commit a1a688f19fef005d66fb4903202fa4eab703965d
author Yingdi Yu <yuyingdi@gmail.com> Thu Feb 06 18:09:22 2014 -0800
committer Yingdi Yu <yuyingdi@gmail.com> Tue Feb 11 22:13:10 2014 -0800
tree 04ccceb7e3872b631d67304671dea950f7ff3bf6
parent 6df6125913a3d8dcf106b3e8f2b44d83deffa5cc

api-changes: Use ndn-cpp-dev

Change-Id: I4540e601106598d51601e59e5fe9524a9080a572

src/validator-panel.cpp

diff --git a/src/validator-panel.cpp b/src/validator-panel.cpp
new file mode 100644
index 0000000..5622bc6
--- /dev/null
+++ b/src/validator-panel.cpp
@@ -0,0 +1,75 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
+/*
+ * Copyright (c) 2013, Regents of the University of California
+ *                     Yingdi Yu
+ *
+ * BSD license, See the LICENSE file for more information
+ *
+ * Author: Yingdi Yu <yingdi@cs.ucla.edu>
+ */
+
+#include "validator-panel.h"
+
+#include "logging.h"
+
+using namespace std;
+using namespace ndn;
+using namespace ndn::ptr_lib;
+
+INIT_LOGGER("ValidatorPanel");
+
+namespace chronos{
+
+const shared_ptr<CertificateCache> ValidatorPanel::DEFAULT_CERT_CACHE = shared_ptr<CertificateCache>();
+
+ValidatorPanel::ValidatorPanel(int stepLimit /* = 10 */,
+                               const shared_ptr<CertificateCache> certificateCache/* = DEFAULT_CERT_CACHE */)
+  : m_stepLimit(stepLimit)
+  , m_certificateCache(certificateCache)
+{  
+  m_endorseeRule = make_shared<SecRuleRelative>("^([^<DNS>]*)<DNS><>*<ENDORSEE><>$", 
+                                                "^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$", 
+                                                "==", "\\1", "\\1\\2", true);
+}
+
+
+
+void
+ValidatorPanel::checkPolicy (const Data& data, 
+                             int stepCount, 
+                             const OnDataValidated& onValidated, 
+                             const OnDataValidationFailed& onValidationFailed,
+                             vector<shared_ptr<ValidationRequest> >& nextSteps)
+{
+  if(m_stepLimit == stepCount)
+    {
+      _LOG_ERROR("Reach the maximum steps of verification!");
+      onValidationFailed(data.shared_from_this());
+      return;
+    }
+
+  try{
+    SignatureSha256WithRsa sig(data.getSignature());    
+    const Name& keyLocatorName = sig.getKeyLocator().getName();
+
+    if(m_endorseeRule->satisfy(data.getName(), keyLocatorName))
+      {
+        Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
+
+        if(m_trustAnchors.end() != m_trustAnchors.find(keyName) && Validator::verifySignature(data, sig, m_trustAnchors[keyName]))
+          onValidated(data.shared_from_this());
+        else
+          onValidationFailed(data.shared_from_this());
+      }
+    else
+      onValidationFailed(data.shared_from_this());
+
+    return;
+
+  }catch(...){
+    onValidationFailed(data.shared_from_this());
+    return;
+  }  
+}
+
+}//chronos