api_docs_2023-9/IdentityStore_8hpp_source.html

//

//  Copyright PHOENIX CONTACT Electronics GmbH

//

#pragma once

#include "Arp/System/Core/Arp.h"

#include "Arp/System/Commons/Logging.h"

#include "Arp/System/Commons/Io/Path.hpp"

#include "Arp/System/Commons/Security/KeyPair.hpp"

#include "Arp/System/Commons/Security/Certificate.hpp"

#include "Arp/System/Commons/Security/SecurityListType.hpp"

#include "Arp/System/Commons/Security/ItemInfo.hpp"

#include "Arp/System/Commons/Security/KeyPairType.hpp"

#include "Arp/System/Commons/Security/SecurityConfigurationError.hpp"

#include <map>

#include <vector>

#include <openssl/evp.h>


namespace Arp { namespace System { namespace Commons { namespace Security

{


class IdentityStore : private Loggable<IdentityStore>

{

public: // type definitions

    enum KeyMustExist : bool

    {

        IgnoreMissingKey = false,

        RequireKeyExists = true

    };


public: // construction/destruction

    IdentityStore(const String& basePath, const String& name, KeyMustExist requireKeyExists = RequireKeyExists);

    IdentityStore(const IdentityStore& arg) = delete;

    IdentityStore& operator=(const IdentityStore& arg) = delete;

    ~IdentityStore(void) = default;


public: // operators


public: // static operations


public: // setter/getter operations

    String GetName(void) const;

    String GetFullCertificateFileName(void) const;

    String GetFullKeyFileName(void) const;

    String GetFullTpmKeyFileName(void) const;

    bool HasCertificate(void);

    const std::shared_ptr<KeyPair>& GetKeyPair(void);

    KeyPairType GetKeyType(void);


public: // operations

    void InitSslContext(SSL_CTX* pSslCtx)const;


    std::vector<byte> GetPublicKey(void);


    SecurityConfigurationError SetKeyPair(const std::vector<byte>& pemData);


    SecurityConfigurationError SetCertificate(const std::vector<byte>& pemData);


    std::vector<byte> GetPemCertificate(void);


    std::vector<byte> GetDerCertificate(void);


    std::vector<byte> GetPemCertificateWithChain(void);


    std::vector<byte> GetDerCertificateWithChain(void);


    std::vector<std::vector<byte>> GetIssuerPemCertificates(void);


    void CreateAllDirectories(void);


    SecurityConfigurationError ListContent(SecurityListType type, std::vector<ItemInfo>& result);


    SecurityConfigurationError AddElement(SecurityListType type, const std::vector<byte>& pemData);


    SecurityConfigurationError DeleteElement(SecurityListType type, const String& identifier);


    SecurityConfigurationError GenerateKeyPair(KeyPairType type);


    std::vector<byte> GenerateCSR();


    bool VerifyCertMatchesWithPrivateKey(void);


protected: // operations


private: // static methods


private: // methods

    void loadKeyPair(KeyMustExist requireKeyExists);

    bool LoadSoftwareKeyPair();

    bool LoadHardwareKeyPair();

    void loadCertWithChain(const String& file);

    void listIssuerList(std::vector<ItemInfo>& result);

    void listIdentityCert(std::vector<ItemInfo>& result);


    void save(void);


private: // fields

    String  storePath;


    std::shared_ptr<KeyPair> keyPair;

    Certificate cert;

    std::vector<Certificate> issuers;


private: // static fields


    static const String CertificateFileName;

    static const String KeyFileName;

    static const String TpmKeyFileName;

    static const String DirectorySeparator;

};


// inline methods of class CertificateStore


inline String IdentityStore::GetName(void) const

{

    return Io::Path::GetFileName(this->storePath);

}


inline String IdentityStore::GetFullCertificateFileName(void) const

{

    return this->storePath + DirectorySeparator + CertificateFileName;

}


inline String IdentityStore::GetFullKeyFileName(void) const

{

    return this->storePath + DirectorySeparator + KeyFileName;

}


inline String IdentityStore::GetFullTpmKeyFileName(void) const

{

    return this->storePath + DirectorySeparator + TpmKeyFileName;

}


inline KeyPairType IdentityStore::GetKeyType(void)

{

    return this->keyPair->GetKeyType();

}


}}}} // end of namespace Arp::System::Commons::Security

Arp.h

Arp::BasicString< char8 >

Arp::System::Commons::Diagnostics::Logging::Loggable
Definition: Loggable.hxx:20

Arp::System::Commons::Io::Path::GetFileName
static String GetFileName(const String &path)
Get name of a file.

Arp::System::Commons::Security::Certificate
Class to handle x.509 certificates
Definition: Certificate.hpp:25

Arp::System::Commons::Security::IdentityStore
Class with represents a Identity (Certificate with Chain and private Key) and is able to initialze an...
Definition: IdentityStore.hpp:26

Arp::System::Commons::Security::IdentityStore::CreateAllDirectories
void CreateAllDirectories(void)
summary>list all elements in the list referenced by ListType

Arp::System::Commons::Security::IdentityStore::GetKeyPair
const std::shared_ptr< KeyPair > & GetKeyPair(void)
summary>Returns the type of the key pair

Arp::System::Commons::Security::IdentityStore::GetName
String GetName(void) const
Returns the name of the IdentityStore
Definition: IdentityStore.hpp:165

Arp::System::Commons::Security::IdentityStore::GenerateKeyPair
SecurityConfigurationError GenerateKeyPair(KeyPairType type)

Arp::System::Commons::Security::IdentityStore::DeleteElement
SecurityConfigurationError DeleteElement(SecurityListType type, const String &identifier)
summary>Generate a new KeyPair for this IdentityStore

Arp::System::Commons::Security::IdentityStore::SetKeyPair
SecurityConfigurationError SetKeyPair(const std::vector< byte > &pemData)

Arp::System::Commons::Security::IdentityStore::IdentityStore
IdentityStore(const IdentityStore &arg)=delete
Copy constructor.

Arp::System::Commons::Security::IdentityStore::AddElement
SecurityConfigurationError AddElement(SecurityListType type, const std::vector< byte > &pemData)
summary>delete an elements from the list referenced by ListType, identified by identifier

Arp::System::Commons::Security::IdentityStore::GetPemCertificateWithChain
std::vector< byte > GetPemCertificateWithChain(void)

Arp::System::Commons::Security::IdentityStore::GetDerCertificateWithChain
std::vector< byte > GetDerCertificateWithChain(void)
summary>get the issuer certificates in PEM format

Arp::System::Commons::Security::IdentityStore::InitSslContext
void InitSslContext(SSL_CTX *pSslCtx) const
Initializes a OpenSSL SSL_:CTX Structure with the private key and certificate

Arp::System::Commons::Security::IdentityStore::GetFullTpmKeyFileName
String GetFullTpmKeyFileName(void) const
summary>checks if a certificate is available for this IdentityStore
Definition: IdentityStore.hpp:180

Arp::System::Commons::Security::IdentityStore::GetPemCertificate
std::vector< byte > GetPemCertificate(void)

Arp::System::Commons::Security::IdentityStore::GetPublicKey
std::vector< byte > GetPublicKey(void)

Arp::System::Commons::Security::IdentityStore::SetCertificate
SecurityConfigurationError SetCertificate(const std::vector< byte > &pemData)

Arp::System::Commons::Security::IdentityStore::GenerateCSR
std::vector< byte > GenerateCSR()

Arp::System::Commons::Security::IdentityStore::GetFullCertificateFileName
String GetFullCertificateFileName(void) const
summary>Returns the absolute path to the key file
Definition: IdentityStore.hpp:170

Arp::System::Commons::Security::IdentityStore::operator=
IdentityStore & operator=(const IdentityStore &arg)=delete
Assignment operator.

Arp::System::Commons::Security::IdentityStore::GetIssuerPemCertificates
std::vector< std::vector< byte > > GetIssuerPemCertificates(void)
summary>creates all needed directories inside the folder of this IdentityStore

Arp::System::Commons::Security::IdentityStore::ListContent
SecurityConfigurationError ListContent(SecurityListType type, std::vector< ItemInfo > &result)
summary>add an element into the list referenced by ListType

Arp::System::Commons::Security::IdentityStore::GetDerCertificate
std::vector< byte > GetDerCertificate(void)

Arp::System::Commons::Security::IdentityStore::~IdentityStore
~IdentityStore(void)=default
Destructs this instance and frees all resources.

Arp::System::Commons::Security::IdentityStore::IdentityStore
IdentityStore(const String &basePath, const String &name, KeyMustExist requireKeyExists=RequireKeyExists)
Constructs an IdentityStore instance.

Arp::System::Commons::Security::IdentityStore::GetFullKeyFileName
String GetFullKeyFileName(void) const
summary>Returns the absolute path to the tpm key file
Definition: IdentityStore.hpp:175

Arp::System::Acf::ComponentCategory::System
@ System
System components used by the System, Device, Plc or Io domains.

Arp
Root namespace for the PLCnext API