diff options
Diffstat (limited to 'src/components/include')
-rw-r--r-- | src/components/include/security_manager/crypto_manager.h | 30 | ||||
-rw-r--r-- | src/components/include/security_manager/ssl_context.h | 8 |
2 files changed, 34 insertions, 4 deletions
diff --git a/src/components/include/security_manager/crypto_manager.h b/src/components/include/security_manager/crypto_manager.h index e4867663a4..121d6c9081 100644 --- a/src/components/include/security_manager/crypto_manager.h +++ b/src/components/include/security_manager/crypto_manager.h @@ -34,6 +34,7 @@ #define SRC_COMPONENTS_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_CRYPTO_MANAGER_H_ #include <string> +#include "application_manager/policies/policy_handler_observer.h" /** * \class security_manager::CryptoManager @@ -52,14 +53,35 @@ class SSLContext; enum Mode { CLIENT, SERVER }; enum Protocol { SSLv3, TLSv1, TLSv1_1, TLSv1_2}; -class CryptoManager { +class CryptoManager: public policy::PolicyHandlerObserver{ public: + /** + * @brief Init allows to initialize cryptomanager with certain values. + * + * @param mode defines the cryptomanager mode: server or client. + * + * @param protocol set the appropriate number of ssl protocol to use. + * + * @param cert_data the stringified certificate data (certificate in PKCS12 format). + * + * @param ciphers_list the cipher list which will be used during secure connectin. + * + * @param verify_peer allows to distinguish if we need to verify the peers certificates + * + * @param ca_certificate_file location of CA file. + * + * @param hours_before_update when the certificate expiration date less then + * this value, the certificate update will be generated + * + * @return true in case initialization was succesfull, false otherwise. + */ virtual bool Init(Mode mode, Protocol protocol, - const std::string &cert_filename, + const std::string &cert_data, const std::string &ciphers_list, - bool verify_peer, - const std::string& ca_cert_file) = 0; + const bool verify_peer, + const std::string &ca_certificate_file, + const size_t hours_before_update) = 0; virtual SSLContext *CreateSSLContext() = 0; virtual bool OnCertificateUpdated(const std::string& data) = 0; virtual void ReleaseSSLContext(SSLContext *context) = 0; diff --git a/src/components/include/security_manager/ssl_context.h b/src/components/include/security_manager/ssl_context.h index 6e7c10939a..e361e98c3e 100644 --- a/src/components/include/security_manager/ssl_context.h +++ b/src/components/include/security_manager/ssl_context.h @@ -35,6 +35,8 @@ #include <cstddef> // for size_t typedef #include <string> +#include <ctype.h> +#include <algorithm> // TODO(EZamakhov): update brief info /** @@ -79,6 +81,12 @@ class SSLContext { const std::string& cn) { expected_sn = sn; expected_cn = cn; + + std::transform(expected_sn.begin(), expected_sn.end(), + expected_sn.begin(), ::tolower); + + std::transform(expected_cn.begin(), expected_cn.end(), + expected_cn.begin(), ::tolower); return *this; } }; |