projects / platform / core / security / key-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Implement encryption/decryption API
[platform/core/security/key-manager.git] / src / manager / client / client-manager-impl.cpp
1 /* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
2  *
3  *  Licensed under the Apache License, Version 2.0 (the "License");
4  *  you may not use this file except in compliance with the License.
5  *  You may obtain a copy of the License at
6  *
7  *      http://www.apache.org/licenses/LICENSE-2.0
8  *
9  *  Unless required by applicable law or agreed to in writing, software
10  *  distributed under the License is distributed on an "AS IS" BASIS,
11  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  *  See the License for the specific language governing permissions and
13  *  limitations under the License
14  *
15  *
16  * @file        client-manager-impl.cpp
17  * @author      Bartlomiej Grzelewski (b.grzelewski@samsung.com)
18  * @version     1.0
19  * @brief       Manager implementation.
20  */
21 #include <openssl/evp.h>
22
23 #include <dpl/serialization.h>
24 #include <dpl/log/log.h>
25
26 #include <crypto-init.h>
27 #include <client-manager-impl.h>
28 #include <client-common.h>
29 #include <message-buffer.h>
30 #include <protocols.h>
31 #include <key-impl.h>
32 #include <certificate-impl.h>
33
34 namespace CKM {
35
36 namespace {
37 template <class T>
38 int getCertChain(
39     ServiceConnection & serviceConnection,
40     LogicCommand command,
41     int counter,
42     const CertificateShPtr &certificate,
43     const T &untrustedVector,
44     const T &trustedVector,
45     bool useTrustedSystemCertificates,
46     CertificateShPtrVector &certificateChainVector)
47 {
48     return try_catch([&] {
49
50         MessageBuffer recv;
51         auto send = MessageBuffer::Serialize(static_cast<int>(command),
52                                              counter,
53                                              certificate->getDER(),
54                                              untrustedVector,
55                                              trustedVector,
56                                              useTrustedSystemCertificates);
57
58         int retCode = serviceConnection.processRequest(send.Pop(), recv);
59         if (CKM_API_SUCCESS != retCode)
60             return retCode;
61
62         int retCommand;
63         int retCounter;
64         RawBufferVector rawBufferVector;
65         recv.Deserialize(retCommand, retCounter, retCode, rawBufferVector);
66
67         if ((counter != retCounter) || (static_cast<int>(command) != retCommand)) {
68             return CKM_API_ERROR_UNKNOWN;
69         }
70
71         if (retCode != CKM_API_SUCCESS) {
72             return retCode;
73         }
74
75         for (auto &e: rawBufferVector) {
76             CertificateShPtr cert(new CertificateImpl(e, DataFormat::FORM_DER));
77             if (cert->empty())
78                 return CKM_API_ERROR_BAD_RESPONSE;
79             certificateChainVector.push_back(cert);
80         }
81
82         return retCode;
83     });
84 }
85
86 } // namespace anonymous
87
88 ManagerImpl::ManagerImpl()
89   : m_counter(0),
90     m_storageConnection(SERVICE_SOCKET_CKM_STORAGE),
91     m_ocspConnection(SERVICE_SOCKET_OCSP),
92     m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION)
93 {
94     initCryptoLib();
95 }
96
97
98 int ManagerImpl::saveBinaryData(
99     const Alias &alias,
100     DataType dataType,
101     const RawBuffer &rawData,
102     const Policy &policy)
103 {
104     int my_counter = ++m_counter;
105
106     return try_catch([&] {
107         if (alias.empty() || rawData.empty())
108             return CKM_API_ERROR_INPUT_PARAM;
109
110         MessageBuffer recv;
111         AliasSupport helper(alias);
112         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SAVE),
113                                              my_counter,
114                                              static_cast<int>(dataType),
115                                              helper.getName(),
116                                              helper.getLabel(),
117                                              rawData,
118                                              PolicySerializable(policy));
119
120         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
121         if (CKM_API_SUCCESS != retCode)
122             return retCode;
123
124         int command;
125         int counter;
126         int opType;
127         recv.Deserialize(command, counter, retCode, opType);
128
129         if (counter != my_counter)
130             return CKM_API_ERROR_UNKNOWN;
131
132         return retCode;
133     });
134 }
135
136 int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) {
137     if (key.get() == NULL)
138         return CKM_API_ERROR_INPUT_PARAM;
139     Try {
140         return saveBinaryData(alias, DataType(key->getType()), key->getDER(), policy);
141     } Catch (DataType::Exception::Base) {
142         LogError("Error in key conversion. Could not convert KeyType::NONE to DBDataType!");
143     }
144     return CKM_API_ERROR_INPUT_PARAM;
145 }
146
147 int ManagerImpl::saveCertificate(
148     const Alias &alias,
149     const CertificateShPtr &cert,
150     const Policy &policy)
151 {
152     if (cert.get() == NULL)
153         return CKM_API_ERROR_INPUT_PARAM;
154     return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy);
155 }
156
157 int ManagerImpl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) {
158     if (!policy.extractable)
159         return CKM_API_ERROR_INPUT_PARAM;
160     return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy);
161 }
162
163
164 int ManagerImpl::savePKCS12(
165     const Alias & alias,
166     const PKCS12ShPtr &pkcs,
167     const Policy &keyPolicy,
168     const Policy &certPolicy)
169 {
170     if (alias.empty() || pkcs.get()==NULL)
171         return CKM_API_ERROR_INPUT_PARAM;
172
173     int my_counter = ++m_counter;
174
175     return try_catch([&] {
176         MessageBuffer recv;
177         AliasSupport helper(alias);
178         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SAVE_PKCS12),
179                                              my_counter,
180                                              helper.getName(),
181                                              helper.getLabel(),
182                                              PKCS12Serializable(*pkcs.get()),
183                                              PolicySerializable(keyPolicy),
184                                              PolicySerializable(certPolicy));
185
186         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
187         if (CKM_API_SUCCESS != retCode)
188             return retCode;
189
190         int command;
191         int counter;
192         recv.Deserialize(command, counter, retCode);
193
194         if (counter != my_counter)
195             return CKM_API_ERROR_UNKNOWN;
196
197         return retCode;
198     });
199 }
200
201 int ManagerImpl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs)
202 {
203     return getPKCS12(alias, Password(), Password(), pkcs);
204 }
205
206 int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs)
207 {
208     if (alias.empty())
209         return CKM_API_ERROR_INPUT_PARAM;
210
211     int my_counter = ++m_counter;
212
213     return try_catch([&] {
214         MessageBuffer recv;
215         AliasSupport helper(alias);
216         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET_PKCS12),
217                                              my_counter,
218                                              helper.getName(),
219                                              helper.getLabel(),
220                                              keyPass,
221                                              certPass);
222
223         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
224         if (CKM_API_SUCCESS != retCode)
225             return retCode;
226
227         int command;
228         int counter;
229         PKCS12Serializable gotPkcs;
230         recv.Deserialize(command, counter, retCode, gotPkcs);
231
232         if (counter != my_counter)
233             return CKM_API_ERROR_UNKNOWN;
234
235         pkcs = std::make_shared<PKCS12Impl>(std::move(gotPkcs));
236
237         return retCode;
238     });
239 }
240
241
242 int ManagerImpl::removeAlias(const Alias &alias)
243 {
244     if (alias.empty())
245         return CKM_API_ERROR_INPUT_PARAM;
246
247     int my_counter = ++m_counter;
248
249     return try_catch([&] {
250         MessageBuffer recv;
251         AliasSupport helper(alias);
252         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::REMOVE),
253                                              my_counter,
254                                              helper.getName(),
255                                              helper.getLabel());
256
257         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
258         if (CKM_API_SUCCESS != retCode)
259             return retCode;
260
261         int command;
262         int counter;
263         recv.Deserialize(command, counter, retCode);
264
265         if (counter != my_counter)
266             return CKM_API_ERROR_UNKNOWN;
267
268         return retCode;
269     });
270 }
271
272 int ManagerImpl::getBinaryData(
273     const Alias &alias,
274     DataType sendDataType,
275     const Password &password,
276     DataType &recvDataType,
277     RawBuffer &rawData)
278 {
279     if (alias.empty())
280         return CKM_API_ERROR_INPUT_PARAM;
281
282     int my_counter = ++m_counter;
283
284     return try_catch([&] {
285         MessageBuffer recv;
286         AliasSupport helper(alias);
287         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET),
288                                              my_counter,
289                                              static_cast<int>(sendDataType),
290                                              helper.getName(),
291                                              helper.getLabel(),
292                                              password);
293
294         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
295         if (CKM_API_SUCCESS != retCode)
296             return retCode;
297
298         int command;
299         int counter;
300         int tmpDataType;
301         recv.Deserialize(command, counter, retCode, tmpDataType, rawData);
302         recvDataType = DataType(tmpDataType);
303
304         if (counter != my_counter)
305             return CKM_API_ERROR_UNKNOWN;
306
307         return retCode;
308     });
309 }
310
311 int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) {
312     DataType recvDataType;
313     RawBuffer rawData;
314
315     int retCode = getBinaryData(
316         alias,
317         DataType::KEY_RSA_PUBLIC,
318         password,
319         recvDataType,
320         rawData);
321
322     if (retCode != CKM_API_SUCCESS)
323         return retCode;
324
325     KeyShPtr keyParsed(new KeyImpl(rawData));
326
327     if (keyParsed->empty()) {
328         LogDebug("Key empty - failed to parse!");
329         return CKM_API_ERROR_BAD_RESPONSE;
330     }
331
332     key = keyParsed;
333
334     return CKM_API_SUCCESS;
335 }
336
337 int ManagerImpl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert)
338 {
339     DataType recvDataType;
340     RawBuffer rawData;
341
342     int retCode = getBinaryData(
343         alias,
344         DataType::CERTIFICATE,
345         password,
346         recvDataType,
347         rawData);
348
349     if (retCode != CKM_API_SUCCESS)
350         return retCode;
351
352     if (recvDataType != DataType::CERTIFICATE)
353         return CKM_API_ERROR_BAD_RESPONSE;
354
355     CertificateShPtr certParsed(new CertificateImpl(rawData, DataFormat::FORM_DER));
356
357     if (certParsed->empty())
358         return CKM_API_ERROR_BAD_RESPONSE;
359
360     cert = certParsed;
361
362     return CKM_API_SUCCESS;
363 }
364
365 int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer &rawData)
366 {
367     DataType recvDataType = DataType::BINARY_DATA;
368
369     int retCode = getBinaryData(
370         alias,
371         DataType::BINARY_DATA,
372         password,
373         recvDataType,
374         rawData);
375
376     if (retCode != CKM_API_SUCCESS)
377         return retCode;
378
379     if (recvDataType != DataType::BINARY_DATA)
380         return CKM_API_ERROR_BAD_RESPONSE;
381
382     return CKM_API_SUCCESS;
383 }
384
385 int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector)
386 {
387     int my_counter = ++m_counter;
388
389     return try_catch([&] {
390         MessageBuffer recv;
391         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET_LIST),
392                                              my_counter,
393                                              static_cast<int>(dataType));
394
395         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
396         if (CKM_API_SUCCESS != retCode)
397             return retCode;
398
399         int command;
400         int counter;
401         int tmpDataType;
402         LabelNameVector labelNameVector;
403         recv.Deserialize(command, counter, retCode, tmpDataType, labelNameVector);
404         if ((command != static_cast<int>(LogicCommand::GET_LIST)) || (counter != my_counter)) {
405             return CKM_API_ERROR_UNKNOWN;
406         }
407
408         for(const auto &it : labelNameVector)
409             aliasVector.push_back( AliasSupport::merge(it.first, it.second) );
410
411         return retCode;
412     });
413 }
414
415 int ManagerImpl::getKeyAliasVector(AliasVector &aliasVector) {
416     // in fact datatype has no meaning here - if not certificate or binary data
417     // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST
418     return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector);
419 }
420
421 int ManagerImpl::getCertificateAliasVector(AliasVector &aliasVector) {
422     return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector);
423 }
424
425 int ManagerImpl::getDataAliasVector(AliasVector &aliasVector) {
426     return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector);
427 }
428
429 int ManagerImpl::createKeyPairRSA(
430     const int size,
431     const Alias &privateKeyAlias,
432     const Alias &publicKeyAlias,
433     const Policy &policyPrivateKey,
434     const Policy &policyPublicKey)
435 {
436     return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
437 }
438
439 int ManagerImpl::createKeyPairDSA(
440     const int size,
441     const Alias &privateKeyAlias,
442     const Alias &publicKeyAlias,
443     const Policy &policyPrivateKey,
444     const Policy &policyPublicKey)
445 {
446     return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
447 }
448
449 int ManagerImpl::createKeyPairECDSA(
450     ElipticCurve type,
451     const Alias &privateKeyAlias,
452     const Alias &publicKeyAlias,
453     const Policy &policyPrivateKey,
454     const Policy &policyPublicKey)
455 {
456     return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, static_cast<int>(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
457 }
458
459 int ManagerImpl::createKeyPair(
460     const KeyType key_type,
461     const int     additional_param,
462     const Alias  &privateKeyAlias,
463     const Alias  &publicKeyAlias,
464     const Policy &policyPrivateKey,
465     const Policy &policyPublicKey)
466 {
467     // input type check
468     LogicCommand cmd_type;
469     switch(key_type)
470     {
471         case KeyType::KEY_RSA_PUBLIC:
472         case KeyType::KEY_RSA_PRIVATE:
473             cmd_type = LogicCommand::CREATE_KEY_PAIR_RSA;
474             break;
475
476         case KeyType::KEY_DSA_PUBLIC:
477         case KeyType::KEY_DSA_PRIVATE:
478             cmd_type = LogicCommand::CREATE_KEY_PAIR_DSA;
479             break;
480
481         case KeyType::KEY_ECDSA_PUBLIC:
482         case KeyType::KEY_ECDSA_PRIVATE:
483             cmd_type = LogicCommand::CREATE_KEY_PAIR_ECDSA;
484             break;
485
486         default:
487             return CKM_API_ERROR_INPUT_PARAM;
488     }
489
490     // proceed with sending request
491     int my_counter = ++m_counter;
492
493     return try_catch([&] {
494
495         MessageBuffer recv;
496         AliasSupport privateHelper(privateKeyAlias);
497         AliasSupport publicHelper(publicKeyAlias);
498         auto send = MessageBuffer::Serialize(static_cast<int>(cmd_type),
499                                              my_counter,
500                                              static_cast<int>(additional_param),
501                                              PolicySerializable(policyPrivateKey),
502                                              PolicySerializable(policyPublicKey),
503                                              privateHelper.getName(),
504                                              privateHelper.getLabel(),
505                                              publicHelper.getName(),
506                                              publicHelper.getLabel());
507
508         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
509         if (CKM_API_SUCCESS != retCode)
510             return retCode;
511
512         int command;
513         int counter;
514         recv.Deserialize(command, counter, retCode);
515         if (counter != my_counter) {
516             return CKM_API_ERROR_UNKNOWN;
517         }
518
519         return retCode;
520     });
521 }
522
523 int ManagerImpl::getCertificateChain(
524     const CertificateShPtr &certificate,
525     const CertificateShPtrVector &untrustedCertificates,
526     const CertificateShPtrVector &trustedCertificates,
527     bool useTrustedSystemCertificates,
528     CertificateShPtrVector &certificateChainVector)
529 {
530     RawBufferVector untrustedVector;
531     RawBufferVector trustedVector;
532
533     for (auto &e: untrustedCertificates) {
534         untrustedVector.push_back(e->getDER());
535     }
536     for (auto &e: trustedCertificates) {
537         trustedVector.push_back(e->getDER());
538     }
539
540     return getCertChain(
541             m_storageConnection,
542             LogicCommand::GET_CHAIN_CERT,
543             ++m_counter,
544             certificate,
545             untrustedVector,
546             trustedVector,
547             useTrustedSystemCertificates,
548             certificateChainVector);
549 }
550
551 int ManagerImpl::getCertificateChain(
552     const CertificateShPtr &certificate,
553     const AliasVector &untrustedCertificates,
554     const AliasVector &trustedCertificates,
555     bool useTrustedSystemCertificates,
556     CertificateShPtrVector &certificateChainVector)
557 {
558     LabelNameVector untrustedVector;
559     LabelNameVector trustedVector;
560
561     for (auto &e: untrustedCertificates) {
562         AliasSupport helper(e);
563         untrustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
564     }
565     for (auto &e: trustedCertificates) {
566         AliasSupport helper(e);
567         trustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
568     }
569
570     return getCertChain(
571             m_storageConnection,
572             LogicCommand::GET_CHAIN_ALIAS,
573             ++m_counter,
574             certificate,
575             untrustedVector,
576             trustedVector,
577             useTrustedSystemCertificates,
578             certificateChainVector);
579 }
580
581 int ManagerImpl::createSignature(
582     const Alias &privateKeyAlias,
583     const Password &password,           // password for private_key
584     const RawBuffer &message,
585     const HashAlgorithm hash,
586     const RSAPaddingAlgorithm padding,
587     RawBuffer &signature)
588 {
589     int my_counter = ++m_counter;
590
591     return try_catch([&] {
592
593         MessageBuffer recv;
594         AliasSupport helper(privateKeyAlias);
595         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_SIGNATURE),
596                                              my_counter,
597                                              helper.getName(),
598                                              helper.getLabel(),
599                                              password,
600                                              message,
601                                              static_cast<int>(hash),
602                                              static_cast<int>(padding));
603
604         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
605         if (CKM_API_SUCCESS != retCode)
606             return retCode;
607
608         int command;
609         int counter;
610         recv.Deserialize(command, counter, retCode, signature);
611
612         if ((command != static_cast<int>(LogicCommand::CREATE_SIGNATURE))
613             || (counter != my_counter))
614         {
615             return CKM_API_ERROR_UNKNOWN;
616         }
617
618         return retCode;
619     });
620 }
621
622 int ManagerImpl::verifySignature(
623     const Alias &publicKeyOrCertAlias,
624     const Password &password,           // password for public_key (optional)
625     const RawBuffer &message,
626     const RawBuffer &signature,
627     const HashAlgorithm hash,
628     const RSAPaddingAlgorithm padding)
629 {
630     int my_counter = ++m_counter;
631
632     return try_catch([&] {
633         MessageBuffer recv;
634         AliasSupport helper(publicKeyOrCertAlias);
635         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::VERIFY_SIGNATURE),
636                                              my_counter,
637                                              helper.getName(),
638                                              helper.getLabel(),
639                                              password,
640                                              message,
641                                              signature,
642                                              static_cast<int>(hash),
643                                              static_cast<int>(padding));
644
645         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
646         if (CKM_API_SUCCESS != retCode)
647             return retCode;
648
649         int command;
650         int counter;
651         recv.Deserialize(command, counter, retCode);
652
653         if ((command != static_cast<int>(LogicCommand::VERIFY_SIGNATURE))
654             || (counter != my_counter))
655         {
656             return CKM_API_ERROR_UNKNOWN;
657         }
658
659         return retCode;
660     });
661 }
662
663 int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus)
664 {
665     return try_catch([&] {
666         int my_counter = ++m_counter;
667         MessageBuffer recv;
668
669         RawBufferVector rawCertChain;
670         for (auto &e: certChain) {
671             rawCertChain.push_back(e->getDER());
672         }
673
674         auto send = MessageBuffer::Serialize(my_counter, rawCertChain);
675
676         int retCode = m_ocspConnection.processRequest(send.Pop(), recv);
677         if (CKM_API_SUCCESS != retCode)
678             return retCode;
679
680         int counter;
681         recv.Deserialize(counter, retCode, ocspStatus);
682
683         if (my_counter != counter) {
684             return CKM_API_ERROR_UNKNOWN;
685         }
686
687         return retCode;
688     });
689 }
690
691 int ManagerImpl::setPermission(const Alias &alias,
692                                const Label &accessor,
693                                PermissionMask permissionMask)
694 {
695     int my_counter = ++m_counter;
696
697     return try_catch([&] {
698         MessageBuffer recv;
699         AliasSupport helper(alias);
700         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SET_PERMISSION),
701                                              my_counter,
702                                              helper.getName(),
703                                              helper.getLabel(),
704                                              accessor,
705                                              permissionMask);
706
707         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
708         if (CKM_API_SUCCESS != retCode)
709             return retCode;
710
711         int command;
712         int counter;
713         recv.Deserialize(command, counter, retCode);
714
715         if (my_counter != counter) {
716             return CKM_API_ERROR_UNKNOWN;
717         }
718
719         return retCode;
720     });
721 }
722
723 int ManagerImpl::encrypt(const CryptoAlgorithm &algo,
724                          const Alias &keyAlias,
725                          const Password &password,
726                          const RawBuffer& plain,
727                          RawBuffer& encrypted)
728 {
729     int my_counter = ++m_counter;
730
731     return try_catch([&] {
732         MessageBuffer recv;
733         AliasSupport helper(keyAlias);
734         CryptoAlgorithmSerializable cas(algo);
735         auto send = MessageBuffer::Serialize(static_cast<int>(EncryptionCommand::ENCRYPT),
736                                              my_counter,
737                                              cas,
738                                              helper.getName(),
739                                              helper.getLabel(),
740                                              password,
741                                              plain);
742
743         int retCode = m_encryptionConnection.processRequest(send.Pop(), recv);
744         if (CKM_API_SUCCESS != retCode)
745             return retCode;
746
747         int command;
748         int counter;
749         recv.Deserialize(command, counter, encrypted);
750
751         if (my_counter != counter) {
752             return CKM_API_ERROR_UNKNOWN;
753         }
754
755         return retCode;
756     });
757 }
758
759 int ManagerImpl::decrypt(const CryptoAlgorithm &algo,
760                          const Alias &keyAlias,
761                          const Password &password,
762                          const RawBuffer& encrypted,
763                          RawBuffer& decrypted)
764 {
765     int my_counter = ++m_counter;
766
767     return try_catch([&] {
768         MessageBuffer recv;
769         AliasSupport helper(keyAlias);
770         CryptoAlgorithmSerializable cas(algo);
771         auto send = MessageBuffer::Serialize(static_cast<int>(EncryptionCommand::DECRYPT),
772                                              my_counter,
773                                              cas,
774                                              helper.getName(),
775                                              helper.getLabel(),
776                                              password,
777                                              encrypted);
778
779         int retCode = m_encryptionConnection.processRequest(send.Pop(), recv);
780         if (CKM_API_SUCCESS != retCode)
781             return retCode;
782
783         int command;
784         int counter;
785         recv.Deserialize(command, counter, decrypted);
786
787         if (my_counter != counter) {
788             return CKM_API_ERROR_UNKNOWN;
789         }
790
791         return retCode;
792     });
793 }
794
795 ManagerShPtr Manager::create() {
796     try {
797         return std::make_shared<ManagerImpl>();
798     } catch (const std::bad_alloc &) {
799         LogDebug("Bad alloc was caught during ManagerImpl creation.");
800     } catch (...) {
801         LogError("Critical error: Unknown exception was caught during ManagerImpl creation!");
802     }
803     return ManagerShPtr();
804 }
805
806 } // namespace CKM
Domain: Security / Utilities;