28 #include "../encoding/buffer-stream.hpp" 30 #include <boost/filesystem.hpp> 31 #include <boost/algorithm/string.hpp> 35 #include <sys/types.h> 43 using std::ostringstream;
55 m_keystorePath = boost::filesystem::path(getenv(
"HOME")) /
".ndn" /
"ndnsec-tpm-file";
57 m_keystorePath = boost::filesystem::path(dir) /
".ndn" /
"ndnsec-tpm-file";
62 boost::filesystem::path
68 StringSource src(keyName,
71 new Base64Encoder(
new CryptoPP::StringSink(digest))));
74 std::replace(digest.begin(), digest.end(),
'/',
'%');
87 outfile.open(dirFile.c_str(), std::ios_base::app);
88 outfile << keyName <<
' ' << keyFileName <<
'\n';
101 , m_impl(new
Impl(location))
102 , m_inTerminal(false)
113 string keyURI = keyName.
toUri();
116 BOOST_THROW_EXCEPTION(
Error(
"public key exists"));
118 BOOST_THROW_EXCEPTION(
Error(
"private key exists"));
120 string keyFileName = m_impl->maintainMapping(keyURI);
131 AutoSeededRandomPool rng;
132 InvertibleRSAFunction privateKey;
133 privateKey.Initialize(rng, rsaParams.
getKeySize());
135 string privateKeyFileName = keyFileName +
".pri";
136 Base64Encoder privateKeySink(
new FileSink(privateKeyFileName.c_str()));
137 privateKey.DEREncode(privateKeySink);
138 privateKeySink.MessageEnd();
140 RSAFunction publicKey(privateKey);
141 string publicKeyFileName = keyFileName +
".pub";
142 Base64Encoder publicKeySink(
new FileSink(publicKeyFileName.c_str()));
143 publicKey.DEREncode(publicKeySink);
144 publicKeySink.MessageEnd();
147 chmod(privateKeyFileName.c_str(), 0000400);
148 chmod(publicKeyFileName.c_str(), 0000444);
157 CryptoPP::OID curveName;
161 curveName = ASN1::secp256r1();
164 curveName = ASN1::secp384r1();
167 curveName = ASN1::secp256r1();
170 AutoSeededRandomPool rng;
172 ECDSA<ECP, SHA256>::PrivateKey privateKey;
173 DL_GroupParameters_EC<ECP> cryptoParams(curveName);
174 cryptoParams.SetEncodeAsOID(
true);
175 privateKey.Initialize(rng, cryptoParams);
177 ECDSA<ECP, SHA256>::PublicKey publicKey;
178 privateKey.MakePublicKey(publicKey);
179 publicKey.AccessGroupParameters().SetEncodeAsOID(
true);
181 string privateKeyFileName = keyFileName +
".pri";
182 Base64Encoder privateKeySink(
new FileSink(privateKeyFileName.c_str()));
183 privateKey.DEREncode(privateKeySink);
184 privateKeySink.MessageEnd();
186 string publicKeyFileName = keyFileName +
".pub";
187 Base64Encoder publicKeySink(
new FileSink(publicKeyFileName.c_str()));
188 publicKey.Save(publicKeySink);
189 publicKeySink.MessageEnd();
192 chmod(privateKeyFileName.c_str(), 0000400);
193 chmod(publicKeyFileName.c_str(), 0000444);
197 BOOST_THROW_EXCEPTION(
Error(
"Unsupported key type"));
202 BOOST_THROW_EXCEPTION(
Error(e.what()));
204 catch (CryptoPP::Exception& e)
206 BOOST_THROW_EXCEPTION(
Error(e.what()));
213 boost::filesystem::path publicKeyPath(m_impl->transformName(keyName.
toUri(),
".pub"));
214 boost::filesystem::path privateKeyPath(m_impl->transformName(keyName.
toUri(),
".pri"));
216 if (boost::filesystem::exists(publicKeyPath))
217 boost::filesystem::remove(publicKeyPath);
219 if (boost::filesystem::exists(privateKeyPath))
220 boost::filesystem::remove(privateKeyPath);
223 shared_ptr<PublicKey>
226 string keyURI = keyName.
toUri();
229 BOOST_THROW_EXCEPTION(
Error(
"Public Key does not exist"));
235 FileSource(m_impl->transformName(keyURI,
".pub").string().c_str(),
237 new Base64Decoder(
new FileSink(os)));
239 catch (CryptoPP::Exception& e)
241 BOOST_THROW_EXCEPTION(
Error(e.what()));
244 return make_shared<PublicKey>(
reinterpret_cast<const uint8_t*
>(os.str().c_str()),
258 CryptoPP::FileSource(m_impl->transformName(keyName.
toUri(),
".pri").
string().c_str(),
true,
259 new CryptoPP::Base64Decoder(
new CryptoPP::FileSink(privateKeyOs)));
261 return privateKeyOs.
buf();
271 string keyFileName = m_impl->maintainMapping(keyName.
toUri());
272 keyFileName.append(
".pri");
273 StringSource(buf, size,
275 new Base64Encoder(
new FileSink(keyFileName.c_str())));
278 catch (CryptoPP::Exception& e)
291 string keyFileName = m_impl->maintainMapping(keyName.
toUri());
292 keyFileName.append(
".pub");
293 StringSource(buf, size,
295 new Base64Encoder(
new FileSink(keyFileName.c_str())));
298 catch (CryptoPP::Exception& e)
308 string keyURI = keyName.
toUri();
311 BOOST_THROW_EXCEPTION(
Error(
"private key doesn't exist"));
316 AutoSeededRandomPool rng;
319 shared_ptr<PublicKey> pubkeyPtr;
322 switch (pubkeyPtr->getKeyType())
328 FileSource
file(m_impl->transformName(keyURI,
".pri").string().c_str(),
329 true,
new Base64Decoder);
330 file.TransferTo(bytes);
332 RSA::PrivateKey privateKey;
333 privateKey.Load(bytes);
336 switch (digestAlgorithm)
340 RSASS<PKCS1v15, SHA256>::Signer signer(privateKey);
343 StringSource(data, dataLength,
345 new SignerFilter(rng, signer,
new FileSink(os)));
350 BOOST_THROW_EXCEPTION(
Error(
"Unsupported digest algorithm"));
357 FileSource
file(m_impl->transformName(keyURI,
".pri").string().c_str(),
358 true,
new Base64Decoder);
359 file.TransferTo(bytes);
363 switch (digestAlgorithm)
367 ECDSA<ECP, SHA256>::PrivateKey privateKey;
368 privateKey.Load(bytes);
369 ECDSA<ECP, SHA256>::Signer signer(privateKey);
372 StringSource(data, dataLength,
374 new SignerFilter(rng, signer,
new FileSink(os)));
377 size_t bufSize = DSAConvertSignatureFormat(buf, 200, DSA_DER,
378 os.
buf()->buf(), os.
buf()->size(),
381 shared_ptr<Buffer> sigBuffer = make_shared<Buffer>(buf, bufSize);
386 BOOST_THROW_EXCEPTION(
Error(
"Unsupported digest algorithm"));
390 BOOST_THROW_EXCEPTION(
Error(
"Unsupported key type"));
393 catch (CryptoPP::Exception& e)
395 BOOST_THROW_EXCEPTION(
Error(e.what()));
402 const Name& keyName,
bool isSymmetric)
404 BOOST_THROW_EXCEPTION(
Error(
"SecTpmFile::decryptInTpm is not supported"));
464 const Name& keyName,
bool isSymmetric)
466 BOOST_THROW_EXCEPTION(
Error(
"SecTpmFile::encryptInTpm is not supported"));
527 BOOST_THROW_EXCEPTION(
Error(
"SecTpmFile::generateSymmetricKeyInTpm is not supported"));
562 string keyURI = keyName.
toUri();
565 if (boost::filesystem::exists(m_impl->transformName(keyURI,
".pub")))
572 if (boost::filesystem::exists(m_impl->transformName(keyURI,
".pri")))
579 if (boost::filesystem::exists(m_impl->transformName(keyURI,
".key")))
592 CryptoPP::AutoSeededRandomPool rng;
593 rng.GenerateBlock(res, size);
596 catch (CryptoPP::Exception& e)
boost::filesystem::path m_keystorePath
Copyright (c) 2011-2015 Regents of the University of California.
Copyright (c) 2013-2014 Regents of the University of California.
KeyType getKeyType() const
virtual bool doesKeyExistInTpm(const Name &keyName, KeyClass keyClass)
Check if a particular key exists.
uint32_t getKeySize() const
Class representing a wire element of NDN-TLV packet format.
SecTpmFile(const std::string &dir="")
static const std::string SCHEME
virtual void generateKeyPairInTpm(const Name &keyName, const KeyParams ¶ms)
Generate a pair of asymmetric keys.
shared_ptr< Buffer > buf()
Flush written data to the stream and return shared pointer to the underlying buffer.
std::string toUri() const
Encode this name as a URI.
virtual void deleteKeyPairInTpm(const Name &keyName)
Delete a key pair of asymmetric keys.
virtual shared_ptr< PublicKey > getPublicKeyFromTpm(const Name &keyName)
Get a public key.
virtual ConstBufferPtr decryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
Decrypt data.
boost::filesystem::path transformName(const string &keyName, const string &extension)
SecTpm is the base class of the TPM classes.
virtual bool generateRandomBlock(uint8_t *res, size_t size)
Generate a random block.
Name abstraction to represent an absolute name.
virtual ConstBufferPtr exportPrivateKeyPkcs8FromTpm(const Name &keyName)
Export a private key in PKCS#8 format.
string maintainMapping(const string &keyName)
virtual Block signInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)
Sign data.
virtual bool importPublicKeyPkcs1IntoTpm(const Name &keyName, const uint8_t *buf, size_t size)
Import a public key in PKCS#1 formatted.
virtual ConstBufferPtr encryptInTpm(const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)
Encrypt data.
virtual void generateSymmetricKeyInTpm(const Name &keyName, const KeyParams ¶ms)
Generate a symmetric key.
Base class of key parameters.
void trim(std::string &str)
Modify str in place to erase whitespace on the left and right.
Class implementing interface similar to ostringstream, but to construct ndn::Buffer.
virtual bool importPrivateKeyPkcs8IntoTpm(const Name &keyName, const uint8_t *buf, size_t size)
Import a private key from PKCS#8 formatted.
shared_ptr< const Buffer > ConstBufferPtr
SimplePublicKeyParams is a template for public keys with only one parameter: size.
virtual std::string getScheme()