECK_GT(face.sentInterests.size(), 1);
+ face.sentInterests.clear();
+}
+
+BOOST_AUTO_TEST_CASE(UntrustedCertCaching)
+{
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subSelfSignedIdentity));
+
+ VALIDATE_FAILURE(data, "Should fail, as signed by the policy-violating cert");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 1);
+ face.sentInterests.clear();
+
+ processInterest = nullptr; // disable data responses from mocked network
+
+ VALIDATE_FAILURE(data, "Should fail again, but no network operations expected");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 0);
+ face.sentInterests.clear();
+
+ advanceClocks(time::minutes(10), 2); // expire untrusted cache
+
+ VALIDATE_FAILURE(data, "Should try and fail to retrieve certs");
+ BOOST_CHECK_GT(face.sentInterests.size(), 1);
+ face.sentInterests.clear();
+}
+
+class ValidationPolicySimpleHierarchyForInterestOnly : public ValidationPolicySimpleHierarchy
+{
+public:
+ void
+ checkPolicy(const Data& data, const shared_ptr<ValidationState>& state,
+ const ValidationContinuation& continueValidation) override
+ {
+ continueValidation(nullptr, state);
+ }
+};
+
+BOOST_FIXTURE_TEST_CASE(ValidateInterestsButBypassForData,
+ HierarchicalValidatorFixture<ValidationPolicySimpleHierarchyForInterestOnly>)
+{
+ Interest interest("/Security/V2/ValidatorFixture/Sub1/Sub2/Interest");
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Interest");
+
+ VALIDATE_FAILURE(interest, "Unsigned");
+ VALIDATE_SUCCESS(data, "Policy requests validation bypassing for all data");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 0);
+ face.sentInterests.clear();
+
+ interest = Interest("/Security/V2/ValidatorFixture/Sub1/Sub2/Interest");
+ m_keyChain.sign(interest, signingWithSha256());
+ m_keyChain.sign(data, signingWithSha256());
+ VALIDATE_FAILURE(interest, "Required KeyLocator/Name missing (not passed to policy)");
+ VALIDATE_SUCCESS(data, "Policy requests validation bypassing for all data");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 0);
+ face.sentInterests.clear();
+
+ m_keyChain.sign(interest, signingByIdentity(identity));
+ m_keyChain.sign(data, signingByIdentity(identity));
+ VALIDATE_SUCCESS(interest, "Should get accepted, as signed by the anchor");
+ VALIDATE_SUCCESS(data, "Policy requests validation bypassing for all data");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 0);
+ face.sentInterests.clear();
+
+ m_keyChain.sign(interest, signingByIdentity(subIdentity));
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+ VALIDATE_FAILURE(interest, "Should fail, as policy is not allowed to create new trust anchors");
+ VALIDATE_SUCCESS(data, "Policy requests validation bypassing for all data");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 1);
+ face.sentInterests.clear();
+
+ m_keyChain.sign(interest, signingByIdentity(otherIdentity));
+ m_keyChain.sign(data, signingByIdentity(otherIdentity));
+ VALIDATE_FAILURE(interest, "Should fail, as signed by the policy-violating cert");
+ VALIDATE_SUCCESS(data, "Policy requests validation bypassing for all data");
+ // no network operations expected, as certificate is not validated by the policy
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 0);
+ face.sentInterests.clear();
+
+ advanceClocks(time::hours(1), 2); // expire trusted cache
+
+ m_keyChain.sign(interest, signingByIdentity(subSelfSignedIdentity));
+ m_keyChain.sign(data, signingByIdentity(subSelfSignedIdentity));
+ VALIDATE_FAILURE(interest, "Should fail, as policy is not allowed to create new trust anchors");
+ VALIDATE_SUCCESS(data, "Policy requests validation bypassing for all data");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 1);
+ face.sentInterests.clear();
+}
+
+BOOST_AUTO_TEST_CASE(LoopingCert)
+{
+ processInterest = [this] (const Interest& interest) {
+ // create another key for the same identity and sign it properly
+ Key parentKey = m_keyChain.createKey(subIdentity);
+ Key requestedKey = subIdentity.getKey(interest.getName());
+
+ Name certificateName = requestedKey.getName();
+ certificateName
+ .append("looper")
+ .appendVersion();
+ v2::Certificate certificate;
+ certificate.setName(certificateName);
+
+ // set metainfo
+ certificate.setContentType(tlv::ContentType_Key);
+ certificate.setFreshnessPeriod(time::hours(1));
+
+ // set content
+ certificate.setContent(requestedKey.getPublicKey().buf(), requestedKey.getPublicKey().size());
+
+ // set signature-info
+ SignatureInfo info;
+ info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now() - time::days(10),
+ time::system_clock::now() + time::days(10)));
+
+ m_keyChain.sign(certificate, signingByKey(parentKey).setSignatureInfo(info));
+ face.receive(certificate);
+ };
+
+ Data data("/Security/V2/ValidatorFixture/Sub1/Sub2/Data");
+ m_keyChain.sign(data, signingByIdentity(subIdentity));
+
+ validator.setMaxDepth(40);
+ BOOST_CHECK_EQUAL(validator.getMaxDepth(), 40);
+ VALIDATE_FAILURE(data, "Should fail, as certificate should be looped");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 40);
+ face.sentInterests.clear();
+
+ advanceClocks(time::hours(1), 5); // expire caches
+
+ validator.setMaxDepth(30);
+ BOOST_CHECK_EQUAL(validator.getMaxDepth(), 30);
+ VALIDATE_FAILURE(data, "Should fail, as certificate should be looped");
+ BOOST_CHECK_EQUAL(face.sentInterests.size(), 30);
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestValidator
+BOOST_AUTO_TEST_SUITE_END() // V2
+BOOST_AUTO_TEST_SUITE_END() // Security
+
+} // namespace tests
+} // namespace v2
+} // namespace security
+} // namespace ndn