Implement encryption/decryption API

[platform/core/security/key-manager.git] / src / manager / client / client-manager-impl.h

diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h
index dfec4b1..e93b89c 100644 (file)
--- a/src/manager/client/client-manager-impl.h
+++ b/src/manager/client/client-manager-impl.h
@@ -20,9 +20,8 @@
  */
 #pragma once
 
-#include <protocols.h>
-#include <safe-buffer.h>
-
+#include <data-type.h>
+#include <client-common.h>
 #include <ckm/ckm-type.h>
 #include <ckm/ckm-key.h>
 #include <ckm/ckm-manager.h>
@@ -35,20 +34,27 @@ public:
     virtual ~ManagerImpl(){}
 
     int saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy);
-    int removeKey(const Alias &alias);
-    int getKey(const Alias &alias, const std::string &password, KeyShPtr &key);
+    int getKey(const Alias &alias, const Password &password, KeyShPtr &key);
     int getKeyAliasVector(AliasVector &aliasVector);
 
     int saveCertificate(const Alias &alias, const CertificateShPtr &cert, const Policy &policy);
-    int removeCertificate(const Alias &alias);
-    int getCertificate(const Alias &alias, const std::string &password, CertificateShPtr &cert);
+    int getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert);
     int getCertificateAliasVector(AliasVector &aliasVector);
 
     int saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy);
-    int removeData(const Alias &alias);
-    int getData(const Alias &alias, const std::string &password, RawBuffer &cert);
+    int getData(const Alias &alias, const Password &password, RawBuffer &cert);
     int getDataAliasVector(AliasVector &aliasVector);
 
+    int savePKCS12(
+        const Alias &alias,
+        const PKCS12ShPtr &pkcs,
+        const Policy &keyPolicy,
+        const Policy &certPolicy);
+    int getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs);
+    int getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs);
+
+    int removeAlias(const Alias &alias);
+
     int createKeyPairRSA(
         const int size,              // size in bits [1024, 2048, 4096]
         const Alias &privateKeyAlias,
@@ -56,6 +62,13 @@ public:
         const Policy &policyPrivateKey = Policy(),
         const Policy &policyPublicKey = Policy());
 
+    int createKeyPairDSA(
+        const int size,              // size in bits [1024, 2048, 3072, 4096]
+        const Alias &privateKeyAlias,
+        const Alias &publicKeyAlias,
+        const Policy &policyPrivateKey = Policy(),
+        const Policy &policyPublicKey = Policy());
+
     int createKeyPairECDSA(
         ElipticCurve type,
         const Alias &privateKeyAlias,
@@ -66,16 +79,20 @@ public:
     int getCertificateChain(
         const CertificateShPtr &certificate,
         const CertificateShPtrVector &untrustedCertificates,
+        const CertificateShPtrVector &trustedCertificates,
+        bool useTrustedSystemCertificates,
         CertificateShPtrVector &certificateChainVector);
 
     int getCertificateChain(
         const CertificateShPtr &certificate,
         const AliasVector &untrustedCertificates,
+        const AliasVector &trustedCertificates,
+        bool useTrustedSystemCertificates,
         CertificateShPtrVector &certificateChainVector);
 
     int createSignature(
         const Alias &privateKeyAlias,
-        const std::string &password,           // password for private_key
+        const Password &password,           // password for private_key
         const RawBuffer &message,
         const HashAlgorithm hash,
         const RSAPaddingAlgorithm padding,
@@ -83,7 +100,7 @@ public:
 
     int verifySignature(
         const Alias &publicKeyOrCertAlias,
-        const std::string &password,           // password for public_key (optional)
+        const Password &password,           // password for public_key (optional)
         const RawBuffer &message,
         const RawBuffer &signature,
         const HashAlgorithm hash,
@@ -91,30 +108,50 @@ public:
 
     int ocspCheck(const CertificateShPtrVector &certificateChain, int &ocspCheck);
 
+    int setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask);
+
+    int encrypt(const CryptoAlgorithm &algo,
+                const Alias &keyAlias,
+                const Password &password,
+                const RawBuffer& plain,
+                RawBuffer& encrypted);
+
+    int decrypt(const CryptoAlgorithm &algo,
+                const Alias &keyAlias,
+                const Password &password,
+                const RawBuffer& encrypted,
+                RawBuffer& decrypted);
+
 protected:
     int saveBinaryData(
         const Alias &alias,
-        DBDataType dataType,
-        const SafeBuffer &rawData,
+        DataType dataType,
+        const RawBuffer &rawData,
         const Policy &policy);
 
-    int removeBinaryData(
-        const Alias &alias,
-        DBDataType dataType);
-
     int getBinaryData(
         const Alias &alias,
-        DBDataType sendDataType,
-        const std::string &password,
-        DBDataType &recvDataType,
-        SafeBuffer &rawData);
+        DataType sendDataType,
+        const Password &password,
+        DataType &recvDataType,
+        RawBuffer &rawData);
 
     int getBinaryDataAliasVector(
-        DBDataType sendDataType,
+        DataType sendDataType,
         AliasVector &aliasVector);
 
+    int createKeyPair(
+        const KeyType key_type,
+        const int     additional_param, // key size for [RSA|DSA], elliptic curve type for ECDSA
+        const Alias  &privateKeyAlias,
+        const Alias  &publicKeyAlias,
+        const Policy &policyPrivateKey,
+        const Policy &policyPublicKey);
+
     int m_counter;
-    static bool s_isInit;
+    CKM::ServiceConnection m_storageConnection;
+    CKM::ServiceConnection m_ocspConnection;
+    CKM::ServiceConnection m_encryptionConnection;
 };
 
 } // namespace CKM