} // namespace anonymous
-ManagerImpl::ManagerImpl()
+Manager::Impl::Impl()
: m_counter(0),
m_storageConnection(SERVICE_SOCKET_CKM_STORAGE),
m_ocspConnection(SERVICE_SOCKET_OCSP),
m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION)
{
- initCryptoLib();
+ initOpenSslOnce();
}
-int ManagerImpl::saveBinaryData(
+int Manager::Impl::saveBinaryData(
const Alias &alias,
DataType dataType,
const RawBuffer &rawData,
});
}
-int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) {
+int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) {
if (key.get() == NULL)
return CKM_API_ERROR_INPUT_PARAM;
Try {
return CKM_API_ERROR_INPUT_PARAM;
}
-int ManagerImpl::saveCertificate(
+int Manager::Impl::saveCertificate(
const Alias &alias,
const CertificateShPtr &cert,
const Policy &policy)
return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy);
}
-int ManagerImpl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) {
+int Manager::Impl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) {
if (!policy.extractable)
return CKM_API_ERROR_INPUT_PARAM;
return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy);
}
-int ManagerImpl::savePKCS12(
+int Manager::Impl::savePKCS12(
const Alias & alias,
const PKCS12ShPtr &pkcs,
const Policy &keyPolicy,
});
}
-int ManagerImpl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs)
+int Manager::Impl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs)
{
return getPKCS12(alias, Password(), Password(), pkcs);
}
-int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs)
+int Manager::Impl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs)
{
if (alias.empty())
return CKM_API_ERROR_INPUT_PARAM;
}
-int ManagerImpl::removeAlias(const Alias &alias)
+int Manager::Impl::removeAlias(const Alias &alias)
{
if (alias.empty())
return CKM_API_ERROR_INPUT_PARAM;
});
}
-int ManagerImpl::getBinaryData(
+int Manager::Impl::getBinaryData(
const Alias &alias,
DataType sendDataType,
const Password &password,
});
}
-int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) {
+int Manager::Impl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) {
DataType recvDataType;
RawBuffer rawData;
return CKM_API_SUCCESS;
}
-int ManagerImpl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert)
+int Manager::Impl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert)
{
DataType recvDataType;
RawBuffer rawData;
return CKM_API_SUCCESS;
}
-int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer &rawData)
+int Manager::Impl::getData(const Alias &alias, const Password &password, RawBuffer &rawData)
{
DataType recvDataType = DataType::BINARY_DATA;
return CKM_API_SUCCESS;
}
-int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector)
+int Manager::Impl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector)
{
int my_counter = ++m_counter;
});
}
-int ManagerImpl::getKeyAliasVector(AliasVector &aliasVector) {
+int Manager::Impl::getKeyAliasVector(AliasVector &aliasVector) {
// in fact datatype has no meaning here - if not certificate or binary data
// then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST
return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector);
}
-int ManagerImpl::getCertificateAliasVector(AliasVector &aliasVector) {
+int Manager::Impl::getCertificateAliasVector(AliasVector &aliasVector) {
return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector);
}
-int ManagerImpl::getDataAliasVector(AliasVector &aliasVector) {
+int Manager::Impl::getDataAliasVector(AliasVector &aliasVector) {
return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector);
}
-int ManagerImpl::createKeyPairRSA(
+int Manager::Impl::createKeyPairRSA(
const int size,
const Alias &privateKeyAlias,
const Alias &publicKeyAlias,
return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
}
-int ManagerImpl::createKeyPairDSA(
+int Manager::Impl::createKeyPairDSA(
const int size,
const Alias &privateKeyAlias,
const Alias &publicKeyAlias,
return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
}
-int ManagerImpl::createKeyPairECDSA(
+int Manager::Impl::createKeyPairECDSA(
ElipticCurve type,
const Alias &privateKeyAlias,
const Alias &publicKeyAlias,
return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, static_cast<int>(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
}
-int ManagerImpl::createKeyAES(
+int Manager::Impl::createKeyAES(
const int size,
const Alias &keyAlias,
const Policy &policyKey)
}
-int ManagerImpl::createKeyPair(
+int Manager::Impl::createKeyPair(
const KeyType key_type,
const int additional_param,
const Alias &privateKeyAlias,
});
}
-int ManagerImpl::getCertificateChain(
+int Manager::Impl::getCertificateChain(
const CertificateShPtr &certificate,
const CertificateShPtrVector &untrustedCertificates,
const CertificateShPtrVector &trustedCertificates,
RawBufferVector untrustedVector;
RawBufferVector trustedVector;
+ if(!certificate || certificate->empty())
+ return CKM_API_ERROR_INPUT_PARAM;
+
for (auto &e: untrustedCertificates) {
untrustedVector.push_back(e->getDER());
}
certificateChainVector);
}
-int ManagerImpl::getCertificateChain(
+int Manager::Impl::getCertificateChain(
const CertificateShPtr &certificate,
const AliasVector &untrustedCertificates,
const AliasVector &trustedCertificates,
LabelNameVector untrustedVector;
LabelNameVector trustedVector;
+ if(!certificate || certificate->empty())
+ return CKM_API_ERROR_INPUT_PARAM;
+
for (auto &e: untrustedCertificates) {
AliasSupport helper(e);
untrustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
certificateChainVector);
}
-int ManagerImpl::createSignature(
+int Manager::Impl::createSignature(
const Alias &privateKeyAlias,
const Password &password, // password for private_key
const RawBuffer &message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding,
+ const CryptoAlgorithm &cAlgorithm,
RawBuffer &signature)
{
int my_counter = ++m_counter;
helper.getLabel(),
password,
message,
- static_cast<int>(hash),
- static_cast<int>(padding));
+ CryptoAlgorithmSerializable(cAlgorithm));
int retCode = m_storageConnection.processRequest(send.Pop(), recv);
if (CKM_API_SUCCESS != retCode)
});
}
-int ManagerImpl::verifySignature(
+int Manager::Impl::verifySignature(
const Alias &publicKeyOrCertAlias,
const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &cAlg)
{
int my_counter = ++m_counter;
password,
message,
signature,
- static_cast<int>(hash),
- static_cast<int>(padding));
+ CryptoAlgorithmSerializable(cAlg));
int retCode = m_storageConnection.processRequest(send.Pop(), recv);
if (CKM_API_SUCCESS != retCode)
});
}
-int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus)
+int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus)
{
return try_catch([&] {
int my_counter = ++m_counter;
RawBufferVector rawCertChain;
for (auto &e: certChain) {
+ if (!e || e->empty()) {
+ LogError("Empty certificate");
+ return CKM_API_ERROR_INPUT_PARAM;
+ }
rawCertChain.push_back(e->getDER());
}
});
}
-int ManagerImpl::setPermission(const Alias &alias,
+int Manager::Impl::setPermission(const Alias &alias,
const Label &accessor,
PermissionMask permissionMask)
{
});
}
-int ManagerImpl::crypt(EncryptionCommand command,
+int Manager::Impl::crypt(EncryptionCommand command,
const CryptoAlgorithm &algo,
const Alias &keyAlias,
const Password &password,
});
}
-int ManagerImpl::encrypt(const CryptoAlgorithm &algo,
+int Manager::Impl::encrypt(const CryptoAlgorithm &algo,
const Alias &keyAlias,
const Password &password,
const RawBuffer& plain,
return crypt(EncryptionCommand::ENCRYPT, algo, keyAlias, password, plain, encrypted);
}
-int ManagerImpl::decrypt(const CryptoAlgorithm &algo,
+int Manager::Impl::decrypt(const CryptoAlgorithm &algo,
const Alias &keyAlias,
const Password &password,
const RawBuffer& encrypted,
return crypt(EncryptionCommand::DECRYPT, algo, keyAlias, password, encrypted, decrypted);
}
-ManagerShPtr Manager::create() {
- try {
- return std::make_shared<ManagerImpl>();
- } catch (const std::bad_alloc &) {
- LogDebug("Bad alloc was caught during ManagerImpl creation.");
- } catch (...) {
- LogError("Critical error: Unknown exception was caught during ManagerImpl creation!");
- }
- return ManagerShPtr();
-}
-
} // namespace CKM
projects / platform / core / security / key-manager.git / blobdiff