CKM::Password _tostring(const char *str)
{
- if(str == NULL)
- return CKM::Password();
- return CKM::Password(str);
+ if(str == NULL)
+ return CKM::Password();
+ return CKM::Password(str);
}
CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
{
- CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
- CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
- return CKM::Certificate::create(buffer, dataFormat);
+ CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
+ CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
+ return CKM::Certificate::create(buffer, dataFormat);
}
ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
{
- int ret;
- ckmc_cert_list_s *start = NULL;
- ckmc_cert_list_s *plist = NULL;
- CKM::CertificateShPtrVector::iterator it;
- for(it = certVector.begin(); it != certVector.end(); it++) {
- CKM::RawBuffer rawBuffer = (*it)->getDER();
- unsigned char *rawCert = (unsigned char *) malloc(rawBuffer.size());
- memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
- ckmc_cert_s *pcert;
- ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
- if(pcert == NULL) {
- return NULL;
- }
- if(plist == NULL) {
- ret = ckmc_cert_list_new(pcert, &plist);
- start = plist; // save the pointer of the first element
- }else {
- ret = ckmc_cert_list_add(plist, pcert, &plist);
- }
- if(ret != CKMC_ERROR_NONE) {
- ckmc_cert_list_all_free(start);
- return NULL;
- }
- }
- return start;
+ int ret;
+ ckmc_cert_list_s *start = NULL;
+ ckmc_cert_list_s *plist = NULL;
+ CKM::CertificateShPtrVector::iterator it;
+ for(it = certVector.begin(); it != certVector.end(); it++) {
+ CKM::RawBuffer rawBuffer = (*it)->getDER();
+ unsigned char *rawCert = static_cast<unsigned char *>(malloc(rawBuffer.size()));
+ memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
+ ckmc_cert_s *pcert;
+ ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
+ free(rawCert);
+ if(pcert == NULL) {
+ ckmc_cert_list_all_free(start);
+ return NULL;
+ }
+ if(plist == NULL) {
+ ret = ckmc_cert_list_new(pcert, &plist);
+ start = plist; // save the pointer of the first element
+ }else {
+ ret = ckmc_cert_list_add(plist, pcert, &plist);
+ }
+ if(ret != CKMC_ERROR_NONE) {
+ ckmc_cert_list_all_free(start);
+ return NULL;
+ }
+ }
+ return start;
}
KEY_MANAGER_CAPI
int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
{
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- if(key.raw_key == NULL || key.key_size <= 0) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
- CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
+ if(key.raw_key == NULL || key.key_size <= 0) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
+ CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
- if(ckmKey.get() == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
+ if(ckmKey.get() == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
- int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
- return to_ckmc_error(ret);
+ int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_remove_key(const char *alias)
{
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- int ret = mgr->removeKey(ckmAlias);
- return to_ckmc_error(ret);
+ int ret = mgr->removeKey(ckmAlias);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
{
- int ret;
- CKM::KeyShPtr ckmKey;
+ int ret;
+ CKM::KeyShPtr ckmKey;
- if(alias == NULL || key == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL || key == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
- ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
+ unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
+ ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
- ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
+ ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
- return to_ckmc_error(ret);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
KEY_MANAGER_CAPI
int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
{
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- if(cert.raw_cert == NULL || cert.cert_size <= 0) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
- if(ckmCert.get() == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
+ if(cert.raw_cert == NULL || cert.cert_size <= 0) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
+ if(ckmCert.get() == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
- return to_ckmc_error(ret);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_remove_cert(const char *alias)
{
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->removeCertificate(ckmAlias);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->removeCertificate(ckmAlias);
- return to_ckmc_error(ret);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
{
- CKM::CertificateShPtr ckmCert;
- int ret;
+ CKM::CertificateShPtr ckmCert;
+ int ret;
- if(alias == NULL || cert == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL || cert == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
- ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
+ unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
+ ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
- return ret;
+ return ret;
}
KEY_MANAGER_CAPI
KEY_MANAGER_CAPI
int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
{
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- if(data.data == NULL || data.size <= 0) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::RawBuffer buffer(data.data, data.data + data.size);
+ if(data.data == NULL || data.size <= 0) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::RawBuffer buffer(data.data, data.data + data.size);
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
- return to_ckmc_error(ret);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_remove_data(const char *alias)
{
- if(alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
-
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- int ret = mgr->removeData(ckmAlias);
- return to_ckmc_error(ret);
+ if(alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
+
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret = mgr->removeData(ckmAlias);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
{
- CKM::RawBuffer ckmBuff;
- int ret;
+ CKM::RawBuffer ckmBuff;
+ int ret;
- if(alias == NULL || data == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(alias);
+ if(alias == NULL || data == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(alias);
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
- ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
+ unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
+ ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
- return ret;
+ return ret;
}
KEY_MANAGER_CAPI
KEY_MANAGER_CAPI
int ckmc_create_key_pair_rsa(const size_t size,
- const char *private_key_alias,
- const char *public_key_alias,
- const ckmc_policy_s policy_private_key,
- const ckmc_policy_s policy_public_key)
+ const char *private_key_alias,
+ const char *public_key_alias,
+ const ckmc_policy_s policy_private_key,
+ const ckmc_policy_s policy_public_key)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(private_key_alias == NULL || public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
- ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
- return to_ckmc_error(ret);
+ ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
- const char *private_key_alias,
- const char *public_key_alias,
- const ckmc_policy_s policy_private_key,
- const ckmc_policy_s policy_public_key)
+ const char *private_key_alias,
+ const char *public_key_alias,
+ const ckmc_policy_s policy_private_key,
+ const ckmc_policy_s policy_public_key)
{
- CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
- if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(private_key_alias == NULL || public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
+ CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
- int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
- return to_ckmc_error(ret);
+ int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
+ return to_ckmc_error(ret);
}
KEY_MANAGER_CAPI
int ckmc_create_signature(const char *private_key_alias,
- const char *password,
- const ckmc_raw_buffer_s message,
- const ckmc_hash_algo_e hash,
- const ckmc_rsa_padding_algo_e padding,
- ckmc_raw_buffer_s **signature)
+ const char *password,
+ const ckmc_raw_buffer_s message,
+ const ckmc_hash_algo_e hash,
+ const ckmc_rsa_padding_algo_e padding,
+ ckmc_raw_buffer_s **signature)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::RawBuffer ckmSignature;
-
- if(private_key_alias == NULL || signature == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
-
- CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
- CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
- CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
- CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
-
- if( (ret = mgr->createSignature(
- ckmPrivakeKeyAlias,
- _tostring(password),
- ckmMessage,
- ckmHashAlgo,
- ckmPadding,
- ckmSignature)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
-
- unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
- ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
-
- return ret;
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::RawBuffer ckmSignature;
+
+ if(private_key_alias == NULL || signature == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+
+ CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
+ CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
+ CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
+ CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
+
+ if( (ret = mgr->createSignature(
+ ckmPrivakeKeyAlias,
+ _tostring(password),
+ ckmMessage,
+ ckmHashAlgo,
+ ckmPadding,
+ ckmSignature)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
+
+ unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
+ ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
+
+ return ret;
}
KEY_MANAGER_CAPI
int ckmc_verify_signature(const char *public_key_alias,
- const char *password,
- const ckmc_raw_buffer_s message,
- const ckmc_raw_buffer_s signature,
- const ckmc_hash_algo_e hash,
- const ckmc_rsa_padding_algo_e padding)
+ const char *password,
+ const ckmc_raw_buffer_s message,
+ const ckmc_raw_buffer_s signature,
+ const ckmc_hash_algo_e hash,
+ const ckmc_rsa_padding_algo_e padding)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
-
- if(public_key_alias == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
-
- CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
- CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
- CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
- CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
-
- if( (ret = mgr->verifySignature(
- ckmPublicKeyAlias,
- _tostring(password),
- ckmMessage,
- ckmSignature,
- ckmHashAlgo,
- ckmPadding)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
-
- return CKMC_ERROR_NONE;
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+
+ if(public_key_alias == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+
+ CKM::Alias ckmPublicKeyAlias(public_key_alias);
+ CKM::RawBuffer ckmMessage(message.data, message.data + message.size);
+ CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size);
+ CKM::HashAlgorithm ckmHashAlgo = static_cast<CKM::HashAlgorithm>(static_cast<int>(hash));
+ CKM::RSAPaddingAlgorithm ckmPadding = static_cast<CKM::RSAPaddingAlgorithm>(static_cast<int>(padding));
+
+ if( (ret = mgr->verifySignature(
+ ckmPublicKeyAlias,
+ _tostring(password),
+ ckmMessage,
+ ckmSignature,
+ ckmHashAlgo,
+ ckmPadding)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
+
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::CertificateShPtrVector ckmCertChain;
-
- if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
-
- CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::CertificateShPtrVector ckmCertChain;
- CKM::CertificateShPtrVector ckmUntrustedCerts;
- if(untrustedcerts != NULL) {
- ckmc_cert_list_s *current = NULL;
- ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
- do {
- current = next;
- next = current->next;
+ if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- if(current->cert == NULL){
- continue;
- }
+ CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
- CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
- ckmUntrustedCerts.push_back(tmpCkmCert);
- }while(next != NULL);
- }
+ CKM::CertificateShPtrVector ckmUntrustedCerts;
+ if(untrustedcerts != NULL) {
+ ckmc_cert_list_s *current = NULL;
+ ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
+ do {
+ current = next;
+ next = current->next;
+
+ if(current->cert == NULL){
+ continue;
+ }
+
+ CKM::CertificateShPtr tmpCkmCert = _toCkmCertificate(current->cert);
+ ckmUntrustedCerts.push_back(tmpCkmCert);
+ }while(next != NULL);
+ }
- ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
- if( ret != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
+ ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
+ if( ret != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
- *cert_chain_list = _toNewCkmCertList(ckmCertChain);
+ *cert_chain_list = _toNewCkmCertList(ckmCertChain);
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
{
- int ret;
- CKM::ManagerShPtr mgr = CKM::Manager::create();
- CKM::CertificateShPtrVector ckmCertChain;
+ int ret;
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ CKM::CertificateShPtrVector ckmCertChain;
- if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
- if(ckmCert.get() == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
-
- CKM::AliasVector ckmUntrustedAliases;
- if(untrustedcerts != NULL) {
- ckmc_alias_list_s *current = NULL;
- ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
- do {
- current = next;
- next = current->next;
-
- if(current->alias == NULL){
- return CKMC_ERROR_INVALID_PARAMETER;
- }
- CKM::Alias ckmAlias(current->alias);
- ckmUntrustedAliases.push_back(ckmAlias);
- }while(next != NULL);
- }
-
- if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
- return to_ckmc_error(ret);
- }
-
- *cert_chain_list = _toNewCkmCertList(ckmCertChain);
-
- return CKMC_ERROR_NONE;
-}
+ if(ckmCert.get() == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
+
+ CKM::AliasVector ckmUntrustedAliases;
+ if(untrustedcerts != NULL) {
+ ckmc_alias_list_s *current = NULL;
+ ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
+ do {
+ current = next;
+ next = current->next;
+
+ if(current->alias == NULL){
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ CKM::Alias ckmAlias(current->alias);
+ ckmUntrustedAliases.push_back(ckmAlias);
+ }while(next != NULL);
+ }
+ if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKM_API_SUCCESS) {
+ return to_ckmc_error(ret);
+ }
+
+ *cert_chain_list = _toNewCkmCertList(ckmCertChain);
+
+ return CKMC_ERROR_NONE;
+}
KEY_MANAGER_CAPI
int ckmc_key_new(unsigned char *raw_key, size_t key_size, ckmc_key_type_e key_type, char *password, ckmc_key_s **ppkey)
{
- ckmc_key_s *pkey;
-
- if(raw_key == NULL || key_size <= 0 || ppkey == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
-
- pkey = static_cast<ckmc_key_s*>(malloc(sizeof(ckmc_key_s)));
- if(pkey == NULL) {
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- pkey->raw_key = reinterpret_cast<unsigned char*>(malloc(key_size));
- if(pkey->raw_key == NULL) {
- free(pkey);
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- memcpy(pkey->raw_key, raw_key, key_size);
-
- pkey->key_size = key_size;
- pkey->key_type = key_type;
-
- if(password != NULL) {
- pkey->password = reinterpret_cast<char*>(malloc(strlen(password) +1));
- if(pkey->password == NULL) {
- free(pkey);
- free(pkey->raw_key);
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- memset(pkey->password, 0, strlen(password) +1);
- strncpy(pkey->password, password, strlen(password));
- }else {
- pkey->password = NULL;
- }
-
- *ppkey = pkey;
-
- return CKMC_ERROR_NONE;
+ ckmc_key_s *pkey;
+
+ if(raw_key == NULL || key_size <= 0 || ppkey == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+
+ pkey = static_cast<ckmc_key_s*>(malloc(sizeof(ckmc_key_s)));
+ if(pkey == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ pkey->raw_key = reinterpret_cast<unsigned char*>(malloc(key_size));
+ if(pkey->raw_key == NULL) {
+ free(pkey);
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ memcpy(pkey->raw_key, raw_key, key_size);
+
+ pkey->key_size = key_size;
+ pkey->key_type = key_type;
+
+ if(password != NULL) {
+ pkey->password = reinterpret_cast<char*>(malloc(strlen(password) +1));
+ if(pkey->password == NULL) {
+ free(pkey->raw_key);
+ free(pkey);
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ memset(pkey->password, 0, strlen(password) +1);
+ strncpy(pkey->password, password, strlen(password));
+ }else {
+ pkey->password = NULL;
+ }
+
+ *ppkey = pkey;
+
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
void ckmc_key_free(ckmc_key_s *key)
{
- if(key == NULL)
- return;
-
- if(key->password != NULL)
- free(key->password);
- if(key->raw_key != NULL) {
- memset(key->raw_key, 0, key->key_size);
- free(key->raw_key);
- }
+ if(key == NULL)
+ return;
+
+ if(key->password != NULL)
+ free(key->password);
+ if(key->raw_key != NULL) {
+ memset(key->raw_key, 0, key->key_size);
+ free(key->raw_key);
+ }
- free(key);
+ free(key);
}
KEY_MANAGER_CAPI
int ckmc_buffer_new(unsigned char *data, size_t size,ckmc_raw_buffer_s **ppbuffer)
{
- ckmc_raw_buffer_s *pbuff;
+ ckmc_raw_buffer_s *pbuff;
- if(data == NULL || size <= 0 || ppbuffer == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(data == NULL || size <= 0 || ppbuffer == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- pbuff = static_cast<ckmc_raw_buffer_s*>(malloc(sizeof(ckmc_raw_buffer_s)));
- if(pbuff == NULL)
- return CKMC_ERROR_OUT_OF_MEMORY;
+ pbuff = static_cast<ckmc_raw_buffer_s*>(malloc(sizeof(ckmc_raw_buffer_s)));
+ if(pbuff == NULL)
+ return CKMC_ERROR_OUT_OF_MEMORY;
- pbuff->data = reinterpret_cast<unsigned char*>(malloc(size));
- if(pbuff->data == NULL) {
- free(pbuff);
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- memcpy(pbuff->data, data, size);
+ pbuff->data = reinterpret_cast<unsigned char*>(malloc(size));
+ if(pbuff->data == NULL) {
+ free(pbuff);
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ memcpy(pbuff->data, data, size);
- pbuff->size = size;
- *ppbuffer = pbuff;
+ pbuff->size = size;
+ *ppbuffer = pbuff;
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
void ckmc_buffer_free(ckmc_raw_buffer_s *buffer)
{
- if(buffer == NULL)
- return;
-
- if(buffer->data != NULL) {
- memset(buffer->data, 0, buffer->size);
- free(buffer->data);
- }
- free(buffer);
+ if(buffer == NULL)
+ return;
+
+ if(buffer->data != NULL) {
+ memset(buffer->data, 0, buffer->size);
+ free(buffer->data);
+ }
+ free(buffer);
}
KEY_MANAGER_CAPI
int ckmc_cert_new(unsigned char *raw_cert, size_t cert_size, ckmc_data_format_e data_format, ckmc_cert_s **ppcert)
{
- ckmc_cert_s *pcert;
-
- if(raw_cert == NULL || cert_size <= 0 || ppcert == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
-
- pcert = static_cast<ckmc_cert_s*>(malloc(sizeof(ckmc_cert_s)));
- if(pcert == NULL) {
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- pcert->raw_cert = reinterpret_cast<unsigned char*>(malloc(cert_size));
- if(pcert->raw_cert == NULL) {
- free(pcert);
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- memcpy(pcert->raw_cert, raw_cert, cert_size);
-
- pcert->cert_size = cert_size;
- pcert->data_format = data_format;
-
- *ppcert = pcert;
- return CKMC_ERROR_NONE;
+ ckmc_cert_s *pcert;
+
+ if(raw_cert == NULL || cert_size <= 0 || ppcert == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+
+ pcert = static_cast<ckmc_cert_s*>(malloc(sizeof(ckmc_cert_s)));
+ if(pcert == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ pcert->raw_cert = reinterpret_cast<unsigned char*>(malloc(cert_size));
+ if(pcert->raw_cert == NULL) {
+ free(pcert);
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ memcpy(pcert->raw_cert, raw_cert, cert_size);
+
+ pcert->cert_size = cert_size;
+ pcert->data_format = data_format;
+
+ *ppcert = pcert;
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
int ckmc_load_cert_from_file(const char *file_path, ckmc_cert_s **cert)
{
- OpenSSL_add_all_algorithms();
-
- FILE *fp = fopen(file_path, "r");
- if(fp == NULL)
- return CKMC_ERROR_FILE_ACCESS_DENIED;
- X509 *pcert = NULL;
- if(!(pcert = d2i_X509_fp(fp, NULL))) {
- fseek(fp, 0, SEEK_SET);
- pcert = PEM_read_X509(fp, NULL, NULL, NULL);
- }
- fclose(fp);
- if(pcert == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
-
- int ret = _ckmc_load_cert_from_x509(pcert, cert);
- if(ret != CKMC_ERROR_NONE) {
- X509_free(pcert);
- }
- return ret;
+ OpenSSL_add_all_algorithms();
+
+ FILE *fp = fopen(file_path, "r");
+ if(fp == NULL)
+ return CKMC_ERROR_FILE_ACCESS_DENIED;
+ X509 *pcert = NULL;
+ if(!(pcert = d2i_X509_fp(fp, NULL))) {
+ fseek(fp, 0, SEEK_SET);
+ pcert = PEM_read_X509(fp, NULL, NULL, NULL);
+ }
+ fclose(fp);
+ if(pcert == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
+
+ int ret = _ckmc_load_cert_from_x509(pcert, cert);
+ if(ret != CKMC_ERROR_NONE) {
+ X509_free(pcert);
+ }
+ return ret;
}
KEY_MANAGER_CAPI
int ckmc_load_from_pkcs12_file(const char *file_path, const char *passphrase, ckmc_key_s **private_key, ckmc_cert_s **ckmcert, ckmc_cert_list_s **ca_cert_list)
{
- class Pkcs12Converter {
- private:
- FILE* fp_in;
- PKCS12* p12;
- EVP_PKEY* pkey;
- X509* x509Cert;
- STACK_OF(X509)* ca;
-
- int ret;
- public:
- ckmc_key_s *retPrivateKey;
- ckmc_cert_s *retCkmCert;
- ckmc_cert_list_s *retCaCertList;
-
- Pkcs12Converter(){
- fp_in = NULL;
- p12 = NULL;
- pkey = NULL;
- x509Cert = NULL;
- ca = NULL;
- ret = CKMC_ERROR_NONE;
- retPrivateKey = NULL;
- retCkmCert = NULL;
- retCaCertList = NULL;
- };
- ~Pkcs12Converter(){
- if(fp_in != NULL)
- fclose(fp_in);
- if(p12 != NULL)
- PKCS12_free(p12);
- if(x509Cert != NULL)
- X509_free(x509Cert);
- if(pkey != NULL)
- EVP_PKEY_free(pkey);
- if(ca != NULL)
- sk_X509_pop_free(ca, X509_free);
- EVP_cleanup();
-
- if(ret != CKMC_ERROR_NONE) {
- if(retPrivateKey != NULL){
- ckmc_key_free(retPrivateKey);
- retPrivateKey = NULL;
- }
- if(retCkmCert != NULL) {
- ckmc_cert_free(retCkmCert);
- retCkmCert = NULL;
- }
- if(retCaCertList != NULL) {
- ckmc_cert_list_all_free(retCaCertList);
- retCaCertList = NULL;
- }
- }
- };
-
- int parsePkcs12(const char *filePath, const char *pass) {
- fp_in = NULL;
- if(!(fp_in = fopen(filePath, "rb"))) {
- return CKMC_ERROR_FILE_ACCESS_DENIED;
- }
-
- if(!(p12 = d2i_PKCS12_fp(fp_in, NULL))) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
-
- /* parse PKCS#12 certificate */
- if((ret = PKCS12_parse(p12, pass, &pkey, &x509Cert, &ca)) != 1) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
- return CKMC_ERROR_NONE;
- }
-
- int toCkmCert() {
- if( (ret =_ckmc_load_cert_from_x509(x509Cert,&retCkmCert)) != CKMC_ERROR_NONE) {
- return ret;
- }
- return CKMC_ERROR_NONE;
- }
-
- int toCkmKey() {
- BIO *bkey = BIO_new(BIO_s_mem());
-
- i2d_PrivateKey_bio(bkey, pkey);
-
- CKM::RawBuffer output(8196);
- int size = BIO_read(bkey, output.data(), output.size());
- BIO_free_all(bkey);
- if (size <= 0) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
- output.resize(size);
-
- int type = EVP_PKEY_type(pkey->type);
- ckmc_key_type_e key_type = CKMC_KEY_NONE;
- switch(type) {
- case EVP_PKEY_RSA :
- key_type = CKMC_KEY_RSA_PRIVATE;
- break;
- case EVP_PKEY_EC :
- key_type = CKMC_KEY_ECDSA_PRIVATE;
- break;
- }
- if(key_type == CKMC_KEY_NONE) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
-
- char *nullPassword = NULL;
-
- return ckmc_key_new(output.data(), size, key_type, nullPassword, &retPrivateKey);
- }
-
- int toCaCkmCertList() {
- int tmpRet;
- X509* popedCert = NULL;
- ckmc_cert_s *popedCkmCert = NULL;
- ckmc_cert_list_s *tmpCertList = NULL;
- while((popedCert = sk_X509_pop(ca)) != NULL) {
- if( (tmpRet =_ckmc_load_cert_from_x509(popedCert, &popedCkmCert)) != CKMC_ERROR_NONE) {
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- if(tmpCertList == NULL) { // first
- tmpRet = ckmc_cert_list_new(popedCkmCert, &tmpCertList);
- retCaCertList = tmpCertList;
- }else {
- tmpRet = ckmc_cert_list_add(tmpCertList, popedCkmCert, &tmpCertList);
- }
- if(tmpRet != CKMC_ERROR_NONE) {
- ckmc_cert_list_all_free(retCaCertList);
- retCaCertList = NULL;
- return tmpRet;
- }
- }
- return CKMC_ERROR_NONE;
- }
-
- };
-
- OpenSSL_add_all_algorithms();
-
- int ret = CKMC_ERROR_NONE;
-
- Pkcs12Converter converter;
- if((ret = converter.parsePkcs12(file_path, passphrase)) != CKMC_ERROR_NONE) {
- return ret;
- }
- if((ret = converter.toCkmCert()) != CKMC_ERROR_NONE) {
- return ret;
- }
- if((ret = converter.toCkmKey()) != CKMC_ERROR_NONE) {
- return ret;
- }
- if((ret = converter.toCaCkmCertList()) != CKMC_ERROR_NONE) {
- return ret;
- }
-
- *private_key = converter.retPrivateKey;
- *ckmcert = converter.retCkmCert;
- *ca_cert_list = converter.retCaCertList;
-
- return CKMC_ERROR_NONE;
+ class Pkcs12Converter {
+ private:
+ FILE* fp_in;
+ PKCS12* p12;
+ EVP_PKEY* pkey;
+ X509* x509Cert;
+ STACK_OF(X509)* ca;
+
+ int ret;
+ public:
+ ckmc_key_s *retPrivateKey;
+ ckmc_cert_s *retCkmCert;
+ ckmc_cert_list_s *retCaCertList;
+
+ Pkcs12Converter(){
+ fp_in = NULL;
+ p12 = NULL;
+ pkey = NULL;
+ x509Cert = NULL;
+ ca = NULL;
+ ret = CKMC_ERROR_NONE;
+ retPrivateKey = NULL;
+ retCkmCert = NULL;
+ retCaCertList = NULL;
+ };
+ ~Pkcs12Converter(){
+ if(fp_in != NULL)
+ fclose(fp_in);
+ if(p12 != NULL)
+ PKCS12_free(p12);
+ if(x509Cert != NULL)
+ X509_free(x509Cert);
+ if(pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if(ca != NULL)
+ sk_X509_pop_free(ca, X509_free);
+ EVP_cleanup();
+
+ if(ret != CKMC_ERROR_NONE) {
+ if(retPrivateKey != NULL){
+ ckmc_key_free(retPrivateKey);
+ retPrivateKey = NULL;
+ }
+ if(retCkmCert != NULL) {
+ ckmc_cert_free(retCkmCert);
+ retCkmCert = NULL;
+ }
+ if(retCaCertList != NULL) {
+ ckmc_cert_list_all_free(retCaCertList);
+ retCaCertList = NULL;
+ }
+ }
+ };
+
+ int parsePkcs12(const char *filePath, const char *pass) {
+ fp_in = NULL;
+ if(!(fp_in = fopen(filePath, "rb"))) {
+ return CKMC_ERROR_FILE_ACCESS_DENIED;
+ }
+
+ if(!(p12 = d2i_PKCS12_fp(fp_in, NULL))) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
+
+ /* parse PKCS#12 certificate */
+ if((ret = PKCS12_parse(p12, pass, &pkey, &x509Cert, &ca)) != 1) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
+ return CKMC_ERROR_NONE;
+ }
+
+ int toCkmCert() {
+ if( (ret =_ckmc_load_cert_from_x509(x509Cert,&retCkmCert)) != CKMC_ERROR_NONE) {
+ return ret;
+ }
+ return CKMC_ERROR_NONE;
+ }
+
+ int toCkmKey() {
+ BIO *bkey = BIO_new(BIO_s_mem());
+
+ i2d_PrivateKey_bio(bkey, pkey);
+
+ CKM::RawBuffer output(8196);
+ int size = BIO_read(bkey, output.data(), output.size());
+ BIO_free_all(bkey);
+ if (size <= 0) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
+ output.resize(size);
+
+ int type = EVP_PKEY_type(pkey->type);
+ ckmc_key_type_e key_type = CKMC_KEY_NONE;
+ switch(type) {
+ case EVP_PKEY_RSA :
+ key_type = CKMC_KEY_RSA_PRIVATE;
+ break;
+ case EVP_PKEY_EC :
+ key_type = CKMC_KEY_ECDSA_PRIVATE;
+ break;
+ }
+ if(key_type == CKMC_KEY_NONE) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
+
+ char *nullPassword = NULL;
+
+ return ckmc_key_new(output.data(), size, key_type, nullPassword, &retPrivateKey);
+ }
+
+ int toCaCkmCertList() {
+ int tmpRet;
+ X509* popedCert = NULL;
+ ckmc_cert_s *popedCkmCert = NULL;
+ ckmc_cert_list_s *tmpCertList = NULL;
+ while((popedCert = sk_X509_pop(ca)) != NULL) {
+ if( (tmpRet =_ckmc_load_cert_from_x509(popedCert, &popedCkmCert)) != CKMC_ERROR_NONE) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ if(tmpCertList == NULL) { // first
+ tmpRet = ckmc_cert_list_new(popedCkmCert, &tmpCertList);
+ retCaCertList = tmpCertList;
+ }else {
+ tmpRet = ckmc_cert_list_add(tmpCertList, popedCkmCert, &tmpCertList);
+ }
+ if(tmpRet != CKMC_ERROR_NONE) {
+ ckmc_cert_list_all_free(retCaCertList);
+ retCaCertList = NULL;
+ return tmpRet;
+ }
+ }
+ return CKMC_ERROR_NONE;
+ }
+
+ };
+
+ OpenSSL_add_all_algorithms();
+
+ int ret = CKMC_ERROR_NONE;
+
+ Pkcs12Converter converter;
+ if((ret = converter.parsePkcs12(file_path, passphrase)) != CKMC_ERROR_NONE) {
+ return ret;
+ }
+ if((ret = converter.toCkmCert()) != CKMC_ERROR_NONE) {
+ return ret;
+ }
+ if((ret = converter.toCkmKey()) != CKMC_ERROR_NONE) {
+ return ret;
+ }
+ if((ret = converter.toCaCkmCertList()) != CKMC_ERROR_NONE) {
+ return ret;
+ }
+
+ *private_key = converter.retPrivateKey;
+ *ckmcert = converter.retCkmCert;
+ *ca_cert_list = converter.retCaCertList;
+
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
void ckmc_cert_free(ckmc_cert_s *cert)
{
- if(cert == NULL)
- return;
-
- if(cert->raw_cert != NULL) {
- memset(cert->raw_cert, 0, cert->cert_size);
- free(cert->raw_cert);
- }
- free(cert);
+ if(cert == NULL)
+ return;
+
+ if(cert->raw_cert != NULL) {
+ memset(cert->raw_cert, 0, cert->cert_size);
+ free(cert->raw_cert);
+ }
+ free(cert);
}
KEY_MANAGER_CAPI
int ckmc_alias_list_new(char *alias, ckmc_alias_list_s **ppalias_list)
{
- ckmc_alias_list_s *previous = NULL;
- return ckmc_alias_list_add(previous, alias, ppalias_list);
+ ckmc_alias_list_s *previous = NULL;
+ return ckmc_alias_list_add(previous, alias, ppalias_list);
}
KEY_MANAGER_CAPI
int ckmc_alias_list_add(ckmc_alias_list_s *previous, char *alias, ckmc_alias_list_s **pplast)
{
- ckmc_alias_list_s *plist;
+ ckmc_alias_list_s *plist;
- if(alias == NULL || pplast == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(alias == NULL || pplast == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- plist = static_cast<ckmc_alias_list_s*>(malloc(sizeof(ckmc_alias_list_s)));
- if(plist == NULL) {
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
+ plist = static_cast<ckmc_alias_list_s*>(malloc(sizeof(ckmc_alias_list_s)));
+ if(plist == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
- plist->alias = alias;
- plist->next = NULL;
+ plist->alias = alias;
+ plist->next = NULL;
- if(previous != NULL) {
- previous->next = plist;
- }
- *pplast = plist;
+ if(previous != NULL) {
+ previous->next = plist;
+ }
+ *pplast = plist;
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
void ckmc_alias_list_free(ckmc_alias_list_s *first)
{
- ckmc_alias_list_s *next = first;
- while (next) {
- ckmc_alias_list_s *current = next;
- next = current->next;
- free(current);
- }
+ ckmc_alias_list_s *next = first;
+ while (next) {
+ ckmc_alias_list_s *current = next;
+ next = current->next;
+ free(current);
+ }
}
KEY_MANAGER_CAPI
void ckmc_alias_list_all_free(ckmc_alias_list_s *first)
{
- ckmc_alias_list_s *next = first;
- while (next) {
+ ckmc_alias_list_s *next = first;
+ while (next) {
ckmc_alias_list_s *current = next;
- next = current->next;
- free(current->alias);
- free(current);
- }
+ next = current->next;
+ free(current->alias);
+ free(current);
+ }
}
KEY_MANAGER_CAPI
int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list)
{
- ckmc_cert_list_s *previous = NULL;
- return ckmc_cert_list_add(previous, cert, ppalias_list);
+ ckmc_cert_list_s *previous = NULL;
+ return ckmc_cert_list_add(previous, cert, ppalias_list);
}
KEY_MANAGER_CAPI
int ckmc_cert_list_add(ckmc_cert_list_s *previous, ckmc_cert_s *cert, ckmc_cert_list_s **pplast)
{
- ckmc_cert_list_s *plist;
+ ckmc_cert_list_s *plist;
- if(cert == NULL || pplast == NULL) {
- return CKMC_ERROR_INVALID_PARAMETER;
- }
+ if(cert == NULL || pplast == NULL) {
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
- plist = static_cast<ckmc_cert_list_s*>(malloc(sizeof(ckmc_cert_list_s)));
- if(plist == NULL) {
- return CKMC_ERROR_OUT_OF_MEMORY;
- }
- plist->cert = cert;
- plist->next = NULL;
+ plist = static_cast<ckmc_cert_list_s*>(malloc(sizeof(ckmc_cert_list_s)));
+ if(plist == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
+ plist->cert = cert;
+ plist->next = NULL;
- if(previous != NULL) {
- previous->next = plist;
- }
+ if(previous != NULL) {
+ previous->next = plist;
+ }
- *pplast = plist;
+ *pplast = plist;
- return CKMC_ERROR_NONE;
+ return CKMC_ERROR_NONE;
}
KEY_MANAGER_CAPI
int _ckmc_load_cert_from_x509(X509 *xCert, ckmc_cert_s **cert)
{
- if(xCert == NULL) {
- return CKMC_ERROR_INVALID_FORMAT;
- }
+ if(xCert == NULL) {
+ return CKMC_ERROR_INVALID_FORMAT;
+ }
- BIO *bcert = BIO_new(BIO_s_mem());
+ BIO *bcert = BIO_new(BIO_s_mem());
- i2d_X509_bio(bcert, xCert);
+ i2d_X509_bio(bcert, xCert);
CKM::RawBuffer output(8196);
int size = BIO_read(bcert, output.data(), output.size());
- BIO_free_all(bcert);
+ BIO_free_all(bcert);
if (size <= 0) {
return CKMC_ERROR_INVALID_FORMAT;
}
output.resize(size);
- return ckmc_cert_new(output.data(), output.size(), CKMC_FORM_DER, cert);
+ return ckmc_cert_new(output.data(), output.size(), CKMC_FORM_DER, cert);
}
projects / platform / core / security / key-manager.git / commitdiff