zero-trust-iot-library/zt-tls-handshake_8cc_source.html

// zt-tls-handshake.cc


#include "zt-tls-handshake.h"

#include "ns3/log.h"

#include <cryptopp/aes.h>

#include <cryptopp/filters.h>

#include <cryptopp/hex.h>

#include <cryptopp/modes.h>

#include <cryptopp/osrng.h>


namespace ns3 {


NS_LOG_COMPONENT_DEFINE("ZtTlsHandshake");


TypeId ZtTlsHandshake::GetTypeId() {

  static TypeId tid = TypeId("ns3::ZtTlsHandshake")

    .SetParent<Object>()

    .SetGroupName("ZeroTrust")

    .AddConstructor<ZtTlsHandshake>();

  return tid;

}


ZtTlsHandshake::ZtTlsHandshake() {

  NS_LOG_FUNCTION(this);

}


void ZtTlsHandshake::StartHandshake(Ptr<Node> client, Ptr<Node> server, uint32_t clientId, uint32_t serverId) {

  NS_LOG_FUNCTION(this << client << server);


  if (m_policyValidator && !m_policyValidator(clientId, "client")) {

    Log("[ZT-HANDSHAKE] Client not authorized by policy");

    return;

  }


  if (m_policyValidator && !m_policyValidator(serverId, "server")) {

    Log("[ZT-HANDSHAKE] Server not authorized by policy");

    return;

  }


  CryptoPP::AutoSeededRandomPool prng;

  CryptoPP::byte key[CryptoPP::AES::DEFAULT_KEYLENGTH];

  prng.GenerateBlock(key, sizeof(key));


  std::string encoded;

  CryptoPP::StringSource ss(key, sizeof(key), true,

    new CryptoPP::HexEncoder(new CryptoPP::StringSink(encoded)));


  m_sessionKeys[serverId] = encoded;

  m_sessionKeys[clientId] = encoded;


  Log("[ZT-HANDSHAKE] Session established between Client " + std::to_string(clientId) +

      " and Server " + std::to_string(serverId) + " | Key: " + encoded);

}


bool ZtTlsHandshake::HasSession(uint32_t peerId) const {

  return m_sessionKeys.find(peerId) != m_sessionKeys.end();

}


std::string ZtTlsHandshake::GetSessionKey(uint32_t peerId) const {

  auto it = m_sessionKeys.find(peerId);

  return (it != m_sessionKeys.end()) ? it->second : "";

}


void ZtTlsHandshake::SetExternalLogger(std::function<void(std::string)> logger) {

  m_logger = logger;

}


void ZtTlsHandshake::SetPolicyValidator(std::function<bool(uint32_t, std::string)> validator) {

  m_policyValidator = validator;

}


void ZtTlsHandshake::Log(const std::string& msg) const {

  if (m_logger) {

    m_logger(msg);

  } else {

    NS_LOG_INFO(msg);

  }

}


} // namespace ns3


ns3::ZtTlsHandshake
Simulates a Zero Trust-based TLS handshake mechanism between NS-3 nodes.
Definition zt-tls-handshake.h:23

ns3::ZtTlsHandshake::StartHandshake
void StartHandshake(Ptr< Node > client, Ptr< Node > server, uint32_t clientId, uint32_t serverId)
Start a simulated TLS handshake between client and server nodes.
Definition zt-tls-handshake.cc:42

ns3::ZtTlsHandshake::SetExternalLogger
void SetExternalLogger(std::function< void(std::string)> logger)
Set an external logger for emitting TLS logs.
Definition zt-tls-handshake.cc:96

ns3::ZtTlsHandshake::ZtTlsHandshake
ZtTlsHandshake()
Constructor.
Definition zt-tls-handshake.cc:30

ns3::ZtTlsHandshake::m_logger
std::function< void(std::string)> m_logger
Optional external logger.
Definition zt-tls-handshake.h:83

ns3::ZtTlsHandshake::GetTypeId
static TypeId GetTypeId()
Get the NS-3 TypeId.
Definition zt-tls-handshake.cc:19

ns3::ZtTlsHandshake::GetSessionKey
std::string GetSessionKey(uint32_t peerId) const
Retrieve the session key for a peer in hexadecimal string format.
Definition zt-tls-handshake.cc:86

ns3::ZtTlsHandshake::m_sessionKeys
std::map< uint32_t, std::string > m_sessionKeys
Maps node IDs to session keys.
Definition zt-tls-handshake.h:82

ns3::ZtTlsHandshake::m_policyValidator
std::function< bool(uint32_t, std::string)> m_policyValidator
Optional external policy validator.
Definition zt-tls-handshake.h:84

ns3::ZtTlsHandshake::HasSession
bool HasSession(uint32_t peerId) const
Check if a session exists for a given peer.
Definition zt-tls-handshake.cc:76

ns3::ZtTlsHandshake::Log
void Log(const std::string &msg) const
Emit a log message using the external logger or NS_LOG fallback.
Definition zt-tls-handshake.cc:114

ns3::ZtTlsHandshake::SetPolicyValidator
void SetPolicyValidator(std::function< bool(uint32_t, std::string)> validator)
Set a policy validator for enforcing Zero Trust identity checks.
Definition zt-tls-handshake.cc:105

ns3
Definition zt-encryption-utils.cc:10

ns3::NS_LOG_COMPONENT_DEFINE
NS_LOG_COMPONENT_DEFINE("ZtPolicyEngine")

zt-tls-handshake.h