platform/core/security/key-manager.git
10 years agoIntegration DBCryptoModule, KeyProvider and CKMLogic.
Bartlomiej Grzelewski [Wed, 11 Jun 2014 17:35:32 +0000 (19:35 +0200)]
Integration DBCryptoModule, KeyProvider and CKMLogic.

* keys in database are encrypted now.
* refactoring of CKMLogic::getData and CKMLogic::saveData
* change timeout for connection from 2 to 4 seconds (creation
  of database may take 2 seconds).

Change-Id: I44d21e8d2a77dd3b7c77e4a1615c4bcb61927344

10 years agoMake structure containers to handle memory in key-provider
kyungwook tak [Thu, 12 Jun 2014 12:14:56 +0000 (21:14 +0900)]
Make structure containers to handle memory in key-provider

Make WrappedKeyMaterialContainer class for handling memory for WrappedKeyMaterial structure
Replace space with tab

Change-Id: I2fdd44d9980fcb7a8f2992aaa3f4d3aaad6c5f19
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agoChange return value for DBCrypto
Zofia Abramowska [Thu, 12 Jun 2014 08:34:57 +0000 (10:34 +0200)]
Change return value for DBCrypto

Change from BAD_REQUEST to DB_BAD_REQUEST

Change-Id: I45ef7c1e2fe35e387b3d2f696f74fc608e7624e0

10 years agoAdd table for storing keys per label
Zofia Abramowska [Wed, 11 Jun 2014 13:00:35 +0000 (15:00 +0200)]
Add table for storing keys per label

Change-Id: Ifb30bd2c70fe75e7c78d492c652797cbc74d29d9

10 years agoModify key-provider API name 'unwrapDEK' to 'getPureDEK'
kyungwook tak [Thu, 12 Jun 2014 01:26:42 +0000 (10:26 +0900)]
Modify key-provider API name 'unwrapDEK' to 'getPureDEK'

Fix key returned by 'getPureDEK' had wrong size
for the same reason with 'getPureDomainKEK'

Change-Id: I42df2cdacf580bb761242c046e8a532681196086
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agoAdd support for certificate.
Bartlomiej Grzelewski [Wed, 11 Jun 2014 13:24:02 +0000 (15:24 +0200)]
Add support for certificate.

Change-Id: I60d95bfa9ecc0741437de83c7964843fb9081f52

10 years agoAdded exceptions to DBCryptoModule and DBCMAlgType type for algorithmType
Sebastian Grabowski [Thu, 5 Jun 2014 14:47:41 +0000 (16:47 +0200)]
Added exceptions to DBCryptoModule and DBCMAlgType type for algorithmType

Change-Id: I1d1c66f45a79523da73d762f3b09abf1bb7dee41

10 years agoFix: key returned by getDomainKEK had wrong size.
Bartlomiej Grzelewski [Wed, 11 Jun 2014 13:53:57 +0000 (15:53 +0200)]
Fix: key returned by getDomainKEK had wrong size.

Change-Id: I7c1e0007425cae59cbd41795095230cfbfd81ab5

10 years agoTypo fix: initailize to initialize in ocsp.
Sebastian Grabowski [Mon, 9 Jun 2014 11:01:39 +0000 (13:01 +0200)]
Typo fix: initailize to initialize in ocsp.

Change-Id: If2d3dc2ddc456094ac7002fb523653275722055d

10 years agoAdd missing error descriptions in clinet-error.cpp
Bartlomiej Grzelewski [Wed, 11 Jun 2014 13:47:45 +0000 (15:47 +0200)]
Add missing error descriptions in clinet-error.cpp

Change-Id: Ie4583fb14b6344ec0b382d12d453e1fe68a4b320

10 years agoIntegration ckm-logic with database module.
Bartlomiej Grzelewski [Mon, 9 Jun 2014 14:24:48 +0000 (16:24 +0200)]
Integration ckm-logic with database module.

* move db-module from common lib to service executeble.
* add function removeUserData.
* add function getKeyAliases.
* move DBRow struct to new file.

Change-Id: I70bbcd4672014c341f8a0bb476b5bde5f8a56ba5

10 years agoChange primary key for DBCrypto CKM main table
Zofia Abramowska [Tue, 10 Jun 2014 10:28:06 +0000 (12:28 +0200)]
Change primary key for DBCrypto CKM main table

Alias won't be unique between labels. Changed primary key for pair
(alias, label).

Change-Id: I25c8220a0797a6b582dd02b9fdb8eb74e95d789b

10 years agoChange DBCrypto return type
Zofia Abramowska [Tue, 10 Jun 2014 10:15:45 +0000 (12:15 +0200)]
Change DBCrypto return type

Switch from custom enum to key-manager API error codes.

Change-Id: If0023d880c47516bbbc1d9ed911b19af4fee0c23

10 years agoAdd delete method
Zofia Abramowska [Tue, 10 Jun 2014 09:19:28 +0000 (11:19 +0200)]
Add delete method

Deleting the row by alias.

Change-Id: I37ccdaf1d9e4d54158f7d7457e216e6115b34094

10 years agoAdd method const char* ErrorToString(int error)
Bartlomiej Grzelewski [Mon, 9 Jun 2014 14:23:41 +0000 (16:23 +0200)]
Add method const char* ErrorToString(int error)

Change-Id: I09d9a5e3cf13714efae7b272f52b2209f6d2d17a

10 years agoFix DBCrypto class
Zofia Abramowska [Tue, 10 Jun 2014 09:19:28 +0000 (11:19 +0200)]
Fix DBCrypto class

Add isInit() method for checking DB status after constructor.
Fix missing destructor implementation.

Change-Id: I89f94314ae70ea8a7ab7c77b0b923d203a9ad341

10 years agoAdd init to FileSystem class.
Bartlomiej Grzelewski [Mon, 9 Jun 2014 09:18:42 +0000 (11:18 +0200)]
Add init to FileSystem class.

During first start ckm will create /opt/data/ckm directory.

Change-Id: I1b8bcbb2b3f933a1ebac562f9334a79a447bc687

10 years agomodify key-provider on TODO sections and add exception
kyungwook tak [Tue, 10 Jun 2014 05:29:38 +0000 (14:29 +0900)]
modify key-provider on TODO sections and add exception

Change-Id: I61c1c5213f655aae284a72f1a8dcb5626819d37b
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agofix central-key-manager.service filename in .spec file
kyungwook tak [Mon, 9 Jun 2014 11:09:05 +0000 (20:09 +0900)]
fix central-key-manager.service filename in .spec file

Change-Id: I21c9c8a35734f71db75c5e16489ec3d8c202d87b
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agoFix move operator in TransitoryString
Zofia Abramowska [Mon, 9 Jun 2014 15:44:49 +0000 (17:44 +0200)]
Fix move operator in TransitoryString

Change-Id: I619c3d6b65defa1727c5a98814b0c261d88e9020

10 years agoChange SqlConnection behaviour on bad input
Zofia Abramowska [Mon, 9 Jun 2014 16:34:55 +0000 (18:34 +0200)]
Change SqlConnection behaviour on bad input

Changed assert to exception throw.

Change-Id: I561f47ade1b7b1e07424ed1933f16a592825cd0f

10 years agoAdd encrypted database support layer
Zofia Abramowska [Mon, 9 Jun 2014 15:42:32 +0000 (17:42 +0200)]
Add encrypted database support layer

Adding DBCrypto class, which supports creating/inserting/querying
the encrypted database. Remove DBRow struct definition from Module
 header.

Change-Id: I10f502b58b6912bdd1eff6563853f9d183ef59ed

10 years agoAdapt SqlConnection to TransitoryString
Zofia Abramowska [Wed, 4 Jun 2014 14:16:00 +0000 (16:16 +0200)]
Adapt SqlConnection to TransitoryString

Add self wiping out string for wrapping  sqlcipher database encryption
key.

Change-Id: I0d4efda89318e83eea7f3a607a2e80e00365a628

10 years agoAdd self wiping out string
Zofia Abramowska [Wed, 4 Jun 2014 12:41:19 +0000 (14:41 +0200)]
Add self wiping out string

Add TransitoryString class implementation for self wiping out
string used for storing sensitive data (aka key/passwod)

Change-Id: I0c90ce443c93511bd82f1a29083d6b7ea0340809

10 years agoImplementation of Control::unlockUserKey
Bartlomiej Grzelewski [Thu, 5 Jun 2014 16:10:17 +0000 (18:10 +0200)]
Implementation of Control::unlockUserKey

Change-Id: I18510e2c36b599f8bb7f486aad7b81bd9cd01647

10 years agoBuild break fix.
Bartlomiej Grzelewski [Fri, 6 Jun 2014 12:26:08 +0000 (14:26 +0200)]
Build break fix.

Change-Id: Ic0f64b859f716a363462e35f2996fcb9939a2ea9

10 years agoChange user type identification from name to uid.
Bartlomiej Grzelewski [Thu, 5 Jun 2014 15:11:53 +0000 (17:11 +0200)]
Change user type identification from name to uid.

User name is not unique. We need to use kernel understanable value.

Change-Id: I747cb249e430f40104bee6fc694bfe55fe259e81

10 years agoAdd blob support in SqlConnection
Zofia Abramowska [Thu, 5 Jun 2014 14:20:25 +0000 (16:20 +0200)]
Add blob support in SqlConnection

Change-Id: If78176992564ecf614570c00219135482c8c1c88

10 years ago Service implementation.
Radoslaw Bartosiak [Wed, 4 Jun 2014 16:33:21 +0000 (18:33 +0200)]
 Service implementation.

   * Add support for createKeyPairRSA, createKeyPairECDSA commands.

Change-Id: Ia92b6f80d85ea570ad7c7bb3ac61cc950eea36c3

10 years agoFix KeyImpl implementation.
Bartlomiej Grzelewski [Thu, 5 Jun 2014 09:59:09 +0000 (11:59 +0200)]
Fix KeyImpl implementation.

Current implementation may allocate too big memory buffer for key. If you
created key from PEM file the allocated size of the key weren't change
even if you write it in der format.

Change-Id: I631dac1ec367b8e7ee10677c8c2e876e6f9013e5

10 years agoAdd FileSystem class.
Bartlomiej Grzelewski [Wed, 4 Jun 2014 16:29:01 +0000 (18:29 +0200)]
Add FileSystem class.

Change-Id: I537bbf2ce8667a3920c2824c5ac0933744ee522f

10 years agoRemove cycle dependencies between common and client libraries.
Bartlomiej Grzelewski [Thu, 5 Jun 2014 13:22:11 +0000 (15:22 +0200)]
Remove cycle dependencies between common and client libraries.

* Moved client-certificate-impl and client-key-impl to common library.
* Changed client-certificate-impl into certificate-impl.
* Changed name client-key-impl int key-impl.

Change-Id: I2a49685f4a885300c6f438a284aac8d180ab752d

10 years agoRevert "key and cert impls are moved back to cient directory"
Bartlomiej Grzelewski [Thu, 5 Jun 2014 13:15:23 +0000 (15:15 +0200)]
Revert "key and cert impls are moved back to cient directory"

This reverts commit 50b4c2e86e67af5fe5e17de809bd14f487f8db7c.

10 years agokey and cert impls are moved back to cient directory
Dongsun Lee [Thu, 5 Jun 2014 11:11:08 +0000 (20:11 +0900)]
key and cert impls are moved back to cient directory

Change-Id: I2a95487479ce444f39066e166df44d941519508e
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
10 years agoModify the supporting information for RSA padding algorithms
yuseok.jeon [Thu, 5 Jun 2014 06:52:16 +0000 (15:52 +0900)]
Modify the supporting information for RSA padding algorithms

Change-Id: Ibca72aa01bfaea1ee6bebca9d3960d4b46b6b137
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
10 years agoAdd verify certificate chain function
yuseok.jeon [Thu, 5 Jun 2014 06:03:33 +0000 (15:03 +0900)]
Add verify certificate chain function

Change-Id: Ia1a9dd562006757c88f1dc7e993372f2ac5a6a22
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
10 years agoInitial Crypto Service Implementation
yuseok.jeon [Thu, 5 Jun 2014 02:25:28 +0000 (11:25 +0900)]
Initial Crypto Service Implementation

Change-Id: Id2936bcefaa027af91cc69964cb79536086fcd81
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
10 years agoBug fix
yuseok.jeon [Thu, 5 Jun 2014 01:15:38 +0000 (10:15 +0900)]
Bug fix

Change-Id: I1bb23b4d1cee0479926a0c521b59593fd43a5d3d
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
10 years agoinitial ocsp implementation
Dongsun Lee [Thu, 5 Jun 2014 00:30:44 +0000 (09:30 +0900)]
initial ocsp implementation

Change-Id: Ifedc6c913fc09c1549243d3f8a1e6582ab9179cd
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
10 years agoclient-key, client-key-impl, client-certificate, and client-certificate-impl are...
Dongsun Lee [Thu, 5 Jun 2014 00:25:46 +0000 (09:25 +0900)]
client-key, client-key-impl, client-certificate, and client-certificate-impl are used in service also. So they are moved to common directory

Change-Id: I85d74b5e5fd3c7a6a38da654b3c79ad2e86dcea7
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
10 years agoAdd support for credentials.
Bartlomiej Grzelewski [Wed, 4 Jun 2014 12:39:07 +0000 (14:39 +0200)]
Add support for credentials.

Change-Id: Iab89ed704ec7d86f71989fa25838d08bbabbf58b

10 years agoInitial commit of DBCryptoModule
Sebastian Grabowski [Tue, 3 Jun 2014 07:22:34 +0000 (09:22 +0200)]
Initial commit of DBCryptoModule

Change-Id: Id3c0714b86f4b49f0caa1c7cac18c00db81f3c23

10 years agoFix assert.h file
Zofia Abramowska [Wed, 4 Jun 2014 12:52:17 +0000 (14:52 +0200)]
Fix assert.h file

Add missing <string> include

Change-Id: Id44ed232512b15e032a53cbec8c111f330980705

10 years agoAdapt SQLConnection to sqlcipher
Zofia Abramowska [Thu, 29 May 2014 08:45:39 +0000 (10:45 +0200)]
Adapt SQLConnection to sqlcipher

Added public methods for key setting and resetting using
sqlcipher sqlite3_key and sqlite3_rekey functions.

Change-Id: I8a1136beb1bb9b962b72635c254eb211237fc851

10 years agoAdd sqlcipher and SqlConnection
Zofia Abramowska [Tue, 27 May 2014 14:45:11 +0000 (16:45 +0200)]
Add sqlcipher and SqlConnection

Change-Id: I546d89fb361dea033198cddc0a26fa1c847fb25c

10 years agoremove not-used line
Dongsun Lee [Wed, 4 Jun 2014 09:09:04 +0000 (18:09 +0900)]
remove not-used line

Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
10 years agoInitial version of OCSP implementation
Dong Sun Lee [Mon, 2 Jun 2014 10:53:21 +0000 (19:53 +0900)]
Initial version of OCSP implementation

Change-Id: I5027fd53bac79248640b8052891ae35c768f7a12
Signed-off-by: Dong Sun Lee <ds73.lee@samsung.com>
10 years agoimprove skmm dummy
kyungwook tak [Wed, 4 Jun 2014 06:57:34 +0000 (15:57 +0900)]
improve skmm dummy

Change-Id: I0ce6e5f8efc4a19993de2b984f515ec06d97a483
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agoAdd support for requestXXXAliasVector methods.
Bartlomiej Grzelewski [Tue, 3 Jun 2014 16:16:47 +0000 (18:16 +0200)]
Add support for requestXXXAliasVector methods.

Change-Id: If2603c83f43586c400e3ff6750e0d88f61d32583

10 years agoAll password are stored in std::string now.
Bartlomiej Grzelewski [Tue, 3 Jun 2014 14:48:47 +0000 (16:48 +0200)]
All password are stored in std::string now.

Change-Id: I4032fc43493102d30d0c6d1c6f0edcbdd3f0f4de

10 years agoReplace RawData with RawBuffer.
Bartlomiej Grzelewski [Tue, 3 Jun 2014 14:05:16 +0000 (16:05 +0200)]
Replace RawData with RawBuffer.

Change-Id: Ie188a489c3b122bde1b725de2d21887bdd644a5a

10 years agoMove pc file to build directory.
Bartlomiej Grzelewski [Tue, 3 Jun 2014 12:26:06 +0000 (14:26 +0200)]
Move pc file to build directory.

Add dummy responses to Control protocol.

Change-Id: I76d44f1d0dc52daa455ea7283bfd2435715d3c7c

10 years agoAdd support for UserData in client library.
Bartlomiej Grzelewski [Tue, 3 Jun 2014 10:07:52 +0000 (12:07 +0200)]
Add support for UserData in client library.

Change-Id: Ibc4d261f20a85f019be4c1efac1fa4fd452c525f

10 years agoAdd support for certificates.
Bartlomiej Grzelewski [Mon, 2 Jun 2014 15:16:59 +0000 (17:16 +0200)]
Add support for certificates.

* Implementation of Certificate.
* Implementation of CertificateImpl.
* Implementation of Manager.
* Port class Base64 from cert-svc.

Change-Id: I5d5a6c3ae3cdda15636f3876a9ee9e19f76b1e75

10 years agoService implementation.
Bartlomiej Grzelewski [Mon, 2 Jun 2014 10:05:52 +0000 (12:05 +0200)]
Service implementation.

* Add support for ADD, GET, REMOVE commands.
* Rename StorageCommand to LogicCommand.
* Move KeyImpl from client library to common.

Change-Id: Icd86f5dd6f7442565e542d637bf6bda9fd389aa1

10 years agoremove \r tags added from windows editor
kyungwook tak [Mon, 2 Jun 2014 10:43:35 +0000 (19:43 +0900)]
remove \r tags added from windows editor

Change-Id: Ic07a5a843424a1db7b6f3fc2f3015593375b9e06
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agokey provider version alpha push
kyungwook tak [Mon, 2 Jun 2014 07:44:38 +0000 (16:44 +0900)]
key provider version alpha push

use ckm-key-provider-dummy instead of SKMM library.
dummy library uses xor to unwrap/wrap KEK/DEKs
It's for testing other modules, so it will be improved.

ckm-key-provider.h : SKMM header.
ckm-key-provider-dummy.c : implementation of SKMM dummy
key-provider.cpp : implementation of key-provider

key-aes empty constructor empty implementation added for key-provider
one of key-provider API member function name changed
(decryptDEK -> unwrapDEK)

please feedback at any points.

Change-Id: I5dea33d9bacc2c944ae14e77fd0c00c35bd136e1
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agoAdd Manager Implementation.
Bartlomiej Grzelewski [Fri, 30 May 2014 14:31:19 +0000 (16:31 +0200)]
Add Manager Implementation.

Change-Id: I12db0dc94a111eef089a2ad4d4ed2a5f3023e6ea

10 years agoMove KeyType to ckm-type.h header.
Bartlomiej Grzelewski [Fri, 30 May 2014 14:30:10 +0000 (16:30 +0200)]
Move KeyType to ckm-type.h header.

Change-Id: Ie64f36d6be132b84969bab9fe228be717d20de99

10 years agoAdd replace /usr/include with %{_includedir} in spec file.
Bartlomiej Grzelewski [Fri, 30 May 2014 13:11:02 +0000 (15:11 +0200)]
Add replace /usr/include with %{_includedir} in spec file.

Change-Id: I4389b0cd3647aa50742bf4ca26b5d415877012ab

10 years agoImplementation of Key class.
Bartlomiej Grzelewski [Fri, 30 May 2014 09:01:12 +0000 (11:01 +0200)]
Implementation of Key class.

Change-Id: Ie9b404a8fb5e5fc60f2c4e475337dc34b3b4860b

10 years agoAdd service for control operations.
Bartlomiej Grzelewski [Tue, 27 May 2014 15:06:04 +0000 (17:06 +0200)]
Add service for control operations.

Change-Id: I3e33a962cbeddab29b9dcb61096e5896a2cc8946

10 years agoFix domain name in spec
Zofia Abramowska [Wed, 28 May 2014 10:52:22 +0000 (12:52 +0200)]
Fix domain name in spec

Change requested domain name from "Security" to "_"
due to segmentation fault in rpm.

Change-Id: I3734a03dc0aa43c48c67da044a8ec9e0de28c906

10 years agoChange namespace
Zofia Abramowska [Mon, 26 May 2014 14:04:56 +0000 (16:04 +0200)]
Change namespace

Changing namespace CentralKeyManager to shorter version.

Change-Id: If0ce82ee574a0bb77c4c3e014cec60a2a37240ad

10 years agoFix common library smack dependency
Zofia Abramowska [Mon, 26 May 2014 13:30:56 +0000 (15:30 +0200)]
Fix common library smack dependency

Missing smack dependency in CMakeLists for commons library

Change-Id: Ia1db61e20729f8fe16b316ffde2098aab99ea94e

10 years agofix build error about include file name
kyungwook tak [Tue, 27 May 2014 00:36:15 +0000 (09:36 +0900)]
fix build error about include file name

Change-Id: Iddd3a9a4891a3e2cdb50b91ba2538247f8edb152
Signed-off-by: kyungwook tak <k.tak@samsung.com>
10 years agoAdd header files.
Bartlomiej Grzelewski [Mon, 26 May 2014 14:44:59 +0000 (16:44 +0200)]
Add header files.

Add main header with api. Fix spec file. Add file with error codes.

Change-Id: Idca98151ee80e54b2a0cf2ac86c0f96188ddee73

10 years agoAdd Echo service
Zofia Abramowska [Tue, 20 May 2014 14:15:10 +0000 (16:15 +0200)]
Add Echo service

Adding an example service for key-manager.

Change-Id: I72b30bed332785683fb104850a11b61c062ba8d1

10 years agoInitial commit
Zofia Abramowska [Wed, 14 May 2014 16:39:57 +0000 (18:39 +0200)]
Initial commit

Change-Id: I4e7b15fdcfdc4f4fe6c0b9401d30b9dea038866f

10 years agoInitial empty repository
SLP System [Wed, 14 May 2014 08:54:54 +0000 (17:54 +0900)]
Initial empty repository