public class Certificate : SafeHandle
{
/// <summary>
+ /// Load Certificate from the given file path.
+ /// </summary>
+ /// <param name="filePath">The path of certificate file to be loaded.</param>
+ static public Certificate Load(string filePath)
+ {
+ IntPtr ptr = new IntPtr();
+
+ int ret = Interop.CkmcTypes.LoadCertFromFile(filePath, out ptr);
+ Interop.CheckNThrowException(ret, "Failed to load Certificate. file=" + filePath);
+
+ return new Certificate(ptr);
+ }
+
+ /// <summary>
/// A constructor of Certificate that takes the binary and its format.
/// </summary>
/// <param name="binary">The binary data of a certificate.</param>
/// If password of policy is provided in SaveCertificate(), the same password should be provided
/// </param>
/// <returns>A certificate specified by alias.</returns>
- static public Certificate GetCertificate(string alias, string password)
+ static public Certificate Get(string alias, string password)
{
IntPtr ptr = new IntPtr();
/// Gets all alias of certificates which the client can access.
/// </summary>
/// <returns>all alias of certificates which the client can access.</returns>
- static public IEnumerable<string> GetCertificateAliases()
+ static public IEnumerable<string> GetAliases()
{
IntPtr ptr = new IntPtr();
int ret = Interop.CkmcManager.GetCertAliasList(out ptr);
/// <param name="alias">The name of a certificate to be stored.</param>
/// <param name="cert">The certificate's binary value to be stored.</param>
/// <param name="policy">The policy about how to store a certificate securely.</param>
- static public void SaveCertificate(string alias, Certificate cert, Policy policy)
+ static public void Save(string alias, Certificate cert, Policy policy)
{
int ret = Interop.CkmcManager.SaveCert(alias, cert.ToCkmcCert(), policy.ToCkmcPolicy());
Interop.CheckNThrowException(ret, "Failed to save certificate. alias=" + alias);
/// A constructor with algorithm
/// </summary>
/// <param name="algorithm">An algorithm that this parameters are prepared for.</param>
- public CipherParameters(CipherAlgorithmType algorithm) : base(IntPtr.Zero, true)
+ protected CipherParameters(CipherAlgorithmType algorithm) : base(IntPtr.Zero, true)
{
IntPtr ptrParams;
Interop.CkmcTypes.GenerateNewParam((int)algorithm, out ptrParams);
/// Gets integer parameter.
/// </summary>
/// <param name="name">Parameter name.</param>
- protected long GetInteger(CipherParameterName name)
+ public long GetInteger(CipherParameterName name)
{
long value = 0;
int ret = Interop.CkmcTypes.ParamListGetInteger(PtrCkmcParamList, (int)name, out value);
/// Gets byte array parameter.
/// </summary>
/// <param name="name">Parameter name.</param>
- protected byte[] GetBuffer(CipherParameterName name)
+ public byte[] GetBuffer(CipherParameterName name)
{
IntPtr ptr = new IntPtr();
/// <summary>
/// A default constructor
/// </summary>
- /// <remarks>The SignatureAlgorithmType in SignatureParameters is set to SignatureAlgorithmType.DsaSignature.</remarks>
- public DsaSignatureParameters() : base(SignatureAlgorithmType.DsaSignature)
+ public DsaSignatureParameters() : base(SignatureAlgorithmType.Dsa)
{
}
}
/// <summary>
/// A default constructor
/// </summary>
- /// <remarks>The SignatureAlgorithmType in SignatureParameters is set to SignatureAlgorithmType.EcdsaSignature.</remarks>
- public EcdsaSignatureParameters() : base(SignatureAlgorithmType.EcdsaSignature)
+ public EcdsaSignatureParameters() : base(SignatureAlgorithmType.Ecdsa)
{
}
}
/// <summary>
/// A default constructor
/// </summary>
- /// <remarks>The SignatureAlgorithmType in SignatureParameters is set to SignatureAlgorithmType.RsaSignature.</remarks>
/// <remarks>The RsaPadding is set to RsaPaddingAlgorithm.None.</remarks>
- public RsaSignatureParameters() : base(SignatureAlgorithmType.RsaSignature)
+ public RsaSignatureParameters() : base(SignatureAlgorithmType.Rsa)
{
}
/// <summary>
/// RSA signature algorithm
/// </summary>
- RsaSignature = 0x01,
+ Rsa = 0x01,
/// <summary>
/// DSA signature algorithm
/// </summary>
- DsaSignature,
+ Dsa,
/// <summary>
/// ECDSA signature algorithm
/// </summary>
- EcdsaSignature
+ Ecdsa
}
}
/// If password of policy is provided in SaveData(), the same password should be provided
/// </param>
/// <returns>data specified by alias.</returns>
- static public byte[] GetData(string alias, string password)
+ static public byte[] Get(string alias, string password)
{
IntPtr ptr = new IntPtr();
/// Gets all alias of data which the client can access.
/// </summary>
/// <returns>all alias of data which the client can access.</returns>
- static public IEnumerable<string> GetDataAliases()
+ static public IEnumerable<string> GetAliases()
{
IntPtr ptr = new IntPtr();
int ret = Interop.CkmcManager.GetDataAliasList(out ptr);
/// <param name="alias">The name of data to be stored.</param>
/// <param name="data">The binary value to be stored.</param>
/// <param name="policy">The policy about how to store data securely.</param>
- static public void SaveData(string alias, byte[] data, Policy policy)
+ static public void Save(string alias, byte[] data, Policy policy)
{
Interop.CkmcRawBuffer rawBuff = new Interop.CkmcRawBuffer(new PinnedObject(data), data.Length);
/// If password of policy is provided in SaveKey(), the same password should be provided
/// </param>
/// <returns>A key specified by alias.</returns>
- static public Key GetKey(string alias, string password)
+ static public Key Get(string alias, string password)
{
IntPtr ptr = new IntPtr();
/// Gets all alias of keys which the client can access.
/// </summary>
/// <returns>all alias of keys which the client can access.</returns>
- static public IEnumerable<string> GetKeyAliases()
+ static public IEnumerable<string> GetAliases()
{
IntPtr ptr = new IntPtr();
int ret = Interop.CkmcManager.GetKeyAliasList(out ptr);
/// <param name="policy">The policy about how to store a key securely.</param>
/// <remarks>Type in key may be set to KeyType.None as an input. Type is determined inside secure reposioty during storing keys.</remarks>
/// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
- static public void SaveKey(string alias, Key key, Policy policy)
+ static public void Save(string alias, Key key, Policy policy)
{
int ret = Interop.CkmcManager.SaveKey(alias, key.ToCkmcKey(), policy.ToCkmcPolicy());
Interop.CheckNThrowException(ret, "Failed to save Key. alias=" + alias);
/// <param name="privateKeyPolicy">The policy about how to store a private key securely.</param>
/// <param name="publicKeyPolicy">The policy about how to store a public key securely.</param>
/// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
- static public void CreateKeyPairRsa(int size, string privateKeyAlias, string publicKeyAlias,
+ static public void CreateRsaKeyPair(int size, string privateKeyAlias, string publicKeyAlias,
Policy privateKeyPolicy, Policy publicKeyPolicy)
{
int ret = Interop.CkmcManager.CreateKeyPairRsa(size, privateKeyAlias, publicKeyAlias,
/// <param name="privateKeyPolicy">The policy about how to store a private key securely.</param>
/// <param name="publicKeyPolicy">The policy about how to store a public key securely.</param>
/// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
- static public void CreateKeyPairDsa(int size, string privateKeyAlias, string publicKeyAlias,
+ static public void CreateDsaKeyPair(int size, string privateKeyAlias, string publicKeyAlias,
Policy privateKeyPolicy, Policy publicKeyPolicy)
{
int ret = Interop.CkmcManager.CreateKeyPairDsa(size, privateKeyAlias, publicKeyAlias,
/// <param name="privateKeyPolicy">The policy about how to store a private key securely.</param>
/// <param name="publicKeyPolicy">The policy about how to store a public key securely.</param>
/// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
- static public void CreateKeyPairEcdsa(EllipticCurveType type, string privateKeyAlias, string publicKeyAlias,
+ static public void CreateEcdsaKeyPair(EllipticCurveType type, string privateKeyAlias, string publicKeyAlias,
Policy privateKeyPolicy, Policy publicKeyPolicy)
{
int ret = Interop.CkmcManager.CreateKeyPairEcdsa((int)type, privateKeyAlias, publicKeyAlias,
/// <param name="keyAlias">The name of key to be stored.</param>
/// <param name="policy">The policy about how to store the key securely.</param>
/// <remarks>If password in policy is provided, the key is additionally encrypted with the password in policy.</remarks>
- static public void CreateKeyAes(int size, string keyAlias, Policy policy)
+ static public void CreateAesKey(int size, string keyAlias, Policy policy)
{
int ret = Interop.CkmcManager.CreateKeyAes(size, keyAlias, policy.ToCkmcPolicy());
Interop.CheckNThrowException(ret, "Failed to AES Key");
/// </summary>
public class Manager
{
- // ckmc_owner_id_separator
- // ckmc_owner_id_system
-
/// <summary>
- /// Separator between alias and owner id.
+ /// Creates a new full alias which is concatenation of owner id and alias.
/// </summary>
- /// <remarks>
- /// Alias can be provided as an alias alone, or together with owner id.
- /// In this case, separator " " (space bar) is used to separate id and alias.
- /// </remarks>
- public const string OwnerIdSeperator = " ";
+ /// <param name="ownerId">Data owner's id. This should be package id if data
+ /// owner is application. If you want to access data stored by system services,
+ /// use CreateFullSystemAlias() instead.</param>
+ /// <param name="alias">Data alias.</param>
+ static public string CreateFullAlias(string ownerId, string alias)
+ {
+ return ownerId + Manager.OwnerIdSeperator + alias;
+ }
/// <summary>
- /// The owner of system database.
+ /// Creates a new full alias which is concatenation of system service's owner id and alias.
/// </summary>
- /// <remarks>
- /// SystemOwnerId constains id connected with all SYSTEM applications that run
- /// with uid less than 5000.
- /// Client should use SystemOwnerId to access data owned by system application
- /// and stored in system database.
- /// Note: Client must have permission to access proper row.
- /// </remarks>
- public const string SystemOwnerId = "/System";
+ /// <param name="alias">Data alias which is owned by system service.</param>
+ static public string CreateFullSystemAlias(string alias)
+ {
+ return Manager.CreateFullAlias(Manager.SystemOwnerId, alias);
+ }
/// <summary>
/// Removes a an entry (no matter of type) from the key manager.
int ret = Interop.CkmcManager.SetPermission(alias, otherPackageId, permissions);
Interop.CheckNThrowException(ret, "Failed to set permission. alias=" + alias);
}
+
+ private const string OwnerIdSeperator = " ";
+ private const string SystemOwnerId = "/System";
}
}
public class Pkcs12 : SafeHandle
{
/// <summary>
- /// Creates a new Pkcs12from a given PKCS#12 file and returns it.
+ /// Load Pkcs12 from the given PKCS#12 file path.
/// </summary>
/// <param name="filePath">The path of PKCS12 file to be loaded.</param>
/// <param name="filePassword">The passphrase used to decrypt the PCKS12 file.
/// If PKCS12 file is not encrypted, passphrase can be null.</param>
- static public Pkcs12 LoadPkcs12(string filePath, string filePassword)
+ static public Pkcs12 Load(string filePath, string filePassword)
{
IntPtr ptr = new IntPtr();
}
/// <summary>
- /// A constructor of Key that takes a private key and its corresponding certicate.
- /// </summary>
- /// <param name="privateKey">A private key.</param>
- /// <param name="certificate">A certificate corresponding the private key</param>
- public Pkcs12(Key privateKey, Certificate certificate) : base(IntPtr.Zero, true)
- {
- this.SetHandle(IntPtr.Zero);
-
- this.PrivateKey = privateKey;
- this.Certificate = certificate;
- this.CaChain = null;
- }
-
- /// <summary>
/// A constructor of Key that takes a private key, its corresponding certicate, and CA's certificate chain.
/// </summary>
/// <param name="privateKey">A private key.</param>
/// If password of certificatePolicy is provided in SavePkcs12(), the same password should be provided
/// </param>
/// <returns>A Pkcs12 data specified by alias.</returns>
- static public Pkcs12 GetPkcs12(string alias, string keyPassword, string cerificatePassword)
+ static public Pkcs12 Get(string alias, string keyPassword, string cerificatePassword)
{
IntPtr ptr = new IntPtr();
/// <param name="pkcs12">The pkcs12 data to be stored.</param>
/// <param name="keyPolicy">The policy about how to store pkcs's private key.</param>
/// <param name="certificatePolicy">The policy about how to store pkcs's certificate.</param>
- static public void SavePkcs12(string alias, Pkcs12 pkcs12, Policy keyPolicy, Policy certificatePolicy)
+ static public void Save(string alias, Pkcs12 pkcs12, Policy keyPolicy, Policy certificatePolicy)
{
int ret = Interop.CkmcManager.SavePkcs12(alias,
new PinnedObject(pkcs12.ToCkmcPkcs12()),
}
/// <summary>
- /// A constructor of Key that takes the flag for extractable.
- /// </summary>
- /// <param name="extractable">If true key may be extracted from secure repository.</param>
- /// <remarks>The default value for Password is null.</remarks>
- public Policy(bool extractable)
- {
- Password = null;
- Extractable = extractable;
- }
-
- /// <summary>
- /// A constructor of Key that takes the password.
- /// </summary>
- /// <param name="password">Used to encrypt data secure repository.</param>
- /// <remarks>The default value for Extractabl is false.</remarks>
- public Policy(String password)
- {
- Password = password;
- Extractable = true;
- }
-
- /// <summary>
/// A constructor of Key that takes the password and the flag for extractable.
/// </summary>
/// <param name="password">Used to encrypt data secure repository.</param>