dtn::security::SecurityManager Class Reference

#include <SecurityManager.h>

Collaboration diagram for dtn::security::SecurityManager:

Classes
class	KeyMissingException

Public Member Functions
void	sign (dtn::data::Bundle &bundle) const throw (KeyMissingException)
void	auth (dtn::data::Bundle &bundle) const throw (KeyMissingException)
void	verify (dtn::data::Bundle &bundle) const throw (VerificationFailedException)
void	verifyBAB (dtn::data::Bundle &bundle) const throw (VerificationFailedException)
void	verifyPIB (dtn::data::Bundle &bundle) const throw (VerificationFailedException)
void	fastverify (const dtn::data::Bundle &bundle) const throw (VerificationFailedException)
void	decrypt (dtn::data::Bundle &bundle) const throw (DecryptException, KeyMissingException)
void	encrypt (dtn::data::Bundle &bundle) const throw (EncryptException, KeyMissingException)

Static Public Member Functions
static SecurityManager &	getInstance ()

Protected Member Functions
	SecurityManager ()
virtual	~SecurityManager ()

Detailed Description

Decrypts or encrypts and signs or verifies bundles, which go in or out. The rules are read from the configuration and the keys needed for operation must be in the same directory as the configuration or be retrievable from the net.

Definition at line 44 of file SecurityManager.h.

Constructor & Destructor Documentation

dtn::security::SecurityManager::SecurityManager ( )

protected

need a list of nodes, their security blocks type and the key for private and public keys

Definition at line 43 of file SecurityManager.cpp.

dtn::security::SecurityManager::~SecurityManager ( )

protectedvirtual

Definition at line 48 of file SecurityManager.cpp.

Member Function Documentation

void dtn::security::SecurityManager::auth	(	dtn::data::Bundle &	bundle)		const
throw	(	KeyMissingException
	)

Definition at line 52 of file SecurityManager.cpp.

References dtn::security::BundleAuthenticationBlock::auth(), dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_SHARED, dtn::core::BundleCore::local, and ibrcommon::Exception::what().

Here is the call graph for this function:

void dtn::security::SecurityManager::decrypt	(	dtn::data::Bundle &	bundle)		const
throw	(	DecryptException,
		KeyMissingException
	)

This method decrypts encrypted payload of a bundle. It is necessary to remove all integrity or auth block before the payload can decrypted.

Parameters

bundle

Definition at line 204 of file SecurityManager.cpp.

References dtn::security::PayloadConfidentialBlock::BLOCK_TYPE, dtn::security::PayloadConfidentialBlock::decrypt(), dtn::data::PrimaryBlock::DTNSEC_STATUS_CONFIDENTIAL, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PRIVATE, dtn::core::BundleCore::local, and ibrcommon::Exception::what().

Referenced by dtn::core::BundleCore::processBlocks().

Here is the call graph for this function:

void dtn::security::SecurityManager::encrypt	(	dtn::data::Bundle &	bundle)		const
throw	(	EncryptException,
		KeyMissingException
	)

This method encrypts the payload of a given bundle. If the bundle already contains integrity or auth block a EcryptException is thrown.

Parameters

bundle

Definition at line 225 of file SecurityManager.cpp.

References dtn::security::PayloadConfidentialBlock::encrypt(), dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PUBLIC, dtn::core::BundleCore::local, and ibrcommon::Exception::what().

Referenced by dtn::api::Registration::processIncomingBundle().

Here is the call graph for this function:

void dtn::security::SecurityManager::fastverify	(	const dtn::data::Bundle &	bundle)		const
throw	(	VerificationFailedException
	)

This method do a fast verify with the bundle. It do not change anything in it. A missing key should not lead to an exception, because this method is called on each received and we need to support multihop without key knowledge too.

Parameters

bundle

The bundle to verify.

Definition at line 168 of file SecurityManager.cpp.

References dtn::security::PayloadIntegrityBlock::BLOCK_TYPE, dtn::security::BundleAuthenticationBlock::BLOCK_TYPE, dtn::security::PayloadConfidentialBlock::BLOCK_TYPE, dtn::daemon::Configuration::getInstance(), dtn::daemon::Configuration::Security::getLevel(), dtn::daemon::Configuration::getSecurity(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::daemon::Configuration::Security::SECURITY_LEVEL_AUTHENTICATED, dtn::daemon::Configuration::Security::SECURITY_LEVEL_ENCRYPTED, and dtn::daemon::Configuration::Security::SECURITY_LEVEL_SIGNED.

Referenced by dtn::core::BundleCore::validate().

Here is the call graph for this function:

SecurityManager & dtn::security::SecurityManager::getInstance ( )

static

Returns a singleton instance of this class.

Returns

a reference to this class singleton

Definition at line 37 of file SecurityManager.cpp.

Referenced by dtn::core::BundleCore::processBlocks(), dtn::api::Registration::processIncomingBundle(), dtn::routing::BaseRouter::raiseEvent(), and dtn::core::BundleCore::validate().

void dtn::security::SecurityManager::sign	(	dtn::data::Bundle &	bundle)		const
throw	(	KeyMissingException
	)

This method signs the bundle with the own private key. If no key is available a KeyMissingException is thrown.

Parameters

bundle

A bundle to sign.

Definition at line 67 of file SecurityManager.cpp.

References dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PRIVATE, dtn::core::BundleCore::local, dtn::security::PayloadIntegrityBlock::sign(), and ibrcommon::Exception::what().

Referenced by dtn::api::Registration::processIncomingBundle().

Here is the call graph for this function:

void dtn::security::SecurityManager::verify	(	dtn::data::Bundle &	bundle)		const
throw	(	VerificationFailedException
	)

This method verifies the bundle and removes all auth or integrity block if they could validated.

Parameters

bundle

The bundle to verify.

Definition at line 82 of file SecurityManager.cpp.

Referenced by dtn::routing::BaseRouter::raiseEvent().

void dtn::security::SecurityManager::verifyBAB	(	dtn::data::Bundle &	bundle)		const
throw	(	VerificationFailedException
	)

Definition at line 134 of file SecurityManager.cpp.

References dtn::security::BundleAuthenticationBlock::BLOCK_TYPE, dtn::data::PrimaryBlock::DTNSEC_STATUS_AUTHENTICATED, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), dtn::security::SecurityBlock::getSecuritySource(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_SHARED, dtn::security::BundleAuthenticationBlock::strip(), and dtn::security::BundleAuthenticationBlock::verify().

Here is the call graph for this function:

void dtn::security::SecurityManager::verifyPIB	(	dtn::data::Bundle &	bundle)		const
throw	(	VerificationFailedException
	)

Definition at line 88 of file SecurityManager.cpp.

References dtn::security::PayloadConfidentialBlock::BLOCK_TYPE, dtn::data::PrimaryBlock::DTNSEC_STATUS_VERIFIED, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), dtn::security::SecurityBlock::getSecuritySource(), dtn::data::Block::getType(), IBRCOMMON_LOGGER_DEBUG_TAG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::isSecurityDestination(), dtn::security::SecurityKey::KEY_PUBLIC, dtn::core::BundleCore::local, and dtn::security::PayloadIntegrityBlock::verify().

Here is the call graph for this function:

---

The documentation for this class was generated from the following files:

• daemon/src/security/SecurityManager.h
• daemon/src/security/SecurityManager.cpp