All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
sec-tpm.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
9 #ifndef NDN_SECURITY_SEC_TPM_HPP
10 #define NDN_SECURITY_SEC_TPM_HPP
11 
12 #include "../common.hpp"
13 #include "security-common.hpp"
14 #include "../name.hpp"
15 #include "../data.hpp"
16 #include "public-key.hpp"
17 
18 namespace ndn {
19 
25 class SecTpm
26 {
27 public:
28  class Error : public std::runtime_error
29  {
30  public:
31  explicit
32  Error(const std::string& what)
33  : std::runtime_error(what)
34  {
35  }
36  };
37 
38  virtual
39  ~SecTpm() {}
40 
51  virtual void
52  setTpmPassword(const uint8_t* password, size_t passwordLength) = 0;
53 
57  virtual void
58  resetTpmPassword() = 0;
59 
68  virtual void
69  setInTerminal(bool inTerminal) = 0;
70 
76  virtual bool
77  getInTerminal() = 0;
78 
84  virtual bool
85  locked() = 0;
86 
95  virtual bool
96  unlockTpm(const char* password, size_t passwordLength, bool usePassword) = 0;
97 
106  virtual void
107  generateKeyPairInTpm(const Name& keyName, KeyType keyType, int keySize) = 0;
108 
114  virtual void
115  deleteKeyPairInTpm(const Name& keyName) = 0;
116 
124  virtual shared_ptr<PublicKey>
125  getPublicKeyFromTpm(const Name& keyName) = 0;
126 
137  virtual Block
138  signInTpm(const uint8_t* data, size_t dataLength,
139  const Name& keyName,
140  DigestAlgorithm digestAlgorithm) = 0;
141 
152  virtual ConstBufferPtr
153  decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric) = 0;
154 
165  virtual ConstBufferPtr
166  encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric) = 0;
167 
176  virtual void
177  generateSymmetricKeyInTpm(const Name& keyName, KeyType keyType, int keySize) = 0;
178 
186  virtual bool
187  doesKeyExistInTpm(const Name& keyName, KeyClass keyClass) = 0;
188 
196  virtual bool
197  generateRandomBlock(uint8_t* res, size_t size) = 0;
198 
207  virtual void
208  addAppToACL(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl) = 0;
209 
218  ConstBufferPtr
219  exportPrivateKeyPkcs5FromTpm(const Name& keyName, const std::string& password);
220 
231  bool
232  importPrivateKeyPkcs5IntoTpm(const Name& keyName,
233  const uint8_t* buf, size_t size,
234  const std::string& password);
235 
236 protected:
243  virtual ConstBufferPtr
244  exportPrivateKeyPkcs8FromTpm(const Name& keyName) = 0;
245 
253  virtual bool
254  importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size) = 0;
255 
263  virtual bool
264  importPublicKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size) = 0;
265 
266 
274  inline virtual bool
275  getImpExpPassWord(std::string& password, const std::string& prompt);
276 };
277 
278 inline bool
279 SecTpm::getImpExpPassWord(std::string& password, const std::string& prompt)
280 {
281  int result = false;
282 
283  char* pw0 = NULL;
284 
285  pw0 = getpass(prompt.c_str());
286  if (!pw0)
287  return false;
288  std::string password1 = pw0;
289  memset(pw0, 0, strlen(pw0));
290 
291  pw0 = getpass("Confirm:");
292  if (!pw0)
293  {
294  char* pw1 = const_cast<char*>(password1.c_str());
295  memset(pw1, 0, password1.size());
296  return false;
297  }
298 
299  if (!password1.compare(pw0))
300  {
301  result = true;
302  password.swap(password1);
303  }
304 
305  char* pw1 = const_cast<char*>(password1.c_str());
306  memset(pw1, 0, password1.size());
307  memset(pw0, 0, strlen(pw0));
308 
309  if (password.empty())
310  return false;
311 
312  return result;
313 }
314 
315 } // namespace ndn
316 
317 #endif //NDN_SECURITY_SEC_TPM_HPP
ndn::SecTpm::exportPrivateKeyPkcs8FromTpm
virtual ConstBufferPtr exportPrivateKeyPkcs8FromTpm(const Name &keyName)=0
Export a private key in PKCS#8 format.
ndn::SecTpm::~SecTpm
virtual ~SecTpm()
Definition: sec-tpm.hpp:39
ndn::SecTpm::addAppToACL
virtual void addAppToACL(const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl)=0
Add the application into the ACL of a particular key.
ndn::SecTpm::importPrivateKeyPkcs8IntoTpm
virtual bool importPrivateKeyPkcs8IntoTpm(const Name &keyName, const uint8_t *buf, size_t size)=0
Import a private key in PKCS#8 format.
ndn::SecTpm::Error::Error
Error(const std::string &what)
Definition: sec-tpm.hpp:32
ndn::SecTpm::importPublicKeyPkcs1IntoTpm
virtual bool importPublicKeyPkcs1IntoTpm(const Name &keyName, const uint8_t *buf, size_t size)=0
Import a public key in PKCS#1 format.
ndn::Block
Class representing wire element of the NDN packet.
Definition: block.hpp:26
ndn::SecTpm::getInTerminal
virtual bool getInTerminal()=0
get inTerminal flag
ndn::ConstBufferPtr
ptr_lib::shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:17
ndn::SecTpm::setTpmPassword
virtual void setTpmPassword(const uint8_t *password, size_t passwordLength)=0
set password of TPM
ndn::SecTpm::generateRandomBlock
virtual bool generateRandomBlock(uint8_t *res, size_t size)=0
Generate a random block.
ndn::SecTpm::encryptInTpm
virtual ConstBufferPtr encryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)=0
Encrypt data.
ndn::SecTpm::locked
virtual bool locked()=0
check if TPM is locked.
ndn::SecTpm::doesKeyExistInTpm
virtual bool doesKeyExistInTpm(const Name &keyName, KeyClass keyClass)=0
Check if a particular key exists.
ndn::SecTpm::exportPrivateKeyPkcs5FromTpm
ConstBufferPtr exportPrivateKeyPkcs5FromTpm(const Name &keyName, const std::string &password)
Export a private key in PKCS#5 format.
Definition: sec-tpm.cpp:17
ndn::SecTpm::resetTpmPassword
virtual void resetTpmPassword()=0
reset password of TPM
ndn::SecTpm::generateSymmetricKeyInTpm
virtual void generateSymmetricKeyInTpm(const Name &keyName, KeyType keyType, int keySize)=0
Generate a symmetric key.
ndn::SecTpm::getPublicKeyFromTpm
virtual shared_ptr< PublicKey > getPublicKeyFromTpm(const Name &keyName)=0
Get a public key.
ndn::SecTpm
SecTpm is the base class of the TPM classes.
Definition: sec-tpm.hpp:25
ndn::SecTpm::importPrivateKeyPkcs5IntoTpm
bool importPrivateKeyPkcs5IntoTpm(const Name &keyName, const uint8_t *buf, size_t size, const std::string &password)
Import a private key in PKCS#5 format.
Definition: sec-tpm.cpp:139
ndn::SecTpm::deleteKeyPairInTpm
virtual void deleteKeyPairInTpm(const Name &keyName)=0
Delete a key pair of asymmetric keys.
ndn::Name
A Name holds an array of Name::Component and represents an NDN name.
Definition: name.hpp:26
ndn::SecTpm::getImpExpPassWord
virtual bool getImpExpPassWord(std::string &password, const std::string &prompt)
Get import/export password.
Definition: sec-tpm.hpp:279
ndn::SecTpm::decryptInTpm
virtual ConstBufferPtr decryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)=0
Decrypt data.
ndn::SecTpm::signInTpm
virtual Block signInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)=0
Sign data.
ndn::SecTpm::unlockTpm
virtual bool unlockTpm(const char *password, size_t passwordLength, bool usePassword)=0
Unlock the TPM.
ndn::SecTpm::setInTerminal
virtual void setInTerminal(bool inTerminal)=0
set inTerminal flag
ndn::SecTpm::generateKeyPairInTpm
virtual void generateKeyPairInTpm(const Name &keyName, KeyType keyType, int keySize)=0
Generate a pair of asymmetric keys.