html/dds/a00992_source.html

 /*
  * Distributed under the OpenDDS License.
  * See: http://www.OpenDDS.org/license.html
  */

 #include "LocalAccessCredentialData.h"

 #include "dds/DCPS/security/CommonUtilities.h"
 #include "dds/DCPS/security/framework/Properties.h"

 #include "dds/DCPS/debug.h"

 OPENDDS_BEGIN_VERSIONED_NAMESPACE_DECL

 namespace OpenDDS {
 namespace Security {

 LocalAccessCredentialData::LocalAccessCredentialData()
 {

 }

 LocalAccessCredentialData::~LocalAccessCredentialData()
 {
 }

 bool LocalAccessCredentialData::load(const DDS::PropertySeq& props,
                                      DDS::Security::SecurityException& ex)
 {
   for (unsigned int i = 0; i < props.length(); ++i) {
     const std::string name(props[i].name);
     const std::string value(props[i].value);

     if (name == DDS::Security::Properties::AccessPermissionsCA) {
       ca_cert_.reset(new SSL::Certificate(value));

     } else if (name == DDS::Security::Properties::AccessGovernance) {
       if (!governance_doc_.load(value, ex)) {
         return false;
       }

     } else if (name == DDS::Security::Properties::AccessPermissions) {
       if (!permissions_doc_.load(value, ex)) {
         return false;
       }
     }
   }

   if (! ca_cert_) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::load: CA certificate data not provided");
     return false;
   }

   if (governance_doc_.original().length() == 0) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::load: Governance data not provided");
     return false;
   }

   if (permissions_doc_.original().length() == 0) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::load: Permissions data not provided");
     return false;
   }

   return true;
 }

 bool LocalAccessCredentialData::verify(DDS::Security::SecurityException& ex)
 {
   if (!governance_doc_.verify(*ca_cert_)) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::verify: Governance signature not verified");
     return false;
   } else if (DCPS::DCPS_debug_level) {
     ACE_DEBUG((LM_DEBUG, ACE_TEXT("(%P|%t) LocalAccessCredentialData::verify: Governance signature verified\n")));
   }

   if (!permissions_doc_.verify(*ca_cert_)) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::verify: Permissions signature not verified");
     return false;
   } else if (DCPS::DCPS_debug_level) {
     ACE_DEBUG((LM_DEBUG, ACE_TEXT("(%P|%t) AccessControlBuiltInImpl::validate_local_permissions: Permissions signature verified\n")));
   }

   return true;
 }

 }
 }

 OPENDDS_END_VERSIONED_NAMESPACE_DECL
OpenDDS::Security::SSL::SignedDocument::load
bool load(const std::string &uri, DDS::Security::SecurityException &ex)
Definition: SignedDocument.cpp:54

ACE_DEBUG
#define ACE_DEBUG(X)

OpenDDS::Security::SSL::Certificate
Definition: Certificate.h:29

value
const LogLevel::Value value
Definition: debug.cpp:61

debug.h

OpenDDS::Security::LocalAccessCredentialData::~LocalAccessCredentialData
~LocalAccessCredentialData()
Definition: LocalAccessCredentialData.cpp:23

OpenDDS::Security::LocalAccessCredentialData::verify
bool verify(DDS::Security::SecurityException &ex)
Definition: LocalAccessCredentialData.cpp:67

OpenDDS::DCPS::unique_ptr::reset
void reset(T *p=0)
Definition: unique_ptr.h:90

OpenDDS::Security::LocalAccessCredentialData::load
bool load(const DDS::PropertySeq &props, DDS::Security::SecurityException &ex)
Definition: LocalAccessCredentialData.cpp:27

OpenDDS::Security::LocalAccessCredentialData::LocalAccessCredentialData
LocalAccessCredentialData()
Definition: LocalAccessCredentialData.cpp:18

Properties.h

OpenDDS::Security::LocalAccessCredentialData::ca_cert_
SSL::Certificate::unique_ptr ca_cert_
Definition: LocalAccessCredentialData.h:50

LM_DEBUG
LM_DEBUG

DDS::Security::Properties::AccessGovernance
const char AccessGovernance[]
Definition: Properties.h:17

DDS::Security::Properties::AccessPermissionsCA
const char AccessPermissionsCA[]
Definition: Properties.h:19

LocalAccessCredentialData.h

OpenDDS::Security::LocalAccessCredentialData::permissions_doc_
SSL::SignedDocument permissions_doc_
Definition: LocalAccessCredentialData.h:52

OpenDDS::RTPS::PropertySeq
DDS::PropertySeq PropertySeq
Definition: RtpsCore.idl:49

name
const char *const name
Definition: debug.cpp:60

ACE_TEXT
ACE_TEXT("TCP_Factory")

OpenDDS::Security::SSL::SignedDocument::verify
bool verify(const Certificate &ca)
Definition: SignedDocument.cpp:254

Security

OpenDDS::DCPS::DCPS_debug_level
OpenDDS_Dcps_Export unsigned int DCPS_debug_level
Definition: debug.cpp:30

CommonUtilities.h

OpenDDS::Security::SSL::SignedDocument::original
const DDS::OctetSeq & original() const
Definition: SignedDocument.h:35

OPENDDS_END_VERSIONED_NAMESPACE_DECL
#define OPENDDS_END_VERSIONED_NAMESPACE_DECL
Definition: Versioned_Namespace.h:48

DDS::Security::Properties::AccessPermissions
const char AccessPermissions[]
Definition: Properties.h:18

OPENDDS_BEGIN_VERSIONED_NAMESPACE_DECL
Definition: Hash.cpp:17

DDS::Security::SecurityException
Definition: DdsSecurityCore.idl:156

OpenDDS::Security::CommonUtilities::set_security_error
bool set_security_error(DDS::Security::SecurityException &ex, int code, int minor_code, const char *message)
Definition: CommonUtilities.cpp:60

OpenDDS
The Internal API and Implementation of OpenDDS.
Definition: AddressCache.h:28

OpenDDS::Security::LocalAccessCredentialData::governance_doc_
SSL::SignedDocument governance_doc_
Definition: LocalAccessCredentialData.h:51