IBR-DTNSuite  0.10
SecurityKeyManager.cpp
Go to the documentation of this file.
1 /*
2  * SecurityKeyManager.cpp
3  *
4  * Copyright (C) 2011 IBR, TU Braunschweig
5  *
6  * Written-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
7  *
8  * Licensed under the Apache License, Version 2.0 (the "License");
9  * you may not use this file except in compliance with the License.
10  * You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing, software
15  * distributed under the License is distributed on an "AS IS" BASIS,
16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * See the License for the specific language governing permissions and
18  * limitations under the License.
19  *
20  */
21 
22 #include "Configuration.h"
23 #include "security/SecurityKeyManager.h"
24 #include <ibrcommon/Logger.h>
25 #include <sstream>
26 #include <iomanip>
27 #include <fstream>
28 
29 #include <openssl/pem.h>
30 #include <openssl/err.h>
31 
32 namespace dtn
33 {
34  namespace security
35  {
36  const std::string SecurityKeyManager::TAG = "SecurityKeyManager";
37 
38  SecurityKeyManager& SecurityKeyManager::getInstance()
39  {
40  static SecurityKeyManager instance;
41  return instance;
42  }
43 
44  SecurityKeyManager::SecurityKeyManager()
45  {
46  }
47 
48  SecurityKeyManager::~SecurityKeyManager()
49  {
50  }
51 
52  void SecurityKeyManager::onConfigurationChanged(const dtn::daemon::Configuration &conf) throw ()
53  {
54  const dtn::daemon::Configuration::Security &sec = conf.getSecurity();
55 
56  if (sec.enabled())
57  {
58  IBRCOMMON_LOGGER_TAG(SecurityKeyManager::TAG, info) << "initialized; path: " << sec.getPath().getPath() << IBRCOMMON_LOGGER_ENDL;
59 
60  // store all paths locally
61  _path = sec.getPath();
62  _key = sec.getKey();
63  _ca = sec.getCertificate();
64  }
65  else
66  {
67  _path = ibrcommon::File();
68  _key = ibrcommon::File();
69  _ca = ibrcommon::File();
70  }
71  }
72 
73  const std::string SecurityKeyManager::hash(const dtn::data::EID &eid)
74  {
75  std::string value = eid.getNode().getString();
76  std::stringstream ss;
77  for (std::string::const_iterator iter = value.begin(); iter != value.end(); ++iter)
78  {
79  ss << std::hex << std::setw( 2 ) << std::setfill( '0' ) << (int)(*iter);
80  }
81  return ss.str();
82  }
83 
84  bool SecurityKeyManager::hasKey(const dtn::data::EID &ref, const dtn::security::SecurityKey::KeyType) const
85  {
86  const ibrcommon::File keyfile = _path.get(hash(ref.getNode()) + ".pem");
87  return keyfile.exists();
88  }
89 
90  dtn::security::SecurityKey SecurityKeyManager::get(const dtn::data::EID &ref, const dtn::security::SecurityKey::KeyType type) const throw (SecurityKeyManager::KeyNotFoundException)
91  {
92  dtn::security::SecurityKey keydata;
93  keydata.reference = ref.getNode();
94  keydata.type = type;
95 
96  switch (type)
97  {
98  case SecurityKey::KEY_SHARED:
99  {
100  // read a symmetric key required for BAB signing
101  const ibrcommon::File keyfile = _path.get(hash(ref.getNode()) + ".mac");
102 
103  if (!keyfile.exists())
104  {
105  // get the default shared key
106  const ibrcommon::File default_key = dtn::daemon::Configuration::getInstance().getSecurity().getBABDefaultKey();
107 
108  if (default_key.exists())
109  {
110  keydata.file = default_key;
111  keydata.lastupdate = DTNTime(default_key.lastmodify(), 0);
112  break;
113  }
114 
115  IBRCOMMON_LOGGER_TAG(SecurityKeyManager::TAG, warning) << "Key file for " << ref.getString() << " (" << keyfile.getPath() << ") not found" << IBRCOMMON_LOGGER_ENDL;
116  throw SecurityKeyManager::KeyNotFoundException();
117  }
118 
119  keydata.file = keyfile;
120  keydata.lastupdate = DTNTime(keyfile.lastmodify(), 0);
121  break;
122  }
123 
124  case SecurityKey::KEY_UNSPEC:
125  case SecurityKey::KEY_PUBLIC:
126  case SecurityKey::KEY_PRIVATE:
127  {
128  const ibrcommon::File keyfile = _path.get(hash(ref.getNode()) + ".pem");
129 
130  if (!keyfile.exists())
131  {
132  IBRCOMMON_LOGGER_TAG(SecurityKeyManager::TAG, warning) << "Key file for " << ref.getString() << " (" << keyfile.getPath() << ") not found" << IBRCOMMON_LOGGER_ENDL;
133  throw SecurityKeyManager::KeyNotFoundException();
134  }
135 
136 
137  keydata.file = keyfile;
138  keydata.lastupdate = DTNTime(keyfile.lastmodify(), 0);
139  break;
140  }
141  }
142 
143  return keydata;
144  }
145 
146  void SecurityKeyManager::store(const dtn::data::EID &ref, const std::string &data, const dtn::security::SecurityKey::KeyType type)
147  {
148  ibrcommon::File keyfile = _path.get(hash(ref.getNode()) + ".pem");
149 
150  // delete if already exists
151  if (keyfile.exists()) keyfile.remove();
152 
153  std::ofstream keystream(keyfile.getPath().c_str());
154  keystream << data;
155  keystream.close();
156  }
157  }
158 }