2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 using System.Collections.Generic;
20 namespace Tizen.Security.SecureRepository
23 /// This class provides the methods storing, retrieving, and creating keys.
25 public class KeyManager : Manager
28 /// Gets a key from secure repository.
30 /// <param name="alias">The name of a key to retrieve.</param>
31 /// <param name="password">The password used in decrypting a key value.
32 /// If password of policy is provided in SaveKey(), the same password should be provided
34 /// <returns>A key specified by alias.</returns>
35 static public Key GetKey(string alias, string password)
37 IntPtr ptr = new IntPtr();
39 int ret = Interop.CkmcManager.GetKey(alias, password, out ptr);
40 Interop.CheckNThrowException(ret, "Failed to get key. alias=" + alias);
46 /// Gets all alias of keys which the client can access.
48 /// <returns>all alias of keys which the client can access.</returns>
49 static public IEnumerable<string> GetKeyAliases()
51 IntPtr ptr = new IntPtr();
52 int ret = Interop.CkmcManager.GetKeyAliasList(out ptr);
53 Interop.CheckNThrowException(ret, "Failed to get key aliases.");
55 return new SafeAliasListHandle(ptr).Aliases;
59 /// Stores a key inside secure repository based on the provided policy.
61 /// <param name="alias">The name of a key to be stored.</param>
62 /// <param name="key">The key's binary value to be stored.</param>
63 /// <param name="policy">The policy about how to store a key securely.</param>
64 /// <remarks>Type in key may be set to KeyType.None as an input. Type is determined inside secure reposioty during storing keys.</remarks>
65 /// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
66 static public void SaveKey(string alias, Key key, Policy policy)
68 int ret = Interop.CkmcManager.SaveKey(alias, key.ToCkmcKey(), policy.ToCkmcPolicy());
69 Interop.CheckNThrowException(ret, "Failed to save Key. alias=" + alias);
73 /// Creates RSA private/public key pair and stores them inside secure repository based on each policy.
75 /// <param name="size">The size of key strength to be created. 1024, 2048, 3072, and 4096 are supported.</param>
76 /// <param name="privateKeyAlias">The name of private key to be stored.</param>
77 /// <param name="publicKeyAlias">The name of public key to be stored.</param>
78 /// <param name="privateKeyPolicy">The policy about how to store a private key securely.</param>
79 /// <param name="publicKeyPolicy">The policy about how to store a public key securely.</param>
80 /// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
81 static public void CreateKeyPairRsa(int size, string privateKeyAlias, string publicKeyAlias,
82 Policy privateKeyPolicy, Policy publicKeyPolicy)
84 int ret = Interop.CkmcManager.CreateKeyPairRsa(size, privateKeyAlias, publicKeyAlias,
85 privateKeyPolicy.ToCkmcPolicy(), publicKeyPolicy.ToCkmcPolicy());
86 Interop.CheckNThrowException(ret, "Failed to Create RSA Key Pair");
90 /// Creates DSA private/public key pair and stores them inside secure repository based on each policy.
92 /// <param name="size">The size of key strength to be created. 1024, 2048, and 4096 are supported.</param>
93 /// <param name="privateKeyAlias">The name of private key to be stored.</param>
94 /// <param name="publicKeyAlias">The name of public key to be stored.</param>
95 /// <param name="privateKeyPolicy">The policy about how to store a private key securely.</param>
96 /// <param name="publicKeyPolicy">The policy about how to store a public key securely.</param>
97 /// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
98 static public void CreateKeyPairDsa(int size, string privateKeyAlias, string publicKeyAlias,
99 Policy privateKeyPolicy, Policy publicKeyPolicy)
101 int ret = Interop.CkmcManager.CreateKeyPairDsa(size, privateKeyAlias, publicKeyAlias,
102 privateKeyPolicy.ToCkmcPolicy(), publicKeyPolicy.ToCkmcPolicy());
103 Interop.CheckNThrowException(ret, "Failed to Create DSA Key Pair");
107 /// Creates ECDSA private/public key pair and stores them inside secure repository based on each policy.
109 /// <param name="type">The type of elliptic curve of ECDSA.</param>
110 /// <param name="privateKeyAlias">The name of private key to be stored.</param>
111 /// <param name="publicKeyAlias">The name of public key to be stored.</param>
112 /// <param name="privateKeyPolicy">The policy about how to store a private key securely.</param>
113 /// <param name="publicKeyPolicy">The policy about how to store a public key securely.</param>
114 /// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
115 static public void CreateKeyPairEcdsa(EllipticCurveType type, string privateKeyAlias, string publicKeyAlias,
116 Policy privateKeyPolicy, Policy publicKeyPolicy)
118 int ret = Interop.CkmcManager.CreateKeyPairEcdsa((int)type, privateKeyAlias, publicKeyAlias,
119 privateKeyPolicy.ToCkmcPolicy(), publicKeyPolicy.ToCkmcPolicy());
120 Interop.CheckNThrowException(ret, "Failed to Create ECDSA Key Pair");
124 /// Creates AES key and stores it inside secure repository based on each policy.
126 /// <param name="size">The size of key strength to be created. 128, 192 and256 are supported.</param>
127 /// <param name="keyAlias">The name of key to be stored.</param>
128 /// <param name="policy">The policy about how to store the key securely.</param>
129 /// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
130 static public void CreateKeyAes(int size, string keyAlias, Policy policy)
132 int ret = Interop.CkmcManager.CreateKeyAes(size, keyAlias, policy.ToCkmcPolicy());
133 Interop.CheckNThrowException(ret, "Failed to AES Key");