*/
#pragma once
-#include <protocols.h>
+#include <data-type.h>
#include <client-common.h>
#include <ckm/ckm-type.h>
#include <ckm/ckm-key.h>
const Policy &keyPolicy,
const Policy &certPolicy);
int getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs);
-
+ int getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs);
int removeAlias(const Alias &alias);
const Policy &policyPrivateKey = Policy(),
const Policy &policyPublicKey = Policy());
+ int createKeyAES(
+ const int size, // size in bits [128, 192, 256]
+ const Alias &keyAlias,
+ const Policy &policyKey = Policy());
+
int getCertificateChain(
const CertificateShPtr &certificate,
const CertificateShPtrVector &untrustedCertificates,
+ const CertificateShPtrVector &trustedCertificates,
+ bool useTrustedSystemCertificates,
CertificateShPtrVector &certificateChainVector);
int getCertificateChain(
const CertificateShPtr &certificate,
const AliasVector &untrustedCertificates,
+ const AliasVector &trustedCertificates,
+ bool useTrustedSystemCertificates,
CertificateShPtrVector &certificateChainVector);
int createSignature(
int ocspCheck(const CertificateShPtrVector &certificateChain, int &ocspCheck);
- int setPermission(const Alias &alias, const Label &accessor, Permission newPermission);
+ int setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask);
+
+ int encrypt(const CryptoAlgorithm &algo,
+ const Alias &keyAlias,
+ const Password &password,
+ const RawBuffer& plain,
+ RawBuffer& encrypted);
+
+ int decrypt(const CryptoAlgorithm &algo,
+ const Alias &keyAlias,
+ const Password &password,
+ const RawBuffer& encrypted,
+ RawBuffer& decrypted);
protected:
int saveBinaryData(
const Alias &alias,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &rawData,
const Policy &policy);
int getBinaryData(
const Alias &alias,
- DBDataType sendDataType,
+ DataType sendDataType,
const Password &password,
- DBDataType &recvDataType,
+ DataType &recvDataType,
RawBuffer &rawData);
int getBinaryDataAliasVector(
- DBDataType sendDataType,
+ DataType sendDataType,
AliasVector &aliasVector);
int createKeyPair(
const Policy &policyPrivateKey,
const Policy &policyPublicKey);
+ int crypt(EncryptionCommand command,
+ const CryptoAlgorithm &algo,
+ const Alias &keyAlias,
+ const Password &password,
+ const RawBuffer& input,
+ RawBuffer& output);
+
int m_counter;
CKM::ServiceConnection m_storageConnection;
CKM::ServiceConnection m_ocspConnection;
+ CKM::ServiceConnection m_encryptionConnection;
};
} // namespace CKM