tpm.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
22 #include "tpm.hpp"
23 #include "back-end.hpp"
24 #include "../../encoding/buffer-stream.hpp"
25 
26 namespace ndn {
27 namespace security {
28 namespace tpm {
29 
30 Tpm::Tpm(const std::string& scheme, const std::string& location, unique_ptr<BackEnd> backEnd)
31  : m_scheme(scheme)
32  , m_location(location)
33  , m_backEnd(std::move(backEnd))
34 {
35 }
36 
37 Tpm::~Tpm() = default;
38 
39 std::string
40 Tpm::getTpmLocator() const
41 {
42  return m_scheme + ":" + m_location;
43 }
44 
45 bool
46 Tpm::hasKey(const Name& keyName) const
47 {
48  return m_backEnd->hasKey(keyName);
49 }
50 
51 Name
52 Tpm::createKey(const Name& identityName, const KeyParams& params)
53 {
54  switch (params.getKeyType()) {
55  case KeyType::RSA:
56  case KeyType::EC: {
57  unique_ptr<KeyHandle> keyHandle = m_backEnd->createKey(identityName, params);
58  Name keyName = keyHandle->getKeyName();
59  m_keys[keyName] = std::move(keyHandle);
60  return keyName;
61  }
62  default: {
63  BOOST_THROW_EXCEPTION(Error("Fail to create a key pair: Unsupported key type"));
64  }
65  }
66 }
67 
68 void
69 Tpm::deleteKey(const Name& keyName)
70 {
71  auto it = m_keys.find(keyName);
72  if (it != m_keys.end())
73  m_keys.erase(it);
74 
75  m_backEnd->deleteKey(keyName);
76 }
77 
78 ConstBufferPtr
79 Tpm::getPublicKey(const Name& keyName) const
80 {
81  const KeyHandle* key = findKey(keyName);
82 
83  if (key == nullptr)
84  return nullptr;
85  else
86  return key->derivePublicKey();
87 }
88 
89 ConstBufferPtr
90 Tpm::sign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const
91 {
92  const KeyHandle* key = findKey(keyName);
93 
94  if (key == nullptr)
95  return nullptr;
96  else
97  return key->sign(digestAlgorithm, buf, size);
98 }
99 
100 ConstBufferPtr
101 Tpm::decrypt(const uint8_t* buf, size_t size, const Name& keyName) const
102 {
103  const KeyHandle* key = findKey(keyName);
104 
105  if (key == nullptr)
106  return nullptr;
107  else
108  return key->decrypt(buf, size);
109 }
110 
111 bool
112 Tpm::isTerminalMode() const
113 {
114  return m_backEnd->isTerminalMode();
115 }
116 
117 void
118 Tpm::setTerminalMode(bool isTerminal) const
119 {
120  m_backEnd->setTerminalMode(isTerminal);
121 }
122 
123 bool
124 Tpm::isTpmLocked() const
125 {
126  return m_backEnd->isTpmLocked();
127 }
128 
129 bool
130 Tpm::unlockTpm(const char* password, size_t passwordLength) const
131 {
132  return m_backEnd->unlockTpm(password, passwordLength);
133 }
134 
135 ConstBufferPtr
136 Tpm::exportPrivateKey(const Name& keyName, const char* pw, size_t pwLen) const
137 {
138  return m_backEnd->exportKey(keyName, pw, pwLen);
139 }
140 
141 bool
142 Tpm::importPrivateKey(const Name& keyName, const uint8_t* pkcs8, size_t pkcs8Len,
143  const char* pw, size_t pwLen)
144 {
145  try {
146  m_backEnd->importKey(keyName, pkcs8, pkcs8Len, pw, pwLen);
147  }
148  catch (const BackEnd::Error&) {
149  return false;
150  }
151  return true;
152 }
153 
154 const KeyHandle*
155 Tpm::findKey(const Name& keyName) const
156 {
157  auto it = m_keys.find(keyName);
158 
159  if (it != m_keys.end())
160  return it->second.get();
161 
162  unique_ptr<KeyHandle> handle = m_backEnd->getKeyHandle(keyName);
163 
164  if (handle != nullptr) {
165  KeyHandle* key = handle.get();
166  m_keys[keyName] = std::move(handle);
167  return key;
168  }
169 
170  return nullptr;
171 }
172 
173 } // namespace tpm
174 } // namespace security
175 } // namespace ndn
ndn
Copyright (c) 2013-2017 Regents of the University of California.
Definition: common.hpp:66
ndn::security::tpm::KeyHandle::derivePublicKey
ConstBufferPtr derivePublicKey() const
Definition: key-handle.cpp:43
ndn::KeyParams::getKeyType
KeyType getKeyType() const
Definition: key-params.hpp:52
ndn::security::tpm::KeyHandle::sign
ConstBufferPtr sign(DigestAlgorithm digestAlgorithm, const uint8_t *buf, size_t size) const
Definition: key-handle.cpp:31
ndn::KeyType::RSA
RSA key, supports sign/verify and encrypt/decrypt operations.
ndn::security::tpm::KeyHandle
Abstraction of TPM key handle.
Definition: key-handle.hpp:38
std
STL namespace.
ndn::KeyType::EC
Elliptic Curve key (e.g. for ECDSA), supports sign/verify operations.
ndn::Name
Represents an absolute name.
Definition: name.hpp:42
ndn::KeyParams
Base class of key parameters.
Definition: key-params.hpp:35
ndn::security::tpm::KeyHandle::decrypt
ConstBufferPtr decrypt(const uint8_t *cipherText, size_t cipherTextLen) const
Definition: key-handle.cpp:37
ndn::ConstBufferPtr
shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:89