dd/db5/back-end_8cpp_source.html

 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */

 #include "back-end.hpp"

 #include "key-handle.hpp"

 #include "tpm.hpp"

 #include "../transform.hpp"

 #include "../../encoding/buffer-stream.hpp"

 #include "../../util/random.hpp"

 #include "../pib/key.hpp"


 namespace ndn {

 namespace security {

 namespace tpm {


 BackEnd::~BackEnd() = default;


 bool

 BackEnd::hasKey(const Name& keyName) const

 {

   return doHasKey(keyName);

 }


 unique_ptr<KeyHandle>

 BackEnd::getKeyHandle(const Name& keyName) const

 {

   return doGetKeyHandle(keyName);

 }


 unique_ptr<KeyHandle>

 BackEnd::createKey(const Name& identity, const KeyParams& params)

 {

   // key name checking

   switch (params.getKeyIdType()) {

     case KeyIdType::USER_SPECIFIED: { // keyId is pre-set.

       Name keyName = v2::constructKeyName(identity, params.getKeyId());

       if (hasKey(keyName)) {

         BOOST_THROW_EXCEPTION(Tpm::Error("Key `" + keyName.toUri() + "` already exists"));

       }

       break;

     }

     case KeyIdType::SHA256: {

       // KeyName will be assigned in setKeyName after key is generated

       break;

     }

     case KeyIdType::RANDOM: {

       Name keyName;

       name::Component keyId;

       do {

         keyId = name::Component::fromNumber(random::generateSecureWord64());

         keyName = v2::constructKeyName(identity, keyId);

       } while (hasKey(keyName));


       const_cast<KeyParams&>(params).setKeyId(keyId);

       break;

     }

     default: {

       BOOST_THROW_EXCEPTION(Error("Unsupported key id type"));

     }

   }


   return doCreateKey(identity, params);

 }


 void

 BackEnd::deleteKey(const Name& keyName)

 {

   doDeleteKey(keyName);

 }


 ConstBufferPtr

 BackEnd::exportKey(const Name& keyName, const char* pw, size_t pwLen)

 {

   if (!hasKey(keyName)) {

     BOOST_THROW_EXCEPTION(Error("Key `" + keyName.toUri() + "` does not exist"));

   }

   return doExportKey(keyName, pw, pwLen);

 }


 void

 BackEnd::importKey(const Name& keyName, const uint8_t* pkcs8, size_t pkcs8Len, const char* pw, size_t pwLen)

 {

   if (hasKey(keyName)) {

     BOOST_THROW_EXCEPTION(Error("Key `" + keyName.toUri() + "` already exists"));

   }

   doImportKey(keyName, pkcs8, pkcs8Len, pw, pwLen);

 }


 void

 BackEnd::setKeyName(KeyHandle& keyHandle, const Name& identity, const KeyParams& params)

 {

   name::Component keyId;

   switch (params.getKeyIdType()) {

     case KeyIdType::USER_SPECIFIED:

       keyId = params.getKeyId();

       break;

     case KeyIdType::SHA256: {

       using namespace transform;


       OBufferStream os;

       bufferSource(*keyHandle.derivePublicKey()) >> digestFilter() >> streamSink(os);

       keyId = name::Component(os.buf());

       break;

     }

     case KeyIdType::RANDOM: {

       BOOST_ASSERT(!params.getKeyId().empty());

       keyId = params.getKeyId();

       break;

     }

     default: {

       BOOST_ASSERT(false);

     }

   }


   keyHandle.setKeyName(v2::constructKeyName(identity, keyId));

 }


 bool

 BackEnd::isTerminalMode() const

 {

   return true;

 }


 void

 BackEnd::setTerminalMode(bool isTerminal) const

 {

 }


 bool

 BackEnd::isTpmLocked() const

 {

   return false;

 }


 bool

 BackEnd::unlockTpm(const char* pw, size_t pwLen) const

 {

   return !isTpmLocked();

 }


 } // namespace tpm

 } // namespace security

 } // namespace ndn

ndn::security::tpm::KeyHandle::setKeyName
void setKeyName(const Name &keyName)
Definition: key-handle.cpp:49

ndn::name::Component::fromNumber
static Component fromNumber(uint64_t number)
Create a component encoded as nonNegativeInteger.
Definition: name-component.cpp:291

key-handle.hpp

ndn
Copyright (c) 2013-2016 Regents of the University of California.
Definition: common.hpp:74

ndn::security::tpm::KeyHandle::derivePublicKey
ConstBufferPtr derivePublicKey() const
Definition: key-handle.cpp:43

ndn::security::tpm::BackEnd::createKey
unique_ptr< KeyHandle > createKey(const Name &identity, const KeyParams &params)
Create key for identity according to params.
Definition: back-end.cpp:49

ndn::random::generateSecureWord64
uint64_t generateSecureWord64()
Generate a cryptographically secure random integer from the range [0, 2^64)
Definition: random.cpp:39

ndn::security::tpm::BackEnd::~BackEnd
virtual ~BackEnd()

ndn::security::tpm::BackEnd::setTerminalMode
virtual void setTerminalMode(bool isTerminal) const
Set the terminal mode of TPM.
Definition: back-end.cpp:143

ndn::security::tpm::BackEnd::importKey
void importKey(const Name &keyName, const uint8_t *pkcs8, size_t pkcs8Len, const char *pw, size_t pwLen)
Import a private key in encrypted PKCS #8 format.
Definition: back-end.cpp:99

back-end.hpp

ndn::security::tpm::BackEnd::Error
Definition: back-end.hpp:44

ndn::security::tpm::BackEnd::deleteKey
void deleteKey(const Name &keyName)
Delete a key with name keyName.
Definition: back-end.cpp:84

ndn::security::tpm::KeyHandle
Abstraction of TPM key handle.
Definition: key-handle.hpp:38

ndn::security::tpm::BackEnd::isTpmLocked
virtual bool isTpmLocked() const
Definition: back-end.cpp:148

ndn::Name::toUri
std::string toUri() const
Encode this name as a URI.
Definition: name.cpp:171

ndn::security::tpm::BackEnd::exportKey
ConstBufferPtr exportKey(const Name &keyName, const char *pw, size_t pwLen)
Definition: back-end.cpp:90

ndn::security::tpm::BackEnd::isTerminalMode
virtual bool isTerminalMode() const
Check if TPM is in terminal mode.
Definition: back-end.cpp:137

ndn::security::tpm::BackEnd::hasKey
bool hasKey(const Name &keyName) const
Definition: back-end.cpp:37

ndn::security::transform::streamSink
unique_ptr< Sink > streamSink(std::ostream &os)
Definition: stream-sink.cpp:51

ndn::security::transform::bufferSource
BufferSource bufferSource
Definition: buffer-source.hpp:73

ndn::security::transform::digestFilter
unique_ptr< Transform > digestFilter(DigestAlgorithm algo)
Definition: digest-filter.cpp:104

ndn::KeyIdType::SHA256
Use the SHA256 hash of the public key as the key id.

ndn::Name
Name abstraction to represent an absolute name.
Definition: name.hpp:46

transform

ndn::security::tpm::BackEnd::setKeyName
static void setKeyName(KeyHandle &keyHandle, const Name &identity, const KeyParams &params)
Set the key name in keyHandle according to identity and params.
Definition: back-end.cpp:108

ndn::security::tpm::BackEnd::unlockTpm
virtual bool unlockTpm(const char *pw, size_t pwLen) const
Unlock TPM.
Definition: back-end.cpp:154

ndn::KeyParams::getKeyIdType
KeyIdType getKeyIdType() const
Definition: key-params.hpp:59

ndn::security::tpm::BackEnd::getKeyHandle
unique_ptr< KeyHandle > getKeyHandle(const Name &keyName) const
Definition: back-end.cpp:43

tpm.hpp

ndn::name::Component
Component holds a read-only name component value.
Definition: name-component.hpp:47

ndn::OBufferStream::buf
shared_ptr< Buffer > buf()
Flush written data to the stream and return shared pointer to the underlying buffer.
Definition: buffer-stream.cpp:54

ndn::security::v2::constructKeyName
Name constructKeyName(const Name &identity, const name::Component &keyId)
Construct key name based on the appropriate naming conventions.
Definition: key.cpp:131

ndn::KeyIdType::RANDOM
Use a 64-bit random number as the key id.

ndn::name::Component::empty
bool empty() const
Definition: name-component.hpp:495

ndn::KeyParams
Base class of key parameters.
Definition: key-params.hpp:36

ndn::OBufferStream
implements an output stream that constructs ndn::Buffer
Definition: buffer-stream.hpp:70

ndn::KeyIdType::USER_SPECIFIED
User-specified key ID.

ndn::ConstBufferPtr
shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:33

ndn::KeyParams::getKeyId
const name::Component & getKeyId() const
Definition: key-params.hpp:71

security

ndn::security::tpm::Tpm::Error
Definition: tpm.hpp:67