26 #include <boost/lexical_cast.hpp> 32 Tpm::Tpm(
const std::string& scheme,
const std::string& location, unique_ptr<BackEnd> backEnd)
34 , m_location(location)
35 , m_backEnd(
std::move(backEnd))
44 return m_scheme +
":" + m_location;
50 return m_backEnd->hasKey(keyName);
54 Tpm::createKey(
const Name& identityName,
const KeyParams& params)
56 auto keyHandle = m_backEnd->createKey(identityName, params);
57 auto keyName = keyHandle->getKeyName();
58 m_keys[keyName] = std::move(keyHandle);
63 Tpm::deleteKey(
const Name& keyName)
65 auto it = m_keys.find(keyName);
66 if (it != m_keys.end())
69 m_backEnd->deleteKey(keyName);
92 return key->
sign(digestAlgorithm, bufs);
102 if (key ==
nullptr) {
103 return boost::logic::indeterminate;
106 return key->
verify(digestAlgorithm, bufs, sig, sigLen);
118 return key->
decrypt(buf, size);
124 return m_backEnd->isTerminalMode();
130 m_backEnd->setTerminalMode(isTerminal);
136 return m_backEnd->isTpmLocked();
142 return m_backEnd->unlockTpm(password, passwordLength);
146 Tpm::exportPrivateKey(
const Name& keyName,
const char* pw,
size_t pwLen)
const 148 return m_backEnd->exportKey(keyName, pw, pwLen);
152 Tpm::importPrivateKey(
const Name& keyName,
const uint8_t* pkcs8,
size_t pkcs8Len,
153 const char* pw,
size_t pwLen)
155 m_backEnd->importKey(keyName, pkcs8, pkcs8Len, pw, pwLen);
159 Tpm::importPrivateKey(
const Name& keyName, shared_ptr<transform::PrivateKey> key)
161 m_backEnd->importKey(keyName, std::move(key));
165 Tpm::findKey(
const Name& keyName)
const 167 auto it = m_keys.find(keyName);
168 if (it != m_keys.end())
169 return it->second.get();
171 auto handle = m_backEnd->getKeyHandle(keyName);
172 if (handle ==
nullptr)
176 m_keys[keyName] = std::move(handle);
ConstBufferPtr sign(DigestAlgorithm digestAlgorithm, const InputBuffers &bufs) const
Generate a digital signature for bufs using this key with digestAlgorithm.
ConstBufferPtr derivePublicKey() const
ConstBufferPtr decrypt(const uint8_t *cipherText, size_t cipherTextLen) const
Return plain text content decrypted from cipherText using this key.
bool verify(DigestAlgorithm digestAlgorithm, const InputBuffers &bufs, const uint8_t *sig, size_t sigLen) const
Verify the signature sig for bufs using this key and digestAlgorithm.
bool hasKey(const Name &keyName) const
Check if a private key exists.
Abstraction of TPM key handle.
ConstBufferPtr getPublicKey(const Name &keyName) const
boost::logic::tribool verify(const InputBuffers &bufs, const uint8_t *sig, size_t sigLen, const Name &keyName, DigestAlgorithm digestAlgorithm) const
Verify discontiguous ranges using the key with name keyName and using the digest digestAlgorithm.
ConstBufferPtr sign(const InputBuffers &bufs, const Name &keyName, DigestAlgorithm digestAlgorithm) const
Sign discontiguous ranges using the key with name keyName and using the digest digestAlgorithm.
bool unlockTpm(const char *password, size_t passwordLength) const
Unlock the TPM.
void setTerminalMode(bool isTerminal) const
Set the terminal mode of the TPM.
Represents an absolute name.
std::string getTpmLocator() const
Base class for key parameters.
ConstBufferPtr decrypt(const uint8_t *buf, size_t size, const Name &keyName) const
Decrypt blob using the key with name keyName.
bool isTerminalMode() const
Check if the TPM is in terminal mode.
shared_ptr< const Buffer > ConstBufferPtr