2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
28 #include <ckmc-type-converter.h>
32 CKM::Password _tostring(const char *str)
35 return CKM::Password();
36 return CKM::Password(str);
39 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
41 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
42 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
43 return CKM::Certificate::create(buffer, dataFormat);
46 ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
49 ckmc_cert_list_s *start = NULL;
50 ckmc_cert_list_s *plist = NULL;
51 CKM::CertificateShPtrVector::iterator it;
52 for(it = certVector.begin(); it != certVector.end(); it++) {
53 CKM::RawBuffer rawBuffer = (*it)->getDER();
54 unsigned char *rawCert = (unsigned char *) malloc(rawBuffer.size());
55 memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
57 ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
62 ret = ckmc_cert_list_new(pcert, &plist);
63 start = plist; // save the pointer of the first element
65 ret = ckmc_cert_list_add(plist, pcert, &plist);
67 if(ret != CKMC_ERROR_NONE) {
68 ckmc_cert_list_all_free(start);
76 int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
78 CKM::ManagerShPtr mgr = CKM::Manager::create();
81 return CKMC_ERROR_INVALID_PARAMETER;
83 CKM::Alias ckmAlias(alias);
85 if(key.raw_key == NULL || key.key_size <= 0) {
86 return CKMC_ERROR_INVALID_PARAMETER;
88 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
89 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
91 if(ckmKey.get() == NULL) {
92 return CKMC_ERROR_INVALID_FORMAT;
95 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
97 int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
98 return to_ckmc_error(ret);
103 int ckmc_remove_key(const char *alias)
105 CKM::ManagerShPtr mgr = CKM::Manager::create();
108 return CKMC_ERROR_INVALID_PARAMETER;
110 CKM::Alias ckmAlias(alias);
112 int ret = mgr->removeKey(ckmAlias);
113 return to_ckmc_error(ret);
117 int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
120 CKM::KeyShPtr ckmKey;
122 if(alias == NULL || key == NULL) {
123 return CKMC_ERROR_INVALID_PARAMETER;
125 CKM::Alias ckmAlias(alias);
127 CKM::ManagerShPtr mgr = CKM::Manager::create();
128 if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
129 return to_ckmc_error(ret);
132 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
133 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
135 ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
137 return to_ckmc_error(ret);
141 int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
145 if(alias_list == NULL) {
146 return CKMC_ERROR_INVALID_PARAMETER;
149 CKM::AliasVector aliasVector;
150 CKM::ManagerShPtr mgr = CKM::Manager::create();
151 if( (ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
152 return to_ckmc_error(ret);
155 ckmc_alias_list_s *plist = NULL;
156 CKM::AliasVector::iterator it;
157 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
158 char *alias = (char *)malloc(it->size() + 1);
159 memset(alias, 0, it->size() +1 );
160 memcpy(alias, it->c_str(), it->size());
161 if(plist == NULL) { // first
162 ret = ckmc_alias_list_new(alias, &plist);
163 *alias_list = plist; // save the pointer of the first element
165 ret = ckmc_alias_list_add(plist, alias, &plist);
167 if(ret != CKMC_ERROR_NONE) {
168 ckmc_alias_list_all_free(*alias_list);
173 return CKMC_ERROR_NONE;
177 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
180 return CKMC_ERROR_INVALID_PARAMETER;
182 CKM::Alias ckmAlias(alias);
184 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
185 return CKMC_ERROR_INVALID_PARAMETER;
187 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
188 if(ckmCert.get() == NULL) {
189 return CKMC_ERROR_INVALID_FORMAT;
192 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
194 CKM::ManagerShPtr mgr = CKM::Manager::create();
195 int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
197 return to_ckmc_error(ret);
201 int ckmc_remove_cert(const char *alias)
204 return CKMC_ERROR_INVALID_PARAMETER;
206 CKM::Alias ckmAlias(alias);
208 CKM::ManagerShPtr mgr = CKM::Manager::create();
209 int ret = mgr->removeCertificate(ckmAlias);
211 return to_ckmc_error(ret);
215 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
217 CKM::CertificateShPtr ckmCert;
220 if(alias == NULL || cert == NULL) {
221 return CKMC_ERROR_INVALID_PARAMETER;
223 CKM::Alias ckmAlias(alias);
225 CKM::ManagerShPtr mgr = CKM::Manager::create();
226 if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
227 return to_ckmc_error(ret);
230 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
231 ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
237 int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
240 if(alias_list == NULL) {
241 return CKMC_ERROR_INVALID_PARAMETER;
244 CKM::AliasVector aliasVector;
245 CKM::ManagerShPtr mgr = CKM::Manager::create();
246 if( (ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
247 return to_ckmc_error(ret);
250 ckmc_alias_list_s *plist = NULL;
251 CKM::AliasVector::iterator it;
252 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
253 char *alias = (char *)malloc(it->size() + 1);
254 memset(alias, 0, it->size() +1 );
255 memcpy(alias, it->c_str(), it->size());
257 if(plist == NULL) { // first
258 ret = ckmc_alias_list_new(alias, &plist);
259 *alias_list = plist; // save the pointer of the first element
261 ret = ckmc_alias_list_add(plist, alias, &plist);
264 if(ret != CKMC_ERROR_NONE) {
265 ckmc_alias_list_all_free(*alias_list);
270 return CKMC_ERROR_NONE;
274 int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
277 return CKMC_ERROR_INVALID_PARAMETER;
279 CKM::Alias ckmAlias(alias);
281 if(data.data == NULL || data.size <= 0) {
282 return CKMC_ERROR_INVALID_PARAMETER;
284 CKM::RawBuffer buffer(data.data, data.data + data.size);
286 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
288 CKM::ManagerShPtr mgr = CKM::Manager::create();
289 int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
291 return to_ckmc_error(ret);
295 int ckmc_remove_data(const char *alias)
298 return CKMC_ERROR_INVALID_PARAMETER;
300 CKM::Alias ckmAlias(alias);
302 CKM::ManagerShPtr mgr = CKM::Manager::create();
303 int ret = mgr->removeData(ckmAlias);
304 return to_ckmc_error(ret);
308 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
310 CKM::RawBuffer ckmBuff;
313 if(alias == NULL || data == NULL) {
314 return CKMC_ERROR_INVALID_PARAMETER;
316 CKM::Alias ckmAlias(alias);
318 CKM::ManagerShPtr mgr = CKM::Manager::create();
319 if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
320 return to_ckmc_error(ret);
323 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
324 ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
330 int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
333 if(alias_list == NULL) {
334 return CKMC_ERROR_INVALID_PARAMETER;
337 CKM::AliasVector aliasVector;
338 CKM::ManagerShPtr mgr = CKM::Manager::create();
339 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
340 return to_ckmc_error(ret);
343 ckmc_alias_list_s *plist = NULL;
344 CKM::AliasVector::iterator it;
345 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
346 char *alias = (char *)malloc(it->size() + 1);
347 memset(alias, 0, it->size() +1 );
348 memcpy(alias, it->c_str(), it->size());
349 if(plist == NULL) { // first
350 ret = ckmc_alias_list_new(alias, &plist);
351 *alias_list = plist; // save the pointer of the first element
353 ret = ckmc_alias_list_add(plist, alias, &plist);
355 if(ret != CKMC_ERROR_NONE) {
356 ckmc_alias_list_all_free(*alias_list);
361 return CKMC_ERROR_NONE;
365 int ckmc_create_key_pair_rsa(const size_t size,
366 const char *private_key_alias,
367 const char *public_key_alias,
368 const ckmc_policy_s policy_private_key,
369 const ckmc_policy_s policy_public_key)
372 CKM::ManagerShPtr mgr = CKM::Manager::create();
374 if(private_key_alias == NULL || public_key_alias == NULL) {
375 return CKMC_ERROR_INVALID_PARAMETER;
378 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
379 CKM::Alias ckmPublicKeyAlias(public_key_alias);
380 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
381 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
383 ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
384 return to_ckmc_error(ret);
388 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
389 const char *private_key_alias,
390 const char *public_key_alias,
391 const ckmc_policy_s policy_private_key,
392 const ckmc_policy_s policy_public_key)
394 CKM::ManagerShPtr mgr = CKM::Manager::create();
396 if(private_key_alias == NULL || public_key_alias == NULL) {
397 return CKMC_ERROR_INVALID_PARAMETER;
400 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
401 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
402 CKM::Alias ckmPublicKeyAlias(public_key_alias);
403 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
404 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
406 int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
407 return to_ckmc_error(ret);
411 int ckmc_create_signature(const char *private_key_alias,
412 const char *password,
413 const ckmc_raw_buffer_s message,
414 const ckmc_hash_algo_e hash,
415 const ckmc_rsa_padding_algo_e padding,
416 ckmc_raw_buffer_s **signature)
419 CKM::ManagerShPtr mgr = CKM::Manager::create();
420 CKM::RawBuffer ckmSignature;
422 if(private_key_alias == NULL || signature == NULL) {
423 return CKMC_ERROR_INVALID_PARAMETER;
426 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
427 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
428 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
429 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
431 if( (ret = mgr->createSignature(
437 ckmSignature)) != CKM_API_SUCCESS) {
438 return to_ckmc_error(ret);
441 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
442 ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
448 int ckmc_verify_signature(const char *public_key_alias,
449 const char *password,
450 const ckmc_raw_buffer_s message,
451 const ckmc_raw_buffer_s signature,
452 const ckmc_hash_algo_e hash,
453 const ckmc_rsa_padding_algo_e padding)
456 CKM::ManagerShPtr mgr = CKM::Manager::create();
458 if(public_key_alias == NULL) {
459 return CKMC_ERROR_INVALID_PARAMETER;
462 CKM::Alias ckmPublicKeyAlias(public_key_alias);
463 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
464 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
465 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
466 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
468 if( (ret = mgr->verifySignature(
474 ckmPadding)) != CKM_API_SUCCESS) {
475 return to_ckmc_error(ret);
478 return CKMC_ERROR_NONE;
482 int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
485 CKM::ManagerShPtr mgr = CKM::Manager::create();
486 CKM::CertificateShPtrVector ckmCertChain;
488 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
489 return CKMC_ERROR_INVALID_PARAMETER;
492 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
494 CKM::CertificateShPtrVector ckmUntrustedCerts;
495 if(untrustedcerts != NULL) {
496 ckmc_cert_list_s *current = NULL;
497 ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
500 next = current->next;
502 if(current->cert == NULL){
506 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
507 ckmUntrustedCerts.push_back(tmpCkmCert);
508 }while(next != NULL);
511 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
512 if( ret != CKM_API_SUCCESS) {
513 return to_ckmc_error(ret);
516 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
518 return CKMC_ERROR_NONE;
522 int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
525 CKM::ManagerShPtr mgr = CKM::Manager::create();
526 CKM::CertificateShPtrVector ckmCertChain;
529 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
530 return CKMC_ERROR_INVALID_PARAMETER;
533 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
534 if(ckmCert.get() == NULL) {
535 return CKMC_ERROR_INVALID_FORMAT;
538 CKM::AliasVector ckmUntrustedAliases;
539 if(untrustedcerts != NULL) {
540 ckmc_alias_list_s *current = NULL;
541 ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
544 next = current->next;
546 if(current->alias == NULL){
547 return CKMC_ERROR_INVALID_PARAMETER;
549 CKM::Alias ckmAlias(current->alias);
550 ckmUntrustedAliases.push_back(ckmAlias);
551 }while(next != NULL);
554 if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
555 return to_ckmc_error(ret);
558 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
560 return CKMC_ERROR_NONE;
projects / platform / core / security / key-manager.git / blob