Blame - include/ndn-cpp/security/policy/policy-manager.hpp - ndn-cxx

blob: 400360dcb97c2c4b12dd227aeebd61fba8b70974 [file] [log] [blame]

Jeff Thompson	3f3cfd3	2013-09-27 11:46:52 -0700	[diff] [blame]	1	/* -- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -- */
				2	/**
				3	* Copyright (C) 2013 Regents of the University of California.
				4	* @author: Yingdi Yu <yingdi@cs.ucla.edu>
				5	* @author: Jeff Thompson <jefft0@remap.ucla.edu>
				6	* See COPYING for copyright and distribution information.
				7	*/
				8
				9	#ifndef NDN_POLICY_MANAGER_HPP
Jeff Thompson	e589c3f	2013-10-12 17:30:50 -0700	[diff] [blame]	10	#define NDN_POLICY_MANAGER_HPP
Jeff Thompson	3f3cfd3	2013-09-27 11:46:52 -0700	[diff] [blame]	11
				12	#include "../../data.hpp"
Yingdi Yu	2abd73f	2014-01-08 23:34:11 -0800	[diff] [blame^]	13	#include "validation-request.hpp"
Jeff Thompson	3f3cfd3	2013-09-27 11:46:52 -0700	[diff] [blame]	14
				15	namespace ndn {
				16
				17	class ValidationRequest;
				18
				19	/**
				20	* A PolicyManager is an abstract base class to represent the policy for verifying data packets.
				21	* You must create an object of a subclass.
				22	*/
				23	class PolicyManager {
				24	public:
Yingdi Yu	2abd73f	2014-01-08 23:34:11 -0800	[diff] [blame^]	25	struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
				26
Jeff Thompson	3f3cfd3	2013-09-27 11:46:52 -0700	[diff] [blame]	27	/**
				28	* The virtual destructor.
				29	*/
				30	virtual
				31	~PolicyManager() {}
				32
				33	/**
				34	* Check if the received data packet can escape from verification and be trusted as valid.
				35	* @param data The received data packet.
				36	* @return true if the data does not need to be verified to be trusted as valid, otherwise false.
				37	*/
				38	virtual bool
				39	skipVerifyAndTrust(const Data& data) = 0;
				40
				41	/**
				42	* Check if this PolicyManager has a verification rule for the received data.
				43	* @param data The received data packet.
				44	* @return true if the data must be verified, otherwise false.
				45	*/
				46	virtual bool
				47	requireVerify(const Data& data) = 0;
				48
				49	/**
				50	* Check whether the received data packet complies with the verification policy, and get the indication of the next verification step.
				51	* @param data The Data object with the signature to check.
				52	* @param stepCount The number of verification steps that have been done, used to track the verification progress.
				53	* @param onVerified If the signature is verified, this calls onVerified(data).
				54	* @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
				55	* @return the indication of next verification step, null if there is no further step.
				56	*/
				57	virtual ptr_lib::shared_ptr<ValidationRequest>
				58	checkVerificationPolicy
Jeff Thompson	31aeed8	2013-11-25 15:44:45 -0800	[diff] [blame]	59	(const ptr_lib::shared_ptr<Data>& data, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed) = 0;
Jeff Thompson	3f3cfd3	2013-09-27 11:46:52 -0700	[diff] [blame]	60
				61	/**
				62	* Check if the signing certificate name and data name satisfy the signing policy.
				63	* @param dataName The name of data to be signed.
				64	* @param certificateName The name of signing certificate.
				65	* @return true if the signing certificate can be used to sign the data, otherwise false.
				66	*/
				67	virtual bool
				68	checkSigningPolicy(const Name& dataName, const Name& certificateName) = 0;
				69
				70	/**
				71	* Infer the signing identity name according to the policy. If the signing identity cannot be inferred, return an empty name.
				72	* @param dataName The name of data to be signed.
				73	* @return The signing identity or an empty name if cannot infer.
				74	*/
				75	virtual Name
				76	inferSigningIdentity(const Name& dataName) = 0;
				77	};
				78
				79	}
				80
				81	#endif