Validator

ndn_security::validator

Struct Validator

pub struct Validator { /* private fields */ }

Expand description

Validates Data packets against a trust schema and certificate chain.

The active TrustSchema is stored in an Arc<RwLock<TrustSchema>> so it can be replaced or extended at runtime without rebuilding the validator. Reads (hot path) acquire a shared lock; writes (management API) acquire an exclusive lock.

Implementations§

impl Validator

pub async fn validate_chain(&self, data: &Data) -> ValidationResult

Validate a Data packet by walking the full certificate chain.

Verifies the Data’s signature, then walks up the chain — each certificate’s signature is verified using the next certificate’s public key — until a trust anchor is reached. Missing certificates are fetched via the CertFetcher if configured.

impl Validator

pub fn new(schema: TrustSchema) -> Self

Create a validator with a private cert cache (no chain walking).

pub fn with_chain( schema: TrustSchema, cert_cache: Arc<CertCache>, trust_anchors: Arc<DashMap<Arc<Name>, Certificate>>, cert_fetcher: Option<Arc<CertFetcher>>, max_chain: usize, ) -> Self

Create a validator wired to shared infrastructure for chain walking.

pub fn cert_cache(&self) -> &CertCache

Access the certificate cache.

pub fn add_trust_anchor(&self, cert: Certificate)

Register a trust anchor.

pub fn is_trust_anchor(&self, name: &Name) -> bool

Check if a name is a trust anchor.

pub fn set_schema(&self, schema: TrustSchema)

Replace the active trust schema.

Takes effect immediately for all subsequent validations.

pub fn add_schema_rule(&self, rule: SchemaRule)

Append a rule to the active schema.

pub fn remove_schema_rule(&self, index: usize) -> Option<SchemaRule>

Remove the rule at index from the active schema.

Returns the removed rule, or None if index is out of bounds.

pub fn schema_rules_text(&self) -> Vec<(String, String)>

Snapshot the current schema rules as (data_pattern, key_pattern) text pairs.

pub fn schema_snapshot(&self) -> TrustSchema

Returns a clone of the current TrustSchema.

pub async fn validate(&self, data: &Data) -> ValidationResult

Validate a Data packet (single-hop, returns Pending if cert missing).

For full chain walking with async cert fetching, use validate_chain.

Auto Trait Implementations§

impl Freeze for Validator

impl !RefUnwindSafe for Validator

impl Send for Validator

impl Sync for Validator

impl Unpin for Validator

impl !UnwindSafe for Validator

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Pointable for T

const ALIGN: usize

The alignment of pointer.

type Init = T

The type for initializers.

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V