projects
/
platform
/
core
/
security
/
key-manager.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c5c4f68
)
Use new exception types in KeyProvider class.
49/41349/3
author
Bartlomiej Grzelewski
<b.grzelewski@samsung.com>
Fri, 12 Jun 2015 13:32:28 +0000
(15:32 +0200)
committer
Krzysztof Jackiewicz
<k.jackiewicz@samsung.com>
Fri, 26 Jun 2015 11:25:03 +0000
(
04:25
-0700)
This commit also removed exception throw in object destructor.
Change-Id: I55f58bd5e63261632404557f60caa7f0af393714
src/manager/service/ckm-logic.cpp
patch
|
blob
|
history
src/manager/service/key-provider.cpp
patch
|
blob
|
history
src/manager/service/key-provider.h
patch
|
blob
|
history
tests/main.cpp
patch
|
blob
|
history
tests/test-key-provider.cpp
patch
|
blob
|
history
diff --git
a/src/manager/service/ckm-logic.cpp
b/src/manager/service/ckm-logic.cpp
index
a2c3e45
..
7ec4213
100644
(file)
--- a/
src/manager/service/ckm-logic.cpp
+++ b/
src/manager/service/ckm-logic.cpp
@@
-162,12
+162,6
@@
int CKMLogic::unlockDatabase(uid_t user, const Password & password)
handle.database.deleteKey(appSmackLabel);
}
}
handle.database.deleteKey(appSmackLabel);
}
}
- } catch (const KeyProvider::Exception::PassWordError &e) {
- LogError("Incorrect Password " << e.GetMessage());
- retCode = CKM_API_ERROR_AUTHENTICATION_FAILED;
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("Error in KeyProvider " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const Exc::Exception &e) {
retCode = e.error();
} catch (const CKM::Exception &e) {
} catch (const Exc::Exception &e) {
retCode = e.error();
} catch (const CKM::Exception &e) {
@@
-283,12
+277,6
@@
RawBuffer CKMLogic::changeUserPassword(
try
{
retCode = changeUserPasswordHelper(user, oldPassword, newPassword);
try
{
retCode = changeUserPasswordHelper(user, oldPassword, newPassword);
- } catch (const KeyProvider::Exception::PassWordError &e) {
- LogError("Incorrect Password " << e.GetMessage());
- retCode = CKM_API_ERROR_AUTHENTICATION_FAILED;
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("Error in KeyProvider " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const Exc::Exception &e) {
retCode = e.error();
} catch (const CKM::Exception &e) {
} catch (const Exc::Exception &e) {
retCode = e.error();
} catch (const CKM::Exception &e) {
@@
-500,9
+488,6
@@
int CKMLogic::verifyAndSaveDataHelper(
{
retCode = saveDataHelper(cred, name, label, dataType, binaryData, policy);
}
{
retCode = saveDataHelper(cred, name, label, dataType, binaryData, policy);
}
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("KeyProvider failed with message: " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const DB::Crypto::Exception::InternalError &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const DB::Crypto::Exception::InternalError &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
@@
-592,9
+577,8
@@
RawBuffer CKMLogic::savePKCS12(
int retCode = CKM_API_ERROR_UNKNOWN;
try {
retCode = saveDataHelper(cred, name, label, pkcs, keyPolicy, certPolicy);
int retCode = CKM_API_ERROR_UNKNOWN;
try {
retCode = saveDataHelper(cred, name, label, pkcs, keyPolicy, certPolicy);
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("KeyProvider failed with message: " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
+ } catch (const Exc::Exception &e) {
+ retCode = e.error();
} catch (const DB::Crypto::Exception::InternalError &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const DB::Crypto::Exception::InternalError &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
@@
-876,9
+860,6
@@
RawBuffer CKMLogic::getData(
try {
retCode = readDataHelper(true, cred, dataType, name, label, password, row);
try {
retCode = readDataHelper(true, cred, dataType, name, label, password, row);
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("KeyProvider failed with error: " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
@@
-964,10
+945,6
@@
RawBuffer CKMLogic::getPKCS12(
// prepare response
if(retCode == CKM_API_SUCCESS)
output = PKCS12Serializable(privKey, cert, caChain);
// prepare response
if(retCode == CKM_API_SUCCESS)
output = PKCS12Serializable(privKey, cert, caChain);
-
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("KeyProvider failed with error: " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
@@
-1470,9
+1447,6
@@
RawBuffer CKMLogic::createSignature(
if(retCode == CKM_API_SUCCESS) {
signature = m_decider.getStore(row).getKey(row)->sign(cryptoAlg, message);
}
if(retCode == CKM_API_SUCCESS) {
signature = m_decider.getStore(row).getKey(row)->sign(cryptoAlg, message);
}
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("KeyProvider failed with message: " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
@@
-1523,9
+1497,6
@@
RawBuffer CKMLogic::verifySignature(
}
} catch (const Exc::Exception &e) {
retCode = e.error();
}
} catch (const Exc::Exception &e) {
retCode = e.error();
- } catch (const KeyProvider::Exception::Base &e) {
- LogError("KeyProvider failed with error: " << e.GetMessage());
- retCode = CKM_API_ERROR_SERVER_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const DB::Crypto::Exception::Base &e) {
LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
diff --git
a/src/manager/service/key-provider.cpp
b/src/manager/service/key-provider.cpp
index
48db9c0
..
23ca201
100644
(file)
--- a/
src/manager/service/key-provider.cpp
+++ b/
src/manager/service/key-provider.cpp
@@
-1,3
+1,4
@@
+#include <exception.h>
#include <key-provider.h>
#include <dpl/log/log.h>
#include <key-provider.h>
#include <dpl/log/log.h>
@@
-100,14
+101,11
@@
KeyAndInfoContainer::~KeyAndInfoContainer()
{
// overwrite key
char *ptr = reinterpret_cast<char*>(keyAndInfo);
{
// overwrite key
char *ptr = reinterpret_cast<char*>(keyAndInfo);
- for (size_t size = 0; size < sizeof(KeyAndInfo); ++size)
- ptr[size] = 0;
+ memset(ptr, 0, sizeof(KeyAndInfo));
// verification
for (size_t size = 0; size < sizeof(KeyAndInfo); ++size) {
// verification
for (size_t size = 0; size < sizeof(KeyAndInfo); ++size) {
- if (0 != ptr[size]) {
- delete keyAndInfo;
- ThrowMsg(Exception::Base, "KeyAndInfo in KeyAndInfoContainer "
- "was not destroyed!");
+ if (ptr[size]) {
+ LogError("Write momory error! Memory used by key was not owerwritten.");
}
}
delete keyAndInfo;
}
}
delete keyAndInfo;
@@
-127,12
+125,12
@@
KeyProvider::KeyProvider(
, m_isInitialized(true)
{
if (!m_isInitialized) {
, m_isInitialized(true)
{
if (!m_isInitialized) {
- Throw
Msg(Exception::InitFailed
, "Object not initialized!. Should not happened");
+ Throw
Err(Exc::InternalError
, "Object not initialized!. Should not happened");
}
if (domainKEKInWrapForm.size() != sizeof(WrappedKeyAndInfo)) {
LogError("input size:" << domainKEKInWrapForm.size()
<< " Expected: " << sizeof(WrappedKeyAndInfo));
}
if (domainKEKInWrapForm.size() != sizeof(WrappedKeyAndInfo)) {
LogError("input size:" << domainKEKInWrapForm.size()
<< " Expected: " << sizeof(WrappedKeyAndInfo));
- Throw
Msg(Exception::InputParam
Error, "buffer doesn't have proper size to store WrappedKeyAndInfo in KeyProvider Constructor");
+ Throw
Err(Exc::Internal
Error, "buffer doesn't have proper size to store WrappedKeyAndInfo in KeyProvider Constructor");
}
WrappedKeyAndInfoContainer wkmcDKEK = WrappedKeyAndInfoContainer(domainKEKInWrapForm.data());
}
WrappedKeyAndInfoContainer wkmcDKEK = WrappedKeyAndInfoContainer(domainKEKInWrapForm.data());
@@
-154,7
+152,7
@@
KeyProvider::KeyProvider(
PKEK1)) {
delete[] concat_user_pass;
PKEK1)) {
delete[] concat_user_pass;
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
delete[] concat_user_pass;
}
delete[] concat_user_pass;
@@
-169,7
+167,7
@@
KeyProvider::KeyProvider(
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv,
m_kmcDKEK->getKeyAndInfo().key))) {
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv,
m_kmcDKEK->getKeyAndInfo().key))) {
- Throw
Msg(Exception::PassWordError
, "VerifyDomainKEK failed in KeyProvider Constructor");
+ Throw
Err(Exc::AuthenticationFailed
, "VerifyDomainKEK failed in KeyProvider Constructor");
}
m_kmcDKEK->setKeyInfo(&(wkmcDKEK.getWrappedKeyAndInfo().keyInfo));
}
m_kmcDKEK->setKeyInfo(&(wkmcDKEK.getWrappedKeyAndInfo().keyInfo));
@@
-205,7
+203,7
@@
bool KeyProvider::isInitialized()
RawBuffer KeyProvider::getPureDomainKEK()
{
if (!m_isInitialized) {
RawBuffer KeyProvider::getPureDomainKEK()
{
if (!m_isInitialized) {
- Throw
Msg(Exception::InitFailed
, "Object not initialized!");
+ Throw
Err(Exc::InternalError
, "Object not initialized!");
}
// TODO secure
}
// TODO secure
@@
-215,7
+213,7
@@
RawBuffer KeyProvider::getPureDomainKEK()
RawBuffer KeyProvider::getWrappedDomainKEK(const Password &password)
{
if (!m_isInitialized) {
RawBuffer KeyProvider::getWrappedDomainKEK(const Password &password)
{
if (!m_isInitialized) {
- Throw
Msg(Exception::InitFailed
, "Object not initialized!");
+ Throw
Err(Exc::InternalError
, "Object not initialized!");
}
WrappedKeyAndInfoContainer wkmcDKEK = WrappedKeyAndInfoContainer();
}
WrappedKeyAndInfoContainer wkmcDKEK = WrappedKeyAndInfoContainer();
@@
-237,7
+235,7
@@
RawBuffer KeyProvider::getWrappedDomainKEK(const Password &password)
PKEK1)) {
delete[] concat_user_pass;
PKEK1)) {
delete[] concat_user_pass;
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
delete[] concat_user_pass;
}
delete[] concat_user_pass;
@@
-254,7
+252,7
@@
RawBuffer KeyProvider::getWrappedDomainKEK(const Password &password)
wkmcDKEK.getWrappedKeyAndInfo().wrappedKey,
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.tag))) {
wkmcDKEK.getWrappedKeyAndInfo().wrappedKey,
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.tag))) {
- Throw
Msg(Exception::InitFailed
, "WrapDKEK Failed in KeyProvider::getDomainKEK");
+ Throw
Err(Exc::InternalError
, "WrapDKEK Failed in KeyProvider::getDomainKEK");
}
wkmcDKEK.setKeyInfoKeyLength((unsigned int)wrappedKeyLength);
}
wkmcDKEK.setKeyInfoKeyLength((unsigned int)wrappedKeyLength);
@@
-267,13
+265,13
@@
RawBuffer KeyProvider::getWrappedDomainKEK(const Password &password)
RawBuffer KeyProvider::getPureDEK(const RawBuffer &DEKInWrapForm)
{
if (!m_isInitialized) {
RawBuffer KeyProvider::getPureDEK(const RawBuffer &DEKInWrapForm)
{
if (!m_isInitialized) {
- Throw
Msg(Exception::InitFailed
, "Object not initialized!");
+ Throw
Err(Exc::InternalError
, "Object not initialized!");
}
if (DEKInWrapForm.size() != sizeof(WrappedKeyAndInfo)){
LogError("input size:" << DEKInWrapForm.size()
<< " Expected: " << sizeof(WrappedKeyAndInfo));
}
if (DEKInWrapForm.size() != sizeof(WrappedKeyAndInfo)){
LogError("input size:" << DEKInWrapForm.size()
<< " Expected: " << sizeof(WrappedKeyAndInfo));
- Throw
Msg(Exception::InputParam
Error,
+ Throw
Err(Exc::Internal
Error,
"buffer doesn't have proper size to store "
"WrappedKeyAndInfo in KeyProvider::getPureDEK");
}
"buffer doesn't have proper size to store "
"WrappedKeyAndInfo in KeyProvider::getPureDEK");
}
@@
-293,7
+291,7
@@
RawBuffer KeyProvider::getPureDEK(const RawBuffer &DEKInWrapForm)
MAX_KEY_SIZE,
PKEK2)) {
MAX_KEY_SIZE,
PKEK2)) {
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
if (0 > (keyLength = decryptAes256Gcm(
}
if (0 > (keyLength = decryptAes256Gcm(
@@
-304,7
+302,7
@@
RawBuffer KeyProvider::getPureDEK(const RawBuffer &DEKInWrapForm)
wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv,
kmcDEK.getKeyAndInfo().key))) {
wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv,
kmcDEK.getKeyAndInfo().key))) {
- Throw
Msg(Exception::UnwrapFailed
,
+ Throw
Err(Exc::InternalError
,
"UnwrapDEK Failed in KeyProvider::getPureDEK");
}
"UnwrapDEK Failed in KeyProvider::getPureDEK");
}
@@
-319,8
+317,7
@@
RawBuffer KeyProvider::getPureDEK(const RawBuffer &DEKInWrapForm)
RawBuffer KeyProvider::generateDEK(const std::string &smackLabel)
{
if (!m_isInitialized) {
RawBuffer KeyProvider::generateDEK(const std::string &smackLabel)
{
if (!m_isInitialized) {
- ThrowMsg(Exception::InitFailed,
- "Object not initialized!");
+ ThrowErr(Exc::InternalError, "Object not initialized!");
}
WrappedKeyAndInfoContainer wkmcDEK = WrappedKeyAndInfoContainer();
}
WrappedKeyAndInfoContainer wkmcDEK = WrappedKeyAndInfoContainer();
@@
-336,7
+333,7
@@
RawBuffer KeyProvider::generateDEK(const std::string &smackLabel)
if (!RAND_bytes(key, m_kmcDKEK->getKeyAndInfo().keyInfo.keyLength) ||
!RAND_bytes(wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE)) {
if (!RAND_bytes(key, m_kmcDKEK->getKeyAndInfo().keyInfo.keyLength) ||
!RAND_bytes(wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE)) {
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
if (!PKCS5_PBKDF2_HMAC_SHA1(
}
if (!PKCS5_PBKDF2_HMAC_SHA1(
@@
-348,7
+345,7
@@
RawBuffer KeyProvider::generateDEK(const std::string &smackLabel)
MAX_KEY_SIZE,
PKEK2)) {
MAX_KEY_SIZE,
PKEK2)) {
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
int wrappedKeyLength;
}
int wrappedKeyLength;
@@
-361,8
+358,7
@@
RawBuffer KeyProvider::generateDEK(const std::string &smackLabel)
wkmcDEK.getWrappedKeyAndInfo().wrappedKey,
wkmcDEK.getWrappedKeyAndInfo().keyInfo.tag))) {
wkmcDEK.getWrappedKeyAndInfo().wrappedKey,
wkmcDEK.getWrappedKeyAndInfo().keyInfo.tag))) {
- ThrowMsg(Exception::GenFailed,
- "GenerateDEK Failed in KeyProvider::generateDEK");
+ ThrowErr(Exc::InternalError, "GenerateDEK Failed in KeyProvider::generateDEK");
}
wkmcDEK.setKeyInfoKeyLength((unsigned int)wrappedKeyLength);
}
wkmcDEK.setKeyInfoKeyLength((unsigned int)wrappedKeyLength);
@@
-381,7
+377,7
@@
RawBuffer KeyProvider::reencrypt(
if (domainKEKInWrapForm.size() != sizeof(WrappedKeyAndInfo)) {
LogError("input size:" << domainKEKInWrapForm.size()
<< " Expected: " << sizeof(WrappedKeyAndInfo));
if (domainKEKInWrapForm.size() != sizeof(WrappedKeyAndInfo)) {
LogError("input size:" << domainKEKInWrapForm.size()
<< " Expected: " << sizeof(WrappedKeyAndInfo));
- Throw
Msg(Exception::InputParam
Error,
+ Throw
Err(Exc::Internal
Error,
"buffer doesn't have proper size to store "
"WrappedKeyAndInfo in KeyProvider::reencrypt");
}
"buffer doesn't have proper size to store "
"WrappedKeyAndInfo in KeyProvider::reencrypt");
}
@@
-409,7
+405,7
@@
RawBuffer KeyProvider::reencrypt(
PKEK1)) {
delete[] concat_user_pass;
PKEK1)) {
delete[] concat_user_pass;
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
delete[] concat_user_pass;
}
delete[] concat_user_pass;
@@
-421,8
+417,7
@@
RawBuffer KeyProvider::reencrypt(
wkmcOldDKEK.getWrappedKeyAndInfo().keyInfo.iv,
kmcDKEK.getKeyAndInfo().key))) {
wkmcOldDKEK.getWrappedKeyAndInfo().keyInfo.iv,
kmcDKEK.getKeyAndInfo().key))) {
- ThrowMsg(Exception::PassWordError,
- "Incorrect Old Password ");
+ ThrowErr(Exc::AuthenticationFailed, "Incorrect Old Password ");
}
kmcDKEK.setKeyInfo(&(wkmcOldDKEK.getWrappedKeyAndInfo().keyInfo));
}
kmcDKEK.setKeyInfo(&(wkmcOldDKEK.getWrappedKeyAndInfo().keyInfo));
@@
-442,7
+437,7
@@
RawBuffer KeyProvider::reencrypt(
PKEK1)) {
delete[] concat_user_pass;
PKEK1)) {
delete[] concat_user_pass;
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
}
delete[] concat_user_pass;
}
delete[] concat_user_pass;
@@
-458,8
+453,7
@@
RawBuffer KeyProvider::reencrypt(
wkmcNewDKEK.getWrappedKeyAndInfo().wrappedKey,
wkmcNewDKEK.getWrappedKeyAndInfo().keyInfo.tag))) {
wkmcNewDKEK.getWrappedKeyAndInfo().wrappedKey,
wkmcNewDKEK.getWrappedKeyAndInfo().keyInfo.tag))) {
- ThrowMsg(Exception::UnwrapFailed,
- "UpdateDomainKEK in KeyProvider::reencrypt Failed");
+ ThrowErr(Exc::InternalError, "UpdateDomainKEK in KeyProvider::reencrypt Failed");
}
wkmcNewDKEK.setKeyInfoKeyLength((unsigned int)wrappedKeyLength);
}
wkmcNewDKEK.setKeyInfoKeyLength((unsigned int)wrappedKeyLength);
@@
-479,7
+473,7
@@
RawBuffer KeyProvider::generateDomainKEK(
if (!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.salt, MAX_SALT_SIZE) ||
!RAND_bytes(key, MAX_KEY_SIZE) ||
!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE))
if (!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.salt, MAX_SALT_SIZE) ||
!RAND_bytes(key, MAX_KEY_SIZE) ||
!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE))
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINE_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINE_ERROR");
int wrappedKeyLength;
char *concat_user_pass = NULL;
int wrappedKeyLength;
char *concat_user_pass = NULL;
@@
-494,7
+488,7
@@
RawBuffer KeyProvider::generateDomainKEK(
PKEK1)) {
delete[] concat_user_pass;
PKEK1)) {
delete[] concat_user_pass;
- Throw
Msg(Exception::OpensslEngine
Error, "OPENSSL_ENGINED_ERROR");
+ Throw
Err(Exc::Internal
Error, "OPENSSL_ENGINED_ERROR");
}
delete[] concat_user_pass;
}
delete[] concat_user_pass;
@@
-507,7
+501,7
@@
RawBuffer KeyProvider::generateDomainKEK(
wkmcDKEK.getWrappedKeyAndInfo().wrappedKey,
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.tag))) {
wkmcDKEK.getWrappedKeyAndInfo().wrappedKey,
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.tag))) {
- Throw
Msg(Exception::GenFailed
,
+ Throw
Err(Exc::InternalError
,
"GenerateDomainKEK Failed in KeyProvider::generateDomainKEK");
}
"GenerateDomainKEK Failed in KeyProvider::generateDomainKEK");
}
diff --git
a/src/manager/service/key-provider.h
b/src/manager/service/key-provider.h
index
a386652
..
918a622
100644
(file)
--- a/
src/manager/service/key-provider.h
+++ b/
src/manager/service/key-provider.h
@@
-9,7
+9,6
@@
#include <memory>
#include <ckm/ckm-type.h>
#include <memory>
#include <ckm/ckm-type.h>
-#include <dpl/exception.h>
#ifndef SUCCESS
#define SUCCESS 0
#ifndef SUCCESS
#define SUCCESS 0
@@
-82,10
+81,6
@@
private:
class KeyAndInfoContainer{
public:
class KeyAndInfoContainer{
public:
- class Exception{
- public:
- DECLARE_EXCEPTION_TYPE(CKM::Exception, Base)
- };
KeyAndInfoContainer();
KeyAndInfoContainer(const unsigned char*);
KeyAndInfo& getKeyAndInfo();
KeyAndInfoContainer();
KeyAndInfoContainer(const unsigned char*);
KeyAndInfo& getKeyAndInfo();
@@
-100,18
+95,6
@@
private:
// This is internal api so all functions should throw exception on errors.
class KeyProvider {
public:
// This is internal api so all functions should throw exception on errors.
class KeyProvider {
public:
- class Exception {
- public:
- DECLARE_EXCEPTION_TYPE(CKM::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, InitFailed)
- DECLARE_EXCEPTION_TYPE(Base, GenFailed)
- DECLARE_EXCEPTION_TYPE(Base, WrapFailed)
- DECLARE_EXCEPTION_TYPE(Base, UnwrapFailed)
- DECLARE_EXCEPTION_TYPE(Base, PassWordError)
- DECLARE_EXCEPTION_TYPE(Base, InputParamError)
- DECLARE_EXCEPTION_TYPE(Base, OpensslEngineError)
- };
-
// To store in std containers
KeyProvider();
// In constructor you must check if SKMM is initialized. On error -> exception
// To store in std containers
KeyProvider();
// In constructor you must check if SKMM is initialized. On error -> exception
diff --git
a/tests/main.cpp
b/tests/main.cpp
index
0a47fd8
..
efaf1be
100644
(file)
--- a/
tests/main.cpp
+++ b/
tests/main.cpp
@@
-28,6
+28,8
@@
#include <dpl/log/log.h>
#include <log-setup.h>
#include <dpl/log/log.h>
#include <log-setup.h>
+#include <exception.h>
+
struct TestConfig {
TestConfig() {
boost::unit_test::unit_test_log.set_threshold_level( boost::unit_test::log_test_units);
struct TestConfig {
TestConfig() {
boost::unit_test::unit_test_log.set_threshold_level( boost::unit_test::log_test_units);
@@
-42,17
+44,17
@@
bool isLibInitialized = false;
struct KeyProviderLib {
KeyProviderLib() {
struct KeyProviderLib {
KeyProviderLib() {
-
T
ry {
+
t
ry {
CKM::KeyProvider::initializeLibrary();
isLibInitialized = true;
CKM::KeyProvider::initializeLibrary();
isLibInitialized = true;
- }
- Catch (CKM::Exception) {
+ } catch (const CKM::Exc::Exception &) {
std::cout << "Library initialization failed!" << std::endl;
}
}
~KeyProviderLib() {
std::cout << "Library initialization failed!" << std::endl;
}
}
~KeyProviderLib() {
- Try { CKM::KeyProvider::closeLibrary(); }
- Catch (CKM::Exception) {
+ try {
+ CKM::KeyProvider::closeLibrary();
+ } catch (const CKM::Exc::Exception &) {
std::cout << "Library deinitialization failed!" << std::endl;
}
}
std::cout << "Library deinitialization failed!" << std::endl;
}
}
diff --git
a/tests/test-key-provider.cpp
b/tests/test-key-provider.cpp
index
433e8ec
..
92f7e07
100644
(file)
--- a/
tests/test-key-provider.cpp
+++ b/
tests/test-key-provider.cpp
@@
-1,5
+1,6
@@
#define BOOST_TEST_MODULE KEY_MANAGER_TEST
#include <boost/test/unit_test.hpp>
#define BOOST_TEST_MODULE KEY_MANAGER_TEST
#include <boost/test/unit_test.hpp>
+#include <exception.h>
#include <key-provider.h>
#include <test_common.h>
#include <iostream>
#include <key-provider.h>
#include <test_common.h>
#include <iostream>
@@
-36,7
+37,7
@@
BOOST_AUTO_TEST_CASE(KeyDomainKekInvalidPassword){
BOOST_REQUIRE_NO_THROW(rb_test =
CKM::KeyProvider::generateDomainKEK(USERNAME_LONG, PASSWORD));
BOOST_REQUIRE_THROW(keyProvider = CKM::KeyProvider(rb_test, INCORRECT_PASSWORD),
BOOST_REQUIRE_NO_THROW(rb_test =
CKM::KeyProvider::generateDomainKEK(USERNAME_LONG, PASSWORD));
BOOST_REQUIRE_THROW(keyProvider = CKM::KeyProvider(rb_test, INCORRECT_PASSWORD),
- CKM::
KeyProvider::Exception::PassWordError
);
+ CKM::
Exc::AuthenticationFailed
);
BOOST_REQUIRE_MESSAGE(!keyProvider.isInitialized(),
"KeyProvider not created, but initialized");
}
BOOST_REQUIRE_MESSAGE(!keyProvider.isInitialized(),
"KeyProvider not created, but initialized");
}
@@
-114,7
+115,7
@@
BOOST_AUTO_TEST_CASE(KeyReencrypt_incorrect_password){
BOOST_REQUIRE_NO_THROW(rb_test =
CKM::KeyProvider::generateDomainKEK(USERNAME_LONG, PASSWORD));
BOOST_REQUIRE_THROW((rb_test = CKM::KeyProvider::reencrypt(rb_test, INCORRECT_PASSWORD,
BOOST_REQUIRE_NO_THROW(rb_test =
CKM::KeyProvider::generateDomainKEK(USERNAME_LONG, PASSWORD));
BOOST_REQUIRE_THROW((rb_test = CKM::KeyProvider::reencrypt(rb_test, INCORRECT_PASSWORD,
- NEW_PASSWORD)), CKM::
KeyProvider::Exception::PassWordError
);
+ NEW_PASSWORD)), CKM::
Exc::AuthenticationFailed
);
}
BOOST_AUTO_TEST_CASE(KeyGetPureDEK_after_reencrypt){
}
BOOST_AUTO_TEST_CASE(KeyGetPureDEK_after_reencrypt){