1 /* Copyright (c) 2014-2020 Samsung Electronics Co., Ltd. All rights reserved
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License
16 * @file client-manager-impl.cpp
17 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
19 * @brief Manager implementation.
21 #include <openssl/evp.h>
23 #include <dpl/serialization.h>
24 #include <dpl/log/log.h>
26 #include <client-manager-impl.h>
27 #include <client-common.h>
28 #include <exception.h>
29 #include <message-buffer.h>
30 #include <protocols.h>
32 #include <key-aes-impl.h>
33 #include <certificate-impl.h>
39 int deserializeResponse(const int msgId, MessageBuffer &recv, T&&...t)
41 int retMsgId, retCode;
42 recv.Deserialize(retMsgId, retCode, std::forward<T>(t)...);
43 return msgId != retMsgId ? CKM_API_ERROR_UNKNOWN : retCode;
48 ServiceConnection &serviceConnection,
51 const CertificateShPtr &certificate,
52 const T &untrustedVector,
53 const T &trustedVector,
54 bool useTrustedSystemCertificates,
55 CertificateShPtrVector &certificateChainVector)
57 EXCEPTION_GUARD_START_CPPAPI
59 Manager::Impl::Request rq(impl, command, serviceConnection,
60 certificate->getDER(), untrustedVector, trustedVector, useTrustedSystemCertificates);
64 RawBufferVector rawBufferVector;
65 int retCode = rq.deserialize(rawBufferVector);
67 if (retCode != CKM_API_SUCCESS)
70 for (auto &e : rawBufferVector) {
71 CertificateShPtr cert(new CertificateImpl(e, DataFormat::FORM_DER));
74 return CKM_API_ERROR_BAD_RESPONSE;
76 certificateChainVector.push_back(std::move(cert));
85 int doRequest(MessageBuffer &recv, CKM::ServiceConnection &conn, T&&...t)
87 return conn.processRequest(SerializeMessage(std::forward<T>(t)...), recv);
93 : m_storageConnection(SERVICE_SOCKET_CKM_STORAGE),
94 m_ocspConnection(SERVICE_SOCKET_OCSP),
95 m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION)
99 template <class Cmd, class...T>
100 Manager::Impl::Request::Request(Manager::Impl &impl, Cmd cmd, CKM::ServiceConnection &conn, T&&...t)
102 static_assert(sizeof cmd <= sizeof(int));
103 const auto msgId = m_msgId = ++impl.m_counter;
104 m_retCode = doRequest(m_recv, conn, static_cast<int>(cmd), msgId, std::forward<T>(t)...);
107 Manager::Impl::Request::operator bool() const {
108 return CKM_API_SUCCESS == m_retCode;
111 int Manager::Impl::Request::err() const {
117 int Manager::Impl::Request::deserialize(T&&...t)
120 return deserializeResponse(m_msgId, m_recv, std::forward<T>(t)...);
124 int Manager::Impl::Request::maybeDeserialize(T&&...t)
126 return *this ? deserialize(std::forward<T>(t)...) : err();
129 int Manager::Impl::saveBinaryData(
132 const RawBuffer &rawData,
133 const Policy &policy)
135 EXCEPTION_GUARD_START_CPPAPI
137 if (alias.empty() || rawData.empty())
138 return CKM_API_ERROR_INPUT_PARAM;
140 AliasSupport helper(alias);
143 return Request(*this, LogicCommand::SAVE, m_storageConnection,
144 dataType, helper.getName(), helper.getOwner(), rawData, PolicySerializable(policy)
145 ).maybeDeserialize(opType);
150 int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key,
151 const Policy &policy)
153 if (key.get() == NULL || key->empty())
154 return CKM_API_ERROR_INPUT_PARAM;
156 return saveBinaryData(alias, DataType(key->getType()), key->getDER(), policy);
157 } catch (const Exc::Exception &e) {
158 LogError("Exception: " << e.what());
163 int Manager::Impl::saveCertificate(
165 const CertificateShPtr &cert,
166 const Policy &policy)
168 return cert.get() == NULL || cert->empty()
169 ? CKM_API_ERROR_INPUT_PARAM
170 : saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy);
173 int Manager::Impl::saveData(const Alias &alias, const RawBuffer &rawData,
174 const Policy &policy)
176 return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy);
180 int Manager::Impl::savePKCS12(
182 const PKCS12ShPtr &pkcs,
183 const Policy &keyPolicy,
184 const Policy &certPolicy)
186 if (alias.empty() || pkcs.get() == NULL)
187 return CKM_API_ERROR_INPUT_PARAM;
189 EXCEPTION_GUARD_START_CPPAPI
191 AliasSupport helper(alias);
193 return Request(*this, LogicCommand::SAVE_PKCS12, m_storageConnection,
194 helper.getName(), helper.getOwner(), PKCS12Serializable(*pkcs.get()),
195 PolicySerializable(keyPolicy), PolicySerializable(certPolicy)
196 ).maybeDeserialize();
201 int Manager::Impl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs)
203 return getPKCS12(alias, Password(), Password(), pkcs);
206 int Manager::Impl::getPKCS12(const Alias &alias, const Password &keyPass,
207 const Password &certPass, PKCS12ShPtr &pkcs)
210 return CKM_API_ERROR_INPUT_PARAM;
212 EXCEPTION_GUARD_START_CPPAPI
214 AliasSupport helper(alias);
216 int msgId = ++m_counter;
219 int retCode = doRequest(recv, m_storageConnection,
220 static_cast<int>(LogicCommand::GET_PKCS12), msgId,
221 helper.getName(), helper.getOwner(), keyPass, certPass);
223 if (CKM_API_SUCCESS != retCode)
227 PKCS12Serializable gotPkcs;
228 recv.Deserialize(retMsgId, retCode, gotPkcs);
230 if (retMsgId != msgId)
231 return CKM_API_ERROR_UNKNOWN;
233 pkcs = std::make_shared<PKCS12Impl>(std::move(gotPkcs));
241 int Manager::Impl::removeAlias(const Alias &alias)
244 return CKM_API_ERROR_INPUT_PARAM;
246 EXCEPTION_GUARD_START_CPPAPI
248 AliasSupport helper(alias);
250 return Request(*this, LogicCommand::REMOVE, m_storageConnection,
251 helper.getName(), helper.getOwner()
252 ).maybeDeserialize();
257 int Manager::Impl::getBinaryData(
259 DataType sendDataType,
260 const Password &password,
261 DataType &recvDataType,
265 return CKM_API_ERROR_INPUT_PARAM;
267 EXCEPTION_GUARD_START_CPPAPI
269 AliasSupport helper(alias);
271 return Request(*this, LogicCommand::GET, m_storageConnection,
272 sendDataType, helper.getName(), helper.getOwner(), password
273 ).maybeDeserialize(recvDataType, rawData);
278 int Manager::Impl::getBinaryDataEncryptionStatus(const DataType sendDataType,
279 const Alias &alias, bool &status)
283 return CKM_API_ERROR_INPUT_PARAM;
285 EXCEPTION_GUARD_START_CPPAPI
287 AliasSupport helper(alias);
288 DataType tmpDataType;
290 int retCode = Request(*this, LogicCommand::GET_PROTECTION_STATUS, m_storageConnection,
291 sendDataType, helper.getName(), helper.getOwner()
292 ).maybeDeserialize(tmpDataType, status);
294 if (retCode != CKM_API_SUCCESS)
302 int Manager::Impl::getKey(const Alias &alias, const Password &password,
305 DataType recvDataType;
308 int retCode = getBinaryData(alias, DataType::KEY_RSA_PUBLIC, password, recvDataType, rawData);
310 if (retCode != CKM_API_SUCCESS)
313 KeyShPtr keyParsed = recvDataType.isSKey() ? Key::createAES(rawData) : Key::create(rawData);
316 LogDebug("Key empty - failed to parse!");
317 return CKM_API_ERROR_BAD_RESPONSE;
322 return CKM_API_SUCCESS;
325 int Manager::Impl::getCertificate(const Alias &alias, const Password &password,
326 CertificateShPtr &cert)
328 DataType recvDataType;
331 int retCode = getBinaryData(alias, DataType::CERTIFICATE, password, recvDataType, rawData);
333 if (retCode != CKM_API_SUCCESS)
336 if (!recvDataType.isCertificate())
337 return CKM_API_ERROR_BAD_RESPONSE;
339 CertificateShPtr certParsed(new CertificateImpl(rawData, DataFormat::FORM_DER));
341 if (certParsed->empty())
342 return CKM_API_ERROR_BAD_RESPONSE;
344 cert = std::move(certParsed);
346 return CKM_API_SUCCESS;
349 int Manager::Impl::getData(const Alias &alias, const Password &password,
352 DataType recvDataType = DataType::BINARY_DATA;
354 int retCode = getBinaryData(alias, DataType::BINARY_DATA, password, recvDataType, rawData);
356 if (retCode != CKM_API_SUCCESS)
359 return recvDataType.isBinaryData() ? CKM_API_SUCCESS : CKM_API_ERROR_BAD_RESPONSE;
362 int Manager::Impl::getBinaryDataAliasVectorHelper(DataType dataType,
363 OwnerNameVector &ownerNameVector)
365 DataType tmpDataType;
366 return Request(*this, LogicCommand::GET_LIST, m_storageConnection,
368 ).maybeDeserialize(tmpDataType, ownerNameVector);
371 int Manager::Impl::getBinaryDataAliasVector(DataType dataType,
372 AliasVector &aliasVector)
374 EXCEPTION_GUARD_START_CPPAPI
375 OwnerNameVector ownerNameVector;
376 int retCode = getBinaryDataAliasVectorHelper(dataType, ownerNameVector);
378 if (retCode != CKM_API_SUCCESS)
381 for (const auto &it : ownerNameVector)
382 aliasVector.push_back(AliasSupport::merge(it.first, it.second));
384 return CKM_API_SUCCESS;
388 int Manager::Impl::getBinaryDataAliasPwdVector(DataType dataType,
389 AliasPwdVector &aliasPwdVector)
391 EXCEPTION_GUARD_START_CPPAPI
392 OwnerNameVector ownerNameVector;
393 OwnerNameEncryptionStatusVector ownerNameEncryptionStatusVector;
394 int retCode = getBinaryDataAliasVectorHelper(dataType, ownerNameVector);
396 if (retCode != CKM_API_SUCCESS)
399 for (const auto &it : ownerNameVector)
401 Alias alias = AliasSupport::merge(std::get<0>(it), std::get<1>(it));
403 retCode = getBinaryDataEncryptionStatus(dataType, alias, status);
405 if (retCode != CKM_API_SUCCESS)
408 aliasPwdVector.push_back(std::make_pair(alias, status));
410 return CKM_API_SUCCESS;
414 int Manager::Impl::getKeyAliasVector(AliasVector &aliasVector)
416 // in fact datatype has no meaning here - if not certificate or binary data
417 // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST
418 return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector);
421 int Manager::Impl::getCertificateAliasVector(AliasVector &aliasVector)
423 return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector);
426 int Manager::Impl::getDataAliasVector(AliasVector &aliasVector)
428 return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector);
431 int Manager::Impl::getKeyAliasPwdVector(AliasPwdVector &aliasPwdVector)
433 return getBinaryDataAliasPwdVector(DataType::DB_KEY_LAST, aliasPwdVector);
436 int Manager::Impl::getKeyEncryptionStatus(const Alias &alias, bool &status)
438 return getBinaryDataEncryptionStatus(DataType::DB_KEY_LAST, alias, status);
441 int Manager::Impl::getCertificateAliasPwdVector(AliasPwdVector &aliasPwdVector)
443 return getBinaryDataAliasPwdVector(DataType::CERTIFICATE, aliasPwdVector);
446 int Manager::Impl::getCertificateEncryptionStatus(const Alias &alias, bool &status)
448 return getBinaryDataEncryptionStatus(DataType::CERTIFICATE, alias, status);
451 int Manager::Impl::getDataAliasPwdVector(AliasPwdVector &aliasPwdVector)
453 return getBinaryDataAliasPwdVector(DataType::BINARY_DATA, aliasPwdVector);
456 int Manager::Impl::getDataEncryptionStatus(const Alias &alias, bool &status)
458 return getBinaryDataEncryptionStatus(DataType::BINARY_DATA, alias, status);
461 int Manager::Impl::createKeyPairRSA(
463 const Alias &privateKeyAlias,
464 const Alias &publicKeyAlias,
465 const Policy &policyPrivateKey,
466 const Policy &policyPublicKey)
468 return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias,
469 publicKeyAlias, policyPrivateKey, policyPublicKey);
472 int Manager::Impl::createKeyPairDSA(
474 const Alias &privateKeyAlias,
475 const Alias &publicKeyAlias,
476 const Policy &policyPrivateKey,
477 const Policy &policyPublicKey)
479 return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias,
480 publicKeyAlias, policyPrivateKey, policyPublicKey);
483 int Manager::Impl::createKeyPairECDSA(
485 const Alias &privateKeyAlias,
486 const Alias &publicKeyAlias,
487 const Policy &policyPrivateKey,
488 const Policy &policyPublicKey)
490 return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC,
491 static_cast<int>(type), privateKeyAlias, publicKeyAlias,
492 policyPrivateKey, policyPublicKey);
495 int Manager::Impl::createKeyAES(
497 const Alias &keyAlias,
498 const Policy &policyKey)
500 EXCEPTION_GUARD_START_CPPAPI
502 AliasSupport aliasHelper(keyAlias);
504 return Request(*this, LogicCommand::CREATE_KEY_AES, m_storageConnection,
505 static_cast<int>(size), PolicySerializable(policyKey),
506 aliasHelper.getName(), aliasHelper.getOwner()
507 ).maybeDeserialize();
513 int Manager::Impl::createKeyPair(
514 const KeyType key_type,
515 const int additional_param,
516 const Alias &privateKeyAlias,
517 const Alias &publicKeyAlias,
518 const Policy &policyPrivateKey,
519 const Policy &policyPublicKey)
522 CryptoAlgorithm keyGenAlgorithm;
525 case KeyType::KEY_RSA_PUBLIC:
526 case KeyType::KEY_RSA_PRIVATE:
527 keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
528 keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
531 case KeyType::KEY_DSA_PUBLIC:
532 case KeyType::KEY_DSA_PRIVATE:
533 keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
534 keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
537 case KeyType::KEY_ECDSA_PUBLIC:
538 case KeyType::KEY_ECDSA_PRIVATE:
539 keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
540 keyGenAlgorithm.setParam(ParamName::GEN_EC, additional_param);
544 return CKM_API_ERROR_INPUT_PARAM;
547 EXCEPTION_GUARD_START_CPPAPI
549 AliasSupport privateHelper(privateKeyAlias);
550 AliasSupport publicHelper(publicKeyAlias);
552 return Request(*this, LogicCommand::CREATE_KEY_PAIR, m_storageConnection,
553 CryptoAlgorithmSerializable(keyGenAlgorithm),
554 PolicySerializable(policyPrivateKey),
555 PolicySerializable(policyPublicKey),
556 privateHelper.getName(), privateHelper.getOwner(),
557 publicHelper.getName(), publicHelper.getOwner()
558 ).maybeDeserialize();
563 int Manager::Impl::getCertificateChain(
564 const CertificateShPtr &certificate,
565 const CertificateShPtrVector &untrustedCertificates,
566 const CertificateShPtrVector &trustedCertificates,
567 bool useTrustedSystemCertificates,
568 CertificateShPtrVector &certificateChainVector)
570 RawBufferVector untrustedVector;
571 RawBufferVector trustedVector;
573 if (!certificate || certificate->empty())
574 return CKM_API_ERROR_INPUT_PARAM;
576 for (auto &e : untrustedCertificates) {
577 if (!e || e->empty())
578 return CKM_API_ERROR_INPUT_PARAM;
579 untrustedVector.push_back(e->getDER());
582 for (auto &e : trustedCertificates) {
583 if (!e || e->empty())
584 return CKM_API_ERROR_INPUT_PARAM;
585 trustedVector.push_back(e->getDER());
588 return getCertChain(m_storageConnection, LogicCommand::GET_CHAIN_CERT, *this,
589 certificate, untrustedVector, trustedVector,
590 useTrustedSystemCertificates, certificateChainVector);
593 int Manager::Impl::getCertificateChain(
594 const CertificateShPtr &certificate,
595 const AliasVector &untrustedCertificates,
596 const AliasVector &trustedCertificates,
597 bool useTrustedSystemCertificates,
598 CertificateShPtrVector &certificateChainVector)
600 OwnerNameVector untrustedVector;
601 OwnerNameVector trustedVector;
603 if (!certificate || certificate->empty())
604 return CKM_API_ERROR_INPUT_PARAM;
606 for (auto &e : untrustedCertificates) {
607 AliasSupport helper(e);
608 untrustedVector.push_back(std::make_pair(helper.getOwner(), helper.getName()));
611 for (auto &e : trustedCertificates) {
612 AliasSupport helper(e);
613 trustedVector.push_back(std::make_pair(helper.getOwner(), helper.getName()));
616 return getCertChain(m_storageConnection, LogicCommand::GET_CHAIN_ALIAS, *this,
617 certificate, untrustedVector, trustedVector,
618 useTrustedSystemCertificates, certificateChainVector);
621 int Manager::Impl::createSignature(
622 const Alias &privateKeyAlias,
623 const Password &password, // password for private_key
624 const RawBuffer &message,
625 const CryptoAlgorithm &cAlgorithm,
626 RawBuffer &signature)
628 EXCEPTION_GUARD_START_CPPAPI
630 AliasSupport helper(privateKeyAlias);
632 return Request(*this, LogicCommand::CREATE_SIGNATURE, m_storageConnection,
633 helper.getName(), helper.getOwner(), password, message,
634 CryptoAlgorithmSerializable(cAlgorithm)
635 ).maybeDeserialize(signature);
640 int Manager::Impl::verifySignature(
641 const Alias &publicKeyOrCertAlias,
642 const Password &password, // password for public_key (optional)
643 const RawBuffer &message,
644 const RawBuffer &signature,
645 const CryptoAlgorithm &cAlg)
647 EXCEPTION_GUARD_START_CPPAPI
649 AliasSupport helper(publicKeyOrCertAlias);
651 return Request(*this, LogicCommand::VERIFY_SIGNATURE, m_storageConnection,
652 helper.getName(), helper.getOwner(), password, message, signature,
653 CryptoAlgorithmSerializable(cAlg)
654 ).maybeDeserialize();
659 int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain,
662 EXCEPTION_GUARD_START_CPPAPI
664 int msgId = ++m_counter;
667 RawBufferVector rawCertChain;
669 for (auto &e : certChain) {
670 if (!e || e->empty()) {
671 LogError("Empty certificate");
672 return CKM_API_ERROR_INPUT_PARAM;
675 rawCertChain.push_back(e->getDER());
678 int retCode = doRequest(recv, m_ocspConnection, msgId, rawCertChain);
680 if (CKM_API_SUCCESS != retCode)
683 return deserializeResponse(msgId, recv, ocspStatus);
688 int Manager::Impl::setPermission(const Alias &alias,
689 const ClientId &accessor,
690 PermissionMask permissionMask)
692 EXCEPTION_GUARD_START_CPPAPI
694 AliasSupport helper(alias);
696 return Request(*this, LogicCommand::SET_PERMISSION, m_storageConnection,
697 helper.getName(), helper.getOwner(), accessor, permissionMask
698 ).maybeDeserialize();
703 int Manager::Impl::crypt(EncryptionCommand command,
704 const CryptoAlgorithm &algo,
705 const Alias &keyAlias,
706 const Password &password,
707 const RawBuffer &input,
710 EXCEPTION_GUARD_START_CPPAPI
712 AliasSupport helper(keyAlias);
713 CryptoAlgorithmSerializable cas(algo);
715 return Request(*this, command, m_encryptionConnection,
716 cas, helper.getName(), helper.getOwner(), password, input
717 ).maybeDeserialize(output);
722 int Manager::Impl::encrypt(const CryptoAlgorithm &algo,
723 const Alias &keyAlias,
724 const Password &password,
725 const RawBuffer &plain,
726 RawBuffer &encrypted)
728 return crypt(EncryptionCommand::ENCRYPT, algo, keyAlias, password, plain,
732 int Manager::Impl::decrypt(const CryptoAlgorithm &algo,
733 const Alias &keyAlias,
734 const Password &password,
735 const RawBuffer &encrypted,
736 RawBuffer &decrypted)
738 return crypt(EncryptionCommand::DECRYPT, algo, keyAlias, password, encrypted,
742 int Manager::Impl::deriveKey(const CryptoAlgorithm &algo,
743 const Alias &secretAlias,
744 const Password &secretPassword,
745 const Alias &newKeyAlias,
746 const Policy &newKeyPolicy)
748 EXCEPTION_GUARD_START_CPPAPI
750 AliasSupport secret(secretAlias);
751 AliasSupport newKey(newKeyAlias);
752 CryptoAlgorithmSerializable cas(algo);
754 return Request(*this, LogicCommand::DERIVE, m_storageConnection,
755 cas, secret.getName(), secret.getOwner(), secretPassword,
756 newKey.getName(), newKey.getOwner(), PolicySerializable(newKeyPolicy)
757 ).maybeDeserialize();
762 int Manager::Impl::importWrappedKey(const CryptoAlgorithm ¶ms,
763 const Alias &wrappingKeyAlias,
764 const Password &wrappingKeyPassword,
766 const RawBuffer &encryptedKey,
767 const KeyType keyType,
768 const Policy &policy)
770 EXCEPTION_GUARD_START_CPPAPI
772 AliasSupport wrapping_helper(wrappingKeyAlias);
773 AliasSupport helper(alias);
775 return Request(*this,
776 LogicCommand::IMPORT_WRAPPED_KEY,
778 CryptoAlgorithmSerializable(params),
782 PolicySerializable(policy),
785 wrapping_helper.getName(),
786 wrapping_helper.getOwner()
787 ).maybeDeserialize();
792 int Manager::Impl::exportWrappedKey(const CryptoAlgorithm ¶ms,
793 const Alias &wrappingKeyAlias,
794 const Password &wrappingKeyPassword,
795 const Alias &wrappedKeyAlias,
796 const Password &wrappedKeyPassword,
798 RawBuffer &wrappedKey)
800 EXCEPTION_GUARD_START_CPPAPI
802 AliasSupport wrapping_helper(wrappingKeyAlias);
803 AliasSupport wrapped_helper(wrappedKeyAlias);
804 DataType *dataTypeKey = nullptr;
806 int retCode = Request(*this,
807 LogicCommand::EXPORT_WRAPPED_KEY,
809 CryptoAlgorithmSerializable(params),
810 wrapping_helper.getName(),
811 wrapping_helper.getOwner(),
813 wrapped_helper.getName(),
814 wrapped_helper.getOwner(),
816 ).maybeDeserialize(dataTypeKey, wrappedKey);
818 if (retCode != CKM_API_SUCCESS)
821 if (dataTypeKey->isSKey()) {
822 keyType = KeyType::KEY_AES;
823 } else if (dataTypeKey->isKeyPrivate()) {
824 keyType = KeyType::KEY_RSA_PRIVATE;
826 return CKM_API_ERROR_INVALID_FORMAT;