Fix parameter validation in ocsp

[platform/core/security/key-manager.git] / src / manager / client-async / client-manager-async-impl.cpp
diff --git a/src/manager/client-async/client-manager-async-impl.cpp b/src/manager/client-async/client-manager-async-impl.cpp

index d737201..2a37c24 100644 (file)
--- a/src/manager/client-async/client-manager-async-impl.cpp
+++ b/src/manager/client-async/client-manager-async-impl.cpp
@@ -49,7 +49,11 @@ void ManagerAsync::Impl::saveKey(const ObserverPtr& observer,
          observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
          return;
      }
-    saveBinaryData(observer, alias, toDBDataType(key->getType()), key->getDER(), policy);
+    Try {
+        saveBinaryData(observer, alias, DataType(key->getType()), key->getDER(), policy);
+    } Catch(DataType::Exception::Base) {
+        observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
+    }
  }
  
  void ManagerAsync::Impl::saveCertificate(const ObserverPtr& observer,
@@ -62,7 +66,7 @@ void ManagerAsync::Impl::saveCertificate(const ObserverPtr& observer,
          observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
          return;
      }
-    saveBinaryData(observer, alias, DBDataType::CERTIFICATE, cert->getDER(), policy);
+    saveBinaryData(observer, alias, DataType::CERTIFICATE, cert->getDER(), policy);
  }
  
  void ManagerAsync::Impl::saveData(const ObserverPtr& observer,
@@ -75,29 +79,50 @@ void ManagerAsync::Impl::saveData(const ObserverPtr& observer,
          observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
          return;
      }
-    saveBinaryData(observer, alias, DBDataType::BINARY_DATA, data, policy);
+    saveBinaryData(observer, alias, DataType::BINARY_DATA, data, policy);
  }
  
  void ManagerAsync::Impl::saveBinaryData(const ManagerAsync::ObserverPtr& observer,
                                          const Alias& alias,
-                                        DBDataType dataType,
+                                        DataType dataType,
                                          const RawBuffer& rawData,
                                          const Policy& policy)
  {
      try_catch_async([&] {
+        AliasSupport helper(alias);
          sendToStorage(observer,
                        static_cast<int>(LogicCommand::SAVE),
                        m_counter,
                        static_cast<int>(dataType),
-                      alias,
+                      helper.getName(),
+                      helper.getLabel(),
                        rawData,
                        PolicySerializable(policy));
      }, [&observer](int error){ observer->ReceivedError(error); } );
  }
  
-void ManagerAsync::Impl::removeBinaryData(const ManagerAsync::ObserverPtr& observer,
-                                          const Alias& alias,
-                                          DBDataType dataType)
+void ManagerAsync::Impl::savePKCS12(const ManagerAsync::ObserverPtr& observer,
+                                    const Alias &alias,
+                                    const PKCS12ShPtr &pkcs,
+                                    const Policy &keyPolicy,
+                                    const Policy &certPolicy)
+{
+    try_catch_async([&] {
+        AliasSupport helper(alias);
+        sendToStorage(observer,
+                      static_cast<int>(LogicCommand::SAVE_PKCS12),
+                      m_counter,
+                      helper.getName(),
+                      helper.getLabel(),
+                      PKCS12Serializable(*pkcs.get()),
+                      PolicySerializable(keyPolicy),
+                      PolicySerializable(certPolicy));
+
+    }, [&observer](int error){ observer->ReceivedError(error); } );
+}
+
+void ManagerAsync::Impl::removeAlias(const ManagerAsync::ObserverPtr& observer,
+                                     const Alias& alias)
  {
      observerCheck(observer);
      if (alias.empty()) {
@@ -109,7 +134,6 @@ void ManagerAsync::Impl::removeBinaryData(const ManagerAsync::ObserverPtr& obser
          sendToStorage(observer,
                        static_cast<int>(LogicCommand::REMOVE),
                        m_counter,
-                      static_cast<int>(dataType),
                        helper.getName(),
                        helper.getLabel());
      }, [&observer](int error){ observer->ReceivedError(error); } );
@@ -117,7 +141,7 @@ void ManagerAsync::Impl::removeBinaryData(const ManagerAsync::ObserverPtr& obser
  
  void ManagerAsync::Impl::getBinaryData(const ManagerAsync::ObserverPtr& observer,
                                         const Alias &alias,
-                                       DBDataType sendDataType,
+                                       DataType sendDataType,
                                         const Password &password)
  {
      observerCheck(observer);
@@ -137,6 +161,28 @@ void ManagerAsync::Impl::getBinaryData(const ManagerAsync::ObserverPtr& observer
      }, [&observer](int error){ observer->ReceivedError(error); } );
  }
  
+void ManagerAsync::Impl::getPKCS12(const ManagerAsync::ObserverPtr& observer,
+                                   const Alias &alias,
+                                   const Password &passwordKey,
+                                   const Password &passwordCert)
+{
+    observerCheck(observer);
+    if (alias.empty()) {
+        observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
+        return;
+    }
+    try_catch_async([&] {
+        AliasSupport helper(alias);
+        sendToStorage(observer,
+                      static_cast<int>(LogicCommand::GET_PKCS12),
+                      m_counter,
+                      helper.getName(),
+                      helper.getLabel(),
+                      passwordKey,
+                      passwordCert);
+    }, [&observer](int error){ observer->ReceivedError(error); } );
+}
+
  void ManagerAsync::Impl::createSignature(const ObserverPtr& observer,
                                           const Alias& privateKeyAlias,
                                           const Password& password,
@@ -202,6 +248,8 @@ void ManagerAsync::Impl::ocspCheck(const ObserverPtr& observer,
      try_catch_async([&] {
          RawBufferVector rawCertChain;
          for (auto &e: certificateChainVector) {
+            if(!e || e->empty())
+                return observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
              rawCertChain.push_back(e->getDER());
          }
  
@@ -215,10 +263,10 @@ void ManagerAsync::Impl::ocspCheck(const ObserverPtr& observer,
      }, [&observer](int error){ observer->ReceivedError(error); } );
  }
  
-void ManagerAsync::Impl::allowAccess(const ObserverPtr& observer,
-                                     const Alias& alias,
-                                     const Label& accessor,
-                                     AccessRight granted)
+void ManagerAsync::Impl::setPermission(const ObserverPtr& observer,
+                                       const Alias& alias,
+                                       const Label& accessor,
+                                       PermissionMask permissionMask)
  {
      observerCheck(observer);
      if (alias.empty() || accessor.empty()) {
@@ -226,35 +274,19 @@ void ManagerAsync::Impl::allowAccess(const ObserverPtr& observer,
          return;
      }
      try_catch_async([&] {
+        AliasSupport helper(alias);
          sendToStorage(observer,
-                      static_cast<int>(LogicCommand::ALLOW_ACCESS),
+                      static_cast<int>(LogicCommand::SET_PERMISSION),
                        m_counter,
-                      alias,
+                      helper.getName(),
+                      helper.getLabel(),
                        accessor,
-                      static_cast<int>(granted));
-    }, [&observer](int error){ observer->ReceivedError(error); } );
-}
-
-void ManagerAsync::Impl::denyAccess(const ObserverPtr& observer,
-                                    const Alias& alias,
-                                    const Label& accessor)
-{
-    observerCheck(observer);
-    if (alias.empty() || accessor.empty()) {
-        observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
-        return;
-    }
-    try_catch_async([&] {
-        sendToStorage(observer,
-                      static_cast<int>(LogicCommand::DENY_ACCESS),
-                      m_counter,
-                      alias,
-                      accessor);
+                      permissionMask);
      }, [&observer](int error){ observer->ReceivedError(error); } );
  }
  
  void ManagerAsync::Impl::getBinaryDataAliasVector(const ManagerAsync::ObserverPtr& observer,
-                                                  DBDataType dataType)
+                                                  DataType dataType)
  {
      observerCheck(observer);
      try_catch_async([&] {
@@ -279,22 +311,25 @@ void ManagerAsync::Impl::createKeyPair(const ManagerAsync::ObserverPtr& observer
          return;
      }
      // input type check
-    LogicCommand cmd_type;
+    CryptoAlgorithm keyGenAlgorithm;
      switch(key_type)
      {
          case KeyType::KEY_RSA_PUBLIC:
          case KeyType::KEY_RSA_PRIVATE:
-            cmd_type = LogicCommand::CREATE_KEY_PAIR_RSA;
+            keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
+            keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
              break;
  
          case KeyType::KEY_DSA_PUBLIC:
          case KeyType::KEY_DSA_PRIVATE:
-            cmd_type = LogicCommand::CREATE_KEY_PAIR_DSA;
+            keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
+            keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
              break;
  
          case KeyType::KEY_ECDSA_PUBLIC:
          case KeyType::KEY_ECDSA_PRIVATE:
-            cmd_type = LogicCommand::CREATE_KEY_PAIR_ECDSA;
+            keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
+            keyGenAlgorithm.setParam(ParamName::GEN_EC, additional_param);
              break;
  
          default:
@@ -303,14 +338,41 @@ void ManagerAsync::Impl::createKeyPair(const ManagerAsync::ObserverPtr& observer
      }
  
      try_catch_async([&] {
+        AliasSupport prvHelper(privateKeyAlias);
+        AliasSupport pubHelper(publicKeyAlias);
          sendToStorage(observer,
-                      static_cast<int>(cmd_type),
+                      static_cast<int>(LogicCommand::CREATE_KEY_PAIR),
                        m_counter,
-                      static_cast<int>(additional_param),
+                      CryptoAlgorithmSerializable(keyGenAlgorithm),
                        PolicySerializable(policyPrivateKey),
                        PolicySerializable(policyPublicKey),
-                      privateKeyAlias,
-                      publicKeyAlias);
+                      prvHelper.getName(),
+                      prvHelper.getLabel(),
+                      pubHelper.getName(),
+                      pubHelper.getLabel());
+    }, [&observer](int error){ observer->ReceivedError(error); } );
+}
+
+void ManagerAsync::Impl::createKeyAES(const ManagerAsync::ObserverPtr& observer,
+                                      const size_t  size,
+                                      const Alias  &keyAlias,
+                                      const Policy &policyKey)
+{
+    observerCheck(observer);
+    if (keyAlias.empty()) {
+        observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
+        return;
+    }
+
+    try_catch_async([&] {
+        AliasSupport aliasHelper(keyAlias);
+        sendToStorage(observer,
+                      static_cast<int>(LogicCommand::CREATE_KEY_AES),
+                      m_counter,
+                      static_cast<int>(size),
+                      PolicySerializable(policyKey),
+                      aliasHelper.getName(),
+                      aliasHelper.getLabel());
      }, [&observer](int error){ observer->ReceivedError(error); } );
  }