Aktualizr
C++ SOTA Client
All Classes Namespaces Files Functions Variables Enumerations Enumerator Pages
p11engine.h
1 #ifndef P11ENGINE_H_
2 #define P11ENGINE_H_
3 
4 #include <memory>
5 
6 #include <openssl/engine.h>
7 #include <openssl/err.h>
8 #include "gtest/gtest_prod.h"
9 
10 #include "logging/logging.h"
11 #include "p11_config.h"
12 
13 class P11ContextWrapper {
14  public:
15  explicit P11ContextWrapper(const boost::filesystem::path &module);
16  ~P11ContextWrapper();
17  P11ContextWrapper(const P11ContextWrapper &) = delete;
18  P11ContextWrapper &operator=(const P11ContextWrapper &) = delete;
19  PKCS11_ctx_st *get() const { return ctx; }
20 
21  private:
22  PKCS11_ctx_st *ctx;
23 };
24 
25 class P11SlotsWrapper {
26  public:
27  explicit P11SlotsWrapper(PKCS11_ctx_st *ctx_in);
28  ~P11SlotsWrapper();
29  P11SlotsWrapper(const P11SlotsWrapper &) = delete;
30  P11SlotsWrapper &operator=(const P11SlotsWrapper &) = delete;
31  PKCS11_slot_st *get_slots() const { return wslots_; }
32  unsigned int get_nslots() const { return nslots; }
33 
34  private:
35  PKCS11_ctx_st *ctx; // NOLINT
36  PKCS11_slot_st *wslots_;
37  unsigned int nslots;
38 };
39 
40 class P11EngineGuard;
41 
42 class P11Engine {
43  public:
44  P11Engine(const P11Engine &) = delete;
45  P11Engine &operator=(const P11Engine &) = delete;
46 
47  virtual ~P11Engine() {
48  if (ssl_engine_ != nullptr) {
49  ENGINE_finish(ssl_engine_);
50  ENGINE_free(ssl_engine_);
51  ENGINE_cleanup(); // for openssl < 1.1
52  }
53  }
54 
55  ENGINE *getEngine() { return ssl_engine_; }
56  std::string getUptaneKeyId() const { return uri_prefix_ + config_.uptane_key_id; }
57  std::string getTlsCacertId() const { return uri_prefix_ + config_.tls_cacert_id; }
58  std::string getTlsPkeyId() const { return uri_prefix_ + config_.tls_pkey_id; }
59  std::string getTlsCertId() const { return uri_prefix_ + config_.tls_clientcert_id; }
60  bool readUptanePublicKey(std::string *key_out);
61  bool readTlsCert(std::string *cert_out) const;
62  bool generateUptaneKeyPair();
63 
64  private:
65  const P11Config config_;
66  ENGINE *ssl_engine_{nullptr};
67  std::string uri_prefix_;
68  P11ContextWrapper ctx_;
69  P11SlotsWrapper slots_;
70 
71  static boost::filesystem::path findPkcsLibrary();
72  PKCS11_slot_st *findTokenSlot() const;
73 
74  explicit P11Engine(P11Config config);
75 
76  friend class P11EngineGuard;
77  FRIEND_TEST(crypto, findPkcsLibrary);
78 };
79 
80 class P11EngineGuard {
81  public:
82  explicit P11EngineGuard(const P11Config &config) {
83  if (instance == nullptr) {
84  instance = new P11Engine(config);
85  }
86  ++ref_counter;
87  };
88  ~P11EngineGuard() {
89  if (ref_counter != 0) {
90  --ref_counter;
91  }
92  if (ref_counter == 0) {
93  delete instance;
94  instance = nullptr;
95  }
96  }
97  P11Engine *operator->() const { return instance; }
98 
99  private:
100  static P11Engine *instance;
101  static int ref_counter;
102 };
103 
104 #endif
P11Engine
Definition: p11engine.h:42
P11SlotsWrapper
Definition: p11engine.h:25
P11Config
Definition: p11_config.h:15
P11ContextWrapper
Definition: p11engine.h:13
P11EngineGuard
Definition: p11engine.h:80
Generated by   doxygen 1.8.16