2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
28 #include <ckmc-type-converter.h>
29 #include <client-common.h>
35 CKM::Password _tostring(const char *str)
38 return CKM::Password();
39 return CKM::Password(str);
42 CKM::KeyShPtr _toCkmKey(const ckmc_key_s *key)
46 CKM::RawBuffer buffer(key->raw_key, key->raw_key + key->key_size);
47 return CKM::Key::create(buffer, _tostring(key->password));
49 return CKM::KeyShPtr();
52 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
56 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
57 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
58 return CKM::Certificate::create(buffer, dataFormat);
60 return CKM::CertificateShPtr();
63 ckmc_cert_list_s *_toNewCkmCertList(const CKM::CertificateShPtrVector &certVector)
66 ckmc_cert_list_s *start = NULL;
67 ckmc_cert_list_s *plist = NULL;
68 CKM::CertificateShPtrVector::const_iterator it;
69 for(it = certVector.begin(); it != certVector.end(); it++) {
70 CKM::RawBuffer rawBuffer = (*it)->getDER();
71 unsigned char *rawCert = static_cast<unsigned char *>(malloc(rawBuffer.size()));
72 memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
74 ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
77 ckmc_cert_list_all_free(start);
81 ret = ckmc_cert_list_new(pcert, &plist);
82 start = plist; // save the pointer of the first element
84 ret = ckmc_cert_list_add(plist, pcert, &plist);
86 if(ret != CKMC_ERROR_NONE) {
87 ckmc_cert_list_all_free(start);
98 int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
100 CKM::ManagerShPtr mgr = CKM::Manager::create();
103 return CKMC_ERROR_INVALID_PARAMETER;
105 CKM::Alias ckmAlias(alias);
107 if(key.raw_key == NULL || key.key_size <= 0) {
108 return CKMC_ERROR_INVALID_PARAMETER;
110 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
111 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
113 if(ckmKey.get() == NULL) {
114 return CKMC_ERROR_INVALID_FORMAT;
117 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
119 int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
120 return to_ckmc_error(ret);
125 int ckmc_remove_key(const char *alias)
127 CKM::ManagerShPtr mgr = CKM::Manager::create();
130 return CKMC_ERROR_INVALID_PARAMETER;
133 int ret = mgr->removeAlias(alias);
134 return to_ckmc_error(ret);
138 int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
141 CKM::KeyShPtr ckmKey;
143 if(alias == NULL || key == NULL) {
144 return CKMC_ERROR_INVALID_PARAMETER;
147 CKM::ManagerShPtr mgr = CKM::Manager::create();
148 if( (ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
149 return to_ckmc_error(ret);
152 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
153 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
155 ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
157 return to_ckmc_error(ret);
161 int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
165 if (alias_list == NULL) {
166 return CKMC_ERROR_INVALID_PARAMETER;
169 CKM::AliasVector aliasVector;
170 CKM::ManagerShPtr mgr = CKM::Manager::create();
172 if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
173 return to_ckmc_error(ret);
176 ckmc_alias_list_s *plist = NULL;
178 for (const auto it : aliasVector) {
179 char *alias = strndup(it.c_str(), it.size());
181 if (plist == NULL) { // first
182 ret = ckmc_alias_list_new(alias, &plist);
183 *alias_list = plist; // save the pointer of the first element
185 ret = ckmc_alias_list_add(plist, alias, &plist);
188 if (ret != CKMC_ERROR_NONE) {
190 ckmc_alias_list_all_free(*alias_list);
195 if(plist == NULL) { // if the alias_list size is zero
196 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
199 return CKMC_ERROR_NONE;
203 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
206 return CKMC_ERROR_INVALID_PARAMETER;
208 CKM::Alias ckmAlias(alias);
210 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
211 return CKMC_ERROR_INVALID_PARAMETER;
213 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
214 if(ckmCert.get() == NULL) {
215 return CKMC_ERROR_INVALID_FORMAT;
218 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
220 CKM::ManagerShPtr mgr = CKM::Manager::create();
221 int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
223 return to_ckmc_error(ret);
227 int ckmc_remove_cert(const char *alias)
230 return CKMC_ERROR_INVALID_PARAMETER;
233 CKM::ManagerShPtr mgr = CKM::Manager::create();
234 int ret = mgr->removeAlias(alias);
236 return to_ckmc_error(ret);
240 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
242 CKM::CertificateShPtr ckmCert;
245 if(alias == NULL || cert == NULL) {
246 return CKMC_ERROR_INVALID_PARAMETER;
249 CKM::ManagerShPtr mgr = CKM::Manager::create();
250 if( (ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
251 return to_ckmc_error(ret);
254 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
255 ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
261 int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
264 if (alias_list == NULL) {
265 return CKMC_ERROR_INVALID_PARAMETER;
270 CKM::AliasVector aliasVector;
271 CKM::ManagerShPtr mgr = CKM::Manager::create();
272 if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
273 return to_ckmc_error(ret);
276 ckmc_alias_list_s *plist = NULL;
278 for (const auto it : aliasVector) {
279 char *alias = strndup(it.c_str(), it.size());
281 if (plist == NULL) { // first
282 ret = ckmc_alias_list_new(alias, &plist);
283 *alias_list = plist; // save the pointer of the first element
285 ret = ckmc_alias_list_add(plist, alias, &plist);
288 if (ret != CKMC_ERROR_NONE) {
290 ckmc_alias_list_all_free(*alias_list);
295 if(plist == NULL) { // if the alias_list size is zero
296 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
299 return CKMC_ERROR_NONE;
303 int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs, const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy)
305 CKM::KeyShPtr private_key;
306 CKM::CertificateShPtr cert;
307 CKM::CertificateShPtrVector ca_cert_list;
309 if(alias==NULL || ppkcs==NULL) {
310 return CKMC_ERROR_INVALID_PARAMETER;
312 CKM::Alias ckmAlias(alias);
314 private_key = _toCkmKey(ppkcs->priv_key);
315 cert = _toCkmCertificate(ppkcs->cert);
316 ckmc_cert_list_s *current = NULL;
317 ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(ppkcs->ca_chain);
320 next = current->next;
322 if(current->cert == NULL){
326 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
327 ca_cert_list.push_back(tmpCkmCert);
328 }while(next != NULL);
330 CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable);
331 CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable);
333 CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list));
335 CKM::ManagerShPtr mgr = CKM::Manager::create();
336 int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy);
338 return to_ckmc_error(ret);
342 int ckmc_remove_pkcs12(const char *alias)
345 return CKMC_ERROR_INVALID_PARAMETER;
348 CKM::ManagerShPtr mgr = CKM::Manager::create();
349 int ret = mgr->removeAlias(alias);
350 return to_ckmc_error(ret);
354 int ckmc_get_pkcs12(const char *alias, ckmc_pkcs12_s **pkcs12)
357 CKM::PKCS12ShPtr ShPkcs12;
358 CKM::PKCS12 *pkcs12Ptr = NULL;
359 ckmc_key_s *private_key = NULL;
360 ckmc_cert_s *cert = NULL;
361 ckmc_cert_list_s *ca_cert_list = 0;
363 if(alias == NULL || pkcs12 == NULL) {
364 return CKMC_ERROR_INVALID_PARAMETER;
367 CKM::ManagerShPtr mgr = CKM::Manager::create();
368 if( (ret = mgr->getPKCS12(alias, ShPkcs12)) != CKM_API_SUCCESS) {
369 return to_ckmc_error(ret);
372 pkcs12Ptr = ShPkcs12.get();
374 return CKMC_ERROR_BAD_RESPONSE;
376 if(pkcs12Ptr->getKey())
378 CKM::KeyShPtr helper = pkcs12Ptr->getKey();
380 unsigned char *rawKey = reinterpret_cast<unsigned char*>(helper->getDER().data());
381 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(helper->getType()));
382 ret = ckmc_key_new(rawKey, helper->getDER().size(), keyType, NULL, &private_key);
383 if(ret != CKMC_ERROR_NONE)
387 if(pkcs12Ptr->getCertificate())
389 CKM::CertificateShPtr helper = pkcs12Ptr->getCertificate();
391 unsigned char *rawCert = reinterpret_cast<unsigned char*>(helper->getDER().data());
392 ret = ckmc_cert_new(rawCert, helper->getDER().size(), CKMC_FORM_DER, &cert);
393 if(ret != CKMC_ERROR_NONE) {
394 ckmc_key_free(private_key);
399 ca_cert_list = _toNewCkmCertList(pkcs12Ptr->getCaCertificateShPtrVector());
401 ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12);
402 if(ret != CKMC_ERROR_NONE)
404 ckmc_key_free(private_key);
405 ckmc_cert_free(cert);
406 ckmc_cert_list_free(ca_cert_list);
412 int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
415 return CKMC_ERROR_INVALID_PARAMETER;
417 CKM::Alias ckmAlias(alias);
419 if(data.data == NULL || data.size <= 0) {
420 return CKMC_ERROR_INVALID_PARAMETER;
422 CKM::RawBuffer buffer(data.data, data.data + data.size);
424 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
426 CKM::ManagerShPtr mgr = CKM::Manager::create();
427 int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
429 return to_ckmc_error(ret);
433 int ckmc_remove_data(const char *alias)
436 return CKMC_ERROR_INVALID_PARAMETER;
439 CKM::ManagerShPtr mgr = CKM::Manager::create();
440 int ret = mgr->removeAlias(alias);
441 return to_ckmc_error(ret);
445 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
447 CKM::RawBuffer ckmBuff;
450 if(alias == NULL || data == NULL) {
451 return CKMC_ERROR_INVALID_PARAMETER;
454 CKM::ManagerShPtr mgr = CKM::Manager::create();
455 if( (ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
456 return to_ckmc_error(ret);
459 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
460 ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
466 int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
469 if(alias_list == NULL) {
470 return CKMC_ERROR_INVALID_PARAMETER;
475 CKM::AliasVector aliasVector;
476 CKM::ManagerShPtr mgr = CKM::Manager::create();
477 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
478 return to_ckmc_error(ret);
481 ckmc_alias_list_s *plist = NULL;
483 for (const auto it : aliasVector) {
484 char *alias = strndup(it.c_str(), it.size());
486 if (plist == NULL) { // first
487 ret = ckmc_alias_list_new(alias, &plist);
488 *alias_list = plist; // save the pointer of the first element
490 ret = ckmc_alias_list_add(plist, alias, &plist);
493 if (ret != CKMC_ERROR_NONE) {
495 ckmc_alias_list_all_free(*alias_list);
500 if(plist == NULL) { // if the alias_list size is zero
501 return CKMC_ERROR_DB_ALIAS_UNKNOWN;
504 return CKMC_ERROR_NONE;
508 int ckmc_create_key_pair_rsa(const size_t size,
509 const char *private_key_alias,
510 const char *public_key_alias,
511 const ckmc_policy_s policy_private_key,
512 const ckmc_policy_s policy_public_key)
515 CKM::ManagerShPtr mgr = CKM::Manager::create();
517 if(private_key_alias == NULL || public_key_alias == NULL) {
518 return CKMC_ERROR_INVALID_PARAMETER;
521 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
522 CKM::Alias ckmPublicKeyAlias(public_key_alias);
523 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
524 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
526 ret = mgr->createKeyPairRSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
527 return to_ckmc_error(ret);
531 int ckmc_create_key_pair_dsa(const size_t size,
532 const char *private_key_alias,
533 const char *public_key_alias,
534 const ckmc_policy_s policy_private_key,
535 const ckmc_policy_s policy_public_key)
538 CKM::ManagerShPtr mgr = CKM::Manager::create();
540 if(private_key_alias == NULL || public_key_alias == NULL) {
541 return CKMC_ERROR_INVALID_PARAMETER;
544 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
545 CKM::Alias ckmPublicKeyAlias(public_key_alias);
546 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
547 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
549 ret = mgr->createKeyPairDSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
550 return to_ckmc_error(ret);
554 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
555 const char *private_key_alias,
556 const char *public_key_alias,
557 const ckmc_policy_s policy_private_key,
558 const ckmc_policy_s policy_public_key)
560 CKM::ManagerShPtr mgr = CKM::Manager::create();
562 if(private_key_alias == NULL || public_key_alias == NULL) {
563 return CKMC_ERROR_INVALID_PARAMETER;
566 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
567 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
568 CKM::Alias ckmPublicKeyAlias(public_key_alias);
569 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
570 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
572 int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
573 return to_ckmc_error(ret);
577 int ckmc_create_signature(const char *private_key_alias,
578 const char *password,
579 const ckmc_raw_buffer_s message,
580 const ckmc_hash_algo_e hash,
581 const ckmc_rsa_padding_algo_e padding,
582 ckmc_raw_buffer_s **signature)
585 CKM::ManagerShPtr mgr = CKM::Manager::create();
586 CKM::RawBuffer ckmSignature;
588 if(private_key_alias == NULL || signature == NULL) {
589 return CKMC_ERROR_INVALID_PARAMETER;
592 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
593 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
594 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
595 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
597 if( (ret = mgr->createSignature(
603 ckmSignature)) != CKM_API_SUCCESS) {
604 return to_ckmc_error(ret);
607 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
608 ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
614 int ckmc_verify_signature(const char *public_key_alias,
615 const char *password,
616 const ckmc_raw_buffer_s message,
617 const ckmc_raw_buffer_s signature,
618 const ckmc_hash_algo_e hash,
619 const ckmc_rsa_padding_algo_e padding)
622 CKM::ManagerShPtr mgr = CKM::Manager::create();
624 if(public_key_alias == NULL) {
625 return CKMC_ERROR_INVALID_PARAMETER;
628 CKM::Alias ckmPublicKeyAlias(public_key_alias);
629 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
630 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
631 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
632 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
634 if( (ret = mgr->verifySignature(
640 ckmPadding)) != CKM_API_SUCCESS) {
641 return to_ckmc_error(ret);
644 return CKMC_ERROR_NONE;
648 int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
651 CKM::ManagerShPtr mgr = CKM::Manager::create();
652 CKM::CertificateShPtrVector ckmCertChain;
654 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
655 return CKMC_ERROR_INVALID_PARAMETER;
658 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
660 CKM::CertificateShPtrVector ckmUntrustedCerts;
661 if(untrustedcerts != NULL) {
662 ckmc_cert_list_s *current = NULL;
663 ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
666 next = current->next;
668 if(current->cert == NULL){
672 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
673 ckmUntrustedCerts.push_back(tmpCkmCert);
674 }while(next != NULL);
677 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
678 if( ret != CKM_API_SUCCESS) {
679 return to_ckmc_error(ret);
682 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
684 return CKMC_ERROR_NONE;
688 int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
691 CKM::ManagerShPtr mgr = CKM::Manager::create();
692 CKM::CertificateShPtrVector ckmCertChain;
695 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
696 return CKMC_ERROR_INVALID_PARAMETER;
699 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
700 if(ckmCert.get() == NULL) {
701 return CKMC_ERROR_INVALID_FORMAT;
704 CKM::AliasVector ckmUntrustedAliases;
705 if(untrustedcerts != NULL) {
706 ckmc_alias_list_s *current = NULL;
707 ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
710 next = current->next;
712 if(current->alias == NULL){
713 return CKMC_ERROR_INVALID_PARAMETER;
715 CKM::Alias ckmAlias(current->alias);
716 ckmUntrustedAliases.push_back(ckmAlias);
717 }while(next != NULL);
720 if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
721 return to_ckmc_error(ret);
724 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
726 return CKMC_ERROR_NONE;
730 int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted)
732 if (!alias || !accessor)
733 return CKMC_ERROR_INVALID_PARAMETER;
735 CKM::ManagerShPtr mgr = CKM::Manager::create();
737 CKM::Permission ar = static_cast<CKM::Permission>(static_cast<int>(granted));
738 return to_ckmc_error(mgr->setPermission(alias, accessor, ar));
742 int ckmc_deny_access(const char *alias, const char *accessor)
744 if (!alias || !accessor)
745 return CKMC_ERROR_INVALID_PARAMETER;
747 CKM::ManagerShPtr mgr = CKM::Manager::create();
749 return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE));