new FilePrivateKeyStorage(nonDefaultTpmPath)
FilePrivateKeyStorage works with NFD's default private key storage, the files
stored in .ndn/ndnsec-tpm-file. This library will not be available from the
browser
Parameters:
| Name | Type | Description |
|---|---|---|
nonDefaultTpmPath |
string | if desired, override the default TPM path (i.e. .ndn/ndnsec-tpm-file) |
Methods
(static) encodePkcs8PrivateKey(privateKeyDer, oid, parameters) → {Blob}
Encode the private key to a PKCS #8 private key. We do this explicitly here
to avoid linking to extra OpenSSL libraries.
Parameters:
| Name | Type | Description |
|---|---|---|
privateKeyDer |
Buffer | The input private key DER. |
oid |
OID | The OID of the privateKey. |
parameters |
DerNode | The DerNode of the parameters for the OID. |
Returns:
The PKCS #8 private key DER.
- Type
- Blob
(static) getUserHomePath() → {string}
Retrieve the user's current home directory
Returns:
path to the user's home directory
- Type
- string
deleteKey(keyName)
Delete all keys with this name. If the key doesn't exist, do nothing.
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of the key pair. |
deleteKeyPair(keyName)
Delete a pair of asymmetric keys. If the key doesn't exist, do nothing.
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of the key pair. |
doesKeyExist(keyName, keyClass) → {boolean}
Check if a particular key exists.
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of the key. |
keyClass |
number | The class of the key, e.g. KeyClass.PUBLIC, KeyClass.PRIVATE, or KeyClass.SYMMETRIC. |
Returns:
True if the key exists, otherwise false.
- Type
- boolean
generateKeyPair(keyName, params)
Generate a pair of asymmetric keys; only currently supports RSA
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of the key pair. |
params |
KeyParams | (optional) The parameters of the key. |
getPrivateKey(keyName, keyType) → {string}
A private method to get the private key.
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of private key. |
keyType |
Array.<KeyType> | Set keyType[0] to the KeyType. |
Returns:
The PEM-encoded private key for use by the crypto module.
- Type
- string
getPublicKey(keyName) → {PublicKey}
Get the public key
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | The name of public key. |
Returns:
The public key.
- Type
- PublicKey
read(keyName, keyClass) → {Buffer}
Read from a key file
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
||
keyClass |
[PUBLIC, PRIVATE, SYMMETRIC] |
Throws:
Error if the file cannot be read from
Returns:
key bytes
- Type
- Buffer
sign(data, keyName, digestAlgorithm, onComplete) → {Blob}
Fetch the private key for keyName and sign the data to produce a signature Blob.
Parameters:
| Name | Type | Description |
|---|---|---|
data |
Buffer | Pointer to the input byte array. |
keyName |
Name | The name of the signing key. |
digestAlgorithm |
number | (optional) The digest algorithm from DigestAlgorithm, such as DigestAlgorithm.SHA256. If omitted, use DigestAlgorithm.SHA256. |
onComplete |
function | (optional) This calls onComplete(signature) with the signature Blob. If omitted, the return value is the signature Blob. (Some crypto libraries only use a callback, so onComplete is required to use these.) |
Returns:
If onComplete is omitted, return the signature Blob. Otherwise,
return null and use onComplete as described above.
- Type
- Blob
transformName(keyName, keyClass)
Transform the key name into a file name
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | |
keyClass |
KeyClass |
write(keyName, keyClass, bytes)
Write to a key file
Parameters:
| Name | Type | Description |
|---|---|---|
keyName |
Name | |
keyClass |
KeyClass | [PUBLIC, PRIVATE, SYMMETRIC] |
bytes |
Buffer |
Throws:
Error if the file cannot be written to