From 9cdaefdb9a93d1f32a71de649f969c9d0ec7e86d Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 11 Sep 2013 15:13:05 -0400
Subject: Drop old Certificate type from Network.

---
 node/Network.hpp | 97 ++++----------------------------------------------------
 1 file changed, 7 insertions(+), 90 deletions(-)

(limited to 'node/Network.hpp')

diff --git a/node/Network.hpp b/node/Network.hpp
index 747bb2f4..324ab3cf 100644
--- a/node/Network.hpp
+++ b/node/Network.hpp
@@ -169,95 +169,12 @@ public:
 		std::vector<_Parameter> _params;
 	};
 
-	/**
-	 * A certificate of network membership for private network participation
-	 *
-	 * Certificates consist of a dictionary containing one or more values with
-	 * optional max delta paramters. A max delta paramter defines the maximum
-	 * absolute value of the difference between each set of two values in order
-	 * for two certificates to match. If there is no max delta parameter, each
-	 * value is compared for straightforward string equality. Values must be
-	 * in hexadecimal (and may be negative) for max delta comparison purposes.
-	 * Decimals are not allowed, so decimal values must be multiplied by some
-	 * factor to convert them to integers with the required relative precision.
-	 * Math is done in 64-bit, allowing plenty of room for this.
-	 *
-	 * This allows membership in a network to be defined not only in terms of
-	 * absolute parameters but also relative comparisons. For example, a network
-	 * could be created that defined membership in terms of a geographic radius.
-	 * Its certificates would contain latitude, longitude, and a max delta for
-	 * each defining the radius.
-	 *
-	 * Max deltas are prefixed by "~". For example, a max delta for "longitude"
-	 * would be "~longitude".
-	 *
-	 * One value and its associated max delta is just about always present: a
-	 * timestamp. This represents the time the certificate was issued by the
-	 * netconf controller. Each peer requests netconf updates periodically with
-	 * new certificates, so this causes peers that are no longer members of the
-	 * network to lose the ability to communicate with their certificate's "ts"
-	 * field differs from everyone else's "ts" by more than "~ts".
-	 */
-	class Certificate : private Dictionary
-	{
-	public:
-		Certificate() {}
-		Certificate(const char *s) : Dictionary(s) {}
-		Certificate(const std::string &s) : Dictionary(s) {}
-		inline std::string toString() const { return Dictionary::toString(); }
-
-		/**
-		 * Sign this certificate
-		 *
-		 * @param with Signing identity -- the identity of this network's controller
-		 * @return Signature or empty string on failure
-		 */
-		inline std::string sign(const Identity &with) const
-		{
-			unsigned char dig[32];
-			_shaForSignature(dig);
-			return with.sign(dig);
-		}
-
-		/**
-		 * Verify this certificate's signature
-		 *
-		 * @param with Signing identity -- the identity of this network's controller
-		 * @param sig Signature
-		 * @param siglen Length of signature in bytes
-		 */
-		inline bool verify(const Identity &with,const void *sig,unsigned int siglen) const
-		{
-			unsigned char dig[32];
-			_shaForSignature(dig);
-			return with.verifySignature(dig,sig,siglen);
-		}
-
-		/**
-		 * Check if another peer is indeed a current member of this network
-		 *
-		 * Fields with companion ~fields are compared with the defined maximum
-		 * delta in this certificate. Fields without ~fields are compared for
-		 * equality.
-		 *
-		 * This does not verify the certificate's signature!
-		 * 
-		 * @param mc Peer membership certificate
-		 * @return True if mc's membership in this network is current
-		 */
-		bool qualifyMembership(const Certificate &mc) const;
-
-	private:
-		void _shaForSignature(unsigned char *dig) const;
-	};
-
 	/**
 	 * Preload and rates of accrual for multicast group bandwidth limits
 	 *
 	 * Key is multicast group in lower case hex format: MAC (without :s) /
 	 * ADI (hex). Value is preload, maximum balance, and rate of accrual in
-	 * hex. These are signed hex numbers, so a negative value can be prefixed
-	 * with '-'.
+	 * hex.
 	 */
 	class MulticastRates : private Dictionary
 	{
@@ -402,12 +319,12 @@ public:
 		/**
 		 * @return Certificate of membership for this network, or empty cert if none
 		 */
-		inline Certificate certificateOfMembership() const
+		inline CertificateOfMembership certificateOfMembership() const
 		{
 			const_iterator cm(find("com"));
 			if (cm == end())
-				return Certificate();
-			else return Certificate(cm->second);
+				return CertificateOfMembership();
+			else return CertificateOfMembership(cm->second);
 		}
 
 		/**
@@ -602,7 +519,7 @@ public:
 	 * @param peer Peer that owns certificate
 	 * @param cert Certificate itself
 	 */
-	void addMembershipCertificate(const Address &peer,const Certificate &cert);
+	void addMembershipCertificate(const Address &peer,const CertificateOfMembership &cert);
 
 	/**
 	 * @param peer Peer address to check
@@ -679,11 +596,11 @@ private:
 	std::set<MulticastGroup> _multicastGroups;
 
 	// Membership certificates supplied by other peers on this network
-	std::map<Address,Certificate> _membershipCertificates;
+	std::map<Address,CertificateOfMembership> _membershipCertificates;
 
 	// Configuration from network master node
 	Config _configuration;
-	Certificate _myCertificate; // memoized from _configuration
+	CertificateOfMembership _myCertificate; // memoized from _configuration
 	MulticastRates _mcRates; // memoized from _configuration
 
 	// Ethertype whitelist bit field, set from config, for really fast lookup
-- 
cgit v1.2.3