The TPM (Trusted Platform Module) stores the private portion of a user's cryptography keys. More...
#include <tpm.hpp>
Classes | |
| class | Error |
| A Tpm::Error extends runtime_error and represents a semantic error in TPM processing. More... | |
Public Member Functions | |
| std::string | getTpmLocator () const |
| bool | hasKey (const Name &keyName) const |
| Check if the key with name keyName exists in the TPM. More... | |
| Blob | getPublicKey (const Name &keyName) const |
| Get the public portion of an asymmetric key pair with name keyName. More... | |
| Blob | sign (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm) const |
| Compute a digital signature from the byte array using the key with name keyName. More... | |
| Blob | decrypt (const uint8_t *cipherText, size_t cipherTextLength, const Name &keyName) const |
| Return the plain text which is decrypted from cipherText using the key with name keyName. More... | |
| bool | isTerminalMode () const |
| Check if the TPM is in terminal mode. More... | |
| void | setTerminalMode (bool isTerminal) const |
| Set the terminal mode of the TPM. More... | |
| bool | isTpmLocked () const |
| Check if the TPM is locked. More... | |
| bool | unlockTpm (const uint8_t *password, size_t passwordLength) const |
| Unlock the TPM. More... | |
Friends | |
| class | KeyChain |
| class | SafeBag |
The TPM (Trusted Platform Module) stores the private portion of a user's cryptography keys.
The format and location of stored information is indicated by the TPM locator. The TPM is designed to work with a PIB (Public Information Base) which stores public keys and related information such as certificates.
The TPM also provides functionalities of cryptographic transformation, such as signing and decryption.
A TPM consists of a unified front-end interface and a backend implementation. The front-end caches the handles of private keys which are provided by the backend implementation.
Note: A Tpm instance is created and managed only by the KeyChain. It is returned by the KeyChain getTpm() method, through which it is possible to check for the existence of private keys, get public keys for the private keys, sign, and decrypt the supplied buffers using managed private keys.
| Blob ndn::Tpm::decrypt | ( | const uint8_t * | cipherText, |
| size_t | cipherTextLength, | ||
| const Name & | keyName | ||
| ) | const |
Return the plain text which is decrypted from cipherText using the key with name keyName.
| cipherText | The cipher text byte array. |
| cipherTextLength | The length of the cipher text byte array. |
| keyName | The name of the key. |
Get the public portion of an asymmetric key pair with name keyName.
| keyName | The name of the key. |
| bool ndn::Tpm::hasKey | ( | const Name & | keyName | ) | const |
Check if the key with name keyName exists in the TPM.
| keyName | The name of the key. |
| bool ndn::Tpm::isTerminalMode | ( | ) | const |
Check if the TPM is in terminal mode.
| bool ndn::Tpm::isTpmLocked | ( | ) | const |
Check if the TPM is locked.
| void ndn::Tpm::setTerminalMode | ( | bool | isTerminal | ) | const |
Set the terminal mode of the TPM.
In terminal mode, the TPM will not ask for a password from the GUI.
| isTerminal | True to enable terminal mode. |
| Blob ndn::Tpm::sign | ( | const uint8_t * | data, |
| size_t | dataLength, | ||
| const Name & | keyName, | ||
| DigestAlgorithm | digestAlgorithm | ||
| ) | const |
Compute a digital signature from the byte array using the key with name keyName.
| data | The input byte array. |
| dataLength | The length of the byte array. |
| keyName | The name of the key. |
| digestAlgorithm | The digest algorithm for the signature. |
| bool ndn::Tpm::unlockTpm | ( | const uint8_t * | password, |
| size_t | passwordLength | ||
| ) | const |
Unlock the TPM.
If !isTerminalMode(), prompt for a password from the GUI.
| password | The password to unlock TPM. |
| passwordLength | The length of the password. |
1.8.6
