IBR-DTNSuite  0.12
SecurityKeyManager.cpp
Go to the documentation of this file.
1 /*
2  * SecurityKeyManager.cpp
3  *
4  * Copyright (C) 2011 IBR, TU Braunschweig
5  *
6  * Written-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
7  *
8  * Licensed under the Apache License, Version 2.0 (the "License");
9  * you may not use this file except in compliance with the License.
10  * You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing, software
15  * distributed under the License is distributed on an "AS IS" BASIS,
16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * See the License for the specific language governing permissions and
18  * limitations under the License.
19  *
20  */
21 
22 #include "Configuration.h"
23 #include "security/SecurityKeyManager.h"
24 #include <ibrdtn/data/DTNTime.h>
25 #include <ibrcommon/Logger.h>
26 #include <sstream>
27 #include <iomanip>
28 #include <fstream>
29 
30 #include <openssl/pem.h>
31 #include <openssl/err.h>
32 
33 namespace dtn
34 {
35  namespace security
36  {
37  const std::string SecurityKeyManager::TAG = "SecurityKeyManager";
38 
39  SecurityKeyManager& SecurityKeyManager::getInstance()
40  {
41  static SecurityKeyManager instance;
42  return instance;
43  }
44 
45  SecurityKeyManager::SecurityKeyManager()
46  {
47  }
48 
49  SecurityKeyManager::~SecurityKeyManager()
50  {
51  }
52 
53  void SecurityKeyManager::onConfigurationChanged(const dtn::daemon::Configuration &conf) throw ()
54  {
55  const dtn::daemon::Configuration::Security &sec = conf.getSecurity();
56 
57  if (sec.enabled())
58  {
59  IBRCOMMON_LOGGER_TAG(SecurityKeyManager::TAG, info) << "initialized; path: " << sec.getPath().getPath() << IBRCOMMON_LOGGER_ENDL;
60 
61  // store all paths locally
62  _path = sec.getPath();
63  _key = sec.getKey();
64  _ca = sec.getCertificate();
65  }
66  else
67  {
68  _path = ibrcommon::File();
69  _key = ibrcommon::File();
70  _ca = ibrcommon::File();
71  }
72  }
73 
74  const std::string SecurityKeyManager::hash(const dtn::data::EID &eid)
75  {
76  std::string value = eid.getNode().getString();
77  std::stringstream ss;
78  for (std::string::const_iterator iter = value.begin(); iter != value.end(); ++iter)
79  {
80  ss << std::hex << std::setw( 2 ) << std::setfill( '0' ) << (int)(*iter);
81  }
82  return ss.str();
83  }
84 
85  bool SecurityKeyManager::hasKey(const dtn::data::EID &ref, const dtn::security::SecurityKey::KeyType) const
86  {
87  const ibrcommon::File keyfile = _path.get(hash(ref.getNode()) + ".pem");
88  return keyfile.exists();
89  }
90 
91  dtn::security::SecurityKey SecurityKeyManager::get(const dtn::data::EID &ref, const dtn::security::SecurityKey::KeyType type) const throw (SecurityKeyManager::KeyNotFoundException)
92  {
93  dtn::security::SecurityKey keydata;
94  keydata.reference = ref.getNode();
95  keydata.type = type;
96 
97  switch (type)
98  {
99  case SecurityKey::KEY_SHARED:
100  {
101  // read a symmetric key required for BAB signing
102  const ibrcommon::File keyfile = _path.get(hash(keydata.reference) + ".mac");
103 
104  if (!keyfile.exists())
105  {
106  // get the default shared key
107  const ibrcommon::File default_key = dtn::daemon::Configuration::getInstance().getSecurity().getBABDefaultKey();
108 
109  if (default_key.exists())
110  {
111  keydata.file = default_key;
112  keydata.lastupdate = DTNTime(default_key.lastmodify(), 0);
113  break;
114  }
115 
116  IBRCOMMON_LOGGER_TAG(SecurityKeyManager::TAG, warning) << "Key file for " << ref.getString() << " (" << keyfile.getPath() << ") not found" << IBRCOMMON_LOGGER_ENDL;
117  throw SecurityKeyManager::KeyNotFoundException();
118  }
119 
120  keydata.file = keyfile;
121  keydata.lastupdate = DTNTime(keyfile.lastmodify(), 0);
122  break;
123  }
124 
125  case SecurityKey::KEY_UNSPEC:
126  case SecurityKey::KEY_PUBLIC:
127  case SecurityKey::KEY_PRIVATE:
128  {
129  const ibrcommon::File keyfile = _path.get(hash(keydata.reference) + ".pem");
130 
131  if (!keyfile.exists())
132  {
133  IBRCOMMON_LOGGER_TAG(SecurityKeyManager::TAG, warning) << "Key file for " << ref.getString() << " (" << keyfile.getPath() << ") not found" << IBRCOMMON_LOGGER_ENDL;
134  throw SecurityKeyManager::KeyNotFoundException();
135  }
136 
137 
138  keydata.file = keyfile;
139  keydata.lastupdate = DTNTime(keyfile.lastmodify(), 0);
140  break;
141  }
142  }
143 
144  return keydata;
145  }
146 
147  void SecurityKeyManager::store(const dtn::data::EID &ref, const std::string &data, const dtn::security::SecurityKey::KeyType type)
148  {
149  ibrcommon::File keyfile = _path.get(hash(ref.getNode()) + ".pem");
150 
151  // delete if already exists
152  if (keyfile.exists()) keyfile.remove();
153 
154  std::ofstream keystream(keyfile.getPath().c_str());
155  keystream << data;
156  keystream.close();
157  }
158  }
159 }