return CKM_API_SUCCESS;
}
-int loadAppKey(UserData &handle, const ClientId &owner)
+int loadAppKey(UserData &handler, const ClientId &owner, bool keyRequired = true)
{
- if (!handle.crypto.haveKey(owner)) {
- RawBuffer key;
- auto key_optional = handle.database.getKey(owner);
+ if (!handler.crypto.haveKey(owner)) {
+ RawBuffer wrappedDEK;
+ auto wrappedDEKOptional = handler.database.getKey(owner);
- if (!key_optional) {
- LogError("No key for given owner in database");
- return CKM_API_ERROR_DB_ERROR;
+ if (!wrappedDEKOptional) {
+ if (keyRequired) {
+ LogError("No key for given owner in database");
+ return CKM_API_ERROR_DB_ERROR;
+ }
+ LogDebug("No Key in database found. Generating new one for client: " << owner);
+ wrappedDEK = handler.keyProvider.generateDEK(owner);
+ handler.database.saveKey(owner, wrappedDEK);
+ } else {
+ wrappedDEK = *wrappedDEKOptional;
}
- key = *key_optional;
- key = handle.keyProvider.getPureDEK(key);
- handle.crypto.pushKey(owner, key);
+ handler.crypto.pushKey(owner, handler.keyProvider.getPureDEK(wrappedDEK));
}
return CKM_API_SUCCESS;
if (handler.database.isNameOwnerPresent(name, owner))
return CKM_API_ERROR_DB_ALIAS_EXISTS;
- // encryption section
- if (!handler.crypto.haveKey(owner)) {
- RawBuffer got_key;
- auto key_optional = handler.database.getKey(owner);
-
- if (!key_optional) {
- LogDebug("No Key in database found. Generating new one for client: " <<
- owner);
- got_key = handler.keyProvider.generateDEK(owner);
- handler.database.saveKey(owner, got_key);
- } else {
- LogDebug("Key from DB");
- got_key = *key_optional;
- }
-
- got_key = handler.keyProvider.getPureDEK(got_key);
- handler.crypto.pushKey(owner, got_key);
- }
+ // generate (if needed) and load the app key
+ loadAppKey(handler, owner, false);
return CKM_API_SUCCESS;
}
projects / platform / core / security / key-manager.git / commitdiff