Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / fc40d878d99d636009659329c614cf38c31039e6 / . / src / security / validator.hpp
blob: 7a75f70dc6ea151ca093b6803a2037360b40fe23 [file] [log] [blame]
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
6 * See COPYING for copyright and distribution information.
7 */
8
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame^]9#ifndef NDN_SECURITY_VALIDATOR_HPP
10#define NDN_SECURITY_VALIDATOR_HPP
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]11
Alexander Afanasyeve2dcdfd2014-02-07 15:53:28 -0800[diff] [blame]12#include "../common.hpp"
13
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]14#include "../data.hpp"
15#include "../face.hpp"
16#include "public-key.hpp"
17#include "signature-sha256-with-rsa.hpp"
18#include "validation-request.hpp"
19
20namespace ndn {
21/**
22 * Validator is one of the main classes of the security library.
23 *
24 * The Validator class provides the interfaces for packet validation.
25 */
26class Validator {
27public:
28 struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
29
30 static const shared_ptr<Face> DefaultFace;
31
32 Validator (shared_ptr<Face> face = DefaultFace);
33
34 /**
35 * @brief Validate Data and call either onValidated or onValidationFailed.
36 *
37 * @param data The Data with the signature to check.
38 * @param onValidated If the Data is validated, this calls onValidated(data).
39 * @param onValidationFailed If the Data validation fails, this calls onValidationFailed(data).
40 */
41 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]42 validate (const Data& data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed)
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]43 { validate (data, onValidated, onValidationFailed, 0); }
44
45 /**
46 * @brief Validate Interest and call either onValidated or onValidationFailed.
47 *
48 * @param interest The Interest with the signature to check.
49 * @param onValidated If the Interest is validated, this calls onValidated(interest).
50 * @param onValidationFailed If the Interest validation fails, this calls onValidationFailed(interest).
51 */
52 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]53 validate (const Interest& interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed)
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]54 { validate (interest, onValidated, onValidationFailed, 0); }
55
56 /*****************************************
57 * verifySignature method set *
58 *****************************************/
59
60 /// @brief Verify the data using the publicKey.
61 static bool
62 verifySignature (const Data &data, const PublicKey &publicKey);
63
64 /// @brief Verify the signed Interest using the publicKey.
65 static bool
66 verifySignature (const Interest &interest, const PublicKey &publicKey);
67
68 /// @brief Verify the blob using the publicKey against the signature.
69 static bool
70 verifySignature (const Buffer &blob, const Signature &sig, const PublicKey &publicKey);
71
72 /// @brief Verify the data using the publicKey against the SHA256-RSA signature.
73 static bool
74 verifySignature (const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& publicKey);
75
76 /// @brief Verify the blob using the publicKey against the SHA256-RSA signature.
77 static bool
78 verifySignature (const Buffer &blob, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
79
80 /// @brief Verify the blob using the publicKey against the SHA256-RSA signature.
81 static bool
82 verifySignature (const uint8_t* buf, const size_t size, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
83
84protected:
85 /**
86 * @brief Check the Data against validation policy and return the next validation step if necessary.
87 *
88 * If there is no next validation step, that validation MUST have been done.
89 * i.e., either onValidated or onValidationFailed callback is invoked.
90 *
91 * @param data The Data to check.
92 * @param stepCount The number of validation steps that have been done, used to track the validation progress.
93 * @param onDataValidated If the Data is validated, this calls onValidated(data).
94 * @param onDataValidationFailed If the Data validation fails, this calls onValidationFailed(data).
95 * @param nextSteps On return, contains the next validation step.
96 */
97 virtual void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]98 checkPolicy (const Data& data,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]99 int stepCount,
100 const OnDataValidated &onValidated,
101 const OnDataValidationFailed &onValidationFailed,
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]102 std::vector<shared_ptr<ValidationRequest> > &nextSteps) = 0;
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]103
104 /**
105 * @brief Check the Interest against validation policy and return the next validation step if necessary.
106 *
107 * If there is no next validation step, that validation MUST have been done.
108 * i.e., either onValidated or onValidationFailed callback is invoked.
109 *
110 * @param data The Interest to check.
111 * @param stepCount The number of validation steps that have been done, used to track the validation progress.
112 * @param OnInterestValidated If the Interest is validated, this calls onValidated(data).
113 * @param OnInterestValidationFailed If the Interest validation fails, this calls onValidationFailed(data).
114 * @return the indication of next validation step, null if there is no further step.
115 */
116 virtual void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]117 checkPolicy (const Interest& interest,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]118 int stepCount,
119 const OnInterestValidated &onValidated,
120 const OnInterestValidationFailed &onValidationFailed,
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]121 std::vector<shared_ptr<ValidationRequest> > &nextSteps) = 0;
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]122
123private:
124 typedef function< void () > OnFailure;
125
126 /// @brief Process the received certificate.
127 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]128 onData (const Interest& interest,
129 Data& data,
130 const shared_ptr<ValidationRequest>& nextStep);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]131
132 /// @brief Re-express the interest if it times out.
133 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]134 onTimeout (const Interest& interest,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]135 int retry,
136 const OnFailure &onFailure,
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]137 const shared_ptr<ValidationRequest>& nextStep);
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]138
139 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]140 validate (const Data& data,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]141 const OnDataValidated &onValidated,
142 const OnDataValidationFailed &onValidationFailed,
143 int stepCount);
144
145 void
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]146 validate (const Interest& interest,
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]147 const OnInterestValidated &onValidated,
148 const OnInterestValidationFailed &onValidationFailed,
149 int stepCount);
150
151protected:
152 shared_ptr<Face> m_face;
153};
154
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame^]155} // namespace ndn
Yingdi Yu6ac97982014-01-30 14:49:21 -0800[diff] [blame]156
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame^]157#endif //NDN_SECURITY_VALIDATOR_HPP