Gitiles
Code Review Sign In
gerrit.named-data.net / ChronoSync / 6e235db7ec1df8e6a26c28345b9e9341f84823ce / . / src / sync-policy-manager.cc
blob: d8cb1c1093ea67b97c08c2c6ed2ebc50bcd56922 [file] [log] [blame]
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/*
3 * Copyright (c) 2013, Regents of the University of California
4 * Yingdi Yu
5 *
6 * BSD license, See the LICENSE file for more information
7 *
8 * Author: Yingdi Yu <yingdi@cs.ucla.edu>
9 */
10
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]11#include "sync-intro-certificate.h"
12#include "sync-logging.h"
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]13#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
14#include <ndn-cpp/security/identity/osx-private-key-storage.hpp>
15#include <ndn-cpp/sha256-with-rsa-signature.hpp>
16#include <ndn-cpp/security/signature/sha256-with-rsa-handler.hpp>
17
18#include "sync-policy-manager.h"
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]19
20using namespace ndn;
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]21using namespace ndn::ptr_lib;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]22using namespace std;
23
24INIT_LOGGER("SyncPolicyManager");
25
26SyncPolicyManager::SyncPolicyManager(const Name& signingIdentity,
27 const Name& signingCertificateName,
28 const Name& syncPrefix,
Yingdi Yu6e235db2013-12-27 08:40:53 +0800[diff] [blame^]29 shared_ptr<Face> face,
30 shared_ptr<Transport> transport,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]31 int stepLimit)
32 : m_signingIdentity(signingIdentity)
33 , m_signingCertificateName(signingCertificateName.getPrefix(signingCertificateName.size()-1))
34 , m_syncPrefix(syncPrefix)
35 , m_stepLimit(stepLimit)
36{
Yingdi Yu6e235db2013-12-27 08:40:53 +0800[diff] [blame^]37 // m_transport = make_shared<TcpTransport>();
38 // m_face = make_shared<Face>(m_transport, make_shared<TcpTransport::ConnectionInfo>("localhost"));
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]39
Yingdi Yu6e235db2013-12-27 08:40:53 +0800[diff] [blame^]40 // connectToDaemon();
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]41
42 shared_ptr<IdentityStorage> publicStorage = make_shared<BasicIdentityStorage>();
43 shared_ptr<PrivateKeyStorage> privateStorage = make_shared<OSXPrivateKeyStorage>();
44 m_identityManager = make_shared<IdentityManager>(publicStorage, privateStorage);
45
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]46 Name wotPrefix = syncPrefix;
47 wotPrefix.append("WOT");
48 m_syncPrefixRegex = Regex::fromName(syncPrefix);
49 m_wotPrefixRegex = Regex::fromName(wotPrefix);
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]50 m_chatDataPolicy = make_shared<IdentityPolicyRule>("^[^<%F0.>]*<%F0.>([^<chronos>]*)<chronos><>",
51 "^([^<KEY>]*)<KEY>(<>*)[<dsk-.*><ksk-.*>]<ID-CERT>$",
52 "==", "\\1", "\\1", true);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]53}
54
55SyncPolicyManager::~SyncPolicyManager()
56{}
57
Yingdi Yu6e235db2013-12-27 08:40:53 +0800[diff] [blame^]58// void
59// SyncPolicyManager::connectToDaemon()
60// {
61// //Hack! transport does not connect to daemon unless an interest is expressed.
62// Name name("/ndn");
63// shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(name);
64// m_face->expressInterest(*interest,
65// bind(&SyncPolicyManager::onConnectionData, this, _1, _2),
66// bind(&SyncPolicyManager::onConnectionDataTimeout, this, _1));
67// }
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]68
Yingdi Yu6e235db2013-12-27 08:40:53 +0800[diff] [blame^]69// void
70// SyncPolicyManager::onConnectionData(const shared_ptr<const ndn::Interest>& interest,
71// const shared_ptr<Data>& data)
72// {
73// _LOG_DEBUG("onConnectionData");
74// }
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]75
Yingdi Yu6e235db2013-12-27 08:40:53 +0800[diff] [blame^]76// void
77// SyncPolicyManager::onConnectionDataTimeout(const shared_ptr<const ndn::Interest>& interest)
78// {
79// _LOG_DEBUG("onConnectionDataTimeout");
80// }
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]81
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]82bool
83SyncPolicyManager::skipVerifyAndTrust (const Data& data)
84{ return false; }
85
86bool
87SyncPolicyManager::requireVerify (const Data& data)
88{ return true; }
89
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]90shared_ptr<ValidationRequest>
91SyncPolicyManager::checkVerificationPolicy(const shared_ptr<Data>& data,
92 int stepCount,
93 const OnVerified& onVerified,
94 const OnVerifyFailed& onVerifyFailed)
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]95{
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]96 if(stepCount > m_stepLimit)
97 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]98 onVerifyFailed(data);
99 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]100 }
101
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]102 const Sha256WithRsaSignature* sigPtr = dynamic_cast<const Sha256WithRsaSignature*> (data->getSignature());
103 if(ndn_KeyLocatorType_KEYNAME != sigPtr->getKeyLocator().getType())
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]104 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]105 onVerifyFailed(data);
106 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]107 }
108
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]109 const Name& keyLocatorName = sigPtr->getKeyLocator().getKeyName();
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]110
111 // if data is intro cert
112 if(m_wotPrefixRegex->match(data->getName()))
113 {
Yingdi Yu1baf6e02013-11-07 11:35:32 -0800[diff] [blame]114 // _LOG_DEBUG("Intro Cert");
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]115 Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]116 map<string, PublicKey>::const_iterator it = m_trustedIntroducers.find(keyName.toUri());
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]117 if(m_trustedIntroducers.end() != it)
118 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]119 if(Sha256WithRsaHandler::verifySignature(*data, it->second))
120 onVerified(data);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]121 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]122 onVerifyFailed(data);
123 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]124 }
125 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]126 return prepareRequest(keyName, true, data, stepCount, onVerified, onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]127 }
128
129 // if data is sync data or chat data
130 if(m_syncPrefixRegex->match(data->getName()) || m_chatDataPolicy->satisfy(*data))
131 {
132 Name keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocatorName);
133
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]134 map<string, PublicKey>::const_iterator it = m_trustedIntroducers.find(keyName.toUri());
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]135 if(m_trustedIntroducers.end() != it)
136 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]137 if(Sha256WithRsaHandler::verifySignature(*data, it->second))
138 onVerified(data);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]139 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]140 onVerifyFailed(data);
141 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]142 }
143
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]144 it = m_trustedProducers.find(keyName.toUri());
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]145 if(m_trustedProducers.end() != it)
146 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]147 if(Sha256WithRsaHandler::verifySignature(*data, it->second))
148 onVerified(data);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]149 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]150 onVerifyFailed(data);
151 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]152 }
Yingdi Yu0b3bd482013-11-01 16:11:20 -0700[diff] [blame]153
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]154 return prepareRequest(keyName, false, data, stepCount, onVerified, onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]155 }
156
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]157 onVerifyFailed(data);
158 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]159}
160
161bool
162SyncPolicyManager::checkSigningPolicy(const Name& dataName,
163 const Name& certificateName)
164{
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]165 return true;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]166}
167
168Name
169SyncPolicyManager::inferSigningIdentity(const ndn::Name& dataName)
170{ return m_signingIdentity; }
171
172void
173SyncPolicyManager::addTrustAnchor(const IdentityCertificate& identityCertificate, bool isIntroducer)
174{
Yingdi Yu1baf6e02013-11-07 11:35:32 -0800[diff] [blame]175 // _LOG_DEBUG("Add intro/producer: " << identityCertificate.getPublicKeyName());
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]176 if(isIntroducer)
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]177 m_trustedIntroducers.insert(pair <string, PublicKey > (identityCertificate.getPublicKeyName().toUri(),
178 identityCertificate.getPublicKeyInfo()));
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]179 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]180 m_trustedProducers.insert(pair <string, PublicKey > (identityCertificate.getPublicKeyName().toUri(),
181 identityCertificate.getPublicKeyInfo()));
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]182}
183
184void
185SyncPolicyManager::addChatDataRule(const Name& prefix,
186 const IdentityCertificate& identityCertificate,
187 bool isIntroducer)
188{
189 // Name dataPrefix = prefix;
190 // dataPrefix.append("chronos").append(m_syncPrefix.get(-1));
191 // Ptr<Regex> dataRegex = Regex::fromName(prefix);
192 // Name certName = identityCertificate.getName();
193 // Name signerName = certName.getPrefix(certName.size()-1);
194 // Ptr<Regex> signerRegex = Regex::fromName(signerName, true);
195
196 // SpecificPolicyRule rule(dataRegex, signerRegex);
197 // map<Name, SpecificPolicyRule>::iterator it = m_chatDataRules.find(dataPrefix);
198 // if(it != m_chatDataRules.end())
199 // it->second = rule;
200 // else
201 // m_chatDataRules.insert(pair <Name, SpecificPolicyRule > (dataPrefix, rule));
202
203 addTrustAnchor(identityCertificate, isIntroducer);
204}
205
206
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]207shared_ptr<const vector<Name> >
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]208SyncPolicyManager::getAllIntroducerName()
209{
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]210 shared_ptr<vector<Name> > nameList = make_shared<vector<Name> >();
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]211
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]212 map<string, PublicKey>::iterator it = m_trustedIntroducers.begin();
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]213 for(; it != m_trustedIntroducers.end(); it++)
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]214 nameList->push_back(Name(it->first));
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]215
216 return nameList;
217}
218
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]219shared_ptr<ValidationRequest>
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]220SyncPolicyManager::prepareRequest(const Name& keyName,
221 bool forIntroducer,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]222 shared_ptr<Data> data,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]223 const int & stepCount,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]224 const OnVerified& onVerified,
225 const OnVerifyFailed& onVerifyFailed)
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]226{
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]227 shared_ptr<Name> interestPrefixName = make_shared<Name>(m_syncPrefix);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]228 interestPrefixName->append("WOT").append(keyName).append("INTRO-CERT");
229
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]230 shared_ptr<const vector<Name> > nameList = getAllIntroducerName();
Yingdi Yu0b3bd482013-11-01 16:11:20 -0700[diff] [blame]231 if(0 == nameList->size())
232 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]233 onVerifyFailed(data);
234 return SYNC_POLICY_MANAGER_NULL_VALIDATION_REQUEST_PTR;
Yingdi Yu0b3bd482013-11-01 16:11:20 -0700[diff] [blame]235 }
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]236
237 Name interestName = *interestPrefixName;
238 interestName.append(nameList->at(0));
239
240 if(forIntroducer)
241 interestName.append("INTRODUCER");
242
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]243 shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(interestName);
Yingdi Yu1baf6e02013-11-07 11:35:32 -0800[diff] [blame]244 // _LOG_DEBUG("send interest for intro cert: " << interest->getName());
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]245 interest->setChildSelector(ndn_Interest_CHILD_SELECTOR_RIGHT);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]246
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]247 OnVerified requestedCertVerifiedCallback = boost::bind(&SyncPolicyManager::onIntroCertVerified,
248 this,
249 _1,
250 forIntroducer,
251 data,
252 onVerified,
253 onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]254
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]255 OnVerifyFailed requestedCertUnverifiedCallback = boost::bind(&SyncPolicyManager::onIntroCertVerifyFailed,
256 this,
257 _1,
258 interestPrefixName,
259 forIntroducer,
260 nameList,
261 1,
262 data,
263 onVerified,
264 onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]265
266
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]267 shared_ptr<ValidationRequest> nextStep = make_shared<ValidationRequest>(interest,
268 requestedCertVerifiedCallback,
269 requestedCertUnverifiedCallback,
270 1,
271 m_stepLimit-1);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]272 return nextStep;
273}
274
275void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]276SyncPolicyManager::OnIntroCertInterest(const shared_ptr<const Name>& prefix,
277 const shared_ptr<const ndn::Interest>& interest,
278 Transport& transport,
279 uint64_t registeredPrefixId)
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]280{
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]281 map<string, Data>::const_iterator it = m_introCert.find(prefix->toUri());
282
283 if(m_introCert.end() != it)
284 {
285 Blob encodedData = it->second.wireEncode();
286 transport.send(*encodedData);
287 }
288}
289
290void
291SyncPolicyManager::OnIntroCertRegisterFailed(const shared_ptr<const Name>& prefix)
292{
293}
294
295void
296SyncPolicyManager::onIntroCertVerified(const shared_ptr<Data>& introCertificateData,
297 bool forIntroducer,
298 shared_ptr<Data> originalData,
299 const OnVerified& onVerified,
300 const OnVerifyFailed& onVerifyFailed)
301{
302 shared_ptr<SyncIntroCertificate> introCertificate = make_shared<SyncIntroCertificate>(*introCertificateData);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]303 if(forIntroducer)
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]304 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]305 m_trustedIntroducers.insert(pair <string, PublicKey > (introCertificate->getPublicKeyName().toUri(),
306 introCertificate->getPublicKeyInfo()));
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]307 SyncIntroCertificate syncIntroCertificate(m_syncPrefix,
308 introCertificate->getPublicKeyName(),
309 m_identityManager->getDefaultKeyNameForIdentity(m_signingIdentity),
310 introCertificate->getNotBefore(),
311 introCertificate->getNotAfter(),
312 introCertificate->getPublicKeyInfo(),
313 SyncIntroCertificate::INTRODUCER);
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]314
315 Name certName = m_identityManager->getDefaultCertificateNameForIdentity(m_signingIdentity);
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]316 _LOG_DEBUG("Publish Intro Certificate on Verified: " << syncIntroCertificate.getName());
317 m_identityManager->signByCertificate(syncIntroCertificate, certName);
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]318
319 m_transport->send(*syncIntroCertificate.wireEncode());
320
321 // Name prefix = syncIntroCertificate.getName().getPrefix(syncIntroCertificate.getName().size()-1);
322
323 // map<string, Data>::const_iterator it = m_introCert.find(prefix.toEscapedString());
324 // if(m_introCert.end() != it)
325 // {
326 // it->second = syncIntroCertificate;
327 // }
328 // else
329 // {
330 // m_introCert.insert(pair <string, Data> (prefix.toEscapedString(), syncIntroCertificate));
331 // m_face->registerPrefix(prefix,
332 // boost::bind(&SyncPolicyManager::onIntroCertInterest, this, _1, _2, _3, _4),
333 // boost::bind(&SyncPolicyManager::onIntroCertRegisterFailed, this, _1));
334 // }
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]335 }
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]336 else
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]337 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]338 m_trustedProducers.insert(pair <string, PublicKey > (introCertificate->getPublicKeyName().toUri(),
339 introCertificate->getPublicKeyInfo()));
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]340 SyncIntroCertificate syncIntroCertificate(m_syncPrefix,
341 introCertificate->getPublicKeyName(),
342 m_identityManager->getDefaultKeyNameForIdentity(m_signingIdentity),
343 introCertificate->getNotBefore(),
344 introCertificate->getNotAfter(),
345 introCertificate->getPublicKeyInfo(),
346 SyncIntroCertificate::PRODUCER);
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]347
348 Name certName = m_identityManager->getDefaultCertificateNameForIdentity(m_signingIdentity);
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]349 _LOG_DEBUG("Publish Intro Certificate on Verified: " << syncIntroCertificate.getName());
350 m_identityManager->signByCertificate(syncIntroCertificate, certName);
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]351
352 m_transport->send(*syncIntroCertificate.wireEncode());
353
354 // Name prefix = syncIntroCertificate.getName().getPrefix(syncIntroCertificate.getName().size()-1);
355
356 // map<string, Data>::const_iterator it = m_introCert.find(prefix.toEscapedString());
357 // if(m_introCert.end() != it)
358 // {
359 // it->second = syncIntroCertificate;
360 // }
361 // else
362 // {
363 // m_introCert.insert(pair <string, Data> (prefix.toEscapedString(), syncIntroCertificate));
364 // m_face->registerPrefix(prefix,
365 // boost::bind(&SyncPolicyManager::onIntroCertInterest, this, _1, _2, _3, _4),
366 // boost::bind(&SyncPolicyManager::onIntroCertRegisterFailed, this, _1));
367 // }
Yingdi Yu7bfcd652013-11-12 13:15:33 -0800[diff] [blame]368 }
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]369
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]370 if(Sha256WithRsaHandler::verifySignature(*originalData, introCertificate->getPublicKeyInfo()))
371 onVerified(originalData);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]372 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]373 onVerifyFailed(originalData);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]374}
375
376void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]377SyncPolicyManager::onIntroCertVerifyFailed(const shared_ptr<Data>& introCertificateData,
378 shared_ptr<Name> interestPrefixName,
379 bool forIntroducer,
380 shared_ptr<const vector<Name> > introNameList,
381 int nextIntroducerIndex,
382 shared_ptr<Data> originalData,
383 const OnVerified& onVerified,
384 const OnVerifyFailed& onVerifyFailed)
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]385{
386 Name interestName = *interestPrefixName;
387 if(nextIntroducerIndex < introNameList->size())
388 interestName.append(introNameList->at(nextIntroducerIndex));
389 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]390 onVerifyFailed(originalData);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]391
392 if(forIntroducer)
393 interestName.append("INTRODUCER");
394
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]395 shared_ptr<ndn::Interest> interest = make_shared<ndn::Interest>(interestName);
396 interest->setChildSelector(ndn_Interest_CHILD_SELECTOR_RIGHT);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]397
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]398 OnVerified onRecursiveVerified = boost::bind(&SyncPolicyManager::onIntroCertVerified,
399 this,
400 _1,
401 forIntroducer,
402 originalData,
403 onVerified,
404 onVerifyFailed);
405
406 OnVerifyFailed onRecursiveVerifyFailed = boost::bind(&SyncPolicyManager::onIntroCertVerifyFailed,
407 this,
408 _1,
409 interestPrefixName,
410 forIntroducer,
411 introNameList,
412 nextIntroducerIndex + 1,
413 originalData,
414 onVerified,
415 onVerifyFailed);
416
417 m_face->expressInterest(*interest,
418 boost::bind(&SyncPolicyManager::onIntroCertData,
419 this,
420 _1,
421 _2,
422 m_stepLimit-1,
423 onRecursiveVerified,
424 onRecursiveVerifyFailed,
425 originalData,
426 onVerifyFailed),
427 boost::bind(&SyncPolicyManager::onIntroCertTimeout,
428 this,
429 _1,
430 1,
431 m_stepLimit-1,
432 onRecursiveVerified,
433 onRecursiveVerifyFailed,
434 originalData,
435 onVerifyFailed));
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]436}
437
438void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]439SyncPolicyManager::onIntroCertData(const shared_ptr<const ndn::Interest> &interest,
440 const shared_ptr<Data>& introCertificateData,
441 int stepCount,
442 const OnVerified& onRecursiveVerified,
443 const OnVerifyFailed& onRecursiveVerifyFailed,
444 shared_ptr<Data> originalData,
445 const OnVerifyFailed& onVerifyFailed)
446{
447 shared_ptr<ValidationRequest> nextStep = checkVerificationPolicy(introCertificateData, stepCount, onRecursiveVerified, onRecursiveVerifyFailed);
448 if (nextStep)
449 m_face->expressInterest
450 (*nextStep->interest_,
451 boost::bind(&SyncPolicyManager::onIntroCertData,
452 this,
453 _1,
454 _2,
455 nextStep->stepCount_,
456 nextStep->onVerified_,
457 nextStep->onVerifyFailed_,
458 introCertificateData,
459 onRecursiveVerifyFailed),
460 boost::bind(&SyncPolicyManager::onIntroCertTimeout,
461 this,
462 _1,
463 nextStep->retry_,
464 nextStep->stepCount_,
465 nextStep->onVerified_,
466 nextStep->onVerifyFailed_,
467 introCertificateData,
468 onRecursiveVerifyFailed));
469}
470
471void
472SyncPolicyManager::onIntroCertTimeout(const shared_ptr<const ndn::Interest>& interest,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]473 int retry,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]474 int stepCount,
475 const OnVerified& onRecursiveVerified,
476 const OnVerifyFailed& onRecursiveVerifyFailed,
477 shared_ptr<Data> originalData,
478 const OnVerifyFailed& onVerifyFailed)
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]479{
480 if(retry > 0)
481 {
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]482 m_face->expressInterest(*interest,
483 boost::bind(&SyncPolicyManager::onIntroCertData,
484 this,
485 _1,
486 _2,
487 stepCount,
488 onRecursiveVerified,
489 onRecursiveVerifyFailed,
490 originalData,
491 onVerifyFailed),
492 boost::bind(&SyncPolicyManager::onIntroCertTimeout,
493 this,
494 _1,
495 retry - 1,
496 stepCount,
497 onRecursiveVerified,
498 onRecursiveVerifyFailed,
499 originalData,
500 onVerifyFailed));
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]501 }
502 else
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]503 onVerifyFailed(originalData);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]504}