IBR-DTN  1.0.0
SecurityCertificateManager.h
Go to the documentation of this file.
1 /*
2  * SecurityCertificateManager.h
3  *
4  * Copyright (C) 2011 IBR, TU Braunschweig
5  *
6  * Written-by: Stephen Roettger <roettger@ibr.cs.tu-bs.de>
7  *
8  * Licensed under the Apache License, Version 2.0 (the "License");
9  * you may not use this file except in compliance with the License.
10  * You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing, software
15  * distributed under the License is distributed on an "AS IS" BASIS,
16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * See the License for the specific language governing permissions and
18  * limitations under the License.
19  *
20  */
21 
22 #ifndef SECURITYCERTIFICATEMANAGER_H_
23 #define SECURITYCERTIFICATEMANAGER_H_
24 
25 #include "Configuration.h"
26 #include "core/Event.h"
27 #include "Component.h"
28 
29 #include <ibrcommon/data/File.h>
30 #include <ibrcommon/thread/Mutex.h>
31 
32 #include <ibrdtn/data/EID.h>
33 
34 #include <openssl/ssl.h>
35 #include <string>
36 
37 namespace dtn
38 {
39  namespace security
40  {
41  class SecurityCertificateException : public ibrcommon::Exception
42  {
43  public:
44  SecurityCertificateException(std::string what = "verification failed") : ibrcommon::Exception(what)
45  {};
46 
47  virtual ~SecurityCertificateException() throw() {};
48  };
49 
53  class SecurityCertificateManager : public dtn::daemon::IntegratedComponent, public dtn::daemon::Configuration::OnChangeListener
54  {
55  static const std::string TAG;
56 
57  public:
58  SecurityCertificateManager();
59  virtual ~SecurityCertificateManager();
60 
64  virtual void onConfigurationChanged(const dtn::daemon::Configuration &conf) throw ();
65 
72  static void validateSubject(X509 *certificate, const std::string &cn) throw (SecurityCertificateException);
73 
78  bool isInitialized();
79 
85  const X509 *getCert() const;
91  const EVP_PKEY *getPrivateKey() const;
96  const ibrcommon::File& getTrustedCAPath() const;
97 
98  /* functions from IntegratedComponent */
99  virtual void componentUp() throw ();
100  virtual void componentDown() throw ();
101 
102  virtual const std::string getName() const;
103 
104  private:
105  ibrcommon::Mutex _initialization_lock;
106  bool _initialized;
107 
108  X509 *_cert;
109  EVP_PKEY *_privateKey;
110  ibrcommon::File _trustedCAPath;
111  };
112  }
113 }
114 
115 #endif /* SECURITYCERTIFICATEMANAGER_H_ */
dtn::security::SecurityCertificateManager
This class is a manager to handle certificates.
Definition: SecurityCertificateManager.h:53
dtn::security::SecurityCertificateManager::getCert
const X509 * getCert() const
retrieve the saved certificate
Definition: SecurityCertificateManager.cpp:49
dtn::security::SecurityCertificateException::SecurityCertificateException
SecurityCertificateException(std::string what="verification failed")
Definition: SecurityCertificateManager.h:44
dtn::security::SecurityCertificateManager::onConfigurationChanged
virtual void onConfigurationChanged(const dtn::daemon::Configuration &conf)
Definition: SecurityCertificateManager.cpp:64
dtn::security::SecurityCertificateManager::getPrivateKey
const EVP_PKEY * getPrivateKey() const
retrieve the saved private key
Definition: SecurityCertificateManager.cpp:54
dtn::security::SecurityCertificateManager::getTrustedCAPath
const ibrcommon::File & getTrustedCAPath() const
retrieve the saved directory holding trusted certificates
Definition: SecurityCertificateManager.cpp:59
dtn::security::SecurityCertificateManager::isInitialized
bool isInitialized()
checks if this class has already been initialized with a certificate and private key ...
Definition: SecurityCertificateManager.cpp:44
dtn::security::SecurityCertificateManager::validateSubject
static void validateSubject(X509 *certificate, const std::string &cn)
Validates if the CommonName in the given X509 certificate corresponds to the given EID...
Definition: SecurityCertificateManager.cpp:142