24 #ifndef NDN_CONFIG_POLICY_MANAGER_HPP
25 #define NDN_CONFIG_POLICY_MANAGER_HPP
30 #include "certificate-cache.hpp"
31 #include "policy-manager.hpp"
34 class TestVerificationRules_NameRelation_Test;
35 class TestVerificationRules_SimpleRegex_Test;
36 class TestVerificationRules_Hierarchical_Test;
37 class TestVerificationRules_HyperRelation_Test;
42 class BoostInfoParser;
43 class IdentityCertificate;
83 (
const std::string& configFileName =
"",
84 const ptr_lib::shared_ptr<CertificateCache>& certificateCache =
85 ptr_lib::shared_ptr<CertificateCache>(),
int searchDepth = 5,
87 int maxTrackedKeys = 1000);
107 load(
const std::string& configFileName);
116 load(
const std::string& input,
const std::string& inputName);
179 virtual ptr_lib::shared_ptr<ValidationRequest>
181 (
const ptr_lib::shared_ptr<Data>& data,
int stepCount,
203 virtual ptr_lib::shared_ptr<ValidationRequest>
205 (
const ptr_lib::shared_ptr<Interest>& interest,
int stepCount,
232 friend TestVerificationRules_NameRelation_Test;
233 friend TestVerificationRules_SimpleRegex_Test;
234 friend TestVerificationRules_Hierarchical_Test;
235 friend TestVerificationRules_HyperRelation_Test;
241 class TrustAnchorRefreshManager {
243 TrustAnchorRefreshManager()
247 static ptr_lib::shared_ptr<IdentityCertificate>
248 loadIdentityCertificateFromFile(
const std::string& filename);
250 ptr_lib::shared_ptr<IdentityCertificate>
251 getCertificate(
Name certificateName)
const
254 return certificateCache_.getCertificate(certificateName);
258 addDirectory(
const std::string& directoryName,
Milliseconds refreshPeriod);
264 class DirectoryInfo {
267 (
const std::vector<std::string>& certificateNames,
269 : certificateNames_(certificateNames), nextRefresh_(nextRefresh),
270 refreshPeriod_(refreshPeriod)
274 std::vector<std::string> certificateNames_;
282 std::map<std::string, ptr_lib::shared_ptr<DirectoryInfo> > refreshDirectories_;
292 loadTrustAnchorCertificates();
310 (
const Name& signatureName,
const Name& objectName,
321 ptr_lib::shared_ptr<IdentityCertificate>
322 lookupCertificate(
const std::string& certID,
bool isPath);
334 findMatchingRule(
const Name& objName,
const std::string& matchType)
const;
351 (
const Name& name,
const Name& matchName,
const std::string& matchRelation);
362 static ptr_lib::shared_ptr<Signature>
365 std::string& failureReason);
377 interestTimestampIsFresh
379 std::string& failureReason)
const;
408 std::string& failureReason)
const;
426 ptr_lib::shared_ptr<Interest>
427 getCertificateInterest
428 (
int stepCount,
const std::string& matchType,
const Name& objectName,
429 const Signature* signature, std::string& failureReason);
444 onCertificateDownloadComplete
445 (
const ptr_lib::shared_ptr<Data> &data,
446 const ptr_lib::shared_ptr<Data> &originalData,
int stepCount,
463 onCertificateDownloadCompleteForInterest
464 (
const ptr_lib::shared_ptr<Data> &data,
465 const ptr_lib::shared_ptr<Interest> &originalInterest,
int stepCount,
470 ptr_lib::shared_ptr<CertificateCache> certificateCache_;
477 std::map<std::string, std::string> fixedCertificateCache_;
481 std::map<std::string, MillisecondsSince1970> keyTimestamps_;
482 ptr_lib::shared_ptr<BoostInfoParser> config_;
483 bool requiresVerification_;
484 ptr_lib::shared_ptr<TrustAnchorRefreshManager> refreshManager_;
double Milliseconds
A time interval represented as the number of milliseconds.
Definition: common.hpp:112
A ConfigPolicyManager manages trust according to a configuration file in the Validator Configuration ...
Definition: config-policy-manager.hpp:60
Copyright (C) 2013-2016 Regents of the University of California.
Definition: common.hpp:36
func_lib::function< void(const ptr_lib::shared_ptr< Interest > &interest)> OnVerifiedInterest
An OnVerifiedInterest function object is used to pass a callback to verifyInterest to report a succes...
Definition: validation-request.hpp:53
virtual bool skipVerifyAndTrust(const Data &data)
Check if the received data packet can escape from verification and be trusted as valid.
void reset()
Reset the certificate cache and other fields to the constructor state.
virtual bool requireVerify(const Data &data)
Check if this PolicyManager has a verification rule for the received data.
ConfigPolicyManager(const std::string &configFileName="", const ptr_lib::shared_ptr< CertificateCache > &certificateCache=ptr_lib::shared_ptr< CertificateCache >(), int searchDepth=5, Milliseconds graceInterval=3000, Milliseconds keyTimestampTtl=3600000, int maxTrackedKeys=1000)
Create a new ConfigPolicyManager which will act on the rules specified in the configuration and downl...
func_lib::function< void(const ptr_lib::shared_ptr< Data > &data)> OnVerified
An OnVerified function object is used to pass a callback to verifyData to report a successful verific...
Definition: validation-request.hpp:33
BoostInfoTree is provided for compatibility with the Boost INFO property list format used in ndn-cxx...
Definition: boost-info-parser.hpp:46
virtual Name inferSigningIdentity(const Name &dataName)
Infer the signing identity name according to the policy.
virtual ~ConfigPolicyManager()
The virtual destructor.
A Name holds an array of Name::Component and represents an NDN name.
Definition: name.hpp:40
A Signature is an abstract base class providing methods to work with the signature information in a D...
Definition: signature.hpp:35
An Interest holds a Name and other fields for an interest.
Definition: interest.hpp:42
void load(const std::string &configFileName)
Call reset() and load the configuration rules from the file.
virtual ptr_lib::shared_ptr< ValidationRequest > checkVerificationPolicy(const ptr_lib::shared_ptr< Data > &data, int stepCount, const OnVerified &onVerified, const OnDataValidationFailed &onValidationFailed)
Check whether the received data packet complies with the verification policy, and get the indication ...
double MillisecondsSince1970
The calendar time represented as the number of milliseconds since 1/1/1970.
Definition: common.hpp:117
func_lib::function< void(const ptr_lib::shared_ptr< Interest > &interest, const std::string &reason)> OnInterestValidationFailed
An OnInterestValidationFailed function object is used to pass a callback to verifyInterest to report ...
Definition: validation-request.hpp:61
virtual bool checkSigningPolicy(const Name &dataName, const Name &certificateName)
Override to always indicate that the signing certificate name and data name satisfy the signing polic...
A SignedBlob extends Blob to keep the offsets of a signed portion (e.g., the bytes of Data packet)...
Definition: signed-blob.hpp:34
A PolicyManager is an abstract base class to represent the policy for verifying data packets...
Definition: policy-manager.hpp:37
func_lib::function< void(const ptr_lib::shared_ptr< Data > &data, const std::string &reason)> OnDataValidationFailed
An OnDataValidationFailed function object is used to pass a callback to verifyData to report a failed...
Definition: validation-request.hpp:41
A CertificateCache is used to save other users' certificate during verification.
Definition: certificate-cache.hpp:36