Mercurial Mercurial > code > sail > DTN2-BPQ / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
servlib/security/KeyDB.h
changeset 0 2b3e5ec03512 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/servlib/security/KeyDB.h	Thu Apr 21 14:57:45 2011 +0100
@@ -0,0 +1,196 @@
+/*
+ * Copyright 2007 BBN Technologies Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you
+ * may not use this file except in compliance with the License. You
+ * may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ */
+
+/*
+ * $Id$
+ */
+
+#ifndef _KEYDB_H_
+#define _KEYDB_H_
+
+#ifdef BSP_ENABLED
+
+#include <list>
+#include <string>
+#include <oasys/compat/inttypes.h>
+#include <oasys/util/Singleton.h>
+#include <oasys/util/StringBuffer.h>
+
+namespace dtn {
+
+class KeyDB : public oasys::Singleton<KeyDB, false> {
+public:
+
+    /**
+     * Nested class used to provide storage for key bytes.
+     */
+    class Entry;
+
+    /**
+     * Constructor (called at startup).
+     */
+    KeyDB();
+
+    /**
+     * Destructor (called at shutdown).
+     */
+    ~KeyDB();
+
+    /**
+     * Startup-time initializer.
+     */
+    static void init();
+
+    /**
+     * Set the key for a given host and ciphersuite type.  This will
+     * overwrite any existing entry for the same host/ciphersuite.
+     *
+     * XXX Eventually we'd probably want to index by KeyID too, which
+     * is how we'd distinguish between multiple keys for the same
+     * host.
+     */
+    static void set_key(Entry& entry);
+
+    /**
+     * Find the key for a given host and ciphersuite type.
+     *
+     * @return A pointer to the matching Entry, or NULL if no
+     * match is found.
+     */
+    static const Entry* find_key(const char* host, u_int16_t cs_num);
+    
+    /**
+     * Delete the key entry for the given host and ciphersuite type.
+     */
+    static void del_key(const char* host, u_int16_t cs_num);
+
+    /**
+     * Delete all key entries (including wildcard entries).
+     */
+    static void flush_keys();
+
+    /**
+     * Dump the contents of the KeyDB in human-readable form.
+     */
+    static void dump(oasys::StringBuffer* buf);
+
+    /**
+     * Dump a human-readable header for the output of dump().
+     */
+    static void dump_header(oasys::StringBuffer* buf);
+
+    /**
+     * Validate the specified ciphersuite number (see if it
+     * corresponds to a registered ciphersuite).
+     */
+    static bool validate_cs_num(u_int16_t cs_num);
+
+    /**
+     * Validate that the specified key length matches what's expected
+     * for the specified ciphersuite.  Stores the expected length back
+     * into the key_len argument if it's wrong.
+     */
+    static bool validate_key_len(u_int16_t cs_num, size_t* key_len);
+
+private:
+
+    typedef std::list<Entry> EntryList;
+
+    EntryList keys_;
+
+};
+
+class KeyDB::Entry {
+
+public:
+
+    /**
+     * Constructor.
+     *
+     * @param host     Name of host for whom this key should be used.
+     * @param cs_num   Ciphersuite number this key is to be used with.
+     * @param key      Key data.
+     * @param key_len  Length of key data (in bytes).
+     */
+    Entry(const char* host, u_int16_t cs_num, const u_char* key,
+          size_t key_len);
+
+    /**
+     * Default constructor.
+     */
+    Entry();
+
+    /**
+     * Copy constructor.
+     */
+    Entry(const Entry& other);
+
+    /**
+     * Destructor.
+     */
+    ~Entry();
+
+    /**
+     * Assignment operator.
+     */
+    void operator=(const Entry& other);
+
+    /**
+     * Determine if two entries have the same host and ciphersuite
+     * number.
+     */
+    bool match(const Entry& other) const;
+
+    /**
+     * Determine if this entry matches the given host and ciphersuite
+     * number.
+     */
+    bool match(const char* host, u_int16_t cs_num) const;
+
+    /**
+     * Same as match(), but also matches wildcard entries (where host
+     * is "*").
+     */
+    bool match_wildcard(const char* host, u_int16_t cs_num) const;
+
+    /// @{ Non-mutating accessors.
+    const std::string& host()     const { return host_; }
+    u_int16_t          cs_num()   const { return cs_num_; }
+    const u_char*      key()      const { return key_; }
+    size_t             key_len()  const { return key_len_; }
+    /// @}
+
+    /**
+     * Dump this entry to a StringBuffer in human-readable form.
+     */
+    void dump(oasys::StringBuffer* buf) const;
+
+    /**
+     * Dump a human-readable header for the output of dump().
+     */
+    static void dump_header(oasys::StringBuffer* buf);
+
+private:
+    std::string host_;
+    u_int16_t   cs_num_;
+    u_char*     key_;
+    size_t      key_len_;
+};
+
+} // namespace dtn
+
+#endif  /* BSP_ENABLED */
+
+#endif  /* _KEYDB_H_ */
DTN2-BPQ