X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Finclude%2Fckm%2Fckm-type.h;h=a152e1dfe597ff7284e552a6bfd8acf01b4cee66;hb=b4b2310fa8c7dc6089131a83195a17a07d7e6850;hp=75a533811da5dccceccc12ebfd179b15af452a97;hpb=8ca9dd2ad44ed0278108b9a924e5e2e28f3e7313;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git

diff --git a/src/include/ckm/ckm-type.h b/src/include/ckm/ckm-type.h
index 75a5338..a152e1d 100644
--- a/src/include/ckm/ckm-type.h
+++ b/src/include/ckm/ckm-type.h
@@ -21,81 +21,202 @@
  */
 #pragma once
 
+#include <stdint.h>
+#include <cassert>
+
 #include <string>
 #include <vector>
+#include <map>
+#include <memory>
 
 #include <ckm/ckm-raw-buffer.h>
 #include <ckm/ckm-password.h>
 
+#define KEY_MANAGER_API __attribute__((visibility("default")))
+
 namespace CKM {
 
 // used to pass password and raw key data
 typedef std::vector<RawBuffer> RawBufferVector;
 typedef std::string Alias;
+typedef std::string Label;
 typedef std::vector<Alias> AliasVector;
 
 enum class KeyType : int {
-    KEY_NONE,
+    KEY_NONE = 0,
     KEY_RSA_PUBLIC,
     KEY_RSA_PRIVATE,
     KEY_ECDSA_PUBLIC,
     KEY_ECDSA_PRIVATE,
+    KEY_DSA_PUBLIC,
+    KEY_DSA_PRIVATE,
     KEY_AES
 };
 
 enum class DataFormat : int {
-    FORM_DER_BASE64,
+    FORM_DER_BASE64 = 0,
     FORM_DER,
     FORM_PEM
 };
 
 enum class ElipticCurve : int {
-    prime192v1,
+    prime192v1 = 0,
     prime256v1,
     secp384r1
 };
 
 enum class CertificateFieldId : int {
-    ISSUER,
+    ISSUER = 0,
     SUBJECT
 };
 
 struct Policy {
-    Policy(const Password &pass = Password(), bool extract = true, bool rest = false)
+    Policy(const Password &pass = Password(), bool extract = true)
       : password(pass)
       , extractable(extract)
-      , restricted(rest)
     {}
     virtual ~Policy(){}
     Password password;  // byte array used to encrypt data inside CKM
-    bool extractable;  // if true key may be extracted from storage
-    bool restricted;   // if true only key owner may see data
+    bool extractable;   // if true key may be extracted from storage
 };
 
-// Added by Dongsun Lee
 enum class HashAlgorithm : int {
+    NONE = 0,
     SHA1,
     SHA256,
     SHA384,
     SHA512
 };
 
-// Added by Dongsun Lee
 enum class RSAPaddingAlgorithm : int {
+    NONE = 0,
     PKCS1,
-//  SSLV23, // not supported
-//  NONE, // not supported
-//  PKCS1_OAEP, // not supported
     X931
 };
 
 enum class DBCMAlgType : int {
-    NONE,
-    AES_CBC_256,
+    NONE = 0,
+    AES_GCM_256,
     COUNT
 };
 
+typedef int PermissionMask;
+enum Permission: int {
+    NONE            = 0x00,
+    READ            = 0x01,
+    REMOVE          = 0x02
+    // keep in sync with ckmc_permission_e !
+};
+
 const char * ErrorToString(int error);
 
+// algorithm parameters
+enum class ParamName : int {
+    ALGO_TYPE = 1,      // If there's no such param, the service will try to deduce the algorithm
+                        // type from the key.
+
+    // encryption & decryption
+    ED_IV = 101,
+    ED_CTR_LEN,
+    ED_AAD,
+    ED_TAG_LEN,
+    ED_LABEL,
+
+    // key generation
+    GEN_KEY_LEN = 201,
+    GEN_EC,             // elliptic curve (ElipticCurve)
+
+    // sign & verify
+    SV_HASH_ALGO = 301, // hash algorithm (HashAlgorithm)
+    SV_RSA_PADDING,     // RSA padding (RSAPaddingAlgorithm)
+};
+
+// algorithm types (ALGO_TYPE param)
+enum class AlgoType : int {
+    AES_CTR = 1,
+    AES_CBC,
+    AES_GCM,
+    AES_CFB,
+    RSA_OAEP,
+    RSA_SV,
+    DSA_SV,
+    ECDSA_SV,
+    RSA_GEN,
+    DSA_GEN,
+    ECDSA_GEN,
+};
+
+// cryptographic algorithm description
+class KEY_MANAGER_API CryptoAlgorithm {
+public:
+    template <typename T>
+    bool getParam(ParamName name, T& value) const;
+
+    // returns false if param 'name' already exists
+    template <typename T>
+    bool addParam(ParamName name, const T& value);
+
+protected:
+    class BaseParam {
+    public:
+        virtual bool getBuffer(RawBuffer&) const { return false; }
+        virtual bool getInt(uint64_t&) const { return false; }
+        virtual ~BaseParam() {}
+
+    protected:
+        BaseParam() {}
+    };
+    typedef std::shared_ptr<BaseParam> BaseParamPtr;
+
+    class BufferParam : public BaseParam {
+    public:
+        bool getBuffer(RawBuffer& buffer) const;
+        static BaseParamPtr create(const RawBuffer& buffer);
+    private:
+        explicit BufferParam(const RawBuffer& value) : m_buffer(value) {}
+
+        RawBuffer m_buffer;
+    };
+
+    class IntParam : public BaseParam {
+    public:
+        static BaseParamPtr create(uint64_t value);
+        bool getInt(uint64_t& value) const;
+    private:
+        explicit IntParam(uint64_t value) : m_int(value) {}
+
+        uint64_t m_int;
+    };
+
+    std::map<ParamName, BaseParamPtr> m_params;
+};
+
+template <typename T>
+bool CryptoAlgorithm::getParam(ParamName name, T& value) const {
+    auto param = m_params.find(name);
+    if (param == m_params.end())
+        return false;
+
+    assert(param->second);
+
+    uint64_t valueTmp;
+    if (param->second->getInt(valueTmp)) {
+        value = static_cast<T>(valueTmp);
+        return true;
+    }
+    return false;
+}
+
+template <>
+bool CryptoAlgorithm::getParam(ParamName name, RawBuffer& value) const;
+
+template <typename T>
+bool CryptoAlgorithm::addParam(ParamName name, const T& value) {
+    return m_params.emplace(name, IntParam::create(static_cast<uint64_t>(value))).second;
+}
+
+template <>
+bool CryptoAlgorithm::addParam(ParamName name, const RawBuffer& value);
+
 } // namespace CKM