security: Introduce validator
Change-Id: I38dbed9f07abd779ed7666771759d546cbfb0d20
diff --git a/src/logic.cpp b/src/logic.cpp
index f584da5..4c3fc55 100644
--- a/src/logic.cpp
+++ b/src/logic.cpp
@@ -49,6 +49,8 @@
int Logic::m_instanceCounter = 0;
#endif
+const ndn::Name Logic::DEFAULT_NAME;
+const ndn::shared_ptr<ndn::Validator> Logic::DEFAULT_VALIDATOR;
const time::steady_clock::Duration Logic::DEFAULT_RESET_TIMER = time::seconds(0);
const time::steady_clock::Duration Logic::DEFAULT_CANCEL_RESET_TIMER = time::milliseconds(500);
const time::milliseconds Logic::DEFAULT_RESET_INTEREST_LIFETIME(1000);
@@ -62,6 +64,8 @@
const Name& syncPrefix,
const Name& userPrefix,
const UpdateCallback& onUpdate,
+ const Name& signingId,
+ ndn::shared_ptr<ndn::Validator> validator,
const time::steady_clock::Duration& resetTimer,
const time::steady_clock::Duration& cancelResetTimer,
const time::milliseconds& resetInterestLifetime,
@@ -84,6 +88,8 @@
, m_resetInterestLifetime(resetInterestLifetime)
, m_syncInterestLifetime(syncInterestLifetime)
, m_syncReplyFreshness(syncReplyFreshness)
+ , m_signingId(signingId)
+ , m_validator(validator)
{
#ifdef _DEBUG
m_instanceId = m_instanceCounter++;
@@ -250,8 +256,12 @@
Logic::onSyncData(const Interest& interest, Data& data)
{
_LOG_DEBUG_ID(">> Logic::onSyncData");
- // Place holder for validator.
- onSyncDataValidated(data.shared_from_this());
+ if (static_cast<bool>(m_validator))
+ m_validator->validate(data,
+ bind(&Logic::onSyncDataValidated, this, _1),
+ bind(&Logic::onSyncDataValidationFailed, this, _1));
+ else
+ onSyncDataValidated(data.shared_from_this());
_LOG_DEBUG_ID("<< Logic::onSyncData");
}
@@ -544,7 +554,11 @@
shared_ptr<Data> syncReply = make_shared<Data>(name);
syncReply->setContent(state.wireEncode());
syncReply->setFreshnessPeriod(m_syncReplyFreshness);
- m_keyChain.sign(*syncReply);
+
+ if (m_signingId.empty())
+ m_keyChain.sign(*syncReply);
+ else
+ m_keyChain.signByIdentity(*syncReply, m_signingId);
m_face.put(*syncReply);
diff --git a/src/logic.hpp b/src/logic.hpp
index cd5cd29..acca168 100644
--- a/src/logic.hpp
+++ b/src/logic.hpp
@@ -32,6 +32,7 @@
#include <ndn-cxx/face.hpp>
#include <ndn-cxx/util/scheduler.hpp>
#include <ndn-cxx/security/key-chain.hpp>
+#include <ndn-cxx/security/validator.hpp>
#include "interest-table.hpp"
#include "diff-state-container.hpp"
@@ -84,6 +85,7 @@
* @param syncPrefix The prefix of the sync group
* @param userPrefix The prefix of the user who owns the session
* @param onUpdate The callback function to handle state updates
+ * @param validator The validator for packet validation
* @param resetTimer The timer to periodically send Reset Interest
* @param syncReplyFreshness The FreshnessPeriod of sync reply
* @param resetInterestLifetime The lifetime of sync interest
@@ -94,6 +96,8 @@
const Name& syncPrefix,
const Name& userPrefix,
const UpdateCallback& onUpdate,
+ const Name& signingId = DEFAULT_NAME,
+ ndn::shared_ptr<ndn::Validator> validator = DEFAULT_VALIDATOR,
const time::steady_clock::Duration& resetTimer = DEFAULT_RESET_TIMER,
const time::steady_clock::Duration& cancelResetTimer = DEFAULT_CANCEL_RESET_TIMER,
const time::milliseconds& resetInterestLifetime = DEFAULT_RESET_INTEREST_LIFETIME,
@@ -326,6 +330,10 @@
void
printDigest(ndn::ConstBufferPtr digest);
+public:
+ static const ndn::Name DEFAULT_NAME;
+ static const ndn::shared_ptr<ndn::Validator> DEFAULT_VALIDATOR;
+
private:
static const ndn::ConstBufferPtr EMPTY_DIGEST;
@@ -373,8 +381,10 @@
/// @brief FreshnessPeriod of SyncReply
time::milliseconds m_syncReplyFreshness;
- // Others
+ // Security
+ ndn::Name m_signingId;
ndn::KeyChain m_keyChain;
+ ndn::shared_ptr<ndn::Validator> m_validator;
#ifdef _DEBUG
int m_instanceId;
diff --git a/src/socket.cpp b/src/socket.cpp
index 55296ab..45c6890 100644
--- a/src/socket.cpp
+++ b/src/socket.cpp
@@ -30,16 +30,20 @@
namespace chronosync {
+const ndn::Name Socket::DEFAULT_NAME;
+const ndn::shared_ptr<ndn::Validator> Socket::DEFAULT_VALIDATOR;
+
Socket::Socket(const Name& syncPrefix,
const Name& userPrefix,
ndn::Face& face,
- const UpdateCallback& updateCallback)
+ const UpdateCallback& updateCallback,
+ const Name& signingId,
+ ndn::shared_ptr<ndn::Validator> validator)
: m_userPrefix(userPrefix)
, m_face(face)
- , m_logic(face,
- syncPrefix,
- userPrefix,
- updateCallback)
+ , m_logic(face, syncPrefix, userPrefix, updateCallback)
+ , m_signingId(signingId)
+ , m_validator(validator)
{
}
@@ -62,7 +66,10 @@
dataName.append(m_logic.getSessionName()).appendNumber(newSeq);
data->setName(dataName);
- m_keyChain.sign(*data);
+ if (m_signingId.empty())
+ m_keyChain.sign(*data);
+ else
+ m_keyChain.signByIdentity(*data, m_signingId);
m_face.put(*data);
@@ -116,8 +123,11 @@
const ndn::OnDataValidationFailed& onFailed)
{
_LOG_DEBUG("Socket::onData");
- // Placeholder for validator
- onValidated(data.shared_from_this());
+
+ if (static_cast<bool>(m_validator))
+ m_validator->validate(data, onValidated, onFailed);
+ else
+ onValidated(data.shared_from_this());
}
void
diff --git a/src/socket.hpp b/src/socket.hpp
index 11dc684..c01fb05 100644
--- a/src/socket.hpp
+++ b/src/socket.hpp
@@ -26,7 +26,6 @@
#define CHRONOSYNC_SOCKET_HPP
#include <ndn-cxx/face.hpp>
-#include <ndn-cxx/security/validation-request.hpp>
#include "logic.hpp"
@@ -61,7 +60,9 @@
Socket(const Name& syncPrefix,
const Name& userPrefix,
ndn::Face& face,
- const UpdateCallback& updateCallback);
+ const UpdateCallback& updateCallback,
+ const Name& signingId = DEFAULT_NAME,
+ ndn::shared_ptr<ndn::Validator> validator = DEFAULT_VALIDATOR);
/**
* @brief Publish a data packet in the session and trigger synchronization updates
@@ -143,6 +144,10 @@
onDataValidationFailed(const shared_ptr<const Data>& data,
const std::string& failureInfo);
+public:
+ static const ndn::Name DEFAULT_NAME;
+ static const ndn::shared_ptr<ndn::Validator> DEFAULT_VALIDATOR;
+
private:
Name m_userPrefix;
@@ -150,7 +155,9 @@
Logic m_logic;
+ ndn::Name m_signingId;
ndn::KeyChain m_keyChain;
+ ndn::shared_ptr<ndn::Validator> m_validator;
};
} // namespace chronosync