1#ifndef NDNPH_KEYCHAIN_EC_HPP
2#define NDNPH_KEYCHAIN_EC_HPP
4#include "../port/ec/port.hpp"
14using PvtLen = port::Ec::Curve::PvtLen;
15using PubLen = port::Ec::Curve::PubLen;
20 static const uint8_t bytes[] = {
23 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01,
24 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07,
27 static const tlv::Value value(bytes,
sizeof(bytes));
49 if (content.size() < PubLen::value) {
54 auto found = std::search(content.begin(), content.end(), oid.begin(), oid.end());
55 if (found == content.end()) {
59 return content.end() - PubLen::value;
70 explicit operator bool()
const {
71 return m_key !=
nullptr;
70 explicit operator bool()
const {
…}
80 bool import(
const Name& name,
const uint8_t raw[KeyLen::value]) {
86 if (!m_key->import(raw)) {
92 std::copy_n(raw,
sizeof(m_raw), m_raw);
80 bool import(
const Name& name,
const uint8_t raw[KeyLen::value]) {
…}
104 if (raw ==
nullptr) {
113 return import(name, raw);
126 template<
typename Signer>
128 const Signer& signer)
const {
131 size_t spkiLen = spkiHdr.size() + KeyLen::value;
132 uint8_t* spki = region.
alloc(spkiLen);
133 if (spki ==
nullptr) {
137 auto pos = std::copy_n(spkiHdr.begin(), spkiHdr.size(), spki);
138 std::copy_n(m_raw, KeyLen::value, pos);
153 template<
typename Signer>
155 const Signer& signer)
const {
165 bool verify(std::initializer_list<tlv::Value> chunks,
const uint8_t* sig,
166 size_t sigLen)
const final {
167 if (m_key ==
nullptr) {
165 bool verify(std::initializer_list<tlv::Value> chunks,
const uint8_t* sig, {
…}
175 std::unique_ptr<port::Ec::PublicKey> m_key;
176 uint8_t m_raw[KeyLen::value];
186 explicit operator bool()
const {
187 return m_key !=
nullptr;
186 explicit operator bool()
const {
…}
194 bool import(
const Name& name,
const uint8_t raw[KeyLen::value]) {
200 if (!m_key->import(raw)) {
194 bool import(
const Name& name,
const uint8_t raw[KeyLen::value]) {
…}
210 return MaxSigLen::value;
213 ssize_t
sign(std::initializer_list<tlv::Value> chunks, uint8_t* sig)
const final {
214 if (m_key ==
nullptr) {
221 return m_key->sign(digest, sig);
213 ssize_t
sign(std::initializer_list<tlv::Value> chunks, uint8_t* sig)
const final {
…}
225 std::unique_ptr<port::Ec::PrivateKey> m_key;
233generateRaw(uint8_t pvt[EcPrivateKey::KeyLen::value], uint8_t pub[EcPublicKey::KeyLen::value]) {
233generateRaw(uint8_t pvt[EcPrivateKey::KeyLen::value], uint8_t pub[EcPublicKey::KeyLen::value]) {
…}
240struct StoredKeyPair {
241 uint8_t pvt[PvtLen::value];
242 uint8_t pub[PubLen::value];
254 encoder.prepend(keyName);
255 auto stored =
reinterpret_cast<StoredKeyPair*
>(encoder.prependRoom(
sizeof(StoredKeyPair)));
256 bool ok = stored !=
nullptr &&
generateRaw(stored->pvt, stored->pub) &&
257 pvt.
import(keyName, stored->pvt) && pub.
import(keyName, stored->pub);
259 if (keyChain !=
nullptr) {
277 return detail::generate(region, name, pvt, pub,
nullptr,
nullptr);
293 return detail::generate(region, name, pvt, pub, &keyChain,
id);
303 if (storedObject.
size() <
sizeof(detail::StoredKeyPair)) {
306 auto stored =
reinterpret_cast<const detail::StoredKeyPair*
>(storedObject.
begin());
308 Decoder decoder(storedObject.
begin() +
sizeof(detail::StoredKeyPair),
309 storedObject.
size() -
sizeof(detail::StoredKeyPair));
310 return decoder.
decode(name) && pvt.
import(name, stored->pvt) && pub.
import(name, stored->pub);
Data packet.
Definition data.hpp:136
void setContent(tlv::Value v)
Definition data.hpp:176
tlv::Value getContent() const
Definition data.hpp:172
TLV decoder.
Definition decoder.hpp:10
bool decode(T &target) const
Decode first TLV into target object.
Definition decoder.hpp:158
File based key and certificate store.
Definition keychain.hpp:36
KeyChainKeys keys
Definition keychain.hpp:51
tlv::Value get(const char *key, Region ®ion)
Retrieve a value.
Definition kv.hpp:38
bool set(const char *key, tlv::Value value)
Store a value.
Definition kv.hpp:69
Name.
Definition name.hpp:14
Region-based memory allocator thats owns memory of NDNph objects.
Definition region.hpp:9
uint8_t * alloc(size_t size)
Allocate a buffer with no alignment requirement.
Definition region.hpp:27
Encoder that auto-discards upon destruction.
Definition encoder.hpp:198
ValidityPeriod of a certificate.
Definition validity-period.hpp:37
void setName(const Name &v)
Assign KeyLocator name.
Definition helper.hpp:40
const Name & getName() const
Retrieve KeyLocator name.
Definition helper.hpp:35
EC private key.
Definition ec.hpp:180
bool import(const Name &name, const uint8_t raw[KeyLen::value])
Import a private key from raw key bits.
Definition ec.hpp:194
detail::PvtLen KeyLen
Definition ec.hpp:182
ssize_t sign(std::initializer_list< tlv::Value > chunks, uint8_t *sig) const final
Perform signing.
Definition ec.hpp:213
size_t getMaxSigLen() const final
Definition ec.hpp:209
port::Ec::Curve::MaxSigLen MaxSigLen
Definition ec.hpp:183
EC public key.
Definition ec.hpp:65
Data::Signed buildCertificate(Region ®ion, const Name &name, const ValidityPeriod &validity, const Signer &signer) const
Generate certificate of this public key.
Definition ec.hpp:127
bool verify(std::initializer_list< tlv::Value > chunks, const uint8_t *sig, size_t sigLen) const final
Perform verification.
Definition ec.hpp:165
detail::PubLen KeyLen
Definition ec.hpp:67
bool import(const Name &name, const uint8_t raw[KeyLen::value])
Import from raw key bits.
Definition ec.hpp:80
Data::Signed selfSign(Region ®ion, const ValidityPeriod &validity, const Signer &signer) const
Generate self-signed certificate of this public key.
Definition ec.hpp:154
static bool generateKey(uint8_t *pvt, uint8_t *pub)
Definition mbed.hpp:125
A sequence of bytes, usually TLV-VALUE.
Definition value.hpp:11
const uint8_t * begin() const
Definition value.hpp:38
size_t size() const
Definition value.hpp:46
#define NDNPH_SHA256_LEN
SHA256 digest length.
Definition common.hpp:34
bool isCertificate(const Data &data)
Determine if the Data packet is a certificate.
Definition certificate.hpp:170
bool isKeyName(const Name &name)
Determine if the input is a key name.
Definition certificate.hpp:37
Component getIssuerSelf()
Return 'self' component as self-signed issuerId.
Definition certificate.hpp:29
Name toKeyName(Region ®ion, const Name &input, bool mustCopy=false)
Convert to key name.
Definition certificate.hpp:82
Name makeCertName(Region ®ion, const Name &input, const Component &issuerId, const Component &version)
Construct certificate name with specified issuerId and version.
Definition certificate.hpp:149
Definition input-iterator-pointer-proxy.hpp:5
Data::Signed buildCertificate(Region ®ion, const Name &name, const ValidityPeriod &validity, const Signer &signer, const Modify &modify)
Definition certificate.hpp:207
bool computeDigest(std::initializer_list< tlv::Value > chunks, uint8_t digest[NDNPH_SHA256_LEN])
Definition helper.hpp:15
port::Ec::Curve::PvtLen PvtLen
Definition ec.hpp:14
const uint8_t * findPublicKeyInCertificate(const Data &data)
Extract raw public key from a certificate.
Definition ec.hpp:43
port::Ec::Curve::PubLen PubLen
Definition ec.hpp:15
tlv::Value getSpkiHeader()
Return EC P-256 SPKI except the key.
Definition ec.hpp:19
tlv::Value getOid()
Return '1.2.840.10045.2.1 ecPublicKey' OID bytes.
Definition ec.hpp:33
bool generateRaw(uint8_t pvt[EcPrivateKey::KeyLen::value], uint8_t pub[EcPublicKey::KeyLen::value])
Generate key pair in raw format.
Definition ec.hpp:233
bool generate(Region ®ion, const Name &name, EcPrivateKey &pvt, EcPublicKey &pub)
Generate key pair.
Definition ec.hpp:276
bool isCertificate(const Data &data)
Determine if the Data packet is a certificate that contains an EC public key.
Definition ec.hpp:319
bool load(KeyChain &keyChain, const char *id, Region ®ion, EcPrivateKey &pvt, EcPublicKey &pub)
Load key pair from KeyChain.
Definition ec.hpp:301
