Blame - src/chatroom-policy-manager.cpp - ChronoChat

blob: 394f8ee9f4ce664761baa7202a8648650f3bb7a1 [file] [log] [blame]

Yingdi Yu	7255c95	2013-10-23 15:09:15 -0700	[diff] [blame]	1	/* -- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -- */
				2	/*
				3	* Copyright (c) 2013, Regents of the University of California
				4	* Yingdi Yu
				5	*
				6	* BSD license, See the LICENSE file for more information
				7	*
				8	* Author: Yingdi Yu <yingdi@cs.ucla.edu>
				9	*/
				10
				11	#include "chatroom-policy-manager.h"
				12
				13	#include <ndn.cxx/security/cache/ttl-certificate-cache.h>
				14
				15	#include "logging.h"
				16
				17	using namespace std;
				18	using namespace ndn;
				19	using namespace ndn::security;
				20
				21	INIT_LOGGER("ChatroomPolicyManager");
				22
				23	ChatroomPolicyManager::ChatroomPolicyManager(int stepLimit,
				24	Ptr<CertificateCache> certificateCache)
				25	: m_stepLimit(stepLimit)
				26	, m_certificateCache(certificateCache)
				27	{
				28	if(m_certificateCache == NULL)
				29	m_certificateCache = Ptr<TTLCertificateCache>(new TTLCertificateCache());
				30
				31	m_invitationPolicyRule = Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^<ndn><broadcast><chronos><invitation>([^<chatroom>]*)<chatroom>",
				32	"^([^<KEY>])<KEY><DSK-.><ID-CERT><>$",
				33	"==", "\\1", "\\1", true));
				34
				35	m_dskRule = Ptr<IdentityPolicyRule>(new IdentityPolicyRule("^([^<KEY>])<KEY><DSK-.><ID-CERT><>$",
				36	"^([^<KEY>])<KEY>(<>)<KSK-.*><ID-CERT><>$",
				37	"==", "\\1", "\\1\\2", true));
				38
				39	m_keyNameRegex = Ptr<Regex>(new Regex("^([^<KEY>])<KEY>(<><KSK-.*>)<ID-CERT><>$", "\\1\\2"));
				40	}
				41
				42	ChatroomPolicyManager::~ChatroomPolicyManager()
				43	{}
				44
				45	bool
				46	ChatroomPolicyManager::skipVerifyAndTrust (const Data& data)
				47	{ return false; }
				48
				49	bool
				50	ChatroomPolicyManager::requireVerify (const Data& data)
				51	{ return true; }
				52
				53	Ptr<ValidationRequest>
				54	ChatroomPolicyManager::checkVerificationPolicy(Ptr<Data> data,
				55	const int& stepCount,
				56	const DataCallback& verifiedCallback,
				57	const UnverifiedCallback& unverifiedCallback)
				58	{
				59	if(m_stepLimit == stepCount)
				60	{
				61	_LOG_DEBUG("reach the maximum steps of verification");
				62	unverifiedCallback(data);
				63	return NULL;
				64	}
				65
				66	Ptr<const signature::Sha256WithRsa> sha256sig = boost::dynamic_pointer_cast<const signature::Sha256WithRsa> (data->getSignature());
				67
				68	if(KeyLocator::KEYNAME != sha256sig->getKeyLocator().getType())
				69	{
				70	unverifiedCallback(data);
				71	return NULL;
				72	}
				73
				74	const Name & keyLocatorName = sha256sig->getKeyLocator().getKeyName();
				75
				76	if(m_invitationPolicyRule->satisfy(*data))
				77	{
				78	Ptr<const IdentityCertificate> trustedCert = m_certificateCache->getCertificate(keyLocatorName);
				79
				80	if(NULL != trustedCert){
				81	if(verifySignature(*data, trustedCert->getPublicKeyInfo()))
				82	verifiedCallback(data);
				83	else
				84	unverifiedCallback(data);
				85
				86	return NULL;
				87	}
				88	else{
				89	_LOG_DEBUG("KeyLocator has not been cached and validated!");
				90
				91	DataCallback recursiveVerifiedCallback = boost::bind(&ChatroomPolicyManager::onCertificateVerified,
				92	this,
				93	_1,
				94	data,
				95	verifiedCallback,
				96	unverifiedCallback);
				97
				98	UnverifiedCallback recursiveUnverifiedCallback = boost::bind(&ChatroomPolicyManager::onCertificateUnverified,
				99	this,
				100	_1,
				101	data,
				102	unverifiedCallback);
				103
				104
				105	Ptr<Interest> interest = Ptr<Interest>(new Interest(keyLocatorName));
				106
				107	Ptr<ValidationRequest> nextStep = Ptr<ValidationRequest>(new ValidationRequest(interest,
				108	recursiveVerifiedCallback,
				109	recursiveUnverifiedCallback,
				110	0,
				111	stepCount + 1)
				112	);
				113	return nextStep;
				114	}
				115	}
				116
				117	if(m_dskRule->satisfy(*data))
				118	{
				119	m_keyNameRegex->match(keyLocatorName);
				120	Name keyName = m_keyNameRegex->expand();
				121
				122	if(m_trustAnchors.end() != m_trustAnchors.find(keyName))
				123	if(verifySignature(*data, m_trustAnchors[keyName]))
				124	verifiedCallback(data);
				125	else
				126	unverifiedCallback(data);
				127	else
				128	unverifiedCallback(data);
				129
				130	return NULL;
				131	}
				132
				133	unverifiedCallback(data);
				134	return NULL;
				135	}
				136
				137	bool
				138	ChatroomPolicyManager::checkSigningPolicy(const Name& dataName,
				139	const Name& certificateName)
				140	{
				141	//TODO:
				142	}
				143
				144	Name
				145	ChatroomPolicyManager::inferSigningIdentity(const Name& dataName)
				146	{
				147	//TODO:
				148	}
				149
				150	void
				151	ChatroomPolicyManager::addTrustAnchor(const EndorseCertificate& selfEndorseCertificate)
				152	{ m_trustAnchors.insert(pair <Name, Publickey > (selfEndorseCertificate.getPublicKeyName(), selfEndorseCertificate.getPublicKeyInfo())); }
				153
				154	void
				155	ChatroomPolicyManager::onCertificateVerified(Ptr<Data> certData,
				156	Ptr<Data> originalData,
				157	const DataCallback& verifiedCallback,
				158	const UnverifiedCallback& unverifiedCallback)
				159	{
				160	Ptr<IdentityCertificate> certificate = Ptr<IdentityCertificate>(new IdentityCertificate(*certData));
				161	m_certificateCache->insertCertificate(certificate);
				162
				163	if(verifySignature(*originalData, certificate->getPublicKeyInfo()))
				164	verifiedCallback(originalData);
				165	else
				166	unverifiedCallback(originalData);
				167	}
				168
				169	void
				170	ChatroomPolicyManager::onCertificateUnverified(Ptr<Data> certData,
				171	Ptr<Data> originalData,
				172	const UnverifiedCallback& unverifiedCallback)
				173	{ unverifiedCallback(originalData); }
				174