NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
key-chain.hpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2013-2018 Regents of the University of California.
4  *
5  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6  *
7  * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8  * terms of the GNU Lesser General Public License as published by the Free Software
9  * Foundation, either version 3 of the License, or (at your option) any later version.
10  *
11  * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13  * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14  *
15  * You should have received copies of the GNU General Public License and GNU Lesser
16  * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17  * <http://www.gnu.org/licenses/>.
18  *
19  * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20  */
21 
22 #ifndef NDN_SECURITY_V2_KEY_CHAIN_HPP
23 #define NDN_SECURITY_V2_KEY_CHAIN_HPP
24 
25 #include "ndn-cxx/interest.hpp"
33 
34 namespace ndn {
35 namespace security {
36 namespace v2 {
37 
46 class KeyChain : noncopyable
47 {
48 public:
49  class Error : public std::runtime_error
50  {
51  public:
52  using std::runtime_error::runtime_error;
53  };
54 
58  class LocatorMismatchError : public Error
59  {
60  public:
61  using Error::Error;
62  };
63 
68  {
69  public:
70  using Error::Error;
71  };
72 
83  KeyChain();
84 
95  KeyChain(const std::string& pibLocator, const std::string& tpmLocator, bool allowReset = false);
96 
97  ~KeyChain();
98 
99  const Pib&
100  getPib() const
101  {
102  return *m_pib;
103  }
104 
105  const Tpm&
106  getTpm() const
107  {
108  return *m_tpm;
109  }
110 
111 public: // Identity management
129  Identity
130  createIdentity(const Name& identityName, const KeyParams& params = getDefaultKeyParams());
131 
138  void
139  deleteIdentity(const Identity& identity);
140 
145  void
146  setDefaultIdentity(const Identity& identity);
147 
148 public: // Key management
162  Key
163  createKey(const Identity& identity, const KeyParams& params = getDefaultKeyParams());
164 
173  void
174  deleteKey(const Identity& identity, const Key& key);
175 
183  void
184  setDefaultKey(const Identity& identity, const Key& key);
185 
186 public: // Certificate management
199  void
200  addCertificate(const Key& key, const Certificate& certificate);
201 
210  void
211  deleteCertificate(const Key& key, const Name& certificateName);
212 
222  void
223  setDefaultCertificate(const Key& key, const Certificate& certificate);
224 
225 public: // signing
248  void
249  sign(Data& data, const SigningInfo& params = getDefaultSigningInfo());
250 
274  void
275  sign(Interest& interest, const SigningInfo& params = getDefaultSigningInfo());
276 
290  Block
291  sign(const uint8_t* buffer, size_t bufferLength, const SigningInfo& params = getDefaultSigningInfo());
292 
293 public: // export & import
303  shared_ptr<SafeBag>
304  exportSafeBag(const Certificate& certificate, const char* pw, size_t pwLen);
305 
321  void
322  importSafeBag(const SafeBag& safeBag, const char* pw, size_t pwLen);
323 
329  getSignatureType(KeyType keyType, DigestAlgorithm digestAlgorithm);
330 
331 public: // PIB & TPM backend registry
338  template<class PibBackendType>
339  static void
340  registerPibBackend(const std::string& scheme);
341 
348  template<class TpmBackendType>
349  static void
350  registerTpmBackend(const std::string& scheme);
351 
352 private:
353  typedef std::map<std::string, function<unique_ptr<pib::PibImpl>(const std::string& location)>> PibFactories;
354  typedef std::map<std::string, function<unique_ptr<tpm::BackEnd>(const std::string& location)>> TpmFactories;
355 
356  static PibFactories&
357  getPibFactories();
358 
359  static TpmFactories&
360  getTpmFactories();
361 
362  static std::tuple<std::string/*type*/, std::string/*location*/>
363  parseAndCheckPibLocator(const std::string& pibLocator);
364 
365  static std::tuple<std::string/*type*/, std::string/*location*/>
366  parseAndCheckTpmLocator(const std::string& tpmLocator);
367 
368  static const std::string&
369  getDefaultPibScheme();
370 
371  static const std::string&
372  getDefaultTpmScheme();
373 
377  static unique_ptr<Pib>
378  createPib(const std::string& pibLocator);
379 
383  static unique_ptr<Tpm>
384  createTpm(const std::string& tpmLocator);
385 
387  static const std::string&
388  getDefaultPibLocator();
389 
390  static const std::string&
391  getDefaultTpmLocator();
392 
393 private: // signing
403  selfSign(Key& key);
404 
414  std::tuple<Name, SignatureInfo>
415  prepareSignatureInfo(const SigningInfo& params);
416 
421  Block
422  sign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const;
423 
424 public:
425  static const SigningInfo&
427 
428  static const KeyParams&
430 
431 private:
432  std::unique_ptr<Pib> m_pib;
433  std::unique_ptr<Tpm> m_tpm;
434 
435  static std::string s_defaultPibLocator;
436  static std::string s_defaultTpmLocator;
437 };
438 
439 template<class PibType>
440 inline void
441 KeyChain::registerPibBackend(const std::string& scheme)
442 {
443  getPibFactories().emplace(scheme, [] (const std::string& locator) {
444  return unique_ptr<pib::PibImpl>(new PibType(locator));
445  });
446 }
447 
448 template<class TpmType>
449 inline void
450 KeyChain::registerTpmBackend(const std::string& scheme)
451 {
452  getTpmFactories().emplace(scheme, [] (const std::string& locator) {
453  return unique_ptr<tpm::BackEnd>(new TpmType(locator));
454  });
455 }
456 
465 #define NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND(PibType) \
466 static class NdnCxxAuto ## PibType ## PibRegistrationClass \
467 { \
468 public: \
469  NdnCxxAuto ## PibType ## PibRegistrationClass() \
470  { \
471  ::ndn::security::v2::KeyChain::registerPibBackend<PibType>(PibType::getScheme()); \
472  } \
473 } ndnCxxAuto ## PibType ## PibRegistrationVariable
474 
483 #define NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND(TpmType) \
484 static class NdnCxxAuto ## TpmType ## TpmRegistrationClass \
485 { \
486 public: \
487  NdnCxxAuto ## TpmType ## TpmRegistrationClass() \
488  { \
489  ::ndn::security::v2::KeyChain::registerTpmBackend<TpmType>(TpmType::getScheme()); \
490  } \
491 } ndnCxxAuto ## TpmType ## TpmRegistrationVariable
492 
493 } // namespace v2
494 
495 using v2::KeyChain;
496 
497 } // namespace security
498 
500 
501 } // namespace ndn
502 
503 #endif // NDN_SECURITY_V2_KEY_CHAIN_HPP
void deleteKey(const Identity &identity, const Key &key)
Delete a key key of identity.
Definition: key-chain.cpp:286
Copyright (c) 2011-2015 Regents of the University of California.
The certificate following the certificate format naming convention.
Definition: certificate.hpp:81
The interface of signing key management.
Definition: key-chain.hpp:46
void addCertificate(const Key &key, const Certificate &certificate)
Add a certificate certificate for key.
Definition: key-chain.cpp:315
Key createKey(const Identity &identity, const KeyParams &params=getDefaultKeyParams())
Create a key for identity according to params.
Definition: key-chain.cpp:268
KeyChain()
Constructor to create KeyChain with default PIB and TPM.
Definition: key-chain.cpp:165
Represents a TLV element of NDN packet format.
Definition: block.hpp:42
Error indicating that the supplied TPM locator does not match the locator stored in PIB.
Definition: key-chain.hpp:58
Represents an Interest packet.
Definition: interest.hpp:44
Signing parameters passed to KeyChain.
void deleteCertificate(const Key &key, const Name &certificateName)
delete a certificate with name certificateName of key.
Definition: key-chain.cpp:329
represents the front-end of TPM
Definition: tpm.hpp:63
const Pib & getPib() const
Definition: key-chain.hpp:100
Identity createIdentity(const Name &identityName, const KeyParams &params=getDefaultKeyParams())
Create an identity identityName.
Definition: key-chain.cpp:222
void importSafeBag(const SafeBag &safeBag, const char *pw, size_t pwLen)
Import a pair of certificate and its corresponding private key encapsulated in a SafeBag.
Definition: key-chain.cpp:367
KeyType
The type of a cryptographic key.
const Tpm & getTpm() const
Definition: key-chain.hpp:106
shared_ptr< SafeBag > exportSafeBag(const Certificate &certificate, const char *pw, size_t pwLen)
Export a certificate and its corresponding private key.
Definition: key-chain.cpp:350
A frontend handle of a key instance.
Definition: key.hpp:49
void setDefaultCertificate(const Key &key, const Certificate &certificate)
Set cert as the default certificate of key.
Definition: key-chain.cpp:341
void setDefaultIdentity(const Identity &identity)
Set identity as the default identity.
Definition: key-chain.cpp:260
static void registerPibBackend(const std::string &scheme)
Register a new PIB backend.
Definition: key-chain.hpp:441
static const SigningInfo & getDefaultSigningInfo()
Definition: key-chain.cpp:150
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE DigestAlgorithm digestAlgorithm
Definition: key-chain.hpp:329
static void registerTpmBackend(const std::string &scheme)
Register a new TPM backend.
Definition: key-chain.hpp:450
#define NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE
Definition: common.hpp:43
Represents an absolute name.
Definition: name.hpp:43
Error indicating that the supplied SigningInfo is invalid.
Definition: key-chain.hpp:67
SignatureTypeValue
SignatureType values.
Definition: tlv.hpp:126
void sign(Data &data, const SigningInfo &params=getDefaultSigningInfo())
Sign data according to the supplied signing information.
Definition: key-chain.cpp:430
void deleteIdentity(const Identity &identity)
delete identity.
Definition: key-chain.cpp:246
static const KeyParams & getDefaultKeyParams()
Definition: key-chain.cpp:157
a secured container for sensitive information(certificate, private key)
Definition: safe-bag.hpp:37
void setDefaultKey(const Identity &identity, const Key &key)
Set key as the default key of identity.
Definition: key-chain.cpp:302
Base class of key parameters.
Definition: key-params.hpp:35
A frontend handle of an Identity.
Definition: identity.hpp:42
Represents a Data packet.
Definition: data.hpp:35
ndn security v2 KeyChain
Definition: key-chain.cpp:69
represents the PIB
Definition: pib.hpp:52