NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::SecTpm Class Referenceabstract

SecTpm is the base class of the TPM classes. More...

#include <sec-tpm.hpp>

Inheritance diagram for ndn::security::SecTpm:
Collaboration diagram for ndn::security::SecTpm:

Classes

class  Error
 

Public Member Functions

 SecTpm (const std::string &location)
 
virtual ~SecTpm ()
 
std::string getTpmLocator ()
 
virtual void setTpmPassword (const uint8_t *password, size_t passwordLength)=0
 set password of TPM More...
 
virtual void resetTpmPassword ()=0
 reset password of TPM More...
 
virtual void setInTerminal (bool inTerminal)=0
 Set inTerminal flag to inTerminal. More...
 
virtual bool getInTerminal () const =0
 Get value of inTerminal flag. More...
 
virtual bool isLocked ()=0
 Check if TPM is locked. More...
 
virtual bool unlockTpm (const char *password, size_t passwordLength, bool usePassword)=0
 Unlock the TPM. More...
 
virtual void generateKeyPairInTpm (const Name &keyName, const KeyParams &params)=0
 Generate a pair of asymmetric keys. More...
 
virtual void deleteKeyPairInTpm (const Name &keyName)=0
 Delete a key pair of asymmetric keys. More...
 
virtual shared_ptr< v1::PublicKeygetPublicKeyFromTpm (const Name &keyName)=0
 Get a public key. More...
 
virtual Block signInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, DigestAlgorithm digestAlgorithm)=0
 Sign data. More...
 
virtual ConstBufferPtr decryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)=0
 Decrypt data. More...
 
virtual ConstBufferPtr encryptInTpm (const uint8_t *data, size_t dataLength, const Name &keyName, bool isSymmetric)=0
 Encrypt data. More...
 
virtual void generateSymmetricKeyInTpm (const Name &keyName, const KeyParams &params)=0
 Generate a symmetric key. More...
 
virtual bool doesKeyExistInTpm (const Name &keyName, KeyClass keyClass)=0
 Check if a particular key exists. More...
 
virtual bool generateRandomBlock (uint8_t *res, size_t size)=0
 Generate a random block. More...
 
virtual void addAppToAcl (const Name &keyName, KeyClass keyClass, const std::string &appPath, AclType acl)=0
 Add the application into the ACL of a particular key. More...
 
ConstBufferPtr exportPrivateKeyPkcs5FromTpm (const Name &keyName, const std::string &password)
 Export a private key in PKCS#5 format. More...
 
bool importPrivateKeyPkcs5IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize, const std::string &password)
 Import a private key in PKCS#5 formatted buffer of size bufferSize. More...
 

Protected Member Functions

virtual std::string getScheme ()=0
 
virtual ConstBufferPtr exportPrivateKeyPkcs8FromTpm (const Name &keyName)=0
 Export a private key in PKCS#8 format. More...
 
virtual bool importPrivateKeyPkcs8IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize)=0
 Import a private key from PKCS#8 formatted buffer of size bufferSize. More...
 
virtual bool importPublicKeyPkcs1IntoTpm (const Name &keyName, const uint8_t *buffer, size_t bufferSize)=0
 Import a public key in PKCS#1 formatted buffer of size bufferSize. More...
 
virtual bool getImpExpPassWord (std::string &password, const std::string &prompt)
 Get import/export password. More...
 

Protected Attributes

std::string m_location
 

Detailed Description

SecTpm is the base class of the TPM classes.

It specifies the interfaces of private/secret key related operations.

Definition at line 42 of file sec-tpm.hpp.

Constructor & Destructor Documentation

◆ SecTpm()

ndn::security::SecTpm::SecTpm ( const std::string &  location)
explicit

Definition at line 34 of file sec-tpm.cpp.

Referenced by ndn::security::SecTpm::Error::Error().

◆ ~SecTpm()

ndn::security::SecTpm::~SecTpm ( )
virtual

Definition at line 39 of file sec-tpm.cpp.

Referenced by ndn::security::SecTpm::Error::Error().

Member Function Documentation

◆ getTpmLocator()

std::string ndn::security::SecTpm::getTpmLocator ( )

Definition at line 44 of file sec-tpm.cpp.

References getScheme(), and m_location.

Referenced by ndn::security::SecTpm::Error::Error().

◆ setTpmPassword()

virtual void ndn::security::SecTpm::setTpmPassword ( const uint8_t *  password,
size_t  passwordLength 
)
pure virtual

set password of TPM

Password is used to unlock TPM when it is locked. You should be cautious when using this method, because remembering password is kind of dangerous.

Parameters
passwordThe password
passwordLengthThe length of password

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmOsx, and ndn::security::SecTpmFile.

Referenced by ndn::security::SecTpm::Error::Error().

◆ resetTpmPassword()

virtual void ndn::security::SecTpm::resetTpmPassword ( )
pure virtual

◆ setInTerminal()

virtual void ndn::security::SecTpm::setInTerminal ( bool  inTerminal)
pure virtual

Set inTerminal flag to inTerminal.

If the inTerminal flag is set, and password is not set, TPM may ask for password via terminal. inTerminal flag is set by default.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ getInTerminal()

virtual bool ndn::security::SecTpm::getInTerminal ( ) const
pure virtual

◆ isLocked()

virtual bool ndn::security::SecTpm::isLocked ( )
pure virtual

◆ unlockTpm()

virtual bool ndn::security::SecTpm::unlockTpm ( const char *  password,
size_t  passwordLength,
bool  usePassword 
)
pure virtual

Unlock the TPM.

Parameters
passwordThe password.
passwordLengthThe password size. 0 indicates no password.
usePasswordTrue if we want to use the supplied password to unlock the TPM.
Returns
true if TPM is unlocked, otherwise false.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ generateKeyPairInTpm()

virtual void ndn::security::SecTpm::generateKeyPairInTpm ( const Name keyName,
const KeyParams params 
)
pure virtual

Generate a pair of asymmetric keys.

Parameters
keyNameThe name of the key pair.
paramsThe parameters of key.
Exceptions
SecTpm::Errorif fails.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ deleteKeyPairInTpm()

virtual void ndn::security::SecTpm::deleteKeyPairInTpm ( const Name keyName)
pure virtual

Delete a key pair of asymmetric keys.

Parameters
keyNameThe name of the key pair.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ getPublicKeyFromTpm()

virtual shared_ptr<v1::PublicKey> ndn::security::SecTpm::getPublicKeyFromTpm ( const Name keyName)
pure virtual

Get a public key.

Parameters
keyNameThe public key name.
Returns
The public key.
Exceptions
SecTpm::Errorif public key does not exist in TPM.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ signInTpm()

virtual Block ndn::security::SecTpm::signInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
)
pure virtual

Sign data.

Parameters
dataPointer to the byte array to be signed.
dataLengthThe length of data.
keyNameThe name of the signing key.
digestAlgorithmthe digest algorithm.
Returns
The signature block.
Exceptions
SecTpm::Errorif signing fails.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ decryptInTpm()

virtual ConstBufferPtr ndn::security::SecTpm::decryptInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
bool  isSymmetric 
)
pure virtual

Decrypt data.

Parameters
dataPointer to the byte arry to be decrypted.
dataLengthThe length of data.
keyNameThe name of the decrypting key.
isSymmetricIf true symmetric encryption is used, otherwise asymmetric encryption.
Returns
The decrypted data.
Exceptions
SecTpm::Errorif decryption fails.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ encryptInTpm()

virtual ConstBufferPtr ndn::security::SecTpm::encryptInTpm ( const uint8_t *  data,
size_t  dataLength,
const Name keyName,
bool  isSymmetric 
)
pure virtual

Encrypt data.

Parameters
dataPointer to the byte arry to be decrypted.
dataLengthThe length of data.
keyNameThe name of the encrypting key.
isSymmetricIf true symmetric encryption is used, otherwise asymmetric encryption.
Returns
The encrypted data.
Exceptions
SecTpm::Errorif encryption fails.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ generateSymmetricKeyInTpm()

virtual void ndn::security::SecTpm::generateSymmetricKeyInTpm ( const Name keyName,
const KeyParams params 
)
pure virtual

Generate a symmetric key.

Parameters
keyNameThe name of the key.
paramsThe parameter of the key.
Exceptions
SecTpm::Errorif key generating fails.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ doesKeyExistInTpm()

virtual bool ndn::security::SecTpm::doesKeyExistInTpm ( const Name keyName,
KeyClass  keyClass 
)
pure virtual

Check if a particular key exists.

Parameters
keyNameThe name of the key.
keyClassThe class of the key, e.g. KeyClass::PUBLIC, KeyClass::PRIVATE.
Returns
True if the key exists, otherwise false.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ generateRandomBlock()

virtual bool ndn::security::SecTpm::generateRandomBlock ( uint8_t *  res,
size_t  size 
)
pure virtual

Generate a random block.

Parameters
resThe pointer to the generated block
sizeThe random block size
Returns
true for success, otherwise false

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error(), and exportPrivateKeyPkcs5FromTpm().

◆ addAppToAcl()

virtual void ndn::security::SecTpm::addAppToAcl ( const Name keyName,
KeyClass  keyClass,
const std::string &  appPath,
AclType  acl 
)
pure virtual

Add the application into the ACL of a particular key.

Parameters
keyNamethe name of key
keyClassthe class of key, e.g. Private Key
appPaththe absolute path to the application
aclthe new acl of the key

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error().

◆ exportPrivateKeyPkcs5FromTpm()

ConstBufferPtr ndn::security::SecTpm::exportPrivateKeyPkcs5FromTpm ( const Name keyName,
const std::string &  password 
)

Export a private key in PKCS#5 format.

Parameters
keyNameThe private key name
passwordThe password to encrypt the private key
Returns
The private key info (in PKCS8 format) if exist
Exceptions
SecTpm::Errorif private key cannot be exported

Definition at line 50 of file sec-tpm.cpp.

References ndn::OBufferStream::buf(), ndn::Oid::encode(), exportPrivateKeyPkcs8FromTpm(), and generateRandomBlock().

Referenced by ndn::security::SecTpm::Error::Error().

◆ importPrivateKeyPkcs5IntoTpm()

bool ndn::security::SecTpm::importPrivateKeyPkcs5IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize,
const std::string &  password 
)

Import a private key in PKCS#5 formatted buffer of size bufferSize.

Also recover the public key and installed it in TPM.

Parameters
keyNameThe private key name
bufferPointer to the first byte of the buffer containing PKCS#5-encoded private key info
bufferSizeSize of the buffer
passwordThe password to encrypt the private key
Returns
false if import fails

Definition at line 167 of file sec-tpm.cpp.

References ndn::OBufferStream::buf(), ndn::Oid::decode(), ndn::EC, ndn::oid::ECDSA, importPrivateKeyPkcs8IntoTpm(), importPublicKeyPkcs1IntoTpm(), ndn::NONE, ndn::RSA, and ndn::oid::RSA.

Referenced by ndn::security::SecTpm::Error::Error().

◆ getScheme()

virtual std::string ndn::security::SecTpm::getScheme ( )
protectedpure virtual

◆ exportPrivateKeyPkcs8FromTpm()

virtual ConstBufferPtr ndn::security::SecTpm::exportPrivateKeyPkcs8FromTpm ( const Name keyName)
protectedpure virtual

Export a private key in PKCS#8 format.

Parameters
keyNameThe private key name.
Returns
The private key info (in PKCS#8 format) if exist, otherwise a NULL pointer.

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error(), and exportPrivateKeyPkcs5FromTpm().

◆ importPrivateKeyPkcs8IntoTpm()

virtual bool ndn::security::SecTpm::importPrivateKeyPkcs8IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize 
)
protectedpure virtual

Import a private key from PKCS#8 formatted buffer of size bufferSize.

Parameters
keyNameThe private key name.
bufferPointer to the first byte of the buffer containing PKCS#8-encoded private key info
bufferSizeSize of the buffer
Returns
false if import fails

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error(), and importPrivateKeyPkcs5IntoTpm().

◆ importPublicKeyPkcs1IntoTpm()

virtual bool ndn::security::SecTpm::importPublicKeyPkcs1IntoTpm ( const Name keyName,
const uint8_t *  buffer,
size_t  bufferSize 
)
protectedpure virtual

Import a public key in PKCS#1 formatted buffer of size bufferSize.

Parameters
keyNameThe public key name
bufferPointer to the first byte of the buffer containing PKCS#1-encoded private key info
bufferSizeSize of the buffer
Returns
false if import fails

Implemented in ndn::security::DummyTpm, ndn::security::SecTpmFile, and ndn::security::SecTpmOsx.

Referenced by ndn::security::SecTpm::Error::Error(), and importPrivateKeyPkcs5IntoTpm().

◆ getImpExpPassWord()

bool ndn::security::SecTpm::getImpExpPassWord ( std::string &  password,
const std::string &  prompt 
)
protectedvirtual

Get import/export password.

Parameters
passwordOn return, the password.
promptPrompt for password, i.e., "Password for key:"
Returns
true if password has been obtained.

Definition at line 349 of file sec-tpm.cpp.

Referenced by ndn::security::SecTpm::Error::Error().

Member Data Documentation

◆ m_location

std::string ndn::security::SecTpm::m_location
protected

Definition at line 301 of file sec-tpm.hpp.

Referenced by getTpmLocator().


The documentation for this class was generated from the following files: