* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks The user key is a randomly generated key used in encrypting user data. And the user key
+ * @remarks The user key is a randomly generated key used in encrypting user data. The user key
* is protected by a user's password.
*
- * @param[in] user The user ID of a user whose key is decrypted
- * @param[in] password The password used in decrypting a user key
+ * @param[in] user The user ID of a user whose key is decrypted
+ * @param[in] password The password used in decrypting a user key
*
- * @return @c 0 on success,
- * otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
- * @retval #CKMC_ERROR_SERVER_ERROR Failed to unlock user key
- * @retval #CKMC_ERROR_AUTHENTICATION_FAILED Not correct password
+ * @return @c 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
+ * @retval #CKMC_ERROR_SERVER_ERROR Failed to unlock user key
+ * @retval #CKMC_ERROR_AUTHENTICATION_FAILED Not correct password
*
* @see ckmc_lock_user_key()
* @see ckmc_remove_user_data()
*
* @param[in] user The user ID of a user whose key is removed from memory
*
- * @return @c 0 on success,
- * otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
+ * @return @c 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
*
* @see ckmc_unlock_user_key()
* @see ckmc_remove_user_data()
*
* @param[in] user The user ID of a user whose data and key are removed
*
- * @return @c 0 on success,
- * otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
+ * @return @c 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
*
* @see ckmc_unlock_user_key()
* @see ckmc_lock_user_key()
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @param[in] user The user ID of a user whose user key is re-encrypted
- * @param[in] old_password The password used in decrypting a user key
- * @param[in] new_password The password used in re-encrypting a user key
+ * @param[in] user The user ID of a user whose user key is re-encrypted
+ * @param[in] old_password The password used in decrypting a user key
+ * @param[in] new_password The password used in re-encrypting a user key
*
- * @return @c 0 on success,
- * otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
- * @retval #CKMC_ERROR_AUTHENTICATION_FAILED Not correct password
- * @retval #CKMC_ERROR_BAD_REQUEST No information about old password
+ * @return @c 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
+ * @retval #CKMC_ERROR_AUTHENTICATION_FAILED Not correct password
+ * @retval #CKMC_ERROR_BAD_REQUEST No information about old password
*
* @see ckmc_unlock_user_key()
* @see ckmc_lock_user_key()
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @param[in] user The user ID of a user whose user key is re-encrypted
- * @param[in] new_password The password used in re-encrypting a user key
+ * @param[in] user The user ID of a user whose user key is re-encrypted
+ * @param[in] new_password The password used in re-encrypting a user key
*
- * @return @c 0 on success,
- * otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
- * @retval #CKMC_ERROR_BAD_REQUEST A user key is not unlocked
+ * @return @c 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Invalid input parameter
+ * @retval #CKMC_ERROR_BAD_REQUEST A user key is not unlocked
*
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
*
/**
* @deprecated Deprecated since 4.0. See ckmc_set_permission_by_adm()
+ *
* @platform
* @brief Allows another application to access client's application data.
*
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks Data identified by @a alias should exist
+ * @remarks Data identified by @a alias should exist.
*
- * @param[in] user User ID of a user whose data will be affected
- * @param[in] owner Package id of the data owner
- * @param[in] alias Data alias for which access will be granted
- * @param[in] accessor Package id of the application that will gain access rights
- * @param[in] granted Rights granted for @a accessor application
+ * @param[in] user User ID of a user whose data will be affected
+ * @param[in] owner Package id of the data owner
+ * @param[in] alias Data alias for which access will be granted
+ * @param[in] accessor Package id of the application that will gain access rights
+ * @param[in] granted Rights granted for @a accessor application
*
* @return @c 0 on success, otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
- * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged
- * in)
- * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
*
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
*
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks Data identified by @a alias should exist
- * @remarks @a alias must contain owner id and name (<owner id><ckmc_owner_id_separator><name>)
+ * @remarks Data identified by @a alias should exist.
+ * @remarks @a alias must contain owner id and name (<owner id><ckmc_owner_id_separator><name>).
+ * @remarks Previous permission mask will be replaced with the new mask value passed by @a mask.
*
- * @param[in] user User ID of a user whose data will be affected
- * @param[in] alias Data alias for which access will be granted
- * @param[in] accessor Package id of the application that will gain access rights
- * @param[in] mask Mask of permissions granted for @a accessor application (#ckmc_permission_e)
- * (previous permission mask will be replaced with the new mask value)
+ * @param[in] user User ID of a user whose data will be affected
+ * @param[in] alias Data alias for which access will be granted
+ * @param[in] accessor Package id of the application that will gain access rights
+ * @param[in] mask Mask of permissions granted for @a accessor application (#ckmc_permission_e)
*
* @return @c 0 on success, otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
- * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged
- * in)
- * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
*
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
*
/**
* @deprecated Deprecated since 4.0. See ckmc_set_permission_by_adm()
+ *
* @platform
* @brief Revokes another application's access to client's application data.
*
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks Data identified by @a alias should exist
+ * @remarks Data identified by @a alias should exist.
* @remarks Only access previously granted with ckmc_allow_access can be revoked.
*
- * @param[in] user User ID of a user whose data will be affected
- * @param[in] owner Package id of the data owner
- * @param[in] alias Data alias for which access will be revoked
- * @param[in] accessor Package id of the application that will lose access rights
+ * @param[in] user User ID of a user whose data will be affected
+ * @param[in] owner Package id of the data owner
+ * @param[in] alias Data alias for which access will be revoked
+ * @param[in] accessor Package id of the application that will lose access rights
*
* @return @c 0 on success, otherwise a negative error value
- *
- * @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
- * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid or the @a accessor doesn't
- * have access to @a alias
- * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged
- * in)
- * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid or the @a accessor doesn't
+ * have access to @a alias
+ * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
*
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
*
/**
- * @brief Enumeration for Key Manager Errors.
+ * @brief Enumeration for Key Manager errors.
+ *
* @since_tizen 2.3
*/
typedef enum {
- CKMC_ERROR_NONE = TIZEN_ERROR_NONE, /**< Successful */
- CKMC_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid function parameter */
- CKMC_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
- CKMC_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Permission denied */
- CKMC_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED, /**< Device needed to run API is not supported*/
-
- CKMC_ERROR_SOCKET = TIZEN_ERROR_KEY_MANAGER | 0x01, /**< Socket error between client and Central Key Manager */
- CKMC_ERROR_BAD_REQUEST = TIZEN_ERROR_KEY_MANAGER | 0x02, /**< Invalid request from client */
- CKMC_ERROR_BAD_RESPONSE = TIZEN_ERROR_KEY_MANAGER | 0x03, /**< Invalid response from Central Key Manager */
- CKMC_ERROR_SEND_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x04, /**< Transmitting request failed */
- CKMC_ERROR_RECV_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x05, /**< Receiving response failed */
- CKMC_ERROR_AUTHENTICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x06, /**< Optional password which used when saving is incorrect */
- CKMC_ERROR_BUFFER_TOO_SMALL = TIZEN_ERROR_KEY_MANAGER | 0x07, /**< The output buffer size which is passed as parameter is too small */
- CKMC_ERROR_SERVER_ERROR = TIZEN_ERROR_KEY_MANAGER | 0x08, /**< Central Key Manager has been failed for some reason */
- CKMC_ERROR_DB_LOCKED = TIZEN_ERROR_KEY_MANAGER | 0x09, /**< The database was not unlocked - user did not login */
- CKMC_ERROR_DB_ERROR = TIZEN_ERROR_KEY_MANAGER | 0x0A, /**< An internal error inside the database */
- CKMC_ERROR_DB_ALIAS_EXISTS = TIZEN_ERROR_KEY_MANAGER | 0x0B, /**< Provided alias already exists in the database */
- CKMC_ERROR_DB_ALIAS_UNKNOWN = TIZEN_ERROR_KEY_MANAGER | 0x0C, /**< No data for given alias */
- CKMC_ERROR_VERIFICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x0D, /**< CA certificate(s) were unknown and chain could not be created */
- CKMC_ERROR_INVALID_FORMAT = TIZEN_ERROR_KEY_MANAGER | 0x0E, /**< A provided file or binary has not a valid format */
- CKMC_ERROR_FILE_ACCESS_DENIED = TIZEN_ERROR_KEY_MANAGER | 0x0F, /**< A provided file doesn't exist or cannot be accessed in the file system */
- CKMC_ERROR_NOT_EXPORTABLE = TIZEN_ERROR_KEY_MANAGER | 0x10, /**< The data is saved as unexportable so it cannot be leaked */
- CKMC_ERROR_FILE_SYSTEM = TIZEN_ERROR_KEY_MANAGER | 0x11, /**< Save key/certificate/pkcs12 failed because of file system error */
- CKMC_ERROR_UNKNOWN = TIZEN_ERROR_KEY_MANAGER | 0xFF, /**< The error with unknown reason */
+ CKMC_ERROR_NONE = TIZEN_ERROR_NONE, /**< Successful */
+ CKMC_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid function parameter */
+ CKMC_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
+ CKMC_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Permission denied */
+ CKMC_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED, /**< Device needed to run API is not supported*/
+
+ CKMC_ERROR_SOCKET = TIZEN_ERROR_KEY_MANAGER | 0x01, /**< Socket error between client and Central Key Manager */
+ CKMC_ERROR_BAD_REQUEST = TIZEN_ERROR_KEY_MANAGER | 0x02, /**< Invalid request from client */
+ CKMC_ERROR_BAD_RESPONSE = TIZEN_ERROR_KEY_MANAGER | 0x03, /**< Invalid response from Central Key Manager */
+ CKMC_ERROR_SEND_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x04, /**< Transmitting request failed */
+ CKMC_ERROR_RECV_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x05, /**< Receiving response failed */
+ CKMC_ERROR_AUTHENTICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x06, /**< Optional password used for saving was incorrect */
+ CKMC_ERROR_BUFFER_TOO_SMALL = TIZEN_ERROR_KEY_MANAGER | 0x07, /**< The output buffer size (passed as parameter) was too small */
+ CKMC_ERROR_SERVER_ERROR = TIZEN_ERROR_KEY_MANAGER | 0x08, /**< Central Key Manager has failed for unknown reason */
+ CKMC_ERROR_DB_LOCKED = TIZEN_ERROR_KEY_MANAGER | 0x09, /**< The database was not unlocked - user did not login */
+ CKMC_ERROR_DB_ERROR = TIZEN_ERROR_KEY_MANAGER | 0x0A, /**< An internal error inside the database */
+ CKMC_ERROR_DB_ALIAS_EXISTS = TIZEN_ERROR_KEY_MANAGER | 0x0B, /**< Provided alias already exists in the database */
+ CKMC_ERROR_DB_ALIAS_UNKNOWN = TIZEN_ERROR_KEY_MANAGER | 0x0C, /**< No data for given alias */
+ CKMC_ERROR_VERIFICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x0D, /**< CA certificate(s) were unknown and chain could not be created */
+ CKMC_ERROR_INVALID_FORMAT = TIZEN_ERROR_KEY_MANAGER | 0x0E, /**< Provided file or binary has an invalid format */
+ CKMC_ERROR_FILE_ACCESS_DENIED = TIZEN_ERROR_KEY_MANAGER | 0x0F, /**< Provided file does not exist or cannot be accessed in the file system */
+ CKMC_ERROR_NOT_EXPORTABLE = TIZEN_ERROR_KEY_MANAGER | 0x10, /**< The data is saved as unexportable so it cannot be accessed */
+ CKMC_ERROR_FILE_SYSTEM = TIZEN_ERROR_KEY_MANAGER | 0x11, /**< Save key/certificate/pkcs12 failed because of file system error */
+ CKMC_ERROR_UNKNOWN = TIZEN_ERROR_KEY_MANAGER | 0xFF, /**< Error of unknown reason */
} key_manager_error_e;
* @remarks The key and the wrapping key must be stored in the same backend.
* @remarks The data size must be smaller or equal to:
* wrapping key size in bytes - key size in bytes -
- * 2* hash function output size in bytes - 2.
+ * 2 * hash function output size in bytes - 2.
* Example: for 3072 RSA wrapping key, 256 AES key and hash SHA384 the maximum
* data size is: 3072/8 - 256/8 - 2*384/8 - 2 = 254 bytes.
* @remarks Considering the data size limit it's recommended to use RSA key longer than
* @remarks If password in @a policy is provided, the stored key is additionally encrypted with it.
* @remarks If extractable in @a policy is set to false, the stored key may still be exported in a
* wrapped form.
+ * @remarks The supported @a size for the key to be stored is @c 128, @c 192 and @c 256 bits.
* @remarks The @a ppdata should be released using ckmc_buffer_free().
*
* @param[in] params Algorithm parameter list handle. See #ckmc_param_list_h and #ckmc_algo_type_e
* @param[in] wrapping_key_password An optional password of the wrapping key
* @param[in] wrapped_key The wrapped key to be unwrapped, split and stored
* @param[in] alias The name of a key to be stored
- * @param[in] size The size in bits of the key to be stored. @c 128, @c 192 and @c 256 are supported
+ * @param[in] size The size in bits of the key to be stored
* @param[in] policy The policy about how to store a key securely
* @param[out] ppdata The unwrapped data.
*
/**
* @brief Stores a key inside key manager based on the provided policy.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks Currently API supports nine types of keys. These are RSA public/private key,
+ * @remarks Currently API supports nine types of keys. These are: RSA public/private key,
* DSA public/private key, ECDSA public/private key, KEM public/private key and
* AES symmetric key.
* @remarks key_type in key may be set to #CKMC_KEY_NONE as an input. key_type is determined inside
- * key manager during storing keys.
+ * key manager during storing.
* @remarks Some private key files are protected by a password. If raw_key in key read from those
* encrypted files is encrypted with a password, the password should be provided in
* the #ckmc_key_s structure.
* @remarks If password in policy is provided, the key is additionally encrypted with the password
* in the policy.
+ *
* @param[in] alias The name of a key to be stored
* @param[in] key The key's binary value to be stored
- * @param[in] policy The policy about how to store a key securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] policy Key storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_INVALID_FORMAT The format of raw_key is not valid
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_remove_alias()
* @see ckmc_get_key()
* @see ckmc_get_key_alias_list()
* @see #ckmc_key_s
* @see #ckmc_policy_s
*/
-int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy);
+int ckmc_save_key(const char *alias,
+ const ckmc_key_s key,
+ const ckmc_policy_s policy);
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_remove_alias() instead]
+ *
* @brief Removes a key from key manager.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks To remove key, client must have remove permission to the specified key.
- * @remarks The key owner can remove by default.
+ * @remarks To remove a key, client must have removal permission to the specified key.
+ * @remarks The key owner can remove it by default.
+ *
* @param[in] alias The name of a key to be removed
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_key()
* @see ckmc_get_key()
* @see ckmc_get_key_alias_list()
/**
* @brief Gets a key from key manager.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only data stored by the client.
- * @remarks You must destroy the newly created @a ppkey by calling ckmc_key_free() if it is no longer needed.
+ * @remarks A client can only access data stored by the client.
+ * @remarks If policy contains password in ckmc_save_key(), the same password should be provided.
+ * @remarks The newly created @a ppkey must be destroyed by calling ckmc_key_free() if it is no longer needed.
+ *
* @param[in] alias The name of a key to retrieve
- * @param[in] password The password used in decrypting a key value. If password of policy is
- * provided in ckmc_save_key(), the same password should be provided
+ * @param[in] password The password used in decrypting a key value
* @param[out] ppkey The pointer to a newly created ckmc_key_s handle
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Decryption failed because password is incorrect
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_key()
* @see ckmc_remove_alias()
* @see ckmc_get_key_alias_list()
*/
-int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **ppkey);
+int ckmc_get_key(const char *alias,
+ const char *password,
+ ckmc_key_s **ppkey);
/**
- * @brief Gets all the alias of keys that the client can access.
+ * @brief Gets a list of all of the keys aliases that the client can access.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only data stored by the client.
- * @remarks You must destroy the newly created @a ppalias_list by calling ckmc_alias_list_all_free()
+ * @remarks A client can only access data stored by the client.
+ * @remarks If there is no available key alias the @a ppalias_list will be NULL on return.
+ * @remarks The newly created @a ppalias_list must be destroyed by calling ckmc_alias_list_all_free()
* if it is no longer needed.
+ *
* @param[out] ppalias_list The pointer to a newly created #ckmc_alias_list_s handle containing all
- * available alias of keys. If there is no available key alias,
- * *ppalias_list will be NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * available aliases of keys
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_key()
* @see ckmc_remove_alias()
* @see ckmc_get_key()
/**
- * @brief Gets the information about all the aliases of keys that the client can access.
+ * @brief Gets the information about all of the aliases of keys that the client can access.
+ *
* @since_tizen 5.5
- * @remarks A client can access only data stored by the client and the entries from system database
- * if it was explicitly permitted to.
- * @remarks You must destroy the newly created @a ppalias_list by calling
+ *
+ * @remarks A client can only access data stored by the client and the entries from system database
+ * if it was explicitly permitted to.
+ * @remarks If there is no available key alias the @a ppalias_list will be NULL on return.
+ * @remarks The newly created @a ppalias_list must be destroyed by calling
* ckmc_alias_info_list_all_free() if it is no longer needed.
+ *
* @param[out] ppalias_list The pointer to a newly created ckmc_alias_info_list_s handle containing
- * information about all key aliases. If there is no available key alias,
- * *ppalias_list will be NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * information about all keys aliases
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Insufficient permissions to access key manager or to read
* the alias list
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_key()
* @see ckmc_remove_alias()
* @see ckmc_get_key()
/**
* @brief Stores a certificate inside key manager based on the provided policy.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0
* @remarks The certificate's binary value will be converted and saved as binary DER encoded
* certificates.
+ *
* @param[in] alias The name of a certificate to be stored
* @param[in] cert The certificate's binary value to be stored
- * @param[in] policy The policy about how to store a certificate securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] policy Certificate storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_INVALID_FORMAT The format of raw_cert is not valid
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_remove_alias()
* @see ckmc_get_cert()
* @see ckmc_get_cert_alias_list()
* @see #ckmc_cert_s
* @see #ckmc_policy_s
*/
-int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy);
+int ckmc_save_cert(const char *alias,
+ const ckmc_cert_s cert,
+ const ckmc_policy_s policy);
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_remove_alias() instead]
+ *
* @brief Removes a certificate from key manager.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks To remove certificate, client must have remove permission to the specified certificate.
- * @remarks The key owner can remove by default.
+ * @remarks To remove certificate, client must have removal permission to the specified certificate.
+ * @remarks The certificate owner can remove it by default.
+ *
* @param[in] alias The name of a certificate to be removed
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_cert()
* @see ckmc_get_cert()
* @see ckmc_get_cert_alias_list()
/**
* @brief Gets a certificate from key manager.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only certificate stored by the client.
+ * @remarks A client can only access certificate stored by the client.
* @remarks A DER encoded certificate will be returned as a return value.
- * @remarks You must destroy the newly created @a ppcert by calling ckmc_cert_free() if it is no
+ * @remarks If policy contains password in ckmc_save_cert(), the same password should be provided.
+ * @remarks The newly created @a ppcert must be destroyed by calling ckmc_cert_free() if it is no
* longer needed.
+ *
* @param[in] alias The name of a certificate to retrieve
- * @param[in] password The password used in decrypting a certificate value. If password of policy is
- * provided in ckmc_save_cert(), the same password should be provided
+ * @param[in] password The password used in decrypting a certificate value
* @param[out] ppcert The pointer to a newly created ckmc_cert_s handle
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exists
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Decryption failed because password is incorrect
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_cert()
* @see ckmc_remove_alias()
* @see ckmc_get_cert_alias_list()
*/
-int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **ppcert);
+int ckmc_get_cert(const char *alias,
+ const char *password,
+ ckmc_cert_s **ppcert);
/**
* @brief Gets all alias of certificates which the client can access.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only data stored by the client.
- * @remarks You must destroy the newly created @a ppalias_list by calling ckmc_alias_list_all_free()
+ * @remarks A client can only access data stored by the client.
+ * @remarks If there is no available key alias the @a ppalias_list will be NULL on return.
+ * @remarks The newly created @a ppalias_list must be destroyed by calling ckmc_alias_list_all_free()
* if it is no longer needed.
+ *
* @param[out] ppalias_list The pointer to a newly created ckmc_alias_list_s handle containing all
- * available alias of keys. If there is no available key alias,
- * *ppalias_list will be NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * available alias of keys
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_cert()
* @see ckmc_remove_alias()
* @see ckmc_get_cert()
/**
* @brief Gets the information about all the aliases of certificates that the client can access.
+ *
* @since_tizen 5.5
- * @remarks A client can access only data stored by the client and the entries from system database
- * if it was explicitly permitted to.
- * @remarks You must destroy the newly created @a ppalias_list by calling
+ *
+ * @remarks A client can only access data stored by the client and the entries from system database
+ * if it was explicitly permitted to.
+ * @remarks The newly created @a ppalias_list must be destroyed by calling
* ckmc_alias_info_list_all_free() if it is no longer needed.
+ * @remarks If there is no available certificate alias, @a ppalias_list will return NULL.
+ *
* @param[out] ppalias_list The pointer to a newly created ckmc_alias_info_list_s handle containing
- * information about all certificate aliases. If there is no available
- * certificate alias, *ppalias_list will be NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * information about all certificate aliases
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Insufficient permissions to access key manager or to read
* the alias list
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_cert()
* @see ckmc_remove_alias()
* @see ckmc_get_cert()
/**
- * @brief Stores PKCS12's contents inside key manager based on the provided policies. All items from
- * the PKCS12 will use the same alias.
+ * @brief Stores PKCS12's contents inside key manager based on the provided policies.
+ *
* @since_tizen 2.4
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @param[in] alias The name of a data to be stored
+ * @remarks All items from the PKCS12 will use the same alias.
+ *
+ * @param[in] alias The name of data to be stored
* @param[in] pkcs Pointer to the pkcs12 structure to be saved
- * @param[in] key_policy The policy about how to store pkcs's private key
- * @param[in] cert_policy The policy about how to store pkcs's certificate
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] key_policy Pkcs's private key storing policy
+ * @param[in] cert_policy Pkcs's certificate storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_remove_alias()
* @see ckmc_get_pkcs12()
* @see ckmc_get_data_alias_list()
/**
* @brief Gets a pkcs12 from key manager.
+ *
* @since_tizen 2.4
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only data stored by the client.
- * @remarks You must destroy the newly created @a pkcs12 by calling ckmc_pkcs12_free() if it is no
+ * @remarks A client can only access data stored by the client.
+ * @remarks The newly created @a pkcs12 must be destroyed by calling ckmc_pkcs12_free() if it is no
* longer needed.
+ *
* @param[in] alias The name of a data to retrieve
* @param[in] key_password Password that was used to encrypt privateKey (may be NULL)
* @param[in] cert_password Password used to encrypt certificates (may be NULL)
* @param[out] pkcs12 The pointer to a newly created ckmc_pkcs12_s handle
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED key_password or cert_password does not match with
* password used to encrypt data
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_pkcs12()
* @see ckmc_remove_alias()
*/
/**
* @brief Stores a data inside key manager based on the provided policy.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
+ *
* @param[in] alias The name of a data to be stored
* @param[in] data The binary value to be stored
- * @param[in] policy The policy about how to store a data securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] policy Data storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_remove_alias()
* @see ckmc_get_data()
* @see ckmc_get_data_alias_list()
* @see #ckmc_raw_buffer_s
* @see #ckmc_policy_s
*/
-int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy);
+int ckmc_save_data(const char *alias,
+ ckmc_raw_buffer_s data,
+ const ckmc_policy_s policy);
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_remove_alias() instead]
+ *
* @brief Removes a data from key manager.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks To remove data, client must have remove permission to the specified data object.
- * @remarks The data owner can remove by default.
- * @param[in] alias The name of a data to be removed
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @remarks To remove data, client must have removal permission to the specified data object.
+ * @remarks The data owner can remove it by default.
+ *
+ * @param[in] alias The name of data to be removed
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_data()
* @see ckmc_get_data()
* @see ckmc_get_data_alias_list()
/**
* @brief Gets a data from key manager.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only data stored by the client.
- * @remarks You must destroy the newly created @a ppdata by calling ckmc_buffer_free() if it is no
+ * @remarks A client can only access data stored by the client.
+ * @remarks If policy contains password in ckmc_save_data(), the same password should be provided.
+ * @remarks The newly created @a ppdata must be destroyed by calling ckmc_buffer_free() if it is no
* longer needed.
- * @param[in] alias The name of a data to retrieve
- * @param[in] password The password used in decrypting a data value. If password of policy is
- * provided in ckmc_save_data(), the same password should be provided
+ *
+ * @param[in] alias The name of data to retrieve
+ * @param[in] password The password used in decrypting a data value
* @param[out] ppdata The pointer to a newly created ckmc_raw_buffer_s handle
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Decryption failed because password is incorrect
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
* @see ckmc_save_data()
* @see ckmc_remove_alias()
* @see ckmc_get_data_alias_list()
*/
-int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **ppdata);
+int ckmc_get_data(const char *alias,
+ const char *password,
+ ckmc_raw_buffer_s **ppdata);
/**
* @brief Gets all alias of data which the client can access.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks A client can access only data stored by the client.
- * @remarks You must destroy the newly created @a ppalias_list by calling ckmc_alias_list_all_free()
+ * @remarks A client can only access data stored by the client.
+ * @remarks If there is no available key alias, @a ppalias_list will be NULL on return.
+ * @remarks The newly created @a ppalias_list must be destroyed by calling ckmc_alias_list_all_free()
* if it is no longer needed.
+ *
* @param[out] ppalias_list The pointer to a newly created ckmc_alias_list_s handle containing all
- * available alias of keys. If there is no available key alias, *ppalias_list will be
- * NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * available alias of keys
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_data()
* @see ckmc_remove_alias()
* @see ckmc_get_data()
/**
* @brief Gets the information about all the aliases of data that the client can access.
+ *
* @since_tizen 5.5
- * @remarks A client can access only data stored by the client and the entries from system database
- * if it was explicitly permitted to.
- * @remarks You must destroy the newly created @a ppalias_list by calling
+ *
+ * @remarks A client can only access data stored by the client and the entries from system database
+ * if it was explicitly permitted to.
+ * @remarks The newly created @a ppalias_list must be destroyed by calling
* ckmc_alias_info_list_all_free() if it is no longer needed.
+ * @remarks If there is no available data alias the @a ppalias_list will be NULL on return.
+ *
* @param[out] ppalias_list The pointer to a newly created ckmc_alias_info_list_s handle containing
- * information about all data aliases. If there is no available data alias,
- * *ppalias_list will be NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * information about all data aliases
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Insufficient permissions to access key manager or to read
* the alias list
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_data()
* @see ckmc_remove_alias()
* @see ckmc_get_data()
/**
- * @brief Creates RSA private/public key pair and stores them inside key manager based on each
- * policy.
+ * @brief Creates RSA private/public key pair and stores them inside key manager based on each policy.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
+ * @remarks The supported sizes are: @c 1024, @c 2048, @c 3072 and @c 4096 bits.
* @remarks If password in the policy is provided, the key is additionally encrypted with the
* password in the policy.
- * @param[in] size The size of key strength to be created. @c 1024, @c 2048, @c 3072 and @c 4096 are
- * supported
+ *
+ * @param[in] size The size of key strength to be created
* @param[in] private_key_alias The name of private key to be stored
* @param[in] public_key_alias The name of public key to be stored
- * @param[in] policy_private_key The policy about how to store a private key securely
- * @param[in] policy_public_key The policy about how to store a public key securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] policy_private_key Private key storing policy
+ * @param[in] policy_public_key Public key storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_DB_ERROR Failed due to other DB transaction unexpectedly
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_create_key_pair_dsa()
* @see ckmc_create_key_pair_ecdsa()
* @see ckmc_create_signature()
/**
* @brief Creates DSA private/public key pair and stores them inside key manager based on each policy.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
+ * @remarks The supported sizes are: @c 1024, @c 2048, @c 3072 and (Since 7.0) @c 4096 bits.
* @remarks If password in the policy is provided, the key is additionally encrypted with the
* password in the policy.
- * @param[in] size The size of key strength to be created. @c 1024, @c 2048, @c 3072 (Since 7.0)
- * and @c 4096 are supported
+ *
+ * @param[in] size The size of key strength to be created
* @param[in] private_key_alias The name of private key to be stored
* @param[in] public_key_alias The name of public key to be stored
- * @param[in] policy_private_key The policy about how to store a private key securely
- * @param[in] policy_public_key The policy about how to store a public key securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] policy_private_key Private key storing policy
+ * @param[in] policy_public_key Public key storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_DB_ERROR Failed due to other DB transaction unexpectedly
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_key_pair_ecdsa()
* @see ckmc_create_signature()
/**
* @brief Creates ECDSA private/public key pair and stores them inside key manager based on each policy.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks If password in the policy is provided, the key is additionally encrypted with the
* password in the policy.
+ * @remarks Currently supported elliptic curves of ECDSA are: #CKMC_EC_PRIME192V1, #CKMC_EC_PRIME256V1,
+ * #CKMC_EC_SECP384R1
+ *
* @param[in] type The type of elliptic curve of ECDSA
* @param[in] private_key_alias The name of private key to be stored
* @param[in] public_key_alias The name of public key to be stored
- * @param[in] policy_private_key The policy about how to store a private key securely
- * @param[in] policy_public_key The policy about how to store a public key securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] policy_private_key Private key storing policy
+ * @param[in] policy_public_key Public key storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_DB_ERROR Failed due to other DB transaction unexpectedly
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_key_pair_dsa()
* @see ckmc_create_signature()
/**
* @brief Creates AES key and stores it inside key manager based on the policy.
+ *
* @since_tizen 3.0
+ *
+ * @remarks The supported sizes are: @c 128, @c 192 and @c 256 bits.
* @remarks If password in the policy is provided, the key is additionally encrypted with the
* password in the policy.
- * @param[in] size The size of key strength to be created. @c 128, @c 192 and @c 256 are supported
+ *
+ * @param[in] size The size of key strength to be created
* @param[in] key_alias The name of key to be stored
- * @param[in] key_policy The policy about how to store the key securely
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] key_policy Key storing policy
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_PERMISSION_DENIED Insufficient permissions to access key manager or to create
- * the key
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Insufficient permissions to access key manager or to create the key
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ALIAS_EXISTS Alias already exists
* @retval #CKMC_ERROR_DB_ERROR Failed due to other DB transaction unexpectedly
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_key_pair_dsa()
* @see ckmc_create_key_pair_ecdsa()
* @see #ckmc_policy_s
*/
-int ckmc_create_key_aes(size_t size, const char *key_alias, ckmc_policy_s key_policy);
+int ckmc_create_key_aes(size_t size,
+ const char *key_alias,
+ ckmc_policy_s key_policy);
/**
- * @brief Creates a signature on a given message using a private key and returns the signature.
+ * @brief Creates and returns a signature for a given message using a private key.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks If password of policy is provided during storing a key, the same password should be
- * provided.
- * @remarks You must destroy the newly created @a ppsignature by calling ckmc_buffer_free() if it is
+ * @remarks If policy contains password when storing a key, the same password should be provided.
+ * @remarks The newly created @a ppsignature must be destroyed by calling ckmc_buffer_free() if it is
* no longer needed.
+ * @remarks CKMC_HASH_NONE is invalid for DSA, ECDSA and RSA with X9.31 padding.
+ * @remarks If @a padding is CKMC_NONE_PADDING the user must use CKMC_HASH_NONE and the message must
+ * be equal to the key length.
+ * @remarks The @a padding is used only when the signature algorithm is RSA.
+ * @remarks If an error occurs the *@a ppsignature will be NULL on return.
+ *
* @param[in] private_key_alias The name of private key
* @param[in] password The password used in decrypting a private key value
* @param[in] message The message that is signed with a private key
- * @param[in] hash The hash algorithm used in creating signature. CKMC_HASH_NONE is invalid for DSA,
- * ECDSA and RSA with X9.31 padding
- * @param[in] padding The RSA padding algorithm used in creating signature. It is used only when the signature algorithm is RSA. If
- * @a padding is CKMC_NONE_PADDING you must use CKMC_HASH_NONE
- * and the message must be equal to key length
- * @param[out] ppsignature The pointer to a newly created signature. If an error occurs,
- * *ppsignature will be NULL
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] hash The hash algorithm used in signature creation
+ * @param[in] padding The RSA padding algorithm used in signature creation
+ * @param[out] ppsignature The pointer to a newly created signature
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Decryption failed because password is incorrect
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_key_pair_ecdsa()
* @see ckmc_verify_signature()
/**
- * @brief Verifies a given signature on a given message using a public key and returns the signature
- * status.
+ * @brief Verifies a given signature created for a given message using a public key and returns the
+ * signature's status.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks If password of policy is provided during storing a key, the same password should be
- * provided.
+ * @remarks If policy contains password when storing a key, the same password should be provided.
+ * @remarks CKMC_HASH_NONE is invalid for DSA, ECDSA and RSA with X9.31 padding.
+ * @remarks If @a padding is CKMC_NONE_PADDING the user must use CKMC_HASH_NONE and the message must
+ * be equal to key length.
+ * @remarks The @a padding is used only when the signature algorithm is RSA.
+ *
* @param[in] public_key_alias The name of public key
* @param[in] password The password used in decrypting a public key value
- * @param[in] message The input on which the signature is created
- * @param[in] signature The signature that is verified with public key
- * @param[in] hash The hash algorithm used in verifying signature. CKMC_HASH_NONE is invalid for
- * DSA, ECDSA & RSA with X9.31 padding
- * @param[in] padding The RSA padding algorithm used in verifying signature. It is used only when
- * the signature algorithm is RSA. If @a padding is CKMC_NONE_PADDING you must
- * use CKMC_HASH_NONE and the message must be equal to key length
- * @return @c 0 on success and the signature is valid,
- * otherwise a negative error value
+ * @param[in] message The message for which the signature is created
+ * @param[in] signature The signature to be verified with public key
+ * @param[in] hash The hash algorithm used in signature verification
+ * @param[in] padding The RSA padding algorithm used in signature verification
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Decryption failed because password is incorrect
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_key_pair_ecdsa()
* @see ckmc_create_signature()
/**
* @brief Verifies a certificate chain and returns that chain.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks The trusted root certificate of the chain should exist in the system's certificate
* storage.
- * @remarks You must destroy the newly created @a ppcert_chain_list by calling
+ * @remarks The newly created @a ppcert_chain_list must be destroyed by calling
* ckmc_cert_list_all_free() if it is no longer needed.
+ * @remarks If an error occurs the @a ppcert_chain_list will be NULL on return.
+ *
* @param[in] cert The certificate to be verified
* @param[in] untrustedcerts The untrusted CA certificates to be used in verifying a certificate
* chain
- * @param[out] ppcert_chain_list The pointer to a newly created certificate chain's handle. If an
- * error occurs, *ppcert_chain_list will be NULL
- * @return @c 0 on success and the signature is valid,
- * otherwise a negative error value
+ * @param[out] ppcert_chain_list The pointer to a newly created certificate chain's handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_INVALID_FORMAT The format of certificate is not valid
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Decryption failed because password is incorrect
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_cert_list_all_free()
*/
int ckmc_get_cert_chain(const ckmc_cert_s *cert,
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_get_cert_chain() instead]
- * @brief Verifies a certificate chain using an alias list of untrusted certificates and return that
+ *
+ * @brief Verifies a certificate chain using an alias list of untrusted certificates and returns that
* chain.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks The trusted root certificate of the chain should exist in the system's certificate
* storage.
- * @remarks You must destroy the newly created @a ppcert_chain_list by calling
+ * @remarks The newly created @a ppcert_chain_list must be destroyed by calling
* ckmc_cert_list_all_free() if it is no longer needed.
* @remarks @a untrustedcerts shouldn't be protected with optional password.
+ * @remarks If an error occurs the @a ppcert_chain_list will be NULL on return.
+ *
* @param[in] cert The certificate to be verified
* @param[in] untrustedcerts The alias list of untrusted CA certificates stored in key manager to be
- * used in verifying a certificate chain
- * @param[out] ppcert_chain_list The pointer to a newly created certificate chain's handle. If an
- * error occurs, *ppcert_chain_list will be NULL
- * @return @c 0 on success and the signature is valid,
- * otherwise a negative error value
+ * used to verify a certificate chain
+ * @param[out] ppcert_chain_list The pointer to a newly created certificate chain's handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_INVALID_FORMAT The format of certificate is not valid
* @retval #CKMC_ERROR_AUTHENTICATION_FAILED Some certificates were encrypted with password and
* could not be used
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_get_cert_chain()
* @see ckmc_cert_list_all_free()
*/
/**
* @brief Verifies a certificate chain and returns that chain using user-entered, trusted, and
* untrusted CA certificates.
+ *
* @since_tizen 2.4
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks If the trusted root certificates are provided as a user input, these certificates do not
* need to exist in the system's certificate storage.
- * @remarks You must destroy the newly created @a ppcert_chain_list by calling
+ * @remarks The newly created @a ppcert_chain_list must be destroyed by calling
* ckmc_cert_list_all_free() if it is no longer needed.
+ * @remarks If an error occurs the @a ppcert_chain_list will be NULL on return.
+ *
* @param[in] cert The certificate to be verified
- * @param[in] untrustedcerts The untrusted CA certificates to be used in verifying a certificate
- * chain
+ * @param[in] untrustedcerts The untrusted CA certificates to be used in verifying a certificate chain
* @param[in] trustedcerts The trusted CA certificates to be used in verifying a certificate chain
* @param[in] use_trustedsystemcerts The flag indicating the use of the trusted root certificates in
* the system's certificate storage
- * @param[out] ppcert_chain_list The pointer to a newly created certificate chain's handle. If an
- * error occurs, *ppcert_chain_list will be NULL
- * @return @c 0 on success and the signature is valid,
- * otherwise a negative error value
+ * @param[out] ppcert_chain_list The pointer to a newly created certificate chain's handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_INVALID_FORMAT The format of certificate is not valid
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_cert_list_all_free()
*/
int ckmc_get_cert_chain_with_trustedcert(const ckmc_cert_s *cert,
/**
* @deprecated Deprecated since 6.5. Use raw OpenSSL instead.
- * @brief Performs OCSP that checks certificate is whether revoked or not.
+ *
+ * @brief Performs OCSP that checks whether a certificate is revoked or not.
+ *
* @since_tizen 2.4
* @privlevel public
* @privilege %http://tizen.org/privilege/internet
+ *
* @remarks %http://tizen.org/privilege/internet (public level privilege) is required to use this
* function instead of %http://tizen.org/privilege/keymanager (public level privilege)
* since 3.0.
+ *
* @param[in] pcert_chain_list Valid certificate chain to perform OCSP check
- * @param[out] ocsp_status The pointer to status result of OCSP check
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[out] ocsp_status The pointer to the status of the result of OCSP check
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_NOT_SUPPORTED Device needed to run API is not supported
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
* @pre @a pcert_chain_list is created with ckmc_get_cert_chain() or
* ckmc_get_cert_chain_with_alias().
+ *
* @see ckmc_get_cert_chain())
* @see ckmc_cert_list_all_free()
*/
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_set_permission() instead]
+ *
* @brief Allows another application to access client's application data.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks Data identified by @a alias should exist.
+ *
* @param[in] alias Data alias for which access will be granted
* @param[in] accessor Package id of the application that will gain access rights
* @param[in] granted Rights granted for @a accessor application
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager or modify permissions
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_deny_access()
*/
int ckmc_allow_access(const char *alias,
/**
* @brief Allows another application to access client's application data.
+ *
* @since_tizen 2.4
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks Data identified by @a alias should exist.
+ * @remarks Previous permission mask will be replaced with the new mask value passed by @a permissions.
+ *
* @param[in] alias Data alias for which access will be granted
* @param[in] accessor Package id of the application that will gain access rights
- * @param[in] permissions Mask of permissions granted for @a accessor application
- * (#ckmc_permission_e)
- * (previous permission mask will be replaced with the new mask value)
- * @return @c 0 on success,
- * otherwise a negative error value
+ * @param[in] permissions Mask of permissions granted for @a accessor application (#ckmc_permission_e)
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager or modify permissions
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
*/
-int ckmc_set_permission(const char *alias, const char *accessor, int permissions);
+int ckmc_set_permission(const char *alias,
+ const char *accessor,
+ int permissions);
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_set_permission() instead]
+ *
* @brief Revokes another application's access to client's application data.
+ *
* @since_tizen 2.3
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
* @remarks Data identified by @a alias should exist.
* @remarks Only access previously granted with ckmc_allow_access() can be revoked.
+ *
* @param[in] alias Data alias for which access will be revoked
* @param[in] accessor Package id of the application that will lose access rights
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager or modify permissions
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid or the @a accessor doesn't have
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_allow_access()
* @see ckmc_set_permission()
*/
-int ckmc_deny_access(const char *alias, const char *accessor) TIZEN_DEPRECATED_API;
+int ckmc_deny_access(const char *alias,
+ const char *accessor) TIZEN_DEPRECATED_API;
/**
* @brief Removes an entry (no matter of type) from the key manager.
+ *
* @since_tizen 2.4
+ *
* @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to
* use this function since 3.0.
- * @remarks To remove item, client must have remove permission to the specified item.
- * @remarks The item owner can remove by default.
+ * @remarks To remove item, client must have removal permission to the specified item.
+ * @remarks The item owner can remove it by default.
+ *
* @param[in] alias Item alias to be removed
- * @return @c 0 on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager or the item to remove
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
* @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
* @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ *
* @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ *
* @see ckmc_save_key()
* @see ckmc_save_cert()
* @see ckmc_save_data()
* @since_tizen 3.0
*
* @remarks Key identified by @a key_alias should exist.
- * @remarks You must destroy @a ppencrypted with ckmc_buffer_free().
+ * @remarks If password of the policy is provided in ckmc_save_key(), the same password should be provided.
+ * @remarks In case of AES algorithm the backend may impose limit on the maximum size of processed data
+ * (ckmc_backend_get_max_chunk_size()).
+ * @remarks For RSA the size must be smaller or equal to:
+ * key size in bytes - 2 * hash function output size in bytes - 2.
+ * Example: for 1024 RSA key and hash SHA1 the maximum data size is 1024/8 - 2*160/8 = 86.
+ * @remarks The @a ppencrypted must be destroyed with ckmc_buffer_free().
+ * @remarks In #CKMC_ALGO_AES_GCM mode the @a ppencrypted includes the GCM tag appended at the end.
*
* @param[in] params Algorithm parameter list handle. See #ckmc_param_list_h and #ckmc_algo_type_e
* for details. Supported algorithms:
* - #CKMC_ALGO_AES_CFB,
* - #CKMC_ALGO_RSA_OAEP
* @param[in] key_alias Alias of the key to be used for encryption
- * @param[in] password The password used in decrypting a key value. If password of the policy is
- * provided in ckmc_save_key(), the same password should be provided
- * @param[in] decrypted Data to be encrypted. In case of AES algorithm the backend may impose limit
- * on the maximum size of processed data (ckmc_backend_get_max_chunk_size()).
- * For RSA the size must be smaller or equal to
- * key size in bytes - 2* hash function output size in bytes - 2.
- * Example: for 1024 RSA key and hash SHA1 the maximum data size is
- * 1024/8 - 2*160/8 = 86.
- * @param[out] ppencrypted Encrypted data. In #CKMC_ALGO_AES_GCM mode it includes the GCM tag
- * appended at the end.
+ * @param[in] password The password used in decrypting a key value
+ * @param[in] decrypted Data to be encrypted
+ * @param[out] ppencrypted Encrypted data
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @since_tizen 3.0
*
* @remarks Key identified by @a key_alias should exist.
- * @remarks You must destroy @a ppdecrypted with ckmc_buffer_free().
+ * @remarks The @a ppdecrypted must be destroyed with ckmc_buffer_free().
*
- * @param[in] params Algorithm parameter list handle. You should use the same parameters that were
+ * @param[in] params Algorithm parameter list handle. User should use the same parameters that were
* used for encryption. See #ckmc_param_list_h and #ckmc_algo_type_e for details.
* Supported algorithms:
* - #CKMC_ALGO_AES_CTR,
* wrapped form.
* @remarks Note that the backend may impose limit on the maximum size of @a wrapped_key
* (ckmc_backend_get_max_chunk_size()).
+ * @remarks #CKMC_ALGO_AES_GCM mode requires GCM tag to be appended at the end of the @a wrapped_key.
*
* @param[in] params Algorithm parameter list handle. See #ckmc_param_list_h and #ckmc_algo_type_e
* for details. Supported algorithms:
* @param[in] wrapping_key_alias The name of the wrapping key.
* @param[in] wrapping_key_password An optional password of the wrapping key
* @param[in] alias The name of a key to be stored
- * @param[in] wrapped_key The wrapped key to be unwrapped and stored. #CKMC_ALGO_AES_GCM mode
- * requires GCM tag to be appended at the end of the @a wrapped_key.
- * @param[in] policy The policy about how to store a key securely
+ * @param[in] wrapped_key The wrapped key to be unwrapped and stored
+ * @param[in] policy Key storing policy
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* Example: for 1024 RSA wrapping key and hash SHA384 the key size must be smaller than:
* 1024 - 2*384 - 16 = 240 bits.
* @remarks Considering the key size limit it's recommended to use RSA key longer than @c 1024 bits.
+ * @remarks In #CKMC_ALGO_AES_GCM mode the @a ppwrapped_key includes the GCM tag appended at the end.
*
* @param[in] params Algorithm parameter list handle. See #ckmc_param_list_h and #ckmc_algo_type_e
* for details. Supported algorithms:
* @param[in] wrapping_key_password An optional password of the wrapping key
* @param[in] alias The name of the key to be wrapped and exported
* @param[in] password An optional password used to decrypt the key pointed by @a alias
- * @param[out] ppwrapped_key The wrapped key. In #CKMC_ALGO_AES_GCM mode it includes the GCM tag
- * appended at the end.
+ * @param[out] ppwrapped_key The wrapped key
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
*
* @remarks The newly created @a context must be destroyed using ckmc_cipher_free() when it's no
* longer needed.
+ * @remarks The @a context must point to NULL if it's the first call. Otherwise, it must point to
+ * the previously returned context.
* @remarks To perform the encryption/decryption, one or more calls to ckmc_cipher_update() must be
* folowed by one call to ckmc_cipher_finalize().
* @remarks To pass #CKMC_PARAM_ED_AAD in multiple chunks call the ckmc_cipher_initialize() multiple
* @param[in] key_alias Alias of the key to be used for encryption/decryption
* @param[in] key_password Optional password of the key used for encryption/decryption
* @param[in] encrypt Encryption/decryption switch (true=encryption, false=decryption)
- * @param[out] context Encryption/decryption context. Must point to NULL if it's the first call.
- * Otherwise, it must point to the previously returned context.
+ * @param[out] context Encryption/decryption context
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @remarks The function may be called multiple times to encrypt succcessive blocks of data.
* @remarks The newly created @a ppout must be destroyed using ckmc_buffer_free() when it's no
* longer needed.
+ * @remarks The @a ppout will be set to NULL if the output is empty.
* @remarks Note that the backend may impose limit on the maximum size of processed data
* (ckmc_backend_get_max_chunk_size()).
*
* @param[in] context Encryption/decryption context created with ckmc_cipher_initialize()
* @param[in] in Encryption/decryption input
- * @param[out] ppout Encryption/decryption output. Will be set to NULL if the output is empty.
+ * @param[out] ppout Encryption/decryption output
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @remarks When using #CKMC_ALGO_AES_GCM decryption the GCM tag must be passed as @a in. In other
* cases @a in should be set to NULL.
* @remarks When using #CKMC_ALGO_AES_GCM encryption the GCM tag will be returned in @a ppout.
+ * @remarks The @a ppout will be set to NULL if the output is empty.
*
* @param[in] context Encryption/decryption context created with ckmc_cipher_initialize()
- * @param[in] in Optional additional decryption input required by some of the modes.
- * @param[out] ppout Encryption/decryption output. Will be set to NULL if the output is empty.
+ * @param[in] in Optional additional decryption input required by some of the modes
+ * @param[out] ppout Encryption/decryption output
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @see ckmc_backend_get_max_chunk_size()
* @see ckmc_backend_info_free()
*/
-int ckmc_get_backend_info(ckmc_backend_id_e backend, ckmc_backend_info_h* ppinfo);
+int ckmc_get_backend_info(ckmc_backend_id_e backend,
+ ckmc_backend_info_h* ppinfo);
#ifdef __cplusplus
}
/*
* Note: on tizen 3.0 owner id is equal to pkgId.
- * Preinstalled system(uid < 5000) and user (uid >= 5000) applications
- * does not have any pkgId. That's why ckm uses special "virtual"
+ * Preinstalled system (uid < 5000) and user (uid >= 5000) applications
+ * do not have any pkgId. That's why ckm uses special "virtual"
* pkgid for them. The virtual strings are defined under:
* ckmc_owner_id_system
*/
/**
* @deprecated Deprecated since 3.0. [Use ckmc_owner_id_separator instead]
+ *
* @brief Separator between alias and label.
+ *
* @since_tizen 2.3
+ *
* @remarks Alias can be provided as an alias alone, or together with label - in this
* case, separator " " (space bar) is used to separate label and alias.
+ *
* @see #ckmc_owner_id_separator
*/
KEY_MANAGER_CAPI extern char const *const ckmc_label_name_separator;
/**
* @brief Separator between alias and owner id.
+ *
* @since_tizen 3.0
+ *
* @remarks Alias can be provided as an alias alone, or together with owner id.
* In this case, separator " " (space bar) is used to separate id and alias.
+ *
* @see ckmc_alias_new()
*/
KEY_MANAGER_CAPI extern char const *const ckmc_owner_id_separator;
/**
* @brief The owner of system database.
+ *
* @since_tizen 3.0
+ *
* @remarks #ckmc_owner_id_system contains id connected with all system applications that run with
* uid less than 5000. Client should use #ckmc_owner_id_system to access data owned by
* system application and stored in system database. Client must have permission to access
* proper row.
+ *
* @see ckmc_alias_new()
*/
KEY_MANAGER_CAPI extern char const *const ckmc_owner_id_system;
/**
* @brief Enumeration for key types of key manager.
+ *
* @since_tizen 2.3
*/
typedef enum __ckmc_key_type {
- CKMC_KEY_NONE = 0, /**< Key type not specified */
- CKMC_KEY_RSA_PUBLIC, /**< RSA public key */
- CKMC_KEY_RSA_PRIVATE, /**< RSA private key */
- CKMC_KEY_ECDSA_PUBLIC, /**< ECDSA public key */
- CKMC_KEY_ECDSA_PRIVATE, /**< ECDSA private key */
- CKMC_KEY_DSA_PUBLIC, /**< DSA public key */
- CKMC_KEY_DSA_PRIVATE, /**< DSA private key */
- CKMC_KEY_AES, /**< AES key */
- CKMC_KEY_KEM_PUBLIC, /**< KEM public key (Since 7.0) */
- CKMC_KEY_KEM_PRIVATE /**< KEM private key (Since 7.0) */
+ CKMC_KEY_NONE = 0, /**< Key type not specified */
+ CKMC_KEY_RSA_PUBLIC, /**< RSA public key */
+ CKMC_KEY_RSA_PRIVATE, /**< RSA private key */
+ CKMC_KEY_ECDSA_PUBLIC, /**< ECDSA public key */
+ CKMC_KEY_ECDSA_PRIVATE, /**< ECDSA private key */
+ CKMC_KEY_DSA_PUBLIC, /**< DSA public key */
+ CKMC_KEY_DSA_PRIVATE, /**< DSA private key */
+ CKMC_KEY_AES, /**< AES key */
+ CKMC_KEY_KEM_PUBLIC, /**< KEM public key (Since 7.0) */
+ CKMC_KEY_KEM_PRIVATE /**< KEM private key (Since 7.0) */
} ckmc_key_type_e;
/**
* @brief Enumeration for KEM types.
+ *
* @since_tizen 7.0
*/
typedef enum __ckmc_kem_type {
- CKMC_ML_KEM_768 = 0, /**< ML-KEM-768 algorithm type */
- CKMC_ML_KEM_1024 /**< ML-KEM-1024 algorithm type */
+ CKMC_ML_KEM_768 = 0, /**< ML-KEM-768 algorithm type */
+ CKMC_ML_KEM_1024 /**< ML-KEM-1024 algorithm type */
} ckmc_kem_type_e;
/**
* @brief Enumeration for data format.
+ *
* @since_tizen 2.3
+ *
+ * @remarks PEM encoded data consists of the DER format base64 encoded with additional
+ * header and footer lines.
*/
typedef enum __ckmc_data_format {
- CKMC_FORM_DER_BASE64 = 0, /**< DER format base64 encoded data */
- CKMC_FORM_DER, /**< DER encoded data */
- CKMC_FORM_PEM /**< PEM encoded data. It consists of the DER format base64 encoded
- with additional header and footer lines. */
+ CKMC_FORM_DER_BASE64 = 0, /**< DER format base64 encoded data */
+ CKMC_FORM_DER, /**< DER encoded data */
+ CKMC_FORM_PEM /**< PEM encoded data */
} ckmc_data_format_e;
/**
* @brief Enumeration for elliptic curve.
+ *
* @since_tizen 2.3
*/
typedef enum __ckmc_ec_type {
- CKMC_EC_PRIME192V1 = 0, /**< Elliptic curve domain "secp192r1" listed in "SEC 2" recommended
- elliptic curve domain */
- CKMC_EC_PRIME256V1, /**< "SEC 2" recommended elliptic curve domain - secp256r1 */
- CKMC_EC_SECP384R1 /**< NIST curve P-384 (covers "secp384r1"), the elliptic curve domain
- listed in See SEC 2 */
+ CKMC_EC_PRIME192V1 = 0, /**< Elliptic curve domain "secp192r1" recommended and listed in "SEC 2" */
+ CKMC_EC_PRIME256V1, /**< Elliptic curve domain "secp256r1" recommended and listed in "SEC 2" */
+ CKMC_EC_SECP384R1 /**< Elliptic curve domain NIST curve P-384 (covers "secp384r1"),
+ recommended and listed in "SEC 2" */
} ckmc_ec_type_e;
/**
* @brief Enumeration for hash algorithm.
+ *
* @since_tizen 2.3
*/
typedef enum __ckmc_hash_algo {
- CKMC_HASH_NONE = 0, /**< No Hash Algorithm */
- CKMC_HASH_SHA1, /**< Hash Algorithm SHA1 */
- CKMC_HASH_SHA256, /**< Hash Algorithm SHA256 */
- CKMC_HASH_SHA384, /**< Hash Algorithm SHA384 */
- CKMC_HASH_SHA512 /**< Hash Algorithm SHA512 */
+ CKMC_HASH_NONE = 0, /**< No Hash Algorithm */
+ CKMC_HASH_SHA1, /**< SHA1 Hash Algorithm */
+ CKMC_HASH_SHA256, /**< SHA256 Hash Algorithm */
+ CKMC_HASH_SHA384, /**< SHA384 Hash Algorithm */
+ CKMC_HASH_SHA512 /**< SHA512 Hash Algorithm */
} ckmc_hash_algo_e;
/**
* @brief Enumeration for RSA padding algorithm.
+ *
* @since_tizen 2.3
*/
typedef enum __ckmc_rsa_padding_algo {
- CKMC_NONE_PADDING = 0, /**< No Padding */
- CKMC_PKCS1_PADDING, /**< PKCS#1 Padding */
- CKMC_X931_PADDING /**< X9.31 padding */
+ CKMC_NONE_PADDING = 0, /**< No Padding */
+ CKMC_PKCS1_PADDING, /**< PKCS#1 Padding */
+ CKMC_X931_PADDING /**< X9.31 padding */
} ckmc_rsa_padding_algo_e;
/**
* @deprecated Deprecated since 2.4
* [Use #ckmc_permission_e instead]
+ *
* @brief Enumeration for database access rights.
+ *
* @since_tizen 2.3
*/
typedef enum __ckmc_access_right {
- CKMC_AR_READ = 0, /**< Access right for read*/
- CKMC_AR_READ_REMOVE /**< Access right for read and remove*/
+ CKMC_AR_READ = 0, /**< Access right for read*/
+ CKMC_AR_READ_REMOVE /**< Access right for read and remove*/
} ckmc_access_right_e;
/**
* @brief Enumeration for permissions to access/modify alias.
+ *
* @since_tizen 2.4
*/
typedef enum __ckmc_permission {
- CKMC_PERMISSION_NONE = 0x00, /**< Clear permissions */
- CKMC_PERMISSION_READ = 0x01, /**< Read allowed */
- CKMC_PERMISSION_REMOVE = 0x02 /**< Remove allowed */
+ CKMC_PERMISSION_NONE = 0x00, /**< Clear permissions */
+ CKMC_PERMISSION_READ = 0x01, /**< Read allowed */
+ CKMC_PERMISSION_REMOVE = 0x02 /**< Remove allowed */
} ckmc_permission_e;
+
/**
* @brief The structure for binary buffer used in key manager CAPI.
+ *
* @since_tizen 2.3
*/
typedef struct __ckmc_raw_buff {
- unsigned char *data; /**< Byte array containing binary data */
- size_t size; /**< The size of the binary data */
+ unsigned char *data; /**< Byte array containing binary data */
+ size_t size; /**< The size of the binary data */
} ckmc_raw_buffer_s;
/**
* @brief The structure for a policy for storing key/certificate/binary data.
+ *
* @since_tizen 2.3
+ *
+ * @remarks If @a password is not NULL, the data (or key, or certificate) is stored encrypted
+ * with this password inside key manager.
+ * @remarks If @a extractable is equal to true the key may be extracted from storage.
+ *
*/
typedef struct __ckmc_policy {
- char *password; /**< Byte array used to encrypt data inside CKM. If it is not NULL, the data
- (or key, or certificate) is stored encrypted with this password inside
- key manager */
- bool extractable; /**< If true key may be extracted from storage */
+ char *password; /**< Byte array used to encrypt data inside CKM*/
+ bool extractable; /**< Flag to decide if the key can be extracted from storage or not */
} ckmc_policy_s;
/**
* @brief The structure for key used in key manager CAPI.
+ *
* @since_tizen 2.3
+ *
+ * @remarks @a raw_key may be encrypted with password.
+ *
*/
typedef struct __ckmc_key {
- unsigned char
- *raw_key; /**< Byte array of key. raw_key may be encrypted with password */
- size_t key_size; /**< The byte size of raw_key */
- ckmc_key_type_e key_type; /**< The raw_key's type */
- char *password; /**< Byte array used to decrypt data raw_key inside key manager. */
+ unsigned char
+ *raw_key; /**< Byte array of key*/
+ size_t key_size; /**< The byte size of raw_key */
+ ckmc_key_type_e key_type; /**< The raw_key's type */
+ char *password; /**< Byte array used to decrypt data in raw_key inside key manager. */
} ckmc_key_s;
/**
* @brief The structure for certificate used in key manager CAPI.
+ *
* @since_tizen 2.3
*/
typedef struct __ckmc_cert {
- unsigned char *raw_cert; /**< Byte array of certificate */
- size_t cert_size; /**< Byte size of raw_cert */
- ckmc_data_format_e data_format; /**< Raw_cert's encoding format */
+ unsigned char *raw_cert; /**< Byte array of certificate */
+ size_t cert_size; /**< Byte size of raw_cert */
+ ckmc_data_format_e data_format; /**< Raw_cert's encoding format */
} ckmc_cert_s;
/**
* @brief The structure for linked list of alias.
+ *
* @since_tizen 2.3
*/
typedef struct __ckmc_alias_list {
- char *alias; /**< The name of key, certificate or data stored in key manager */
- struct __ckmc_alias_list *next; /**< The pointer pointing to the next #ckmc_alias_list_s */
+ char *alias; /**< The name of key, certificate or data stored in key manager */
+ struct __ckmc_alias_list *next; /**< The pointer to the next item in alias list */
} ckmc_alias_list_s;
+
struct ckmc_alias_info_s;
/**
* @brief The structure of alias and additional information about it.
+ *
* @since_tizen 5.5
*/
typedef struct ckmc_alias_info_s ckmc_alias_info_s;
+
/**
* @brief The structure for linked list of alias with additional information.
+ *
* @since_tizen 5.5
*/
typedef struct __ckmc_alias_info_list_s {
- struct ckmc_alias_info_s* info; /**< The pointer pointing to the alias structure with additional
- information */
- struct __ckmc_alias_info_list_s* next; /**< The pointer pointing to the next
- #ckmc_alias_info_list_s */
+ struct ckmc_alias_info_s* info; /**< The pointer to the alias structure with additional information */
+ struct __ckmc_alias_info_list_s* next; /**< The pointer to the next item in alias info list */
} ckmc_alias_info_list_s;
/**
- * @brief The structure for linked list of #ckmc_cert_s.
+ * @brief The structure for linked list of certificate.
+ *
* @since_tizen 2.3
*/
typedef struct __ckmc_cert_list {
- ckmc_cert_s *cert; /**< The pointer of #ckmc_cert_s */
- struct __ckmc_cert_list *next; /**< The pointer pointing to the next #ckmc_cert_list_s */
+ ckmc_cert_s *cert; /**< The pointer to the certificate */
+ struct __ckmc_cert_list *next; /**< The pointer to the next item on certificate list */
} ckmc_cert_list_s;
/**
* @brief Enumeration for OCSP status.
+ *
* @since_tizen 2.4
*/
typedef enum __ckmc_ocsp_status {
- CKMC_OCSP_STATUS_GOOD = 0, /**< OCSP status is good */
- CKMC_OCSP_STATUS_REVOKED, /**< The certificate is revoked */
- CKMC_OCSP_STATUS_UNKNOWN, /**< Unknown error */
- CKMC_OCSP_ERROR_UNSUPPORTED, /**< The certificate does not provide OCSP extension */
- CKMC_OCSP_ERROR_INVALID_URL, /**< The invalid URL in certificate OCSP extension */
- CKMC_OCSP_ERROR_INVALID_RESPONSE, /**< The invalid response from OCSP server */
- CKMC_OCSP_ERROR_REMOTE, /**< OCSP remote server error */
- CKMC_OCSP_ERROR_NET, /**< Network connection error */
- CKMC_OCSP_ERROR_INTERNAL /**< OpenSSL API error */
+ CKMC_OCSP_STATUS_GOOD = 0, /**< OCSP status is good */
+ CKMC_OCSP_STATUS_REVOKED, /**< The certificate is revoked */
+ CKMC_OCSP_STATUS_UNKNOWN, /**< Unknown error */
+ CKMC_OCSP_ERROR_UNSUPPORTED, /**< The certificate does not provide OCSP extension */
+ CKMC_OCSP_ERROR_INVALID_URL, /**< The invalid URL in certificate OCSP extension */
+ CKMC_OCSP_ERROR_INVALID_RESPONSE, /**< The invalid response from OCSP server */
+ CKMC_OCSP_ERROR_REMOTE, /**< OCSP remote server error */
+ CKMC_OCSP_ERROR_NET, /**< Network connection error */
+ CKMC_OCSP_ERROR_INTERNAL /**< OpenSSL API error */
} ckmc_ocsp_status_e;
/**
* @brief The structure for PKCS12 used in key manager CAPI.
+ *
* @since_tizen 2.4
+ *
+ * @remarks The @a priv_key, @a cert and @a ca_chain may be NULL.
*/
typedef struct __ckmc_pkcs12 {
- ckmc_key_s *priv_key; /**< The private key, may be NULL */
- ckmc_cert_s *cert; /**< The certificate, may be NULL */
- ckmc_cert_list_s *ca_chain; /**< The chain certificate list, may be NULL */
+ ckmc_key_s *priv_key; /**< The private key structure */
+ ckmc_cert_s *cert; /**< The certificate structure */
+ ckmc_cert_list_s *ca_chain; /**< The chain certificate list structure */
} ckmc_pkcs12_s;
/**
* @brief Enumeration for crypto algorithm parameters.
+ *
* @since_tizen 3.0
+ *
* @see #ckmc_algo_type_e
+ * @see #ckmc_key_s
+ * @see #ckmc_kdf_prf_e
+ * @see #ckmc_kbkdf_mode_e
+ * @see #ckmc_kbkdf_counter_location_e
+ * @see #ckmc_kem_type_e
+ * @see #__ckmc_hash_algo
*/
typedef enum __ckmc_param_name {
- CKMC_PARAM_ALGO_TYPE = 1, /**< integer - type of algorithm (see #ckmc_algo_type_e) */
-
- CKMC_PARAM_ED_IV = 101, /**< buffer - initialization vector */
- CKMC_PARAM_ED_CTR_LEN, /**< integer - ctr length in bits*/
- CKMC_PARAM_ED_AAD, /**< buffer - Additional Authentication Data for AES GCM */
- CKMC_PARAM_ED_TAG_LEN, /**< integer - tag length in bits */
- CKMC_PARAM_ED_LABEL, /**< buffer - RSA OAEP label (not supported at the moment) */
- CKMC_PARAM_ED_OAEP_HASH, /**< integer - function to be used both as Label and MGF hash function
- in OAEP padding (see #__ckmc_hash_algo). If not given, the default
- #CKMC_HASH_SHA1 is used. (Since 6.0) */
-
- CKMC_PARAM_KDF_PRF = 401, /**< integer - pseudo-random function number (see #ckmc_kdf_prf_e)
- (Since 6.0) */
- CKMC_PARAM_KDF_LEN, /**< integer - length of the derived key in bytes. The value must be one of
- {16, 24, 32} (Since 6.0) */
-
- CKMC_PARAM_KBKDF_MODE, /**< integer - KDF mode number (see #ckmc_kbkdf_mode_e) (Since 6.0) */
- CKMC_PARAM_KBKDF_LABEL, /**< buffer - the purpose for the derived key. Conflicts with
- #CKMC_PARAM_KBKDF_FIXED_INPUT (Since 6.0) */
-
- CKMC_PARAM_KBKDF_CONTEXT, /**< buffer - information related to the derived key. Conflicts with
- #CKMC_PARAM_KBKDF_FIXED_INPUT (Since 6.0) */
-
- CKMC_PARAM_KBKDF_FIXED_INPUT, /**< buffer - KBKDF fixed input replacing context and label
- (Since 6.0). Conflicts with:
- - #CKMC_PARAM_KBKDF_LABEL,
- - #CKMC_PARAM_KBKDF_CONTEXT,
- - #CKMC_PARAM_KBKDF_LLEN,
- - #CKMC_PARAM_KBKDF_NO_SEPARATOR */
- CKMC_PARAM_KBKDF_COUNTER_LOCATION, /**< integer - specifies location of the counter in KBKDF
- (see #ckmc_kbkdf_counter_location_e) (Since 6.0) */
- CKMC_PARAM_KBKDF_RLEN, /**< integer - specifies the length of the counter representation in bits
- in KBKDF. The value must be one of {8, 16, 24, 32}. If not set, the
- default value = 32 will be used. (Since 6.0) */
- CKMC_PARAM_KBKDF_LLEN, /**< integer - specifies the length of the length suffix representation
- in bits in KBKDF. The value must be one of {0, 8, 16, 24, 32}. If set to
- 0 the length suffix will be skipped. If not set, the default value = 32
- will be used. The length suffix is skipped if
- #CKMC_PARAM_KBKDF_FIXED_INPUT is passed and this parameter conflicts
- with it. (Since 6.0) */
- CKMC_PARAM_KBKDF_NO_SEPARATOR, /**< integer - presence of this parameter will skip the zero
- octet separator between label and context in KBKDF.
- All values are allowed. This parameter conflicts with
- #CKMC_PARAM_KBKDF_FIXED_INPUT. (Since 6.0) */
-
- CKMC_PARAM_ECDH_PUBKEY, /**< buffer - EC public key in DER form (see #ckmc_key_s) (Since 6.0) */
-
- CKMC_PARAM_KEM_TYPE, /**< integer - specifies the KEM type (see #ckmc_kem_type_e) (Since 7.0) */
+ CKMC_PARAM_ALGO_TYPE = 1, /**< Integer - type of algorithm */
+
+ CKMC_PARAM_ED_IV = 101, /**< Buffer - initialization vector */
+ CKMC_PARAM_ED_CTR_LEN, /**< Integer - ctr length in bits */
+ CKMC_PARAM_ED_AAD, /**< Buffer - Additional Authentication Data for AES GCM */
+ CKMC_PARAM_ED_TAG_LEN, /**< Integer - tag length in bits */
+ CKMC_PARAM_ED_LABEL, /**< Buffer - RSA OAEP label (not supported at the moment) */
+ CKMC_PARAM_ED_OAEP_HASH, /**< Integer - function to be used both as Label and MGF hash function
+ in OAEP padding. If not given, the default #CKMC_HASH_SHA1 is used (Since 6.0) */
+
+ CKMC_PARAM_KDF_PRF = 401, /**< Integer - pseudo-random function number (Since 6.0) */
+ CKMC_PARAM_KDF_LEN, /**< Integer - length of the derived key in bytes. The value must be one of
+ {16, 24, 32} (Since 6.0) */
+
+ CKMC_PARAM_KBKDF_MODE, /**< Integer - KDF mode number (Since 6.0) */
+ CKMC_PARAM_KBKDF_LABEL, /**< Buffer - the purpose for the derived key. Conflicts with
+ #CKMC_PARAM_KBKDF_FIXED_INPUT (Since 6.0) */
+ CKMC_PARAM_KBKDF_CONTEXT, /**< Buffer - information related to the derived key. Conflicts with
+ #CKMC_PARAM_KBKDF_FIXED_INPUT (Since 6.0) */
+ CKMC_PARAM_KBKDF_FIXED_INPUT, /**< Buffer - KBKDF fixed input replacing context and label
+ (Since 6.0). Conflicts with:
+ - #CKMC_PARAM_KBKDF_LABEL,
+ - #CKMC_PARAM_KBKDF_CONTEXT,
+ - #CKMC_PARAM_KBKDF_LLEN,
+ - #CKMC_PARAM_KBKDF_NO_SEPARATOR */
+ CKMC_PARAM_KBKDF_COUNTER_LOCATION, /**< Integer - specifies location of the counter in KBKDF (Since 6.0) */
+ CKMC_PARAM_KBKDF_RLEN, /**< Integer - specifies the length of the counter representation in bits
+ in KBKDF. The value must be one of {8, 16, 24, 32}. If not set, the
+ default value = 32 will be used. (Since 6.0) */
+ CKMC_PARAM_KBKDF_LLEN, /**< Integer - specifies the extent of the length suffix representation
+ in bits in KBKDF. The value must be one of {0, 8, 16, 24, 32}. If set to
+ 0 the length suffix will be skipped. If not set, the default value = 32
+ will be used. The length suffix is skipped if
+ #CKMC_PARAM_KBKDF_FIXED_INPUT is passed and this parameter conflicts
+ with it. (Since 6.0) */
+ CKMC_PARAM_KBKDF_NO_SEPARATOR, /**< Integer - presence of this parameter will skip the zero
+ octet separator between label and context in KBKDF.
+ All values are allowed. This parameter conflicts with
+ #CKMC_PARAM_KBKDF_FIXED_INPUT. (Since 6.0) */
+
+ CKMC_PARAM_ECDH_PUBKEY, /**< Buffer - EC public key in DER form (Since 6.0) */
+
+ CKMC_PARAM_KEM_TYPE, /**< Integer - specifies the KEM type (Since 7.0) */
} ckmc_param_name_e;
/**
* @brief Enumeration for key derivation function pseudo-random function parameter.
+ *
* @since_tizen 6.0
*
* @see ckmc_key_derive()
* @see #ckmc_param_name_e
*/
typedef enum __ckmc_kdf_prf {
- CKMC_KDF_PRF_HMAC_SHA256 = 1, /**< HMAC SHA256 */
- CKMC_KDF_PRF_HMAC_SHA384, /**< HMAC SHA384 */
- CKMC_KDF_PRF_HMAC_SHA512, /**< HMAC SHA512 */
+ CKMC_KDF_PRF_HMAC_SHA256 = 1, /**< HMAC SHA256 */
+ CKMC_KDF_PRF_HMAC_SHA384, /**< HMAC SHA384 */
+ CKMC_KDF_PRF_HMAC_SHA512, /**< HMAC SHA512 */
} ckmc_kdf_prf_e;
/**
* @brief Enumeration for key based key derivation function mode.
+ *
* @since_tizen 6.0
*
* @see ckmc_key_derive()
/**
* @brief Enumeration for KBKDF counter location relative to fixed input.
+ *
* @since_tizen 6.0
*
* @see ckmc_key_derive()
* @see #ckmc_param_name_e
*/
typedef enum __ckmc_kbkdf_counter_location {
- CKMC_KBKDF_COUNTER_BEFORE_FIXED = 1, /**< Counter is located before fixed input */
- CKMC_KBKDF_COUNTER_AFTER_FIXED, /**< Counter is located after fixed input */
- CKMC_KBKDF_COUNTER_MIDDLE_FIXED, /**< Counter is located in the middle of the fixed input
- (between context and label). This setting requires setting
- #CKMC_PARAM_KBKDF_LABEL and #CKMC_PARAM_KBKDF_CONTEXT and
- conflicts with #CKMC_PARAM_KBKDF_FIXED_INPUT. If this location
- is used the separator will be skipped regardless of the
- #CKMC_PARAM_KBKDF_NO_SEPARATOR parameter */
+ CKMC_KBKDF_COUNTER_BEFORE_FIXED = 1, /**< Counter is located before fixed input */
+ CKMC_KBKDF_COUNTER_AFTER_FIXED, /**< Counter is located after fixed input */
+ CKMC_KBKDF_COUNTER_MIDDLE_FIXED, /**< Counter is located in the middle of the fixed input
+ (between context and label). This setting requires setting
+ #CKMC_PARAM_KBKDF_LABEL and #CKMC_PARAM_KBKDF_CONTEXT and
+ conflicts with #CKMC_PARAM_KBKDF_FIXED_INPUT. If this location
+ is used the separator will be skipped regardless of the
+ #CKMC_PARAM_KBKDF_NO_SEPARATOR parameter */
} ckmc_kbkdf_counter_location_e;
/**
* @brief Algorithm parameter list handle.
+ *
* @since_tizen 3.0
+ *
* @remarks Each parameter list must have at least one #CKMC_PARAM_ALGO_TYPE parameter that
* identifies the algorithm. See #ckmc_algo_type_e for available algorithms and additional
* parameters they support.
+ *
* @see ckmc_generate_new_params()
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_integer()
/**
* @brief Enumeration for crypto algorithm types.
+ *
* @since_tizen 3.0
+ *
* @see #ckmc_param_name_e
+ * @see #ckmc_kdf_prf_e
+ * @see #ckmc_kbkdf_mode_e
+ * @see #ckmc_kbkdf_counter_location_e
+ * @see #ckmc_key_s
+ * @see #ckmc_kem_type_e
+ * @see #__ckmc_hash_algo
*/
typedef enum __ckmc_algo_type {
- CKMC_ALGO_AES_CTR = 1, /**< AES-CTR algorithm
+ CKMC_ALGO_AES_CTR = 1, /**< AES-CTR algorithm
Supported parameters:
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_AES_CTR (mandatory),
- #CKMC_PARAM_ED_IV = 16-byte initialization vector (mandatory)
- #CKMC_PARAM_ED_CTR_LEN = length of counter block in bits
(optional, only 128b is supported at the moment) */
- CKMC_ALGO_AES_CBC, /**< AES-CBC algorithm
+ CKMC_ALGO_AES_CBC, /**< AES-CBC algorithm
Supported parameters:
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_AES_CBC (mandatory),
- #CKMC_PARAM_ED_IV = 16-byte initialization vector (mandatory) */
- CKMC_ALGO_AES_GCM, /**< AES-GCM algorithm
+ CKMC_ALGO_AES_GCM, /**< AES-GCM algorithm
Supported parameters:
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_AES_GCM (mandatory),
- #CKMC_PARAM_ED_IV = 1 to (2^64-1) bytes long initialization vector.
(ckmc_backend_get_max_chunk_size()). Recommended length is 12B (mandatory)
- #CKMC_PARAM_ED_TAG_LEN = GCM tag length in bits. One of
{32, 64, 96, 104, 112, 120, 128} (optional, if not present, the
- length 128 is used; since Tizen 5.0, if TrustZone backend is used,
+ length 128 is used; (Since 5.0) if TrustZone backend is used,
32 and 64 lengths are not supported)
- #CKMC_PARAM_ED_AAD = additional authentication data. Note that the backend
may impose limit on the maximum size (ckmc_backend_get_max_chunk_size())
(optional) */
- CKMC_ALGO_AES_CFB, /**< AES-CFB algorithm
+ CKMC_ALGO_AES_CFB, /**< AES-CFB algorithm
Supported parameters:
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_AES_CFB (mandatory),
- #CKMC_PARAM_ED_IV = 16-byte initialization vector (mandatory) */
- CKMC_ALGO_RSA_OAEP, /**< RSA-OAEP algorithm (EME-OAEP as defined in PKCS #1 with MGF1)
+ CKMC_ALGO_RSA_OAEP, /**< RSA-OAEP algorithm (EME-OAEP as defined in PKCS #1 with MGF1)
Supported parameters:
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_RSA_OAEP (mandatory),
- #CKMC_PARAM_ED_LABEL = label (encoding parameter) to be associated with
the message (optional, not supported at the moment)
- - #CKMC_PARAM_ED_OAEP_HASH = hash algorithm to be used in OAEP padding (see
- #__ckmc_hash_algo). (optional) */
+ - #CKMC_PARAM_ED_OAEP_HASH = hash algorithm to be used in OAEP padding (optional) */
- CKMC_ALGO_KBKDF, /**< Key based key derivation algorithm
+ CKMC_ALGO_KBKDF, /**< Key based key derivation algorithm
Supported parameters:
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_KBKDF (mandatory),
- - #CKMC_PARAM_KDF_PRF = pseudo-random function (see #ckmc_kdf_prf_e)
- (mandatory),
- - #CKMC_PARAM_KBKDF_MODE = KDF mode (see #ckmc_kbkdf_mode_e) (mandatory),
+ - #CKMC_PARAM_KDF_PRF = pseudo-random function (mandatory),
+ - #CKMC_PARAM_KBKDF_MODE = KDF mode (mandatory),
- #CKMC_PARAM_KBKDF_LABEL = the purpose for the derived key (optional),
- #CKMC_PARAM_KBKDF_CONTEXT = information related to the derived key
(optional),
- #CKMC_PARAM_KDF_LEN = length of the derived key (mandatory)
- #CKMC_PARAM_KBKDF_FIXED_INPUT = replacement for context and label (optional),
- - #CKMC_PARAM_KBKDF_COUNTER_LOCATION = counter location
- (see #ckmc_kbkdf_counter_location_e) (mandatory),
+ - #CKMC_PARAM_KBKDF_COUNTER_LOCATION = counter location (mandatory),
- #CKMC_PARAM_KBKDF_RLEN = length of the counter representation (optional),
- #CKMC_PARAM_KBKDF_LLEN = length of the length suffix representation
(optional),
- #CKMC_PARAM_KBKDF_NO_SEPARATOR = existence of zero separator (optional) */
- CKMC_ALGO_ECDH, /**< ECDH shared secret key agreement protocol
+ CKMC_ALGO_ECDH, /**< ECDH shared secret key agreement protocol
Supported parameters (all are required):
- #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_ECDH,
- - #CKMC_PARAM_ECDH_PUBKEY = peer's public key (see #ckmc_key_s) */
+ - #CKMC_PARAM_ECDH_PUBKEY = peer's public key */
- CKMC_ALGO_KEM, /**< KEM algorithm
- Supported parameters:
- - #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_KEM (mandatory),
- - #CKMC_PARAM_KEM_TYPE = the type of KEM (see #ckmc_kem_type_e) (mandatory) (Since 7.0) */
+ CKMC_ALGO_KEM, /**< KEM algorithm
+ Supported parameters:
+ - #CKMC_PARAM_ALGO_TYPE = #CKMC_ALGO_KEM (mandatory),
+ - #CKMC_PARAM_KEM_TYPE = the type of KEM (mandatory) (Since 7.0) */
} ckmc_algo_type_e;
/**
* @brief Enumeration for backend identifiers.
+ *
* @since_tizen 6.0
+ *
* @see ckmc_get_backend_info()
* @see ckmc_alias_info_get_backend()
*/
typedef enum __ckmc_backend_id {
- CKMC_BACKEND_SW = 0, /**< Software backend */
- CKMC_BACKEND_TZ /**< TrustZone backend */
+ CKMC_BACKEND_SW = 0, /**< Software backend */
+ CKMC_BACKEND_TZ /**< TrustZone backend */
} ckmc_backend_id_e;
/**
* @brief Backend information handle.
+ *
* @since_tizen 6.0
+ *
* @see ckmc_alias_info_get_backend()
* @see ckmc_get_backend_info()
* @see ckmc_backend_get_max_chunk_size()
/**
* @brief Encryption/decryption context handle.
+ *
* @since_tizen 6.0
+ *
* @see ckmc_cipher_initialize()
* @see ckmc_cipher_update()
* @see ckmc_cipher_finalize()
/**
* @brief Gets the alias from #ckmc_alias_info_s structure.
+ *
* @since_tizen 5.5
+ *
* @remarks The @a alias should not be released.
- * The @a alias can be used until #ckmc_alias_info_s is released.
+ * The @a alias cannot be used until #ckmc_alias_info_s is released.
+ *
* @param[in] info The pointer to the #ckmc_alias_info_s structure
* @param[out] alias The pointer to the alias
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see #ckmc_alias_info_s
*/
-int ckmc_alias_info_get_alias(const ckmc_alias_info_s* info, char** alias);
+int ckmc_alias_info_get_alias(const ckmc_alias_info_s* info,
+ char** alias);
/**
* @brief Gets the password protection status from #ckmc_alias_info_s structure.
+ *
* @since_tizen 5.5
+ *
* @param[in] info The pointer to the #ckmc_alias_info_s structure
* @param[out] is_password_protected The pointer to the password protection flag
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see #ckmc_alias_info_s
*/
int ckmc_alias_info_is_password_protected(const ckmc_alias_info_s* info,
/**
* @brief Gets the backend identifier from #ckmc_alias_info_s structure.
+ *
* @since_tizen 6.0
+ *
* @param[in] info The pointer to the #ckmc_alias_info_s structure
* @param[out] backend The pointer to the backend identifier
- * @return #CKMC_ERROR_NONE on success, otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see #ckmc_backend_id_e
* @see #ckmc_alias_info_s
* @see ckmc_get_backend_info()
* @see ckmc_backend_info_free()
* @see ckmc_backend_get_max_chunk_size()
*/
-int ckmc_alias_info_get_backend(const ckmc_alias_info_s* info, ckmc_backend_id_e* backend);
+int ckmc_alias_info_get_backend(const ckmc_alias_info_s* info,
+ ckmc_backend_id_e* backend);
/**
* @brief Destroys the #ckmc_alias_info_list_s handle and releases resources of
* #ckmc_alias_info_list_s from the provided first handle cascadingly.
+ *
* @since_tizen 5.5
+ *
* @param[in] first The first #ckmc_alias_info_list_s handle to destroy
+ *
* @see #ckmc_alias_info_list_s
*/
void ckmc_alias_info_list_all_free(ckmc_alias_info_list_s *first);
/**
* @brief Creates a new full alias which is a concatenation of @a owner_id and @a alias.
+ *
* @since_tizen 3.0
+ *
* @remarks @a full_alias should be freed with free() after use.
- * @remarks Returns #CKMC_ERROR_INVALID_PARAMETER if any of parameter is NULL.
- * @remarks Returns #CKMC_ERROR_INVALID_PARAMETER if @a owner_id is empty.
- * @param[in] owner_id Data owner's id. This should be package id if data owner is
- * application. If you want to access data stored by system
- * services, it should be #ckmc_owner_id_system
+ * @remarks @a owner_id should be package id if data owner is application. If you want to access
+ * data stored by system services, it should be #ckmc_owner_id_system.
+ *
+ * @param[in] owner_id Data owner's id
* @param[in] alias Data alias
* @param[out] full_alias The newly created alias which is a concatenation of
- * @a owner_id, #ckmc_owner_id_separator and @a alias.
- * Destroy by free() after use
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @a owner_id, #ckmc_owner_id_separator and @a alias
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid or NULL, or @a owner_id is empty.
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see #ckmc_owner_id_separator
* @see #ckmc_owner_id_system
*/
-int ckmc_alias_new(const char *owner_id, const char *alias, char **full_alias);
+int ckmc_alias_new(const char *owner_id,
+ const char *alias,
+ char **full_alias);
/**
* @brief Creates a new #ckmc_key_s handle and returns it.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_key_s by calling ckmc_key_free() if it is no
+ *
+ * @remarks The newly created key must be destroyed by calling ckmc_key_free() if it is no
* longer needed.
- * @param[in] raw_key The byte array of key. The @a raw_key may be encrypted with password.
+ * @remarks The @a raw_key may be encrypted with password.
+ * @remarks If @a raw_key is not encrypted, @a password can be NULL.
+ *
+ * @param[in] raw_key The byte array of key
* @param[in] key_size The byte size of @a raw_key
* @param[in] key_type The type of @a raw_key
- * @param[in] password The byte array used to decrypt @a raw_key inside key manager. If @a raw_key
- * is not encrypted, @a password can be NULL
- * @param[out] ppkey The pointer to a newly created #ckmc_key_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[in] password The byte array used to decrypt @a raw_key inside key manager
+ * @param[out] ppkey The pointer to a newly created handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_key_free()
* @see #ckmc_key_s
*/
/**
* @brief Destroys the #ckmc_key_s handle and releases all its resources.
+ *
* @since_tizen 2.3
+ *
* @param[in] key The #ckmc_key_s handle to destroy
*/
void ckmc_key_free(ckmc_key_s *key);
/**
* @brief Creates a new #ckmc_raw_buffer_s handle and returns it.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_raw_buffer_s by calling ckmc_buffer_free() if
+ *
+ * @remarks The newly created #ckmc_raw_buffer_s must be destroyed by calling ckmc_buffer_free() if
* it is no longer needed.
+ *
* @param[in] data The byte array of buffer
* @param[in] size The byte size of buffer
- * @param[out] ppbuffer The pointer to a newly created #ckmc_raw_buffer_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[out] ppbuffer The pointer to a newly created handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_buffer_free()
* @see #ckmc_raw_buffer_s
*/
-int ckmc_buffer_new(unsigned char *data, size_t size, ckmc_raw_buffer_s **ppbuffer);
+int ckmc_buffer_new(unsigned char *data,
+ size_t size,
+ ckmc_raw_buffer_s **ppbuffer);
/**
* @brief Destroys the #ckmc_raw_buffer_s handle and releases all its resources.
+ *
* @since_tizen 2.3
+ *
* @param[in] buffer The #ckmc_raw_buffer_s structure to destroy
*/
void ckmc_buffer_free(ckmc_raw_buffer_s *buffer);
/**
* @brief Creates a new #ckmc_cert_s handle and returns it.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_cert_s by calling ckmc_cert_free() if it is no
+ *
+ * @remarks The newly created #ckmc_cert_s must be destroyed by calling ckmc_cert_free() if it is no
* longer needed.
+ *
* @param[in] raw_cert The byte array of certificate
* @param[in] cert_size The byte size of raw_cert
* @param[in] data_format The encoding format of raw_cert
- * @param[out] ppcert The pointer to a newly created #ckmc_cert_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[out] ppcert The pointer to a newly created handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_cert_free()
* @see ckmc_load_cert_from_file()
* @see #ckmc_cert_s
/**
* @brief Destroys the #ckmc_cert_s handle and releases all its resources.
+ *
* @since_tizen 2.3
+ *
* @param[in] cert The #ckmc_cert_s handle to destroy
+ *
* @see ckmc_load_cert_from_file()
*/
void ckmc_cert_free(ckmc_cert_s *cert);
/**
* @brief Creates a new #ckmc_cert_s handle from a given file and returns it.
+ *
* @since_tizen 2.3
- * @remarks You must destroy the newly created #ckmc_cert_s by calling ckmc_cert_free() if it is no
+ *
+ * @remarks The newly created #ckmc_cert_s must be destroyed by calling ckmc_cert_free() if it is no
* longer needed.
- * @param[in] file_path The path of certificate file to be loaded. Only DER or PEM encoded
- * certificate file is supported
- * @param[out] cert The pointer of newly created #ckmc_cert_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @remarks Only DER or PEM encoded certificate file is supported in @a file_path.
+ *
+ * @param[in] file_path The path of certificate file to be loaded
+ * @param[out] cert The pointer to a newly created handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory space
* @retval #CKMC_ERROR_INVALID_FORMAT Invalid certificate file format
* @retval #CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
+ *
* @see ckmc_cert_free()
* @see #ckmc_cert_s
*/
-int ckmc_load_cert_from_file(const char *file_path, ckmc_cert_s **cert);
+int ckmc_load_cert_from_file(const char *file_path,
+ ckmc_cert_s **cert);
/**
* @brief Creates a new #ckmc_pkcs12_s handle and returns it.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_pkcs12_s by calling ckmc_pkcs12_free() if it is
+ *
+ * @remarks The newly created #ckmc_pkcs12_s must be destroyed by calling ckmc_pkcs12_free() if it is
* no longer needed.
* @remarks On success, private_key, cert && ca_cert_list ownership is transferred into newly
* returned @a pkcs12_bundle.
- * @param[in] private_key #ckmc_key_s handle to the private key (optional)
- * @param[in] cert #ckmc_cert_s handle to the certificate (optional)
- * @param[in] ca_cert_list #ckmc_cert_list_s list of chain certificate handles (optional)
- * @param[out] pkcs12_bundle The pointer to a newly created #ckmc_pkcs12_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @param[in] private_key Optional handle to the private key
+ * @param[in] cert Optional handle to the certificate
+ * @param[in] ca_cert_list Optional list of chain certificate handles
+ * @param[out] pkcs12_bundle The pointer to a newly created handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid or @a private_key, @a cert and
* @a ca_cert_list all are NULL
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_pkcs12_free()
* @see ckmc_pkcs12_load()
* @see #ckmc_key_s
/**
* @deprecated Deprecated since 2.4
* [Use ckmc_pkcs12_load() instead]
+ *
* @brief Creates a new #ckmc_key_s (@a private_key), #ckmc_cert_s (@a cert),
* and #ckmc_cert_list_s (@a ca_cert_list) handle from a given PKCS#12 file and returns them.
+ *
* @since_tizen 2.3
- * @remarks You must destroy the newly created @a private_key, @a cert and @a ca_cert_list
- by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are
- no longer needed.
+ *
+ * @remarks The newly created @a private_key, @a cert and @a ca_cert_list must be destroyed
+ * by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are
+ * no longer needed.
+ * @remarks If PKCS12 file is not encrypted, @a passphrase can be NULL.
+ * @remarks @a ca_cert_list will be NULL if the PKCS12 file does not contain a certificate.
+ *
* @param[in] file_path The path of PKCS12 file to be loaded
- * @param[in] passphrase The passphrase used to decrypt the PCKS12 file. If PKCS12 file is not
- * encrypted, passphrase can be NULL
- * @param[out] private_key The pointer of newly created #ckmc_key_s handle for a private key
- * @param[out] cert The pointer of newly created #ckmc_cert_s handle for a certificate. It is NULL
- * if the PKCS12 file does not contain a certificate
- * @param[out] ca_cert_list The pointer of newly created #ckmc_cert_list_s handle for CA
- * certificates. It is NULL if the PKCS12 file does not contain
- * CA certificates
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[in] passphrase The passphrase used to decrypt the PCKS12 file
+ * @param[out] private_key The pointer to a newly created private key
+ * @param[out] cert The pointer to a newly created handle certificate
+ * @param[out] ca_cert_list The pointer to a newly created handle for CA certificate
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory space
* @retval #CKMC_ERROR_INVALID_FORMAT Invalid PKCS12 file format
* @retval #CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
+ *
* @see ckmc_pkcs12_new()
* @see ckmc_pkcs12_load()
* @see ckmc_key_free()
/**
* @brief Creates a new #ckmc_pkcs12_s handle from a given PKCS#12 file and returns it.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_pkcs12_s by calling ckmc_pkcs12_free() if they
- * are no longer needed.
+ *
+ * @remarks The newly created #ckmc_pkcs12_s must be destroyed by calling ckmc_pkcs12_free() if it
+ * is no longer needed.
+ * @remarks If PKCS12 file is not encrypted, @a passphrase can be NULL.
+ * @remarks (*@a pkcs12_bundle)->ca_cert_list will be NULL if the PKCS12 file does not contain a certificate.
+ *
* @param[in] file_path The path of PKCS12 file to be loaded
- * @param[in] passphrase The passphrase used to decrypt the PCKS12 file. If PKCS12 file is not
- * encrypted, passphrase can be NULL
- * @param[out] pkcs12_bundle The pointer of newly created #ckmc_cert_list_s handle for
- * CA certificates. It is NULL if the PKCS12 file does not contain
- * CA certificates
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[in] passphrase The passphrase used to decrypt the PCKS12 file
+ * @param[out] pkcs12_bundle The pointer of newly created handle for CA certificate
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory space
* @retval #CKMC_ERROR_INVALID_FORMAT Invalid PKCS12 file format
* @retval #CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
+ *
* @see ckmc_pkcs12_free()
* @see #ckmc_pkcs12_s
*/
-int ckmc_pkcs12_load(const char *file_path, const char *passphrase, ckmc_pkcs12_s **pkcs12_bundle);
+int ckmc_pkcs12_load(const char *file_path,
+ const char *passphrase,
+ ckmc_pkcs12_s **pkcs12_bundle);
/**
* @brief Destroys the #ckmc_pkcs12_s handle and releases all its resources.
+ *
* @since_tizen 2.4
+ *
* @param[in] pkcs12 The #ckmc_pkcs12_s handle to destroy
+ *
* @see ckmc_pkcs12_new()
* @see ckmc_pkcs12_load()
*/
/**
- * @brief Creates a new #ckmc_alias_list_s handle and returns it. The alias pointer in the returned
- * #ckmc_alias_list_s handle points to the provided characters and next is NULL.
+ * @brief Creates a new alias list handle and returns it. The alias pointer in the returned
+ * alias list handle points to the provided characters and next is NULL.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_alias_list_s by calling ckmc_alias_list_free()
+ *
+ * @remarks The newly created alias list must be destroyed by calling ckmc_alias_list_free()
* or ckmc_alias_list_all_free() if it is no longer needed.
- * @param[in] alias The first item to be set in the newly created #ckmc_alias_list_s
- * @param[out] ppalias_list The pointer to a newly created #ckmc_alias_list_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @param[in] alias The first item to be set in the newly created alias list
+ * @param[out] ppalias_list The pointer to a newly created alias list handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_alias_list_all_free()
* @see #ckmc_alias_list_s
*/
-int ckmc_alias_list_new(char *alias, ckmc_alias_list_s **ppalias_list);
+int ckmc_alias_list_new(char *alias,
+ ckmc_alias_list_s **ppalias_list);
/**
- * @brief Creates a new #ckmc_alias_list_s handle, adds it to a previous #ckmc_alias_list_s and
- * returns it. The alias pointer in the returned #ckmc_alias_list_s handle points to the
+ * @brief Creates a new alias list handle, adds it to a previous alias list and
+ * returns it. The alias pointer in the returned alias list handle points to the
* provided characters and next is NULL.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created @a pplast using ckmc_alias_list_free()
- * @param[in] previous The last #ckmc_alias_list_s handle to which a newly created
- * #ckmc_alias_list_s is added
- * @param[in] alias The item to be set in the newly created #ckmc_alias_list_s
- * @param[out] pplast The pointer to a newly created and added #ckmc_alias_list_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @remarks The newly created @a pplast must be destroyed using ckmc_alias_list_free().
+ *
+ * @param[in] previous The last alias list handle to which a newly created alias list is added
+ * @param[in] alias The item to be set in the newly created alias list
+ * @param[out] pplast The pointer to a newly created and added alias list handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_alias_list_all_free()
* @see #ckmc_alias_list_s
*/
-int ckmc_alias_list_add(ckmc_alias_list_s *previous, char *alias, ckmc_alias_list_s **pplast);
+int ckmc_alias_list_add(ckmc_alias_list_s *previous,
+ char *alias,
+ ckmc_alias_list_s **pplast);
/**
- * @brief Destroys the #ckmc_alias_list_s handle and releases resources of #ckmc_alias_list_s from
+ * @brief Destroys the alias list handle and releases resources of alias list from
* the provided first handle cascadingly.
+ *
* @since_tizen 2.4
- * @remarks It does not destroy an alias itself in #ckmc_alias_list_s.
- * @param[in] first The first #ckmc_alias_list_s handle to destroy
+ *
+ * @remarks It does not destroy an alias itself in alias list.
+ *
+ * @param[in] first The first alias list handle to destroy
+ *
* @see ckmc_alias_list_all_free()
* @see #ckmc_alias_list_s
*/
/**
- * @brief Destroys the #ckmc_alias_list_s handle and releases all its resources from the provided
+ * @brief Destroys the alias list handle and releases all its resources from the provided
* first handle cascadingly.
+ *
* @since_tizen 2.4
- * @remarks It also destroys the alias in #ckmc_alias_list_s.
- * @param[in] first The first #ckmc_alias_list_s handle to destroy
+ *
+ * @remarks It also destroys the alias in alias list.
+ *
+ * @param[in] first The first alias list handle to destroy
+ *
* @see #ckmc_alias_list_s
*/
void ckmc_alias_list_all_free(ckmc_alias_list_s *first);
/**
- * @brief Creates a new #ckmc_cert_list_s handle and returns it. The cert pointer in the returned
- * #ckmc_cert_list_s handle points to the provided #ckmc_cert_s and next is NULL.
+ * @brief Creates a new certificate list handle and returns it. The cert pointer in the returned
+ * certificate list handle points to the provided certificate and next is NULL.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created #ckmc_cert_list_s by calling ckmc_cert_list_free() or
+ *
+ * @remarks The newly created certificate list must be destroyed by calling ckmc_cert_list_free() or
* ckmc_cert_list_all_free() if it is no longer needed.
- * @param[in] cert The first item to be set in the newly created #ckmc_cert_list_s
- * @param[out] ppalias_list The pointer to a newly created #ckmc_alias_list_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @param[in] cert The first item to be set in the newly created certificate list
+ * @param[out] ppalias_list The pointer to a newly created alias list handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_cert_list_all_free()
* @see #ckmc_cert_list_s
*/
-int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list);
+int ckmc_cert_list_new(ckmc_cert_s *cert,
+ ckmc_cert_list_s **ppalias_list);
/**
- * @brief Creates a new #ckmc_cert_list_s handle, adds it to a previous #ckmc_cert_list_s and
- * returns it. The cert pointer in the returned #ckmc_alias_list_s handle points to the
- * provided #ckmc_cert_s and next is NULL.
+ * @brief Creates a new certificate list handle, adds it to a previous certificate list and
+ * returns it. The cert pointer in the returned alias list handle points to the
+ * provided certificate and next is NULL.
+ *
* @since_tizen 2.4
- * @remarks You must destroy the newly created @a pplast using ckmc_cert_list_free()
- * @param[in] previous The last #ckmc_cert_list_s handle to which a newly created #ckmc_cert_list_s
+ *
+ * @remarks The newly created @a pplast must be destroyed using ckmc_cert_list_free().
+ *
+ * @param[in] previous The last certificate list handle to which a newly created certificate list
* is added
- * @param[in] cert The item to be set in the newly created #ckmc_cert_list_s
- * @param[out] pplast The pointer to a newly created and added #ckmc_alias_list_s handle
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[in] cert The item to be set in the newly created certificate list
+ * @param[out] pplast The pointer to a newly created and added alias list handle
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
* @retval #CKMC_ERROR_OUT_OF_MEMORY Not enough memory
+ *
* @see ckmc_cert_list_all_free()
* @see #ckmc_cert_list_s
*/
-int ckmc_cert_list_add(ckmc_cert_list_s *previous, ckmc_cert_s *cert, ckmc_cert_list_s **pplast);
+int ckmc_cert_list_add(ckmc_cert_list_s *previous,
+ ckmc_cert_s *cert,
+ ckmc_cert_list_s **pplast);
/**
- * @brief Destroys the #ckmc_cert_list_s handle and releases resources of #ckmc_cert_list_s from the
+ * @brief Destroys the certificate list handle and releases resources of certificate list from the
* provided first handle cascadingly.
+ *
* @since_tizen 2.4
- * @remarks It does not destroy #ckmc_cert_s itself in #ckmc_cert_list_s.
- * @param[in] first The first #ckmc_cert_list_s handle to destroy
+ *
+ * @remarks It does not destroy certificate itself in certificate list.
+ *
+ * @param[in] first The first certificate list handle to destroy
+ *
* @see ckmc_cert_list_all_free()
* @see #ckmc_cert_list_s
*/
/**
- * @brief Destroys the #ckmc_cert_list_s handle and releases all its resources from the provided
+ * @brief Destroys the certificate list handle and releases all its resources from the provided
* first handle cascadingly.
+ *
* @since_tizen 2.3
- * @remarks It also destroys #ckmc_cert_s in #ckmc_cert_list_s.
- * @param[in] first The first #ckmc_cert_list_s handle to destroy
+ *
+ * @remarks It also destroys certificate in certificate list.
+ *
+ * @param[in] first The first certificate list handle to destroy
+ *
* @see #ckmc_cert_list_s
*/
void ckmc_cert_list_all_free(ckmc_cert_list_s *first);
/**
- * @brief Creates new parameter list.
+ * @brief Creates new param list.
+ *
* @since_tizen 3.0
+ *
* @remarks Caller is responsible for freeing it with ckmc_param_list_free().
+ *
* @param[in] pparams Double pointer to the handle of param list to which the newly created
* algorithm param list will be assigned
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see ckmc_param_list_set_integer()
* @see ckmc_param_list_set_buffer()
* @see ckmc_param_list_free()
/**
* @brief Sets integer parameter to the list.
+ *
* @since_tizen 3.0
- * @remarks Caller is responsible for #ckmc_param_list_h creation.
+ *
+ * @remarks Caller is responsible for param list creation.
+ * @remarks New param with @a name and @a value will be set in @a params.
+ * @remarks Existing parameter will be overwritten by value passed in @a name.
+ * Passing invalid parameter name will result in an error.
+ *
* @param[in] params Algorithm param list handle created with ckmc_param_list_new() or
- * ckmc_generate_new_params(). New param with @a name and @a value will be set
- * here
- * @param[in] name Name of parameter to set. Existing parameter will be overwritten. Passing invalid
- * parameter name will result in an error
+ * ckmc_generate_new_params()
+ * @param[in] name Name of parameter to set
* @param[in] value Value of the parameter in form of a integer
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_buffer()
* @see ckmc_param_list_get_integer()
* @see #ckmc_param_name_e
* @see #ckmc_algo_type_e
*/
-int ckmc_param_list_set_integer(ckmc_param_list_h params, ckmc_param_name_e name, uint64_t value);
+int ckmc_param_list_set_integer(ckmc_param_list_h params,
+ ckmc_param_name_e name,
+ uint64_t value);
/**
* @brief Sets buffer parameter to the list.
+ *
* @since_tizen 3.0
- * @remarks Caller is responsible for #ckmc_param_list_h creation.
+ *
+ * @remarks Caller is responsible for param list creation.
+ * @remarks New param with @a name and @a buffer will be set in @a params.
+ * @remarks Existing parameter will be overwritten by value passed in @a name.
+ * Passing invalid parameter name will result in an error.
+ * @remarks Caller is responsible for creatingand freeing the @a buffer.
+ *
* @param[in] params Algorithm param list handle created with ckmc_param_list_new() or
- * ckmc_generate_new_params(). New param with @a name and @a buffer will be set
- * here
- * @param[in] name Name of parameter to set. Existing parameter will be overwritten. Passing invalid
- * parameter name will result in an error
- * @param[in] buffer Value of the parameter in form of a buffer. Caller is responsible for creating
- * and freeing the buffer
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * ckmc_generate_new_params()
+ * @param[in] name Name of parameter to set
+ * @param[in] buffer Value of the parameter in form of a buffer
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_integer()
* @see ckmc_param_list_get_integer()
/**
* @brief Gets integer parameter from the list.
+ *
* @since_tizen 3.0
- * @remarks Caller is responsible for #ckmc_param_list_h creation.
+ *
+ * @remarks Caller is responsible for param list creation.
+ * @remarks New param with @a name will be set in @a params.
+ *
* @param[in] params Algorithm param list handle created with ckmc_param_list_new() or
- * ckmc_generate_new_params() which contains param with @a name
+ * ckmc_generate_new_params()
* @param[in] name Name of parameter to get
* @param[out] pvalue Value of the parameter in form of a integer
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_integer()
* @see ckmc_param_list_set_buffer()
* @see #ckmc_param_name_e
* @see #ckmc_algo_type_e
*/
-int ckmc_param_list_get_integer(ckmc_param_list_h params, ckmc_param_name_e name, uint64_t *pvalue);
+int ckmc_param_list_get_integer(ckmc_param_list_h params,
+ ckmc_param_name_e name,
+ uint64_t *pvalue);
/**
* @brief Gets buffer parameter from the list.
+ *
* @since_tizen 3.0
- * @remarks Caller is responsible for #ckmc_param_list_h creation.
- * @remarks You must destroy the @a ppbuffer using ckmc_buffer_free()
+ *
+ * @remarks Caller is responsible for param list creation.
+ * @remarks New param with @a name will be set in @a params.
+ * @remarks The @a ppbuffer must be destroyed using ckmc_buffer_free().
+ *
* @param[in] params Algorithm param list handle created with ckmc_param_list_new() or
- * ckmc_generate_new_params() which contains param with @a name
+ * ckmc_generate_new_params()
* @param[in] name Name of parameter to get
* @param[out] ppbuffer Value of the parameter in form of a buffer
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_integer()
* @see ckmc_param_list_set_buffer()
/**
* @brief Frees previously allocated list of algorithm params.
+ *
* @since_tizen 3.0
+ *
* @param[in] params First element of the list to be freed
+ *
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_integer()
* @see ckmc_param_list_set_buffer()
/**
* @brief Generates algorithm parameters for a given algorithm type and set them to the list.
+ *
* @since_tizen 3.0
- * @remarks Caller is responsible for #ckmc_param_list_h destruction.
+ *
+ * @remarks Caller is responsible for param list destruction.
* @remarks Algorithm parameters are set to default values. Optional fields are left empty.
* Initialization vectors are left empty (they have to be set manually).
* Caller is responsible for freeing the list with ckmc_param_list_free().
* @remarks If the function returns error, provided param list may contain some of default
* parameters.
+ * @remarks @a pparams should be freed by caller after use
+ *
* @param[in] type Type of the algorithm
- * @param[out] pparams Newly generated handle of param list which should be freed by caller after
- * use
- * @return #CKMC_ERROR_NONE on success,
- * otherwise a negative error value
+ * @param[out] pparams Newly generated handle of param list
+ *
+ * @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
* @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ *
* @see ckmc_param_list_new()
* @see ckmc_param_list_set_integer()
* @see ckmc_param_list_set_buffer()
* @see #ckmc_param_name_e
* @see #ckmc_algo_type_e
*/
-int ckmc_generate_new_params(ckmc_algo_type_e type, ckmc_param_list_h *pparams);
+int ckmc_generate_new_params(ckmc_algo_type_e type,
+ ckmc_param_list_h *pparams);
/**
* @brief Retrieves maximum data chunk size in bytes that can be passed to given backend. This is
*
* @since_tizen 6.0
*
+ * @remarks Chunk size set in @a size is equal to 0 if there's no backend specific limitation beside
+ * available memory.
+ *
* @param[in] info Backend info handle
- * @param[out] size Maximum chunk size. Equal to 0 if there's no backend specific limitation beside
- * available memory
+ * @param[out] size Maximum chunk size
*
* @return @c 0 on success, otherwise a negative error value
* @retval #CKMC_ERROR_NONE Successful
- * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid (@a info is invalid,
- * @a size = NULL)
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid (@a info is invalid, @a size = NULL)
*
* @see #ckmc_backend_info_h
* @see ckmc_get_backend_info()
*/
-int ckmc_backend_get_max_chunk_size(const ckmc_backend_info_h info, size_t* size);
+int ckmc_backend_get_max_chunk_size(const ckmc_backend_info_h info,
+ size_t* size);
/**
* @brief Destroys the backend information handle and releases all its resources.
projects / platform / core / security / key-manager.git / commitdiff