X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Fmanager%2Fclient-capi%2Fckmc-manager.cpp;h=d9ab8d1a62c44c70f68bc71f1a998d03d796c825;hb=7289ddcc83cdef17134c918dd1d22c2dc5ce759c;hp=e641c8084a121c5a2235d94743db7ff24904a726;hpb=7dde783029c297894c09d0c85bc0c4ecbd5be78a;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git diff --git a/src/manager/client-capi/ckmc-manager.cpp b/src/manager/client-capi/ckmc-manager.cpp index e641c80..d9ab8d1 100644 --- a/src/manager/client-capi/ckmc-manager.cpp +++ b/src/manager/client-capi/ckmc-manager.cpp @@ -26,9 +26,15 @@ #include #include #include +#include #include #include +namespace +{ +const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR; +const CKM::AliasVector EMPTY_ALIAS_VECTOR; + CKM::Password _tostring(const char *str) { if(str == NULL) @@ -36,26 +42,63 @@ CKM::Password _tostring(const char *str) return CKM::Password(str); } +CKM::KeyShPtr _toCkmKey(const ckmc_key_s *key) +{ + if(key) + { + CKM::RawBuffer buffer(key->raw_key, key->raw_key + key->key_size); + return CKM::Key::create(buffer, _tostring(key->password)); + } + return CKM::KeyShPtr(); +} + CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert) { - CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size); - CKM::DataFormat dataFormat = static_cast(static_cast(cert->data_format)); - return CKM::Certificate::create(buffer, dataFormat); + if(cert) + { + CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size); + CKM::DataFormat dataFormat = static_cast(static_cast(cert->data_format)); + return CKM::Certificate::create(buffer, dataFormat); + } + return CKM::CertificateShPtr(); +} + +CKM::CertificateShPtrVector _toCkmCertificateVector(const ckmc_cert_list_s *list) +{ + CKM::CertificateShPtrVector certs; + ckmc_cert_list_s *current = const_cast(list); + while (current != NULL) + { + if (current->cert != NULL) + certs.push_back(_toCkmCertificate(current->cert)); + current = current->next; + } + return certs; +} + +CKM::AliasVector _toCkmAliasVector(const ckmc_alias_list_s *list) +{ + CKM::AliasVector aliases; + ckmc_alias_list_s *current = const_cast(list); + while (current != NULL) + { + if (current->alias != NULL) + aliases.push_back(CKM::Alias(current->alias)); + current = current->next; + } + return aliases; } -ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector) +ckmc_cert_list_s *_toNewCkmCertList(const CKM::CertificateShPtrVector &certVector) { int ret; ckmc_cert_list_s *start = NULL; ckmc_cert_list_s *plist = NULL; - CKM::CertificateShPtrVector::iterator it; + CKM::CertificateShPtrVector::const_iterator it; for(it = certVector.begin(); it != certVector.end(); it++) { CKM::RawBuffer rawBuffer = (*it)->getDER(); - unsigned char *rawCert = static_cast(malloc(rawBuffer.size())); - memcpy(rawCert, rawBuffer.data(), rawBuffer.size()); - ckmc_cert_s *pcert; - ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert); - free(rawCert); + ckmc_cert_s *pcert = NULL; + ret = ckmc_cert_new(rawBuffer.data(), rawBuffer.size(), CKMC_FORM_DER, &pcert); if(pcert == NULL) { ckmc_cert_list_all_free(start); return NULL; @@ -74,6 +117,46 @@ ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector) return start; } +typedef int (CKM::Manager::*cryptoFn)(const CKM::CryptoAlgorithm &algo, + const CKM::Alias &keyAlias, + const CKM::Password &password, + const CKM::RawBuffer& plain, + CKM::RawBuffer& encrypted); + +int _cryptoOperation(cryptoFn operation, + const ckmc_param_list_s *params, + const char *key_alias, + const char *password, + const ckmc_raw_buffer_s in, + ckmc_raw_buffer_s **ppout) +{ + if(!params || !key_alias || !ppout) + return CKMC_ERROR_INVALID_PARAMETER; + + // params + const CKM::CryptoAlgorithm* ca = reinterpret_cast(params); + + // password + CKM::Password pass; + if (password) + pass = password; + + // buffers + CKM::RawBuffer inBuffer(in.data, in.data + in.size); + CKM::RawBuffer outBuffer; + + // operation + CKM::ManagerShPtr mgr = CKM::Manager::create(); + int ret = ((*mgr).*operation)(*ca, key_alias, pass, inBuffer, outBuffer); + if (ret != CKM_API_SUCCESS) + return to_ckmc_error(ret); + + return ckmc_buffer_new(outBuffer.data(), outBuffer.size(), ppout); +} + +} + + KEY_MANAGER_CAPI int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy) { @@ -104,15 +187,7 @@ int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s p KEY_MANAGER_CAPI int ckmc_remove_key(const char *alias) { - CKM::ManagerShPtr mgr = CKM::Manager::create(); - - if(alias == NULL) { - return CKMC_ERROR_INVALID_PARAMETER; - } - CKM::Alias ckmAlias(alias); - - int ret = mgr->removeKey(ckmAlias); - return to_ckmc_error(ret); + return ckmc_remove_alias(alias); } KEY_MANAGER_CAPI @@ -124,17 +199,16 @@ int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key) if(alias == NULL || key == NULL) { return CKMC_ERROR_INVALID_PARAMETER; } - CKM::Alias ckmAlias(alias); CKM::ManagerShPtr mgr = CKM::Manager::create(); - if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) { + if( (ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) { return to_ckmc_error(ret); } - unsigned char *rawKey = reinterpret_cast(ckmKey->getDER().data()); + CKM::RawBuffer buffer = ckmKey->getDER(); ckmc_key_type_e keyType = static_cast(static_cast(ckmKey->getType())); - ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key); + ret = ckmc_key_new( buffer.data(), buffer.size(), keyType, NULL, key); return to_ckmc_error(ret); } @@ -157,8 +231,8 @@ int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list) ckmc_alias_list_s *plist = NULL; - for (auto it = aliasVector.begin(); it != aliasVector.end(); it++) { - char *alias = strndup(it->c_str(), it->size()); + for (const auto it : aliasVector) { + char *alias = strndup(it.c_str(), it.size()); if (plist == NULL) { // first ret = ckmc_alias_list_new(alias, &plist); @@ -175,10 +249,9 @@ int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list) } if(plist == NULL) { // if the alias_list size is zero - return CKMC_ERROR_DB_ALIAS_UNKNOWN ; + return CKMC_ERROR_DB_ALIAS_UNKNOWN; } - return CKMC_ERROR_NONE; } @@ -209,15 +282,7 @@ int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_ KEY_MANAGER_CAPI int ckmc_remove_cert(const char *alias) { - if(alias == NULL) { - return CKMC_ERROR_INVALID_PARAMETER; - } - CKM::Alias ckmAlias(alias); - - CKM::ManagerShPtr mgr = CKM::Manager::create(); - int ret = mgr->removeCertificate(ckmAlias); - - return to_ckmc_error(ret); + return ckmc_remove_alias(alias); } KEY_MANAGER_CAPI @@ -229,15 +294,14 @@ int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert) if(alias == NULL || cert == NULL) { return CKMC_ERROR_INVALID_PARAMETER; } - CKM::Alias ckmAlias(alias); CKM::ManagerShPtr mgr = CKM::Manager::create(); - if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) { + if( (ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) { return to_ckmc_error(ret); } - unsigned char *rawCert = reinterpret_cast(ckmCert->getDER().data()); - ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert); + CKM::RawBuffer buffer = ckmCert->getDER(); + ret = ckmc_cert_new( buffer.data(), buffer.size(), CKMC_FORM_DER, cert); return ret; } @@ -260,8 +324,8 @@ int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) { ckmc_alias_list_s *plist = NULL; - for (auto it = aliasVector.begin(); it != aliasVector.end(); it++) { - char *alias = strndup(it->c_str(), it->size()); + for (const auto it : aliasVector) { + char *alias = strndup(it.c_str(), it.size()); if (plist == NULL) { // first ret = ckmc_alias_list_new(alias, &plist); @@ -278,14 +342,108 @@ int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) { } if(plist == NULL) { // if the alias_list size is zero - return CKMC_ERROR_DB_ALIAS_UNKNOWN ; + return CKMC_ERROR_DB_ALIAS_UNKNOWN; } - return CKMC_ERROR_NONE; } KEY_MANAGER_CAPI +int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs, const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy) +{ + CKM::KeyShPtr private_key; + CKM::CertificateShPtr cert; + CKM::CertificateShPtrVector ca_cert_list; + + if(alias==NULL || ppkcs==NULL) { + return CKMC_ERROR_INVALID_PARAMETER; + } + CKM::Alias ckmAlias(alias); + private_key = _toCkmKey(ppkcs->priv_key); + cert = _toCkmCertificate(ppkcs->cert); + ca_cert_list = _toCkmCertificateVector(ppkcs->ca_chain); + + CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable); + CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable); + + CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list)); + + CKM::ManagerShPtr mgr = CKM::Manager::create(); + int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy); + + return to_ckmc_error(ret); +} + +KEY_MANAGER_CAPI +int ckmc_remove_pkcs12(const char *alias) +{ + return ckmc_remove_alias(alias); +} + +KEY_MANAGER_CAPI +int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cert_password, ckmc_pkcs12_s **pkcs12) +{ + int ret; + CKM::PKCS12ShPtr pkcs; + CKM::Password keyPass, certPass; + ckmc_key_s *private_key = NULL; + ckmc_cert_s *cert = NULL; + ckmc_cert_list_s *ca_cert_list = 0; + + if(!alias || !pkcs12) { + return CKMC_ERROR_INVALID_PARAMETER; + } + + if (key_password) + keyPass = key_password; + + if (cert_password) + certPass = cert_password; + + auto mgr = CKM::Manager::create(); + + if((ret = mgr->getPKCS12(alias, keyPass, certPass, pkcs)) != CKM_API_SUCCESS) { + return to_ckmc_error(ret); + } + + if(!pkcs) + return CKMC_ERROR_BAD_RESPONSE; + + auto pkcsKey = pkcs->getKey(); + if(pkcsKey) + { + CKM::RawBuffer buffer = pkcsKey->getDER(); + ckmc_key_type_e keyType = static_cast(pkcsKey->getType()); + ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, &private_key); + if(ret != CKMC_ERROR_NONE) + return ret; + } + + auto pkcsCert = pkcs->getCertificate(); + if(pkcsCert) + { + CKM::RawBuffer buffer = pkcsCert->getDER(); + ret = ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, &cert); + if(ret != CKMC_ERROR_NONE) { + ckmc_key_free(private_key); + return ret; + } + } + + ca_cert_list = _toNewCkmCertList(pkcs->getCaCertificateShPtrVector()); + + ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12); + if(ret != CKMC_ERROR_NONE) + { + ckmc_key_free(private_key); + ckmc_cert_free(cert); + ckmc_cert_list_free(ca_cert_list); + } + return ret; +} + + +KEY_MANAGER_CAPI int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy) { if(alias == NULL) { @@ -309,14 +467,7 @@ int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_ KEY_MANAGER_CAPI int ckmc_remove_data(const char *alias) { - if(alias == NULL) { - return CKMC_ERROR_INVALID_PARAMETER; - } - CKM::Alias ckmAlias(alias); - - CKM::ManagerShPtr mgr = CKM::Manager::create(); - int ret = mgr->removeData(ckmAlias); - return to_ckmc_error(ret); + return ckmc_remove_alias(alias); } KEY_MANAGER_CAPI @@ -328,15 +479,13 @@ int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **d if(alias == NULL || data == NULL) { return CKMC_ERROR_INVALID_PARAMETER; } - CKM::Alias ckmAlias(alias); CKM::ManagerShPtr mgr = CKM::Manager::create(); - if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) { + if( (ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) { return to_ckmc_error(ret); } - unsigned char *rawBuff = reinterpret_cast(ckmBuff.data()); - ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data); + ret = ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data); return ret; } @@ -359,8 +508,8 @@ int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){ ckmc_alias_list_s *plist = NULL; - for(auto it = aliasVector.begin(); it != aliasVector.end(); it++) { - char *alias = strndup(it->c_str(), it->size()); + for (const auto it : aliasVector) { + char *alias = strndup(it.c_str(), it.size()); if (plist == NULL) { // first ret = ckmc_alias_list_new(alias, &plist); @@ -377,7 +526,7 @@ int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){ } if(plist == NULL) { // if the alias_list size is zero - return CKMC_ERROR_DB_ALIAS_UNKNOWN ; + return CKMC_ERROR_DB_ALIAS_UNKNOWN; } return CKMC_ERROR_NONE; @@ -483,8 +632,7 @@ int ckmc_create_signature(const char *private_key_alias, return to_ckmc_error(ret); } - unsigned char *rawBuff = reinterpret_cast(ckmSignature.data()); - ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature); + ret = ckmc_buffer_new( ckmSignature.data(), ckmSignature.size(), signature); return ret; } @@ -536,24 +684,9 @@ int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrust CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert); - CKM::CertificateShPtrVector ckmUntrustedCerts; - if(untrustedcerts != NULL) { - ckmc_cert_list_s *current = NULL; - ckmc_cert_list_s *next = const_cast(untrustedcerts); - do { - current = next; - next = current->next; - - if(current->cert == NULL){ - continue; - } + CKM::CertificateShPtrVector ckmUntrustedCerts = _toCkmCertificateVector(untrustedcerts); - CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert); - ckmUntrustedCerts.push_back(tmpCkmCert); - }while(next != NULL); - } - - ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain); + ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, EMPTY_CERT_VECTOR, true, ckmCertChain); if( ret != CKM_API_SUCCESS) { return to_ckmc_error(ret); } @@ -580,41 +713,124 @@ int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_lis return CKMC_ERROR_INVALID_FORMAT; } - CKM::AliasVector ckmUntrustedAliases; - if(untrustedcerts != NULL) { - ckmc_alias_list_s *current = NULL; - ckmc_alias_list_s *next = const_cast(untrustedcerts); - do { - current = next; - next = current->next; + CKM::AliasVector ckmUntrustedAliases = _toCkmAliasVector(untrustedcerts); + + ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, EMPTY_ALIAS_VECTOR, true, ckmCertChain); + if( ret != CKM_API_SUCCESS) { + return to_ckmc_error(ret); + } + + *cert_chain_list = _toNewCkmCertList(ckmCertChain); + + return CKMC_ERROR_NONE; +} + +KEY_MANAGER_CAPI +int ckmc_get_cert_chain_with_trustedcert(const ckmc_cert_s* cert, + const ckmc_cert_list_s* untrustedcerts, + const ckmc_cert_list_s* trustedcerts, + const bool sys_certs, + ckmc_cert_list_s** ppcert_chain_list) +{ + int ret; + CKM::ManagerShPtr mgr = CKM::Manager::create(); + CKM::CertificateShPtrVector ckm_cert_chain; + + if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) { + return CKMC_ERROR_INVALID_PARAMETER; + } - if(current->alias == NULL){ - return CKMC_ERROR_INVALID_PARAMETER; - } - CKM::Alias ckmAlias(current->alias); - ckmUntrustedAliases.push_back(ckmAlias); - }while(next != NULL); + CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert); + if(ckm_cert.get() == NULL) { + return CKMC_ERROR_INVALID_PARAMETER; } - if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) { + CKM::CertificateShPtrVector ckm_untrusted = _toCkmCertificateVector(untrustedcerts); + CKM::CertificateShPtrVector ckm_trusted = _toCkmCertificateVector(trustedcerts); + + ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain); + if( ret != CKM_API_SUCCESS) { return to_ckmc_error(ret); } - *cert_chain_list = _toNewCkmCertList(ckmCertChain); + *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain); + + return CKMC_ERROR_NONE; +} + +KEY_MANAGER_CAPI +int ckmc_get_cert_chain_with_trustedcert_alias(const ckmc_cert_s* cert, + const ckmc_alias_list_s* untrustedcerts, + const ckmc_alias_list_s* trustedcerts, + const bool sys_certs, + ckmc_cert_list_s** ppcert_chain_list) +{ + int ret; + CKM::ManagerShPtr mgr = CKM::Manager::create(); + CKM::CertificateShPtrVector ckm_cert_chain; + + if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) { + return CKMC_ERROR_INVALID_PARAMETER; + } + + CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert); + if(ckm_cert.get() == NULL) { + return CKMC_ERROR_INVALID_PARAMETER; + } + + CKM::AliasVector ckm_untrusted = _toCkmAliasVector(untrustedcerts); + CKM::AliasVector ckm_trusted = _toCkmAliasVector(trustedcerts); + + ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain); + if( ret != CKM_API_SUCCESS) { + return to_ckmc_error(ret); + } + + *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain); return CKMC_ERROR_NONE; } KEY_MANAGER_CAPI +int ckmc_ocsp_check(const ckmc_cert_list_s *pcert_chain_list, ckmc_ocsp_status_e *ocsp_status) +{ + if (pcert_chain_list == NULL + || pcert_chain_list->cert == NULL + || pcert_chain_list->cert->raw_cert == NULL + || pcert_chain_list->cert->cert_size <= 0 + || ocsp_status == NULL) { + return CKMC_ERROR_INVALID_PARAMETER; + } + + int ret = CKMC_ERROR_UNKNOWN; + int tmpOcspStatus = -1; + CKM::ManagerShPtr mgr = CKM::Manager::create(); + CKM::CertificateShPtrVector ckmCertChain = _toCkmCertificateVector(pcert_chain_list); + + ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus); + *ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus); + return to_ckmc_error(ret); +} + +KEY_MANAGER_CAPI int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted) { + int ec, permissionMask; + ec = access_to_permission_mask(granted, permissionMask); + if(ec != CKMC_ERROR_NONE) + return ec; + + return ckmc_set_permission(alias, accessor, permissionMask); +} + +KEY_MANAGER_CAPI +int ckmc_set_permission(const char *alias, const char *accessor, int permissions) +{ if (!alias || !accessor) return CKMC_ERROR_INVALID_PARAMETER; CKM::ManagerShPtr mgr = CKM::Manager::create(); - - CKM::AccessRight ar = static_cast(static_cast(granted)); - return to_ckmc_error(mgr->allowAccess(alias, accessor, ar)); + return to_ckmc_error(mgr->setPermission(alias, accessor, permissions)); } KEY_MANAGER_CAPI @@ -624,6 +840,46 @@ int ckmc_deny_access(const char *alias, const char *accessor) return CKMC_ERROR_INVALID_PARAMETER; CKM::ManagerShPtr mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE)); +} + +KEY_MANAGER_CAPI +int ckmc_remove_alias(const char *alias) +{ + if(!alias) + return CKMC_ERROR_INVALID_PARAMETER; + + CKM::ManagerShPtr mgr = CKM::Manager::create(); + int ret = mgr->removeAlias(alias); + return to_ckmc_error(ret); +} - return to_ckmc_error(mgr->denyAccess(alias, accessor)); +KEY_MANAGER_CAPI +int ckmc_encrypt_data(const ckmc_param_list_s *params, + const char *key_alias, + const char *password, + const ckmc_raw_buffer_s decrypted, + ckmc_raw_buffer_s **ppencrypted) +{ + return _cryptoOperation(&CKM::Manager::encrypt, + params, + key_alias, + password, + decrypted, + ppencrypted); +} + +KEY_MANAGER_CAPI +int ckmc_decrypt_data(const ckmc_param_list_s *params, + const char *key_alias, + const char *password, + const ckmc_raw_buffer_s encrypted, + ckmc_raw_buffer_s **ppdecrypted) +{ + return _cryptoOperation(&CKM::Manager::decrypt, + params, + key_alias, + password, + encrypted, + ppdecrypted); }