|
NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.0: NDN, CCN, CCNx, content centric networks
|
API Documentation |
|
|
NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.0: NDN, CCN, CCNx, content centric networks
|
API Documentation |
The packet signing interface. More...
#include <key-chain.hpp>
Classes | |
| class | Error |
| class | MismatchError |
| Error thrown when the supplied TPM locator to KeyChain constructor does not match the locator stored in PIB. More... | |
Public Types | |
| typedef function< unique_ptr< SecPublicInfo >const std::string &)> | PibCreateFunc |
| typedef function< unique_ptr< SecTpm >const std::string &)> | TpmCreateFunc |
| typedef std::map< std::string, Block > | SignParams |
Public Member Functions | |
| KeyChain () | |
| Constructor to create KeyChain with default PIB and TPM. More... | |
| KeyChain (const std::string &pibLocator, const std::string &tpmLocator, bool allowReset=false) | |
| KeyChain constructor. More... | |
| virtual | ~KeyChain () |
| Name | createIdentity (const Name &identityName, const KeyParams ¶ms=DEFAULT_KEY_PARAMS) |
| Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK. More... | |
| Name | generateRsaKeyPair (const Name &identityName, bool isKsk=false, uint32_t keySize=2048) |
| Generate a pair of RSA keys for the specified identity. More... | |
| Name | generateEcdsaKeyPair (const Name &identityName, bool isKsk=false, uint32_t keySize=256) |
| Generate a pair of ECDSA keys for the specified identity. More... | |
| Name | generateRsaKeyPairAsDefault (const Name &identityName, bool isKsk=false, uint32_t keySize=2048) |
| Generate a pair of RSA keys for the specified identity and set it as default key for the identity. More... | |
| Name | generateEcdsaKeyPairAsDefault (const Name &identityName, bool isKsk, uint32_t keySize=256) |
| Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity. More... | |
| shared_ptr< IdentityCertificate > | prepareUnsignedIdentityCertificate (const Name &keyName, const Name &signingIdentity, const time::system_clock::TimePoint ¬Before, const time::system_clock::TimePoint ¬After, const std::vector< CertificateSubjectDescription > &subjectDescription, const Name &certPrefix=DEFAULT_PREFIX) |
| prepare an unsigned identity certificate More... | |
| shared_ptr< IdentityCertificate > | prepareUnsignedIdentityCertificate (const Name &keyName, const PublicKey &publicKey, const Name &signingIdentity, const time::system_clock::TimePoint ¬Before, const time::system_clock::TimePoint ¬After, const std::vector< CertificateSubjectDescription > &subjectDescription, const Name &certPrefix=DEFAULT_PREFIX) |
| prepare an unsigned identity certificate More... | |
| void | sign (Data &data, const SigningInfo ¶ms=DEFAULT_SIGNING_INFO) |
| Sign data according to the supplied signing information. More... | |
| void | sign (Interest &interest, const SigningInfo ¶ms=DEFAULT_SIGNING_INFO) |
| Sign interest according to the supplied signing information. More... | |
| Block | sign (const uint8_t *buffer, size_t bufferLength, const SigningInfo ¶ms) |
| Sign buffer according to the supplied signing information. More... | |
| template<typename T > | |
| void | sign (T &packet, const Name &certificateName) |
| Sign packet with a particular certificate. More... | |
| Signature | sign (const uint8_t *buffer, size_t bufferLength, const Name &certificateName) |
| Sign the byte array using a particular certificate. More... | |
| template<typename T > | |
| void | signByIdentity (T &packet, const Name &identityName) |
| Sign packet using the default certificate of a particular identity. More... | |
| Signature | signByIdentity (const uint8_t *buffer, size_t bufferLength, const Name &identityName) |
| Sign the byte array using the default certificate of a particular identity. More... | |
| void | signWithSha256 (Data &data) |
Set Sha256 weak signature for data. More... | |
| void | signWithSha256 (Interest &interest) |
Set Sha256 weak signature for interest. More... | |
| shared_ptr< IdentityCertificate > | selfSign (const Name &keyName) |
| Generate a self-signed certificate for a public key. More... | |
| void | selfSign (IdentityCertificate &cert) |
| Self-sign the supplied identity certificate. More... | |
| void | deleteCertificate (const Name &certificateName) |
| delete a certificate. More... | |
| void | deleteKey (const Name &keyName) |
| delete a key. More... | |
| void | deleteIdentity (const Name &identity) |
| delete an identity. More... | |
| shared_ptr< SecuredBag > | exportIdentity (const Name &identity, const std::string &passwordStr) |
| export an identity. More... | |
| void | importIdentity (const SecuredBag &securedBag, const std::string &passwordStr) |
| import an identity. More... | |
| SecPublicInfo & | getPib () |
| const SecPublicInfo & | getPib () const |
| SecTpm & | getTpm () |
| const SecTpm & | getTpm () const |
| bool | doesIdentityExist (const Name &identityName) const |
| void | addIdentity (const Name &identityName) |
| bool | doesPublicKeyExist (const Name &keyName) const |
| void | addPublicKey (const Name &keyName, KeyType keyType, const PublicKey &publicKeyDer) |
| void | addKey (const Name &keyName, const PublicKey &publicKeyDer) |
| shared_ptr< PublicKey > | getPublicKey (const Name &keyName) const |
| bool | doesCertificateExist (const Name &certificateName) const |
| void | addCertificate (const IdentityCertificate &certificate) |
| shared_ptr< IdentityCertificate > | getCertificate (const Name &certificateName) const |
| Name | getDefaultIdentity () const |
| Name | getDefaultKeyNameForIdentity (const Name &identityName) const |
| Name | getDefaultCertificateNameForKey (const Name &keyName) const |
| void | getAllIdentities (std::vector< Name > &nameList, bool isDefault) const |
| void | getAllKeyNames (std::vector< Name > &nameList, bool isDefault) const |
| void | getAllKeyNamesOfIdentity (const Name &identity, std::vector< Name > &nameList, bool isDefault) const |
| void | getAllCertificateNames (std::vector< Name > &nameList, bool isDefault) const |
| void | getAllCertificateNamesOfKey (const Name &keyName, std::vector< Name > &nameList, bool isDefault) const |
| void | deleteCertificateInfo (const Name &certificateName) |
| void | deletePublicKeyInfo (const Name &keyName) |
| void | deleteIdentityInfo (const Name &identity) |
| void | setDefaultIdentity (const Name &identityName) |
| void | setDefaultKeyNameForIdentity (const Name &keyName) |
| void | setDefaultCertificateNameForKey (const Name &certificateName) |
| Name | getNewKeyName (const Name &identityName, bool useKsk) |
| Name | getDefaultCertificateNameForIdentity (const Name &identityName) const |
| Name | getDefaultCertificateName () const |
| void | addCertificateAsKeyDefault (const IdentityCertificate &certificate) |
| void | addCertificateAsIdentityDefault (const IdentityCertificate &certificate) |
| void | addCertificateAsSystemDefault (const IdentityCertificate &certificate) |
| shared_ptr< IdentityCertificate > | getDefaultCertificate () const |
| void | refreshDefaultCertificate () |
| void | setTpmPassword (const uint8_t *password, size_t passwordLength) |
| void | resetTpmPassword () |
| void | setInTerminal (bool inTerminal) |
| bool | getInTerminal () const |
| bool | isLocked () const |
| bool | unlockTpm (const char *password, size_t passwordLength, bool usePassword) |
| void | generateKeyPairInTpm (const Name &keyName, const KeyParams ¶ms) |
| void | deleteKeyPairInTpm (const Name &keyName) |
| shared_ptr< PublicKey > | getPublicKeyFromTpm (const Name &keyName) const |
| Block | signInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm) |
| ConstBufferPtr | decryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric) |
| ConstBufferPtr | encryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric) |
| void | generateSymmetricKeyInTpm (const Name &keyName, const KeyParams ¶ms) |
| bool | doesKeyExistInTpm (const Name &keyName, KeyClass keyClass) const |
| bool | generateRandomBlock (uint8_t *res, size_t size) const |
| void | addAppToAcl (const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl) |
| ConstBufferPtr | exportPrivateKeyPkcs5FromTpm (const Name &keyName, const std::string &password) |
| bool | importPrivateKeyPkcs5IntoTpm (const Name &keyName, const uint8_t *buf, size_t size, const std::string &password) |
Static Public Member Functions | |
| template<class PibType > | |
| static void | registerPib (std::initializer_list< std::string > aliases) |
| Register a new PIB. More... | |
| template<class TpmType > | |
| static void | registerTpm (std::initializer_list< std::string > aliases) |
| Register a new TPM. More... | |
| static std::string | getDefaultPibLocator () |
| Get default PIB locator. More... | |
| static unique_ptr< SecPublicInfo > | createPib (const std::string &pibLocator) |
Create a PIB according to pibLocator. More... | |
| static std::string | getDefaultTpmLocator () |
| Get default TPM locator. More... | |
| static unique_ptr< SecTpm > | createTpm (const std::string &tpmLocator) |
Create a TPM according to tpmLocator. More... | |
| static tlv::SignatureTypeValue | getSignatureType (KeyType keyType, DigestAlgorithm digestAlgorithm) |
Static Public Attributes | |
| static const Name | DEFAULT_PREFIX |
| static const SigningInfo | DEFAULT_SIGNING_INFO |
| static const Name | DIGEST_SHA256_IDENTITY |
| A localhost identity which indicates that signature is generated using SHA-256. More... | |
| static const RsaKeyParams | DEFAULT_KEY_PARAMS |
The packet signing interface.
Definition at line 48 of file key-chain.hpp.
| typedef function<unique_ptr<SecPublicInfo>const std::string&)> ndn::security::KeyChain::PibCreateFunc |
Definition at line 75 of file key-chain.hpp.
| typedef function<unique_ptr<SecTpm>const std::string&)> ndn::security::KeyChain::TpmCreateFunc |
Definition at line 76 of file key-chain.hpp.
| typedef std::map<std::string, Block> ndn::security::KeyChain::SignParams |
Definition at line 876 of file key-chain.hpp.
| ndn::security::KeyChain::KeyChain | ( | ) |
Constructor to create KeyChain with default PIB and TPM.
Default PIB and TPM are platform-dependent and can be overriden system-wide or on per-use basis.
Definition at line 120 of file key-chain.cpp.
References ndn::ConfigFile::getParsedConfiguration().
| ndn::security::KeyChain::KeyChain | ( | const std::string & | pibLocator, |
| const std::string & | tpmLocator, | ||
| bool | allowReset = false |
||
| ) |
KeyChain constructor.
| pibLocator | |
| tpmLocator | |
| allowReset | if true, the PIB will be reset when the supplied tpmLocator mismatches the one in PIB |
Definition at line 134 of file key-chain.cpp.
|
virtual |
Definition at line 144 of file key-chain.cpp.
|
inlinestatic |
Register a new PIB.
| aliases | List of schemes with which this PIB will be associated. The first alias in the list is considered a canonical name of the PIB instance. |
Definition at line 912 of file key-chain.hpp.
|
inlinestatic |
Register a new TPM.
| aliases | List of schemes with which this TPM will be associated The first alias in the list is considered a canonical name of the TPM instance. |
Definition at line 921 of file key-chain.hpp.
|
static |
Get default PIB locator.
Definition at line 162 of file key-chain.cpp.
|
static |
Create a PIB according to pibLocator.
Definition at line 188 of file key-chain.cpp.
References ndn::security::getCanonicalPibLocator(), and ndn::security::getPibFactories().
Referenced by createTpm().
|
static |
Get default TPM locator.
Definition at line 200 of file key-chain.cpp.
|
static |
Create a TPM according to tpmLocator.
Definition at line 225 of file key-chain.cpp.
References createPib(), ndn::security::getCanonicalPibLocator(), ndn::security::getCanonicalTpmLocator(), and ndn::security::getTpmFactories().
| Name ndn::security::KeyChain::createIdentity | ( | const Name & | identityName, |
| const KeyParams & | params = DEFAULT_KEY_PARAMS |
||
| ) |
Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK.
| identityName | The name of the identity. |
| params | The key parameter if a key needs to be generated for the identity. |
Definition at line 274 of file key-chain.cpp.
References ndn::KeyParams::getKeyType(), and selfSign().
Referenced by importIdentity(), prepareUnsignedIdentityCertificate(), and signByIdentity().
| Name ndn::security::KeyChain::generateRsaKeyPair | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 2048 |
||
| ) |
Generate a pair of RSA keys for the specified identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 313 of file key-chain.cpp.
| Name ndn::security::KeyChain::generateEcdsaKeyPair | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 256 |
||
| ) |
Generate a pair of ECDSA keys for the specified identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 320 of file key-chain.cpp.
| Name ndn::security::KeyChain::generateRsaKeyPairAsDefault | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 2048 |
||
| ) |
Generate a pair of RSA keys for the specified identity and set it as default key for the identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 327 of file key-chain.cpp.
| Name ndn::security::KeyChain::generateEcdsaKeyPairAsDefault | ( | const Name & | identityName, |
| bool | isKsk, | ||
| uint32_t | keySize = 256 |
||
| ) |
Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 339 of file key-chain.cpp.
| shared_ptr< IdentityCertificate > ndn::security::KeyChain::prepareUnsignedIdentityCertificate | ( | const Name & | keyName, |
| const Name & | signingIdentity, | ||
| const time::system_clock::TimePoint & | notBefore, | ||
| const time::system_clock::TimePoint & | notAfter, | ||
| const std::vector< CertificateSubjectDescription > & | subjectDescription, | ||
| const Name & | certPrefix = DEFAULT_PREFIX |
||
| ) |
prepare an unsigned identity certificate
| keyName | Key name, e.g., /<identity_name>/ksk-123456. |
| signingIdentity | The signing identity. |
| notBefore | Refer to IdentityCertificate. |
| notAfter | Refer to IdentityCertificate. |
| subjectDescription | Refer to IdentityCertificate. |
| certPrefix | Prefix before KEY component. By default, KeyChain will infer the certificate name according to the relation between the signingIdentity and the subject identity. If signingIdentity is a prefix of the subject identity, KEY will be inserted after the signingIdentity, otherwise KEY is inserted after subject identity (i.e., before ksk-....). |
Definition at line 352 of file key-chain.cpp.
| shared_ptr< IdentityCertificate > ndn::security::KeyChain::prepareUnsignedIdentityCertificate | ( | const Name & | keyName, |
| const PublicKey & | publicKey, | ||
| const Name & | signingIdentity, | ||
| const time::system_clock::TimePoint & | notBefore, | ||
| const time::system_clock::TimePoint & | notAfter, | ||
| const std::vector< CertificateSubjectDescription > & | subjectDescription, | ||
| const Name & | certPrefix = DEFAULT_PREFIX |
||
| ) |
prepare an unsigned identity certificate
| keyName | Key name, e.g., /<identity_name>/ksk-123456. |
| publicKey | Public key to sign. |
| signingIdentity | The signing identity. |
| notBefore | Refer to IdentityCertificate. |
| notAfter | Refer to IdentityCertificate. |
| subjectDescription | Refer to IdentityCertificate. |
| certPrefix | Prefix before KEY component. By default, KeyChain will infer the certificate name according to the relation between the signingIdentity and the subject identity. If signingIdentity is a prefix of the subject identity, KEY will be inserted after the signingIdentity, otherwise KEY is inserted after subject identity (i.e., before ksk-....). |
Definition at line 375 of file key-chain.cpp.
References ndn::Name::append(), ndn::Name::appendVersion(), ndn::oid::ATTRIBUTE_NAME, createIdentity(), DEFAULT_PREFIX, DIGEST_SHA256_IDENTITY, ndn::tlv::DigestSha256, ndn::Name::get(), ndn::security::SigningInfo::getDigestAlgorithm(), ndn::Name::getPrefix(), ndn::security::SigningInfo::getSignatureInfo(), getSignatureType(), ndn::security::SigningInfo::getSignerName(), ndn::security::SigningInfo::getSignerType(), ndn::Name::getSubName(), ndn::Name::isPrefixOf(), ndn::tlv::KeyLocator, ndn::SignatureInfo::setKeyLocator(), ndn::SignatureInfo::setSignatureType(), ndn::security::SigningInfo::SIGNER_TYPE_CERT, ndn::security::SigningInfo::SIGNER_TYPE_ID, ndn::security::SigningInfo::SIGNER_TYPE_KEY, ndn::security::SigningInfo::SIGNER_TYPE_NULL, ndn::security::SigningInfo::SIGNER_TYPE_SHA256, ndn::Name::size(), ndn::name::Component::toUri(), and ndn::Name::toUri().
| void ndn::security::KeyChain::sign | ( | Data & | data, |
| const SigningInfo & | params = DEFAULT_SIGNING_INFO |
||
| ) |
Sign data according to the supplied signing information.
This method uses the supplied signing information params to create the SignatureInfo block:
After that, the method assigns the created SignatureInfo to the data packets, generate a signature and sets as part of the SignatureValue block.
| data | The data to sign |
| params | The signing parameters. |
| Error | if signing fails. |
Definition at line 517 of file key-chain.cpp.
Referenced by ndn::mgmt::Dispatcher::removeTopPrefix(), and signByIdentity().
| void ndn::security::KeyChain::sign | ( | Interest & | interest, |
| const SigningInfo & | params = DEFAULT_SIGNING_INFO |
||
| ) |
Sign interest according to the supplied signing information.
This method uses the supplied signing information params to create the SignatureInfo block:
After that, the method appends the created SignatureInfo to the interest name, generate a signature and appends it as part of the SignatureValue block to the interest name.
| interest | The interest to sign |
| params | The signing parameters. |
| Error | if signing fails. |
Definition at line 523 of file key-chain.cpp.
| Block ndn::security::KeyChain::sign | ( | const uint8_t * | buffer, |
| size_t | bufferLength, | ||
| const SigningInfo & | params | ||
| ) |
Sign buffer according to the supplied signing information.
| buffer | The buffer to sign |
| bufferLength | The buffer size |
| params | The signing parameters. |
| Error | if signing fails. |
Definition at line 529 of file key-chain.cpp.
References ndn::DIGEST_ALGORITHM_SHA256.
| void ndn::security::KeyChain::sign | ( | T & | packet, |
| const Name & | certificateName | ||
| ) |
Sign packet with a particular certificate.
| packet | The packet to be signed. |
| certificateName | The certificate name of the key to use for signing. |
| SecPublicInfo::Error | if certificate does not exist. |
Definition at line 898 of file key-chain.hpp.
References ndn::security::SigningInfo::SIGNER_TYPE_CERT.
| Signature ndn::security::KeyChain::sign | ( | const uint8_t * | buffer, |
| size_t | bufferLength, | ||
| const Name & | certificateName | ||
| ) |
Sign the byte array using a particular certificate.
| buffer | The byte array to be signed. |
| bufferLength | the length of buffer. |
| certificateName | The certificate name of the signing key. |
| SecPublicInfo::Error | if certificate does not exist. |
Definition at line 538 of file key-chain.cpp.
References ndn::DIGEST_ALGORITHM_SHA256, and ndn::Signature::setValue().
| void ndn::security::KeyChain::signByIdentity | ( | T & | packet, |
| const Name & | identityName | ||
| ) |
Sign packet using the default certificate of a particular identity.
If there is no default certificate of that identity, this method will create a self-signed certificate.
| packet | The packet to be signed. |
| identityName | The signing identity name. |
Definition at line 905 of file key-chain.hpp.
References ndn::security::SigningInfo::SIGNER_TYPE_ID.
| Signature ndn::security::KeyChain::signByIdentity | ( | const uint8_t * | buffer, |
| size_t | bufferLength, | ||
| const Name & | identityName | ||
| ) |
Sign the byte array using the default certificate of a particular identity.
| buffer | The byte array to be signed. |
| bufferLength | the length of buffer. |
| identityName | The identity name. |
Definition at line 748 of file key-chain.cpp.
References createIdentity(), ndn::Signature::setValue(), sign(), and ndn::security::SigningInfo::SIGNER_TYPE_CERT.
| void ndn::security::KeyChain::signWithSha256 | ( | Data & | data | ) |
Set Sha256 weak signature for data.
Definition at line 774 of file key-chain.cpp.
References ndn::Data::getSignature(), ndn::Signature::getValue(), ndn::Data::setSignature(), ndn::Data::setSignatureValue(), ndn::crypto::sha256(), ndn::tlv::SignatureValue, ndn::Block::size(), and ndn::Data::wireEncode().
| void ndn::security::KeyChain::signWithSha256 | ( | Interest & | interest | ) |
Set Sha256 weak signature for interest.
Definition at line 787 of file key-chain.cpp.
References ndn::Name::append(), ndn::Block::encode(), ndn::name::Component::fromNumber(), ndn::random::generateWord64(), ndn::Signature::getInfo(), ndn::Interest::getName(), ndn::time::system_clock::now(), ndn::Interest::setName(), ndn::crypto::sha256(), ndn::tlv::SignatureValue, ndn::time::toUnixTimestamp(), and ndn::Name::wireEncode().
| shared_ptr< IdentityCertificate > ndn::security::KeyChain::selfSign | ( | const Name & | keyName | ) |
Generate a self-signed certificate for a public key.
| keyName | The name of the public key |
Definition at line 556 of file key-chain.cpp.
References ndn::Name::append(), ndn::Name::appendVersion(), ndn::oid::ATTRIBUTE_NAME, ndn::Name::get(), ndn::Name::getPrefix(), ndn::time::system_clock::now(), ndn::tlv::SignatureInfo, and ndn::Name::toUri().
Referenced by createIdentity(), and exportIdentity().
| void ndn::security::KeyChain::selfSign | ( | IdentityCertificate & | cert | ) |
Self-sign the supplied identity certificate.
| cert | The supplied cert. |
| SecTpm::Error | if the private key does not exist. |
Definition at line 586 of file key-chain.cpp.
References ndn::DIGEST_ALGORITHM_SHA256, ndn::Signature::getInfo(), ndn::PublicKey::getKeyType(), ndn::Data::getName(), ndn::Name::getPrefix(), ndn::Certificate::getPublicKeyInfo(), ndn::IdentityCertificate::getPublicKeyName(), ndn::Data::getSignature(), getSignatureType(), ndn::KEY_CLASS_PRIVATE, ndn::tlv::KeyLocator, and ndn::SignatureInfo::setKeyLocator().
| void ndn::security::KeyChain::deleteCertificate | ( | const Name & | certificateName | ) |
delete a certificate.
| certificateName | The certificate to be deleted. |
| KeyChain::Error | if certificate cannot be deleted. |
Definition at line 811 of file key-chain.cpp.
| void ndn::security::KeyChain::deleteKey | ( | const Name & | keyName | ) |
delete a key.
| keyName | The key to be deleted. |
| KeyChain::Error | if key cannot be deleted. |
Definition at line 817 of file key-chain.cpp.
| void ndn::security::KeyChain::deleteIdentity | ( | const Name & | identity | ) |
delete an identity.
| identity | The identity to be deleted. |
| KeyChain::Error | if identity cannot be deleted. |
Definition at line 824 of file key-chain.cpp.
| shared_ptr< SecuredBag > ndn::security::KeyChain::exportIdentity | ( | const Name & | identity, |
| const std::string & | passwordStr | ||
| ) |
export an identity.
| identity | The identity to export. |
| passwordStr | The password to secure the private key. |
| SecPublicInfo::Error | if anything goes wrong in exporting. |
Definition at line 601 of file key-chain.cpp.
References selfSign().
| void ndn::security::KeyChain::importIdentity | ( | const SecuredBag & | securedBag, |
| const std::string & | passwordStr | ||
| ) |
import an identity.
| securedBag | The encoded import data. |
| passwordStr | The password to secure the private key. |
Definition at line 636 of file key-chain.cpp.
References ndn::Name::append(), ndn::IdentityCertificate::certificateNameToPublicKeyName(), createIdentity(), DIGEST_SHA256_IDENTITY, ndn::Block::encode(), ndn::name::Component::fromNumber(), ndn::random::generateWord32(), ndn::random::generateWord64(), ndn::SecuredBag::getCertificate(), ndn::Signature::getInfo(), ndn::SecuredBag::getKey(), ndn::Data::getName(), ndn::Interest::getName(), ndn::Name::getPrefix(), ndn::time::system_clock::now(), ndn::Interest::setName(), ndn::Data::setSignature(), ndn::crypto::sha256(), ndn::tlv::SignatureValue, ndn::time::toUnixTimestamp(), ndn::Name::toUri(), ndn::Data::wireEncode(), and ndn::Name::wireEncode().
|
inline |
Definition at line 439 of file key-chain.hpp.
|
inline |
Definition at line 445 of file key-chain.hpp.
|
inline |
Definition at line 451 of file key-chain.hpp.
|
inline |
Definition at line 457 of file key-chain.hpp.
|
inline |
Definition at line 466 of file key-chain.hpp.
|
inline |
Definition at line 472 of file key-chain.hpp.
|
inline |
Definition at line 478 of file key-chain.hpp.
|
inline |
Definition at line 484 of file key-chain.hpp.
|
inline |
Definition at line 490 of file key-chain.hpp.
Definition at line 496 of file key-chain.hpp.
|
inline |
Definition at line 502 of file key-chain.hpp.
|
inline |
Definition at line 508 of file key-chain.hpp.
|
inline |
Definition at line 514 of file key-chain.hpp.
|
inline |
Definition at line 520 of file key-chain.hpp.
|
inline |
Definition at line 526 of file key-chain.hpp.
Definition at line 532 of file key-chain.hpp.
|
inline |
Definition at line 538 of file key-chain.hpp.
|
inline |
Definition at line 544 of file key-chain.hpp.
|
inline |
Definition at line 550 of file key-chain.hpp.
|
inline |
Definition at line 556 of file key-chain.hpp.
|
inline |
Definition at line 562 of file key-chain.hpp.
|
inline |
Definition at line 570 of file key-chain.hpp.
|
inline |
Definition at line 576 of file key-chain.hpp.
|
inline |
Definition at line 582 of file key-chain.hpp.
|
inline |
Definition at line 588 of file key-chain.hpp.
|
inline |
Definition at line 594 of file key-chain.hpp.
|
inline |
Definition at line 600 of file key-chain.hpp.
Definition at line 606 of file key-chain.hpp.
|
inline |
Definition at line 612 of file key-chain.hpp.
|
inline |
Definition at line 618 of file key-chain.hpp.
|
inline |
Definition at line 624 of file key-chain.hpp.
|
inline |
Definition at line 630 of file key-chain.hpp.
|
inline |
Definition at line 636 of file key-chain.hpp.
|
inline |
Definition at line 642 of file key-chain.hpp.
References getDefaultCertificate().
Referenced by getDefaultCertificate().
|
inline |
Definition at line 651 of file key-chain.hpp.
|
inline |
Definition at line 661 of file key-chain.hpp.
|
inline |
Definition at line 667 of file key-chain.hpp.
|
inline |
Definition at line 673 of file key-chain.hpp.
|
inline |
Definition at line 679 of file key-chain.hpp.
|
inline |
Definition at line 685 of file key-chain.hpp.
|
inline |
Definition at line 691 of file key-chain.hpp.
|
inline |
Definition at line 697 of file key-chain.hpp.
|
inline |
Definition at line 703 of file key-chain.hpp.
|
inline |
Definition at line 709 of file key-chain.hpp.
|
inline |
Definition at line 715 of file key-chain.hpp.
|
inline |
Definition at line 723 of file key-chain.hpp.
|
inline |
Definition at line 729 of file key-chain.hpp.
|
inline |
Definition at line 735 of file key-chain.hpp.
|
inline |
Definition at line 741 of file key-chain.hpp.
|
inline |
Definition at line 747 of file key-chain.hpp.
|
inline |
Definition at line 753 of file key-chain.hpp.
|
inline |
Definition at line 759 of file key-chain.hpp.
|
inline |
Definition at line 765 of file key-chain.hpp.
References DEFAULT_KEY_PARAMS, and getSignatureType().
|
static |
Definition at line 837 of file key-chain.cpp.
References ndn::KEY_TYPE_ECDSA, ndn::KEY_TYPE_RSA, ndn::tlv::SignatureSha256WithEcdsa, and ndn::tlv::SignatureSha256WithRsa.
Referenced by importPrivateKeyPkcs5IntoTpm(), prepareUnsignedIdentityCertificate(), and selfSign().
|
static |
Definition at line 864 of file key-chain.hpp.
Referenced by prepareUnsignedIdentityCertificate().
|
static |
Definition at line 865 of file key-chain.hpp.
|
static |
A localhost identity which indicates that signature is generated using SHA-256.
Definition at line 871 of file key-chain.hpp.
Referenced by importIdentity(), and prepareUnsignedIdentityCertificate().
|
static |
Definition at line 874 of file key-chain.hpp.
Referenced by importPrivateKeyPkcs5IntoTpm().
1.8.11 
