)
SET(KEY_MANAGER_CLIENT_SOURCES
+ ${KEY_MANAGER_CLIENT_SRC_PATH}/client-control.cpp
${KEY_MANAGER_CLIENT_SRC_PATH}/client-common.cpp
${KEY_MANAGER_CLIENT_SRC_PATH}/client-echo.cpp
- ${KEY_MANAGER_CLIENT_SRC_PATH}/client-control.cpp
+ ${KEY_MANAGER_CLIENT_SRC_PATH}/client-key.cpp
+ ${KEY_MANAGER_CLIENT_SRC_PATH}/client-key-impl.cpp
+ ${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager-impl.cpp
)
ADD_LIBRARY(${TARGET_KEY_MANAGER_CLIENT} SHARED ${KEY_MANAGER_CLIENT_SOURCES})
INSTALL(FILES
${KEY_MANAGER_SRC_PATH}/include/ckm/key-manager.h
- ${KEY_MANAGER_SRC_PATH}/include/ckm/errors.h
+ ${KEY_MANAGER_SRC_PATH}/include/ckm/ckm-error.h
+ ${KEY_MANAGER_SRC_PATH}/include/ckm/ckm-type.h
DESTINATION /usr/include/ckm/ckm
)
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file ckm-type.h
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Sample service implementation.
+ */
+#pragma once
+
+#include <string>
+#include <vector>
+
+namespace CKM {
+
+// used to pass password and raw key data
+typedef std::vector<unsigned char> RawData;
+typedef std::string Alias;
+typedef std::vector<Alias> AliasVector;
+
+struct Policy {
+ Policy(const RawData &pass = RawData(), bool extract = true, bool rest = false)
+ : password(pass)
+ , extractable(extract)
+ , restricted(rest)
+ {}
+ RawData password; // byte array used to encrypt data inside CKM
+ bool extractable; // if true key may be extracted from storage
+ bool restricted; // if true only key owner may see data
+};
+
+// Added by Dongsun Lee
+enum class HashAlgorithm : unsigned int {
+ SHA1,
+ SHA256,
+ SHA384,
+ SHA512
+};
+
+// Added by Dongsun Lee
+enum class RSAPaddingAlgorithm : unsigned int {
+ XRSA_PKCS1_PADDING,
+ XRSA_SSLV23_PADDING,
+ XRSA_NO_PADDING,
+ XRSA_PKCS1_OAEP_PADDING,
+ XRSA_X931_PADDING
+};
+
+} // namespace CKM
+
+/*
+ * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file key-manager.h
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Main header file for client library.
+ */
#pragma once
#include <string>
#include <vector>
#include <memory>
-#include <ckm/errors.h>
+#include <ckm/ckm-error.h>
+#include <ckm/ckm-type.h>
// Central Key Manager namespace
namespace CKM {
-// used to pass password and raw key data
-typedef std::vector<unsigned char> RawData;
-typedef std::string Alias;
-typedef std::vector<Alias> AliasVector;
-
-struct Policy {
- Policy(const RawData &pass = RawData(), bool extract = true, bool rest = false)
- : password(pass)
- , extractable(extract)
- , restricted(rest)
- {}
- RawData password; // byte array used to encrypt data inside CKM
- bool extractable; // if true key may be extracted from storage
- bool restricted; // if true only key owner may see data
-};
-
// used by login manager to unlock user data with global password
// [CR] too generic name for class. maybe UserDataControl?
// It's in name space KeyStore so I don't see any problem but
class ControlImpl;
std::shared_ptr<ControlImpl> m_impl;
};
-/*
+
class Key {
public:
- // [CR] (just asking): is there any AES private/public?
- // No. AES is symetric cypher so there is only one key
- enum class Type : unsigned int {
+ class KeyImpl;
+ enum class ECType : unsigned int {
+ prime192v1
+ // TODO
+ };
+
+ enum class KeyType : unsigned int {
KEY_NONE,
KEY_RSA_PUBLIC,
KEY_RSA_PRIVATE,
- KEY_ECDSA_PUBLIC,
- KEY_ECDSA_PRIVATE,
- KEY_AES
- };
-
- enum class ECType : unsigned int {
- prime192v1
- // TODO
- }
-
- enum class Format : unsigned int {
- PEM, DER
+// KEY_ECDSA_PUBLIC,
+// KEY_ECDSA_PRIVATE,
+// KEY_AES
};
Key();
- Key(const RawData &rawData, Format format, Type type, RawData &password = RawData()); // Import key
- Key(const Key &key);
- Key(Key &&key);
- Key& operator=(const Key &key);
- Key& operator=(Key &&key);
+ Key(const RawData &rawData, KeyType type, const RawData &password = RawData()); // Import key
+ Key(const Key &key) = delete;
+ Key(Key &&key) = delete;
+ Key& operator=(const Key &key) = delete;
+ Key& operator=(Key &&key) = delete;
virtual ~Key(); // This destructor must overwrite memory used by key with some random data.
- // [CR] why is this needed?
- // Default constructor is required by standard containers.
- // Default constructor will create empty Key class.
bool empty() const;
-
- // Type of key
- Type getType() const;
-
- // key size in bits RSA specific
+ KeyType getType() const;
int getSize() const;
-
- // Eliptic curve type
ECType getCurve() const;
+ RawData getKey() const;
+ KeyImpl* getImpl() const;
private:
- class KeyImpl;
std::shared_ptr<KeyImpl> m_impl;
};
+/*
class Certificate {
public:
enum class FingerprintType : unsigned int {
Certificate();
Certificate(const RawData &rawData, int format);
- Certificate(const Certificate &certificate);
- Certificate(Certificate &&certificate);
- Certificate& operator=(const Certificate &certificate);
- Certificate& operator=(Certificate &&certificate);
+ Certificate(const Certificate &certificate) = delete;
+ Certificate(Certificate &&certificate) = delete;
+ Certificate& operator=(const Certificate &certificate) = delete;
+ Certificate& operator=(Certificate &&certificate) = delete;
bool empty() const;
class Pkcs12Impl;
Pkcs12Impl *m_impl;
};
+*/
class Manager {
public:
- Manager();
- Manager(int uid); // connect to database related with uid
- Manager(const Manager &connection);
- Manager(Manager &&connection);
- Manager operator=(const Manager &connection);
- Manager operator=(Manager && connection);
- virtual ~Manager();
+ Manager(){}
+// Manager(int uid); // connect to database related with uid
+ Manager(const Manager &connection) = delete;
+ Manager(Manager &&connection) = delete;
+ Manager operator=(const Manager &connection) = delete;
+ Manager operator=(Manager && connection) = delete;
+ virtual ~Manager(){}
int saveKey(const Alias &alias, const Key &key, const Policy &policy);
// Certificate could not be nonexportable because we must be able to read
// extension data in the client during validation process.
- int saveCertificate(const Alias &alias, const Certificate &cert, const Policy &policy);
+// int saveCertificate(const Alias &alias, const Certificate &cert, const Policy &policy);
int removeKey(const Alias &alias);
- int removeCertificate(const Alias &alias);
+// int removeCertificate(const Alias &alias);
- int getKey(const Alias &alias, Key &key, RawData &password);
- int getCertificate(const Alias &alias, Certificate &certificate, RawData &password = RawData());
+ int getKey(const Alias &alias, const RawData &password, Key &key);
+// int getCertificate(
+// const Alias &alias,
+// const RawData &password,
+// Certificate &certificate);
// This will extract list of all Keys and Certificates in Key Store
int requestKeyAliasVector(AliasVector &alias); // send request for list of all keys that application/user may use
- int requestCertificateAliasVector(AliasVector &alias); // send request for list of all certs that application/user may use
+// int requestCertificateAliasVector(AliasVector &alias); // send request for list of all certs that application/user may use
// Added By Dongsun Lee
- int saveData(const Alias &alias, const RawData &data, const Policy &policy);
- int removeData(const Alias &alias);
- int getData(const Alias &alias, RawData &data, RawData &password = RawData());
- int requestDataAliasVector(AliasVector &alias);
-
- int createKeyPairRSA(
- const int size, // size in bits [1024, 2048, 4096]
- const Alias &privateKeyAlias,
- const Alias &publicKeyAlias,
- const Policy &policyPrivateKey = Policy(),
- const Policy &policyPublicKey = Policy());
-
- int createKeyPairECDSA(
- const Key::ECType type,
- const Alias &privateKeyAlias,
- const Alias &publicKeyAlias,
- const Policy &policyPrivateKey = Policy(),
- const Policy &policyPublicKey = Policy());
-
- int createSignature(
- const Alias &privateKeyAlias,
- const RawData &password, // password for private_key
- const RawData &message,
- const HashAlgorith hash,
- TODO Padding,
- RawData &signature);
-
- int verifySignature(
- const Alias &publicKeyOrCertAlias,
- const RawData &password, // password for public_key (optional)
- const RawData &message,
- const RawData &signature,
- const HashAlgorithm,
- TODO Padding);
-
- // this fuction will return chains of certificates and check it with openssl
- // status : OK, INCOMPLETE_CHAIN, VERIFICATION_FAILED
- int getCertiticateChain(
- const Certificate &certificate,
- const CertificateVector &untrustedCertificates,
- CertificateVector &certificateChainVector);
-
- int getCertificateChain(
- const Certificate &certificate,
- const AliasVector &untrustedCertificates,
- CertificateVector &certificateChainVector);
-
- int strictCACheck(const CertificateVector &certificateVector);
-
- // This function will check all certificates in chain except Root CA.
- int ocspCheck(const CertificateVector &certificateChainVector);
+// int saveData(const Alias &alias, const RawData &data, const Policy &policy);
+// int removeData(const Alias &alias);
+// int getData(const Alias &alias, RawData &data, RawData &password = RawData());
+// int requestDataAliasVector(AliasVector &alias);
+//
+// int createKeyPairRSA(
+// const int size, // size in bits [1024, 2048, 4096]
+// const Alias &privateKeyAlias,
+// const Alias &publicKeyAlias,
+// const Policy &policyPrivateKey = Policy(),
+// const Policy &policyPublicKey = Policy());
+//
+// int createKeyPairECDSA(
+// const Key::ECType type,
+// const Alias &privateKeyAlias,
+// const Alias &publicKeyAlias,
+// const Policy &policyPrivateKey = Policy(),
+// const Policy &policyPublicKey = Policy());
+//
+// int createSignature(
+// const Alias &privateKeyAlias,
+// const RawData &password, // password for private_key
+// const RawData &message,
+// HashAlgorith hash,
+// RSAPaddingAlgorithm padding,
+// RawData &signature);
+//
+// int verifySignature(
+// const Alias &publicKeyOrCertAlias,
+// const RawData &password, // password for public_key (optional)
+// const RawData &message,
+// const RawData &signature,
+// HashAlgorithm hash,
+// RSAPaddingAlgorithm padding);
+//
+// // this fuction will return chains of certificates and check it with openssl
+// // status : OK, INCOMPLETE_CHAIN, VERIFICATION_FAILED
+// int getCertiticateChain(
+// const Certificate &certificate,
+// const CertificateVector &untrustedCertificates,
+// CertificateVector &certificateChainVector);
+//
+// int getCertificateChain(
+// const Certificate &certificate,
+// const AliasVector &untrustedCertificates,
+// CertificateVector &certificateChainVector);
+//
+// int strictCACheck(const CertificateVector &certificateVector);
+//
+// // This function will check all certificates in chain except Root CA.
+// int ocspCheck(const CertificateVector &certificateChainVector);
private:
class ManagerImpl;
- std::shared_ptr<ManagerSyncImpl> m_impl;
+ std::shared_ptr<ManagerImpl> m_impl;
};
+/*
// Asynchronous interface to Central Key Manager. This implementation uses
// internal thread for connection.
class ManagerAsync {
/*
* Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
*
- * Contact: Bumjin Im <bj.im@samsung.com>
- *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
#include <message-buffer.h>
-//#include <key-manager.h>
-#include <ckm/errors.h>
+#include <ckm/ckm-error.h>
IMPLEMENT_SAFE_SINGLETON(CKM::Log::LogSystem);
/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
*
- * Contact: Bumjin Im <bj.im@samsung.com>
- *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License
- */
-
-/*
+ *
+ *
* @file client-echo.cpp
* @author Zofia Abramowska (z.abramowska@samsung.com)
* @version 1.0
- * @version This file contains example of key-manager client implementation
+ * @brief This file contains example of key-manager client implementation
*/
#include <dpl/log/log.h>
#include <client-common.h>
#include <protocols.h>
-#include <ckm/errors.h>
+#include <ckm/ckm-error.h>
KEY_MANAGER_API
int key_manager_echo(const char *echo, char** oche) {
--- /dev/null
+/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file client-echo.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Key implementation.
+ */
+#include <openssl/bio.h>
+#include <openssl/pem.h>
+
+#include <client-key-impl.h>
+
+namespace {
+
+const char PEM_FIRST_CHAR = '-';
+
+} // namespace anonymous
+
+namespace CKM {
+
+Key::KeyImpl::KeyImpl()
+ : m_type(KeyType::KEY_NONE)
+{}
+
+Key::KeyImpl::KeyImpl(IStream &stream) {
+ int type;
+ Deserialization::Deserialize(stream, type);
+ Deserialization::Deserialize(stream, m_key);
+ m_type = static_cast<KeyType>(type);
+}
+
+Key::KeyImpl::KeyImpl(const RawData &data, KeyType type, const RawData &password)
+ : m_type(KeyType::KEY_NONE)
+{
+ int size = 0;
+ RSA *rsa = NULL;
+ char *pass = NULL;
+ RawData passtmp(password);
+
+ if (!passtmp.empty()) {
+ passtmp.push_back(0);
+ pass = reinterpret_cast<char*>(passtmp.data());
+ }
+
+ if (data[0] == PEM_FIRST_CHAR && type == KeyType::KEY_RSA_PUBLIC) {
+ BIO *bio = BIO_new(BIO_s_mem());
+ BIO_write(bio, data.data(), data.size());
+ rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, pass);
+ BIO_free_all(bio);
+ } else if (data[0] == PEM_FIRST_CHAR && type == KeyType::KEY_RSA_PRIVATE) {
+ BIO *bio = BIO_new(BIO_s_mem());
+ BIO_write(bio, data.data(), data.size());
+ rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, pass);
+ BIO_free_all(bio);
+ } else if (type == KeyType::KEY_RSA_PUBLIC) {
+ const unsigned char *p = (const unsigned char*)data.data();
+ rsa = d2i_RSA_PUBKEY(NULL, &p, data.size());
+ } else if (type == KeyType::KEY_RSA_PRIVATE) {
+ BIO *bio = BIO_new(BIO_s_mem());
+ BIO_write(bio, data.data(), data.size());
+ rsa = d2i_RSAPrivateKey_bio(bio, NULL);
+ BIO_free_all(bio);
+ } else {
+ return;
+ }
+
+ if (!rsa)
+ return;
+
+ BIO *bio = BIO_new(BIO_s_mem());
+
+ if (type == KeyType::KEY_RSA_PUBLIC) {
+ size = i2d_RSAPublicKey_bio(bio, rsa);
+ } else {
+ size = i2d_RSAPrivateKey_bio(bio, rsa);
+ }
+
+ if (size > 0) {
+ m_key.resize(size);
+ BIO_read(bio, m_key.data(), m_key.size());
+ m_type = type;
+ }
+ BIO_free_all(bio);
+}
+
+void Key::KeyImpl::Serialize(IStream &stream) {
+ Serialization::Serialize(stream, static_cast<int>(m_type));
+ Serialization::Serialize(stream, m_key);
+}
+
+Key::KeyImpl::~KeyImpl(){}
+
+} // namespace CKM
+
--- /dev/null
+/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file client-key-impl.h
+ * @author Zofia Abramowska (z.abramowska@samsung.com)
+ * @version 1.0
+ * @brief Key implementation.
+ */
+#pragma once
+
+#include <dpl/serialization.h>
+
+#include <ckm/ckm-type.h>
+#include <ckm/key-manager.h>
+
+namespace CKM {
+
+class Key::KeyImpl {
+public:
+ KeyImpl();
+ KeyImpl(IStream &stream);
+ KeyImpl(const RawData &data, KeyType type, const RawData &password);
+ KeyImpl(const KeyImpl &) = delete;
+ KeyImpl(KeyImpl &&) = delete;
+ KeyImpl& operator=(const KeyImpl &) = delete;
+ KeyImpl& operator=(KeyImpl &&) = delete;
+
+ KeyType getType() const {
+ return m_type;
+ }
+
+ RawData getKey() const {
+ return m_key;
+ }
+
+ bool empty() const {
+ return m_key.empty();
+ }
+
+ void Serialize(IStream &stream);
+
+ virtual ~KeyImpl();
+private:
+ KeyType m_type;
+ RawData m_key;
+};
+
+} // namespace CKM
+
--- /dev/null
+/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file client-key.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Key - api implementation.
+ */
+#include <ckm/key-manager.h>
+
+#include <client-key-impl.h>
+
+namespace CKM {
+
+Key::Key()
+ : m_impl(new KeyImpl())
+{}
+
+Key::Key(
+ const RawData &rawData,
+ KeyType type,
+ const RawData &password)
+ : m_impl(new KeyImpl(rawData, type, password))
+{}
+
+Key::~Key(){}
+
+bool Key::empty() const {
+ return m_impl->empty();
+}
+
+Key::KeyType Key::getType() const {
+ return m_impl->getType();
+}
+
+RawData Key::getKey() const {
+ return m_impl->getKey();
+}
+
+Key::KeyImpl* Key::getImpl() const {
+ return m_impl.get();
+};
+
+
+} // namespace CKM
+
--- /dev/null
+/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file client-manager-impl.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Manager implementation.
+ */
+#pragma once
+
+#include <ckm/key-manager.h>
+
+namespace CKM {
+
+class Manager::ManagerImpl {
+public:
+ ManagerImpl()
+ : m_counter(0)
+ {}
+ virtual ~ManagerImpl(){}
+
+ int saveKey(const Alias &alias, const Key &key, const Policy &policy) {
+ m_counter++;
+
+ return try_catch([&] {
+ if (user.empty() || key.empty())
+ return KEY_MANAGER_API_ERROR_INPUT_PARAM;
+
+ Message send, recv;
+ Serialization::Serialization(send, static_cast<int>(StorageCommand::SAVE_KEY));
+ Serialization::Serialize(send, m_counter);
+ Serialization::Serialize(send, alias);
+ Serialization::Serialize(send, key.getImpl());
+ Serialization::Serialize(send, policy);
+
+ int retCode = sendToServer(
+ SERVICE_SOCKET_CKM_STORAGE,
+ send.Pop(),
+ recv);
+
+ if (KEY_MANAGER_API_SUCCESS != retCode) {
+ return retCode;
+ }
+
+ int id;
+ Deserialization::Deserialize(recv, id);
+ Deserialization::Deserialize(recv, retCode);
+
+ if (id != m_counter) {
+ return KEY_MANAGER_API_ERROR_UNKNOWN;
+ }
+
+ return retCode;
+ });
+ }
+
+ int removeKey(const Alias &alias) {
+ return try_catch([&] {
+ if (user.empty() || key.empty())
+ return KEY_MANAGER_API_ERROR_INPUT_PARAM;
+
+ Message send, recv;
+ Serialization::Serialization(send, static_cast<int>(StorageCommand::REMOVE_KEY));
+ Serialization::Serialize(send, m_counter);
+ Serialization::Serialize(send, alias);
+
+ int retCode = sendToServer(
+ SERVICE_SOCKET_CKM_STORAGE,
+ send.Pop(),
+ recv);
+
+ if (KEY_MANAGER_API_SUCCESS != retCode) {
+ return retCode;
+ }
+
+ int id;
+ Deserialization::Deserialize(recv, id);
+ Deserialization::Deserialize(recv, retCode);
+
+ if (id != m_counter) {
+ return KEY_MANAGER_API_ERROR_UNKNOWN;
+ }
+
+ return retCode;
+ }
+
+ int getKey(const Alias &alias, const RawData &password, Key &key) {
+ return try_catch([&] {
+ if (user.empty() || key.empty())
+ return KEY_MANAGER_API_ERROR_INPUT_PARAM;
+
+ Message send, recv;
+ Serialization::Serialization(send, static_cast<int>(StorageCommand::REMOVE_KEY));
+ Serialization::Serialize(send, m_counter);
+ Serialization::Serialize(send, alias);
+ Serialization::Serialize(send, password);
+ Serialization::Serialize(send, key.getImpl());
+
+ int retCode = sendToServer(
+ SERVICE_SOCKET_CKM_STORAGE,
+ send.Pop(),
+ recv);
+
+ if (KEY_MANAGER_API_SUCCESS != retCode) {
+ return retCode;
+ }
+
+ int id;
+ Deserialization::Deserialize(recv, id);
+ Deserialization::Deserialize(recv, retCode);
+
+ if (id != m_counter) {
+ return KEY_MANAGER_API_ERROR_UNKNOWN;
+ }
+
+ return retCode;
+ }
+
+private:
+ int m_counter;
+};
+
+
--- /dev/null
+/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file client-manager.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Client Manager implementation.
+ */
+#include <ckm/key-manager.h>
+
+#include <client-manager-impl.h>
+
+namespace CKM {
+
+Manager::Manager()
+ : m_impl(new ManagerImpl)
+{}
+
+Manager::~Manager(){}
+
+int Manager::saveKey(const Alias &alias, const Key &key, const Policy &policy) {
+ m_impl->saveKey(alias, key, policy);
+}
+
+int Manager::removeKey(const Alias &alias) {
+ m_impl->removeKey(alias);
+}
+
+int Manager::getKey(const Alias &alias, Key &key, const RawData &password) {
+ m_impl->getKey(alias, password, key);
+}
+
+} // namespace CKM
+
/*
* Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
*
- * Contact: Bumjin Im <bj.im@samsung.com>
- *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
RESET_USER_PASSWORD
};
+enum class DBDataType : int {
+ UNKNOWN,
+ KEY_RSA_PUBLIC,
+ KEY_RSA_PRIVATE,
+ KEY_ECDSA_PUBLIC,
+ KEY_ECDSA_PRIVATE,
+ KEY_AES,
+ CERTIFICATE,
+ BINARY_DATA
+};
+
} // namespace CKM
+++ /dev/null
-[Socket]
-ListenStream=/tmp/.key-manager-api-echo.sock
-SockMode=0777
-SmackLabelIpIn=*
-SmackLabelIpOut=@
-
-Service=key-manager.service
-
-[Unit]
-Wants=key-manager.service
-Before=key-manager.service
-
-[Install]
-WantedBy=sockets.target
+++ /dev/null
-[Unit]
-Description=Central Key Manager sockets
-DefaultDependencies=true
-