* @brief provides conversion methods to C from C++ for key-manager control functions.
*/
+#include <dpl/log/log.h>
#include <ckm/ckm-type.h>
#include <ckm/ckm-manager.h>
#include <ckmc/ckmc-type.h>
return ckmc_buffer_new(outBuffer.data(), outBuffer.size(), ppout);
}
+int try_catch_enclosure(const std::function<int()> &func)
+{
+ try {
+ return func();
+ } catch (const std::bad_alloc &e) {
+ LogError("memory allocation exception: " << e.what());
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ } catch (const std::exception &e) {
+ LogError("std exception occured: " << e.what());
+ return CKMC_ERROR_UNKNOWN;
+ } catch (...) {
+ LogError("Unknown exception occured.");
+ return CKMC_ERROR_UNKNOWN;
+ }
}
+}
KEY_MANAGER_CAPI
int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
{
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return try_catch_enclosure([&]()->int {
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
-
- if(key.raw_key == NULL || key.key_size <= 0) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::KeyShPtr ckmKey;
- if(key.key_type == CKMC_KEY_AES)
- {
- if(key.password)
+ if(key.raw_key == NULL || key.key_size <= 0) {
return CKMC_ERROR_INVALID_PARAMETER;
- ckmKey = CKM::Key::createAES(buffer);
- }
- else
- ckmKey = CKM::Key::create(buffer, _tostring(key.password));
- if(ckmKey.get() == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
+ }
+ CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
+
+ CKM::KeyShPtr ckmKey;
+ if(key.key_type == CKMC_KEY_AES)
+ {
+ if(key.password)
+ return CKMC_ERROR_INVALID_PARAMETER;
+ ckmKey = CKM::Key::createAES(buffer);
+ }
+ else
+ ckmKey = CKM::Key::create(buffer, _tostring(key.password));
+ if(ckmKey.get() == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
- int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
- return to_ckmc_error(ret);
+ int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
{
- int ret;
- CKM::KeyShPtr ckmKey;
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::KeyShPtr ckmKey;
- if(alias == NULL || key == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(alias == NULL || key == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- CKM::RawBuffer buffer = ckmKey->getDER();
- ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
+ CKM::RawBuffer buffer = ckmKey->getDER();
+ ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
- ret = ckmc_key_new( buffer.data(), buffer.size(), keyType, NULL, key);
+ ret = ckmc_key_new( buffer.data(), buffer.size(), keyType, NULL, key);
- return to_ckmc_error(ret);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
{
- int ret;
+ return try_catch_enclosure([&]()->int {
+ int ret;
- if (alias_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if (alias_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::AliasVector aliasVector;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::AliasVector aliasVector;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- ckmc_alias_list_s *plist = NULL;
+ ckmc_alias_list_s *plist = NULL;
- for (const auto it : aliasVector) {
- char *alias = strndup(it.c_str(), it.size());
+ for (const auto it : aliasVector) {
+ char *alias = strndup(it.c_str(), it.size());
- if (plist == NULL) { // first
- ret = ckmc_alias_list_new(alias, &plist);
- *alias_list = plist; // save the pointer of the first element
- } else {
- ret = ckmc_alias_list_add(plist, alias, &plist);
- }
+ if (plist == NULL) { // first
+ ret = ckmc_alias_list_new(alias, &plist);
+ *alias_list = plist; // save the pointer of the first element
+ } else {
+ ret = ckmc_alias_list_add(plist, alias, &plist);
+ }
- if (ret != CKMC_ERROR_NONE) {
- free(alias);
- ckmc_alias_list_all_free(*alias_list);
- return ret;
+ if (ret != CKMC_ERROR_NONE) {
+ free(alias);
+ ckmc_alias_list_all_free(*alias_list);
+ return ret;
+ }
}
- }
- if(plist == NULL) { // if the alias_list size is zero
- return CKMC_ERROR_DB_ALIAS_UNKNOWN;
- }
+ if(plist == NULL) { // if the alias_list size is zero
+ return CKMC_ERROR_DB_ALIAS_UNKNOWN;
+ }
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
{
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
-
- if(cert.raw_cert == NULL || cert.cert_size <= 0) {
+ return try_catch_enclosure([&]()->int {
+ if(alias == NULL) {
return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
- if(ckmCert.get() == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
+ if(cert.raw_cert == NULL || cert.cert_size <= 0) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
+ if(ckmCert.get() == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
- return to_ckmc_error(ret);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
+
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
int ckmc_remove_cert(const char *alias)
{
- return ckmc_remove_alias(alias);
+ return ckmc_remove_alias(alias);
}
KEY_MANAGER_CAPI
int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
{
- CKM::CertificateShPtr ckmCert;
- int ret;
+ return try_catch_enclosure([&]()->int {
+ CKM::CertificateShPtr ckmCert;
+ int ret;
- if(alias == NULL || cert == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(alias == NULL || cert == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- CKM::RawBuffer buffer = ckmCert->getDER();
- ret = ckmc_cert_new( buffer.data(), buffer.size(), CKMC_FORM_DER, cert);
+ CKM::RawBuffer buffer = ckmCert->getDER();
+ ret = ckmc_cert_new( buffer.data(), buffer.size(), CKMC_FORM_DER, cert);
- return ret;
+ return ret;
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
- int ret;
+ return try_catch_enclosure([&]()->int {
+ int ret;
- if (alias_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if (alias_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- *alias_list = NULL;
+ *alias_list = NULL;
- CKM::AliasVector aliasVector;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::AliasVector aliasVector;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- ckmc_alias_list_s *plist = NULL;
+ ckmc_alias_list_s *plist = NULL;
- for (const auto it : aliasVector) {
- char *alias = strndup(it.c_str(), it.size());
+ for (const auto it : aliasVector) {
+ char *alias = strndup(it.c_str(), it.size());
- if (plist == NULL) { // first
- ret = ckmc_alias_list_new(alias, &plist);
- *alias_list = plist; // save the pointer of the first element
- } else {
- ret = ckmc_alias_list_add(plist, alias, &plist);
- }
+ if (plist == NULL) { // first
+ ret = ckmc_alias_list_new(alias, &plist);
+ *alias_list = plist; // save the pointer of the first element
+ } else {
+ ret = ckmc_alias_list_add(plist, alias, &plist);
+ }
- if (ret != CKMC_ERROR_NONE) {
- free(alias);
- ckmc_alias_list_all_free(*alias_list);
- return ret;
+ if (ret != CKMC_ERROR_NONE) {
+ free(alias);
+ ckmc_alias_list_all_free(*alias_list);
+ return ret;
+ }
}
- }
- if(plist == NULL) { // if the alias_list size is zero
- return CKMC_ERROR_DB_ALIAS_UNKNOWN;
- }
+ if(plist == NULL) { // if the alias_list size is zero
+ return CKMC_ERROR_DB_ALIAS_UNKNOWN;
+ }
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs, const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy)
{
- CKM::KeyShPtr private_key;
- CKM::CertificateShPtr cert;
- CKM::CertificateShPtrVector ca_cert_list;
+ return try_catch_enclosure([&]()->int {
+ CKM::KeyShPtr private_key;
+ CKM::CertificateShPtr cert;
+ CKM::CertificateShPtrVector ca_cert_list;
- if(alias==NULL || ppkcs==NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
- private_key = _toCkmKey(ppkcs->priv_key);
- cert = _toCkmCertificate(ppkcs->cert);
- ca_cert_list = _toCkmCertificateVector(ppkcs->ca_chain);
+ if(alias==NULL || ppkcs==NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
+ private_key = _toCkmKey(ppkcs->priv_key);
+ cert = _toCkmCertificate(ppkcs->cert);
+ ca_cert_list = _toCkmCertificateVector(ppkcs->ca_chain);
- CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable);
- CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable);
+ CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable);
+ CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable);
- CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list));
+ CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list));
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy);
- return to_ckmc_error(ret);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cert_password, ckmc_pkcs12_s **pkcs12)
{
- int ret;
- CKM::PKCS12ShPtr pkcs;
- CKM::Password keyPass, certPass;
- ckmc_key_s *private_key = NULL;
- ckmc_cert_s *cert = NULL;
- ckmc_cert_list_s *ca_cert_list = 0;
-
- if(!alias || !pkcs12) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::PKCS12ShPtr pkcs;
+ CKM::Password keyPass, certPass;
+ ckmc_key_s *private_key = NULL;
+ ckmc_cert_s *cert = NULL;
+ ckmc_cert_list_s *ca_cert_list = 0;
- if (key_password)
- keyPass = key_password;
+ if(!alias || !pkcs12) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- if (cert_password)
- certPass = cert_password;
+ if (key_password)
+ keyPass = key_password;
- auto mgr = CKM::Manager::create();
+ if (cert_password)
+ certPass = cert_password;
- if((ret = mgr->getPKCS12(alias, keyPass, certPass, pkcs)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ auto mgr = CKM::Manager::create();
- if(!pkcs)
- return CKMC_ERROR_BAD_RESPONSE;
+ if((ret = mgr->getPKCS12(alias, keyPass, certPass, pkcs)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- auto pkcsKey = pkcs->getKey();
- if(pkcsKey)
- {
- CKM::RawBuffer buffer = pkcsKey->getDER();
- ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(pkcsKey->getType());
- ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, &private_key);
- if(ret != CKMC_ERROR_NONE)
- return ret;
- }
+ if(!pkcs)
+ return CKMC_ERROR_BAD_RESPONSE;
+
+ auto pkcsKey = pkcs->getKey();
+ if(pkcsKey)
+ {
+ CKM::RawBuffer buffer = pkcsKey->getDER();
+ ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(pkcsKey->getType());
+ ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, &private_key);
+ if(ret != CKMC_ERROR_NONE)
+ return ret;
+ }
- auto pkcsCert = pkcs->getCertificate();
- if(pkcsCert)
- {
- CKM::RawBuffer buffer = pkcsCert->getDER();
- ret = ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, &cert);
- if(ret != CKMC_ERROR_NONE) {
- ckmc_key_free(private_key);
- return ret;
+ auto pkcsCert = pkcs->getCertificate();
+ if(pkcsCert)
+ {
+ CKM::RawBuffer buffer = pkcsCert->getDER();
+ ret = ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, &cert);
+ if(ret != CKMC_ERROR_NONE) {
+ ckmc_key_free(private_key);
+ return ret;
+ }
}
- }
- ca_cert_list = _toNewCkmCertList(pkcs->getCaCertificateShPtrVector());
+ ca_cert_list = _toNewCkmCertList(pkcs->getCaCertificateShPtrVector());
- ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12);
- if(ret != CKMC_ERROR_NONE)
- {
- ckmc_key_free(private_key);
- ckmc_cert_free(cert);
- ckmc_cert_list_free(ca_cert_list);
- }
- return ret;
+ ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12);
+ if(ret != CKMC_ERROR_NONE)
+ {
+ ckmc_key_free(private_key);
+ ckmc_cert_free(cert);
+ ckmc_cert_list_free(ca_cert_list);
+ }
+ return ret;
+ });
}
KEY_MANAGER_CAPI
int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
{
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
-
- if(data.data == NULL || data.size <= 0) {
+ return try_catch_enclosure([&]()->int {
+ if(alias == NULL) {
return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::RawBuffer buffer(data.data, data.data + data.size);
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
+ if(data.data == NULL || data.size <= 0) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::RawBuffer buffer(data.data, data.data + data.size);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
- return to_ckmc_error(ret);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
+
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
int ckmc_remove_data(const char *alias)
{
- return ckmc_remove_alias(alias);
+ return ckmc_remove_alias(alias);
}
KEY_MANAGER_CAPI
int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
{
- CKM::RawBuffer ckmBuff;
- int ret;
+ return try_catch_enclosure([&]()->int {
+ CKM::RawBuffer ckmBuff;
+ int ret;
- if(alias == NULL || data == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(alias == NULL || data == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- ret = ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data);
+ ret = ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data);
- return ret;
+ return ret;
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
- int ret;
+ return try_catch_enclosure([&]()->int {
+ int ret;
- if(alias_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(alias_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- *alias_list = NULL;
+ *alias_list = NULL;
- CKM::AliasVector aliasVector;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::AliasVector aliasVector;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- ckmc_alias_list_s *plist = NULL;
+ ckmc_alias_list_s *plist = NULL;
- for (const auto it : aliasVector) {
- char *alias = strndup(it.c_str(), it.size());
+ for (const auto it : aliasVector) {
+ char *alias = strndup(it.c_str(), it.size());
- if (plist == NULL) { // first
- ret = ckmc_alias_list_new(alias, &plist);
- *alias_list = plist; // save the pointer of the first element
- } else {
- ret = ckmc_alias_list_add(plist, alias, &plist);
- }
+ if (plist == NULL) { // first
+ ret = ckmc_alias_list_new(alias, &plist);
+ *alias_list = plist; // save the pointer of the first element
+ } else {
+ ret = ckmc_alias_list_add(plist, alias, &plist);
+ }
- if (ret != CKMC_ERROR_NONE) {
- free(alias);
- ckmc_alias_list_all_free(*alias_list);
- return ret;
+ if (ret != CKMC_ERROR_NONE) {
+ free(alias);
+ ckmc_alias_list_all_free(*alias_list);
+ return ret;
+ }
}
- }
- if(plist == NULL) { // if the alias_list size is zero
- return CKMC_ERROR_DB_ALIAS_UNKNOWN;
- }
+ if(plist == NULL) { // if the alias_list size is zero
+ return CKMC_ERROR_DB_ALIAS_UNKNOWN;
+ }
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
const ckmc_policy_s policy_private_key,
const ckmc_policy_s policy_public_key)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(private_key_alias == NULL || public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
- ret = mgr->createKeyPairRSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
- return to_ckmc_error(ret);
+ ret = mgr->createKeyPairRSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
const ckmc_policy_s policy_private_key,
const ckmc_policy_s policy_public_key)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(private_key_alias == NULL || public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
- ret = mgr->createKeyPairDSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
- return to_ckmc_error(ret);
+ ret = mgr->createKeyPairDSA(static_cast<int>(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
const ckmc_policy_s policy_private_key,
const ckmc_policy_s policy_public_key)
{
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return try_catch_enclosure([&]()->int {
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(private_key_alias == NULL || public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
+ CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
- int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
- return to_ckmc_error(ret);
+ int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
const char *key_alias,
ckmc_policy_s key_policy)
{
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return try_catch_enclosure([&]()->int {
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(key_alias == NULL)
- return CKMC_ERROR_INVALID_PARAMETER;
+ if(key_alias == NULL)
+ return CKMC_ERROR_INVALID_PARAMETER;
- CKM::Alias ckmKeyAlias(key_alias);
- CKM::Policy ckmKeyPolicy(_tostring(key_policy.password), key_policy.extractable);
+ CKM::Alias ckmKeyAlias(key_alias);
+ CKM::Policy ckmKeyPolicy(_tostring(key_policy.password), key_policy.extractable);
- int ret = mgr->createKeyAES(size, ckmKeyAlias, ckmKeyPolicy);
- return to_ckmc_error(ret);
+ int ret = mgr->createKeyAES(size, ckmKeyAlias, ckmKeyPolicy);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
const ckmc_rsa_padding_algo_e padding,
ckmc_raw_buffer_s **signature)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::RawBuffer ckmSignature;
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::RawBuffer ckmSignature;
- if(private_key_alias == NULL || signature == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(private_key_alias == NULL || signature == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
- CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
- CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
-
- if( (ret = mgr->createSignature(
- ckmPrivakeKeyAlias,
- _tostring(password),
- ckmMessage,
- ckmHashAlgo,
- ckmPadding,
- ckmSignature)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
+ CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
+ CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
+
+ if( (ret = mgr->createSignature(
+ ckmPrivakeKeyAlias,
+ _tostring(password),
+ ckmMessage,
+ ckmHashAlgo,
+ ckmPadding,
+ ckmSignature)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- ret = ckmc_buffer_new( ckmSignature.data(), ckmSignature.size(), signature);
+ ret = ckmc_buffer_new( ckmSignature.data(), ckmSignature.size(), signature);
- return ret;
+ return ret;
+ });
}
KEY_MANAGER_CAPI
const ckmc_hash_algo_e hash,
const ckmc_rsa_padding_algo_e padding)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
- CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
- CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
- CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
-
- if( (ret = mgr->verifySignature(
- ckmPublicKeyAlias,
- _tostring(password),
- ckmMessage,
- ckmSignature,
- ckmHashAlgo,
- ckmPadding)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
+ CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
+ CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
+ CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
+
+ if( (ret = mgr->verifySignature(
+ ckmPublicKeyAlias,
+ _tostring(password),
+ ckmMessage,
+ ckmSignature,
+ ckmHashAlgo,
+ ckmPadding)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::CertificateShPtrVector ckmCertChain;
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::CertificateShPtrVector ckmCertChain;
- if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
+ CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
- CKM::CertificateShPtrVector ckmUntrustedCerts = _toCkmCertificateVector(untrustedcerts);
+ CKM::CertificateShPtrVector ckmUntrustedCerts = _toCkmCertificateVector(untrustedcerts);
- ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, EMPTY_CERT_VECTOR, true, ckmCertChain);
- if( ret != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, EMPTY_CERT_VECTOR, true, ckmCertChain);
+ if( ret != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- *cert_chain_list = _toNewCkmCertList(ckmCertChain);
+ *cert_chain_list = _toNewCkmCertList(ckmCertChain);
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::CertificateShPtrVector ckmCertChain;
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::CertificateShPtrVector ckmCertChain;
- if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
- if(ckmCert.get() == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
+ CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
+ if(ckmCert.get() == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
- CKM::AliasVector ckmUntrustedAliases = _toCkmAliasVector(untrustedcerts);
+ CKM::AliasVector ckmUntrustedAliases = _toCkmAliasVector(untrustedcerts);
- ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, EMPTY_ALIAS_VECTOR, true, ckmCertChain);
- if( ret != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, EMPTY_ALIAS_VECTOR, true, ckmCertChain);
+ if( ret != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- *cert_chain_list = _toNewCkmCertList(ckmCertChain);
+ *cert_chain_list = _toNewCkmCertList(ckmCertChain);
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
const bool sys_certs,
ckmc_cert_list_s** ppcert_chain_list)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::CertificateShPtrVector ckm_cert_chain;
+ return try_catch_enclosure([&]()->int {
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::CertificateShPtrVector ckm_cert_chain;
- if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert);
- if(ckm_cert.get() == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert);
+ if(ckm_cert.get() == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::CertificateShPtrVector ckm_untrusted = _toCkmCertificateVector(untrustedcerts);
- CKM::CertificateShPtrVector ckm_trusted = _toCkmCertificateVector(trustedcerts);
+ CKM::CertificateShPtrVector ckm_untrusted = _toCkmCertificateVector(untrustedcerts);
+ CKM::CertificateShPtrVector ckm_trusted = _toCkmCertificateVector(trustedcerts);
- ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain);
- if( ret != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain);
+ if( ret != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain);
+ *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain);
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
+ });
}
KEY_MANAGER_CAPI
int ckmc_ocsp_check(const ckmc_cert_list_s *pcert_chain_list, ckmc_ocsp_status_e *ocsp_status)
{
- if (pcert_chain_list == NULL
- || pcert_chain_list->cert == NULL
- || pcert_chain_list->cert->raw_cert == NULL
- || pcert_chain_list->cert->cert_size <= 0
- || ocsp_status == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ return try_catch_enclosure([&]()->int {
+ if (pcert_chain_list == NULL
+ || pcert_chain_list->cert == NULL
+ || pcert_chain_list->cert->raw_cert == NULL
+ || pcert_chain_list->cert->cert_size <= 0
+ || ocsp_status == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- int tmpOcspStatus = -1;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::CertificateShPtrVector ckmCertChain = _toCkmCertificateVector(pcert_chain_list);
+ int tmpOcspStatus = -1;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::CertificateShPtrVector ckmCertChain = _toCkmCertificateVector(pcert_chain_list);
- int ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus);
- *ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus);
- return to_ckmc_error(ret);
+ int ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus);
+ *ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted)
{
- int ec, permissionMask;
- ec = access_to_permission_mask(granted, permissionMask);
- if(ec != CKMC_ERROR_NONE)
- return ec;
+ return try_catch_enclosure([&]()->int {
+ int ec, permissionMask;
+ ec = access_to_permission_mask(granted, permissionMask);
+ if(ec != CKMC_ERROR_NONE)
+ return ec;
- return ckmc_set_permission(alias, accessor, permissionMask);
+ return ckmc_set_permission(alias, accessor, permissionMask);
+ });
}
KEY_MANAGER_CAPI
int ckmc_set_permission(const char *alias, const char *accessor, int permissions)
{
- if (!alias || !accessor)
- return CKMC_ERROR_INVALID_PARAMETER;
+ return try_catch_enclosure([&]()->int {
+ if (!alias || !accessor)
+ return CKMC_ERROR_INVALID_PARAMETER;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- return to_ckmc_error(mgr->setPermission(alias, accessor, permissions));
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return to_ckmc_error(mgr->setPermission(alias, accessor, permissions));
+ });
}
KEY_MANAGER_CAPI
int ckmc_deny_access(const char *alias, const char *accessor)
{
- if (!alias || !accessor)
- return CKMC_ERROR_INVALID_PARAMETER;
+ return try_catch_enclosure([&]()->int {
+ if (!alias || !accessor)
+ return CKMC_ERROR_INVALID_PARAMETER;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE));
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE));
+ });
}
KEY_MANAGER_CAPI
int ckmc_remove_alias(const char *alias)
{
- if(!alias)
- return CKMC_ERROR_INVALID_PARAMETER;
+ return try_catch_enclosure([&]()->int {
+ if(!alias)
+ return CKMC_ERROR_INVALID_PARAMETER;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->removeAlias(alias);
- return to_ckmc_error(ret);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->removeAlias(alias);
+ return to_ckmc_error(ret);
+ });
}
KEY_MANAGER_CAPI
const ckmc_raw_buffer_s decrypted,
ckmc_raw_buffer_s **ppencrypted)
{
- return _cryptoOperation(&CKM::Manager::encrypt,
- params,
- key_alias,
- password,
- decrypted,
- ppencrypted);
+ return try_catch_enclosure([&]()->int {
+ return _cryptoOperation(&CKM::Manager::encrypt,
+ params,
+ key_alias,
+ password,
+ decrypted,
+ ppencrypted);
+ });
}
KEY_MANAGER_CAPI
const ckmc_raw_buffer_s encrypted,
ckmc_raw_buffer_s **ppdecrypted)
{
- return _cryptoOperation(&CKM::Manager::decrypt,
- params,
- key_alias,
- password,
- encrypted,
- ppdecrypted);
+ return try_catch_enclosure([&]()->int {
+ return _cryptoOperation(&CKM::Manager::decrypt,
+ params,
+ key_alias,
+ password,
+ encrypted,
+ ppdecrypted);
+ });
}
projects / platform / core / security / key-manager.git / commitdiff