blob: 28b59038e4d186fdbf544259969a87583d44237f [file] [log] [blame]
Yingdi Yuea5f1c62013-10-22 16:59:43 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/*
3 * Copyright (c) 2013, Regents of the University of California
4 * Yingdi Yu
5 *
6 * BSD license, See the LICENSE file for more information
7 *
8 * Author: Yingdi Yu <yingdi@cs.ucla.edu>
9 */
10
Yingdi Yueaa84e22014-01-16 10:30:26 -080011#ifndef SEC_POLICY_CHRONO_CHAT_INVITATION_H
12#define SEC_POLICY_CHRONO_CHAT_INVITATION_H
Yingdi Yuea5f1c62013-10-22 16:59:43 -070013
Yingdi Yu6df61252014-01-21 11:05:11 -080014#include <ndn-cpp-dev/security/sec-policy.hpp>
15#include <ndn-cpp-et/policy/sec-rule-relative.hpp>
16#include <ndn-cpp-et/policy/sec-rule-specific.hpp>
Yingdi Yu64206112013-12-24 11:16:32 +080017#include <ndn-cpp-et/cache/ttl-certificate-cache.hpp>
18#include <ndn-cpp-et/regex/regex.hpp>
Yingdi Yuea5f1c62013-10-22 16:59:43 -070019#include <map>
20
Yingdi Yu53eb8a72013-10-23 11:50:51 -070021#include "endorse-certificate.h"
22
Yingdi Yueaa84e22014-01-16 10:30:26 -080023class SecPolicyChronoChatInvitation : public ndn::SecPolicy
Yingdi Yuea5f1c62013-10-22 16:59:43 -070024{
25public:
Yingdi Yueaa84e22014-01-16 10:30:26 -080026 SecPolicyChronoChatInvitation(const std::string& chatroomName,
27 const ndn::Name& signingIdentity,
28 int stepLimit = 10);
Yingdi Yu42f66462013-10-31 17:38:22 -070029
30 virtual
Yingdi Yueaa84e22014-01-16 10:30:26 -080031 ~SecPolicyChronoChatInvitation();
Yingdi Yuea5f1c62013-10-22 16:59:43 -070032
Yingdi Yuea5f1c62013-10-22 16:59:43 -070033 bool
Yingdi Yu42f66462013-10-31 17:38:22 -070034 skipVerifyAndTrust (const ndn::Data& data);
Yingdi Yuea5f1c62013-10-22 16:59:43 -070035
Yingdi Yuea5f1c62013-10-22 16:59:43 -070036 bool
Yingdi Yu42f66462013-10-31 17:38:22 -070037 requireVerify (const ndn::Data& data);
Yingdi Yuea5f1c62013-10-22 16:59:43 -070038
Yingdi Yu64206112013-12-24 11:16:32 +080039 ndn::ptr_lib::shared_ptr<ndn::ValidationRequest>
40 checkVerificationPolicy(const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
41 int stepCount,
42 const ndn::OnVerified& onVerified,
43 const ndn::OnVerifyFailed& onVerifyFailed);
Yingdi Yuea5f1c62013-10-22 16:59:43 -070044
Yingdi Yuea5f1c62013-10-22 16:59:43 -070045 bool
Yingdi Yu42f66462013-10-31 17:38:22 -070046 checkSigningPolicy(const ndn::Name& dataName,
47 const ndn::Name& certificateName);
48
Yingdi Yu53eb8a72013-10-23 11:50:51 -070049 ndn::Name
Yingdi Yu42f66462013-10-31 17:38:22 -070050 inferSigningIdentity(const ndn::Name& dataName);
Yingdi Yuea5f1c62013-10-22 16:59:43 -070051
Yingdi Yuea5f1c62013-10-22 16:59:43 -070052 void
Yingdi Yu53eb8a72013-10-23 11:50:51 -070053 addTrustAnchor(const EndorseCertificate& selfEndorseCertificate);
Yingdi Yu42f66462013-10-31 17:38:22 -070054
55 // void
56 // addChatDataRule(const ndn::Name& prefix,
57 // const ndn::security::IdentityCertificate identityCertificate);
Yingdi Yuea5f1c62013-10-22 16:59:43 -070058
Yingdi Yu64206112013-12-24 11:16:32 +080059 ndn::ptr_lib::shared_ptr<ndn::IdentityCertificate>
Yingdi Yu42f66462013-10-31 17:38:22 -070060 getValidatedDskCertificate(const ndn::Name& certName);
Yingdi Yuea5f1c62013-10-22 16:59:43 -070061
62private:
Yingdi Yu42f66462013-10-31 17:38:22 -070063 void
Yingdi Yu64206112013-12-24 11:16:32 +080064 onDskCertificateVerified(const ndn::ptr_lib::shared_ptr<ndn::Data>& certData,
65 ndn::ptr_lib::shared_ptr<ndn::Data> originalData,
66 const ndn::OnVerified& onVerified,
67 const ndn::OnVerifyFailed& onVerifyFailed);
Yingdi Yu42f66462013-10-31 17:38:22 -070068
69 void
Yingdi Yu64206112013-12-24 11:16:32 +080070 onDskCertificateVerifyFailed(const ndn::ptr_lib::shared_ptr<ndn::Data>& certData,
71 ndn::ptr_lib::shared_ptr<ndn::Data> originalData,
72 const ndn::OnVerifyFailed& onVerifyFailed);
73
Yingdi Yu42f66462013-10-31 17:38:22 -070074private:
75 std::string m_chatroomName;
Yingdi Yub35b8652013-11-07 11:32:40 -080076 ndn::Name m_signingIdentity;
Yingdi Yu42f66462013-10-31 17:38:22 -070077
Yingdi Yuea5f1c62013-10-22 16:59:43 -070078 int m_stepLimit;
Yingdi Yu42f66462013-10-31 17:38:22 -070079
Yingdi Yu64206112013-12-24 11:16:32 +080080 ndn::TTLCertificateCache m_certificateCache;
Yingdi Yu42f66462013-10-31 17:38:22 -070081
Yingdi Yu6df61252014-01-21 11:05:11 -080082 ndn::ptr_lib::shared_ptr<ndn::SecRuleRelative> m_invitationPolicyRule;
83 ndn::ptr_lib::shared_ptr<ndn::SecRuleRelative> m_dskRule;
84 std::map<ndn::Name, ndn::SecRuleSpecific> m_chatDataRules;
Yingdi Yu42f66462013-10-31 17:38:22 -070085
Yingdi Yu64206112013-12-24 11:16:32 +080086 ndn::ptr_lib::shared_ptr<ndn::Regex> m_kskRegex;
87 ndn::ptr_lib::shared_ptr<ndn::Regex> m_keyNameRegex;
Yingdi Yu42f66462013-10-31 17:38:22 -070088
Yingdi Yu6df61252014-01-21 11:05:11 -080089 std::map<ndn::Name, ndn::PublicKey> m_trustAnchors;
Yingdi Yu42f66462013-10-31 17:38:22 -070090
Yingdi Yu6df61252014-01-21 11:05:11 -080091 std::map<ndn::Name, ndn::ptr_lib::shared_ptr<ndn::IdentityCertificate> > m_dskCertificates;
Yingdi Yu42f66462013-10-31 17:38:22 -070092
Yingdi Yuea5f1c62013-10-22 16:59:43 -070093};
94
Yingdi Yu42f66462013-10-31 17:38:22 -070095#endif //CHATROOM_POLICY_MANAGER_H