2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
19 * @brief Definitions of struct for the Key Manager's CAPI and their utility functions.
22 #ifndef __TIZEN_CORE_CKMC_TYPE_H
23 #define __TIZEN_CORE_CKMC_TYPE_H
26 #include <ckmc/ckmc-error.h>
28 #define KEY_MANAGER_CAPI __attribute__((visibility("default")))
36 * @addtogroup CAPI_KEY_MANAGER_TYPES_MODULE
41 * @brief Enumeration for key types of key manager.
44 typedef enum __ckmc_key_type {
45 CKMC_KEY_NONE = 0, /**< key type not specified */
46 CKMC_KEY_RSA_PUBLIC, /**< RSA public key */
47 CKMC_KEY_RSA_PRIVATE, /**< RSA private key */
48 CKMC_KEY_ECDSA_PUBLIC, /**< ECDSA public key */
49 CKMC_KEY_ECDSA_PRIVATE, /**< ECDSA private key */
53 * @brief Enumeration for data format.
56 typedef enum __ckmc_data_format {
57 CKMC_FORM_DER_BASE64 = 0, /**< DER format base64 encoded data */
58 CKMC_FORM_DER, /**< DER encoded data */
59 CKMC_FORM_PEM /**< PEM encoded data. It consists of the DER format base64 encoded with additional header and footer lines. */
63 * @brief Enumeration for elliptic curve.
66 typedef enum __ckmc_ec_type {
67 CKMC_EC_PRIME192V1 = 0, /**< Elliptic curve domain "secp192r1" listed in "SEC 2" recommended elliptic curve domain */
68 CKMC_EC_PRIME256V1, /**< "SEC 2" recommended elliptic curve domain - secp256r1 */
69 CKMC_EC_SECP384R1 /**< NIST curve P-384 (covers "secp384r1", the elliptic curve domain listed in See SEC 2 */
73 * @brief Enumeration for hash algorithm.
76 typedef enum __ckmc_hash_algo {
77 CKMC_HASH_SHA1 = 0, /**< Hash Algorithm SHA1 */
78 CKMC_HASH_SHA256, /**< Hash Algorithm SHA256 */
79 CKMC_HASH_SHA384, /**< Hash Algorithm SHA384 */
80 CKMC_HASH_SHA512 /**< Hash Algorithm SHA512 */
84 * @brief Enumeration for RSA padding algorithm.
87 typedef enum __ckmc_rsa_padding_algo {
88 CKMC_PKCS1_PADDING = 0, /**< PKCS#1 Padding */
89 CKMC_X931_PADDING /**< X9.31 padding */
90 } ckmc_rsa_padding_algo_e;
93 * @brief the structure for binary buffer used in key manager CAPI.
96 typedef struct __ckmc_raw_buff {
97 unsigned char* data; /**< Byte array containing binary data */
98 size_t size; /**< The size of the binary data */
102 * @brief The structure for a policy for storing key/certificate/binary data.
105 typedef struct __ckmc_policy {
106 char* password; /**< Byte array used to encrypt data inside CKM. If it is not null, the data(or key, or certificate) is stored encrypted with this password inside key manager */
107 bool extractable; /**< If true key may be extracted from storage */
111 * @brief The structure for key used in key manager CAPI.
114 typedef struct __ckmc_key {
115 unsigned char* raw_key; /**< Byte array of key. raw_key may be encrypted with password */
116 size_t key_size; /**< The byte size of raw_key */
117 ckmc_key_type_e key_type; /**< The raw_key's type */
118 char* password; /**< Byte array used to decrypt data raw_key inside key manager. */
122 * @brief The structure for certificate used in key manager CAPI.
125 typedef struct __ckmc_cert {
126 unsigned char* raw_cert; /**< Byte array of certificate */
127 size_t cert_size; /**< Byte size of raw_cert */
128 ckmc_data_format_e data_format; /**< Raw_cert's encoding format */
132 * @brief The structure for linked list of alias.
135 typedef struct __ckmc_alias_list {
136 char *alias; /**< The name of key, certificate or data stored in key manager */
137 struct __ckmc_alias_list *next; /**< The pointer pointing to the next ckmc_alias_list_s */
141 * @brief The structure for linked list of ckmc_cert_s
144 typedef struct __ckmc_cert_list {
145 ckmc_cert_s *cert; /**< The pointer of ckmc_cert_s */
146 struct __ckmc_cert_list *next; /**< The pointer pointing to the next ckmc_cert_list_s */
151 * @brief Creates a new @a ckmc_key_s handle and returns it.
154 * @privlevel platform
155 * @privilege %http://tizen.org/privilege/keymanager.admin
157 * @remarks You must destroy the newly created @a ckmc_key_s by calling ckmc_key_free() if it is no longer needed.
159 * @param[in] raw_key The byte array of key \n
160 * @a raw_key may be encrypted with password.
161 * @param[in] key_size The byte size of @a raw_key
162 * @param[in] key_type The @a raw_key's type
163 * @param[in] password The byte array used to decrypt @a raw_key inside key manager \n
164 * If @a raw_key is not encrypted, @a password can be null.
165 * @param[out] ppkey The pointer to a newly created @a ckmc_key_s handle
167 * @return @c 0 on success,
168 * otherwise a negative error value
170 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
171 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
173 * @see ckmc_key_free()
176 int ckmc_key_new(unsigned char *raw_key, size_t key_size,
177 ckmc_key_type_e key_type, char *password, ckmc_key_s **ppkey);
180 * @brief Destroys the @a ckmc_key_s handle and releases all its resources.
184 * @privilege %http://tizen.org/privilege/keymanager
186 * @param[in] key The @a ckmc_key_s handle to destroy
188 * @see ckmc_key_new()
190 void ckmc_key_free(ckmc_key_s *key);
194 * @brief Creates a new @a ckmc_raw_buffer_s handle and returns it.
197 * @privlevel platform
198 * @privilege %http://tizen.org/privilege/keymanager.admin
200 * @remarks You must destroy the newly created @a ckmc_raw_buffer_s by calling ckmc_buffer_free() if it is no longer needed.
202 * @param[in] data The byte array of buffer
203 * @param[in] size The byte size of buffer
204 * @param[out] ppbuffer The pointer to a newly created @a ckmc_buffer_s handle
206 * @return @c 0 on success,
207 * otherwise a negative error value
209 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
210 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
212 * @see ckmc_buffer_free()
213 * @see #ckmc_raw_buffer_s
215 int ckmc_buffer_new(unsigned char *data, size_t size,ckmc_raw_buffer_s **ppbuffer);
218 * @brief Destroys the @a ckmc_raw_buffer_s handle and releases all its resources.
222 * @privilege %http://tizen.org/privilege/keymanager
224 * @param[in] buffer The @a ckmc_raw_buffer_s handle to destroy
226 * @see ckmc_buffer_new()
228 void ckmc_buffer_free(ckmc_raw_buffer_s *buffer);
232 * @brief Creates a new @a ckmc_cert_s handle and returns it.
235 * @privlevel platform
236 * @privilege %http://tizen.org/privilege/keymanager.admin
238 * @remarks You must destroy the newly created @a ckmc_cert_s by calling ckmc_cert_free() if it is no longer needed.
240 * @param[in] raw_cert The byte array of certificate
241 * @param[in] cert_size The byte size of raw_cert
242 * @param[in] data_format The encoding format of raw_cert
243 * @param[out] ppcert The pointer to a newly created @a ckmc_cert_s handle
245 * @return @c 0 on success,
246 * otherwise a negative error value
248 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
249 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
251 * @see ckmc_cert_free()
252 * @see ckmc_load_cert_from_file()
253 * @see ckmc_load_from_pkcs12_file
256 int ckmc_cert_new(unsigned char *raw_cert, size_t cert_size,
257 ckmc_data_format_e data_format, ckmc_cert_s **ppcert);
260 * @brief Destroys the @a ckmc_cert handle and releases all its resources.
264 * @privilege %http://tizen.org/privilege/keymanager
266 * @param[in] cert The @a ckmc_cert_s handle to destroy
268 * @see ckmc_cert_new()
269 * @see ckmc_load_cert_from_file()
270 * @see ckmc_load_from_pkcs12_file
272 void ckmc_cert_free(ckmc_cert_s *cert);
275 * @brief Creates a new @a ckmc_cert_s handle from a given file and returns it.
279 * @privilege %http://tizen.org/privilege/keymanager
281 * @remarks You must destroy the newly created @a ckmc_cert_s by calling ckmc_cert_free() if it is no longer needed.
283 * @param[in] file_path The path of certificate file to be loaded \n
284 * The only DER or PEM encoded certificate file is supported.
285 * @param[out] cert The pointer of newly created @a ckmc_cert_s handle
287 * @return #CKMC_ERROR_NONE on success,
288 * otherwise a negative error value
290 * @retval #CKMC_ERROR_NONE Successful
291 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory space
292 * @retval #CKMC_ERROR_INVALID_FORMAT Invalid certificate file format
293 * @retval #CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
295 * @see ckmc_cert_free()
296 * @see ckmc_cert_new()
297 * @see ckmc_load_from_pkcs12_file()
300 int ckmc_load_cert_from_file(const char *file_path, ckmc_cert_s **cert);
303 * @brief Creates a new @a ckmc_key_s(private key), @a ckmc_cert_s(certificate), and @a ckmc_cert_list_s(CA certificates) handle from a given PKCS#12 file and returns them.
307 * @privilege %http://tizen.org/privilege/keymanager
309 * @remarks You must destroy the newly created @a ckmc_key_s, @a ckmc_cert_s, and @a ckmc_cert_list_s by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are no longer needed.
311 * @param[in] file_path The path of PKCS12 file to be loaded
312 * @param[in] passphrase The passphrase used to decrypt the PCKS12 file \n
313 * If PKCS12 file is not encrypted, passphrase can be null.
314 * @param[out] private_key The pointer of newly created @a ckmc_key_s handle for a private key
315 * @param[out] cert The pointer of newly created @a ckmc_cert_s handle for a certificate \n
316 * It is null if the PKCS12 file does not contain a certificate.
317 * @param[out] ca_cert_list The pointer of newly created @a ckmc_cert_list_s handle for CA certificates \n
318 * It is null if the PKCS12 file does not contain CA certificates.
320 * @return #CKMC_ERROR_NONE on success,
321 * otherwise a negative error value
323 * @retval #CKMC_ERROR_NONE Successful
324 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory space
325 * @retval #CKMC_ERROR_INVALID_FORMAT Invalid PKCS12 file format
326 * @retval #CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
328 * @see ckmc_key_free()
329 * @see ckmc_cert_free()
330 * @see ckmc_cert_list_all_free()
333 * @see #ckmc_cert_list_s
335 int ckmc_load_from_pkcs12_file(const char *file_path, const char *passphrase,
336 ckmc_key_s **private_key, ckmc_cert_s **cert,
337 ckmc_cert_list_s **ca_cert_list);
341 * @brief Creates a new @a ckmc_alias_list_s handle and returns it.
342 * The alias pointer in the returned @a ckmc_alias_list_s handle points to the provided characters and next is null.
345 * @privlevel platform
346 * @privilege %http://tizen.org/privilege/keymanager.admin
348 * @remarks You must destroy the newly created @a ckmc_alias_list_s by calling ckmc_alias_list_free() or ckmc_alias_list_all_free() if it is no longer needed.
350 * @param[in] alias The first item to be set in the newly created @a ckmc_alias_list_s
351 * @param[out] ppalias_list The pointer to a newly created @a ckmc_alias_list_s handle
353 * @return @c 0 on success,
354 * otherwise a negative error value
356 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
357 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
359 * @see ckmc_alias_list_add()
360 * @see ckmc_alias_list_free()
361 * @see ckmc_alias_list_all_free()
362 * @see #ckmc_alias_list_s
364 int ckmc_alias_list_new(char *alias, ckmc_alias_list_s **ppalias_list);
368 * @brief Creates a new @a ckmc_alias_list_s handle, adds it to a previous @a ckmc_alias_list_s and returns it.
369 * The alias pointer in the returned @a ckmc_alias_list_s handle points to the provided characters and next is null.
372 * @privlevel platform
373 * @privilege %http://tizen.org/privilege/keymanager.admin
375 * @param[in] previous The last @a ckmc_alias_list_s handle to which a newly created @a ckmc_alias_list_s is added
376 * @param[in] alias The item to be set in the newly created @a ckmc_alias_list_s
377 * @param[out] pplast The pointer to a newly created and added @a ckmc_alias_list_s handle
379 * @return @c 0 on success,
380 * otherwise a negative error value
382 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
383 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
385 * @see ckmc_alias_list_add()
386 * @see ckmc_alias_list_free()
387 * @see ckmc_alias_list_all_free()
388 * @see #ckmc_alias_list_s
390 int ckmc_alias_list_add(ckmc_alias_list_s *previous,
391 char *alias, ckmc_alias_list_s **pplast);
395 * @brief Destroys the @a ckmc_alias_list_s handle and releases resources of @a ckmc_alias_list_s from the provided first handle cascadingly.
398 * @privlevel platform
399 * @privilege %http://tizen.org/privilege/keymanager.admin
401 * @remarks It does not destroy an alias itself in @a ckmc_alias_list_s.
403 * @param[in] first The first @a ckmc_alias_list_s handle to destroy
405 * @see ckmc_alias_list_new()
406 * @see ckmc_alias_list_add()
407 * @see ckmc_alias_list_all_free()
408 * @see #ckmc_alias_list_s
410 void ckmc_alias_list_free(ckmc_alias_list_s *first);
413 * @brief Destroys the @a ckmc_alias_list_s handle and releases all its resources from the provided first handle cascadingly.
417 * @privilege %http://tizen.org/privilege/keymanager
419 * @remarks It also destroys the alias in @a ckmc_alias_list_s.
421 * @param[in] first The first @a ckmc_alias_list_s handle to destroy
423 * @see ckmc_alias_list_new()
424 * @see ckmc_alias_list_add()
425 * @see ckmc_alias_list_free()
426 * @see #ckmc_alias_list_s
428 void ckmc_alias_list_all_free(ckmc_alias_list_s *first);
429 ////////////////////////////////////////////////////////////////////////////////////// <- start
433 * @brief Creates a new @a ckmc_cert_list_s handle and returns it.
434 * The cert pointer in the returned @a ckmc_cert_list_s handle points to the provided @a ckmc_cert_s and next is null.
437 * @privlevel platform
438 * @privilege %http://tizen.org/privilege/keymanager.admin
440 * @remarks You must destroy the newly created @a ckmc_cert_list_s by calling ckmc_cert_list_free() or ckmc_cert_list_all_free() if it is no longer needed.
442 * @param[in] cert The first item to be set in the newly created @a ckmc_cert_list_s
443 * @param[out] ppalias_list The pointer to a newly created @a ckmc_alias_list_s handle
445 * @return @c 0 on success,
446 * otherwise a negative error value
448 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
449 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
451 * @see ckmc_cert_list_add()
452 * @see ckmc_cert_list_free()
453 * @see ckmc_cert_list_all_free()
454 * @see #ckmc_cert_list_s
456 int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list);
460 * @brief Creates a new @a ckmc_cert_list_s handle, adds it to a previous @a ckmc_cert_list_s and returns it.
461 * The cert pointer in the returned @a ckmc_alias_list_s handle points to the provided @a ckmc_cert_s and next is null.
464 * @privlevel platform
465 * @privilege %http://tizen.org/privilege/keymanager.admin
467 * @param[in] previous The last @a ckmc_cert_list_s handle to which a newly created @a ckmc_cert_list_s is added
468 * @param[in] cert The item to be set in the newly created @a ckmc_cert_list_s
469 * @param[out] pplast The pointer to a newly created and added @a ckmc_alias_list_s handle
471 * @return @c 0 on success,
472 * otherwise a negative error value
474 * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
475 * @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
477 * @see ckmc_cert_list_add()
478 * @see ckmc_cert_list_free()
479 * @see ckmc_cert_list_all_free()
480 * @see #ckmc_cert_list_s
482 int ckmc_cert_list_add(ckmc_cert_list_s *previous,
483 ckmc_cert_s *cert, ckmc_cert_list_s **pplast);
487 * @brief Destroys the @a ckmc_cert_list_s handle and releases resources of @a ckmc_cert_list_s from the provided first handle cascadingly.
490 * @privlevel platform
491 * @privilege %http://tizen.org/privilege/keymanager.admin
493 * @remarks It does not destroy @a ckmc_cert_s itself in @a ckmc_cert_list_s.
495 * @param[in] first The first @a ckmc_cert_list_s handle to destroy
497 * @see ckmc_cert_list_new()
498 * @see ckmc_cert_list_add()
499 * @see ckmc_cert_list_all_free()
500 * @see #ckmc_cert_list_s
502 void ckmc_cert_list_free(ckmc_cert_list_s *first);
505 * @brief Destroys the @a ckmc_cert_list_s handle and releases all its resources from the provided first handle cascadingly.
509 * @privilege %http://tizen.org/privilege/keymanager
511 * @remarks It also destroys @a ckmc_cert_s in ckmc_cert_list_s.
513 * @param[in] first The first @a ckmc_cert_list_s handle to destroy
515 * @see ckmc_cert_list_new()
516 * @see ckmc_cert_list_add()
517 * @see ckmc_cert_list_free()
518 * @see #ckmc_cert_list_s
520 void ckmc_cert_list_all_free(ckmc_cert_list_s *first);
530 #endif /* __TIZEN_CORE_CKMC_TYPE_H */