| Jeff Thompson | 3f3cfd3 | 2013-09-27 11:46:52 -0700 | [diff] [blame^] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */ |
| 2 | /** |
| 3 | * Copyright (C) 2013 Regents of the University of California. |
| 4 | * @author: Yingdi Yu <yingdi@cs.ucla.edu> |
| 5 | * @author: Jeff Thompson <jefft0@remap.ucla.edu> |
| 6 | * See COPYING for copyright and distribution information. |
| 7 | */ |
| 8 | |
| 9 | #ifndef NDN_POLICY_MANAGER_HPP |
| 10 | #define NDN_POLICY_MANAGER_HPP |
| 11 | |
| 12 | #include "../../data.hpp" |
| 13 | #include "../key-chain.hpp" |
| 14 | |
| 15 | namespace ndn { |
| 16 | |
| 17 | class ValidationRequest; |
| 18 | |
| 19 | /** |
| 20 | * A PolicyManager is an abstract base class to represent the policy for verifying data packets. |
| 21 | * You must create an object of a subclass. |
| 22 | */ |
| 23 | class PolicyManager { |
| 24 | public: |
| 25 | /** |
| 26 | * The virtual destructor. |
| 27 | */ |
| 28 | virtual |
| 29 | ~PolicyManager() {} |
| 30 | |
| 31 | /** |
| 32 | * Check if the received data packet can escape from verification and be trusted as valid. |
| 33 | * @param data The received data packet. |
| 34 | * @return true if the data does not need to be verified to be trusted as valid, otherwise false. |
| 35 | */ |
| 36 | virtual bool |
| 37 | skipVerifyAndTrust(const Data& data) = 0; |
| 38 | |
| 39 | /** |
| 40 | * Check if this PolicyManager has a verification rule for the received data. |
| 41 | * @param data The received data packet. |
| 42 | * @return true if the data must be verified, otherwise false. |
| 43 | */ |
| 44 | virtual bool |
| 45 | requireVerify(const Data& data) = 0; |
| 46 | |
| 47 | /** |
| 48 | * Check whether the received data packet complies with the verification policy, and get the indication of the next verification step. |
| 49 | * @param data The Data object with the signature to check. |
| 50 | * @param stepCount The number of verification steps that have been done, used to track the verification progress. |
| 51 | * @param onVerified If the signature is verified, this calls onVerified(data). |
| 52 | * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data). |
| 53 | * @return the indication of next verification step, null if there is no further step. |
| 54 | */ |
| 55 | virtual ptr_lib::shared_ptr<ValidationRequest> |
| 56 | checkVerificationPolicy |
| 57 | (const ptr_lib::shared_ptr<Data>& data, const int& stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed) = 0; |
| 58 | |
| 59 | /** |
| 60 | * Check if the signing certificate name and data name satisfy the signing policy. |
| 61 | * @param dataName The name of data to be signed. |
| 62 | * @param certificateName The name of signing certificate. |
| 63 | * @return true if the signing certificate can be used to sign the data, otherwise false. |
| 64 | */ |
| 65 | virtual bool |
| 66 | checkSigningPolicy(const Name& dataName, const Name& certificateName) = 0; |
| 67 | |
| 68 | /** |
| 69 | * Infer the signing identity name according to the policy. If the signing identity cannot be inferred, return an empty name. |
| 70 | * @param dataName The name of data to be signed. |
| 71 | * @return The signing identity or an empty name if cannot infer. |
| 72 | */ |
| 73 | virtual Name |
| 74 | inferSigningIdentity(const Name& dataName) = 0; |
| 75 | }; |
| 76 | |
| 77 | } |
| 78 | |
| 79 | #endif |