2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
28 #include <ckmc-type-converter.h>
29 #include <client-common.h>
35 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
36 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
38 CKM::Password _tostring(const char *str)
41 return CKM::Password();
42 return CKM::Password(str);
45 CKM::KeyShPtr _toCkmKey(const ckmc_key_s *key)
49 CKM::RawBuffer buffer(key->raw_key, key->raw_key + key->key_size);
50 return CKM::Key::create(buffer, _tostring(key->password));
52 return CKM::KeyShPtr();
55 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
59 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
60 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
61 return CKM::Certificate::create(buffer, dataFormat);
63 return CKM::CertificateShPtr();
66 CKM::CertificateShPtrVector _toCkmCertificateVector(const ckmc_cert_list_s *list)
68 CKM::CertificateShPtrVector certs;
69 ckmc_cert_list_s *current = const_cast<ckmc_cert_list_s *>(list);
70 while (current != NULL)
72 if (current->cert != NULL)
73 certs.push_back(_toCkmCertificate(current->cert));
74 current = current->next;
79 CKM::AliasVector _toCkmAliasVector(const ckmc_alias_list_s *list)
81 CKM::AliasVector aliases;
82 ckmc_alias_list_s *current = const_cast<ckmc_alias_list_s *>(list);
83 while (current != NULL)
85 if (current->alias != NULL)
86 aliases.push_back(CKM::Alias(current->alias));
87 current = current->next;
92 ckmc_cert_list_s *_toNewCkmCertList(const CKM::CertificateShPtrVector &certVector)
95 ckmc_cert_list_s *start = NULL;
96 ckmc_cert_list_s *plist = NULL;
97 CKM::CertificateShPtrVector::const_iterator it;
98 for(it = certVector.begin(); it != certVector.end(); it++) {
99 CKM::RawBuffer rawBuffer = (*it)->getDER();
100 ckmc_cert_s *pcert = NULL;
101 ret = ckmc_cert_new(rawBuffer.data(), rawBuffer.size(), CKMC_FORM_DER, &pcert);
103 ckmc_cert_list_all_free(start);
107 ret = ckmc_cert_list_new(pcert, &plist);
108 start = plist; // save the pointer of the first element
110 ret = ckmc_cert_list_add(plist, pcert, &plist);
112 if(ret != CKMC_ERROR_NONE) {
113 ckmc_cert_list_all_free(start);
124 int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
126 CKM::ManagerShPtr mgr = CKM::Manager::create();
129 return CKMC_ERROR_INVALID_PARAMETER;
131 CKM::Alias ckmAlias(alias);
133 if(key.raw_key == NULL || key.key_size <= 0) {
134 return CKMC_ERROR_INVALID_PARAMETER;
136 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
137 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
139 if(ckmKey.get() == NULL) {
140 return CKMC_ERROR_INVALID_FORMAT;
143 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
145 int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
146 return to_ckmc_error(ret);
151 int ckmc_remove_key(const char *alias)
153 return ckmc_remove_alias(alias);
157 int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
160 CKM::KeyShPtr ckmKey;
162 if(alias == NULL || key == NULL) {
163 return CKMC_ERROR_INVALID_PARAMETER;
166 CKM::ManagerShPtr mgr = CKM::Manager::create();
167 if( (ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
168 return to_ckmc_error(ret);
171 CKM::RawBuffer buffer = ckmKey->getDER();
172 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
174 ret = ckmc_key_new( buffer.data(), buffer.size(), keyType, NULL, key);
176 return to_ckmc_error(ret);
180 int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
184 if (alias_list == NULL) {
185 return CKMC_ERROR_INVALID_PARAMETER;
188 CKM::AliasVector aliasVector;
189 CKM::ManagerShPtr mgr = CKM::Manager::create();
191 if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
192 return to_ckmc_error(ret);
195 ckmc_alias_list_s *plist = NULL;
197 for (const auto it : aliasVector) {
198 char *alias = strndup(it.c_str(), it.size());
200 if (plist == NULL) { // first
201 ret = ckmc_alias_list_new(alias, &plist);
202 *alias_list = plist; // save the pointer of the first element
204 ret = ckmc_alias_list_add(plist, alias, &plist);
207 if (ret != CKMC_ERROR_NONE) {
209 ckmc_alias_list_all_free(*alias_list);
214 if(plist == NULL) { // if the alias_list size is zero
215 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
218 return CKMC_ERROR_NONE;
222 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
225 return CKMC_ERROR_INVALID_PARAMETER;
227 CKM::Alias ckmAlias(alias);
229 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
230 return CKMC_ERROR_INVALID_PARAMETER;
232 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
233 if(ckmCert.get() == NULL) {
234 return CKMC_ERROR_INVALID_FORMAT;
237 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
239 CKM::ManagerShPtr mgr = CKM::Manager::create();
240 int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
242 return to_ckmc_error(ret);
246 int ckmc_remove_cert(const char *alias)
248 return ckmc_remove_alias(alias);
252 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
254 CKM::CertificateShPtr ckmCert;
257 if(alias == NULL || cert == NULL) {
258 return CKMC_ERROR_INVALID_PARAMETER;
261 CKM::ManagerShPtr mgr = CKM::Manager::create();
262 if( (ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
263 return to_ckmc_error(ret);
266 CKM::RawBuffer buffer = ckmCert->getDER();
267 ret = ckmc_cert_new( buffer.data(), buffer.size(), CKMC_FORM_DER, cert);
273 int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
276 if (alias_list == NULL) {
277 return CKMC_ERROR_INVALID_PARAMETER;
282 CKM::AliasVector aliasVector;
283 CKM::ManagerShPtr mgr = CKM::Manager::create();
284 if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
285 return to_ckmc_error(ret);
288 ckmc_alias_list_s *plist = NULL;
290 for (const auto it : aliasVector) {
291 char *alias = strndup(it.c_str(), it.size());
293 if (plist == NULL) { // first
294 ret = ckmc_alias_list_new(alias, &plist);
295 *alias_list = plist; // save the pointer of the first element
297 ret = ckmc_alias_list_add(plist, alias, &plist);
300 if (ret != CKMC_ERROR_NONE) {
302 ckmc_alias_list_all_free(*alias_list);
307 if(plist == NULL) { // if the alias_list size is zero
308 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
311 return CKMC_ERROR_NONE;
315 int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs, const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy)
317 CKM::KeyShPtr private_key;
318 CKM::CertificateShPtr cert;
319 CKM::CertificateShPtrVector ca_cert_list;
321 if(alias==NULL || ppkcs==NULL) {
322 return CKMC_ERROR_INVALID_PARAMETER;
324 CKM::Alias ckmAlias(alias);
326 private_key = _toCkmKey(ppkcs->priv_key);
327 cert = _toCkmCertificate(ppkcs->cert);
328 ckmc_cert_list_s *current = NULL;
329 ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(ppkcs->ca_chain);
332 next = current->next;
334 if(current->cert == NULL){
338 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
339 ca_cert_list.push_back(tmpCkmCert);
340 }while(next != NULL);
342 CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable);
343 CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable);
345 CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list));
347 CKM::ManagerShPtr mgr = CKM::Manager::create();
348 int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy);
350 return to_ckmc_error(ret);
354 int ckmc_remove_pkcs12(const char *alias)
356 return ckmc_remove_alias(alias);
360 int ckmc_get_pkcs12(const char *alias, ckmc_pkcs12_s **pkcs12)
363 CKM::PKCS12ShPtr ShPkcs12;
364 CKM::PKCS12 *pkcs12Ptr = NULL;
365 ckmc_key_s *private_key = NULL;
366 ckmc_cert_s *cert = NULL;
367 ckmc_cert_list_s *ca_cert_list = 0;
369 if(alias == NULL || pkcs12 == NULL) {
370 return CKMC_ERROR_INVALID_PARAMETER;
373 CKM::ManagerShPtr mgr = CKM::Manager::create();
374 if( (ret = mgr->getPKCS12(alias, ShPkcs12)) != CKM_API_SUCCESS) {
375 return to_ckmc_error(ret);
378 pkcs12Ptr = ShPkcs12.get();
380 return CKMC_ERROR_BAD_RESPONSE;
382 if(pkcs12Ptr->getKey())
384 CKM::KeyShPtr helper = pkcs12Ptr->getKey();
386 CKM::RawBuffer buffer = helper->getDER();
387 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(helper->getType()));
388 ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, &private_key);
389 if(ret != CKMC_ERROR_NONE)
393 if(pkcs12Ptr->getCertificate())
395 CKM::CertificateShPtr helper = pkcs12Ptr->getCertificate();
397 CKM::RawBuffer buffer = helper->getDER();
398 ret = ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, &cert);
399 if(ret != CKMC_ERROR_NONE) {
400 ckmc_key_free(private_key);
405 ca_cert_list = _toNewCkmCertList(pkcs12Ptr->getCaCertificateShPtrVector());
407 ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12);
408 if(ret != CKMC_ERROR_NONE)
410 ckmc_key_free(private_key);
411 ckmc_cert_free(cert);
412 ckmc_cert_list_free(ca_cert_list);
418 int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
421 return CKMC_ERROR_INVALID_PARAMETER;
423 CKM::Alias ckmAlias(alias);
425 if(data.data == NULL || data.size <= 0) {
426 return CKMC_ERROR_INVALID_PARAMETER;
428 CKM::RawBuffer buffer(data.data, data.data + data.size);
430 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
432 CKM::ManagerShPtr mgr = CKM::Manager::create();
433 int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
435 return to_ckmc_error(ret);
439 int ckmc_remove_data(const char *alias)
441 return ckmc_remove_alias(alias);
445 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
447 CKM::RawBuffer ckmBuff;
450 if(alias == NULL || data == NULL) {
451 return CKMC_ERROR_INVALID_PARAMETER;
454 CKM::ManagerShPtr mgr = CKM::Manager::create();
455 if( (ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
456 return to_ckmc_error(ret);
459 ret = ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data);
465 int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
468 if(alias_list == NULL) {
469 return CKMC_ERROR_INVALID_PARAMETER;
474 CKM::AliasVector aliasVector;
475 CKM::ManagerShPtr mgr = CKM::Manager::create();
476 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
477 return to_ckmc_error(ret);
480 ckmc_alias_list_s *plist = NULL;
482 for (const auto it : aliasVector) {
483 char *alias = strndup(it.c_str(), it.size());
485 if (plist == NULL) { // first
486 ret = ckmc_alias_list_new(alias, &plist);
487 *alias_list = plist; // save the pointer of the first element
489 ret = ckmc_alias_list_add(plist, alias, &plist);
492 if (ret != CKMC_ERROR_NONE) {
494 ckmc_alias_list_all_free(*alias_list);
499 if(plist == NULL) { // if the alias_list size is zero
500 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
503 return CKMC_ERROR_NONE;
507 int ckmc_create_key_pair_rsa(const size_t size,
508 const char *private_key_alias,
509 const char *public_key_alias,
510 const ckmc_policy_s policy_private_key,
511 const ckmc_policy_s policy_public_key)
514 CKM::ManagerShPtr mgr = CKM::Manager::create();
516 if(private_key_alias == NULL || public_key_alias == NULL) {
517 return CKMC_ERROR_INVALID_PARAMETER;
520 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
521 CKM::Alias ckmPublicKeyAlias(public_key_alias);
522 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
523 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
525 ret = mgr->createKeyPairRSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
526 return to_ckmc_error(ret);
530 int ckmc_create_key_pair_dsa(const size_t size,
531 const char *private_key_alias,
532 const char *public_key_alias,
533 const ckmc_policy_s policy_private_key,
534 const ckmc_policy_s policy_public_key)
537 CKM::ManagerShPtr mgr = CKM::Manager::create();
539 if(private_key_alias == NULL || public_key_alias == NULL) {
540 return CKMC_ERROR_INVALID_PARAMETER;
543 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
544 CKM::Alias ckmPublicKeyAlias(public_key_alias);
545 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
546 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
548 ret = mgr->createKeyPairDSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
549 return to_ckmc_error(ret);
553 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
554 const char *private_key_alias,
555 const char *public_key_alias,
556 const ckmc_policy_s policy_private_key,
557 const ckmc_policy_s policy_public_key)
559 CKM::ManagerShPtr mgr = CKM::Manager::create();
561 if(private_key_alias == NULL || public_key_alias == NULL) {
562 return CKMC_ERROR_INVALID_PARAMETER;
565 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
566 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
567 CKM::Alias ckmPublicKeyAlias(public_key_alias);
568 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
569 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
571 int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
572 return to_ckmc_error(ret);
576 int ckmc_create_signature(const char *private_key_alias,
577 const char *password,
578 const ckmc_raw_buffer_s message,
579 const ckmc_hash_algo_e hash,
580 const ckmc_rsa_padding_algo_e padding,
581 ckmc_raw_buffer_s **signature)
584 CKM::ManagerShPtr mgr = CKM::Manager::create();
585 CKM::RawBuffer ckmSignature;
587 if(private_key_alias == NULL || signature == NULL) {
588 return CKMC_ERROR_INVALID_PARAMETER;
591 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
592 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
593 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
594 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
596 if( (ret = mgr->createSignature(
602 ckmSignature)) != CKM_API_SUCCESS) {
603 return to_ckmc_error(ret);
606 ret = ckmc_buffer_new( ckmSignature.data(), ckmSignature.size(), signature);
612 int ckmc_verify_signature(const char *public_key_alias,
613 const char *password,
614 const ckmc_raw_buffer_s message,
615 const ckmc_raw_buffer_s signature,
616 const ckmc_hash_algo_e hash,
617 const ckmc_rsa_padding_algo_e padding)
620 CKM::ManagerShPtr mgr = CKM::Manager::create();
622 if(public_key_alias == NULL) {
623 return CKMC_ERROR_INVALID_PARAMETER;
626 CKM::Alias ckmPublicKeyAlias(public_key_alias);
627 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
628 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
629 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
630 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
632 if( (ret = mgr->verifySignature(
638 ckmPadding)) != CKM_API_SUCCESS) {
639 return to_ckmc_error(ret);
642 return CKMC_ERROR_NONE;
646 int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
649 CKM::ManagerShPtr mgr = CKM::Manager::create();
650 CKM::CertificateShPtrVector ckmCertChain;
652 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
653 return CKMC_ERROR_INVALID_PARAMETER;
656 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
658 CKM::CertificateShPtrVector ckmUntrustedCerts = _toCkmCertificateVector(untrustedcerts);
660 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, EMPTY_CERT_VECTOR, true, ckmCertChain);
661 if( ret != CKM_API_SUCCESS) {
662 return to_ckmc_error(ret);
665 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
667 return CKMC_ERROR_NONE;
671 int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
674 CKM::ManagerShPtr mgr = CKM::Manager::create();
675 CKM::CertificateShPtrVector ckmCertChain;
678 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
679 return CKMC_ERROR_INVALID_PARAMETER;
682 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
683 if(ckmCert.get() == NULL) {
684 return CKMC_ERROR_INVALID_FORMAT;
687 CKM::AliasVector ckmUntrustedAliases = _toCkmAliasVector(untrustedcerts);
689 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, EMPTY_ALIAS_VECTOR, true, ckmCertChain);
690 if( ret != CKM_API_SUCCESS) {
691 return to_ckmc_error(ret);
694 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
696 return CKMC_ERROR_NONE;
700 int ckmc_get_certificate_chain(const ckmc_cert_s* cert,
701 const ckmc_cert_list_s* untrustedcerts,
702 const ckmc_cert_list_s* trustedcerts,
703 const bool sys_certs,
704 ckmc_cert_list_s** ppcert_chain_list)
707 CKM::ManagerShPtr mgr = CKM::Manager::create();
708 CKM::CertificateShPtrVector ckm_cert_chain;
710 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) {
711 return CKMC_ERROR_INVALID_PARAMETER;
714 CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert);
715 if(ckm_cert.get() == NULL) {
716 return CKMC_ERROR_INVALID_PARAMETER;
719 CKM::CertificateShPtrVector ckm_untrusted = _toCkmCertificateVector(untrustedcerts);
720 CKM::CertificateShPtrVector ckm_trusted = _toCkmCertificateVector(trustedcerts);
722 ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain);
723 if( ret != CKM_API_SUCCESS) {
724 return to_ckmc_error(ret);
727 *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain);
729 return CKMC_ERROR_NONE;
733 int ckmc_get_certificate_chain_with_alias(const ckmc_cert_s* cert,
734 const ckmc_alias_list_s* untrustedcerts,
735 const ckmc_alias_list_s* trustedcerts,
736 const bool sys_certs,
737 ckmc_cert_list_s** ppcert_chain_list)
740 CKM::ManagerShPtr mgr = CKM::Manager::create();
741 CKM::CertificateShPtrVector ckm_cert_chain;
743 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) {
744 return CKMC_ERROR_INVALID_PARAMETER;
747 CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert);
748 if(ckm_cert.get() == NULL) {
749 return CKMC_ERROR_INVALID_PARAMETER;
752 CKM::AliasVector ckm_untrusted = _toCkmAliasVector(untrustedcerts);
753 CKM::AliasVector ckm_trusted = _toCkmAliasVector(trustedcerts);
755 ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain);
756 if( ret != CKM_API_SUCCESS) {
757 return to_ckmc_error(ret);
760 *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain);
762 return CKMC_ERROR_NONE;
766 int ckmc_ocsp_check(const ckmc_cert_list_s *pcert_chain_list, ckmc_ocsp_status_e *ocsp_status)
768 if (pcert_chain_list == NULL
769 || pcert_chain_list->cert == NULL
770 || pcert_chain_list->cert->raw_cert == NULL
771 || pcert_chain_list->cert->cert_size <= 0
772 || ocsp_status == NULL) {
773 return CKMC_ERROR_INVALID_PARAMETER;
776 int ret = CKMC_ERROR_UNKNOWN;
777 int tmpOcspStatus = -1;
778 CKM::ManagerShPtr mgr = CKM::Manager::create();
779 CKM::CertificateShPtrVector ckmCertChain;
780 const ckmc_cert_list_s *current = NULL;
781 const ckmc_cert_list_s *next = pcert_chain_list;
785 next = current->next;
786 if (current->cert == NULL)
789 ckmCertChain.push_back(_toCkmCertificate(current->cert));
790 } while (next != NULL);
792 ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus);
793 *ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus);
794 return to_ckmc_error(ret);
798 int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted)
800 return ckmc_set_permission(alias, accessor, static_cast<int>(granted));
804 int ckmc_set_permission(const char *alias, const char *accessor, int permissions)
806 if (!alias || !accessor)
807 return CKMC_ERROR_INVALID_PARAMETER;
809 CKM::ManagerShPtr mgr = CKM::Manager::create();
810 return to_ckmc_error(mgr->setPermission(alias, accessor, permissions));
814 int ckmc_deny_access(const char *alias, const char *accessor)
816 if (!alias || !accessor)
817 return CKMC_ERROR_INVALID_PARAMETER;
819 CKM::ManagerShPtr mgr = CKM::Manager::create();
820 return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE));
824 int ckmc_remove_alias(const char *alias)
827 return CKMC_ERROR_INVALID_PARAMETER;
829 CKM::ManagerShPtr mgr = CKM::Manager::create();
830 int ret = mgr->removeAlias(alias);
831 return to_ckmc_error(ret);