#ifndef __TIZEN_CORE_KEY_MANAGER_CLIENT_DOC_H__
#define __TIZEN_CORE_KEY_MANAGER_CLIENT_DOC_H__
/**
- * @ingroup CAPI_KEY_MANAGER_MODULE *
+ * @ingroup CAPI_KEY_MANAGER_MODULE
* @defgroup CAPI_KEY_MANAGER_CLIENT_MODULE Key Manager Client
* @brief It provides APIs accessing on the secure repository and additional secure cryptographic operations.
*
BuildRequires: pkgconfig(libsystemd-daemon)
BuildRequires: pkgconfig(db-util)
BuildRequires: boost-devel
+BuildRequires: pkgconfig(capi-base-common)
Requires: boost-test
%{?systemd_requires}
openssl
libsmack
libsystemd-daemon
+ capi-base-common
REQUIRED
)
#endif
/**
+ * @internal
* @addtogroup CAPI_KEY_MANAGER_CONTROL_MODULE
* @{
*/
/**
- * @brief Decrypts a user key with password. A decrypted user key exists only on memory. If this API is called for the first time, a user key will be generated internally.
+ * @brief Decrypts a user key(DKEK) with password. A decrypted user key exists only on memory. If this API is called for the first time, a user key will be generated internally.
*
* @since_tizen 2.3
* @privlevel platform
*
* @remarks The user key is a randomly generated key used in encrypting user data. And the user key is protected by a user's password.
*
- * @param[in] user is a uid of a user whose key is decrypted.
- * @param[in] password is used in decrypting a user key.
+ * @param[in] user a uid of a user whose key is decrypted.
+ * @param[in] password used in decrypting a user key.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_SERVER_ERROR failed to unlock user key
- * @exception #CKMC_API_ERROR_INPUT_PARAM invalid input parameter
- * @exception #CKMC_API_ERROR_AUTHENTICATION_FAILED not correct password
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_SERVER_ERROR failed to unlock user key
+ * @retval #CKMC_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_ERROR_AUTHENTICATION_FAILED not correct password
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @see ckmc_lock_user_key()
* @see ckmc_remove_user_data()
int ckmc_unlock_user_key(uid_t user, const char *password);
/**
- * @brief remove a decrypted user key from memory
+ * @brief Removes a decrypted user key(DKEK) from memory
*
* @since_tizen 2.3
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @param[in] user is a uid of a user whose key is removed from memory.
+ * @param[in] user a uid of a user whose key is removed from memory.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @see ckmc_unlock_user_key()
* @see ckmc_remove_user_data()
int ckmc_lock_user_key(uid_t user);
/**
- * @brief remove user data from Store and erase a user key used for encryption
+ * @brief Removes user data from Store and erase a user key(DKEK) used for encryption
*
* @since_tizen 2.3
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @param[in] user is a uid of a user whose data and key are removed
+ * @param[in] user a uid of a user whose data and key are removed
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @see ckmc_unlock_user_key()
* @see ckmc_lock_user_key()
int ckmc_remove_user_data(uid_t user);
/**
- * @brief change a password for a user. key manager decrypts a user key with old password and re-encrypts a user key with new password.
+ * @brief Changes a password for a user. key manager decrypts a user key(DKEK) with old password and re-encrypts a user key with new password.
*
* @since_tizen 2.3
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @param[in] user is a uid of a user whose user key is re-encrypted
- * @param[in] old_password is used in decrypting a user key.
- * @param[in] new_password is used in re-encrypting a user key.
+ * @param[in] user a uid of a user whose user key is re-encrypted
+ * @param[in] old_password used in decrypting a user key.
+ * @param[in] new_password used in re-encrypting a user key.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM invalid input parameter
- * @exception #CKMC_API_ERROR_AUTHENTICATION_FAILED not correct password
- * @exception #CKMC_API_ERROR_BAD_REQUEST no information about old password
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_ERROR_AUTHENTICATION_FAILED not correct password
+ * @retval #CKMC_ERROR_BAD_REQUEST no information about old password
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @see ckmc_unlock_user_key()
* @see ckmc_lock_user_key()
int ckmc_change_user_password(uid_t user, const char *old_password, const char *new_password);
/**
- * @brief change a password for a user without old password.
+ * @brief Changes a password for a user without old password.
*
* @since_tizen 2.3
* @privlevel platform
* @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @param[in] user is a uid of a user whose user key is re-encrypted
+ * @param[in] user a uid of a user whose user key is re-encrypted
* @param[in] new_password is used in re-encrypting a user key.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM invalid input parameter
- * @exception #CKMC_API_ERROR_BAD_REQUEST a user key is not unlocked.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM invalid input parameter
+ * @retval #CKMC_ERROR_BAD_REQUEST a user key is not unlocked.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
*/
/**
- * @brief indicating the result of the one specific API is successful
+ * @brief Indicates the result of the one specific API is successful
+ * @since_tizen 2.3
*/
-#define CKMC_API_SUCCESS 0
+#define CKMC_SUCCESS 0
/**
- * @brief indicating the socket between client and Central Key Manager failed
+ * @brief Indicates the socket between client and Central Key Manager failed
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_SOCKET -1
+#define CKMC_ERROR_SOCKET -1
/**
- * @brief indicating the request from client is malformed
+ * @brief Indicates the request from client is malformed
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_BAD_REQUEST -2
+#define CKMC_ERROR_BAD_REQUEST -2
/**
- * @brief indicating the response from Central Key Manager is malformed
+ * @brief Indicates the response from Central Key Manager is malformed
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_BAD_RESPONSE -3
+#define CKMC_ERROR_BAD_RESPONSE -3
/**
- * @brief indicating the transmitting request failed.
+ * @brief Indicates the transmitting request failed.
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_SEND_FAILED -4
+#define CKMC_ERROR_SEND_FAILED -4
/**
- * @brief indicating the receiving response failed.
+ * @brief Indicates the receiving response failed.
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_RECV_FAILED -5
+#define CKMC_ERROR_RECV_FAILED -5
/**
- * @brief indicating the authentication between client and manager failed.
+ * @brief Indicates the authentication between client and manager failed.
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_AUTHENTICATION_FAILED -6
+#define CKMC_ERROR_AUTHENTICATION_FAILED -6
/**
- * @brief indicating the API's input parameter is malformed
+ * @brief Indicates the API's input parameter is malformed
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_INPUT_PARAM -7
+#define CKMC_ERROR_INPUT_PARAM -7
/**
- * @brief indicating the output buffer size which is passed as parameter is too small
+ * @brief Indicates the output buffer size which is passed as parameter is too small
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_BUFFER_TOO_SMALL -8
+#define CKMC_ERROR_BUFFER_TOO_SMALL -8
/**
- * @brief indicating system is running out of memory state
+ * @brief Indicates system is running out of memory state
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_OUT_OF_MEMORY -9
+#define CKMC_ERROR_OUT_OF_MEMORY -9
/**
- * @brief indicating the access has been denied by Central Key Manager
+ * @brief Indicates the access has been denied by Central Key Manager
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_ACCESS_DENIED -10
+#define CKMC_ERROR_ACCESS_DENIED -10
/**
- * @brief indicating Central Key Manager has been failed for some reason
+ * @brief Indicates Central Key Manager has been failed for some reason
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_SERVER_ERROR -11
+#define CKMC_ERROR_SERVER_ERROR -11
/**
- * @brief indicating the database was not unlocked - user did not login
+ * @brief Indicates the database was not unlocked - user did not login
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_DB_LOCKED -12
+#define CKMC_ERROR_DB_LOCKED -12
/**
- * @brief indicating an internal error inside the database
+ * @brief Indicates an internal error inside the database
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_DB_ERROR -13
+#define CKMC_ERROR_DB_ERROR -13
/**
- * @brief indicating that provided alias already exists in the database
+ * @brief Indicates that provided alias already exists in the database
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_DB_ALIAS_EXISTS -14
-
+#define CKMC_ERROR_DB_ALIAS_EXISTS -14
/**
- * @brief indicating that request given to database returned no result
+ * @brief Indicates that request given to database returned no result
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_DB_ALIAS_UNKNOWN -15
+#define CKMC_ERROR_DB_ALIAS_UNKNOWN -15
/**
- * @brief indicating that CA certificate(s) were unknown and chain could not be created
+ * @brief Indicates that CA certificate(s) were unknown and chain could not be created
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_VERIFICATION_FAILED -16
+#define CKMC_ERROR_VERIFICATION_FAILED -16
/**
- * @brief indicating that a provided file or binary has not a valid format
+ * @brief Indicates that a provided file or binary has not a valid format
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_INVALID_FORMAT -17
+#define CKMC_ERROR_INVALID_FORMAT -17
/**
- * @brief indicating that provided file doesn't exists or cannot be accessed in the file system
+ * @brief Indicates that provided file doesn't exists or cannot be accessed in the file system
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_FILE_ACCESS_DENIED -18
+#define CKMC_ERROR_FILE_ACCESS_DENIED -18
/**
- * @brief indicating the error with unknown reason
+ * @brief Indicates the error with unknown reason
+ * @since_tizen 2.3
*/
-#define CKMC_API_ERROR_UNKNOWN -255
+#define CKMC_ERROR_UNKNOWN -255
/**
*
* @file ckmc-manager.h
* @version 1.0
- * @brief provides management functions(storing, retrieving, and removing) for keys, certificates and data of a user and additional crypto functions.
+ * @brief Provides management functions(storing, retrieving, and removing) for keys, certificates and data of a user and additional crypto functions.
*/
#include <stddef.h>
#include <sys/types.h>
+#include <tizen.h>
#include <ckmc/ckmc-type.h>
#include <ckmc/ckmc-error.h>
*
* @remarks Currently only four types of keys are supported for this API. These are RSA public/private key and ECDSA /private key.
* @remarks key_type in key may be set to #CKMC_KEY_NONE as an input. key_type is determined inside key manager during storing keys.
- * @remarks Some private key files are protected by a password. if raw_key in key read from those encrypted files is encrypted with a password, the password should be provided in the #ckmc_key structure.
+ * @remarks Some private key files are protected by a password. if raw_key in key read from those encrypted files is encrypted with a password, the password should be provided in the #ckmc_key_s structure.
* @remarks if password in policy is provided, the key is additionally encrypted with the password in policy.
*
- * @param[in] alias is the name of a key to be stored
- * @param[in] key has a key's binary value to be stored.
- * @param[in] policy is about how to store a key securely.
+ * @param[in] alias the name of a key to be stored
+ * @param[in] key a key's binary value to be stored.
+ * @param[in] policy about how to store a key securely.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
- * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of raw_key is not valid.
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_EXISTS alias already exists.
+ * @retval #CKMC_ERROR_INVALID_FORMAT the format of raw_key is not valid.
+ * @retval #CKMC_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_key()
* @see ckmc_get_key()
* @see ckmc_get_key_alias_list()
- * @see #ckmc_key
- * @see #ckmc_policy
+ * @see #ckmc_key_s
+ * @see #ckmc_policy_s
*/
-int ckmc_save_key(const char *alias, const ckmc_key key, const ckmc_policy policy);
+int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy);
/**
* @brief Removes a key from key manager
*
* @remarks a client can remove only keys stored by the client.
*
- * @param[in] alias is the name of a key to be removed
+ * @param[in] alias the name of a key to be removed
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
int ckmc_remove_key(const char *alias);
/**
- * @brief Get a key from key manager
+ * @brief Gets a key from key manager
*
* @since_tizen 2.3
* @privlevel public
* @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
* @remarks A newly created ppkey should be destroyed by calling ckmc_key_free() if it is no longer needed.
*
- * @param[in] alias is the name of a key to retrieve
- * @param[in] password is used in decrypting a key value. If password of policy is provided in ckmc_save_key(), the same password should be provided.
- * @param[out] ppkey is a pointer to a newly created ckmc_key handle
+ * @param[in] alias the name of a key to retrieve
+ * @param[in] password used in decrypting a key value. If password of policy is provided in ckmc_save_key(), the same password should be provided.
+ * @param[out] ppkey a pointer to a newly created ckmc_key_s handle
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_key()
* @see ckmc_get_key_alias_list()
*/
-int ckmc_get_key(const char *alias, const char *password, ckmc_key **ppkey);
+int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **ppkey);
/**
- * @brief Get a all alias of keys to which the client can access
+ * @brief Gets a all alias of keys to which the client can access
*
* @since_tizen 2.3
* @privlevel public
* @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
* @remarks A newly created ppalias_list should be destroyed by calling ckmc_alias_list_all_free() if it is no longer needed.
*
- * @param[out] ppalias_list is a pointer to a newly created ckmc_alias_list handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
+ * @param[out] ppalias_list a pointer to a newly created ckmc_alias_list_s handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_key()
* @see ckmc_get_key()
*/
-int ckmc_get_key_alias_list(ckmc_alias_list** ppalias_list);
+int ckmc_get_key_alias_list(ckmc_alias_list_s** ppalias_list);
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @param[in] alias is the name of a certificate to be stored
- * @param[in] cert has a certificate's binary value to be stored.
- * @param[in] policy is about how to store a certificate securely.
+ * @param[in] alias the name of a certificate to be stored
+ * @param[in] cert a certificate's binary value to be stored.
+ * @param[in] policy about how to store a certificate securely.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
- * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of raw_cert is not valid.
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_EXISTS alias already exists.
+ * @retval #CKMC_ERROR_INVALID_FORMAT the format of raw_cert is not valid.
+ * @retval #CKMC_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_cert()
* @see ckmc_get_cert()
* @see ckmc_get_cert_alias_list()
- * @see #ckmc_cert
- * @see #ckmc_policy
+ * @see #ckmc_cert_s
+ * @see #ckmc_policy_s
*/
-int ckmc_save_cert(const char *alias, const ckmc_cert cert, const ckmc_policy policy);
+int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy);
/**
* @brief Removes a certificate from key manager
*
* @remarks a client can remove only certificates stored by the client.
*
- * @param[in] alias is the name of a certificate to be removed
+ * @param[in] alias the name of a certificate to be removed
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
int ckmc_remove_cert(const char *alias);
/**
- * @brief Get a certificate from key manager
+ * @brief Gets a certificate from key manager
*
* @since_tizen 2.3
* @privlevel public
* @remarks a client can access only certificate stored by the client and non-restricted certificate stored by other clients.
* @remarks A newly created ppcert should be destroyed by calling ckmc_cert_free() if it is no longer needed.
*
- * @param[in] alias is the name of a certificate to retrieve
- * @param[in] password is used in decrypting a certificate value. If password of policy is provided in ckmc_save_cert(), the same password should be provided.
- * @param[out] ppcert is a pointer to a newly created ckmc_cert handle
+ * @param[in] alias the name of a certificate to retrieve
+ * @param[in] password used in decrypting a certificate value. If password of policy is provided in ckmc_save_cert(), the same password should be provided.
+ * @param[out] ppcert a pointer to a newly created ckmc_cert_s handle
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_cert()
* @see ckmc_get_cert_alias_list()
*/
-int ckmc_get_cert(const char *alias, const char *password, ckmc_cert **ppcert);
+int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **ppcert);
/**
- * @brief Get a all alias of certificates to which the client can access
+ * @brief Gets a all alias of certificates to which the client can access
*
* @since_tizen 2.3
* @privlevel public
* @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
* @remarks A newly created ppalias_list should be destroyed by calling ckmc_alias_list_all_free() if it is no longer needed.
*
- * @param[out] ppalias_list is a pointer to a newly created ckmc_alias_list handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
+ * @param[out] ppalias_list a pointer to a newly created ckmc_alias_list_s handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_cert()
* @see ckmc_get_cert()
*/
-int ckmc_get_cert_alias_list(ckmc_alias_list** ppalias_list);
+int ckmc_get_cert_alias_list(ckmc_alias_list_s** ppalias_list);
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @param[in] alias is the name of a data to be stored
- * @param[in] data has a binary value to be stored.
- * @param[in] policy is about how to store a data securely.
+ * @param[in] alias the name of a data to be stored
+ * @param[in] data a binary value to be stored.
+ * @param[in] policy about how to store a data securely.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_EXISTS alias already exists.
+ * @retval #CKMC_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_data()
* @see ckmc_get_data()
* @see ckmc_get_data_alias_list()
- * @see #ckmc_raw_buffer
- * @see #ckmc_policy
+ * @see #ckmc_raw_buffer_s
+ * @see #ckmc_policy_s
*/
-int ckmc_save_data(const char *alias, ckmc_raw_buffer data, const ckmc_policy policy);
+int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy);
/**
* @brief Removes a data from key manager
*
* @remarks a client can remove only data stored by the client.
*
- * @param[in] alias is the name of a data to be removed
+ * @param[in] alias the name of a data to be removed
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
int ckmc_remove_data(const char *alias);
/**
- * @brief Get a data from key manager
+ * @brief Gets a data from key manager
*
* @since_tizen 2.3
* @privlevel public
* @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
* @remarks A newly created ppdata should be destroyed by calling ckmc_buffer_free() if it is no longer needed.
*
- * @param[in] alias is the name of a data to retrieve
- * @param[in] password is used in decrypting a data value. If password of policy is provided in ckmc_save_data(), the same password should be provided.
- * @param[out] ppdata is a pointer to a newly created ckmc_raw_buffer handle
+ * @param[in] alias the name of a data to retrieve
+ * @param[in] password used in decrypting a data value. If password of policy is provided in ckmc_save_data(), the same password should be provided.
+ * @param[out] ppdata a pointer to a newly created ckmc_raw_buffer_s handle
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_data()
* @see ckmc_get_data_alias_list()
*/
-int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer **ppdata);
+int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **ppdata);
/**
- * @brief Get a all alias of data to which the client can access
+ * @brief Gets a all alias of data to which the client can access
*
* @since_tizen 2.3
* @privlevel public
* @remarks a client can access only data stored by the client and non-restricted data stored by other clients.
* @remarks A newly created ppalias_list should be destroyed by calling ckmc_alias_list_all_free() if it is no longer needed.
*
- * @param[out] ppalias_list is a pointer to a newly created ckmc_alias_list handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
+ * @param[out] ppalias_list a pointer to a newly created ckmc_alias_list_s handle containing all available alias of keys. If there is no available key alias, *ppalias_list will be null.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to the error with unknown reason
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_remove_data()
* @see ckmc_get_data()
*/
-int ckmc_get_data_alias_list(ckmc_alias_list** ppalias_list);
+int ckmc_get_data_alias_list(ckmc_alias_list_s** ppalias_list);
*
* @remarks if password in policy is provided, the key is additionally encrypted with the password in policy.
*
- * @param[in] size is the size of key strength to be created. 1024, 2048, and 4096 are supported.
- * @param[in] private_key_alias is the name of private key to be stored.
- * @param[in] public_key_alias is the name of public key to be stored.
- * @param[in] policy_private_key is about how to store a private key securely.
- * @param[in] policy_public_key is about how to store a public key securely.
+ * @param[in] size the size of key strength to be created. 1024, 2048, and 4096 are supported.
+ * @param[in] private_key_alias the name of private key to be stored.
+ * @param[in] public_key_alias the name of public key to be stored.
+ * @param[in] policy_private_key about how to store a private key securely.
+ * @param[in] policy_public_key about how to store a public key securely.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_EXISTS alias already exists.
+ * @retval #CKMC_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_create_signature()
* @see ckmc_verify_signature()
*/
-int ckmc_create_key_pair_rsa(const size_t size, const char *private_key_alias, const char *public_key_alias, const ckmc_policy policy_private_key, const ckmc_policy policy_public_key);
+int ckmc_create_key_pair_rsa(const size_t size, const char *private_key_alias, const char *public_key_alias, const ckmc_policy_s policy_private_key, const ckmc_policy_s policy_public_key);
/**
* @brief Creates ECDSA private/public key pair and stores them inside key manager based on each policy.
*
* @remarks if password in policy is provided, the key is additionally encrypted with the password in policy.
*
- * @param[in] type is the type of eliptic curve of ECDSA.
- * @param[in] private_key_alias is the name of private key to be stored.
- * @param[in] public_key_alias is the name of public key to be stored.
- * @param[in] policy_private_key is about how to store a private key securely.
- * @param[in] policy_public_key is about how to store a public key securely.
+ * @param[in] type the type of eliptic curve of ECDSA.
+ * @param[in] private_key_alias the name of private key to be stored.
+ * @param[in] public_key_alias the name of public key to be stored.
+ * @param[in] policy_private_key about how to store a private key securely.
+ * @param[in] policy_public_key about how to store a public key securely.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_EXISTS alias already exists.
- * @exception #CKMC_API_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_EXISTS alias already exists.
+ * @retval #CKMC_ERROR_DB_ERROR failed due to other DB transaction unexpectedly.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_signature()
* @see ckmc_verify_signature()
- * @see #ckmc_ec_type
+ * @see #ckmc_ec_type_e
*/
-int ckmc_create_key_pair_ecdsa(const ckmc_ec_type type, const char *private_key_alias, const char *public_key_alias, const ckmc_policy policy_private_key, const ckmc_policy policy_public_key);
+int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type, const char *private_key_alias, const char *public_key_alias, const ckmc_policy_s policy_private_key, const ckmc_policy_s policy_public_key);
/**
* @brief Creates a signature on a given message using a private key and returns the signature
* @remarks A newly created ppsignature should be destroyed by calling ckmc_buffer_free() if it is no longer needed.
*
*
- * @param[in] private_key_alias is the name of private key.
- * @param[in] password is used in decrypting a private key value.
- * @param[in] message is signed with a private key .
- * @param[in] hash is the hash algorithm used in creating signature.
- * @param[in] padding is the RSA padding algorithm used in creating signature. It is used only when the signature algorithm is RSA.
- * @param[out] ppsignature is a pointer to a newly created signature's. If an error occurs, *ppsignature will be null.
+ * @param[in] private_key_alias the name of private key.
+ * @param[in] password used in decrypting a private key value.
+ * @param[in] message signed with a private key .
+ * @param[in] hash the hash algorithm used in creating signature.
+ * @param[in] padding the RSA padding algorithm used in creating signature. It is used only when the signature algorithm is RSA.
+ * @param[out] ppsignature a pointer to a newly created signature's. If an error occurs, *ppsignature will be null.
*
* @return 0 on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_create_key_pair_ecdsa()
* @see ckmc_verify_signature()
* @see ckmc_buffer_free()
- * @see #ckmc_hash_algo
- * @see #ckmc_rsa_padding_algo
+ * @see #ckmc_hash_algo_e
+ * @see #ckmc_rsa_padding_algo_e
*/
-int ckmc_create_signature(const char *private_key_alias, const char *password, const ckmc_raw_buffer message, const ckmc_hash_algo hash, const ckmc_rsa_padding_algo padding, ckmc_raw_buffer **ppsignature);
+int ckmc_create_signature(const char *private_key_alias, const char *password, const ckmc_raw_buffer_s message, const ckmc_hash_algo_e hash, const ckmc_rsa_padding_algo_e padding, ckmc_raw_buffer_s **ppsignature);
/**
- * @brief Verify a given signature on a given message using a public key and returns the signature status.
+ * @brief Verifies a given signature on a given message using a public key and returns the signature status.
*
* @since_tizen 2.3
* @privlevel public
*
* @remarks If password of policy is provided during storing a key, the same password should be provided.
*
- * @param[in] public_key_alias is the name of public key.
- * @param[in] password is used in decrypting a public key value.
- * @param[in] message is a input on which the signature is created.
- * @param[in] signature is verified with public key.
- * @param[in] hash is the hash algorithm used in verifying signature.
- * @param[in] padding is the RSA padding algorithm used in verifying signature. It is used only when the signature algorithm is RSA.
+ * @param[in] public_key_alias the name of public key.
+ * @param[in] password used in decrypting a public key value.
+ * @param[in] message a input on which the signature is created.
+ * @param[in] signature verified with public key.
+ * @param[in] hash the hash algorithm used in verifying signature.
+ * @param[in] padding the RSA padding algorithm used in verifying signature. It is used only when the signature algorithm is RSA.
*
* @return 0 on success and the signature is valid, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_VERIFICATION_FAILED the signature is invalid
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_VERIFICATION_FAILED the signature is invalid
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_create_key_pair_rsa()
* @see ckmc_create_key_pair_ecdsa()
* @see ckmc_verify_signature()
- * @see #ckmc_hash_algo
- * @see #ckmc_rsa_padding_algo
+ * @see #ckmc_hash_algo_e
+ * @see #ckmc_rsa_padding_algo_e
*/
-int ckmc_verify_signature(const char *public_key_alias, const char *password, const ckmc_raw_buffer message, const ckmc_raw_buffer signature, const ckmc_hash_algo hash, const ckmc_rsa_padding_algo padding);
+int ckmc_verify_signature(const char *public_key_alias, const char *password, const ckmc_raw_buffer_s message, const ckmc_raw_buffer_s signature, const ckmc_hash_algo_e hash, const ckmc_rsa_padding_algo_e padding);
/**
- * @brief Verify a certificate chain and return that chain.
+ * @brief Verifies a certificate chain and return that chain.
*
* @since_tizen 2.3
* @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
+ * @privilege %http://tizen.orckmc_buffer_freeg/privilege/keymanager
*
* @remarks The trusted root certificate of the chain should exist in the system's certificate storage.
* @remarks A newly created ppcert_chain_list should be destroyed by calling ckmc_cert_list_all_free() if it is no longer needed.
*
- * @param[in] cert is the certificate to be verified
- * @param[in] untrustedcerts is the untrusted CA certificates to be used in verifying a certificate chain.
- * @param[out] ppcert_chain_list is a pointer to a newly created certificate chain's handle. If an error occurs, *ppcert_chain_list will be null.
+ * @param[in] cert the certificate to be verified
+ * @param[in] untrustedcerts the untrusted CA certificates to be used in verifying a certificate chain.
+ * @param[out] ppcert_chain_list a pointer to a newly created certificate chain's handle. If an error occurs, *ppcert_chain_list will be null.
*
* @return 0 on success and the signature is valid, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_VERIFICATION_FAILED the certificate chain is not valid
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of certificate is not valid.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_VERIFICATION_FAILED the certificate chain is not valid
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_INVALID_FORMAT the format of certificate is not valid.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_get_cert_chain_with_alias())
* @see ckmc_cert_list_all_free()
*/
-int ckmc_get_cert_chain(const ckmc_cert *cert, const ckmc_cert_list *untrustedcerts, ckmc_cert_list **ppcert_chain_list);
+int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **ppcert_chain_list);
/**
- * @brief Verify a certificate chain using a alias list of untrusted certificates and return that chain.
+ * @brief Verifies a certificate chain using a alias list of untrusted certificates and return that chain.
*
* @since_tizen 2.3
* @privlevel public
* @remarks The trusted root certificate of the chain should exist in the system's certificate storage.
* @remarks A newly created ppcert_chain_list should be destroyed by calling ckmc_cert_list_all_free() if it is no longer needed.
*
- * @param[in] cert is the certificate to be verified
- * @param[in] untrustedcerts is an alias list of untrusted CA certificates stored in key manager to be used in verifying a certificate chain.
- * @param[out] ppcert_chain_list is a pointer to a newly created certificate chain's handle. If an error occurs, *ppcert_chain_list will be null.
+ * @param[in] cert the certificate to be verified
+ * @param[in] untrustedcerts an alias list of untrusted CA certificates stored in key manager to be used in verifying a certificate chain.
+ * @param[out] ppcert_chain_list a pointer to a newly created certificate chain's handle. If an error occurs, *ppcert_chain_list will be null.
*
* @return 0 on success and the signature is valid, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_VERIFICATION_FAILED the certificate chain is not valid
- * @exception #CKMC_API_ERROR_INPUT_PARAM input parameter is invalid
- * @exception #CKMC_API_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
- * @exception #CKMC_API_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
- * @exception #CKMC_API_ERROR_INVALID_FORMAT the format of certificate is not valid.
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_VERIFICATION_FAILED the certificate chain is not valid
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED a user key is not loaded in memory(a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN alias doesn't exists.
+ * @retval #CKMC_ERROR_INVALID_FORMAT the format of certificate is not valid.
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
*
* @pre User must be already logged in and his user key is already loaded into memory in plain text form.
*
* @see ckmc_get_cert_chain())
* @see ckmc_cert_list_all_free()
*/
-int ckmc_get_cert_chain_with_alias(const ckmc_cert *cert, const ckmc_alias_list *untrustedcerts, ckmc_cert_list **ppcert_chain_list);
+int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **ppcert_chain_list);
#ifdef __cplusplus
*/
/**
- * @brief Enumeration for key types of key manager.
- */
-typedef enum ckmc_key_type_t {
- CKMC_KEY_NONE =0, /**< key type not specified */
- CKMC_KEY_RSA_PUBLIC, /**< RSA public key */
- CKMC_KEY_RSA_PRIVATE, /**< RSA private key */
- CKMC_KEY_ECDSA_PUBLIC, /**< ECDSA public key */
- CKMC_KEY_ECDSA_PRIVATE, /**< ECDSA private key */
-} ckmc_key_type;
-
-/**
- * @brief Enumeration for data format.
+ * @brief Enumerates for key types of key manager.
+ * @since_tizen 2.3
*/
-typedef enum ckmc_data_format_t {
- CKMC_FORM_DER_BASE64 =0, /**< DER format base64 encoded data */
- CKMC_FORM_DER, /**< DER encoded data */
- CKMC_FORM_PEM /**< PEM encoded data. It consists of the DER format base64 encoded with additional header and footer lines */
-} ckmc_data_format;
+typedef enum __ckmc_key_type {
+ CKMC_KEY_NONE = 0, /**< key type not specified */
+ CKMC_KEY_RSA_PUBLIC, /**< RSA public key */
+ CKMC_KEY_RSA_PRIVATE, /**< RSA private key */
+ CKMC_KEY_ECDSA_PUBLIC, /**< ECDSA public key */
+ CKMC_KEY_ECDSA_PRIVATE, /**< ECDSA private key */
+} ckmc_key_type_e;
/**
- * @brief Enumeration for eliptic curve.
+ * @brief Enumerates for data format.
+ * @since_tizen 2.3
*/
-typedef enum ckmc_ec_type_t {
- CKMC_EC_PRIME192V1 =0, /**< Elliptic curve domain "secp192r1" listed in "SEC 2" recommended elliptic curve domain */
- CKMC_EC_PRIME256V1, /**< "SEC 2" recommended elliptic curve domain - secp256r1 */
- CKMC_EC_SECP384R1 /**< NIST curve P-384 (covers "secp384r1", the elliptic curve domain listed in See SEC 2 */
-} ckmc_ec_type;
+typedef enum __ckmc_data_format {
+ CKMC_FORM_DER_BASE64 = 0, /**< DER format base64 encoded data */
+ CKMC_FORM_DER, /**< DER encoded data */
+ CKMC_FORM_PEM /**< PEM encoded data. It consists of the DER format base64 encoded with additional header and footer lines */
+} ckmc_data_format_e;
/**
- * @brief Enumeration for bool type used within key manager CAPI.
+ * @brief Enumerates for eliptic curve.
+ * @since_tizen 2.3
*/
-typedef enum ckmc_bool_t {
- CKMC_FALSE =0, /**< false */
- CKMC_TRUE /**< true */
-} ckmc_bool;
+typedef enum __ckmc_ec_type {
+ CKMC_EC_PRIME192V1 = 0, /**< Elliptic curve domain "secp192r1" listed in "SEC 2" recommended elliptic curve domain */
+ CKMC_EC_PRIME256V1, /**< "SEC 2" recommended elliptic curve domain - secp256r1 */
+ CKMC_EC_SECP384R1 /**< NIST curve P-384 (covers "secp384r1", the elliptic curve domain listed in See SEC 2 */
+} ckmc_ec_type_e;
/**
- * @brief Enumeration for hash algorithm.
+ * @brief Enumerates for hash algorithm.
+ * @since_tizen 2.3
*/
-typedef enum ckmc_hash_algo_t {
- CKMC_HASH_SHA1 =0, /**< Hash Algorithm SHA1 */
- CKMC_HASH_SHA256, /**< Hash Algorithm SHA256 */
- CKMC_HASH_SHA384, /**< Hash Algorithm SHA384 */
- CKMC_HASH_SHA512 /**< Hash Algorithm SHA512 */
-} ckmc_hash_algo;
+typedef enum __ckmc_hash_algo {
+ CKMC_HASH_SHA1 = 0, /**< Hash Algorithm SHA1 */
+ CKMC_HASH_SHA256, /**< Hash Algorithm SHA256 */
+ CKMC_HASH_SHA384, /**< Hash Algorithm SHA384 */
+ CKMC_HASH_SHA512 /**< Hash Algorithm SHA512 */
+} ckmc_hash_algo_e;
/**
- * @brief Enumeration for RSA padding algorithm.
+ * @brief Enumerates for RSA padding algorithm.
+ * @since_tizen 2.3
*/
-typedef enum ckmc_rsa_padding_algo_t {
- CKMC_PKCS1_PADDING =0, /**< PKCS#1 Padding */
- CKMC_X931_PADDING /**< X9.31 padding */
-} ckmc_rsa_padding_algo;
-
-
-
+typedef enum __ckmc_rsa_padding_algo {
+ CKMC_PKCS1_PADDING = 0, /**< PKCS#1 Padding */
+ CKMC_X931_PADDING /**< X9.31 padding */
+} ckmc_rsa_padding_algo_e;
/**
- * @brief binary buffer used in key manager CAPI
+ * @brief Binary buffer used in key manager CAPI
* @details @a data is byte array containing some binary data
* @a size is the size of the binary data
+ * @since_tizen 2.3
*/
-typedef struct ckmc_raw_buff_t{
+typedef struct __ckmc_raw_buff {
unsigned char* data;
- size_t size;
-} ckmc_raw_buffer;
+ size_t size;
+} ckmc_raw_buffer_s;
/**
- * @brief a policy for storing key/certificate/binary data
+ * @brief A policy for storing key/certificate/binary data
* @details if @a password is not null, the data(or key, or certificate) is stored encrypted with this password inside key manager
* if @a extractable true, key may be extracted from storage
* if @a restricted true, only key owner can see data
+ * @since_tizen 2.3
*/
-typedef struct ckmc_policy_t {
- char* password; // byte array used to encrypt data inside CKM
- ckmc_bool extractable; // if true key may be extracted from storage
- ckmc_bool restricted; // if true only key owner may see data
-} ckmc_policy;
+typedef struct __ckmc_policy {
+ char* password; // byte array used to encrypt data inside CKM
+ bool extractable; // if true key may be extracted from storage
+ bool restricted; // if true only key owner may see data
+} ckmc_policy_s;
/**
- * @brief key structure used in key manager CAPI
+ * @brief Key structure used in key manager CAPI
* @details @a raw_key is byte array of key. raw_key may be encrypted with password.
* @a key_size is the byte size of raw_key
* @a key_type is the raw_key's type
* if @a password is byte array used to decrypt raw_key inside key manager.
+ * @since_tizen 2.3
*/
-typedef struct ckmc_key_t {
+typedef struct __ckmc_key {
unsigned char* raw_key;
- size_t key_size;
- ckmc_key_type key_type;
- char* password; // byte array used to decrypt data raw_key inside key manager
-} ckmc_key;
+ size_t key_size;
+ ckmc_key_type_e key_type;
+ char* password; // byte array used to decrypt data raw_key inside key manager
+} ckmc_key_s;
/**
- * @brief certificate structure used in key manager CAPI
+ * @brief Certificate structure used in key manager CAPI
* @details @a raw_cert is byte array of certificate.
* @a cert_size is the byte size of raw_cert
* @a data_format is the raw_cert's encoding format
+ * @since_tizen 2.3
*/
-typedef struct ckmc_cert_t {
- unsigned char* raw_cert;
- size_t cert_size;
- ckmc_data_format data_format;
-} ckmc_cert;
+typedef struct __ckmc_cert {
+ unsigned char* raw_cert;
+ size_t cert_size;
+ ckmc_data_format_e data_format;
+} ckmc_cert_s;
/**
- * @brief linked list structure of alias
+ * @brief Linked list structure of alias
* @details @a alias is a name of key, certificate or data stored in key manager.
- * @a next is a pointer pointing to the next ckmc_alias_list
+ * @a next is a pointer pointing to the next ckmc_alias_list_s
+ * @since_tizen 2.3
*/
-typedef struct ckmc_alias_list_t {
+typedef struct __ckmc_alias_list {
char *alias;
- struct ckmc_alias_list_t *next;
-} ckmc_alias_list;
+ struct __ckmc_alias_list *next;
+} ckmc_alias_list_s;
/**
- * @brief linked list structure of ckmc_cert
- * @details @a cert is a pointer of ckmc_cert.
- * @a next is a pointer pointing to the next ckmc_cert_list
+ * @brief Linked list structure of ckmc_cert_s
+ * @details @a cert is a pointer of ckmc_cert_s.
+ * @a next is a pointer pointing to the next ckmc_cert_list_s
+ * @since_tizen 2.3
*/
-typedef struct ckmc_cert_list_t {
- ckmc_cert *cert;
- struct ckmc_cert_list_t *next;
-} ckmc_cert_list;
-
-
-
+typedef struct __ckmc_cert_list {
+ ckmc_cert_s *cert;
+ struct __ckmc_cert_list *next;
+} ckmc_cert_list_s;
/**
- * @brief Creates a new ckmc_key handle and returns it.
+ * @internal
+ * @brief Creates a new ckmc_key_s handle and returns it.
*
* @since_tizen 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
- *
- * @remarks A newly created ckmc_key should be destroyed by calling ckmc_key_free() if it is no longer needed.
- *
- * @param[in] raw_key is byte array of key. raw_key may be encrypted with password
- * @param[in] key_size is the byte size of raw_key
- * @param[in] key_type is the raw_key's type
- * @param[in] password is byte array used to decrypt raw_key inside key manager. If raw_key is not encrypted, password can be null.
- * @return a newly created ckmc_key handle
- * @exception If successful, a newly created ckmc_key handle will be returned
- * @exception If out of memory, returns a null value.
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
+ *
+ * @remarks A newly created ckmc_key_s should be destroyed by calling ckmc_key_free() if it is no longer needed.
+ *
+ * @param[in] raw_key byte array of key. raw_key may be encrypted with password
+ * @param[in] key_size the byte size of raw_key
+ * @param[in] key_type the raw_key's type
+ * @param[in] password byte array used to decrypt raw_key inside key manager. If raw_key is not encrypted, password can be null.
+ * @param[out] ppkey a pointer to a newly created ckmc_key_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_key_free()
- * @see #ckmc_key
+ * @see #ckmc_key_s
*/
-ckmc_key *ckmc_key_new(unsigned char *raw_key, size_t key_size, ckmc_key_type key_type, char *password);
+int ckmc_key_new(unsigned char *raw_key, size_t key_size,
+ ckmc_key_type_e key_type, char *password, ckmc_key_s **ppkey);
/**
- * @brief Destroys the ckmc_key handle and releases all its resources.
+ * @brief Destroys the ckmc_key_s handle and releases all its resources.
*
* @since_tizen 2.3
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @param[in] key a ckmc_key handle to destroy
+ * @param[in] key a ckmc_key_s handle to destroy
* @see ckmc_key_new()
*/
-void ckmc_key_free(ckmc_key *key);
-
-
-
+void ckmc_key_free(ckmc_key_s *key);
/**
- * @brief Creates a new ckmc_raw_buffer handle and returns it.
+ * @internal
+ * @brief Creates a new ckmc_raw_buffer_s handle and returns it.
*
* @since_tizen 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks A newly created ckmc_raw_buffer should be destroyed by calling ckmc_buffer_free() if it is no longer needed.
+ * @remarks A newly created ckmc_raw_buffer_s should be destroyed by calling ckmc_buffer_free() if it is no longer needed.
*
- * @param[in] data is byte array of buffer.
- * @param[in] size is the byte size of buffer
- * @return a newly created ckmc_raw_buffer handle
- * @exception If successful, a newly created ckmc_raw_buffer handle will be returned
- * @exception If out of memory, returns a null value.
+ * @param[in] data byte array of buffer.
+ * @param[in] size the byte size of buffer
+ * @param[out] ppbuffer a pointer to a newly created ckmc_buffer_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_buffer_free()
- * @see #ckmc_raw_buffer
+ * @see #ckmc_raw_buffer_s
*/
-ckmc_raw_buffer * ckmc_buffer_new(unsigned char *data, size_t size);
+int ckmc_buffer_new(unsigned char *data, size_t size,ckmc_raw_buffer_s **ppbuffer);
/**
- * @brief Destroys the ckmc_raw_buffer handle and releases all its resources.
+ * @brief Destroys the ckmc_raw_buffer_s handle and releases all its resources.
*
* @since_tizen 2.3
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @param[in] buffer a ckmc_raw_buffer handle to destroy
+ * @param[in] buffer a ckmc_raw_buffer_s handle to destroy
* @see ckmc_buffer_new()
*/
-void ckmc_buffer_free(ckmc_raw_buffer *buffer);
-
-
-
+void ckmc_buffer_free(ckmc_raw_buffer_s *buffer);
/**
- * @brief Creates a new ckmc_cert handle and returns it.
+ * @internal
+ * @brief Creates a new ckmc_cert_s handle and returns it.
*
* @since_tizen 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
- *
- * @remarks A newly created ckmc_cert should be destroyed by calling ckmc_cert_free() if it is no longer needed.
- *
- * @param[in] raw_cert is byte array of certificate.
- * @param[in] cert_size is the byte size of raw_cert.
- * @param[in] data_format is the encoding format of raw_cert
- * @return a newly created ckmc_cert handle
- * @exception If successful, a newly created ckmc_cert handle will be returned
- * @exception If out of memory, returns a null value.
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
+ *
+ * @remarks A newly created ckmc_cert_s should be destroyed by calling ckmc_cert_free() if it is no longer needed.
+ *
+ * @param[in] raw_cert byte array of certificate.
+ * @param[in] cert_size the byte size of raw_cert.
+ * @param[in] data_format the encoding format of raw_cert
+ * @param[out] ppcert a pointer to a newly created ckmc_cert_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_cert_free()
* @see ckmc_load_cert_from_file()
* @see ckmc_load_from_pkcs12_file
- * @see #ckmc_cert
+ * @see #ckmc_cert_s
*/
-ckmc_cert *ckmc_cert_new(unsigned char *raw_cert, size_t cert_size, ckmc_data_format data_format);
+int ckmc_cert_new(unsigned char *raw_cert, size_t cert_size,
+ ckmc_data_format_e data_format, ckmc_cert_s **ppcert);
/**
* @brief Destroys the ckmc_cert handle and releases all its resources.
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @param[in] cert a ckmc_cert handle to destroy
+ * @param[in] cert a ckmc_cert_s handle to destroy
* @see ckmc_cert_new()
* @see ckmc_load_cert_from_file()
* @see ckmc_load_from_pkcs12_file
*/
-void ckmc_cert_free(ckmc_cert *cert);
+void ckmc_cert_free(ckmc_cert_s *cert);
/**
- * @brief Create a new ckmc_cert handle from a given file and returns it.
+ * @brief Creates a new ckmc_cert_s handle from a given file and returns it.
*
* @since_tizen 2.3
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @remarks A newly created ckmc_cert should be destroyed by calling ckmc_cert_free() if it is no longer needed.
+ * @remarks A newly created ckmc_cert_s should be destroyed by calling ckmc_cert_free() if it is no longer needed.
*
- * @param[in] file_path is a path of certificate file to be loaded. The only DER or PEM encoded certificate file is supported.
- * @param[out] cert is the pointer of newly created ckmc_cert handle
- * @return #CKMC_API_SUCCESS on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_OUT_OF_MEMORY not enough memory space
- * @exception #CKMC_API_ERROR_INVALID_FORMAT invalid certificate file format
- * @exception #CKMC_API_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
+ * @param[in] file_path a path of certificate file to be loaded. The only DER or PEM encoded certificate file is supported.
+ * @param[out] cert the pointer of newly created ckmc_cert_s handle
+ * @return #CKMC_SUCCESS on success, otherwise a negative error value
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory space
+ * @retval #CKMC_ERROR_INVALID_FORMAT invalid certificate file format
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
* @see ckmc_cert_free()
* @see ckmc_cert_new()
* @see ckmc_load_from_pkcs12_file()
- * @see #ckmc_cert
+ * @see #ckmc_cert_s
*/
-int ckmc_load_cert_from_file(const char *file_path, ckmc_cert **cert);
+int ckmc_load_cert_from_file(const char *file_path, ckmc_cert_s **cert);
/**
- * @brief Create a new ckmc_key(private key), ckmc_cert(certificate), and ckmc_cert_list(CA certificates) handle from a given PKCS#12 file and returns them.
+ * @brief Creates a new ckmc_key_s(private key), ckmc_cert_s(certificate), and ckmc_cert_list_s(CA certificates) handle from a given PKCS#12 file and returns them.
*
* @since_tizen 2.3
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @remarks A newly created ckmc_key, ckmc_cert, and ckmc_cert_list should be destroyed by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are no longer needed.
- *
- * @param[in] file_path is a path of PKCS12 file to be loaded.
- * @param[in] passphrase is used to decrypt the PCKS12 file. If PKCS12 file is not encrypted, passphrase can be null.
- * @param[out] private_key is the pointer of newly created ckmc_key handle for a private key
- * @param[out] cert is the pointer of newly created ckmc_cert handle for a certificate. It is null if the PKCS12 file doesn't contain a certificate.
- * @param[out] ca_cert_list is the pointer of newly created ckmc_cert_list handle for CA certificates. It is null if the PKCS12 file doesn't contain CA certificates.
- * @return #CKMC_API_SUCCESS on success, otherwise a negative error value
- * @exception #CKMC_API_SUCCESS Successful
- * @exception #CKMC_API_ERROR_OUT_OF_MEMORY not enough memory space
- * @exception #CKMC_API_ERROR_INVALID_FORMAT invalid PKCS12 file format
- * @exception #CKMC_API_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
+ * @remarks A newly created ckmc_key_s, ckmc_cert_s, and ckmc_cert_list_s should be destroyed by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are no longer needed.
+ *
+ * @param[in] file_path a path of PKCS12 file to be loaded.
+ * @param[in] passphrase used to decrypt the PCKS12 file. If PKCS12 file is not encrypted, passphrase can be null.
+ * @param[out] private_key the pointer of newly created ckmc_key_s handle for a private key
+ * @param[out] cert the pointer of newly created ckmc_cert_s handle for a certificate. It is null if the PKCS12 file doesn't contain a certificate.
+ * @param[out] ca_cert_list the pointer of newly created ckmc_cert_list_s handle for CA certificates. It is null if the PKCS12 file doesn't contain CA certificates.
+ * @return #CKMC_SUCCESS on success, otherwise a negaprevious == NULL || tive error value
+ * @retval #CKMC_SUCCESS Successful
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory space
+ * @retval #CKMC_ERROR_INVALID_FORMAT invalid PKCS12 file format
+ * @retval #CKMC_ERROR_FILE_ACCESS_DENIED provided file doesn't exists or cannot be accessed
* @see ckmc_key_free()
* @see ckmc_cert_free()
* @see ckmc_cert_list_all_free()
- * @see #ckmc_key
- * @see #ckmc_cert
- * @see #ckmc_cert_list
+ * @see #ckmc_key_s
+ * @see #ckmc_cert_s
+ * @see #ckmc_cert_list_s
*/
-int ckmc_load_from_pkcs12_file(const char *file_path, const char *passphrase, ckmc_key **private_key, ckmc_cert **cert, ckmc_cert_list **ca_cert_list);
-
-
+int ckmc_load_from_pkcs12_file(const char *file_path, const char *passphrase,
+ ckmc_key_s **private_key, ckmc_cert_s **cert,
+ ckmc_cert_list_s **ca_cert_list);
/**
- * @brief Creates a new ckmc_alias_list handle and returns it. The alias pointer in the returned ckmc_alias_list handle points to the provided characters and the next is null.
+ * @internal
+ * @brief Creates a new ckmc_alias_list_s handle and returns it. The alias pointer in the returned ckmc_alias_list_s handle points to the provided characters and the next is null.
*
* @since_tizen 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks A newly created ckmc_alias_list should be destroyed by calling ckmc_alias_list_free() or ckmc_alias_list_all_free() if it is no longer needed.
+ * @remarks A newly created ckmc_alias_list_s should be destroyed by calling ckmc_alias_list_free() or ckmc_alias_list_all_free() if it is no longer needed.
*
- * @param[in] alias is the first item to be set in the newly created ckmc_alias_list.
- * @return a newly created ckmc_alias_list handle
- * @exception If successful, a newly created ckmc_alias_list handle will be returned
- * @exception If out of memory, returns a null value.
+ * @param[in] alias the first item to be set in the newly created ckmc_alias_list_s.
+ * @param[out] ppalias_list a pointer to a newly created ckmc_alias_list_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_alias_list_add()
* @see ckmc_alias_list_free()
* @see ckmc_alias_list_all_free()
- * @see #ckmc_alias_list
+ * @see #ckmc_alias_list_s
*/
-ckmc_alias_list *ckmc_alias_list_new(char *alias);
+int ckmc_alias_list_new(char *alias, ckmc_alias_list_s **ppalias_list);
/**
- * @brief Creates a new ckmc_alias_list handle, add it to a previous ckmc_alias_list and returns it. The alias pointer in the returned ckmc_alias_list handle points to the provided characters and the next is null.
+ * @internal
+ * @brief Creates a new ckmc_alias_list_s handle, add it to a previous ckmc_alias_list_s and returns it. The alias pointer in the returned ckmc_alias_list_s handle points to the provided characters and the next is null.
*
* @since_tizen 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
- *
- * @param[in] previous the last ckmc_alias_list handle to which a newly created ckmc_alias_list is added
- * @param[in] alias is an item to be set in the newly created ckmc_alias_list.
- * @return a newly added ckmc_alias_list handle. It should be given as previous when ckmc_cert_list_add() is called again.
- * @exception If successful, a newly created ckmc_alias_list handle will be returned
- * @exception If out of memory, returns a null value.
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
+ *
+ * @param[in] previous the last ckmc_alias_list_s handle to which a newly created ckmc_alias_list_s is added
+ * @param[in] alias an item to be set in the newly created ckmc_alias_list_s.
+ * @param[out] pplast a pointer to a newly created and added ckmc_alias_list_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_alias_list_add()
* @see ckmc_alias_list_free()
* @see ckmc_alias_list_all_free()
- * @see #ckmc_alias_list
+ * @see #ckmc_alias_list_s
*/
-ckmc_alias_list *ckmc_alias_list_add(ckmc_alias_list *previous, char *alias);
+int ckmc_alias_list_add(ckmc_alias_list_s *previous,
+ char *alias, ckmc_alias_list_s **pplast);
/**
- * @brief Destroys the ckmc_alias_list handle and releases resources of ckmc_alias_list from the provided first handle cascadingly.
+ * @internal
+ * @brief Destroys the ckmc_alias_list_s handle and releases resources of ckmc_alias_list_s from the provided first handle cascadingly.
*
* @since_tizen 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
*
- * @remarks It does not destroy an alias itself in ckmc_alias_list.
+ * @remarks It does not destroy an alias itself in ckmc_alias_list_s.
*
- * @param[in] first the first ckmc_alias_list handle to destroy
+ * @param[in] first the first ckmc_alias_list_s handle to destroy
* @see ckmc_alias_list_new()
* @see ckmc_alias_list_add()
* @see ckmc_alias_list_all_free()
- * @see #ckmc_alias_list
+ * @see #ckmc_alias_list_s
*/
-void ckmc_alias_list_free(ckmc_alias_list *first);
+void ckmc_alias_list_free(ckmc_alias_list_s *first);
/**
- * @brief Destroys the ckmc_alias_list handle and releases all its resources from the provided first handle cascadingly.
+ * @brief Destroys the ckmc_alias_list_s handle and releases all its resources from the provided first handle cascadingly.
*
* @since_tizen 2.3
* @privlevel public
* @privilege %http://tizen.org/privilege/keymanager
*
- * @remarks It also destroy an alias in ckmc_alias_list.
+ * @remarks It also destroy an alias in ckmc_alias_list_s.
*
- * @param[in] first the first ckmc_alias_list handle to destroy
+ * @param[in] first the first ckmc_alias_list_s handle to destroy
* @see ckmc_alias_list_new()
* @see ckmc_alias_list_add()
* @see ckmc_alias_list_free()
- * @see #ckmc_alias_list
+ * @see #ckmc_alias_list_s
*/
-void ckmc_alias_list_all_free(ckmc_alias_list *first);
-
-
-
+void ckmc_alias_list_all_free(ckmc_alias_list_s *first);
+////////////////////////////////////////////////////////////////////////////////////// <- start
/**
- * @brief Creates a new ckmc_cert_list handle and returns it. The cert pointer in the returned ckmc_cert_list handle points to the provided ckmc_cert and the next is null.
+ * @internal
+ * @brief Creates a new ckmc_cert_list_s handle and returns it. The cert pointer in the returned ckmc_cert_list_s handle points to the provided ckmc_cert_s and the next is null.
*
- * @remarks A newly created ckmc_cert_list should be destroyed by calling ckmc_cert_list_free() or ckmc_cert_list_all_free() if it is no longer needed.
+ * @since_tizen 2.3
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
+ *
+ * @remarks A newly created ckmc_cert_list_s should be destroyed by calling ckmc_cert_list_free() or ckmc_cert_list_all_free() if it is no longer needed.
*
- * @param[in] cert is the first item to be set in the newly created ckmc_cert_list.
- * @return a newly created ckmc_cert_list handle
- * @exception If successful, a newly created ckmc_cert_list handle will be returned
- * @exception If out of memory, returns a null value.
+ * @param[in] cert the first item to be set in the newly created ckmc_cert_list_s.
+ * @param[out] ppalias_list a pointer to a newly created ckmc_alias_list_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_cert_list_add()
* @see ckmc_cert_list_free()
* @see ckmc_cert_list_all_free()
- * @see #ckmc_cert_list
- *
- * @since 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager *
+ * @see #ckmc_cert_list_s
*/
-ckmc_cert_list *ckmc_cert_list_new(ckmc_cert *cert);
+int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list);
/**
- * @brief Creates a new ckmc_cert_list handle, add it to a previous ckmc_cert_list and returns it. The cert pointer in the returned ckmc_alias_list handle points to the provided ckmc_cert and the next is null.
+ * @internal
+ * @brief Creates a new ckmc_cert_list_s handle, add it to a previous ckmc_cert_list_s and returns it. The cert pointer in the returned ckmc_alias_list_s handle points to the provided ckmc_cert_s and the next is null.
*
- * @param[in] previous the last ckmc_cert_list handle to which a newly created ckmc_cert_list is added
- * @param[in] cert is an item to be set in the newly created ckmc_cert_list.
- * @return a newly added ckmc_cert_list handle. It should be given as previous when ckmc_cert_list_add() is called again.
- * @exception If successful, a newly created ckmc_cert_list handle will be returned
- * @exception If out of memory, returns a null value.
+ * @since 2.3
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
+ *
+ * @param[in] previous the last ckmc_cert_list_s handle to which a newly created ckmc_cert_list_s is added
+ * @param[in] cert an item to be set in the newly created ckmc_cert_list_s.
+ * @param[out] pplast a pointer to a newly created and added ckmc_alias_list_s handle
+ * @return 0 on success, otherwise a negative error value
+ * @retval #CKMC_ERROR_INPUT_PARAM input parameter is invalid
+ * @retval #CKMC_ERROR_OUT_OF_MEMORY not enough memory
* @see ckmc_cert_list_add()
* @see ckmc_cert_list_free()
* @see ckmc_cert_list_all_free()
- * @see #ckmc_cert_list
- *
- * @since 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager *
+ * @see #ckmc_cert_list_s
*/
-ckmc_cert_list *ckmc_cert_list_add(ckmc_cert_list *previous, ckmc_cert *cert);
+int ckmc_cert_list_add(ckmc_cert_list_s *previous,
+ ckmc_cert_s *cert, ckmc_cert_list_s **pplast);
/**
- * @brief Destroys the ckmc_cert_list handle and releases resources of ckmc_cert_list from the provided first handle cascadingly.
+ * @internal
+ * @brief Destroys the ckmc_cert_list_s handle and releases resources of ckmc_cert_list_s from the provided first handle cascadingly.
*
- * @remarks It does not destroy an ckmc_cert itself in ckmc_cert_list.
+ * @since 2.3
+ * @privlevel platform
+ * @privilege %http://tizen.org/privilege/keymanager.admin
+ * @remarks It does not destroy an ckmc_cert_s itself in ckmc_cert_list_s.
*
- * @param[in] first the first ckmc_cert_list handle to destroy
+ * @param[in] first the first ckmc_cert_list_s handle to destroy
* @see ckmc_cert_list_new()
* @see ckmc_cert_list_add()
* @see ckmc_cert_list_all_free()
- * @see #ckmc_cert_list
- *
- * @since 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager *
+ * @see #ckmc_cert_list_s
*/
-void ckmc_cert_list_free(ckmc_cert_list *first);
+void ckmc_cert_list_free(ckmc_cert_list_s *first);
/**
- * @brief Destroys the ckmc_cert_list handle and releases all its resources from the provided first handle cascadingly.
+ * @brief Destroys the ckmc_cert_list_s handle and releases all its resources from the provided first handle cascadingly.
*
- * @remarks It also destroy an ckmc_cert in ckmc_cert_list.
+ * @since 2.3
+ * @privlevel public
+ * @privilege %http://tizen.org/privilege/keymanager
+ *
+ * @remarks It also destroy an ckmc_cert_s in ckmc_cert_list_s.
*
- * @param[in] first the first ckmc_cert_list handle to destroy
+ * @param[in] first the first ckmc_cert_list_s handle to destroy
* @see ckmc_cert_list_new()
* @see ckmc_cert_list_add()
* @see ckmc_cert_list_free()
- * @see #ckmc_cert_list
- *
- * @since 2.3
- * @privlevel public
- * @privilege %http://tizen.org/privilege/keymanager *
+ * @see #ckmc_cert_list_s
*/
-void ckmc_cert_list_all_free(ckmc_cert_list *first);
-
+void ckmc_cert_list_all_free(ckmc_cert_list_s *first);
/**
* @}
#include <iostream>
#include <string.h>
-bool _toBool(ckmc_bool ckmBool)
-{
- if(ckmBool == CKMC_TRUE) {
- return true;
- }
- return false;
-}
-
std::string _tostring(const char *str)
{
if(str == NULL)
return std::string(str);
}
-CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert *cert)
+CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert)
{
CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size);
CKM::DataFormat dataFormat = static_cast<CKM::DataFormat>(static_cast<int>(cert->data_format));
return CKM::Certificate::create(buffer, dataFormat);
}
-ckmc_cert_list *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
+ckmc_cert_list_s *_toNewCkmCertList(CKM::CertificateShPtrVector &certVector)
{
- ckmc_cert_list *start = NULL;
- ckmc_cert_list *plist = NULL;
+ int ret;
+ ckmc_cert_list_s *start = NULL;
+ ckmc_cert_list_s *plist = NULL;
CKM::CertificateShPtrVector::iterator it;
for(it = certVector.begin(); it != certVector.end(); it++) {
CKM::RawBuffer rawBuffer = (*it)->getDER();
unsigned char *rawCert = (unsigned char *) malloc(rawBuffer.size());
memcpy(rawCert, rawBuffer.data(), rawBuffer.size());
- ckmc_cert *pcert = ckmc_cert_new( rawCert, rawBuffer.size(), CKMC_FORM_DER);
+ ckmc_cert_s *pcert;
+ ret = ckmc_cert_new(rawCert, rawBuffer.size(), CKMC_FORM_DER, &pcert);
if(pcert == NULL) {
return NULL;
}
if(plist == NULL) {
- plist = ckmc_cert_list_new(pcert);
+ ret = ckmc_cert_list_new(pcert, &plist);
start = plist; // save the pointer of the first element
}else {
- plist = ckmc_cert_list_add(plist, pcert);
+ ret = ckmc_cert_list_add(plist, pcert, &plist);
+ }
+ if(ret != CKMC_SUCCESS) {
+ ckmc_cert_list_all_free(start);
+ return NULL;
}
}
return start;
}
KEY_MANAGER_CAPI
-int ckmc_save_key(const char *alias, const ckmc_key key, const ckmc_policy policy)
+int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy)
{
CKM::ManagerShPtr mgr = CKM::Manager::create();
if(alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
if(key.raw_key == NULL || key.key_size <= 0) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size);
CKM::KeyShPtr ckmKey = CKM::Key::create(buffer, _tostring(key.password));
if(ckmKey.get() == NULL) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
- CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
return mgr->saveKey(ckmAlias, ckmKey, storePolicy);
}
CKM::ManagerShPtr mgr = CKM::Manager::create();
if(alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
}
KEY_MANAGER_CAPI
-int ckmc_get_key(const char *alias, const char *password, ckmc_key **key)
+int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key)
{
int ret;
CKM::KeyShPtr ckmKey;
if(alias == NULL || key == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getKey(ckmAlias, _tostring(password), ckmKey)) != CKMC_SUCCESS) {
return ret;
}
unsigned char *rawKey = reinterpret_cast<unsigned char*>(ckmKey->getDER().data());
- ckmc_key_type keyType = static_cast<ckmc_key_type>(static_cast<int>(ckmKey->getType()));
- *key = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL);
- if(*key == NULL) {
- return CKMC_API_ERROR_OUT_OF_MEMORY;
- }else {
- return CKMC_API_SUCCESS;
- }
+ ckmc_key_type_e keyType = static_cast<ckmc_key_type_e>(static_cast<int>(ckmKey->getType()));
+
+ ret = ckmc_key_new( rawKey, ckmKey->getDER().size(), keyType, NULL, key);
+
+ return ret;
}
KEY_MANAGER_CAPI
-int ckmc_get_key_alias_list(ckmc_alias_list** alias_list)
+int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list)
{
int ret;
if(alias_list == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::AliasVector aliasVector;
CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getKeyAliasVector(aliasVector)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getKeyAliasVector(aliasVector)) != CKMC_SUCCESS) {
return ret;
}
- ckmc_alias_list *plist = NULL;
+ ckmc_alias_list_s *plist = NULL;
CKM::AliasVector::iterator it;
for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
char *alias = (char *)malloc(it->size() + 1);
memset(alias, 0, it->size() +1 );
memcpy(alias, it->c_str(), it->size());
if(plist == NULL) { // first
- plist = ckmc_alias_list_new(alias);
+ ret = ckmc_alias_list_new(alias, &plist);
*alias_list = plist; // save the pointer of the first element
}else {
- plist = ckmc_alias_list_add(plist, alias);
+ ret = ckmc_alias_list_add(plist, alias, &plist);
+ }
+ if(ret != CKMC_SUCCESS) {
+ ckmc_alias_list_all_free(*alias_list);
+ return ret;
}
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-int ckmc_save_cert(const char *alias, const ckmc_cert cert, const ckmc_policy policy)
+int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy)
{
if(alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
if(cert.raw_cert == NULL || cert.cert_size <= 0) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert);
if(ckmCert.get() == NULL) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
- CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
CKM::ManagerShPtr mgr = CKM::Manager::create();
return mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
int ckmc_remove_cert(const char *alias)
{
if(alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
}
KEY_MANAGER_CAPI
-int ckmc_get_cert(const char *alias, const char *password, ckmc_cert **cert)
+int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert)
{
CKM::CertificateShPtr ckmCert;
int ret;
if(alias == NULL || cert == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getCertificate(ckmAlias, _tostring(password), ckmCert)) != CKMC_SUCCESS) {
return ret;
}
unsigned char *rawCert = reinterpret_cast<unsigned char*>(ckmCert->getDER().data());
- *cert = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER);
- if(*cert == NULL) {
- return CKMC_API_ERROR_OUT_OF_MEMORY;
- }else {
- return CKMC_API_SUCCESS;
- }
+ ret = ckmc_cert_new( rawCert, ckmCert->getDER().size(), CKMC_FORM_DER, cert);
+
+ return ret;
}
KEY_MANAGER_CAPI
-int ckmc_get_cert_alias_list(ckmc_alias_list** alias_list) {
+int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) {
int ret;
if(alias_list == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::AliasVector aliasVector;
CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getCertificateAliasVector(aliasVector)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getCertificateAliasVector(aliasVector)) != CKMC_SUCCESS) {
return ret;
}
- ckmc_alias_list *plist = NULL;
+ ckmc_alias_list_s *plist = NULL;
CKM::AliasVector::iterator it;
for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
char *alias = (char *)malloc(it->size() + 1);
memset(alias, 0, it->size() +1 );
memcpy(alias, it->c_str(), it->size());
+
if(plist == NULL) { // first
- plist = ckmc_alias_list_new(alias);
+ ret = ckmc_alias_list_new(alias, &plist);
*alias_list = plist; // save the pointer of the first element
}else {
- plist = ckmc_alias_list_add(plist, alias);
+ ret = ckmc_alias_list_add(plist, alias, &plist);
+
+ }
+ if(ret != CKMC_SUCCESS) {
+ ckmc_alias_list_all_free(*alias_list);
+ return ret;
}
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-int ckmc_save_data(const char *alias, ckmc_raw_buffer data, const ckmc_policy policy)
+int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy)
{
if(alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
if(data.data == NULL || data.size <= 0) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::RawBuffer buffer(data.data, data.data + data.size);
- CKM::Policy storePolicy(_tostring(policy.password), _toBool(policy.extractable), _toBool(policy.restricted));
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
CKM::ManagerShPtr mgr = CKM::Manager::create();
return mgr->saveData(ckmAlias, buffer, storePolicy);
int ckmc_remove_data(const char *alias)
{
if(alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
}
KEY_MANAGER_CAPI
-int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer **data)
+int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data)
{
CKM::RawBuffer ckmBuff;
int ret;
if(alias == NULL || data == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(alias);
CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getData(ckmAlias, _tostring(password), ckmBuff)) != CKMC_SUCCESS) {
return ret;
}
unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmBuff.data());
- *data = ckmc_buffer_new( rawBuff, ckmBuff.size());
- if(*data == NULL) {
- return CKMC_API_ERROR_OUT_OF_MEMORY;
- }else {
- return CKMC_API_SUCCESS;
- }
+ ret = ckmc_buffer_new(rawBuff, ckmBuff.size(), data);
+
+ return ret;
}
KEY_MANAGER_CAPI
-int ckmc_get_data_alias_list(ckmc_alias_list** alias_list){
+int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list){
int ret;
if(alias_list == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::AliasVector aliasVector;
CKM::ManagerShPtr mgr = CKM::Manager::create();
- if( (ret = mgr->getDataAliasVector(aliasVector)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getDataAliasVector(aliasVector)) != CKMC_SUCCESS) {
return ret;
}
- ckmc_alias_list *plist = NULL;
+ ckmc_alias_list_s *plist = NULL;
CKM::AliasVector::iterator it;
for(it = aliasVector.begin(); it != aliasVector.end(); it++) {
char *alias = (char *)malloc(it->size() + 1);
memset(alias, 0, it->size() +1 );
memcpy(alias, it->c_str(), it->size());
if(plist == NULL) { // first
- plist = ckmc_alias_list_new(alias);
+ ret = ckmc_alias_list_new(alias, &plist);
*alias_list = plist; // save the pointer of the first element
}else {
- plist = ckmc_alias_list_add(plist, alias);
+ ret = ckmc_alias_list_add(plist, alias, &plist);
+ }
+ if(ret != CKMC_SUCCESS) {
+ ckmc_alias_list_all_free(*alias_list);
+ return ret;
}
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
int ckmc_create_key_pair_rsa(const size_t size,
const char *private_key_alias,
const char *public_key_alias,
- const ckmc_policy policy_private_key,
- const ckmc_policy policy_public_key)
+ const ckmc_policy_s policy_private_key,
+ const ckmc_policy_s policy_public_key)
{
int ret;
CKM::ManagerShPtr mgr = CKM::Manager::create();
if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
if( (ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy))
- != CKMC_API_SUCCESS) {
+ != CKMC_SUCCESS) {
return ret;
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-int ckmc_create_key_pair_ecdsa(const ckmc_ec_type type,
+int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type,
const char *private_key_alias,
const char *public_key_alias,
- const ckmc_policy policy_private_key,
- const ckmc_policy policy_public_key)
+ const ckmc_policy_s policy_private_key,
+ const ckmc_policy_s policy_public_key)
{
CKM::ManagerShPtr mgr = CKM::Manager::create();
if(private_key_alias == NULL || public_key_alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), _toBool(policy_private_key.extractable), _toBool(policy_private_key.restricted));
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), _toBool(policy_public_key.extractable), _toBool(policy_public_key.restricted));
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
return mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
}
KEY_MANAGER_CAPI
int ckmc_create_signature(const char *private_key_alias,
const char *password,
- const ckmc_raw_buffer message,
- const ckmc_hash_algo hash,
- const ckmc_rsa_padding_algo padding,
- ckmc_raw_buffer **signature)
+ const ckmc_raw_buffer_s message,
+ const ckmc_hash_algo_e hash,
+ const ckmc_rsa_padding_algo_e padding,
+ ckmc_raw_buffer_s **signature)
{
int ret;
CKM::ManagerShPtr mgr = CKM::Manager::create();
CKM::RawBuffer ckmSignature;
if(private_key_alias == NULL || signature == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
ckmMessage,
ckmHashAlgo,
ckmPadding,
- ckmSignature)) != CKMC_API_SUCCESS) {
+ ckmSignature)) != CKMC_SUCCESS) {
return ret;
}
unsigned char *rawBuff = reinterpret_cast<unsigned char*>(ckmSignature.data());
- *signature = ckmc_buffer_new( rawBuff, ckmSignature.size());
- if(*signature == NULL) {
- return CKMC_API_ERROR_OUT_OF_MEMORY;
- }else {
- return CKMC_API_SUCCESS;
- }
+ ret = ckmc_buffer_new( rawBuff, ckmSignature.size(), signature);
- return CKMC_API_SUCCESS;
+ return ret;
}
KEY_MANAGER_CAPI
int ckmc_verify_signature(const char *public_key_alias,
const char *password,
- const ckmc_raw_buffer message,
- const ckmc_raw_buffer signature,
- const ckmc_hash_algo hash,
- const ckmc_rsa_padding_algo padding)
+ const ckmc_raw_buffer_s message,
+ const ckmc_raw_buffer_s signature,
+ const ckmc_hash_algo_e hash,
+ const ckmc_rsa_padding_algo_e padding)
{
int ret;
CKM::ManagerShPtr mgr = CKM::Manager::create();
if(public_key_alias == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmPublicKeyAlias(public_key_alias);
ckmMessage,
ckmSignature,
ckmHashAlgo,
- ckmPadding)) != CKMC_API_SUCCESS) {
+ ckmPadding)) != CKMC_SUCCESS) {
return ret;
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-int ckmc_get_cert_chain(const ckmc_cert *cert, const ckmc_cert_list *untrustedcerts, ckmc_cert_list **cert_chain_list)
+int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
{
int ret;
CKM::ManagerShPtr mgr = CKM::Manager::create();
CKM::CertificateShPtrVector ckmCertChain;
if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
CKM::CertificateShPtrVector ckmUntrustedCerts;
if(untrustedcerts != NULL) {
- ckmc_cert_list *current = NULL;
- ckmc_cert_list *next = const_cast<ckmc_cert_list *>(untrustedcerts);
+ ckmc_cert_list_s *current = NULL;
+ ckmc_cert_list_s *next = const_cast<ckmc_cert_list_s *>(untrustedcerts);
do {
current = next;
next = current->next;
}
ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, ckmCertChain);
- if( ret != CKMC_API_SUCCESS) {
+ if( ret != CKMC_SUCCESS) {
return ret;
}
*cert_chain_list = _toNewCkmCertList(ckmCertChain);
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-int ckmc_get_cert_chain_with_alias(const ckmc_cert *cert, const ckmc_alias_list *untrustedcerts, ckmc_cert_list **cert_chain_list)
+int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list)
{
int ret;
CKM::ManagerShPtr mgr = CKM::Manager::create();
if(cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) {
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert);
if(ckmCert.get() == NULL) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
CKM::AliasVector ckmUntrustedAliases;
if(untrustedcerts != NULL) {
- ckmc_alias_list *current = NULL;
- ckmc_alias_list *next = const_cast<ckmc_alias_list *>(untrustedcerts);
+ ckmc_alias_list_s *current = NULL;
+ ckmc_alias_list_s *next = const_cast<ckmc_alias_list_s *>(untrustedcerts);
do {
current = next;
next = current->next;
if(current->alias == NULL){
- return CKMC_API_ERROR_INPUT_PARAM;
+ return CKMC_ERROR_INPUT_PARAM;
}
CKM::Alias ckmAlias(current->alias);
ckmUntrustedAliases.push_back(ckmAlias);
}while(next != NULL);
}
- if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKMC_API_SUCCESS) {
+ if( (ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, ckmCertChain)) != CKMC_SUCCESS) {
return ret;
}
*cert_chain_list = _toNewCkmCertList(ckmCertChain);
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
#include <openssl/evp.h>
#include <openssl/pem.h>
-int _ckmc_load_cert_from_x509(X509 *xCert, ckmc_cert **cert);
-
+int _ckmc_load_cert_from_x509(X509 *xCert, ckmc_cert_s **cert);
KEY_MANAGER_CAPI
-ckmc_key *ckmc_key_new(unsigned char *raw_key, size_t key_size, ckmc_key_type key_type, char *password)
+int ckmc_key_new(unsigned char *raw_key, size_t key_size, ckmc_key_type_e key_type, char *password, ckmc_key_s **ppkey)
{
- ckmc_key *pkey = new ckmc_key;
- if(pkey == NULL)
- return NULL;
+ ckmc_key_s *pkey;
+
+ if(raw_key == NULL || key_size <= 0 || ppkey == NULL) {
+ return CKMC_ERROR_INPUT_PARAM;
+ }
+ pkey = new ckmc_key_s;
+ if(pkey == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
pkey->raw_key = reinterpret_cast<unsigned char*>(malloc(key_size));
if(pkey->raw_key == NULL) {
free(pkey);
- return NULL;
+ return CKMC_ERROR_OUT_OF_MEMORY;
}
memcpy(pkey->raw_key, raw_key, key_size);
if(pkey->password == NULL) {
free(pkey);
free(pkey->raw_key);
- return NULL;
+ return CKMC_ERROR_OUT_OF_MEMORY;
}
memset(pkey->password, 0, strlen(password) +1);
strncpy(pkey->password, password, strlen(password));
pkey->password = NULL;
}
- return pkey;
+ *ppkey = pkey;
+
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-void ckmc_key_free(ckmc_key *key)
+void ckmc_key_free(ckmc_key_s *key)
{
if(key == NULL)
return;
}
KEY_MANAGER_CAPI
-ckmc_raw_buffer * ckmc_buffer_new(unsigned char *data, size_t size)
+int ckmc_buffer_new(unsigned char *data, size_t size,ckmc_raw_buffer_s **ppbuffer)
{
- ckmc_raw_buffer *pbuff = new ckmc_raw_buffer;
+ ckmc_raw_buffer_s *pbuff;
+
+ if(data == NULL || size <= 0 || ppbuffer == NULL) {
+ return CKMC_ERROR_INPUT_PARAM;
+ }
+
+ pbuff = new ckmc_raw_buffer_s;
if(pbuff == NULL)
- return NULL;
+ return CKMC_ERROR_OUT_OF_MEMORY;
pbuff->data = reinterpret_cast<unsigned char*>(malloc(size));
if(pbuff->data == NULL) {
free(pbuff);
- return NULL;
+ return CKMC_ERROR_OUT_OF_MEMORY;
}
memcpy(pbuff->data, data, size);
pbuff->size = size;
+ *ppbuffer = pbuff;
- return pbuff;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-void ckmc_buffer_free(ckmc_raw_buffer *buffer)
+void ckmc_buffer_free(ckmc_raw_buffer_s *buffer)
{
if(buffer == NULL)
return;
}
KEY_MANAGER_CAPI
-ckmc_cert *ckmc_cert_new(unsigned char *raw_cert, size_t cert_size, ckmc_data_format data_format)
+int ckmc_cert_new(unsigned char *raw_cert, size_t cert_size, ckmc_data_format_e data_format, ckmc_cert_s **ppcert)
{
- ckmc_cert *pcert = new ckmc_cert;
- if(pcert == NULL)
- return NULL;
+ ckmc_cert_s *pcert;
+ if(raw_cert == NULL || cert_size <= 0 || ppcert == NULL) {
+ return CKMC_ERROR_INPUT_PARAM;
+ }
+
+ pcert = new ckmc_cert_s;
+ if(pcert == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
pcert->raw_cert = reinterpret_cast<unsigned char*>(malloc(cert_size));
if(pcert->raw_cert == NULL) {
free(pcert);
- return NULL;
+ return CKMC_ERROR_OUT_OF_MEMORY;
}
memcpy(pcert->raw_cert, raw_cert, cert_size);
pcert->cert_size = cert_size;
pcert->data_format = data_format;
- return pcert;
+ *ppcert = pcert;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-int ckmc_load_cert_from_file(const char *file_path, ckmc_cert **cert)
+int ckmc_load_cert_from_file(const char *file_path, ckmc_cert_s **cert)
{
OpenSSL_add_all_algorithms();
FILE *fp = fopen(file_path, "r");
if(fp == NULL)
- return CKMC_API_ERROR_FILE_ACCESS_DENIED;
+ return CKMC_ERROR_FILE_ACCESS_DENIED;
X509 *pcert = NULL;
if(!(pcert = d2i_X509_fp(fp, NULL))) {
fseek(fp, 0, SEEK_SET);
}
fclose(fp);
if(pcert == NULL) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
int ret = _ckmc_load_cert_from_x509(pcert, cert);
- if(ret != CKMC_API_SUCCESS) {
+ if(ret != CKMC_SUCCESS) {
X509_free(pcert);
}
return ret;
}
KEY_MANAGER_CAPI
-int ckmc_load_from_pkcs12_file(const char *file_path, const char *passphrase, ckmc_key **private_key, ckmc_cert **ckmcert, ckmc_cert_list **ca_cert_list)
+int ckmc_load_from_pkcs12_file(const char *file_path, const char *passphrase, ckmc_key_s **private_key, ckmc_cert_s **ckmcert, ckmc_cert_list_s **ca_cert_list)
{
class Pkcs12Converter {
private:
int ret;
public:
- ckmc_key *retPrivateKey;
- ckmc_cert *retCkmCert;
- ckmc_cert_list *retCaCertList;
+ ckmc_key_s *retPrivateKey;
+ ckmc_cert_s *retCkmCert;
+ ckmc_cert_list_s *retCaCertList;
Pkcs12Converter(){
fp_in = NULL;
pkey = NULL;
x509Cert = NULL;
ca = NULL;
- ret = CKMC_API_SUCCESS;
+ ret = CKMC_SUCCESS;
retPrivateKey = NULL;
retCkmCert = NULL;
retCaCertList = NULL;
sk_X509_pop_free(ca, X509_free);
EVP_cleanup();
- if(ret != CKMC_API_SUCCESS) {
- if(retPrivateKey != NULL)
+ if(ret != CKMC_SUCCESS) {
+ if(retPrivateKey != NULL){
ckmc_key_free(retPrivateKey);
- if(retCkmCert != NULL)
+ retPrivateKey = NULL;
+ }
+ if(retCkmCert != NULL) {
ckmc_cert_free(retCkmCert);
- if(retCaCertList != NULL)
+ retCkmCert = NULL;
+ }
+ if(retCaCertList != NULL) {
ckmc_cert_list_all_free(retCaCertList);
+ retCaCertList = NULL;
+ }
}
};
int parsePkcs12(const char *filePath, const char *pass) {
fp_in = NULL;
if(!(fp_in = fopen(filePath, "rb"))) {
- return CKMC_API_ERROR_FILE_ACCESS_DENIED;
+ return CKMC_ERROR_FILE_ACCESS_DENIED;
}
if(!(p12 = d2i_PKCS12_fp(fp_in, NULL))) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
/* parse PKCS#12 certificate */
if((ret = PKCS12_parse(p12, pass, &pkey, &x509Cert, &ca)) != 1) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
int toCkmCert() {
- if( (ret =_ckmc_load_cert_from_x509(x509Cert,&retCkmCert)) != CKMC_API_SUCCESS) {
+ if( (ret =_ckmc_load_cert_from_x509(x509Cert,&retCkmCert)) != CKMC_SUCCESS) {
return ret;
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
int toCkmKey() {
int size = BIO_read(bkey, output.data(), output.size());
BIO_free_all(bkey);
if (size <= 0) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
output.resize(size);
int type = EVP_PKEY_type(pkey->type);
- ckmc_key_type key_type = CKMC_KEY_NONE;
+ ckmc_key_type_e key_type = CKMC_KEY_NONE;
switch(type) {
case EVP_PKEY_RSA :
key_type = CKMC_KEY_RSA_PRIVATE;
break;
}
if(key_type == CKMC_KEY_NONE) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
char *nullPassword = NULL;
- retPrivateKey = ckmc_key_new(output.data(), size, key_type, nullPassword);
-
- return CKMC_API_SUCCESS;
+ return ckmc_key_new(output.data(), size, key_type, nullPassword, &retPrivateKey);
}
int toCaCkmCertList() {
+ int tmpRet;
X509* popedCert = NULL;
- ckmc_cert *popedCkmCert = NULL;
- ckmc_cert_list *tmpCertList = NULL;
+ ckmc_cert_s *popedCkmCert = NULL;
+ ckmc_cert_list_s *tmpCertList = NULL;
while((popedCert = sk_X509_pop(ca)) != NULL) {
- if( (ret =_ckmc_load_cert_from_x509(popedCert, &popedCkmCert)) != CKMC_API_SUCCESS) {
- return CKMC_API_ERROR_OUT_OF_MEMORY;
+ if( (tmpRet =_ckmc_load_cert_from_x509(popedCert, &popedCkmCert)) != CKMC_SUCCESS) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
}
if(tmpCertList == NULL) { // first
- tmpCertList = ckmc_cert_list_new(popedCkmCert);
+ tmpRet = ckmc_cert_list_new(popedCkmCert, &tmpCertList);
retCaCertList = tmpCertList;
}else {
- tmpCertList = ckmc_cert_list_add(tmpCertList, popedCkmCert);
+ tmpRet = ckmc_cert_list_add(tmpCertList, popedCkmCert, &tmpCertList);
+ }
+ if(tmpRet != CKMC_SUCCESS) {
+ ckmc_cert_list_all_free(retCaCertList);
+ retCaCertList = NULL;
+ return tmpRet;
}
}
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
};
- int ret = CKMC_API_SUCCESS;
+ int ret = CKMC_SUCCESS;
Pkcs12Converter converter;
- if((ret = converter.parsePkcs12(file_path, passphrase)) != CKMC_API_SUCCESS) {
+ if((ret = converter.parsePkcs12(file_path, passphrase)) != CKMC_SUCCESS) {
return ret;
}
- if((ret = converter.toCkmCert()) != CKMC_API_SUCCESS) {
+ if((ret = converter.toCkmCert()) != CKMC_SUCCESS) {
return ret;
}
- if((ret = converter.toCkmKey()) != CKMC_API_SUCCESS) {
+ if((ret = converter.toCkmKey()) != CKMC_SUCCESS) {
return ret;
}
- if((ret = converter.toCaCkmCertList()) != CKMC_API_SUCCESS) {
+ if((ret = converter.toCaCkmCertList()) != CKMC_SUCCESS) {
return ret;
}
*ckmcert = converter.retCkmCert;
*ca_cert_list = converter.retCaCertList;
- return CKMC_API_SUCCESS;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-void ckmc_cert_free(ckmc_cert *cert)
+void ckmc_cert_free(ckmc_cert_s *cert)
{
if(cert == NULL)
return;
}
KEY_MANAGER_CAPI
-ckmc_alias_list *ckmc_alias_list_new(char *alias)
+int ckmc_alias_list_new(char *alias, ckmc_alias_list_s **ppalias_list)
{
- ckmc_alias_list *previous = NULL;
- return ckmc_alias_list_add(previous, alias);
+ ckmc_alias_list_s *previous = NULL;
+ return ckmc_alias_list_add(previous, alias, ppalias_list);
}
KEY_MANAGER_CAPI
-ckmc_alias_list *ckmc_alias_list_add(ckmc_alias_list *previous, char *alias)
+int ckmc_alias_list_add(ckmc_alias_list_s *previous, char *alias, ckmc_alias_list_s **pplast)
{
- ckmc_alias_list *plist = new ckmc_alias_list;
+ ckmc_alias_list_s *plist;
+
+ if(alias == NULL || pplast == NULL) {
+ return CKMC_ERROR_INPUT_PARAM;
+ }
+
+ plist = new ckmc_alias_list_s;
+ if(plist == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
plist->alias = alias;
plist->next = NULL;
- if(previous != NULL)
+ if(previous != NULL) {
previous->next = plist;
+ }
+ *pplast = plist;
- return plist;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-void ckmc_alias_list_free(ckmc_alias_list *first)
+void ckmc_alias_list_free(ckmc_alias_list_s *first)
{
if(first == NULL)
return;
- ckmc_alias_list *current = NULL;
- ckmc_alias_list *next = first;
+ ckmc_alias_list_s *current = NULL;
+ ckmc_alias_list_s *next = first;
do {
current = next;
next = current->next;
}
KEY_MANAGER_CAPI
-void ckmc_alias_list_all_free(ckmc_alias_list *first)
+void ckmc_alias_list_all_free(ckmc_alias_list_s *first)
{
if(first == NULL)
return;
- ckmc_alias_list *current = NULL;
- ckmc_alias_list *next = first;
+ ckmc_alias_list_s *current = NULL;
+ ckmc_alias_list_s *next = first;
do {
current = next;
next = current->next;
}
KEY_MANAGER_CAPI
-ckmc_cert_list *ckmc_cert_list_new(ckmc_cert *cert)
+int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list)
{
- ckmc_cert_list *previous = NULL;
- return ckmc_cert_list_add(previous, cert);
+ ckmc_cert_list_s *previous = NULL;
+ return ckmc_cert_list_add(previous, cert, ppalias_list);
}
KEY_MANAGER_CAPI
-ckmc_cert_list *ckmc_cert_list_add(ckmc_cert_list *previous, ckmc_cert *cert)
+int ckmc_cert_list_add(ckmc_cert_list_s *previous, ckmc_cert_s *cert, ckmc_cert_list_s **pplast)
{
- ckmc_cert_list *plist = new ckmc_cert_list;
+ ckmc_cert_list_s *plist;
+
+ if(cert == NULL || pplast == NULL) {
+ return CKMC_ERROR_INPUT_PARAM;
+ }
+ plist = new ckmc_cert_list_s;
+ if(plist == NULL) {
+ return CKMC_ERROR_OUT_OF_MEMORY;
+ }
plist->cert = cert;
plist->next = NULL;
- if(previous != NULL)
+ if(previous != NULL) {
previous->next = plist;
+ }
+
+ *pplast = plist;
- return plist;
+ return CKMC_SUCCESS;
}
KEY_MANAGER_CAPI
-void ckmc_cert_list_free(ckmc_cert_list *first)
+void ckmc_cert_list_free(ckmc_cert_list_s *first)
{
if(first == NULL)
return;
- ckmc_cert_list *current = NULL;
- ckmc_cert_list *next = first;
+ ckmc_cert_list_s *current = NULL;
+ ckmc_cert_list_s *next = first;
do {
current = next;
next = current->next;
}
KEY_MANAGER_CAPI
-void ckmc_cert_list_all_free(ckmc_cert_list *first)
+void ckmc_cert_list_all_free(ckmc_cert_list_s *first)
{
if(first == NULL)
return;
- ckmc_cert_list *current = NULL;
- ckmc_cert_list *next = first;
+ ckmc_cert_list_s *current = NULL;
+ ckmc_cert_list_s *next = first;
do {
current = next;
next = current->next;
}while(next != NULL);
}
-int _ckmc_load_cert_from_x509(X509 *xCert, ckmc_cert **cert)
+int _ckmc_load_cert_from_x509(X509 *xCert, ckmc_cert_s **cert)
{
if(xCert == NULL) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
BIO *bcert = BIO_new(BIO_s_mem());
int size = BIO_read(bcert, output.data(), output.size());
BIO_free_all(bcert);
if (size <= 0) {
- return CKMC_API_ERROR_INVALID_FORMAT;
+ return CKMC_ERROR_INVALID_FORMAT;
}
output.resize(size);
- *cert = ckmc_cert_new(output.data(), output.size(), CKMC_FORM_DER);
-
- return CKMC_API_SUCCESS;
+ return ckmc_cert_new(output.data(), output.size(), CKMC_FORM_DER, cert);
}