| /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
| /* |
| * Copyright (c) 2013-2018 Regents of the University of California. |
| * |
| * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions). |
| * |
| * ndn-cxx library is free software: you can redistribute it and/or modify it under the |
| * terms of the GNU Lesser General Public License as published by the Free Software |
| * Foundation, either version 3 of the License, or (at your option) any later version. |
| * |
| * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY |
| * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. |
| * |
| * You should have received copies of the GNU General Public License and GNU Lesser |
| * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see |
| * <http://www.gnu.org/licenses/>. |
| * |
| * See AUTHORS.md for complete list of ndn-cxx authors and contributors. |
| */ |
| |
| #include "ndn-cxx/security/tpm/back-end.hpp" |
| #include "ndn-cxx/security/tpm/key-handle.hpp" |
| #include "ndn-cxx/security/tpm/tpm.hpp" |
| #include "ndn-cxx/security/pib/key.hpp" |
| #include "ndn-cxx/security/transform/buffer-source.hpp" |
| #include "ndn-cxx/security/transform/digest-filter.hpp" |
| #include "ndn-cxx/security/transform/stream-sink.hpp" |
| #include "ndn-cxx/encoding/buffer-stream.hpp" |
| #include "ndn-cxx/util/random.hpp" |
| |
| namespace ndn { |
| namespace security { |
| namespace tpm { |
| |
| BackEnd::~BackEnd() = default; |
| |
| bool |
| BackEnd::hasKey(const Name& keyName) const |
| { |
| return doHasKey(keyName); |
| } |
| |
| unique_ptr<KeyHandle> |
| BackEnd::getKeyHandle(const Name& keyName) const |
| { |
| return doGetKeyHandle(keyName); |
| } |
| |
| unique_ptr<KeyHandle> |
| BackEnd::createKey(const Name& identity, const KeyParams& params) |
| { |
| // key name checking |
| switch (params.getKeyIdType()) { |
| case KeyIdType::USER_SPECIFIED: { // keyId is pre-set. |
| Name keyName = v2::constructKeyName(identity, params.getKeyId()); |
| if (hasKey(keyName)) { |
| BOOST_THROW_EXCEPTION(Tpm::Error("Key `" + keyName.toUri() + "` already exists")); |
| } |
| break; |
| } |
| case KeyIdType::SHA256: { |
| // KeyName will be assigned in setKeyName after key is generated |
| break; |
| } |
| case KeyIdType::RANDOM: { |
| Name keyName; |
| name::Component keyId; |
| do { |
| keyId = name::Component::fromNumber(random::generateSecureWord64()); |
| keyName = v2::constructKeyName(identity, keyId); |
| } while (hasKey(keyName)); |
| |
| const_cast<KeyParams&>(params).setKeyId(keyId); |
| break; |
| } |
| default: { |
| BOOST_THROW_EXCEPTION(Error("Unsupported key id type")); |
| } |
| } |
| |
| return doCreateKey(identity, params); |
| } |
| |
| void |
| BackEnd::deleteKey(const Name& keyName) |
| { |
| doDeleteKey(keyName); |
| } |
| |
| ConstBufferPtr |
| BackEnd::exportKey(const Name& keyName, const char* pw, size_t pwLen) |
| { |
| if (!hasKey(keyName)) { |
| BOOST_THROW_EXCEPTION(Error("Key `" + keyName.toUri() + "` does not exist")); |
| } |
| return doExportKey(keyName, pw, pwLen); |
| } |
| |
| void |
| BackEnd::importKey(const Name& keyName, const uint8_t* pkcs8, size_t pkcs8Len, const char* pw, size_t pwLen) |
| { |
| if (hasKey(keyName)) { |
| BOOST_THROW_EXCEPTION(Error("Key `" + keyName.toUri() + "` already exists")); |
| } |
| doImportKey(keyName, pkcs8, pkcs8Len, pw, pwLen); |
| } |
| |
| void |
| BackEnd::setKeyName(KeyHandle& keyHandle, const Name& identity, const KeyParams& params) |
| { |
| name::Component keyId; |
| |
| switch (params.getKeyIdType()) { |
| case KeyIdType::USER_SPECIFIED: { |
| keyId = params.getKeyId(); |
| break; |
| } |
| case KeyIdType::SHA256: { |
| using namespace transform; |
| OBufferStream os; |
| bufferSource(*keyHandle.derivePublicKey()) >> |
| digestFilter(DigestAlgorithm::SHA256) >> |
| streamSink(os); |
| keyId = name::Component(os.buf()); |
| break; |
| } |
| case KeyIdType::RANDOM: { |
| BOOST_ASSERT(!params.getKeyId().empty()); |
| keyId = params.getKeyId(); |
| break; |
| } |
| default: { |
| BOOST_THROW_EXCEPTION(Error("Unsupported key id type")); |
| } |
| } |
| |
| keyHandle.setKeyName(v2::constructKeyName(identity, keyId)); |
| } |
| |
| bool |
| BackEnd::isTerminalMode() const |
| { |
| return true; |
| } |
| |
| void |
| BackEnd::setTerminalMode(bool isTerminal) const |
| { |
| } |
| |
| bool |
| BackEnd::isTpmLocked() const |
| { |
| return false; |
| } |
| |
| bool |
| BackEnd::unlockTpm(const char* pw, size_t pwLen) const |
| { |
| return !isTpmLocked(); |
| } |
| |
| } // namespace tpm |
| } // namespace security |
| } // namespace ndn |