8#include "Arp/System/Commons/Logging.h"
9#include "Arp/System/Commons/Io/Path.hpp"
10#include "Arp/System/Commons/Security/KeyPair.hpp"
11#include "Arp/System/Commons/Security/Certificate.hpp"
12#include "Arp/System/Commons/Security/SecurityListType.hpp"
13#include "Arp/System/Commons/Security/ItemInfo.hpp"
14#include "Arp/System/Commons/Security/KeyPairType.hpp"
15#include "Arp/System/Commons/Security/SecurityConfigurationError.hpp"
18#include <openssl/evp.h>
20namespace Arp {
namespace System {
namespace Commons {
namespace Security
35 IgnoreMissingKey =
false,
36 RequireKeyExists =
true
146 bool LoadSoftwareKeyPair();
147 bool LoadHardwareKeyPair();
148 void loadCertWithChain(
const String& file);
149 void listIssuerList(std::vector<ItemInfo>& result);
150 void listIdentityCert(std::vector<ItemInfo>& result);
157 std::shared_ptr<KeyPair> keyPair;
159 std::vector<Certificate> issuers;
163 static const String CertificateFileName;
164 static const String KeyFileName;
165 static const String TpmKeyFileName;
166 static const String DirectorySeparator;
179 return this->storePath + DirectorySeparator + CertificateFileName;
184 return this->storePath + DirectorySeparator + KeyFileName;
189 return this->storePath + DirectorySeparator + TpmKeyFileName;
194 return this->keyPair->GetKeyType();
Definition: Loggable.hxx:20
static String GetFileName(const String &path)
Get name of a file.
Class to handle x.509 certificates
Definition: Certificate.hpp:25
Class with represents a Identity (Certificate with Chain and private Key) and is able to initialize a...
Definition: IdentityStore.hpp:28
void CreateAllDirectories(void)
Creates all needed directories inside the folder of this IdentityStore
const std::shared_ptr< KeyPair > & GetKeyPair(void)
Returns a shared_ptr to the KeyPair of this IdentityStore
String GetName(void) const
Returns the name of the IdentityStore
Definition: IdentityStore.hpp:172
SecurityConfigurationError GenerateKeyPair(KeyPairType type)
Generate a new KeyPair for this IdentityStore
SecurityConfigurationError DeleteElement(SecurityListType type, const String &identifier)
Delete an elements from the list referenced by ListType, identified by identifier
KeyMustExist
Enum which dicates if the key in the IdentityStore must exist or if this can be ignored
Definition: IdentityStore.hpp:34
SecurityConfigurationError SetKeyPair(const std::vector< byte > &pemData)
Sets or overwrites the keypair from the PEM encoded given bytes
IdentityStore(const IdentityStore &arg)=delete
Copy constructor.
SecurityConfigurationError AddElement(SecurityListType type, const std::vector< byte > &pemData)
Adds an element into the list referenced by SecurityListType
bool HasCertificate(void)
checks if a certificate is available for this IdentityStore
std::vector< byte > GetPemCertificateWithChain(void)
Gets the certificate as byte array in PEM format with issuer certificates appended
std::vector< byte > GetDerCertificateWithChain(void)
Get the certificate as byte array in DER format with issuer certificates appended
void InitSslContext(SSL_CTX *pSslCtx) const
Initializes a OpenSSL SSL_CTX Structure with the private key and certificate
String GetFullTpmKeyFileName(void) const
Returns the absolute path to the tpm key file
Definition: IdentityStore.hpp:187
std::vector< byte > GetPemCertificate(void)
Gets the certificate as byte array in PEM format
std::vector< byte > GetPublicKey(void)
Reads the public key in PEM format
SecurityConfigurationError SetCertificate(const std::vector< byte > &pemData)
Sets or overwrites the certificate from the PEM encoded given bytes
KeyPairType GetKeyType(void)
Returns the type of the key pair
Definition: IdentityStore.hpp:192
std::vector< byte > GenerateCSR()
Generate a Certificate Signing Request (CSR) for the Key Pair of this IdentityStore
String GetFullCertificateFileName(void) const
Returns the absolute path to the certificate file
Definition: IdentityStore.hpp:177
IdentityStore & operator=(const IdentityStore &arg)=delete
Assignment operator.
std::vector< std::vector< byte > > GetIssuerPemCertificates(void)
Get the issuer certificates in PEM format
SecurityConfigurationError ListContent(SecurityListType type, std::vector< ItemInfo > &result)
Lists all elements in the list referenced by their SecurityListType
bool VerifyCertMatchesWithPrivateKey(void)
Verifies if the certificates matches with the key pair
std::vector< byte > GetDerCertificate(void)
Gets the certificate as byte array in DER format
~IdentityStore(void)=default
Destructs this instance and frees all resources.
IdentityStore(const String &basePath, const String &name, KeyMustExist requireKeyExists=RequireKeyExists)
Constructs an IdentityStore instance.
String GetFullKeyFileName(void) const
Returns the absolute path to the key file
Definition: IdentityStore.hpp:182
@ System
System components used by the System, Device, Plc or Io domains.
SecurityConfigurationError
Enumeration of possible error codes when interacting with classes in the Security namespace
Definition: SecurityConfigurationError.hpp:17
Root namespace for the PLCnext API