2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
29 bool _toBool(ckm_bool ckmBool)
31 if(ckmBool == CKM_TRUE) {
37 CKM::Certificate _toCkmCertificate(const ckm_cert *cert)
39 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
40 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
41 CKM::Certificate ckmCert(buffer, dataFormat);
45 ckm_cert_list *_toNewCkmCertList(CKM::CertificateVector &certVector)
47 ckm_cert_list *start = NULL;
48 ckm_cert_list *plist = NULL;
49 CKM::CertificateVector::iterator it;
50 for(it = certVector.begin(); it != certVector.end(); it++) {
51 CKM::RawBuffer rawBuffer = it->getDER();
52 unsigned char *rawCert = reinterpret_cast<unsigned char*>(rawBuffer.data());
53 ckm_cert *pcert = ckm_cert_new( rawCert, rawBuffer.size(), CKM_CERT_FORM_DER);
58 plist = ckm_cert_list_new(pcert);
59 start = plist; // save the pointer of the first element
61 plist = ckm_cert_list_add(plist, pcert);
68 int ckm_save_key(const char *alias, const ckm_key key, const ckm_policy policy)
73 return CKM_API_ERROR_INPUT_PARAM;
75 CKM::Alias ckmAlias(alias);
77 if(key.raw_key == NULL || key.key_size <= 0) {
78 return CKM_API_ERROR_INPUT_PARAM;
80 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
81 std::string password(key.password);
82 CKM::Key ckmKey(buffer,password);
84 CKM::Policy storePolicy(policy.password, _toBool(policy.extractable), _toBool(policy.restricted));
86 return mgr.saveKey(ckmAlias, ckmKey, storePolicy);
91 int ckm_remove_key(const char *alias)
96 return CKM_API_ERROR_INPUT_PARAM;
98 CKM::Alias ckmAlias(alias);
100 return mgr.removeKey(ckmAlias);
104 int ckm_get_key(const char *alias, const char *password, ckm_key **key)
110 return CKM_API_ERROR_INPUT_PARAM;
112 CKM::Alias ckmAlias(alias);
115 if( (ret = mgr.getKey(ckmAlias, std::string(password), ckmKey)) != CKM_API_SUCCESS) {
119 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey.getDER().data());
120 ckm_key_type keyType = static_cast<ckm_key_type>(static_cast<int>(ckmKey.getType()));
121 *key = ckm_key_new( rawKey, ckmKey.getDER().size(), keyType, NULL);
123 return CKM_API_ERROR_OUT_OF_MEMORY;
125 return CKM_API_SUCCESS;
130 int ckm_get_key_alias_list(const ckm_alias_list** alias_list)
135 CKM::AliasVector aliasVector;
137 if( (ret = mgr.getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
141 ckm_alias_list *plist = NULL;
142 CKM::AliasVector::iterator it;
143 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
144 if(plist == NULL) { // first
145 plist = ckm_alias_list_new(const_cast<char *>(it->c_str()));
146 *alias_list = plist; // save the pointer of the first element
148 plist = ckm_alias_list_add(plist, const_cast<char *>(it->c_str()));
152 return CKM_API_SUCCESS;
156 int ckm_save_cert(const char *alias, const ckm_cert cert, const ckm_policy policy)
159 return CKM_API_ERROR_INPUT_PARAM;
161 CKM::Alias ckmAlias(alias);
163 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
164 return CKM_API_ERROR_INPUT_PARAM;
166 CKM::Certificate ckmCert = _toCkmCertificate(&cert);
168 CKM::Policy storePolicy(policy.password, _toBool(policy.extractable), _toBool(policy.restricted));
171 return mgr.saveCertificate(ckmAlias, ckmCert, storePolicy);
175 int ckm_remove_cert(const char *alias)
178 return CKM_API_ERROR_INPUT_PARAM;
180 CKM::Alias ckmAlias(alias);
183 return mgr.removeCertificate(ckmAlias);
187 int ckm_get_cert(const char *alias, const char *password, const ckm_cert **cert)
189 CKM::Certificate ckmCert;
193 return CKM_API_ERROR_INPUT_PARAM;
195 CKM::Alias ckmAlias(alias);
198 if( (ret = mgr.getCertificate(ckmAlias, std::string(password), ckmCert)) != CKM_API_SUCCESS) {
202 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert.getDER().data());
203 *cert = ckm_cert_new( rawCert, ckmCert.getDER().size(), CKM_CERT_FORM_DER);
205 return CKM_API_ERROR_OUT_OF_MEMORY;
207 return CKM_API_SUCCESS;
212 int ckm_get_cert_alias_list(const ckm_alias_list** alias_list) {
216 CKM::AliasVector aliasVector;
218 if( (ret = mgr.getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
222 ckm_alias_list *plist = NULL;
223 CKM::AliasVector::iterator it;
224 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
225 if(plist == NULL) { // first
226 plist = ckm_alias_list_new(const_cast<char *>(it->c_str()));
227 *alias_list = plist; // save the pointer of the first element
229 plist = ckm_alias_list_add(plist, const_cast<char *>(it->c_str()));
233 return CKM_API_SUCCESS;
237 int ckm_save_data(const char *alias, ckm_raw_buffer data, const ckm_policy policy)
240 return CKM_API_ERROR_INPUT_PARAM;
242 CKM::Alias ckmAlias(alias);
244 if(data.data == NULL || data.size <= 0) {
245 return CKM_API_ERROR_INPUT_PARAM;
247 CKM::RawBuffer buffer(data.data, data.data + data.size);
249 CKM::Policy storePolicy(policy.password, _toBool(policy.extractable), _toBool(policy.restricted));
252 return mgr.saveData(ckmAlias, buffer, storePolicy);
256 int ckm_remove_data(const char *alias)
259 return CKM_API_ERROR_INPUT_PARAM;
261 CKM::Alias ckmAlias(alias);
264 return mgr.removeData(ckmAlias);
268 int ckm_get_data(const char *alias, const char *password, ckm_raw_buffer **data)
270 CKM::RawBuffer ckmBuff;
274 return CKM_API_ERROR_INPUT_PARAM;
276 CKM::Alias ckmAlias(alias);
279 if( (ret = mgr.getData(ckmAlias, std::string(password), ckmBuff)) != CKM_API_SUCCESS) {
283 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
284 *data = ckm_buffer_new( rawBuff, ckmBuff.size());
286 return CKM_API_ERROR_OUT_OF_MEMORY;
288 return CKM_API_SUCCESS;
293 int ckm_get_data_alias_list(const ckm_alias_list** alias_list){
297 CKM::AliasVector aliasVector;
299 if( (ret = mgr.getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
303 ckm_alias_list *plist = NULL;
304 CKM::AliasVector::iterator it;
305 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
306 if(plist == NULL) { // first
307 plist = ckm_alias_list_new(const_cast<char *>(it->c_str()));
308 *alias_list = plist; // save the pointer of the first element
310 plist = ckm_alias_list_add(plist, const_cast<char *>(it->c_str()));
314 return CKM_API_SUCCESS;
318 int ckm_create_key_pair_rsa(const int size,
319 const char *private_key_alias,
320 const char *public_key_alias,
321 const ckm_policy policy_private_key,
322 const ckm_policy policy_public_key)
327 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
328 CKM::Alias ckmPublicKeyAlias(public_key_alias);
329 CKM::Policy ckmPrivateKeyPolicy(policy_private_key.password, _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
330 CKM::Policy ckmPublicKeyPolicy(policy_public_key.password, _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
332 if( (mgr.createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
333 != CKM_API_SUCCESS) {
337 return CKM_API_SUCCESS;
341 int ckm_create_key_pair_ecdsa(const ckm_ec_type type,
342 const char *private_key_alias,
343 const char *public_key_alias,
344 const ckm_policy policy_private_key,
345 const ckm_policy policy_public_key)
350 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
351 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
352 CKM::Alias ckmPublicKeyAlias(public_key_alias);
353 CKM::Policy ckmPrivateKeyPolicy(policy_private_key.password, _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
354 CKM::Policy ckmPublicKeyPolicy(policy_public_key.password, _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
356 if( (mgr.createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
357 != CKM_API_SUCCESS) {
361 return CKM_API_SUCCESS;
365 int ckm_create_signature(const char *private_key_alias,
366 const char *password,
367 const ckm_raw_buffer message,
368 const ckm_hash_algo hash,
369 const ckm_rsa_padding_algo padding,
370 ckm_raw_buffer **signature)
374 CKM::RawBuffer ckmSignature;
376 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
377 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
378 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
379 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
381 if( (ret = mgr.createSignature(
387 ckmSignature)) != CKM_API_SUCCESS) {
391 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
392 *signature = ckm_buffer_new( rawBuff, ckmSignature.size());
393 if(*signature == NULL) {
394 return CKM_API_ERROR_OUT_OF_MEMORY;
396 return CKM_API_SUCCESS;
399 return CKM_API_SUCCESS;
403 int ckm_verify_signature(const char *public_key_alias,
404 const char *password,
405 const ckm_raw_buffer message,
406 const ckm_raw_buffer signature,
407 const ckm_hash_algo hash,
408 const ckm_rsa_padding_algo padding)
413 CKM::Alias ckmPublicKeyAlias(public_key_alias);
414 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
415 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
416 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
417 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
419 if( (ret = mgr.verifySignature(
425 ckmPadding)) != CKM_API_SUCCESS) {
429 return CKM_API_SUCCESS;
433 int ckm_get_cert_chain(const ckm_cert *cert, const ckm_cert_list *untrustedcerts, ckm_cert_list **cert_chain_list)
437 CKM::CertificateVector ckmCertChain;
440 if(cert->raw_cert == NULL || cert->cert_size <= 0) {
441 return CKM_API_ERROR_INPUT_PARAM;
443 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
444 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
445 CKM::Certificate ckmCert(buffer, dataFormat);
447 CKM::CertificateVector ckmUntrustedCerts;
448 if(untrustedcerts != NULL) {
449 ckm_cert_list *current = NULL;
450 ckm_cert_list *next = const_cast<ckm_cert_list *>(untrustedcerts);
453 next = current->next;
455 if(current->cert == NULL){
456 return CKM_API_ERROR_INPUT_PARAM;
458 CKM::Certificate ckmCert = _toCkmCertificate(current->cert);
459 ckmUntrustedCerts.push_back(ckmCert);
460 }while(next != NULL);
463 if( (ret = mgr.getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain)) != CKM_API_SUCCESS) {
467 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
469 return CKM_API_SUCCESS;
473 int ckm_get_cert_chain_with_alias(const ckm_cert *cert, const ckm_alias_list *untrustedcerts, ckm_cert_list **cert_chain_list)
477 CKM::CertificateVector ckmCertChain;
480 if(cert->raw_cert == NULL || cert->cert_size <= 0) {
481 return CKM_API_ERROR_INPUT_PARAM;
483 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
484 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
485 CKM::Certificate ckmCert(buffer, dataFormat);
487 CKM::AliasVector ckmUntrustedAliases;
488 if(untrustedcerts != NULL) {
489 ckm_alias_list *current = NULL;
490 ckm_alias_list *next = const_cast<ckm_alias_list *>(untrustedcerts);
493 next = current->next;
495 if(current->alias == NULL){
496 return CKM_API_ERROR_INPUT_PARAM;
498 CKM::Alias ckmAlias(current->alias);
499 ckmUntrustedAliases.push_back(ckmAlias);
500 }while(next != NULL);
503 if( (ret = mgr.getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
507 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
509 return CKM_API_SUCCESS;