From 6d7704c1b497341fd6dd3c27e3f64d0db062ccc2 Mon Sep 17 00:00:00 2001
From: Mauro Sardara <msardara@cisco.com>
Date: Mon, 4 Feb 2019 11:06:18 +0100
Subject: [HICN-11] Rework on transport protocols improving components
 modularity

Change-Id: I6683ec5b494238dc93591c103d25275e89b9f267
Signed-off-by: Mauro Sardara <msardara@cisco.com>
---
 .../transport/protocols/verification_manager.h     | 72 ++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 libtransport/src/hicn/transport/protocols/verification_manager.h

(limited to 'libtransport/src/hicn/transport/protocols/verification_manager.h')

diff --git a/libtransport/src/hicn/transport/protocols/verification_manager.h b/libtransport/src/hicn/transport/protocols/verification_manager.h
new file mode 100644
index 000000000..da67e86f8
--- /dev/null
+++ b/libtransport/src/hicn/transport/protocols/verification_manager.h
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2017-2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <hicn/transport/interfaces/socket_consumer.h>
+
+#include <deque>
+
+namespace transport {
+
+namespace protocol {
+
+class VerificationManager {
+ public:
+  virtual ~VerificationManager() = default;
+  virtual bool onPacketToVerify(const Packet& packet) = 0;
+};
+
+class SignatureVerificationManager : public VerificationManager {
+ public:
+  SignatureVerificationManager(interface::ConsumerSocket* icn_socket)
+      : icn_socket_(icn_socket) {}
+
+  TRANSPORT_ALWAYS_INLINE bool onPacketToVerify(const Packet& packet) override {
+    using namespace interface;
+
+    bool verify_signature, ret = false;
+    icn_socket_->getSocketOption(GeneralTransportOptions::VERIFY_SIGNATURE,
+                                 verify_signature);
+
+    if (!verify_signature) {
+      return true;
+    }
+
+    std::shared_ptr<utils::Verifier> verifier;
+    icn_socket_->getSocketOption(GeneralTransportOptions::VERIFIER, verifier);
+
+    if (TRANSPORT_EXPECT_FALSE(!verifier)) {
+      throw errors::RuntimeException(
+          "No certificate provided by the application.");
+    }
+
+    ret = verifier->verify(packet);
+
+    if (!ret) {
+      throw errors::RuntimeException(
+          "Verification failure policy has to be implemented.");
+    }
+
+    return ret;
+  }
+
+ private:
+  interface::ConsumerSocket* icn_socket_;
+};
+
+}  // end namespace protocol
+
+}  // end namespace transport
-- 
cgit 1.2.3-korg