Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 211571627e73f87b33d2ba2a408660c7087a7100 / . / src / security / validator.hpp
blob: 5147dd7aacf0ca13dad0fb17b7107f34b74f3f76 [file] [log] [blame]
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
6 * See COPYING for copyright and distribution information.
7 */
8
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]9#ifndef NDN_SECURITY_VALIDATOR_HPP
10#define NDN_SECURITY_VALIDATOR_HPP
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]11
Alexander Afanasyeve2dcdfd2014-02-07 15:53:28 -0800[diff] [blame]12#include "../common.hpp"
13
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]14#include "../data.hpp"
15#include "../face.hpp"
16#include "public-key.hpp"
17#include "signature-sha256-with-rsa.hpp"
Yingdi Yu21157162014-02-28 13:02:34 -0800[diff] [blame^]18#include "signature-sha256.hpp"
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]19#include "validation-request.hpp"
20
21namespace ndn {
22/**
23 * Validator is one of the main classes of the security library.
24 *
25 * The Validator class provides the interfaces for packet validation.
26 */
27class Validator {
28public:
29 struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
30
31 static const shared_ptr<Face> DefaultFace;
32
33 Validator (shared_ptr<Face> face = DefaultFace);
34
35 /**
36 * @brief Validate Data and call either onValidated or onValidationFailed.
37 *
38 * @param data The Data with the signature to check.
39 * @param onValidated If the Data is validated, this calls onValidated(data).
40 * @param onValidationFailed If the Data validation fails, this calls onValidationFailed(data).
41 */
42 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]43 validate (const Data& data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed)
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]44 { validate (data, onValidated, onValidationFailed, 0); }
45
46 /**
47 * @brief Validate Interest and call either onValidated or onValidationFailed.
48 *
49 * @param interest The Interest with the signature to check.
50 * @param onValidated If the Interest is validated, this calls onValidated(interest).
51 * @param onValidationFailed If the Interest validation fails, this calls onValidationFailed(interest).
52 */
53 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]54 validate (const Interest& interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed)
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]55 { validate (interest, onValidated, onValidationFailed, 0); }
56
57 /*****************************************
58 * verifySignature method set *
59 *****************************************/
60
61 /// @brief Verify the data using the publicKey.
62 static bool
Yingdi Yu21157162014-02-28 13:02:34 -0800[diff] [blame^]63 verifySignature (const Data& data, const PublicKey& publicKey);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]64
65 /// @brief Verify the signed Interest using the publicKey.
66 static bool
Yingdi Yu21157162014-02-28 13:02:34 -0800[diff] [blame^]67 verifySignature (const Interest& interest, const PublicKey& publicKey);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]68
69 /// @brief Verify the blob using the publicKey against the signature.
70 static bool
Yingdi Yu21157162014-02-28 13:02:34 -0800[diff] [blame^]71 verifySignature (const Buffer& blob, const Signature& sig, const PublicKey& publicKey);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]72
73 /// @brief Verify the data using the publicKey against the SHA256-RSA signature.
74 static bool
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]75 verifySignature (const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& publicKey)
76 { return verifySignature (data.wireEncode().value(),
77 data.wireEncode().value_size() - data.getSignature().getValue().size(),
78 sig, publicKey); }
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]79
80 /// @brief Verify the blob using the publicKey against the SHA256-RSA signature.
81 static bool
Yingdi Yu21157162014-02-28 13:02:34 -0800[diff] [blame^]82 verifySignature (const Buffer& blob, const SignatureSha256WithRsa& sig, const PublicKey& publicKey)
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]83 { return verifySignature (blob.buf(), blob.size(), sig, publicKey); }
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]84
85 /// @brief Verify the blob using the publicKey against the SHA256-RSA signature.
86 static bool
87 verifySignature (const uint8_t* buf, const size_t size, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
88
Yingdi Yu21157162014-02-28 13:02:34 -0800[diff] [blame^]89
90 /// @brief Verify the data against the SHA256 signature.
91 static bool
92 verifySignature (const Data& data, const SignatureSha256& sig)
93 { return verifySignature (data.wireEncode().value(),
94 data.wireEncode().value_size() - data.getSignature().getValue().size(),
95 sig); }
96
97 /// @brief Verify the blob against the SHA256 signature.
98 static bool
99 verifySignature (const Buffer& blob, const SignatureSha256& sig)
100 { return verifySignature (blob.buf(), blob.size(), sig); }
101
102 /// @brief Verify the blob against the SHA256 signature.
103 static bool
104 verifySignature (const uint8_t* buf, const size_t size, const SignatureSha256& sig);
105
106
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]107protected:
108 /**
109 * @brief Check the Data against validation policy and return the next validation step if necessary.
110 *
111 * If there is no next validation step, that validation MUST have been done.
112 * i.e., either onValidated or onValidationFailed callback is invoked.
113 *
114 * @param data The Data to check.
115 * @param stepCount The number of validation steps that have been done, used to track the validation progress.
116 * @param onDataValidated If the Data is validated, this calls onValidated(data).
117 * @param onDataValidationFailed If the Data validation fails, this calls onValidationFailed(data).
118 * @param nextSteps On return, contains the next validation step.
119 */
120 virtual void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]121 checkPolicy (const Data& data,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]122 int stepCount,
123 const OnDataValidated &onValidated,
124 const OnDataValidationFailed &onValidationFailed,
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]125 std::vector<shared_ptr<ValidationRequest> > &nextSteps) = 0;
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]126
127 /**
128 * @brief Check the Interest against validation policy and return the next validation step if necessary.
129 *
130 * If there is no next validation step, that validation MUST have been done.
131 * i.e., either onValidated or onValidationFailed callback is invoked.
132 *
133 * @param data The Interest to check.
134 * @param stepCount The number of validation steps that have been done, used to track the validation progress.
135 * @param OnInterestValidated If the Interest is validated, this calls onValidated(data).
136 * @param OnInterestValidationFailed If the Interest validation fails, this calls onValidationFailed(data).
137 * @return the indication of next validation step, null if there is no further step.
138 */
139 virtual void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]140 checkPolicy (const Interest& interest,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]141 int stepCount,
142 const OnInterestValidated &onValidated,
143 const OnInterestValidationFailed &onValidationFailed,
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]144 std::vector<shared_ptr<ValidationRequest> > &nextSteps) = 0;
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]145
146private:
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]147 typedef function< void (const std::string&) > OnFailure;
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]148
149 /// @brief Process the received certificate.
150 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]151 onData (const Interest& interest,
152 Data& data,
153 const shared_ptr<ValidationRequest>& nextStep);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]154
155 /// @brief Re-express the interest if it times out.
156 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]157 onTimeout (const Interest& interest,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]158 int retry,
159 const OnFailure &onFailure,
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]160 const shared_ptr<ValidationRequest>& nextStep);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]161
162 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]163 validate (const Data& data,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]164 const OnDataValidated &onValidated,
165 const OnDataValidationFailed &onValidationFailed,
166 int stepCount);
167
168 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]169 validate (const Interest& interest,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]170 const OnInterestValidated &onValidated,
171 const OnInterestValidationFailed &onValidationFailed,
172 int stepCount);
173
174protected:
175 shared_ptr<Face> m_face;
176};
177
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]178} // namespace ndn
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]179
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]180#endif //NDN_SECURITY_VALIDATOR_HPP