v2/key-chain.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2017 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #ifndef NDN_SECURITY_V2_KEY_CHAIN_HPP
23 #define NDN_SECURITY_V2_KEY_CHAIN_HPP
24 
25 #include "../security-common.hpp"
26 #include "certificate.hpp"
27 #include "../key-params.hpp"
28 #include "../pib/pib.hpp"
29 #include "../safe-bag.hpp"
30 #include "../signing-info.hpp"
31 #include "../tpm/tpm.hpp"
32 #include "../../interest.hpp"
33 
34 namespace ndn {
35 namespace security {
36 namespace v2 {
37 
46 class KeyChain : noncopyable
47 {
48 public:
49  class Error : public std::runtime_error
50  {
51  public:
52  explicit
53  Error(const std::string& what)
54  : std::runtime_error(what)
55  {
56  }
57  };
58 
62  class LocatorMismatchError : public Error
63  {
64  public:
65  using Error::Error;
66  };
67 
72  {
73  public:
74  using Error::Error;
75  };
76 
87  KeyChain();
88 
99  KeyChain(const std::string& pibLocator, const std::string& tpmLocator, bool allowReset = false);
100 
101  ~KeyChain();
102 
103  const Pib&
104  getPib() const
105  {
106  return *m_pib;
107  }
108 
109  const Tpm&
110  getTpm() const
111  {
112  return *m_tpm;
113  }
114 
115 public: // Identity management
133  Identity
134  createIdentity(const Name& identityName, const KeyParams& params = getDefaultKeyParams());
135 
142  void
143  deleteIdentity(const Identity& identity);
144 
149  void
150  setDefaultIdentity(const Identity& identity);
151 
152 public: // Key management
166  Key
167  createKey(const Identity& identity, const KeyParams& params = getDefaultKeyParams());
168 
177  void
178  deleteKey(const Identity& identity, const Key& key);
179 
187  void
188  setDefaultKey(const Identity& identity, const Key& key);
189 
190 public: // Certificate management
203  void
204  addCertificate(const Key& key, const Certificate& certificate);
205 
214  void
215  deleteCertificate(const Key& key, const Name& certificateName);
216 
226  void
227  setDefaultCertificate(const Key& key, const Certificate& certificate);
228 
229 public: // signing
252  void
253  sign(Data& data, const SigningInfo& params = getDefaultSigningInfo());
254 
278  void
279  sign(Interest& interest, const SigningInfo& params = getDefaultSigningInfo());
280 
294  Block
295  sign(const uint8_t* buffer, size_t bufferLength, const SigningInfo& params = getDefaultSigningInfo());
296 
297 public: // export & import
307  shared_ptr<SafeBag>
308  exportSafeBag(const Certificate& certificate, const char* pw, size_t pwLen);
309 
325  void
326  importSafeBag(const SafeBag& safeBag, const char* pw, size_t pwLen);
327 
333  getSignatureType(KeyType keyType, DigestAlgorithm digestAlgorithm);
334 
335 public: // PIB & TPM backend registry
342  template<class PibBackendType>
343  static void
344  registerPibBackend(const std::string& scheme);
345 
352  template<class TpmBackendType>
353  static void
354  registerTpmBackend(const std::string& scheme);
355 
356 private:
357  typedef std::map<std::string, function<unique_ptr<pib::PibImpl>(const std::string& location)>> PibFactories;
358  typedef std::map<std::string, function<unique_ptr<tpm::BackEnd>(const std::string& location)>> TpmFactories;
359 
360  static PibFactories&
361  getPibFactories();
362 
363  static TpmFactories&
364  getTpmFactories();
365 
366  static std::tuple<std::string/*type*/, std::string/*location*/>
367  parseAndCheckPibLocator(const std::string& pibLocator);
368 
369  static std::tuple<std::string/*type*/, std::string/*location*/>
370  parseAndCheckTpmLocator(const std::string& tpmLocator);
371 
372  static const std::string&
373  getDefaultPibScheme();
374 
375  static const std::string&
376  getDefaultTpmScheme();
377 
381  static unique_ptr<Pib>
382  createPib(const std::string& pibLocator);
383 
387  static unique_ptr<Tpm>
388  createTpm(const std::string& tpmLocator);
389 
391  static const std::string&
392  getDefaultPibLocator();
393 
394  static const std::string&
395  getDefaultTpmLocator();
396 
397 private: // signing
407  selfSign(Key& key);
408 
418  std::tuple<Name, SignatureInfo>
419  prepareSignatureInfo(const SigningInfo& params);
420 
425  Block
426  sign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const;
427 
428 public:
429  static const SigningInfo&
431 
432  static const KeyParams&
434 
435 private:
436  std::unique_ptr<Pib> m_pib;
437  std::unique_ptr<Tpm> m_tpm;
438 
439  static std::string s_defaultPibLocator;
440  static std::string s_defaultTpmLocator;
441 };
442 
443 template<class PibType>
444 inline void
445 KeyChain::registerPibBackend(const std::string& scheme)
446 {
447  getPibFactories().emplace(scheme, [] (const std::string& locator) {
448  return unique_ptr<pib::PibImpl>(new PibType(locator));
449  });
450 }
451 
452 template<class TpmType>
453 inline void
454 KeyChain::registerTpmBackend(const std::string& scheme)
455 {
456  getTpmFactories().emplace(scheme, [] (const std::string& locator) {
457  return unique_ptr<tpm::BackEnd>(new TpmType(locator));
458  });
459 }
460 
469 #define NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND(PibType) \
470 static class NdnCxxAuto ## PibType ## PibRegistrationClass \
471 { \
472 public: \
473  NdnCxxAuto ## PibType ## PibRegistrationClass() \
474  { \
475  ::ndn::security::v2::KeyChain::registerPibBackend<PibType>(PibType::getScheme()); \
476  } \
477 } ndnCxxAuto ## PibType ## PibRegistrationVariable
478 
487 #define NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND(TpmType) \
488 static class NdnCxxAuto ## TpmType ## TpmRegistrationClass \
489 { \
490 public: \
491  NdnCxxAuto ## TpmType ## TpmRegistrationClass() \
492  { \
493  ::ndn::security::v2::KeyChain::registerTpmBackend<TpmType>(TpmType::getScheme()); \
494  } \
495 } ndnCxxAuto ## TpmType ## TpmRegistrationVariable
496 
497 } // namespace v2
498 
499 using v2::KeyChain;
500 
501 } // namespace security
502 
503 using security::v2::KeyChain;
504 
505 } // namespace ndn
506 
507 #endif // NDN_SECURITY_V2_KEY_CHAIN_HPP
void deleteKey(const Identity &identity, const Key &key)
Delete a key key of identity.
Definition: key-chain.cpp:285
Copyright (c) 2013-2017 Regents of the University of California.
Definition: common.hpp:66
The certificate following the certificate format naming convention.
Definition: certificate.hpp:81
The interface of signing key management.
void addCertificate(const Key &key, const Certificate &certificate)
Add a certificate certificate for key.
Definition: key-chain.cpp:314
const Pib & getPib() const
Key createKey(const Identity &identity, const KeyParams &params=getDefaultKeyParams())
Create a key for identity according to params.
Definition: key-chain.cpp:267
#define NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE
Definition: common.hpp:43
KeyChain()
Constructor to create KeyChain with default PIB and TPM.
Definition: key-chain.cpp:164
STL namespace.
Represents a TLV element of NDN packet format.
Definition: block.hpp:42
Error indicating that the supplied TPM locator does not match the locator stored in PIB...
represents an Interest packet
Definition: interest.hpp:42
Signing parameters passed to KeyChain.
void deleteCertificate(const Key &key, const Name &certificateName)
delete a certificate with name certificateName of key.
Definition: key-chain.cpp:328
Identity createIdentity(const Name &identityName, const KeyParams &params=getDefaultKeyParams())
Create an identity identityName.
Definition: key-chain.cpp:221
void importSafeBag(const SafeBag &safeBag, const char *pw, size_t pwLen)
Import a pair of certificate and its corresponding private key encapsulated in a SafeBag.
Definition: key-chain.cpp:366
KeyType
The type of a cryptographic key.
shared_ptr< SafeBag > exportSafeBag(const Certificate &certificate, const char *pw, size_t pwLen)
Export a certificate and its corresponding private key.
Definition: key-chain.cpp:349
void setDefaultCertificate(const Key &key, const Certificate &certificate)
Set cert as the default certificate of key.
Definition: key-chain.cpp:340
void setDefaultIdentity(const Identity &identity)
Set identity as the default identity.
Definition: key-chain.cpp:259
static void registerPibBackend(const std::string &scheme)
Register a new PIB backend.
static const SigningInfo & getDefaultSigningInfo()
Definition: key-chain.cpp:149
static void registerTpmBackend(const std::string &scheme)
Register a new TPM backend.
Error(const std::string &what)
Represents an absolute name.
Definition: name.hpp:42
Error indicating that the supplied SigningInfo is invalid.
void sign(Data &data, const SigningInfo &params=getDefaultSigningInfo())
Sign data according to the supplied signing information.
Definition: key-chain.cpp:430
void deleteIdentity(const Identity &identity)
delete identity.
Definition: key-chain.cpp:245
static const KeyParams & getDefaultKeyParams()
Definition: key-chain.cpp:156
a secured container for sensitive information(certificate, private key)
Definition: safe-bag.hpp:37
void setDefaultKey(const Identity &identity, const Key &key)
Set key as the default key of identity.
Definition: key-chain.cpp:301
Base class of key parameters.
Definition: key-params.hpp:35
const Tpm & getTpm() const
Represents a Data packet.
Definition: data.hpp:35