NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.5: NDN, CCN, CCNx, content centric networks
API Documentation
ndn::security::tpm::Tpm Class Reference

TPM front-end class. More...

#include <tpm.hpp>

Inheritance diagram for ndn::security::tpm::Tpm:
Collaboration diagram for ndn::security::tpm::Tpm:

Classes

class  Error
 

Public Member Functions

 ~Tpm ()
 
std::string getTpmLocator () const
 
bool hasKey (const Name &keyName) const
 Check if a private key exists. More...
 
ConstBufferPtr getPublicKey (const Name &keyName) const
 
ConstBufferPtr sign (const uint8_t *buf, size_t size, const Name &keyName, DigestAlgorithm digestAlgorithm) const
 Sign blob using the key with name keyName and using the digest digestAlgorithm. More...
 
boost::logic::tribool verify (const uint8_t *buf, size_t bufLen, const uint8_t *sig, size_t sigLen, const Name &keyName, DigestAlgorithm digestAlgorithm) const
 Verify blob using the key with name keyName and using the digest digestAlgorithm. More...
 
ConstBufferPtr decrypt (const uint8_t *buf, size_t size, const Name &keyName) const
 Decrypt blob using the key with name keyName. More...
 
bool isTerminalMode () const
 Check if the TPM is in terminal mode. More...
 
void setTerminalMode (bool isTerminal) const
 Set the terminal mode of the TPM. More...
 
bool isTpmLocked () const
 
NDN_CXX_NODISCARD bool unlockTpm (const char *password, size_t passwordLength) const
 Unlock the TPM. More...
 
Name createKey (const Name &identityName, const KeyParams &params)
 Create key for identityName according to params. More...
 
void deleteKey (const Name &keyName)
 Delete a key pair with name keyName. More...
 
ConstBufferPtr exportPrivateKey (const Name &keyName, const char *pw, size_t pwLen) const
 Export a private key. More...
 
void importPrivateKey (const Name &keyName, const uint8_t *pkcs8, size_t pkcs8Len, const char *pw, size_t pwLen)
 Import a private key. More...
 
void importPrivateKey (const Name &keyName, shared_ptr< transform::PrivateKey > key)
 Import a private key. More...
 
void clearKeyCache ()
 Clear the key cache. More...
 

Public Attributes

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE __pad0__: Tpm(const std::string& scheme
 
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE const std::string & location
 
NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE const std::string unique_ptr< BackEndimpl
 

Friends

class v2::KeyChain
 

Detailed Description

TPM front-end class.

The TPM (Trusted Platform Module) stores the private portion of a user's cryptography keys. The format and location of stored information is indicated by the TpmLocator. The TPM is designed to work with a PIB (Public Information Base) which stores public keys and related information such as certificate.

The TPM also provides functionalities of crypto transformation, such as signing and decryption.

A TPM consists of a unified front-end interface and a back-end implementation. The front-end cache the handles of private keys which is provided by the back-end implementation.

Note
Tpm instance is created and managed only by v2::KeyChain. v2::KeyChain::getTpm() returns a const reference to the managed Tpm instance, through which it is possible to check existence of private keys, get public keys for the private keys, sign, and decrypt the supplied buffers using managed private keys.

Definition at line 65 of file tpm.hpp.

Constructor & Destructor Documentation

◆ ~Tpm()

ndn::security::tpm::Tpm::~Tpm ( )
default

Member Function Documentation

◆ getTpmLocator()

std::string ndn::security::tpm::Tpm::getTpmLocator ( ) const

Definition at line 42 of file tpm.cpp.

◆ hasKey()

bool ndn::security::tpm::Tpm::hasKey ( const Name keyName) const

Check if a private key exists.

Parameters
keyNameThe key name
Returns
true if the key exists

Definition at line 48 of file tpm.cpp.

◆ getPublicKey()

ConstBufferPtr ndn::security::tpm::Tpm::getPublicKey ( const Name keyName) const
Returns
The public portion of an asymmetric key with name keyName, or nullptr if the key does not exist,

The public key is in PKCS#8 format.

Definition at line 73 of file tpm.cpp.

References ndn::security::tpm::KeyHandle::derivePublicKey().

◆ sign()

ConstBufferPtr ndn::security::tpm::Tpm::sign ( const uint8_t *  buf,
size_t  size,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
) const

Sign blob using the key with name keyName and using the digest digestAlgorithm.

Returns
The signature, or nullptr if the key does not exist.

Definition at line 84 of file tpm.cpp.

References buf, and ndn::security::tpm::KeyHandle::sign().

◆ verify()

boost::logic::tribool ndn::security::tpm::Tpm::verify ( const uint8_t *  buf,
size_t  bufLen,
const uint8_t *  sig,
size_t  sigLen,
const Name keyName,
DigestAlgorithm  digestAlgorithm 
) const

Verify blob using the key with name keyName and using the digest digestAlgorithm.

Return values
truethe signature is valid
falsethe signature is not valid
indeterminatethe key does not exist

Definition at line 95 of file tpm.cpp.

References buf, bufLen, sig, sigLen, and ndn::security::tpm::KeyHandle::verify().

Referenced by ndn::security::verifySignature().

◆ decrypt()

ConstBufferPtr ndn::security::tpm::Tpm::decrypt ( const uint8_t *  buf,
size_t  size,
const Name keyName 
) const

Decrypt blob using the key with name keyName.

Returns
The decrypted data, or nullptr if the key does not exist.

Definition at line 107 of file tpm.cpp.

References buf, and ndn::security::tpm::KeyHandle::decrypt().

◆ isTerminalMode()

bool ndn::security::tpm::Tpm::isTerminalMode ( ) const

Check if the TPM is in terminal mode.

Definition at line 118 of file tpm.cpp.

◆ setTerminalMode()

void ndn::security::tpm::Tpm::setTerminalMode ( bool  isTerminal) const

Set the terminal mode of the TPM.

When in terminal mode, the TPM will not ask user permission from GUI.

Definition at line 124 of file tpm.cpp.

◆ isTpmLocked()

bool ndn::security::tpm::Tpm::isTpmLocked ( ) const
Returns
true if the TPM is locked, otherwise false.

Definition at line 130 of file tpm.cpp.

◆ unlockTpm()

bool ndn::security::tpm::Tpm::unlockTpm ( const char *  password,
size_t  passwordLength 
) const

Unlock the TPM.

Parameters
passwordThe password to unlock the TPM.
passwordLengthThe password size.

Definition at line 136 of file tpm.cpp.

◆ createKey()

Name ndn::security::tpm::Tpm::createKey ( const Name identityName,
const KeyParams params 
)

Create key for identityName according to params.

The created key is named as follows:

  • RSA and EC keys: /<identityName>/KEY/<keyId>
  • HMAC keys: /<identityName>/<keyDigest>
Returns
The key name.
Exceptions
ErrorThe key already exists or params is invalid.

Definition at line 54 of file tpm.cpp.

References nonstd::optional_lite::std11::move().

◆ deleteKey()

void ndn::security::tpm::Tpm::deleteKey ( const Name keyName)

Delete a key pair with name keyName.

Definition at line 63 of file tpm.cpp.

◆ exportPrivateKey()

ConstBufferPtr ndn::security::tpm::Tpm::exportPrivateKey ( const Name keyName,
const char *  pw,
size_t  pwLen 
) const

Export a private key.

Export a private key in encrypted PKCS #8 format.

Parameters
keyNameThe private key name
pwThe password to encrypt the private key
pwLenThe length of the password
Returns
The encoded private key wrapper.
Exceptions
ErrorThe key does not exist or it could not be exported.

Definition at line 142 of file tpm.cpp.

◆ importPrivateKey() [1/2]

void ndn::security::tpm::Tpm::importPrivateKey ( const Name keyName,
const uint8_t *  pkcs8,
size_t  pkcs8Len,
const char *  pw,
size_t  pwLen 
)

Import a private key.

Parameters
keyNameThe private key name
pkcs8The private key wrapper
pkcs8LenThe length of the private key wrapper
pwThe password to encrypt the private key
pwLenThe length of the password
Exceptions
ErrorThe key could not be imported.

Definition at line 148 of file tpm.cpp.

◆ importPrivateKey() [2/2]

void ndn::security::tpm::Tpm::importPrivateKey ( const Name keyName,
shared_ptr< transform::PrivateKey key 
)

Import a private key.

Definition at line 155 of file tpm.cpp.

References nonstd::optional_lite::std11::move().

◆ clearKeyCache()

void ndn::security::tpm::Tpm::clearKeyCache ( )
inline

Clear the key cache.

An empty cache can force Tpm to do key lookup in the back-end.

Definition at line 223 of file tpm.hpp.

Friends And Related Function Documentation

◆ v2::KeyChain

friend class v2::KeyChain
friend

Definition at line 245 of file tpm.hpp.

Member Data Documentation

◆ __pad0__

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE ndn::security::tpm::Tpm::__pad0__

Definition at line 154 of file tpm.hpp.

◆ location

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE const std::string& ndn::security::tpm::Tpm::location

Definition at line 162 of file tpm.hpp.

◆ impl

NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE const std::string unique_ptr<BackEnd> ndn::security::tpm::Tpm::impl

Definition at line 162 of file tpm.hpp.


The documentation for this class was generated from the following files: