KeyChain is one of the main classes of the security library. More...
#include <key-chain.hpp>
Public Member Functions | |
| Name | createIdentity (const Name &identityName) |
| Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK. More... | |
| Name | generateRSAKeyPair (const Name &identityName, bool isKsk=false, int keySize=2048) |
| Generate a pair of RSA keys for the specified identity. More... | |
| Name | generateRSAKeyPairAsDefault (const Name &identityName, bool isKsk=false, int keySize=2048) |
| Generate a pair of RSA keys for the specified identity and set it as default key for the identity. More... | |
| shared_ptr< IdentityCertificate > | prepareUnsignedIdentityCertificate (const Name &keyName, const Name &signingIdentity, const time::system_clock::TimePoint ¬Before, const time::system_clock::TimePoint ¬After, const std::vector< CertificateSubjectDescription > &subjectDescription) |
| prepare an unsigned identity certificate More... | |
| template<typename T > | |
| void | sign (T &packet) |
| Sign packet with default identity. More... | |
| template<typename T > | |
| void | sign (T &packet, const Name &certificateName) |
| Sign packet with a particular certificate. More... | |
| Signature | sign (const uint8_t *buffer, size_t bufferLength, const Name &certificateName) |
| Sign the byte array using a particular certificate. More... | |
| template<typename T > | |
| void | signByIdentity (T &packet, const Name &identityName) |
| Sign packet using the default certificate of a particular identity. More... | |
| Signature | signByIdentity (const uint8_t *buffer, size_t bufferLength, const Name &identityName) |
| Sign the byte array using the default certificate of a particular identity. More... | |
| void | signWithSha256 (Data &data) |
| Set Sha256 weak signature. More... | |
| shared_ptr< IdentityCertificate > | selfSign (const Name &keyName) |
| Generate a self-signed certificate for a public key. More... | |
| void | selfSign (IdentityCertificate &cert) |
| Self-sign the supplied identity certificate. More... | |
| void | deleteCertificate (const Name &certificateName) |
| delete a certificate. More... | |
| void | deleteKey (const Name &keyName) |
| delete a key. More... | |
| void | deleteIdentity (const Name &identity) |
| delete an identity. More... | |
| shared_ptr< SecuredBag > | exportIdentity (const Name &identity, const std::string &passwordStr) |
| export an identity. More... | |
| void | importIdentity (const SecuredBag &securedBag, const std::string &passwordStr) |
| import an identity. More... | |
KeyChain is one of the main classes of the security library.
The KeyChain class provides a set of interfaces of identity management and private key related operations.
Definition at line 42 of file key-chain.hpp.
|
inline |
Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK.
| identityName | The name of the identity. |
Definition at line 55 of file key-chain.hpp.
|
inline |
delete a certificate.
If the certificate to be deleted is current default system default, the method will not delete the certificate and return immediately.
| certificateName | The certificate to be deleted. |
Definition at line 426 of file key-chain.hpp.
|
inline |
delete an identity.
If the identity to be deleted is current default system default, the method will not delete the identity and return immediately.
| identity | The identity to be deleted. |
Definition at line 475 of file key-chain.hpp.
|
inline |
delete a key.
If the key to be deleted is current default system default, the method will not delete the key and return immediately.
| keyName | The key to be deleted. |
Definition at line 450 of file key-chain.hpp.
|
inline |
export an identity.
| identity | The identity to export. |
| passwordStr | The password to secure the private key. |
| InfoError | if anything goes wrong in exporting. |
Definition at line 507 of file key-chain.hpp.
|
inline |
Generate a pair of RSA keys for the specified identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 93 of file key-chain.hpp.
|
inline |
Generate a pair of RSA keys for the specified identity and set it as default key for the identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 108 of file key-chain.hpp.
|
inline |
import an identity.
| securedBag | The encoded import data. |
| passwordStr | The password to secure the private key. |
Definition at line 548 of file key-chain.hpp.
|
inline |
prepare an unsigned identity certificate
| keyName | Key name, e.g., /<identity_name>/ksk-123456. |
| signingIdentity | The signing identity. |
| notBefore | Refer to IdentityCertificate. |
| notAfter | Refer to IdentityCertificate. |
| subjectDescription | Refer to IdentityCertificate. |
Definition at line 128 of file key-chain.hpp.
|
inline |
Generate a self-signed certificate for a public key.
| keyName | The name of the public key. |
Definition at line 369 of file key-chain.hpp.
|
inline |
Self-sign the supplied identity certificate.
| cert | The supplied cert. |
| SecTpm::Error | if the private key does not exist. |
Definition at line 404 of file key-chain.hpp.
|
inline |
Sign packet with default identity.
On return, signatureInfo and signatureValue in the packet are set. If default identity does not exist, a temporary identity will be created and set as default.
| packet | The packet to be signed |
Definition at line 208 of file key-chain.hpp.
|
inline |
Sign packet with a particular certificate.
| packet | The packet to be signed. |
| certificateName | The certificate name of the key to use for signing. |
| SecPublicInfo::Error | if certificate does not exist. |
Definition at line 245 of file key-chain.hpp.
|
inline |
Sign the byte array using a particular certificate.
| buffer | The byte array to be signed. |
| bufferLength | the length of buffer. |
| certificateName | The certificate name of the signing key. |
| SecPublicInfo::Error | if certificate does not exist. |
Definition at line 270 of file key-chain.hpp.
|
inline |
Sign packet using the default certificate of a particular identity.
If there is no default certificate of that identity, this method will create a self-signed certificate.
| packet | The packet to be signed. |
| identityName | The signing identity name. |
Definition at line 297 of file key-chain.hpp.
|
inline |
Sign the byte array using the default certificate of a particular identity.
| buffer | The byte array to be signed. |
| bufferLength | the length of buffer. |
| identityName | The identity name. |
Definition at line 325 of file key-chain.hpp.
|
inline |
1.8.5 
