blob: 1b176469ed5c5a0d08d8c4e11e0ed8be9fe987fb [file] [log] [blame]
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -08001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Yingdi Yu4f324632014-01-15 18:10:03 -08008#ifndef NDN_SEC_POLICY_SELF_VERIFY_HPP
9#define NDN_SEC_POLICY_SELF_VERIFY_HPP
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080010
Yingdi Yu4f324632014-01-15 18:10:03 -080011#include "sec-policy.hpp"
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080012
13namespace ndn {
14
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080015/**
Yingdi Yu4f324632014-01-15 18:10:03 -080016 * A SecPolicySelfVerify implements a PolicyManager to use the public key DER in the data packet's KeyLocator (if available)
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080017 * or look in the IdentityStorage for the public key with the name in the KeyLocator (if available) and use
18 * it to verify the data packet, without searching a certificate chain. If the public key can't be found, the
19 * verification fails.
20 */
Yingdi Yu4f324632014-01-15 18:10:03 -080021class SecPolicySelfVerify : public SecPolicy {
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080022public:
23 /**
Yingdi Yu4f324632014-01-15 18:10:03 -080024 * Create a new SecPolicySelfVerify which will look up the public key in the given identityManager.
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080025 * @param identityManager (optional) The IdentityManager for looking up the public key. This points to an object must which remain
Yingdi Yu4f324632014-01-15 18:10:03 -080026 * valid during the life of this SecPolicySelfVerify. If omitted, then don't look for a public key with the name
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080027 * in the KeyLocator and rely on the KeyLocator having the full public key DER.
28 */
Yingdi Yu4f324632014-01-15 18:10:03 -080029 SecPolicySelfVerify()
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080030 {
31 }
32
33 /**
34 * The virtual destructor.
35 */
36 virtual
Yingdi Yu4f324632014-01-15 18:10:03 -080037 ~SecPolicySelfVerify();
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080038
39 /**
Yingdi Yue07e3392014-01-28 10:29:27 -080040 * Check whether the received data packet complies with the verification policy, and get the indication of the next verification step.
41 * If there is no next verification step, that imlies policy MUST have already made the verification decision.
42 * i.e., either onVerified or onVerifyFailed callback is invoked.
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080043 * @param data The Data object with the signature to check.
44 * @param stepCount The number of verification steps that have been done, used to track the verification progress.
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080045 * @param onVerified If the signature is verified, this calls onVerified(data).
Yingdi Yue07e3392014-01-28 10:29:27 -080046 * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
47 * @return the indication of next verification step, null if there is no further step.
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080048 */
49 virtual ptr_lib::shared_ptr<ValidationRequest>
50 checkVerificationPolicy
51 (const ptr_lib::shared_ptr<Data>& data, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed);
Yingdi Yue07e3392014-01-28 10:29:27 -080052
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080053 /**
Yingdi Yue07e3392014-01-28 10:29:27 -080054 * Check whether the received interest packet complies with the verification policy, and get the indication of the next verification step.
55 * If there is no next verification step, that implies policy MUST have already made the verification decision.
56 * i.e., either onVerified or onVerifyFailed callback is invoked.
57 * @param data The Data object with the signature to check.
58 * @param stepCount The number of verification steps that have been done, used to track the verification progress.
59 * @param onVerified If the signature is verified, this calls onVerified(data).
60 * @param onVerifyFailed If the signature check fails, this calls onVerifyFailed(data).
61 * @return the indication of next verification step, null if there is no further step.
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080062 */
Yingdi Yue07e3392014-01-28 10:29:27 -080063 virtual ptr_lib::shared_ptr<ValidationRequest>
64 checkVerificationPolicy
65 (const ptr_lib::shared_ptr<Interest>& interest, int stepCount, const OnVerified& onVerified, const OnVerifyFailed& onVerifyFailed);
Jeff Thompson3a2eb2f2013-12-11 11:00:27 -080066};
67
68}
69
70#endif