projects / platform / core / security / key-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Apply coding rule
[platform/core/security/key-manager.git] / src / manager / client / client-manager-impl.cpp
1 /* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
2  *
3  *  Licensed under the Apache License, Version 2.0 (the "License");
4  *  you may not use this file except in compliance with the License.
5  *  You may obtain a copy of the License at
6  *
7  *      http://www.apache.org/licenses/LICENSE-2.0
8  *
9  *  Unless required by applicable law or agreed to in writing, software
10  *  distributed under the License is distributed on an "AS IS" BASIS,
11  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  *  See the License for the specific language governing permissions and
13  *  limitations under the License
14  *
15  *
16  * @file        client-manager-impl.cpp
17  * @author      Bartlomiej Grzelewski (b.grzelewski@samsung.com)
18  * @version     1.0
19  * @brief       Manager implementation.
20  */
21 #include <openssl/evp.h>
22
23 #include <dpl/serialization.h>
24 #include <dpl/log/log.h>
25
26 #include <crypto-init.h>
27 #include <client-manager-impl.h>
28 #include <client-common.h>
29 #include <message-buffer.h>
30 #include <protocols.h>
31 #include <key-impl.h>
32 #include <key-aes-impl.h>
33 #include <certificate-impl.h>
34
35 namespace CKM {
36
37 namespace {
38 template <class T>
39 int getCertChain(
40     ServiceConnection & serviceConnection,
41     LogicCommand command,
42     int counter,
43     const CertificateShPtr &certificate,
44     const T &untrustedVector,
45     const T &trustedVector,
46     bool useTrustedSystemCertificates,
47     CertificateShPtrVector &certificateChainVector)
48 {
49     return try_catch([&] {
50         MessageBuffer recv;
51         auto send = MessageBuffer::Serialize(static_cast<int>(command),
52                                              counter,
53                                              certificate->getDER(),
54                                              untrustedVector,
55                                              trustedVector,
56                                              useTrustedSystemCertificates);
57
58         int retCode = serviceConnection.processRequest(send.Pop(), recv);
59         if (CKM_API_SUCCESS != retCode)
60             return retCode;
61
62         int retCommand;
63         int retCounter;
64         RawBufferVector rawBufferVector;
65         recv.Deserialize(retCommand, retCounter, retCode, rawBufferVector);
66
67         if ((counter != retCounter) || (static_cast<int>(command) != retCommand))
68             return CKM_API_ERROR_UNKNOWN;
69
70         if (retCode != CKM_API_SUCCESS)
71             return retCode;
72
73         for (auto &e: rawBufferVector) {
74             CertificateShPtr cert(new CertificateImpl(e, DataFormat::FORM_DER));
75             if (cert->empty())
76                 return CKM_API_ERROR_BAD_RESPONSE;
77             certificateChainVector.push_back(cert);
78         }
79
80         return retCode;
81     });
82 }
83
84 } // namespace anonymous
85
86 Manager::Impl::Impl()
87   : m_counter(0),
88     m_storageConnection(SERVICE_SOCKET_CKM_STORAGE),
89     m_ocspConnection(SERVICE_SOCKET_OCSP),
90     m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION)
91 {
92     initOpenSslOnce();
93 }
94
95
96 int Manager::Impl::saveBinaryData(
97     const Alias &alias,
98     DataType dataType,
99     const RawBuffer &rawData,
100     const Policy &policy)
101 {
102     int my_counter = ++m_counter;
103
104     return try_catch([&] {
105         if (alias.empty() || rawData.empty())
106             return CKM_API_ERROR_INPUT_PARAM;
107
108         MessageBuffer recv;
109         AliasSupport helper(alias);
110         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SAVE),
111                                              my_counter,
112                                              static_cast<int>(dataType),
113                                              helper.getName(),
114                                              helper.getLabel(),
115                                              rawData,
116                                              PolicySerializable(policy));
117
118         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
119         if (CKM_API_SUCCESS != retCode)
120             return retCode;
121
122         int command;
123         int counter;
124         int opType;
125         recv.Deserialize(command, counter, retCode, opType);
126
127         if (counter != my_counter)
128             return CKM_API_ERROR_UNKNOWN;
129
130         return retCode;
131     });
132 }
133
134 int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy)
135 {
136     if (key.get() == NULL)
137         return CKM_API_ERROR_INPUT_PARAM;
138     Try {
139         return saveBinaryData(alias, DataType(key->getType()), key->getDER(), policy);
140     } Catch(DataType::Exception::Base) {
141         LogError("Error in key conversion. Could not convert KeyType::NONE to DBDataType!");
142     }
143     return CKM_API_ERROR_INPUT_PARAM;
144 }
145
146 int Manager::Impl::saveCertificate(
147     const Alias &alias,
148     const CertificateShPtr &cert,
149     const Policy &policy)
150 {
151     if (cert.get() == NULL)
152         return CKM_API_ERROR_INPUT_PARAM;
153     return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy);
154 }
155
156 int Manager::Impl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy)
157 {
158     if (!policy.extractable)
159         return CKM_API_ERROR_INPUT_PARAM;
160     return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy);
161 }
162
163
164 int Manager::Impl::savePKCS12(
165     const Alias & alias,
166     const PKCS12ShPtr &pkcs,
167     const Policy &keyPolicy,
168     const Policy &certPolicy)
169 {
170     if (alias.empty() || pkcs.get() == NULL)
171         return CKM_API_ERROR_INPUT_PARAM;
172
173     int my_counter = ++m_counter;
174
175     return try_catch([&] {
176         MessageBuffer recv;
177         AliasSupport helper(alias);
178         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SAVE_PKCS12),
179                                              my_counter,
180                                              helper.getName(),
181                                              helper.getLabel(),
182                                              PKCS12Serializable(*pkcs.get()),
183                                              PolicySerializable(keyPolicy),
184                                              PolicySerializable(certPolicy));
185
186         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
187         if (CKM_API_SUCCESS != retCode)
188             return retCode;
189
190         int command;
191         int counter;
192         recv.Deserialize(command, counter, retCode);
193
194         if (counter != my_counter)
195             return CKM_API_ERROR_UNKNOWN;
196
197         return retCode;
198     });
199 }
200
201 int Manager::Impl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs)
202 {
203     return getPKCS12(alias, Password(), Password(), pkcs);
204 }
205
206 int Manager::Impl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs)
207 {
208     if (alias.empty())
209         return CKM_API_ERROR_INPUT_PARAM;
210
211     int my_counter = ++m_counter;
212
213     return try_catch([&] {
214         MessageBuffer recv;
215         AliasSupport helper(alias);
216         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET_PKCS12),
217                                              my_counter,
218                                              helper.getName(),
219                                              helper.getLabel(),
220                                              keyPass,
221                                              certPass);
222
223         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
224         if (CKM_API_SUCCESS != retCode)
225             return retCode;
226
227         int command;
228         int counter;
229         PKCS12Serializable gotPkcs;
230         recv.Deserialize(command, counter, retCode, gotPkcs);
231
232         if (counter != my_counter)
233             return CKM_API_ERROR_UNKNOWN;
234
235         pkcs = std::make_shared<PKCS12Impl>(std::move(gotPkcs));
236
237         return retCode;
238     });
239 }
240
241
242 int Manager::Impl::removeAlias(const Alias &alias)
243 {
244     if (alias.empty())
245         return CKM_API_ERROR_INPUT_PARAM;
246
247     int my_counter = ++m_counter;
248
249     return try_catch([&] {
250         MessageBuffer recv;
251         AliasSupport helper(alias);
252         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::REMOVE),
253                                              my_counter,
254                                              helper.getName(),
255                                              helper.getLabel());
256
257         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
258         if (CKM_API_SUCCESS != retCode)
259             return retCode;
260
261         int command;
262         int counter;
263         recv.Deserialize(command, counter, retCode);
264
265         if (counter != my_counter)
266             return CKM_API_ERROR_UNKNOWN;
267
268         return retCode;
269     });
270 }
271
272 int Manager::Impl::getBinaryData(
273     const Alias &alias,
274     DataType sendDataType,
275     const Password &password,
276     DataType &recvDataType,
277     RawBuffer &rawData)
278 {
279     if (alias.empty())
280         return CKM_API_ERROR_INPUT_PARAM;
281
282     int my_counter = ++m_counter;
283
284     return try_catch([&] {
285         MessageBuffer recv;
286         AliasSupport helper(alias);
287         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET),
288                                              my_counter,
289                                              static_cast<int>(sendDataType),
290                                              helper.getName(),
291                                              helper.getLabel(),
292                                              password);
293
294         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
295         if (CKM_API_SUCCESS != retCode)
296             return retCode;
297
298         int command;
299         int counter;
300         int tmpDataType;
301         recv.Deserialize(command, counter, retCode, tmpDataType, rawData);
302         recvDataType = DataType(tmpDataType);
303
304         if (counter != my_counter)
305             return CKM_API_ERROR_UNKNOWN;
306
307         return retCode;
308     });
309 }
310
311 int Manager::Impl::getKey(const Alias &alias, const Password &password, KeyShPtr &key)
312 {
313     DataType recvDataType;
314     RawBuffer rawData;
315
316     int retCode = getBinaryData(
317         alias,
318         DataType::KEY_RSA_PUBLIC,
319         password,
320         recvDataType,
321         rawData);
322
323     if (retCode != CKM_API_SUCCESS)
324         return retCode;
325
326     KeyShPtr keyParsed;
327     if (DataType::KEY_AES == recvDataType)
328         keyParsed = KeyShPtr(new KeyAESImpl(rawData));
329     else
330         keyParsed = KeyShPtr(new KeyImpl(rawData));
331
332     if (keyParsed->empty()) {
333         LogDebug("Key empty - failed to parse!");
334         return CKM_API_ERROR_BAD_RESPONSE;
335     }
336
337     key = keyParsed;
338
339     return CKM_API_SUCCESS;
340 }
341
342 int Manager::Impl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert)
343 {
344     DataType recvDataType;
345     RawBuffer rawData;
346
347     int retCode = getBinaryData(
348         alias,
349         DataType::CERTIFICATE,
350         password,
351         recvDataType,
352         rawData);
353
354     if (retCode != CKM_API_SUCCESS)
355         return retCode;
356
357     if (recvDataType != DataType::CERTIFICATE)
358         return CKM_API_ERROR_BAD_RESPONSE;
359
360     CertificateShPtr certParsed(new CertificateImpl(rawData, DataFormat::FORM_DER));
361
362     if (certParsed->empty())
363         return CKM_API_ERROR_BAD_RESPONSE;
364
365     cert = certParsed;
366
367     return CKM_API_SUCCESS;
368 }
369
370 int Manager::Impl::getData(const Alias &alias, const Password &password, RawBuffer &rawData)
371 {
372     DataType recvDataType = DataType::BINARY_DATA;
373
374     int retCode = getBinaryData(
375         alias,
376         DataType::BINARY_DATA,
377         password,
378         recvDataType,
379         rawData);
380
381     if (retCode != CKM_API_SUCCESS)
382         return retCode;
383
384     if (recvDataType != DataType::BINARY_DATA)
385         return CKM_API_ERROR_BAD_RESPONSE;
386
387     return CKM_API_SUCCESS;
388 }
389
390 int Manager::Impl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector)
391 {
392     int my_counter = ++m_counter;
393
394     return try_catch([&] {
395         MessageBuffer recv;
396         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET_LIST),
397                                              my_counter,
398                                              static_cast<int>(dataType));
399
400         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
401         if (CKM_API_SUCCESS != retCode)
402             return retCode;
403
404         int command;
405         int counter;
406         int tmpDataType;
407         LabelNameVector labelNameVector;
408         recv.Deserialize(command, counter, retCode, tmpDataType, labelNameVector);
409         if ((command != static_cast<int>(LogicCommand::GET_LIST)) || (counter != my_counter))
410             return CKM_API_ERROR_UNKNOWN;
411
412         for (const auto &it : labelNameVector)
413             aliasVector.push_back(AliasSupport::merge(it.first, it.second));
414
415         return retCode;
416     });
417 }
418
419 int Manager::Impl::getKeyAliasVector(AliasVector &aliasVector)
420 {
421     // in fact datatype has no meaning here - if not certificate or binary data
422     // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST
423     return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector);
424 }
425
426 int Manager::Impl::getCertificateAliasVector(AliasVector &aliasVector)
427 {
428     return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector);
429 }
430
431 int Manager::Impl::getDataAliasVector(AliasVector &aliasVector)
432 {
433     return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector);
434 }
435
436 int Manager::Impl::createKeyPairRSA(
437     const int size,
438     const Alias &privateKeyAlias,
439     const Alias &publicKeyAlias,
440     const Policy &policyPrivateKey,
441     const Policy &policyPublicKey)
442 {
443     return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
444 }
445
446 int Manager::Impl::createKeyPairDSA(
447     const int size,
448     const Alias &privateKeyAlias,
449     const Alias &publicKeyAlias,
450     const Policy &policyPrivateKey,
451     const Policy &policyPublicKey)
452 {
453     return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
454 }
455
456 int Manager::Impl::createKeyPairECDSA(
457     ElipticCurve type,
458     const Alias &privateKeyAlias,
459     const Alias &publicKeyAlias,
460     const Policy &policyPrivateKey,
461     const Policy &policyPublicKey)
462 {
463     return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, static_cast<int>(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
464 }
465
466 int Manager::Impl::createKeyAES(
467     const int size,
468     const Alias &keyAlias,
469     const Policy &policyKey)
470 {
471     // proceed with sending request
472     int my_counter = ++m_counter;
473
474     return try_catch([&] {
475         MessageBuffer recv;
476         AliasSupport aliasHelper(keyAlias);
477         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_KEY_AES),
478                                              my_counter,
479                                              static_cast<int>(size),
480                                              PolicySerializable(policyKey),
481                                              aliasHelper.getName(),
482                                              aliasHelper.getLabel());
483
484         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
485         if (CKM_API_SUCCESS != retCode)
486             return retCode;
487
488         int command;
489         int counter;
490         recv.Deserialize(command, counter, retCode);
491         if (counter != my_counter)
492             return CKM_API_ERROR_UNKNOWN;
493
494         return retCode;
495     });
496 }
497
498
499 int Manager::Impl::createKeyPair(
500     const KeyType key_type,
501     const int     additional_param,
502     const Alias  &privateKeyAlias,
503     const Alias  &publicKeyAlias,
504     const Policy &policyPrivateKey,
505     const Policy &policyPublicKey)
506 {
507     // input type check
508     CryptoAlgorithm keyGenAlgorithm;
509     switch (key_type) {
510         case KeyType::KEY_RSA_PUBLIC:
511         case KeyType::KEY_RSA_PRIVATE:
512             keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
513             keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
514             break;
515
516         case KeyType::KEY_DSA_PUBLIC:
517         case KeyType::KEY_DSA_PRIVATE:
518             keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
519             keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
520             break;
521
522         case KeyType::KEY_ECDSA_PUBLIC:
523         case KeyType::KEY_ECDSA_PRIVATE:
524             keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
525             keyGenAlgorithm.setParam(ParamName::GEN_EC, additional_param);
526             break;
527
528         default:
529             return CKM_API_ERROR_INPUT_PARAM;
530     }
531
532     // proceed with sending request
533     int my_counter = ++m_counter;
534
535     return try_catch([&] {
536         MessageBuffer recv;
537         AliasSupport privateHelper(privateKeyAlias);
538         AliasSupport publicHelper(publicKeyAlias);
539         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_KEY_PAIR),
540                                              my_counter,
541                                              CryptoAlgorithmSerializable(keyGenAlgorithm),
542                                              PolicySerializable(policyPrivateKey),
543                                              PolicySerializable(policyPublicKey),
544                                              privateHelper.getName(),
545                                              privateHelper.getLabel(),
546                                              publicHelper.getName(),
547                                              publicHelper.getLabel());
548
549         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
550         if (CKM_API_SUCCESS != retCode)
551             return retCode;
552
553         int command;
554         int counter;
555         recv.Deserialize(command, counter, retCode);
556         if (counter != my_counter)
557             return CKM_API_ERROR_UNKNOWN;
558
559         return retCode;
560     });
561 }
562
563 int Manager::Impl::getCertificateChain(
564     const CertificateShPtr &certificate,
565     const CertificateShPtrVector &untrustedCertificates,
566     const CertificateShPtrVector &trustedCertificates,
567     bool useTrustedSystemCertificates,
568     CertificateShPtrVector &certificateChainVector)
569 {
570     RawBufferVector untrustedVector;
571     RawBufferVector trustedVector;
572
573     if (!certificate || certificate->empty())
574         return CKM_API_ERROR_INPUT_PARAM;
575
576     for (auto &e: untrustedCertificates)
577         untrustedVector.push_back(e->getDER());
578
579     for (auto &e: trustedCertificates)
580         trustedVector.push_back(e->getDER());
581
582     return getCertChain(
583             m_storageConnection,
584             LogicCommand::GET_CHAIN_CERT,
585             ++m_counter,
586             certificate,
587             untrustedVector,
588             trustedVector,
589             useTrustedSystemCertificates,
590             certificateChainVector);
591 }
592
593 int Manager::Impl::getCertificateChain(
594     const CertificateShPtr &certificate,
595     const AliasVector &untrustedCertificates,
596     const AliasVector &trustedCertificates,
597     bool useTrustedSystemCertificates,
598     CertificateShPtrVector &certificateChainVector)
599 {
600     LabelNameVector untrustedVector;
601     LabelNameVector trustedVector;
602
603     if (!certificate || certificate->empty())
604         return CKM_API_ERROR_INPUT_PARAM;
605
606     for (auto &e: untrustedCertificates) {
607         AliasSupport helper(e);
608         untrustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
609     }
610     for (auto &e: trustedCertificates) {
611         AliasSupport helper(e);
612         trustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
613     }
614
615     return getCertChain(
616             m_storageConnection,
617             LogicCommand::GET_CHAIN_ALIAS,
618             ++m_counter,
619             certificate,
620             untrustedVector,
621             trustedVector,
622             useTrustedSystemCertificates,
623             certificateChainVector);
624 }
625
626 int Manager::Impl::createSignature(
627     const Alias &privateKeyAlias,
628     const Password &password,           // password for private_key
629     const RawBuffer &message,
630     const CryptoAlgorithm &cAlgorithm,
631     RawBuffer &signature)
632 {
633     int my_counter = ++m_counter;
634
635     return try_catch([&] {
636         MessageBuffer recv;
637         AliasSupport helper(privateKeyAlias);
638         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_SIGNATURE),
639                                              my_counter,
640                                              helper.getName(),
641                                              helper.getLabel(),
642                                              password,
643                                              message,
644                                              CryptoAlgorithmSerializable(cAlgorithm));
645
646         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
647         if (CKM_API_SUCCESS != retCode)
648             return retCode;
649
650         int command;
651         int counter;
652         recv.Deserialize(command, counter, retCode, signature);
653
654         if ((command != static_cast<int>(LogicCommand::CREATE_SIGNATURE))
655             || (counter != my_counter))
656             return CKM_API_ERROR_UNKNOWN;
657
658         return retCode;
659     });
660 }
661
662 int Manager::Impl::verifySignature(
663     const Alias &publicKeyOrCertAlias,
664     const Password &password,           // password for public_key (optional)
665     const RawBuffer &message,
666     const RawBuffer &signature,
667     const CryptoAlgorithm &cAlg)
668 {
669     int my_counter = ++m_counter;
670
671     return try_catch([&] {
672         MessageBuffer recv;
673         AliasSupport helper(publicKeyOrCertAlias);
674         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::VERIFY_SIGNATURE),
675                                              my_counter,
676                                              helper.getName(),
677                                              helper.getLabel(),
678                                              password,
679                                              message,
680                                              signature,
681                                              CryptoAlgorithmSerializable(cAlg));
682
683         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
684         if (CKM_API_SUCCESS != retCode)
685             return retCode;
686
687         int command;
688         int counter;
689         recv.Deserialize(command, counter, retCode);
690
691         if ((command != static_cast<int>(LogicCommand::VERIFY_SIGNATURE))
692             || (counter != my_counter))
693             return CKM_API_ERROR_UNKNOWN;
694
695         return retCode;
696     });
697 }
698
699 int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus)
700 {
701     return try_catch([&] {
702         int my_counter = ++m_counter;
703         MessageBuffer recv;
704
705         RawBufferVector rawCertChain;
706         for (auto &e: certChain) {
707             if (!e || e->empty()) {
708                 LogError("Empty certificate");
709                 return CKM_API_ERROR_INPUT_PARAM;
710             }
711             rawCertChain.push_back(e->getDER());
712         }
713
714         auto send = MessageBuffer::Serialize(my_counter, rawCertChain);
715
716         int retCode = m_ocspConnection.processRequest(send.Pop(), recv);
717         if (CKM_API_SUCCESS != retCode)
718             return retCode;
719
720         int counter;
721         recv.Deserialize(counter, retCode, ocspStatus);
722
723         if (my_counter != counter)
724             return CKM_API_ERROR_UNKNOWN;
725
726         return retCode;
727     });
728 }
729
730 int Manager::Impl::setPermission(const Alias &alias,
731                                const Label &accessor,
732                                PermissionMask permissionMask)
733 {
734     int my_counter = ++m_counter;
735
736     return try_catch([&] {
737         MessageBuffer recv;
738         AliasSupport helper(alias);
739         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SET_PERMISSION),
740                                              my_counter,
741                                              helper.getName(),
742                                              helper.getLabel(),
743                                              accessor,
744                                              permissionMask);
745
746         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
747         if (CKM_API_SUCCESS != retCode)
748             return retCode;
749
750         int command;
751         int counter;
752         recv.Deserialize(command, counter, retCode);
753
754         if (my_counter != counter)
755             return CKM_API_ERROR_UNKNOWN;
756
757         return retCode;
758     });
759 }
760
761 int Manager::Impl::crypt(EncryptionCommand command,
762           const CryptoAlgorithm &algo,
763           const Alias &keyAlias,
764           const Password &password,
765           const RawBuffer& input,
766           RawBuffer& output)
767 {
768     int my_counter = ++m_counter;
769
770     return try_catch([&] {
771         MessageBuffer recv;
772         AliasSupport helper(keyAlias);
773         CryptoAlgorithmSerializable cas(algo);
774         auto send = MessageBuffer::Serialize(static_cast<int>(command),
775                                              my_counter,
776                                              cas,
777                                              helper.getName(),
778                                              helper.getLabel(),
779                                              password,
780                                              input);
781
782         int retCode = m_encryptionConnection.processRequest(send.Pop(), recv);
783         if (CKM_API_SUCCESS != retCode)
784             return retCode;
785
786         int retCommand;
787         int counter;
788         recv.Deserialize(retCommand, counter, retCode, output);
789
790         if (my_counter != counter || retCommand != static_cast<int>(command))
791             return CKM_API_ERROR_UNKNOWN;
792
793         return retCode;
794     });
795 }
796
797 int Manager::Impl::encrypt(const CryptoAlgorithm &algo,
798             const Alias &keyAlias,
799             const Password &password,
800             const RawBuffer& plain,
801             RawBuffer& encrypted)
802 {
803     return crypt(EncryptionCommand::ENCRYPT, algo, keyAlias, password, plain, encrypted);
804 }
805
806 int Manager::Impl::decrypt(const CryptoAlgorithm &algo,
807                          const Alias &keyAlias,
808                          const Password &password,
809                          const RawBuffer& encrypted,
810                          RawBuffer& decrypted)
811 {
812     return crypt(EncryptionCommand::DECRYPT, algo, keyAlias, password, encrypted, decrypted);
813 }
814
815 } // namespace CKM
Domain: Security / Utilities;