ndn::security::tpm::Tpm Class Reference

TPM front-end class. More...

#include <ndn-cxx/security/tpm/tpm.hpp>

+ Inheritance diagram for ndn::security::tpm::Tpm:
+ Collaboration diagram for ndn::security::tpm::Tpm:

Classes

class  Error
 

Public Member Functions

 ~Tpm ()
 
ConstBufferPtr decrypt (span< const uint8_t > buf, const Name &keyName) const
 Decrypt blob using the key with name keyName. More...
 
ConstBufferPtr getPublicKey (const Name &keyName) const
 
const std::string & getTpmLocator () const
 Return the TPM Locator. More...
 
bool hasKey (const Name &keyName) const
 Check if a private key exists. More...
 
bool isTerminalMode () const
 Check if the TPM is in terminal mode. More...
 
bool isTpmLocked () const
 
void setTerminalMode (bool isTerminal) const
 Set the terminal mode of the TPM. More...
 
ConstBufferPtr sign (const InputBuffers &bufs, const Name &keyName, DigestAlgorithm digestAlgorithm) const
 Sign discontiguous ranges using the key with name keyName and using the digest digestAlgorithm. More...
 
bool unlockTpm (const char *password, size_t passwordLength) const
 Unlock the TPM. More...
 
boost::logic::tribool verify (const InputBuffers &bufs, span< const uint8_t > sig, const Name &keyName, DigestAlgorithm digestAlgorithm) const
 Verify discontiguous ranges using the key with name keyName and using the digest digestAlgorithm. More...
 

Detailed Description

TPM front-end class.

The TPM (Trusted Platform Module) stores the private portion of a user's cryptography keys. The format and location of stored information is indicated by the TpmLocator. The TPM is designed to work with a PIB (Public Information Base) which stores public keys and related information such as certificate.

The TPM also provides functionalities of crypto transformation, such as signing and decryption.

A TPM consists of a unified front-end interface and a back-end implementation. The front-end cache the handles of private keys which is provided by the back-end implementation.

Note
Tpm instance is created and managed only by KeyChain. KeyChain::getTpm() returns a const reference to the managed Tpm instance, through which it is possible to check the existence of private keys, get the public key corresponding to a private key, sign, and decrypt the supplied buffers using managed private keys.

Definition at line 62 of file tpm.hpp.

Constructor & Destructor Documentation

◆ ~Tpm()

ndn::security::tpm::Tpm::~Tpm ( )
default

Member Function Documentation

◆ decrypt()

ConstBufferPtr ndn::security::tpm::Tpm::decrypt ( span< const uint8_t >  buf,
const Name keyName 
) const

Decrypt blob using the key with name keyName.

Returns
The decrypted data, or nullptr if the key does not exist.

Definition at line 88 of file tpm.cpp.

◆ getPublicKey()

ConstBufferPtr ndn::security::tpm::Tpm::getPublicKey ( const Name keyName) const
Returns
The public portion of an asymmetric key with name keyName, or nullptr if the key does not exist,

The public key is in PKCS#8 format.

Definition at line 63 of file tpm.cpp.

◆ getTpmLocator()

const std::string& ndn::security::tpm::Tpm::getTpmLocator ( ) const
inline

Return the TPM Locator.

Definition at line 77 of file tpm.hpp.

◆ hasKey()

bool ndn::security::tpm::Tpm::hasKey ( const Name keyName) const

Check if a private key exists.

Parameters
keyNameThe key name
Returns
true if the key exists

Definition at line 39 of file tpm.cpp.

◆ isTerminalMode()

bool ndn::security::tpm::Tpm::isTerminalMode ( ) const

Check if the TPM is in terminal mode.

Deprecated:

Definition at line 98 of file tpm.cpp.

◆ isTpmLocked()

bool ndn::security::tpm::Tpm::isTpmLocked ( ) const
Returns
true if the TPM is locked, otherwise false.
Deprecated:

Definition at line 110 of file tpm.cpp.

◆ setTerminalMode()

void ndn::security::tpm::Tpm::setTerminalMode ( bool  isTerminal) const

Set the terminal mode of the TPM.

Deprecated:

When in terminal mode, the TPM will not ask user permission from GUI.

Definition at line 104 of file tpm.cpp.

◆ sign()

ConstBufferPtr ndn::security::tpm::Tpm::sign ( const InputBuffers &  bufs,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
) const

Sign discontiguous ranges using the key with name keyName and using the digest digestAlgorithm.

Returns
The signature, or nullptr if the key does not exist.

Definition at line 70 of file tpm.cpp.

◆ unlockTpm()

bool ndn::security::tpm::Tpm::unlockTpm ( const char *  password,
size_t  passwordLength 
) const

Unlock the TPM.

Deprecated:
Parameters
passwordThe password to unlock the TPM.
passwordLengthThe password size.

Definition at line 116 of file tpm.cpp.

◆ verify()

boost::logic::tribool ndn::security::tpm::Tpm::verify ( const InputBuffers &  bufs,
span< const uint8_t >  sig,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
) const

Verify discontiguous ranges using the key with name keyName and using the digest digestAlgorithm.

Return values
truethe signature is valid
falsethe signature is not valid
indeterminatethe key does not exist

Definition at line 77 of file tpm.cpp.