2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
30 bool _toBool(ckm_bool ckmBool)
32 if(ckmBool == CKM_TRUE) {
38 std::string _tostring(const char *str)
42 return std::string(str);
45 CKM::Certificate _toCkmCertificate(const ckm_cert *cert)
47 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
48 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
49 CKM::Certificate ckmCert(buffer, dataFormat);
53 ckm_cert_list *_toNewCkmCertList(CKM::CertificateVector &certVector)
55 ckm_cert_list *start = NULL;
56 ckm_cert_list *plist = NULL;
57 CKM::CertificateVector::iterator it;
58 for(it = certVector.begin(); it != certVector.end(); it++) {
59 CKM::RawBuffer rawBuffer = it->getDER();
60 unsigned char *rawCert = reinterpret_cast<unsigned char*>(rawBuffer.data());
61 ckm_cert *pcert = ckm_cert_new( rawCert, rawBuffer.size(), CKM_FORM_DER);
66 plist = ckm_cert_list_new(pcert);
67 start = plist; // save the pointer of the first element
69 plist = ckm_cert_list_add(plist, pcert);
76 int ckm_save_key(const char *alias, const ckm_key key, const ckm_policy policy)
81 return CKM_API_ERROR_INPUT_PARAM;
83 CKM::Alias ckmAlias(alias);
85 if(key.raw_key == NULL || key.key_size <= 0) {
86 return CKM_API_ERROR_INPUT_PARAM;
88 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
89 CKM::Key ckmKey(buffer, _tostring(key.password));
91 if(ckmKey.getDER().size() <= 0) {
92 return CKM_API_ERROR_INVALID_FORMAT;
95 CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
97 return mgr.saveKey(ckmAlias, ckmKey, storePolicy);
102 int ckm_remove_key(const char *alias)
107 return CKM_API_ERROR_INPUT_PARAM;
109 CKM::Alias ckmAlias(alias);
111 return mgr.removeKey(ckmAlias);
115 int ckm_get_key(const char *alias, const char *password, ckm_key **key)
120 if(alias == NULL || key == NULL) {
121 return CKM_API_ERROR_INPUT_PARAM;
123 CKM::Alias ckmAlias(alias);
126 if( (ret = mgr.getKey(ckmAlias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
130 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey.getDER().data());
131 ckm_key_type keyType = static_cast<ckm_key_type>(static_cast<int>(ckmKey.getType()));
132 *key = ckm_key_new( rawKey, ckmKey.getDER().size(), keyType, NULL);
134 return CKM_API_ERROR_OUT_OF_MEMORY;
136 return CKM_API_SUCCESS;
141 int ckm_get_key_alias_list(ckm_alias_list** alias_list)
146 if(alias_list == NULL) {
147 return CKM_API_ERROR_INPUT_PARAM;
150 CKM::AliasVector aliasVector;
152 if( (ret = mgr.getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
156 ckm_alias_list *plist = NULL;
157 CKM::AliasVector::iterator it;
158 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
159 if(plist == NULL) { // first
160 plist = ckm_alias_list_new(const_cast<char *>(it->c_str()));
161 *alias_list = plist; // save the pointer of the first element
163 plist = ckm_alias_list_add(plist, const_cast<char *>(it->c_str()));
167 return CKM_API_SUCCESS;
171 int ckm_save_cert(const char *alias, const ckm_cert cert, const ckm_policy policy)
174 return CKM_API_ERROR_INPUT_PARAM;
176 CKM::Alias ckmAlias(alias);
178 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
179 return CKM_API_ERROR_INPUT_PARAM;
181 CKM::Certificate ckmCert = _toCkmCertificate(&cert);
182 if(ckmCert.getDER().size() <= 0) {
183 return CKM_API_ERROR_INVALID_FORMAT;
186 CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
189 return mgr.saveCertificate(ckmAlias, ckmCert, storePolicy);
193 int ckm_remove_cert(const char *alias)
196 return CKM_API_ERROR_INPUT_PARAM;
198 CKM::Alias ckmAlias(alias);
201 return mgr.removeCertificate(ckmAlias);
205 int ckm_get_cert(const char *alias, const char *password, const ckm_cert **cert)
207 CKM::Certificate ckmCert;
210 if(alias == NULL || cert == NULL) {
211 return CKM_API_ERROR_INPUT_PARAM;
213 CKM::Alias ckmAlias(alias);
216 if( (ret = mgr.getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
220 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert.getDER().data());
221 *cert = ckm_cert_new( rawCert, ckmCert.getDER().size(), CKM_FORM_DER);
223 return CKM_API_ERROR_OUT_OF_MEMORY;
225 return CKM_API_SUCCESS;
230 int ckm_get_cert_alias_list(ckm_alias_list** alias_list) {
234 if(alias_list == NULL) {
235 return CKM_API_ERROR_INPUT_PARAM;
238 CKM::AliasVector aliasVector;
240 if( (ret = mgr.getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
244 ckm_alias_list *plist = NULL;
245 CKM::AliasVector::iterator it;
246 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
247 if(plist == NULL) { // first
248 plist = ckm_alias_list_new(const_cast<char *>(it->c_str()));
249 *alias_list = plist; // save the pointer of the first element
251 plist = ckm_alias_list_add(plist, const_cast<char *>(it->c_str()));
255 return CKM_API_SUCCESS;
259 int ckm_save_data(const char *alias, ckm_raw_buffer data, const ckm_policy policy)
262 return CKM_API_ERROR_INPUT_PARAM;
264 CKM::Alias ckmAlias(alias);
266 if(data.data == NULL || data.size <= 0) {
267 return CKM_API_ERROR_INPUT_PARAM;
269 CKM::RawBuffer buffer(data.data, data.data + data.size);
271 CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
274 return mgr.saveData(ckmAlias, buffer, storePolicy);
278 int ckm_remove_data(const char *alias)
281 return CKM_API_ERROR_INPUT_PARAM;
283 CKM::Alias ckmAlias(alias);
286 return mgr.removeData(ckmAlias);
290 int ckm_get_data(const char *alias, const char *password, ckm_raw_buffer **data)
292 CKM::RawBuffer ckmBuff;
295 if(alias == NULL || data == NULL) {
296 return CKM_API_ERROR_INPUT_PARAM;
298 CKM::Alias ckmAlias(alias);
301 if( (ret = mgr.getData(ckmAlias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
305 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
306 *data = ckm_buffer_new( rawBuff, ckmBuff.size());
308 return CKM_API_ERROR_OUT_OF_MEMORY;
310 return CKM_API_SUCCESS;
315 int ckm_get_data_alias_list(ckm_alias_list** alias_list){
319 if(alias_list == NULL) {
320 return CKM_API_ERROR_INPUT_PARAM;
323 CKM::AliasVector aliasVector;
325 if( (ret = mgr.getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
329 ckm_alias_list *plist = NULL;
330 CKM::AliasVector::iterator it;
331 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
332 if(plist == NULL) { // first
333 plist = ckm_alias_list_new(const_cast<char *>(it->c_str()));
334 *alias_list = plist; // save the pointer of the first element
336 plist = ckm_alias_list_add(plist, const_cast<char *>(it->c_str()));
340 return CKM_API_SUCCESS;
344 int ckm_create_key_pair_rsa(const size_t size,
345 const char *private_key_alias,
346 const char *public_key_alias,
347 const ckm_policy policy_private_key,
348 const ckm_policy policy_public_key)
353 if(private_key_alias == NULL || public_key_alias == NULL) {
354 return CKM_API_ERROR_INPUT_PARAM;
357 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
358 CKM::Alias ckmPublicKeyAlias(public_key_alias);
359 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
360 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
362 if( (ret = mgr.createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
363 != CKM_API_SUCCESS) {
367 return CKM_API_SUCCESS;
371 int ckm_create_key_pair_ecdsa(const ckm_ec_type type,
372 const char *private_key_alias,
373 const char *public_key_alias,
374 const ckm_policy policy_private_key,
375 const ckm_policy policy_public_key)
380 if(private_key_alias == NULL || public_key_alias == NULL) {
381 return CKM_API_ERROR_INPUT_PARAM;
384 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
385 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
386 CKM::Alias ckmPublicKeyAlias(public_key_alias);
387 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
388 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
390 if( (ret - mgr.createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
391 != CKM_API_SUCCESS) {
395 return CKM_API_SUCCESS;
399 int ckm_create_signature(const char *private_key_alias,
400 const char *password,
401 const ckm_raw_buffer message,
402 const ckm_hash_algo hash,
403 const ckm_rsa_padding_algo padding,
404 ckm_raw_buffer **signature)
408 CKM::RawBuffer ckmSignature;
410 if(private_key_alias == NULL || signature == NULL) {
411 return CKM_API_ERROR_INPUT_PARAM;
414 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
415 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
416 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
417 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
419 if( (ret = mgr.createSignature(
425 ckmSignature)) != CKM_API_SUCCESS) {
429 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
430 *signature = ckm_buffer_new( rawBuff, ckmSignature.size());
431 if(*signature == NULL) {
432 return CKM_API_ERROR_OUT_OF_MEMORY;
434 return CKM_API_SUCCESS;
437 return CKM_API_SUCCESS;
441 int ckm_verify_signature(const char *public_key_alias,
442 const char *password,
443 const ckm_raw_buffer message,
444 const ckm_raw_buffer signature,
445 const ckm_hash_algo hash,
446 const ckm_rsa_padding_algo padding)
451 if(public_key_alias == NULL) {
452 return CKM_API_ERROR_INPUT_PARAM;
455 CKM::Alias ckmPublicKeyAlias(public_key_alias);
456 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
457 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
458 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
459 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
461 if( (ret = mgr.verifySignature(
467 ckmPadding)) != CKM_API_SUCCESS) {
471 return CKM_API_SUCCESS;
475 int ckm_get_cert_chain(const ckm_cert *cert, const ckm_cert_list *untrustedcerts, ckm_cert_list **cert_chain_list)
479 CKM::CertificateVector ckmCertChain;
481 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
482 return CKM_API_ERROR_INPUT_PARAM;
485 CKM::Certificate ckmCert = _toCkmCertificate(cert);
487 CKM::CertificateVector ckmUntrustedCerts;
488 if(untrustedcerts != NULL) {
489 ckm_cert_list *current = NULL;
490 ckm_cert_list *next = const_cast<ckm_cert_list *>(untrustedcerts);
493 next = current->next;
495 if(current->cert == NULL){
499 CKM::Certificate tmpCkmCert = _toCkmCertificate(current->cert);
500 ckmUntrustedCerts.push_back(tmpCkmCert);
501 }while(next != NULL);
504 ret = mgr.getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
505 if( ret != CKM_API_SUCCESS) {
509 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
511 return CKM_API_SUCCESS;
515 int ckm_get_cert_chain_with_alias(const ckm_cert *cert, const ckm_alias_list *untrustedcerts, ckm_cert_list **cert_chain_list)
519 CKM::CertificateVector ckmCertChain;
522 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
523 return CKM_API_ERROR_INPUT_PARAM;
525 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
526 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
527 CKM::Certificate ckmCert(buffer, dataFormat);
529 CKM::AliasVector ckmUntrustedAliases;
530 if(untrustedcerts != NULL) {
531 ckm_alias_list *current = NULL;
532 ckm_alias_list *next = const_cast<ckm_alias_list *>(untrustedcerts);
535 next = current->next;
537 if(current->alias == NULL){
538 return CKM_API_ERROR_INPUT_PARAM;
540 CKM::Alias ckmAlias(current->alias);
541 ckmUntrustedAliases.push_back(ckmAlias);
542 }while(next != NULL);
545 if( (ret = mgr.getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
549 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
551 return CKM_API_SUCCESS;