Fix implementation of exportable flag.

[platform/core/security/key-manager.git] / src / manager / service / ckm-logic.cpp

diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp
index 948411f..69434f7 100755 (executable)
--- a/src/manager/service/ckm-logic.cpp
+++ b/src/manager/service/ckm-logic.cpp
@@ -50,7 +50,7 @@ CKMLogic::CKMLogic()
 
 CKMLogic::~CKMLogic(){}
 
-RawBuffer CKMLogic::unlockUserKey(uid_t user, const std::string &password) {
+RawBuffer CKMLogic::unlockUserKey(uid_t user, const Password &password) {
     // TODO try catch for all errors that should be supported by error code
     int retCode = CKM_API_SUCCESS;
 
@@ -116,8 +116,8 @@ RawBuffer CKMLogic::removeUserData(uid_t user) {
 
 RawBuffer CKMLogic::changeUserPassword(
     uid_t user,
-    const std::string &oldPassword,
-    const std::string &newPassword)
+    const Password &oldPassword,
+    const Password &newPassword)
 {
     int retCode = CKM_API_SUCCESS;
     try {
@@ -147,7 +147,7 @@ RawBuffer CKMLogic::changeUserPassword(
 
 RawBuffer CKMLogic::resetUserPassword(
     uid_t user,
-    const std::string &newPassword)
+    const Password &newPassword)
 {
     int retCode = CKM_API_SUCCESS;
     // TODO try-catch
@@ -249,31 +249,16 @@ RawBuffer CKMLogic::removeData(
     int retCode = CKM_API_SUCCESS;
 
     if (0 < m_userDataMap.count(cred.uid)) {
-       // check if the data exists or not
-        DBCrypto::DBRowOptional row_optional;
-        if (dataType == DBDataType::CERTIFICATE || dataType == DBDataType::BINARY_DATA) {
-            row_optional = m_userDataMap[cred.uid].database.getDBRow(alias, cred.smackLabel, dataType);
-        } else if ((static_cast<int>(dataType) >= static_cast<int>(DBDataType::DB_KEY_FIRST))
-                && (static_cast<int>(dataType) <= static_cast<int>(DBDataType::DB_KEY_LAST)))
-        {
-            row_optional = m_userDataMap[cred.uid].database.getKeyDBRow(alias, cred.smackLabel);
-        } else {
-            LogError("Unknown type of requested data" << (int)dataType);
-            retCode = CKM_API_ERROR_BAD_REQUEST;
-        }
-        if(!row_optional) {
-            LogError("No row for given alias, label and type");
-            retCode = CKM_API_ERROR_DB_ALIAS_UNKNOWN;
-        }
-
-        // remove if the data exists
-        if(retCode == CKM_API_SUCCESS) {
-            Try {
-                m_userDataMap[cred.uid].database.deleteDBRow(alias, cred.smackLabel);
-            } Catch (CKM::Exception) {
-                LogError("Error in deleting row!");
-                retCode = CKM_API_ERROR_DB_ERROR;
+        Try {
+            auto erased = m_userDataMap[cred.uid].database.deleteDBRow(alias, cred.smackLabel);
+            // check if the data existed or not
+            if(!erased) {
+                LogError("No row for given alias and label");
+                retCode = CKM_API_ERROR_DB_ALIAS_UNKNOWN;
             }
+        } Catch (CKM::Exception) {
+            LogError("Error in deleting row!");
+            retCode = CKM_API_ERROR_DB_ERROR;
         }
     } else {
         retCode = CKM_API_ERROR_DB_LOCKED;
@@ -292,7 +277,7 @@ int CKMLogic::getDataHelper(
     Credentials &cred,
     DBDataType dataType,
     const Alias &alias,
-    const std::string &password,
+    const Password &password,
     DBRow &row)
 {
 
@@ -340,7 +325,7 @@ RawBuffer CKMLogic::getData(
     int commandId,
     DBDataType dataType,
     const Alias &alias,
-    const std::string &password)
+    const Password &password)
 {
     int retCode = CKM_API_SUCCESS;
     DBRow row;
@@ -363,6 +348,11 @@ RawBuffer CKMLogic::getData(
         row.dataType = dataType;
     }
 
+    if ((CKM_API_SUCCESS == retCode) && (row.exportable == 0)) {
+        row.data.clear();
+        retCode = CKM_API_ERROR_NOT_EXPORTABLE;
+    }
+
     MessageBuffer response;
     Serialization::Serialize(response, static_cast<int>(LogicCommand::GET));
     Serialization::Serialize(response, commandId);
@@ -634,7 +624,7 @@ RawBuffer CKMLogic::getCertificateChain(
         }
 
         for (auto &i: aliasVector) {
-            retCode = getDataHelper(cred, DBDataType::CERTIFICATE, i, std::string(), row);
+            retCode = getDataHelper(cred, DBDataType::CERTIFICATE, i, Password(), row);
 
             if (retCode != CKM_API_SUCCESS)
                 goto senderror;
@@ -673,7 +663,7 @@ RawBuffer CKMLogic::createSignature(
         Credentials &cred,
         int commandId,
         const Alias &privateKeyAlias,
-        const std::string &password,           // password for private_key
+        const Password &password,           // password for private_key
         const RawBuffer &message,
         const HashAlgorithm hash,
         const RSAPaddingAlgorithm padding)
@@ -692,7 +682,7 @@ RawBuffer CKMLogic::createSignature(
                 break;
             }
 
-            GenericKey keyParsed(row.data, std::string());
+            GenericKey keyParsed(row.data, Password());
             if (keyParsed.empty())
                 retCode = CKM_API_ERROR_SERVER_ERROR;
             else
@@ -724,7 +714,7 @@ RawBuffer CKMLogic::verifySignature(
         Credentials &cred,
         int commandId,
         const Alias &publicKeyOrCertAlias,
-        const std::string &password,           // password for public_key (optional)
+        const Password &password,           // password for public_key (optional)
         const RawBuffer &message,
         const RawBuffer &signature,
         const HashAlgorithm hash,