JSDoc: Class: PolicyManager

new PolicyManager()

A PolicyManager is an abstract base class to represent the policy for verifying data packets. You must create an object of a subclass.

Source:

security/policy/policy-manager.js, line 36

Methods

(static) verifyDigestSha256Signature(signature, signedBlob, onComplete)

Verify the DigestSha256 signature on the SignedBlob by verifying that the digest of SignedBlob equals the signature.

Parameters:

Name	Type	Description
`signature`	Blob	The signature bits.
`signedBlob`	SignedBlob	the SignedBlob with the signed portion to verify.
`onComplete`	function	This calls onComplete(true) if the signature verifies, otherwise onComplete(false).

Source:

security/policy/policy-manager.js, line 219

(static) verifySha256WithRsaSignature(signature, signedBlob, publicKeyDer, onComplete)

Verify the RSA signature on the SignedBlob using the given public key.

Parameters:

Name	Type	Description
`signature`	Blob	The signature bits.
`signedBlob`	SignedBlob	the SignedBlob with the signed portion to verify.
`publicKeyDer`	Blob	The DER-encoded public key used to verify the signature.
`onComplete`	function	This calls onComplete(true) if the signature verifies, otherwise onComplete(false).

Source:

security/policy/policy-manager.js, line 176

(static) verifySignature(signature, signedBlob, publicKeyDer, onComplete)

Check the type of signature and use the publicKeyDer to verify the signedBlob using the appropriate signature algorithm.

Parameters:

Name	Type	Description
`signature`	Signature	An object of a subclass of Signature, e.g. Sha256WithRsaSignature.
`signedBlob`	SignedBlob	the SignedBlob with the signed portion to verify.
`publicKeyDer`	Blob	The DER-encoded public key used to verify the signature.
`onComplete`	function	This calls onComplete(true) if the signature verifies, otherwise onComplete(false).

Source:

security/policy/policy-manager.js, line 146

Throws:

SecurityException if the signature type is not recognized or if publicKeyDer can't be decoded.

checkSigningPolicy(dataName, certificateName) → {boolean}

Check if the signing certificate name and data name satisfy the signing policy. Your derived class should override.

Parameters:

Name	Type	Description
`dataName`	Name	The name of data to be signed.
`certificateName`	Name	The name of signing certificate.

Source:

security/policy/policy-manager.js, line 109

Returns:

True if the signing certificate can be used to sign the data, otherwise false.

Type: boolean

checkVerificationPolicy(dataOrInterest, stepCount, onVerified, onVerifyFailed, wireFormat) → {ValidationRequest}

Check whether the received data packet complies with the verification policy, and get the indication of the next verification step. Your derived class should override.

Parameters:

Name	Type	Description
`dataOrInterest`	Data \| Interest	The Data object or interest with the signature to check.
`stepCount`	number	The number of verification steps that have been done, used to track the verification progress.
`onVerified`	function	If the signature is verified, this calls onVerified(dataOrInterest). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.
`onVerifyFailed`	function	If the signature check fails, this calls onVerifyFailed(dataOrInterest). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.
`wireFormat`	WireFormat

Source:

security/policy/policy-manager.js, line 93

Returns:

The indication of next verification step, or null if there is no further step.

Type: ValidationRequest

inferSigningIdentity(dataName) → {Name}

Infer the signing identity name according to the policy. If the signing identity cannot be inferred, return an empty name. Your derived class should override.

Parameters:

Name	Type	Description
`dataName`	Name	The name of data to be signed.

Source:

security/policy/policy-manager.js, line 122

Returns:

The signing identity or an empty name if cannot infer.

Type: Name

requireVerify(dataOrInterest) → {boolean}

Check if this PolicyManager has a verification rule for the received data packet or signed interest. Your derived class should override.

Parameters:

Name	Type	Description
`dataOrInterest`	Data \| Interest	The received data packet or interest.

Source:

security/policy/policy-manager.js, line 65

Returns:

True if the data or interest must be verified, otherwise false.

Type: boolean

skipVerifyAndTrust(dataOrInterest) → {boolean}

Check if the received data packet or signed interest can escape from verification and be trusted as valid. Your derived class should override.

Parameters:

Name	Type	Description
`dataOrInterest`	Data \| Interest	The received data packet or interest.

Source:

security/policy/policy-manager.js, line 51

Returns:

True if the data or interest does not need to be verified to be trusted as valid, otherwise false.

Type: boolean