diff options
| author | Alexandr Galiuzov <agaliuzov@luxoft.com> | 2015-08-03 14:21:46 +0300 |
|---|---|---|
| committer | Aleksandr Galiuzov <AGaliuzov@luxoft.com> | 2015-10-02 01:38:07 +0300 |
| commit | 158aa1da4f33fd17466e72a384bb22e710180cb2 (patch) | |
| tree | f7ddc8bef538c80866f7ae5308cf31c5a1b3aa96 /src/components/security_manager/include | |
| parent | f27ec44eb97ebb562c21629dcbd46ff8d9823871 (diff) | |
| download | sdl_core-158aa1da4f33fd17466e72a384bb22e710180cb2.tar.gz | |
Implement getting certificate from policy table
The commit contains changes which allows to obtain certificate for SSL
from policy table. The certificate stored as base64 encoded PKCS12.
The main flow as follows:
User start SDL: lify_cycle asks about certificate from policy pass it to
crypto manager which is creates SSL context with this data.
Policy updated certidficate: Crypto manager has been notified over
OnCertificateUpdated callback and reset
new certificate and private key into SSL
context.
Test was changed as well. Now our tests are using encoded pkcs12 as well.
Implements: APPLINK-12186
Closes-Issue: APPLINK-12187
Diffstat (limited to 'src/components/security_manager/include')
| -rw-r--r-- | src/components/security_manager/include/security_manager/crypto_manager_impl.h | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/src/components/security_manager/include/security_manager/crypto_manager_impl.h b/src/components/security_manager/include/security_manager/crypto_manager_impl.h index 43bb63ef67..6641050d40 100644 --- a/src/components/security_manager/include/security_manager/crypto_manager_impl.h +++ b/src/components/security_manager/include/security_manager/crypto_manager_impl.h @@ -87,21 +87,28 @@ class CryptoManagerImpl : public CryptoManager { public: CryptoManagerImpl(); - virtual bool Init(Mode mode, - Protocol protocol, - const std::string &cert_filename, - const std::string &key_filename, - const std::string &ciphers_list, - bool verify_peer); - virtual void Finish(); - virtual SSLContext *CreateSSLContext(); - virtual void ReleaseSSLContext(SSLContext *context); - virtual std::string LastError() const; + ~CryptoManagerImpl(); + + bool Init(Mode mode, + Protocol protocol, + const std::string &cert_data, + const std::string &ciphers_list, + const bool verify_peer, + const std::string &ca_certificate_file) OVERRIDE; + bool OnCertificateUpdated(const std::string &data) OVERRIDE; + SSLContext *CreateSSLContext() OVERRIDE; + void ReleaseSSLContext(SSLContext *context) OVERRIDE; + std::string LastError() const OVERRIDE; + +private: + bool set_certificate(const std::string &cert_data); - private: SSL_CTX *context_; Mode mode_; static uint32_t instance_count_; + static sync_primitives::Lock instance_lock_; + std::string certificate_data_; + bool verify_peer_; DISALLOW_COPY_AND_ASSIGN(CryptoManagerImpl); }; } // namespace security_manager |