blob: 82f8e98a406e912926791e7671cde8c3c0aa0d0a [file] [log] [blame]
Yingdi Yu6ac97982014-01-30 14:49:21 -08001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
6 * See COPYING for copyright and distribution information.
7 */
8
9#ifndef NDN_VALIDATOR_HPP
10#define NDN_VALIDATOR_HPP
11
12#include "../data.hpp"
13#include "../face.hpp"
14#include "public-key.hpp"
15#include "signature-sha256-with-rsa.hpp"
16#include "validation-request.hpp"
17
18namespace ndn {
19/**
20 * Validator is one of the main classes of the security library.
21 *
22 * The Validator class provides the interfaces for packet validation.
23 */
24class Validator {
25public:
26 struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
27
28 static const shared_ptr<Face> DefaultFace;
29
30 Validator (shared_ptr<Face> face = DefaultFace);
31
32 /**
33 * @brief Validate Data and call either onValidated or onValidationFailed.
34 *
35 * @param data The Data with the signature to check.
36 * @param onValidated If the Data is validated, this calls onValidated(data).
37 * @param onValidationFailed If the Data validation fails, this calls onValidationFailed(data).
38 */
39 void
40 validate (const shared_ptr<const Data> &data, const OnDataValidated &onValidated, const OnDataValidationFailed &onValidationFailed)
41 { validate (data, onValidated, onValidationFailed, 0); }
42
43 /**
44 * @brief Validate Interest and call either onValidated or onValidationFailed.
45 *
46 * @param interest The Interest with the signature to check.
47 * @param onValidated If the Interest is validated, this calls onValidated(interest).
48 * @param onValidationFailed If the Interest validation fails, this calls onValidationFailed(interest).
49 */
50 void
51 validate (const shared_ptr<const Interest> &interest, const OnInterestValidated &onValidated, const OnInterestValidationFailed &onValidationFailed)
52 { validate (interest, onValidated, onValidationFailed, 0); }
53
54 /*****************************************
55 * verifySignature method set *
56 *****************************************/
57
58 /// @brief Verify the data using the publicKey.
59 static bool
60 verifySignature (const Data &data, const PublicKey &publicKey);
61
62 /// @brief Verify the signed Interest using the publicKey.
63 static bool
64 verifySignature (const Interest &interest, const PublicKey &publicKey);
65
66 /// @brief Verify the blob using the publicKey against the signature.
67 static bool
68 verifySignature (const Buffer &blob, const Signature &sig, const PublicKey &publicKey);
69
70 /// @brief Verify the data using the publicKey against the SHA256-RSA signature.
71 static bool
72 verifySignature (const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& publicKey);
73
74 /// @brief Verify the blob using the publicKey against the SHA256-RSA signature.
75 static bool
76 verifySignature (const Buffer &blob, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
77
78 /// @brief Verify the blob using the publicKey against the SHA256-RSA signature.
79 static bool
80 verifySignature (const uint8_t* buf, const size_t size, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
81
82protected:
83 /**
84 * @brief Check the Data against validation policy and return the next validation step if necessary.
85 *
86 * If there is no next validation step, that validation MUST have been done.
87 * i.e., either onValidated or onValidationFailed callback is invoked.
88 *
89 * @param data The Data to check.
90 * @param stepCount The number of validation steps that have been done, used to track the validation progress.
91 * @param onDataValidated If the Data is validated, this calls onValidated(data).
92 * @param onDataValidationFailed If the Data validation fails, this calls onValidationFailed(data).
93 * @param nextSteps On return, contains the next validation step.
94 */
95 virtual void
96 checkPolicy (const shared_ptr<const Data> &data,
97 int stepCount,
98 const OnDataValidated &onValidated,
99 const OnDataValidationFailed &onValidationFailed,
100 std::vector<shared_ptr<ValidationRequest> > &nextSteps)
101 { onValidationFailed(data); }
102
103 /**
104 * @brief Check the Interest against validation policy and return the next validation step if necessary.
105 *
106 * If there is no next validation step, that validation MUST have been done.
107 * i.e., either onValidated or onValidationFailed callback is invoked.
108 *
109 * @param data The Interest to check.
110 * @param stepCount The number of validation steps that have been done, used to track the validation progress.
111 * @param OnInterestValidated If the Interest is validated, this calls onValidated(data).
112 * @param OnInterestValidationFailed If the Interest validation fails, this calls onValidationFailed(data).
113 * @return the indication of next validation step, null if there is no further step.
114 */
115 virtual void
116 checkPolicy (const shared_ptr<const Interest> &interest,
117 int stepCount,
118 const OnInterestValidated &onValidated,
119 const OnInterestValidationFailed &onValidationFailed,
120 std::vector<shared_ptr<ValidationRequest> > &nextSteps)
121 { onValidationFailed(interest); }
122
123private:
124 typedef function< void () > OnFailure;
125
126 /// @brief Process the received certificate.
127 void
128 onData (const shared_ptr<const Interest> &interest,
129 const shared_ptr<const Data> &data,
130 shared_ptr<ValidationRequest> nextStep);
131
132 /// @brief Re-express the interest if it times out.
133 void
134 onTimeout (const shared_ptr<const Interest> &interest,
135 int retry,
136 const OnFailure &onFailure,
137 shared_ptr<ValidationRequest> nextStep);
138
139 void
140 validate (const shared_ptr<const Data> &data,
141 const OnDataValidated &onValidated,
142 const OnDataValidationFailed &onValidationFailed,
143 int stepCount);
144
145 void
146 validate (const shared_ptr<const Interest> &interest,
147 const OnInterestValidated &onValidated,
148 const OnInterestValidationFailed &onValidationFailed,
149 int stepCount);
150
151protected:
152 shared_ptr<Face> m_face;
153};
154
155}
156
157#endif