NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::tpm::BackEnd Class Referenceabstract

Abstraction of Tpm back-end. More...

#include <back-end.hpp>

Inheritance diagram for ndn::security::tpm::BackEnd:
Collaboration diagram for ndn::security::tpm::BackEnd:

Classes

class  Error
 

Public Member Functions

virtual ~BackEnd ()
 
bool hasKey (const Name &keyName) const
 
unique_ptr< KeyHandlegetKeyHandle (const Name &keyName) const
 
unique_ptr< KeyHandlecreateKey (const Name &identity, const KeyParams &params)
 Create key for identity according to params. More...
 
void deleteKey (const Name &keyName)
 Delete a key with name keyName. More...
 
ConstBufferPtr exportKey (const Name &keyName, const char *pw, size_t pwLen)
 
void importKey (const Name &keyName, const uint8_t *pkcs8, size_t pkcs8Len, const char *pw, size_t pwLen)
 Import a private key in encrypted PKCS #8 format. More...
 
virtual bool isTerminalMode () const
 Check if TPM is in terminal mode. More...
 
virtual void setTerminalMode (bool isTerminal) const
 Set the terminal mode of TPM. More...
 
virtual bool isTpmLocked () const
 
virtual bool unlockTpm (const char *pw, size_t pwLen) const
 Unlock TPM. More...
 

Static Protected Member Functions

static void setKeyName (KeyHandle &keyHandle, const Name &identity, const KeyParams &params)
 Set the key name in keyHandle according to identity and params. More...
 

Detailed Description

Abstraction of Tpm back-end.

This class provides KeyHandle to the front-end and other TPM management operations.

Definition at line 41 of file back-end.hpp.

Constructor & Destructor Documentation

◆ ~BackEnd()

ndn::security::tpm::BackEnd::~BackEnd ( )
virtualdefault

Member Function Documentation

◆ hasKey()

bool ndn::security::tpm::BackEnd::hasKey ( const Name keyName) const
Returns
True if a key with name keyName exists in TPM.

Definition at line 39 of file back-end.cpp.

Referenced by createKey(), exportKey(), and importKey().

◆ getKeyHandle()

unique_ptr< KeyHandle > ndn::security::tpm::BackEnd::getKeyHandle ( const Name keyName) const
Returns
The handle of a key with name keyName, or nullptr if the key does not exist.

Calling getKeyHandle multiple times with the same keyName will return different KeyHandle objects that all refer to the same key.

Definition at line 45 of file back-end.cpp.

◆ createKey()

unique_ptr< KeyHandle > ndn::security::tpm::BackEnd::createKey ( const Name identity,
const KeyParams params 
)

Create key for identity according to params.

The key name is set in the returned KeyHandle.

Returns
The handle of the created key.
Exceptions
Tpm::Errorparams are invalid
Errorthe key cannot be created

Definition at line 51 of file back-end.cpp.

References ndn::security::v2::constructKeyName(), ndn::name::Component::fromNumber(), ndn::random::generateSecureWord64(), ndn::KeyParams::getKeyId(), ndn::KeyParams::getKeyIdType(), hasKey(), ndn::RANDOM, ndn::SHA256, ndn::Name::toUri(), and ndn::USER_SPECIFIED.

◆ deleteKey()

void ndn::security::tpm::BackEnd::deleteKey ( const Name keyName)

Delete a key with name keyName.

Continuing to use existing KeyHandles on a deleted key results in undefined behavior.

Exceptions
Errorif the deletion fails.

Definition at line 86 of file back-end.cpp.

◆ exportKey()

ConstBufferPtr ndn::security::tpm::BackEnd::exportKey ( const Name keyName,
const char *  pw,
size_t  pwLen 
)
Returns
A private key with name keyName in encrypted PKCS #8 format using password pw
Exceptions
Errorthe key does not exist
Errorthe key cannot be exported, e.g., insufficient privilege

Definition at line 92 of file back-end.cpp.

References hasKey(), and ndn::Name::toUri().

◆ importKey()

void ndn::security::tpm::BackEnd::importKey ( const Name keyName,
const uint8_t *  pkcs8,
size_t  pkcs8Len,
const char *  pw,
size_t  pwLen 
)

Import a private key in encrypted PKCS #8 format.

Parameters
keyNameThe name of imported private key
pkcs8Pointer to the key in encrypted PKCS #8 format
pkcs8LenThe size of the key in encrypted PKCS #8 format
pwThe password to decrypt the private key
pwLenThe length of the password
Exceptions
Errorimport failed

Definition at line 101 of file back-end.cpp.

References hasKey(), and ndn::Name::toUri().

◆ isTerminalMode()

bool ndn::security::tpm::BackEnd::isTerminalMode ( ) const
virtual

Check if TPM is in terminal mode.

Default implementation always returns true.

Reimplemented in ndn::security::DummyTpm, and ndn::security::tpm::BackEndOsx.

Definition at line 142 of file back-end.cpp.

◆ setTerminalMode()

void ndn::security::tpm::BackEnd::setTerminalMode ( bool  isTerminal) const
virtual

Set the terminal mode of TPM.

In terminal mode, TPM will not ask user permission from GUI.

Default implementation does nothing.

Reimplemented in ndn::security::DummyTpm, and ndn::security::tpm::BackEndOsx.

Definition at line 148 of file back-end.cpp.

◆ isTpmLocked()

bool ndn::security::tpm::BackEnd::isTpmLocked ( ) const
virtual
Returns
True if TPM is locked, otherwise false

Default implementation always returns false.

Reimplemented in ndn::security::DummyTpm, and ndn::security::tpm::BackEndOsx.

Definition at line 153 of file back-end.cpp.

Referenced by unlockTpm().

◆ unlockTpm()

bool ndn::security::tpm::BackEnd::unlockTpm ( const char *  pw,
size_t  pwLen 
) const
virtual

Unlock TPM.

Parameters
pwThe password to unlock TPM
pwLenThe password size.

Default implementation always returns !isTpmLocked()

Reimplemented in ndn::security::tpm::BackEndOsx.

Definition at line 159 of file back-end.cpp.

References isTpmLocked().

◆ setKeyName()


The documentation for this class was generated from the following files: