if(!owner || !alias)
return CKMC_ERROR_INVALID_PARAMETER;
+ int ec, permissionMask;
+ ec = access_to_permission_mask(granted, permissionMask);
+ if(ec != CKMC_ERROR_NONE)
+ return ec;
+
// if label given twice, service will return an error
- return ckmc_set_permission_by_adm(user, CKM::AliasSupport::merge(CKM::Label(owner), CKM::Name(alias)).c_str(), accessor, granted);
+ return ckmc_set_permission_by_adm(user, CKM::AliasSupport::merge(CKM::Label(owner), CKM::Name(alias)).c_str(), accessor, permissionMask);
}
KEY_MANAGER_CAPI
KEY_MANAGER_CAPI
int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted)
{
- return ckmc_set_permission(alias, accessor, static_cast<int>(granted));
+ int ec, permissionMask;
+ ec = access_to_permission_mask(granted, permissionMask);
+ if(ec != CKMC_ERROR_NONE)
+ return ec;
+
+ return ckmc_set_permission(alias, accessor, permissionMask);
}
KEY_MANAGER_CAPI
* @brief new and free methods for the struct of CAPI
*/
+#include <ckmc/ckmc-type.h>
#include <ckmc-type-converter.h>
int to_ckm_error(int ckmc_error) {
}
}
+int access_to_permission_mask(ckmc_access_right_e ar, int & permissionMask)
+{
+ switch(ar)
+ {
+ case CKMC_AR_READ:
+ permissionMask = CKMC_PERMISSION_READ;
+ break;
+
+ case CKMC_AR_READ_REMOVE:
+ permissionMask = CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE;
+ break;
+
+ default:
+ return CKMC_ERROR_INVALID_PARAMETER;
+ }
+ return CKMC_ERROR_NONE;
+}
int to_ckmc_error(int ckm_error);
int to_ckm_error(int ckmc_error);
ckmc_ocsp_status_e to_ckmc_ocsp_status(int ckm_ocsp_status);
+int access_to_permission_mask(ckmc_access_right_e ar, int & permissionMask);
#ifdef __cplusplus
}