Skip to content
Snippets Groups Projects
Commit e88e78a2 authored by Adrien Béraud's avatar Adrien Béraud
Browse files

securedht: support external certificate store

With setLocalCertificateStore, add an optional
custom callback to find an immediately available
certificate to use for encryption etc.
parent 428ac048
Branches
Tags
No related merge requests found
...@@ -223,6 +223,10 @@ public: ...@@ -223,6 +223,10 @@ public:
std::lock_guard<std::mutex> lck(dht_mtx); std::lock_guard<std::mutex> lck(dht_mtx);
dht_->registerCertificate(cert); dht_->registerCertificate(cert);
} }
void setLocalCertificateStore(SecureDht::CertificateStoreQuery&& query_method) {
std::lock_guard<std::mutex> lck(dht_mtx);
dht_->setLocalCertificateStore(std::move(query_method));
}
/** /**
* If threaded is false, loop() must be called periodically. * If threaded is false, loop() must be called periodically.
......
...@@ -121,6 +121,18 @@ public: ...@@ -121,6 +121,18 @@ public:
const std::shared_ptr<crypto::Certificate> getCertificate(const InfoHash& node) const; const std::shared_ptr<crypto::Certificate> getCertificate(const InfoHash& node) const;
using CertificateStoreQuery = std::function<std::vector<std::shared_ptr<crypto::Certificate>>(const InfoHash& pk_id)>;
/**
* Allows to set a custom callback called by the library to find a locally-stored certificate.
* The search key used is the public key ID, so there may be multiple certificates retured, signed with
* the same private key.
*/
void setLocalCertificateStore(CertificateStoreQuery&& query_method) {
localQueryMethod_ = std::move(query_method);
}
private: private:
// prevent copy // prevent copy
SecureDht(const SecureDht&) = delete; SecureDht(const SecureDht&) = delete;
...@@ -131,6 +143,10 @@ private: ...@@ -131,6 +143,10 @@ private:
std::shared_ptr<crypto::PrivateKey> key_ {}; std::shared_ptr<crypto::PrivateKey> key_ {};
std::shared_ptr<crypto::Certificate> certificate_ {}; std::shared_ptr<crypto::Certificate> certificate_ {};
// method to query the local certificate store
CertificateStoreQuery localQueryMethod_ {};
// our certificate cache
std::map<InfoHash, std::shared_ptr<crypto::Certificate>> nodesCertificates_ {}; std::map<InfoHash, std::shared_ptr<crypto::Certificate>> nodesCertificates_ {};
std::uniform_int_distribution<Value::Id> rand_id {}; std::uniform_int_distribution<Value::Id> rand_id {};
......
...@@ -144,15 +144,16 @@ SecureDht::registerCertificate(const InfoHash& node, const Blob& data) ...@@ -144,15 +144,16 @@ SecureDht::registerCertificate(const InfoHash& node, const Blob& data)
InfoHash h = crt->getPublicKey().getId(); InfoHash h = crt->getPublicKey().getId();
if (node == h) { if (node == h) {
DHT_DEBUG("Registering public key for %s", h.toString().c_str()); DHT_DEBUG("Registering public key for %s", h.toString().c_str());
nodesCertificates_[h] = crt; auto it = nodesCertificates_.find(h);
if (it == nodesCertificates_.end())
std::tie(it, std::ignore) = nodesCertificates_.emplace(h, std::move(crt));
else
it->second = std::move(crt);
return it->second;
} else { } else {
DHT_DEBUG("Certificate %s for node %s does not match node id !", h.toString().c_str(), node.toString().c_str()); DHT_DEBUG("Certificate %s for node %s does not match node id !", h.toString().c_str(), node.toString().c_str());
return nullptr; return nullptr;
} }
auto it = nodesCertificates_.find(h);
if (it == nodesCertificates_.end())
return nullptr;
return it->second;
} }
void void
...@@ -172,6 +173,17 @@ SecureDht::findCertificate(const InfoHash& node, std::function<void(const std::s ...@@ -172,6 +173,17 @@ SecureDht::findCertificate(const InfoHash& node, std::function<void(const std::s
cb(b); cb(b);
return; return;
} }
if (localQueryMethod_) {
auto res = localQueryMethod_(node);
if (not res.empty()) {
DHT_DEBUG("Registering public key from local store for %s", node.toString().c_str());
nodesCertificates_.emplace(node, res.front());
if (cb)
cb(res.front());
return;
}
}
auto found = std::make_shared<bool>(false); auto found = std::make_shared<bool>(false);
Dht::get(node, [cb,node,found,this](const std::vector<std::shared_ptr<Value>>& vals) { Dht::get(node, [cb,node,found,this](const std::vector<std::shared_ptr<Value>>& vals) {
if (*found) if (*found)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment