tpm.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2019 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #include "ndn-cxx/security/tpm/tpm.hpp"
23 #include "ndn-cxx/security/tpm/back-end.hpp"
24 #include "ndn-cxx/encoding/buffer-stream.hpp"
25 
26 #include <boost/lexical_cast.hpp>
27 
28 namespace ndn {
29 namespace security {
30 namespace tpm {
31 
32 Tpm::Tpm(const std::string& scheme, const std::string& location, unique_ptr<BackEnd> backEnd)
33  : m_scheme(scheme)
34  , m_location(location)
35  , m_backEnd(std::move(backEnd))
36 {
37 }
38 
39 Tpm::~Tpm() = default;
40 
41 std::string
42 Tpm::getTpmLocator() const
43 {
44  return m_scheme + ":" + m_location;
45 }
46 
47 bool
48 Tpm::hasKey(const Name& keyName) const
49 {
50  return m_backEnd->hasKey(keyName);
51 }
52 
53 Name
54 Tpm::createKey(const Name& identityName, const KeyParams& params)
55 {
56  switch (params.getKeyType()) {
57  case KeyType::RSA:
58  case KeyType::EC: {
59  unique_ptr<KeyHandle> keyHandle = m_backEnd->createKey(identityName, params);
60  Name keyName = keyHandle->getKeyName();
61  m_keys[keyName] = std::move(keyHandle);
62  return keyName;
63  }
64  default: {
65  NDN_THROW(Error("Failed to create key pair: Unsupported key type " +
66  boost::lexical_cast<std::string>(params.getKeyType())));
67  }
68  }
69 }
70 
71 void
72 Tpm::deleteKey(const Name& keyName)
73 {
74  auto it = m_keys.find(keyName);
75  if (it != m_keys.end())
76  m_keys.erase(it);
77 
78  m_backEnd->deleteKey(keyName);
79 }
80 
81 ConstBufferPtr
82 Tpm::getPublicKey(const Name& keyName) const
83 {
84  const KeyHandle* key = findKey(keyName);
85 
86  if (key == nullptr)
87  return nullptr;
88  else
89  return key->derivePublicKey();
90 }
91 
92 ConstBufferPtr
93 Tpm::sign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const
94 {
95  const KeyHandle* key = findKey(keyName);
96 
97  if (key == nullptr)
98  return nullptr;
99  else
100  return key->sign(digestAlgorithm, buf, size);
101 }
102 
103 ConstBufferPtr
104 Tpm::decrypt(const uint8_t* buf, size_t size, const Name& keyName) const
105 {
106  const KeyHandle* key = findKey(keyName);
107 
108  if (key == nullptr)
109  return nullptr;
110  else
111  return key->decrypt(buf, size);
112 }
113 
114 bool
115 Tpm::isTerminalMode() const
116 {
117  return m_backEnd->isTerminalMode();
118 }
119 
120 void
121 Tpm::setTerminalMode(bool isTerminal) const
122 {
123  m_backEnd->setTerminalMode(isTerminal);
124 }
125 
126 bool
127 Tpm::isTpmLocked() const
128 {
129  return m_backEnd->isTpmLocked();
130 }
131 
132 bool
133 Tpm::unlockTpm(const char* password, size_t passwordLength) const
134 {
135  return m_backEnd->unlockTpm(password, passwordLength);
136 }
137 
138 ConstBufferPtr
139 Tpm::exportPrivateKey(const Name& keyName, const char* pw, size_t pwLen) const
140 {
141  return m_backEnd->exportKey(keyName, pw, pwLen);
142 }
143 
144 void
145 Tpm::importPrivateKey(const Name& keyName, const uint8_t* pkcs8, size_t pkcs8Len,
146  const char* pw, size_t pwLen)
147 {
148  m_backEnd->importKey(keyName, pkcs8, pkcs8Len, pw, pwLen);
149 }
150 
151 const KeyHandle*
152 Tpm::findKey(const Name& keyName) const
153 {
154  auto it = m_keys.find(keyName);
155  if (it != m_keys.end())
156  return it->second.get();
157 
158  auto handle = m_backEnd->getKeyHandle(keyName);
159  if (handle == nullptr)
160  return nullptr;
161 
162  const KeyHandle* key = handle.get();
163  m_keys[keyName] = std::move(handle);
164  return key;
165 }
166 
167 } // namespace tpm
168 } // namespace security
169 } // namespace ndn
ndn
Definition: data.cpp:26
ndn::security::tpm::Tpm::getTpmLocator
std::string getTpmLocator() const
Definition: tpm.cpp:42
ndn::security::tpm::KeyHandle::derivePublicKey
ConstBufferPtr derivePublicKey() const
Definition: key-handle.cpp:43
ndn::KeyParams::getKeyType
KeyType getKeyType() const
Definition: key-params.hpp:48
nonstd::optional_lite::std11::move
T & move(T &t)
Definition: optional.hpp:421
ndn::security::tpm::KeyHandle::sign
ConstBufferPtr sign(DigestAlgorithm digestAlgorithm, const uint8_t *buf, size_t size) const
Definition: key-handle.cpp:31
ndn::KeyType::RSA
RSA key, supports sign/verify and encrypt/decrypt operations.
ndn::security::tpm::KeyHandle
Abstraction of TPM key handle.
Definition: key-handle.hpp:37
std
STL namespace.
ndn::security::tpm::Tpm::sign
ConstBufferPtr sign(const uint8_t *buf, size_t size, const Name &keyName, DigestAlgorithm digestAlgorithm) const
Sign blob using the key with name keyName and using the digest digestAlgorithm.
Definition: tpm.cpp:93
NDN_THROW
#define NDN_THROW(e)
Definition: exception.hpp:61
ndn::security::tpm::Tpm::isTerminalMode
bool isTerminalMode() const
Check if the TPM is in terminal mode.
Definition: tpm.cpp:115
ndn::security::tpm::Tpm::hasKey
bool hasKey(const Name &keyName) const
Check if a private key exists.
Definition: tpm.cpp:48
ndn::security::tpm::Tpm::isTpmLocked
bool isTpmLocked() const
Definition: tpm.cpp:127
ndn::security::tpm::Tpm::unlockTpm
bool unlockTpm(const char *password, size_t passwordLength) const
Unlock the TPM.
Definition: tpm.cpp:133
ndn::KeyType::EC
Elliptic Curve key (e.g. for ECDSA), supports sign/verify operations.
ndn::Name
Represents an absolute name.
Definition: name.hpp:43
ndn::security::tpm::Tpm::getPublicKey
ConstBufferPtr getPublicKey(const Name &keyName) const
Definition: tpm.cpp:82
ndn::security::tpm::Tpm::setTerminalMode
void setTerminalMode(bool isTerminal) const
Set the terminal mode of the TPM.
Definition: tpm.cpp:121
ndn::security::tpm::Tpm::decrypt
ConstBufferPtr decrypt(const uint8_t *buf, size_t size, const Name &keyName) const
Decrypt blob using the key with name keyName.
Definition: tpm.cpp:104
ndn::KeyParams
Base class of key parameters.
Definition: key-params.hpp:35
ndn::security::tpm::KeyHandle::decrypt
ConstBufferPtr decrypt(const uint8_t *cipherText, size_t cipherTextLen) const
Definition: key-handle.cpp:37
ndn::ConstBufferPtr
shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:126