The back-end implementation of a file-based TPM. More...
#include <ndn-cxx/security/tpm/back-end-file.hpp>
Public Member Functions | |
BackEndFile (const std::string &location="") | |
Create file-based TPM backend. More... | |
~BackEndFile () final | |
unique_ptr< KeyHandle > | createKey (const Name &identityName, const KeyParams ¶ms) |
Create a key for identityName according to params . More... | |
void | deleteKey (const Name &keyName) |
Delete the key with name keyName . More... | |
ConstBufferPtr | exportKey (const Name &keyName, const char *pw, size_t pwLen) |
Get the private key with name keyName in encrypted PKCS #8 format. More... | |
unique_ptr< KeyHandle > | getKeyHandle (const Name &keyName) const |
Get the handle of the key with name keyName . More... | |
bool | hasKey (const Name &keyName) const |
Check if the key with name keyName exists in the TPM. More... | |
void | importKey (const Name &keyName, const uint8_t *pkcs8, size_t pkcs8Len, const char *pw, size_t pwLen) |
Import a private key in encrypted PKCS #8 format. More... | |
virtual bool | isTerminalMode () const |
Check if the TPM is in terminal mode. More... | |
virtual bool | isTpmLocked () const |
Check if the TPM is locked. More... | |
virtual void | setTerminalMode (bool isTerminal) const |
Set the terminal mode of the TPM. More... | |
virtual bool | unlockTpm (const char *pw, size_t pwLen) const |
Unlock the TPM. More... | |
Static Public Member Functions | |
static const std::string & | getScheme () |
Static Protected Member Functions | |
static void | setKeyName (KeyHandle &keyHandle, const Name &identity, const KeyParams ¶ms) |
Set the key name in keyHandle according to identity and params . More... | |
The back-end implementation of a file-based TPM.
In this TPM, each private key is stored in a separate file with permission 0400, i.e., owner read-only. The key is stored in PKCS #1 format in base64 encoding.
Definition at line 42 of file back-end-file.hpp.
|
explicit |
Create file-based TPM backend.
location | Directory to store private keys. |
Definition at line 81 of file back-end-file.cpp.
|
finaldefault |
|
inherited |
Create a key for identityName
according to params
.
Tpm::Error | params are invalid. |
Error | The key could not be created. |
Definition at line 51 of file back-end.cpp.
|
inherited |
Delete the key with name keyName
.
Error | The key could not be deleted. |
Definition at line 86 of file back-end.cpp.
|
inherited |
Get the private key with name keyName
in encrypted PKCS #8 format.
keyName | The name of the key. |
pw | The password to encrypt the private key. |
pwLen | The length of the password. |
Error | The key does not exist or cannot be exported. |
Definition at line 92 of file back-end.cpp.
|
inherited |
Get the handle of the key with name keyName
.
Calling this function multiple times with the same keyName
will return different KeyHandle objects that all refer to the same key.
Definition at line 45 of file back-end.cpp.
|
static |
Definition at line 89 of file back-end-file.cpp.
|
inherited |
Check if the key with name keyName
exists in the TPM.
Definition at line 39 of file back-end.cpp.
|
inherited |
Import a private key in encrypted PKCS #8 format.
keyName | The name of the key to use in the TPM. |
pkcs8 | Pointer to the key in encrypted PKCS #8 format. |
pkcs8Len | The size of the key in encrypted PKCS #8 format. |
pw | The password to decrypt the private key. |
pwLen | The length of the password. |
Error | The key could not be imported. |
Definition at line 101 of file back-end.cpp.
|
virtualinherited |
Check if the TPM is in terminal mode.
The default implementation always returns true.
Reimplemented in ndn::security::tpm::BackEndOsx.
Definition at line 142 of file back-end.cpp.
|
virtualinherited |
Check if the TPM is locked.
The default implementation always returns false.
Reimplemented in ndn::security::tpm::BackEndOsx.
Definition at line 153 of file back-end.cpp.
|
staticprotectedinherited |
Set the key name in keyHandle
according to identity
and params
.
Definition at line 110 of file back-end.cpp.
|
virtualinherited |
Set the terminal mode of the TPM.
In terminal mode, the TPM will not ask for a password from the GUI. The default implementation does nothing.
Reimplemented in ndn::security::tpm::BackEndOsx.
Definition at line 148 of file back-end.cpp.
|
virtualinherited |
Unlock the TPM.
The default implementation does nothing and returns !isTpmLocked()
.
pw | The password to unlock the TPM. |
pwLen | The length of the password. |
Reimplemented in ndn::security::tpm::BackEndOsx.
Definition at line 159 of file back-end.cpp.