SET(CMAKE_C_FLAGS_PROFILING "-g -O0 -pg -Wp,-U_FORTIFY_SOURCE")
SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++17 -O0 -pg -Wp,-U_FORTIFY_SOURCE")
SET(CMAKE_C_FLAGS_DEBUG "-g -O0 -ggdb -Wp,-U_FORTIFY_SOURCE")
-SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++17 -O0 -ggdb -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++17 -O0 -ggdb -Wp,-U_FORTIFY_SOURCE -Wshadow")
SET(CMAKE_C_FLAGS_RELEASE "-g -O2")
-SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++17 -O2")
+SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++17 -O2 -Wshadow")
SET(CMAKE_C_FLAGS_COVERAGE "-g -O0 -ggdb --coverage -Wp,-U_FORTIFY_SOURCE")
SET(CMAKE_CXX_FLAGS_COVERAGE "-g -std=c++17 -O0 -ggdb --coverage -Wp,-U_FORTIFY_SOURCE")
if (migrate) {
try {
target.saveRow(e);
- } catch (const CKM::DB::SqlConnection::Exception::Base &e) {
+ } catch (const CKM::DB::SqlConnection::Exception::Base &exc) {
UI::error()
<< "sql exception, migration failed or object already exists in the database: "
- << e.DumpToString() << endl;
+ << exc.DumpToString() << endl;
}
}
}
{
}
- Item(const CKM::Alias &alias,
- const CKM::DataType::Type type,
- const CKM::Policy &policy)
- : alias(alias), type(type), policy(policy)
+ Item(const CKM::Alias &_alias,
+ const CKM::DataType::Type _type,
+ const CKM::Policy &_policy)
+ : alias(_alias), type(_type), policy(_policy)
{
}
{
}
- ItemFilter(CKM::DataType::Type typeFrom, CKM::DataType::Type typeTo) :
- typeFrom(typeFrom),
- typeTo(typeTo),
+ ItemFilter(CKM::DataType::Type _typeFrom, CKM::DataType::Type _typeTo) :
+ typeFrom(_typeFrom),
+ typeTo(_typeTo),
exportableOnly(false),
noPassword(false)
{
BackendId backend;
AliasInfo() : type(0), backend(BackendId::SW) {}
- AliasInfo(const Alias& alias, int type, BackendId backend) :
- alias(alias),
- type(type),
- backend(backend)
+ AliasInfo(const Alias& _alias, int _type, BackendId _backend) :
+ alias(_alias),
+ type(_type),
+ backend(_backend)
{
}
};
AsyncRequest::AsyncRequest(const ManagerAsync::ObserverPtr &o,
std::string &&i,
RawBuffer &&b,
- int id,
- int command) :
+ int _id,
+ int _command) :
observer(o),
interface(std::move(i)),
buffer(std::move(b)),
written(0),
- id(id),
- command(command)
+ id(_id),
+ command(_command)
{
}
struct EncryptionParams {
EncryptionParams() {}
- EncryptionParams(RawBuffer iv, RawBuffer tag) :
- iv(std::move(iv)),
- tag(std::move(tag))
+ EncryptionParams(RawBuffer _iv, RawBuffer _tag) :
+ iv(std::move(_iv)),
+ tag(std::move(_tag))
{}
RawBuffer iv;
lengthBits,
counterLocation,
rlenBits,
- [&fixed](Prf& prf, size_t){
- prf.Update(fixed.data(), fixed.size());
+ [&fixed](Prf& prf2, size_t){
+ prf2.Update(fixed.data(), fixed.size());
});
}
struct Credentials {
Credentials() : clientUid(0) {}
- Credentials(uid_t socketUid, const ClientId &client)
- : clientUid(socketUid), client(client) {}
+ Credentials(uid_t socketUid, const ClientId &_client)
+ : clientUid(socketUid), client(_client) {}
uid_t clientUid;
ClientId client;
typedef std::string ServiceHandlerPath;
struct ServiceDescription {
ServiceDescription(const char *path,
- const char *privilege,
- InterfaceID interfaceID = 0,
- bool useSendMsg = false) :
- privilege(privilege),
- interfaceID(interfaceID),
+ const char *_privilege,
+ InterfaceID _interfaceID = 0,
+ bool _useSendMsg = false) :
+ privilege(_privilege),
+ interfaceID(_interfaceID),
serviceHandlerPath(path),
- useSendMsg(useSendMsg) {}
+ useSendMsg(_useSendMsg) {}
std::string privilege;
// inter-service communication message base class
struct MsgBase {
- explicit MsgBase(unsigned id) : id(id) {}
+ explicit MsgBase(unsigned _id) : id(_id) {}
virtual ~MsgBase() {}
unsigned id;
// key request
struct MsgKeyRequest : public MsgBase {
- MsgKeyRequest(unsigned id, const Credentials &cred, const Name &name,
- const ClientId &explicitOwner, const Password &password) :
- MsgBase(id),
- cred(cred),
- name(name),
- explicitOwner(explicitOwner),
- password(password)
+ MsgKeyRequest(unsigned _id, const Credentials &_cred, const Name &_name,
+ const ClientId &_explicitOwner, const Password &_password) :
+ MsgBase(_id),
+ cred(_cred),
+ name(_name),
+ explicitOwner(_explicitOwner),
+ password(_password)
{}
Credentials cred;
// key response
struct MsgKeyResponse : public MsgBase {
- MsgKeyResponse(unsigned id, const Crypto::GObjShPtr &key,
+ MsgKeyResponse(unsigned _id, const Crypto::GObjShPtr &_key,
int errorCode = CKM_API_SUCCESS) :
- MsgBase(id), key(key), error(errorCode) {}
+ MsgBase(_id), key(_key), error(errorCode) {}
Crypto::GObjShPtr key;
int error;
int retCode = tryRet([&] {
Crypto::GObjUPtr obj;
- int retCode = readDataHelper(true, cred, dataType, name, owner,
- password, obj, objDataType);
+ int retCode2 = readDataHelper(true, cred, dataType, name, owner,
+ password, obj, objDataType);
- if (retCode == CKM_API_SUCCESS)
+ if (retCode2 == CKM_API_SUCCESS)
rowData = obj->getBinary();
- return retCode;
+ return retCode2;
});
if (CKM_API_SUCCESS != retCode)
// read private key (mandatory)
Crypto::GObjUPtr keyObj;
- int retCode = readDataHelper(true, cred, DataType::DB_KEY_FIRST, name, owner,
- keyPassword, keyObj);
+ int retCode2 = readDataHelper(true, cred, DataType::DB_KEY_FIRST, name, owner,
+ keyPassword, keyObj);
- if (retCode != CKM_API_SUCCESS) {
- if (retCode != CKM_API_ERROR_NOT_EXPORTABLE)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS) {
+ if (retCode2 != CKM_API_ERROR_NOT_EXPORTABLE)
+ return retCode2;
} else {
privKey = CKM::Key::create(keyObj->getBinary());
}
// read certificate (mandatory)
Crypto::GObjUPtr certObj;
- retCode = readDataHelper(true, cred, DataType::CERTIFICATE, name, owner,
- certPassword, certObj);
+ retCode2 = readDataHelper(true, cred, DataType::CERTIFICATE, name, owner,
+ certPassword, certObj);
- if (retCode != CKM_API_SUCCESS) {
- if (retCode != CKM_API_ERROR_NOT_EXPORTABLE)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS) {
+ if (retCode2 != CKM_API_ERROR_NOT_EXPORTABLE)
+ return retCode2;
} else {
cert = CKM::Certificate::create(certObj->getBinary(), DataFormat::FORM_DER);
}
// read CA cert chain (optional)
Crypto::GObjUPtrVector caChainObjs;
- retCode = readDataHelper(true, cred, DataType::DB_CHAIN_FIRST, name, owner,
- certPassword, caChainObjs);
+ retCode2 = readDataHelper(true, cred, DataType::DB_CHAIN_FIRST, name, owner,
+ certPassword, caChainObjs);
- if (retCode != CKM_API_SUCCESS && retCode != CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- if (retCode != CKM_API_ERROR_NOT_EXPORTABLE)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS && retCode2 != CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
+ if (retCode2 != CKM_API_ERROR_NOT_EXPORTABLE)
+ return retCode2;
} else {
for (auto &caCertObj : caChainObjs)
caChain.push_back(CKM::Certificate::create(caCertObj->getBinary(),
// if anything found, return it
if (privKey || cert || caChain.size() > 0)
- retCode = CKM_API_SUCCESS;
+ retCode2 = CKM_API_SUCCESS;
// prepare response
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
output = PKCS12Serializable(std::move(privKey), std::move(cert), std::move(caChain));
return CKM_API_SUCCESS;
try {
retCode = tryRet([&] {
- auto [dbOp, digest, retCode] = beginSaveAndGetHash(cred, name, owner);
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ auto [dbOp, digest, retCode2] = beginSaveAndGetHash(cred, name, owner);
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
// create key in store
CryptoAlgorithm keyGenAlgorithm;
try {
retCode = tryRet([&] {
Crypto::GObjUPtr obj;
- int retCode = readDataHelper(false, cred, DataType::DB_KEY_FIRST, privateKeyName,
- owner, password, obj);
+ int retCode2 = readDataHelper(false, cred, DataType::DB_KEY_FIRST, privateKeyName,
+ owner, password, obj);
- if (retCode == CKM_API_SUCCESS)
+ if (retCode2 == CKM_API_SUCCESS)
signature = obj->sign(cryptoAlg, message);
- return retCode;
+ return retCode2;
});
} catch (const std::exception &e) {
LogError("STD exception " << e.what());
RawBuffer wrappedKey;
auto retCode = tryRet([&] {
- auto retCode = readDataHelper(false, cred, DataType::DB_KEY_FIRST, wrappingKeyName,
- wrappingKeyOwner, wrappingKeyPassword, wrappingKey);
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ auto retCode2 = readDataHelper(false, cred, DataType::DB_KEY_FIRST, wrappingKeyName,
+ wrappingKeyOwner, wrappingKeyPassword, wrappingKey);
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
- retCode = readRowHelper(false, cred, DataType::DB_KEY_FIRST, keyName,
- keyOwner, keyPassword, wrappedKeyRow, wrappedKeyType);
- if (retCode != CKM_API_SUCCESS)
- return retCode;
+ retCode2 = readRowHelper(false, cred, DataType::DB_KEY_FIRST, keyName,
+ keyOwner, keyPassword, wrappedKeyRow, wrappedKeyType);
+ if (retCode2 != CKM_API_SUCCESS)
+ return retCode2;
wrappedKey = wrappingKey->wrap(params, wrappedKeyRow, keyPassword);
- return retCode;
+ return retCode2;
});
return SerializeMessage(msgID, retCode, wrappedKeyType, wrappedKey);
Transaction transaction(this);
if (m_connection->CheckTableExist("SCHEMA_INFO")) {
- SchemaInfo SchemaInfo(m_connection.get());
- if (SchemaInfo.getVersionInfo(schemaVersion)) {
+ SchemaInfo info(m_connection.get());
+ if (info.getVersionInfo(schemaVersion)) {
LogDebug("Current DB version: " << schemaVersion);
return true;
}
}
// update DB version info
- SchemaInfo SchemaInfo(m_connection.get());
- SchemaInfo.setVersionInfo();
+ SchemaInfo info(m_connection.get());
+ info.setVersionInfo();
transaction.commit();
}
return;
"Can not create the database schema: no initialization script");
m_connection->ExecCommand((*script).c_str());
- SchemaInfo SchemaInfo(m_connection.get());
- SchemaInfo.setVersionInfo();
+ SchemaInfo info(m_connection.get());
+ info.setVersionInfo();
transaction.commit();
}
" name ", name, " with owner label ", owner);
}
-void Crypto::listInfos(const ClientId &owner,
+void Crypto::listInfos(const ClientId &accessor,
AliasInfoVector &aliasInfoVector,
DataType type)
{
- listInfos(owner, aliasInfoVector, type, type);
+ listInfos(accessor, aliasInfoVector, type, type);
}
-void Crypto::listInfos(const ClientId &owner,
+void Crypto::listInfos(const ClientId &accessor,
AliasInfoVector &aliasInfoVector,
DataType typeRangeStart,
DataType typeRangeStop)
m_connection->PrepareDataCommand(DB_CMD_INFO_SELECT_BY_TYPE_AND_PERMISSION);
selectCommand->BindInteger(1, typeRangeStart);
selectCommand->BindInteger(2, typeRangeStop);
- selectCommand->BindString(104, owner.c_str());
- selectCommand->BindInteger(4,
- static_cast<int>(Permission::READ | Permission::REMOVE));
+ selectCommand->BindString(104, accessor.c_str());
+ selectCommand->BindInteger(4, static_cast<int>(Permission::READ | Permission::REMOVE));
while (selectCommand->Step()) {
ClientId owner = selectCommand->GetColumnString(0);
"Couldn't list names of type <",
typeRangeStart, ",",
typeRangeStop, ">",
- " accessible to client ", owner);
+ " accessible to client ", accessor);
}
void Crypto::saveKey(
RowVector &output);
void listInfos(
- const ClientId &owner,
+ const ClientId &accessor,
AliasInfoVector &aliasInfoVector,
DataType type);
void listInfos(
- const ClientId &owner,
+ const ClientId &accessor,
AliasInfoVector &aliasInfoVector,
DataType typeRangeStart,
DataType typeRangeStop);
readFd(desc, fd[0], revents);
descriptors.remove(desc);
- descriptors.add(fd2[1], POLLOUT, [&](int desc2, short revents) {
+ descriptors.add(fd2[1], POLLOUT, [&](int desc2, short revents2) {
callback2 = true;
- writeFd(desc2, fd2[1], revents);
+ writeFd(desc2, fd2[1], revents2);
descriptors.remove(desc2);
});
});
// test case parameters
size_t length;
- RawBuffer key;
+ RawBuffer keyBuffer;
size_t fixedLen;
RawBuffer fixed;
size_t labelLen;
rlen = 0;
}},
{"L", [&](const std::string& value) { length = std::stoul(value); }},
- {"KI", [&](const std::string& value) { key = fromHex(value); }},
+ {"KI", [&](const std::string& value) { keyBuffer = fromHex(value); }},
{"FixedInputDataByteLen", [&](const std::string& value) { fixedLen = std::stoul(value); }},
{"FixedInputData", [&](const std::string& value) { fixed = fromHex(value); }},
{"DataBeforeCtrLen", [&](const std::string& value) { labelLen = std::stoul(value); }},
if (fixedLen > 0) {
BOOST_REQUIRE(fixedLen == fixed.size());
- output = deriveKbkdfHmac(key, length, md, ctr, rlen, fixed);
+ output = deriveKbkdfHmac(keyBuffer, length, md, ctr, rlen, fixed);
} else {
BOOST_REQUIRE(labelLen > 0);
BOOST_REQUIRE(labelLen == label.size());
BOOST_REQUIRE(contextLen > 0);
BOOST_REQUIRE(contextLen == context.size());
- output = deriveKbkdfHmac(key, length, md, ctr, rlen, 0, label, context, false);
+ output = deriveKbkdfHmac(keyBuffer,
+ length,
+ md,
+ ctr,
+ rlen,
+ 0,
+ label,
+ context,
+ false);
}
BOOST_REQUIRE(output == expectedOutput);
labelLen = 0;
context.clear();
contextLen = 0;
- key.clear();
+ keyBuffer.clear();
length = 0;
}},
};
class Env
{
public:
- explicit Env(const std::string& name) : name(name)
+ explicit Env(const std::string& _name) : name(_name)
{
char* val = getenv(name.c_str());
if (val)
projects / platform / core / security / key-manager.git / commitdiff