Adjust InvitationPolicyManager to take care of DSK validation only
diff --git a/src/invitation-policy-manager.cpp b/src/invitation-policy-manager.cpp
index 9016eb6..b526bb6 100644
--- a/src/invitation-policy-manager.cpp
+++ b/src/invitation-policy-manager.cpp
@@ -27,9 +27,9 @@
, m_certificateCache(certificateCache)
, m_localPrefixRegex(Ptr<Regex>(new Regex("^<local><ndn><prefix><><>$")))
{
- m_invitationDataRule = Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
- "^([^<KEY>]*)<KEY><DSK-.*><ID-CERT><>$",
- "==", "\\1", "\\1", true));
+ // m_invitationDataRule = Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
+ // "^([^<KEY>]*)<KEY><DSK-.*><ID-CERT><>$",
+ // "==", "\\1", "\\1", true));
m_dskRule = Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<KEY>]*)<KEY><DSK-.*><ID-CERT><>$",
"^([^<KEY>]*)<KEY>(<>*)<KSK-.*><ID-CERT><>$",
@@ -52,8 +52,8 @@
bool
InvitationPolicyManager::requireVerify (const Data & data)
{
- if(m_invitationDataRule->matchDataName(data))
- return true;
+ // if(m_invitationDataRule->matchDataName(data))
+ // return true;
if(m_dskRule->matchDataName(data))
return true;
@@ -84,46 +84,46 @@
const Name & keyLocatorName = sha256sig->getKeyLocator().getKeyName();
- if(m_invitationDataRule->satisfy(*data))
- {
- Ptr<const IdentityCertificate> trustedCert = m_certificateCache->getCertificate(keyLocatorName);
+ // if(m_invitationDataRule->satisfy(*data))
+ // {
+ // Ptr<const IdentityCertificate> trustedCert = m_certificateCache->getCertificate(keyLocatorName);
- if(NULL != trustedCert){
- if(verifySignature(*data, trustedCert->getPublicKeyInfo()))
- verifiedCallback(data);
- else
- unverifiedCallback(data);
+ // if(NULL != trustedCert){
+ // if(verifySignature(*data, trustedCert->getPublicKeyInfo()))
+ // verifiedCallback(data);
+ // else
+ // unverifiedCallback(data);
- return NULL;
- }
- else{
- _LOG_DEBUG("KeyLocator has not been cached and validated!");
+ // return NULL;
+ // }
+ // else{
+ // _LOG_DEBUG("KeyLocator has not been cached and validated!");
- DataCallback recursiveVerifiedCallback = boost::bind(&InvitationPolicyManager::onCertificateVerified,
- this,
- _1,
- data,
- verifiedCallback,
- unverifiedCallback);
+ // DataCallback recursiveVerifiedCallback = boost::bind(&InvitationPolicyManager::onCertificateVerified,
+ // this,
+ // _1,
+ // data,
+ // verifiedCallback,
+ // unverifiedCallback);
- UnverifiedCallback recursiveUnverifiedCallback = boost::bind(&InvitationPolicyManager::onCertificateUnverified,
- this,
- _1,
- data,
- unverifiedCallback);
+ // UnverifiedCallback recursiveUnverifiedCallback = boost::bind(&InvitationPolicyManager::onCertificateUnverified,
+ // this,
+ // _1,
+ // data,
+ // unverifiedCallback);
- Ptr<Interest> interest = Ptr<Interest>(new Interest(sha256sig->getKeyLocator().getKeyName()));
+ // Ptr<Interest> interest = Ptr<Interest>(new Interest(sha256sig->getKeyLocator().getKeyName()));
- Ptr<ValidationRequest> nextStep = Ptr<ValidationRequest>(new ValidationRequest(interest,
- recursiveVerifiedCallback,
- recursiveUnverifiedCallback,
- 0,
- stepCount + 1)
- );
- return nextStep;
- }
- }
+ // Ptr<ValidationRequest> nextStep = Ptr<ValidationRequest>(new ValidationRequest(interest,
+ // recursiveVerifiedCallback,
+ // recursiveUnverifiedCallback,
+ // 0,
+ // stepCount + 1)
+ // );
+ // return nextStep;
+ // }
+ // }
if(m_dskRule->satisfy(*data))
{
@@ -145,25 +145,25 @@
return NULL;
}
-void
-InvitationPolicyManager::onCertificateVerified(Ptr<Data> certData,
- Ptr<Data> originalData,
- const DataCallback& verifiedCallback,
- const UnverifiedCallback& unverifiedCallback)
-{
- IdentityCertificate certificate(*certData);
+// void
+// InvitationPolicyManager::onCertificateVerified(Ptr<Data> certData,
+// Ptr<Data> originalData,
+// const DataCallback& verifiedCallback,
+// const UnverifiedCallback& unverifiedCallback)
+// {
+// IdentityCertificate certificate(*certData);
- if(verifySignature(*originalData, certificate.getPublicKeyInfo()))
- verifiedCallback(originalData);
- else
- unverifiedCallback(originalData);
-}
+// if(verifySignature(*originalData, certificate.getPublicKeyInfo()))
+// verifiedCallback(originalData);
+// else
+// unverifiedCallback(originalData);
+// }
-void
-InvitationPolicyManager::onCertificateUnverified(Ptr<Data> certData,
- Ptr<Data> originalData,
- const UnverifiedCallback& unverifiedCallback)
-{ unverifiedCallback(originalData); }
+// void
+// InvitationPolicyManager::onCertificateUnverified(Ptr<Data> certData,
+// Ptr<Data> originalData,
+// const UnverifiedCallback& unverifiedCallback)
+// { unverifiedCallback(originalData); }
bool
InvitationPolicyManager::checkSigningPolicy(const Name & dataName, const Name & certificateName)
diff --git a/src/invitation-policy-manager.h b/src/invitation-policy-manager.h
index 7d4b944..c8316cd 100644
--- a/src/invitation-policy-manager.h
+++ b/src/invitation-policy-manager.h
@@ -21,8 +21,8 @@
class InvitationPolicyManager : public ndn::security::PolicyManager
{
public:
- InvitationPolicyManager(const int & stepLimit,
- ndn::Ptr<ndn::security::CertificateCache> certificateCache);
+ InvitationPolicyManager(const int & stepLimit = 10,
+ ndn::Ptr<ndn::security::CertificateCache> certificateCache = NULL);
~InvitationPolicyManager()
{}
@@ -79,17 +79,17 @@
void
addTrustAnchor(const EndorseCertificate& selfEndorseCertificate);
-private:
- void
- onCertificateVerified(ndn::Ptr<ndn::Data> certData,
- ndn::Ptr<ndn::Data> originalData,
- const ndn::DataCallback& verifiedCallback,
- const ndn::UnverifiedCallback& unverifiedCallback);
+// private:
+// void
+// onCertificateVerified(ndn::Ptr<ndn::Data> certData,
+// ndn::Ptr<ndn::Data> originalData,
+// const ndn::DataCallback& verifiedCallback,
+// const ndn::UnverifiedCallback& unverifiedCallback);
- void
- onCertificateUnverified(ndn::Ptr<ndn::Data> certData,
- ndn::Ptr<ndn::Data> originalData,
- const ndn::UnverifiedCallback& unverifiedCallback);
+// void
+// onCertificateUnverified(ndn::Ptr<ndn::Data> certData,
+// ndn::Ptr<ndn::Data> originalData,
+// const ndn::UnverifiedCallback& unverifiedCallback);
private:
int m_stepLimit;