security/validation-contact-manager.conf - ChronoChat - Gitiles

 rule
 {
   id "ENDORSED"
   for data
   filter
   {
     type name
     regex ^([^<DNS>]*)<DNS><ENDORSED>
   }
   checker
   {
     type customized
     sig-type rsa-sha256
     key-locator
     {
       type name
       hyper-relation
       {
         k-regex ^([^<KEY>]*)<KEY><>*$
         k-expand \\1
         h-relation equal
         p-regex ^([^<DNS>]*)<DNS><ENDORSED>
         p-expand \\1
       }
     }
   }
 }

 rule
 {
   id "ENDORSEE"
   for data
   filter
   {
     type name
     regex ^([^<DNS>]*)<DNS><><ENDORSEE>
   }
   checker
   {
     type customized
     sig-type rsa-sha256
     key-locator
     {
       type name
       hyper-relation
       {
         k-regex ^([^<KEY>]*)<KEY><>*$
         k-expand \\1
         h-relation equal
         p-regex ^([^<DNS>]*)<DNS><><ENDORSEE>
         p-expand \\1
       }
     }
   }
 }

 rule
 {
   id "PROFILE"
   for data
   filter
   {
     type name
     regex ^([^<DNS>]*)<DNS><PROFILE>
   }
   checker
   {
     type customized
     sig-type rsa-sha256
     key-locator
     {
       type name
       hyper-relation
       {
         k-regex ^([^<KEY>]*)<KEY><>*$
         k-expand \\1
         h-relation equal
         p-regex ^([^<DNS>]*)<DNS><PROFILE>
         p-expand \\1
       }
     }
   }
 }

 rule
 {
   id "ALL"
   for data
   filter
   {
     type name
     regex ^(<>*)$
   }
   checker
   {
     type customized
     sig-type rsa-sha256
     key-locator
     {
       type name
       hyper-relation
       {
         k-regex ^([^<KEY>]*)<KEY><>*$
         k-expand \\1
         h-relation is-strict-prefix-of
         p-regex ^(<>*)$
         p-expand \\1
       }
     }
   }
 }

 trust-anchor
 {
   type dir
   dir "."
 }
	rule
	{
	id "ENDORSED"
	for data
	filter
	{
	type name
	regex ^([^<DNS>]*)<DNS><ENDORSED>
	}
	checker
	{
	type customized
	sig-type rsa-sha256
	key-locator
	{
	type name
	hyper-relation
	{
	k-regex ^([^<KEY>])<KEY><>$
	k-expand \\1
	h-relation equal
	p-regex ^([^<DNS>]*)<DNS><ENDORSED>
	p-expand \\1
	}
	}
	}
	}

	rule
	{
	id "ENDORSEE"
	for data
	filter
	{
	type name
	regex ^([^<DNS>]*)<DNS><><ENDORSEE>
	}
	checker
	{
	type customized
	sig-type rsa-sha256
	key-locator
	{
	type name
	hyper-relation
	{
	k-regex ^([^<KEY>])<KEY><>$
	k-expand \\1
	h-relation equal
	p-regex ^([^<DNS>]*)<DNS><><ENDORSEE>
	p-expand \\1
	}
	}
	}
	}

	rule
	{
	id "PROFILE"
	for data
	filter
	{
	type name
	regex ^([^<DNS>]*)<DNS><PROFILE>
	}
	checker
	{
	type customized
	sig-type rsa-sha256
	key-locator
	{
	type name
	hyper-relation
	{
	k-regex ^([^<KEY>])<KEY><>$
	k-expand \\1
	h-relation equal
	p-regex ^([^<DNS>]*)<DNS><PROFILE>
	p-expand \\1
	}
	}
	}
	}

	rule
	{
	id "ALL"
	for data
	filter
	{
	type name
	regex ^(<>*)$
	}
	checker
	{
	type customized
	sig-type rsa-sha256
	key-locator
	{
	type name
	hyper-relation
	{
	k-regex ^([^<KEY>])<KEY><>$
	k-expand \\1
	h-relation is-strict-prefix-of
	p-regex ^(<>*)$
	p-expand \\1
	}
	}
	}
	}

	trust-anchor
	{
	type dir
	dir "."
	}