Fix implementation of exportable flag.

[platform/core/security/key-manager.git] / src / manager / service / ckm-logic.cpp

diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp
old mode 100644 (file)
new mode 100755 (executable)
index 8135a5a..69434f7
--- a/src/manager/service/ckm-logic.cpp
+++ b/src/manager/service/ckm-logic.cpp
@@ -50,7 +50,7 @@ CKMLogic::CKMLogic()
 
 CKMLogic::~CKMLogic(){}
 
-RawBuffer CKMLogic::unlockUserKey(uid_t user, const std::string &password) {
+RawBuffer CKMLogic::unlockUserKey(uid_t user, const Password &password) {
     // TODO try catch for all errors that should be supported by error code
     int retCode = CKM_API_SUCCESS;
 
@@ -116,8 +116,8 @@ RawBuffer CKMLogic::removeUserData(uid_t user) {
 
 RawBuffer CKMLogic::changeUserPassword(
     uid_t user,
-    const std::string &oldPassword,
-    const std::string &newPassword)
+    const Password &oldPassword,
+    const Password &newPassword)
 {
     int retCode = CKM_API_SUCCESS;
     try {
@@ -147,7 +147,7 @@ RawBuffer CKMLogic::changeUserPassword(
 
 RawBuffer CKMLogic::resetUserPassword(
     uid_t user,
-    const std::string &newPassword)
+    const Password &newPassword)
 {
     int retCode = CKM_API_SUCCESS;
     // TODO try-catch
@@ -250,7 +250,12 @@ RawBuffer CKMLogic::removeData(
 
     if (0 < m_userDataMap.count(cred.uid)) {
         Try {
-            m_userDataMap[cred.uid].database.deleteDBRow(alias, cred.smackLabel);
+            auto erased = m_userDataMap[cred.uid].database.deleteDBRow(alias, cred.smackLabel);
+            // check if the data existed or not
+            if(!erased) {
+                LogError("No row for given alias and label");
+                retCode = CKM_API_ERROR_DB_ALIAS_UNKNOWN;
+            }
         } Catch (CKM::Exception) {
             LogError("Error in deleting row!");
             retCode = CKM_API_ERROR_DB_ERROR;
@@ -272,7 +277,7 @@ int CKMLogic::getDataHelper(
     Credentials &cred,
     DBDataType dataType,
     const Alias &alias,
-    const std::string &password,
+    const Password &password,
     DBRow &row)
 {
 
@@ -320,7 +325,7 @@ RawBuffer CKMLogic::getData(
     int commandId,
     DBDataType dataType,
     const Alias &alias,
-    const std::string &password)
+    const Password &password)
 {
     int retCode = CKM_API_SUCCESS;
     DBRow row;
@@ -343,6 +348,11 @@ RawBuffer CKMLogic::getData(
         row.dataType = dataType;
     }
 
+    if ((CKM_API_SUCCESS == retCode) && (row.exportable == 0)) {
+        row.data.clear();
+        retCode = CKM_API_ERROR_NOT_EXPORTABLE;
+    }
+
     MessageBuffer response;
     Serialization::Serialize(response, static_cast<int>(LogicCommand::GET));
     Serialization::Serialize(response, commandId);
@@ -614,7 +624,7 @@ RawBuffer CKMLogic::getCertificateChain(
         }
 
         for (auto &i: aliasVector) {
-            retCode = getDataHelper(cred, DBDataType::CERTIFICATE, i, std::string(), row);
+            retCode = getDataHelper(cred, DBDataType::CERTIFICATE, i, Password(), row);
 
             if (retCode != CKM_API_SUCCESS)
                 goto senderror;
@@ -653,7 +663,7 @@ RawBuffer CKMLogic::createSignature(
         Credentials &cred,
         int commandId,
         const Alias &privateKeyAlias,
-        const std::string &password,           // password for private_key
+        const Password &password,           // password for private_key
         const RawBuffer &message,
         const HashAlgorithm hash,
         const RSAPaddingAlgorithm padding)
@@ -672,7 +682,7 @@ RawBuffer CKMLogic::createSignature(
                 break;
             }
 
-            GenericKey keyParsed(row.data, std::string());
+            GenericKey keyParsed(row.data, Password());
             if (keyParsed.empty())
                 retCode = CKM_API_ERROR_SERVER_ERROR;
             else
@@ -704,7 +714,7 @@ RawBuffer CKMLogic::verifySignature(
         Credentials &cred,
         int commandId,
         const Alias &publicKeyOrCertAlias,
-        const std::string &password,           // password for public_key (optional)
+        const Password &password,           // password for public_key (optional)
         const RawBuffer &message,
         const RawBuffer &signature,
         const HashAlgorithm hash,