2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
20 * @brief Sample service implementation.
27 #include <message-buffer.h>
28 #include <protocols.h>
29 #include <ckm/ckm-type.h>
30 #include <connection-info.h>
31 #include <db-crypto.h>
32 #include <key-provider.h>
33 #include <crypto-logic.h>
34 #include <certificate-store.h>
39 KeyProvider keyProvider;
49 DECLARE_EXCEPTION_TYPE(CKM::Exception, Base)
50 DECLARE_EXCEPTION_TYPE(Base, InputDataInvalid);
54 CKMLogic(const CKMLogic &) = delete;
55 CKMLogic(CKMLogic &&) = delete;
56 CKMLogic& operator=(const CKMLogic &) = delete;
57 CKMLogic& operator=(CKMLogic &&) = delete;
60 RawBuffer unlockUserKey(uid_t user, const Password &password);
62 RawBuffer lockUserKey(uid_t user);
64 RawBuffer removeUserData(uid_t user);
66 RawBuffer changeUserPassword(
68 const Password &oldPassword,
69 const Password &newPassword);
71 RawBuffer resetUserPassword(
73 const Password &newPassword);
75 RawBuffer removeApplicationData(const Label &smackLabel);
83 const PolicySerializable &policy);
98 const Password &password);
100 RawBuffer getDataList(
103 DBDataType dataType);
105 RawBuffer createKeyPair(
107 LogicCommand protocol_cmd,
109 const int additional_param,
110 const Name &namePrivate,
111 const Name &namePublic,
112 const PolicySerializable &policyPrivate,
113 const PolicySerializable &policyPublic);
115 RawBuffer getCertificateChain(
118 const RawBuffer &certificate,
119 const RawBufferVector &untrustedCertificates);
121 RawBuffer getCertificateChain(
124 const RawBuffer &certificate,
125 const AliasVector &aliasVector);
127 RawBuffer createSignature(
130 const Name &privateKeyName,
131 const Label & ownerLabel,
132 const Password &password, // password for private_key
133 const RawBuffer &message,
134 const HashAlgorithm hash,
135 const RSAPaddingAlgorithm padding);
137 RawBuffer verifySignature(
140 const Name &publicKeyOrCertName,
141 const Label & ownerLabel,
142 const Password &password, // password for public_key (optional)
143 const RawBuffer &message,
144 const RawBuffer &signature,
145 const HashAlgorithm hash,
146 const RSAPaddingAlgorithm padding);
148 RawBuffer updateCCMode();
150 RawBuffer allowAccess(
155 const Label &accessor_label,
156 const AccessRight req_rights);
158 RawBuffer denyAccess(
163 const Label &accessor_label);
167 void verifyBinaryData(
169 const RawBuffer &input_data) const;
175 const RawBuffer &key,
176 const PolicySerializable &policy);
183 const Password &password,
186 int createKeyPairHelper(
188 const KeyType key_type,
189 const int additional_param,
190 const Name &namePrivate,
191 const Name &namePublic,
192 const PolicySerializable &policyPrivate,
193 const PolicySerializable &policyPublic);
197 const Name &publicKeyOrCertName,
198 const Password &password, // password for public_key (optional)
199 const KeyImpl &genericKey);
202 // @return true if name & label are proper, false otherwise
203 static bool checkNameAndLabelValid(
206 void updateCCMode_internal();
208 std::map<uid_t, UserData> m_userDataMap;
209 CertificateStore m_certStore;