TpmBackEnd is an abstract base class for a TPM backend implementation which provides a TpmKeyHandle to the TPM front end.
More...
#include <tpm-back-end.hpp>
|
| bool | hasKey (const Name &keyName) const |
| | Check if the key with name keyName exists in the TPM. More...
|
| |
| ptr_lib::shared_ptr< TpmKeyHandle > | getKeyHandle (const Name &keyName) const |
| | Get the handle of the key with name keyName. More...
|
| |
| ptr_lib::shared_ptr< TpmKeyHandle > | createKey (const Name &identityName, const KeyParams ¶ms) |
| | Create a key for the identityName according to params. More...
|
| |
| void | deleteKey (const Name &keyName) |
| | Delete the key with name keyName. More...
|
| |
| Blob | exportKey (const Name &keyName, const uint8_t *password, size_t passwordLength) |
| | Get the encoded private key with name keyName in PKCS #8 format, possibly password-encrypted. More...
|
| |
| void | importKey (const Name &keyName, const uint8_t *pkcs8, size_t pkcs8Length, const uint8_t *password, size_t passwordLength) |
| | Import an encoded private key with name keyName in PKCS #8 format, possibly password-encrypted. More...
|
| |
| virtual bool | isTerminalMode () const |
| | Check if the TPM is in terminal mode. More...
|
| |
| virtual void | setTerminalMode (bool isTerminal) const |
| | Set the terminal mode of the TPM. More...
|
| |
| virtual bool | isTpmLocked () const |
| | Check if the TPM is locked. More...
|
| |
| virtual bool | unlockTpm (const uint8_t *password, size_t passwordLength) const |
| | Unlock the TPM. More...
|
| |
TpmBackEnd is an abstract base class for a TPM backend implementation which provides a TpmKeyHandle to the TPM front end.
This class defines the interface that an actual TPM backend implementation should provide, for example TpmBackEndMemory.
Create a key for the identityName according to params.
- Parameters
-
| identityName | The name if the identity. |
| params | The KeyParams for creating the key. |
- Returns
- The handle of the created key.
- Exceptions
-
| void ndn::TpmBackEnd::deleteKey |
( |
const Name & |
keyName | ) |
|
|
inline |
Delete the key with name keyName.
If the key doesn't exist, do nothing. Note: Continuing to use existing Key handles on a deleted key results in undefined behavior.
- Parameters
-
| keyName | The name of the key to delete. |
- Exceptions
-
| Blob ndn::TpmBackEnd::exportKey |
( |
const Name & |
keyName, |
|
|
const uint8_t * |
password, |
|
|
size_t |
passwordLength |
|
) |
| |
Get the encoded private key with name keyName in PKCS #8 format, possibly password-encrypted.
- Parameters
-
| keyName | The name of the key in the TPM. |
| password | The password for encrypting the private key. If the password is supplied, use it to return a PKCS #8 EncryptedPrivateKeyInfo. If the password is null, return an unencrypted PKCS #8 PrivateKeyInfo. |
| passwordLength | The length of the password. If password is null, this is ignored. |
- Returns
- The encoded private key.
- Exceptions
-
| TpmBackEnd::Error | if the key does not exist or if the key cannot be exported, e.g., insufficient privileges. |
| ptr_lib::shared_ptr<TpmKeyHandle> ndn::TpmBackEnd::getKeyHandle |
( |
const Name & |
keyName | ) |
const |
|
inline |
Get the handle of the key with name keyName.
Calling getKeyHandle multiple times with the same keyName will return different TpmKeyHandle objects that all refer to the same key.
- Parameters
-
| keyName | The name of the key. |
- Returns
- The handle of the key, or null if the key does not exist.
| bool ndn::TpmBackEnd::hasKey |
( |
const Name & |
keyName | ) |
const |
|
inline |
Check if the key with name keyName exists in the TPM.
- Parameters
-
| keyName | The name of the key. |
- Returns
- True if the key exists.
| void ndn::TpmBackEnd::importKey |
( |
const Name & |
keyName, |
|
|
const uint8_t * |
pkcs8, |
|
|
size_t |
pkcs8Length, |
|
|
const uint8_t * |
password, |
|
|
size_t |
passwordLength |
|
) |
| |
Import an encoded private key with name keyName in PKCS #8 format, possibly password-encrypted.
- Parameters
-
| keyName | The name of the key to use in the TPM. |
| pkcs8 | The input byte array. If the password is supplied, this is a PKCS #8 EncryptedPrivateKeyInfo. If the password is null, this is an unencrypted PKCS #8 PrivateKeyInfo. |
| pkcs8Length | The length of the input byte array. |
| password | The password for decrypting the private key. If the password is supplied, use it to decrypt the PKCS #8 EncryptedPrivateKeyInfo. If the password is null, import an unencrypted PKCS #8 PrivateKeyInfo. |
| passwordLength | The length of the password. If password is null, this is ignored. |
- Exceptions
-
| TpmBackEnd::Error | if a key with name keyName already exists, or for an error importing the key. |
| bool ndn::TpmBackEnd::isTerminalMode |
( |
| ) |
const |
|
virtual |
Check if the TPM is in terminal mode.
The default implementation always returns true.
- Returns
- True if in terminal mode.
| bool ndn::TpmBackEnd::isTpmLocked |
( |
| ) |
const |
|
virtual |
Check if the TPM is locked.
The default implementation returns false.
- Returns
- True if the TPM is locked, otherwise false.
| void ndn::TpmBackEnd::setTerminalMode |
( |
bool |
isTerminal | ) |
const |
|
virtual |
Set the terminal mode of the TPM.
In terminal mode, the TPM will not ask for a password from the GUI. The default implementation does nothing.
- Parameters
-
| isTerminal | True to enable terminal mode. |
| bool ndn::TpmBackEnd::unlockTpm |
( |
const uint8_t * |
password, |
|
|
size_t |
passwordLength |
|
) |
| const |
|
virtual |
Unlock the TPM.
If !isTerminalMode(), prompt for a password from the GUI. The default implementation does nothing and returns !isTpmLocked().
- Parameters
-
| password | The password to unlock TPM. |
| passwordLength | The length of the password. |
- Returns
- True if the TPM was unlocked.
The documentation for this class was generated from the following files:
1.8.6
