Gitiles
Code Review Sign In
gerrit.named-data.net / ndns / d01c1a47d60feb56dabd2c16325aae11f5b1565a / . / src / validator / certificate-fetcher-ndns-appcert.hpp
blob: 2bd9305f634651982d69d455ddd076d76b9324c9 [file] [log] [blame]
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
3 * Copyright (c) 2014-2017, Regents of the University of California.
4 *
5 * This file is part of NDNS (Named Data Networking Domain Name Service).
6 * See AUTHORS.md for complete list of NDNS authors and contributors.
7 *
8 * NDNS is free software: you can redistribute it and/or modify it under the terms
9 * of the GNU General Public License as published by the Free Software Foundation,
10 * either version 3 of the License, or (at your option) any later version.
11 *
12 * NDNS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
14 * PURPOSE. See the GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * NDNS, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20#ifndef NDNS_VALIDATOR_CERTIFICATE_FETCHER_NDNS_APPCERT_HPP
21#define NDNS_VALIDATOR_CERTIFICATE_FETCHER_NDNS_APPCERT_HPP
22
23#include <ndn-cxx/ims/in-memory-storage.hpp>
24#include <ndn-cxx/security/v2/validator.hpp>
25
26namespace ndn {
27namespace ndns {
28
29/**
30 * @brief Fetch NDNS-stored application certificate(APPCERT type record)
31 * By an iterative-query process, it will retrieve the record, execute authentications,
32 * and de-encapsulate record to get application's certificate.
33 */
34class CertificateFetcherAppCert : public security::v2::CertificateFetcher
35{
36public:
37 explicit
38 CertificateFetcherAppCert(Face& face,
39 size_t nsCacheSize = 500,
40 size_t startComponentIndex = 0);
41
42protected:
43 /**
44 * @brief retrive appcert record, validate, and de-encapsulate
45 * This method will first retrive the record by an iterative query.
46 * Then it will pass it to validator.
47 * If validated, de-encapsulate and call continueValidation.
48 */
49 void
50 doFetch(const shared_ptr<security::v2::CertificateRequest>& certRequest,
51 const shared_ptr<security::v2::ValidationState>& state,
52 const ValidationContinuation& continueValidation) override;
53
54private:
55 /**
56 * @brief Callback invoked when rrset is retrived, including nack
57 */
58 void
59 onQuerySuccessCallback(const Data& data,
60 const shared_ptr<security::v2::CertificateRequest>& certRequest,
61 const shared_ptr<security::v2::ValidationState>& state,
62 const ValidationContinuation& continueValidation);
63
64 /**
65 * @brief Callback invoked when iterative query failed
66 *
67 * @todo retry for some amount of time
68 */
69 void
70 onQueryFailCallback(const std::string& errMsg,
71 const shared_ptr<security::v2::CertificateRequest>& certRequest,
72 const shared_ptr<security::v2::ValidationState>& state,
73 const ValidationContinuation& continueValidation);
74
75 /**
76 * @brief Callback invoked when rrset validation succeeded
77 */
78 void
79 onValidationSuccessCallback(const Data& data,
80 const shared_ptr<security::v2::CertificateRequest>& certRequest,
81 const shared_ptr<security::v2::ValidationState>& state,
82 const ValidationContinuation& continueValidation);
83
84 /**
85 * @brief Callback invoked when rrset validation failed
86 */
87 void
88 onValidationFailCallback(const security::v2::ValidationError& err,
89 const shared_ptr<security::v2::CertificateRequest>& certRequest,
90 const shared_ptr<security::v2::ValidationState>& state,
91 const ValidationContinuation& continueValidation);
92
93private:
94 Face& m_face;
95 unique_ptr<security::v2::Validator> m_validator;
96 InMemoryStorage* m_nsCache;
97 size_t m_startComponentIndex;
98};
99
100} // namespace ndns
101} // namespace ndn
102
103#endif // NDNS_VALIDATOR_CERTIFICATE_FETCHER_NDNS_APPCERT_HPP