#include <ckm/ckm-type.h>
#include <generic-backend/exception.h>
+#include <crypto-backend.h>
namespace CKM {
namespace Crypto {
class GObj {
protected:
- GObj() {}
+ explicit GObj(CryptoBackend backendId) : m_backendId(backendId) {}
public:
virtual RawBuffer getBinary() const
virtual ~GObj()
{
}
+
+ CryptoBackend backendId() const { return m_backendId; }
+
+private:
+ const CryptoBackend m_backendId;
};
typedef std::unique_ptr<GObj> GObjUPtr;
{
}
+ template <typename T, typename ...Args>
+ GObjUPtr make(Args&&... args) {
+ return std::make_unique<T>(m_backendId, std::forward<Args>(args)...);
+ }
+
CryptoBackend m_backendId;
};
#include <openssl/evp.h>
#include <generic-backend/gobj.h>
+#include <generic-backend/gstore.h>
#include <data-type.h>
namespace CKM {
class BData : public GObj {
public:
- BData(RawBuffer buffer, DataType keyType) :
- m_raw(std::move(buffer)), m_type(keyType) {}
+ BData(CryptoBackend backendId, RawBuffer buffer, DataType keyType) :
+ GObj(backendId), m_raw(std::move(buffer)), m_type(keyType) {}
RawBuffer getBinary() const override
{
class SKey : public BData {
public:
- SKey(RawBuffer buffer, DataType keyType) :
- BData(std::move(buffer), keyType) {}
+ SKey(CryptoBackend backendId, RawBuffer buffer, DataType keyType) :
+ BData(backendId, std::move(buffer), keyType) {}
RawBuffer encrypt(const CryptoAlgorithm &, const RawBuffer &) override;
RawBuffer decrypt(const CryptoAlgorithm &, const RawBuffer &) override;
class AKey : public BData {
public:
- AKey(RawBuffer buffer, DataType dataType) :
- BData(std::move(buffer), dataType) {}
+ AKey(CryptoBackend backendId, RawBuffer buffer, DataType dataType) :
+ BData(backendId, std::move(buffer), dataType) {}
RawBuffer sign(const CryptoAlgorithm &alg, const RawBuffer &message) override;
int verify(const CryptoAlgorithm &alg,
class Cert : public AKey {
public:
- Cert(RawBuffer buffer, DataType dataType) :
- AKey(std::move(buffer), dataType) {}
+ Cert(CryptoBackend backendId, RawBuffer buffer, DataType dataType) :
+ AKey(backendId, std::move(buffer), dataType) {}
protected:
EvpShPtr getEvpShPtr() override;
RawBuffer data = unpack(token.data, pass);
if (token.dataType.isKeyPrivate() || token.dataType.isKeyPublic())
- return std::make_unique<AKey>(data, token.dataType);
+ return make<AKey>(std::move(data), token.dataType);
if (token.dataType.isSKey())
- return std::make_unique<SKey>(data, token.dataType);
+ return make<SKey>(std::move(data), token.dataType);
if (token.dataType.isCertificate() || token.dataType.isChainCert())
- return std::make_unique<Cert>(data, token.dataType);
+ return make<Cert>(std::move(data), token.dataType);
if (token.dataType.isBinaryData())
- return std::make_unique<BData>(data, token.dataType);
+ return make<BData>(std::move(data), token.dataType);
ThrowErr(Exc::Crypto::DataTypeNotSupported,
"This type of data is not supported by openssl backend: ", token.dataType);
class BData : public GObj {
public:
- explicit BData(RawBuffer buffer) : m_raw(std::move(buffer)) {}
+ explicit BData(CryptoBackend backendId, RawBuffer buffer) :
+ GObj(backendId), m_raw(std::move(buffer)) {}
- virtual RawBuffer getBinary() const override
+ RawBuffer getBinary() const override
{
return m_raw;
}
class Key : public BData {
public:
- Key(int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
- BData(std::move(buffer)),
+ Key(CryptoBackend backendId, int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
+ BData(backendId, std::move(buffer)),
m_scheme(scheme),
m_password(std::move(pwd)),
m_type(dataType) {}
class SKey : public Key {
public:
- SKey(int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
- Key(scheme, std::move(buffer), std::move(pwd), dataType) {}
+ SKey(CryptoBackend backendId, int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
+ Key(backendId, scheme, std::move(buffer), std::move(pwd), dataType) {}
virtual RawBuffer encrypt(const CryptoAlgorithm &, const RawBuffer &);
virtual RawBuffer decrypt(const CryptoAlgorithm &, const RawBuffer &);
class AKey : public Key {
public:
- AKey(int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
- Key(scheme, std::move(buffer), std::move(pwd), dataType) {}
+ AKey(CryptoBackend backendId, int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
+ Key(backendId, scheme, std::move(buffer), std::move(pwd), dataType) {}
virtual RawBuffer sign(const CryptoAlgorithm &alg, const RawBuffer &message);
virtual int verify(const CryptoAlgorithm &alg, const RawBuffer &message,
class Cert : public AKey {
public:
- Cert(int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
- AKey(scheme, std::move(buffer), std::move(pwd), dataType) {}
+ Cert(CryptoBackend backendId, int scheme, RawBuffer buffer, Pwd pwd, DataType dataType) :
+ AKey(backendId, scheme, std::move(buffer), std::move(pwd), dataType) {}
virtual ~Cert() {}
};
}
if (token.dataType.isKeyPrivate() || token.dataType.isKeyPublic())
- return std::make_unique<AKey>(scheme, id, Pwd(pass, iv, tag), token.dataType);
+ return make<AKey>(scheme, std::move(id), Pwd(pass, iv, tag), token.dataType);
if (token.dataType.isSKey())
- return std::make_unique<SKey>(scheme, id, Pwd(pass, iv, tag), token.dataType);
+ return make<SKey>(scheme, std::move(id), Pwd(pass, iv, tag), token.dataType);
if (token.dataType.isCertificate() || token.dataType.isChainCert())
- return std::make_unique<Cert>(scheme, id, Pwd(pass, iv, tag), token.dataType);
+ return make<Cert>(scheme, std::move(id), Pwd(pass, iv, tag), token.dataType);
if (token.dataType.isBinaryData()) {
- RawBuffer exported_data = Internals::getData(id, Pwd(pass, iv, tag));
- return std::make_unique<BData>(std::move(exported_data));
+ RawBuffer exported_data = Internals::getData(std::move(id), Pwd(pass, iv, tag));
+ return make<BData>(std::move(exported_data));
}
ThrowErr(Exc::Crypto::DataTypeNotSupported,
class GObjTest : public Crypto::GObj {
public:
- GObjTest() : Crypto::GObj() {}
+ GObjTest() : Crypto::GObj(CryptoBackend::None) {}
};
struct TestException : public std::exception {};
{
class AKeyHelper : public AKey {
private:
- using AKey::AKey;
+ AKeyHelper(RawBuffer buffer, DataType dataType) :
+ AKey(CryptoBackend::OpenSSL, std::move(buffer), dataType)
+ {}
public:
static EvpPtrPair getEvps(const GObjUPtrPair& objPair, DataType prvType, DataType pubType)
};
struct CertHelper : public Cert {
- using Cert::Cert;
+ CertHelper(RawBuffer buffer, DataType dataType) :
+ Cert(CryptoBackend::OpenSSL, std::move(buffer), dataType) {}
+
using Cert::getEvpShPtr;
};
ca2.setParam(ParamName::ED_IV, iv);
// short key
- SKey shortKey(createRandom(128/8 - 1), DataType::KEY_AES);
+ SKey shortKey(CryptoBackend::OpenSSL, createRandom(128/8 - 1), DataType::KEY_AES);
BOOST_REQUIRE_THROW(shortKey.encrypt(ca2, data), Exc::Crypto::InternalError);
// proper encrypt
ca.setParam(ParamName::ED_IV, iv);
// short key
- SKey shortKey(createRandom(15), DataType::KEY_AES);
+ SKey shortKey(CryptoBackend::OpenSSL, createRandom(15), DataType::KEY_AES);
BOOST_REQUIRE_THROW(shortKey.encrypt(ca, data), Exc::Crypto::InternalError);
// wrong tag length
// wrong key
auto wrongBuffer = key->getBinary();
wrongBuffer[0] ^= 0x1;
- SKey wrongKey(std::move(wrongBuffer), DataType::KEY_AES);
+ SKey wrongKey(CryptoBackend::OpenSSL, std::move(wrongBuffer), DataType::KEY_AES);
BOOST_REQUIRE_THROW(wrongKey.decrypt(ca2, encrypted), Exc::Crypto::InputParam);
Exc::Crypto::InputParam);
// Obj API with wrong key type
- AKey wrongKey(createRandom(16), DataType::KEY_AES);
+ AKey wrongKey(CryptoBackend::OpenSSL, createRandom(16), DataType::KEY_AES);
BOOST_REQUIRE_THROW(wrongKey.sign(signRsa, shortMsg), Exc::Crypto::InputParam);
auto invalidSign = [&](const RawBuffer& msg,
projects / platform / core / security / key-manager.git / commitdiff