security: Enabling SignedInterest processing in SecPolicy and Verifier.
refs: #1161
Change-Id: I701ad619299e8e5aae03658b5ce2d3e7fed179cd
diff --git a/src/security/sec-policy-no-verify.hpp b/src/security/sec-policy-no-verify.hpp
index 1d2927e..4b3e15a 100644
--- a/src/security/sec-policy-no-verify.hpp
+++ b/src/security/sec-policy-no-verify.hpp
@@ -22,49 +22,32 @@
~SecPolicyNoVerify();
/**
- * Override to always skip verification and trust as valid.
- * @param data The received data packet.
- * @return true.
- */
- virtual bool
- skipVerifyAndTrust(const Data& data);
-
- /**
- * Override to return false for no verification rule for the received data.
- * @param data The received data packet.
- * @return false.
- */
- virtual bool
- requireVerify(const Data& data);
-
- /**
- * Override to call onVerified(data) and to indicate no further verification step.
+ * Check whether the received data packet complies with the verification policy, and get the indication of the next verification step.
+ * If there is no next verification step, that imlies policy MUST have already made the verification decision.
+ * i.e., either onVerified or onVerifyFailed callback is invoked.
* @param data The Data object with the signature to check.
* @param stepCount The number of verification steps that have been done, used to track the verification progress.
- * @param onVerified This does override to call onVerified(data).
- * @param onVerifyFailed Override to ignore this.
- * @return null for no further step.
+ * @param onVerified If the signature is verified, this calls onVerified(data).
+ * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
+ * @return the indication of next verification step, null if there is no further step.
*/
virtual ptr_lib::shared_ptr<ValidationRequest>
checkVerificationPolicy
(const ptr_lib::shared_ptr<Data>& data, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed);
-
+
/**
- * Override to always indicate that the signing certificate name and data name satisfy the signing policy.
- * @param dataName The name of data to be signed.
- * @param certificateName The name of signing certificate.
- * @return true to indicate that the signing certificate can be used to sign the data.
+ * Check whether the received interest packet complies with the verification policy, and get the indication of the next verification step.
+ * If there is no next verification step, that implies policy MUST have already made the verification decision.
+ * i.e., either onVerified or onVerifyFailed callback is invoked.
+ * @param data The Data object with the signature to check.
+ * @param stepCount The number of verification steps that have been done, used to track the verification progress.
+ * @param onVerified If the signature is verified, this calls onVerified(data).
+ * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
+ * @return the indication of next verification step, null if there is no further step.
*/
- virtual bool
- checkSigningPolicy(const Name& dataName, const Name& certificateName);
-
- /**
- * Override to indicate that the signing identity cannot be inferred.
- * @param dataName The name of data to be signed.
- * @return An empty name because cannot infer.
- */
- virtual Name
- inferSigningIdentity(const Name& dataName);
+ virtual ptr_lib::shared_ptr<ValidationRequest>
+ checkVerificationPolicy
+ (const ptr_lib::shared_ptr<Interest>& interest, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed);
};
}