From: Krzysztof Jackiewicz Date: Thu, 9 Jul 2015 12:44:36 +0000 (+0200) Subject: Implement asynchronous encryption/decryption API X-Git-Tag: accepted/tizen/mobile/20150804.235652~3 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;ds=sidebyside;h=d924ac74a2d82370d095af2056e9d2e30257f2ba;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git Implement asynchronous encryption/decryption API [Feature] Encryption/decryption API implementation [Solution] Add asynchronous interface for encryption and decryption [Verification] Run ckm-tests --group=CKM_ENCRYPTION_DECRYPTION Change-Id: Ie18d80a47885895aabbedc51d8bdb8ff60172726 --- diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index fd79979..f76673f 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -119,6 +119,7 @@ SET(KEY_MANAGER_CLIENT_SOURCES ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/service.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/storage-receiver.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/ocsp-receiver.cpp + ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/encryption-receiver.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/descriptor-set.cpp ${KEY_MANAGER_CLIENT_CAPI_SRC_PATH}/ckmc-type.cpp ${KEY_MANAGER_CLIENT_CAPI_SRC_PATH}/ckmc-error.cpp diff --git a/src/include/ckm/ckm-manager-async.h b/src/include/ckm/ckm-manager-async.h index fca4408..774bb32 100644 --- a/src/include/ckm/ckm-manager-async.h +++ b/src/include/ckm/ckm-manager-async.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -76,6 +76,9 @@ public: virtual void ReceivedSetPermission() {} + virtual void ReceivedEncrypted(RawBuffer &&) {} + virtual void ReceivedDecrypted(RawBuffer &&) {} + virtual ~Observer() {} }; @@ -191,6 +194,20 @@ public: const Label& accessor, PermissionMask permissionMask); + void encrypt( + const ObserverPtr& observer, + const CryptoAlgorithm& algo, + const Alias& keyAlias, + const Password& password, + const RawBuffer& plain); + + void decrypt( + const ObserverPtr& observer, + const CryptoAlgorithm& algo, + const Alias& keyAlias, + const Password& password, + const RawBuffer& encrypted); + private: std::unique_ptr m_impl; }; diff --git a/src/manager/client-async/client-manager-async-impl.cpp b/src/manager/client-async/client-manager-async-impl.cpp index 2a37c24..fb7bc8a 100644 --- a/src/manager/client-async/client-manager-async-impl.cpp +++ b/src/manager/client-async/client-manager-async-impl.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -382,4 +382,36 @@ void ManagerAsync::Impl::observerCheck(const ManagerAsync::ObserverPtr& observer throw std::invalid_argument("Empty observer"); } +void ManagerAsync::Impl::crypt( + const ObserverPtr& observer, + const CryptoAlgorithm& algo, + const Alias& keyAlias, + const Password& password, + const RawBuffer& input, + bool encryption) +{ + observerCheck(observer); + if (input.empty() || keyAlias.empty()) + return observer->ReceivedError(CKM_API_ERROR_INPUT_PARAM); + + try_catch_async([&] { + AliasSupport helper(keyAlias); + CryptoAlgorithmSerializable cas(algo); + m_counter++; + + auto send = MessageBuffer::Serialize( + static_cast(encryption?EncryptionCommand::ENCRYPT:EncryptionCommand::DECRYPT), + m_counter, + cas, + helper.getName(), + helper.getLabel(), + password, + input); + thread()->sendMessage(AsyncRequest(observer, + SERVICE_SOCKET_ENCRYPTION, + send.Pop(), + m_counter)); + }, [&observer](int error){ observer->ReceivedError(error); } ); +} + } // namespace CKM diff --git a/src/manager/client-async/client-manager-async-impl.h b/src/manager/client-async/client-manager-async-impl.h index d6bf0cf..02c132d 100644 --- a/src/manager/client-async/client-manager-async-impl.h +++ b/src/manager/client-async/client-manager-async-impl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -154,6 +154,14 @@ public: }, [&observer](int error){ observer->ReceivedError(error); } ); } + void crypt( + const ObserverPtr& observer, + const CryptoAlgorithm& algo, + const Alias& keyAlias, + const Password& password, + const RawBuffer& input, + bool encryption); + private: template diff --git a/src/manager/client-async/client-manager-async.cpp b/src/manager/client-async/client-manager-async.cpp index d97cfd9..f79d12b 100644 --- a/src/manager/client-async/client-manager-async.cpp +++ b/src/manager/client-async/client-manager-async.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -258,5 +258,25 @@ void ManagerAsync::setPermission(const ObserverPtr& observer, m_impl->setPermission(observer, alias, accessor, permissionMask); } +void ManagerAsync::encrypt( + const ObserverPtr& observer, + const CryptoAlgorithm& algo, + const Alias& keyAlias, + const Password& password, + const RawBuffer& plain) +{ + m_impl->crypt(observer, algo, keyAlias, password, plain, true); +} + +void ManagerAsync::decrypt( + const ObserverPtr& observer, + const CryptoAlgorithm& algo, + const Alias& keyAlias, + const Password& password, + const RawBuffer& encrypted) +{ + m_impl->crypt(observer, algo, keyAlias, password, encrypted, false); +} + } // namespace CKM diff --git a/src/manager/client-async/encryption-receiver.cpp b/src/manager/client-async/encryption-receiver.cpp new file mode 100644 index 0000000..a406c0a --- /dev/null +++ b/src/manager/client-async/encryption-receiver.cpp @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file encryption-receiver.cpp + * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) + * @version 1.0 + */ + +#include +#include +#include + +namespace CKM { + +EncryptionReceiver::EncryptionReceiver(MessageBuffer& buffer, AsyncRequest::Map& requests) : + m_buffer(buffer), + m_requests(requests) +{ +} + +void EncryptionReceiver::processResponse() +{ + int command = 0; + int id = 0; + int retCode; + RawBuffer output; + m_buffer.Deserialize(command, id, retCode, output); + + auto it = m_requests.find(id); + if (it == m_requests.end()) { + LogError("Request with id " << id << " not found!"); + ThrowMsg(BadResponse, "Request with id " << id << " not found!"); + } + + // let it throw + AsyncRequest req = std::move(m_requests.at(id)); + m_requests.erase(id); + + switch (static_cast(command)) { + case EncryptionCommand::ENCRYPT: + if (retCode == CKM_API_SUCCESS) + req.observer->ReceivedEncrypted(std::move(output)); + else + req.observer->ReceivedError(retCode); + break; + case EncryptionCommand::DECRYPT: + if (retCode == CKM_API_SUCCESS) + req.observer->ReceivedDecrypted(std::move(output)); + else + req.observer->ReceivedError(retCode); + break; + default: + LogError("Unknown command id: " << command); + ThrowMsg(BadResponse, "Unknown command id: " << command); + break; + } +} + +} /* namespace CKM */ diff --git a/src/manager/client-async/encryption-receiver.h b/src/manager/client-async/encryption-receiver.h new file mode 100644 index 0000000..9995a31 --- /dev/null +++ b/src/manager/client-async/encryption-receiver.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file encryption-receiver.h + * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) + * @version 1.0 + */ + +#pragma once + +#include +#include +#include +#include + +namespace CKM { + +class EncryptionReceiver : public IReceiver +{ +public: + EncryptionReceiver(MessageBuffer& buffer, AsyncRequest::Map& reqMap); + virtual ~EncryptionReceiver() {} + + NONCOPYABLE(EncryptionReceiver); + + void processResponse(); + +private: + MessageBuffer& m_buffer; + AsyncRequest::Map& m_requests; +}; + +} /* namespace CKM */ diff --git a/src/manager/client-async/ocsp-receiver.cpp b/src/manager/client-async/ocsp-receiver.cpp index f07883e..3b4af1a 100644 --- a/src/manager/client-async/ocsp-receiver.cpp +++ b/src/manager/client-async/ocsp-receiver.cpp @@ -30,7 +30,7 @@ OcspReceiver::OcspReceiver(MessageBuffer& buffer, AsyncRequest::Map& requests) : { } -void OcspReceiver::parseResponse() +void OcspReceiver::processResponse() { int id = 0, retCode = 0, ocspStatus = 0; m_buffer.Deserialize(id, retCode, ocspStatus); diff --git a/src/manager/client-async/ocsp-receiver.h b/src/manager/client-async/ocsp-receiver.h index bd6bf7b..93d2dec 100644 --- a/src/manager/client-async/ocsp-receiver.h +++ b/src/manager/client-async/ocsp-receiver.h @@ -36,7 +36,7 @@ public: NONCOPYABLE(OcspReceiver); - void parseResponse(); + void processResponse(); private: MessageBuffer& m_buffer; diff --git a/src/manager/client-async/receiver.h b/src/manager/client-async/receiver.h index 106a93b..cac1608 100644 --- a/src/manager/client-async/receiver.h +++ b/src/manager/client-async/receiver.h @@ -27,7 +27,7 @@ class IReceiver { public: DECLARE_EXCEPTION_TYPE(CKM::Exception, BadResponse); - virtual void parseResponse() = 0; + virtual void processResponse() = 0; virtual ~IReceiver() {}; }; diff --git a/src/manager/client-async/service.cpp b/src/manager/client-async/service.cpp index 55c3be2..39a4379 100644 --- a/src/manager/client-async/service.cpp +++ b/src/manager/client-async/service.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,6 +26,7 @@ #include #include +#include #include namespace CKM { @@ -186,12 +187,14 @@ void Service::receiveData() receiver.reset(new StorageReceiver(*m_responseBuffer, m_responseMap)); else if (m_interface == SERVICE_SOCKET_OCSP) receiver.reset(new OcspReceiver(*m_responseBuffer, m_responseMap)); + else if (m_interface == SERVICE_SOCKET_ENCRYPTION) + receiver.reset(new EncryptionReceiver(*m_responseBuffer, m_responseMap)); else { LogError("Unknown service " << m_interface); serviceError(CKM_API_ERROR_RECV_FAILED); return; } - receiver->parseResponse(); + receiver->processResponse(); if (m_responseMap.empty()) watch(m_sendQueue.empty()?0:POLLOUT); diff --git a/src/manager/client-async/storage-receiver.cpp b/src/manager/client-async/storage-receiver.cpp index a15e0a3..15bee0b 100644 --- a/src/manager/client-async/storage-receiver.cpp +++ b/src/manager/client-async/storage-receiver.cpp @@ -35,7 +35,7 @@ StorageReceiver::StorageReceiver(MessageBuffer& buffer, AsyncRequest::Map& reque { } -void StorageReceiver::parseResponse() +void StorageReceiver::processResponse() { int command = 0, id = 0; m_buffer.Deserialize(command, id); diff --git a/src/manager/client-async/storage-receiver.h b/src/manager/client-async/storage-receiver.h index c838b3d..98847b6 100644 --- a/src/manager/client-async/storage-receiver.h +++ b/src/manager/client-async/storage-receiver.h @@ -37,7 +37,7 @@ public: NONCOPYABLE(StorageReceiver); - void parseResponse(); + void processResponse(); private: void parseGetCommand();