main/doxygen/identity_8h_source.html

// Copyright (c) Microsoft Corporation. All rights reserved.

// Licensed under the Apache 2.0 License.

#pragma once


#include "ccf/crypto/curve.h"

#include "ccf/crypto/verifier.h"

#include "ccf/node/cose_signatures_config.h"

#include "crypto/certs.h"

#include "crypto/openssl/key_pair.h"


#include <openssl/crypto.h>

#include <string>

#include <vector>


namespace ccf

{


  struct NetworkIdentity

  {

    ccf::crypto::Pem priv_key;

    ccf::crypto::Pem cert;


    bool operator==(const NetworkIdentity& other) const = default;


    NetworkIdentity(

      const std::string& subject_name,

      ccf::crypto::CurveID curve_id,

      const std::string& valid_from,

      size_t validity_period_days)

    {

      auto identity_key_pair =

        std::make_shared<ccf::crypto::KeyPair_OpenSSL>(curve_id);

      priv_key = identity_key_pair->private_key_pem();


      cert = ccf::crypto::create_self_signed_cert(

        identity_key_pair,

        subject_name,

        {} /* SAN */,

        valid_from,

        validity_period_days);

    }


    NetworkIdentity(const NetworkIdentity& other) = default;


    NetworkIdentity() = default;


    virtual ~NetworkIdentity()

    {

      OPENSSL_cleanse(priv_key.data(), priv_key.size());

    }


    ccf::crypto::Pem renew_certificate(

      const std::string& valid_from, size_t validity_period_days)

    {

      return ccf::crypto::create_self_signed_cert(

        get_key_pair(),

        ccf::crypto::get_subject_name(cert),

        {} /* SAN */,

        valid_from,

        validity_period_days);

    }


    void set_certificate(const ccf::crypto::Pem& new_cert)

    {

      cert = new_cert;

    }


    std::shared_ptr<ccf::crypto::KeyPair_OpenSSL> get_key_pair()

    {

      return std::make_shared<ccf::crypto::KeyPair_OpenSSL>(priv_key);

    }


  };


}

certs.h

ccf::crypto::Pem
Definition pem.h:18

ccf::crypto::Pem::size
size_t size() const
Definition pem.h:61

ccf::crypto::Pem::data
uint8_t * data()
Definition pem.h:51

cose_signatures_config.h

curve.h

verifier.h

ccf::crypto::CurveID
CurveID
Definition curve.h:18

ccf::crypto::get_subject_name
std::string get_subject_name(const Pem &cert)
Definition verifier.cpp:53

ccf
Definition app_interface.h:14

key_pair.h

ccf::NetworkIdentity
Definition identity.h:18

ccf::NetworkIdentity::NetworkIdentity
NetworkIdentity(const std::string &subject_name, ccf::crypto::CurveID curve_id, const std::string &valid_from, size_t validity_period_days)
Definition identity.h:24

ccf::NetworkIdentity::renew_certificate
ccf::crypto::Pem renew_certificate(const std::string &valid_from, size_t validity_period_days)
Definition identity.h:51

ccf::NetworkIdentity::set_certificate
void set_certificate(const ccf::crypto::Pem &new_cert)
Definition identity.h:62

ccf::NetworkIdentity::get_key_pair
std::shared_ptr< ccf::crypto::KeyPair_OpenSSL > get_key_pair()
Definition identity.h:67

ccf::NetworkIdentity::NetworkIdentity
NetworkIdentity()=default

ccf::NetworkIdentity::NetworkIdentity
NetworkIdentity(const NetworkIdentity &other)=default

ccf::NetworkIdentity::cert
ccf::crypto::Pem cert
Definition identity.h:20

ccf::NetworkIdentity::priv_key
ccf::crypto::Pem priv_key
Definition identity.h:19

ccf::NetworkIdentity::operator==
bool operator==(const NetworkIdentity &other) const =default

ccf::NetworkIdentity::~NetworkIdentity
virtual ~NetworkIdentity()
Definition identity.h:46