Newer
Older
public_enc_comp_key,
public_enc_comp_key_mode*/
);
}
}
} else if (p_certificate.issuer().ischosen(IEEE1609dot2::IssuerIdentifier::ALT_sha384AndDigest)) {
// Calculate the hash according to the hashId
OCTETSTRING hash_cert;
hash_sha384(enc_cert, hash_cert);
loggers::get_instance().log_msg("security_services::extract_and_store_certificate: hash_cert= ", hash_cert);
const OCTETSTRING hashed_id8 = substr(hash_cert, hash_cert.lengthof() - 8, 8);
// Retrieve the certificate identifier from digest
loggers::get_instance().log("security_services::extract_and_store_certificate: Retrieve the certificate identifier from digest");
result = _security_db.get()->get_certificate_id(hashed_id8, p_certificate_id);
if (result == -1) {
if (_security_cache.get()->get_certificate_id(hashed_id8, p_certificate_id) == -1) {
loggers::get_instance().log_msg("security_services::extract_and_store_certificate: Store new certificate in cache: ", p_certificate);
const std::vector<unsigned char> v(static_cast<const unsigned char*>(hashed_id8), static_cast<const unsigned char*>(hashed_id8) + hashed_id8.lengthof());
p_certificate_id = converter::get_instance().bytes_to_hexa(v);
// Add it into the cache
OCTETSTRING public_key_x, public_key_y, public_comp_key;
INTEGER public_comp_key_mode;
if (extract_verification_keys(p_certificate, public_key_x, public_key_y, public_comp_key, public_comp_key_mode) == -1) {
loggers::get_instance().error("security_services::extract_and_store_certificate: Unsupported EncryptionKey");
return -1;
}
// Add encryption keys
OCTETSTRING public_enc_key_x, public_enc_key_y, public_enc_comp_key;
INTEGER public_enc_comp_key_mode;
if (extract_encryption_keys(p_certificate, public_enc_key_x, public_enc_key_y, public_enc_comp_key, public_enc_comp_key_mode) == -1) {
loggers::get_instance().error("security_services::extract_and_store_certificate: Unsupported EncryptionKey");
return -1;
}
// And store it into the cache
_security_cache.get()->store_certificate(
CHARSTRING(p_certificate_id.c_str()),
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
enc_cert,
int2oct(0, 48), // No way to get the private key here
public_key_x,
public_key_y,
public_comp_key,
public_comp_key_mode,
hash_cert,
p_certificate.issuer().sha384AndDigest(),
int2oct(0,48), // Encryption private not used
public_enc_key_x,
public_enc_key_y/* FIXME,
public_enc_comp_key,
public_enc_comp_key_mode*/
);
}
}
} else {
loggers::get_instance().error("security_services::extract_and_store_certificate: Unsupported issuer");
return -1;
}
return 0;
} // End of method extract_and_store_certificate
int security_services::read_certificate(const CHARSTRING& p_certificate_id, OCTETSTRING& p_certificate) const {
return _security_db.get()->get_certificate(std::string(static_cast<const char*>(p_certificate_id)), p_certificate);
}
int security_services::read_certificate_digest(const CHARSTRING& p_certificate_id, OCTETSTRING& p_digest) const {
return _security_db.get()->get_hashed_id(std::string(static_cast<const char*>(p_certificate_id)), p_digest);
}
int security_services::read_certificate_hash(const CHARSTRING& p_certificate_id, OCTETSTRING& p_hash) const {
return _security_db.get()->get_hash(std::string(static_cast<const char*>(p_certificate_id)), p_hash);
}
int security_services::read_certificate_from_digest(const OCTETSTRING& p_digest, CHARSTRING& p_certificate_id) const {
std::string certificate_id;
if (_security_db.get()->get_certificate_id(p_digest, certificate_id) != -1) {
p_certificate_id = CHARSTRING(certificate_id.c_str());
return 0;
}
return -1;
}
int security_services::read_private_key(const CHARSTRING& p_certificate_id, OCTETSTRING& p_private_key) const {
return _security_db.get()->get_private_key(std::string(static_cast<const char*>(p_certificate_id)), p_private_key);
}
int security_services::read_private_enc_key(const CHARSTRING& p_certificate_id, OCTETSTRING& p_private_enc_key) const {
return _security_db.get()->get_private_enc_key(std::string(static_cast<const char*>(p_certificate_id)), p_private_enc_key);
}