IBR-DTNSuite
0.10
|
#include <SecurityManager.h>
Classes | |
class | DecryptException |
class | EncryptException |
class | KeyMissingException |
class | VerificationFailedException |
Public Member Functions | |
void | sign (dtn::data::Bundle &bundle) const throw (KeyMissingException) |
void | auth (dtn::data::Bundle &bundle) const throw (KeyMissingException) |
void | verify (dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
void | verifyBAB (dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
void | verifyPIB (dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
void | fastverify (const dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
void | decrypt (dtn::data::Bundle &bundle) const throw (DecryptException, KeyMissingException) |
void | encrypt (dtn::data::Bundle &bundle) const throw (EncryptException, KeyMissingException) |
Static Public Member Functions | |
static SecurityManager & | getInstance () |
Protected Member Functions | |
SecurityManager () | |
virtual | ~SecurityManager () |
Decrypts or encrypts and signs or verifies bundles, which go in or out. The rules are read from the configuration and the keys needed for operation must be in the same directory as the configuration or be retrievable from the net.
Definition at line 44 of file SecurityManager.h.
|
protected |
need a list of nodes, their security blocks type and the key for private and public keys
Definition at line 47 of file SecurityManager.cpp.
|
protectedvirtual |
Definition at line 52 of file SecurityManager.cpp.
void dtn::security::SecurityManager::auth | ( | dtn::data::Bundle & | bundle | ) | const throw (KeyMissingException) |
Definition at line 56 of file SecurityManager.cpp.
References dtn::security::BundleAuthenticationBlock::auth(), dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_SHARED, dtn::core::BundleCore::local, and ibrcommon::Exception::what().
void dtn::security::SecurityManager::decrypt | ( | dtn::data::Bundle & | bundle | ) | const throw (DecryptException, KeyMissingException) |
This method decrypts encrypted payload of a bundle. It is necessary to remove all integrity or auth block before the payload can decrypted.
bundle |
Definition at line 211 of file SecurityManager.cpp.
References dtn::security::PayloadConfidentialBlock::BLOCK_TYPE, dtn::security::PayloadConfidentialBlock::decrypt(), dtn::data::PrimaryBlock::DTNSEC_STATUS_CONFIDENTIAL, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PRIVATE, dtn::core::BundleCore::local, and ibrcommon::Exception::what().
Referenced by dtn::core::BundleCore::processBlocks().
void dtn::security::SecurityManager::encrypt | ( | dtn::data::Bundle & | bundle | ) | const throw (EncryptException, KeyMissingException) |
This method encrypts the payload of a given bundle. If the bundle already contains integrity or auth block a EcryptException is thrown.
bundle |
Definition at line 232 of file SecurityManager.cpp.
References dtn::security::PayloadConfidentialBlock::encrypt(), dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PUBLIC, dtn::core::BundleCore::local, and ibrcommon::Exception::what().
Referenced by dtn::api::Registration::processIncomingBundle().
void dtn::security::SecurityManager::fastverify | ( | const dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
This method do a fast verify with the bundle. It do not change anything in it. A missing key should not lead to an exception, because this method is called on each received and we need to support multihop without key knowledge too.
bundle | The bundle to verify. |
Definition at line 175 of file SecurityManager.cpp.
References dtn::security::PayloadIntegrityBlock::BLOCK_TYPE, dtn::security::BundleAuthenticationBlock::BLOCK_TYPE, dtn::security::PayloadConfidentialBlock::BLOCK_TYPE, dtn::daemon::Configuration::getInstance(), dtn::daemon::Configuration::Security::getLevel(), dtn::daemon::Configuration::getSecurity(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::daemon::Configuration::Security::SECURITY_LEVEL_AUTHENTICATED, dtn::daemon::Configuration::Security::SECURITY_LEVEL_ENCRYPTED, and dtn::daemon::Configuration::Security::SECURITY_LEVEL_SIGNED.
Referenced by dtn::core::BundleCore::validate().
|
static |
Returns a singleton instance of this class.
Definition at line 41 of file SecurityManager.cpp.
Referenced by dtn::core::BundleCore::processBlocks(), dtn::api::Registration::processIncomingBundle(), dtn::routing::BaseRouter::raiseEvent(), and dtn::core::BundleCore::validate().
void dtn::security::SecurityManager::sign | ( | dtn::data::Bundle & | bundle | ) | const throw (KeyMissingException) |
This method signs the bundle with the own private key. If no key is available a KeyMissingException is thrown.
bundle | A bundle to sign. |
Definition at line 71 of file SecurityManager.cpp.
References dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PRIVATE, dtn::core::BundleCore::local, dtn::security::PayloadIntegrityBlock::sign(), and ibrcommon::Exception::what().
Referenced by dtn::api::Registration::processIncomingBundle().
void dtn::security::SecurityManager::verify | ( | dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
This method verifies the bundle and removes all auth or integrity block if they could validated.
bundle | The bundle to verify. |
Definition at line 86 of file SecurityManager.cpp.
Referenced by dtn::routing::BaseRouter::raiseEvent().
void dtn::security::SecurityManager::verifyBAB | ( | dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
Definition at line 138 of file SecurityManager.cpp.
References dtn::security::BundleAuthenticationBlock::BLOCK_TYPE, dtn::data::PrimaryBlock::DTNSEC_STATUS_AUTHENTICATED, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), dtn::security::SecurityBlock::getSecuritySource(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_SHARED, dtn::security::BundleAuthenticationBlock::strip(), dtn::security::BundleAuthenticationBlock::verify(), and ibrcommon::Exception::what().
void dtn::security::SecurityManager::verifyPIB | ( | dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
Definition at line 92 of file SecurityManager.cpp.
References dtn::security::PayloadIntegrityBlock::BLOCK_TYPE, dtn::data::PrimaryBlock::DTNSEC_STATUS_VERIFIED, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), dtn::security::SecurityBlock::getSecuritySource(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::isSecurityDestination(), dtn::security::SecurityKey::KEY_PUBLIC, dtn::core::BundleCore::local, dtn::security::PayloadIntegrityBlock::strip(), and dtn::security::PayloadIntegrityBlock::verify().