security: Add v2::Validator implementation
Based on the code originally written by Qiuhan Ding
Change-Id: Ib66e24f49d0b6fb2ae21ea1fca7b9ec62ecb753a
Refs: #3289, #1872
diff --git a/docs/index.rst b/docs/index.rst
index f73ad84..fae38ab 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -46,6 +46,7 @@
+ :doc:`specs/signed-interest`
+ :doc:`specs/certificate-format`
+ :doc:`specs/safe-bag`
+ + :doc:`specs/validation-error-code`
- :doc:`manpages`
diff --git a/docs/specs.rst b/docs/specs.rst
index ca5810b..65803db 100644
--- a/docs/specs.rst
+++ b/docs/specs.rst
@@ -7,3 +7,4 @@
specs/signed-interest
specs/certificate-format
specs/safe-bag
+ specs/validation-error-code
diff --git a/docs/specs/validation-error-code.rst b/docs/specs/validation-error-code.rst
new file mode 100644
index 0000000..4610cd4
--- /dev/null
+++ b/docs/specs/validation-error-code.rst
@@ -0,0 +1,33 @@
+Validation Error Code
+=====================
+
+The following table defines a list of known codes and their description, which can be returned from the :ndn-cxx:`v2::Validator` interface.
+Other error codes can be returned by validator implementations outside ndn-cxx codebase.
+
++------------+--------------------------+-----------------------------------------------------+
+| Error code | Short ID | Description |
++============+==========================+=====================================================+
+| 0 | NO_ERROR | No error |
++------------+--------------------------+-----------------------------------------------------+
+| 1 | INVALID_SIGNATURE | Invalid signature |
++------------+--------------------------+-----------------------------------------------------+
+| 2 | NO_SIGNATURE | Missing signature |
++------------+--------------------------+-----------------------------------------------------+
+| 3 | CANNOT_RETRIEVE_CERT | Cannot retrieve certificate |
++------------+--------------------------+-----------------------------------------------------+
+| 4 | EXPIRED_CERT | Certificate expired |
++------------+--------------------------+-----------------------------------------------------+
+| 5 | LOOP_DETECTED | Loop detected in certification chain |
++------------+--------------------------+-----------------------------------------------------+
+| 6 | MALFORMED_CERT | Malformed certificate |
++------------+--------------------------+-----------------------------------------------------+
+| 7 | EXCEEDED_DEPTH_LIMIT | Exceeded validation depth limit |
++------------+--------------------------+-----------------------------------------------------+
+| 8 | INVALID_KEY_LOCATOR | Key locator violates validation policy |
++------------+--------------------------+-----------------------------------------------------+
+| .. | ... | ... |
++------------+--------------------------+-----------------------------------------------------+
+| 255 | IMPLEMENTATION_ERROR | Internal implementation error |
++------------+--------------------------+-----------------------------------------------------+
+
+Specialized validator implementations can use error codes >= 256 to indicate a specialized error.
diff --git a/docs/tutorials/security-library.rst b/docs/tutorials/security-library.rst
index 8ee8d40..1da1e61 100644
--- a/docs/tutorials/security-library.rst
+++ b/docs/tutorials/security-library.rst
@@ -132,7 +132,7 @@
~~~~~~~~~~~~~~~~~~~~
One can call :ndn-cxx:`KeyChain::generateRsaKeyPair` to generate an RSA key pair or
-:ndn-cxx:`KeyChain::generateEcdsaKeyPair` to generate an ECDSA key. Note that generated
+:ndn-cxx:`KeyChain::generateEcKeyPair` to generate an EC key. Note that generated
key pair is not set as the default key of the identity, so you need to set it manually by
calling :ndn-cxx:`KeyChain::setDefaultKeyNameForIdentity`. There is also a helper method
:ndn-cxx:`KeyChain::generateRsaKeyPairAsDefault`, which combines the two steps into one.