blob: 5b3609de36caf872ac943efce2553c938a0d7d50 [file] [log] [blame]
Jeff Thompson3f3cfd32013-09-27 11:46:52 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
6 * See COPYING for copyright and distribution information.
7 */
8
9#ifndef NDN_POLICY_MANAGER_HPP
Jeff Thompsone589c3f2013-10-12 17:30:50 -070010#define NDN_POLICY_MANAGER_HPP
Jeff Thompson3f3cfd32013-09-27 11:46:52 -070011
12#include "../../data.hpp"
13#include "../key-chain.hpp"
14
15namespace ndn {
16
17class ValidationRequest;
18
19/**
20 * A PolicyManager is an abstract base class to represent the policy for verifying data packets.
21 * You must create an object of a subclass.
22 */
23class PolicyManager {
24public:
25 /**
26 * The virtual destructor.
27 */
28 virtual
29 ~PolicyManager() {}
30
31 /**
32 * Check if the received data packet can escape from verification and be trusted as valid.
33 * @param data The received data packet.
34 * @return true if the data does not need to be verified to be trusted as valid, otherwise false.
35 */
36 virtual bool
37 skipVerifyAndTrust(const Data& data) = 0;
38
39 /**
40 * Check if this PolicyManager has a verification rule for the received data.
41 * @param data The received data packet.
42 * @return true if the data must be verified, otherwise false.
43 */
44 virtual bool
45 requireVerify(const Data& data) = 0;
46
47 /**
48 * Check whether the received data packet complies with the verification policy, and get the indication of the next verification step.
49 * @param data The Data object with the signature to check.
50 * @param stepCount The number of verification steps that have been done, used to track the verification progress.
51 * @param onVerified If the signature is verified, this calls onVerified(data).
52 * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
53 * @return the indication of next verification step, null if there is no further step.
54 */
55 virtual ptr_lib::shared_ptr<ValidationRequest>
56 checkVerificationPolicy
57 (const ptr_lib::shared_ptr<Data>& data, const int& stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed) = 0;
58
59 /**
60 * Check if the signing certificate name and data name satisfy the signing policy.
61 * @param dataName The name of data to be signed.
62 * @param certificateName The name of signing certificate.
63 * @return true if the signing certificate can be used to sign the data, otherwise false.
64 */
65 virtual bool
66 checkSigningPolicy(const Name& dataName, const Name& certificateName) = 0;
67
68 /**
69 * Infer the signing identity name according to the policy. If the signing identity cannot be inferred, return an empty name.
70 * @param dataName The name of data to be signed.
71 * @return The signing identity or an empty name if cannot infer.
72 */
73 virtual Name
74 inferSigningIdentity(const Name& dataName) = 0;
75};
76
77}
78
79#endif