2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
20 * @brief Sample service implementation.
27 #include <message-buffer.h>
28 #include <protocols.h>
29 #include <ckm/ckm-type.h>
30 #include <connection-info.h>
31 #include <db-crypto.h>
32 #include <key-provider.h>
33 #include <crypto-logic.h>
34 #include <certificate-store.h>
35 #include <file-lock.h>
40 KeyProvider keyProvider;
50 DECLARE_EXCEPTION_TYPE(CKM::Exception, Base)
51 DECLARE_EXCEPTION_TYPE(Base, InputDataInvalid);
55 CKMLogic(const CKMLogic &) = delete;
56 CKMLogic(CKMLogic &&) = delete;
57 CKMLogic& operator=(const CKMLogic &) = delete;
58 CKMLogic& operator=(CKMLogic &&) = delete;
61 RawBuffer unlockUserKey(uid_t user, const Password &password);
63 RawBuffer lockUserKey(uid_t user);
65 RawBuffer removeUserData(uid_t user);
67 RawBuffer changeUserPassword(
69 const Password &oldPassword,
70 const Password &newPassword);
72 RawBuffer resetUserPassword(
74 const Password &newPassword);
76 RawBuffer removeApplicationData(const Label &smackLabel);
84 const PolicySerializable &policy);
99 const Password &password);
101 RawBuffer getDataList(
104 DBDataType dataType);
106 RawBuffer createKeyPair(
108 LogicCommand protocol_cmd,
110 const int additional_param,
111 const Name &namePrivate,
112 const Name &namePublic,
113 const PolicySerializable &policyPrivate,
114 const PolicySerializable &policyPublic);
116 RawBuffer getCertificateChain(
119 const RawBuffer &certificate,
120 const RawBufferVector &untrustedCertificates);
122 RawBuffer getCertificateChain(
125 const RawBuffer &certificate,
126 const AliasVector &aliasVector);
128 RawBuffer createSignature(
131 const Name &privateKeyName,
132 const Label & ownerLabel,
133 const Password &password, // password for private_key
134 const RawBuffer &message,
135 const HashAlgorithm hash,
136 const RSAPaddingAlgorithm padding);
138 RawBuffer verifySignature(
141 const Name &publicKeyOrCertName,
142 const Label & ownerLabel,
143 const Password &password, // password for public_key (optional)
144 const RawBuffer &message,
145 const RawBuffer &signature,
146 const HashAlgorithm hash,
147 const RSAPaddingAlgorithm padding);
149 RawBuffer updateCCMode();
151 RawBuffer allowAccess(
156 const Label &accessor_label,
157 const AccessRight req_rights);
159 RawBuffer denyAccess(
164 const Label &accessor_label);
168 void verifyBinaryData(
170 const RawBuffer &input_data) const;
176 const RawBuffer &key,
177 const PolicySerializable &policy);
184 const Password &password,
187 int createKeyPairHelper(
189 const KeyType key_type,
190 const int additional_param,
191 const Name &namePrivate,
192 const Name &namePublic,
193 const PolicySerializable &policyPrivate,
194 const PolicySerializable &policyPublic);
198 const Name &publicKeyOrCertName,
199 const Password &password, // password for public_key (optional)
200 const KeyImpl &genericKey);
203 // @return true if name & label are proper, false otherwise
204 static bool checkNameAndLabelValid(
207 void updateCCMode_internal();
209 std::map<uid_t, UserData> m_userDataMap;
210 CertificateStore m_certStore;