int retCode = tryRet([&] {
Crypto::GObjUPtr obj;
- int retCode = readDataHelper(true, cred, dataType, name, owner,
- password, obj, objDataType);
+ int retCode2 = readDataHelper(true, cred, dataType, name, owner,
+ password, obj, objDataType);
- if (retCode == CKM_API_SUCCESS)
+ if (retCode2 == CKM_API_SUCCESS)
rowData = obj->getBinary();
- return retCode;
+ return retCode2;
});
if (CKM_API_SUCCESS != retCode)
// read private key (mandatory)
Crypto::GObjUPtr keyObj;
- int retCode = readDataHelper(true, cred, DataType::DB_KEY_FIRST, name, owner,
- keyPassword, keyObj);
+ int retCode2 = readDataHelper(true, cred, DataType::DB_KEY_FIRST, name, owner,
+ keyPassword, keyObj);
- if (retCode != CKM_API_SUCCESS) {
- if (retCode != CKM_API_ERROR_NOT_EXPORTABLE)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS) {
+ if (retCode2 != CKM_API_ERROR_NOT_EXPORTABLE)
+ return retCode2;
} else {
privKey = CKM::Key::create(keyObj->getBinary());
}
// read certificate (mandatory)
Crypto::GObjUPtr certObj;
- retCode = readDataHelper(true, cred, DataType::CERTIFICATE, name, owner,
- certPassword, certObj);
+ retCode2 = readDataHelper(true, cred, DataType::CERTIFICATE, name, owner,
+ certPassword, certObj);
- if (retCode != CKM_API_SUCCESS) {
- if (retCode != CKM_API_ERROR_NOT_EXPORTABLE)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS) {
+ if (retCode2 != CKM_API_ERROR_NOT_EXPORTABLE)
+ return retCode2;
} else {
cert = CKM::Certificate::create(certObj->getBinary(), DataFormat::FORM_DER);
}
// read CA cert chain (optional)
Crypto::GObjUPtrVector caChainObjs;
- retCode = readDataHelper(true, cred, DataType::DB_CHAIN_FIRST, name, owner,
- certPassword, caChainObjs);
+ retCode2 = readDataHelper(true, cred, DataType::DB_CHAIN_FIRST, name, owner,
+ certPassword, caChainObjs);
- if (retCode != CKM_API_SUCCESS && retCode != CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- if (retCode != CKM_API_ERROR_NOT_EXPORTABLE)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS && retCode2 != CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
+ if (retCode2 != CKM_API_ERROR_NOT_EXPORTABLE)
+ return retCode2;
} else {
for (auto &caCertObj : caChainObjs)
caChain.push_back(CKM::Certificate::create(caCertObj->getBinary(),
// if anything found, return it
if (privKey || cert || caChain.size() > 0)
- retCode = CKM_API_SUCCESS;
+ retCode2 = CKM_API_SUCCESS;
// prepare response
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
output = PKCS12Serializable(std::move(privKey), std::move(cert), std::move(caChain));
return CKM_API_SUCCESS;
try {
retCode = tryRet([&] {
- auto [dbOp, digest, retCode] = beginSaveAndGetHash(cred, name, owner);
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ auto [dbOp, digest, retCode2] = beginSaveAndGetHash(cred, name, owner);
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
// create key in store
CryptoAlgorithm keyGenAlgorithm;
try {
retCode = tryRet([&] {
Crypto::GObjUPtr obj;
- int retCode = readDataHelper(false, cred, DataType::DB_KEY_FIRST, privateKeyName,
- owner, password, obj);
+ int retCode2 = readDataHelper(false, cred, DataType::DB_KEY_FIRST, privateKeyName,
+ owner, password, obj);
- if (retCode == CKM_API_SUCCESS)
+ if (retCode2 == CKM_API_SUCCESS)
signature = obj->sign(cryptoAlg, message);
- return retCode;
+ return retCode2;
});
} catch (const std::exception &e) {
LogError("STD exception " << e.what());
RawBuffer wrappedKey;
auto retCode = tryRet([&] {
- auto retCode = readDataHelper(false, cred, DataType::DB_KEY_FIRST, wrappingKeyName,
- wrappingKeyOwner, wrappingKeyPassword, wrappingKey);
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ auto retCode2 = readDataHelper(false, cred, DataType::DB_KEY_FIRST, wrappingKeyName,
+ wrappingKeyOwner, wrappingKeyPassword, wrappingKey);
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
- retCode = readRowHelper(false, cred, DataType::DB_KEY_FIRST, keyName,
- keyOwner, keyPassword, wrappedKeyRow, wrappedKeyType);
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ retCode2 = readRowHelper(false, cred, DataType::DB_KEY_FIRST, keyName,
+ keyOwner, keyPassword, wrappedKeyRow, wrappedKeyType);
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
wrappedKey = wrappingKey->wrap(params, wrappedKeyRow, keyPassword);
- return retCode;
+ return retCode2;
});
return SerializeMessage(msgID, retCode, wrappedKeyType, wrappedKey);
}
+RawBuffer CKMLogic::getBackendInfo(const int msgID, BackendId backend)
+{
+ BackendInfo info;
+ auto retCode = tryRet([&] {
+ CryptoBackend cryptoBackend;
+ if (backend == BackendId::SW)
+ cryptoBackend = CryptoBackend::OpenSSL;
+ else if (backend == BackendId::TZ)
+ cryptoBackend = CryptoBackend::TrustZone;
+ else
+ return CKM_API_ERROR_INPUT_PARAM;
+
+ auto store = m_decider.getStore(cryptoBackend);
+ if (store == nullptr) {
+ LogError("Required backend is unavailable");
+ return CKM_API_ERROR_INPUT_PARAM;
+ }
+
+ info.maxChunkSize = store->maxChunkSize();
+ return CKM_API_SUCCESS;
+ });
+
+ return SerializeMessage(msgID, retCode, BackendInfoSerializable(info));
+}
+
} // namespace CKM