new ConfigPolicyManager(configFileName, certificateCache, searchDepth, graceInterval, keyTimestampTtl, maxTrackedKeys)
ConfigPolicyManager manages trust according to a configuration file in the
Validator Configuration File Format
(http://redmine.named-data.net/projects/ndn-cxx/wiki/CommandValidatorConf)
Once a rule is matched, the ConfigPolicyManager looks in the
certificate cache for the certificate matching the name in the KeyLocator
and uses its public key to verify the data packet or signed interest. If the
certificate can't be found, it is downloaded, verified and installed. A chain
of certificates will be followed to a maximum depth.
If the new certificate is accepted, it is used to complete the verification.
The KeyLocators of data packets and signed interests MUST contain a name for
verification to succeed.
Create a new ConfigPolicyManager which will act on the rules specified in the
configuration and download unknown certificates when necessary. If
certificateCache is a CertificateCache (or omitted) this creates a security
v1 PolicyManager to verify certificates in format v1. To verify certificates
in format v2, use a CertificateCacheV2 for the certificateCache.
Parameters:
| Name | Type | Description |
|---|---|---|
configFileName |
string | (optional) If not null or empty, the path to the configuration file containing verification rules. (This only works in Node.js since it reads files using the "fs" module.) Otherwise, you should separately call load(). |
certificateCache |
CertificateCache | CertificateCacheV2 | (optional) A CertificateCache to hold known certificates. If certificateCache is a CertificateCache (or omitted or null) this creates a security v1 PolicyManager to verify certificates in format v1. If this is a CertificateCacheV2, verify certificates in format v1. If omitted or null, create an internal v1 CertificateCache. |
searchDepth |
number | (optional) The maximum number of links to follow when verifying a certificate chain. If omitted, use a default. |
graceInterval |
number | (optional) The window of time difference (in milliseconds) allowed between the timestamp of the first interest signed with a new public key and the validation time. If omitted, use a default value. |
keyTimestampTtl |
number | (optional) How long a public key's last-used timestamp is kept in the store (milliseconds). If omitted, use a default value. |
maxTrackedKeys |
number | The maximum number of public key use timestamps to track. If omitted, use a default. |
Classes
Methods
(static) extractSignature(dataOrInterest, wireFormat) → {Signature}
Extract the signature information from the interest name or from the data
packet or interest.
Parameters:
| Name | Type | Description |
|---|---|---|
dataOrInterest |
Data | Interest | The object whose signature is needed. |
wireFormat |
WireFormat | (optional) The wire format used to decode signature information from the interest name. |
Returns:
The object of a sublcass of Signature or null if can't
decode.
- Type
- Signature
(static) matchesRelation(name, matchName, matchRelation) → {boolean}
Determines if a name satisfies the relation to matchName.
Parameters:
| Name | Type | Description |
|---|---|---|
name |
Name | |
matchName |
Name | |
matchRelation |
string | Can be one of: 'is-prefix-of' - passes if the name is equal to or has the other name as a prefix 'is-strict-prefix-of' - passes if the name has the other name as a prefix, and is not equal 'equal' - passes if the two names are equal |
Returns:
- Type
- boolean
checkSignatureMatch(signatureName, objectName, rule, failureReason) → {boolean}
Once a rule is found to match data or a signed interest, the name in the
KeyLocator must satisfy the condition in the 'checker' section of the rule,
else the data or interest is rejected.
Parameters:
| Name | Type | Description |
|---|---|---|
signatureName |
Name | The certificate name from the KeyLocator. |
objectName |
Name | The name of the data packet or interest. In the case of signed interests, this excludes the timestamp, nonce and signature components. |
rule |
BoostInfoTree | The rule from the configuration file that matches the data or interest. |
failureReason |
Array.<string> | If matching fails, set failureReason[0] to the failure reason. |
Returns:
True if matches.
- Type
- boolean
checkSigningPolicy(dataName, certificateName) → {boolean}
Override to always indicate that the signing certificate name and data name
satisfy the signing policy.
Parameters:
| Name | Type | Description |
|---|---|---|
dataName |
Name | The name of data to be signed. |
certificateName |
Name | The name of signing certificate. |
Returns:
True to indicate that the signing certificate can be used
to sign the data.
- Type
- boolean
checkVerificationPolicy(dataOrInterest, stepCount, onVerified, onValidationFailed, wireFormat) → {ValidationRequest}
Check whether the received data packet or interest complies with the
verification policy, and get the indication of the next verification step.
Parameters:
| Name | Type | Description |
|---|---|---|
dataOrInterest |
Data | Interest | The Data object or interest with the signature to check. |
stepCount |
number | The number of verification steps that have been done, used to track the verification progress. |
onVerified |
function | If the signature is verified, this calls onVerified(dataOrInterest). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions. |
onValidationFailed |
function | If the signature check fails, this calls onValidationFailed(dataOrInterest, reason). NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions. |
wireFormat |
WireFormat |
Returns:
The indication of next verification step, or
null if there is no further step.
- Type
- ValidationRequest
findMatchingRule(objName, matchType) → {BoostInfoTree}
Search the configuration file for the first rule that matches the data or
signed interest name. In the case of interests, the name to match should
exclude the timestamp, nonce, and signature components.
Parameters:
| Name | Type | Description |
|---|---|---|
objName |
Name | The name to be matched. |
matchType |
string | The rule type to match, "data" or "interest". |
Returns:
The matching rule, or null if not found.
- Type
- BoostInfoTree
getCertificateInterest_(stepCount, matchType, objectName, signature, failureReason) → {Interest}
This is a helper for checkVerificationPolicy to verify the rule and return a
certificate interest to fetch the next certificate in the hierarchy if needed.
Parameters:
| Name | Type | Description |
|---|---|---|
stepCount |
number | The number of verification steps that have been done, used to track the verification progress. |
matchType |
string | Either "data" or "interest". |
objectName |
Name | The name of the data or interest packet. |
signature |
Signature | The Signature object for the data or interest packet. |
failureReason |
Array.<string> | If can't determine the interest, set failureReason[0] to the failure reason. |
Returns:
null if can't determine the interest, otherwise the
interest for the ValidationRequest to fetch the next certificate. However, if
the interest has an empty name, the validation succeeded and no need to fetch
a certificate.
- Type
- Interest
interestTimestampIsFresh(keyName, timestamp, failureReason) → {boolean}
Determine whether the timestamp from the interest is newer than the last use
of this key, or within the grace interval on first use.
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of the public key used to sign the interest. |
timestamp |
number | The timestamp extracted from the interest name. |
failureReason |
Array.<string> | If matching fails, set failureReason[0] to the failure reason. |
Returns:
True if timestamp is fresh as described above.
- Type
- boolean
load(configFileName, input, inputName)
Call reset() and load the configuration rules from the file name or the input
string. There are two forms:
load(configFileName) reads configFileName from the file system. (This only
works in Node.js since it reads files using the "fs" module.)
load(input, inputName) reads from the input, in which case inputName is used
only for log messages, etc.
Parameters:
| Name | Type | Description |
|---|---|---|
configFileName |
string | The path to the file containing configuration rules. |
input |
string | The contents of the configuration rules, with lines separated by "\n" or "\r\n". |
inputName |
string | Use with input for log messages, etc. |
loadTrustAnchorCertificates()
The configuration file allows 'trust anchor' certificates to be preloaded.
The certificates may also be loaded from a directory, and if the 'refresh'
option is set to an interval, the certificates are reloaded at the specified
interval.
lookupCertificate(certID, isPath) → {IdentityCertificate}
This looks up certificates specified as base64-encoded data or file names.
These are cached by filename or encoding to avoid repeated reading of files
or decoding.
Parameters:
| Name | Type | Description |
|---|---|---|
certID |
string | |
isPath |
boolean |
Returns:
The certificate object, or null if not found.
- Type
- IdentityCertificate
lookupCertificateV2(certID, isPath) → {CertificateV2}
This looks up certificates specified as base64-encoded data or file names.
These are cached by filename or encoding to avoid repeated reading of files
or decoding.
Parameters:
| Name | Type | Description |
|---|---|---|
certID |
string | |
isPath |
boolean |
Returns:
The certificate object, or null if not found.
- Type
- CertificateV2
requireVerify(dataOrInterest) → {boolean}
Check if this PolicyManager has a verification rule for the received data.
If the configuration file contains the trust anchor 'any', nothing is
verified.
Parameters:
| Name | Type | Description |
|---|---|---|
dataOrInterest |
Data | Interest | The received data packet or interest. |
Returns:
true if the data must be verified, otherwise false.
- Type
- boolean
reset()
Reset the certificate cache and other fields to the constructor state.
skipVerifyAndTrust(dataOrInterest) → {boolean}
Check if the received signed interest can escape from verification and be
trusted as valid. If the configuration file contains the trust anchor
'any', nothing is verified.
Parameters:
| Name | Type | Description |
|---|---|---|
dataOrInterest |
Data | Interest | The received data packet or interest. |
Returns:
true if the data or interest does not need to be verified
to be trusted as valid, otherwise false.
- Type
- boolean
updateTimestampForKey(keyName, timestamp)
Trim the table size down if necessary, and insert/update the latest interest
signing timestamp for the key. Any key which has not been used within the TTL
period is purged. If the table is still too large, the oldest key is purged.
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of the public key used to sign the interest. |
timestamp |
number | The timestamp extracted from the interest name. |
verify(signatureInfo, signedBlob, onComplete)
Check the type of signatureInfo to get the KeyLocator. Look in the
IdentityStorage for the public key with the name in the KeyLocator and use it
to verify the signedBlob. If the public key can't be found, return false.
(This is a generalized method which can verify both a data packet and an
interest.)
Parameters:
| Name | Type | Description |
|---|---|---|
signatureInfo |
Signature | An object of a subclass of Signature, e.g. Sha256WithRsaSignature. |
signedBlob |
SignedBlob | The SignedBlob with the signed portion to verify. |
onComplete |
function | This calls onComplete(true, undefined) if the signature verifies, otherwise onComplete(false, reason). |