1#ifndef ZT_CERTIFICATE_H
2#define ZT_CERTIFICATE_H
6#include <unordered_set>
7#include <cryptopp/rsa.h>
8#include <cryptopp/base64.h>
31 std::string
SignIdentity(uint32_t nodeId,
const std::string& role, time_t expiry);
63 void Revoke(uint32_t nodeId);
72 bool Authorize(uint32_t nodeId,
const std::string& role,
const std::string& certStr);
Issues and signs certificates for Zero Trust identity validation.
CryptoPP::RSA::PublicKey GetPublicKey() const
Retrieves the public RSA key of the CA.
CryptoPP::RSA::PublicKey publicKey
RSA public key distributed for verification.
CryptoPP::RSA::PrivateKey privateKey
RSA private key used for signing certificates.
CertificateAuthority()
Constructor that initializes and generates RSA key pair.
std::string SignIdentity(uint32_t nodeId, const std::string &role, time_t expiry)
Signs an identity certificate with node ID, role, and expiry.
Simulates a Zero Trust policy engine that enforces access control using certificates.
void Revoke(uint32_t nodeId)
Revokes a node by its ID, preventing it from being authorized.
CryptoPP::RSA::PublicKey caPublicKey
Trusted public key used for signature verification.
bool Authorize(uint32_t nodeId, const std::string &role, const std::string &certStr)
Authorizes a node based on its certificate.
std::unordered_set< uint32_t > revoke
Set of node IDs that are explicitly revoked.
void SetCaPublicKey(CryptoPP::RSA::PublicKey pub)
Sets the CA's public key used for certificate verification.
