Public Member Functions | Static Public Member Functions | Static Protected Member Functions | List of all members
ndn::security::tpm::BackEndFile Class Referencefinal

The back-end implementation of a file-based TPM. More...

#include <ndn-cxx/security/tpm/back-end-file.hpp>

+ Inheritance diagram for ndn::security::tpm::BackEndFile:
+ Collaboration diagram for ndn::security::tpm::BackEndFile:

Public Member Functions

 BackEndFile (const std::string &location="")
 Create file-based TPM backend. More...
 
 ~BackEndFile () final
 
unique_ptr< KeyHandlecreateKey (const Name &identityName, const KeyParams &params)
 Create a key for identityName according to params. More...
 
void deleteKey (const Name &keyName)
 Delete the key with name keyName. More...
 
ConstBufferPtr exportKey (const Name &keyName, const char *pw, size_t pwLen)
 Get the private key with name keyName in encrypted PKCS #8 format. More...
 
unique_ptr< KeyHandlegetKeyHandle (const Name &keyName) const
 Get the handle of the key with name keyName. More...
 
bool hasKey (const Name &keyName) const
 Check if the key with name keyName exists in the TPM. More...
 
void importKey (const Name &keyName, const uint8_t *pkcs8, size_t pkcs8Len, const char *pw, size_t pwLen)
 Import a private key in encrypted PKCS #8 format. More...
 
virtual bool isTerminalMode () const
 Check if the TPM is in terminal mode. More...
 
virtual bool isTpmLocked () const
 Check if the TPM is locked. More...
 
virtual void setTerminalMode (bool isTerminal) const
 Set the terminal mode of the TPM. More...
 
virtual bool unlockTpm (const char *pw, size_t pwLen) const
 Unlock the TPM. More...
 

Static Public Member Functions

static const std::string & getScheme ()
 

Static Protected Member Functions

static void setKeyName (KeyHandle &keyHandle, const Name &identity, const KeyParams &params)
 Set the key name in keyHandle according to identity and params. More...
 

Detailed Description

The back-end implementation of a file-based TPM.

In this TPM, each private key is stored in a separate file with permission 0400, i.e., owner read-only. The key is stored in PKCS #1 format in base64 encoding.

Definition at line 42 of file back-end-file.hpp.

Constructor & Destructor Documentation

ndn::security::tpm::BackEndFile::BackEndFile ( const std::string &  location = "")
explicit

Create file-based TPM backend.

Parameters
locationDirectory to store private keys.

Definition at line 81 of file back-end-file.cpp.

ndn::security::tpm::BackEndFile::~BackEndFile ( )
finaldefault

Member Function Documentation

unique_ptr< KeyHandle > ndn::security::tpm::BackEnd::createKey ( const Name identityName,
const KeyParams params 
)
inherited

Create a key for identityName according to params.

Returns
The handle of the created key.
Exceptions
Tpm::Errorparams are invalid.
ErrorThe key could not be created.

Definition at line 51 of file back-end.cpp.

void ndn::security::tpm::BackEnd::deleteKey ( const Name keyName)
inherited

Delete the key with name keyName.

Warning
Continuing to use existing KeyHandle objects for a deleted key results in undefined behavior.
Exceptions
ErrorThe key could not be deleted.

Definition at line 86 of file back-end.cpp.

ConstBufferPtr ndn::security::tpm::BackEnd::exportKey ( const Name keyName,
const char *  pw,
size_t  pwLen 
)
inherited

Get the private key with name keyName in encrypted PKCS #8 format.

Parameters
keyNameThe name of the key.
pwThe password to encrypt the private key.
pwLenThe length of the password.
Returns
The encoded private key.
Exceptions
ErrorThe key does not exist or cannot be exported.

Definition at line 92 of file back-end.cpp.

unique_ptr< KeyHandle > ndn::security::tpm::BackEnd::getKeyHandle ( const Name keyName) const
inherited

Get the handle of the key with name keyName.

Calling this function multiple times with the same keyName will return different KeyHandle objects that all refer to the same key.

Returns
The handle of the key, or nullptr if the key does not exist.

Definition at line 45 of file back-end.cpp.

const std::string & ndn::security::tpm::BackEndFile::getScheme ( )
static

Definition at line 89 of file back-end-file.cpp.

bool ndn::security::tpm::BackEnd::hasKey ( const Name keyName) const
inherited

Check if the key with name keyName exists in the TPM.

Returns
True if the key exists, false otherwise.

Definition at line 39 of file back-end.cpp.

void ndn::security::tpm::BackEnd::importKey ( const Name keyName,
const uint8_t *  pkcs8,
size_t  pkcs8Len,
const char *  pw,
size_t  pwLen 
)
inherited

Import a private key in encrypted PKCS #8 format.

Parameters
keyNameThe name of the key to use in the TPM.
pkcs8Pointer to the key in encrypted PKCS #8 format.
pkcs8LenThe size of the key in encrypted PKCS #8 format.
pwThe password to decrypt the private key.
pwLenThe length of the password.
Exceptions
ErrorThe key could not be imported.

Definition at line 101 of file back-end.cpp.

bool ndn::security::tpm::BackEnd::isTerminalMode ( ) const
virtualinherited

Check if the TPM is in terminal mode.

The default implementation always returns true.

Returns
True if in terminal mode, false otherwise.

Reimplemented in ndn::security::tpm::BackEndOsx.

Definition at line 142 of file back-end.cpp.

bool ndn::security::tpm::BackEnd::isTpmLocked ( ) const
virtualinherited

Check if the TPM is locked.

The default implementation always returns false.

Returns
True if locked, false otherwise.

Reimplemented in ndn::security::tpm::BackEndOsx.

Definition at line 153 of file back-end.cpp.

void ndn::security::tpm::BackEnd::setKeyName ( KeyHandle keyHandle,
const Name identity,
const KeyParams params 
)
staticprotectedinherited

Set the key name in keyHandle according to identity and params.

Definition at line 110 of file back-end.cpp.

void ndn::security::tpm::BackEnd::setTerminalMode ( bool  isTerminal) const
virtualinherited

Set the terminal mode of the TPM.

In terminal mode, the TPM will not ask for a password from the GUI. The default implementation does nothing.

Reimplemented in ndn::security::tpm::BackEndOsx.

Definition at line 148 of file back-end.cpp.

bool ndn::security::tpm::BackEnd::unlockTpm ( const char *  pw,
size_t  pwLen 
) const
virtualinherited

Unlock the TPM.

The default implementation does nothing and returns !isTpmLocked().

Parameters
pwThe password to unlock the TPM.
pwLenThe length of the password.
Returns
True if the TPM was unlocked.

Reimplemented in ndn::security::tpm::BackEndOsx.

Definition at line 159 of file back-end.cpp.