#include "keymanager/keymanager_instance.h"
-#include <functional>
-#include <ckm/ckm-manager.h>
+#include <ckmc/ckmc-manager.h>
#include <glib.h>
-#include <pcrecpp.h>
-#include <fstream>
#include "common/logger.h"
-#include "common/picojson.h"
+#include "common/optional.h"
#include "common/platform_result.h"
+#include "common/scope_exit.h"
+#include "common/task-queue.h"
+#include "common/tools.h"
+#include "common/virtual_fs.h"
namespace extension {
namespace keymanager {
+using common::ErrorCode;
+using common::optional;
+using common::PlatformResult;
+using common::TaskQueue;
+using common::VirtualFs;
+
namespace {
+
+typedef std::vector<unsigned char> RawBuffer;
+
const char* kTypeRSA = "RSA";
const char* kTypeECDSA = "ECDSA";
+
+RawBuffer Base64ToRawBuffer(const std::string& base64) {
+ LoggerD("Enter");
+
+ gsize len = 0;
+ guchar* raw_data = g_base64_decode(base64.c_str(), &len);
+ RawBuffer raw_buffer;
+
+ if (raw_data) {
+ raw_buffer.assign(raw_data, raw_data + len);
+ g_free(raw_data);
+ }
+
+ return raw_buffer;
}
+std::string RawBufferToBase64(const RawBuffer& buf) {
+ LoggerD("Enter");
+
+ std::string result;
+
+ if (!buf.empty()) {
+ gchar* base64 = g_base64_encode(&buf[0], buf.size());
+ result = base64;
+ g_free(base64);
+ }
+
+ return result;
+}
+
+} // namespace
+
KeyManagerInstance::KeyManagerInstance() {
LoggerD("Enter");
using std::placeholders::_1;
LoggerD("Enter");
}
-void KeyManagerInstance::GetAliasList(
- std::function<int(CKM::AliasVector&)> coreFunc, picojson::object& out) {
- LoggerD("Enter");
- CKM::AliasVector result;
- int ret = coreFunc(result);
- if (ret != CKM_API_SUCCESS) {
- LoggerE("Failed to fetch list of alias: %d", ret);
- ReportError(common::PlatformResult(common::ErrorCode::UNKNOWN_ERR,
- "Failed to fetch list of alias"), &out);
- } else {
- picojson::array aliases;
- for (auto& item: result) {
- aliases.push_back(picojson::value(item));
- }
- picojson::value res(aliases);
- ReportSuccess(res, out);
- }
-}
-
void KeyManagerInstance::GetKeyAliasList(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
- using std::placeholders::_1;
- GetAliasList(
- std::bind(&CKM::Manager::getKeyAliasVector, CKM::Manager::create(), _1),
- out);
}
void KeyManagerInstance::GetCertificateAliasList(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
- using std::placeholders::_1;
- GetAliasList(
- std::bind(&CKM::Manager::getCertificateAliasVector, CKM::Manager::create(), _1),
- out);
}
void KeyManagerInstance::GetDataAliasList(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
- using std::placeholders::_1;
- GetAliasList(
- std::bind(&CKM::Manager::getDataAliasVector, CKM::Manager::create(), _1),
- out);
}
-CKM::RawBuffer Base64ToRawBuffer(const std::string base64) {
+void KeyManagerInstance::GetKey(const picojson::value& args,
+ picojson::object& out) {
LoggerD("Enter");
- gsize len = 0;
- guchar* raw_data = g_base64_decode(base64.c_str(), &len);
- CKM::RawBuffer rawBuffer;
- if (raw_data) {
- rawBuffer.assign(raw_data, raw_data + len);
- g_free(raw_data);
- }
- return rawBuffer;
}
void KeyManagerInstance::SaveKey(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
-
- const picojson::value& key_object = args.get("key");
- const std::string& alias = key_object.get("name").get<std::string>();
- std::string password;
- if (key_object.get("password").is<std::string>()) {
- password = key_object.get("password").get<std::string>();
- }
- std::string base64 = args.get("rawKey").get<std::string>();
- pcrecpp::RE_Options opt;
- opt.set_multiline(true);
- //remove first line and last line
- pcrecpp::RE("-----[^-]*-----", opt).GlobalReplace("", &base64);
- CKM::RawBuffer raw_buffer = Base64ToRawBuffer(base64);
- CKM::Password pass(password.c_str());
- CKM::KeyShPtr key = CKM::Key::create(raw_buffer, pass);
- CKM::Policy policy(pass, key_object.get("extractable").get<bool>());
- CKM::ManagerAsync::ObserverPtr observer(new SaveKeyObserver(this,
- args.get("callbackId").get<double>()));
- m_manager.saveKey(observer, alias, key, policy);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnSaveKey(double callbackId,
- const common::PlatformResult& result) {
- LoggerD("Enter");
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
void KeyManagerInstance::RemoveKey(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const std::string& alias = args.get("key").get("name").get<std::string>();
- common::PlatformResult res = RemoveAlias(alias);
- if (res.IsError()) {
- ReportError(res, &out);
- } else {
- ReportSuccess(out);
- }
-}
-
-common::PlatformResult KeyManagerInstance::RemoveAlias(
- const std::string& alias) {
+ picojson::object& out) {
LoggerD("Enter");
- int ret = CKM::Manager::create()->removeAlias(alias);
- if (ret != CKM_API_SUCCESS) {
- LoggerE("Failed to remove alias: %d", ret);
- if (ret == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- return common::PlatformResult(common::ErrorCode::NOT_FOUND_ERR,
- "Key alias not found");
- } else {
- return common::PlatformResult(common::ErrorCode::UNKNOWN_ERR,
- "Failed to remove alias");
- }
- }
- return common::PlatformResult(common::ErrorCode::NO_ERROR);
}
void KeyManagerInstance::GenerateKeyPair(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const picojson::value& priv_key = args.get("privKeyName");
- const picojson::value& pub_key = args.get("pubKeyName");
- const std::string& priv_name = priv_key.get("name").get<std::string>();
- const std::string& pub_name = pub_key.get("name").get<std::string>();
- const std::string& type = args.get("type").get<std::string>();
- int size = std::stoi(args.get("size").get<std::string>());
-
- CKM::ManagerAsync::ObserverPtr observer(new CreateKeyObserver(this,
- args.get("callbackId").get<double>()));
-
- CKM::Password pass;
- if (priv_key.get("password").is<std::string>()) {
- pass = priv_key.get("password").get<std::string>().c_str();
- }
- CKM::Policy priv_policy(pass, priv_key.get("extractable").get<bool>());
-
- if (pub_key.get("password").is<std::string>()) {
- pass = pub_key.get("password").get<std::string>().c_str();
- } else {
- pass = "";
- }
- CKM::Policy pub_policy(pass, pub_key.get("extractable").get<bool>());
-
- if (type == kTypeRSA) {
- m_manager.createKeyPairRSA(observer, size, priv_name, pub_name, priv_policy, pub_policy);
- } else if (type == kTypeECDSA) {
- CKM::ElipticCurve eliptic = CKM::ElipticCurve::prime192v1;
- if (args.get("ellipticCurveType").is<std::string>()) {
- const std::string& eType = args.get("ellipticCurveType").get<std::string>();
- if (eType == "PRIME256V1") {
- eliptic = CKM::ElipticCurve::prime256v1;
- } else if (eType == "EC_SECP384R1") {
- eliptic = CKM::ElipticCurve::secp384r1;
- }
- }
- m_manager.createKeyPairECDSA(observer, eliptic, priv_name, pub_name, priv_policy, pub_policy);
- } else {
- m_manager.createKeyPairDSA(observer, size, priv_name, pub_name, priv_policy, pub_policy);
- }
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnCreateKeyPair(double callbackId,
- const common::PlatformResult& result) {
- LoggerD("Enter");
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
-}
-
-std::string RawBufferToBase64(const CKM::RawBuffer &buf) {
- LoggerD("Enter");
- std::string result;
- if (!buf.empty()) {
- gchar* base64 = g_base64_encode(&buf[0], buf.size());
- result = base64;
- g_free(base64);
- }
- return result;
-}
-
-void KeyManagerInstance::GetKey(const picojson::value& args, picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
- using CKM::KeyType;
-
- const std::string& alias = args.get("name").get<std::string>();
- CKM::Password pass;
- if (args.get("password").is<std::string>()) {
- pass = args.get("password").get<std::string>().c_str();
- }
-
- CKM::KeyShPtr key;
- int ret = CKM::Manager::create()->getKey(alias, pass, key);
- if (ret != CKM_API_SUCCESS) {
- LoggerE("Failed to get key: %d", ret);
- if (ret == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- ReportError(common::PlatformResult(common::ErrorCode::NOT_FOUND_ERR,
- "Key alias not found"), &out);
- } else {
- ReportError(common::PlatformResult(common::ErrorCode::UNKNOWN_ERR,
- "Failed to get key"), &out);
- }
- } else {
- picojson::object dict;
- dict["name"] = args.get("name");
- if (args.get("password").is<std::string>()) {
- dict["password"] = args.get("password");
- }
- switch (key->getType()) {
- case KeyType::KEY_NONE:
- dict["keyType"] = picojson::value("KEY_NONE");
- break;
- case KeyType::KEY_RSA_PUBLIC:
- dict["keyType"] = picojson::value("KEY_RSA_PUBLIC");
- break;
- case KeyType::KEY_RSA_PRIVATE:
- dict["keyType"] = picojson::value("KEY_RSA_PRIVATE");
- break;
- case KeyType::KEY_ECDSA_PUBLIC:
- dict["keyType"] = picojson::value("KEY_ECDSA_PUBLIC");
- break;
- case KeyType::KEY_ECDSA_PRIVATE:
- dict["keyType"] = picojson::value("KEY_ECDSA_PRIVATE");
- break;
- case KeyType::KEY_DSA_PUBLIC:
- dict["keyType"] = picojson::value("KEY_DSA_PUBLIC");
- break;
- case KeyType::KEY_DSA_PRIVATE:
- dict["keyType"] = picojson::value("KEY_DSA_PRIVATE");
- break;
- case KeyType::KEY_AES:
- dict["keyType"] = picojson::value("KEY_AES");
- break;
- }
- dict["rawKey"] = picojson::value(RawBufferToBase64(key->getDER()));
- //if key was retrieved it is extractable from db
- dict["extractable"] = picojson::value(true);
-
- picojson::value res(dict);
- ReportSuccess(res, out);
- }
}
void KeyManagerInstance::GetCertificate(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
-
- CKM::Password pass;
- if (args.get("password").is<std::string>()) {
- pass = args.get("password").get<std::string>().c_str();
- }
- const std::string& alias = args.get("name").get<std::string>();
- CKM::CertificateShPtr cert;
- int ret = CKM::Manager::create()->getCertificate(alias, pass, cert);
- if (ret != CKM_API_SUCCESS) {
- LoggerE("Failed to get cert: %d", ret);
- if (ret == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- ReportError(common::PlatformResult(common::ErrorCode::NOT_FOUND_ERR,
- "Cert alias not found"), &out);
- } else {
- ReportError(common::PlatformResult(common::ErrorCode::UNKNOWN_ERR,
- "Failed to get cert"), &out);
- }
- } else {
- picojson::object dict;
- dict["name"] = args.get("name");
- if (args.get("password").is<std::string>()) {
- dict["password"] = args.get("password");
- }
- //if cert was retrieved it is extractable from db
- dict["extractable"] = picojson::value(true);
- dict["rawCert"] = picojson::value(RawBufferToBase64(cert->getDER()));
-
- picojson::value res(dict);
- ReportSuccess(res, out);
- }
}
void KeyManagerInstance::SaveCertificate(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const picojson::value& crt = args.get("certificate");
- const std::string& alias = crt.get("name").get<std::string>();
- std::string password;
- if (crt.get("password").is<std::string>()) {
- password = crt.get("password").get<std::string>();
- }
- std::string base64 = args.get("rawCert").get<std::string>();
-
- SaveCert(base64,
- password,
- alias,
- crt.get("extractable").get<bool>(),
- args.get("callbackId").get<double>());
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::SaveCert(std::string &base64,
- const std::string &password,
- const std::string &alias,
- bool extractable,
- double callbackId) {
- LoggerD("Enter");
- pcrecpp::RE_Options opt;
- opt.set_multiline(true);
- //remove first line and last line
- pcrecpp::RE("-----[^-]*-----", opt).GlobalReplace("", &base64);
- CKM::RawBuffer rawBuffer = Base64ToRawBuffer(base64);
- CKM::Password pass(password.c_str());
- CKM::CertificateShPtr cert = CKM::Certificate::create(rawBuffer,
- CKM::DataFormat::FORM_DER);
- CKM::Policy policy(pass, extractable);
- CKM::ManagerAsync::ObserverPtr observer(new SaveCertObserver(this,
- callbackId));
- m_manager.saveCertificate(observer, alias, cert, policy);
-}
-
-void KeyManagerInstance::OnSaveCert(double callbackId,
- const common::PlatformResult& result) {
+ picojson::object& out) {
LoggerD("Enter");
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
void KeyManagerInstance::LoadCertificateFromFile(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const picojson::value& crt = args.get("certificate");
- const std::string& file = args.get("fileURI").get<std::string>();
- std::string password;
- if (crt.get("password").is<std::string>()) {
- password = crt.get("password").get<std::string>();
- }
- LoadFileCert* reader = new LoadFileCert(this,
- args.get("callbackId").get<double>(),
- password,
- crt.get("name").get<std::string>(),
- crt.get("extractable").get<bool>());
- reader->LoadFileAsync(file);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnCertFileLoaded(LoadFileCert* reader,
- const common::PlatformResult& result) {
+ picojson::object& out) {
LoggerD("Enter");
-
- if (result.IsError()) {
- LoggerE("There was an error");
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(reader->callback_id);
- ReportError(result, &dict);
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
- } else {
- SaveCert(reader->file_content, reader->password, reader->alias,
- reader->extractable, reader->callback_id);
- }
- delete reader;
}
void KeyManagerInstance::RemoveCertificate(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
-
- const std::string& alias = args.get("certificate").get("name").get<std::string>();
- common::PlatformResult res = RemoveAlias(alias);
- if (res.IsError()) {
- ReportError(res, &out);
- } else {
- picojson::value result;
- ReportSuccess(result, out);
- }
}
void KeyManagerInstance::SaveData(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
-
- const picojson::value& data = args.get("data");
- const std::string& alias = data.get("name").get<std::string>();
- std::string password;
- if (data.get("password").is<std::string>()) {
- password = data.get("password").get<std::string>();
- }
- std::string base64 = args.get("rawData").get<std::string>();
-
- CKM::RawBuffer raw_buffer = Base64ToRawBuffer(base64);
- CKM::Password pass(password.c_str());
- CKM::Policy policy(pass, data.get("extractable").get<bool>());
- CKM::ManagerAsync::ObserverPtr observer(new SaveDataObserver(this,
- args.get("callbackId").get<double>()));
- m_manager.saveData(observer, alias, raw_buffer, policy);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnSaveData(double callbackId,
- const common::PlatformResult& result) {
- LoggerD("Enter");
-
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
void KeyManagerInstance::RemoveData(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
- const std::string& alias = args.get("data").get("name").get<std::string>();
- common::PlatformResult res = RemoveAlias(alias);
- if (res.IsError()) {
- ReportError(res, &out);
- } else {
- ReportSuccess(out);
- }
}
void KeyManagerInstance::GetData(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
-
- const std::string& alias = args.get("name").get<std::string>();
- CKM::Password pass;
- if (args.get("password").is<std::string>()) {
- pass = args.get("password").get<std::string>().c_str();
- }
-
- CKM::RawBuffer raw_buffer;
- int ret = CKM::Manager::create()->getData(alias, pass, raw_buffer);
- if (ret != CKM_API_SUCCESS) {
- LoggerE("Failed to get data: %d", ret);
- if (ret == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- ReportError(common::PlatformResult(common::ErrorCode::NOT_FOUND_ERR,
- "Data alias not found"), &out);
- } else {
- ReportError(common::PlatformResult(common::ErrorCode::UNKNOWN_ERR,
- "Failed to get data"), &out);
- }
- } else {
- picojson::object dict;
- dict["name"] = args.get("name");
- if (args.get("password").is<std::string>()) {
- dict["password"] = args.get("password");
- }
- dict["rawData"] = picojson::value(RawBufferToBase64(raw_buffer));
- //if key was retrieved it is extractable from db
- dict["extractable"] = picojson::value(true);
-
- picojson::value res(dict);
- ReportSuccess(res, out);
- }
-}
-
-CKM::HashAlgorithm StringToHashAlgorithm(const std::string &hashAlgorithmType) {
- LoggerD("Enter");
- using CKM::HashAlgorithm;
- if (hashAlgorithmType == "HASH_SHA1") {
- return HashAlgorithm::SHA1;
- } else if (hashAlgorithmType == "HASH_SHA256") {
- return HashAlgorithm::SHA256;
- } else if (hashAlgorithmType == "HASH_SHA384") {
- return HashAlgorithm::SHA384;
- } else if (hashAlgorithmType == "HASH_SHA512") {
- return HashAlgorithm::SHA512;
- }
- return HashAlgorithm::NONE;
-}
-
-CKM::RSAPaddingAlgorithm StringToRSAPadding(const std::string &padding) {
- LoggerD("Enter");
- if (padding == "PADDING_PKCS1") {
- return CKM::RSAPaddingAlgorithm::PKCS1;
- }
- return CKM::RSAPaddingAlgorithm::X931;
}
void KeyManagerInstance::CreateSignature(const picojson::value& args,
- picojson::object& out) {
+ picojson::object& out) {
LoggerD("Enter");
-
- using CKM::HashAlgorithm;
- using CKM::RSAPaddingAlgorithm;
- const std::string& alias = args.get("privKeyAlias").get<std::string>();
- std::string base64 = args.get("message").get<std::string>();
- CKM::Password pass;
- if (args.get("password").is<std::string>()) {
- pass = args.get("password").get<std::string>().c_str();
- }
- CKM::RawBuffer raw_buffer = Base64ToRawBuffer(base64);
- HashAlgorithm hash = StringToHashAlgorithm(
- args.get("hashAlgorithmType").get<std::string>());
- RSAPaddingAlgorithm alg = StringToRSAPadding(
- args.get("padding").get<std::string>());
- CKM::ManagerAsync::ObserverPtr observer(new CreateSignatureObserver(this,
- args.get("callbackId").get<double>()));
- m_manager.createSignature(observer, alias, pass, raw_buffer, hash, alg);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnCreateSignature(double callbackId,
- const common::PlatformResult& result, CKM::RawBuffer buffer) {
- LoggerD("Enter");
-
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- } else {
- dict["result"] = picojson::value(RawBufferToBase64(buffer));
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
-}
-
-void KeyManagerInstance::VerifySignature(const picojson::value& args, picojson::object& out) {
- LoggerD("Enter");
- using CKM::HashAlgorithm;
- using CKM::RSAPaddingAlgorithm;
-
- const std::string& alias = args.get("pubKeyAlias").get<std::string>();
- const std::string& message_string = args.get("message").get<std::string>();
- const std::string& signature_string = args.get("signature").get<std::string>();
- CKM::Password pass;
- if (args.get("password").is<std::string>()) {
- pass = args.get("password").get<std::string>().c_str();
- }
- CKM::RawBuffer message = Base64ToRawBuffer(message_string);
- CKM::RawBuffer signature = Base64ToRawBuffer(signature_string);
-
- HashAlgorithm hash = StringToHashAlgorithm(
- args.get("hashAlgorithmType").get<std::string>());
- RSAPaddingAlgorithm alg = StringToRSAPadding(
- args.get("padding").get<std::string>());
- CKM::ManagerAsync::ObserverPtr observer(new VerifySignatureObserver(this,
- args.get("callbackId").get<double>()));
- m_manager.verifySignature(observer, alias, pass, message, signature, hash, alg);
-
- ReportSuccess(out);
}
-void KeyManagerInstance::OnVerifySignature(double callbackId,
- const common::PlatformResult& result) {
+void KeyManagerInstance::VerifySignature(const picojson::value& args,
+ picojson::object& out) {
LoggerD("Enter");
-
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
void KeyManagerInstance::LoadFromPKCS12File(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const std::string& file = args.get("fileURI").get<std::string>();
- const std::string& key_alias = args.get("privKeyName").get<std::string>();
- const std::string& cert_alias = args.get("certificateName").get<std::string>();
- std::string password;
- if (args.get("password").is<std::string>()) {
- password = args.get("password").get<std::string>();
- }
- LoadFilePKCS12* reader = new LoadFilePKCS12(this,
- args.get("callbackId").get<double>(),
- password,
- key_alias,
- cert_alias);
- reader->LoadFileAsync(file);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnPKCS12FileLoaded(LoadFilePKCS12* reader,
- const common::PlatformResult& result) {
- LoggerD("Enter");
-
- if (result.IsError()) {
- LoggerE("There was an error");
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(reader->callback_id);
- ReportError(result, &dict);
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
- } else {
- CKM::Password pass(reader->password.c_str());
- CKM::PKCS12ShPtr pkcs = CKM::PKCS12::create(reader->file_content, pass);
- if (!pkcs) {
- LoggerE("Failed to parse PKCS12 file");
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(reader->callback_id);
- common::PlatformResult err(common::ErrorCode::INVALID_VALUES_ERR,
- "Failed to parse PKCS12 file");
- ReportError(err, &dict);
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
- } else {
- CKM::Policy keyPolicy;
- CKM::Policy certPolicy;
- CKM::ManagerAsync::ObserverPtr observer(new SavePKCS12Observer(this,
- reader->callback_id));
- m_manager.saveCertificate(observer, reader->cert_alias, pkcs->getCertificate(), certPolicy);
- m_manager.saveKey(observer, reader->key_alias, pkcs->getKey(), keyPolicy);
- }
- }
- delete reader;
-}
-
-void KeyManagerInstance::OnSavePKCS12(double callbackId,
- const common::PlatformResult& result) {
+ picojson::object& out) {
LoggerD("Enter");
-
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
void KeyManagerInstance::AllowAccessControl(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const std::string& dataName = args.get("dataName").get<std::string>();
- const std::string& id = args.get("id").get<std::string>();
- const std::string& access = args.get("accessControlType").get<std::string>();
- CKM::PermissionMask mask = CKM::Permission::READ;
- if (access == "READ_REMOVE") {
- mask = mask | CKM::Permission::REMOVE;
- }
- CKM::ManagerAsync::ObserverPtr observer(new AllowAccessObserver(this,
- args.get("callbackId").get<double>()));
- m_manager.setPermission(observer, dataName, id, mask);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnAllowAccess(double callbackId,
- const common::PlatformResult& result) {
+ picojson::object& out) {
LoggerD("Enter");
-
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
void KeyManagerInstance::DenyAccessControl(const picojson::value& args,
- picojson::object& out) {
- LoggerD("Enter");
-
- const std::string& dataName = args.get("dataName").get<std::string>();
- const std::string& id = args.get("id").get<std::string>();
- CKM::PermissionMask mask = CKM::Permission::NONE;
- CKM::ManagerAsync::ObserverPtr observer(new DenyAccessObserver(this,
- args.get("callbackId").get<double>()));
- m_manager.setPermission(observer, dataName, id, mask);
-
- ReportSuccess(out);
-}
-
-void KeyManagerInstance::OnDenyAccess(double callbackId,
- const common::PlatformResult& result) {
+ picojson::object& out) {
LoggerD("Enter");
-
- picojson::value::object dict;
- dict["callbackId"] = picojson::value(callbackId);
- if (result.IsError()) {
- LoggerE("There was an error");
- ReportError(result, &dict);
- }
- picojson::value res(dict);
- PostMessage(res.serialize().c_str());
}
} // namespace keymanager
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "keymanager/keymanager_observers.h"
-#include "common/extension.h"
-#include "common/logger.h"
-#include "common/task-queue.h"
-
-namespace extension {
-namespace keymanager {
-
-using common::PlatformResult;
-using common::ErrorCode;
-
-CommonObserver::CommonObserver(KeyManagerListener* _listener, double _callbackId):
- listener(_listener), callbackId(_callbackId) {
-
-}
-
-SaveKeyObserver::SaveKeyObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-
-}
-
-void SaveKeyObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- std::string message = "Failed to save key";
- switch (error) {
- case CKM_API_ERROR_INPUT_PARAM:
- code = ErrorCode::INVALID_VALUES_ERR;
- break;
- case CKM_API_ERROR_DB_ALIAS_EXISTS:
- code = ErrorCode::INVALID_VALUES_ERR;
- message = "Key alias already exists";
- break;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSaveKey, listener, callbackId,
- PlatformResult(code, message
- )));
-}
-
-void SaveKeyObserver::ReceivedSaveKey() {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSaveKey, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-CreateKeyObserver::CreateKeyObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {}
-
-void CreateKeyObserver::ReceivedCreateKeyPairDSA() {
- LoggerD("Enter");
- CallSuccess();
-}
-
-void CreateKeyObserver::ReceivedCreateKeyPairECDSA() {
- LoggerD("Enter");
- CallSuccess();
-}
-
-void CreateKeyObserver::ReceivedCreateKeyPairRSA() {
- LoggerD("Enter");
- CallSuccess();
-}
-
-void CreateKeyObserver::CallSuccess() {
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnCreateKeyPair, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-void CreateKeyObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- std::string message = "Failed to create key pair";
- switch (error) {
- case CKM_API_ERROR_INPUT_PARAM:
- code = ErrorCode::INVALID_VALUES_ERR;
- break;
- case CKM_API_ERROR_DB_ALIAS_EXISTS:
- code = ErrorCode::INVALID_VALUES_ERR;
- message = "Key alias already exists";
- break;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnCreateKeyPair, listener, callbackId,
- PlatformResult(code, message)));
-}
-
-SaveCertObserver::SaveCertObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-}
-
-void SaveCertObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_INPUT_PARAM) {
- code = ErrorCode::INVALID_VALUES_ERR;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSaveCert, listener, callbackId,
- PlatformResult(code, "Failed to save certificate")));
-}
-
-void SaveCertObserver::ReceivedSaveCertificate() {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSaveCert, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-LoadFileCert::LoadFileCert(KeyManagerListener* _listener,
- double callbackId,
- const std::string &_password,
- const std::string &_alias,
- bool _extractable):
- callback_id(callbackId),
- password(_password),
- alias(_alias),
- extractable(_extractable),
- file_content(""),
- listener(_listener) {
-}
-
-void LoadFileCert::AppendBuffer(guint8* buffer, gssize size) {
- file_content.append(buffer, buffer + size);
-}
-
-void LoadFileCert::OnError(const common::PlatformResult& result) {
- listener->OnCertFileLoaded(this, result);
-}
-
-void LoadFileCert::OnFileLoaded() {
- listener->OnCertFileLoaded(this, PlatformResult(ErrorCode::NO_ERROR));
-}
-
-SaveDataObserver::SaveDataObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-}
-
-void SaveDataObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_INPUT_PARAM) {
- code = ErrorCode::INVALID_VALUES_ERR;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSaveData, listener, callbackId,
- PlatformResult(code, "Failed to save data")));
-}
-
-void SaveDataObserver::ReceivedSaveData() {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSaveData, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-CreateSignatureObserver::CreateSignatureObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-}
-
-void CreateSignatureObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_INPUT_PARAM) {
- code = ErrorCode::INVALID_VALUES_ERR;
- }
- CKM::RawBuffer empty;
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnCreateSignature, listener, callbackId,
- PlatformResult(code, "Failed to create signature"), empty));
-}
-
-void CreateSignatureObserver::ReceivedCreateSignature(CKM::RawBuffer&& buffer) {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnCreateSignature, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR), buffer));
-}
-
-VerifySignatureObserver::VerifySignatureObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-}
-
-void VerifySignatureObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_INPUT_PARAM) {
- code = ErrorCode::INVALID_VALUES_ERR;
- } else if (error == CKM_API_ERROR_VERIFICATION_FAILED) {
- code = ErrorCode::VALIDATION_ERR;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnVerifySignature, listener, callbackId,
- PlatformResult(code, "Siganture verification failed")));
-}
-
-void VerifySignatureObserver::ReceivedVerifySignature() {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnVerifySignature, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-LoadFilePKCS12::LoadFilePKCS12(KeyManagerListener* listener,
- double callback_id,
- const std::string &password,
- const std::string &key_alias,
- const std::string &cert_alias):
- callback_id(callback_id),
- password(password),
- key_alias(key_alias),
- cert_alias(cert_alias),
- listener(listener) {
-}
-
-void LoadFilePKCS12::AppendBuffer(guint8* buffer, gssize size) {
- file_content.insert(file_content.end(), buffer, buffer + size);
-}
-
-void LoadFilePKCS12::OnError(const common::PlatformResult& result) {
- listener->OnPKCS12FileLoaded(this, result);
-}
-
-void LoadFilePKCS12::OnFileLoaded() {
- listener->OnPKCS12FileLoaded(this, PlatformResult(ErrorCode::NO_ERROR));
-}
-
-SavePKCS12Observer::SavePKCS12Observer(KeyManagerListener* listener, double callback_id):
- CommonObserver(listener, callback_id),
- cert_saved(false), key_saved(false) {}
-
-void SavePKCS12Observer::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_INPUT_PARAM) {
- code = ErrorCode::INVALID_VALUES_ERR;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSavePKCS12, listener, callbackId,
- PlatformResult(code, "Failed to save pkcs12 file")));
-}
-
-void SavePKCS12Observer::ReceivedSaveKey() {
- LoggerD("Enter");
- key_saved = true;
- if (cert_saved) {
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSavePKCS12, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
- }
-}
-
-void SavePKCS12Observer::ReceivedSaveCertificate() {
- LoggerD("Enter");
- cert_saved = true;
- if (key_saved) {
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnSavePKCS12, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
- }
-}
-
-AllowAccessObserver::AllowAccessObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-}
-
-void AllowAccessObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- code = ErrorCode::NOT_FOUND_ERR;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnAllowAccess, listener, callbackId,
- PlatformResult(code, "Failed to grant access")));
-}
-
-void AllowAccessObserver::ReceivedSetPermission() {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnAllowAccess, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-DenyAccessObserver::DenyAccessObserver(KeyManagerListener* listener, double callbackId):
- CommonObserver(listener, callbackId) {
-}
-
-void DenyAccessObserver::ReceivedError(int error) {
- LoggerD("Enter, error: %d", error);
- ErrorCode code = ErrorCode::UNKNOWN_ERR;
- if (error == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
- code = ErrorCode::NOT_FOUND_ERR;
- }
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnDenyAccess, listener, callbackId,
- PlatformResult(code, "Failed to deny access")));
-}
-
-void DenyAccessObserver::ReceivedSetPermission() {
- LoggerD("Enter");
- common::TaskQueue::GetInstance().Async(std::bind(
- &KeyManagerListener::OnDenyAccess, listener, callbackId,
- PlatformResult(ErrorCode::NO_ERROR)));
-}
-
-} // namespace keymanager
-} // namespace extension
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef KEYMANAGER_KEYMANAGER_OBSERVERS_H_
-#define KEYMANAGER_KEYMANAGER_OBSERVERS_H_
-
-#include <ckm/ckm-manager-async.h>
-#include <string>
-#include "common/platform_result.h"
-#include "keymanager/async_file_reader.h"
-
-namespace extension {
-namespace keymanager {
-
-class LoadFileCert;
-class LoadFilePKCS12;
-
-class KeyManagerListener {
-public:
- virtual void OnSaveKey(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnCreateKeyPair(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnSaveCert(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnCertFileLoaded(LoadFileCert* reader,
- const common::PlatformResult& result) = 0;
- virtual void OnSaveData(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnCreateSignature(double callbackId, const common::PlatformResult& result, CKM::RawBuffer buffer) = 0;
- virtual void OnVerifySignature(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnPKCS12FileLoaded(LoadFilePKCS12* reader,
- const common::PlatformResult& result) = 0;
- virtual void OnSavePKCS12(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnAllowAccess(double callbackId, const common::PlatformResult& result) = 0;
- virtual void OnDenyAccess(double callbackId, const common::PlatformResult& result) = 0;
- virtual ~KeyManagerListener() {}
-};
-
-struct CommonObserver: public CKM::ManagerAsync::Observer {
- CommonObserver(KeyManagerListener* listener, double callbackId);
- virtual ~CommonObserver() {}
-
- protected:
- KeyManagerListener* listener;
- double callbackId;
-};
-
-struct SaveKeyObserver: public CommonObserver {
- SaveKeyObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedSaveKey();
-};
-
-struct CreateKeyObserver: public CommonObserver {
- CreateKeyObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedCreateKeyPairDSA();
- void ReceivedCreateKeyPairECDSA();
- void ReceivedCreateKeyPairRSA();
-private:
- void CallSuccess();
-
-};
-
-struct SaveCertObserver: public CommonObserver {
- SaveCertObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedSaveCertificate();
-};
-
-struct LoadFileCert: public AsyncFileReader {
- LoadFileCert(KeyManagerListener* listener,
- double callbackId,
- const std::string &password,
- const std::string &alias,
- bool extractable);
-
- double callback_id;
- std::string password;
- const std::string alias;
- bool extractable;
- std::string file_content;
-
-protected:
- void AppendBuffer(guint8* buffer, gssize size);
- void OnError(const common::PlatformResult& result);
- void OnFileLoaded();
-
-private:
- KeyManagerListener* listener;
-};
-
-struct LoadFilePKCS12: public AsyncFileReader {
- LoadFilePKCS12(KeyManagerListener* listener,
- double callbackId,
- const std::string &password,
- const std::string &keyAlias,
- const std::string &certAlias);
-
- double callback_id;
- std::string password;
- const std::string key_alias;
- const std::string cert_alias;
- CKM::RawBuffer file_content;
-
-protected:
- void AppendBuffer(guint8* buffer, gssize size);
- void OnError(const common::PlatformResult& result);
- void OnFileLoaded();
-
-private:
- KeyManagerListener* listener;
-};
-
-struct SaveDataObserver: public CommonObserver {
- SaveDataObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedSaveData();
-};
-
-struct CreateSignatureObserver: public CommonObserver {
- CreateSignatureObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedCreateSignature(CKM::RawBuffer&&);
-};
-
-struct VerifySignatureObserver: public CommonObserver {
- VerifySignatureObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedVerifySignature();
-};
-
-struct SavePKCS12Observer: public CommonObserver {
- SavePKCS12Observer(KeyManagerListener* listener, double callback_id);
- void ReceivedError(int error);
- void ReceivedSaveKey();
- void ReceivedSaveCertificate();
-
-private:
- bool cert_saved;
- bool key_saved;
-};
-
-struct AllowAccessObserver: public CommonObserver {
- AllowAccessObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedSetPermission();
-};
-
-struct DenyAccessObserver: public CommonObserver {
- DenyAccessObserver(KeyManagerListener* listener, double callbackId);
- void ReceivedError(int error);
- void ReceivedSetPermission();
-};
-
-} // namespace keymanager
-} // namespace extension
-
-#endif // KEYMANAGER_KEYMANAGER_OBSERVERS_H_
-
projects / platform / core / api / webapi-plugins.git / commitdiff