2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 using System.Collections.Generic;
20 namespace Tizen.Security.SecureRepository
23 /// This class provides the methods for storing, retrieving, and creating keys.
25 /// <since_tizen> 3 </since_tizen>
26 public class KeyManager : Manager
29 /// Gets a key from the secure repository.
31 /// <since_tizen> 3 </since_tizen>
32 /// <param name="alias">The name of a key to retrieve.</param>
33 /// <param name="password">
34 /// The password used in decrypting a key value.
35 /// If password of policy is provided in SaveKey(), the same password should
38 /// <returns>A key specified by alias.</returns>
39 /// <exception cref="ArgumentNullException">
40 /// The alias argument is null.
42 /// <exception cref="ArgumentException">
43 /// The alias argument is in the invalid format.
45 /// <exception cref="InvalidOperationException">
46 /// The key does not exist with the alias or the key-protecting password isn't matched.
48 static public Key Get(string alias, string password)
51 throw new ArgumentNullException("alias cannot be null");
53 IntPtr ptr = IntPtr.Zero;
57 Interop.CheckNThrowException(
58 Interop.CkmcManager.GetKey(alias, password, out ptr),
59 "Failed to get key. alias=" + alias);
64 if (ptr != IntPtr.Zero)
65 Interop.CkmcTypes.KeyFree(ptr);
70 /// Gets all aliases of keys, which the client can access.
72 /// <since_tizen> 3 </since_tizen>
73 /// <returns>All aliases of keys, which the client can access.</returns>
74 /// <exception cref="ArgumentException">No alias to get.</exception>
75 static public IEnumerable<string> GetAliases()
77 IntPtr ptr = IntPtr.Zero;
81 Interop.CheckNThrowException(
82 Interop.CkmcManager.GetKeyAliasList(out ptr),
83 "Failed to get key aliases.");
84 return new SafeAliasListHandle(ptr).Aliases;
88 if (ptr != IntPtr.Zero)
89 Interop.CkmcTypes.AliasListAllFree(ptr);
94 /// Stores a key inside the secure repository based on the provided policy.
96 /// <since_tizen> 3 </since_tizen>
97 /// <param name="alias">The name of a key to be stored.</param>
98 /// <param name="key">The key's binary value to be stored.</param>
99 /// <param name="policy">The policy about how to store a key securely.</param>
100 /// <exception cref="ArgumentNullException">
101 /// Any of argument is null.
103 /// <exception cref="ArgumentException">
104 /// The alias argument is in the invalid format. key argument is in the invalid format.
106 /// <exception cref="InvalidOperationException">
107 /// The key with alias does already exist.
110 /// The type in key may be set to KeyType.None as an input.
111 /// The type is determined inside the secure reposioty during storing keys.
114 /// If the password in policy is provided, the key is additionally encrypted with
115 /// the password in policy.
117 static public void Save(string alias, Key key, Policy policy)
119 if (alias == null || key == null || policy == null)
120 throw new ArgumentNullException("More than one of argument is null");
122 Interop.CheckNThrowException(
123 Interop.CkmcManager.SaveKey(
124 alias, key.ToCkmcKey(), policy.ToCkmcPolicy()),
125 "Failed to save Key. alias=" + alias);
129 /// Creates the RSA private/public key pair and stores them inside the secure repository
130 /// based on each policy.
132 /// <since_tizen> 3 </since_tizen>
133 /// <param name="size">
134 /// The size of key strength to be created. 1024, 2048, and 4096 are supported.
136 /// <param name="privateKeyAlias">The name of private key to be stored.</param>
137 /// <param name="publicKeyAlias">The name of public key to be stored.</param>
138 /// <param name="privateKeyPolicy">
139 /// The policy about how to store a private key securely.
141 /// <param name="publicKeyPolicy">
142 /// The policy about how to store a public key securely.
144 /// <exception cref="ArgumentNullException">
145 /// Any of argument is null.
147 /// <exception cref="ArgumentException">
148 /// The size is invalid. privateKeyAlias or publicKeyAlias is invalid format.
150 /// <exception cref="InvalidOperationException">
151 /// The key with privateKeyAlias or publicKeyAlias does already exist.
154 /// If the password in policy is provided, the key is additionally encrypted with the
155 /// password in policy.
157 static public void CreateRsaKeyPair(
158 int size, string privateKeyAlias, string publicKeyAlias,
159 Policy privateKeyPolicy, Policy publicKeyPolicy)
161 if (size != 1024 && size != 2048 && size != 4096)
162 throw new ArgumentException(string.Format("Invalid key size({0})", size));
163 else if (privateKeyAlias == null || publicKeyAlias == null ||
164 privateKeyPolicy == null || publicKeyPolicy == null)
165 throw new ArgumentNullException("alias and policy should not be null");
167 Interop.CheckNThrowException(
168 Interop.CkmcManager.CreateKeyPairRsa(
169 (UIntPtr)size, privateKeyAlias, publicKeyAlias,
170 privateKeyPolicy.ToCkmcPolicy(), publicKeyPolicy.ToCkmcPolicy()),
171 "Failed to Create RSA Key Pair");
175 /// Creates the DSA private/public key pair and stores them inside the secure repository
176 /// based on each policy.
178 /// <since_tizen> 3 </since_tizen>
179 /// <param name="size">
180 /// The size of key strength to be created. 1024, 2048, 3072, and 4096 are
183 /// <param name="privateKeyAlias">The name of private key to be stored.</param>
184 /// <param name="publicKeyAlias">The name of public key to be stored.</param>
185 /// <param name="privateKeyPolicy">
186 /// The policy about how to store a private key securely.
188 /// <param name="publicKeyPolicy">
189 /// The policy about how to store a public key securely.
191 /// <exception cref="ArgumentNullException">
192 /// Any of argument is null.
194 /// <exception cref="ArgumentException">
195 /// The size is invalid. privateKeyAlias or publicKeyAlias is invalid format.
197 /// <exception cref="InvalidOperationException">
198 /// The key with privateKeyAlias or publicKeyAlias does already exist.
201 /// If the password in policy is provided, the key is additionally encrypted with
202 /// the password in policy.
204 static public void CreateDsaKeyPair(
205 int size, string privateKeyAlias, string publicKeyAlias,
206 Policy privateKeyPolicy, Policy publicKeyPolicy)
208 if (size != 1024 && size != 2048 && size != 3072 && size != 4096)
209 throw new ArgumentException(string.Format("Invalid key size({0})", size));
210 else if (privateKeyAlias == null || publicKeyAlias == null ||
211 privateKeyPolicy == null || publicKeyPolicy == null)
212 throw new ArgumentNullException("alias and policy should not be null");
214 Interop.CheckNThrowException(
215 Interop.CkmcManager.CreateKeyPairDsa(
216 (UIntPtr)size, privateKeyAlias, publicKeyAlias,
217 privateKeyPolicy.ToCkmcPolicy(), publicKeyPolicy.ToCkmcPolicy()),
218 "Failed to Create DSA Key Pair");
222 /// Creates the ECDSA private/public key pair and stores them inside secure repository
223 /// based on each policy.
225 /// <since_tizen> 3 </since_tizen>
226 /// <param name="type">The type of elliptic curve of ECDSA.</param>
227 /// <param name="privateKeyAlias">The name of private key to be stored.</param>
228 /// <param name="publicKeyAlias">The name of public key to be stored.</param>
229 /// <param name="privateKeyPolicy">
230 /// The policy about how to store a private key securely.
232 /// <param name="publicKeyPolicy">
233 /// The policy about how to store a public key securely.
235 /// <exception cref="ArgumentNullException">
236 /// Any of argument is null.
238 /// <exception cref="ArgumentException">
239 /// The elliptic curve type is invalid. privateKeyAlias or publicKeyAlias is in the
242 /// <exception cref="InvalidOperationException">
243 /// The key with privateKeyAlias or publicKeyAlias does already exist.
246 /// If the password in policy is provided, the key is additionally encrypted with
247 /// the password in policy.
249 static public void CreateEcdsaKeyPair(
250 EllipticCurveType type, string privateKeyAlias, string publicKeyAlias,
251 Policy privateKeyPolicy, Policy publicKeyPolicy)
253 if (privateKeyAlias == null || publicKeyAlias == null ||
254 privateKeyPolicy == null || publicKeyPolicy == null)
255 throw new ArgumentNullException("alias and policy should not be null");
257 Interop.CheckNThrowException(
258 Interop.CkmcManager.CreateKeyPairEcdsa(
259 (int)type, privateKeyAlias, publicKeyAlias,
260 privateKeyPolicy.ToCkmcPolicy(), publicKeyPolicy.ToCkmcPolicy()),
261 "Failed to Create ECDSA Key Pair");
265 /// Creates the AES key and stores it inside the secure repository based on each policy.
267 /// <since_tizen> 3 </since_tizen>
268 /// <param name="size">
269 /// The size of the key strength to be created. 128, 192 and 256 are supported.
271 /// <param name="keyAlias">The name of key to be stored.</param>
272 /// <param name="policy">The policy about how to store the key securely.</param>
273 /// <exception cref="ArgumentNullException">
274 /// The keyAlias or policy is null.
276 /// <exception cref="ArgumentException">
277 /// The key size is invalid. keyAlias is in the invalid format.
279 /// <exception cref="InvalidOperationException">
280 /// The key with privateKeyAlias or publicKeyAlias does already exist.
283 /// If the password in policy is provided, the key is additionally encrypted with
284 /// the password in policy.
286 static public void CreateAesKey(int size, string keyAlias, Policy policy)
288 if (size != 128 && size != 192 && size != 256)
289 throw new ArgumentException(string.Format("Invalid key size({0})", size));
290 else if (keyAlias == null || policy == null)
291 throw new ArgumentNullException("alias and policy should not be null");
293 Interop.CheckNThrowException(
294 Interop.CkmcManager.CreateKeyAes(
295 (UIntPtr)size, keyAlias, policy.ToCkmcPolicy()),
296 "Failed to AES Key");
299 // to be static class safely
300 internal KeyManager()