ndn::security::v1::SecTpmOsx Class Reference

#include <sec-tpm-osx.hpp>

+ Inheritance diagram for ndn::security::v1::SecTpmOsx:
+ Collaboration diagram for ndn::security::v1::SecTpmOsx:

Classes

class  Error
 

Public Member Functions

 SecTpmOsx (const std::string &location="")
 
virtual ~SecTpmOsx ()
 
virtual void addAppToAcl (const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl)
 Add the application into the ACL of a particular key. More...
 
virtual ConstBufferPtr decryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
 Decrypt data. More...
 
virtual void deleteKeyPairInTpm (const Name &keyName)
 Delete a key pair of asymmetric keys. More...
 
virtual bool doesKeyExistInTpm (const Name &keyName, KeyClass keyClass)
 Check if a particular key exists. More...
 
virtual ConstBufferPtr encryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
 Encrypt data. More...
 
ConstBufferPtr exportPrivateKeyPkcs5FromTpm (const Name &keyName, const std::string &password)
 Export a private key in PKCS#5 format. More...
 
virtual void generateKeyPairInTpm (const Name &keyName, const KeyParams &params)
 Generate a pair of asymmetric keys. More...
 
virtual bool generateRandomBlock (uint8_t *res, size_t size)
 Generate a random block. More...
 
virtual void generateSymmetricKeyInTpm (const Name &keyName, const KeyParams &params)
 Generate a symmetric key. More...
 
virtual bool getInTerminal () const
 Get value of inTerminal flag. More...
 
virtual shared_ptr< v1::PublicKeygetPublicKeyFromTpm (const Name &keyName)
 Get a public key. More...
 
std::string getTpmLocator ()
 
bool importPrivateKeyPkcs5IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize, const std::string &password)
 Import a private key in PKCS#5 formatted buffer of size bufferSize. More...
 
virtual bool isLocked ()
 Check if TPM is locked. More...
 
virtual void resetTpmPassword ()
 reset password of TPM More...
 
virtual void setInTerminal (bool inTerminal)
 Set inTerminal flag to inTerminal. More...
 
virtual void setTpmPassword (const uint8_t *password, size_t passwordLength)
 set password of TPM More...
 
virtual Block signInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)
 Sign data. More...
 
virtual bool unlockTpm (const char *password, size_t passwordLength, bool usePassword)
 Unlock the TPM. More...
 

Static Public Attributes

static const std::string SCHEME
 

Protected Member Functions

void deleteKeyPairInTpmInternal (const Name &keyName, bool needRetry)
 
virtual ConstBufferPtr exportPrivateKeyPkcs8FromTpm (const Name &keyName)
 Export a private key in PKCS#8 format. More...
 
ConstBufferPtr exportPrivateKeyPkcs8FromTpmInternal (const Name &keyName, bool needRetry)
 
void generateKeyPairInTpmInternal (const Name &keyName, const KeyParams &params, bool needRetry)
 
virtual bool getImpExpPassWord (std::string &password, const std::string &prompt)
 Get import/export password. More...
 
virtual std::string getScheme ()
 
virtual bool importPrivateKeyPkcs8IntoTpm (const Name &keyName, const uint8_t *buf, size_t size)
 Import a private key from PKCS#8 formatted buffer of size bufferSize. More...
 
bool importPrivateKeyPkcs8IntoTpmInternal (const Name &keyName, const uint8_t *buf, size_t size, bool needRetry)
 
virtual bool importPublicKeyPkcs1IntoTpm (const Name &keyName, const uint8_t *buf, size_t size)
 Import a public key in PKCS#1 formatted buffer of size bufferSize. More...
 
Block signInTpmInternal (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm, bool needRetry)
 

Protected Attributes

std::string m_location
 

Detailed Description

Definition at line 39 of file v1/sec-tpm-osx.hpp.

Constructor & Destructor Documentation

ndn::security::v1::SecTpmOsx::SecTpmOsx ( const std::string &  location = "")
explicit

Definition at line 246 of file sec-tpm-osx.cpp.

ndn::security::v1::SecTpmOsx::~SecTpmOsx ( )
virtual

Definition at line 262 of file sec-tpm-osx.cpp.

Member Function Documentation

void ndn::security::v1::SecTpmOsx::addAppToAcl ( const Name keyName,
KeyClass  keyClass,
const std::string &  appPath,
AclType  acl 
)
virtual

Add the application into the ACL of a particular key.

Parameters
keyNamethe name of key
keyClassthe class of key, e.g. Private Key
appPaththe absolute path to the application
aclthe new acl of the key

Implements ndn::security::v1::SecTpm.

Definition at line 915 of file sec-tpm-osx.cpp.

ConstBufferPtr ndn::security::v1::SecTpmOsx::decryptInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
bool  isSymmetric 
)
virtual

Decrypt data.

Parameters
dataPointer to the byte arry to be decrypted.
dataLengthThe length of data.
keyNameThe name of the decrypting key.
isSymmetricIf true symmetric encryption is used, otherwise asymmetric encryption.
Returns
The decrypted data.
Exceptions
SecTpm::Errorif decryption fails.

Implements ndn::security::v1::SecTpm.

Definition at line 871 of file sec-tpm-osx.cpp.

virtual void ndn::security::v1::SecTpmOsx::deleteKeyPairInTpm ( const Name keyName)
inlinevirtual

Delete a key pair of asymmetric keys.

Parameters
keyNameThe name of the key pair.

Implements ndn::security::v1::SecTpm.

Definition at line 84 of file v1/sec-tpm-osx.hpp.

void ndn::security::v1::SecTpmOsx::deleteKeyPairInTpmInternal ( const Name keyName,
bool  needRetry 
)
protected

Definition at line 442 of file sec-tpm-osx.cpp.

bool ndn::security::v1::SecTpmOsx::doesKeyExistInTpm ( const Name keyName,
KeyClass  keyClass 
)
virtual

Check if a particular key exists.

Parameters
keyNameThe name of the key.
keyClassThe class of the key, e.g. KeyClass::PUBLIC, KeyClass::PRIVATE.
Returns
True if the key exists, otherwise false.

Implements ndn::security::v1::SecTpm.

Definition at line 1001 of file sec-tpm-osx.cpp.

ConstBufferPtr ndn::security::v1::SecTpmOsx::encryptInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
bool  isSymmetric 
)
virtual

Encrypt data.

Parameters
dataPointer to the byte arry to be decrypted.
dataLengthThe length of data.
keyNameThe name of the encrypting key.
isSymmetricIf true symmetric encryption is used, otherwise asymmetric encryption.
Returns
The encrypted data.
Exceptions
SecTpm::Errorif encryption fails.

Implements ndn::security::v1::SecTpm.

Definition at line 961 of file sec-tpm-osx.cpp.

ConstBufferPtr ndn::security::v1::SecTpm::exportPrivateKeyPkcs5FromTpm ( const Name keyName,
const std::string &  password 
)
inherited

Export a private key in PKCS#5 format.

Parameters
keyNameThe private key name
passwordThe password to encrypt the private key
Returns
The private key info (in PKCS8 format) if exist
Exceptions
SecTpm::Errorif private key cannot be exported

Definition at line 51 of file sec-tpm.cpp.

virtual ConstBufferPtr ndn::security::v1::SecTpmOsx::exportPrivateKeyPkcs8FromTpm ( const Name keyName)
inlineprotectedvirtual

Export a private key in PKCS#8 format.

Parameters
keyNameThe private key name.
Returns
The private key info (in PKCS#8 format) if exist, otherwise a NULL pointer.

Implements ndn::security::v1::SecTpm.

Definition at line 123 of file v1/sec-tpm-osx.hpp.

ConstBufferPtr ndn::security::v1::SecTpmOsx::exportPrivateKeyPkcs8FromTpmInternal ( const Name keyName,
bool  needRetry 
)
protected
Todo:
Can this happen because of keychain is locked?

Definition at line 534 of file sec-tpm-osx.cpp.

virtual void ndn::security::v1::SecTpmOsx::generateKeyPairInTpm ( const Name keyName,
const KeyParams params 
)
inlinevirtual

Generate a pair of asymmetric keys.

Parameters
keyNameThe name of the key pair.
paramsThe parameters of key.
Exceptions
SecTpm::Errorif fails.

Implements ndn::security::v1::SecTpm.

Definition at line 78 of file v1/sec-tpm-osx.hpp.

void ndn::security::v1::SecTpmOsx::generateKeyPairInTpmInternal ( const Name keyName,
const KeyParams params,
bool  needRetry 
)
protected

Definition at line 374 of file sec-tpm-osx.cpp.

bool ndn::security::v1::SecTpmOsx::generateRandomBlock ( uint8_t *  res,
size_t  size 
)
virtual

Generate a random block.

Parameters
resThe pointer to the generated block
sizeThe random block size
Returns
true for success, otherwise false

Implements ndn::security::v1::SecTpm.

Definition at line 1032 of file sec-tpm-osx.cpp.

void ndn::security::v1::SecTpmOsx::generateSymmetricKeyInTpm ( const Name keyName,
const KeyParams params 
)
virtual

Generate a symmetric key.

Parameters
keyNameThe name of the key.
paramsThe parameter of the key.
Exceptions
SecTpm::Errorif key generating fails.

Implements ndn::security::v1::SecTpm.

Definition at line 469 of file sec-tpm-osx.cpp.

bool ndn::security::v1::SecTpm::getImpExpPassWord ( std::string &  password,
const std::string &  prompt 
)
protectedvirtualinherited

Get import/export password.

Parameters
passwordOn return, the password.
promptPrompt for password, i.e., "Password for key:"
Returns
true if password has been obtained.

Definition at line 350 of file sec-tpm.cpp.

bool ndn::security::v1::SecTpmOsx::getInTerminal ( ) const
virtual

Get value of inTerminal flag.

Implements ndn::security::v1::SecTpm.

Definition at line 294 of file sec-tpm-osx.cpp.

shared_ptr< PublicKey > ndn::security::v1::SecTpmOsx::getPublicKeyFromTpm ( const Name keyName)
virtual

Get a public key.

Parameters
keyNameThe public key name.
Returns
The public key.
Exceptions
SecTpm::Errorif public key does not exist in TPM.

Implements ndn::security::v1::SecTpm.

Definition at line 504 of file sec-tpm-osx.cpp.

std::string ndn::security::v1::SecTpmOsx::getScheme ( )
protectedvirtual

Implements ndn::security::v1::SecTpm.

Definition at line 528 of file sec-tpm-osx.cpp.

std::string ndn::security::v1::SecTpm::getTpmLocator ( )
inherited

Definition at line 45 of file sec-tpm.cpp.

bool ndn::security::v1::SecTpm::importPrivateKeyPkcs5IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize,
const std::string &  password 
)
inherited

Import a private key in PKCS#5 formatted buffer of size bufferSize.

Also recover the public key and installed it in TPM.

Parameters
keyNameThe private key name
bufferPointer to the first byte of the buffer containing PKCS#5-encoded private key info
bufferSizeSize of the buffer
passwordThe password to encrypt the private key
Returns
false if import fails

Definition at line 168 of file sec-tpm.cpp.

virtual bool ndn::security::v1::SecTpmOsx::importPrivateKeyPkcs8IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize 
)
inlineprotectedvirtual

Import a private key from PKCS#8 formatted buffer of size bufferSize.

Parameters
keyNameThe private key name.
bufferPointer to the first byte of the buffer containing PKCS#8-encoded private key info
bufferSizeSize of the buffer
Returns
false if import fails

Implements ndn::security::v1::SecTpm.

Definition at line 129 of file v1/sec-tpm-osx.hpp.

bool ndn::security::v1::SecTpmOsx::importPrivateKeyPkcs8IntoTpmInternal ( const Name keyName,
const uint8_t *  buf,
size_t  size,
bool  needRetry 
)
protected

Definition at line 633 of file sec-tpm-osx.cpp.

bool ndn::security::v1::SecTpmOsx::importPublicKeyPkcs1IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize 
)
protectedvirtual

Import a public key in PKCS#1 formatted buffer of size bufferSize.

Parameters
keyNameThe public key name
bufferPointer to the first byte of the buffer containing PKCS#1-encoded private key info
bufferSizeSize of the buffer
Returns
false if import fails

Implements ndn::security::v1::SecTpm.

Definition at line 744 of file sec-tpm-osx.cpp.

bool ndn::security::v1::SecTpmOsx::isLocked ( )
virtual

Check if TPM is locked.

Implements ndn::security::v1::SecTpm.

Definition at line 300 of file sec-tpm-osx.cpp.

void ndn::security::v1::SecTpmOsx::resetTpmPassword ( )
virtual

reset password of TPM

Implements ndn::security::v1::SecTpm.

Definition at line 276 of file sec-tpm-osx.cpp.

void ndn::security::v1::SecTpmOsx::setInTerminal ( bool  inTerminal)
virtual

Set inTerminal flag to inTerminal.

If the inTerminal flag is set, and password is not set, TPM may ask for password via terminal. inTerminal flag is set by default.

Implements ndn::security::v1::SecTpm.

Definition at line 284 of file sec-tpm-osx.cpp.

void ndn::security::v1::SecTpmOsx::setTpmPassword ( const uint8_t *  password,
size_t  passwordLength 
)
virtual

set password of TPM

Password is used to unlock TPM when it is locked. You should be cautious when using this method, because remembering password is kind of dangerous.

Parameters
passwordThe password
passwordLengthThe length of password

Implements ndn::security::v1::SecTpm.

Definition at line 267 of file sec-tpm-osx.cpp.

virtual Block ndn::security::v1::SecTpmOsx::signInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)
inlinevirtual

Sign data.

Parameters
dataPointer to the byte array to be signed.
dataLengthThe length of data.
keyNameThe name of the signing key.
digestAlgorithmthe digest algorithm.
Returns
The signature block.
Exceptions
SecTpm::Errorif signing fails.

Implements ndn::security::v1::SecTpm.

Definition at line 93 of file v1/sec-tpm-osx.hpp.

Block ndn::security::v1::SecTpmOsx::signInTpmInternal ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
DigestAlgorithm  digestAlgorithm,
bool  needRetry 
)
protected

Definition at line 791 of file sec-tpm-osx.cpp.

bool ndn::security::v1::SecTpmOsx::unlockTpm ( const char *  password,
size_t  passwordLength,
bool  usePassword 
)
virtual

Unlock the TPM.

Parameters
passwordThe password.
passwordLengthThe password size. 0 indicates no password.
usePasswordTrue if we want to use the supplied password to unlock the TPM.
Returns
true if TPM is unlocked, otherwise false.

Implements ndn::security::v1::SecTpm.

Definition at line 312 of file sec-tpm-osx.cpp.

Member Data Documentation

std::string ndn::security::v1::SecTpm::m_location
protectedinherited

Definition at line 302 of file v1/sec-tpm.hpp.

const std::string ndn::security::v1::SecTpmOsx::SCHEME
static

Definition at line 158 of file v1/sec-tpm-osx.hpp.