#include <SecurityManager.h>
Classes | |
| class | DecryptException |
| class | EncryptException |
| class | KeyMissingException |
| class | VerificationFailedException |
Public Member Functions | |
| void | sign (dtn::data::Bundle &bundle) const throw (KeyMissingException) |
| void | auth (dtn::data::Bundle &bundle) const throw (KeyMissingException) |
| void | prefetchKey (const dtn::data::EID &eid) |
| void | verify (dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
| void | verifyBAB (dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
| void | verifyPIB (dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
| void | fastverify (const dtn::data::Bundle &bundle) const throw (VerificationFailedException) |
| void | decrypt (dtn::data::Bundle &bundle) const throw (DecryptException, KeyMissingException) |
| void | encrypt (dtn::data::Bundle &bundle) const throw (EncryptException, KeyMissingException) |
Static Public Member Functions | |
| static SecurityManager & | getInstance () |
Protected Member Functions | |
| SecurityManager () | |
| virtual | ~SecurityManager () |
Detailed Description
Decrypts or encrypts and signs or verifies bundles, which go in or out. The rules are read from the configuration and the keys needed for operation must be in the same directory as the configuration or be retrievable from the net.
Definition at line 23 of file SecurityManager.h.
Constructor & Destructor Documentation
| dtn::security::SecurityManager::SecurityManager | ( | ) | [protected] |
need a list of nodes, their security blocks type and the key for private and public keys
Definition at line 25 of file SecurityManager.cpp.
| dtn::security::SecurityManager::~SecurityManager | ( | ) | [protected, virtual] |
Definition at line 30 of file SecurityManager.cpp.
Member Function Documentation
| void dtn::security::SecurityManager::auth | ( | dtn::data::Bundle & | bundle | ) | const throw (KeyMissingException) |
Definition at line 34 of file SecurityManager.cpp.
References dtn::security::BundleAuthenticationBlock::auth(), dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_SHARED, dtn::core::BundleCore::local, and ibrcommon::Exception::what().
| void dtn::security::SecurityManager::decrypt | ( | dtn::data::Bundle & | bundle | ) | const throw (DecryptException, KeyMissingException) |
This method decrypts encrypted payload of a bundle. It is necessary to remove all integrity or auth block before the payload can decrypted.
- Parameters:
-
bundle
Definition at line 189 of file SecurityManager.cpp.
References dtn::security::PayloadConfidentialBlock::decrypt(), dtn::data::PrimaryBlock::DTNSEC_STATUS_CONFIDENTIAL, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PRIVATE, dtn::core::BundleCore::local, and ibrcommon::Exception::what().
| void dtn::security::SecurityManager::encrypt | ( | dtn::data::Bundle & | bundle | ) | const throw (EncryptException, KeyMissingException) |
This method encrypts the payload of a given bundle. If the bundle already contains integrity or auth block a EcryptException is thrown.
- Parameters:
-
bundle
Definition at line 210 of file SecurityManager.cpp.
References dtn::security::PayloadConfidentialBlock::encrypt(), dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PUBLIC, dtn::core::BundleCore::local, and ibrcommon::Exception::what().
Referenced by dtn::api::ApiServer::processIncomingBundle().
| void dtn::security::SecurityManager::fastverify | ( | const dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
This method do a fast verify with the bundle. It do not change anything in it. A missing key should not lead to an exception, because this method is called on each received and we need to support multihop without key knowledge too.
- Parameters:
-
bundle The bundle to verify.
Definition at line 163 of file SecurityManager.cpp.
References dtn::daemon::Configuration::getInstance(), dtn::daemon::Configuration::getSecurity(), IBRCOMMON_LOGGER_DEBUG, and IBRCOMMON_LOGGER_ENDL.
Referenced by dtn::core::BundleCore::validate().
| SecurityManager & dtn::security::SecurityManager::getInstance | ( | ) | [static] |
Returns a singleton instance of this class.
- Returns:
- a reference to this class singleton
Definition at line 19 of file SecurityManager.cpp.
Referenced by prefetchKey(), dtn::api::ApiServer::processIncomingBundle(), dtn::routing::BaseRouter::raiseEvent(), and dtn::core::BundleCore::validate().
| void dtn::security::SecurityManager::prefetchKey | ( | const dtn::data::EID & | eid | ) |
This method should be called early as possible. It triggers a procedure to prepare the public key of some EID for later usage.
- Parameters:
-
eid The EID of the owner of the requested public key.
Definition at line 64 of file SecurityManager.cpp.
References getInstance(), dtn::data::EID::getString(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PUBLIC, and prefetchKey().
Referenced by prefetchKey().
| void dtn::security::SecurityManager::sign | ( | dtn::data::Bundle & | bundle | ) | const throw (KeyMissingException) |
This method signs the bundle with the own private key. If no key is available a KeyMissingException is thrown.
- Parameters:
-
bundle A bundle to sign.
Definition at line 49 of file SecurityManager.cpp.
References dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_PRIVATE, dtn::core::BundleCore::local, dtn::security::PayloadIntegrityBlock::sign(), and ibrcommon::Exception::what().
Referenced by dtn::api::ApiServer::processIncomingBundle().
| void dtn::security::SecurityManager::verify | ( | dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
This method verifies the bundle and removes all auth or integrity block if they could validated.
- Parameters:
-
bundle The bundle to verify.
Definition at line 72 of file SecurityManager.cpp.
Referenced by dtn::routing::BaseRouter::raiseEvent().
| void dtn::security::SecurityManager::verifyBAB | ( | dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
Definition at line 125 of file SecurityManager.cpp.
References dtn::data::PrimaryBlock::DTNSEC_STATUS_AUTHENTICATED, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), dtn::security::SecurityBlock::getSecuritySource(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityKey::KEY_SHARED, dtn::security::BundleAuthenticationBlock::strip(), dtn::security::BundleAuthenticationBlock::verify(), and ibrcommon::Exception::what().
| void dtn::security::SecurityManager::verifyPIB | ( | dtn::data::Bundle & | bundle | ) | const throw (VerificationFailedException) |
Definition at line 78 of file SecurityManager.cpp.
References dtn::data::PrimaryBlock::DTNSEC_STATUS_VERIFIED, dtn::security::SecurityKeyManager::get(), dtn::security::SecurityKeyManager::getInstance(), dtn::security::SecurityBlock::getSecuritySource(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::isSecurityDestination(), dtn::security::SecurityKey::KEY_PUBLIC, dtn::core::BundleCore::local, dtn::security::PayloadIntegrityBlock::strip(), and dtn::security::PayloadIntegrityBlock::verify().
The documentation for this class was generated from the following files:
- daemon/src/security/SecurityManager.h
- daemon/src/security/SecurityManager.cpp
