2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
28 #include <ckmc-type-converter.h>
32 CKM::Password _tostring(const char *str)
35 return CKM::Password();
36 return CKM::Password(str);
39 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
41 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
42 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
43 return CKM::Certificate::create(buffer, dataFormat);
46 ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
49 ckmc_cert_list_s *start = NULL;
50 ckmc_cert_list_s *plist = NULL;
51 CKM::CertificateShPtrVector::iterator it;
52 for(it = certVector.begin(); it != certVector.end(); it++) {
53 CKM::RawBuffer rawBuffer = (*it)->getDER();
54 unsigned char *rawCert = static_cast<unsigned char *>(malloc(rawBuffer.size()));
55 memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
57 ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
60 ckmc_cert_list_all_free(start);
64 ret = ckmc_cert_list_new(pcert, &plist);
65 start = plist; // save the pointer of the first element
67 ret = ckmc_cert_list_add(plist, pcert, &plist);
69 if(ret != CKMC_ERROR_NONE) {
70 ckmc_cert_list_all_free(start);
78 int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
80 CKM::ManagerShPtr mgr = CKM::Manager::create();
83 return CKMC_ERROR_INVALID_PARAMETER;
85 CKM::Alias ckmAlias(alias);
87 if(key.raw_key == NULL || key.key_size <= 0) {
88 return CKMC_ERROR_INVALID_PARAMETER;
90 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
91 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
93 if(ckmKey.get() == NULL) {
94 return CKMC_ERROR_INVALID_FORMAT;
97 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
99 int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
100 return to_ckmc_error(ret);
105 int ckmc_remove_key(const char *alias)
107 CKM::ManagerShPtr mgr = CKM::Manager::create();
110 return CKMC_ERROR_INVALID_PARAMETER;
112 CKM::Alias ckmAlias(alias);
114 int ret = mgr->removeKey(ckmAlias);
115 return to_ckmc_error(ret);
119 int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
122 CKM::KeyShPtr ckmKey;
124 if(alias == NULL || key == NULL) {
125 return CKMC_ERROR_INVALID_PARAMETER;
127 CKM::Alias ckmAlias(alias);
129 CKM::ManagerShPtr mgr = CKM::Manager::create();
130 if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
131 return to_ckmc_error(ret);
134 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
135 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
137 ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
139 return to_ckmc_error(ret);
143 int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
147 if (alias_list == NULL) {
148 return CKMC_ERROR_INVALID_PARAMETER;
151 CKM::AliasVector aliasVector;
152 CKM::ManagerShPtr mgr = CKM::Manager::create();
154 if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
155 return to_ckmc_error(ret);
158 ckmc_alias_list_s *plist = NULL;
160 for (auto it = aliasVector.begin(); it != aliasVector.end(); it++) {
161 char *alias = strndup(it->c_str(), it->size());
163 if (plist == NULL) { // first
164 ret = ckmc_alias_list_new(alias, &plist);
165 *alias_list = plist; // save the pointer of the first element
167 ret = ckmc_alias_list_add(plist, alias, &plist);
170 if (ret != CKMC_ERROR_NONE) {
172 ckmc_alias_list_all_free(*alias_list);
177 if(plist == NULL) { // if the alias_list size is zero
178 return CKMC_ERROR_DB_ALIAS_UNKNOWN ;
182 return CKMC_ERROR_NONE;
186 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
189 return CKMC_ERROR_INVALID_PARAMETER;
191 CKM::Alias ckmAlias(alias);
193 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
194 return CKMC_ERROR_INVALID_PARAMETER;
196 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
197 if(ckmCert.get() == NULL) {
198 return CKMC_ERROR_INVALID_FORMAT;
201 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
203 CKM::ManagerShPtr mgr = CKM::Manager::create();
204 int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
206 return to_ckmc_error(ret);
210 int ckmc_remove_cert(const char *alias)
213 return CKMC_ERROR_INVALID_PARAMETER;
215 CKM::Alias ckmAlias(alias);
217 CKM::ManagerShPtr mgr = CKM::Manager::create();
218 int ret = mgr->removeCertificate(ckmAlias);
220 return to_ckmc_error(ret);
224 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
226 CKM::CertificateShPtr ckmCert;
229 if(alias == NULL || cert == NULL) {
230 return CKMC_ERROR_INVALID_PARAMETER;
232 CKM::Alias ckmAlias(alias);
234 CKM::ManagerShPtr mgr = CKM::Manager::create();
235 if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
236 return to_ckmc_error(ret);
239 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
240 ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
246 int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
249 if (alias_list == NULL) {
250 return CKMC_ERROR_INVALID_PARAMETER;
255 CKM::AliasVector aliasVector;
256 CKM::ManagerShPtr mgr = CKM::Manager::create();
257 if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
258 return to_ckmc_error(ret);
261 ckmc_alias_list_s *plist = NULL;
263 for (auto it = aliasVector.begin(); it != aliasVector.end(); it++) {
264 char *alias = strndup(it->c_str(), it->size());
266 if (plist == NULL) { // first
267 ret = ckmc_alias_list_new(alias, &plist);
268 *alias_list = plist; // save the pointer of the first element
270 ret = ckmc_alias_list_add(plist, alias, &plist);
273 if (ret != CKMC_ERROR_NONE) {
275 ckmc_alias_list_all_free(*alias_list);
280 if(plist == NULL) { // if the alias_list size is zero
281 return CKMC_ERROR_DB_ALIAS_UNKNOWN ;
285 return CKMC_ERROR_NONE;
289 int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
292 return CKMC_ERROR_INVALID_PARAMETER;
294 CKM::Alias ckmAlias(alias);
296 if(data.data == NULL || data.size <= 0) {
297 return CKMC_ERROR_INVALID_PARAMETER;
299 CKM::RawBuffer buffer(data.data, data.data + data.size);
301 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
303 CKM::ManagerShPtr mgr = CKM::Manager::create();
304 int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
306 return to_ckmc_error(ret);
310 int ckmc_remove_data(const char *alias)
313 return CKMC_ERROR_INVALID_PARAMETER;
315 CKM::Alias ckmAlias(alias);
317 CKM::ManagerShPtr mgr = CKM::Manager::create();
318 int ret = mgr->removeData(ckmAlias);
319 return to_ckmc_error(ret);
323 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
325 CKM::RawBuffer ckmBuff;
328 if(alias == NULL || data == NULL) {
329 return CKMC_ERROR_INVALID_PARAMETER;
331 CKM::Alias ckmAlias(alias);
333 CKM::ManagerShPtr mgr = CKM::Manager::create();
334 if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
335 return to_ckmc_error(ret);
338 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
339 ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
345 int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
348 if(alias_list == NULL) {
349 return CKMC_ERROR_INVALID_PARAMETER;
354 CKM::AliasVector aliasVector;
355 CKM::ManagerShPtr mgr = CKM::Manager::create();
356 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
357 return to_ckmc_error(ret);
360 ckmc_alias_list_s *plist = NULL;
362 for(auto it = aliasVector.begin(); it != aliasVector.end(); it++) {
363 char *alias = strndup(it->c_str(), it->size());
365 if (plist == NULL) { // first
366 ret = ckmc_alias_list_new(alias, &plist);
367 *alias_list = plist; // save the pointer of the first element
369 ret = ckmc_alias_list_add(plist, alias, &plist);
372 if (ret != CKMC_ERROR_NONE) {
374 ckmc_alias_list_all_free(*alias_list);
379 if(plist == NULL) { // if the alias_list size is zero
380 return CKMC_ERROR_DB_ALIAS_UNKNOWN ;
383 return CKMC_ERROR_NONE;
387 int ckmc_create_key_pair_rsa(const size_t size,
388 const char *private_key_alias,
389 const char *public_key_alias,
390 const ckmc_policy_s policy_private_key,
391 const ckmc_policy_s policy_public_key)
394 CKM::ManagerShPtr mgr = CKM::Manager::create();
396 if(private_key_alias == NULL || public_key_alias == NULL) {
397 return CKMC_ERROR_INVALID_PARAMETER;
400 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
401 CKM::Alias ckmPublicKeyAlias(public_key_alias);
402 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
403 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
405 ret = mgr->createKeyPairRSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
406 return to_ckmc_error(ret);
410 int ckmc_create_key_pair_dsa(const size_t size,
411 const char *private_key_alias,
412 const char *public_key_alias,
413 const ckmc_policy_s policy_private_key,
414 const ckmc_policy_s policy_public_key)
417 CKM::ManagerShPtr mgr = CKM::Manager::create();
419 if(private_key_alias == NULL || public_key_alias == NULL) {
420 return CKMC_ERROR_INVALID_PARAMETER;
423 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
424 CKM::Alias ckmPublicKeyAlias(public_key_alias);
425 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
426 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
428 ret = mgr->createKeyPairDSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
429 return to_ckmc_error(ret);
433 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
434 const char *private_key_alias,
435 const char *public_key_alias,
436 const ckmc_policy_s policy_private_key,
437 const ckmc_policy_s policy_public_key)
439 CKM::ManagerShPtr mgr = CKM::Manager::create();
441 if(private_key_alias == NULL || public_key_alias == NULL) {
442 return CKMC_ERROR_INVALID_PARAMETER;
445 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
446 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
447 CKM::Alias ckmPublicKeyAlias(public_key_alias);
448 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
449 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
451 int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
452 return to_ckmc_error(ret);
456 int ckmc_create_signature(const char *private_key_alias,
457 const char *password,
458 const ckmc_raw_buffer_s message,
459 const ckmc_hash_algo_e hash,
460 const ckmc_rsa_padding_algo_e padding,
461 ckmc_raw_buffer_s **signature)
464 CKM::ManagerShPtr mgr = CKM::Manager::create();
465 CKM::RawBuffer ckmSignature;
467 if(private_key_alias == NULL || signature == NULL) {
468 return CKMC_ERROR_INVALID_PARAMETER;
471 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
472 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
473 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
474 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
476 if( (ret = mgr->createSignature(
482 ckmSignature)) != CKM_API_SUCCESS) {
483 return to_ckmc_error(ret);
486 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
487 ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
493 int ckmc_verify_signature(const char *public_key_alias,
494 const char *password,
495 const ckmc_raw_buffer_s message,
496 const ckmc_raw_buffer_s signature,
497 const ckmc_hash_algo_e hash,
498 const ckmc_rsa_padding_algo_e padding)
501 CKM::ManagerShPtr mgr = CKM::Manager::create();
503 if(public_key_alias == NULL) {
504 return CKMC_ERROR_INVALID_PARAMETER;
507 CKM::Alias ckmPublicKeyAlias(public_key_alias);
508 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
509 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
510 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
511 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
513 if( (ret = mgr->verifySignature(
519 ckmPadding)) != CKM_API_SUCCESS) {
520 return to_ckmc_error(ret);
523 return CKMC_ERROR_NONE;
527 int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
530 CKM::ManagerShPtr mgr = CKM::Manager::create();
531 CKM::CertificateShPtrVector ckmCertChain;
533 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
534 return CKMC_ERROR_INVALID_PARAMETER;
537 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
539 CKM::CertificateShPtrVector ckmUntrustedCerts;
540 if(untrustedcerts != NULL) {
541 ckmc_cert_list_s *current = NULL;
542 ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
545 next = current->next;
547 if(current->cert == NULL){
551 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
552 ckmUntrustedCerts.push_back(tmpCkmCert);
553 }while(next != NULL);
556 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
557 if( ret != CKM_API_SUCCESS) {
558 return to_ckmc_error(ret);
561 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
563 return CKMC_ERROR_NONE;
567 int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
570 CKM::ManagerShPtr mgr = CKM::Manager::create();
571 CKM::CertificateShPtrVector ckmCertChain;
574 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
575 return CKMC_ERROR_INVALID_PARAMETER;
578 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
579 if(ckmCert.get() == NULL) {
580 return CKMC_ERROR_INVALID_FORMAT;
583 CKM::AliasVector ckmUntrustedAliases;
584 if(untrustedcerts != NULL) {
585 ckmc_alias_list_s *current = NULL;
586 ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
589 next = current->next;
591 if(current->alias == NULL){
592 return CKMC_ERROR_INVALID_PARAMETER;
594 CKM::Alias ckmAlias(current->alias);
595 ckmUntrustedAliases.push_back(ckmAlias);
596 }while(next != NULL);
599 if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
600 return to_ckmc_error(ret);
603 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
605 return CKMC_ERROR_NONE;