back-end.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2021 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #ifndef NDN_CXX_SECURITY_TPM_BACK_END_HPP
23 #define NDN_CXX_SECURITY_TPM_BACK_END_HPP
24 
26 
27 namespace ndn {
28 namespace security {
29 namespace tpm {
30 
36 class BackEnd : noncopyable
37 {
38 public:
39  using Error = Tpm::Error;
40 
41  virtual
43 
44 public: // key management
50  bool
51  hasKey(const Name& keyName) const;
52 
61  unique_ptr<KeyHandle>
62  getKeyHandle(const Name& keyName) const;
63 
71  unique_ptr<KeyHandle>
72  createKey(const Name& identityName, const KeyParams& params);
73 
82  void
83  deleteKey(const Name& keyName);
84 
96  exportKey(const Name& keyName, const char* pw, size_t pwLen);
97 
108  void
109  importKey(const Name& keyName, span<const uint8_t> pkcs8, const char* pw, size_t pwLen);
110 
116  void
117  importKey(const Name& keyName, shared_ptr<transform::PrivateKey> key);
118 
126  virtual bool
127  isTerminalMode() const;
128 
135  virtual void
136  setTerminalMode(bool isTerminal) const;
137 
145  virtual bool
146  isTpmLocked() const;
147 
158  NDN_CXX_NODISCARD virtual bool
159  unlockTpm(const char* pw, size_t pwLen) const;
160 
161 protected: // helper methods
165  Name
166  constructAsymmetricKeyName(const KeyHandle& key, const Name& identity,
167  const KeyParams& params) const;
168 
172  Name
173  constructHmacKeyName(const transform::PrivateKey& key, const Name& identity,
174  const KeyParams& params) const;
175 
176 private: // pure virtual methods
177  virtual bool
178  doHasKey(const Name& keyName) const = 0;
179 
180  virtual unique_ptr<KeyHandle>
181  doGetKeyHandle(const Name& keyName) const = 0;
182 
183  virtual unique_ptr<KeyHandle>
184  doCreateKey(const Name& identity, const KeyParams& params) = 0;
185 
186  virtual void
187  doDeleteKey(const Name& keyName) = 0;
188 
189  virtual ConstBufferPtr
190  doExportKey(const Name& keyName, const char* pw, size_t pwLen) = 0;
191 
192  virtual void
193  doImportKey(const Name& keyName, span<const uint8_t> pkcs8, const char* pw, size_t pwLen) = 0;
194 
195  virtual void
196  doImportKey(const Name& keyName, shared_ptr<transform::PrivateKey> key) = 0;
197 };
198 
199 } // namespace tpm
200 } // namespace security
201 } // namespace ndn
202 
203 #endif // NDN_CXX_SECURITY_TPM_BACK_END_HPP
#define NDN_CXX_NODISCARD
Definition: backports.hpp:68
Base class for key parameters.
Definition: key-params.hpp:36
Represents an absolute name.
Definition: name.hpp:44
Abstract interface for a TPM backend implementation.
Definition: back-end.hpp:37
unique_ptr< KeyHandle > createKey(const Name &identityName, const KeyParams &params)
Create a key for identityName according to params.
Definition: back-end.cpp:53
void importKey(const Name &keyName, span< const uint8_t > pkcs8, const char *pw, size_t pwLen)
Import a private key in encrypted PKCS #8 format.
Definition: back-end.cpp:96
virtual bool unlockTpm(const char *pw, size_t pwLen) const
Unlock the TPM.
Definition: back-end.cpp:168
bool hasKey(const Name &keyName) const
Check if the key with name keyName exists in the TPM.
Definition: back-end.cpp:41
Name constructAsymmetricKeyName(const KeyHandle &key, const Name &identity, const KeyParams &params) const
Construct and return the name of a RSA or EC key, based on identity and params.
Definition: back-end.cpp:114
virtual bool isTerminalMode() const
Check if the TPM is in terminal mode.
Definition: back-end.cpp:151
virtual void setTerminalMode(bool isTerminal) const
Set the terminal mode of the TPM.
Definition: back-end.cpp:157
void deleteKey(const Name &keyName)
Delete the key with name keyName.
Definition: back-end.cpp:81
virtual bool isTpmLocked() const
Check if the TPM is locked.
Definition: back-end.cpp:162
ConstBufferPtr exportKey(const Name &keyName, const char *pw, size_t pwLen)
Get the private key with name keyName in encrypted PKCS #8 format.
Definition: back-end.cpp:87
unique_ptr< KeyHandle > getKeyHandle(const Name &keyName) const
Get the handle of the key with name keyName.
Definition: back-end.cpp:47
Name constructHmacKeyName(const transform::PrivateKey &key, const Name &identity, const KeyParams &params) const
Construct and return the name of a HMAC key, based on identity and params.
Definition: back-end.cpp:144
Abstraction of TPM key handle.
Definition: key-handle.hpp:38
Abstraction of private key in crypto transformation.
Definition: private-key.hpp:39
Definition: data.cpp:25
shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:139