dc/de5/v1_2key-chain_8hpp_source.html

 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */

 #ifndef NDN_SECURITY_V1_KEY_CHAIN_HPP

 #define NDN_SECURITY_V1_KEY_CHAIN_HPP


 #include "sec-public-info.hpp"

 #include "sec-tpm.hpp"

 #include "secured-bag.hpp"

 #include "../key-params.hpp"

 #include "../signature-sha256-with-rsa.hpp"

 #include "../signature-sha256-with-ecdsa.hpp"

 #include "../digest-sha256.hpp"

 #include "../signing-info.hpp"


 #include "../../interest.hpp"

 #include "../../util/crypto.hpp"

 #include "../../util/random.hpp"

 #include <initializer_list>


 namespace ndn {

 namespace security {

 namespace v1 {


 class KeyChain : noncopyable

 {

 public:

   class Error : public std::runtime_error

   {

   public:

     explicit

     Error(const std::string& what)

       : std::runtime_error(what)

     {

     }

   };


   class MismatchError : public Error

   {

   public:

     explicit

     MismatchError(const std::string& what)

       : Error(what)

     {

     }

   };


   typedef function<unique_ptr<SecPublicInfo> (const std::string&)> PibCreateFunc;

   typedef function<unique_ptr<SecTpm>(const std::string&)> TpmCreateFunc;


   template<class PibType>

   static void

   registerPib(std::initializer_list<std::string> aliases);


   template<class TpmType>

   static void

   registerTpm(std::initializer_list<std::string> aliases);


   static std::string

   getDefaultPibLocator();


   static unique_ptr<SecPublicInfo>

   createPib(const std::string& pibLocator);


   static std::string

   getDefaultTpmLocator();


   static unique_ptr<SecTpm>

   createTpm(const std::string& tpmLocator);


   KeyChain();


   KeyChain(const std::string& pibLocator,

            const std::string& tpmLocator,

            bool allowReset = false);


   virtual

   ~KeyChain();


   Name

   createIdentity(const Name& identityName, const KeyParams& params = DEFAULT_KEY_PARAMS);


   Name

   generateRsaKeyPair(const Name& identityName, bool isKsk = false, uint32_t keySize = 2048);


   Name

   generateEcKeyPair(const Name& identityName, bool isKsk = false, uint32_t keySize = 256);


   Name

   generateRsaKeyPairAsDefault(const Name& identityName, bool isKsk = false, uint32_t keySize = 2048);


   Name

   generateEcKeyPairAsDefault(const Name& identityName, bool isKsk = false, uint32_t keySize = 256);


   shared_ptr<IdentityCertificate>

   prepareUnsignedIdentityCertificate(const Name& keyName,

     const Name& signingIdentity,

     const time::system_clock::TimePoint& notBefore,

     const time::system_clock::TimePoint& notAfter,

     const std::vector<CertificateSubjectDescription>& subjectDescription,

     const Name& certPrefix = DEFAULT_PREFIX);


   shared_ptr<IdentityCertificate>

   prepareUnsignedIdentityCertificate(const Name& keyName,

     const PublicKey& publicKey,

     const Name& signingIdentity,

     const time::system_clock::TimePoint& notBefore,

     const time::system_clock::TimePoint& notAfter,

     const std::vector<CertificateSubjectDescription>& subjectDescription,

     const Name& certPrefix = DEFAULT_PREFIX);


   void

   sign(Data& data, const SigningInfo& params = DEFAULT_SIGNING_INFO);


   void

   sign(Interest& interest, const SigningInfo& params = DEFAULT_SIGNING_INFO);


   Block

   sign(const uint8_t* buffer, size_t bufferLength, const SigningInfo& params);


   template<typename T>

   void

   sign(T& packet, const Name& certificateName);


   Signature

   sign(const uint8_t* buffer, size_t bufferLength, const Name& certificateName);


   template<typename T>

   void

   signByIdentity(T& packet, const Name& identityName);


   Signature

   signByIdentity(const uint8_t* buffer, size_t bufferLength, const Name& identityName);


   void

   signWithSha256(Data& data);


   void

   signWithSha256(Interest& interest);


   shared_ptr<IdentityCertificate>

   selfSign(const Name& keyName);


   void

   selfSign(IdentityCertificate& cert);


   void

   deleteCertificate(const Name& certificateName);


   void

   deleteKey(const Name& keyName);


   void

   deleteIdentity(const Name& identity);


   shared_ptr<SecuredBag>

   exportIdentity(const Name& identity, const std::string& passwordStr);


   void

   importIdentity(const SecuredBag& securedBag, const std::string& passwordStr);


   SecPublicInfo&

   getPib()

   {

     return *m_pib;

   }


   const SecPublicInfo&

   getPib() const

   {

     return *m_pib;

   }


   SecTpm&

   getTpm()

   {

     return *m_tpm;

   }


   const SecTpm&

   getTpm() const

   {

     return *m_tpm;

   }


   /*******************************

    *  Wrapper of SecPublicInfo   *

    *******************************/

   bool

   doesIdentityExist(const Name& identityName) const

   {

     return m_pib->doesIdentityExist(identityName);

   }


   void

   addIdentity(const Name& identityName)

   {

     return m_pib->addIdentity(identityName);

   }


   bool

   doesPublicKeyExist(const Name& keyName) const

   {

     return m_pib->doesPublicKeyExist(keyName);

   }


   void

   addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer)

   {

     return m_pib->addKey(keyName, publicKeyDer);

   }


   void

   addKey(const Name& keyName, const PublicKey& publicKeyDer)

   {

     return m_pib->addKey(keyName, publicKeyDer);

   }


   shared_ptr<PublicKey>

   getPublicKey(const Name& keyName) const

   {

     return m_pib->getPublicKey(keyName);

   }


   bool

   doesCertificateExist(const Name& certificateName) const

   {

     return m_pib->doesCertificateExist(certificateName);

   }


   void

   addCertificate(const IdentityCertificate& certificate)

   {

     return m_pib->addCertificate(certificate);

   }


   shared_ptr<IdentityCertificate>

   getCertificate(const Name& certificateName) const

   {

     return m_pib->getCertificate(certificateName);

   }


   Name

   getDefaultIdentity() const

   {

     return m_pib->getDefaultIdentity();

   }


   Name

   getDefaultKeyNameForIdentity(const Name& identityName) const

   {

     return m_pib->getDefaultKeyNameForIdentity(identityName);

   }


   const KeyParams&

   getDefaultKeyParamsForIdentity(const Name& identityName) const;


   Name

   getDefaultCertificateNameForKey(const Name& keyName) const

   {

     return m_pib->getDefaultCertificateNameForKey(keyName);

   }


   void

   getAllIdentities(std::vector<Name>& nameList, bool isDefault) const

   {

     return m_pib->getAllIdentities(nameList, isDefault);

   }


   void

   getAllKeyNames(std::vector<Name>& nameList, bool isDefault) const

   {

     return m_pib->getAllKeyNames(nameList, isDefault);

   }


   void

   getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList, bool isDefault) const

   {

     return m_pib->getAllKeyNamesOfIdentity(identity, nameList, isDefault);

   }


   void

   getAllCertificateNames(std::vector<Name>& nameList, bool isDefault) const

   {

     return m_pib->getAllCertificateNames(nameList, isDefault);

   }


   void

   getAllCertificateNamesOfKey(const Name& keyName,

                               std::vector<Name>& nameList,

                               bool isDefault) const

   {

     return m_pib->getAllCertificateNamesOfKey(keyName, nameList, isDefault);

   }


   void

   deleteCertificateInfo(const Name& certificateName)

   {

     return m_pib->deleteCertificateInfo(certificateName);

   }


   void

   deletePublicKeyInfo(const Name& keyName)

   {

     return m_pib->deletePublicKeyInfo(keyName);

   }


   void

   deleteIdentityInfo(const Name& identity)

   {

     return m_pib->deleteIdentityInfo(identity);

   }


   void

   setDefaultIdentity(const Name& identityName)

   {

     return m_pib->setDefaultIdentity(identityName);

   }


   void

   setDefaultKeyNameForIdentity(const Name& keyName)

   {

     return m_pib->setDefaultKeyNameForIdentity(keyName);

   }


   void

   setDefaultCertificateNameForKey(const Name& certificateName)

   {

     return m_pib->setDefaultCertificateNameForKey(certificateName);

   }


   Name

   getNewKeyName(const Name& identityName, bool useKsk)

   {

     return m_pib->getNewKeyName(identityName, useKsk);

   }


   Name

   getDefaultCertificateNameForIdentity(const Name& identityName) const

   {

     return m_pib->getDefaultCertificateNameForIdentity(identityName);

   }


   Name

   getDefaultCertificateName() const

   {

     return m_pib->getDefaultCertificateName();

   }


   void

   addCertificateAsKeyDefault(const IdentityCertificate& certificate)

   {

     return m_pib->addCertificateAsKeyDefault(certificate);

   }


   void

   addCertificateAsIdentityDefault(const IdentityCertificate& certificate)

   {

     return m_pib->addCertificateAsIdentityDefault(certificate);

   }


   void

   addCertificateAsSystemDefault(const IdentityCertificate& certificate)

   {

     return m_pib->addCertificateAsSystemDefault(certificate);

   }


   shared_ptr<IdentityCertificate>

   getDefaultCertificate() const

   {

     if (!static_cast<bool>(m_pib->getDefaultCertificate()))

       const_cast<KeyChain*>(this)->setDefaultCertificateInternal();


     return m_pib->getDefaultCertificate();

   }


   void

   refreshDefaultCertificate()

   {

     return m_pib->refreshDefaultCertificate();

   }


   /*******************************

    *  Wrapper of SecTpm          *

    *******************************/


   void

   setTpmPassword(const uint8_t* password, size_t passwordLength)

   {

     return m_tpm->setTpmPassword(password, passwordLength);

   }


   void

   resetTpmPassword()

   {

     return m_tpm->resetTpmPassword();

   }


   void

   setInTerminal(bool inTerminal)

   {

     return m_tpm->setInTerminal(inTerminal);

   }


   bool

   getInTerminal() const

   {

     return m_tpm->getInTerminal();

   }


   bool

   isLocked() const

   {

     return m_tpm->isLocked();

   }


   bool

   unlockTpm(const char* password, size_t passwordLength, bool usePassword)

   {

     return m_tpm->unlockTpm(password, passwordLength, usePassword);

   }


   void

   generateKeyPairInTpm(const Name& keyName, const KeyParams& params)

   {

     return m_tpm->generateKeyPairInTpm(keyName, params);

   }


   void

   deleteKeyPairInTpm(const Name& keyName)

   {

     return m_tpm->deleteKeyPairInTpm(keyName);

   }


   shared_ptr<PublicKey>

   getPublicKeyFromTpm(const Name& keyName) const

   {

     return m_tpm->getPublicKeyFromTpm(keyName);

   }


   Block

   signInTpm(const uint8_t* data, size_t dataLength,

             const Name& keyName,

             DigestAlgorithm digestAlgorithm)

   {

     return m_tpm->signInTpm(data, dataLength, keyName, digestAlgorithm);

   }


   ConstBufferPtr

   decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric)

   {

     return m_tpm->decryptInTpm(data, dataLength, keyName, isSymmetric);

   }


   ConstBufferPtr

   encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric)

   {

     return m_tpm->encryptInTpm(data, dataLength, keyName, isSymmetric);

   }


   void

   generateSymmetricKeyInTpm(const Name& keyName, const KeyParams& params)

   {

     return m_tpm->generateSymmetricKeyInTpm(keyName, params);

   }


   bool

   doesKeyExistInTpm(const Name& keyName, KeyClass keyClass) const

   {

     return m_tpm->doesKeyExistInTpm(keyName, keyClass);

   }


   bool

   generateRandomBlock(uint8_t* res, size_t size) const

   {

     return m_tpm->generateRandomBlock(res, size);

   }


   void

   addAppToAcl(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl)

   {

     return m_tpm->addAppToAcl(keyName, keyClass, appPath, acl);

   }


   ConstBufferPtr

   exportPrivateKeyPkcs5FromTpm(const Name& keyName, const std::string& password)

   {

     return m_tpm->exportPrivateKeyPkcs5FromTpm(keyName, password);

   }


   bool

   importPrivateKeyPkcs5IntoTpm(const Name& keyName,

                                const uint8_t* buf, size_t size,

                                const std::string& password)

   {

     return m_tpm->importPrivateKeyPkcs5IntoTpm(keyName, buf, size, password);

   }


 private:

   void

   initialize(const std::string& pibLocatorUri,

              const std::string& tpmLocatorUri,

              bool needReset);


   std::tuple<Name, SignatureInfo>

   prepareSignatureInfo(const SigningInfo& params);


   template<typename T>

   void

   signImpl(T& packet, const SigningInfo& params);


   void

   setDefaultCertificateInternal();


   Name

   generateKeyPair(const Name& identityName, bool isKsk = false,

                   const KeyParams& params = DEFAULT_KEY_PARAMS);


   void

   signPacketWrapper(Data& data, const Signature& signature,

                     const Name& keyName, DigestAlgorithm digestAlgorithm);


   void

   signPacketWrapper(Interest& interest, const Signature& signature,

                     const Name& keyName, DigestAlgorithm digestAlgorithm);


   Block

   pureSign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const;


   static void

   registerPibImpl(const std::string& canonicalName,

                   std::initializer_list<std::string> aliases, PibCreateFunc createFunc);


   static void

   registerTpmImpl(const std::string& canonicalName,

                   std::initializer_list<std::string> aliases, TpmCreateFunc createFunc);


 public:

   static tlv::SignatureTypeValue

   getSignatureType(KeyType keyType, DigestAlgorithm digestAlgorithm);


 public:

   static const Name DEFAULT_PREFIX;

   static const SigningInfo DEFAULT_SIGNING_INFO;


   // RsaKeyParams is set to be default for backward compatibility.

   static const RsaKeyParams DEFAULT_KEY_PARAMS;


   typedef std::map<std::string, Block> SignParams;


 private:

   std::unique_ptr<SecPublicInfo> m_pib;

   std::unique_ptr<SecTpm> m_tpm;

   time::milliseconds m_lastTimestamp;

 };


 template<typename T>

 void

 KeyChain::signImpl(T& packet, const SigningInfo& params)

 {

   Name keyName;

   SignatureInfo sigInfo;

   std::tie(keyName, sigInfo) = prepareSignatureInfo(params);


   signPacketWrapper(packet, Signature(sigInfo),

                     keyName, params.getDigestAlgorithm());

 }


 template<typename T>

 void

 KeyChain::sign(T& packet, const Name& certificateName)

 {

   signImpl(packet, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certificateName));

 }


 template<typename T>

 void

 KeyChain::signByIdentity(T& packet, const Name& identityName)

 {

   signImpl(packet, SigningInfo(SigningInfo::SIGNER_TYPE_ID, identityName));

 }


 template<class PibType>

 inline void

 KeyChain::registerPib(std::initializer_list<std::string> aliases)

 {

   registerPibImpl(*aliases.begin(), aliases, [] (const std::string& locator) {

       return make_unique<PibType>(locator);

     });

 }


 template<class TpmType>

 inline void

 KeyChain::registerTpm(std::initializer_list<std::string> aliases)

 {

   registerTpmImpl(*aliases.begin(), aliases, [] (const std::string& locator) {

       return make_unique<TpmType>(locator);

     });

 }


 #define NDN_CXX_V1_KEYCHAIN_REGISTER_PIB(PibType, ...)     \

 static class NdnCxxAuto ## PibType ## PibRegistrationClass    \

 {                                                             \

 public:                                                       \

   NdnCxxAuto ## PibType ## PibRegistrationClass()             \

   {                                                           \

     ::ndn::security::v1::KeyChain::registerPib<PibType>({__VA_ARGS__});     \

   }                                                           \

 } ndnCxxAuto ## PibType ## PibRegistrationVariable


 #define NDN_CXX_V1_KEYCHAIN_REGISTER_TPM(TpmType, ...)     \

 static class NdnCxxAuto ## TpmType ## TpmRegistrationClass    \

 {                                                             \

 public:                                                       \

   NdnCxxAuto ## TpmType ## TpmRegistrationClass()             \

   {                                                           \

     ::ndn::security::v1::KeyChain::registerTpm<TpmType>({__VA_ARGS__});     \

   }                                                           \

 } ndnCxxAuto ## TpmType ## TpmRegistrationVariable


 } // namespace v1

 } // namespace security

 } // namespace ndn


 #endif // NDN_SECURITY_V1_KEY_CHAIN_HPP

ndn::security::v1::IdentityCertificate
Definition: v1/identity-certificate.hpp:34

ndn::security::v1::KeyChain::isLocked
bool isLocked() const
Definition: v1/key-chain.hpp:696

ndn::security::v1::KeyChain::setInTerminal
void setInTerminal(bool inTerminal)
Definition: v1/key-chain.hpp:684

ndn::security::v1::KeyChain::deleteIdentity
void deleteIdentity(const Name &identity)
delete an identity.
Definition: v1/key-chain.cpp:815

ndn
Copyright (c) 2013-2016 Regents of the University of California.
Definition: common.hpp:74

ndn::security::v1::KeyChain::createTpm
static unique_ptr< SecTpm > createTpm(const std::string &tpmLocator)
Create a TPM according to tpmLocator.
Definition: v1/key-chain.cpp:244

ndn::SignatureInfo
Definition: signature-info.hpp:32

ndn::security::v1::KeyChain::registerTpm
static void registerTpm(std::initializer_list< std::string > aliases)
Register a new TPM.
Definition: v1/key-chain.hpp:925

ndn::security::v1::KeyChain::addKey
void addKey(const Name &keyName, const PublicKey &publicKeyDer)
Definition: v1/key-chain.hpp:491

ndn::security::v1::KeyChain::signInTpm
Block signInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)
Definition: v1/key-chain.hpp:726

ndn::security::v1::KeyChain::getAllCertificateNames
void getAllCertificateNames(std::vector< Name > &nameList, bool isDefault) const
Definition: v1/key-chain.hpp:567

ndn::security::v1::KeyChain::MismatchError::MismatchError
MismatchError(const std::string &what)
Definition: v1/key-chain.hpp:71

ndn::security::v1::KeyChain::createIdentity
Name createIdentity(const Name &identityName, const KeyParams &params=DEFAULT_KEY_PARAMS)
Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed ce...
Definition: v1/key-chain.cpp:293

ndn::security::v1::KeyChain::getSignatureType
static tlv::SignatureTypeValue getSignatureType(KeyType keyType, DigestAlgorithm digestAlgorithm)
Definition: v1/key-chain.cpp:828

ndn::security::v1::KeyChain::doesCertificateExist
bool doesCertificateExist(const Name &certificateName) const
Definition: v1/key-chain.hpp:503

ndn::security::v1::KeyChain::setDefaultKeyNameForIdentity
void setDefaultKeyNameForIdentity(const Name &keyName)
Definition: v1/key-chain.hpp:605

ndn::security::v1::KeyChain::DEFAULT_PREFIX
static const Name DEFAULT_PREFIX
Definition: v1/key-chain.hpp:874

ndn::security::v1::KeyChain::getTpm
const SecTpm & getTpm() const
Definition: v1/key-chain.hpp:458

ndn::security::v1::KeyChain::generateEcKeyPair
Name generateEcKeyPair(const Name &identityName, bool isKsk=false, uint32_t keySize=256)
Generate a pair of EC keys for the specified identity.
Definition: v1/key-chain.cpp:334

std
STL namespace.

ndn::security::v1::KeyChain::Error
Definition: v1/key-chain.hpp:53

ndn::security::v1::KeyChain::encryptInTpm
ConstBufferPtr encryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
Definition: v1/key-chain.hpp:740

ndn::security::v1::KeyChain::getPib
SecPublicInfo & getPib()
Definition: v1/key-chain.hpp:440

ndn::Block
Class representing a wire element of NDN-TLV packet format.
Definition: block.hpp:43

ndn::security::v1::KeyChain::addCertificateAsKeyDefault
void addCertificateAsKeyDefault(const IdentityCertificate &certificate)
Definition: v1/key-chain.hpp:635

ndn::security::v1::KeyChain::sign
void sign(Data &data, const SigningInfo &params=DEFAULT_SIGNING_INFO)
Sign data according to the supplied signing information.
Definition: v1/key-chain.cpp:513

ndn::Interest
represents an Interest packet
Definition: interest.hpp:42

ndn::security::v1::KeyChain::getPublicKey
shared_ptr< PublicKey > getPublicKey(const Name &keyName) const
Definition: v1/key-chain.hpp:497

ndn::security::v1::KeyChain::getDefaultCertificateNameForKey
Name getDefaultCertificateNameForKey(const Name &keyName) const
Definition: v1/key-chain.hpp:543

ndn::security::v1::KeyChain::getInTerminal
bool getInTerminal() const
Definition: v1/key-chain.hpp:690

ndn::security::v1::KeyChain::getAllCertificateNamesOfKey
void getAllCertificateNamesOfKey(const Name &keyName, std::vector< Name > &nameList, bool isDefault) const
Definition: v1/key-chain.hpp:573

ndn::security::v1::KeyChain::generateRandomBlock
bool generateRandomBlock(uint8_t *res, size_t size) const
Definition: v1/key-chain.hpp:758

ndn::security::v1::KeyChain::signByIdentity
void signByIdentity(T &packet, const Name &identityName)
Sign packet using the default certificate of a particular identity.
Definition: v1/key-chain.hpp:909

sec-public-info.hpp

ndn::security::v1::SecuredBag
Definition: secured-bag.hpp:32

ndn::security::SigningInfo
Signing parameters passed to KeyChain.
Definition: signing-info.hpp:40

ndn::security::v1::KeyChain::addCertificateAsIdentityDefault
void addCertificateAsIdentityDefault(const IdentityCertificate &certificate)
Definition: v1/key-chain.hpp:641

ndn::security::v1::KeyChain::exportPrivateKeyPkcs5FromTpm
ConstBufferPtr exportPrivateKeyPkcs5FromTpm(const Name &keyName, const std::string &password)
Definition: v1/key-chain.hpp:770

ndn::security::v1::KeyChain::resetTpmPassword
void resetTpmPassword()
Definition: v1/key-chain.hpp:678

ndn::security::v1::KeyChain::getNewKeyName
Name getNewKeyName(const Name &identityName, bool useKsk)
Definition: v1/key-chain.hpp:617

ndn::security::v1::KeyChain::getDefaultKeyParamsForIdentity
const KeyParams & getDefaultKeyParamsForIdentity(const Name &identityName) const
Get default key parameters for the specified identity.
Definition: v1/key-chain.cpp:653

ndn::security::v1::KeyChain::getDefaultCertificateName
Name getDefaultCertificateName() const
Definition: v1/key-chain.hpp:629

ndn::security::v1::KeyChain::generateRsaKeyPairAsDefault
Name generateRsaKeyPairAsDefault(const Name &identityName, bool isKsk=false, uint32_t keySize=2048)
Generate a pair of RSA keys for the specified identity and set it as default key for the identity...
Definition: v1/key-chain.cpp:341

ndn::KeyType
KeyType
Definition: security-common.hpp:107

ndn::security::v1::KeyChain::addAppToAcl
void addAppToAcl(const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl)
Definition: v1/key-chain.hpp:764

ndn::security::v1::KeyChain::prepareUnsignedIdentityCertificate
shared_ptr< IdentityCertificate > prepareUnsignedIdentityCertificate(const Name &keyName, const Name &signingIdentity, const time::system_clock::TimePoint &notBefore, const time::system_clock::TimePoint &notAfter, const std::vector< CertificateSubjectDescription > &subjectDescription, const Name &certPrefix=DEFAULT_PREFIX)
prepare an unsigned identity certificate
Definition: v1/key-chain.cpp:362

ndn::security::v1::KeyChain::signWithSha256
void signWithSha256(Data &data)
Set Sha256 weak signature for data.
Definition: v1/key-chain.cpp:772

sec-tpm.hpp

ndn::security::v1::KeyChain::exportIdentity
shared_ptr< SecuredBag > exportIdentity(const Name &identity, const std::string &passwordStr)
export an identity.
Definition: v1/key-chain.cpp:599

ndn::security::v1::KeyChain::doesKeyExistInTpm
bool doesKeyExistInTpm(const Name &keyName, KeyClass keyClass) const
Definition: v1/key-chain.hpp:752

ndn::security::v1::KeyChain::deleteIdentityInfo
void deleteIdentityInfo(const Name &identity)
Definition: v1/key-chain.hpp:593

ndn::security::v1::KeyChain::deleteKeyPairInTpm
void deleteKeyPairInTpm(const Name &keyName)
Definition: v1/key-chain.hpp:714

ndn::AclType
AclType
Definition: security-common.hpp:151

ndn::security::v1::KeyChain::setDefaultCertificateNameForKey
void setDefaultCertificateNameForKey(const Name &certificateName)
Definition: v1/key-chain.hpp:611

ndn::security::v1::KeyChain::importIdentity
void importIdentity(const SecuredBag &securedBag, const std::string &passwordStr)
import an identity.
Definition: v1/key-chain.cpp:628

ndn::security::v1::KeyChain::generateRsaKeyPair
Name generateRsaKeyPair(const Name &identityName, bool isKsk=false, uint32_t keySize=2048)
Generate a pair of RSA keys for the specified identity.
Definition: v1/key-chain.cpp:327

ndn::security::v1::KeyChain::addPublicKey
void addPublicKey(const Name &keyName, KeyType keyType, const PublicKey &publicKeyDer)
Definition: v1/key-chain.hpp:485

ndn::security::v1::KeyChain::addCertificate
void addCertificate(const IdentityCertificate &certificate)
Definition: v1/key-chain.hpp:509

ndn::security::v1::SecPublicInfo
SecPublicInfo is a base class for the storage of public information.
Definition: v1/sec-public-info.hpp:40

ndn::security::v1::KeyChain::getPublicKeyFromTpm
shared_ptr< PublicKey > getPublicKeyFromTpm(const Name &keyName) const
Definition: v1/key-chain.hpp:720

ndn::security::v1::KeyChain::setDefaultIdentity
void setDefaultIdentity(const Name &identityName)
Definition: v1/key-chain.hpp:599

ndn::security::v1::KeyChain::setTpmPassword
void setTpmPassword(const uint8_t *password, size_t passwordLength)
Definition: v1/key-chain.hpp:672

ndn::security::v1::KeyChain::SignParams
std::map< std::string, Block > SignParams
Definition: v1/key-chain.hpp:880

ndn::Name
Name abstraction to represent an absolute name.
Definition: name.hpp:46

ndn::security::v1::KeyChain::doesPublicKeyExist
bool doesPublicKeyExist(const Name &keyName) const
Definition: v1/key-chain.hpp:479

ndn::security::SigningInfo::SIGNER_TYPE_CERT
signer is a certificate, use it directly
Definition: signing-info.hpp:61

secured-bag.hpp

ndn::security::v1::KeyChain::unlockTpm
bool unlockTpm(const char *password, size_t passwordLength, bool usePassword)
Definition: v1/key-chain.hpp:702

ndn::security::v1::KeyChain::DEFAULT_KEY_PARAMS
static const RsaKeyParams DEFAULT_KEY_PARAMS
Definition: v1/key-chain.hpp:878

ndn::security::v1::KeyChain::deleteCertificateInfo
void deleteCertificateInfo(const Name &certificateName)
Definition: v1/key-chain.hpp:581

ndn::security::v1::KeyChain::~KeyChain
virtual ~KeyChain()
Definition: v1/key-chain.cpp:163

ndn::time::system_clock::TimePoint
time_point TimePoint
Definition: time.hpp:90

ndn::security::v1::KeyChain::getDefaultPibLocator
static std::string getDefaultPibLocator()
Get default PIB locator.
Definition: v1/key-chain.cpp:181

ndn::KeyClass
KeyClass
Definition: security-common.hpp:117

ndn::security::v1::KeyChain::generateEcKeyPairAsDefault
Name generateEcKeyPairAsDefault(const Name &identityName, bool isKsk=false, uint32_t keySize=256)
Generate a pair of EC keys for the specified identity and set it as default key for the identity...
Definition: v1/key-chain.cpp:351

ndn::security::v1::KeyChain::deleteCertificate
void deleteCertificate(const Name &certificateName)
delete a certificate.
Definition: v1/key-chain.cpp:802

ndn::security::v1::KeyChain::KeyChain
KeyChain()
Constructor to create KeyChain with default PIB and TPM.
Definition: v1/key-chain.cpp:121

ndn::security::v1::KeyChain::getAllIdentities
void getAllIdentities(std::vector< Name > &nameList, bool isDefault) const
Definition: v1/key-chain.hpp:549

ndn::security::v1::SecTpm
SecTpm is the base class of the TPM classes.
Definition: v1/sec-tpm.hpp:43

ndn::security::v1::KeyChain::getDefaultCertificateNameForIdentity
Name getDefaultCertificateNameForIdentity(const Name &identityName) const
Definition: v1/key-chain.hpp:623

ndn::tlv::SignatureTypeValue
SignatureTypeValue
Definition: encoding/tlv.hpp:95

ndn::security::v1::KeyChain
The packet signing interface.
Definition: v1/key-chain.hpp:50

ndn::security::v1::KeyChain::MismatchError
Error thrown when the supplied TPM locator to KeyChain constructor does not match the locator stored ...
Definition: v1/key-chain.hpp:67

ndn::security::v1::KeyChain::getDefaultKeyNameForIdentity
Name getDefaultKeyNameForIdentity(const Name &identityName) const
Definition: v1/key-chain.hpp:527

ndn::security::v1::KeyChain::decryptInTpm
ConstBufferPtr decryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
Definition: v1/key-chain.hpp:734

ndn::security::v1::KeyChain::getPib
const SecPublicInfo & getPib() const
Definition: v1/key-chain.hpp:446

ndn::security::v1::KeyChain::getDefaultIdentity
Name getDefaultIdentity() const
Definition: v1/key-chain.hpp:521

ndn::security::v1::KeyChain::addCertificateAsSystemDefault
void addCertificateAsSystemDefault(const IdentityCertificate &certificate)
Definition: v1/key-chain.hpp:647

ndn::security::v1::KeyChain::getCertificate
shared_ptr< IdentityCertificate > getCertificate(const Name &certificateName) const
Definition: v1/key-chain.hpp:515

ndn::KeyParams
Base class of key parameters.
Definition: key-params.hpp:36

ndn::security::SigningInfo::SIGNER_TYPE_ID
signer is an identity, use its default key and default certificate
Definition: signing-info.hpp:57

ndn::security::v1::KeyChain::Error::Error
Error(const std::string &what)
Definition: v1/key-chain.hpp:57

ndn::security::v1::KeyChain::getTpm
SecTpm & getTpm()
Definition: v1/key-chain.hpp:452

ndn::security::v1::KeyChain::getAllKeyNamesOfIdentity
void getAllKeyNamesOfIdentity(const Name &identity, std::vector< Name > &nameList, bool isDefault) const
Definition: v1/key-chain.hpp:561

ndn::security::v1::KeyChain::DEFAULT_SIGNING_INFO
static const SigningInfo DEFAULT_SIGNING_INFO
Definition: v1/key-chain.hpp:875

ndn::security::v1::KeyChain::doesIdentityExist
bool doesIdentityExist(const Name &identityName) const
Definition: v1/key-chain.hpp:467

ndn::security::v1::KeyChain::selfSign
shared_ptr< IdentityCertificate > selfSign(const Name &keyName)
Generate a self-signed certificate for a public key.
Definition: v1/key-chain.cpp:553

ndn::security::v1::KeyChain::generateKeyPairInTpm
void generateKeyPairInTpm(const Name &keyName, const KeyParams &params)
Definition: v1/key-chain.hpp:708

ndn::security::v1::PublicKey
Definition: v1/public-key.hpp:43

ndn::ConstBufferPtr
shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:33

ndn::security::v1::KeyChain::deleteKey
void deleteKey(const Name &keyName)
delete a key.
Definition: v1/key-chain.cpp:808

ndn::security::v1::KeyChain::getAllKeyNames
void getAllKeyNames(std::vector< Name > &nameList, bool isDefault) const
Definition: v1/key-chain.hpp:555

ndn::security::v1::KeyChain::deletePublicKeyInfo
void deletePublicKeyInfo(const Name &keyName)
Definition: v1/key-chain.hpp:587

ndn::Data
represents a Data packet
Definition: data.hpp:37

ndn::SimplePublicKeyParams
SimplePublicKeyParams is a template for public keys with only one parameter: size.
Definition: key-params.hpp:150

ndn::security::SigningInfo::getDigestAlgorithm
DigestAlgorithm getDigestAlgorithm() const
Definition: signing-info.hpp:208

ndn::security::v1::KeyChain::importPrivateKeyPkcs5IntoTpm
bool importPrivateKeyPkcs5IntoTpm(const Name &keyName, const uint8_t *buf, size_t size, const std::string &password)
Definition: v1/key-chain.hpp:776

ndn::security::v1::KeyChain::TpmCreateFunc
function< unique_ptr< SecTpm >const std::string &)> TpmCreateFunc
Definition: v1/key-chain.hpp:78

ndn::security::v1::KeyChain::PibCreateFunc
function< unique_ptr< SecPublicInfo >const std::string &)> PibCreateFunc
Definition: v1/key-chain.hpp:77

ndn::security::v1::KeyChain::getDefaultCertificate
shared_ptr< IdentityCertificate > getDefaultCertificate() const
Definition: v1/key-chain.hpp:653

ndn::DigestAlgorithm
DigestAlgorithm
Definition: security-common.hpp:127

ndn::security::v1::KeyChain::generateSymmetricKeyInTpm
void generateSymmetricKeyInTpm(const Name &keyName, const KeyParams &params)
Definition: v1/key-chain.hpp:746

security

ndn::security::v1::KeyChain::createPib
static unique_ptr< SecPublicInfo > createPib(const std::string &pibLocator)
Create a PIB according to pibLocator.
Definition: v1/key-chain.cpp:207

ndn::security::v1::KeyChain::getDefaultTpmLocator
static std::string getDefaultTpmLocator()
Get default TPM locator.
Definition: v1/key-chain.cpp:219

ndn::security::v1::KeyChain::registerPib
static void registerPib(std::initializer_list< std::string > aliases)
Register a new PIB.
Definition: v1/key-chain.hpp:916

ndn::Signature
A Signature is storage for the signature-related information (info and value) in a Data packet...
Definition: signature.hpp:33

ndn::security::v1::KeyChain::refreshDefaultCertificate
void refreshDefaultCertificate()
Definition: v1/key-chain.hpp:662

ndn::security::v1::KeyChain::addIdentity
void addIdentity(const Name &identityName)
Definition: v1/key-chain.hpp:473