aboutsummaryrefslogtreecommitdiffstats
path: root/libtransport/src/auth/identity.cc
diff options
context:
space:
mode:
Diffstat (limited to 'libtransport/src/auth/identity.cc')
-rw-r--r--libtransport/src/auth/identity.cc116
1 files changed, 116 insertions, 0 deletions
diff --git a/libtransport/src/auth/identity.cc b/libtransport/src/auth/identity.cc
new file mode 100644
index 000000000..bd787b9b6
--- /dev/null
+++ b/libtransport/src/auth/identity.cc
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2017-2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <hicn/transport/auth/identity.h>
+
+using namespace std;
+
+namespace transport {
+namespace auth {
+
+Identity::Identity(const string &keystore_path, const string &keystore_pwd,
+ CryptoSuite suite, unsigned int signature_len,
+ unsigned int validity_days, const string &subject_name)
+ : identity_(nullptr), signer_(nullptr) {
+ parcSecurity_Init();
+
+ bool success = parcPkcs12KeyStore_CreateFile(
+ keystore_path.c_str(), keystore_pwd.c_str(), subject_name.c_str(),
+ parcCryptoSuite_GetSigningAlgorithm(static_cast<PARCCryptoSuite>(suite)),
+ signature_len, validity_days);
+
+ parcAssertTrue(
+ success,
+ "parcPkcs12KeyStore_CreateFile('%s', '%s', '%s', %d, %d, %d) failed.",
+ keystore_path.c_str(), keystore_pwd.c_str(), subject_name.c_str(),
+ static_cast<int>(suite), static_cast<int>(signature_len), validity_days);
+
+ PARCIdentityFile *identity_file =
+ parcIdentityFile_Create(keystore_path.c_str(), keystore_pwd.c_str());
+
+ identity_ =
+ parcIdentity_Create(identity_file, PARCIdentityFileAsPARCIdentity);
+
+ PARCSigner *signer = parcIdentity_CreateSigner(
+ identity_,
+ parcCryptoSuite_GetCryptoHash(static_cast<PARCCryptoSuite>(suite)));
+
+ signer_ = make_shared<AsymmetricSigner>(signer);
+
+ parcSigner_Release(&signer);
+ parcIdentityFile_Release(&identity_file);
+}
+
+Identity::Identity(string &keystore_path, string &keystore_pwd,
+ CryptoHashType hash_type)
+ : identity_(nullptr), signer_(nullptr) {
+ parcSecurity_Init();
+
+ PARCIdentityFile *identity_file =
+ parcIdentityFile_Create(keystore_path.c_str(), keystore_pwd.c_str());
+
+ identity_ =
+ parcIdentity_Create(identity_file, PARCIdentityFileAsPARCIdentity);
+
+ PARCSigner *signer = parcIdentity_CreateSigner(
+ identity_, static_cast<PARCCryptoHashType>(hash_type));
+
+ signer_ = make_shared<AsymmetricSigner>(signer);
+
+ parcSigner_Release(&signer);
+ parcIdentityFile_Release(&identity_file);
+}
+
+Identity::Identity(const Identity &other)
+ : identity_(nullptr), signer_(other.signer_) {
+ parcSecurity_Init();
+ identity_ = parcIdentity_Acquire(other.identity_);
+}
+
+Identity::Identity(Identity &&other)
+ : identity_(nullptr), signer_(move(other.signer_)) {
+ parcSecurity_Init();
+ identity_ = parcIdentity_Acquire(other.identity_);
+ parcIdentity_Release(&other.identity_);
+}
+
+Identity::~Identity() {
+ if (identity_) parcIdentity_Release(&identity_);
+ parcSecurity_Fini();
+}
+
+shared_ptr<AsymmetricSigner> Identity::getSigner() const { return signer_; }
+
+string Identity::getFilename() const {
+ return string(parcIdentity_GetFileName(identity_));
+}
+
+string Identity::getPassword() const {
+ return string(parcIdentity_GetPassWord(identity_));
+}
+
+Identity Identity::generateIdentity(const string &subject_name) {
+ string keystore_name = "keystore";
+ string keystore_password = "password";
+ size_t key_length = 1024;
+ unsigned int validity_days = 30;
+ CryptoSuite suite = CryptoSuite::RSA_SHA256;
+
+ return Identity(keystore_name, keystore_password, suite,
+ (unsigned int)key_length, validity_days, subject_name);
+}
+
+} // namespace auth
+} // namespace transport