src/manager/service/CryptoService.h

   1 #pragma once
   2
   3 #include <iostream>
   4
   5 #include <client-key-impl.h>
   6 #include <client-certificate-impl.h>
   7 #include <ckm/key-manager.h>
   8 #include <ckm/ckm-type.h>
   9 #include <string.h>
  10 #include <openssl/evp.h>
  11 #include <openssl/obj_mac.h>
  12 #include <openssl/ec.h>
  13 #include <openssl/dsa.h>
  14 #include <openssl/dh.h>
  15 #include <openssl/rsa.h>
  16 #include <openssl/bio.h>
  17 #include <openssl/rand.h>
  18 #include <openssl/crypto.h>
  19 #include <openssl/err.h>
  20
  21 #define DEV_RANDOM_FILE "/dev/random"
  22
  23 #define EVP_SUCCESS     1       // DO NOTCHANGE THIS VALUE
  24 #define EVP_FAIL        0       // DO NOTCHANGE THIS VALUE
  25
  26 #define CKM_CRYPTO_CTX_ERROR 2
  27 #define CKM_CRYPTO_PKEYINIT_ERROR 3
  28 #define CKM_CRYPTO_PKEYSET_ERROR 4
  29 #define CKM_CRYPTO_PKEYGEN_ERROR 5
  30 #define CKM_CRYPTO_CREATEKEY_SUCCESS 6
  31 #define CKM_CRYPTO_KEYGEN_ERROR 7
  32 #define CKM_SIG_GEN_ERROR 8
  33 #define CKM_CRYPTO_NOT_SUPPORT_ALGO_ERROR 9
  34 #define CKM_SIG_VERIFY_OPER_ERROR 10
  35 #define CKM_CRYPTO_NOT_SUPPORT_KEY_TYPE 11
  36 #define CKM_CRYPTO_INIT_ERROR 12
  37 #define CKM_CRYPTO_INIT_SUCCESS 13
  38
  39 namespace CKM {
  40
  41  // typedef std::vector<unsigned char> RawData; this must be defined in common header.
  42  // This is internal api so all functions should throw exception on errors.
  43 class CryptoService {
  44  public:
  45      CryptoService();
  46      virtual ~CryptoService();
  47
  48      // During initialization, FIPS_MODE and the antropy source are set.
  49      // And system certificates are loaded in the memory during initialization.
  50      //    FIPS_MODE - ON, OFF(Default)
  51      //    antropy source - /dev/random,/dev/urandom(Default)
  52      static int initalize();
  53
  54      int createKeyPairRSA(const int size,      // size in bits [1024, 2048, 4096]
  55                          KeyImpl &createdPrivateKey,  // returned value ==> Key &createdPrivateKey,
  56                          KeyImpl &createdPublicKey);  // returned value ==> Key &createdPublicKey
  57
  58      int createKeyPairECDSA(const Key::ECType type1,
  59                                          KeyImpl &createdPrivateKey,  // returned value
  60                                          KeyImpl &createdPublicKey);  // returned value
  61
  62      int createSignature(const KeyImpl &privateKey,
  63                          const RawBuffer &message,
  64                          const HashAlgorithm hashAlgo,
  65                          const RSAPaddingAlgorithm padAlgo,
  66                          RawBuffer &signature);
  67
  68      int verifySignature(const KeyImpl &publicKey,
  69                          const RawBuffer &message,
  70                          const RawBuffer &signature,
  71                          const HashAlgorithm hashAlgo,
  72                          const RSAPaddingAlgorithm padAlgo);
  73
  74      int verifyCertificateChain(const CertificateImpl &certificate,
  75                             const CertificateImplVector &untrustedCertificates,
  76                             const CertificateImplVector &userTrustedCertificates,
  77                            CertificateImplVector &certificateChainVector);
  78
  79  };
  80 }
  81
  82