summaryrefslogtreecommitdiffstats
path: root/libtransport/src/security/identity.cc
diff options
context:
space:
mode:
Diffstat (limited to 'libtransport/src/security/identity.cc')
-rw-r--r--libtransport/src/security/identity.cc115
1 files changed, 115 insertions, 0 deletions
diff --git a/libtransport/src/security/identity.cc b/libtransport/src/security/identity.cc
new file mode 100644
index 000000000..55713245e
--- /dev/null
+++ b/libtransport/src/security/identity.cc
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2017-2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <hicn/transport/security/identity.h>
+
+extern "C" {
+#include <parc/security/parc_PublicKeySigner.h>
+#include <parc/security/parc_Security.h>
+}
+
+namespace utils {
+
+Identity::Identity(const std::string &keystore_name,
+ const std::string &keystore_password, CryptoSuite suite,
+ unsigned int key_length, unsigned int validity_days,
+ const std::string &subject_name) {
+ parcSecurity_Init();
+
+ bool success = parcPkcs12KeyStore_CreateFile(
+ keystore_name.c_str(), keystore_password.c_str(), subject_name.c_str(),
+ parcCryptoSuite_GetSigningAlgorithm(static_cast<PARCCryptoSuite>(suite)),
+ key_length, validity_days);
+
+ parcAssertTrue(
+ success,
+ "parcPkcs12KeyStore_CreateFile('%s', '%s', '%s', %d, %d) failed.",
+ keystore_name.c_str(), keystore_password.c_str(), subject_name.c_str(),
+ static_cast<int>(key_length), validity_days);
+
+ PARCIdentityFile *identity_file =
+ parcIdentityFile_Create(keystore_name.c_str(), keystore_password.c_str());
+
+ identity_ =
+ parcIdentity_Create(identity_file, PARCIdentityFileAsPARCIdentity);
+
+ PARCSigner *signer = parcIdentity_CreateSigner(
+ identity_,
+ parcCryptoSuite_GetCryptoHash(static_cast<PARCCryptoSuite>(suite)));
+
+ signer_ = std::make_shared<Signer>(signer, suite);
+
+ parcSigner_Release(&signer);
+ parcIdentityFile_Release(&identity_file);
+}
+
+Identity::Identity(const Identity &other)
+ : signer_(other.signer_), hash_algorithm_(other.hash_algorithm_) {
+ parcSecurity_Init();
+ identity_ = parcIdentity_Acquire(other.identity_);
+}
+
+Identity Identity::generateIdentity(const std::string &subject_name) {
+ std::string keystore_name = "keystore";
+ std::string keystore_password = "password";
+ std::size_t key_length = 1024;
+ unsigned int validity_days = 30;
+ CryptoSuite suite = CryptoSuite::RSA_SHA256;
+
+ return utils::Identity(keystore_name, keystore_password, suite,
+ (unsigned int)key_length, validity_days, subject_name);
+}
+
+Identity::Identity(std::string &file_name, std::string &password,
+ transport::core::HashAlgorithm hash_algorithm)
+ : hash_algorithm_(hash_algorithm) {
+ parcSecurity_Init();
+
+ PARCIdentityFile *identity_file =
+ parcIdentityFile_Create(file_name.c_str(), password.c_str());
+
+ identity_ =
+ parcIdentity_Create(identity_file, PARCIdentityFileAsPARCIdentity);
+
+ PARCSigner *signer = parcIdentity_CreateSigner(
+ identity_, static_cast<PARCCryptoHashType>(hash_algorithm));
+
+ signer_ = std::make_shared<Signer>(
+ signer, CryptoSuite(parcSigner_GetCryptoSuite(signer)));
+
+ parcSigner_Release(&signer);
+ parcIdentityFile_Release(&identity_file);
+}
+
+Identity::~Identity() {
+ parcIdentity_Release(&identity_);
+ parcSecurity_Fini();
+}
+
+std::string Identity::getFileName() {
+ return std::string(parcIdentity_GetFileName(identity_));
+}
+
+std::string Identity::getPassword() {
+ return std::string(parcIdentity_GetPassWord(identity_));
+}
+
+std::shared_ptr<Signer> Identity::getSigner() { return signer_; }
+
+size_t Identity::getSignatureLength() const {
+ return signer_->getSignatureLength();
+}
+
+} // namespace utils