blob: ecddf679a05c0a44df5b7ad9c3a4905208e139eb [file] [log] [blame]
Jeff Thompson47c93cf2013-08-09 00:38:48 -07001/**
Jeff Thompson7687dc02013-09-13 11:54:07 -07002 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson47c93cf2013-08-09 00:38:48 -07004 * See COPYING for copyright and distribution information.
5 */
6
7#ifndef NDN_KEY_CHAIN_HPP
Jeff Thompson2d27e2f2013-08-09 12:55:00 -07008#define NDN_KEY_CHAIN_HPP
Jeff Thompson47c93cf2013-08-09 00:38:48 -07009
Jeff Thompson7a67cb62013-08-26 11:43:18 -070010#include "../data.hpp"
Jeff Thompson2ce8f492013-09-17 18:01:25 -070011#include "../face.hpp"
12#include "identity/identity-manager.hpp"
Jeff Thompson47c93cf2013-08-09 00:38:48 -070013
14namespace ndn {
15
Jeff Thompson2ce8f492013-09-17 18:01:25 -070016/**
17 * An OnVerified function object is used to pass a callback to verifyData to report a successful verification.
18 */
19typedef func_lib::function<void(const ptr_lib::shared_ptr<Data>& data)> OnVerified;
20
21/**
22 * An OnVerifyFailed function object is used to pass a callback to verifyData to report a failed verification.
23 */
24typedef func_lib::function<void()> OnVerifyFailed;
25
Jeff Thompsonffa36f92013-09-20 08:42:41 -070026/**
27 * Keychain is main class of security library.
28 *
29 * The Keychain class provides a set of interfaces to the security library such as identity management, policy configuration
30 * and packet signing and verification.
31 */
Jeff Thompson47c93cf2013-08-09 00:38:48 -070032class KeyChain {
33public:
Jeff Thompson40f361a2013-09-25 13:12:48 -070034 KeyChain(const ptr_lib::shared_ptr<IdentityManager>& identityManager);
Jeff Thompson9296f0c2013-09-23 18:10:27 -070035
36 /**
37 * Get the default certificate name for the specified identity, which will be used when signing is performed based on identity.
38 * @param identityName The name of the specified identity.
39 * @return The requested certificate name.
40 */
41 Name
42 getDefaultCertificateNameForIdentity(const Name& identityName)
43 {
Jeff Thompson40f361a2013-09-25 13:12:48 -070044 return identityManager_->getDefaultCertificateNameForIdentity(identityName);
Jeff Thompson9296f0c2013-09-23 18:10:27 -070045 }
46
47 /**
48 * Examine the data packet Name and infer the identity name for signing the content.
49 * @param name The data packet name to examine.
50 * @return A new identity name for signing a data packet.
51 */
52 Name
53 inferSigningIdentity(const Name& name)
54 {
55#if 0
56 policyManager_->inferSigningIdentity(name)
57#else
58 return Name();
59#endif
Jeff Thompson2ce8f492013-09-17 18:01:25 -070060 }
61
Jeff Thompson47c93cf2013-08-09 00:38:48 -070062 /**
Jeff Thompson2ce8f492013-09-17 18:01:25 -070063 * Wire encode the Data object, sign it and set its signature.
Jeff Thompsonade5b1e2013-08-09 12:16:45 -070064 * Note: the caller must make sure the timestamp is correct, for example with
Jeff Thompsonfec716d2013-09-11 13:54:36 -070065 * data.getMetaInfo().setTimestampMilliseconds(time(NULL) * 1000.0).
Jeff Thompson2ce8f492013-09-17 18:01:25 -070066 * @param data The Data object to be signed. This updates its signature and key locator field and wireEncoding.
Jeff Thompson9296f0c2013-09-23 18:10:27 -070067 * @param certificateName The certificate name of the key to use for signing. If omitted, infer the signing identity from the data packet name.
Jeff Thompson8d24fe12013-09-18 15:54:51 -070068 * @param wireFormat A WireFormat object used to encode the input. If omitted, use WireFormat getDefaultWireFormat().
Jeff Thompson3c73da42013-08-12 11:19:05 -070069 */
Jeff Thompson2ce8f492013-09-17 18:01:25 -070070 void
Jeff Thompson9296f0c2013-09-23 18:10:27 -070071 signData(Data& data, const Name& certificateName = Name(), WireFormat& wireFormat = *WireFormat::getDefaultWireFormat());
Jeff Thompson3c73da42013-08-12 11:19:05 -070072
73 /**
Jeff Thompson2ce8f492013-09-17 18:01:25 -070074 * Check the signature on the Data object and call either onVerify or onVerifyFailed.
75 * We use callback functions because verify may fetch information to check the signature.
Jeff Thompson3c73da42013-08-12 11:19:05 -070076 * @param data
Jeff Thompson2ce8f492013-09-17 18:01:25 -070077 * @param onVerified
78 * @param onVerifyFailed
Jeff Thompson8efe5ad2013-08-20 17:36:38 -070079 */
Jeff Thompson2ce8f492013-09-17 18:01:25 -070080 void
81 verifyData(const ptr_lib::shared_ptr<Data>& data, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed);
Jeff Thompson8efe5ad2013-08-20 17:36:38 -070082
83 /**
Jeff Thompson2ce8f492013-09-17 18:01:25 -070084 * Set the Face which will be used to fetch required certificates.
85 * @param face A pointer to the Face object.
Jeff Thompson1e90d8c2013-08-12 16:09:25 -070086 */
Jeff Thompson2ce8f492013-09-17 18:01:25 -070087 void
88 setFace(Face* face) { face_ = face; }
89
90private:
Jeff Thompson40f361a2013-09-25 13:12:48 -070091 ptr_lib::shared_ptr<IdentityManager> identityManager_;
Jeff Thompson2ce8f492013-09-17 18:01:25 -070092 Face* face_;
93 const int maxSteps_;
Jeff Thompson47c93cf2013-08-09 00:38:48 -070094};
95
96}
97
98#endif