1 files changed, 68 insertions, 9 deletions

diff --git a/src/components/security_manager/include/security_manager/crypto_manager_impl.h b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
index 4e48858e5c..5fd7a95155 100644
--- a/src/components/security_manager/include/security_manager/crypto_manager_impl.h
+++ b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
@@ -46,7 +46,6 @@
 
 #include "utils/macro.h"
 #include "utils/lock.h"
-#include "utils/shared_ptr.h"
 
 namespace security_manager {
 class CryptoManagerImpl : public CryptoManager {
@@ -71,6 +70,8 @@ class CryptoManagerImpl : public CryptoManager {
                  size_t* out_data_size) OVERRIDE;
     bool IsInitCompleted() const OVERRIDE;
     bool IsHandshakePending() const OVERRIDE;
+    bool GetCertificateDueDate(time_t& due_date) const OVERRIDE;
+    bool HasCertificate() const OVERRIDE;
     size_t get_max_block_size(size_t mtu) const OVERRIDE;
     std::string LastError() const OVERRIDE;
     void ResetConnection() OVERRIDE;
@@ -101,6 +102,22 @@ class CryptoManagerImpl : public CryptoManager {
 
     std::string GetTextBy(X509_NAME* name, int object) const;
 
+    /**
+     * @brief Pulls number stored in buffer of chars
+     * and returns it as integer
+     * @param buf where symbols stored
+     * @param idx index of required char to be converted
+     * @return number in integer representation
+     */
+    int get_number_from_char_buf(char* buf, int* idx) const;
+    /**
+     * @brief Converts time from ASN1 format (used in OpenSSL)
+     * to time_t data type
+     * @param time_to_convert time to be converted
+     * @return time in time_t format
+     */
+    time_t convert_asn1_time_to_time_t(ASN1_TIME* time_to_convert) const;
+
     SSL* connection_;
     BIO* bioIn_;
     BIO* bioOut_;
@@ -120,7 +137,7 @@ class CryptoManagerImpl : public CryptoManager {
 
  public:
   explicit CryptoManagerImpl(
-      const utils::SharedPtr<const CryptoManagerSettings> set);
+      const std::shared_ptr<const CryptoManagerSettings> set);
   ~CryptoManagerImpl();
 
   bool Init() OVERRIDE;
@@ -128,23 +145,65 @@ class CryptoManagerImpl : public CryptoManager {
   SSLContext* CreateSSLContext() OVERRIDE;
   void ReleaseSSLContext(SSLContext* context) OVERRIDE;
   std::string LastError() const OVERRIDE;
-  virtual bool IsCertificateUpdateRequired() const OVERRIDE;
+  bool IsCertificateUpdateRequired(
+      const time_t system_time, const time_t certificates_time) const OVERRIDE;
   virtual const CryptoManagerSettings& get_settings() const OVERRIDE;
 
  private:
+  bool AreForceProtectionSettingsCorrect() const;
   bool set_certificate(const std::string& cert_data);
 
-  int pull_number_from_buf(char* buf, int* idx);
-  void asn1_time_to_tm(ASN1_TIME* time);
+  /**
+   * @brief Saves new certificate data on the file system
+   * @param cert_data certificate data in PEM format
+   * @return true if new certificate data was successfully saved on the file
+   * system, otherwise returns false
+   */
+  bool SaveCertificateData(const std::string& cert_data) const;
+
+  /**
+   * @brief Updates certificate and private key for the current SSL context
+   * @param certificate new certificate to update
+   * @param key new private key to update
+   * @return true if certificate and private key were updated successfully,
+   * otherwise returns false
+   */
+  bool UpdateModuleCertificateData(X509* certificate, EVP_PKEY* key);
+
+  /**
+   * @brief Loads X509 certificate from file specified in CryptoManagerSettings
+   * @return returns pointer to the loaded X509 certificate in case of success
+   * otherwise returns NULL
+   */
+  X509* LoadModuleCertificateFromFile();
+
+  /**
+   * @brief Loads private key from file specified in CryptoManagerSettings
+   * @return returns pointer to the loaded private key in case of success
+   * otherwise returns NULL
+   */
+  EVP_PKEY* LoadModulePrivateKeyFromFile();
+
+  /**
+   * @brief Saves new X509 certificate data to file specified in
+   * CryptoManagerSettings
+   * @param certificate new X509 certificate data
+   * @return true if certificate data was saved to the file system otherwise
+   * returns false
+   */
+  bool SaveModuleCertificateToFile(X509* certificate) const;
 
   /**
-   * @brief Sets initial certificate datetime
+   * @brief Saves new private key data to file specified in
+   * CryptoManagerSettings
+   * @param key new private key data
+   * @return true if private key data was saved to the file system otherwise
+   * returns false
    */
-  void InitCertExpTime();
+  bool SaveModuleKeyToFile(EVP_PKEY* key) const;
 
-  const utils::SharedPtr<const CryptoManagerSettings> settings_;
+  const std::shared_ptr<const CryptoManagerSettings> settings_;
   SSL_CTX* context_;
-  mutable struct tm expiration_time_;
   static uint32_t instance_count_;
   static sync_primitives::Lock instance_lock_;
   DISALLOW_COPY_AND_ASSIGN(CryptoManagerImpl);