C# (CSharp) net.named_data.jndn.security.v2 ValidationState.fail примеры использования

Пример #1

Файл: ValidationPolicyCommandInterest.cs Проект: vcgato29/ndn-dot-net

        /// <summary>
        /// Get the keyLocatorName and timestamp from the command interest.
        /// </summary>
        ///
        /// <param name="interest">The Interest to parse.</param>
        /// <param name="state">On error, this calls state.fail and returns false.</param>
        /// <param name="keyLocatorName">Set keyLocatorName[0] to the KeyLocator name.</param>
        /// <param name="timestamp_0"></param>
        /// <returns>On success, return true. On error, call state.fail and return false.</returns>
        private static bool parseCommandInterest(Interest interest,
                                                 ValidationState state, Name[] keyLocatorName, double[] timestamp_0)
        {
            keyLocatorName[0] = new Name();
            timestamp_0[0]    = 0;

            Name name = interest.getName();

            if (name.size() < net.named_data.jndn.security.CommandInterestSigner.MINIMUM_SIZE)
            {
                state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.POLICY_ERROR,
                                               "Command interest name `" + interest.getName().toUri()
                                               + "` is too short"));
                return(false);
            }

            timestamp_0[0] = name.get(net.named_data.jndn.security.CommandInterestSigner.POS_TIMESTAMP).toNumber();

            keyLocatorName[0] = net.named_data.jndn.security.v2.ValidationPolicy.getKeyLocatorName(interest, state);
            if (state.isOutcomeFailed())
            {
                // Already failed.
                return(false);
            }

            return(true);
        }

Пример #2

 protected internal override void doFetch(CertificateRequest certificateRequest,
                                          ValidationState state, CertificateFetcher.ValidationContinuation continueValidation)
 {
     state.fail(new ValidationError(
                    net.named_data.jndn.security.v2.ValidationError.CANNOT_RETRIEVE_CERTIFICATE,
                    "Cannot fetch certificate "
                    + certificateRequest.interest_.getName().toUri()
                    + " in offline mode"));
 }

Пример #3

Файл: ValidationPolicy.cs Проект: vcgato29/ndn-dot-net

        /// <summary>
        /// A helper method for getKeyLocatorName.
        /// </summary>
        ///
        private static Name getKeyLocatorNameFromSignature(Signature signatureInfo,
                                                           ValidationState state)
        {
            if (!net.named_data.jndn.KeyLocator.canGetFromSignature(signatureInfo))
            {
                state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.INVALID_KEY_LOCATOR,
                                               "KeyLocator is missing"));
                return(new Name());
            }

            KeyLocator keyLocator = net.named_data.jndn.KeyLocator.getFromSignature(signatureInfo);

            if (keyLocator.getType() != net.named_data.jndn.KeyLocatorType.KEYNAME)
            {
                state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.INVALID_KEY_LOCATOR,
                                               "KeyLocator type is not Name"));
                return(new Name());
            }

            return(keyLocator.getKeyName());
        }

Пример #4

 /// <summary>
 /// Implement doFetch to use face_.expressInterest to fetch a certificate.
 /// </summary>
 ///
 /// <param name="certificateRequest_0"></param>
 /// <param name="state_1">The validation state.</param>
 /// <param name="continueValidation_2">is the fetched certificate and state is the ValidationState.</param>
 protected internal override void doFetch(CertificateRequest certificateRequest_0,
                                          ValidationState state_1,
                                          CertificateFetcher.ValidationContinuation continueValidation_2)
 {
     try {
         face_.expressInterest(certificateRequest_0.interest_, new CertificateFetcherFromNetwork.Anonymous_C2(continueValidation_2, state_1), new CertificateFetcherFromNetwork.Anonymous_C1(this, continueValidation_2, certificateRequest_0,
                                                                                                                                                                                             state_1), new CertificateFetcherFromNetwork.Anonymous_C0(this, state_1, certificateRequest_0,
                                                                                                                                                                                                                                                      continueValidation_2));
     } catch (IOException ex) {
         state_1.fail(new ValidationError(
                          net.named_data.jndn.security.v2.ValidationError.CANNOT_RETRIEVE_CERTIFICATE,
                          "Error in expressInterest: " + ex));
     }
 }

Пример #5

Файл: ValidationPolicyCommandInterest.cs Проект: vcgato29/ndn-dot-net

        /// <param name="state">On error, this calls state.fail and returns false.</param>
        /// <param name="keyName_0">The key name.</param>
        /// <param name="timestamp_1">The timestamp as milliseconds since Jan 1, 1970 UTC.</param>
        /// <returns>On success, return true. On error, call state.fail and return false.</returns>
        private bool checkTimestamp(ValidationState state, Name keyName_0,
                                    double timestamp_1)
        {
            cleanUp();

            // nowOffsetMilliseconds_ is only used for testing.
            double now = net.named_data.jndn.util.Common.getNowMilliseconds() + nowOffsetMilliseconds_;

            if (timestamp_1 < now - options_.gracePeriod_ ||
                timestamp_1 > now + options_.gracePeriod_)
            {
                state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.POLICY_ERROR,
                                               "Timestamp is outside the grace period for key "
                                               + keyName_0.toUri()));
                return(false);
            }

            int index = findByKeyName(keyName_0);

            if (index >= 0)
            {
                if (timestamp_1 <= container_[index].timestamp_)
                {
                    state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.POLICY_ERROR,
                                                   "Timestamp is reordered for key " + keyName_0.toUri()));
                    return(false);
                }
            }

            InterestValidationState interestState = (InterestValidationState)state;

            interestState
            .addSuccessCallback(new ValidationPolicyCommandInterest.Anonymous_C0(this, timestamp_1, keyName_0));

            return(true);
        }

Пример #6

        public override void checkPolicy(Interest interest, ValidationState state,
                                         ValidationPolicy.ValidationContinuation continueValidation)
        {
            if (hasInnerPolicy())
            {
                throw new ValidatorConfigError(
                          "ValidationPolicyConfig must be a terminal inner policy");
            }

            if (shouldBypass_)
            {
                continueValidation.continueValidation(null, state);
                return;
            }

            Name keyLocatorName = net.named_data.jndn.security.v2.ValidationPolicy.getKeyLocatorName(interest, state);

            if (state.isOutcomeFailed())
            {
                // Already called state.fail() .
                return;
            }

            for (int i = 0; i < interestRules_.Count; ++i)
            {
                ConfigRule rule = interestRules_[i];

                if (rule.match(true, interest.getName()))
                {
                    if (rule.check(true, interest.getName(), keyLocatorName, state))
                    {
                        continueValidation
                        .continueValidation(new CertificateRequest(
                                                new Interest(keyLocatorName)), state);
                        return;
                    }
                    else
                    {
                        // rule.check failed and already called state.fail() .
                        return;
                    }
                }
            }

            state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.POLICY_ERROR,
                                           "No rule matched for interest `" + interest.getName().toUri()
                                           + "`"));
        }

Пример #7

        /// <summary>
        /// Recursively validate the certificates in the certification chain.
        /// </summary>
        ///
        /// <param name="certificate_0">The certificate to check.</param>
        /// <param name="state">The current validation state.</param>
        internal void validateCertificate(CertificateV2 certificate_0,
                                          ValidationState state)
        {
            logger_.log(ILOG.J2CsMapping.Util.Logging.Level.FINE, "Start validating certificate {0}", certificate_0
                        .getName().toUri());

            if (!certificate_0.isValid())
            {
                state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.EXPIRED_CERTIFICATE,
                                               "Retrieved certificate is not yet valid or expired `"
                                               + certificate_0.getName().toUri() + "`"));
                return;
            }

            policy_.checkCertificatePolicy(certificate_0, state,
                                           new Validator.Anonymous_C1(this, certificate_0));
        }

Пример #8

 public void continueValidation(
     CertificateRequest certificateRequest,
     ValidationState state)
 {
     if (certificateRequest == null)
     {
         state.fail(new ValidationError(
                        net.named_data.jndn.security.v2.ValidationError.POLICY_ERROR,
                        "Validation policy is not allowed to designate `"
                        + certificate.getName().toUri()
                        + "` as a trust anchor"));
     }
     else
     {
         // We need to fetch the key and validate it.
         state.addCertificate(certificate);
         outer_Validator.requestCertificate(certificateRequest, state);
     }
 }

Пример #9

        public override void checkPolicy(Interest interest, ValidationState state,
                                         ValidationPolicy.ValidationContinuation continueValidation)
        {
            Name keyLocatorName = net.named_data.jndn.security.v2.ValidationPolicy.getKeyLocatorName(interest, state);

            if (state.isOutcomeFailed())
            {
                // Already called state.fail().)
                return;
            }

            if (keyLocatorName.getPrefix(-2).isPrefixOf(interest.getName()))
            {
                continueValidation.continueValidation(new CertificateRequest(
                                                          new Interest(keyLocatorName)), state);
            }
            else
            {
                state.fail(new ValidationError(net.named_data.jndn.security.v2.ValidationError.INVALID_KEY_LOCATOR,
                                               "Interest signing policy violation for "
                                               + interest.getName().toUri() + " by "
                                               + keyLocatorName.toUri()));
            }
        }