2.8/doxygen/v2_2key-chain_8hpp_source.html

/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */

/*

 * Copyright (c) 2013-2019 Regents of the University of California.

 *

 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).

 *

 * ndn-cxx library is free software: you can redistribute it and/or modify it under the

 * terms of the GNU Lesser General Public License as published by the Free Software

 * Foundation, either version 3 of the License, or (at your option) any later version.

 *

 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY

 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A

 * PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.

 *

 * You should have received copies of the GNU General Public License and GNU Lesser

 * General Public License along with ndn-cxx, e.g., in COPYING.md file.  If not, see

 * <http://www.gnu.org/licenses/>.

 *

 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.

 */


#ifndef NDN_SECURITY_V2_KEY_CHAIN_HPP

#define NDN_SECURITY_V2_KEY_CHAIN_HPP


#include "ndn-cxx/interest.hpp"

#include "ndn-cxx/security/key-params.hpp"

#include "ndn-cxx/security/pib/pib.hpp"

#include "ndn-cxx/security/safe-bag.hpp"

#include "ndn-cxx/security/security-common.hpp"

#include "ndn-cxx/security/signing-info.hpp"

#include "ndn-cxx/security/tpm/tpm.hpp"

#include "ndn-cxx/security/v2/certificate.hpp"


namespace ndn {

namespace security {

namespace v2 {


class KeyChain : noncopyable

{

public:

  class Error : public std::runtime_error

  {

  public:

    using std::runtime_error::runtime_error;

  };


  class LocatorMismatchError : public Error

  {

  public:

    using Error::Error;

  };


  class InvalidSigningInfoError : public Error

  {

  public:

    using Error::Error;

  };


  KeyChain();


  KeyChain(const std::string& pibLocator, const std::string& tpmLocator, bool allowReset = false);


  ~KeyChain();


  const Pib&

  getPib() const

  {

    return *m_pib;

  }


  const Tpm&

  getTpm() const

  {

    return *m_tpm;

  }


public: // Identity management

  Identity

  createIdentity(const Name& identityName, const KeyParams& params = getDefaultKeyParams());


  void

  deleteIdentity(const Identity& identity);


  void

  setDefaultIdentity(const Identity& identity);


public: // Key management

  Key

  createKey(const Identity& identity, const KeyParams& params = getDefaultKeyParams());


  Name

  createHmacKey(const Name& prefix = SigningInfo::getHmacIdentity(),

                const HmacKeyParams& params = HmacKeyParams());


  void

  deleteKey(const Identity& identity, const Key& key);


  void

  setDefaultKey(const Identity& identity, const Key& key);


public: // Certificate management

  void

  addCertificate(const Key& key, const Certificate& certificate);


  void

  deleteCertificate(const Key& key, const Name& certificateName);


  void

  setDefaultCertificate(const Key& key, const Certificate& certificate);


public: // signing

  void

  sign(Data& data, const SigningInfo& params = getDefaultSigningInfo());


  void

  sign(Interest& interest, const SigningInfo& params = getDefaultSigningInfo());


  Block

  sign(const uint8_t* buffer, size_t bufferLength, const SigningInfo& params = getDefaultSigningInfo());


public: // export & import

  shared_ptr<SafeBag>

  exportSafeBag(const Certificate& certificate, const char* pw, size_t pwLen);


  void

  importSafeBag(const SafeBag& safeBag, const char* pw, size_t pwLen);


  void

  importPrivateKey(const Name& keyName, shared_ptr<transform::PrivateKey> key);


NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE:

  static tlv::SignatureTypeValue

  getSignatureType(KeyType keyType, DigestAlgorithm digestAlgorithm);


public: // PIB & TPM backend registry

  template<class PibBackendType>

  static void

  registerPibBackend(const std::string& scheme);


  template<class TpmBackendType>

  static void

  registerTpmBackend(const std::string& scheme);


private:

  typedef std::map<std::string, function<unique_ptr<pib::PibImpl>(const std::string& location)>> PibFactories;

  typedef std::map<std::string, function<unique_ptr<tpm::BackEnd>(const std::string& location)>> TpmFactories;


  static PibFactories&

  getPibFactories();


  static TpmFactories&

  getTpmFactories();


  static std::tuple<std::string/*type*/, std::string/*location*/>

  parseAndCheckPibLocator(const std::string& pibLocator);


  static std::tuple<std::string/*type*/, std::string/*location*/>

  parseAndCheckTpmLocator(const std::string& tpmLocator);


  static const std::string&

  getDefaultPibScheme();


  static const std::string&

  getDefaultTpmScheme();


  static unique_ptr<Pib>

  createPib(const std::string& pibLocator);


  static unique_ptr<Tpm>

  createTpm(const std::string& tpmLocator);


NDN_CXX_PUBLIC_WITH_TESTS_ELSE_PRIVATE:

  static const std::string&

  getDefaultPibLocator();


  static const std::string&

  getDefaultTpmLocator();


private: // signing

  Certificate

  selfSign(Key& key);


  std::tuple<Name, SignatureInfo>

  prepareSignatureInfo(const SigningInfo& params);


  Block

  sign(const uint8_t* buf, size_t size, const Name& keyName, DigestAlgorithm digestAlgorithm) const;


public:

  static const SigningInfo&

  getDefaultSigningInfo();


  static const KeyParams&

  getDefaultKeyParams();


private:

  std::unique_ptr<Pib> m_pib;

  std::unique_ptr<Tpm> m_tpm;


  static std::string s_defaultPibLocator;

  static std::string s_defaultTpmLocator;

};


template<class PibType>

inline void

KeyChain::registerPibBackend(const std::string& scheme)

{

  getPibFactories().emplace(scheme, [] (const std::string& locator) {

      return unique_ptr<pib::PibImpl>(new PibType(locator));

    });

}


template<class TpmType>

inline void

KeyChain::registerTpmBackend(const std::string& scheme)

{

  getTpmFactories().emplace(scheme, [] (const std::string& locator) {

      return unique_ptr<tpm::BackEnd>(new TpmType(locator));

    });

}


#define NDN_CXX_V2_KEYCHAIN_REGISTER_PIB_BACKEND(PibType)     \

static class NdnCxxAuto ## PibType ## PibRegistrationClass    \

{                                                             \

public:                                                       \

  NdnCxxAuto ## PibType ## PibRegistrationClass()             \

  {                                                           \

    ::ndn::security::v2::KeyChain::registerPibBackend<PibType>(PibType::getScheme()); \

  }                                                           \

} ndnCxxAuto ## PibType ## PibRegistrationVariable


#define NDN_CXX_V2_KEYCHAIN_REGISTER_TPM_BACKEND(TpmType)     \

static class NdnCxxAuto ## TpmType ## TpmRegistrationClass    \

{                                                             \

public:                                                       \

  NdnCxxAuto ## TpmType ## TpmRegistrationClass()             \

  {                                                           \

    ::ndn::security::v2::KeyChain::registerTpmBackend<TpmType>(TpmType::getScheme()); \

  }                                                           \

} ndnCxxAuto ## TpmType ## TpmRegistrationVariable


} // namespace v2


using v2::KeyChain;


} // namespace security


using security::v2::KeyChain;


} // namespace ndn


#endif // NDN_SECURITY_V2_KEY_CHAIN_HPP