api_docs_2024-0-LTS/IdentityStore_8hpp_source.html

//

//  Copyright PHOENIX CONTACT Electronics GmbH

//

#pragma once

#include "Arp/System/Core/Arp.h"

#include "Arp/System/Commons/Logging.h"

#include "Arp/System/Commons/Io/Path.hpp"

#include "Arp/System/Commons/Security/KeyPair.hpp"

#include "Arp/System/Commons/Security/Certificate.hpp"

#include "Arp/System/Commons/Security/SecurityListType.hpp"

#include "Arp/System/Commons/Security/ItemInfo.hpp"

#include "Arp/System/Commons/Security/KeyPairType.hpp"

#include "Arp/System/Commons/Security/SecurityConfigurationError.hpp"

#include <map>

#include <vector>

#include <openssl/evp.h>


namespace Arp { namespace System { namespace Commons { namespace Security

{


class IdentityStore : private Loggable<IdentityStore>

{

public: // type definitions

    enum KeyMustExist : bool

    {

        IgnoreMissingKey = false,

        RequireKeyExists = true

    };


public: // construction/destruction

    IdentityStore(const String& basePath, const String& name, KeyMustExist requireKeyExists = RequireKeyExists);

    IdentityStore(const IdentityStore& arg) = delete;

    IdentityStore& operator=(const IdentityStore& arg) = delete;

    ~IdentityStore(void) = default;


public: // operators


public: // static operations


public: // setter/getter operations

    String GetName(void) const;

    String GetFullCertificateFileName(void) const;

    String GetFullKeyFileName(void) const;

    String GetFullTpmKeyFileName(void) const;

    bool HasCertificate(void);

    const std::shared_ptr<KeyPair>& GetKeyPair(void);

    KeyPairType GetKeyType(void);


public: // operations

    void InitSslContext(SSL_CTX* pSslCtx)const;


    std::vector<byte> GetPublicKey(void);


    SecurityConfigurationError SetKeyPair(const std::vector<byte>& pemData);


    SecurityConfigurationError SetCertificate(const std::vector<byte>& pemData);


    std::vector<byte> GetPemCertificate(void);


    std::vector<byte> GetDerCertificate(void);


    std::vector<byte> GetPemCertificateWithChain(void);


    std::vector<byte> GetDerCertificateWithChain(void);


    std::vector<std::vector<byte>> GetIssuerPemCertificates(void);


    void CreateAllDirectories(void);


    SecurityConfigurationError ListContent(SecurityListType type, std::vector<ItemInfo>& result);


    SecurityConfigurationError AddElement(SecurityListType type, const std::vector<byte>& pemData);


    SecurityConfigurationError DeleteElement(SecurityListType type, const String& identifier);


    SecurityConfigurationError GenerateKeyPair(KeyPairType type);


    std::vector<byte> GenerateCSR();


    bool VerifyCertMatchesWithPrivateKey(void);


protected: // operations


private: // static methods


private: // methods

    void loadKeyPair(KeyMustExist requireKeyExists);

    bool LoadSoftwareKeyPair();

    bool LoadHardwareKeyPair();

    void loadCertWithChain(const String& file);

    void listIssuerList(std::vector<ItemInfo>& result);

    void listIdentityCert(std::vector<ItemInfo>& result);


    void save(void);


private: // fields

    String  storePath;


    std::shared_ptr<KeyPair> keyPair;

    Certificate cert;

    std::vector<Certificate> issuers;


private: // static fields


    static const String CertificateFileName;

    static const String KeyFileName;

    static const String TpmKeyFileName;

    static const String DirectorySeparator;

};


// inline methods of class CertificateStore


inline String IdentityStore::GetName(void) const

{

    return Io::Path::GetFileName(this->storePath);

}


inline String IdentityStore::GetFullCertificateFileName(void) const

{

    return this->storePath + DirectorySeparator + CertificateFileName;

}


inline String IdentityStore::GetFullKeyFileName(void) const

{

    return this->storePath + DirectorySeparator + KeyFileName;

}


inline String IdentityStore::GetFullTpmKeyFileName(void) const

{

    return this->storePath + DirectorySeparator + TpmKeyFileName;

}


inline KeyPairType IdentityStore::GetKeyType(void)

{

    return this->keyPair->GetKeyType();

}


}}}} // end of namespace Arp::System::Commons::Security

Arp.h

Arp::BasicString< char8 >

Arp::System::Commons::Diagnostics::Logging::Loggable
Definition: Loggable.hxx:20

Arp::System::Commons::Io::Path::GetFileName
static String GetFileName(const String &path)
Get name of a file.

Arp::System::Commons::Security::Certificate
Class to handle x.509 certificates
Definition: Certificate.hpp:25

Arp::System::Commons::Security::IdentityStore
Class with represents a Identity (Certificate with Chain and private Key) and is able to initialize a...
Definition: IdentityStore.hpp:28

Arp::System::Commons::Security::IdentityStore::CreateAllDirectories
void CreateAllDirectories(void)
Creates all needed directories inside the folder of this IdentityStore

Arp::System::Commons::Security::IdentityStore::GetKeyPair
const std::shared_ptr< KeyPair > & GetKeyPair(void)
Returns a shared_ptr to the KeyPair of this IdentityStore

Arp::System::Commons::Security::IdentityStore::GetName
String GetName(void) const
Returns the name of the IdentityStore
Definition: IdentityStore.hpp:172

Arp::System::Commons::Security::IdentityStore::GenerateKeyPair
SecurityConfigurationError GenerateKeyPair(KeyPairType type)
Generate a new KeyPair for this IdentityStore

Arp::System::Commons::Security::IdentityStore::DeleteElement
SecurityConfigurationError DeleteElement(SecurityListType type, const String &identifier)
Delete an elements from the list referenced by ListType, identified by identifier

Arp::System::Commons::Security::IdentityStore::KeyMustExist
KeyMustExist
Enum which dicates if the key in the IdentityStore must exist or if this can be ignored
Definition: IdentityStore.hpp:34

Arp::System::Commons::Security::IdentityStore::SetKeyPair
SecurityConfigurationError SetKeyPair(const std::vector< byte > &pemData)
Sets or overwrites the keypair from the PEM encoded given bytes

Arp::System::Commons::Security::IdentityStore::IdentityStore
IdentityStore(const IdentityStore &arg)=delete
Copy constructor.

Arp::System::Commons::Security::IdentityStore::AddElement
SecurityConfigurationError AddElement(SecurityListType type, const std::vector< byte > &pemData)
Adds an element into the list referenced by SecurityListType

Arp::System::Commons::Security::IdentityStore::HasCertificate
bool HasCertificate(void)
checks if a certificate is available for this IdentityStore

Arp::System::Commons::Security::IdentityStore::GetPemCertificateWithChain
std::vector< byte > GetPemCertificateWithChain(void)
Gets the certificate as byte array in PEM format with issuer certificates appended

Arp::System::Commons::Security::IdentityStore::GetDerCertificateWithChain
std::vector< byte > GetDerCertificateWithChain(void)
Get the certificate as byte array in DER format with issuer certificates appended

Arp::System::Commons::Security::IdentityStore::InitSslContext
void InitSslContext(SSL_CTX *pSslCtx) const
Initializes a OpenSSL SSL_CTX Structure with the private key and certificate

Arp::System::Commons::Security::IdentityStore::GetFullTpmKeyFileName
String GetFullTpmKeyFileName(void) const
Returns the absolute path to the tpm key file
Definition: IdentityStore.hpp:187

Arp::System::Commons::Security::IdentityStore::GetPemCertificate
std::vector< byte > GetPemCertificate(void)
Gets the certificate as byte array in PEM format

Arp::System::Commons::Security::IdentityStore::GetPublicKey
std::vector< byte > GetPublicKey(void)
Reads the public key in PEM format

Arp::System::Commons::Security::IdentityStore::SetCertificate
SecurityConfigurationError SetCertificate(const std::vector< byte > &pemData)
Sets or overwrites the certificate from the PEM encoded given bytes

Arp::System::Commons::Security::IdentityStore::GetKeyType
KeyPairType GetKeyType(void)
Returns the type of the key pair
Definition: IdentityStore.hpp:192

Arp::System::Commons::Security::IdentityStore::GenerateCSR
std::vector< byte > GenerateCSR()
Generate a Certificate Signing Request (CSR) for the Key Pair of this IdentityStore

Arp::System::Commons::Security::IdentityStore::GetFullCertificateFileName
String GetFullCertificateFileName(void) const
Returns the absolute path to the certificate file
Definition: IdentityStore.hpp:177

Arp::System::Commons::Security::IdentityStore::operator=
IdentityStore & operator=(const IdentityStore &arg)=delete
Assignment operator.

Arp::System::Commons::Security::IdentityStore::GetIssuerPemCertificates
std::vector< std::vector< byte > > GetIssuerPemCertificates(void)
Get the issuer certificates in PEM format

Arp::System::Commons::Security::IdentityStore::ListContent
SecurityConfigurationError ListContent(SecurityListType type, std::vector< ItemInfo > &result)
Lists all elements in the list referenced by their SecurityListType

Arp::System::Commons::Security::IdentityStore::VerifyCertMatchesWithPrivateKey
bool VerifyCertMatchesWithPrivateKey(void)
Verifies if the certificates matches with the key pair

Arp::System::Commons::Security::IdentityStore::GetDerCertificate
std::vector< byte > GetDerCertificate(void)
Gets the certificate as byte array in DER format

Arp::System::Commons::Security::IdentityStore::~IdentityStore
~IdentityStore(void)=default
Destructs this instance and frees all resources.

Arp::System::Commons::Security::IdentityStore::IdentityStore
IdentityStore(const String &basePath, const String &name, KeyMustExist requireKeyExists=RequireKeyExists)
Constructs an IdentityStore instance.

Arp::System::Commons::Security::IdentityStore::GetFullKeyFileName
String GetFullKeyFileName(void) const
Returns the absolute path to the key file
Definition: IdentityStore.hpp:182

Arp::System::Acf::ComponentCategory::System
@ System
System components used by the System, Device, Plc or Io domains.

Arp::System::Commons::Security::SecurityConfigurationError
SecurityConfigurationError
Enumeration of possible error codes when interacting with classes in the Security namespace
Definition: SecurityConfigurationError.hpp:17

Arp
Root namespace for the PLCnext API