|
NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
|
API Documentation |
|
|
NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
|
API Documentation |
The packet signing interface. More...
#include <key-chain.hpp>
Classes | |
| class | Error |
| class | MismatchError |
| Error thrown when the supplied TPM locator to KeyChain constructor does not match the locator stored in PIB. More... | |
Public Types | |
| typedef function< unique_ptr< SecPublicInfo >const std::string &)> | PibCreateFunc |
| typedef function< unique_ptr< SecTpm >const std::string &)> | TpmCreateFunc |
| typedef std::map< std::string, Block > | SignParams |
Public Member Functions | |
| KeyChain () | |
| Constructor to create KeyChain with default PIB and TPM. More... | |
| KeyChain (const std::string &pibLocator, const std::string &tpmLocator, bool allowReset=false) | |
| KeyChain constructor. More... | |
| virtual | ~KeyChain () |
| Name | createIdentity (const Name &identityName, const KeyParams ¶ms=DEFAULT_KEY_PARAMS) |
| Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK. More... | |
| Name | generateRsaKeyPair (const Name &identityName, bool isKsk=false, uint32_t keySize=2048) |
| Generate a pair of RSA keys for the specified identity. More... | |
| Name | generateEcdsaKeyPair (const Name &identityName, bool isKsk=false, uint32_t keySize=256) |
| Generate a pair of ECDSA keys for the specified identity. More... | |
| Name | generateRsaKeyPairAsDefault (const Name &identityName, bool isKsk=false, uint32_t keySize=2048) |
| Generate a pair of RSA keys for the specified identity and set it as default key for the identity. More... | |
| Name | generateEcdsaKeyPairAsDefault (const Name &identityName, bool isKsk=false, uint32_t keySize=256) |
| Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity. More... | |
| shared_ptr< v1::IdentityCertificate > | prepareUnsignedIdentityCertificate (const Name &keyName, const Name &signingIdentity, const time::system_clock::TimePoint ¬Before, const time::system_clock::TimePoint ¬After, const std::vector< security::v1::CertificateSubjectDescription > &subjectDescription, const Name &certPrefix=DEFAULT_PREFIX) |
| prepare an unsigned identity certificate More... | |
| shared_ptr< v1::IdentityCertificate > | prepareUnsignedIdentityCertificate (const Name &keyName, const v1::PublicKey &publicKey, const Name &signingIdentity, const time::system_clock::TimePoint ¬Before, const time::system_clock::TimePoint ¬After, const std::vector< security::v1::CertificateSubjectDescription > &subjectDescription, const Name &certPrefix=DEFAULT_PREFIX) |
| prepare an unsigned identity certificate More... | |
| void | sign (Data &data, const SigningInfo ¶ms=DEFAULT_SIGNING_INFO) |
| Sign data according to the supplied signing information. More... | |
| void | sign (Interest &interest, const SigningInfo ¶ms=DEFAULT_SIGNING_INFO) |
| Sign interest according to the supplied signing information. More... | |
| Block | sign (const uint8_t *buffer, size_t bufferLength, const SigningInfo ¶ms) |
| Sign buffer according to the supplied signing information. More... | |
| template<typename T > | |
| void | sign (T &packet, const Name &certificateName) |
| Sign packet with a particular certificate. More... | |
| Signature | sign (const uint8_t *buffer, size_t bufferLength, const Name &certificateName) |
| Sign the byte array using a particular certificate. More... | |
| template<typename T > | |
| void | signByIdentity (T &packet, const Name &identityName) |
| Sign packet using the default certificate of a particular identity. More... | |
| Signature | signByIdentity (const uint8_t *buffer, size_t bufferLength, const Name &identityName) |
| Sign the byte array using the default certificate of a particular identity. More... | |
| void | signWithSha256 (Data &data) |
Set Sha256 weak signature for data. More... | |
| void | signWithSha256 (Interest &interest) |
Set Sha256 weak signature for interest. More... | |
| shared_ptr< v1::IdentityCertificate > | selfSign (const Name &keyName) |
| Generate a self-signed certificate for a public key. More... | |
| void | selfSign (v1::IdentityCertificate &cert) |
| Self-sign the supplied identity certificate. More... | |
| void | deleteCertificate (const Name &certificateName) |
| delete a certificate. More... | |
| void | deleteKey (const Name &keyName) |
| delete a key. More... | |
| void | deleteIdentity (const Name &identity) |
| delete an identity. More... | |
| shared_ptr< SecuredBag > | exportIdentity (const Name &identity, const std::string &passwordStr) |
| export an identity. More... | |
| void | importIdentity (const SecuredBag &securedBag, const std::string &passwordStr) |
| import an identity. More... | |
| SecPublicInfo & | getPib () |
| const SecPublicInfo & | getPib () const |
| SecTpm & | getTpm () |
| const SecTpm & | getTpm () const |
| bool | doesIdentityExist (const Name &identityName) const |
| void | addIdentity (const Name &identityName) |
| bool | doesPublicKeyExist (const Name &keyName) const |
| void | addPublicKey (const Name &keyName, KeyType keyType, const v1::PublicKey &publicKeyDer) |
| void | addKey (const Name &keyName, const v1::PublicKey &publicKeyDer) |
| shared_ptr< v1::PublicKey > | getPublicKey (const Name &keyName) const |
| bool | doesCertificateExist (const Name &certificateName) const |
| void | addCertificate (const v1::IdentityCertificate &certificate) |
| shared_ptr< v1::IdentityCertificate > | getCertificate (const Name &certificateName) const |
| Name | getDefaultIdentity () const |
| Name | getDefaultKeyNameForIdentity (const Name &identityName) const |
| const KeyParams & | getDefaultKeyParamsForIdentity (const Name &identityName) const |
| Get default key parameters for the specified identity. More... | |
| Name | getDefaultCertificateNameForKey (const Name &keyName) const |
| void | getAllIdentities (std::vector< Name > &nameList, bool isDefault) const |
| void | getAllKeyNames (std::vector< Name > &nameList, bool isDefault) const |
| void | getAllKeyNamesOfIdentity (const Name &identity, std::vector< Name > &nameList, bool isDefault) const |
| void | getAllCertificateNames (std::vector< Name > &nameList, bool isDefault) const |
| void | getAllCertificateNamesOfKey (const Name &keyName, std::vector< Name > &nameList, bool isDefault) const |
| void | deleteCertificateInfo (const Name &certificateName) |
| void | deletePublicKeyInfo (const Name &keyName) |
| void | deleteIdentityInfo (const Name &identity) |
| void | setDefaultIdentity (const Name &identityName) |
| void | setDefaultKeyNameForIdentity (const Name &keyName) |
| void | setDefaultCertificateNameForKey (const Name &certificateName) |
| Name | getNewKeyName (const Name &identityName, bool useKsk) |
| Name | getDefaultCertificateNameForIdentity (const Name &identityName) const |
| Name | getDefaultCertificateName () const |
| void | addCertificateAsKeyDefault (const v1::IdentityCertificate &certificate) |
| void | addCertificateAsIdentityDefault (const v1::IdentityCertificate &certificate) |
| void | addCertificateAsSystemDefault (const v1::IdentityCertificate &certificate) |
| shared_ptr< v1::IdentityCertificate > | getDefaultCertificate () const |
| void | refreshDefaultCertificate () |
| void | setTpmPassword (const uint8_t *password, size_t passwordLength) |
| void | resetTpmPassword () |
| void | setInTerminal (bool inTerminal) |
| bool | getInTerminal () const |
| bool | isLocked () const |
| bool | unlockTpm (const char *password, size_t passwordLength, bool usePassword) |
| void | generateKeyPairInTpm (const Name &keyName, const KeyParams ¶ms) |
| void | deleteKeyPairInTpm (const Name &keyName) |
| shared_ptr< v1::PublicKey > | getPublicKeyFromTpm (const Name &keyName) const |
| Block | signInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm) |
| ConstBufferPtr | decryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric) |
| ConstBufferPtr | encryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric) |
| void | generateSymmetricKeyInTpm (const Name &keyName, const KeyParams ¶ms) |
| bool | doesKeyExistInTpm (const Name &keyName, KeyClass keyClass) const |
| bool | generateRandomBlock (uint8_t *res, size_t size) const |
| void | addAppToAcl (const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl) |
| ConstBufferPtr | exportPrivateKeyPkcs5FromTpm (const Name &keyName, const std::string &password) |
| bool | importPrivateKeyPkcs5IntoTpm (const Name &keyName, const uint8_t *buf, size_t size, const std::string &password) |
Static Public Member Functions | |
| template<class PibType > | |
| static void | registerPib (std::initializer_list< std::string > aliases) |
| Register a new PIB. More... | |
| template<class TpmType > | |
| static void | registerTpm (std::initializer_list< std::string > aliases) |
| Register a new TPM. More... | |
| static std::string | getDefaultPibLocator () |
| Get default PIB locator. More... | |
| static unique_ptr< SecPublicInfo > | createPib (const std::string &pibLocator) |
Create a PIB according to pibLocator. More... | |
| static std::string | getDefaultTpmLocator () |
| Get default TPM locator. More... | |
| static unique_ptr< SecTpm > | createTpm (const std::string &tpmLocator) |
Create a TPM according to tpmLocator. More... | |
| static tlv::SignatureTypeValue | getSignatureType (KeyType keyType, DigestAlgorithm digestAlgorithm) |
Static Public Attributes | |
| static const Name | DEFAULT_PREFIX |
| static const SigningInfo | DEFAULT_SIGNING_INFO |
| static const Name | DIGEST_SHA256_IDENTITY |
| A localhost identity which indicates that signature is generated using SHA-256. More... | |
| static const RsaKeyParams | DEFAULT_KEY_PARAMS |
The packet signing interface.
Definition at line 47 of file key-chain.hpp.
| typedef function<unique_ptr<SecPublicInfo>const std::string&)> ndn::security::KeyChain::PibCreateFunc |
Definition at line 74 of file key-chain.hpp.
| typedef function<unique_ptr<SecTpm>const std::string&)> ndn::security::KeyChain::TpmCreateFunc |
Definition at line 75 of file key-chain.hpp.
| typedef std::map<std::string, Block> ndn::security::KeyChain::SignParams |
Definition at line 883 of file key-chain.hpp.
| ndn::security::KeyChain::KeyChain | ( | ) |
Constructor to create KeyChain with default PIB and TPM.
Default PIB and TPM are platform-dependent and can be overriden system-wide or on per-use basis.
Definition at line 121 of file key-chain.cpp.
References ndn::ConfigFile::getParsedConfiguration().
| ndn::security::KeyChain::KeyChain | ( | const std::string & | pibLocator, |
| const std::string & | tpmLocator, | ||
| bool | allowReset = false |
||
| ) |
KeyChain constructor.
| pibLocator | PIB locator |
| tpmLocator | TPM locator |
| allowReset | if true, the PIB will be reset when the supplied tpmLocator mismatches the one in PIB |
Definition at line 153 of file key-chain.cpp.
|
virtual |
Definition at line 163 of file key-chain.cpp.
|
inlinestatic |
Register a new PIB.
| aliases | List of schemes with which this PIB will be associated. The first alias in the list is considered a canonical name of the PIB instance. |
Definition at line 919 of file key-chain.hpp.
|
inlinestatic |
Register a new TPM.
| aliases | List of schemes with which this TPM will be associated The first alias in the list is considered a canonical name of the TPM instance. |
Definition at line 928 of file key-chain.hpp.
|
static |
Get default PIB locator.
Definition at line 181 of file key-chain.cpp.
|
static |
Create a PIB according to pibLocator.
Definition at line 207 of file key-chain.cpp.
References ndn::security::getCanonicalPibLocator(), and ndn::security::getPibFactories().
Referenced by createTpm().
|
static |
Get default TPM locator.
Definition at line 219 of file key-chain.cpp.
|
static |
Create a TPM according to tpmLocator.
Definition at line 244 of file key-chain.cpp.
References createPib(), ndn::security::getCanonicalPibLocator(), ndn::security::getCanonicalTpmLocator(), and ndn::security::getTpmFactories().
| Name ndn::security::KeyChain::createIdentity | ( | const Name & | identityName, |
| const KeyParams & | params = DEFAULT_KEY_PARAMS |
||
| ) |
Create an identity by creating a pair of Key-Signing-Key (KSK) for this identity and a self-signed certificate of the KSK.
| identityName | The name of the identity. |
| params | The key parameter if a key needs to be generated for the identity. |
Definition at line 293 of file key-chain.cpp.
References ndn::KeyParams::getKeyType(), and selfSign().
Referenced by getDefaultKeyParamsForIdentity(), and prepareUnsignedIdentityCertificate().
| Name ndn::security::KeyChain::generateRsaKeyPair | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 2048 |
||
| ) |
Generate a pair of RSA keys for the specified identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 327 of file key-chain.cpp.
| Name ndn::security::KeyChain::generateEcdsaKeyPair | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 256 |
||
| ) |
Generate a pair of ECDSA keys for the specified identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 334 of file key-chain.cpp.
| Name ndn::security::KeyChain::generateRsaKeyPairAsDefault | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 2048 |
||
| ) |
Generate a pair of RSA keys for the specified identity and set it as default key for the identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 341 of file key-chain.cpp.
| Name ndn::security::KeyChain::generateEcdsaKeyPairAsDefault | ( | const Name & | identityName, |
| bool | isKsk = false, |
||
| uint32_t | keySize = 256 |
||
| ) |
Generate a pair of ECDSA keys for the specified identity and set it as default key for the identity.
| identityName | The name of the identity. |
| isKsk | true for generating a Key-Signing-Key (KSK), false for a Data-Signing-Key (KSK). |
| keySize | The size of the key. |
Definition at line 353 of file key-chain.cpp.
| shared_ptr< v1::IdentityCertificate > ndn::security::KeyChain::prepareUnsignedIdentityCertificate | ( | const Name & | keyName, |
| const Name & | signingIdentity, | ||
| const time::system_clock::TimePoint & | notBefore, | ||
| const time::system_clock::TimePoint & | notAfter, | ||
| const std::vector< security::v1::CertificateSubjectDescription > & | subjectDescription, | ||
| const Name & | certPrefix = DEFAULT_PREFIX |
||
| ) |
prepare an unsigned identity certificate
| keyName | Key name, e.g., /<identity_name>/ksk-123456. |
| signingIdentity | The signing identity. |
| notBefore | Refer to v1::IdentityCertificate. |
| notAfter | Refer to v1::IdentityCertificate. |
| subjectDescription | Refer to v1::IdentityCertificate. |
| certPrefix | Prefix before KEY component. By default, KeyChain will infer the certificate name according to the relation between the signingIdentity and the subject identity. If signingIdentity is a prefix of the subject identity, KEY will be inserted after the signingIdentity, otherwise KEY is inserted after subject identity (i.e., before ksk-....). |
Definition at line 366 of file key-chain.cpp.
| shared_ptr< v1::IdentityCertificate > ndn::security::KeyChain::prepareUnsignedIdentityCertificate | ( | const Name & | keyName, |
| const v1::PublicKey & | publicKey, | ||
| const Name & | signingIdentity, | ||
| const time::system_clock::TimePoint & | notBefore, | ||
| const time::system_clock::TimePoint & | notAfter, | ||
| const std::vector< security::v1::CertificateSubjectDescription > & | subjectDescription, | ||
| const Name & | certPrefix = DEFAULT_PREFIX |
||
| ) |
prepare an unsigned identity certificate
| keyName | Key name, e.g., /<identity_name>/ksk-123456. |
| publicKey | Public key to sign. |
| signingIdentity | The signing identity. |
| notBefore | Refer to v1::IdentityCertificate. |
| notAfter | Refer to v1::IdentityCertificate. |
| subjectDescription | Refer to v1::IdentityCertificate. |
| certPrefix | Prefix before KEY component. By default, KeyChain will infer the certificate name according to the relation between the signingIdentity and the subject identity. If signingIdentity is a prefix of the subject identity, KEY will be inserted after the signingIdentity, otherwise KEY is inserted after subject identity (i.e., before ksk-....). |
Definition at line 387 of file key-chain.cpp.
References ndn::Name::append(), ndn::Name::appendVersion(), ndn::oid::ATTRIBUTE_NAME, createIdentity(), DEFAULT_PREFIX, DIGEST_SHA256_IDENTITY, ndn::tlv::DigestSha256, ndn::Name::get(), getDefaultKeyParamsForIdentity(), ndn::security::SigningInfo::getDigestAlgorithm(), ndn::Name::getPrefix(), ndn::security::SigningInfo::getSignatureInfo(), getSignatureType(), ndn::security::SigningInfo::getSignerName(), ndn::security::SigningInfo::getSignerType(), ndn::Name::getSubName(), ndn::Name::isPrefixOf(), ndn::tlv::KeyLocator, ndn::SignatureInfo::setKeyLocator(), ndn::SignatureInfo::setSignatureType(), ndn::security::SigningInfo::SIGNER_TYPE_CERT, ndn::security::SigningInfo::SIGNER_TYPE_ID, ndn::security::SigningInfo::SIGNER_TYPE_KEY, ndn::security::SigningInfo::SIGNER_TYPE_NULL, ndn::security::SigningInfo::SIGNER_TYPE_SHA256, ndn::Name::size(), ndn::name::Component::toUri(), and ndn::Name::toUri().
| void ndn::security::KeyChain::sign | ( | Data & | data, |
| const SigningInfo & | params = DEFAULT_SIGNING_INFO |
||
| ) |
Sign data according to the supplied signing information.
This method uses the supplied signing information params to create the SignatureInfo block:
After that, the method assigns the created SignatureInfo to the data packets, generate a signature and sets as part of the SignatureValue block.
| data | The data to sign |
| params | The signing parameters. |
| Error | if signing fails. |
Definition at line 517 of file key-chain.cpp.
Referenced by ndn::nfd::Controller::Controller(), ndn::util::DummyClientFace::DummyClientFace(), ndn::util::NotificationStream< Notification >::postNotification(), ndn::mgmt::Dispatcher::removeTopPrefix(), signByIdentity(), and signWithSha256().
| void ndn::security::KeyChain::sign | ( | Interest & | interest, |
| const SigningInfo & | params = DEFAULT_SIGNING_INFO |
||
| ) |
Sign interest according to the supplied signing information.
This method uses the supplied signing information params to create the SignatureInfo block:
After that, the method appends the created SignatureInfo to the interest name, generate a signature and appends it as part of the SignatureValue block to the interest name.
| interest | The interest to sign |
| params | The signing parameters. |
| Error | if signing fails. |
Definition at line 523 of file key-chain.cpp.
| Block ndn::security::KeyChain::sign | ( | const uint8_t * | buffer, |
| size_t | bufferLength, | ||
| const SigningInfo & | params | ||
| ) |
Sign buffer according to the supplied signing information.
| buffer | The buffer to sign |
| bufferLength | The buffer size |
| params | The signing parameters. |
| Error | if signing fails. |
Definition at line 529 of file key-chain.cpp.
References ndn::SHA256.
| void ndn::security::KeyChain::sign | ( | T & | packet, |
| const Name & | certificateName | ||
| ) |
Sign packet with a particular certificate.
| packet | The packet to be signed. |
| certificateName | The certificate name of the key to use for signing. |
| SecPublicInfo::Error | if certificate does not exist. |
Definition at line 905 of file key-chain.hpp.
References ndn::security::SigningInfo::SIGNER_TYPE_CERT.
| Signature ndn::security::KeyChain::sign | ( | const uint8_t * | buffer, |
| size_t | bufferLength, | ||
| const Name & | certificateName | ||
| ) |
Sign the byte array using a particular certificate.
| buffer | The byte array to be signed. |
| bufferLength | the length of buffer. |
| certificateName | The certificate name of the signing key. |
| SecPublicInfo::Error | if certificate does not exist. |
Definition at line 538 of file key-chain.cpp.
References ndn::Signature::setValue(), and ndn::SHA256.
| void ndn::security::KeyChain::signByIdentity | ( | T & | packet, |
| const Name & | identityName | ||
| ) |
Sign packet using the default certificate of a particular identity.
If there is no default certificate of that identity, this method will create a self-signed certificate.
| packet | The packet to be signed. |
| identityName | The signing identity name. |
Definition at line 912 of file key-chain.hpp.
References ndn::security::SigningInfo::SIGNER_TYPE_ID.
| Signature ndn::security::KeyChain::signByIdentity | ( | const uint8_t * | buffer, |
| size_t | bufferLength, | ||
| const Name & | identityName | ||
| ) |
Sign the byte array using the default certificate of a particular identity.
| buffer | The byte array to be signed. |
| bufferLength | the length of buffer. |
| identityName | The identity name. |
Definition at line 768 of file key-chain.cpp.
References ndn::Signature::setValue(), sign(), and ndn::security::signingByIdentity().
| void ndn::security::KeyChain::signWithSha256 | ( | Data & | data | ) |
Set Sha256 weak signature for data.
Definition at line 776 of file key-chain.cpp.
References sign(), and ndn::security::signingWithSha256().
| void ndn::security::KeyChain::signWithSha256 | ( | Interest & | interest | ) |
Set Sha256 weak signature for interest.
Definition at line 782 of file key-chain.cpp.
References ndn::Name::append(), ndn::crypto::computeSha256Digest(), ndn::Block::encode(), ndn::name::Component::fromNumber(), ndn::random::generateWord64(), ndn::Signature::getInfo(), ndn::Interest::getName(), ndn::time::system_clock::now(), ndn::Interest::setName(), ndn::tlv::SignatureValue, ndn::time::toUnixTimestamp(), and ndn::Name::wireEncode().
| shared_ptr< v1::IdentityCertificate > ndn::security::KeyChain::selfSign | ( | const Name & | keyName | ) |
Generate a self-signed certificate for a public key.
| keyName | The name of the public key |
Definition at line 557 of file key-chain.cpp.
References ndn::Name::append(), ndn::Name::appendVersion(), ndn::oid::ATTRIBUTE_NAME, ndn::Name::get(), ndn::Name::getPrefix(), ndn::time::system_clock::now(), ndn::tlv::SignatureInfo, and ndn::Name::toUri().
Referenced by createIdentity(), and exportIdentity().
| void ndn::security::KeyChain::selfSign | ( | v1::IdentityCertificate & | cert | ) |
Self-sign the supplied identity certificate.
| cert | The supplied cert. |
| SecTpm::Error | if the private key does not exist. |
Definition at line 587 of file key-chain.cpp.
References ndn::Signature::getInfo(), ndn::security::v1::PublicKey::getKeyType(), ndn::Data::getName(), ndn::Name::getPrefix(), ndn::security::v1::Certificate::getPublicKeyInfo(), ndn::security::v1::IdentityCertificate::getPublicKeyName(), ndn::Data::getSignature(), getSignatureType(), ndn::tlv::KeyLocator, ndn::PRIVATE, ndn::SignatureInfo::setKeyLocator(), and ndn::SHA256.
| void ndn::security::KeyChain::deleteCertificate | ( | const Name & | certificateName | ) |
delete a certificate.
| certificateName | The certificate to be deleted. |
| KeyChain::Error | if certificate cannot be deleted. |
Definition at line 806 of file key-chain.cpp.
| void ndn::security::KeyChain::deleteKey | ( | const Name & | keyName | ) |
delete a key.
| keyName | The key to be deleted. |
| KeyChain::Error | if key cannot be deleted. |
Definition at line 812 of file key-chain.cpp.
| void ndn::security::KeyChain::deleteIdentity | ( | const Name & | identity | ) |
delete an identity.
| identity | The identity to be deleted. |
| KeyChain::Error | if identity cannot be deleted. |
Definition at line 819 of file key-chain.cpp.
| shared_ptr< SecuredBag > ndn::security::KeyChain::exportIdentity | ( | const Name & | identity, |
| const std::string & | passwordStr | ||
| ) |
export an identity.
| identity | The identity to export. |
| passwordStr | The password to secure the private key. |
| SecPublicInfo::Error | if anything goes wrong in exporting. |
Definition at line 603 of file key-chain.cpp.
References selfSign().
| void ndn::security::KeyChain::importIdentity | ( | const SecuredBag & | securedBag, |
| const std::string & | passwordStr | ||
| ) |
import an identity.
| securedBag | The encoded import data. |
| passwordStr | The password to secure the private key. |
Definition at line 632 of file key-chain.cpp.
References ndn::security::v1::IdentityCertificate::certificateNameToPublicKeyName(), ndn::security::SecuredBag::getCertificate(), ndn::security::SecuredBag::getKey(), ndn::Data::getName(), ndn::Name::getPrefix(), and ndn::Name::toUri().
|
inline |
Definition at line 437 of file key-chain.hpp.
|
inline |
Definition at line 443 of file key-chain.hpp.
|
inline |
Definition at line 449 of file key-chain.hpp.
|
inline |
Definition at line 455 of file key-chain.hpp.
|
inline |
Definition at line 464 of file key-chain.hpp.
|
inline |
Definition at line 470 of file key-chain.hpp.
|
inline |
Definition at line 476 of file key-chain.hpp.
|
inline |
Definition at line 482 of file key-chain.hpp.
|
inline |
Definition at line 488 of file key-chain.hpp.
|
inline |
Definition at line 494 of file key-chain.hpp.
|
inline |
Definition at line 500 of file key-chain.hpp.
|
inline |
Definition at line 506 of file key-chain.hpp.
|
inline |
Definition at line 512 of file key-chain.hpp.
|
inline |
Definition at line 518 of file key-chain.hpp.
Referenced by nfd::rib::AutoPrefixPropagator::disable().
|
inline |
Definition at line 524 of file key-chain.hpp.
References getDefaultKeyParamsForIdentity().
| const KeyParams & ndn::security::KeyChain::getDefaultKeyParamsForIdentity | ( | const Name & | identityName | ) | const |
Get default key parameters for the specified identity.
If identity has a previously generated key, the returned parameters will include the same type of the key. If there are no existing keys, DEFAULT_KEY_PARAMS is used.
Definition at line 657 of file key-chain.cpp.
References ndn::Name::append(), ndn::crypto::computeSha256Digest(), createIdentity(), DEFAULT_KEY_PARAMS, DIGEST_SHA256_IDENTITY, ndn::EC, ndn::Block::encode(), ndn::name::Component::fromNumber(), ndn::random::generateWord32(), ndn::random::generateWord64(), ndn::Signature::getInfo(), ndn::Interest::getName(), ndn::NONE, ndn::time::system_clock::now(), ndn::RSA, ndn::Interest::setName(), ndn::Data::setSignature(), ndn::tlv::SignatureValue, ndn::time::toUnixTimestamp(), ndn::Name::toUri(), ndn::Data::wireEncode(), and ndn::Name::wireEncode().
Referenced by getDefaultKeyNameForIdentity(), and prepareUnsignedIdentityCertificate().
Definition at line 540 of file key-chain.hpp.
|
inline |
Definition at line 546 of file key-chain.hpp.
Referenced by nfd::rib::AutoPrefixPropagator::disable().
|
inline |
Definition at line 552 of file key-chain.hpp.
|
inline |
Definition at line 558 of file key-chain.hpp.
|
inline |
Definition at line 564 of file key-chain.hpp.
|
inline |
Definition at line 570 of file key-chain.hpp.
|
inline |
Definition at line 578 of file key-chain.hpp.
|
inline |
Definition at line 584 of file key-chain.hpp.
|
inline |
Definition at line 590 of file key-chain.hpp.
|
inline |
Definition at line 596 of file key-chain.hpp.
|
inline |
Definition at line 602 of file key-chain.hpp.
|
inline |
Definition at line 608 of file key-chain.hpp.
Definition at line 614 of file key-chain.hpp.
|
inline |
Definition at line 620 of file key-chain.hpp.
|
inline |
Definition at line 626 of file key-chain.hpp.
|
inline |
Definition at line 632 of file key-chain.hpp.
|
inline |
Definition at line 638 of file key-chain.hpp.
|
inline |
Definition at line 644 of file key-chain.hpp.
|
inline |
Definition at line 650 of file key-chain.hpp.
References getDefaultCertificate().
Referenced by getDefaultCertificate().
|
inline |
Definition at line 659 of file key-chain.hpp.
|
inline |
Definition at line 669 of file key-chain.hpp.
|
inline |
Definition at line 675 of file key-chain.hpp.
|
inline |
Definition at line 681 of file key-chain.hpp.
|
inline |
Definition at line 687 of file key-chain.hpp.
|
inline |
Definition at line 693 of file key-chain.hpp.
|
inline |
Definition at line 699 of file key-chain.hpp.
|
inline |
Definition at line 705 of file key-chain.hpp.
|
inline |
Definition at line 711 of file key-chain.hpp.
|
inline |
Definition at line 717 of file key-chain.hpp.
|
inline |
Definition at line 723 of file key-chain.hpp.
|
inline |
Definition at line 731 of file key-chain.hpp.
|
inline |
Definition at line 737 of file key-chain.hpp.
|
inline |
Definition at line 743 of file key-chain.hpp.
|
inline |
Definition at line 749 of file key-chain.hpp.
|
inline |
Definition at line 755 of file key-chain.hpp.
|
inline |
Definition at line 761 of file key-chain.hpp.
|
inline |
Definition at line 767 of file key-chain.hpp.
|
inline |
Definition at line 773 of file key-chain.hpp.
References DEFAULT_KEY_PARAMS, and getSignatureType().
|
static |
Definition at line 832 of file key-chain.cpp.
References ndn::EC, ndn::RSA, ndn::tlv::SignatureSha256WithEcdsa, and ndn::tlv::SignatureSha256WithRsa.
Referenced by importPrivateKeyPkcs5IntoTpm(), prepareUnsignedIdentityCertificate(), and selfSign().
|
static |
Definition at line 871 of file key-chain.hpp.
Referenced by prepareUnsignedIdentityCertificate().
|
static |
Definition at line 872 of file key-chain.hpp.
|
static |
A localhost identity which indicates that signature is generated using SHA-256.
Definition at line 878 of file key-chain.hpp.
Referenced by getDefaultKeyParamsForIdentity(), ndn::security::operator<<(), prepareUnsignedIdentityCertificate(), and ndn::security::SigningInfo::SigningInfo().
|
static |
Definition at line 881 of file key-chain.hpp.
Referenced by getDefaultKeyParamsForIdentity(), and importPrivateKeyPkcs5IntoTpm().
1.8.13