ndn::security::v1::SecTpm Class Referenceabstract

SecTpm is the base class of the TPM classes. More...

#include <sec-tpm.hpp>

+ Inheritance diagram for ndn::security::v1::SecTpm:
+ Collaboration diagram for ndn::security::v1::SecTpm:

Classes

class  Error
 

Public Member Functions

 SecTpm (const std::string &location)
 
virtual ~SecTpm ()
 
virtual void addAppToAcl (const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl)=0
 Add the application into the ACL of a particular key. More...
 
virtual ConstBufferPtr decryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)=0
 Decrypt data. More...
 
virtual void deleteKeyPairInTpm (const Name &keyName)=0
 Delete a key pair of asymmetric keys. More...
 
virtual bool doesKeyExistInTpm (const Name &keyName, KeyClass keyClass)=0
 Check if a particular key exists. More...
 
virtual ConstBufferPtr encryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)=0
 Encrypt data. More...
 
ConstBufferPtr exportPrivateKeyPkcs5FromTpm (const Name &keyName, const std::string &password)
 Export a private key in PKCS#5 format. More...
 
virtual void generateKeyPairInTpm (const Name &keyName, const KeyParams &params)=0
 Generate a pair of asymmetric keys. More...
 
virtual bool generateRandomBlock (uint8_t *res, size_t size)=0
 Generate a random block. More...
 
virtual void generateSymmetricKeyInTpm (const Name &keyName, const KeyParams &params)=0
 Generate a symmetric key. More...
 
virtual bool getInTerminal () const =0
 Get value of inTerminal flag. More...
 
virtual shared_ptr< v1::PublicKeygetPublicKeyFromTpm (const Name &keyName)=0
 Get a public key. More...
 
std::string getTpmLocator ()
 
bool importPrivateKeyPkcs5IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize, const std::string &password)
 Import a private key in PKCS#5 formatted buffer of size bufferSize. More...
 
virtual bool isLocked ()=0
 Check if TPM is locked. More...
 
virtual void resetTpmPassword ()=0
 reset password of TPM More...
 
virtual void setInTerminal (bool inTerminal)=0
 Set inTerminal flag to inTerminal. More...
 
virtual void setTpmPassword (const uint8_t *password, size_t passwordLength)=0
 set password of TPM More...
 
virtual Block signInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)=0
 Sign data. More...
 
virtual bool unlockTpm (const char *password, size_t passwordLength, bool usePassword)=0
 Unlock the TPM. More...
 

Protected Member Functions

virtual ConstBufferPtr exportPrivateKeyPkcs8FromTpm (const Name &keyName)=0
 Export a private key in PKCS#8 format. More...
 
virtual bool getImpExpPassWord (std::string &password, const std::string &prompt)
 Get import/export password. More...
 
virtual std::string getScheme ()=0
 
virtual bool importPrivateKeyPkcs8IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize)=0
 Import a private key from PKCS#8 formatted buffer of size bufferSize. More...
 
virtual bool importPublicKeyPkcs1IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize)=0
 Import a public key in PKCS#1 formatted buffer of size bufferSize. More...
 

Protected Attributes

std::string m_location
 

Detailed Description

SecTpm is the base class of the TPM classes.

It specifies the interfaces of private/secret key related operations.

Definition at line 43 of file v1/sec-tpm.hpp.

Constructor & Destructor Documentation

ndn::security::v1::SecTpm::SecTpm ( const std::string &  location)
explicit

Definition at line 35 of file sec-tpm.cpp.

ndn::security::v1::SecTpm::~SecTpm ( )
virtual

Definition at line 40 of file sec-tpm.cpp.

Member Function Documentation

virtual void ndn::security::v1::SecTpm::addAppToAcl ( const Name keyName,
KeyClass  keyClass,
const std::string &  appPath,
AclType  acl 
)
pure virtual

Add the application into the ACL of a particular key.

Parameters
keyNamethe name of key
keyClassthe class of key, e.g. Private Key
appPaththe absolute path to the application
aclthe new acl of the key

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual ConstBufferPtr ndn::security::v1::SecTpm::decryptInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
bool  isSymmetric 
)
pure virtual

Decrypt data.

Parameters
dataPointer to the byte arry to be decrypted.
dataLengthThe length of data.
keyNameThe name of the decrypting key.
isSymmetricIf true symmetric encryption is used, otherwise asymmetric encryption.
Returns
The decrypted data.
Exceptions
SecTpm::Errorif decryption fails.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual void ndn::security::v1::SecTpm::deleteKeyPairInTpm ( const Name keyName)
pure virtual

Delete a key pair of asymmetric keys.

Parameters
keyNameThe name of the key pair.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual bool ndn::security::v1::SecTpm::doesKeyExistInTpm ( const Name keyName,
KeyClass  keyClass 
)
pure virtual

Check if a particular key exists.

Parameters
keyNameThe name of the key.
keyClassThe class of the key, e.g. KeyClass::PUBLIC, KeyClass::PRIVATE.
Returns
True if the key exists, otherwise false.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual ConstBufferPtr ndn::security::v1::SecTpm::encryptInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
bool  isSymmetric 
)
pure virtual

Encrypt data.

Parameters
dataPointer to the byte arry to be decrypted.
dataLengthThe length of data.
keyNameThe name of the encrypting key.
isSymmetricIf true symmetric encryption is used, otherwise asymmetric encryption.
Returns
The encrypted data.
Exceptions
SecTpm::Errorif encryption fails.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

ConstBufferPtr ndn::security::v1::SecTpm::exportPrivateKeyPkcs5FromTpm ( const Name keyName,
const std::string &  password 
)

Export a private key in PKCS#5 format.

Parameters
keyNameThe private key name
passwordThe password to encrypt the private key
Returns
The private key info (in PKCS8 format) if exist
Exceptions
SecTpm::Errorif private key cannot be exported

Definition at line 51 of file sec-tpm.cpp.

virtual ConstBufferPtr ndn::security::v1::SecTpm::exportPrivateKeyPkcs8FromTpm ( const Name keyName)
protectedpure virtual

Export a private key in PKCS#8 format.

Parameters
keyNameThe private key name.
Returns
The private key info (in PKCS#8 format) if exist, otherwise a NULL pointer.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual void ndn::security::v1::SecTpm::generateKeyPairInTpm ( const Name keyName,
const KeyParams params 
)
pure virtual

Generate a pair of asymmetric keys.

Parameters
keyNameThe name of the key pair.
paramsThe parameters of key.
Exceptions
SecTpm::Errorif fails.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual bool ndn::security::v1::SecTpm::generateRandomBlock ( uint8_t *  res,
size_t  size 
)
pure virtual

Generate a random block.

Parameters
resThe pointer to the generated block
sizeThe random block size
Returns
true for success, otherwise false

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual void ndn::security::v1::SecTpm::generateSymmetricKeyInTpm ( const Name keyName,
const KeyParams params 
)
pure virtual

Generate a symmetric key.

Parameters
keyNameThe name of the key.
paramsThe parameter of the key.
Exceptions
SecTpm::Errorif key generating fails.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

bool ndn::security::v1::SecTpm::getImpExpPassWord ( std::string &  password,
const std::string &  prompt 
)
protectedvirtual

Get import/export password.

Parameters
passwordOn return, the password.
promptPrompt for password, i.e., "Password for key:"
Returns
true if password has been obtained.

Definition at line 350 of file sec-tpm.cpp.

virtual bool ndn::security::v1::SecTpm::getInTerminal ( ) const
pure virtual

Get value of inTerminal flag.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual shared_ptr<v1::PublicKey> ndn::security::v1::SecTpm::getPublicKeyFromTpm ( const Name keyName)
pure virtual

Get a public key.

Parameters
keyNameThe public key name.
Returns
The public key.
Exceptions
SecTpm::Errorif public key does not exist in TPM.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual std::string ndn::security::v1::SecTpm::getScheme ( )
protectedpure virtual
std::string ndn::security::v1::SecTpm::getTpmLocator ( )

Definition at line 45 of file sec-tpm.cpp.

bool ndn::security::v1::SecTpm::importPrivateKeyPkcs5IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize,
const std::string &  password 
)

Import a private key in PKCS#5 formatted buffer of size bufferSize.

Also recover the public key and installed it in TPM.

Parameters
keyNameThe private key name
bufferPointer to the first byte of the buffer containing PKCS#5-encoded private key info
bufferSizeSize of the buffer
passwordThe password to encrypt the private key
Returns
false if import fails

Definition at line 168 of file sec-tpm.cpp.

virtual bool ndn::security::v1::SecTpm::importPrivateKeyPkcs8IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize 
)
protectedpure virtual

Import a private key from PKCS#8 formatted buffer of size bufferSize.

Parameters
keyNameThe private key name.
bufferPointer to the first byte of the buffer containing PKCS#8-encoded private key info
bufferSizeSize of the buffer
Returns
false if import fails

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual bool ndn::security::v1::SecTpm::importPublicKeyPkcs1IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize 
)
protectedpure virtual

Import a public key in PKCS#1 formatted buffer of size bufferSize.

Parameters
keyNameThe public key name
bufferPointer to the first byte of the buffer containing PKCS#1-encoded private key info
bufferSizeSize of the buffer
Returns
false if import fails

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual bool ndn::security::v1::SecTpm::isLocked ( )
pure virtual

Check if TPM is locked.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual void ndn::security::v1::SecTpm::resetTpmPassword ( )
pure virtual

reset password of TPM

Implemented in ndn::security::v1::SecTpmOsx, and ndn::security::v1::SecTpmFile.

virtual void ndn::security::v1::SecTpm::setInTerminal ( bool  inTerminal)
pure virtual

Set inTerminal flag to inTerminal.

If the inTerminal flag is set, and password is not set, TPM may ask for password via terminal. inTerminal flag is set by default.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual void ndn::security::v1::SecTpm::setTpmPassword ( const uint8_t *  password,
size_t  passwordLength 
)
pure virtual

set password of TPM

Password is used to unlock TPM when it is locked. You should be cautious when using this method, because remembering password is kind of dangerous.

Parameters
passwordThe password
passwordLengthThe length of password

Implemented in ndn::security::v1::SecTpmOsx, and ndn::security::v1::SecTpmFile.

virtual Block ndn::security::v1::SecTpm::signInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)
pure virtual

Sign data.

Parameters
dataPointer to the byte array to be signed.
dataLengthThe length of data.
keyNameThe name of the signing key.
digestAlgorithmthe digest algorithm.
Returns
The signature block.
Exceptions
SecTpm::Errorif signing fails.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

virtual bool ndn::security::v1::SecTpm::unlockTpm ( const char *  password,
size_t  passwordLength,
bool  usePassword 
)
pure virtual

Unlock the TPM.

Parameters
passwordThe password.
passwordLengthThe password size. 0 indicates no password.
usePasswordTrue if we want to use the supplied password to unlock the TPM.
Returns
true if TPM is unlocked, otherwise false.

Implemented in ndn::security::v1::SecTpmFile, and ndn::security::v1::SecTpmOsx.

Member Data Documentation

std::string ndn::security::v1::SecTpm::m_location
protected

Definition at line 302 of file v1/sec-tpm.hpp.