Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 913b0c7aca4a83212786dab7c6e8c9c3ef468b42 / . / include / ndn-cpp / security / verifier.hpp
blob: 537e74d7b28fb38ab36c228a4f34e523797c2d33 [file] [log] [blame]
Yingdi Yu2abd73f2014-01-08 23:34:11 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
6 * See COPYING for copyright and distribution information.
7 */
8
9#ifndef NDN_VERIFIER_HPP
10#define NDN_VERIFIER_HPP
11
12#include "../data.hpp"
13#include "../face.hpp"
14#include "policy/validation-request.hpp"
15#include "certificate/public-key.hpp"
16#include "signature/signature-sha256-with-rsa.hpp"
17
18namespace ndn {
19
20class PolicyManager;
21
22/**
23 * Verifier is one of the main classes of the security librar .
24 *
25 * The Verifier class provides the interfaces for packet verification.
26 */
27class Verifier {
28public:
29 struct Error : public std::runtime_error { Error(const std::string &what) : std::runtime_error(what) {} };
30
31 Verifier(const ptr_lib::shared_ptr<PolicyManager> &policyManager = DefaultPolicyManager);
32
33 /**
34 * @brief Set the Face which will be used to fetch required certificates.
35 * @param face A pointer to the Face object.
36 *
37 * Setting face is necessary for verifier operation that involve fetching data.
38 */
39 void
40 setFace(const ptr_lib::shared_ptr<Face> &face) { face_ = face; }
41
42 /**
43 * @brief Get the policyManager.
44 * @return The PolicyManager.
45 */
46 inline PolicyManager&
47 policies()
48 {
49 if (!policyManager_)
50 throw Error("PolicyManager is not assigned to the KeyChain");
51
52 return *policyManager_;
53 }
54
55
56 /**
57 * Check the signature on the Data object and call either onVerify or onVerifyFailed.
58 * We use callback functions because verify may fetch information to check the signature.
59 * @param data The Data object with the signature to check. It is an error if data does not have a wireEncoding.
60 * To set the wireEncoding, you can call data.wireDecode.
61 * @param onVerified If the signature is verified, this calls onVerified(data).
62 * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
63 */
64 void
65 verifyData
66 (const ptr_lib::shared_ptr<Data>& data, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed, int stepCount = 0);
67
68 /*****************************************
69 * verifySignature method set *
70 *****************************************/
Yingdi Yu913b0c72014-01-10 18:02:55 -0800[diff] [blame^]71 static bool
72 verifySignature(const Data &data, const Signature &sig, const PublicKey &publicKey);
73
74 static bool
75 verifySignature(const Buffer &data, const Signature &sig, const PublicKey &publicKey);
76
Yingdi Yu2abd73f2014-01-08 23:34:11 -0800[diff] [blame]77 static bool
78 verifySignature(const Data& data, const SignatureSha256WithRsa& sig, const PublicKey& publicKey);
79
Yingdi Yu913b0c72014-01-10 18:02:55 -0800[diff] [blame^]80 static bool
81 verifySignature(const Buffer &data, const SignatureSha256WithRsa &sig, const PublicKey &publicKey);
Yingdi Yu2abd73f2014-01-08 23:34:11 -0800[diff] [blame]82
83public:
84 static const ptr_lib::shared_ptr<PolicyManager> DefaultPolicyManager;
85
86private:
87 void
88 onCertificateData
89 (const ptr_lib::shared_ptr<const Interest> &interest, const ptr_lib::shared_ptr<Data> &data, ptr_lib::shared_ptr<ValidationRequest> nextStep);
90
91 void
92 onCertificateInterestTimeout
93 (const ptr_lib::shared_ptr<const Interest> &interest, int retry, const OnVerifyFailed& onVerifyFailed,
94 const ptr_lib::shared_ptr<Data> &data, ptr_lib::shared_ptr<ValidationRequest> nextStep);
95
96private:
97 ptr_lib::shared_ptr<PolicyManager> policyManager_;
98 ptr_lib::shared_ptr<Face> face_;
99};
100
101}
102
103#endif