Add algorithm param validation

[platform/core/security/key-manager.git] / src / manager / crypto / sw-backend / internals.h

diff --git a/src/manager/crypto/sw-backend/internals.h b/src/manager/crypto/sw-backend/internals.h
index 49ce47f..d9869b5 100644 (file)
--- a/src/manager/crypto/sw-backend/internals.h
+++ b/src/manager/crypto/sw-backend/internals.h
@@ -24,6 +24,7 @@
 #include <certificate-impl.h>
 #include <ckm/ckm-type.h>
 #include <openssl/evp.h>
+#include <token.h>
 
 #define EVP_SUCCESS 1  // DO NOTCHANGE THIS VALUE
 #define EVP_FAIL    0  // DO NOTCHANGE THIS VALUE
@@ -38,19 +39,44 @@ namespace Crypto {
 namespace SW {
 namespace Internals {
 
+// During initialization, FIPS_MODE and the entropy source are set
+// and system certificates are loaded to memory.
+//    FIPS_MODE - ON, OFF(Default)
+//    entropy source - /dev/random,/dev/urandom(Default)
 int initialize();
 
-void createKeyPairRSA(const int size,
-    KeyImpl &createdPrivateKey,
-    KeyImpl &createdPublicKey);
-
-void createKeyPairDSA(const int size,
-    KeyImpl &createdPrivateKey,
-    KeyImpl &createdPublicKey);
-
-void createKeyPairECDSA(ElipticCurve type1,
-    KeyImpl &createdPrivateKey,
-    KeyImpl &createdPublicKey);
+TokenPair createKeyPairRSA(CryptoBackend backendId, const int size);
+TokenPair createKeyPairDSA(CryptoBackend backendId, const int size);
+TokenPair createKeyPairECDSA(CryptoBackend backendId, ElipticCurve type1);
+Token     createKeyAES(CryptoBackend backendId, const int sizeBits);
+
+TokenPair generateAKey(CryptoBackend backendId, const CryptoAlgorithm &algorithm);
+Token generateSKey(CryptoBackend backendId, const CryptoAlgorithm &algorithm);
+
+RawBuffer symmetricEncrypt(const RawBuffer &key,
+                           const CryptoAlgorithm &alg,
+                           const RawBuffer &data);
+RawBuffer symmetricDecrypt(const RawBuffer &key,
+                           const CryptoAlgorithm &alg,
+                           const RawBuffer &cipher);
+
+std::pair<RawBuffer, RawBuffer> encryptDataAesGcm(const RawBuffer &key,
+    const RawBuffer &data,
+    const RawBuffer &iv,
+    int tagSizeBits);
+
+RawBuffer decryptDataAesGcm(const RawBuffer &key,
+    const RawBuffer &data,
+    const RawBuffer &iv,
+    const RawBuffer &tag);
+
+RawBuffer encryptDataAesCbc(const RawBuffer &key,
+    const RawBuffer &data,
+    const RawBuffer &iv);
+
+RawBuffer decryptDataAesCbc(const RawBuffer &key,
+    const RawBuffer &data,
+    const RawBuffer &iv);
 
 RawBuffer sign(EVP_PKEY *pkey,
     const CryptoAlgorithm &alg,