Class: SelfVerifyPolicyManager

SelfVerifyPolicyManager

new SelfVerifyPolicyManager(identityStorage)

A SelfVerifyPolicyManager implements a PolicyManager to use the public key DER in the data packet's KeyLocator (if available) or look in the IdentityStorage for the public key with the name in the KeyLocator (if available) and use it to verify the data packet, without searching a certificate chain. If the public key can't be found, the verification fails.
Parameters:
Name Type Description
identityStorage IdentityStorage (optional) The IdentityStorage for looking up the public key. This object must remain valid during the life of this SelfVerifyPolicyManager. If omitted, then don't look for a public key with the name in the KeyLocator and rely on the KeyLocator having the full public key DER.
Source:

Methods

checkSigningPolicy(dataName, certificateName) → {boolean}

Override to always indicate that the signing certificate name and data name satisfy the signing policy.
Parameters:
Name Type Description
dataName Name The name of data to be signed.
certificateName Name The name of signing certificate.
Source:
Returns:
True to indicate that the signing certificate can be used to sign the data.
Type
boolean

checkVerificationPolicy(dataOrInterest, stepCount, onVerified, onVerifyFailed, wireFormat) → {ValidationRequest}

Use the public key DER in the KeyLocator (if available) or look in the IdentityStorage for the public key with the name in the KeyLocator (if available) and use it to verify the data packet. If the public key can't be found, call onVerifyFailed.
Parameters:
Name Type Description
dataOrInterest Data | Interest The Data object or interest with the signature to check.
stepCount number The number of verification steps that have been done, used to track the verification progress.
onVerified function If the signature is verified, this calls onVerified(dataOrInterest).
onVerifyFailed function If the signature check fails, this calls onVerifyFailed(dataOrInterest).
wireFormat WireFormat
Source:
Returns:
null for no further step for looking up a certificate chain.
Type
ValidationRequest

getPublicKeyDer(keyLocator) → {Blob}

Return the public key DER in the KeyLocator (if available) or look in the IdentityStorage for the public key with the name in the KeyLocator (if available). If the public key can't be found, return and empty Blob.
Parameters:
Name Type Description
keyLocator KeyLocator The KeyLocator.
Source:
Returns:
The public key DER or an empty Blob if not found.
Type
Blob

inferSigningIdentity(dataName) → {Name}

Override to indicate that the signing identity cannot be inferred.
Parameters:
Name Type Description
dataName Name The name of data to be signed.
Source:
Returns:
An empty name because cannot infer.
Type
Name

requireVerify(dataOrInterest) → {boolean}

Always return true to use the self-verification rule for the received data.
Parameters:
Name Type Description
dataOrInterest Data | Interest The received data packet or interest.
Source:
Returns:
True.
Type
boolean

skipVerifyAndTrust(dataOrInterest) → {boolean}

Never skip verification.
Parameters:
Name Type Description
dataOrInterest Data | Interest The received data packet or interest.
Source:
Returns:
False.
Type
boolean

verify(signatureInfo, signedBlob, onComplete)

Check the type of signatureInfo to get the KeyLocator. Use the public key DER in the KeyLocator (if available) or look in the IdentityStorage for the public key with the name in the KeyLocator (if available) and use it to verify the signedBlob. If the public key can't be found, return false. (This is a generalized method which can verify both a Data packet and an interest.)
Parameters:
Name Type Description
signatureInfo Signature An object of a subclass of Signature, e.g. Sha256WithRsaSignature.
signedBlob SignedBlob the SignedBlob with the signed portion to verify.
onComplete function This calls onComplete(true) if the signature verifies, otherwise onComplete(false).
Source: