Newer
Older
#include "security_db.hh"
#include "Params.hh"
#include "converter.hh"
security_db::security_db(): _certificates(), _hashed_id8s() {
loggers::get_instance().log(">>> security_db::security_db");
} // End of ctor
security_db::security_db(const std::string& p_db_path): security_db() {
loggers::get_instance().log(">>> security_db::security_db: '%s'", p_db_path.c_str());
if (p_db_path.empty()) {
simulate_certificates();
}
} // End of ctor
security_db::~security_db() {
clear();
} // End of dtor
int security_db::clear() {
_certificates.clear(); // Smart pointers will do the job
int security_db::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const {
loggers::get_instance().log_msg(">>> security_db::get_certificate_id: ", p_hashed_id8);
std::vector<unsigned char> key(static_cast<const unsigned char*>(p_hashed_id8), p_hashed_id8.lengthof() + static_cast<const unsigned char*>(p_hashed_id8));
std::map<const std::vector<unsigned char>, const std::string&>::const_iterator it = _hashed_id8s.find(key);
if (it == _hashed_id8s.cend()) {
p_certifcate_id = "";
return -1;
}
p_certifcate_id = it->second;
return 0;
}
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const {
loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str());
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> cert = it->second.get()->certificate();
p_certificate = OCTETSTRING(cert.size(), cert.data());
return 0;
}
int security_db::get_hashed_id_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const {
loggers::get_instance().log(">>> security_db::get_hashed_id_issuer: '%s'", p_certificate_id.c_str());
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> hashed_id_issuer = it->second.get()->hashed_id_issuer();
p_hashed_id_issuer = OCTETSTRING(hashed_id_issuer.size(), hashed_id_issuer.data());
return 0;
}
int security_db::get_hashed_id(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id) const {
loggers::get_instance().log(">>> security_db::get_hashed_id: '%s'", p_certificate_id.c_str());
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> hashed_id = it->second.get()->hashed_id();
p_hashed_id = OCTETSTRING(hashed_id.size(), hashed_id.data());
return 0;
}
int security_db::get_private_key(const std::string& p_certificate_id, OCTETSTRING& p_private_key) const {
loggers::get_instance().log(">>> security_db::get_private_key: '%s'", p_certificate_id.c_str());
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> private_key = it->second.get()->private_key();
p_private_key = OCTETSTRING(private_key.size(), private_key.data());
return 0;
}
int security_db::get_public_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const {
loggers::get_instance().log(">>> security_db::get_public_keys: '%s'", p_certificate_id.c_str());
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> public_key_x = it->second.get()->public_key_x();
p_public_key_x = OCTETSTRING(public_key_x.size(), public_key_x.data());
const std::vector<unsigned char> public_key_y = it->second.get()->public_key_y();
p_public_key_y = OCTETSTRING(public_key_y.size(), public_key_y.data());
return 0;
}
int security_db::load_from_files(const std::string& p_db_path) {
loggers::get_instance().log(">>> security_db::load_from_files: '%s'", p_db_path.c_str());
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
if (certificates_loader::get_instance().build_path(p_db_path) == -1) {
loggers::get_instance().log(">>> security_db::load_from_files: certificates_loader::build_path metthod failed");
return -1;
}
if (certificates_loader::get_instance().load_certificates(_certificates, _hashed_id8s) == -1) {
loggers::get_instance().log(">>> security_db::load_from_files: certificates_loader::load_certificates metthod failed");
return -1;
}
return 0;
}
int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer) {
loggers::get_instance().log_msg(">>> security_db::store_certificate: ", p_cert_id);
const std::string key(static_cast<const char*>(p_cert_id));
std::vector<unsigned char> cert(static_cast<const unsigned char*>(p_cert), static_cast<const unsigned char*>(p_cert) + p_cert.lengthof());
std::vector<unsigned char> private_key(static_cast<const unsigned char*>(p_private_key), static_cast<const unsigned char*>(p_private_key) + p_private_key.lengthof());
std::vector<unsigned char> public_key_x(static_cast<const unsigned char*>(p_public_key_x), static_cast<const unsigned char*>(p_public_key_x) + p_public_key_x.lengthof());
std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof());
std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof());
std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof());
security_db_record* p = new security_db_record(
key, // Certificate id
cert, // Certificate
issuer, // Hashed ID fo the issuer, empty for CA
hashed_id8, // Hashed ID
private_key, // Private key
public_key_x, // Public key X
public_key_y // Public key Y
);
if (p == nullptr) {
return -1;
}
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator i = _certificates.find(key);
if (i != _certificates.cend()) {
_certificates.erase(i);
}
std::map<const std::vector<unsigned char>, const std::string&>::const_iterator h = _hashed_id8s.find(hashed_id8);
if (h != _hashed_id8s.cend()) {
_hashed_id8s.erase(h);
}
_certificates.insert(std::pair<const std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(p)));
_hashed_id8s.insert(std::pair<const std::vector<unsigned char>, const std::string&>(hashed_id8, key));
dump();
void security_db::dump() const {
loggers::get_instance().log("security_db::dump_certificates: # items = %d", _certificates.size());
for (std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.cbegin(); it != _certificates.cend(); ++it) {
security_db_record* p = it->second.get();
loggers::get_instance().log("security_db::dump: certificate_id = %s", p->certificate_id().c_str());
loggers::get_instance().log_to_hexa("security_db::dump: certificate = ", p->certificate().data(), p->certificate().size());
loggers::get_instance().log_to_hexa("security_db::dump: hashed_id = ", p->hashed_id().data(), p->hashed_id().size());
loggers::get_instance().log_to_hexa("security_db::dump: hashed_id_issuer = ", p->hashed_id_issuer().data(), p->hashed_id_issuer().size());
loggers::get_instance().log_to_hexa("security_db::dump: private_key = ", p->private_key().data(), p->private_key().size());
loggers::get_instance().log_to_hexa("security_db::dump: public_key_x = ", p->public_key_x().data(), p->public_key_x().size());
loggers::get_instance().log_to_hexa("security_db::dump: public_key_y = ", p->public_key_y().data(), p->public_key_y().size());
} // End of 'for' statement
for (std::map<const std::vector<unsigned char>, const std::string&>::const_iterator it = _hashed_id8s.cbegin(); it != _hashed_id8s.cend(); ++it) {
loggers::get_instance().log("security_db::dump: Hashedid8 idx = %s", it->second.c_str());
} // End of 'for' statement
} // End of method dump
int security_db::simulate_certificates() {
loggers::get_instance().log(">>> security_db::simulate_certificates");
{
std::string key("ta_cert_nistp256_sha256_ca");
std::vector<unsigned char> cert = converter::get_instance().hexa_to_bytes("8003008100188120535446353338204E6973745032353620526F6F742043657274696669636174650000000000010A8F1C86000A01028001248104038300018001258104038300010101E0800101800101810101010000808084CF58BA68FD3FFA4C67C333C7FDA1433678CA3CF8B7864D77D44159313C4699CBA61262989BDC042ECA224586798CAF6FEB0E16C17F04027804674AD2844322738084CF58BA68FD3FFA4C67C333C7FDA1433678CA3CF8B7864D77D44159313C4699CBA61262989BDC042ECA224586798CAF6FEB0E16C17F04027804674AD284432273C4757BF29746FBA553EAEE5A79A00C6A3B45F62A6104DCEFF4ECDEA832A9F7C47F40836703F51CF635DF408741A92E5CCFB66A840C601AE0EEED832D38DB95CC");
std::vector<unsigned char> issuer;
std::vector<unsigned char> h = converter::get_instance().hexa_to_bytes("7AE33C47E0C1EF90"); // Hashed ID
std::vector<unsigned char> pk = converter::get_instance().hexa_to_bytes("D22D278BE33B9E5659D5F531DE5B9A53E8912EE76B48242EC041667342DC9541"); // Private key
std::vector<unsigned char> xk = converter::get_instance().hexa_to_bytes("CF58BA68FD3FFA4C67C333C7FDA1433678CA3CF8B7864D77D44159313C4699CB"); // Public key X
std::vector<unsigned char> yk = converter::get_instance().hexa_to_bytes("A61262989BDC042ECA224586798CAF6FEB0E16C17F04027804674AD284432273"); // Public key Y
_certificates.insert(std::pair<const std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(new security_db_record(
key,
cert, // Certificate
issuer, // Hashed ID fo the issuer, empty for CA
h, // Hashed ID
pk, // Private key
xk, // Public key X
yk // Public key Y
))
));
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(key);
if (it == _certificates.cend()) {
return -1;
}
_hashed_id8s.insert(std::pair<const std::vector<unsigned char>, const std::string&>(it->second.get()->hashed_id(), it->first));
std::string key = "ta_cert_nistp256_sha256_aa";
std::vector<unsigned char> cert = converter::get_instance().hexa_to_bytes("800300807AE33C47E0C1EF9050811E535446353338204E697374503235362041412043657274696669636174650000000000010A8F1C86000A83010280000C8000220102800124810403830001800125810403830001808084804ECD51522FB92F464C815CACE691FC4DDB157AB736116698BD1EB17B05DDC2C85FD7C0D28EB038F061599E91DC8CD432720E3844A5B223C08B7CE20D84FBF78084CF58BA68FD3FFA4C67C333C7FDA1433678CA3CF8B7864D77D44159313C4699CBA61262989BDC042ECA224586798CAF6FEB0E16C17F04027804674AD2844322739D6ECE19CEBE366268B420F4288EC7CBD8C275B0357F6BBB057ECBB9F35985F7154534E278336A0E76675A037A46B33CFA4951CDBAA9F41364DA4E8A4DDCEBEB");
std::vector<unsigned char> issuer = converter::get_instance().hexa_to_bytes("7AE33C47E0C1EF90");
std::vector<unsigned char> h = converter::get_instance().hexa_to_bytes("B72C8DC20C0B895D"); // Hashed ID
std::vector<unsigned char> pk = converter::get_instance().hexa_to_bytes("DB35514A5B97D01807D198B2EE083806B7B80BA1BE710AC28C5E122F051DC985"); // Private key
std::vector<unsigned char> xk = converter::get_instance().hexa_to_bytes("804ECD51522FB92F464C815CACE691FC4DDB157AB736116698BD1EB17B05DDC2"); // Public key X
std::vector<unsigned char> yk = converter::get_instance().hexa_to_bytes("C85FD7C0D28EB038F061599E91DC8CD432720E3844A5B223C08B7CE20D84FBF7"); // Public key Y
_certificates.insert(std::pair<const std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(new security_db_record(
key,
cert, // Certificate
issuer, // Hashed ID fo the issuer, empty for CA
h, // Hashed ID
pk, // Private key
xk, // Public key X
yk // Public key Y
))
));
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(key);
if (it == _certificates.cend()) {
return -1;
}
_hashed_id8s.insert(std::pair<const std::vector<unsigned char>, const std::string&>(it->second.get()->hashed_id(), it->first));
std::string key = "ta_cert_nistp256_sha256_at";
std::vector<unsigned char> cert = converter::get_instance().hexa_to_bytes("80030080B72C8DC20C0B895D50811E535446353338204E697374503235362041542043657274696669636174650000000000010A8F1C86000A83010280000C8000220102800124810403830001800125810403830001808084778176B2068C42EC4815DF780A428627061DC14E02F4DD249738A940B130836F665E7B08BBB6195BEABC169F4B21DDD0AD093D58764D1A9E9BCD9DADD2BB8AC88084804ECD51522FB92F464C815CACE691FC4DDB157AB736116698BD1EB17B05DDC2C85FD7C0D28EB038F061599E91DC8CD432720E3844A5B223C08B7CE20D84FBF750C6D53A1B14EC95DAAFB33C10597BA6A6CEF527FBF339D8FD9D03024ADD362AD88346C027E8CB55751592CCF6852AA2A6D1E5B78460B44C776E6A208472127F");
std::vector<unsigned char> issuer = converter::get_instance().hexa_to_bytes("B72C8DC20C0B895D");
std::vector<unsigned char> h = converter::get_instance().hexa_to_bytes("DD2D89F4C9DE0436"); // Hashed ID
std::vector<unsigned char> pk = converter::get_instance().hexa_to_bytes("58887AE281046FC03AA8F78DF792EC64B6922D9633A87B32515599875321640D"); // Private key
std::vector<unsigned char> xk = converter::get_instance().hexa_to_bytes("778176B2068C42EC4815DF780A428627061DC14E02F4DD249738A940B130836F"); // Public key X
std::vector<unsigned char> yk = converter::get_instance().hexa_to_bytes("665E7B08BBB6195BEABC169F4B21DDD0AD093D58764D1A9E9BCD9DADD2BB8AC8"); // Public key Y
_certificates.insert(std::pair<const std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(new security_db_record(
key,
cert, // Certificate
issuer, // Hashed ID fo the issuer, empty for CA
h, // Hashed ID
pk, // Private key
xk, // Public key X
yk // Public key Y
))
));
std::map<const std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(key);
if (it == _certificates.cend()) {
return -1;
}
_hashed_id8s.insert(std::pair<const std::vector<unsigned char>, const std::string&>(it->second.get()->hashed_id(), it->first));