Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / e84d1eb0ef948ee5414667fced2d1051563eee67 / . / src / security / tpm / back-end-file.cpp
blob: 1adcf1c8d621623c592aea51ed2430b0978932d5 [file] [log] [blame]
Yingdi Yu0b60e7a2015-07-16 21:05:11 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Yingdi Yufe4733a2015-10-22 14:24:12 -0700[diff] [blame]3 * Copyright (c) 2013-2017 Regents of the University of California.
Yingdi Yu0b60e7a2015-07-16 21:05:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "back-end-file.hpp"
23#include "key-handle-mem.hpp"
24#include "../transform.hpp"
25#include "../transform/private-key.hpp"
26#include "../../encoding/buffer-stream.hpp"
27#include <unordered_map>
28#include <fstream>
29#include <cstdlib>
30#include <boost/filesystem.hpp>
31
32namespace ndn {
33namespace security {
34namespace tpm {
35
36using transform::PrivateKey;
37
38class BackEndFile::Impl
39{
40public:
41 explicit
42 Impl(const std::string& dir)
43 {
44 if (!dir.empty()) {
45 keystorePath = boost::filesystem::path(dir);
46 }
47#ifdef NDN_CXX_HAVE_TESTS
48 else if (getenv("TEST_HOME") != nullptr) {
49 keystorePath = boost::filesystem::path(getenv("TEST_HOME")) / ".ndn";
50 }
51#endif // NDN_CXX_HAVE_TESTS
52 else if (getenv("HOME") != nullptr) {
53 keystorePath = boost::filesystem::path(getenv("HOME")) / ".ndn";
54 }
55 else {
56 keystorePath = boost::filesystem::current_path() / ".ndn";
57 }
58
59 keystorePath /= "ndnsec-key-file";
60 boost::filesystem::create_directories(keystorePath);
61 }
62
63 boost::filesystem::path
64 toFileName(const Name& keyName)
65 {
66 std::stringstream os;
67 {
68 using namespace transform;
69 bufferSource(keyName.wireEncode().wire(), keyName.wireEncode().size()) >>
70 digestFilter(DigestAlgorithm::SHA256) >> hexEncode() >> streamSink(os);
71 }
72 return keystorePath / (os.str() + ".privkey");
73 }
74
75public:
76 boost::filesystem::path keystorePath;
77};
78
79BackEndFile::BackEndFile(const std::string& location)
80 : m_impl(new Impl(location))
81{
82}
83
84BackEndFile::~BackEndFile() = default;
85
Yingdi Yufe4733a2015-10-22 14:24:12 -0700[diff] [blame]86const std::string&
87BackEndFile::getScheme()
88{
89 static std::string scheme = "tpm-file";
90 return scheme;
91}
92
Yingdi Yu0b60e7a2015-07-16 21:05:11 -0700[diff] [blame]93bool
94BackEndFile::doHasKey(const Name& keyName) const
95{
96 if (!boost::filesystem::exists(m_impl->toFileName(keyName)))
97 return false;
98
99 try {
100 loadKey(keyName);
101 return true;
102 }
103 catch (const std::runtime_error&) {
104 return false;
105 }
106}
107
108unique_ptr<KeyHandle>
109BackEndFile::doGetKeyHandle(const Name& keyName) const
110{
111 if (!doHasKey(keyName))
112 return nullptr;
113
114 return make_unique<KeyHandleMem>(loadKey(keyName));
115}
116
117unique_ptr<KeyHandle>
118BackEndFile::doCreateKey(const Name& identityName, const KeyParams& params)
119{
120 shared_ptr<PrivateKey> key(transform::generatePrivateKey(params).release());
121 unique_ptr<KeyHandle> keyHandle = make_unique<KeyHandleMem>(key);
122
123 setKeyName(*keyHandle, identityName, params);
124
125 try {
126 saveKey(keyHandle->getKeyName(), key);
127 return keyHandle;
128 }
129 catch (const std::runtime_error& e) {
130 BOOST_THROW_EXCEPTION(Error(std::string("Cannot write key to disk: ") + e.what()));
131 }
132}
133
134void
135BackEndFile::doDeleteKey(const Name& keyName)
136{
137 boost::filesystem::path keyPath(m_impl->toFileName(keyName));
138
139 if (boost::filesystem::exists(keyPath)) {
140 try {
141 boost::filesystem::remove(keyPath);
142 }
143 catch (const boost::filesystem::filesystem_error&) {
144 BOOST_THROW_EXCEPTION(Error("Cannot delete key"));
145 }
146 }
147}
148
149ConstBufferPtr
150BackEndFile::doExportKey(const Name& keyName, const char* pw, size_t pwLen)
151{
152 shared_ptr<PrivateKey> key;
153 try {
154 key = loadKey(keyName);
155 }
156 catch (const PrivateKey::Error&) {
157 BOOST_THROW_EXCEPTION(Error("Cannot export private key"));
158 }
159 OBufferStream os;
160 key->savePkcs8(os, pw, pwLen);
161 return os.buf();
162}
163
164void
165BackEndFile::doImportKey(const Name& keyName, const uint8_t* buf, size_t size, const char* pw, size_t pwLen)
166{
167 try {
168 auto key = make_shared<PrivateKey>();
169 key->loadPkcs8(buf, size, pw, pwLen);
170 saveKey(keyName, key);
171 }
172 catch (const PrivateKey::Error&) {
173 BOOST_THROW_EXCEPTION(Error("Cannot import private key"));
174 }
175}
176
177shared_ptr<PrivateKey>
178BackEndFile::loadKey(const Name& keyName) const
179{
180 auto key = make_shared<PrivateKey>();
181 std::fstream is(m_impl->toFileName(keyName).string(), std::ios_base::in);
182 key->loadPkcs1Base64(is);
183 return key;
184}
185
186void
187BackEndFile::saveKey(const Name& keyName, shared_ptr<PrivateKey> key)
188{
189 std::string fileName = m_impl->toFileName(keyName).string();
190 std::fstream os(fileName, std::ios_base::out);
191 key->savePkcs1Base64(os);
192
193 // set file permission
194 chmod(fileName.c_str(), 0000400);
195}
196
197} // namespace tpm
198} // namespace security
199} // namespace ndn