2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckmc-control.h
18 * @author Yuseok Jeon(yuseok.jeon@samsung.com)
20 * @brief provides conversion methods to C from C++ for key-manager control functions.
23 #include <ckm/ckm-type.h>
24 #include <ckm/ckm-manager.h>
25 #include <ckmc/ckmc-type.h>
26 #include <ckmc/ckmc-manager.h>
27 #include <ckmc/ckmc-error.h>
31 std::string _tostring(const char *str)
35 return std::string(str);
38 CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
40 CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
41 CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
42 return CKM::Certificate::create(buffer, dataFormat);
45 ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
48 ckmc_cert_list_s *start = NULL;
49 ckmc_cert_list_s *plist = NULL;
50 CKM::CertificateShPtrVector::iterator it;
51 for(it = certVector.begin(); it != certVector.end(); it++) {
52 CKM::RawBuffer rawBuffer = (*it)->getDER();
53 unsigned char *rawCert = (unsigned char *) malloc(rawBuffer.size());
54 memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
56 ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
61 ret = ckmc_cert_list_new(pcert, &plist);
62 start = plist; // save the pointer of the first element
64 ret = ckmc_cert_list_add(plist, pcert, &plist);
66 if(ret != CKMC_SUCCESS) {
67 ckmc_cert_list_all_free(start);
75 int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
77 CKM::ManagerShPtr mgr = CKM::Manager::create();
80 return CKMC_ERROR_INPUT_PARAM;
82 CKM::Alias ckmAlias(alias);
84 if(key.raw_key == NULL || key.key_size <= 0) {
85 return CKMC_ERROR_INPUT_PARAM;
87 CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
88 CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
90 if(ckmKey.get() == NULL) {
91 return CKMC_ERROR_INVALID_FORMAT;
94 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
96 return mgr->saveKey(ckmAlias, ckmKey, storePolicy);
101 int ckmc_remove_key(const char *alias)
103 CKM::ManagerShPtr mgr = CKM::Manager::create();
106 return CKMC_ERROR_INPUT_PARAM;
108 CKM::Alias ckmAlias(alias);
110 return mgr->removeKey(ckmAlias);
114 int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
117 CKM::KeyShPtr ckmKey;
119 if(alias == NULL || key == NULL) {
120 return CKMC_ERROR_INPUT_PARAM;
122 CKM::Alias ckmAlias(alias);
124 CKM::ManagerShPtr mgr = CKM::Manager::create();
125 if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKMC_SUCCESS) {
129 unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
130 ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
132 ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
138 int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
142 if(alias_list == NULL) {
143 return CKMC_ERROR_INPUT_PARAM;
146 CKM::AliasVector aliasVector;
147 CKM::ManagerShPtr mgr = CKM::Manager::create();
148 if( (ret = mgr->getKeyAliasVector(aliasVector)) != CKMC_SUCCESS) {
152 ckmc_alias_list_s *plist = NULL;
153 CKM::AliasVector::iterator it;
154 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
155 char *alias = (char *)malloc(it->size() + 1);
156 memset(alias, 0, it->size() +1 );
157 memcpy(alias, it->c_str(), it->size());
158 if(plist == NULL) { // first
159 ret = ckmc_alias_list_new(alias, &plist);
160 *alias_list = plist; // save the pointer of the first element
162 ret = ckmc_alias_list_add(plist, alias, &plist);
164 if(ret != CKMC_SUCCESS) {
165 ckmc_alias_list_all_free(*alias_list);
174 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
177 return CKMC_ERROR_INPUT_PARAM;
179 CKM::Alias ckmAlias(alias);
181 if(cert.raw_cert == NULL || cert.cert_size <= 0) {
182 return CKMC_ERROR_INPUT_PARAM;
184 CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
185 if(ckmCert.get() == NULL) {
186 return CKMC_ERROR_INVALID_FORMAT;
189 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
191 CKM::ManagerShPtr mgr = CKM::Manager::create();
192 return mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
196 int ckmc_remove_cert(const char *alias)
199 return CKMC_ERROR_INPUT_PARAM;
201 CKM::Alias ckmAlias(alias);
203 CKM::ManagerShPtr mgr = CKM::Manager::create();
204 return mgr->removeCertificate(ckmAlias);
208 int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
210 CKM::CertificateShPtr ckmCert;
213 if(alias == NULL || cert == NULL) {
214 return CKMC_ERROR_INPUT_PARAM;
216 CKM::Alias ckmAlias(alias);
218 CKM::ManagerShPtr mgr = CKM::Manager::create();
219 if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKMC_SUCCESS) {
223 unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
224 ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
230 int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
233 if(alias_list == NULL) {
234 return CKMC_ERROR_INPUT_PARAM;
237 CKM::AliasVector aliasVector;
238 CKM::ManagerShPtr mgr = CKM::Manager::create();
239 if( (ret = mgr->getCertificateAliasVector(aliasVector)) != CKMC_SUCCESS) {
243 ckmc_alias_list_s *plist = NULL;
244 CKM::AliasVector::iterator it;
245 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
246 char *alias = (char *)malloc(it->size() + 1);
247 memset(alias, 0, it->size() +1 );
248 memcpy(alias, it->c_str(), it->size());
250 if(plist == NULL) { // first
251 ret = ckmc_alias_list_new(alias, &plist);
252 *alias_list = plist; // save the pointer of the first element
254 ret = ckmc_alias_list_add(plist, alias, &plist);
257 if(ret != CKMC_SUCCESS) {
258 ckmc_alias_list_all_free(*alias_list);
267 int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
270 return CKMC_ERROR_INPUT_PARAM;
272 CKM::Alias ckmAlias(alias);
274 if(data.data == NULL || data.size <= 0) {
275 return CKMC_ERROR_INPUT_PARAM;
277 CKM::RawBuffer buffer(data.data, data.data + data.size);
279 CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
281 CKM::ManagerShPtr mgr = CKM::Manager::create();
282 return mgr->saveData(ckmAlias, buffer, storePolicy);
286 int ckmc_remove_data(const char *alias)
289 return CKMC_ERROR_INPUT_PARAM;
291 CKM::Alias ckmAlias(alias);
293 CKM::ManagerShPtr mgr = CKM::Manager::create();
294 return mgr->removeData(ckmAlias);
298 int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
300 CKM::RawBuffer ckmBuff;
303 if(alias == NULL || data == NULL) {
304 return CKMC_ERROR_INPUT_PARAM;
306 CKM::Alias ckmAlias(alias);
308 CKM::ManagerShPtr mgr = CKM::Manager::create();
309 if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKMC_SUCCESS) {
313 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
314 ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
320 int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
323 if(alias_list == NULL) {
324 return CKMC_ERROR_INPUT_PARAM;
327 CKM::AliasVector aliasVector;
328 CKM::ManagerShPtr mgr = CKM::Manager::create();
329 if( (ret = mgr->getDataAliasVector(aliasVector)) != CKMC_SUCCESS) {
333 ckmc_alias_list_s *plist = NULL;
334 CKM::AliasVector::iterator it;
335 for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
336 char *alias = (char *)malloc(it->size() + 1);
337 memset(alias, 0, it->size() +1 );
338 memcpy(alias, it->c_str(), it->size());
339 if(plist == NULL) { // first
340 ret = ckmc_alias_list_new(alias, &plist);
341 *alias_list = plist; // save the pointer of the first element
343 ret = ckmc_alias_list_add(plist, alias, &plist);
345 if(ret != CKMC_SUCCESS) {
346 ckmc_alias_list_all_free(*alias_list);
355 int ckmc_create_key_pair_rsa(const size_t size,
356 const char *private_key_alias,
357 const char *public_key_alias,
358 const ckmc_policy_s policy_private_key,
359 const ckmc_policy_s policy_public_key)
362 CKM::ManagerShPtr mgr = CKM::Manager::create();
364 if(private_key_alias == NULL || public_key_alias == NULL) {
365 return CKMC_ERROR_INPUT_PARAM;
368 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
369 CKM::Alias ckmPublicKeyAlias(public_key_alias);
370 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
371 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
373 if( (ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
382 int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
383 const char *private_key_alias,
384 const char *public_key_alias,
385 const ckmc_policy_s policy_private_key,
386 const ckmc_policy_s policy_public_key)
388 CKM::ManagerShPtr mgr = CKM::Manager::create();
390 if(private_key_alias == NULL || public_key_alias == NULL) {
391 return CKMC_ERROR_INPUT_PARAM;
394 CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
395 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
396 CKM::Alias ckmPublicKeyAlias(public_key_alias);
397 CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
398 CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
400 return mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
404 int ckmc_create_signature(const char *private_key_alias,
405 const char *password,
406 const ckmc_raw_buffer_s message,
407 const ckmc_hash_algo_e hash,
408 const ckmc_rsa_padding_algo_e padding,
409 ckmc_raw_buffer_s **signature)
412 CKM::ManagerShPtr mgr = CKM::Manager::create();
413 CKM::RawBuffer ckmSignature;
415 if(private_key_alias == NULL || signature == NULL) {
416 return CKMC_ERROR_INPUT_PARAM;
419 CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
420 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
421 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
422 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
424 if( (ret = mgr->createSignature(
430 ckmSignature)) != CKMC_SUCCESS) {
434 unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
435 ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
441 int ckmc_verify_signature(const char *public_key_alias,
442 const char *password,
443 const ckmc_raw_buffer_s message,
444 const ckmc_raw_buffer_s signature,
445 const ckmc_hash_algo_e hash,
446 const ckmc_rsa_padding_algo_e padding)
449 CKM::ManagerShPtr mgr = CKM::Manager::create();
451 if(public_key_alias == NULL) {
452 return CKMC_ERROR_INPUT_PARAM;
455 CKM::Alias ckmPublicKeyAlias(public_key_alias);
456 CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
457 CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
458 CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
459 CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
461 if( (ret = mgr->verifySignature(
467 ckmPadding)) != CKMC_SUCCESS) {
475 int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
478 CKM::ManagerShPtr mgr = CKM::Manager::create();
479 CKM::CertificateShPtrVector ckmCertChain;
481 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
482 return CKMC_ERROR_INPUT_PARAM;
485 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
487 CKM::CertificateShPtrVector ckmUntrustedCerts;
488 if(untrustedcerts != NULL) {
489 ckmc_cert_list_s *current = NULL;
490 ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
493 next = current->next;
495 if(current->cert == NULL){
499 CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
500 ckmUntrustedCerts.push_back(tmpCkmCert);
501 }while(next != NULL);
504 ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
505 if( ret != CKMC_SUCCESS) {
509 *cert_chain_list = _toNewCkmCertList(ckmCertChain);
515 int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
518 CKM::ManagerShPtr mgr = CKM::Manager::create();
519 CKM::CertificateShPtrVector ckmCertChain;
522 if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
523 return CKMC_ERROR_INPUT_PARAM;
526 CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
527 if(ckmCert.get() == NULL) {
528 return CKMC_ERROR_INVALID_FORMAT;
531 CKM::AliasVector ckmUntrustedAliases;
532 if(untrustedcerts != NULL) {
533 ckmc_alias_list_s *current = NULL;
534 ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
537 next = current->next;
539 if(current->alias == NULL){
540 return CKMC_ERROR_INPUT_PARAM;
542 CKM::Alias ckmAlias(current->alias);
543 ckmUntrustedAliases.push_back(ckmAlias);
544 }while(next != NULL);
547 if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKMC_SUCCESS) {
551 *cert_chain_list = _toNewCkmCertList(ckmCertChain);