2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
28 #include <ckmc-type-converter.h>
29 #include <client-common.h>
35 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
36 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
38 CKM::Password _tostring(const char *str)
41 return CKM::Password();
42 return CKM::Password(str);
45 CKM::KeyShPtr _toCkmKey(const ckmc_key_s *key)
49 CKM::RawBuffer buffer(key->raw_key, key->raw_key + key->key_size);
50 return CKM::Key::create(buffer, _tostring(key->password));
52 return CKM::KeyShPtr();
55 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
59 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
60 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
61 return CKM::Certificate::create(buffer, dataFormat);
63 return CKM::CertificateShPtr();
66 CKM::CertificateShPtrVector _toCkmCertificateVector(const ckmc_cert_list_s *list)
68 CKM::CertificateShPtrVector certs;
69 ckmc_cert_list_s *current = const_cast<ckmc_cert_list_s *>(list);
70 while (current != NULL)
72 if (current->cert != NULL)
73 certs.push_back(_toCkmCertificate(current->cert));
74 current = current->next;
79 CKM::AliasVector _toCkmAliasVector(const ckmc_alias_list_s *list)
81 CKM::AliasVector aliases;
82 ckmc_alias_list_s *current = const_cast<ckmc_alias_list_s *>(list);
83 while (current != NULL)
85 if (current->alias != NULL)
86 aliases.push_back(CKM::Alias(current->alias));
87 current = current->next;
92 ckmc_cert_list_s *_toNewCkmCertList(const CKM::CertificateShPtrVector &certVector)
95 ckmc_cert_list_s *start = NULL;
96 ckmc_cert_list_s *plist = NULL;
97 CKM::CertificateShPtrVector::const_iterator it;
98 for(it = certVector.begin(); it != certVector.end(); it++) {
99 CKM::RawBuffer rawBuffer = (*it)->getDER();
100 ckmc_cert_s *pcert = NULL;
101 ret = ckmc_cert_new(rawBuffer.data(), rawBuffer.size(), CKMC_FORM_DER, &pcert);
103 ckmc_cert_list_all_free(start);
107 ret = ckmc_cert_list_new(pcert, &plist);
108 start = plist; // save the pointer of the first element
110 ret = ckmc_cert_list_add(plist, pcert, &plist);
112 if(ret != CKMC_ERROR_NONE) {
113 ckmc_cert_list_all_free(start);
124 int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
126 CKM::ManagerShPtr mgr = CKM::Manager::create();
129 return CKMC_ERROR_INVALID_PARAMETER;
131 CKM::Alias ckmAlias(alias);
133 if(key.raw_key == NULL || key.key_size <= 0) {
134 return CKMC_ERROR_INVALID_PARAMETER;
136 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
137 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
139 if(ckmKey.get() == NULL) {
140 return CKMC_ERROR_INVALID_FORMAT;
143 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
145 int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
146 return to_ckmc_error(ret);
151 int ckmc_remove_key(const char *alias)
153 return ckmc_remove_alias(alias);
157 int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
160 CKM::KeyShPtr ckmKey;
162 if(alias == NULL || key == NULL) {
163 return CKMC_ERROR_INVALID_PARAMETER;
166 CKM::ManagerShPtr mgr = CKM::Manager::create();
167 if( (ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
168 return to_ckmc_error(ret);
171 CKM::RawBuffer buffer = ckmKey->getDER();
172 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
174 ret = ckmc_key_new( buffer.data(), buffer.size(), keyType, NULL, key);
176 return to_ckmc_error(ret);
180 int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
184 if (alias_list == NULL) {
185 return CKMC_ERROR_INVALID_PARAMETER;
188 CKM::AliasVector aliasVector;
189 CKM::ManagerShPtr mgr = CKM::Manager::create();
191 if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
192 return to_ckmc_error(ret);
195 ckmc_alias_list_s *plist = NULL;
197 for (const auto it : aliasVector) {
198 char *alias = strndup(it.c_str(), it.size());
200 if (plist == NULL) { // first
201 ret = ckmc_alias_list_new(alias, &plist);
202 *alias_list = plist; // save the pointer of the first element
204 ret = ckmc_alias_list_add(plist, alias, &plist);
207 if (ret != CKMC_ERROR_NONE) {
209 ckmc_alias_list_all_free(*alias_list);
214 if(plist == NULL) { // if the alias_list size is zero
215 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
218 return CKMC_ERROR_NONE;
222 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
225 return CKMC_ERROR_INVALID_PARAMETER;
227 CKM::Alias ckmAlias(alias);
229 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
230 return CKMC_ERROR_INVALID_PARAMETER;
232 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
233 if(ckmCert.get() == NULL) {
234 return CKMC_ERROR_INVALID_FORMAT;
237 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
239 CKM::ManagerShPtr mgr = CKM::Manager::create();
240 int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
242 return to_ckmc_error(ret);
246 int ckmc_remove_cert(const char *alias)
248 return ckmc_remove_alias(alias);
252 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
254 CKM::CertificateShPtr ckmCert;
257 if(alias == NULL || cert == NULL) {
258 return CKMC_ERROR_INVALID_PARAMETER;
261 CKM::ManagerShPtr mgr = CKM::Manager::create();
262 if( (ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
263 return to_ckmc_error(ret);
266 CKM::RawBuffer buffer = ckmCert->getDER();
267 ret = ckmc_cert_new( buffer.data(), buffer.size(), CKMC_FORM_DER, cert);
273 int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
276 if (alias_list == NULL) {
277 return CKMC_ERROR_INVALID_PARAMETER;
282 CKM::AliasVector aliasVector;
283 CKM::ManagerShPtr mgr = CKM::Manager::create();
284 if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
285 return to_ckmc_error(ret);
288 ckmc_alias_list_s *plist = NULL;
290 for (const auto it : aliasVector) {
291 char *alias = strndup(it.c_str(), it.size());
293 if (plist == NULL) { // first
294 ret = ckmc_alias_list_new(alias, &plist);
295 *alias_list = plist; // save the pointer of the first element
297 ret = ckmc_alias_list_add(plist, alias, &plist);
300 if (ret != CKMC_ERROR_NONE) {
302 ckmc_alias_list_all_free(*alias_list);
307 if(plist == NULL) { // if the alias_list size is zero
308 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
311 return CKMC_ERROR_NONE;
315 int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs, const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy)
317 CKM::KeyShPtr private_key;
318 CKM::CertificateShPtr cert;
319 CKM::CertificateShPtrVector ca_cert_list;
321 if(alias==NULL || ppkcs==NULL) {
322 return CKMC_ERROR_INVALID_PARAMETER;
324 CKM::Alias ckmAlias(alias);
325 private_key = _toCkmKey(ppkcs->priv_key);
326 cert = _toCkmCertificate(ppkcs->cert);
327 ca_cert_list = _toCkmCertificateVector(ppkcs->ca_chain);
329 CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable);
330 CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable);
332 CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list));
334 CKM::ManagerShPtr mgr = CKM::Manager::create();
335 int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy);
337 return to_ckmc_error(ret);
341 int ckmc_remove_pkcs12(const char *alias)
343 return ckmc_remove_alias(alias);
347 int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cert_password, ckmc_pkcs12_s **pkcs12)
350 CKM::PKCS12ShPtr pkcs;
351 CKM::Password keyPass, certPass;
352 ckmc_key_s *private_key = NULL;
353 ckmc_cert_s *cert = NULL;
354 ckmc_cert_list_s *ca_cert_list = 0;
356 if(!alias || !pkcs12) {
357 return CKMC_ERROR_INVALID_PARAMETER;
361 keyPass = key_password;
364 certPass = cert_password;
366 auto mgr = CKM::Manager::create();
368 if((ret = mgr->getPKCS12(alias, keyPass, certPass, pkcs)) != CKM_API_SUCCESS) {
369 return to_ckmc_error(ret);
373 return CKMC_ERROR_BAD_RESPONSE;
375 auto pkcsKey = pkcs->getKey();
378 CKM::RawBuffer buffer = pkcsKey->getDER();
379 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(pkcsKey->getType());
380 ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, &private_key);
381 if(ret != CKMC_ERROR_NONE)
385 auto pkcsCert = pkcs->getCertificate();
388 CKM::RawBuffer buffer = pkcsCert->getDER();
389 ret = ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, &cert);
390 if(ret != CKMC_ERROR_NONE) {
391 ckmc_key_free(private_key);
396 ca_cert_list = _toNewCkmCertList(pkcs->getCaCertificateShPtrVector());
398 ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12);
399 if(ret != CKMC_ERROR_NONE)
401 ckmc_key_free(private_key);
402 ckmc_cert_free(cert);
403 ckmc_cert_list_free(ca_cert_list);
410 int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
413 return CKMC_ERROR_INVALID_PARAMETER;
415 CKM::Alias ckmAlias(alias);
417 if(data.data == NULL || data.size <= 0) {
418 return CKMC_ERROR_INVALID_PARAMETER;
420 CKM::RawBuffer buffer(data.data, data.data + data.size);
422 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
424 CKM::ManagerShPtr mgr = CKM::Manager::create();
425 int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
427 return to_ckmc_error(ret);
431 int ckmc_remove_data(const char *alias)
433 return ckmc_remove_alias(alias);
437 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
439 CKM::RawBuffer ckmBuff;
442 if(alias == NULL || data == NULL) {
443 return CKMC_ERROR_INVALID_PARAMETER;
446 CKM::ManagerShPtr mgr = CKM::Manager::create();
447 if( (ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
448 return to_ckmc_error(ret);
451 ret = ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data);
457 int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
460 if(alias_list == NULL) {
461 return CKMC_ERROR_INVALID_PARAMETER;
466 CKM::AliasVector aliasVector;
467 CKM::ManagerShPtr mgr = CKM::Manager::create();
468 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
469 return to_ckmc_error(ret);
472 ckmc_alias_list_s *plist = NULL;
474 for (const auto it : aliasVector) {
475 char *alias = strndup(it.c_str(), it.size());
477 if (plist == NULL) { // first
478 ret = ckmc_alias_list_new(alias, &plist);
479 *alias_list = plist; // save the pointer of the first element
481 ret = ckmc_alias_list_add(plist, alias, &plist);
484 if (ret != CKMC_ERROR_NONE) {
486 ckmc_alias_list_all_free(*alias_list);
491 if(plist == NULL) { // if the alias_list size is zero
492 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
495 return CKMC_ERROR_NONE;
499 int ckmc_create_key_pair_rsa(const size_t size,
500 const char *private_key_alias,
501 const char *public_key_alias,
502 const ckmc_policy_s policy_private_key,
503 const ckmc_policy_s policy_public_key)
506 CKM::ManagerShPtr mgr = CKM::Manager::create();
508 if(private_key_alias == NULL || public_key_alias == NULL) {
509 return CKMC_ERROR_INVALID_PARAMETER;
512 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
513 CKM::Alias ckmPublicKeyAlias(public_key_alias);
514 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
515 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
517 ret = mgr->createKeyPairRSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
518 return to_ckmc_error(ret);
522 int ckmc_create_key_pair_dsa(const size_t size,
523 const char *private_key_alias,
524 const char *public_key_alias,
525 const ckmc_policy_s policy_private_key,
526 const ckmc_policy_s policy_public_key)
529 CKM::ManagerShPtr mgr = CKM::Manager::create();
531 if(private_key_alias == NULL || public_key_alias == NULL) {
532 return CKMC_ERROR_INVALID_PARAMETER;
535 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
536 CKM::Alias ckmPublicKeyAlias(public_key_alias);
537 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
538 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
540 ret = mgr->createKeyPairDSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
541 return to_ckmc_error(ret);
545 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
546 const char *private_key_alias,
547 const char *public_key_alias,
548 const ckmc_policy_s policy_private_key,
549 const ckmc_policy_s policy_public_key)
551 CKM::ManagerShPtr mgr = CKM::Manager::create();
553 if(private_key_alias == NULL || public_key_alias == NULL) {
554 return CKMC_ERROR_INVALID_PARAMETER;
557 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
558 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
559 CKM::Alias ckmPublicKeyAlias(public_key_alias);
560 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
561 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
563 int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
564 return to_ckmc_error(ret);
568 int ckmc_create_signature(const char *private_key_alias,
569 const char *password,
570 const ckmc_raw_buffer_s message,
571 const ckmc_hash_algo_e hash,
572 const ckmc_rsa_padding_algo_e padding,
573 ckmc_raw_buffer_s **signature)
576 CKM::ManagerShPtr mgr = CKM::Manager::create();
577 CKM::RawBuffer ckmSignature;
579 if(private_key_alias == NULL || signature == NULL) {
580 return CKMC_ERROR_INVALID_PARAMETER;
583 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
584 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
585 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
586 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
588 if( (ret = mgr->createSignature(
594 ckmSignature)) != CKM_API_SUCCESS) {
595 return to_ckmc_error(ret);
598 ret = ckmc_buffer_new( ckmSignature.data(), ckmSignature.size(), signature);
604 int ckmc_verify_signature(const char *public_key_alias,
605 const char *password,
606 const ckmc_raw_buffer_s message,
607 const ckmc_raw_buffer_s signature,
608 const ckmc_hash_algo_e hash,
609 const ckmc_rsa_padding_algo_e padding)
612 CKM::ManagerShPtr mgr = CKM::Manager::create();
614 if(public_key_alias == NULL) {
615 return CKMC_ERROR_INVALID_PARAMETER;
618 CKM::Alias ckmPublicKeyAlias(public_key_alias);
619 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
620 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
621 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
622 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
624 if( (ret = mgr->verifySignature(
630 ckmPadding)) != CKM_API_SUCCESS) {
631 return to_ckmc_error(ret);
634 return CKMC_ERROR_NONE;
638 int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
641 CKM::ManagerShPtr mgr = CKM::Manager::create();
642 CKM::CertificateShPtrVector ckmCertChain;
644 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
645 return CKMC_ERROR_INVALID_PARAMETER;
648 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
650 CKM::CertificateShPtrVector ckmUntrustedCerts = _toCkmCertificateVector(untrustedcerts);
652 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, EMPTY_CERT_VECTOR, true, ckmCertChain);
653 if( ret != CKM_API_SUCCESS) {
654 return to_ckmc_error(ret);
657 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
659 return CKMC_ERROR_NONE;
663 int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
666 CKM::ManagerShPtr mgr = CKM::Manager::create();
667 CKM::CertificateShPtrVector ckmCertChain;
670 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
671 return CKMC_ERROR_INVALID_PARAMETER;
674 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
675 if(ckmCert.get() == NULL) {
676 return CKMC_ERROR_INVALID_FORMAT;
679 CKM::AliasVector ckmUntrustedAliases = _toCkmAliasVector(untrustedcerts);
681 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, EMPTY_ALIAS_VECTOR, true, ckmCertChain);
682 if( ret != CKM_API_SUCCESS) {
683 return to_ckmc_error(ret);
686 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
688 return CKMC_ERROR_NONE;
692 int ckmc_get_cert_chain_with_trustedcert(const ckmc_cert_s* cert,
693 const ckmc_cert_list_s* untrustedcerts,
694 const ckmc_cert_list_s* trustedcerts,
695 const bool sys_certs,
696 ckmc_cert_list_s** ppcert_chain_list)
699 CKM::ManagerShPtr mgr = CKM::Manager::create();
700 CKM::CertificateShPtrVector ckm_cert_chain;
702 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) {
703 return CKMC_ERROR_INVALID_PARAMETER;
706 CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert);
707 if(ckm_cert.get() == NULL) {
708 return CKMC_ERROR_INVALID_PARAMETER;
711 CKM::CertificateShPtrVector ckm_untrusted = _toCkmCertificateVector(untrustedcerts);
712 CKM::CertificateShPtrVector ckm_trusted = _toCkmCertificateVector(trustedcerts);
714 ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain);
715 if( ret != CKM_API_SUCCESS) {
716 return to_ckmc_error(ret);
719 *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain);
721 return CKMC_ERROR_NONE;
725 int ckmc_get_cert_chain_with_trustedcert_alias(const ckmc_cert_s* cert,
726 const ckmc_alias_list_s* untrustedcerts,
727 const ckmc_alias_list_s* trustedcerts,
728 const bool sys_certs,
729 ckmc_cert_list_s** ppcert_chain_list)
732 CKM::ManagerShPtr mgr = CKM::Manager::create();
733 CKM::CertificateShPtrVector ckm_cert_chain;
735 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) {
736 return CKMC_ERROR_INVALID_PARAMETER;
739 CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert);
740 if(ckm_cert.get() == NULL) {
741 return CKMC_ERROR_INVALID_PARAMETER;
744 CKM::AliasVector ckm_untrusted = _toCkmAliasVector(untrustedcerts);
745 CKM::AliasVector ckm_trusted = _toCkmAliasVector(trustedcerts);
747 ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain);
748 if( ret != CKM_API_SUCCESS) {
749 return to_ckmc_error(ret);
752 *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain);
754 return CKMC_ERROR_NONE;
758 int ckmc_ocsp_check(const ckmc_cert_list_s *pcert_chain_list, ckmc_ocsp_status_e *ocsp_status)
760 if (pcert_chain_list == NULL
761 || pcert_chain_list->cert == NULL
762 || pcert_chain_list->cert->raw_cert == NULL
763 || pcert_chain_list->cert->cert_size <= 0
764 || ocsp_status == NULL) {
765 return CKMC_ERROR_INVALID_PARAMETER;
768 int ret = CKMC_ERROR_UNKNOWN;
769 int tmpOcspStatus = -1;
770 CKM::ManagerShPtr mgr = CKM::Manager::create();
771 CKM::CertificateShPtrVector ckmCertChain = _toCkmCertificateVector(pcert_chain_list);
773 ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus);
774 *ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus);
775 return to_ckmc_error(ret);
779 int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted)
781 int ec, permissionMask;
782 ec = access_to_permission_mask(granted, permissionMask);
783 if(ec != CKMC_ERROR_NONE)
786 return ckmc_set_permission(alias, accessor, permissionMask);
790 int ckmc_set_permission(const char *alias, const char *accessor, int permissions)
792 if (!alias || !accessor)
793 return CKMC_ERROR_INVALID_PARAMETER;
795 CKM::ManagerShPtr mgr = CKM::Manager::create();
796 return to_ckmc_error(mgr->setPermission(alias, accessor, permissions));
800 int ckmc_deny_access(const char *alias, const char *accessor)
802 if (!alias || !accessor)
803 return CKMC_ERROR_INVALID_PARAMETER;
805 CKM::ManagerShPtr mgr = CKM::Manager::create();
806 return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE));
810 int ckmc_remove_alias(const char *alias)
813 return CKMC_ERROR_INVALID_PARAMETER;
815 CKM::ManagerShPtr mgr = CKM::Manager::create();
816 int ret = mgr->removeAlias(alias);
817 return to_ckmc_error(ret);
821 int ckmc_encrypt_data(const ckmc_param_list_s */*params*/,
822 const char */*key_alias*/,
823 const char */*password*/,
824 const ckmc_raw_buffer_s /*decrypted*/,
825 ckmc_raw_buffer_s **/*ppencrypted*/)
828 return CKMC_ERROR_UNKNOWN;
832 int ckmc_decrypt_data(const ckmc_param_list_s */*params*/,
833 const char */*key_alias*/,
834 const char */*password*/,
835 const ckmc_raw_buffer_s /* encrypted*/,
836 ckmc_raw_buffer_s **/*ppdecrypted*/)
839 return CKMC_ERROR_UNKNOWN;