Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modernize usage and support for public key cryptography #158

Merged
merged 52 commits into from
May 28, 2024
Merged

Modernize usage and support for public key cryptography #158

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
f74ece9
Support generated different types of private keys, encoded into diffe…
mattrm456 Mar 26, 2024
abf031b
clang-format
mattrm456 Mar 26, 2024
468722b
Encryption certificate and key storage data
mattrm456 Mar 26, 2024
4623061
Encryption client and server configuration and testing
mattrm456 Mar 27, 2024
1cd9124
Certificate and key encoding and decoding
mattrm456 Mar 27, 2024
7bdba86
Encyryption resource abstraction
mattrm456 Mar 29, 2024
96c424c
Remove key and certificate-specific storage APIs in favor of the gene…
mattrm456 Apr 1, 2024
40ad563
Encryption key definitions
mattrm456 Apr 5, 2024
e0f616a
Encryption key definitions
mattrm456 Apr 5, 2024
22b3c91
Encryption numbers
mattrm456 Apr 9, 2024
08aa87b
Encryption numbers
mattrm456 Apr 12, 2024
aed4897
Encryption numbers
mattrm456 Apr 13, 2024
7bdf157
Encryption numbers
mattrm456 Apr 14, 2024
185d382
Move ntca_encryptionnumber to ntsa_abstract
mattrm456 Apr 15, 2024
7f01ffe
Abstract integers
mattrm456 Apr 15, 2024
bdee2a1
Abstract syntax notation
mattrm456 Apr 15, 2024
27af85e
Abstract syntax notation
mattrm456 Apr 17, 2024
f1236c1
Abstract syntax encoding
mattrm456 Apr 18, 2024
0c608fa
Abstract syntax encoding
mattrm456 Apr 18, 2024
8fdded8
Abstract syntax encoding
mattrm456 Apr 19, 2024
298d45e
Encryption client and server options compatibility
mattrm456 Apr 20, 2024
612a464
Encryption certificate value-semantic type
mattrm456 Apr 23, 2024
551d5d6
Encryption certificate value-semantic type
mattrm456 Apr 24, 2024
69c4ff6
Encryption certificate value-semantic type
mattrm456 Apr 26, 2024
991c64b
Encryption certificate value-semantic type
mattrm456 Apr 27, 2024
9d4996a
Encryption certificate value-semantic type
mattrm456 Apr 28, 2024
4eb71b7
Encryption certificate value-semantic type
mattrm456 Apr 29, 2024
993d9d8
Encryption certificate value-semantic type
mattrm456 Apr 30, 2024
c3e9508
Encryption certificate value-semantic type
mattrm456 May 1, 2024
0a458df
Encryption certificate value-semantic type
mattrm456 May 2, 2024
a7cb5a7
Encryption certificate value-semantic type
mattrm456 May 4, 2024
6979730
Eliminate warnings from GCC
mattrm456 May 4, 2024
3ba6215
Encryption certificate value-semantic type
mattrm456 May 6, 2024
497b894
Encryption certificate value-semantic type
mattrm456 May 6, 2024
cc432b9
Encryption certificate value-semantic type
mattrm456 May 7, 2024
6ffa144
Encryption certificate value-semantic type
mattrm456 May 7, 2024
f5c5555
Encryption certificate value-semantic type
mattrm456 May 7, 2024
dd3ce5a
Encryption object refactoring preparation
mattrm456 May 8, 2024
9b84f18
Encryption key value-semantic type
mattrm456 May 8, 2024
bf80f41
Print bit strings in hex if they are really public or private keys
mattrm456 May 8, 2024
b54d618
Modernize PKI
mattrm456 May 12, 2024
dd40578
Modernize PKI
mattrm456 May 12, 2024
dbc4123
Server name indication and verification
mattrm456 May 15, 2024
05ea5e1
Server name indication and verification
mattrm456 May 17, 2024
9ddecf5
Server name indication and verification
mattrm456 May 19, 2024
4c23dd1
Encryption certificate validation parameters
mattrm456 May 22, 2024
5baf0e5
Remove unused ntca_encryptionstorage
mattrm456 May 22, 2024
f8d7799
Prepare for PR
mattrm456 May 22, 2024
50047c9
Fix warnings from MSVC
May 23, 2024
00e661c
Fix accidental autocomplete of NL_TEXTMAX in lieu of 'text'
May 23, 2024
407a1d2
Fix undeclared type bsl::streamsize
mattrm456 May 28, 2024
2d6c1f5
Merge branch 'ntca-encryption-key-type' of github:mattrm456/ntf-core …
mattrm456 May 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9,473 changes: 9,473 additions & 0 deletions groups/ntc/ntca/ntca_encryptioncertificate.cpp
View file
Open in desktop

Large diffs are not rendered by default.

5,892 changes: 5,892 additions & 0 deletions groups/ntc/ntca/ntca_encryptioncertificate.h
View file
Open in desktop

Large diffs are not rendered by default.

626 changes: 626 additions & 0 deletions groups/ntc/ntca/ntca_encryptioncertificate.t.cpp
View file
Open in desktop

Large diffs are not rendered by default.

223 changes: 197 additions & 26 deletions groups/ntc/ntca/ntca_encryptioncertificateoptions.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,13 @@ BSLS_IDENT_RCSID(ntca_encryptioncertificateoptions_cpp, "$Id$ $CSID$")
namespace BloombergLP {
namespace ntca {

namespace {
bsls::AtomicUint s_nextSerialNumber;
} // close unnamed namespace

EncryptionCertificateOptions::EncryptionCertificateOptions()
: d_serialNumber(s_nextSerialNumber++)
EncryptionCertificateOptions::EncryptionCertificateOptions(
bslma::Allocator* basicAllocator)
: d_serialNumber(0)
, d_startTime()
, d_expirationTime()
, d_authority(false)
, d_hosts(basicAllocator)
{
d_startTime = bdlt::CurrentTime::asDatetimeTz();

Expand All @@ -49,26 +47,140 @@ EncryptionCertificateOptions::EncryptionCertificateOptions()
d_expirationTime.setDatetimeTz(localExpirationTime, d_startTime.offset());
}

void EncryptionCertificateOptions::setSerialNumber(int serialNumber)
EncryptionCertificateOptions::EncryptionCertificateOptions(
const EncryptionCertificateOptions& original,
bslma::Allocator* basicAllocator)
: d_serialNumber(original.d_serialNumber)
, d_startTime(original.d_startTime)
, d_expirationTime(original.d_expirationTime)
, d_authority(original.d_authority)
, d_hosts(original.d_hosts, basicAllocator)
{
}

EncryptionCertificateOptions::~EncryptionCertificateOptions()
{
}

EncryptionCertificateOptions& EncryptionCertificateOptions::operator=(
const EncryptionCertificateOptions& other)
{
d_serialNumber = serialNumber;
if (this != &other) {
d_serialNumber = other.d_serialNumber;
d_startTime = other.d_startTime;
d_expirationTime = other.d_expirationTime;
d_authority = other.d_authority;
d_hosts = other.d_hosts;
}

return *this;
}

void EncryptionCertificateOptions::setStartTime(
const bdlt::DatetimeTz& startTime)
void EncryptionCertificateOptions::reset()
{
d_startTime = startTime;
d_serialNumber = 0;
d_startTime = bdlt::DatetimeTz();
d_expirationTime = bdlt::DatetimeTz();
d_authority = false;
d_hosts.clear();
}

void EncryptionCertificateOptions::setSerialNumber(int value)
{
d_serialNumber = value;
}

void EncryptionCertificateOptions::setStartTime(const bdlt::DatetimeTz& value)
{
d_startTime = value;
}

void EncryptionCertificateOptions::setExpirationTime(
const bdlt::DatetimeTz& expirationTime)
const bdlt::DatetimeTz& value)
{
d_expirationTime = expirationTime;
d_expirationTime = value;
}

void EncryptionCertificateOptions::setAuthority(bool authority)
void EncryptionCertificateOptions::setAuthority(bool value)
{
d_authority = authority;
d_authority = value;
}

void EncryptionCertificateOptions::setHostList(
const bsl::vector<bsl::string>& value)
{
d_hosts = value;
}

void EncryptionCertificateOptions::addHost(const bsl::string& value)
{
d_hosts.push_back(value);
}

void EncryptionCertificateOptions::addHost(const ntsa::Endpoint& value)
{
if (value.isIp()) {
this->addHost(value.ip());
}
else if (value.isLocal()) {
this->addHost(value.local());
}
}

void EncryptionCertificateOptions::addHost(const ntsa::IpEndpoint& value)
{
this->addHost(value.host());
}

void EncryptionCertificateOptions::addHost(const ntsa::IpAddress& value)
{
if (value.isV4()) {
this->addHost(value.v4());
}
else if (value.isV6()) {
this->addHost(value.v6());
}
}

void EncryptionCertificateOptions::addHost(const ntsa::Ipv4Address& value)
{
d_hosts.push_back(value.text());
}

void EncryptionCertificateOptions::addHost(const ntsa::Ipv6Address& value)
{
d_hosts.push_back(value.text());
}

void EncryptionCertificateOptions::addHost(const ntsa::LocalName& value)
{
d_hosts.push_back(value.value());
}

void EncryptionCertificateOptions::addHost(const ntsa::Host& value)
{
if (value.isDomainName()) {
this->addHost(value.domainName());
}
else if (value.isIp()) {
this->addHost(value.ip());
}
}

void EncryptionCertificateOptions::addHost(const ntsa::DomainName& value)
{
d_hosts.push_back(value.text());
}

void EncryptionCertificateOptions::addHost(const ntsa::Uri& value)
{
if (!value.authority().isNull()) {
const ntsa::UriAuthority& authority = value.authority().value();
if (!authority.host().isNull()) {
const ntsa::Host& host = authority.host().value();
this->addHost(host);
}
}
}

int EncryptionCertificateOptions::serialNumber() const
Expand All @@ -91,27 +203,86 @@ bool EncryptionCertificateOptions::authority() const
return d_authority;
}

const bsl::vector<bsl::string>& EncryptionCertificateOptions::hosts() const
{
return d_hosts;
}

bool EncryptionCertificateOptions::equals(
const EncryptionCertificateOptions& other) const
{
return d_serialNumber == other.d_serialNumber &&
d_startTime == other.d_startTime &&
d_expirationTime == other.d_expirationTime &&
d_authority == other.d_authority && d_hosts == other.d_hosts;
;
}

bool EncryptionCertificateOptions::less(
const EncryptionCertificateOptions& other) const
{
if (d_serialNumber < other.d_serialNumber) {
return true;
}

if (other.d_serialNumber < d_serialNumber) {
return false;
}

if (d_startTime.gmtDatetime() < other.d_startTime.gmtDatetime()) {
return true;
}

if (other.d_startTime.gmtDatetime() < d_startTime.gmtDatetime()) {
return false;
}

if (d_expirationTime.gmtDatetime() < other.d_expirationTime.gmtDatetime())
{
return true;
}

if (other.d_expirationTime.gmtDatetime() < d_expirationTime.gmtDatetime())
{
return false;
}

if (d_authority < other.d_authority) {
return true;
}

if (other.d_authority < d_authority) {
return false;
}

return d_hosts < other.d_hosts;
}

bsl::ostream& EncryptionCertificateOptions::print(bsl::ostream& stream,
int level,
int spacesPerLevel) const
{
bslim::Printer printer(&stream, level, spacesPerLevel);
printer.start();
printer.printAttribute("d_serialNumber", d_serialNumber);
printer.printAttribute("d_startTime", d_startTime);
printer.printAttribute("d_expirationTime", d_expirationTime);
printer.printAttribute("d_authority", d_authority);
printer.printAttribute("serialNumber", d_serialNumber);
printer.printAttribute("startTime", d_startTime);
printer.printAttribute("expirationTime", d_expirationTime);
printer.printAttribute("authority", d_authority);
printer.printAttribute("hosts", d_hosts);
printer.end();
return stream;
}

bsl::ostream& operator<<(bsl::ostream& stream,
const EncryptionCertificateOptions& object)
{
return object.print(stream, 0, -1);
}

bool operator==(const EncryptionCertificateOptions& lhs,
const EncryptionCertificateOptions& rhs)
{
return lhs.serialNumber() == rhs.serialNumber() &&
lhs.startTime() == rhs.startTime() &&
lhs.expirationTime() == rhs.expirationTime() &&
lhs.authority() == rhs.authority();
return lhs.equals(rhs);
}

bool operator!=(const EncryptionCertificateOptions& lhs,
Expand All @@ -120,10 +291,10 @@ bool operator!=(const EncryptionCertificateOptions& lhs,
return !operator==(lhs, rhs);
}

bsl::ostream& operator<<(bsl::ostream& stream,
const EncryptionCertificateOptions& object)
bool operator<(const EncryptionCertificateOptions& lhs,
const EncryptionCertificateOptions& rhs)
{
return object.print(stream, 0, -1);
return lhs.less(rhs);
}

} // close package namespace
Expand Down
Loading
Loading