blob: a560fad7837cffbde156c9bba86a00845f37cade [file] [log] [blame]
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
* Copyright (c) 2013-2018 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
* ndn-cxx library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
* Foundation, either version 3 of the License, or (at your option) any later version.
*
* ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
*
* You should have received copies of the GNU General Public License and GNU Lesser
* General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
* <http://www.gnu.org/licenses/>.
*
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
#include "back-end-file.hpp"
#include "key-handle-mem.hpp"
#include "../transform.hpp"
#include "../transform/private-key.hpp"
#include "../../encoding/buffer-stream.hpp"
#include <cstdlib>
#include <fstream>
#include <sys/stat.h>
#include <boost/filesystem.hpp>
namespace ndn {
namespace security {
namespace tpm {
using transform::PrivateKey;
class BackEndFile::Impl
{
public:
explicit
Impl(const std::string& dir)
{
if (!dir.empty()) {
keystorePath = boost::filesystem::path(dir);
}
#ifdef NDN_CXX_HAVE_TESTS
else if (std::getenv("TEST_HOME") != nullptr) {
keystorePath = boost::filesystem::path(std::getenv("TEST_HOME")) / ".ndn";
}
#endif // NDN_CXX_HAVE_TESTS
else if (std::getenv("HOME") != nullptr) {
keystorePath = boost::filesystem::path(std::getenv("HOME")) / ".ndn";
}
else {
keystorePath = boost::filesystem::current_path() / ".ndn";
}
keystorePath /= "ndnsec-key-file";
boost::filesystem::create_directories(keystorePath);
}
boost::filesystem::path
toFileName(const Name& keyName)
{
std::stringstream os;
{
using namespace transform;
bufferSource(keyName.wireEncode().wire(), keyName.wireEncode().size()) >>
digestFilter(DigestAlgorithm::SHA256) >> hexEncode() >> streamSink(os);
}
return keystorePath / (os.str() + ".privkey");
}
public:
boost::filesystem::path keystorePath;
};
BackEndFile::BackEndFile(const std::string& location)
: m_impl(new Impl(location))
{
}
BackEndFile::~BackEndFile() = default;
const std::string&
BackEndFile::getScheme()
{
static std::string scheme = "tpm-file";
return scheme;
}
bool
BackEndFile::doHasKey(const Name& keyName) const
{
if (!boost::filesystem::exists(m_impl->toFileName(keyName)))
return false;
try {
loadKey(keyName);
return true;
}
catch (const std::runtime_error&) {
return false;
}
}
unique_ptr<KeyHandle>
BackEndFile::doGetKeyHandle(const Name& keyName) const
{
if (!doHasKey(keyName))
return nullptr;
return make_unique<KeyHandleMem>(loadKey(keyName));
}
unique_ptr<KeyHandle>
BackEndFile::doCreateKey(const Name& identityName, const KeyParams& params)
{
shared_ptr<PrivateKey> key(transform::generatePrivateKey(params).release());
unique_ptr<KeyHandle> keyHandle = make_unique<KeyHandleMem>(key);
setKeyName(*keyHandle, identityName, params);
try {
saveKey(keyHandle->getKeyName(), key);
return keyHandle;
}
catch (const std::runtime_error& e) {
BOOST_THROW_EXCEPTION(Error("Cannot write key to disk: "s + e.what()));
}
}
void
BackEndFile::doDeleteKey(const Name& keyName)
{
boost::filesystem::path keyPath(m_impl->toFileName(keyName));
if (boost::filesystem::exists(keyPath)) {
try {
boost::filesystem::remove(keyPath);
}
catch (const boost::filesystem::filesystem_error&) {
BOOST_THROW_EXCEPTION(Error("Cannot delete key"));
}
}
}
ConstBufferPtr
BackEndFile::doExportKey(const Name& keyName, const char* pw, size_t pwLen)
{
shared_ptr<PrivateKey> key;
try {
key = loadKey(keyName);
}
catch (const PrivateKey::Error&) {
BOOST_THROW_EXCEPTION(Error("Cannot export private key"));
}
OBufferStream os;
key->savePkcs8(os, pw, pwLen);
return os.buf();
}
void
BackEndFile::doImportKey(const Name& keyName, const uint8_t* buf, size_t size, const char* pw, size_t pwLen)
{
try {
auto key = make_shared<PrivateKey>();
key->loadPkcs8(buf, size, pw, pwLen);
saveKey(keyName, key);
}
catch (const PrivateKey::Error&) {
BOOST_THROW_EXCEPTION(Error("Cannot import private key"));
}
}
shared_ptr<PrivateKey>
BackEndFile::loadKey(const Name& keyName) const
{
auto key = make_shared<PrivateKey>();
std::fstream is(m_impl->toFileName(keyName).string(), std::ios_base::in);
key->loadPkcs1Base64(is);
return key;
}
void
BackEndFile::saveKey(const Name& keyName, shared_ptr<PrivateKey> key)
{
std::string fileName = m_impl->toFileName(keyName).string();
std::fstream os(fileName, std::ios_base::out);
key->savePkcs1Base64(os);
// set file permission
::chmod(fileName.c_str(), 0000400);
}
} // namespace tpm
} // namespace security
} // namespace ndn