Gitiles
Code Review Sign In
gerrit.named-data.net / ChronoSync / 286eb189e22ffd77c3360efe305a80bd244dcbaa / . / src / sec-policy-sync.h
blob: 2ecac0fcaacdf3457579026115deba0e79db6b71 [file] [log] [blame]
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/*
3 * Copyright (c) 2013, Regents of the University of California
4 * Yingdi Yu
5 *
6 * BSD license, See the LICENSE file for more information
7 *
8 * Author: Yingdi Yu <yingdi@cs.ucla.edu>
9 */
10
Yingdi Yu5e0af3e2014-01-15 19:33:25 -0800[diff] [blame]11#ifndef SEC_POLICY_SYNC_H
12#define SEC_POLICY_SYNC_H
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]13
Yingdi Yue8154712014-01-21 10:20:14 -0800[diff] [blame]14#include <ndn-cpp-dev/face.hpp>
15#include <ndn-cpp-dev/security/key-chain.hpp>
16#include <ndn-cpp-dev/security/verifier.hpp>
17#include <ndn-cpp-dev/security/sec-policy.hpp>
18#include <ndn-cpp-dev/security/identity-certificate.hpp>
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]19#include <ndn-cpp-et/policy/sec-rule-relative.hpp>
20// #include <ndn-cpp-et/policy/sec-rule-specific.hpp>
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]21#include <map>
22
Yingdi Yu5e0af3e2014-01-15 19:33:25 -0800[diff] [blame]23class SecPolicySync : public ndn::SecPolicy
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]24{
25public:
Yingdi Yu5e0af3e2014-01-15 19:33:25 -0800[diff] [blame]26 SecPolicySync(const ndn::Name& signingIdentity,
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]27 const ndn::Name& signingCertificateName,
28 const ndn::Name& syncPrefix,
29 ndn::ptr_lib::shared_ptr<ndn::Face> face,
30 int m_stepLimit = 3);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]31
32 virtual
Yingdi Yu5e0af3e2014-01-15 19:33:25 -0800[diff] [blame]33 ~SecPolicySync();
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]34
35 bool
36 skipVerifyAndTrust (const ndn::Data& data);
37
38 bool
39 requireVerify (const ndn::Data& data);
40
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]41 ndn::ptr_lib::shared_ptr<ndn::ValidationRequest>
42 checkVerificationPolicy(const ndn::ptr_lib::shared_ptr<ndn::Data>& data,
43 int stepCount,
44 const ndn::OnVerified& onVerified,
45 const ndn::OnVerifyFailed& onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]46
47 bool
48 checkSigningPolicy(const ndn::Name& dataName,
49 const ndn::Name& certificateName);
50
51 ndn::Name
52 inferSigningIdentity(const ndn::Name& dataName);
53
54 void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]55 addTrustAnchor(const ndn::IdentityCertificate& identityCertificate, bool isIntroducer);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]56
57 void
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]58 addSyncDataRule(const ndn::Name& prefix,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]59 const ndn::IdentityCertificate& identityCertificate,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]60 bool isIntroducer);
61
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]62private:
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]63
64 ndn::ptr_lib::shared_ptr<ndn::ValidationRequest>
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]65 prepareIntroducerRequest(const ndn::Name& keyName,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]66 ndn::ptr_lib::shared_ptr<ndn::Data> data,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]67 const int & stepCount,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]68 const ndn::OnVerified& onVerified,
69 const ndn::OnVerifyFailed& onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]70
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]71 ndn::ptr_lib::shared_ptr<const std::vector<ndn::Name> >
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]72 getAllIntroducerName();
73
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]74 ndn::ptr_lib::shared_ptr<ndn::ValidationRequest>
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]75 prepareRequest(const ndn::Name& keyName,
76 bool forIntroducer,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]77 ndn::ptr_lib::shared_ptr<ndn::Data> data,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]78 const int & stepCount,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]79 const ndn::OnVerified& onVerified,
80 const ndn::OnVerifyFailed& onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]81
82 void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]83 OnIntroCertInterest(const ndn::ptr_lib::shared_ptr<const ndn::Name>& prefix,
84 const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
85 ndn::Transport& transport,
86 uint64_t registeredPrefixId);
87
88 void
89 OnIntroCertRegisterFailed(const ndn::ptr_lib::shared_ptr<const ndn::Name>& prefix);
90
91 void
92 onIntroCertVerified(const ndn::ptr_lib::shared_ptr<ndn::Data>& introCertificateData,
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]93 bool forIntroducer,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]94 ndn::ptr_lib::shared_ptr<ndn::Data> originalData,
95 const ndn::OnVerified& onVerified,
96 const ndn::OnVerifyFailed& onVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]97
98 void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]99 onIntroCertVerifyFailed(const ndn::ptr_lib::shared_ptr<ndn::Data>& introCertificateData,
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]100 ndn::Name interestPrefix,
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]101 bool forIntroducer,
102 ndn::ptr_lib::shared_ptr<const std::vector<ndn::Name> > introNameList,
103 int nextIntroducerIndex,
104 ndn::ptr_lib::shared_ptr<ndn::Data> originalData,
105 const ndn::OnVerified& onVerified,
106 const ndn::OnVerifyFailed& onVerifyFailed);
107
108 void
109 onIntroCertData(const ndn::ptr_lib::shared_ptr<const ndn::Interest> &interest,
110 const ndn::ptr_lib::shared_ptr<ndn::Data>& introCertificateData,
111 int stepCount,
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]112 const ndn::OnVerified& introCertVerified,
113 const ndn::OnVerifyFailed& introCertVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]114
115 void
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]116 onIntroCertTimeout(const ndn::ptr_lib::shared_ptr<const ndn::Interest>& interest,
117 int retry,
118 int stepCount,
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]119 const ndn::OnVerified& introCertVerified,
120 const ndn::OnVerifyFailed& introCertVerifyFailed);
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]121
122
123
124private:
125 ndn::Name m_signingIdentity;
126 ndn::Name m_signingCertificateName;
127 ndn::Name m_syncPrefix;
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]128 ndn::Name m_introCertPrefix;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]129 int m_stepLimit;
Yingdi Yu57fdb5f2014-01-23 22:33:43 -0800[diff] [blame]130 ndn::ptr_lib::shared_ptr<ndn::SecRuleRelative> m_syncDataPolicy;
131 std::map<ndn::Name, ndn::PublicKey> m_trustedIntroducers;
132 std::map<ndn::Name, ndn::PublicKey> m_trustedProducers;
133 // std::map<ndn::Name, SecRuleSyncSpecific> m_chatDataRules;
134 std::map<ndn::Name, ndn::Data> m_introCert;
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]135
Yingdi Yu0cb0f2b2014-01-09 13:51:16 -0800[diff] [blame]136 ndn::ptr_lib::shared_ptr<ndn::KeyChain> m_keyChain;
Yingdi Yu46c9f1a2013-12-18 15:15:46 +0800[diff] [blame]137 ndn::ptr_lib::shared_ptr<ndn::Face> m_face;
138
Yingdi Yu43e71612013-10-30 22:19:31 -0700[diff] [blame]139};
140
141#endif