security: code cleanup and doxygen improvements in tpm::BackEndOsx
Change-Id: I6d6d77ab315a10c280e7643d4cec5269ed10fe5e
diff --git a/src/security/tpm/back-end-file.hpp b/src/security/tpm/back-end-file.hpp
index cc0db78..bf29644 100644
--- a/src/security/tpm/back-end-file.hpp
+++ b/src/security/tpm/back-end-file.hpp
@@ -34,90 +34,55 @@
namespace tpm {
/**
- * @brief The back-end implementation of file-based TPM.
+ * @brief The back-end implementation of a file-based TPM.
*
* In this TPM, each private key is stored in a separate file with permission 0400, i.e.,
* owner read-only. The key is stored in PKCS #1 format in base64 encoding.
*/
-class BackEndFile : public BackEnd
+class BackEndFile final : public BackEnd
{
public:
/**
- * @brief Create file-based TPM backend
- * @param location Directory to store private keys
+ * @brief Create file-based TPM backend.
+ *
+ * @param location Directory to store private keys.
*/
explicit
BackEndFile(const std::string& location = "");
- ~BackEndFile() override;
+ ~BackEndFile() final;
static const std::string&
getScheme();
private: // inherited from tpm::BackEnd
- /**
- * @return True if a key with name @p keyName exists in TPM.
- */
bool
doHasKey(const Name& keyName) const final;
- /**
- * @return The handle of a key with name @p keyName, or nullptr if the key does not exist
- */
unique_ptr<KeyHandle>
doGetKeyHandle(const Name& keyName) const final;
- /**
- * @brief Create key for @p identityName according to @p params.
- *
- * The created key is named as: /<identityName>/[keyId]/KEY
- * The key name is set in the returned KeyHandle.
- *
- * If the key with the same name exists, the old key will be overwritten.
- * The behavior of using KeyHandler of removed key is undefined.
- *
- * @return The handle of the created key.
- */
unique_ptr<KeyHandle>
doCreateKey(const Name& identityName, const KeyParams& params) final;
- /**
- * @brief Delete a key with name @p keyName.
- *
- * @throw Error the deletion failed
- */
void
doDeleteKey(const Name& keyName) final;
- /**
- * @return A private key with name @p keyName in encrypted PKCS #8 format using password @p pw
- * @throw Error the key cannot be exported, e.g., not enough privilege
- */
ConstBufferPtr
doExportKey(const Name& keyName, const char* pw, size_t pwLen) final;
- /**
- * @brief Import a private key in encrypted PKCS #8 format
- *
- * @param keyName The name of imported private key
- * @param buf Pointer to the key in encrypted PKCS #8 format
- * @param size The size of the key in encrypted PKCS #8 format
- * @param pw The password to decrypt the key
- * @param pwLen The length of the password
- * @throw Error import failed
- */
void
doImportKey(const Name& keyName, const uint8_t* buf, size_t size, const char* pw, size_t pwLen) final;
private:
/**
- * @brief Load a private key with name @p keyName from the key file directory
+ * @brief Load a private key with name @p keyName from the key directory.
*/
unique_ptr<transform::PrivateKey>
loadKey(const Name& keyName) const;
/**
- * @brief Save a private key with name @p keyName into the key file directory
+ * @brief Save a private key with name @p keyName into the key directory.
*/
void
saveKey(const Name& keyName, const transform::PrivateKey& key);