Vanetza
Loading...
Searching...
No Matches
certificate.hpp
1#ifndef CERTIFICATE_HPP_LWBWIAVL
2#define CERTIFICATE_HPP_LWBWIAVL
3
4#include <vanetza/common/byte_buffer.hpp>
5#include <vanetza/common/its_aid.hpp>
6#include <vanetza/security/backend.hpp>
7#include <vanetza/security/ecdsa256.hpp>
8#include <vanetza/security/v2/basic_elements.hpp>
9#include <vanetza/security/v2/ecc_point.hpp>
10#include <vanetza/security/v2/serialization.hpp>
11#include <vanetza/security/v2/signature.hpp>
12#include <vanetza/security/v2/signer_info.hpp>
13#include <vanetza/security/v2/subject_attribute.hpp>
14#include <vanetza/security/v2/subject_info.hpp>
15#include <vanetza/security/v2/validity_restriction.hpp>
16#include <boost/optional/optional.hpp>
17#include <boost/variant/get.hpp>
18
19namespace vanetza
20{
21namespace security
22{
23namespace v2
24{
25
26/// described in TS 103 097 v1.2.1 (2015-06), section 6.1
27struct Certificate
28{
29 SignerInfo signer_info;
30 SubjectInfo subject_info;
31 std::list<SubjectAttribute> subject_attributes;
32 std::list<ValidityRestriction> validity_restriction;
33 Signature signature;
34 // certificate version is two, for conformance with the present standard
35 uint8_t version() const { return 2; }
36
37 /**
38 * Get subject attribute of a certain type (if present)
39 * \param type of subject attribute
40 */
41 const SubjectAttribute* get_attribute(SubjectAttributeType type) const;
42
43 /**
44 * Get validity restriction of a certain type (if present)
45 * \param type of validity restriction
46 */
47 const ValidityRestriction* get_restriction(ValidityRestrictionType type) const;
48
49 /**
50 * Remove subject attribute of a certain type (if present)
51 * \param type of subject attribute
52 */
53 void remove_attribute(SubjectAttributeType type);
54
55 /**
56 * Remove validity restriction of a certain type (if present)
57 * \param type of validity restriction
58 */
59 void remove_restriction(ValidityRestrictionType type);
60
61 /**
62 * Add ITS-AID to certificate's subject attributes
63 * \param aid ITS-AID
64 */
65 void add_permission(ItsAid aid);
66
67 /**
68 * Add ITS-AID along with SSP to certificate's subject attributes
69 * \param aid ITS-AID
70 * \param ssp Service Specific Permissions
71 */
72 void add_permission(ItsAid aid, const ByteBuffer& ssp);
73
74 /**
75 * Get subject attribute by type
76 * \tparam T subject attribute type
77 * \return subject attribute, nullptr if not found
78 */
79 template<SubjectAttributeType T>
80 const subject_attribute_type<T>* get_attribute() const
81 {
82 using type = subject_attribute_type<T>;
83 const SubjectAttribute* field = get_attribute(T);
84 return boost::get<type>(field);
85 }
86
87 /**
88 * Get validity restriction by type
89 * \tparam T validity restriction type
90 * \return validity restriction, nullptr if not found
91 */
92 template<ValidityRestrictionType T>
93 const validity_restriction_type<T>* get_restriction() const
94 {
95 using type = validity_restriction_type<T>;
96 const ValidityRestriction* field = get_restriction(T);
97 return boost::get<type>(field);
98 }
99};
100
101/**
102 * \brief Calculates size of an certificate object
103 *
104 * \param cert
105 * \return number of octets needed to serialize the object
106 */
107size_t get_size(const Certificate&);
108
109/**
110 * \brief Serializes an object into a binary archive
111 *
112 * \param ar archive to serialize in
113 * \param cert to serialize
114 */
115void serialize(OutputArchive&, const Certificate&);
116
117/**
118 * \brief Deserializes an object from a binary archive
119 *
120 * \param ar archive with a serialized object at the beginning
121 * \param cert to deserialize
122 * \return size of the deserialized object
123 */
124size_t deserialize(InputArchive&, Certificate&);
125
126/**
127* \brief Serialize parts of a Certificate for signature calculation
128*
129* Uses version, signer_field, subject_info, subject_attributes (+ length),
130* validity_restriction (+ length).
131*
132* \param cert certificate to be converted
133* \return binary representation
134*/
135ByteBuffer convert_for_signing(const Certificate&);
136
137/**
138 * \brief Sort lists in the certificate to be in the correct order for serialization
139 *
140 * \param cert certificate to sort
141 */
142void sort(Certificate& certificate);
143
144/**
145 * \brief Extract public key from certificate
146 * \param cert Certificate
147 * \param backend Backend
148 * \return Uncompressed public key (if available)
149 */
150boost::optional<Uncompressed> get_uncompressed_public_key(const Certificate&, Backend& backend);
151
152/**
153 * \brief Extract public ECDSA256 key from certificate
154 * \param cert Certificate
155 * \param backend Backend
156 * \return public key (if available)
157 */
158boost::optional<ecdsa256::PublicKey> get_public_key(const Certificate&, Backend& backend);
159
160/**
161 * Calculate hash id of certificate
162 * \param cert Certificate
163 * \return hash
164 */
165HashedId8 calculate_hash(const Certificate&);
166
167} // namespace v2
168} // namespace security
169} // namespace vanetza
170
171#endif /* CERTIFICATE_HPP_LWBWIAVL */
vanetza::ChunkPacket
ChunckPacket is a packet consisting of several memory chunks.
Definition chunk_packet.hpp:19
vanetza::ChunkPacket::operator[]
ByteBufferConvertible & operator[](OsiLayer ol)
Definition chunk_packet.hpp:41
vanetza::ChunkPacket::merge
ChunkPacket & merge(ChunkPacket &packet, OsiLayer from, OsiLayer to)
Definition chunk_packet.cpp:77
vanetza::ChunkPacket::size
std::size_t size() const
Definition chunk_packet.cpp:44
vanetza::ChunkPacket::layer
const ByteBufferConvertible & layer(OsiLayer ol) const
Definition chunk_packet.cpp:33
vanetza::ChunkPacket::operator[]
const ByteBufferConvertible & operator[](OsiLayer ol) const
Definition chunk_packet.hpp:47
vanetza::ChunkPacket::layer
ByteBufferConvertible & layer(OsiLayer ol)
Definition chunk_packet.cpp:28
vanetza::ChunkPacket::size
std::size_t size(OsiLayer from, OsiLayer to) const
Definition chunk_packet.cpp:55
vanetza::ChunkPacket::extract
ChunkPacket extract(OsiLayer from, OsiLayer to)
Definition chunk_packet.cpp:67
vanetza::CohesivePacket::size
std::size_t size(OsiLayer from, OsiLayer to) const
Definition cohesive_packet.cpp:85
vanetza::CohesivePacket::operator[]
buffer_const_range operator[](OsiLayer layer) const
Definition cohesive_packet.cpp:41
vanetza::CohesivePacket::size
std::size_t size() const
Definition cohesive_packet.cpp:75
vanetza::CohesivePacket::set_boundary
void set_boundary(OsiLayer, unsigned bytes)
Definition cohesive_packet.cpp:51
vanetza::CohesivePacket::buffer
const ByteBuffer & buffer() const
Definition cohesive_packet.hpp:84
vanetza::CohesivePacket::CohesivePacket
CohesivePacket(const ByteBuffer &buffer, OsiLayer layer)
Definition cohesive_packet.cpp:16
vanetza::CohesivePacket::trim
void trim(OsiLayer from, unsigned bytes)
Definition cohesive_packet.cpp:58
vanetza::CohesivePacket::size
std::size_t size(OsiLayer single_layer) const
Definition cohesive_packet.cpp:80
vanetza::byte_view_iterator
Definition byte_view.hpp:16
vanetza::byte_view_range
Definition byte_view.hpp:135
vanetza::byte_view_range::operator[]
value_type operator[](size_type) const
Definition byte_view.cpp:48
vanetza::byte_view_range::byte_view_range
byte_view_range(ByteBuffer &&)
Definition byte_view.cpp:37
vanetza::byte_view_range::byte_view_range
byte_view_range(const ByteBuffer::const_iterator &, const ByteBuffer::const_iterator &)
Definition byte_view.cpp:27
vanetza::byte_view_range::data
ByteBuffer::const_pointer data() const
Definition byte_view.cpp:42
vanetza::geonet::Lifetime::encode
void encode(units::Duration)
Definition lifetime.cpp:45
vanetza::geonet::Lifetime::decode
units::Duration decode() const
Definition lifetime.cpp:59
vanetza::geonet::Timestamp::after
bool after(const Timestamp &other) const
Definition timestamp.cpp:76
vanetza::geonet::Timestamp::before
bool before(const Timestamp &other) const
Definition timestamp.cpp:71
vanetza::security::CertificateValidity::valid
static CertificateValidity valid()
Create CertificateValidity signalling a valid certificate This method is equivalent to default constr...
Definition certificate_validity.hpp:43
vanetza::security::CertificateValidity::CertificateValidity
CertificateValidity(CertificateInvalidReason reason)
Definition certificate_validity.hpp:36
vanetza::security::CertificateValidity::reason
CertificateInvalidReason reason() const
Get reason for certificate invalidity This call is only safe if reason is available,...
Definition certificate_validity.hpp:57
vanetza::security::v2::IntX
IntX specified in TS 103 097 v1.2.1, section 4.2.1.
Definition int_x.hpp:21
vanetza::convertible::byte_buffer_impl
Definition asn1c_conversion.hpp:16
vanetza::convertible::byte_buffer
Definition byte_buffer_convertible.hpp:16
vanetza::security::DecapConfirm::from
static DecapConfirm from(VerifyConfirm &&verify_confirm, const SecuredMessageView &msg_view)
Definition decap_service.cpp:41
vanetza::security::DecapRequest
Input data for decapsulating a secured message.
Definition decap_service.hpp:27
vanetza::security::Uncompressed
Uncompressed specified in TS 103 097 v1.2.1 in section 4.2.5.
Definition ecc_point.hpp:36
vanetza::security::v2::Certificate
described in TS 103 097 v1.2.1 (2015-06), section 6.1
Definition certificate.hpp:28
vanetza::security::v2::Certificate::add_permission
void add_permission(ItsAid aid, const ByteBuffer &ssp)
Definition certificate.cpp:242
vanetza::security::v2::Certificate::get_restriction
const ValidityRestriction * get_restriction(ValidityRestrictionType type) const
Definition certificate.cpp:195
vanetza::security::v2::Certificate::get_attribute
const SubjectAttribute * get_attribute(SubjectAttributeType type) const
Definition certificate.cpp:183
vanetza::security::v2::Certificate::remove_attribute
void remove_attribute(SubjectAttributeType type)
Definition certificate.cpp:207
vanetza::security::v2::Certificate::get_restriction
const validity_restriction_type< T > * get_restriction() const
Definition certificate.hpp:93
vanetza::security::v2::Certificate::get_attribute
const subject_attribute_type< T > * get_attribute() const
Definition certificate.hpp:80
vanetza::security::v2::Certificate::remove_restriction
void remove_restriction(ValidityRestrictionType type)
Definition certificate.cpp:218
vanetza::security::v2::Payload
Payload specified in TS 103 097 v1.2.1, section 5.2.
Definition payload.hpp:28
vanetza::security::v2::SecuredMessage
SecuredMessage as specified in TS 103 097 v1.2.1, section 5.1.
Definition secured_message.hpp:20
vanetza::security::v2::SecuredMessage::header_field
HeaderField * header_field(HeaderFieldType)
Definition secured_message.cpp:15
vanetza::security::v2::SecuredMessage::trailer_field
const TrailerField * trailer_field(TrailerFieldType type) const
Definition secured_message.cpp:51
vanetza::security::v2::SecuredMessage::header_field
const HeaderField * header_field(HeaderFieldType type) const
Definition secured_message.cpp:27
vanetza::security::v2::SecuredMessage::trailer_field
TrailerField * trailer_field(TrailerFieldType)
Definition secured_message.cpp:39
vanetza::security::v2::SubjectInfo
described in TS 103 097 v1.2.1, section 6.2
Definition subject_info.hpp:29
vanetza::security::v2::ThreeDLocation
ThreeDLocation specified in TS 103 097 v1.2.1, section 4.2.19.
Definition region.hpp:21
vanetza::security::v2::Time64WithStandardDeviation
Time64WithStandardDeviation specified in TS 103 097 v1.2.1, section 4.2.16.
Definition basic_elements.hpp:20
vanetza::security::v2::header_field_type< HeaderFieldType::Encryption_Parameters >
Definition header_field.hpp:130
vanetza::security::v2::header_field_type< HeaderFieldType::Expiration >
Definition header_field.hpp:100
vanetza::security::v2::header_field_type< HeaderFieldType::Generation_Location >
Definition header_field.hpp:106
vanetza::security::v2::header_field_type< HeaderFieldType::Generation_Time >
Definition header_field.hpp:88
vanetza::security::v2::header_field_type< HeaderFieldType::Generation_Time_Confidence >
Definition header_field.hpp:94
vanetza::security::v2::header_field_type< HeaderFieldType::Its_Aid >
Definition header_field.hpp:118
vanetza::security::v2::header_field_type< HeaderFieldType::Recipient_Info >
Definition header_field.hpp:136
vanetza::security::v2::header_field_type< HeaderFieldType::Request_Unrecognized_Certificate >
Definition header_field.hpp:112
vanetza::security::v2::header_field_type< HeaderFieldType::Signer_Info >
Definition header_field.hpp:124
vanetza::security::v2::header_field_type
resolve type for matching HeaderFieldType
Definition header_field.hpp:84
vanetza::security::v2::trailer_field_type
resolve type for matching TrailerFieldType
Definition trailer_field.hpp:60