#include <LocalAccessCredentialData.h>

Inheritance diagram for OpenDDS::Security::LocalAccessCredentialData:

Collaboration diagram for OpenDDS::Security::LocalAccessCredentialData:

[legend]

Public Types
typedef DCPS::RcHandle< LocalAccessCredentialData >	shared_ptr

Public Member Functions
	LocalAccessCredentialData ()

	~LocalAccessCredentialData ()

bool	load (const DDS::PropertySeq &props, DDS::Security::SecurityException &ex)

bool	verify (DDS::Security::SecurityException &ex)

const SSL::Certificate &	get_ca_cert () const

const SSL::SignedDocument &	get_governance_doc () const

const SSL::SignedDocument &	get_permissions_doc () const

Public Member Functions inherited from OpenDDS::DCPS::RcObject
virtual	~RcObject ()

virtual void	_add_ref ()

virtual void	_remove_ref ()

long	ref_count () const

WeakObject *	_get_weak_object () const

Private Attributes
SSL::Certificate::unique_ptr	ca_cert_

SSL::SignedDocument	governance_doc_

SSL::SignedDocument	permissions_doc_

Additional Inherited Members
Protected Member Functions inherited from OpenDDS::DCPS::RcObject
	RcObject ()

Detailed Description

Definition at line 22 of file LocalAccessCredentialData.h.

Member Typedef Documentation

◆ shared_ptr

typedef DCPS::RcHandle<LocalAccessCredentialData> OpenDDS::Security::LocalAccessCredentialData::shared_ptr

Definition at line 24 of file LocalAccessCredentialData.h.

Constructor & Destructor Documentation

◆ LocalAccessCredentialData()

OpenDDS::Security::LocalAccessCredentialData::LocalAccessCredentialData ( )

Definition at line 18 of file LocalAccessCredentialData.cpp.

 {
 
 }

◆ ~LocalAccessCredentialData()

OpenDDS::Security::LocalAccessCredentialData::~LocalAccessCredentialData ( )

Definition at line 23 of file LocalAccessCredentialData.cpp.

24 {

25 }

Member Function Documentation

◆ get_ca_cert()

const SSL::Certificate& OpenDDS::Security::LocalAccessCredentialData::get_ca_cert ( ) const

inline

Definition at line 33 of file LocalAccessCredentialData.h.

References ca_cert_.

   {
     return *ca_cert_;
   }

◆ get_governance_doc()

const SSL::SignedDocument& OpenDDS::Security::LocalAccessCredentialData::get_governance_doc ( ) const

inline

Definition at line 38 of file LocalAccessCredentialData.h.

References governance_doc_.

   {
     return governance_doc_;
   }

◆ get_permissions_doc()

const SSL::SignedDocument& OpenDDS::Security::LocalAccessCredentialData::get_permissions_doc ( ) const

inline

Definition at line 43 of file LocalAccessCredentialData.h.

References permissions_doc_.

   {
     return permissions_doc_;
   }

◆ load()

bool OpenDDS::Security::LocalAccessCredentialData::load	(	const DDS::PropertySeq &	props,
		DDS::Security::SecurityException &	ex
	)

Definition at line 27 of file LocalAccessCredentialData.cpp.

References DDS::Security::Properties::AccessGovernance, DDS::Security::Properties::AccessPermissions, DDS::Security::Properties::AccessPermissionsCA, ca_cert_, governance_doc_, OpenDDS::Security::SSL::SignedDocument::load(), name, OpenDDS::Security::SSL::SignedDocument::original(), permissions_doc_, OpenDDS::DCPS::unique_ptr< T, Deleter >::reset(), OpenDDS::Security::CommonUtilities::set_security_error(), and value.

 {
   for (unsigned int i = 0; i < props.length(); ++i) {
     const std::string name(props[i].name);
     const std::string value(props[i].value);
 
     if (name == DDS::Security::Properties::AccessPermissionsCA) {
       ca_cert_.reset(new SSL::Certificate(value));
 
     } else if (name == DDS::Security::Properties::AccessGovernance) {
       if (!governance_doc_.load(value, ex)) {
         return false;
       }
 
     } else if (name == DDS::Security::Properties::AccessPermissions) {
       if (!permissions_doc_.load(value, ex)) {
         return false;
       }
     }
   }
 
   if (! ca_cert_) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::load: CA certificate data not provided");
     return false;
   }
 
   if (governance_doc_.original().length() == 0) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::load: Governance data not provided");
     return false;
   }
 
   if (permissions_doc_.original().length() == 0) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::load: Permissions data not provided");
     return false;
   }
 
   return true;
 }

◆ verify()

bool OpenDDS::Security::LocalAccessCredentialData::verify ( DDS::Security::SecurityException & ex )

Definition at line 67 of file LocalAccessCredentialData.cpp.

References ACE_DEBUG, ACE_TEXT(), ca_cert_, OpenDDS::DCPS::DCPS_debug_level, governance_doc_, LM_DEBUG, OPENDDS_END_VERSIONED_NAMESPACE_DECL, permissions_doc_, OpenDDS::Security::CommonUtilities::set_security_error(), and OpenDDS::Security::SSL::SignedDocument::verify().

 {
   if (!governance_doc_.verify(*ca_cert_)) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::verify: Governance signature not verified");
     return false;
   } else if (DCPS::DCPS_debug_level) {
     ACE_DEBUG((LM_DEBUG, ACE_TEXT("(%P|%t) LocalAccessCredentialData::verify: Governance signature verified\n")));
   }
 
   if (!permissions_doc_.verify(*ca_cert_)) {
     CommonUtilities::set_security_error(ex, -1, 0, "LocalAccessCredentialData::verify: Permissions signature not verified");
     return false;
   } else if (DCPS::DCPS_debug_level) {
     ACE_DEBUG((LM_DEBUG, ACE_TEXT("(%P|%t) AccessControlBuiltInImpl::validate_local_permissions: Permissions signature verified\n")));
   }
 
   return true;
 }