d1/d6d/v3_2naive__certificate__provider_8hpp_source.html

#pragma once

#include <string>

#include <vanetza/common/runtime.hpp>

#include <vanetza/security/v2/basic_elements.hpp>

#include <vanetza/security/backend_cryptopp.hpp>

#include <vanetza/security/v3/certificate.hpp>

#include <vanetza/security/v3/certificate_provider.hpp>


namespace vanetza

{

namespace security

{

namespace v3

{


/**

 * \brief A very simplistic certificate provider

 *

 * This certificate provider signs its certificates with a randomly generated root certificate. This means the

 * signatures produced based on this certificate provider can't be verified by other parties.

 *

 * It's intended for experimenting with secured messages without validating signatures.

 */


class NaiveCertificateProvider : public BaseCertificateProvider

{

public:

    NaiveCertificateProvider(const Runtime&);


    /**

     * \brief get own certificate for signing

     * \return own certificate

     */

    const Certificate& own_certificate() override;


    /**

     * \brief get own private key

     * \return private key

     */

    const PrivateKey& own_private_key() override;


    /**

     * \brief get ticket signer certificate (same for all instances)

     * \return signing authorization authority certificate

     */

    const Certificate& aa_certificate();


    /**

     * \brief get root certificate (same for all instances)

     * \return signing root certificate

     */

    const Certificate& root_certificate();


    /**

     * \brief generate an authorization ticket

     * \return generated certificate

     */

    Certificate generate_authorization_ticket();


    /**

     * \brief sign an authorization ticket

     * \param certificate certificate to sign

     */

    void sign_authorization_ticket(Certificate& certificate);


private:

    /**

     * \brief get root key (same for all instances)

     * \return root key

     */

    const ecdsa256::KeyPair& aa_key_pair();


    /**

     * \brief get root key (same for all instances)

     * \return root key

     */

    const ecdsa256::KeyPair& root_key_pair();


    /**

     * \brief generate a authorization authority certificate

     *

     * \return generated certificate

     */

    Certificate generate_aa_certificate(const std::string& subject_name);


    /**

     * \brief generate a root certificate

     *

     * \return generated certificate

     */

    Certificate generate_root_certificate(const std::string& subject_name);


    BackendCryptoPP m_crypto_backend; /*< key generation is not a generic backend feature */

    const Runtime& m_runtime;

    const ecdsa256::KeyPair m_own_key_pair;

    Certificate m_own_certificate;

};


} // namespace v3

} // namespace security

} // namespace vanetza

vanetza::Runtime
Definition runtime.hpp:16

vanetza::security::BackendCryptoPP
Definition backend_cryptopp.hpp:15

vanetza::security::v3::BaseCertificateProvider
Definition certificate_provider.hpp:39

vanetza::security::v3::CertificateView::calculate_digest
boost::optional< HashedId8 > calculate_digest() const
Definition certificate.cpp:83

vanetza::security::v3::NaiveCertificateProvider
A very simplistic certificate provider.
Definition naive_certificate_provider.hpp:25

vanetza::security::v3::NaiveCertificateProvider::sign_authorization_ticket
void sign_authorization_ticket(Certificate &certificate)
sign an authorization ticket
Definition naive_certificate_provider.cpp:164

vanetza::security::v3::NaiveCertificateProvider::aa_key_pair
const ecdsa256::KeyPair & aa_key_pair()
get root key (same for all instances)
Definition naive_certificate_provider.cpp:65

vanetza::security::v3::NaiveCertificateProvider::generate_root_certificate
Certificate generate_root_certificate(const std::string &subject_name)
generate a root certificate
Definition naive_certificate_provider.cpp:247

vanetza::security::v3::NaiveCertificateProvider::generate_aa_certificate
Certificate generate_aa_certificate(const std::string &subject_name)
generate a authorization authority certificate
Definition naive_certificate_provider.cpp:171

vanetza::security::v3::NaiveCertificateProvider::own_certificate
const Certificate & own_certificate() override
get own certificate for signing
Definition naive_certificate_provider.cpp:50

vanetza::security::v3::NaiveCertificateProvider::generate_authorization_ticket
Certificate generate_authorization_ticket()
generate an authorization ticket
Definition naive_certificate_provider.cpp:95

vanetza::security::v3::NaiveCertificateProvider::root_certificate
const Certificate & root_certificate()
get root certificate (same for all instances)
Definition naive_certificate_provider.cpp:87

vanetza::security::v3::NaiveCertificateProvider::own_private_key
const PrivateKey & own_private_key() override
get own private key
Definition naive_certificate_provider.cpp:56

vanetza::security::v3::NaiveCertificateProvider::root_key_pair
const ecdsa256::KeyPair & root_key_pair()
get root key (same for all instances)
Definition naive_certificate_provider.cpp:72

vanetza::security::v3::NaiveCertificateProvider::aa_certificate
const Certificate & aa_certificate()
get ticket signer certificate (same for all instances)
Definition naive_certificate_provider.cpp:79

vanetza::security::Compressed_Lsb_Y_0
Compressed_Lsb_Y_0 specified in TS 103 097 v1.2.1 in section 4.2.5.
Definition ecc_point.hpp:24

vanetza::security::Compressed_Lsb_Y_1
Compressed_Lsb_Y_1 specified in TS 103 097 v1.2.1 in section 4.2.5.
Definition ecc_point.hpp:30

vanetza::security::PrivateKey
Definition private_key.hpp:12

vanetza::security::Uncompressed
Uncompressed specified in TS 103 097 v1.2.1 in section 4.2.5.
Definition ecc_point.hpp:36

vanetza::security::ecdsa256::KeyPair
Definition ecdsa256.hpp:41

vanetza::security::v3::Certificate
Definition certificate.hpp:134