2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
31 bool _toBool(ckmc_bool ckmBool)
33 if(ckmBool == CKMC_TRUE) {
39 std::string _tostring(const char *str)
43 return std::string(str);
46 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert *cert)
48 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
49 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
50 return CKM::Certificate::create(buffer, dataFormat);
53 ckmc_cert_list *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
55 ckmc_cert_list *start = NULL;
56 ckmc_cert_list *plist = NULL;
57 CKM::CertificateShPtrVector::iterator it;
58 for(it = certVector.begin(); it != certVector.end(); it++) {
59 CKM::RawBuffer rawBuffer = (*it)->getDER();
60 unsigned char *rawCert = (unsigned char *) malloc(rawBuffer.size());
61 memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
62 ckmc_cert *pcert = ckmc_cert_new( rawCert, rawBuffer.size(), CKMC_FORM_DER);
67 plist = ckmc_cert_list_new(pcert);
68 start = plist; // save the pointer of the first element
70 plist = ckmc_cert_list_add(plist, pcert);
77 int ckmc_save_key(const char *alias, const ckmc_key key, const ckmc_policy policy)
79 CKM::ManagerShPtr mgr = CKM::Manager::create();
82 return CKMC_API_ERROR_INPUT_PARAM;
84 CKM::Alias ckmAlias(alias);
86 if(key.raw_key == NULL || key.key_size <= 0) {
87 return CKMC_API_ERROR_INPUT_PARAM;
89 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
90 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
92 if(ckmKey.get() == NULL) {
93 return CKMC_API_ERROR_INVALID_FORMAT;
96 CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
98 return mgr->saveKey(ckmAlias, ckmKey, storePolicy);
103 int ckmc_remove_key(const char *alias)
105 CKM::ManagerShPtr mgr = CKM::Manager::create();
108 return CKMC_API_ERROR_INPUT_PARAM;
110 CKM::Alias ckmAlias(alias);
112 return mgr->removeKey(ckmAlias);
116 int ckmc_get_key(const char *alias, const char *password, ckmc_key **key)
119 CKM::KeyShPtr ckmKey;
121 if(alias == NULL || key == NULL) {
122 return CKMC_API_ERROR_INPUT_PARAM;
124 CKM::Alias ckmAlias(alias);
126 CKM::ManagerShPtr mgr = CKM::Manager::create();
127 if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKMC_API_SUCCESS) {
131 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
132 ckmc_key_type keyType = static_cast<ckmc_key_type>(static_cast<int>(ckmKey->getType()));
133 *key = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL);
135 return CKMC_API_ERROR_OUT_OF_MEMORY;
137 return CKMC_API_SUCCESS;
142 int ckmc_get_key_alias_list(ckmc_alias_list** alias_list)
146 if(alias_list == NULL) {
147 return CKMC_API_ERROR_INPUT_PARAM;
150 CKM::AliasVector aliasVector;
151 CKM::ManagerShPtr mgr = CKM::Manager::create();
152 if( (ret = mgr->getKeyAliasVector(aliasVector)) != CKMC_API_SUCCESS) {
156 ckmc_alias_list *plist = NULL;
157 CKM::AliasVector::iterator it;
158 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
159 char *alias = (char *)malloc(it->size() + 1);
160 memset(alias, 0, it->size() +1 );
161 memcpy(alias, it->c_str(), it->size());
162 if(plist == NULL) { // first
163 plist = ckmc_alias_list_new(alias);
164 *alias_list = plist; // save the pointer of the first element
166 plist = ckmc_alias_list_add(plist, alias);
170 return CKMC_API_SUCCESS;
174 int ckmc_save_cert(const char *alias, const ckmc_cert cert, const ckmc_policy policy)
177 return CKMC_API_ERROR_INPUT_PARAM;
179 CKM::Alias ckmAlias(alias);
181 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
182 return CKMC_API_ERROR_INPUT_PARAM;
184 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
185 if(ckmCert.get() == NULL) {
186 return CKMC_API_ERROR_INVALID_FORMAT;
189 CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
191 CKM::ManagerShPtr mgr = CKM::Manager::create();
192 return mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
196 int ckmc_remove_cert(const char *alias)
199 return CKMC_API_ERROR_INPUT_PARAM;
201 CKM::Alias ckmAlias(alias);
203 CKM::ManagerShPtr mgr = CKM::Manager::create();
204 return mgr->removeCertificate(ckmAlias);
208 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert **cert)
210 CKM::CertificateShPtr ckmCert;
213 if(alias == NULL || cert == NULL) {
214 return CKMC_API_ERROR_INPUT_PARAM;
216 CKM::Alias ckmAlias(alias);
218 CKM::ManagerShPtr mgr = CKM::Manager::create();
219 if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKMC_API_SUCCESS) {
223 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
224 *cert = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER);
226 return CKMC_API_ERROR_OUT_OF_MEMORY;
228 return CKMC_API_SUCCESS;
233 int ckmc_get_cert_alias_list(ckmc_alias_list** alias_list) {
236 if(alias_list == NULL) {
237 return CKMC_API_ERROR_INPUT_PARAM;
240 CKM::AliasVector aliasVector;
241 CKM::ManagerShPtr mgr = CKM::Manager::create();
242 if( (ret = mgr->getCertificateAliasVector(aliasVector)) != CKMC_API_SUCCESS) {
246 ckmc_alias_list *plist = NULL;
247 CKM::AliasVector::iterator it;
248 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
249 char *alias = (char *)malloc(it->size() + 1);
250 memset(alias, 0, it->size() +1 );
251 memcpy(alias, it->c_str(), it->size());
252 if(plist == NULL) { // first
253 plist = ckmc_alias_list_new(alias);
254 *alias_list = plist; // save the pointer of the first element
256 plist = ckmc_alias_list_add(plist, alias);
260 return CKMC_API_SUCCESS;
264 int ckmc_save_data(const char *alias, ckmc_raw_buffer data, const ckmc_policy policy)
267 return CKMC_API_ERROR_INPUT_PARAM;
269 CKM::Alias ckmAlias(alias);
271 if(data.data == NULL || data.size <= 0) {
272 return CKMC_API_ERROR_INPUT_PARAM;
274 CKM::RawBuffer buffer(data.data, data.data + data.size);
276 CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
278 CKM::ManagerShPtr mgr = CKM::Manager::create();
279 return mgr->saveData(ckmAlias, buffer, storePolicy);
283 int ckmc_remove_data(const char *alias)
286 return CKMC_API_ERROR_INPUT_PARAM;
288 CKM::Alias ckmAlias(alias);
290 CKM::ManagerShPtr mgr = CKM::Manager::create();
291 return mgr->removeData(ckmAlias);
295 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer **data)
297 CKM::RawBuffer ckmBuff;
300 if(alias == NULL || data == NULL) {
301 return CKMC_API_ERROR_INPUT_PARAM;
303 CKM::Alias ckmAlias(alias);
305 CKM::ManagerShPtr mgr = CKM::Manager::create();
306 if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKMC_API_SUCCESS) {
310 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
311 *data = ckmc_buffer_new( rawBuff, ckmBuff.size());
313 return CKMC_API_ERROR_OUT_OF_MEMORY;
315 return CKMC_API_SUCCESS;
320 int ckmc_get_data_alias_list(ckmc_alias_list** alias_list){
323 if(alias_list == NULL) {
324 return CKMC_API_ERROR_INPUT_PARAM;
327 CKM::AliasVector aliasVector;
328 CKM::ManagerShPtr mgr = CKM::Manager::create();
329 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKMC_API_SUCCESS) {
333 ckmc_alias_list *plist = NULL;
334 CKM::AliasVector::iterator it;
335 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
336 char *alias = (char *)malloc(it->size() + 1);
337 memset(alias, 0, it->size() +1 );
338 memcpy(alias, it->c_str(), it->size());
339 if(plist == NULL) { // first
340 plist = ckmc_alias_list_new(alias);
341 *alias_list = plist; // save the pointer of the first element
343 plist = ckmc_alias_list_add(plist, alias);
347 return CKMC_API_SUCCESS;
351 int ckmc_create_key_pair_rsa(const size_t size,
352 const char *private_key_alias,
353 const char *public_key_alias,
354 const ckmc_policy policy_private_key,
355 const ckmc_policy policy_public_key)
358 CKM::ManagerShPtr mgr = CKM::Manager::create();
360 if(private_key_alias == NULL || public_key_alias == NULL) {
361 return CKMC_API_ERROR_INPUT_PARAM;
364 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
365 CKM::Alias ckmPublicKeyAlias(public_key_alias);
366 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
367 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
369 if( (ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
370 != CKMC_API_SUCCESS) {
374 return CKMC_API_SUCCESS;
378 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type type,
379 const char *private_key_alias,
380 const char *public_key_alias,
381 const ckmc_policy policy_private_key,
382 const ckmc_policy policy_public_key)
384 CKM::ManagerShPtr mgr = CKM::Manager::create();
386 if(private_key_alias == NULL || public_key_alias == NULL) {
387 return CKMC_API_ERROR_INPUT_PARAM;
390 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
391 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
392 CKM::Alias ckmPublicKeyAlias(public_key_alias);
393 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
394 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
396 return mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
400 int ckmc_create_signature(const char *private_key_alias,
401 const char *password,
402 const ckmc_raw_buffer message,
403 const ckmc_hash_algo hash,
404 const ckmc_rsa_padding_algo padding,
405 ckmc_raw_buffer **signature)
408 CKM::ManagerShPtr mgr = CKM::Manager::create();
409 CKM::RawBuffer ckmSignature;
411 if(private_key_alias == NULL || signature == NULL) {
412 return CKMC_API_ERROR_INPUT_PARAM;
415 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
416 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
417 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
418 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
420 if( (ret = mgr->createSignature(
426 ckmSignature)) != CKMC_API_SUCCESS) {
430 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
431 *signature = ckmc_buffer_new( rawBuff, ckmSignature.size());
432 if(*signature == NULL) {
433 return CKMC_API_ERROR_OUT_OF_MEMORY;
435 return CKMC_API_SUCCESS;
438 return CKMC_API_SUCCESS;
442 int ckmc_verify_signature(const char *public_key_alias,
443 const char *password,
444 const ckmc_raw_buffer message,
445 const ckmc_raw_buffer signature,
446 const ckmc_hash_algo hash,
447 const ckmc_rsa_padding_algo padding)
450 CKM::ManagerShPtr mgr = CKM::Manager::create();
452 if(public_key_alias == NULL) {
453 return CKMC_API_ERROR_INPUT_PARAM;
456 CKM::Alias ckmPublicKeyAlias(public_key_alias);
457 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
458 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
459 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
460 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
462 if( (ret = mgr->verifySignature(
468 ckmPadding)) != CKMC_API_SUCCESS) {
472 return CKMC_API_SUCCESS;
476 int ckmc_get_cert_chain(const ckmc_cert *cert, const ckmc_cert_list *untrustedcerts, ckmc_cert_list **cert_chain_list)
479 CKM::ManagerShPtr mgr = CKM::Manager::create();
480 CKM::CertificateShPtrVector ckmCertChain;
482 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
483 return CKMC_API_ERROR_INPUT_PARAM;
486 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
488 CKM::CertificateShPtrVector ckmUntrustedCerts;
489 if(untrustedcerts != NULL) {
490 ckmc_cert_list *current = NULL;
491 ckmc_cert_list *next = const_cast<ckmc_cert_list *>(untrustedcerts);
494 next = current->next;
496 if(current->cert == NULL){
500 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
501 ckmUntrustedCerts.push_back(tmpCkmCert);
502 }while(next != NULL);
505 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
506 if( ret != CKMC_API_SUCCESS) {
510 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
512 return CKMC_API_SUCCESS;
516 int ckmc_get_cert_chain_with_alias(const ckmc_cert *cert, const ckmc_alias_list *untrustedcerts, ckmc_cert_list **cert_chain_list)
519 CKM::ManagerShPtr mgr = CKM::Manager::create();
520 CKM::CertificateShPtrVector ckmCertChain;
523 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
524 return CKMC_API_ERROR_INPUT_PARAM;
527 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
528 if(ckmCert.get() == NULL) {
529 return CKMC_API_ERROR_INVALID_FORMAT;
532 CKM::AliasVector ckmUntrustedAliases;
533 if(untrustedcerts != NULL) {
534 ckmc_alias_list *current = NULL;
535 ckmc_alias_list *next = const_cast<ckmc_alias_list *>(untrustedcerts);
538 next = current->next;
540 if(current->alias == NULL){
541 return CKMC_API_ERROR_INPUT_PARAM;
543 CKM::Alias ckmAlias(current->alias);
544 ckmUntrustedAliases.push_back(ckmAlias);
545 }while(next != NULL);
548 if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKMC_API_SUCCESS) {
552 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
554 return CKMC_API_SUCCESS;