28 #include "../../encoding/buffer-stream.hpp"
30 #include <boost/filesystem.hpp>
31 #include <boost/algorithm/string.hpp>
35 #include <sys/types.h>
45 using std::ostringstream;
56 boost::filesystem::path actualDir;
58 #ifdef NDN_CXX_HAVE_TESTS
59 if (getenv(
"TEST_HOME") !=
nullptr) {
60 actualDir = boost::filesystem::path(getenv(
"TEST_HOME")) /
".ndn";
63 #endif // NDN_CXX_HAVE_TESTS
64 if (getenv(
"HOME") !=
nullptr) {
65 actualDir = boost::filesystem::path(getenv(
"HOME")) /
".ndn";
68 actualDir = boost::filesystem::path(
".") /
".ndn";
72 actualDir = boost::filesystem::path(dir);
79 boost::filesystem::path
85 StringSource src(keyName,
88 new Base64Encoder(
new CryptoPP::StringSink(digest))));
91 std::replace(digest.begin(), digest.end(),
'/',
'%');
104 outfile.open(dirFile.c_str(), std::ios_base::app);
105 outfile << keyName <<
' ' << keyFileName <<
'\n';
118 , m_impl(new
Impl(location))
119 , m_inTerminal(false)
130 string keyURI = keyName.
toUri();
133 BOOST_THROW_EXCEPTION(
Error(
"public key exists"));
135 BOOST_THROW_EXCEPTION(
Error(
"private key exists"));
137 string keyFileName = m_impl->maintainMapping(keyURI);
145 AutoSeededRandomPool rng;
146 InvertibleRSAFunction privateKey;
147 privateKey.Initialize(rng, rsaParams.
getKeySize());
149 string privateKeyFileName = keyFileName +
".pri";
150 Base64Encoder privateKeySink(
new FileSink(privateKeyFileName.c_str()));
151 privateKey.DEREncode(privateKeySink);
152 privateKeySink.MessageEnd();
154 RSAFunction publicKey(privateKey);
155 string publicKeyFileName = keyFileName +
".pub";
156 Base64Encoder publicKeySink(
new FileSink(publicKeyFileName.c_str()));
157 publicKey.DEREncode(publicKeySink);
158 publicKeySink.MessageEnd();
161 chmod(privateKeyFileName.c_str(), 0000400);
162 chmod(publicKeyFileName.c_str(), 0000444);
174 curveName = ASN1::secp256r1();
177 curveName = ASN1::secp384r1();
180 curveName = ASN1::secp256r1();
184 AutoSeededRandomPool rng;
186 ECDSA<ECP, SHA256>::PrivateKey privateKey;
187 DL_GroupParameters_EC<ECP> cryptoParams(curveName);
188 cryptoParams.SetEncodeAsOID(
true);
189 privateKey.Initialize(rng, cryptoParams);
191 ECDSA<ECP, SHA256>::PublicKey publicKey;
192 privateKey.MakePublicKey(publicKey);
193 publicKey.AccessGroupParameters().SetEncodeAsOID(
true);
195 string privateKeyFileName = keyFileName +
".pri";
196 Base64Encoder privateKeySink(
new FileSink(privateKeyFileName.c_str()));
197 privateKey.DEREncode(privateKeySink);
198 privateKeySink.MessageEnd();
200 string publicKeyFileName = keyFileName +
".pub";
201 Base64Encoder publicKeySink(
new FileSink(publicKeyFileName.c_str()));
202 publicKey.Save(publicKeySink);
203 publicKeySink.MessageEnd();
206 chmod(privateKeyFileName.c_str(), 0000400);
207 chmod(publicKeyFileName.c_str(), 0000444);
212 BOOST_THROW_EXCEPTION(
Error(
"Unsupported key type"));
216 BOOST_THROW_EXCEPTION(
Error(e.what()));
218 catch (
const CryptoPP::Exception& e) {
219 BOOST_THROW_EXCEPTION(
Error(e.what()));
226 boost::filesystem::path publicKeyPath(m_impl->transformName(keyName.
toUri(),
".pub"));
227 boost::filesystem::path privateKeyPath(m_impl->transformName(keyName.
toUri(),
".pri"));
229 if (boost::filesystem::exists(publicKeyPath))
230 boost::filesystem::remove(publicKeyPath);
232 if (boost::filesystem::exists(privateKeyPath))
233 boost::filesystem::remove(privateKeyPath);
236 shared_ptr<PublicKey>
239 string keyURI = keyName.
toUri();
242 BOOST_THROW_EXCEPTION(
Error(
"Public Key does not exist"));
247 FileSource(m_impl->transformName(keyURI,
".pub").string().c_str(),
249 new Base64Decoder(
new FileSink(os)));
251 catch (
const CryptoPP::Exception& e) {
252 BOOST_THROW_EXCEPTION(
Error(e.what()));
255 return make_shared<PublicKey>(
reinterpret_cast<const uint8_t*
>(os.str().c_str()),
269 CryptoPP::FileSource(m_impl->transformName(keyName.
toUri(),
".pri").
string().c_str(),
true,
270 new CryptoPP::Base64Decoder(
new CryptoPP::FileSink(privateKeyOs)));
272 return privateKeyOs.
buf();
281 string keyFileName = m_impl->maintainMapping(keyName.
toUri());
282 keyFileName.append(
".pri");
283 StringSource(buf, size,
285 new Base64Encoder(
new FileSink(keyFileName.c_str())));
288 catch (
const CryptoPP::Exception& e) {
299 string keyFileName = m_impl->maintainMapping(keyName.
toUri());
300 keyFileName.append(
".pub");
301 StringSource(buf, size,
303 new Base64Encoder(
new FileSink(keyFileName.c_str())));
306 catch (
const CryptoPP::Exception& e) {
315 string keyURI = keyName.
toUri();
318 BOOST_THROW_EXCEPTION(
Error(
"private key doesn't exist"));
322 AutoSeededRandomPool rng;
325 shared_ptr<PublicKey> pubkeyPtr;
328 switch (pubkeyPtr->getKeyType()) {
332 FileSource file(m_impl->transformName(keyURI,
".pri").string().c_str(),
333 true,
new Base64Decoder);
334 file.TransferTo(bytes);
336 RSA::PrivateKey privateKey;
337 privateKey.Load(bytes);
340 switch (digestAlgorithm) {
342 RSASS<PKCS1v15, SHA256>::Signer signer(privateKey);
345 StringSource(data, dataLength,
347 new SignerFilter(rng, signer,
new FileSink(os)));
353 BOOST_THROW_EXCEPTION(
Error(
"Unsupported digest algorithm"));
360 FileSource file(m_impl->transformName(keyURI,
".pri").string().c_str(),
361 true,
new Base64Decoder);
362 file.TransferTo(bytes);
366 switch (digestAlgorithm) {
368 ECDSA<ECP, SHA256>::PrivateKey privateKey;
369 privateKey.Load(bytes);
370 ECDSA<ECP, SHA256>::Signer signer(privateKey);
373 StringSource(data, dataLength,
375 new SignerFilter(rng, signer,
new FileSink(os)));
378 size_t bufSize = DSAConvertSignatureFormat(buf,
sizeof(buf), DSA_DER,
379 os.
buf()->buf(), os.
buf()->size(),
382 shared_ptr<Buffer> sigBuffer = make_shared<Buffer>(buf, bufSize);
388 BOOST_THROW_EXCEPTION(
Error(
"Unsupported digest algorithm"));
393 BOOST_THROW_EXCEPTION(
Error(
"Unsupported key type"));
396 catch (
const CryptoPP::Exception& e) {
397 BOOST_THROW_EXCEPTION(
Error(e.what()));
404 const Name& keyName,
bool isSymmetric)
406 BOOST_THROW_EXCEPTION(
Error(
"SecTpmFile::decryptInTpm is not supported"));
467 const Name& keyName,
bool isSymmetric)
469 BOOST_THROW_EXCEPTION(
Error(
"SecTpmFile::encryptInTpm is not supported"));
530 BOOST_THROW_EXCEPTION(
Error(
"SecTpmFile::generateSymmetricKeyInTpm is not supported"));
565 string keyURI = keyName.
toUri();
567 return boost::filesystem::exists(m_impl->transformName(keyURI,
".pub"));
570 return boost::filesystem::exists(m_impl->transformName(keyURI,
".pri"));
573 return boost::filesystem::exists(m_impl->transformName(keyURI,
".key"));
582 CryptoPP::AutoSeededRandomPool rng;
583 rng.GenerateBlock(res, size);
586 catch (
const CryptoPP::Exception& e) {
Copyright (c) 2013-2016 Regents of the University of California.
boost::filesystem::path m_keystorePath
virtual ConstBufferPtr decryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
Decrypt data.
Copyright (c) 2013-2016 Regents of the University of California.
virtual ConstBufferPtr exportPrivateKeyPkcs8FromTpm(const Name &keyName)
Export a private key in PKCS#8 format.
KeyType getKeyType() const
uint32_t getKeySize() const
virtual void generateSymmetricKeyInTpm(const Name &keyName, const KeyParams ¶ms)
Generate a symmetric key.
virtual shared_ptr< PublicKey > getPublicKeyFromTpm(const Name &keyName)
Get a public key.
Class representing a wire element of NDN-TLV packet format.
virtual Block signInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)
Sign data.
virtual bool importPublicKeyPkcs1IntoTpm(const Name &keyName, const uint8_t *buf, size_t size)
Import a public key in PKCS#1 formatted buffer of size bufferSize.
std::string toUri() const
Encode this name as a URI.
virtual bool importPrivateKeyPkcs8IntoTpm(const Name &keyName, const uint8_t *buf, size_t size)
Import a private key from PKCS#8 formatted buffer of size bufferSize.
virtual bool doesKeyExistInTpm(const Name &keyName, KeyClass keyClass)
Check if a particular key exists.
static const std::string SCHEME
Use the SHA256 hash of the public key as the key id.
Name abstraction to represent an absolute name.
virtual void generateKeyPairInTpm(const Name &keyName, const KeyParams ¶ms)
Generate a pair of asymmetric keys.
virtual bool generateRandomBlock(uint8_t *res, size_t size)
Generate a random block.
shared_ptr< Buffer > buf()
Flush written data to the stream and return shared pointer to the underlying buffer.
virtual ConstBufferPtr encryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
Encrypt data.
SecTpm is the base class of the TPM classes.
virtual std::string getScheme()
SecTpmFile(const std::string &dir="")
Base class of key parameters.
string maintainMapping(const string &keyName)
void trim(std::string &str)
Modify str in place to erase whitespace on the left and right.
virtual void deleteKeyPairInTpm(const Name &keyName)
Delete a key pair of asymmetric keys.
implements an output stream that constructs ndn::Buffer
shared_ptr< const Buffer > ConstBufferPtr
SimplePublicKeyParams is a template for public keys with only one parameter: size.
boost::filesystem::path transformName(const string &keyName, const string &extension)