X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Fmanager%2Fclient%2Fclient-manager-impl.cpp;h=961f31dbc0b130829e6afb4d311300e491f817dd;hb=68bd681ac61299383a8a481497c94877fdf15a2d;hp=fa4f5a9fd18bfc871647ae1e096ea6c28b6e0298;hpb=9682ce95dd4a079511c225be2839d93af4ecdc69;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp index fa4f5a9..961f31d 100644 --- a/src/manager/client/client-manager-impl.cpp +++ b/src/manager/client/client-manager-impl.cpp @@ -1,4 +1,4 @@ -/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved +/* Copyright (c) 2014-2020 Samsung Electronics Co., Ltd. All rights reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,7 +23,6 @@ #include #include -#include #include #include #include @@ -36,11 +35,19 @@ namespace CKM { namespace { +template +int deserializeResponse(const int msgId, MessageBuffer &recv, T&&...t) +{ + int retMsgId, retCode; + recv.Deserialize(retMsgId, retCode, std::forward(t)...); + return msgId != retMsgId ? CKM_API_ERROR_UNKNOWN : retCode; +} + template int getCertChain( ServiceConnection &serviceConnection, LogicCommand command, - int counter, + Manager::Impl &impl, const CertificateShPtr &certificate, const T &untrustedVector, const T &trustedVector, @@ -49,26 +56,13 @@ int getCertChain( { EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; - auto send = MessageBuffer::Serialize(static_cast(command), - counter, - certificate->getDER(), - untrustedVector, - trustedVector, - useTrustedSystemCertificates); - - int retCode = serviceConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; + Manager::Impl::Request rq(impl, command, serviceConnection, + certificate->getDER(), untrustedVector, trustedVector, useTrustedSystemCertificates); + if (!rq) + return rq.err(); - int retCommand; - int retCounter; RawBufferVector rawBufferVector; - recv.Deserialize(retCommand, retCounter, retCode, rawBufferVector); - - if ((counter != retCounter) || (static_cast(command) != retCommand)) - return CKM_API_ERROR_UNKNOWN; + int retCode = rq.deserialize(rawBufferVector); if (retCode != CKM_API_SUCCESS) return retCode; @@ -79,7 +73,7 @@ int getCertChain( if (cert->empty()) return CKM_API_ERROR_BAD_RESPONSE; - certificateChainVector.push_back(cert); + certificateChainVector.push_back(std::move(cert)); } return retCode; @@ -87,17 +81,50 @@ int getCertChain( EXCEPTION_GUARD_END } -} // namespace anonymous +template +int doRequest(MessageBuffer &recv, CKM::ServiceConnection &conn, T&&...t) +{ + return conn.processRequest(SerializeMessage(std::forward(t)...), recv); +} + +} // namespace Manager::Impl::Impl() - : m_counter(0), - m_storageConnection(SERVICE_SOCKET_CKM_STORAGE), + : m_storageConnection(SERVICE_SOCKET_CKM_STORAGE), m_ocspConnection(SERVICE_SOCKET_OCSP), m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION) { - initOpenSslOnce(); } +template +Manager::Impl::Request::Request(Manager::Impl &impl, Cmd cmd, CKM::ServiceConnection &conn, T&&...t) +{ + static_assert(sizeof cmd <= sizeof(int)); + const auto msgId = m_msgId = ++impl.m_counter; + m_retCode = doRequest(m_recv, conn, cmd, msgId, std::forward(t)...); +} + +Manager::Impl::Request::operator bool() const { + return CKM_API_SUCCESS == m_retCode; +} + +int Manager::Impl::Request::err() const { + assert(!*this); + return m_retCode; +} + +template +int Manager::Impl::Request::deserialize(T&&...t) +{ + assert(*this); + return deserializeResponse(m_msgId, m_recv, std::forward(t)...); +} + +template +int Manager::Impl::Request::maybeDeserialize(T&&...t) +{ + return *this ? deserialize(std::forward(t)...) : err(); +} int Manager::Impl::saveBinaryData( const Alias &alias, @@ -105,37 +132,17 @@ int Manager::Impl::saveBinaryData( const RawBuffer &rawData, const Policy &policy) { - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI if (alias.empty() || rawData.empty()) return CKM_API_ERROR_INPUT_PARAM; - MessageBuffer recv; AliasSupport helper(alias); - auto send = MessageBuffer::Serialize(static_cast(LogicCommand::SAVE), - my_counter, - static_cast(dataType), - helper.getName(), - helper.getLabel(), - rawData, - PolicySerializable(policy)); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - if (CKM_API_SUCCESS != retCode) - return retCode; - - int command; - int counter; int opType; - recv.Deserialize(command, counter, retCode, opType); - - if (counter != my_counter) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, LogicCommand::SAVE, m_storageConnection, + dataType, helper.getName(), helper.getOwner(), rawData, PolicySerializable(policy) + ).maybeDeserialize(opType); EXCEPTION_GUARD_END } @@ -145,7 +152,6 @@ int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key, { if (key.get() == NULL || key->empty()) return CKM_API_ERROR_INPUT_PARAM; - try { return saveBinaryData(alias, DataType(key->getType()), key->getDER(), policy); } catch (const Exc::Exception &e) { @@ -159,18 +165,14 @@ int Manager::Impl::saveCertificate( const CertificateShPtr &cert, const Policy &policy) { - if (cert.get() == NULL || cert->empty()) - return CKM_API_ERROR_INPUT_PARAM; - - return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy); + return cert.get() == NULL || cert->empty() + ? CKM_API_ERROR_INPUT_PARAM + : saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy); } int Manager::Impl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) { - if (!policy.extractable) - return CKM_API_ERROR_INPUT_PARAM; - return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy); } @@ -184,34 +186,14 @@ int Manager::Impl::savePKCS12( if (alias.empty() || pkcs.get() == NULL) return CKM_API_ERROR_INPUT_PARAM; - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(alias); - auto send = MessageBuffer::Serialize(static_cast - (LogicCommand::SAVE_PKCS12), - my_counter, - helper.getName(), - helper.getLabel(), - PKCS12Serializable(*pkcs.get()), - PolicySerializable(keyPolicy), - PolicySerializable(certPolicy)); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; - int command; - int counter; - recv.Deserialize(command, counter, retCode); - - if (counter != my_counter) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, LogicCommand::SAVE_PKCS12, m_storageConnection, + helper.getName(), helper.getOwner(), PKCS12Serializable(*pkcs.get()), + PolicySerializable(keyPolicy), PolicySerializable(certPolicy) + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -227,30 +209,24 @@ int Manager::Impl::getPKCS12(const Alias &alias, const Password &keyPass, if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(alias); - auto send = MessageBuffer::Serialize(static_cast(LogicCommand::GET_PKCS12), - my_counter, - helper.getName(), - helper.getLabel(), - keyPass, - certPass); - int retCode = m_storageConnection.processRequest(send.Pop(), recv); + int msgId = ++m_counter; + MessageBuffer recv; + + int retCode = doRequest(recv, m_storageConnection, LogicCommand::GET_PKCS12, msgId, + helper.getName(), helper.getOwner(), keyPass, certPass); if (CKM_API_SUCCESS != retCode) return retCode; - int command; - int counter; + int retMsgId; PKCS12Serializable gotPkcs; - recv.Deserialize(command, counter, retCode, gotPkcs); + recv.Deserialize(retMsgId, retCode, gotPkcs); - if (counter != my_counter) + if (retMsgId != msgId) return CKM_API_ERROR_UNKNOWN; pkcs = std::make_shared(std::move(gotPkcs)); @@ -266,30 +242,13 @@ int Manager::Impl::removeAlias(const Alias &alias) if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(alias); - auto send = MessageBuffer::Serialize(static_cast(LogicCommand::REMOVE), - my_counter, - helper.getName(), - helper.getLabel()); - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; - - int command; - int counter; - recv.Deserialize(command, counter, retCode); - - if (counter != my_counter) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, LogicCommand::REMOVE, m_storageConnection, + helper.getName(), helper.getOwner() + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -304,32 +263,35 @@ int Manager::Impl::getBinaryData( if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(alias); - auto send = MessageBuffer::Serialize(static_cast(LogicCommand::GET), - my_counter, - static_cast(sendDataType), - helper.getName(), - helper.getLabel(), - password); - int retCode = m_storageConnection.processRequest(send.Pop(), recv); + return Request(*this, LogicCommand::GET, m_storageConnection, + sendDataType, helper.getName(), helper.getOwner(), password + ).maybeDeserialize(recvDataType, rawData); - if (CKM_API_SUCCESS != retCode) - return retCode; + EXCEPTION_GUARD_END +} + +int Manager::Impl::getBinaryDataEncryptionStatus(const DataType sendDataType, + const Alias &alias, bool &status) +{ + status = false; + if (alias.empty()) + return CKM_API_ERROR_INPUT_PARAM; + + EXCEPTION_GUARD_START_CPPAPI - int command; - int counter; - int tmpDataType; - recv.Deserialize(command, counter, retCode, tmpDataType, rawData); - recvDataType = DataType(tmpDataType); + AliasSupport helper(alias); + DataType tmpDataType; - if (counter != my_counter) - return CKM_API_ERROR_UNKNOWN; + int retCode = Request(*this, LogicCommand::GET_PROTECTION_STATUS, m_storageConnection, + sendDataType, helper.getName(), helper.getOwner() + ).maybeDeserialize(tmpDataType, status); + + if (retCode != CKM_API_SUCCESS) + status = false; return retCode; @@ -342,24 +304,14 @@ int Manager::Impl::getKey(const Alias &alias, const Password &password, DataType recvDataType; RawBuffer rawData; - int retCode = getBinaryData( - alias, - DataType::KEY_RSA_PUBLIC, - password, - recvDataType, - rawData); + int retCode = getBinaryData(alias, DataType::KEY_RSA_PUBLIC, password, recvDataType, rawData); if (retCode != CKM_API_SUCCESS) return retCode; - KeyShPtr keyParsed; - - if (DataType::KEY_AES == recvDataType) - keyParsed = KeyShPtr(new KeyAESImpl(rawData)); - else - keyParsed = KeyShPtr(new KeyImpl(rawData)); + KeyShPtr keyParsed = recvDataType.isSymmetricKey() ? Key::createAES(rawData) : Key::create(rawData); - if (keyParsed->empty()) { + if (!keyParsed) { LogDebug("Key empty - failed to parse!"); return CKM_API_ERROR_BAD_RESPONSE; } @@ -375,17 +327,12 @@ int Manager::Impl::getCertificate(const Alias &alias, const Password &password, DataType recvDataType; RawBuffer rawData; - int retCode = getBinaryData( - alias, - DataType::CERTIFICATE, - password, - recvDataType, - rawData); + int retCode = getBinaryData(alias, DataType::CERTIFICATE, password, recvDataType, rawData); if (retCode != CKM_API_SUCCESS) return retCode; - if (recvDataType != DataType::CERTIFICATE) + if (!recvDataType.isCertificate()) return CKM_API_ERROR_BAD_RESPONSE; CertificateShPtr certParsed(new CertificateImpl(rawData, DataFormat::FORM_DER)); @@ -393,7 +340,7 @@ int Manager::Impl::getCertificate(const Alias &alias, const Password &password, if (certParsed->empty()) return CKM_API_ERROR_BAD_RESPONSE; - cert = certParsed; + cert = std::move(certParsed); return CKM_API_SUCCESS; } @@ -403,54 +350,37 @@ int Manager::Impl::getData(const Alias &alias, const Password &password, { DataType recvDataType = DataType::BINARY_DATA; - int retCode = getBinaryData( - alias, - DataType::BINARY_DATA, - password, - recvDataType, - rawData); + int retCode = getBinaryData(alias, DataType::BINARY_DATA, password, recvDataType, rawData); if (retCode != CKM_API_SUCCESS) return retCode; - if (recvDataType != DataType::BINARY_DATA) - return CKM_API_ERROR_BAD_RESPONSE; - - return CKM_API_SUCCESS; + return recvDataType.isBinaryData() ? CKM_API_SUCCESS : CKM_API_ERROR_BAD_RESPONSE; } -int Manager::Impl::getBinaryDataAliasVector(DataType dataType, - AliasVector &aliasVector) +int Manager::Impl::getAliasInfoVectorHelper(DataType dataType, AliasInfoVector &aliasInfoVector) { - int my_counter = ++m_counter; + DataType tmpDataType; + AliasInfoSerializableVector aisv(aliasInfoVector); + return Request(*this, + LogicCommand::GET_LIST, + m_storageConnection, + dataType).maybeDeserialize(tmpDataType, aisv); +} +int Manager::Impl::getAliasVectorHelper(DataType dataType, AliasVector &aliasVector) +{ EXCEPTION_GUARD_START_CPPAPI + AliasInfoVector aliasInfoVector; + int retCode = getAliasInfoVectorHelper(dataType, aliasInfoVector); - MessageBuffer recv; - auto send = MessageBuffer::Serialize(static_cast(LogicCommand::GET_LIST), - my_counter, - static_cast(dataType)); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) + if (retCode != CKM_API_SUCCESS) return retCode; - int command; - int counter; - int tmpDataType; - LabelNameVector labelNameVector; - recv.Deserialize(command, counter, retCode, tmpDataType, labelNameVector); - - if ((command != static_cast(LogicCommand::GET_LIST)) || - (counter != my_counter)) - return CKM_API_ERROR_UNKNOWN; - - for (const auto &it : labelNameVector) - aliasVector.push_back(AliasSupport::merge(it.first, it.second)); - - return retCode; + for (const auto &it : aliasInfoVector) + aliasVector.push_back(it.alias); + return CKM_API_SUCCESS; EXCEPTION_GUARD_END } @@ -458,17 +388,53 @@ int Manager::Impl::getKeyAliasVector(AliasVector &aliasVector) { // in fact datatype has no meaning here - if not certificate or binary data // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST - return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector); + return getAliasVectorHelper(DataType::DB_KEY_LAST, aliasVector); } int Manager::Impl::getCertificateAliasVector(AliasVector &aliasVector) { - return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector); + return getAliasVectorHelper(DataType::CERTIFICATE, aliasVector); } int Manager::Impl::getDataAliasVector(AliasVector &aliasVector) { - return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector); + return getAliasVectorHelper(DataType::BINARY_DATA, aliasVector); +} + +int Manager::Impl::getKeyAliasInfoVector(AliasInfoVector &aliasInfoVector) +{ + EXCEPTION_GUARD_START_CPPAPI + return getAliasInfoVectorHelper(DataType::DB_KEY_LAST, aliasInfoVector); + EXCEPTION_GUARD_END +} + +int Manager::Impl::getKeyEncryptionStatus(const Alias &alias, bool &status) +{ + return getBinaryDataEncryptionStatus(DataType::DB_KEY_LAST, alias, status); +} + +int Manager::Impl::getCertificateAliasInfoVector(AliasInfoVector &aliasInfoVector) +{ + EXCEPTION_GUARD_START_CPPAPI + return getAliasInfoVectorHelper(DataType::CERTIFICATE, aliasInfoVector); + EXCEPTION_GUARD_END +} + +int Manager::Impl::getCertificateEncryptionStatus(const Alias &alias, bool &status) +{ + return getBinaryDataEncryptionStatus(DataType::CERTIFICATE, alias, status); +} + +int Manager::Impl::getDataAliasInfoVector(AliasInfoVector &aliasInfoVector) +{ + EXCEPTION_GUARD_START_CPPAPI + return getAliasInfoVectorHelper(DataType::BINARY_DATA, aliasInfoVector); + EXCEPTION_GUARD_END +} + +int Manager::Impl::getDataEncryptionStatus(const Alias &alias, bool &status) +{ + return getBinaryDataEncryptionStatus(DataType::BINARY_DATA, alias, status); } int Manager::Impl::createKeyPairRSA( @@ -501,8 +467,8 @@ int Manager::Impl::createKeyPairECDSA( const Policy &policyPublicKey) { return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, - static_cast(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, - policyPublicKey); + static_cast(type), privateKeyAlias, publicKeyAlias, + policyPrivateKey, policyPublicKey); } int Manager::Impl::createKeyAES( @@ -510,34 +476,14 @@ int Manager::Impl::createKeyAES( const Alias &keyAlias, const Policy &policyKey) { - // proceed with sending request - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport aliasHelper(keyAlias); - auto send = MessageBuffer::Serialize(static_cast - (LogicCommand::CREATE_KEY_AES), - my_counter, - static_cast(size), - PolicySerializable(policyKey), - aliasHelper.getName(), - aliasHelper.getLabel()); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; - - int command; - int counter; - recv.Deserialize(command, counter, retCode); - - if (counter != my_counter) - return CKM_API_ERROR_UNKNOWN; - return retCode; + return Request(*this, LogicCommand::CREATE_KEY_AES, m_storageConnection, + size, PolicySerializable(policyKey), + aliasHelper.getName(), aliasHelper.getOwner() + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -577,38 +523,18 @@ int Manager::Impl::createKeyPair( return CKM_API_ERROR_INPUT_PARAM; } - // proceed with sending request - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport privateHelper(privateKeyAlias); AliasSupport publicHelper(publicKeyAlias); - auto send = MessageBuffer::Serialize(static_cast - (LogicCommand::CREATE_KEY_PAIR), - my_counter, - CryptoAlgorithmSerializable(keyGenAlgorithm), - PolicySerializable(policyPrivateKey), - PolicySerializable(policyPublicKey), - privateHelper.getName(), - privateHelper.getLabel(), - publicHelper.getName(), - publicHelper.getLabel()); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - if (CKM_API_SUCCESS != retCode) - return retCode; - - int command; - int counter; - recv.Deserialize(command, counter, retCode); - - if (counter != my_counter) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, LogicCommand::CREATE_KEY_PAIR, m_storageConnection, + CryptoAlgorithmSerializable(keyGenAlgorithm), + PolicySerializable(policyPrivateKey), + PolicySerializable(policyPublicKey), + privateHelper.getName(), privateHelper.getOwner(), + publicHelper.getName(), publicHelper.getOwner() + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -638,15 +564,9 @@ int Manager::Impl::getCertificateChain( trustedVector.push_back(e->getDER()); } - return getCertChain( - m_storageConnection, - LogicCommand::GET_CHAIN_CERT, - ++m_counter, - certificate, - untrustedVector, - trustedVector, - useTrustedSystemCertificates, - certificateChainVector); + return getCertChain(m_storageConnection, LogicCommand::GET_CHAIN_CERT, *this, + certificate, untrustedVector, trustedVector, + useTrustedSystemCertificates, certificateChainVector); } int Manager::Impl::getCertificateChain( @@ -656,31 +576,25 @@ int Manager::Impl::getCertificateChain( bool useTrustedSystemCertificates, CertificateShPtrVector &certificateChainVector) { - LabelNameVector untrustedVector; - LabelNameVector trustedVector; + OwnerNameVector untrustedVector; + OwnerNameVector trustedVector; if (!certificate || certificate->empty()) return CKM_API_ERROR_INPUT_PARAM; for (auto &e : untrustedCertificates) { AliasSupport helper(e); - untrustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName())); + untrustedVector.push_back(std::make_pair(helper.getOwner(), helper.getName())); } for (auto &e : trustedCertificates) { AliasSupport helper(e); - trustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName())); + trustedVector.push_back(std::make_pair(helper.getOwner(), helper.getName())); } - return getCertChain( - m_storageConnection, - LogicCommand::GET_CHAIN_ALIAS, - ++m_counter, - certificate, - untrustedVector, - trustedVector, - useTrustedSystemCertificates, - certificateChainVector); + return getCertChain(m_storageConnection, LogicCommand::GET_CHAIN_ALIAS, *this, + certificate, untrustedVector, trustedVector, + useTrustedSystemCertificates, certificateChainVector); } int Manager::Impl::createSignature( @@ -690,35 +604,14 @@ int Manager::Impl::createSignature( const CryptoAlgorithm &cAlgorithm, RawBuffer &signature) { - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(privateKeyAlias); - auto send = MessageBuffer::Serialize(static_cast - (LogicCommand::CREATE_SIGNATURE), - my_counter, - helper.getName(), - helper.getLabel(), - password, - message, - CryptoAlgorithmSerializable(cAlgorithm)); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; - - int command; - int counter; - recv.Deserialize(command, counter, retCode, signature); - - if ((command != static_cast(LogicCommand::CREATE_SIGNATURE)) - || (counter != my_counter)) - return CKM_API_ERROR_UNKNOWN; - return retCode; + return Request(*this, LogicCommand::CREATE_SIGNATURE, m_storageConnection, + helper.getName(), helper.getOwner(), password, message, + CryptoAlgorithmSerializable(cAlgorithm) + ).maybeDeserialize(signature); EXCEPTION_GUARD_END } @@ -730,36 +623,14 @@ int Manager::Impl::verifySignature( const RawBuffer &signature, const CryptoAlgorithm &cAlg) { - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(publicKeyOrCertAlias); - auto send = MessageBuffer::Serialize(static_cast - (LogicCommand::VERIFY_SIGNATURE), - my_counter, - helper.getName(), - helper.getLabel(), - password, - message, - signature, - CryptoAlgorithmSerializable(cAlg)); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; - int command; - int counter; - recv.Deserialize(command, counter, retCode); - - if ((command != static_cast(LogicCommand::VERIFY_SIGNATURE)) - || (counter != my_counter)) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, LogicCommand::VERIFY_SIGNATURE, m_storageConnection, + helper.getName(), helper.getOwner(), password, message, signature, + CryptoAlgorithmSerializable(cAlg) + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -769,7 +640,7 @@ int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain, { EXCEPTION_GUARD_START_CPPAPI - int my_counter = ++m_counter; + int msgId = ++m_counter; MessageBuffer recv; RawBufferVector rawCertChain; @@ -783,55 +654,27 @@ int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain, rawCertChain.push_back(e->getDER()); } - auto send = MessageBuffer::Serialize(my_counter, rawCertChain); - - int retCode = m_ocspConnection.processRequest(send.Pop(), recv); + int retCode = doRequest(recv, m_ocspConnection, msgId, rawCertChain); if (CKM_API_SUCCESS != retCode) return retCode; - int counter; - recv.Deserialize(counter, retCode, ocspStatus); - - if (my_counter != counter) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return deserializeResponse(msgId, recv, ocspStatus); EXCEPTION_GUARD_END } int Manager::Impl::setPermission(const Alias &alias, - const Label &accessor, + const ClientId &accessor, PermissionMask permissionMask) { - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(alias); - auto send = MessageBuffer::Serialize(static_cast - (LogicCommand::SET_PERMISSION), - my_counter, - helper.getName(), - helper.getLabel(), - accessor, - permissionMask); - - int retCode = m_storageConnection.processRequest(send.Pop(), recv); - - if (CKM_API_SUCCESS != retCode) - return retCode; - - int command; - int counter; - recv.Deserialize(command, counter, retCode); - if (my_counter != counter) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, LogicCommand::SET_PERMISSION, m_storageConnection, + helper.getName(), helper.getOwner(), accessor, permissionMask + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -843,34 +686,14 @@ int Manager::Impl::crypt(EncryptionCommand command, const RawBuffer &input, RawBuffer &output) { - int my_counter = ++m_counter; - EXCEPTION_GUARD_START_CPPAPI - MessageBuffer recv; AliasSupport helper(keyAlias); CryptoAlgorithmSerializable cas(algo); - auto send = MessageBuffer::Serialize(static_cast(command), - my_counter, - cas, - helper.getName(), - helper.getLabel(), - password, - input); - - int retCode = m_encryptionConnection.processRequest(send.Pop(), recv); - if (CKM_API_SUCCESS != retCode) - return retCode; - - int retCommand; - int counter; - recv.Deserialize(retCommand, counter, retCode, output); - - if (my_counter != counter || retCommand != static_cast(command)) - return CKM_API_ERROR_UNKNOWN; - - return retCode; + return Request(*this, command, m_encryptionConnection, + cas, helper.getName(), helper.getOwner(), password, input + ).maybeDeserialize(output); EXCEPTION_GUARD_END } @@ -895,4 +718,166 @@ int Manager::Impl::decrypt(const CryptoAlgorithm &algo, decrypted); } +int Manager::Impl::deriveKey(const CryptoAlgorithm &algo, + const Alias &secretAlias, + const Password &secretPassword, + const Alias &newKeyAlias, + const Policy &newKeyPolicy) +{ + EXCEPTION_GUARD_START_CPPAPI + + AliasSupport secret(secretAlias); + AliasSupport newKey(newKeyAlias); + CryptoAlgorithmSerializable cas(algo); + + return Request(*this, LogicCommand::DERIVE, m_storageConnection, + cas, secret.getName(), secret.getOwner(), secretPassword, + newKey.getName(), newKey.getOwner(), PolicySerializable(newKeyPolicy) + ).maybeDeserialize(); + + EXCEPTION_GUARD_END +} + +int Manager::Impl::importWrappedKey(const CryptoAlgorithm ¶ms, + const Alias &wrappingKeyAlias, + const Password &wrappingKeyPassword, + const Alias &alias, + const RawBuffer &wrappedKey, + const KeyType keyType, + const Policy &policy) +{ + EXCEPTION_GUARD_START_CPPAPI + + if (keyType == KeyType::KEY_NONE) + return CKM_API_ERROR_INPUT_PARAM; + + AliasSupport wrapping_helper(wrappingKeyAlias); + AliasSupport helper(alias); + + return Request(*this, + LogicCommand::IMPORT_WRAPPED_KEY, + m_storageConnection, + CryptoAlgorithmSerializable(params), + wrapping_helper.getName(), + wrapping_helper.getOwner(), + wrappingKeyPassword, + helper.getName(), + helper.getOwner(), + wrappedKey, + DataType(keyType), + PolicySerializable(policy) + ).maybeDeserialize(); + + EXCEPTION_GUARD_END +} + +int Manager::Impl::exportWrappedKey(const CryptoAlgorithm ¶ms, + const Alias &wrappingKeyAlias, + const Password &wrappingKeyPassword, + const Alias &alias, + const Password &password, + KeyType &keyType, + RawBuffer &wrappedKey) +{ + EXCEPTION_GUARD_START_CPPAPI + + AliasSupport wrapping_helper(wrappingKeyAlias); + AliasSupport helper(alias); + DataType dataTypeKey; + + int retCode = Request(*this, + LogicCommand::EXPORT_WRAPPED_KEY, + m_storageConnection, + CryptoAlgorithmSerializable(params), + wrapping_helper.getName(), + wrapping_helper.getOwner(), + wrappingKeyPassword, + helper.getName(), + helper.getOwner(), + password + ).maybeDeserialize(dataTypeKey, wrappedKey); + + if (retCode != CKM_API_SUCCESS) + return retCode; + + if (dataTypeKey.isSymmetricKey()) { + keyType = KeyType::KEY_AES; + } else if (dataTypeKey.isKeyPrivate()) { + keyType = KeyType::KEY_RSA_PRIVATE; + } else { + return CKM_API_ERROR_INVALID_FORMAT; + } + + return retCode; + + EXCEPTION_GUARD_END +} + +int Manager::Impl::initializeCipher( + const CryptoAlgorithm ¶ms, + const Alias &keyAlias, + const Password &keyPassword, + bool encrypt, + int &requestId) +{ + EXCEPTION_GUARD_START_CPPAPI + + AliasSupport helper(keyAlias); + + return Request(*this, + EncryptionCommand::INITIALIZE_CIPHER, + m_encryptionConnection, + requestId, + CryptoAlgorithmSerializable(params), + helper.getName(), + helper.getOwner(), + keyPassword, + encrypt + ).maybeDeserialize(requestId); + + EXCEPTION_GUARD_END +} + +int Manager::Impl::updateCipher(int requestId, const RawBuffer &in, RawBuffer &out) +{ + EXCEPTION_GUARD_START_CPPAPI + + return Request(*this, + EncryptionCommand::UPDATE_CIPHER, + m_encryptionConnection, + requestId, + in + ).maybeDeserialize(out); + + EXCEPTION_GUARD_END +} + +int Manager::Impl::finalizeCipher(int requestId, const RawBuffer &in, RawBuffer &out) +{ + EXCEPTION_GUARD_START_CPPAPI + + return Request(*this, + EncryptionCommand::FINALIZE_CIPHER, + m_encryptionConnection, + requestId, + in + ).maybeDeserialize(out); + + EXCEPTION_GUARD_END +} + +int Manager::Impl::getBackendInfo(BackendId backend, BackendInfo& info) +{ + EXCEPTION_GUARD_START_CPPAPI + + BackendInfoSerializable bis(info); + return Request(*this, + LogicCommand::GET_BACKEND_INFO, + m_storageConnection, + backend + ).maybeDeserialize(bis); + + EXCEPTION_GUARD_END +} + } // namespace CKM