X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Fmanager%2Fclient%2Fclient-manager-impl.cpp;h=790e54138d9dfc001db56e70570e15334b4b1b21;hb=c1fe1e83ca540a1290f73dc077a0f8dcc0e67360;hp=ca9d250256781bec9fc28ffdcf5a4d9dd7901917;hpb=19721d21c5b9ef92de3fed0957fdf496d1bc5f3c;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp index ca9d250..790e541 100644 --- a/src/manager/client/client-manager-impl.cpp +++ b/src/manager/client/client-manager-impl.cpp @@ -86,17 +86,17 @@ int getCertChain( } // namespace anonymous -ManagerImpl::ManagerImpl() +Manager::Impl::Impl() : m_counter(0), m_storageConnection(SERVICE_SOCKET_CKM_STORAGE), m_ocspConnection(SERVICE_SOCKET_OCSP), m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION) { - initCryptoLib(); + initOpenSslOnce(); } -int ManagerImpl::saveBinaryData( +int Manager::Impl::saveBinaryData( const Alias &alias, DataType dataType, const RawBuffer &rawData, @@ -134,7 +134,7 @@ int ManagerImpl::saveBinaryData( }); } -int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) { +int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) { if (key.get() == NULL) return CKM_API_ERROR_INPUT_PARAM; Try { @@ -145,7 +145,7 @@ int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy & return CKM_API_ERROR_INPUT_PARAM; } -int ManagerImpl::saveCertificate( +int Manager::Impl::saveCertificate( const Alias &alias, const CertificateShPtr &cert, const Policy &policy) @@ -155,14 +155,14 @@ int ManagerImpl::saveCertificate( return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy); } -int ManagerImpl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) { +int Manager::Impl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) { if (!policy.extractable) return CKM_API_ERROR_INPUT_PARAM; return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy); } -int ManagerImpl::savePKCS12( +int Manager::Impl::savePKCS12( const Alias & alias, const PKCS12ShPtr &pkcs, const Policy &keyPolicy, @@ -199,12 +199,12 @@ int ManagerImpl::savePKCS12( }); } -int ManagerImpl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs) +int Manager::Impl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs) { return getPKCS12(alias, Password(), Password(), pkcs); } -int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs) +int Manager::Impl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs) { if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; @@ -240,7 +240,7 @@ int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Pa } -int ManagerImpl::removeAlias(const Alias &alias) +int Manager::Impl::removeAlias(const Alias &alias) { if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; @@ -270,7 +270,7 @@ int ManagerImpl::removeAlias(const Alias &alias) }); } -int ManagerImpl::getBinaryData( +int Manager::Impl::getBinaryData( const Alias &alias, DataType sendDataType, const Password &password, @@ -309,7 +309,7 @@ int ManagerImpl::getBinaryData( }); } -int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) { +int Manager::Impl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) { DataType recvDataType; RawBuffer rawData; @@ -339,7 +339,7 @@ int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr & return CKM_API_SUCCESS; } -int ManagerImpl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert) +int Manager::Impl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert) { DataType recvDataType; RawBuffer rawData; @@ -367,7 +367,7 @@ int ManagerImpl::getCertificate(const Alias &alias, const Password &password, Ce return CKM_API_SUCCESS; } -int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer &rawData) +int Manager::Impl::getData(const Alias &alias, const Password &password, RawBuffer &rawData) { DataType recvDataType = DataType::BINARY_DATA; @@ -387,7 +387,7 @@ int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer return CKM_API_SUCCESS; } -int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector) +int Manager::Impl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector) { int my_counter = ++m_counter; @@ -417,21 +417,21 @@ int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasV }); } -int ManagerImpl::getKeyAliasVector(AliasVector &aliasVector) { +int Manager::Impl::getKeyAliasVector(AliasVector &aliasVector) { // in fact datatype has no meaning here - if not certificate or binary data // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector); } -int ManagerImpl::getCertificateAliasVector(AliasVector &aliasVector) { +int Manager::Impl::getCertificateAliasVector(AliasVector &aliasVector) { return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector); } -int ManagerImpl::getDataAliasVector(AliasVector &aliasVector) { +int Manager::Impl::getDataAliasVector(AliasVector &aliasVector) { return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector); } -int ManagerImpl::createKeyPairRSA( +int Manager::Impl::createKeyPairRSA( const int size, const Alias &privateKeyAlias, const Alias &publicKeyAlias, @@ -441,7 +441,7 @@ int ManagerImpl::createKeyPairRSA( return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); } -int ManagerImpl::createKeyPairDSA( +int Manager::Impl::createKeyPairDSA( const int size, const Alias &privateKeyAlias, const Alias &publicKeyAlias, @@ -451,7 +451,7 @@ int ManagerImpl::createKeyPairDSA( return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); } -int ManagerImpl::createKeyPairECDSA( +int Manager::Impl::createKeyPairECDSA( ElipticCurve type, const Alias &privateKeyAlias, const Alias &publicKeyAlias, @@ -461,7 +461,7 @@ int ManagerImpl::createKeyPairECDSA( return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, static_cast(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); } -int ManagerImpl::createKeyAES( +int Manager::Impl::createKeyAES( const int size, const Alias &keyAlias, const Policy &policyKey) @@ -496,7 +496,7 @@ int ManagerImpl::createKeyAES( } -int ManagerImpl::createKeyPair( +int Manager::Impl::createKeyPair( const KeyType key_type, const int additional_param, const Alias &privateKeyAlias, @@ -563,7 +563,7 @@ int ManagerImpl::createKeyPair( }); } -int ManagerImpl::getCertificateChain( +int Manager::Impl::getCertificateChain( const CertificateShPtr &certificate, const CertificateShPtrVector &untrustedCertificates, const CertificateShPtrVector &trustedCertificates, @@ -573,6 +573,9 @@ int ManagerImpl::getCertificateChain( RawBufferVector untrustedVector; RawBufferVector trustedVector; + if(!certificate || certificate->empty()) + return CKM_API_ERROR_INPUT_PARAM; + for (auto &e: untrustedCertificates) { untrustedVector.push_back(e->getDER()); } @@ -591,7 +594,7 @@ int ManagerImpl::getCertificateChain( certificateChainVector); } -int ManagerImpl::getCertificateChain( +int Manager::Impl::getCertificateChain( const CertificateShPtr &certificate, const AliasVector &untrustedCertificates, const AliasVector &trustedCertificates, @@ -601,6 +604,9 @@ int ManagerImpl::getCertificateChain( LabelNameVector untrustedVector; LabelNameVector trustedVector; + if(!certificate || certificate->empty()) + return CKM_API_ERROR_INPUT_PARAM; + for (auto &e: untrustedCertificates) { AliasSupport helper(e); untrustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName())); @@ -621,12 +627,11 @@ int ManagerImpl::getCertificateChain( certificateChainVector); } -int ManagerImpl::createSignature( +int Manager::Impl::createSignature( const Alias &privateKeyAlias, const Password &password, // password for private_key const RawBuffer &message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding, + const CryptoAlgorithm &cAlgorithm, RawBuffer &signature) { int my_counter = ++m_counter; @@ -641,8 +646,7 @@ int ManagerImpl::createSignature( helper.getLabel(), password, message, - static_cast(hash), - static_cast(padding)); + CryptoAlgorithmSerializable(cAlgorithm)); int retCode = m_storageConnection.processRequest(send.Pop(), recv); if (CKM_API_SUCCESS != retCode) @@ -662,13 +666,12 @@ int ManagerImpl::createSignature( }); } -int ManagerImpl::verifySignature( +int Manager::Impl::verifySignature( const Alias &publicKeyOrCertAlias, const Password &password, // password for public_key (optional) const RawBuffer &message, const RawBuffer &signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) + const CryptoAlgorithm &cAlg) { int my_counter = ++m_counter; @@ -682,8 +685,7 @@ int ManagerImpl::verifySignature( password, message, signature, - static_cast(hash), - static_cast(padding)); + CryptoAlgorithmSerializable(cAlg)); int retCode = m_storageConnection.processRequest(send.Pop(), recv); if (CKM_API_SUCCESS != retCode) @@ -703,7 +705,7 @@ int ManagerImpl::verifySignature( }); } -int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus) +int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus) { return try_catch([&] { int my_counter = ++m_counter; @@ -711,6 +713,10 @@ int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspSta RawBufferVector rawCertChain; for (auto &e: certChain) { + if (!e || e->empty()) { + LogError("Empty certificate"); + return CKM_API_ERROR_INPUT_PARAM; + } rawCertChain.push_back(e->getDER()); } @@ -731,7 +737,7 @@ int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspSta }); } -int ManagerImpl::setPermission(const Alias &alias, +int Manager::Impl::setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask) { @@ -763,7 +769,7 @@ int ManagerImpl::setPermission(const Alias &alias, }); } -int ManagerImpl::crypt(EncryptionCommand command, +int Manager::Impl::crypt(EncryptionCommand command, const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, @@ -800,7 +806,7 @@ int ManagerImpl::crypt(EncryptionCommand command, }); } -int ManagerImpl::encrypt(const CryptoAlgorithm &algo, +int Manager::Impl::encrypt(const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, const RawBuffer& plain, @@ -809,7 +815,7 @@ int ManagerImpl::encrypt(const CryptoAlgorithm &algo, return crypt(EncryptionCommand::ENCRYPT, algo, keyAlias, password, plain, encrypted); } -int ManagerImpl::decrypt(const CryptoAlgorithm &algo, +int Manager::Impl::decrypt(const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, const RawBuffer& encrypted, @@ -818,15 +824,4 @@ int ManagerImpl::decrypt(const CryptoAlgorithm &algo, return crypt(EncryptionCommand::DECRYPT, algo, keyAlias, password, encrypted, decrypted); } -ManagerShPtr Manager::create() { - try { - return std::make_shared(); - } catch (const std::bad_alloc &) { - LogDebug("Bad alloc was caught during ManagerImpl creation."); - } catch (...) { - LogError("Critical error: Unknown exception was caught during ManagerImpl creation!"); - } - return ManagerShPtr(); -} - } // namespace CKM