2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-manager.h
19 * @brief provides management functions(storing, retrieving, and removing) for keys, certificates and data of a user and additional crypto functions.
23 #ifndef __TIZEN_CORE_CKMC_MANAGER_H
24 #define __TIZEN_CORE_CKMC_MANAGER_H
27 #include <sys/types.h>
28 #include <ckmc/ckmc-type.h>
35 * @addtogroup CAPI_KEY_MANAGER_MODULE
41 * @brief Stores a key inside key manager based on the provided policy.
43 * @remarks Currently only four types of keys are supported for this API. These are RSA public/private key and ECDSA /private key.
44 * @remarks key_type in key may be set to #CKMC_KEY_NONE as an input. key_type is determined inside key manager during storing keys.
45 * @remarks Some private key files are protected by a password. if raw_key in key read from those encrypted files is encrypted with a password, the password should be provided in the #ckmc_key structure.
46 * @remarks if password in policy is provided, the key is additionally encrypted with the password in policy.
48 * @param[in] alias is the name of a key to be stored
49 * @param[in] key has a key's binary value to be stored.
50 * @param[in] policy is about how to store a key securely.
52 * @return 0 on success, otherwise a negative error value
53 * @exception #CKMC_API_SUCCESS Successful
54 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
55 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
56 * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
57 * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of raw_key is not valid.
58 * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
60 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
62 * @see ckmc_remove_key()
64 * @see ckmc_get_key_alias_list()
70 * @privilege %http://tizen.org/privilege/keymanager *
72 int ckmc_save_key(const char *alias, const ckmc_key key, const ckmc_policy policy);
75 * @brief Removes a key from key manager
77 * @remarks a client can remove only keys stored by the client.
79 * @param[in] alias is the name of a key to be removed
81 * @return 0 on success, otherwise a negative error value
82 * @exception #CKMC_API_SUCCESS Successful
83 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
84 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
85 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
86 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
88 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
90 * @see ckmc_save_key()
92 * @see ckmc_get_key_alias_list()
96 * @privilege %http://tizen.org/privilege/keymanager *
98 int ckmc_remove_key(const char *alias);
101 * @brief Get a key from key manager
103 * @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
104 * @remarks A newly created ppkey should be destroyed by calling ckmc_key_free() if it is no longer needed.
106 * @param[in] alias is the name of a key to retrieve
107 * @param[in] password is used in decrypting a key value. If password of policy is provided in ckmc_save_key(), the same password should be provided.
108 * @param[out] ppkey is a pointer to a newly created ckmc_key handle
110 * @return 0 on success, otherwise a negative error value
111 * @exception #CKMC_API_SUCCESS Successful
112 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
113 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
114 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
115 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
117 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
119 * @see ckmc_save_key()
120 * @see ckmc_remove_key()
121 * @see ckmc_get_key_alias_list()
124 * @privlevel platform
125 * @privilege %http://tizen.org/privilege/keymanager *
127 int ckmc_get_key(const char *alias, const char *password, ckmc_key **ppkey);
130 * @brief Get a all alias of keys to which the client can access
132 * @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
133 * @remarks A newly created ppalias_list should be destroyed by calling ckmc_alias_list_all_free() if it is no longer needed.
135 * @param[out] ppalias_list is a pointer to a newly created ckmc_alias_list handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
137 * @return 0 on success, otherwise a negative error value
138 * @exception #CKMC_API_SUCCESS Successful
139 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
140 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
141 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
142 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
144 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
146 * @see ckmc_save_key()
147 * @see ckmc_remove_key()
148 * @see ckmc_get_key()
151 * @privlevel platform
152 * @privilege %http://tizen.org/privilege/keymanager *
154 int ckmc_get_key_alias_list(ckmc_alias_list** ppalias_list);
160 * @brief Stores a certificate inside key manager based on the provided policy.
162 * @param[in] alias is the name of a certificate to be stored
163 * @param[in] cert has a certificate's binary value to be stored.
164 * @param[in] policy is about how to store a certificate securely.
166 * @return 0 on success, otherwise a negative error value
167 * @exception #CKMC_API_SUCCESS Successful
168 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
169 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
170 * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
171 * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of raw_cert is not valid.
172 * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
174 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
176 * @see ckmc_remove_cert()
177 * @see ckmc_get_cert()
178 * @see ckmc_get_cert_alias_list()
183 * @privlevel platform
184 * @privilege %http://tizen.org/privilege/keymanager *
186 int ckmc_save_cert(const char *alias, const ckmc_cert cert, const ckmc_policy policy);
189 * @brief Removes a certificate from key manager
191 * @remarks a client can remove only certificates stored by the client.
193 * @param[in] alias is the name of a certificate to be removed
195 * @return 0 on success, otherwise a negative error value
196 * @exception #CKMC_API_SUCCESS Successful
197 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
198 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
199 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
200 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
202 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
204 * @see ckmc_save_cert()
205 * @see ckmc_get_cert()
206 * @see ckmc_get_cert_alias_list()
209 * @privlevel platform
210 * @privilege %http://tizen.org/privilege/keymanager *
212 int ckmc_remove_cert(const char *alias);
215 * @brief Get a certificate from key manager
217 * @remarks a client can access only certificate stored by the client and non-restricted certificate stored by other clients.
218 * @remarks A newly created ppcert should be destroyed by calling ckmc_cert_free() if it is no longer needed.
220 * @param[in] alias is the name of a certificate to retrieve
221 * @param[in] password is used in decrypting a certificate value. If password of policy is provided in ckmc_save_cert(), the same password should be provided.
222 * @param[out] ppcert is a pointer to a newly created ckmc_cert handle
224 * @return 0 on success, otherwise a negative error value
225 * @exception #CKMC_API_SUCCESS Successful
226 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
227 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
228 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
229 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
231 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
233 * @see ckmc_save_cert()
234 * @see ckmc_remove_cert()
235 * @see ckmc_get_cert_alias_list()
238 * @privlevel platform
239 * @privilege %http://tizen.org/privilege/keymanager *
241 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert **ppcert);
244 * @brief Get a all alias of certificates to which the client can access
246 * @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
247 * @remarks A newly created ppalias_list should be destroyed by calling ckmc_alias_list_all_free() if it is no longer needed.
249 * @param[out] ppalias_list is a pointer to a newly created ckmc_alias_list handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
251 * @return 0 on success, otherwise a negative error value
252 * @exception #CKMC_API_SUCCESS Successful
253 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
254 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
255 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
256 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
258 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
260 * @see ckmc_save_cert()
261 * @see ckmc_remove_cert()
262 * @see ckmc_get_cert()
265 * @privlevel platform
266 * @privilege %http://tizen.org/privilege/keymanager *
268 int ckmc_get_cert_alias_list(ckmc_alias_list** ppalias_list);
274 * @brief Stores a data inside key manager based on the provided policy.
276 * @param[in] alias is the name of a data to be stored
277 * @param[in] data has a binary value to be stored.
278 * @param[in] policy is about how to store a data securely.
280 * @return 0 on success, otherwise a negative error value
281 * @exception #CKMC_API_SUCCESS Successful
282 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
283 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
284 * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
285 * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
287 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
289 * @see ckmc_remove_data()
290 * @see ckmc_get_data()
291 * @see ckmc_get_data_alias_list()
292 * @see #ckmc_raw_buffer
297 * @privilege %http://tizen.org/privilege/keymanager *
299 int ckmc_save_data(const char *alias, ckmc_raw_buffer data, const ckmc_policy policy);
302 * @brief Removes a data from key manager
304 * @remarks a client can remove only data stored by the client.
306 * @param[in] alias is the name of a data to be removed
308 * @return 0 on success, otherwise a negative error value
309 * @exception #CKMC_API_SUCCESS Successful
310 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
311 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
312 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
313 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
315 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
317 * @see ckmc_save_data()
318 * @see ckmc_get_data()
319 * @see ckmc_get_data_alias_list()
323 * @privilege %http://tizen.org/privilege/keymanager *
325 int ckmc_remove_data(const char *alias);
328 * @brief Get a data from key manager
330 * @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
331 * @remarks A newly created ppdata should be destroyed by calling ckmc_buffer_free() if it is no longer needed.
333 * @param[in] alias is the name of a data to retrieve
334 * @param[in] password is used in decrypting a data value. If password of policy is provided in ckmc_save_data(), the same password should be provided.
335 * @param[out] ppdata is a pointer to a newly created ckmc_raw_buffer handle
337 * @return 0 on success, otherwise a negative error value
338 * @exception #CKMC_API_SUCCESS Successful
339 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
340 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
341 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
342 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
344 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
346 * @see ckmc_save_data()
347 * @see ckmc_remove_data()
348 * @see ckmc_get_data_alias_list()
352 * @privilege %http://tizen.org/privilege/keymanager *
354 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer **ppdata);
357 * @brief Get a all alias of data to which the client can access
359 * @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
360 * @remarks A newly created ppalias_list should be destroyed by calling ckmc_alias_list_all_free() if it is no longer needed.
362 * @param[out] ppalias_list is a pointer to a newly created ckmc_alias_list handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
364 * @return 0 on success, otherwise a negative error value
365 * @exception #CKMC_API_SUCCESS Successful
366 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
367 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
368 * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
369 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
371 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
373 * @see ckmc_save_data()
374 * @see ckmc_remove_data()
375 * @see ckmc_get_data()
379 * @privilege %http://tizen.org/privilege/keymanager *
381 int ckmc_get_data_alias_list(ckmc_alias_list** ppalias_list);
387 * @brief Creates RSA private/public key pair and stores them inside key manager based on each policy.
389 * @remarks if password in policy is provided, the key is additionally encrypted with the password in policy.
391 * @param[in] size is the size of key strength to be created. 1024, 2048, and 4096 are supported.
392 * @param[in] private_key_alias is the name of private key to be stored.
393 * @param[in] public_key_alias is the name of public key to be stored.
394 * @param[in] policy_private_key is about how to store a private key securely.
395 * @param[in] policy_public_key is about how to store a public key securely.
397 * @return 0 on success, otherwise a negative error value
398 * @exception #CKMC_API_SUCCESS Successful
399 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
400 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
401 * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
402 * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
404 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
406 * @see ckmc_create_key_pair_ecdsa()
407 * @see ckmc_create_signature()
408 * @see ckmc_verify_signature()
412 * @privilege %http://tizen.org/privilege/keymanager *
414 int ckmc_create_key_pair_rsa(const size_t size, const char *private_key_alias, const char *public_key_alias, const ckmc_policy policy_private_key, const ckmc_policy policy_public_key);
417 * @brief Creates ECDSA private/public key pair and stores them inside key manager based on each policy.
419 * @remarks if password in policy is provided, the key is additionally encrypted with the password in policy.
421 * @param[in] type is the type of eliptic curve of ECDSA.
422 * @param[in] private_key_alias is the name of private key to be stored.
423 * @param[in] public_key_alias is the name of public key to be stored.
424 * @param[in] policy_private_key is about how to store a private key securely.
425 * @param[in] policy_public_key is about how to store a public key securely.
427 * @return 0 on success, otherwise a negative error value
428 * @exception #CKMC_API_SUCCESS Successful
429 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
430 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
431 * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
432 * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
434 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
436 * @see ckmc_create_key_pair_rsa()
437 * @see ckmc_create_signature()
438 * @see ckmc_verify_signature()
443 * @privilege %http://tizen.org/privilege/keymanager *
445 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type type, const char *private_key_alias, const char *public_key_alias, const ckmc_policy policy_private_key, const ckmc_policy policy_public_key);
448 * @brief Creates a signature on a given message using a private key and returns the signature
450 * @remarks If password of policy is provided during storing a key, the same password should be provided.
451 * @remarks A newly created ppsignature should be destroyed by calling ckmc_buffer_free() if it is no longer needed.
454 * @param[in] private_key_alias is the name of private key.
455 * @param[in] password is used in decrypting a private key value.
456 * @param[in] message is signed with a private key .
457 * @param[in] hash is the hash algorithm used in creating signature.
458 * @param[in] padding is the RSA padding algorithm used in creating signature. It is used only when the signature algorithm is RSA.
459 * @param[out] ppsignature is a pointer to a newly created signature's. If an error occurs, *ppsignature will be null.
461 * @return 0 on success, otherwise a negative error value
462 * @exception #CKMC_API_SUCCESS Successful
463 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
464 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
465 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
467 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
469 * @see ckmc_create_key_pair_rsa()
470 * @see ckmc_create_key_pair_ecdsa()
471 * @see ckmc_verify_signature()
472 * @see ckmc_buffer_free()
473 * @see #ckmc_hash_algo
474 * @see #ckmc_rsa_padding_algo
478 * @privilege %http://tizen.org/privilege/keymanager *
480 int ckmc_create_signature(const char *private_key_alias, const char *password, const ckmc_raw_buffer message, const ckmc_hash_algo hash, const ckmc_rsa_padding_algo padding, ckmc_raw_buffer **ppsignature);
483 * @brief Verify a given signature on a given message using a public key and returns the signature status.
485 * @remarks If password of policy is provided during storing a key, the same password should be provided.
487 * @param[in] public_key_alias is the name of public key.
488 * @param[in] password is used in decrypting a public key value.
489 * @param[in] message is a input on which the signature is created.
490 * @param[in] signature is verified with public key.
491 * @param[in] hash is the hash algorithm used in verifying signature.
492 * @param[in] padding is the RSA padding algorithm used in verifying signature. It is used only when the signature algorithm is RSA.
494 * @return 0 on success and the signature is valid, otherwise a negative error value
495 * @exception #CKMC_API_SUCCESS Successful
496 * @exception #CKMC_API_ERROR_VERIFICATION_FAILED the signature is invalid
497 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
498 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
499 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
501 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
503 * @see ckmc_create_key_pair_rsa()
504 * @see ckmc_create_key_pair_ecdsa()
505 * @see ckmc_verify_signature()
506 * @see #ckmc_hash_algo
507 * @see #ckmc_rsa_padding_algo
511 * @privilege %http://tizen.org/privilege/keymanager *
513 int ckmc_verify_signature(const char *public_key_alias, const char *password, const ckmc_raw_buffer message, const ckmc_raw_buffer signature, const ckmc_hash_algo hash, const ckmc_rsa_padding_algo padding);
516 * @brief Verify a certificate chain and return that chain.
518 * @remarks The trusted root certificate of the chain should exist in the system's certificate storage.
519 * @remarks A newly created ppcert_chain_list should be destroyed by calling ckmc_cert_list_all_free() if it is no longer needed.
521 * @param[in] cert is the certificate to be verified
522 * @param[in] untrustedcerts is the untrusted CA certificates to be used in verifying a certificate chain.
523 * @param[out] ppcert_chain_list is a pointer to a newly created certificate chain's handle. If an error occurs, *ppcert_chain_list will be null.
525 * @return 0 on success and the signature is valid, otherwise a negative error value
526 * @exception #CKMC_API_SUCCESS Successful
527 * @exception #CKMC_API_ERROR_VERIFICATION_FAILED the certificate chain is not valid
528 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
529 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
530 * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of certificate is not valid.
532 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
534 * @see ckmc_get_cert_chain_with_alias())
535 * @see ckmc_cert_list_all_free()
539 * @privilege %http://tizen.org/privilege/keymanager *
541 int ckmc_get_cert_chain(const ckmc_cert *cert, const ckmc_cert_list *untrustedcerts, ckmc_cert_list **ppcert_chain_list);
544 * @brief Verify a certificate chain using a alias list of untrusted certificates and return that chain.
546 * @remarks The trusted root certificate of the chain should exist in the system's certificate storage.
547 * @remarks A newly created ppcert_chain_list should be destroyed by calling ckmc_cert_list_all_free() if it is no longer needed.
549 * @param[in] cert is the certificate to be verified
550 * @param[in] untrustedcerts is an alias list of untrusted CA certificates stored in key manager to be used in verifying a certificate chain.
551 * @param[out] ppcert_chain_list is a pointer to a newly created certificate chain's handle. If an error occurs, *ppcert_chain_list will be null.
553 * @return 0 on success and the signature is valid, otherwise a negative error value
554 * @exception #CKMC_API_SUCCESS Successful
555 * @exception #CKMC_API_ERROR_VERIFICATION_FAILED the certificate chain is not valid
556 * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
557 * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
558 * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
559 * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of certificate is not valid.
561 * @pre User must be already logged in and his user key is already loaded into memory in plain text form.
563 * @see ckmc_get_cert_chain())
564 * @see ckmc_cert_list_all_free()
568 * @privilege %http://tizen.org/privilege/keymanager *
570 int ckmc_get_cert_chain_with_alias(const ckmc_cert *cert, const ckmc_alias_list *untrustedcerts, ckmc_cert_list **ppcert_chain_list);
582 #endif /* __TIZEN_CORE_CKMC_MANAGER_H */