CREATE TABLE IF NOT EXISTS SCHEMA_INFO(name TEXT PRIMARY KEY NOT NULL,
value TEXT);
-CREATE TABLE IF NOT EXISTS NAME_TABLE(name TEXT NOT NULL,
- label TEXT NOT NULL,
- idx INTEGER PRIMARY KEY AUTOINCREMENT,
- UNIQUE(name, label));
+CREATE TABLE IF NOT EXISTS NAMES(name TEXT NOT NULL,
+ label TEXT NOT NULL,
+ idx INTEGER PRIMARY KEY AUTOINCREMENT,
+ UNIQUE(name, label));
-CREATE TABLE IF NOT EXISTS OBJECT_TABLE(exportable INTEGER NOT NULL,
- dataType INTEGER NOT NULL,
- algorithmType INTEGER NOT NULL,
- encryptionScheme INTEGER NOT NULL,
- iv BLOB NOT NULL,
- dataSize INTEGER NOT NULL,
- data BLOB NOT NULL,
- tag BLOB NOT NULL,
- idx INTEGER NOT NULL,
- FOREIGN KEY(idx) REFERENCES NAME_TABLE(idx) ON DELETE CASCADE,
- PRIMARY KEY(idx, dataType));
+CREATE TABLE IF NOT EXISTS OBJECTS(exportable INTEGER NOT NULL,
+ dataType INTEGER NOT NULL,
+ algorithmType INTEGER NOT NULL,
+ encryptionScheme INTEGER NOT NULL,
+ iv BLOB NOT NULL,
+ dataSize INTEGER NOT NULL,
+ data BLOB NOT NULL,
+ tag BLOB NOT NULL,
+ idx INTEGER NOT NULL,
+ FOREIGN KEY(idx) REFERENCES NAMES(idx) ON DELETE CASCADE,
+ PRIMARY KEY(idx, dataType));
-CREATE TABLE IF NOT EXISTS KEY_TABLE(label TEXT PRIMARY KEY,
- key BLOB NOT NULL);
+CREATE TABLE IF NOT EXISTS KEYS(label TEXT PRIMARY KEY,
+ key BLOB NOT NULL);
-CREATE TABLE IF NOT EXISTS PERMISSION_TABLE(permissionLabel TEXT NOT NULL,
- permissionMask INTEGER NOT NULL,
- idx INTEGER NOT NULL,
- FOREIGN KEY(idx) REFERENCES NAME_TABLE(idx) ON DELETE CASCADE,
- PRIMARY KEY(permissionLabel, idx));
+CREATE TABLE IF NOT EXISTS PERMISSIONS(permissionLabel TEXT NOT NULL,
+ permissionMask INTEGER NOT NULL,
+ idx INTEGER NOT NULL,
+ FOREIGN KEY(idx) REFERENCES NAMES(idx) ON DELETE CASCADE,
+ PRIMARY KEY(permissionLabel, idx));
-- create views
CREATE VIEW IF NOT EXISTS [join_name_object_tables] AS
- SELECT N.name, N.label, O.* FROM
- NAME_TABLE AS N
- JOIN OBJECT_TABLE AS O ON O.idx=N.idx;
+ SELECT N.name, N.label, O.* FROM NAMES AS N
+ JOIN OBJECTS AS O ON O.idx=N.idx;
CREATE VIEW IF NOT EXISTS [join_name_permission_tables] AS
- SELECT N.name, N.label, P.permissionMask, P.permissionLabel FROM NAME_TABLE AS N
- JOIN PERMISSION_TABLE AS P ON P.idx=N.idx;
+ SELECT N.name, N.label, P.permissionMask, P.permissionLabel FROM NAMES AS N
+ JOIN PERMISSIONS AS P ON P.idx=N.idx;
CREATE VIEW IF NOT EXISTS [join_all_tables] AS
- SELECT N.*, P.permissionLabel, P.permissionMask, O.dataType FROM NAME_TABLE AS N
- JOIN OBJECT_TABLE AS O ON O.idx=N.idx
- JOIN PERMISSION_TABLE AS P ON P.idx=N.idx;
+ SELECT N.*, P.permissionLabel, P.permissionMask, O.dataType FROM NAMES AS N
+ JOIN OBJECTS AS O ON O.idx=N.idx
+ JOIN PERMISSIONS AS P ON P.idx=N.idx;
-- create indexes
-CREATE INDEX IF NOT EXISTS perm_index_idx ON PERMISSION_TABLE(idx);
-CREATE INDEX IF NOT EXISTS name_index_idx ON NAME_TABLE(idx);
+CREATE INDEX IF NOT EXISTS perm_index_idx ON PERMISSIONS(idx);
+CREATE INDEX IF NOT EXISTS name_index_idx ON NAMES(idx);
+
-- isolate old data
-ALTER TABLE PERMISSION_TABLE RENAME TO OLD_PERMISSION_TABLE;
DROP INDEX perm_index_idx;
-- create new structure
CREATE TABLE SCHEMA_INFO(name TEXT PRIMARY KEY NOT NULL,
value TEXT);
-CREATE TABLE PERMISSION_TABLE(permissionLabel TEXT NOT NULL,
- permissionMask INTEGER NOT NULL,
- idx INTEGER NOT NULL,
- FOREIGN KEY(idx) REFERENCES NAME_TABLE(idx) ON DELETE CASCADE,
- PRIMARY KEY(permissionLabel, idx));
-CREATE INDEX perm_index_idx ON PERMISSION_TABLE(idx);
+ALTER TABLE NAME_TABLE RENAME TO NAMES;
+-- need to create OBJECT table from scratch,
+-- as SQLite does not support "ALTER COLUMN"
+-- (REFERENCES NAME_TABLE --> NAMES)
+CREATE TABLE OBJECTS(exportable INTEGER NOT NULL,
+ dataType INTEGER NOT NULL,
+ algorithmType INTEGER NOT NULL,
+ encryptionScheme INTEGER NOT NULL,
+ iv BLOB NOT NULL,
+ dataSize INTEGER NOT NULL,
+ data BLOB NOT NULL,
+ tag BLOB NOT NULL,
+ idx INTEGER NOT NULL,
+ FOREIGN KEY(idx) REFERENCES NAMES(idx) ON DELETE CASCADE,
+ PRIMARY KEY(idx, dataType));
+ALTER TABLE KEY_TABLE RENAME TO KEYS;
+CREATE TABLE PERMISSIONS(permissionLabel TEXT NOT NULL,
+ permissionMask INTEGER NOT NULL,
+ idx INTEGER NOT NULL,
+ FOREIGN KEY(idx) REFERENCES NAMES(idx) ON DELETE CASCADE,
+ PRIMARY KEY(permissionLabel, idx));
+CREATE INDEX perm_index_idx ON PERMISSIONS(idx);
CREATE VIEW [join_name_object_tables] AS
- SELECT N.name, N.label, O.* FROM NAME_TABLE AS N
- JOIN OBJECT_TABLE AS O ON O.idx=N.idx;
+ SELECT N.name, N.label, O.* FROM NAMES AS N
+ JOIN OBJECTS AS O ON O.idx=N.idx;
CREATE VIEW [join_name_permission_tables] AS
- SELECT N.name, N.label, P.permissionMask, P.permissionLabel FROM NAME_TABLE AS N
- JOIN PERMISSION_TABLE AS P ON P.idx=N.idx;
+ SELECT N.name, N.label, P.permissionMask, P.permissionLabel FROM NAMES AS N
+ JOIN PERMISSIONS AS P ON P.idx=N.idx;
CREATE VIEW [join_all_tables] AS
- SELECT N.*, P.permissionLabel, P.permissionMask, O.dataType FROM NAME_TABLE AS N
- JOIN OBJECT_TABLE AS O ON O.idx=N.idx
- JOIN PERMISSION_TABLE AS P ON P.idx=N.idx;
+ SELECT N.*, P.permissionLabel, P.permissionMask, O.dataType FROM NAMES AS N
+ JOIN OBJECTS AS O ON O.idx=N.idx
+ JOIN PERMISSIONS AS P ON P.idx=N.idx;
-- move data
-INSERT INTO PERMISSION_TABLE(permissionLabel, permissionMask, idx) SELECT label, 1, idx FROM OLD_PERMISSION_TABLE WHERE accessFlags='R';
-INSERT INTO PERMISSION_TABLE(permissionLabel, permissionMask, idx) SELECT label, 3, idx FROM OLD_PERMISSION_TABLE WHERE accessFlags='RD';
-INSERT INTO PERMISSION_TABLE(permissionLabel, permissionMask, idx) SELECT label, 3, idx FROM NAME_TABLE;
+INSERT INTO OBJECTS SELECT * FROM OBJECT_TABLE;
+INSERT INTO PERMISSIONS(permissionLabel, permissionMask, idx) SELECT label, 1, idx FROM PERMISSION_TABLE WHERE accessFlags='R';
+INSERT INTO PERMISSIONS(permissionLabel, permissionMask, idx) SELECT label, 3, idx FROM PERMISSION_TABLE WHERE accessFlags='RD';
+INSERT INTO PERMISSIONS(permissionLabel, permissionMask, idx) SELECT label, 3, idx FROM NAMES;
-- cleanup
-DROP TABLE OLD_PERMISSION_TABLE;
+DROP TABLE OBJECT_TABLE;
+DROP TABLE PERMISSION_TABLE;
+
return;
}
Try {
- saveBinaryData(observer, alias, DBDataType(key->getType()), key->getDER(), policy);
- } Catch(DBDataType::Exception::Base) {
+ saveBinaryData(observer, alias, DataType(key->getType()), key->getDER(), policy);
+ } Catch(DataType::Exception::Base) {
observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
}
}
observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
return;
}
- saveBinaryData(observer, alias, DBDataType::CERTIFICATE, cert->getDER(), policy);
+ saveBinaryData(observer, alias, DataType::CERTIFICATE, cert->getDER(), policy);
}
void ManagerAsync::Impl::saveData(const ObserverPtr& observer,
observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM);
return;
}
- saveBinaryData(observer, alias, DBDataType::BINARY_DATA, data, policy);
+ saveBinaryData(observer, alias, DataType::BINARY_DATA, data, policy);
}
void ManagerAsync::Impl::saveBinaryData(const ManagerAsync::ObserverPtr& observer,
const Alias& alias,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer& rawData,
const Policy& policy)
{
void ManagerAsync::Impl::getBinaryData(const ManagerAsync::ObserverPtr& observer,
const Alias &alias,
- DBDataType sendDataType,
+ DataType sendDataType,
const Password &password)
{
observerCheck(observer);
}
void ManagerAsync::Impl::getBinaryDataAliasVector(const ManagerAsync::ObserverPtr& observer,
- DBDataType dataType)
+ DataType dataType)
{
observerCheck(observer);
try_catch_async([&] {
void saveBinaryData(
const ManagerAsync::ObserverPtr& observer,
const Alias& alias,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer& rawData,
const Policy& policy);
void getBinaryData(
const ManagerAsync::ObserverPtr& observer,
const Alias &alias,
- DBDataType sendDataType,
+ DataType sendDataType,
const Password &password);
void getPKCS12(
void getBinaryDataAliasVector(
const ManagerAsync::ObserverPtr& observer,
- DBDataType dataType);
+ DataType dataType);
void createKeyPair(
const ManagerAsync::ObserverPtr& observer,
void ManagerAsync::getKey(const ObserverPtr& observer, const Alias& alias, const Password& password)
{
- m_impl->getBinaryData(observer, alias, DBDataType::DB_KEY_FIRST, password);
+ m_impl->getBinaryData(observer, alias, DataType::DB_KEY_FIRST, password);
}
void ManagerAsync::getCertificate(const ObserverPtr& observer,
const Alias& alias,
const Password& password)
{
- m_impl->getBinaryData(observer, alias, DBDataType::CERTIFICATE, password);
+ m_impl->getBinaryData(observer, alias, DataType::CERTIFICATE, password);
}
void ManagerAsync::getData(const ObserverPtr& observer,
const Alias& alias,
const Password& password)
{
- m_impl->getBinaryData(observer, alias, DBDataType::BINARY_DATA, password);
+ m_impl->getBinaryData(observer, alias, DataType::BINARY_DATA, password);
}
void ManagerAsync::getPKCS12(const ObserverPtr& observer,
void ManagerAsync::getKeyAliasVector(const ObserverPtr& observer)
{
- m_impl->getBinaryDataAliasVector(observer, DBDataType::DB_KEY_FIRST);
+ m_impl->getBinaryDataAliasVector(observer, DataType::DB_KEY_FIRST);
}
void ManagerAsync::getCertificateAliasVector(const ObserverPtr& observer)
{
- m_impl->getBinaryDataAliasVector(observer, DBDataType::CERTIFICATE);
+ m_impl->getBinaryDataAliasVector(observer, DataType::CERTIFICATE);
}
void ManagerAsync::getDataAliasVector(const ObserverPtr& observer)
{
- m_impl->getBinaryDataAliasVector(observer, DBDataType::BINARY_DATA);
+ m_impl->getBinaryDataAliasVector(observer, DataType::BINARY_DATA);
}
void ManagerAsync::createKeyPairRSA(const ObserverPtr& observer,
return;
}
- DBDataType type(dataType);
+ DataType type(dataType);
if (type.isKey())
m_observer->ReceivedKey(KeyImpl(rawData));
else if (type.isCertificate())
for(const auto &it : labelNameVector)
aliasVector.push_back( AliasSupport::merge(it.first, it.second) );
- DBDataType type(dataType);
+ DataType type(dataType);
if (type.isKey())
m_observer->ReceivedKeyAliasVector(std::move(aliasVector));
return;
}
- DBDataType type(dataType);
+ DataType type(dataType);
if (type.isKey())
m_observer->ReceivedSaveKey();
else if (type.isCertificate())
return func();
} catch (const MessageBuffer::Exception::Base &e) {
LogError("CKM::MessageBuffer::Exception " << e.DumpToString());
- } catch (const DBDataType::Exception::Base &e) {
+ } catch (const DataType::Exception::Base &e) {
LogError("CKM::DBDataType::Exception " << e.DumpToString());
} catch (const std::exception &e) {
LogError("STD exception " << e.what());
} catch (const MessageBuffer::Exception::Base& e) {
LogError("CKM::MessageBuffer::Exception " << e.DumpToString());
error(CKM_API_ERROR_BAD_REQUEST);
- } catch (const DBDataType::Exception::Base &e) {
+ } catch (const DataType::Exception::Base &e) {
LogError("CKM::DBDataType conversion failed:" << e.DumpToString());
error(CKM_API_ERROR_UNKNOWN);
} catch (const std::exception& e) {
int ManagerImpl::saveBinaryData(
const Alias &alias,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &rawData,
const Policy &policy)
{
if (key.get() == NULL)
return CKM_API_ERROR_INPUT_PARAM;
Try {
- return saveBinaryData(alias, DBDataType(key->getType()), key->getDER(), policy);
- } Catch (DBDataType::Exception::Base) {
+ return saveBinaryData(alias, DataType(key->getType()), key->getDER(), policy);
+ } Catch (DataType::Exception::Base) {
LogError("Error in key conversion. Could not convert KeyType::NONE to DBDataType!");
}
return CKM_API_ERROR_INPUT_PARAM;
{
if (cert.get() == NULL)
return CKM_API_ERROR_INPUT_PARAM;
- return saveBinaryData(alias, DBDataType::CERTIFICATE, cert->getDER(), policy);
+ return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy);
}
int ManagerImpl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) {
if (!policy.extractable)
return CKM_API_ERROR_INPUT_PARAM;
- return saveBinaryData(alias, DBDataType::BINARY_DATA, rawData, policy);
+ return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy);
}
int ManagerImpl::getBinaryData(
const Alias &alias,
- DBDataType sendDataType,
+ DataType sendDataType,
const Password &password,
- DBDataType &recvDataType,
+ DataType &recvDataType,
RawBuffer &rawData)
{
if (alias.empty())
int counter;
int tmpDataType;
recv.Deserialize(command, counter, retCode, tmpDataType, rawData);
- recvDataType = DBDataType(tmpDataType);
+ recvDataType = DataType(tmpDataType);
if (counter != my_counter)
return CKM_API_ERROR_UNKNOWN;
}
int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) {
- DBDataType recvDataType;
+ DataType recvDataType;
RawBuffer rawData;
int retCode = getBinaryData(
alias,
- DBDataType::KEY_RSA_PUBLIC,
+ DataType::KEY_RSA_PUBLIC,
password,
recvDataType,
rawData);
int ManagerImpl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert)
{
- DBDataType recvDataType;
+ DataType recvDataType;
RawBuffer rawData;
int retCode = getBinaryData(
alias,
- DBDataType::CERTIFICATE,
+ DataType::CERTIFICATE,
password,
recvDataType,
rawData);
if (retCode != CKM_API_SUCCESS)
return retCode;
- if (recvDataType != DBDataType::CERTIFICATE)
+ if (recvDataType != DataType::CERTIFICATE)
return CKM_API_ERROR_BAD_RESPONSE;
CertificateShPtr certParsed(new CertificateImpl(rawData, DataFormat::FORM_DER));
int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer &rawData)
{
- DBDataType recvDataType = DBDataType::BINARY_DATA;
+ DataType recvDataType = DataType::BINARY_DATA;
int retCode = getBinaryData(
alias,
- DBDataType::BINARY_DATA,
+ DataType::BINARY_DATA,
password,
recvDataType,
rawData);
if (retCode != CKM_API_SUCCESS)
return retCode;
- if (recvDataType != DBDataType::BINARY_DATA)
+ if (recvDataType != DataType::BINARY_DATA)
return CKM_API_ERROR_BAD_RESPONSE;
return CKM_API_SUCCESS;
}
-int ManagerImpl::getBinaryDataAliasVector(DBDataType dataType, AliasVector &aliasVector)
+int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector)
{
int my_counter = ++m_counter;
int ManagerImpl::getKeyAliasVector(AliasVector &aliasVector) {
// in fact datatype has no meaning here - if not certificate or binary data
// then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST
- return getBinaryDataAliasVector(DBDataType::DB_KEY_LAST, aliasVector);
+ return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector);
}
int ManagerImpl::getCertificateAliasVector(AliasVector &aliasVector) {
- return getBinaryDataAliasVector(DBDataType::CERTIFICATE, aliasVector);
+ return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector);
}
int ManagerImpl::getDataAliasVector(AliasVector &aliasVector) {
- return getBinaryDataAliasVector(DBDataType::BINARY_DATA, aliasVector);
+ return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector);
}
int ManagerImpl::createKeyPairRSA(
protected:
int saveBinaryData(
const Alias &alias,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &rawData,
const Policy &policy);
int getBinaryData(
const Alias &alias,
- DBDataType sendDataType,
+ DataType sendDataType,
const Password &password,
- DBDataType &recvDataType,
+ DataType &recvDataType,
RawBuffer &rawData);
int getBinaryDataAliasVector(
- DBDataType sendDataType,
+ DataType sendDataType,
AliasVector &aliasVector);
int createKeyPair(
// throw an error and close the connection).
Serialization::Serialize(stream, static_cast<size_t>(isAnyKeyPresent?1:0));
if(keyPtr) {
- Serialization::Serialize(stream, DBDataType(keyPtr->getType()));
+ Serialization::Serialize(stream, DataType(keyPtr->getType()));
Serialization::Serialize(stream, keyPtr->getDER());
}
// for backward compatibility append new at the end
};
-class DBDataType {
+class DataType {
public:
class Exception {
public:
DECLARE_EXCEPTION_TYPE(Base, OutOfRange)
};
- enum DataType {
+ enum Type {
KEY_RSA_PUBLIC,
KEY_RSA_PRIVATE,
KEY_ECDSA_PUBLIC,
DB_LAST = CHAIN_CERT_15,
};
- DBDataType()
+ DataType()
: m_dataType(BINARY_DATA)
{}
- DBDataType(DataType data)
+ DataType(Type data)
: m_dataType(data)
{
if (!isInRange(data))
ThrowMsg(Exception::OutOfRange, "Invalid conversion from DataType to DBDataType");
}
- explicit DBDataType(KeyType key) {
+ explicit DataType(KeyType key) {
switch(key) {
- case KeyType::KEY_RSA_PUBLIC: m_dataType = DBDataType::KEY_RSA_PUBLIC; break;
- case KeyType::KEY_RSA_PRIVATE: m_dataType = DBDataType::KEY_RSA_PRIVATE; break;
- case KeyType::KEY_DSA_PUBLIC: m_dataType = DBDataType::KEY_DSA_PUBLIC; break;
- case KeyType::KEY_DSA_PRIVATE: m_dataType = DBDataType::KEY_DSA_PRIVATE; break;
- case KeyType::KEY_ECDSA_PUBLIC: m_dataType = DBDataType::KEY_ECDSA_PUBLIC; break;
- case KeyType::KEY_ECDSA_PRIVATE: m_dataType = DBDataType::KEY_ECDSA_PRIVATE; break;
- case KeyType::KEY_AES: m_dataType = DBDataType::KEY_AES; break;
+ case KeyType::KEY_RSA_PUBLIC: m_dataType = DataType::KEY_RSA_PUBLIC; break;
+ case KeyType::KEY_RSA_PRIVATE: m_dataType = DataType::KEY_RSA_PRIVATE; break;
+ case KeyType::KEY_DSA_PUBLIC: m_dataType = DataType::KEY_DSA_PUBLIC; break;
+ case KeyType::KEY_DSA_PRIVATE: m_dataType = DataType::KEY_DSA_PRIVATE; break;
+ case KeyType::KEY_ECDSA_PUBLIC: m_dataType = DataType::KEY_ECDSA_PUBLIC; break;
+ case KeyType::KEY_ECDSA_PRIVATE: m_dataType = DataType::KEY_ECDSA_PRIVATE; break;
+ case KeyType::KEY_AES: m_dataType = DataType::KEY_AES; break;
default:
ThrowMsg(Exception::OutOfRange, "Invalid conversion from KeyType to DBDataType");
}
}
- explicit DBDataType(int data)
- : m_dataType(static_cast<DataType>(data))
+ explicit DataType(int data)
+ : m_dataType(static_cast<Type>(data))
{
if (!isInRange(data))
ThrowMsg(Exception::OutOfRange, "Invalid conversion from int to DBDataType");
}
- DBDataType(const DBDataType &) = default;
- DBDataType& operator=(const DBDataType &) = default;
+ DataType(const DataType &) = default;
+ DataType& operator=(const DataType &) = default;
operator int () const {
return static_cast<int>(m_dataType);
operator KeyType () const {
switch(m_dataType) {
- case DBDataType::KEY_RSA_PUBLIC: return KeyType::KEY_RSA_PUBLIC;
- case DBDataType::KEY_RSA_PRIVATE: return KeyType::KEY_RSA_PRIVATE;
- case DBDataType::KEY_DSA_PUBLIC: return KeyType::KEY_DSA_PUBLIC;
- case DBDataType::KEY_DSA_PRIVATE: return KeyType::KEY_DSA_PRIVATE;
- case DBDataType::KEY_ECDSA_PRIVATE: return KeyType::KEY_ECDSA_PRIVATE;
- case DBDataType::KEY_ECDSA_PUBLIC: return KeyType::KEY_ECDSA_PUBLIC;
- case DBDataType::KEY_AES: return KeyType::KEY_AES;
+ case DataType::KEY_RSA_PUBLIC: return KeyType::KEY_RSA_PUBLIC;
+ case DataType::KEY_RSA_PRIVATE: return KeyType::KEY_RSA_PRIVATE;
+ case DataType::KEY_DSA_PUBLIC: return KeyType::KEY_DSA_PUBLIC;
+ case DataType::KEY_DSA_PRIVATE: return KeyType::KEY_DSA_PRIVATE;
+ case DataType::KEY_ECDSA_PRIVATE: return KeyType::KEY_ECDSA_PRIVATE;
+ case DataType::KEY_ECDSA_PUBLIC: return KeyType::KEY_ECDSA_PUBLIC;
+ case DataType::KEY_AES: return KeyType::KEY_AES;
default:
ThrowMsg(Exception::OutOfRange, "Invalid conversion from DBDataType to KeyType");
}
}
- bool operator==(const DBDataType &second) const {
+ bool operator==(const DataType &second) const {
return m_dataType == second.m_dataType;
}
return false;
}
- static DBDataType getChainDatatype(unsigned int index)
+ static DataType getChainDatatype(unsigned int index)
{
- DBDataType result(static_cast<int>(index) + DB_CHAIN_FIRST);
+ DataType result(static_cast<int>(index) + DB_CHAIN_FIRST);
if ( !result.isChainCert() )
ThrowMsg(Exception::OutOfRange, "Certificate number is out of range");
}
// it's not virtual for a reason!
- ~DBDataType(){}
+ ~DataType(){}
private:
- DataType m_dataType;
+ Type m_dataType;
};
// (client side) Alias = (service side) Label::Name
}
int AccessControl::canExport(
- const DBRow & row,
+ const DB::Row & row,
const PermissionForLabel & permissionLabel) const
{
int ec;
* check if given row can be exported (data provided to the client)
* @return CKM_API_SUCCESS if access is allowed, otherwise negative error code
*/
- int canExport(const DBRow & row,
+ int canExport(const DB::Row & row,
const PermissionForLabel & permissionLabel) const;
/**
}
RawBuffer key = handle.keyProvider.getPureDEK(wrappedDatabaseDEK);
- handle.database = DBCrypto(fs.getDBPath(), key);
+ handle.database = DB::Crypto(fs.getDBPath(), key);
handle.crypto = CryptoLogic();
// remove data of removed apps during locked state
}
}
- } catch (const DBCrypto::Exception::InternalError &e) {
- LogError("DBCrypto couldn't remove data: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::InternalError &e) {
+ LogError("DB::Crypto couldn't remove data: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
- } catch (const DBCrypto::Exception::TransactionError &e) {
- LogError("DBCrypto transaction failed with message " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::TransactionError &e) {
+ LogError("DB::Crypto transaction failed with message " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const FileSystem::Exception::Base &e) {
LogError("Error in FileSystem " << e.GetMessage());
return CKM_API_SUCCESS;
}
-DBRow CKMLogic::createEncryptedDBRow(
+DB::Row CKMLogic::createEncryptedRow(
CryptoLogic &crypto,
const Name &name,
const Label &label,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &data,
const Policy &policy) const
{
- DBRow row = { name, label, policy.extractable, dataType, DBCMAlgType::NONE,
+ DB::Row row = { name, label, policy.extractable, dataType, DBCMAlgType::NONE,
0, RawBuffer(), static_cast<int>(data.size()), data, RawBuffer() };
// do not encrypt data with password during cc_mode on
return row;
}
-int CKMLogic::verifyBinaryData(DBDataType dataType, const RawBuffer &input_data) const
+int CKMLogic::verifyBinaryData(DataType dataType, const RawBuffer &input_data) const
{
// verify the data integrity
if (dataType.isKey())
const Name &name,
const Label &label,
const RawBuffer &data,
- DBDataType dataType,
+ DataType dataType,
const PolicySerializable &policy)
{
int retCode;
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::InternalError &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::InternalError &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
- } catch (const DBCrypto::Exception::TransactionError &e) {
- LogError("DBCrypto transaction failed with message " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::TransactionError &e) {
+ LogError("DB::Crypto transaction failed with message " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const FileSystem::Exception::Base &e) {
LogError("Error in FileSystem " << e.GetMessage());
const PKCS12Serializable &pkcs,
const PolicySerializable &keyPolicy,
const PolicySerializable &certPolicy,
- DBRowVector &output) const
+ DB::RowVector &output) const
{
// private key is mandatory
if( !pkcs.getKey() )
return CKM_API_ERROR_INVALID_FORMAT;
Key* keyPtr = pkcs.getKey().get();
- DBDataType keyType = DBDataType(keyPtr->getType());
+ DataType keyType = DataType(keyPtr->getType());
RawBuffer keyData = keyPtr->getDER();
int retCode = verifyBinaryData(keyType, keyData);
if(retCode != CKM_API_SUCCESS)
return retCode;
- output.push_back(createEncryptedDBRow(crypto, name, ownerLabel, keyType, keyData, keyPolicy));
+ output.push_back(createEncryptedRow(crypto, name, ownerLabel, keyType, keyData, keyPolicy));
// certificate is mandatory
if( !pkcs.getCertificate() )
return CKM_API_ERROR_INVALID_FORMAT;
RawBuffer certData = pkcs.getCertificate().get()->getDER();
- retCode = verifyBinaryData(DBDataType::CERTIFICATE, certData);
+ retCode = verifyBinaryData(DataType::CERTIFICATE, certData);
if(retCode != CKM_API_SUCCESS)
return retCode;
- output.push_back(createEncryptedDBRow(crypto, name, ownerLabel, DBDataType::CERTIFICATE, certData, certPolicy));
+ output.push_back(createEncryptedRow(crypto, name, ownerLabel, DataType::CERTIFICATE, certData, certPolicy));
// CA cert chain
unsigned int cert_index = 0;
for(const auto & ca : pkcs.getCaCertificateShPtrVector())
{
- DBDataType chainDataType = DBDataType::getChainDatatype(cert_index ++);
+ DataType chainDataType = DataType::getChainDatatype(cert_index ++);
RawBuffer caCertData = ca->getDER();
int retCode = verifyBinaryData(chainDataType, caCertData);
if(retCode != CKM_API_SUCCESS)
return retCode;
- output.push_back(createEncryptedDBRow(crypto, name, ownerLabel, chainDataType, caCertData, certPolicy));
+ output.push_back(createEncryptedRow(crypto, name, ownerLabel, chainDataType, caCertData, certPolicy));
}
return CKM_API_SUCCESS;
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::InternalError &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::InternalError &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
- } catch (const DBCrypto::Exception::TransactionError &e) {
- LogError("DBCrypto transaction failed with message " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::TransactionError &e) {
+ LogError("DB::Crypto transaction failed with message " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const CKM::Exception &e) {
LogError("CKM::Exception: " << e.GetMessage());
}
auto &database = m_userDataMap[cred.uid].database;
- DBCrypto::Transaction transaction(&database);
+ DB::Crypto::Transaction transaction(&database);
// read and check permissions
PermissionMaskOptional permissionRowOpt =
return access_ec;
}
- auto erased = database.deleteDBRow(name, ownerLabel);
+ auto erased = database.deleteRow(name, ownerLabel);
// check if the data existed or not
if(erased)
transaction.commit();
int CKMLogic::readSingleRow(const Name &name,
const Label &ownerLabel,
- DBDataType dataType,
- DBCrypto & database,
- DBRow &row)
+ DataType dataType,
+ DB::Crypto & database,
+ DB::Row &row)
{
- DBCrypto::DBRowOptional row_optional;
+ DB::Crypto::RowOptional row_optional;
if (dataType.isKey())
{
// read all key types
- row_optional = database.getDBRow(name,
+ row_optional = database.getRow(name,
ownerLabel,
- DBDataType::DB_KEY_FIRST,
- DBDataType::DB_KEY_LAST);
+ DataType::DB_KEY_FIRST,
+ DataType::DB_KEY_LAST);
} else {
// read anything else
- row_optional = database.getDBRow(name,
+ row_optional = database.getRow(name,
ownerLabel,
dataType);
}
int CKMLogic::readMultiRow(const Name &name,
const Label &ownerLabel,
- DBDataType dataType,
- DBCrypto & database,
- DBRowVector &output)
+ DataType dataType,
+ DB::Crypto & database,
+ DB::RowVector &output)
{
if (dataType.isKey())
{
// read all key types
- database.getDBRows(name,
+ database.getRows(name,
ownerLabel,
- DBDataType::DB_KEY_FIRST,
- DBDataType::DB_KEY_LAST,
+ DataType::DB_KEY_FIRST,
+ DataType::DB_KEY_LAST,
output);
}
else if (dataType.isChainCert())
{
// read all key types
- database.getDBRows(name,
+ database.getRows(name,
ownerLabel,
- DBDataType::DB_CHAIN_FIRST,
- DBDataType::DB_CHAIN_LAST,
+ DataType::DB_CHAIN_FIRST,
+ DataType::DB_CHAIN_LAST,
output);
}
else
{
// read anything else
- database.getDBRows(name,
+ database.getRows(name,
ownerLabel,
dataType,
output);
int CKMLogic::checkDataPermissionsHelper(const Name &name,
const Label &ownerLabel,
const Label &accessorLabel,
- const DBRow &row,
+ const DB::Row &row,
bool exportFlag,
- DBCrypto & database)
+ DB::Crypto & database)
{
PermissionMaskOptional permissionRowOpt =
database.getPermissionRow(name, ownerLabel, accessorLabel);
int CKMLogic::readDataHelper(
bool exportFlag,
const Credentials &cred,
- DBDataType dataType,
+ DataType dataType,
const Name &name,
const Label &label,
const Password &password,
- DBRowVector &rows)
+ DB::RowVector &rows)
{
if (0 == m_userDataMap.count(cred.uid))
return CKM_API_ERROR_DB_LOCKED;
auto &handler = m_userDataMap[cred.uid];
// read rows
- DBCrypto::Transaction transaction(&handler.database);
+ DB::Crypto::Transaction transaction(&handler.database);
int ec = readMultiRow(name, ownerLabel, dataType, handler.database, rows);
if(CKM_API_SUCCESS != ec)
return ec;
// all read rows belong to the same owner
- DBRow & firstRow = rows.at(0);
+ DB::Row & firstRow = rows.at(0);
// check access rights
ec = checkDataPermissionsHelper(name, ownerLabel, cred.smackLabel, firstRow, exportFlag, handler.database);
int CKMLogic::readDataHelper(
bool exportFlag,
const Credentials &cred,
- DBDataType dataType,
+ DataType dataType,
const Name &name,
const Label &label,
const Password &password,
- DBRow &row)
+ DB::Row &row)
{
if (0 == m_userDataMap.count(cred.uid))
return CKM_API_ERROR_DB_LOCKED;
auto &handler = m_userDataMap[cred.uid];
// read row
- DBCrypto::Transaction transaction(&handler.database);
+ DB::Crypto::Transaction transaction(&handler.database);
int ec = readSingleRow(name, ownerLabel, dataType, handler.database, row);
if(CKM_API_SUCCESS != ec)
return ec;
RawBuffer CKMLogic::getData(
const Credentials &cred,
int commandId,
- DBDataType dataType,
+ DataType dataType,
const Name &name,
const Label &label,
const Password &password)
{
int retCode = CKM_API_SUCCESS;
- DBRow row;
+ DB::Row row;
try {
retCode = readDataHelper(true, cred, dataType, name, label, password, row);
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::Base &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::Base &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const CKM::Exception &e) {
LogError("CKM::Exception: " << e.GetMessage());
int retCode;
// read private key (mandatory)
- DBRow privKeyRow;
- retCode = readDataHelper(true, cred, DBDataType::DB_KEY_FIRST, name, label, CKM::Password(), privKeyRow);
+ DB::Row privKeyRow;
+ retCode = readDataHelper(true, cred, DataType::DB_KEY_FIRST, name, label, CKM::Password(), privKeyRow);
if(retCode != CKM_API_SUCCESS)
return retCode;
privKey = CKM::Key::create(privKeyRow.data);
// read certificate (mandatory)
- DBRow certRow;
- retCode = readDataHelper(true, cred, DBDataType::CERTIFICATE, name, label, CKM::Password(), certRow);
+ DB::Row certRow;
+ retCode = readDataHelper(true, cred, DataType::CERTIFICATE, name, label, CKM::Password(), certRow);
if(retCode != CKM_API_SUCCESS)
return retCode;
cert = CKM::Certificate::create(certRow.data, DataFormat::FORM_DER);
// read CA cert chain (optional)
- DBRowVector rawCaChain;
- retCode = readDataHelper(true, cred, DBDataType::DB_CHAIN_FIRST, name, label, CKM::Password(), rawCaChain);
+ DB::RowVector rawCaChain;
+ retCode = readDataHelper(true, cred, DataType::DB_CHAIN_FIRST, name, label, CKM::Password(), rawCaChain);
if(retCode != CKM_API_SUCCESS &&
retCode != CKM_API_ERROR_DB_ALIAS_UNKNOWN)
return retCode;
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::Base &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::Base &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const CKM::Exception &e) {
LogError("CKM::Exception: " << e.GetMessage());
RawBuffer CKMLogic::getDataList(
const Credentials &cred,
int commandId,
- DBDataType dataType)
+ DataType dataType)
{
int retCode = CKM_API_SUCCESS;
LabelNameVector labelNameVector;
// list all key types
database.listNames(cred.smackLabel,
labelNameVector,
- DBDataType::DB_KEY_FIRST,
- DBDataType::DB_KEY_LAST);
+ DataType::DB_KEY_FIRST,
+ DataType::DB_KEY_LAST);
} else {
// list anything else
database.listNames(cred.smackLabel,
const Credentials &cred,
const Name &name,
const Label &label,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &data,
const PolicySerializable &policy)
{
const Label &ownerLabel = label.empty() ? cred.smackLabel : label;
// check if save is possible
- DBCrypto::Transaction transaction(&handler.database);
+ DB::Crypto::Transaction transaction(&handler.database);
int retCode = checkSaveConditions(cred, handler, name, ownerLabel);
if(retCode != CKM_API_SUCCESS)
return retCode;
// save the data
- DBRow encryptedRow = createEncryptedDBRow(handler.crypto, name, ownerLabel, dataType, data, policy);
- handler.database.saveDBRow(encryptedRow);
+ DB::Row encryptedRow = createEncryptedRow(handler.crypto, name, ownerLabel, dataType, data, policy);
+ handler.database.saveRow(encryptedRow);
transaction.commit();
return CKM_API_SUCCESS;
const Label &ownerLabel = label.empty() ? cred.smackLabel : label;
// check if save is possible
- DBCrypto::Transaction transaction(&handler.database);
+ DB::Crypto::Transaction transaction(&handler.database);
int retCode = checkSaveConditions(cred, handler, name, ownerLabel);
if(retCode != CKM_API_SUCCESS)
return retCode;
// extract and encrypt the data
- DBRowVector encryptedRows;
+ DB::RowVector encryptedRows;
retCode = extractPKCS12Data(handler.crypto, name, ownerLabel, pkcs, keyPolicy, certPolicy, encryptedRows);
if(retCode != CKM_API_SUCCESS)
return retCode;
// save the data
- handler.database.saveDBRows(name, ownerLabel, encryptedRows);
+ handler.database.saveRows(name, ownerLabel, encryptedRows);
transaction.commit();
return CKM_API_SUCCESS;
}
auto &database = m_userDataMap[cred.uid].database;
- DBCrypto::Transaction transaction(&database);
+ DB::Crypto::Transaction transaction(&database);
retCode = saveDataHelper(cred,
namePrivate,
labelPrivate,
- DBDataType(prv.getType()),
+ DataType(prv.getType()),
prv.getDER(),
policyPrivate);
if (CKM_API_SUCCESS != retCode)
retCode = saveDataHelper(cred,
namePublic,
labelPublic,
- DBDataType(pub.getType()),
+ DataType(pub.getType()),
pub.getDER(),
policyPublic);
if (CKM_API_SUCCESS != retCode)
labelPublic,
policyPrivate,
policyPublic);
- } catch (DBCrypto::Exception::TransactionError &e) {
- LogDebug("DBCrypto error: transaction error: " << e.GetMessage());
+ } catch (DB::Crypto::Exception::TransactionError &e) {
+ LogDebug("DB::Crypto error: transaction error: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (CKM::CryptoLogic::Exception::Base &e) {
LogDebug("CryptoLogic error: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (DBCrypto::Exception::InternalError &e) {
- LogDebug("DBCrypto internal error: " << e.GetMessage());
+ } catch (DB::Crypto::Exception::InternalError &e) {
+ LogDebug("DB::Crypto internal error: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const CKM::Exception &e) {
LogError("CKM::Exception: " << e.GetMessage());
const LabelNameVector &labelNameVector,
CertificateImplVector &certVector)
{
- DBRow row;
+ DB::Row row;
for (auto &i: labelNameVector) {
- int ec = readDataHelper(false, cred, DBDataType::CERTIFICATE, i.second, i.first, Password(), row);
+ int ec = readDataHelper(false, cred, DataType::CERTIFICATE, i.second, i.first, Password(), row);
if (ec != CKM_API_SUCCESS)
return ec;
certVector.push_back(CertificateImpl(row.data, DataFormat::FORM_DER));
// try to read chain certificates (if present)
- DBRowVector rawCaChain;
- ec = readDataHelper(false, cred, DBDataType::DB_CHAIN_FIRST, i.second, i.first, CKM::Password(), rawCaChain);
+ DB::RowVector rawCaChain;
+ ec = readDataHelper(false, cred, DataType::DB_CHAIN_FIRST, i.second, i.first, CKM::Password(), rawCaChain);
if(ec != CKM_API_SUCCESS && ec != CKM_API_ERROR_DB_ALIAS_UNKNOWN)
return ec;
for(auto &rawCaCert : rawCaChain)
CertificateImplVector untrustedCertVector;
CertificateImplVector trustedCertVector;
CertificateImplVector chainVector;
- DBRow row;
+ DB::Row row;
if (cert.empty())
return CKM_API_ERROR_INPUT_PARAM;
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::Base &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::Base &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const std::exception& e) {
LogError("STD exception " << e.what());
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::Base &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::Base &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const std::exception& e) {
LogError("STD exception " << e.what());
const HashAlgorithm hash,
const RSAPaddingAlgorithm padding)
{
- DBRow row;
+ DB::Row row;
CryptoService cs;
RawBuffer signature;
int retCode = CKM_API_SUCCESS;
try {
- retCode = readDataHelper(false, cred, DBDataType::DB_KEY_FIRST, privateKeyName, ownerLabel, password, row);
+ retCode = readDataHelper(false, cred, DataType::DB_KEY_FIRST, privateKeyName, ownerLabel, password, row);
if(retCode == CKM_API_SUCCESS)
{
KeyImpl keyParsed(row.data, Password());
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::Base &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::Base &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const CKM::Exception &e) {
LogError("Unknown CKM::Exception: " << e.GetMessage());
try {
do {
CryptoService cs;
- DBRow row;
+ DB::Row row;
KeyImpl key;
// try certificate first - looking for a public key.
// in case of PKCS, pub key from certificate will be found first
// rather than private key from the same PKCS.
- retCode = readDataHelper(false, cred, DBDataType::CERTIFICATE, publicKeyOrCertName, ownerLabel, password, row);
+ retCode = readDataHelper(false, cred, DataType::CERTIFICATE, publicKeyOrCertName, ownerLabel, password, row);
if (retCode == CKM_API_SUCCESS) {
CertificateImpl cert(row.data, DataFormat::FORM_DER);
key = cert.getKeyImpl();
} else if (retCode == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- retCode = readDataHelper(false, cred, DBDataType::DB_KEY_FIRST, publicKeyOrCertName, ownerLabel, password, row);
+ retCode = readDataHelper(false, cred, DataType::DB_KEY_FIRST, publicKeyOrCertName, ownerLabel, password, row);
if (retCode != CKM_API_SUCCESS)
break;
key = KeyImpl(row.data);
} catch (const CryptoLogic::Exception::Base &e) {
LogError("CryptoLogic failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_SERVER_ERROR;
- } catch (const DBCrypto::Exception::Base &e) {
- LogError("DBCrypto failed with message: " << e.GetMessage());
+ } catch (const DB::Crypto::Exception::Base &e) {
+ LogError("DB::Crypto failed with message: " << e.GetMessage());
retCode = CKM_API_ERROR_DB_ERROR;
} catch (const CKM::Exception &e) {
LogError("Unknown CKM::Exception: " << e.GetMessage());
return CKM_API_ERROR_DB_LOCKED;
auto &database = m_userDataMap[cred.uid].database;
- DBCrypto::Transaction transaction(&database);
+ DB::Crypto::Transaction transaction(&database);
if( !database.isNameLabelPresent(name, ownerLabel) )
return CKM_API_ERROR_DB_ALIAS_UNKNOWN;
{}
KeyProvider keyProvider;
- DBCrypto database;
+ DB::Crypto database;
CryptoLogic crypto;
bool isMainDKEK;
bool isDKEKConfirmed;
const Name &name,
const Label &label,
const RawBuffer &data,
- DBDataType dataType,
+ DataType dataType,
const PolicySerializable &policy);
RawBuffer savePKCS12(
RawBuffer getData(
const Credentials &cred,
int commandId,
- DBDataType dataType,
+ DataType dataType,
const Name &name,
const Label &label,
const Password &password);
RawBuffer getDataList(
const Credentials &cred,
int commandId,
- DBDataType dataType);
+ DataType dataType);
RawBuffer createKeyPair(
const Credentials &cred,
const Password &password);
int verifyBinaryData(
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &input_data) const;
int checkSaveConditions(
const Credentials &cred,
const Name &name,
const Label &label,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &data,
const PolicySerializable &policy);
const PolicySerializable &keyPolicy,
const PolicySerializable &certPolicy);
- DBRow createEncryptedDBRow(
+ DB::Row createEncryptedRow(
CryptoLogic &crypto,
const Name &name,
const Label &label,
- DBDataType dataType,
+ DataType dataType,
const RawBuffer &data,
const Policy &policy) const;
const PKCS12Serializable &pkcs,
const PolicySerializable &keyPolicy,
const PolicySerializable &certPolicy,
- DBRowVector &output) const;
+ DB::RowVector &output) const;
int removeDataHelper(
const Credentials &cred,
int readSingleRow(
const Name &name,
const Label &ownerLabel,
- DBDataType dataType,
- DBCrypto & database,
- DBRow &row);
+ DataType dataType,
+ DB::Crypto & database,
+ DB::Row &row);
int readMultiRow(const Name &name,
const Label &ownerLabel,
- DBDataType dataType,
- DBCrypto & database,
- DBRowVector &output);
+ DataType dataType,
+ DB::Crypto & database,
+ DB::RowVector &output);
int checkDataPermissionsHelper(
const Name &name,
const Label &ownerLabel,
const Label &accessorLabel,
- const DBRow &row,
+ const DB::Row &row,
bool exportFlag,
- DBCrypto & database);
+ DB::Crypto & database);
int readDataHelper(
bool exportFlag,
const Credentials &cred,
- DBDataType dataType,
+ DataType dataType,
const Name &name,
const Label &label,
const Password &password,
- DBRow &row);
+ DB::Row &row);
int readDataHelper(
bool exportFlag,
const Credentials &cred,
- DBDataType dataType,
+ DataType dataType,
const Name &name,
const Label &label,
const Password &password,
- DBRowVector &rows);
+ DB::RowVector &rows);
int createKeyPairHelper(
const Credentials &cred,
LogError("Broken protocol. Closing socket.");
} Catch (Exception::BrokenProtocol) {
LogError("Broken protocol. Closing socket.");
- } catch (const DBDataType::Exception::Base &e) {
+ } catch (const DataType::Exception::Base &e) {
LogError("Closing socket. DBDataType::Exception: " << e.DumpToString());
} catch (const std::string &e) {
LogError("String exception(" << e << "). Closing socket");
name,
label,
rawData,
- DBDataType(tmpDataType),
+ DataType(tmpDataType),
policy);
}
case LogicCommand::SAVE_PKCS12:
return m_logic->getData(
cred,
msgID,
- DBDataType(tmpDataType),
+ DataType(tmpDataType),
name,
label,
password);
return m_logic->getDataList(
cred,
msgID,
- DBDataType(tmpDataType));
+ DataType(tmpDataType));
}
case LogicCommand::CREATE_KEY_PAIR_RSA:
case LogicCommand::CREATE_KEY_PAIR_DSA:
return civ;
}
-void CryptoLogic::encryptRow(const Password &password, DBRow &row)
+void CryptoLogic::encryptRow(const Password &password, DB::Row &row)
{
try {
- DBRow crow = row;
+ DB::Row crow = row;
RawBuffer key;
RawBuffer result1;
RawBuffer result2;
}
}
-void CryptoLogic::decryptRow(const Password &password, DBRow &row)
+void CryptoLogic::decryptRow(const Password &password, DB::Row &row)
{
try {
- DBRow crow = row;
+ DB::Row crow = row;
RawBuffer key;
RawBuffer digest, dataDigest;
virtual ~CryptoLogic(){}
- void decryptRow(const Password &password, DBRow &row);
- void encryptRow(const Password &password, DBRow &row);
+ void decryptRow(const Password &password, DB::Row &row);
+ void encryptRow(const Password &password, DB::Row &row);
bool haveKey(const Label &smackLabel);
void pushKey(const Label &smackLabel,
const char *DB_CMD_NAME_INSERT =
- "INSERT INTO NAME_TABLE("
+ "INSERT INTO NAMES("
" name, label) "
" VALUES(?101, ?102);";
const char *DB_CMD_NAME_COUNT_ROWS =
- "SELECT COUNT(idx) FROM NAME_TABLE WHERE name=?101 AND label=?102;";
+ "SELECT COUNT(idx) FROM NAMES WHERE name=?101 AND label=?102;";
const char *DB_CMD_NAME_DELETE =
- "DELETE FROM NAME_TABLE WHERE name=?101 AND label=?102;";
+ "DELETE FROM NAMES WHERE name=?101 AND label=?102;";
const char *DB_CMD_NAME_DELETE_BY_LABEL =
- "DELETE FROM NAME_TABLE WHERE label=?102;";
+ "DELETE FROM NAMES WHERE label=?102;";
const char *DB_CMD_OBJECT_INSERT =
- "INSERT INTO OBJECT_TABLE("
+ "INSERT INTO OBJECTS("
" exportable, dataType,"
" algorithmType, encryptionScheme,"
" iv, dataSize, data, tag, idx) "
" VALUES(?001, ?002, ?003, ?004, ?005, "
" ?006, ?007, ?008,"
- " (SELECT idx FROM NAME_TABLE WHERE name=?101 and label=?102)"
+ " (SELECT idx FROM NAMES WHERE name=?101 and label=?102)"
" );";
const char *DB_CMD_OBJECT_SELECT_BY_NAME_AND_LABEL =
const char *DB_CMD_KEY_INSERT =
- "INSERT INTO KEY_TABLE(label, key) VALUES (?, ?);";
+ "INSERT INTO KEYS(label, key) VALUES (?, ?);";
const char *DB_CMD_KEY_SELECT =
- "SELECT key FROM KEY_TABLE WHERE label=?;";
+ "SELECT key FROM KEYS WHERE label=?;";
const char *DB_CMD_KEY_DELETE =
- "DELETE FROM KEY_TABLE WHERE label=?";
+ "DELETE FROM KEYS WHERE label=?";
const char *DB_CMD_PERMISSION_SET = // SQLite does not support updating views
- "REPLACE INTO PERMISSION_TABLE(permissionLabel, permissionMask, idx) "
- " VALUES (?104, ?105, (SELECT idx FROM NAME_TABLE WHERE name=?101 and label=?102));";
+ "REPLACE INTO PERMISSIONS(permissionLabel, permissionMask, idx) "
+ " VALUES (?104, ?105, (SELECT idx FROM NAMES WHERE name=?101 and label=?102));";
const char *DB_CMD_PERMISSION_SELECT =
"SELECT permissionMask FROM [join_name_permission_tables] "
" AND name=?101 and label=?102;";
const char *DB_CMD_PERMISSION_DELETE = // SQLite does not support updating views
- "DELETE FROM PERMISSION_TABLE WHERE permissionLabel=?104 AND "
- " idx=(SELECT idx FROM NAME_TABLE WHERE name=?101 and label=?102);";
+ "DELETE FROM PERMISSIONS WHERE permissionLabel=?104 AND "
+ " idx=(SELECT idx FROM NAMES WHERE name=?101 and label=?102);";
/*
}
namespace CKM {
-using namespace DB;
- DBCrypto::DBCrypto(const std::string& path, const RawBuffer &rawPass)
+namespace DB {
+ Crypto::Crypto(const std::string& path, const RawBuffer &rawPass)
{
m_connection = NULL;
m_inUserTransaction = false;
m_connection->ExecCommand("VACUUM;");
} Catch(SqlConnection::Exception::ConnectionBroken) {
LogError("Couldn't connect to database: " << path);
- ReThrow(DBCrypto::Exception::InternalError);
+ ReThrow(Crypto::Exception::InternalError);
} Catch(SqlConnection::Exception::InvalidArguments) {
LogError("Couldn't set the key for database");
- ReThrow(DBCrypto::Exception::InternalError);
+ ReThrow(Crypto::Exception::InternalError);
} Catch(SqlConnection::Exception::SyntaxError) {
LogError("Couldn't initiate the database");
- ReThrow(DBCrypto::Exception::InternalError);
+ ReThrow(Crypto::Exception::InternalError);
} Catch(SqlConnection::Exception::InternalError) {
- LogError("Couldn't intialize the database");
- ReThrow(DBCrypto::Exception::InternalError);
+ LogError("Couldn't create the database");
+ ReThrow(Crypto::Exception::InternalError);
}
}
- DBCrypto::DBCrypto(DBCrypto &&other) :
+ Crypto::Crypto(Crypto &&other) :
m_connection(other.m_connection),
m_inUserTransaction(other.m_inUserTransaction)
{
other.m_inUserTransaction = false;
}
- DBCrypto::~DBCrypto() {
+ Crypto::~Crypto() {
delete m_connection;
}
- DBCrypto& DBCrypto::operator=(DBCrypto&& other) {
+ Crypto& Crypto::operator=(Crypto&& other) {
if (this == &other)
return *this;
delete m_connection;
return *this;
}
- void DBCrypto::createTable(
+ void Crypto::createTable(
const char* create_cmd,
const char *table_name)
{
}
}
- void DBCrypto::createView(
+ void Crypto::createView(
const char* create_cmd)
{
Try {
}
}
- bool DBCrypto::getDBVersion(int & schemaVersion)
+ bool Crypto::getDBVersion(int & schemaVersion)
{
SchemaInfo SchemaInfo(this);
if(SchemaInfo.getVersionInfo(schemaVersion)) {
return false;
}
- void DBCrypto::initDatabase()
+ void Crypto::initDatabase()
{
// run migration if old database is present
int schemaVersion;
}
}
- DBCrypto::ScriptOptional DBCrypto::getScript(const std::string &scriptName) const
+ Crypto::ScriptOptional Crypto::getScript(const std::string &scriptName) const
{
std::string scriptPath = SCRIPTS_PATH + scriptName + std::string(".sql");
std::ifstream is(scriptPath);
std::istreambuf_iterator<char> begin(is),end;
return ScriptOptional(std::string(begin, end));
}
- DBCrypto::ScriptOptional DBCrypto::getMigrationScript(int db_version) const
+
+ Crypto::ScriptOptional Crypto::getMigrationScript(int db_version) const
{
std::string scriptPath = std::string(SCRIPT_MIGRATE) + std::to_string(db_version);
return getScript(scriptPath);
}
- void DBCrypto::createDBSchema() {
+ void Crypto::createDBSchema() {
Transaction transaction(this);
ScriptOptional script = getScript(SCRIPT_CREATE_SCHEMA);
transaction.commit();
}
- void DBCrypto::resetDB() {
+ void Crypto::resetDB() {
Transaction transaction(this);
ScriptOptional script = getScript(SCRIPT_DROP_ALL_ITEMS);
if(!script)
transaction.commit();
}
- bool DBCrypto::isNameLabelPresent(const Name &name, const Label &owner) const {
+ bool Crypto::isNameLabelPresent(const Name &name, const Label &owner) const {
Try {
NameTable nameTable(this->m_connection);
return nameTable.isPresent(name, owner);
} Catch(SqlConnection::Exception::InternalError) {
LogError("Couldn't execute insert statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't check if name and label pair is present");
}
- void DBCrypto::saveDBRows(const Name &name, const Label &owner, const DBRowVector &rows)
+ void Crypto::saveRows(const Name &name, const Label &owner, const RowVector &rows)
{
Try {
// transaction is present in the layer above
} Catch(SqlConnection::Exception::InternalError) {
LogError("Couldn't execute insert statement: " << _rethrown_exception.GetMessage());
}
- ThrowMsg(DBCrypto::Exception::InternalError,
- "Couldn't save DBRow");
+ ThrowMsg(Crypto::Exception::InternalError,
+ "Couldn't save Row");
}
- void DBCrypto::saveDBRow(const DBRow &row) {
+ void Crypto::saveRow(const Row &row) {
Try {
// transaction is present in the layer above
NameTable nameTable(this->m_connection);
} Catch(SqlConnection::Exception::InternalError) {
LogError("Couldn't execute insert statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
- "Couldn't save DBRow");
+ ThrowMsg(Crypto::Exception::InternalError,
+ "Couldn't save Row");
}
- bool DBCrypto::deleteDBRow(
+ bool Crypto::deleteRow(
const Name &name,
const Label &ownerLabel)
{
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute delete statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
- "Couldn't delete DBRow for name " << name << " using ownerLabel " << ownerLabel);
+ ThrowMsg(Crypto::Exception::InternalError,
+ "Couldn't delete Row for name " << name << " using ownerLabel " << ownerLabel);
}
- DBRow DBCrypto::getRow(
+ Row Crypto::getRow(
const SqlConnection::DataCommandUniquePtr &selectCommand) const {
- DBRow row;
+ Row row;
row.name = selectCommand->GetColumnString(0);
row.ownerLabel = selectCommand->GetColumnString(1);
row.exportable = selectCommand->GetColumnInteger(2);
- row.dataType = DBDataType(selectCommand->GetColumnInteger(3));
+ row.dataType = DataType(selectCommand->GetColumnInteger(3));
row.algorithmType = static_cast<DBCMAlgType>(selectCommand->GetColumnInteger(4));
row.encryptionScheme = selectCommand->GetColumnInteger(5);
row.iv = selectCommand->GetColumnBlob(6);
return row;
}
- PermissionMaskOptional DBCrypto::getPermissionRow(
+ PermissionMaskOptional Crypto::getPermissionRow(
const Name &name,
const Label &ownerLabel,
const Label &accessorLabel) const
return PermissionMaskOptional();
}
- DBCrypto::DBRowOptional DBCrypto::getDBRow(
+ Crypto::RowOptional Crypto::getRow(
const Name &name,
const Label &ownerLabel,
- DBDataType type)
+ DataType type)
{
- return getDBRow(name, ownerLabel, type, type);
+ return getRow(name, ownerLabel, type, type);
}
- DBCrypto::DBRowOptional DBCrypto::getDBRow(
+ Crypto::RowOptional Crypto::getRow(
const Name &name,
const Label &ownerLabel,
- DBDataType typeRangeStart,
- DBDataType typeRangeStop)
+ DataType typeRangeStart,
+ DataType typeRangeStop)
{
Try {
SqlConnection::DataCommandUniquePtr selectCommand =
if(selectCommand->Step())
{
// extract data
- DBRow current_row = getRow(selectCommand);
+ Row current_row = getRow(selectCommand);
// all okay, proceed
- return DBRowOptional(current_row);
+ return RowOptional(current_row);
} else {
- return DBRowOptional();
+ return RowOptional();
}
} Catch (SqlConnection::Exception::InvalidColumn) {
LogError("Select statement invalid column error");
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute select statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't get row of type <" <<
static_cast<int>(typeRangeStart) << "," <<
static_cast<int>(typeRangeStop) << ">" <<
" name " << name << " with owner label " << ownerLabel);
}
- void DBCrypto::getDBRows(
+ void Crypto::getRows(
const Name &name,
const Label &ownerLabel,
- DBDataType type,
- DBRowVector &output)
+ DataType type,
+ RowVector &output)
{
- getDBRows(name, ownerLabel, type, type, output);
+ getRows(name, ownerLabel, type, type, output);
}
- void DBCrypto::getDBRows(
+ void Crypto::getRows(
const Name &name,
const Label &ownerLabel,
- DBDataType typeRangeStart,
- DBDataType typeRangeStop,
- DBRowVector &output)
+ DataType typeRangeStart,
+ DataType typeRangeStop,
+ RowVector &output)
{
Try {
SqlConnection::DataCommandUniquePtr selectCommand =
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute select statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't get row of type <" <<
static_cast<int>(typeRangeStart) << "," <<
static_cast<int>(typeRangeStop) << ">" <<
" name " << name << " with owner label " << ownerLabel);
}
- void DBCrypto::listNames(
+ void Crypto::listNames(
const Label &smackLabel,
LabelNameVector& labelNameVector,
- DBDataType type)
+ DataType type)
{
listNames(smackLabel, labelNameVector, type, type);
}
- void DBCrypto::listNames(
+ void Crypto::listNames(
const Label &smackLabel,
LabelNameVector& labelNameVector,
- DBDataType typeRangeStart,
- DBDataType typeRangeStop)
+ DataType typeRangeStart,
+ DataType typeRangeStop)
{
Try{
Transaction transaction(this);
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute select statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't list names of type <" <<
static_cast<int>(typeRangeStart) << "," <<
static_cast<int>(typeRangeStop) << ">" <<
- void DBCrypto::saveKey(
+ void Crypto::saveKey(
const Label& label,
const RawBuffer &key)
{
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute insert statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't save key for label " << label);
}
- DBCrypto::RawBufferOptional DBCrypto::getKey(const Label& label)
+ Crypto::RawBufferOptional Crypto::getKey(const Label& label)
{
Try {
SqlConnection::DataCommandUniquePtr selectCommand =
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute insert statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't get key for label " << label);
}
- void DBCrypto::deleteKey(const Label& label) {
+ void Crypto::deleteKey(const Label& label) {
Try {
Transaction transaction(this);
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute insert statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't delete key for label " << label);
}
- void DBCrypto::setPermission(
+ void Crypto::setPermission(
const Name &name,
const Label& ownerLabel,
const Label& accessorLabel,
} Catch (SqlConnection::Exception::InternalError) {
LogError("Couldn't execute set statement");
}
- ThrowMsg(DBCrypto::Exception::InternalError,
+ ThrowMsg(Crypto::Exception::InternalError,
"Couldn't set permissions for name " << name );
}
- void DBCrypto::SchemaInfo::setVersionInfo() {
+ void Crypto::SchemaInfo::setVersionInfo() {
SqlConnection::DataCommandUniquePtr insertContextCommand =
m_db->m_connection->PrepareDataCommand(DB_CMD_SCHEMA_SET);
insertContextCommand->BindString(101, DB_SCHEMA_VERSION_FIELD);
insertContextCommand->Step();
}
- bool DBCrypto::SchemaInfo::getVersionInfo(int & version) const
+ bool Crypto::SchemaInfo::getVersionInfo(int & version) const
{
// Try..Catch mandatory here - we don't need to escalate the error
// if it happens - we just won't return the version, allowing CKM to work
return false;
}
- void DBCrypto::PermissionTable::setPermission(
+ void Crypto::PermissionTable::setPermission(
const Name &name,
const Label& ownerLabel,
const Label& accessorLabel,
}
}
- PermissionMaskOptional DBCrypto::PermissionTable::getPermissionRow(
+ PermissionMaskOptional Crypto::PermissionTable::getPermissionRow(
const Name &name,
const Label &ownerLabel,
const Label &accessorLabel) const
return PermissionMaskOptional();
}
- void DBCrypto::NameTable::addRow(
+ void Crypto::NameTable::addRow(
const Name &name,
const Label &ownerLabel)
{
- // insert NAME_TABLE item
+ // insert NAMES item
SqlConnection::DataCommandUniquePtr insertNameCommand =
m_connection->PrepareDataCommand(DB_CMD_NAME_INSERT);
insertNameCommand->BindString (101, name.c_str());
insertNameCommand->Step();
}
- void DBCrypto::NameTable::deleteRow(
+ void Crypto::NameTable::deleteRow(
const Name &name,
const Label &ownerLabel)
{
deleteCommand->Step();
}
- void DBCrypto::NameTable::deleteAllRows(const Label &ownerLabel)
+ void Crypto::NameTable::deleteAllRows(const Label &ownerLabel)
{
SqlConnection::DataCommandUniquePtr deleteData =
m_connection->PrepareDataCommand(DB_CMD_NAME_DELETE_BY_LABEL);
deleteData->Step();
}
- bool DBCrypto::NameTable::isPresent(const Name &name, const Label &ownerLabel) const
+ bool Crypto::NameTable::isPresent(const Name &name, const Label &ownerLabel) const
{
SqlConnection::DataCommandUniquePtr checkCmd =
m_connection->PrepareDataCommand(DB_CMD_NAME_COUNT_ROWS);
return false;
}
- void DBCrypto::ObjectTable::addRow(const DBRow &row)
+ void Crypto::ObjectTable::addRow(const Row &row)
{
SqlConnection::DataCommandUniquePtr insertObjectCommand =
m_connection->PrepareDataCommand(DB_CMD_OBJECT_INSERT);
insertObjectCommand->Step();
}
+} // namespace DB
} // namespace CKM
#pragma GCC diagnostic pop
#pragma GCC diagnostic warning "-Wdeprecated-declarations"
namespace CKM {
- class DBCrypto {
+namespace DB {
+ class Crypto {
public:
- typedef boost::optional<DBRow> DBRowOptional;
+ typedef boost::optional<Row> RowOptional;
typedef boost::optional<RawBuffer> RawBufferOptional;
class Exception
{
DECLARE_EXCEPTION_TYPE(Base, TransactionError)
DECLARE_EXCEPTION_TYPE(Base, InvalidArgs)
};
- DBCrypto() :
+ Crypto() :
m_connection(NULL),
m_inUserTransaction(false)
{};
// user name instead of path?
- DBCrypto(const std::string &path, const RawBuffer &rawPass);
- DBCrypto(const DBCrypto &other) = delete;
- DBCrypto(DBCrypto &&other);
+ Crypto(const std::string &path, const RawBuffer &rawPass);
+ Crypto(const Crypto &other) = delete;
+ Crypto(Crypto &&other);
- DBCrypto& operator=(const DBCrypto& ) = delete;
- DBCrypto& operator=(DBCrypto&& other);
+ Crypto& operator=(const Crypto& ) = delete;
+ Crypto& operator=(Crypto&& other);
- virtual ~DBCrypto();
+ virtual ~Crypto();
- void saveDBRow(
- const DBRow &row);
+ void saveRow(
+ const Row &row);
- void saveDBRows(
+ void saveRows(
const Name &name,
const Label &owner,
- const DBRowVector &rows);
+ const RowVector &rows);
bool isNameLabelPresent(
const Name &name,
const Label &owner) const;
- DBRowOptional getDBRow(
+ RowOptional getRow(
const Name &name,
const Label &ownerLabel,
- DBDataType type);
+ DataType type);
- DBRowOptional getDBRow(
+ RowOptional getRow(
const Name &name,
const Label &ownerLabel,
- DBDataType typeRangeStart,
- DBDataType typeRangeStop);
+ DataType typeRangeStart,
+ DataType typeRangeStop);
- void getDBRows(
+ void getRows(
const Name &name,
const Label &ownerLabel,
- DBDataType type,
- DBRowVector &output);
+ DataType type,
+ RowVector &output);
- void getDBRows(
+ void getRows(
const Name &name,
const Label &ownerLabel,
- DBDataType typeRangeStart,
- DBDataType typeRangeStop,
- DBRowVector &output);
+ DataType typeRangeStart,
+ DataType typeRangeStop,
+ RowVector &output);
void listNames(
const Label &smackLabel,
LabelNameVector& labelNameVector,
- DBDataType type);
+ DataType type);
void listNames(
const Label &smackLabel,
LabelNameVector& labelNameVector,
- DBDataType typeRangeStart,
- DBDataType typeRangeStop);
+ DataType typeRangeStart,
+ DataType typeRangeStop);
- bool deleteDBRow(
+ bool deleteRow(
const Name &name,
const Label &ownerLabel);
class Transaction {
public:
- Transaction(DBCrypto *db)
+ Transaction(Crypto *db)
: m_db(db),
m_inTransaction(false) {
if(!m_db->m_inUserTransaction) {
m_db->m_connection->ExecCommand("BEGIN EXCLUSIVE");
m_db->m_inUserTransaction = true;
m_inTransaction = true;
- } Catch (DB::SqlConnection::Exception::InternalError) {
+ } Catch (SqlConnection::Exception::InternalError) {
LogError("sqlite got into infinite busy state");
- ReThrow(DBCrypto::Exception::TransactionError);
- } Catch (DB::SqlConnection::Exception::Base) {
+ ReThrow(Crypto::Exception::TransactionError);
+ } Catch (SqlConnection::Exception::Base) {
LogError("Couldn't begin transaction");
- ReThrow(DBCrypto::Exception::TransactionError);
+ ReThrow(Crypto::Exception::TransactionError);
}
}
}
m_db->m_connection->CommitTransaction();
m_db->m_inUserTransaction = false;
m_inTransaction = false;
- } Catch (DB::SqlConnection::Exception::InternalError) {
+ } Catch (SqlConnection::Exception::InternalError) {
LogError("sqlite got into infinite busy state");
- ReThrow(DBCrypto::Exception::TransactionError);
- } Catch (DB::SqlConnection::Exception::Base) {
+ ReThrow(Crypto::Exception::TransactionError);
+ } Catch (SqlConnection::Exception::Base) {
LogError("Couldn't commit transaction");
- ReThrow(DBCrypto::Exception::TransactionError);
+ ReThrow(Crypto::Exception::TransactionError);
}
}
}
m_db->m_connection->RollbackTransaction();
m_db->m_inUserTransaction = false;
m_inTransaction = false;
- } Catch (DB::SqlConnection::Exception::InternalError) {
+ } Catch (SqlConnection::Exception::InternalError) {
LogError("sqlite got into infinite busy state");
- ReThrow(DBCrypto::Exception::TransactionError);
- } Catch (DB::SqlConnection::Exception::Base) {
+ ReThrow(Crypto::Exception::TransactionError);
+ } Catch (SqlConnection::Exception::Base) {
LogError("Couldn't rollback transaction");
- ReThrow(DBCrypto::Exception::TransactionError);
+ ReThrow(Crypto::Exception::TransactionError);
}
}
}
m_db->m_inUserTransaction = false;
m_db->m_connection->RollbackTransaction();
}
- } Catch (DB::SqlConnection::Exception::InternalError) {
+ } Catch (SqlConnection::Exception::InternalError) {
LogError("sqlite got into infinite busy state");
- ReThrow(DBCrypto::Exception::TransactionError);
- } Catch (DB::SqlConnection::Exception::Base) {
+ ReThrow(Crypto::Exception::TransactionError);
+ } Catch (SqlConnection::Exception::Base) {
LogError("Transaction rollback failed!");
}
}
private:
- DBCrypto *m_db;
+ Crypto *m_db;
bool m_inTransaction;
};
private:
- DB::SqlConnection* m_connection;
+ SqlConnection* m_connection;
bool m_inUserTransaction;
void resetDB();
ScriptOptional getScript(const std::string &scriptName) const;
ScriptOptional getMigrationScript(int db_version) const;
- DBRow getRow(
- const DB::SqlConnection::DataCommandUniquePtr &selectCommand) const;
+ Row getRow(
+ const SqlConnection::DataCommandUniquePtr &selectCommand) const;
void createTable(
const char *create_cmd,
class SchemaInfo {
public:
- explicit SchemaInfo(const DBCrypto *db) : m_db(db) {}
+ explicit SchemaInfo(const Crypto *db) : m_db(db) {}
void setVersionInfo();
bool getVersionInfo(int & version) const;
private:
- const DBCrypto *m_db;
+ const Crypto *m_db;
};
public:
class NameTable {
public:
- explicit NameTable(DB::SqlConnection* connection) : m_connection(connection) {}
+ explicit NameTable(SqlConnection* connection) : m_connection(connection) {}
void addRow(
const Name &name,
const Label &ownerLabel) const;
private:
- DB::SqlConnection* m_connection;
+ SqlConnection* m_connection;
};
class ObjectTable {
public:
- explicit ObjectTable(DB::SqlConnection* connection) : m_connection(connection) {}
+ explicit ObjectTable(SqlConnection* connection) : m_connection(connection) {}
void addRow(
- const DBRow &row);
+ const Row &row);
private:
- DB::SqlConnection* m_connection;
+ SqlConnection* m_connection;
};
class PermissionTable {
public:
- explicit PermissionTable(DB::SqlConnection* connection) : m_connection(connection) {}
+ explicit PermissionTable(SqlConnection* connection) : m_connection(connection) {}
void setPermission(
const Name &name,
const Label &accessorLabel) const;
private:
- DB::SqlConnection* m_connection;
+ SqlConnection* m_connection;
};
};
+} // namespace DB
} // namespace CKM
#pragma GCC diagnostic pop
#include <protocols.h>
namespace CKM {
- struct DBRow {
- Name name;
- Label ownerLabel;
- int exportable;
- DBDataType dataType; // cert/key/data
- DBCMAlgType algorithmType; // Algorithm type used for row data encryption
- int encryptionScheme; // for example: (ENCR_BASE64 | ENCR_PASSWORD)
- RawBuffer iv; // encoded in base64
- int dataSize; // size of information without hash and padding
- RawBuffer data;
- RawBuffer tag; // tag for Aes Gcm algorithm
- };
- typedef std::vector<DBRow> DBRowVector;
+namespace DB {
+
+struct Row {
+ Name name;
+ Label ownerLabel;
+ int exportable;
+ DataType dataType; // cert/key/data
+ DBCMAlgType algorithmType; // Algorithm type used for row data encryption
+ int encryptionScheme; // for example: (ENCR_BASE64 | ENCR_PASSWORD)
+ RawBuffer iv; // encoded in base64
+ int dataSize; // size of information without hash and padding
+ RawBuffer data;
+ RawBuffer tag; // tag for Aes Gcm algorithm
+};
+typedef std::vector<Row> RowVector;
+
+
+} // namespace DB
} // namespace CKM
high_resolution_clock::time_point srand_feed = high_resolution_clock::now();
srand(srand_feed.time_since_epoch().count());
- BOOST_REQUIRE_NO_THROW(m_db = DBCrypto(m_crypto_db_fname, defaultPass));
+ BOOST_REQUIRE_NO_THROW(m_db = DB::Crypto(m_crypto_db_fname, defaultPass));
}
double DBFixture::performance_get_time_elapsed_ms()
void DBFixture::generate_perf_DB(unsigned int num_name, unsigned int num_elements)
{
// to speed up data creation - cache the row
- DBRow rowPattern = create_default_row(DBDataType::BINARY_DATA);
+ DB::Row rowPattern = create_default_row(DataType::BINARY_DATA);
rowPattern.data = RawBuffer(100, 20);
rowPattern.dataSize = rowPattern.data.size();
rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
generate_name(i, rowPattern.name);
generate_label(i/num_elements, rowPattern.ownerLabel);
- BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
+ BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
}
}
return iterations;
}
-DBRow DBFixture::create_default_row(DBDataType type)
+DB::Row DBFixture::create_default_row(DataType type)
{
return create_default_row(m_default_name, m_default_label, type);
}
-DBRow DBFixture::create_default_row(const Name &name,
+DB::Row DBFixture::create_default_row(const Name &name,
const Label &label,
- DBDataType type)
+ DataType type)
{
- DBRow row;
+ DB::Row row;
row.name = name;
row.ownerLabel = label;
row.exportable = 1;
return row;
}
-void DBFixture::compare_row(const DBRow &lhs, const DBRow &rhs)
+void DBFixture::compare_row(const DB::Row &lhs, const DB::Row &rhs)
{
BOOST_CHECK_MESSAGE(lhs.name == rhs.name,
"namees didn't match! Got: " << rhs.name
<< " , expected : " << lhs.data.size());
}
-void DBFixture::check_DB_integrity(const DBRow &rowPattern)
+void DBFixture::check_DB_integrity(const DB::Row &rowPattern)
{
- BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
- DBRow selectRow = rowPattern;
+ BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
+ DB::Row selectRow = rowPattern;
- DBCrypto::DBRowOptional optional_row;
- BOOST_REQUIRE_NO_THROW(optional_row = m_db.getDBRow("name", "label", DBDataType::BINARY_DATA));
+ DB::Crypto::RowOptional optional_row;
+ BOOST_REQUIRE_NO_THROW(optional_row = m_db.getRow("name", "label", DataType::BINARY_DATA));
BOOST_REQUIRE_MESSAGE(optional_row, "Select didn't return any row");
compare_row(selectRow, rowPattern);
- DBRow name_duplicate = rowPattern;
+ DB::Row name_duplicate = rowPattern;
name_duplicate.data = createDefaultPass();
name_duplicate.dataSize = name_duplicate.data.size();
unsigned int erased;
- BOOST_REQUIRE_NO_THROW(erased = m_db.deleteDBRow("name", "label"));
+ BOOST_REQUIRE_NO_THROW(erased = m_db.deleteRow("name", "label"));
BOOST_REQUIRE_MESSAGE(erased > 0, "Inserted row didn't exist in db");
- DBCrypto::DBRowOptional row_optional;
- BOOST_REQUIRE_NO_THROW(row_optional = m_db.getDBRow("name", "label", DBDataType::BINARY_DATA));
+ DB::Crypto::RowOptional row_optional;
+ BOOST_REQUIRE_NO_THROW(row_optional = m_db.getRow("name", "label", DataType::BINARY_DATA));
BOOST_REQUIRE_MESSAGE(!row_optional, "Select should not return row after deletion");
}
void DBFixture::insert_row(const Name &name, const Label &owner_label)
{
- DBRow rowPattern = create_default_row(name, owner_label, DBDataType::BINARY_DATA);
+ DB::Row rowPattern = create_default_row(name, owner_label, DataType::BINARY_DATA);
rowPattern.data = RawBuffer(100, 20);
rowPattern.dataSize = rowPattern.data.size();
rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
- BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
+ BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
}
void DBFixture::delete_row(const Name &name, const Label &owner_label)
{
bool exit_flag;
- BOOST_REQUIRE_NO_THROW(exit_flag = m_db.deleteDBRow(name, owner_label));
+ BOOST_REQUIRE_NO_THROW(exit_flag = m_db.deleteRow(name, owner_label));
BOOST_REQUIRE_MESSAGE(true == exit_flag, "remove name failed: no rows removed");
}
void DBFixture::read_row_expect_success(const Name &name, const Label &owner_label)
{
- DBCrypto::DBRowOptional row;
- BOOST_REQUIRE_NO_THROW(row = m_db.getDBRow(name, owner_label, DBDataType::BINARY_DATA));
+ DB::Crypto::RowOptional row;
+ BOOST_REQUIRE_NO_THROW(row = m_db.getRow(name, owner_label, DataType::BINARY_DATA));
BOOST_REQUIRE_MESSAGE(row, "row is empty");
BOOST_REQUIRE_MESSAGE(row->name == name, "name is not valid");
}
// ::::::::::::::::::::::::: helper methods :::::::::::::::::::::::::
static void generate_name(unsigned int id, CKM::Name & output);
static void generate_label(unsigned int id, CKM::Label & output);
- static CKM::DBRow create_default_row(CKM::DBDataType type = CKM::DBDataType::BINARY_DATA);
- static CKM::DBRow create_default_row(const CKM::Name &name,
+ static CKM::DB::Row create_default_row(CKM::DataType type = CKM::DataType::BINARY_DATA);
+ static CKM::DB::Row create_default_row(const CKM::Name &name,
const CKM::Label &label,
- CKM::DBDataType type = CKM::DBDataType::BINARY_DATA);
- static void compare_row(const CKM::DBRow &lhs, const CKM::DBRow &rhs);
+ CKM::DataType type = CKM::DataType::BINARY_DATA);
+ static void compare_row(const CKM::DB::Row &lhs, const CKM::DB::Row &rhs);
// ::::::::::::::::::::::::: time measurement :::::::::::::::::::::::::
void performance_start(const char *operation_name);
// ::::::::::::::::::::::::: DB :::::::::::::::::::::::::
void generate_perf_DB(unsigned int num_name, unsigned int num_label);
long add_full_access_rights(unsigned int num_name, unsigned int num_names_per_label);
- void check_DB_integrity(const CKM::DBRow &rowPattern);
+ void check_DB_integrity(const CKM::DB::Row &rowPattern);
void insert_row();
void insert_row(const CKM::Name &name, const CKM::Label &owner_label);
void delete_row(const CKM::Name &name, const CKM::Label &owner_label);
void add_permission(const CKM::Name &name, const CKM::Label &owner_label, const CKM::Label &accessor_label);
void read_row_expect_success(const CKM::Name &name, const CKM::Label &owner_label);
- CKM::DBCrypto m_db;
+ CKM::DB::Crypto m_db;
private:
void init();
double performance_get_time_elapsed_ms();
* @version 1.0
*/
+#include <iostream>
#include <key-provider.h>
#include <boost/test/unit_test.hpp>
#include <boost/test/unit_test_log.hpp>
BOOST_FIXTURE_TEST_SUITE(DBCRYPTO_TEST, DBFixture)
BOOST_AUTO_TEST_CASE(DBtestSimple) {
- DBRow rowPattern = create_default_row();
+ DB::Row rowPattern = create_default_row();
rowPattern.data = RawBuffer(32, 1);
rowPattern.dataSize = rowPattern.data.size();
rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
check_DB_integrity(rowPattern);
}
BOOST_AUTO_TEST_CASE(DBtestBIG) {
- DBRow rowPattern = create_default_row();
+ DB::Row rowPattern = create_default_row();
rowPattern.data = createBigBlob(4096);
rowPattern.dataSize = rowPattern.data.size();
rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
check_DB_integrity(rowPattern);
}
BOOST_AUTO_TEST_CASE(DBtestGlobal) {
- DBRow rowPattern = create_default_row();
+ DB::Row rowPattern = create_default_row();
rowPattern.data = RawBuffer(1024, 2);
rowPattern.dataSize = rowPattern.data.size();
rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
- BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
+ BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
- DBRow name_duplicate = rowPattern;
+ DB::Row name_duplicate = rowPattern;
rowPattern.ownerLabel = rowPattern.ownerLabel + "1";
}
BOOST_AUTO_TEST_CASE(DBtestTransaction) {
- DBRow rowPattern = create_default_row();
+ DB::Row rowPattern = create_default_row();
rowPattern.data = RawBuffer(100, 20);
rowPattern.dataSize = rowPattern.data.size();
rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
- DBCrypto::Transaction transaction(&m_db);
+ DB::Crypto::Transaction transaction(&m_db);
- BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
+ BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
BOOST_REQUIRE_NO_THROW(transaction.rollback());
- DBCrypto::DBRowOptional row_optional;
- BOOST_REQUIRE_NO_THROW(row_optional = m_db.getDBRow(m_default_name, m_default_label,
- DBDataType::BINARY_DATA));
+ DB::Crypto::RowOptional row_optional;
+ BOOST_REQUIRE_NO_THROW(row_optional = m_db.getRow(m_default_name, m_default_label,
+ DataType::BINARY_DATA));
BOOST_CHECK_MESSAGE(!row_optional, "Row still present after rollback");
}
BOOST_AUTO_TEST_CASE(DBperfAddNames)
{
// actual test
- performance_start("saveDBRow");
+ performance_start("saveRow");
{
generate_perf_DB(c_num_names_add_test, c_names_per_label);
}
Label label;
// actual test - successful lookup
- performance_start("getDBRow");
+ performance_start("getRow");
for(unsigned int t=0; t<c_test_retries; t++)
{
int label_num = rand() % num_labels;
unsigned int num_labels = c_num_names / c_names_per_label;
// actual test - random lookup
- performance_start("getDBRow");
+ performance_start("getRow");
for(unsigned int t=0; t<c_test_retries; t++)
{
int name_idx = rand()%c_num_names;
generate_label(rand()%num_labels, smack_label);
// do not care of result
- m_db.getDBRow(name, owner_label, DBDataType::BINARY_DATA);
+ m_db.getRow(name, owner_label, DataType::BINARY_DATA);
}
performance_stop(c_test_retries * c_num_names);
}
add_full_access_rights(c_num_names, c_names_per_label);
// actual test - random lookup
- performance_start("deleteDBRow");
+ performance_start("deleteRow");
Name name;
Label label;
for(unsigned int t=0; t<c_num_names; t++)
generate_name(t, name);
generate_label(t/c_names_per_label, label);
- BOOST_REQUIRE_NO_THROW(m_db.deleteDBRow(name, label));
+ BOOST_REQUIRE_NO_THROW(m_db.deleteRow(name, label));
}
performance_stop(c_num_names);
{
generate_label(l, label);
LabelNameVector expect_no_data;
- BOOST_REQUIRE_NO_THROW(m_db.listNames(label, expect_no_data, DBDataType::BINARY_DATA));
+ BOOST_REQUIRE_NO_THROW(m_db.listNames(label, expect_no_data, DataType::BINARY_DATA));
BOOST_REQUIRE(0 == expect_no_data.size());
}
}
LabelNameVector ret_list;
generate_label(rand()%num_labels, label);
- BOOST_REQUIRE_NO_THROW(m_db.listNames(label, ret_list, DBDataType::BINARY_DATA));
+ BOOST_REQUIRE_NO_THROW(m_db.listNames(label, ret_list, DataType::BINARY_DATA));
BOOST_REQUIRE(c_num_names == ret_list.size());
ret_list.clear();
}
// check number of elements accessible to the reference label
LabelNameVector ret_list;
- BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(reference_label, ret_list, DBDataType::BINARY_DATA));
+ BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(reference_label, ret_list, DataType::BINARY_DATA));
BOOST_REQUIRE((migration_names/migration_labels)/*own items*/ + (migration_labels-1)/*other labels'*/ == ret_list.size());
ret_list.clear();
Label current_label;
fixture.generate_label(l, current_label);
- BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(current_label, ret_list, DBDataType::BINARY_DATA));
+ BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(current_label, ret_list, DataType::BINARY_DATA));
BOOST_REQUIRE((migration_names/migration_labels) == ret_list.size());
for(auto it: ret_list)
BOOST_REQUIRE(it.first == current_label);
projects / platform / core / security / key-manager.git / commitdiff