*/
#pragma once
-#include <protocols.h>
-
+#include <data-type.h>
+#include <client-common.h>
#include <ckm/ckm-type.h>
-#include <ckm/key-manager.h>
+#include <ckm/ckm-key.h>
+#include <ckm/ckm-manager.h>
namespace CKM {
-class Manager::ManagerImpl {
+class ManagerImpl : public Manager {
public:
- ManagerImpl()
- : m_counter(0)
- {}
+ ManagerImpl();
virtual ~ManagerImpl(){}
- int saveKey(const Alias &alias, const Key &key, const Policy &policy);
- int removeKey(const Alias &alias);
- int getKey(const Alias &alias, const std::string &password, Key &key);
+ int saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy);
+ int getKey(const Alias &alias, const Password &password, KeyShPtr &key);
int getKeyAliasVector(AliasVector &aliasVector);
- int saveCertificate(const Alias &alias, const Certificate &cert, const Policy &policy);
- int removeCertificate(const Alias &alias);
- int getCertificate(const Alias &alias, const std::string &password, Certificate &cert);
+ int saveCertificate(const Alias &alias, const CertificateShPtr &cert, const Policy &policy);
+ int getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert);
int getCertificateAliasVector(AliasVector &aliasVector);
int saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy);
- int removeData(const Alias &alias);
- int getData(const Alias &alias, const std::string &password, RawBuffer &cert);
+ int getData(const Alias &alias, const Password &password, RawBuffer &cert);
int getDataAliasVector(AliasVector &aliasVector);
-
+
+ int savePKCS12(
+ const Alias &alias,
+ const PKCS12ShPtr &pkcs,
+ const Policy &keyPolicy,
+ const Policy &certPolicy);
+ int getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs);
+ int getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs);
+
+ int removeAlias(const Alias &alias);
+
int createKeyPairRSA(
const int size, // size in bits [1024, 2048, 4096]
const Alias &privateKeyAlias,
const Policy &policyPrivateKey = Policy(),
const Policy &policyPublicKey = Policy());
+ int createKeyPairDSA(
+ const int size, // size in bits [1024, 2048, 3072, 4096]
+ const Alias &privateKeyAlias,
+ const Alias &publicKeyAlias,
+ const Policy &policyPrivateKey = Policy(),
+ const Policy &policyPublicKey = Policy());
+
int createKeyPairECDSA(
ElipticCurve type,
const Alias &privateKeyAlias,
const Policy &policyPublicKey = Policy());
int getCertificateChain(
- const Certificate &certificate,
- const CertificateVector &untrustedCertificates,
- CertificateVector &certificateChainVector);
+ const CertificateShPtr &certificate,
+ const CertificateShPtrVector &untrustedCertificates,
+ const CertificateShPtrVector &trustedCertificates,
+ bool useTrustedSystemCertificates,
+ CertificateShPtrVector &certificateChainVector);
int getCertificateChain(
- const Certificate &certificate,
+ const CertificateShPtr &certificate,
const AliasVector &untrustedCertificates,
- CertificateVector &certificateChainVector);
+ const AliasVector &trustedCertificates,
+ bool useTrustedSystemCertificates,
+ CertificateShPtrVector &certificateChainVector);
int createSignature(
const Alias &privateKeyAlias,
- const std::string &password, // password for private_key
+ const Password &password, // password for private_key
const RawBuffer &message,
const HashAlgorithm hash,
const RSAPaddingAlgorithm padding,
int verifySignature(
const Alias &publicKeyOrCertAlias,
- const std::string &password, // password for public_key (optional)
+ const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
const HashAlgorithm hash,
const RSAPaddingAlgorithm padding);
+ int ocspCheck(const CertificateShPtrVector &certificateChain, int &ocspCheck);
+
+ int setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask);
+
+ int encrypt(const CryptoAlgorithm &algo,
+ const Alias &keyAlias,
+ const Password &password,
+ const RawBuffer& plain,
+ RawBuffer& encrypted);
+
+ int decrypt(const CryptoAlgorithm &algo,
+ const Alias &keyAlias,
+ const Password &password,
+ const RawBuffer& encrypted,
+ RawBuffer& decrypted);
+
protected:
int saveBinaryData(
const Alias &alias,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &rawData,
const Policy &policy);
- int removeBinaryData(
- const Alias &alias,
- DBDataType dataType);
-
int getBinaryData(
const Alias &alias,
- DBDataType sendDataType,
- const std::string &password,
- DBDataType &recvDataType,
+ DataType sendDataType,
+ const Password &password,
+ DataType &recvDataType,
RawBuffer &rawData);
int getBinaryDataAliasVector(
- DBDataType sendDataType,
+ DataType sendDataType,
AliasVector &aliasVector);
+ int createKeyPair(
+ const KeyType key_type,
+ const int additional_param, // key size for [RSA|DSA], elliptic curve type for ECDSA
+ const Alias &privateKeyAlias,
+ const Alias &publicKeyAlias,
+ const Policy &policyPrivateKey,
+ const Policy &policyPublicKey);
+
int m_counter;
+ CKM::ServiceConnection m_storageConnection;
+ CKM::ServiceConnection m_ocspConnection;
+ CKM::ServiceConnection m_encryptionConnection;
};
} // namespace CKM