2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
20 * @brief Sample service implementation.
27 #include <message-buffer.h>
28 #include <protocols.h>
29 #include <ckm/ckm-type.h>
30 #include <connection-info.h>
31 #include <db-crypto.h>
32 #include <key-provider.h>
33 #include <crypto-logic.h>
34 #include <certificate-store.h>
35 #include <file-lock.h>
36 #include <access-control.h>
41 KeyProvider keyProvider;
49 CKMLogic(const CKMLogic &) = delete;
50 CKMLogic(CKMLogic &&) = delete;
51 CKMLogic& operator=(const CKMLogic &) = delete;
52 CKMLogic& operator=(CKMLogic &&) = delete;
55 RawBuffer unlockUserKey(uid_t user, const Password &password);
57 RawBuffer lockUserKey(uid_t user);
59 RawBuffer removeUserData(uid_t user);
61 RawBuffer changeUserPassword(
63 const Password &oldPassword,
64 const Password &newPassword);
66 RawBuffer resetUserPassword(
68 const Password &newPassword);
70 RawBuffer removeApplicationData(
71 const Label &smackLabel);
74 const Credentials &cred,
78 const RawBuffer &data,
80 const PolicySerializable &policy);
83 const Credentials &cred,
87 const PKCS12Serializable &pkcs,
88 const PolicySerializable &keyPolicy,
89 const PolicySerializable &certPolicy);
92 const Credentials &cred,
98 const Credentials &cred,
103 const Password &password);
106 const Credentials &cred,
111 RawBuffer getDataList(
112 const Credentials &cred,
114 DBDataType dataType);
116 RawBuffer createKeyPair(
117 const Credentials &cred,
118 LogicCommand protocol_cmd,
120 const int additional_param,
121 const Name &namePrivate,
122 const Label &labelPrivate,
123 const Name &namePublic,
124 const Label &labelPublic,
125 const PolicySerializable &policyPrivate,
126 const PolicySerializable &policyPublic);
128 RawBuffer getCertificateChain(
129 const Credentials &cred,
131 const RawBuffer &certificate,
132 const RawBufferVector &untrustedCertificates);
134 RawBuffer getCertificateChain(
135 const Credentials &cred,
137 const RawBuffer &certificate,
138 const LabelNameVector &labelNameVector);
140 RawBuffer createSignature(
141 const Credentials &cred,
143 const Name &privateKeyName,
144 const Label & ownerLabel,
145 const Password &password, // password for private_key
146 const RawBuffer &message,
147 const HashAlgorithm hash,
148 const RSAPaddingAlgorithm padding);
150 RawBuffer verifySignature(
151 const Credentials &cred,
153 const Name &publicKeyOrCertName,
155 const Password &password, // password for public_key (optional)
156 const RawBuffer &message,
157 const RawBuffer &signature,
158 const HashAlgorithm hash,
159 const RSAPaddingAlgorithm padding);
161 RawBuffer updateCCMode();
163 RawBuffer setPermission(
164 const Credentials &cred,
169 const Label &accessor_label,
170 const Permission newPermission);
174 int verifyBinaryData(
176 const RawBuffer &input_data) const;
178 int checkSaveConditions(
179 const Credentials &cred,
185 const Credentials &cred,
189 const RawBuffer &data,
190 const PolicySerializable &policy);
193 const Credentials &cred,
196 const PKCS12Serializable &pkcs,
197 const PolicySerializable &keyPolicy,
198 const PolicySerializable &certPolicy);
200 DBRow createEncryptedDBRow(
205 const RawBuffer &data,
206 const Policy &policy) const;
209 const Credentials &cred,
213 CertificateShPtr & cert,
214 CertificateShPtrVector & caChain);
216 int extractPKCS12Data(
219 const Label &ownerLabel,
220 const PKCS12Serializable &pkcs,
221 const PolicySerializable &keyPolicy,
222 const PolicySerializable &certPolicy,
223 DBRowVector &output) const;
225 int removeDataHelper(
226 const Credentials &cred,
228 const Label &ownerLabel);
232 const Label &ownerLabel,
237 int readMultiRow(const Name &name,
238 const Label &ownerLabel,
241 DBRowVector &output);
243 int checkDataPermissionsHelper(
245 const Label &ownerLabel,
246 const Label &accessorLabel,
249 DBCrypto & database);
253 const Credentials &cred,
257 const Password &password,
262 const Credentials &cred,
266 const Password &password,
269 int createKeyPairHelper(
270 const Credentials &cred,
271 const KeyType key_type,
272 const int additional_param,
273 const Name &namePrivate,
274 const Label &labelPrivate,
275 const Name &namePublic,
276 const Label &labelPublic,
277 const PolicySerializable &policyPrivate,
278 const PolicySerializable &policyPublic);
280 int getCertificateChainHelper(
281 const Credentials &cred,
282 const RawBuffer &certificate,
283 const LabelNameVector &labelNameVector,
284 RawBufferVector & chainRawVector);
286 int setPermissionHelper(
287 const Credentials &cred,
289 const Label &ownerLabel,
290 const Label &accessorLabel,
291 const Permission newPermission);
294 std::map<uid_t, UserData> m_userDataMap;
295 CertificateStore m_certStore;
296 AccessControl m_accessControl;