security: using new security interfaces of ndn-cpp, such as SecPolicy
Change-Id: Id22c8e711bee7c3723076eda7a3f96c72ca7707c
diff --git a/ChronoSync b/ChronoSync
index 0cb0f2b..5e0af3e 160000
--- a/ChronoSync
+++ b/ChronoSync
@@ -1 +1 @@
-Subproject commit 0cb0f2bcc689e6b771393036f283f035465c7c87
+Subproject commit 5e0af3eccea6958e51d148f6a2d168a309398d38
diff --git a/src/addcontactpanel.cpp b/src/addcontactpanel.cpp
index dc6618f..dd933cd 100644
--- a/src/addcontactpanel.cpp
+++ b/src/addcontactpanel.cpp
@@ -15,7 +15,6 @@
#ifndef Q_MOC_RUN
#include <ndn-cpp/security/verifier.hpp>
#include <boost/iostreams/stream.hpp>
-#include "null-ptrs.h"
#include "endorse-collection.pb.h"
#include "logging.h"
#endif
@@ -195,7 +194,7 @@
void
AddContactPanel::onCollectEndorseFetchFailed(const Name& identity)
{
- m_currentCollectEndorse = CHRONOCHAT_NULL_DATA_PTR;
+ m_currentCollectEndorse = shared_ptr<Data>();
m_currentCollectEndorseReady = true;
if(m_currentEndorseCertificateReady == true)
@@ -212,7 +211,7 @@
map<string, int> endorseCount;
- if(m_currentCollectEndorse != CHRONOCHAT_NULL_DATA_PTR)
+ if(static_cast<bool>(m_currentCollectEndorse))
{
Chronos::EndorseCollection endorseCollection;
@@ -234,7 +233,7 @@
Name signerName = signerKeyName.getPrefix(-1);
shared_ptr<ContactItem> contact = m_contactManager->getContact(signerName);
- if(contact == CHRONOCHAT_NULL_CONTACTITEM_PTR)
+ if(static_cast<bool>(contact))
continue;
if(!contact->isIntroducer() || !contact->canBeTrustedFor(m_currentEndorseCertificate->getProfileData().getIdentityName()))
diff --git a/src/addcontactpanel.h b/src/addcontactpanel.h
index 4ecf3bd..2264b9e 100644
--- a/src/addcontactpanel.h
+++ b/src/addcontactpanel.h
@@ -84,6 +84,7 @@
newContactAdded();
private:
+
Ui::AddContactPanel *ui;
ndn::Name m_searchIdentity;
ndn::ptr_lib::shared_ptr<ContactManager> m_contactManager;
diff --git a/src/browsecontactdialog.h b/src/browsecontactdialog.h
index 1f74bc1..2edaa2d 100644
--- a/src/browsecontactdialog.h
+++ b/src/browsecontactdialog.h
@@ -19,7 +19,7 @@
#ifndef Q_MOC_RUN
-#include <ndn-cpp/security/certificate/identity-certificate.hpp>
+#include <ndn-cpp/security/identity-certificate.hpp>
#include <boost/thread/locks.hpp>
#include <boost/thread/recursive_mutex.hpp>
#include "profile.h"
diff --git a/src/chatdialog.cpp b/src/chatdialog.cpp
index cd7a7ea..0903b27 100644
--- a/src/chatdialog.cpp
+++ b/src/chatdialog.cpp
@@ -21,7 +21,7 @@
#include <sync-intro-certificate.h>
#include <boost/random/random_device.hpp>
#include <boost/random/uniform_int_distribution.hpp>
-#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
+#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
#include "logging.h"
#endif
@@ -47,7 +47,7 @@
, m_chatroomPrefix(chatroomPrefix)
, m_localPrefix(localPrefix)
, m_defaultIdentity(defaultIdentity)
- , m_invitationPolicyManager(new InvitationPolicyManager(m_chatroomPrefix.get(-1).toEscapedString(), m_defaultIdentity))
+ , m_invitationPolicy(new SecPolicyChronoChatInvitation(m_chatroomPrefix.get(-1).toEscapedString(), m_defaultIdentity))
, m_keyChain(new ndn::KeyChain())
, m_nick(nick)
, m_sock(NULL)
@@ -89,7 +89,7 @@
startFace();
ndn::Name certificateName = m_keyChain->getDefaultCertificateNameForIdentity(m_defaultIdentity);
- m_syncPolicyManager = ndn::ptr_lib::make_shared<SyncPolicyManager>(m_defaultIdentity, certificateName, m_chatroomPrefix, m_face);
+ m_syncPolicy = ndn::ptr_lib::make_shared<SecPolicySync>(m_defaultIdentity, certificateName, m_chatroomPrefix, m_face);
connect(ui->inviteButton, SIGNAL(clicked()),
this, SLOT(openInviteListDialog()));
@@ -222,7 +222,7 @@
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed,
const OnEventualTimeout& timeoutNotify,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager,
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy,
int retry /* = 1 */,
int stepCount /* = 0 */)
{
@@ -235,7 +235,7 @@
onVerified,
onVerifyFailed,
timeoutNotify,
- policyManager),
+ policy),
boost::bind(&ChatDialog::onTargetTimeout,
this,
_1,
@@ -244,7 +244,7 @@
onVerified,
onVerifyFailed,
timeoutNotify,
- policyManager));
+ policy));
}
void
@@ -254,15 +254,15 @@
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed,
const OnEventualTimeout& timeoutNotify,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager)
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy)
{
- ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep = policyManager->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
+ ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep = policy->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
if (nextStep)
m_face->expressInterest
(*nextStep->interest_,
- boost::bind(&ChatDialog::onCertData, this, _1, _2, nextStep, policyManager),
- boost::bind(&ChatDialog::onCertTimeout, this, _1, onVerifyFailed, data, nextStep, policyManager));
+ boost::bind(&ChatDialog::onCertData, this, _1, _2, nextStep, policy),
+ boost::bind(&ChatDialog::onCertTimeout, this, _1, onVerifyFailed, data, nextStep, policy));
}
void
@@ -272,10 +272,10 @@
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed,
const OnEventualTimeout& timeoutNotify,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager)
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy)
{
if(retry > 0)
- sendInterest(*interest, onVerified, onVerifyFailed, timeoutNotify, policyManager, retry-1, stepCount);
+ sendInterest(*interest, onVerified, onVerifyFailed, timeoutNotify, policy, retry-1, stepCount);
else
{
_LOG_DEBUG("Interest: " << interest->getName().toUri() << " eventually times out!");
@@ -287,9 +287,9 @@
ChatDialog::onCertData(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
const ndn::ptr_lib::shared_ptr<ndn::Data>& cert,
ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> previousStep,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager)
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy)
{
- ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep = policyManager->checkVerificationPolicy(cert,
+ ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep = policy->checkVerificationPolicy(cert,
previousStep->stepCount_,
previousStep->onVerified_,
previousStep->onVerifyFailed_);
@@ -297,8 +297,8 @@
if (nextStep)
m_face->expressInterest
(*nextStep->interest_,
- boost::bind(&ChatDialog::onCertData, this, _1, _2, nextStep, policyManager),
- boost::bind(&ChatDialog::onCertTimeout, this, _1, previousStep->onVerifyFailed_, cert, nextStep, policyManager));
+ boost::bind(&ChatDialog::onCertData, this, _1, _2, nextStep, policy),
+ boost::bind(&ChatDialog::onCertTimeout, this, _1, previousStep->onVerifyFailed_, cert, nextStep, policy));
}
void
@@ -306,7 +306,7 @@
const ndn::OnVerifyFailed& onVerifyFailed,
const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager)
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy)
{
if(nextStep->retry_ > 0)
m_face->expressInterest(*interest,
@@ -315,14 +315,14 @@
_1,
_2,
nextStep,
- policyManager),
+ policy),
boost::bind(&ChatDialog::onCertTimeout,
this,
_1,
onVerifyFailed,
data,
nextStep,
- policyManager));
+ policy));
else
onVerifyFailed(data);
}
@@ -330,7 +330,7 @@
void
ChatDialog::sendInvitation(ndn::ptr_lib::shared_ptr<ContactItem> contact, bool isIntroducer)
{
- m_invitationPolicyManager->addTrustAnchor(contact->getSelfEndorseCertificate());
+ m_invitationPolicy->addTrustAnchor(contact->getSelfEndorseCertificate());
ndn::Name certificateName = m_keyChain->getDefaultCertificateNameForIdentity(m_defaultIdentity);
@@ -370,7 +370,7 @@
contact->getNameSpace());
- sendInterest(interest, onVerified, onVerifyFailed, timeoutNotify, m_invitationPolicyManager);
+ sendInterest(interest, onVerified, onVerifyFailed, timeoutNotify, m_invitationPolicy);
}
void
@@ -417,8 +417,8 @@
_LOG_DEBUG(" " << identity.toUri() << " Accepted your invitation!");
ndn::SignatureSha256WithRsa sig(data->getSignature());
const ndn::Name & keyLocatorName = sig.getKeyLocator().getName();
- ndn::ptr_lib::shared_ptr<ndn::IdentityCertificate> dskCertificate = m_invitationPolicyManager->getValidatedDskCertificate(keyLocatorName);
- m_syncPolicyManager->addChatDataRule(inviteePrefix, *dskCertificate, isIntroducer);
+ ndn::ptr_lib::shared_ptr<ndn::IdentityCertificate> dskCertificate = m_invitationPolicy->getValidatedDskCertificate(keyLocatorName);
+ m_syncPolicy->addChatDataRule(inviteePrefix, *dskCertificate, isIntroducer);
publishIntroCert(*dskCertificate, isIntroducer);
}
@@ -440,13 +440,13 @@
void
ChatDialog::addTrustAnchor(const EndorseCertificate& selfEndorseCertificate)
-{ m_invitationPolicyManager->addTrustAnchor(selfEndorseCertificate); }
+{ m_invitationPolicy->addTrustAnchor(selfEndorseCertificate); }
void
ChatDialog::addChatDataRule(const ndn::Name& prefix,
const ndn::IdentityCertificate& identityCertificate,
bool isIntroducer)
-{ m_syncPolicyManager->addChatDataRule(prefix, identityCertificate, isIntroducer); }
+{ m_syncPolicy->addChatDataRule(prefix, identityCertificate, isIntroducer); }
@@ -455,7 +455,7 @@
{
m_sock = new Sync::SyncSocket(m_chatroomPrefix.toUri(),
- m_syncPolicyManager,
+ m_syncPolicy,
m_face,
boost::bind(&ChatDialog::processTreeUpdateWrapper, this, _1, _2),
boost::bind(&ChatDialog::processRemoveWrapper, this, _1));
@@ -889,7 +889,7 @@
{
usleep(100000);
m_sock = new Sync::SyncSocket(m_chatroomPrefix.toUri(),
- m_syncPolicyManager,
+ m_syncPolicy,
m_face,
bind(&ChatDialog::processTreeUpdateWrapper, this, _1, _2),
bind(&ChatDialog::processRemoveWrapper, this, _1));
diff --git a/src/chatdialog.h b/src/chatdialog.h
index a4b168f..fad9ed4 100644
--- a/src/chatdialog.h
+++ b/src/chatdialog.h
@@ -26,7 +26,7 @@
#include <ndn-cpp/data.hpp>
#include <ndn-cpp/face.hpp>
#include <ndn-cpp/security/key-chain.hpp>
-#include "invitation-policy-manager.h"
+#include "sec-policy-chrono-chat-invitation.h"
#include "contact-item.h"
#include <sync-socket.h>
@@ -152,7 +152,7 @@
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed,
const OnEventualTimeout& timeoutNotify,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager);
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy);
void
onTargetTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
@@ -161,27 +161,27 @@
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed,
const OnEventualTimeout& timeoutNotify,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager);
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy);
void
onCertData(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
const ndn::ptr_lib::shared_ptr<ndn::Data>& cert,
ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> previousStep,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager);
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy);
void
onCertTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
const ndn::OnVerifyFailed& onVerifyFailed,
const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> nextStep,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager);
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy);
void
sendInterest(const ndn::Interest& interest,
const ndn::OnVerified& onVerified,
const ndn::OnVerifyFailed& onVerifyFailed,
const OnEventualTimeout& timeoutNotify,
- const ndn::ptr_lib::shared_ptr<ndn::PolicyManager>& policyManager,
+ const ndn::ptr_lib::shared_ptr<ndn::SecPolicy>& policy,
int retry = 1,
int stepCount = 0);
@@ -341,8 +341,8 @@
ndn::Name m_localPrefix;
ndn::Name m_localChatPrefix;
ndn::Name m_defaultIdentity;
- ndn::ptr_lib::shared_ptr<InvitationPolicyManager> m_invitationPolicyManager;
- ndn::ptr_lib::shared_ptr<SyncPolicyManager> m_syncPolicyManager;
+ ndn::ptr_lib::shared_ptr<SecPolicyChronoChatInvitation> m_invitationPolicy;
+ ndn::ptr_lib::shared_ptr<SecPolicySync> m_syncPolicy;
ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
diff --git a/src/chronos-invitation.cpp b/src/chronos-invitation.cpp
index 7912a2d..b49c08b 100644
--- a/src/chronos-invitation.cpp
+++ b/src/chronos-invitation.cpp
@@ -10,7 +10,7 @@
#include "chronos-invitation.h"
-#include <ndn-cpp/security/certificate/identity-certificate.hpp>
+#include <ndn-cpp/security/identity-certificate.hpp>
#include "logging.h"
using namespace std;
diff --git a/src/contact-item.cpp b/src/contact-item.cpp
index 8c02b29..3ea941b 100644
--- a/src/contact-item.cpp
+++ b/src/contact-item.cpp
@@ -9,7 +9,6 @@
*/
#include "contact-item.h"
-#include "null-ptrs.h"
#include "logging.h"
diff --git a/src/contact-manager.cpp b/src/contact-manager.cpp
index 3095177..aea34fc 100644
--- a/src/contact-manager.cpp
+++ b/src/contact-manager.cpp
@@ -25,13 +25,12 @@
#ifndef Q_MOC_RUN
#include <ndn-cpp/face.hpp>
-#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
+#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
#include <ndn-cpp/security/verifier.hpp>
#include <cryptopp/base64.h>
-#include <ndn-cpp-et/policy-manager/identity-policy-rule.hpp>
+#include <ndn-cpp-et/policy/sec-rule-identity.hpp>
#include <fstream>
#include "endorse-collection.pb.h"
-#include "null-ptrs.h"
#include "logging.h"
#endif
@@ -60,29 +59,29 @@
void
ContactManager::initializeSecurity()
{
- m_policyManager = make_shared<SimplePolicyManager>();
+ m_policy = make_shared<SecPolicySimple>();
- m_policyManager->addVerificationPolicyRule(make_shared<IdentityPolicyRule>("^([^<DNS>]*)<DNS><ENDORSED>",
+ m_policy->addVerificationPolicyRule(make_shared<SecRuleIdentity>("^([^<DNS>]*)<DNS><ENDORSED>",
"^([^<KEY>]*)<KEY>(<>*)[<ksk-.*><dsk-.*>]<ID-CERT>$",
"==", "\\1", "\\1\\2", true));
- m_policyManager->addVerificationPolicyRule(make_shared<IdentityPolicyRule>("^([^<DNS>]*)<DNS><PROFILE>",
+ m_policy->addVerificationPolicyRule(make_shared<SecRuleIdentity>("^([^<DNS>]*)<DNS><PROFILE>",
"^([^<KEY>]*)<KEY>(<>*)[<ksk-.*><dsk-.*>]<ID-CERT>$",
"==", "\\1", "\\1\\2", true));
- m_policyManager->addVerificationPolicyRule(make_shared<IdentityPolicyRule>("^([^<PROFILE-CERT>]*)<PROFILE-CERT>",
+ m_policy->addVerificationPolicyRule(make_shared<SecRuleIdentity>("^([^<PROFILE-CERT>]*)<PROFILE-CERT>",
"^([^<KEY>]*)<KEY>(<>*<ksk-.*>)<ID-CERT>$",
"==", "\\1", "\\1\\2", true));
- m_policyManager->addVerificationPolicyRule(make_shared<IdentityPolicyRule>("^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>",
+ m_policy->addVerificationPolicyRule(make_shared<SecRuleIdentity>("^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>",
"^([^<KEY>]*)<KEY><dsk-.*><ID-CERT>$",
">", "\\1\\2", "\\1", true));
- m_policyManager->addVerificationPolicyRule(make_shared<IdentityPolicyRule>("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT>",
+ m_policy->addVerificationPolicyRule(make_shared<SecRuleIdentity>("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT>",
"^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
"==", "\\1", "\\1\\2", true));
- m_policyManager->addVerificationPolicyRule(make_shared<IdentityPolicyRule>("^(<>*)$",
+ m_policy->addVerificationPolicyRule(make_shared<SecRuleIdentity>("^(<>*)$",
"^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
">", "\\1", "\\1\\2", true));
- m_policyManager->addSigningPolicyRule(make_shared<IdentityPolicyRule>("^([^<DNS>]*)<DNS><PROFILE>",
+ m_policy->addSigningPolicyRule(make_shared<SecRuleIdentity>("^([^<DNS>]*)<DNS><PROFILE>",
"^([^<KEY>]*)<KEY>(<>*)<><ID-CERT>",
"==", "\\1", "\\1\\2", true));
@@ -113,7 +112,7 @@
Data data;
data.wireDecode(Block(reinterpret_cast<const uint8_t*>(decoded.c_str()), decoded.size()));
shared_ptr<IdentityCertificate> anchor = make_shared<IdentityCertificate>(data);
- m_policyManager->addTrustAnchor(anchor);
+ m_policy->addTrustAnchor(anchor);
#ifdef _DEBUG
@@ -143,7 +142,7 @@
Data data2;
data2.wireDecode(Block(reinterpret_cast<const uint8_t*>(decoded.c_str()), decoded.size()));
shared_ptr<IdentityCertificate>anchor2 = make_shared<IdentityCertificate>(data2);
- m_policyManager->addTrustAnchor(anchor2);
+ m_policy->addTrustAnchor(anchor2);
#endif
}
@@ -316,7 +315,7 @@
const OnVerifyFailed& onVerifyFailed,
const TimeoutNotify& timeoutNotify)
{
- shared_ptr<ValidationRequest> nextStep = m_policyManager->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
+ shared_ptr<ValidationRequest> nextStep = m_policy->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
if (nextStep)
m_face->expressInterest
@@ -348,7 +347,7 @@
const shared_ptr<Data>& cert,
shared_ptr<ValidationRequest> previousStep)
{
- shared_ptr<ValidationRequest> nextStep = m_policyManager->checkVerificationPolicy(cert,
+ shared_ptr<ValidationRequest> nextStep = m_policy->checkVerificationPolicy(cert,
previousStep->stepCount_,
previousStep->onVerified_,
previousStep->onVerifyFailed_);
@@ -417,12 +416,12 @@
{
// Get current profile;
shared_ptr<Profile> newProfile = m_contactStorage->getSelfProfile(identity);
- if(CHRONOCHAT_NULL_PROFILE_PTR == newProfile)
+ if(static_cast<bool>(newProfile))
return;
shared_ptr<EndorseCertificate> newEndorseCertificate = getSignedSelfEndorseCertificate(identity, *newProfile);
- if(CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR == newEndorseCertificate)
+ if(static_cast<bool>(newEndorseCertificate))
return;
// Check if profile exists
@@ -441,7 +440,7 @@
{
shared_ptr<EndorseCertificate> newEndorseCertificate = generateEndorseCertificate(identity, signerIdentity);
- if(CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR == newEndorseCertificate)
+ if(static_cast<bool>(newEndorseCertificate))
return;
try{
@@ -458,8 +457,8 @@
ContactManager::generateEndorseCertificate(const Name& identity, const Name& signerIdentity)
{
shared_ptr<ContactItem> contact = getContact(identity);
- if(contact == CHRONOCHAT_NULL_CONTACTITEM_PTR)
- return CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
+ if(static_cast<bool>(contact))
+ return shared_ptr<EndorseCertificate>();
Name signerKeyName = m_keyChain->getDefaultKeyNameForIdentity(signerIdentity);
Name signerCertName = m_keyChain->getDefaultCertificateNameForIdentity(signerIdentity);
@@ -474,7 +473,7 @@
return cert;
}catch(std::exception& e){
_LOG_ERROR("Exception: " << e.what());
- return CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
+ return shared_ptr<EndorseCertificate>();
}
}
@@ -492,14 +491,14 @@
{
Name certificateName = m_keyChain->getDefaultCertificateNameForIdentity(identity);
if(0 == certificateName.size())
- return CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
+ return shared_ptr<EndorseCertificate>();
ProfileData profileData(profile);
m_keyChain->sign(profileData, certificateName);
shared_ptr<IdentityCertificate> signingCert = m_keyChain->getCertificate(certificateName);
- if(CHRONOCHAT_NULL_IDENTITYCERTIFICATE_PTR == signingCert)
- return CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
+ if(static_cast<bool>(signingCert))
+ return shared_ptr<EndorseCertificate>();
Name signingKeyName = IdentityCertificate::certificateNameToPublicKeyName(signingCert->getName());
@@ -520,8 +519,8 @@
kskCert = signingCert;
}
- if(CHRONOCHAT_NULL_IDENTITYCERTIFICATE_PTR == kskCert)
- return CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
+ if(static_cast<bool>(kskCert))
+ return shared_ptr<EndorseCertificate>();
vector<string> endorseList;
Profile::const_iterator it = profile.begin();
@@ -535,7 +534,7 @@
return selfEndorseCertificate;
}catch(std::exception& e){
_LOG_ERROR("Exception: " << e.what());
- return CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
+ return shared_ptr<EndorseCertificate>();
}
}
@@ -661,7 +660,7 @@
ContactManager::removeContact(const ndn::Name& contactNameSpace)
{
shared_ptr<ContactItem> contact = getContact(contactNameSpace);
- if(contact == CHRONOCHAT_NULL_CONTACTITEM_PTR)
+ if(static_cast<bool>(contact))
return;
m_contactStorage->removeContact(contactNameSpace);
emit contactRemoved(contact->getPublicKeyName());
diff --git a/src/contact-manager.h b/src/contact-manager.h
index d27e1cb..67d4ac8 100644
--- a/src/contact-manager.h
+++ b/src/contact-manager.h
@@ -20,8 +20,8 @@
#include "profile.h"
#include <ndn-cpp/face.hpp>
#include <ndn-cpp/security/key-chain.hpp>
-#include <ndn-cpp/security/policy/validation-request.hpp>
-#include <ndn-cpp-et/policy-manager/simple-policy-manager.hpp>
+#include <ndn-cpp/security/validation-request.hpp>
+#include <ndn-cpp-et/policy/sec-policy-simple.hpp>
#endif
typedef ndn::func_lib::function<void()> TimeoutNotify;
@@ -224,9 +224,10 @@
private:
+
ndn::ptr_lib::shared_ptr<ContactStorage> m_contactStorage;
ndn::ptr_lib::shared_ptr<DnsStorage> m_dnsStorage;
- ndn::ptr_lib::shared_ptr<ndn::SimplePolicyManager> m_policyManager;
+ ndn::ptr_lib::shared_ptr<ndn::SecPolicySimple> m_policy;
ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
ndn::Name m_defaultIdentity;
diff --git a/src/contact-storage.cpp b/src/contact-storage.cpp
index 7ea965c..384e74e 100644
--- a/src/contact-storage.cpp
+++ b/src/contact-storage.cpp
@@ -9,7 +9,6 @@
*/
#include "contact-storage.h"
-#include "null-ptrs.h"
#include <boost/filesystem.hpp>
#include "logging.h"
@@ -518,7 +517,7 @@
return contact;
}
- return CHRONOCHAT_NULL_CONTACTITEM_PTR;
+ return shared_ptr<ContactItem>();
}
shared_ptr<Profile>
diff --git a/src/contactpanel.cpp b/src/contactpanel.cpp
index 0a9ffcd..cde6c55 100644
--- a/src/contactpanel.cpp
+++ b/src/contactpanel.cpp
@@ -22,12 +22,10 @@
#ifndef Q_MOC_RUN
#include <ndn-cpp/security/verifier.hpp>
-#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
+#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
#include <boost/filesystem.hpp>
#include <boost/random/random_device.hpp>
#include <boost/random/uniform_int_distribution.hpp>
-#include "panel-policy-manager.h"
-#include "null-ptrs.h"
#include "logging.h"
#endif
@@ -50,7 +48,7 @@
, m_startChatDialog(new StartChatDialog)
, m_invitationDialog(new InvitationDialog)
, m_settingDialog(new SettingDialog)
- , m_policyManager(new PanelPolicyManager())
+ , m_policy(new SecPolicyChronoChatPanel())
{
qRegisterMetaType<IdentityCertificate>("IdentityCertificate");
qRegisterMetaType<ChronosInvitation>("ChronosInvitation");
@@ -285,7 +283,7 @@
for(; it != m_contactList.end(); it++)
{
_LOG_DEBUG("load contact: " << (*it)->getNameSpace().toUri());
- m_policyManager->addTrustAnchor((*it)->getSelfEndorseCertificate());
+ m_policy->addTrustAnchor((*it)->getSelfEndorseCertificate());
}
}
@@ -372,7 +370,7 @@
const OnVerifyFailed& onVerifyFailed,
const TimeoutNotify& timeoutNotify)
{
- shared_ptr<ValidationRequest> nextStep = m_policyManager->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
+ shared_ptr<ValidationRequest> nextStep = m_policy->checkVerificationPolicy(data, stepCount, onVerified, onVerifyFailed);
if (nextStep)
m_face->expressInterest
@@ -404,7 +402,7 @@
const shared_ptr<Data>& cert,
shared_ptr<ValidationRequest> previousStep)
{
- shared_ptr<ValidationRequest> nextStep = m_policyManager->checkVerificationPolicy(cert,
+ shared_ptr<ValidationRequest> nextStep = m_policy->checkVerificationPolicy(cert,
previousStep->stepCount_,
previousStep->onVerified_,
previousStep->onVerifyFailed_);
@@ -471,12 +469,12 @@
return;
}
- shared_ptr<PublicKey> keyPtr = m_policyManager->getTrustedKey(invitation->getInviterCertificateName());
+ shared_ptr<PublicKey> keyPtr = m_policy->getTrustedKey(invitation->getInviterCertificateName());
SignatureSha256WithRsa invitationSig;
Block sigBlock(invitation->getSignatureBits().buf(), invitation->getSignatureBits().size());
invitationSig.setValue(sigBlock);
- if(CHRONOCHAT_NULL_PUBLICKEY_PTR != keyPtr && Verifier::verifySignature(invitation->getSignedBlob(), invitationSig, *keyPtr))
+ if(static_cast<bool>(keyPtr) && Verifier::verifySignature(invitation->getSignedBlob(), invitationSig, *keyPtr))
{
shared_ptr<IdentityCertificate> certificate = make_shared<IdentityCertificate>();
// hack: incomplete certificate, we don't send it to the wire nor store it anywhere, we only use it to carry information
@@ -793,13 +791,13 @@
ContactPanel::addContactIntoPanelPolicy(const Name& contactNameSpace)
{
shared_ptr<ContactItem> contact = m_contactManager->getContact(contactNameSpace);
- if(contact != CHRONOCHAT_NULL_CONTACTITEM_PTR)
- m_policyManager->addTrustAnchor(contact->getSelfEndorseCertificate());
+ if(static_cast<bool>(contact))
+ m_policy->addTrustAnchor(contact->getSelfEndorseCertificate());
}
void
ContactPanel::removeContactFromPanelPolicy(const Name& keyName)
-{ m_policyManager->removeTrustAnchor(keyName); }
+{ m_policy->removeTrustAnchor(keyName); }
void
ContactPanel::refreshContactList()
@@ -920,7 +918,7 @@
data.setContent((const uint8_t *)&content[0], content.size());
Name certificateName;
- Name inferredIdentity = m_policyManager->inferSigningIdentity(data.getName());
+ Name inferredIdentity = m_policy->inferSigningIdentity(data.getName());
if(inferredIdentity.getComponentCount() == 0)
certificateName = m_keyChain->getDefaultCertificateName();
@@ -941,7 +939,7 @@
data.setContent((const uint8_t *)&content[0], content.size());
Name certificateName;
- Name inferredIdentity = m_policyManager->inferSigningIdentity(data.getName());
+ Name inferredIdentity = m_policy->inferSigningIdentity(data.getName());
if(inferredIdentity.getComponentCount() == 0)
certificateName = m_keyChain->getDefaultCertificateName();
else
diff --git a/src/contactpanel.h b/src/contactpanel.h
index ce7f7b7..4d871a1 100644
--- a/src/contactpanel.h
+++ b/src/contactpanel.h
@@ -31,7 +31,7 @@
#ifndef Q_MOC_RUN
#include "contact-manager.h"
#include "chronos-invitation.h"
-#include "panel-policy-manager.h"
+#include "sec-policy-chrono-chat-panel.h"
#include <boost/thread/locks.hpp>
#include <boost/thread/recursive_mutex.hpp>
#include <boost/thread/thread.hpp>
@@ -267,6 +267,7 @@
private:
+
Ui::ContactPanel *ui;
WarningDialog* m_warningDialog;
ndn::ptr_lib::shared_ptr<ContactManager> m_contactManager;
@@ -284,7 +285,7 @@
std::vector<ndn::ptr_lib::shared_ptr<ContactItem> > m_contactList;
ndn::ptr_lib::shared_ptr<std::vector<bool> > m_collectStatus;
- ndn::ptr_lib::shared_ptr<PanelPolicyManager> m_policyManager;
+ ndn::ptr_lib::shared_ptr<SecPolicyChronoChatPanel> m_policy;
ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
diff --git a/src/dns-storage.cpp b/src/dns-storage.cpp
index 7ce9245..c26b725 100644
--- a/src/dns-storage.cpp
+++ b/src/dns-storage.cpp
@@ -9,7 +9,6 @@
*/
#include "dns-storage.h"
-#include "null-ptrs.h"
#include <boost/filesystem.hpp>
#include "logging.h"
@@ -152,5 +151,5 @@
}
sqlite3_finalize(stmt);
- return CHRONOCHAT_NULL_DATA_PTR;
+ return shared_ptr<Data>();
}
diff --git a/src/endorse-certificate.h b/src/endorse-certificate.h
index a727552..c1ebcf5 100644
--- a/src/endorse-certificate.h
+++ b/src/endorse-certificate.h
@@ -13,8 +13,8 @@
#include <vector>
#include <ndn-cpp/data.hpp>
-#include <ndn-cpp/security/certificate/identity-certificate.hpp>
-#include <ndn-cpp/security/certificate/certificate-extension.hpp>
+#include <ndn-cpp/security/identity-certificate.hpp>
+#include <ndn-cpp/security/certificate-extension.hpp>
#include "profile-data.h"
diff --git a/src/invitationdialog.h b/src/invitationdialog.h
index 271b207..9326cf6 100644
--- a/src/invitationdialog.h
+++ b/src/invitationdialog.h
@@ -15,7 +15,7 @@
#ifndef Q_MOC_RUN
#include <ndn-cpp/data.hpp>
-#include <ndn-cpp/security/certificate/identity-certificate.hpp>
+#include <ndn-cpp/security/identity-certificate.hpp>
#include "chronos-invitation.h"
#endif
diff --git a/src/null-ptrs.h b/src/null-ptrs.h
deleted file mode 100644
index 0120a2f..0000000
--- a/src/null-ptrs.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/*
- * Copyright (c) 2013, Regents of the University of California
- * Yingdi Yu
- *
- * BSD license, See the LICENSE file for more information
- *
- * Author: Yingdi Yu <yingdi@cs.ucla.edu>
- */
-
-#ifndef NULL_PTRS_H
-#define NULL_PTRS_H
-
-#include <string>
-#include <ndn-cpp/util/blob.hpp>
-#include <ndn-cpp/data.hpp>
-#include "contact-item.h"
-#include "endorse-certificate.h"
-#include "profile.h"
-#include <ndn-cpp/security/certificate/identity-certificate.hpp>
-#include <ndn-cpp/security/policy/validation-request.hpp>
-#include <ndn-cpp/security/certificate/certificate.hpp>
-
-
-static std::string CHRONOCHAT_NULL_STR;
-static ndn::Blob CHRONOCHAT_NULL_BLOB;
-
-static ndn::ptr_lib::shared_ptr<ContactItem> CHRONOCHAT_NULL_CONTACTITEM_PTR;
-static ndn::ptr_lib::shared_ptr<ndn::Data> CHRONOCHAT_NULL_DATA_PTR;
-static ndn::ptr_lib::shared_ptr<EndorseCertificate> CHRONOCHAT_NULL_ENDORSECERTIFICATE_PTR;
-static ndn::ptr_lib::shared_ptr<ndn::IdentityCertificate> CHRONOCHAT_NULL_IDENTITYCERTIFICATE_PTR;
-static ndn::ptr_lib::shared_ptr<Profile> CHRONOCHAT_NULL_PROFILE_PTR;
-static ndn::ptr_lib::shared_ptr<ndn::PublicKey> CHRONOCHAT_NULL_PUBLICKEY_PTR;
-static ndn::ptr_lib::shared_ptr<ndn::ValidationRequest> CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
-static ndn::ptr_lib::shared_ptr<const ndn::Certificate> CHRONOCHAT_NULL_CONST_CERTIFICATE_PTR;
-
-#endif
diff --git a/src/profile.cpp b/src/profile.cpp
index af805b0..d662a70 100644
--- a/src/profile.cpp
+++ b/src/profile.cpp
@@ -9,7 +9,6 @@
*/
#include "profile.h"
-#include "null-ptrs.h"
#include "logging.h"
using namespace std;
@@ -93,7 +92,7 @@
if(m_entries.find(profileType) != m_entries.end())
return m_entries.at(profileType);
- return CHRONOCHAT_NULL_STR;
+ return string();
}
void
diff --git a/src/profile.h b/src/profile.h
index cbd504d..1d1390d 100644
--- a/src/profile.h
+++ b/src/profile.h
@@ -12,7 +12,7 @@
#define LINKNDN_PROFILE_H
#include <ndn-cpp/name.hpp>
-#include <ndn-cpp/security/certificate/identity-certificate.hpp>
+#include <ndn-cpp/security/identity-certificate.hpp>
#include <map>
#include <string>
#include "profile.pb.h"
diff --git a/src/invitation-policy-manager.cpp b/src/sec-policy-chrono-chat-invitation.cpp
similarity index 78%
rename from src/invitation-policy-manager.cpp
rename to src/sec-policy-chrono-chat-invitation.cpp
index dd7b33c..23d2b10 100644
--- a/src/invitation-policy-manager.cpp
+++ b/src/sec-policy-chrono-chat-invitation.cpp
@@ -8,10 +8,9 @@
* Author: Yingdi Yu <yingdi@cs.ucla.edu>
*/
-#include "invitation-policy-manager.h"
-#include "null-ptrs.h"
+#include "sec-policy-chrono-chat-invitation.h"
#include <ndn-cpp/security/verifier.hpp>
-#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
+#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
#include "logging.h"
@@ -19,41 +18,41 @@
using namespace ndn;
using namespace ndn::ptr_lib;
-INIT_LOGGER("InvitationPolicyManager");
+INIT_LOGGER("SecPolicyChronoChatInvitation");
-InvitationPolicyManager::InvitationPolicyManager(const string& chatroomName,
+SecPolicyChronoChatInvitation::SecPolicyChronoChatInvitation(const string& chatroomName,
const Name& signingIdentity,
int stepLimit)
: m_chatroomName(chatroomName)
, m_signingIdentity(signingIdentity)
, m_stepLimit(stepLimit)
{
- m_invitationPolicyRule = make_shared<IdentityPolicyRule>("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
+ m_invitationPolicyRule = make_shared<SecRuleIdentity>("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
"^([^<KEY>]*)<KEY>(<>*)[<dsk-.*><ksk-.*>]<ID-CERT>$",
"==", "\\1", "\\1\\2", true);
m_kskRegex = make_shared<Regex>("^([^<KEY>]*)<KEY>(<>*<ksk-.*>)<ID-CERT><>$", "\\1\\2");
- m_dskRule = make_shared<IdentityPolicyRule>("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT><>$",
+ m_dskRule = make_shared<SecRuleIdentity>("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT><>$",
"^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
"==", "\\1", "\\1\\2", true);
m_keyNameRegex = make_shared<Regex>("^([^<KEY>]*)<KEY>(<>*<ksk-.*>)<ID-CERT>$", "\\1\\2");
}
-InvitationPolicyManager::~InvitationPolicyManager()
+SecPolicyChronoChatInvitation::~SecPolicyChronoChatInvitation()
{}
bool
-InvitationPolicyManager::skipVerifyAndTrust (const Data& data)
+SecPolicyChronoChatInvitation::skipVerifyAndTrust (const Data& data)
{ return false; }
bool
-InvitationPolicyManager::requireVerify (const Data& data)
+SecPolicyChronoChatInvitation::requireVerify (const Data& data)
{ return true; }
shared_ptr<ValidationRequest>
-InvitationPolicyManager::checkVerificationPolicy(const shared_ptr<Data>& data,
+SecPolicyChronoChatInvitation::checkVerificationPolicy(const shared_ptr<Data>& data,
int stepCount,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed)
@@ -62,7 +61,7 @@
{
_LOG_ERROR("Reach the maximum steps of verification!");
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
try{
@@ -81,28 +80,28 @@
// else
// onVerifyFailed(data);
- // return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ // return shared_ptr<ValidationRequest>();
// }
shared_ptr<const Certificate> trustedCert = m_certificateCache.getCertificate(keyLocatorName);
- if(trustedCert != ndn::TCC_NULL_CERTIFICATE_PTR){
+ if(static_cast<bool>(trustedCert)){
if(Verifier::verifySignature(*data, sig, trustedCert->getPublicKeyInfo()))
onVerified(data);
else
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
- OnVerified recursiveVerifiedCallback = boost::bind(&InvitationPolicyManager::onDskCertificateVerified,
+ OnVerified recursiveVerifiedCallback = boost::bind(&SecPolicyChronoChatInvitation::onDskCertificateVerified,
this,
_1,
data,
onVerified,
onVerifyFailed);
- OnVerifyFailed recursiveUnverifiedCallback = boost::bind(&InvitationPolicyManager::onDskCertificateVerifyFailed,
+ OnVerifyFailed recursiveUnverifiedCallback = boost::bind(&SecPolicyChronoChatInvitation::onDskCertificateVerifyFailed,
this,
_1,
data,
@@ -136,7 +135,7 @@
else
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
if(m_dskRule->satisfy(*data))
@@ -152,42 +151,42 @@
else
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
}catch(SignatureSha256WithRsa::Error &e){
_LOG_DEBUG("checkVerificationPolicy " << e.what());
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}catch(KeyLocator::Error &e){
_LOG_DEBUG("checkVerificationPolicy " << e.what());
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
bool
-InvitationPolicyManager::checkSigningPolicy(const Name& dataName,
+SecPolicyChronoChatInvitation::checkSigningPolicy(const Name& dataName,
const Name& certificateName)
{
return true;
}
Name
-InvitationPolicyManager::inferSigningIdentity(const Name& dataName)
+SecPolicyChronoChatInvitation::inferSigningIdentity(const Name& dataName)
{
return m_signingIdentity;
}
void
-InvitationPolicyManager::addTrustAnchor(const EndorseCertificate& selfEndorseCertificate)
+SecPolicyChronoChatInvitation::addTrustAnchor(const EndorseCertificate& selfEndorseCertificate)
{ m_trustAnchors.insert(pair <Name, PublicKey > (selfEndorseCertificate.getPublicKeyName(), selfEndorseCertificate.getPublicKeyInfo())); }
// void
-// InvitationPolicyManager::addChatDataRule(const Name& prefix,
+// SecPolicyChronoChatInvitation::addChatDataRule(const Name& prefix,
// const IdentityCertificate identityCertificate)
// {
// Name dataPrefix = prefix;
@@ -207,7 +206,7 @@
void
-InvitationPolicyManager::onDskCertificateVerified(const shared_ptr<Data>& certData,
+SecPolicyChronoChatInvitation::onDskCertificateVerified(const shared_ptr<Data>& certData,
shared_ptr<Data> originalData,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed)
@@ -235,17 +234,17 @@
}
void
-InvitationPolicyManager::onDskCertificateVerifyFailed(const shared_ptr<Data>& certData,
+SecPolicyChronoChatInvitation::onDskCertificateVerifyFailed(const shared_ptr<Data>& certData,
shared_ptr<Data> originalData,
const OnVerifyFailed& onVerifyFailed)
{ onVerifyFailed(originalData); }
shared_ptr<IdentityCertificate>
-InvitationPolicyManager::getValidatedDskCertificate(const ndn::Name& certName)
+SecPolicyChronoChatInvitation::getValidatedDskCertificate(const ndn::Name& certName)
{
map<Name, shared_ptr<IdentityCertificate> >::iterator it = m_dskCertificates.find(certName);
if(m_dskCertificates.end() != it)
return it->second;
else
- return CHRONOCHAT_NULL_IDENTITYCERTIFICATE_PTR;
+ return shared_ptr<IdentityCertificate>();
}
diff --git a/src/invitation-policy-manager.h b/src/sec-policy-chrono-chat-invitation.h
similarity index 76%
rename from src/invitation-policy-manager.h
rename to src/sec-policy-chrono-chat-invitation.h
index 83b77bc..8d9e898 100644
--- a/src/invitation-policy-manager.h
+++ b/src/sec-policy-chrono-chat-invitation.h
@@ -8,27 +8,27 @@
* Author: Yingdi Yu <yingdi@cs.ucla.edu>
*/
-#ifndef INVITATION_POLICY_MANAGER_H
-#define INVITATION_POLICY_MANAGER_H
+#ifndef SEC_POLICY_CHRONO_CHAT_INVITATION_H
+#define SEC_POLICY_CHRONO_CHAT_INVITATION_H
-#include <ndn-cpp/security/policy/policy-manager.hpp>
-#include <ndn-cpp-et/policy-manager/identity-policy-rule.hpp>
+#include <ndn-cpp/security/sec-policy.hpp>
+#include <ndn-cpp-et/policy/sec-rule-identity.hpp>
#include <ndn-cpp-et/cache/ttl-certificate-cache.hpp>
#include <ndn-cpp-et/regex/regex.hpp>
#include <map>
#include "endorse-certificate.h"
-#include "chat-policy-rule.h"
+#include "sec-rule-chrono-chat.h"
-class InvitationPolicyManager : public ndn::PolicyManager
+class SecPolicyChronoChatInvitation : public ndn::SecPolicy
{
public:
- InvitationPolicyManager(const std::string& chatroomName,
- const ndn::Name& signingIdentity,
- int stepLimit = 10);
+ SecPolicyChronoChatInvitation(const std::string& chatroomName,
+ const ndn::Name& signingIdentity,
+ int stepLimit = 10);
virtual
- ~InvitationPolicyManager();
+ ~SecPolicyChronoChatInvitation();
bool
skipVerifyAndTrust (const ndn::Data& data);
@@ -79,9 +79,9 @@
ndn::TTLCertificateCache m_certificateCache;
- ndn::ptr_lib::shared_ptr<ndn::IdentityPolicyRule> m_invitationPolicyRule;
- ndn::ptr_lib::shared_ptr<ndn::IdentityPolicyRule> m_dskRule;
- std::map<ndn::Name, ChatPolicyRule, ndn::Name::BreadthFirstLess> m_chatDataRules;
+ ndn::ptr_lib::shared_ptr<ndn::SecRuleIdentity> m_invitationPolicyRule;
+ ndn::ptr_lib::shared_ptr<ndn::SecRuleIdentity> m_dskRule;
+ std::map<ndn::Name, SecRuleChronoChat, ndn::Name::BreadthFirstLess> m_chatDataRules;
ndn::ptr_lib::shared_ptr<ndn::Regex> m_kskRegex;
ndn::ptr_lib::shared_ptr<ndn::Regex> m_keyNameRegex;
diff --git a/src/panel-policy-manager.cpp b/src/sec-policy-chrono-chat-panel.cpp
similarity index 76%
rename from src/panel-policy-manager.cpp
rename to src/sec-policy-chrono-chat-panel.cpp
index e60eb4f..c71e023 100644
--- a/src/panel-policy-manager.cpp
+++ b/src/sec-policy-chrono-chat-panel.cpp
@@ -8,10 +8,9 @@
* Author: Yingdi Yu <yingdi@cs.ucla.edu>
*/
-#include "panel-policy-manager.h"
-#include "null-ptrs.h"
+#include "sec-policy-chrono-chat-panel.h"
#include <ndn-cpp/security/verifier.hpp>
-#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
+#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
// #include <boost/bind.hpp>
#include "logging.h"
@@ -20,23 +19,23 @@
using namespace ndn;
using namespace ndn::ptr_lib;
-INIT_LOGGER("PanelPolicyManager");
+INIT_LOGGER("SecPolicyChronoChatPanel");
-PanelPolicyManager::PanelPolicyManager(const int & stepLimit)
+SecPolicyChronoChatPanel::SecPolicyChronoChatPanel(const int & stepLimit)
: m_stepLimit(stepLimit)
, m_certificateCache()
{
m_localPrefixRegex = make_shared<Regex>("^<local><ndn><prefix><><>$");
- m_invitationDataSigningRule = make_shared<IdentityPolicyRule>("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
+ m_invitationDataSigningRule = make_shared<SecRuleIdentity>("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
"^([^<KEY>]*)<KEY>(<>*)<><ID-CERT><>$",
"==", "\\1", "\\1\\2", true);
- m_dskRule = make_shared<IdentityPolicyRule>("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT><>$",
+ m_dskRule = make_shared<SecRuleIdentity>("^([^<KEY>]*)<KEY><dsk-.*><ID-CERT><>$",
"^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
"==", "\\1", "\\1\\2", true);
- m_endorseeRule = make_shared<IdentityPolicyRule>("^([^<DNS>]*)<DNS><>*<ENDORSEE><>$",
+ m_endorseeRule = make_shared<SecRuleIdentity>("^([^<DNS>]*)<DNS><>*<ENDORSEE><>$",
"^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
"==", "\\1", "\\1\\2", true);
@@ -48,7 +47,7 @@
}
bool
-PanelPolicyManager::skipVerifyAndTrust (const Data & data)
+SecPolicyChronoChatPanel::skipVerifyAndTrust (const Data & data)
{
if(m_localPrefixRegex->match(data.getName()))
return true;
@@ -57,7 +56,7 @@
}
bool
-PanelPolicyManager::requireVerify (const Data & data)
+SecPolicyChronoChatPanel::requireVerify (const Data & data)
{
// if(m_invitationDataRule->matchDataName(data))
// return true;
@@ -74,7 +73,7 @@
}
shared_ptr<ValidationRequest>
-PanelPolicyManager::checkVerificationPolicy(const shared_ptr<Data>& data,
+SecPolicyChronoChatPanel::checkVerificationPolicy(const shared_ptr<Data>& data,
int stepCount,
const OnVerified& onVerified,
const OnVerifyFailed& onVerifyFailed)
@@ -83,7 +82,7 @@
{
_LOG_ERROR("Reach the maximum steps of verification!");
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
try{
@@ -106,7 +105,7 @@
else
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
if(m_dskRule->satisfy(*data))
@@ -122,7 +121,7 @@
else
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
if(m_endorseeRule->satisfy(*data))
@@ -137,32 +136,32 @@
else
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
}catch(SignatureSha256WithRsa::Error &e){
_LOG_DEBUG("checkVerificationPolicy: " << e.what());
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}catch(KeyLocator::Error &e){
_LOG_DEBUG("checkVerificationPolicy: " << e.what());
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
_LOG_DEBUG("Unverified!");
onVerifyFailed(data);
- return CHRONOCHAT_NULL_VALIDATIONREQUEST_PTR;
+ return shared_ptr<ValidationRequest>();
}
bool
-PanelPolicyManager::checkSigningPolicy(const Name & dataName, const Name & certificateName)
+SecPolicyChronoChatPanel::checkSigningPolicy(const Name & dataName, const Name & certificateName)
{
return m_invitationDataSigningRule->satisfy(dataName, certificateName);
}
Name
-PanelPolicyManager::inferSigningIdentity(const Name & dataName)
+SecPolicyChronoChatPanel::inferSigningIdentity(const Name & dataName)
{
if(m_signingCertificateRegex->match(dataName))
return m_signingCertificateRegex->expand();
@@ -171,20 +170,20 @@
}
void
-PanelPolicyManager::addTrustAnchor(const EndorseCertificate& selfEndorseCertificate)
+SecPolicyChronoChatPanel::addTrustAnchor(const EndorseCertificate& selfEndorseCertificate)
{
_LOG_DEBUG("Add Anchor: " << selfEndorseCertificate.getPublicKeyName().toUri());
m_trustAnchors.insert(pair <Name, PublicKey > (selfEndorseCertificate.getPublicKeyName(), selfEndorseCertificate.getPublicKeyInfo()));
}
void
-PanelPolicyManager::removeTrustAnchor(const Name& keyName)
+SecPolicyChronoChatPanel::removeTrustAnchor(const Name& keyName)
{
m_trustAnchors.erase(keyName);
}
shared_ptr<PublicKey>
-PanelPolicyManager::getTrustedKey(const Name& inviterCertName)
+SecPolicyChronoChatPanel::getTrustedKey(const Name& inviterCertName)
{
Name keyLocatorName = inviterCertName.getPrefix(-1);
_LOG_DEBUG("inviter cert name: " << inviterCertName.toUri());
@@ -193,5 +192,5 @@
if(m_trustAnchors.end() != m_trustAnchors.find(keyName))
return make_shared<PublicKey>(m_trustAnchors[keyName]);
- return CHRONOCHAT_NULL_PUBLICKEY_PTR;
+ return shared_ptr<PublicKey>();
}
diff --git a/src/panel-policy-manager.h b/src/sec-policy-chrono-chat-panel.h
similarity index 85%
rename from src/panel-policy-manager.h
rename to src/sec-policy-chrono-chat-panel.h
index 1c5d688..991195f 100644
--- a/src/panel-policy-manager.h
+++ b/src/sec-policy-chrono-chat-panel.h
@@ -8,22 +8,22 @@
* Author: Yingdi Yu <yingdi@cs.ucla.edu>
*/
-#ifndef PANEL_POLICY_MANAGER_H
-#define PANEL_POLICY_MANAGER_H
+#ifndef SEC_POLICY_CHRONO_CHAT_PANEL_H
+#define SEC_POLICY_CHRONO_CHAT_PANEL_H
-#include <ndn-cpp/security/policy/policy-manager.hpp>
-#include <ndn-cpp-et/policy-manager/identity-policy-rule.hpp>
+#include <ndn-cpp/security/sec-policy.hpp>
+#include <ndn-cpp-et/policy/sec-rule-identity.hpp>
#include <ndn-cpp-et/cache/ttl-certificate-cache.hpp>
#include <map>
#include "endorse-certificate.h"
-class PanelPolicyManager : public ndn::PolicyManager
+class SecPolicyChronoChatPanel : public ndn::SecPolicy
{
public:
- PanelPolicyManager(const int & stepLimit = 10);
+ SecPolicyChronoChatPanel(const int & stepLimit = 10);
- ~PanelPolicyManager()
+ ~SecPolicyChronoChatPanel()
{}
/**
@@ -88,10 +88,10 @@
int m_stepLimit;
ndn::TTLCertificateCache m_certificateCache;
ndn::ptr_lib::shared_ptr<ndn::Regex> m_localPrefixRegex;
- ndn::ptr_lib::shared_ptr<ndn::IdentityPolicyRule> m_invitationDataSigningRule;
+ ndn::ptr_lib::shared_ptr<ndn::SecRuleIdentity> m_invitationDataSigningRule;
ndn::ptr_lib::shared_ptr<ndn::Regex> m_kskRegex;
- ndn::ptr_lib::shared_ptr<ndn::IdentityPolicyRule> m_dskRule;
- ndn::ptr_lib::shared_ptr<ndn::IdentityPolicyRule> m_endorseeRule;
+ ndn::ptr_lib::shared_ptr<ndn::SecRuleIdentity> m_dskRule;
+ ndn::ptr_lib::shared_ptr<ndn::SecRuleIdentity> m_endorseeRule;
ndn::ptr_lib::shared_ptr<ndn::Regex> m_keyNameRegex;
ndn::ptr_lib::shared_ptr<ndn::Regex> m_signingCertificateRegex;
std::map<ndn::Name, ndn::PublicKey, ndn::Name::BreadthFirstLess> m_trustAnchors;
diff --git a/src/chat-policy-rule.cpp b/src/sec-rule-chrono-chat.cpp
similarity index 62%
rename from src/chat-policy-rule.cpp
rename to src/sec-rule-chrono-chat.cpp
index a4a6245..b62b6a8 100644
--- a/src/chat-policy-rule.cpp
+++ b/src/sec-rule-chrono-chat.cpp
@@ -8,33 +8,33 @@
* Author: Yingdi Yu <yingdi@cs.ucla.edu>
*/
-#include "chat-policy-rule.h"
-#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
+#include "sec-rule-chrono-chat.h"
+#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
using namespace ndn;
using namespace std;
using namespace ndn::ptr_lib;
-ChatPolicyRule::ChatPolicyRule(shared_ptr<Regex> dataRegex,
- shared_ptr<Regex> signerRegex)
- : PolicyRule(PolicyRule::IDENTITY_POLICY, true)
+SecRuleChronoChat::SecRuleChronoChat(shared_ptr<Regex> dataRegex,
+ shared_ptr<Regex> signerRegex)
+ : SecRule(SecRule::IDENTITY_RULE, true)
, m_dataRegex(dataRegex)
, m_signerRegex(signerRegex)
{}
-ChatPolicyRule::ChatPolicyRule(const ChatPolicyRule& rule)
- : PolicyRule(PolicyRule::IDENTITY_POLICY, true)
+SecRuleChronoChat::SecRuleChronoChat(const SecRuleChronoChat& rule)
+ : SecRule(SecRule::IDENTITY_RULE, true)
, m_dataRegex(rule.m_dataRegex)
, m_signerRegex(rule.m_signerRegex)
{}
bool
-ChatPolicyRule::matchDataName(const Data & data)
+SecRuleChronoChat::matchDataName(const Data & data)
{ return m_dataRegex->match(data.getName()); }
bool
-ChatPolicyRule::matchSignerName(const Data & data)
+SecRuleChronoChat::matchSignerName(const Data & data)
{
try{
SignatureSha256WithRsa sig(data.getSignature());
@@ -48,9 +48,9 @@
}
bool
-ChatPolicyRule::satisfy(const Data & data)
+SecRuleChronoChat::satisfy(const Data & data)
{ return (matchDataName(data) && matchSignerName(data)) ? true : false ; }
bool
-ChatPolicyRule::satisfy(const Name & dataName, const Name & signerName)
+SecRuleChronoChat::satisfy(const Name & dataName, const Name & signerName)
{ return (m_dataRegex->match(dataName) && m_signerRegex->match(signerName)); }
diff --git a/src/chat-policy-rule.h b/src/sec-rule-chrono-chat.h
similarity index 65%
rename from src/chat-policy-rule.h
rename to src/sec-rule-chrono-chat.h
index fec4b69..d165122 100644
--- a/src/chat-policy-rule.h
+++ b/src/sec-rule-chrono-chat.h
@@ -8,23 +8,23 @@
* Author: Yingdi Yu <yingdi@cs.ucla.edu>
*/
-#ifndef CHAT_POLICY_RULE_H
-#define CHAT_POLICY_RULE_H
+#ifndef SEC_RULE_CHRONO_CHAT_H
+#define SEC_RULE_CHRONO_CHAT_H
-#include <ndn-cpp-et/policy-manager/policy-rule.hpp>
+#include <ndn-cpp-et/policy/sec-rule.hpp>
#include <ndn-cpp-et/regex/regex.hpp>
-class ChatPolicyRule : public ndn::PolicyRule
+class SecRuleChronoChat : public ndn::SecRule
{
public:
- ChatPolicyRule(ndn::ptr_lib::shared_ptr<ndn::Regex> dataRegex,
- ndn::ptr_lib::shared_ptr<ndn::Regex> signerRegex);
+ SecRuleChronoChat(ndn::ptr_lib::shared_ptr<ndn::Regex> dataRegex,
+ ndn::ptr_lib::shared_ptr<ndn::Regex> signerRegex);
- ChatPolicyRule(const ChatPolicyRule& rule);
+ SecRuleChronoChat(const SecRuleChronoChat& rule);
virtual
- ~ChatPolicyRule() {};
+ ~SecRuleChronoChat() {};
bool
matchDataName(const ndn::Data & data);