security: make BackEnd::Error an alias of Tpm::Error
Change-Id: Id38011529907e1dacdcb6107ab52ae273d302a1e
diff --git a/ndn-cxx/security/tpm/back-end-file.cpp b/ndn-cxx/security/tpm/back-end-file.cpp
index 8aa98c6..69cc810 100644
--- a/ndn-cxx/security/tpm/back-end-file.cpp
+++ b/ndn-cxx/security/tpm/back-end-file.cpp
@@ -128,8 +128,8 @@
case KeyType::EC:
break;
default:
- NDN_THROW(Error("File-based TPM does not support creating a key of type " +
- boost::lexical_cast<std::string>(params.getKeyType())));
+ NDN_THROW(std::invalid_argument("File-based TPM does not support creating a key of type " +
+ boost::lexical_cast<std::string>(params.getKeyType())));
}
shared_ptr<PrivateKey> key(transform::generatePrivateKey(params).release());
diff --git a/ndn-cxx/security/tpm/back-end-mem.cpp b/ndn-cxx/security/tpm/back-end-mem.cpp
index 5c20f71..89a29b8 100644
--- a/ndn-cxx/security/tpm/back-end-mem.cpp
+++ b/ndn-cxx/security/tpm/back-end-mem.cpp
@@ -78,8 +78,8 @@
case KeyType::HMAC:
break;
default:
- NDN_THROW(Error("Memory-based TPM does not support creating a key of type " +
- boost::lexical_cast<std::string>(params.getKeyType())));
+ NDN_THROW(std::invalid_argument("Memory-based TPM does not support creating a key of type " +
+ boost::lexical_cast<std::string>(params.getKeyType())));
}
shared_ptr<PrivateKey> key(transform::generatePrivateKey(params).release());
diff --git a/ndn-cxx/security/tpm/back-end-osx.cpp b/ndn-cxx/security/tpm/back-end-osx.cpp
index afa7b27..e41dfb4 100644
--- a/ndn-cxx/security/tpm/back-end-osx.cpp
+++ b/ndn-cxx/security/tpm/back-end-osx.cpp
@@ -88,7 +88,7 @@
case KeyType::EC:
return kSecAttrKeyTypeECDSA;
default:
- NDN_THROW(Tpm::Error("Unsupported key type"));
+ NDN_CXX_UNREACHABLE;
}
}
@@ -149,7 +149,7 @@
return nullptr;
}
else {
- NDN_THROW(BackEnd::Error("Key lookup in keychain failed: " + getErrorMessage(res)));
+ NDN_THROW(Tpm::Error("Key lookup in keychain failed: " + getErrorMessage(res)));
}
}
@@ -176,7 +176,7 @@
&exportedKey.get()); // exportedData
if (res != errSecSuccess) {
- NDN_THROW(BackEnd::Error("Failed to export private key: "s + getErrorMessage(res)));
+ NDN_THROW(Tpm::Error("Failed to export private key: "s + getErrorMessage(res)));
}
outKey.loadPkcs8(CFDataGetBytePtr(exportedKey.get()), CFDataGetLength(exportedKey.get()),
@@ -363,8 +363,8 @@
break;
}
default: {
- NDN_THROW(Error("macOS-based TPM does not support creating a key of type " +
- boost::lexical_cast<std::string>(keyType)));
+ NDN_THROW(std::invalid_argument("macOS-based TPM does not support creating a key of type " +
+ boost::lexical_cast<std::string>(keyType)));
}
}
CFReleaser<CFNumberRef> cfKeySize = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &keySize);
diff --git a/ndn-cxx/security/tpm/back-end.cpp b/ndn-cxx/security/tpm/back-end.cpp
index d3e32b2..ec25623 100644
--- a/ndn-cxx/security/tpm/back-end.cpp
+++ b/ndn-cxx/security/tpm/back-end.cpp
@@ -23,8 +23,6 @@
#include "ndn-cxx/encoding/buffer-stream.hpp"
#include "ndn-cxx/security/pib/key.hpp"
-#include "ndn-cxx/security/tpm/key-handle.hpp"
-#include "ndn-cxx/security/tpm/tpm.hpp"
#include "ndn-cxx/security/transform/buffer-source.hpp"
#include "ndn-cxx/security/transform/digest-filter.hpp"
#include "ndn-cxx/security/transform/private-key.hpp"
@@ -63,7 +61,7 @@
// check that the provided key id isn't already taken
Name keyName = v2::constructKeyName(identity, params.getKeyId());
if (hasKey(keyName)) {
- NDN_THROW(Tpm::Error("Key `" + keyName.toUri() + "` already exists"));
+ NDN_THROW(Error("Key `" + keyName.toUri() + "` already exists"));
}
break;
}
@@ -72,7 +70,8 @@
// key id will be determined after key is generated
break;
default:
- NDN_THROW(Error("Unsupported key id type " + boost::lexical_cast<std::string>(params.getKeyIdType())));
+ NDN_THROW(std::invalid_argument("Unsupported key id type " +
+ boost::lexical_cast<std::string>(params.getKeyIdType())));
}
return doCreateKey(identity, params);
diff --git a/ndn-cxx/security/tpm/back-end.hpp b/ndn-cxx/security/tpm/back-end.hpp
index ad264ea..2874bdd 100644
--- a/ndn-cxx/security/tpm/back-end.hpp
+++ b/ndn-cxx/security/tpm/back-end.hpp
@@ -22,21 +22,12 @@
#ifndef NDN_SECURITY_TPM_BACK_END_HPP
#define NDN_SECURITY_TPM_BACK_END_HPP
-#include "ndn-cxx/security/key-params.hpp"
-#include "ndn-cxx/encoding/buffer.hpp"
-#include "ndn-cxx/name.hpp"
+#include "ndn-cxx/security/tpm/tpm.hpp"
namespace ndn {
namespace security {
-
-namespace transform {
-class PrivateKey;
-} // namespace transform
-
namespace tpm {
-class KeyHandle;
-
/**
* @brief Abstract interface for a TPM backend implementation.
*
@@ -45,13 +36,8 @@
class BackEnd : noncopyable
{
public:
- class Error : public std::runtime_error
- {
- public:
- using std::runtime_error::runtime_error;
- };
+ using Error = Tpm::Error;
-public:
virtual
~BackEnd();
@@ -79,7 +65,7 @@
* @brief Create a key for @p identityName according to @p params.
*
* @return The handle of the created key.
- * @throw Tpm::Error @p params are invalid.
+ * @throw std::invalid_argument @p params are invalid.
* @throw Error The key could not be created.
*/
unique_ptr<KeyHandle>
diff --git a/ndn-cxx/security/tpm/tpm.hpp b/ndn-cxx/security/tpm/tpm.hpp
index be31a7e..123d9ec 100644
--- a/ndn-cxx/security/tpm/tpm.hpp
+++ b/ndn-cxx/security/tpm/tpm.hpp
@@ -45,7 +45,7 @@
class BackEnd;
/**
- * @brief represents the front-end of TPM
+ * @brief TPM front-end class.
*
* The TPM (Trusted Platform Module) stores the private portion of a user's cryptography keys.
* The format and location of stored information is indicated by the TpmLocator.
@@ -61,9 +61,6 @@
* returns a const reference to the managed Tpm instance, through which it is possible to
* check existence of private keys, get public keys for the private keys, sign, and decrypt
* the supplied buffers using managed private keys.
- *
- * @throw BackEnd::Error Failure with the underlying implementation having non-semantic errors
- * @throw Tpm::Error Failure with semantic error in the underlying implementation
*/
class Tpm : noncopyable
{
@@ -74,7 +71,6 @@
using std::runtime_error::runtime_error;
};
-public:
~Tpm();
std::string
@@ -173,7 +169,7 @@
* - HMAC keys: `/<identityName>/<keyDigest>`
*
* @return The key name.
- * @throw Tpm::Error the key already exists or @p params is invalid.
+ * @throw Error The key already exists or @p params is invalid.
*/
Name
createKey(const Name& identityName, const KeyParams& params);
@@ -193,7 +189,7 @@
* @param pw The password to encrypt the private key
* @param pwLen The length of the password
* @return The encoded private key wrapper.
- * @throw BackEnd::Error The key does not exist or it could not be exported.
+ * @throw Error The key does not exist or it could not be exported.
*/
ConstBufferPtr
exportPrivateKey(const Name& keyName, const char* pw, size_t pwLen) const;
@@ -206,7 +202,7 @@
* @param pkcs8Len The length of the private key wrapper
* @param pw The password to encrypt the private key
* @param pwLen The length of the password
- * @throw BackEnd::Error The key could not be imported.
+ * @throw Error The key could not be imported.
*/
void
importPrivateKey(const Name& keyName, const uint8_t* pkcs8, size_t pkcs8Len,
diff --git a/ndn-cxx/security/v2/key-chain.cpp b/ndn-cxx/security/v2/key-chain.cpp
index 05fc2b1..dfac81b 100644
--- a/ndn-cxx/security/v2/key-chain.cpp
+++ b/ndn-cxx/security/v2/key-chain.cpp
@@ -362,7 +362,7 @@
try {
encryptedKey = m_tpm->exportPrivateKey(keyName, pw, pwLen);
}
- catch (const tpm::BackEnd::Error&) {
+ catch (const Tpm::Error&) {
NDN_THROW_NESTED(Error("Failed to export private key `" + keyName.toUri() + "`"));
}
@@ -396,7 +396,7 @@
safeBag.getEncryptedKeyBag().data(), safeBag.getEncryptedKeyBag().size(),
pw, pwLen);
}
- catch (const tpm::BackEnd::Error&) {
+ catch (const Tpm::Error&) {
NDN_THROW_NESTED(Error("Failed to import private key `" + keyName.toUri() + "`"));
}
@@ -440,7 +440,7 @@
try {
m_tpm->importPrivateKey(keyName, std::move(key));
}
- catch (const tpm::BackEnd::Error&) {
+ catch (const Tpm::Error&) {
NDN_THROW_NESTED(Error("Failed to import private key `" + keyName.toUri() + "`"));
}
}
diff --git a/tests/unit/security/tpm/back-end.t.cpp b/tests/unit/security/tpm/back-end.t.cpp
index aee042f..8d4b41a 100644
--- a/tests/unit/security/tpm/back-end.t.cpp
+++ b/tests/unit/security/tpm/back-end.t.cpp
@@ -23,8 +23,6 @@
#include "ndn-cxx/encoding/buffer-stream.hpp"
#include "ndn-cxx/security/pib/key.hpp"
-#include "ndn-cxx/security/tpm/key-handle.hpp"
-#include "ndn-cxx/security/tpm/tpm.hpp"
#include "ndn-cxx/security/transform/bool-sink.hpp"
#include "ndn-cxx/security/transform/buffer-source.hpp"
#include "ndn-cxx/security/transform/private-key.hpp"
@@ -100,12 +98,12 @@
BackEndWrapperFile file;
BackEnd& fileTpm = file.getTpm();
- BOOST_CHECK_THROW(fileTpm.createKey(identity, HmacKeyParams()), BackEnd::Error);
+ BOOST_CHECK_THROW(fileTpm.createKey(identity, HmacKeyParams()), std::invalid_argument);
#ifdef NDN_CXX_HAVE_OSX_FRAMEWORKS
BackEndWrapperOsx osx;
BackEnd& osxTpm = osx.getTpm();
- BOOST_CHECK_THROW(osxTpm.createKey(identity, HmacKeyParams()), BackEnd::Error);
+ BOOST_CHECK_THROW(osxTpm.createKey(identity, HmacKeyParams()), std::invalid_argument);
#endif // NDN_CXX_HAVE_OSX_FRAMEWORKS
}
@@ -268,7 +266,7 @@
// import with wrong password
BOOST_CHECK_THROW(tpm.importKey(keyName, pkcs8->data(), pkcs8->size(), wrongPassword.data(), wrongPassword.size()),
- BackEnd::Error);
+ Tpm::Error);
BOOST_CHECK_EQUAL(tpm.hasKey(keyName), false);
// import with correct password
@@ -277,7 +275,7 @@
// import already present key
BOOST_CHECK_THROW(tpm.importKey(keyName, pkcs8->data(), pkcs8->size(), password.data(), password.size()),
- BackEnd::Error);
+ Tpm::Error);
// test derivePublicKey with the imported key
auto keyHdl = tpm.getKeyHandle(keyName);
@@ -301,7 +299,7 @@
// export nonexistent key
tpm.deleteKey(keyName);
BOOST_CHECK_EQUAL(tpm.hasKey(keyName), false);
- BOOST_CHECK_THROW(tpm.exportKey(keyName, password.data(), password.size()), BackEnd::Error);
+ BOOST_CHECK_THROW(tpm.exportKey(keyName, password.data(), password.size()), Tpm::Error);
}
BOOST_AUTO_TEST_CASE(RandomKeyId)