int ret;
ckmc_cert_list_s *start = NULL;
ckmc_cert_list_s *plist = NULL;
- CKM::CertificateShPtrVector::const_iterator it;
- for(it = certVector.begin(); it != certVector.end(); it++) {
- CKM::RawBuffer rawBuffer = (*it)->getDER();
+ for(const auto &e : certVector) {
+ CKM::RawBuffer rawBuffer = e->getDER();
ckmc_cert_s *pcert = NULL;
ret = ckmc_cert_new(rawBuffer.data(), rawBuffer.size(), CKMC_FORM_DER, &pcert);
if(pcert == NULL) {
return start;
}
+typedef int (CKM::Manager::*cryptoFn)(const CKM::CryptoAlgorithm&,
+ const CKM::Alias&,
+ const CKM::Password&,
+ const CKM::RawBuffer&,
+ CKM::RawBuffer&);
+
+int _cryptoOperation(cryptoFn operation,
+ ckmc_param_list_h params,
+ const char *key_alias,
+ const char *password,
+ const ckmc_raw_buffer_s in,
+ ckmc_raw_buffer_s **ppout)
+{
+ if(!params || !key_alias || !ppout)
+ return CKMC_ERROR_INVALID_PARAMETER;
+
+ // params
+ const CKM::CryptoAlgorithm* ca = reinterpret_cast<const CKM::CryptoAlgorithm*>(params);
+
+ // password
+ CKM::Password pass;
+ if (password)
+ pass = password;
+
+ // buffers
+ CKM::RawBuffer inBuffer(in.data, in.data + in.size);
+ CKM::RawBuffer outBuffer;
+
+ // operation
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = ((*mgr).*operation)(*ca, key_alias, pass, inBuffer, outBuffer);
+ if (ret != CKM_API_SUCCESS)
+ return to_ckmc_error(ret);
+
+ return ckmc_buffer_new(outBuffer.data(), outBuffer.size(), ppout);
+}
+
}
CKM::Alias ckmAlias(alias);
if(key.raw_key == NULL || key.key_size <= 0) {
- return CKMC_ERROR_INVALID_PARAMETER;
+ return CKMC_ERROR_INVALID_PARAMETER;
}
CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
- CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
+ CKM::KeyShPtr ckmKey;
+ if(key.key_type == CKMC_KEY_AES)
+ {
+ if(key.password)
+ return CKMC_ERROR_INVALID_PARAMETER;
+ ckmKey = CKM::Key::createAES(buffer);
+ }
+ else
+ ckmKey = CKM::Key::create(buffer, _tostring(key.password));
if(ckmKey.get() == NULL) {
return CKMC_ERROR_INVALID_FORMAT;
}
}
KEY_MANAGER_CAPI
-int ckmc_remove_pkcs12(const char *alias)
-{
- return ckmc_remove_alias(alias);
-}
-
-KEY_MANAGER_CAPI
int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cert_password, ckmc_pkcs12_s **pkcs12)
{
int ret;
}
KEY_MANAGER_CAPI
+int ckmc_create_key_aes(size_t size,
+ const char *key_alias,
+ ckmc_policy_s key_policy)
+{
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+
+ if(key_alias == NULL)
+ return CKMC_ERROR_INVALID_PARAMETER;
+
+ CKM::Alias ckmKeyAlias(key_alias);
+ CKM::Policy ckmKeyPolicy(_tostring(key_policy.password), key_policy.extractable);
+
+ int ret = mgr->createKeyAES(size, ckmKeyAlias, ckmKeyPolicy);
+ return to_ckmc_error(ret);
+}
+
+KEY_MANAGER_CAPI
int ckmc_create_signature(const char *private_key_alias,
const char *password,
const ckmc_raw_buffer_s message,
return CKMC_ERROR_INVALID_PARAMETER;
}
- int ret = CKMC_ERROR_UNKNOWN;
int tmpOcspStatus = -1;
CKM::ManagerShPtr mgr = CKM::Manager::create();
CKM::CertificateShPtrVector ckmCertChain = _toCkmCertificateVector(pcert_chain_list);
- ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus);
+ int ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus);
*ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus);
return to_ckmc_error(ret);
}
}
KEY_MANAGER_CAPI
-int ckmc_encrypt_data(const ckmc_param_list_s */*params*/,
- const char */*key_alias*/,
- const char */*password*/,
- const ckmc_raw_buffer_s /*decrypted*/,
- ckmc_raw_buffer_s **/*ppencrypted*/)
+int ckmc_encrypt_data(ckmc_param_list_h params,
+ const char *key_alias,
+ const char *password,
+ const ckmc_raw_buffer_s decrypted,
+ ckmc_raw_buffer_s **ppencrypted)
{
- // TODO implement it
- return CKMC_ERROR_UNKNOWN;
+ return _cryptoOperation(&CKM::Manager::encrypt,
+ params,
+ key_alias,
+ password,
+ decrypted,
+ ppencrypted);
}
KEY_MANAGER_CAPI
-int ckmc_decrypt_data(const ckmc_param_list_s */*params*/,
- const char */*key_alias*/,
- const char */*password*/,
- const ckmc_raw_buffer_s /* encrypted*/,
- ckmc_raw_buffer_s **/*ppdecrypted*/)
-{
- // TODO implement it
- return CKMC_ERROR_UNKNOWN;
+int ckmc_decrypt_data(ckmc_param_list_h params,
+ const char *key_alias,
+ const char *password,
+ const ckmc_raw_buffer_s encrypted,
+ ckmc_raw_buffer_s **ppdecrypted)
+{
+ return _cryptoOperation(&CKM::Manager::decrypt,
+ params,
+ key_alias,
+ password,
+ encrypted,
+ ppdecrypted);
}
projects / platform / core / security / key-manager.git / blobdiff