tpm.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2024 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #include "ndn-cxx/security/tpm/tpm.hpp"
23 #include "ndn-cxx/security/tpm/back-end.hpp"
24 #include "ndn-cxx/encoding/buffer.hpp"
25 
26 #include <boost/lexical_cast.hpp>
27 
28 namespace ndn::security::tpm {
29 
30 Tpm::Tpm(const std::string& locator, unique_ptr<BackEnd> backEnd)
31  : m_locator(locator)
32  , m_backEnd(std::move(backEnd))
33 {
34 }
35 
36 Tpm::~Tpm() = default;
37 
38 bool
39 Tpm::hasKey(const Name& keyName) const
40 {
41  return m_backEnd->hasKey(keyName);
42 }
43 
44 Name
45 Tpm::createKey(const Name& identityName, const KeyParams& params)
46 {
47  auto keyHandle = m_backEnd->createKey(identityName, params);
48  auto keyName = keyHandle->getKeyName();
49  m_keys[keyName] = std::move(keyHandle);
50  return keyName;
51 }
52 
53 void
54 Tpm::deleteKey(const Name& keyName)
55 {
56  if (auto it = m_keys.find(keyName); it != m_keys.end())
57  m_keys.erase(it);
58 
59  m_backEnd->deleteKey(keyName);
60 }
61 
62 ConstBufferPtr
63 Tpm::getPublicKey(const Name& keyName) const
64 {
65  const KeyHandle* key = findKey(keyName);
66  return key ? key->derivePublicKey() : nullptr;
67 }
68 
69 ConstBufferPtr
70 Tpm::sign(const InputBuffers& bufs, const Name& keyName, DigestAlgorithm digestAlgorithm) const
71 {
72  const KeyHandle* key = findKey(keyName);
73  return key ? key->sign(digestAlgorithm, bufs) : nullptr;
74 }
75 
76 boost::logic::tribool
77 Tpm::verify(const InputBuffers& bufs, span<const uint8_t> sig, const Name& keyName,
78  DigestAlgorithm digestAlgorithm) const
79 {
80  const KeyHandle* key = findKey(keyName);
81  if (key == nullptr)
82  return boost::logic::indeterminate;
83 
84  return key->verify(digestAlgorithm, bufs, sig);
85 }
86 
87 ConstBufferPtr
88 Tpm::decrypt(span<const uint8_t> buf, const Name& keyName) const
89 {
90  const KeyHandle* key = findKey(keyName);
91  return key ? key->decrypt(buf) : nullptr;
92 }
93 
94 #pragma GCC diagnostic push
95 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
96 
97 bool
98 Tpm::isTerminalMode() const
99 {
100  return m_backEnd->isTerminalMode();
101 }
102 
103 void
104 Tpm::setTerminalMode(bool isTerminal) const
105 {
106  m_backEnd->setTerminalMode(isTerminal);
107 }
108 
109 bool
110 Tpm::isTpmLocked() const
111 {
112  return m_backEnd->isTpmLocked();
113 }
114 
115 bool
116 Tpm::unlockTpm(const char* password, size_t passwordLength) const
117 {
118  return m_backEnd->unlockTpm(password, passwordLength);
119 }
120 
121 #pragma GCC diagnostic pop
122 
123 ConstBufferPtr
124 Tpm::exportPrivateKey(const Name& keyName, const char* pw, size_t pwLen) const
125 {
126  return m_backEnd->exportKey(keyName, pw, pwLen);
127 }
128 
129 void
130 Tpm::importPrivateKey(const Name& keyName, span<const uint8_t> pkcs8, const char* pw, size_t pwLen)
131 {
132  m_backEnd->importKey(keyName, pkcs8, pw, pwLen);
133 }
134 
135 void
136 Tpm::importPrivateKey(const Name& keyName, shared_ptr<transform::PrivateKey> key)
137 {
138  m_backEnd->importKey(keyName, std::move(key));
139 }
140 
141 const KeyHandle*
142 Tpm::findKey(const Name& keyName) const
143 {
144  if (auto it = m_keys.find(keyName); it != m_keys.end())
145  return it->second.get();
146 
147  auto handle = m_backEnd->getKeyHandle(keyName);
148  if (handle == nullptr)
149  return nullptr;
150 
151  const KeyHandle* key = handle.get();
152  m_keys[keyName] = std::move(handle);
153  return key;
154 }
155 
156 } // namespace ndn::security::tpm
ndn::KeyParams
Base class for key parameters.
Definition: key-params.hpp:36
ndn::Name
Represents an absolute name.
Definition: name.hpp:45
ndn::security::tpm::KeyHandle
Abstraction of TPM key handle.
Definition: key-handle.hpp:36
ndn::security::tpm::KeyHandle::derivePublicKey
ConstBufferPtr derivePublicKey() const
Definition: key-handle.cpp:48
ndn::security::tpm::KeyHandle::decrypt
ConstBufferPtr decrypt(span< const uint8_t > cipherText) const
Return plain text content decrypted from cipherText using this key.
Definition: key-handle.cpp:42
ndn::security::tpm::KeyHandle::verify
bool verify(DigestAlgorithm digestAlgorithm, const InputBuffers &bufs, span< const uint8_t > sig) const
Verify the signature sig over bufs using this key and digestAlgorithm.
Definition: key-handle.cpp:35
ndn::security::tpm::KeyHandle::sign
ConstBufferPtr sign(DigestAlgorithm digestAlgorithm, const InputBuffers &bufs) const
Generate a digital signature for bufs using this key with digestAlgorithm.
Definition: key-handle.cpp:29
ndn::tlv::Name
@ Name
Definition: tlv.hpp:71
ndn::ConstBufferPtr
std::shared_ptr< const Buffer > ConstBufferPtr
Definition: buffer.hpp:140
bufs
InputBuffers bufs
Definition: verification-helpers.cpp:57
sig
span< const uint8_t > sig
Definition: verification-helpers.cpp:58