summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Bartlomiej Grzelewski [Wed, 11 Jun 2014 17:35:32 +0000 (19:35 +0200)]
Integration DBCryptoModule, KeyProvider and CKMLogic.
* keys in database are encrypted now.
* refactoring of CKMLogic::getData and CKMLogic::saveData
* change timeout for connection from 2 to 4 seconds (creation
of database may take 2 seconds).
Change-Id: I44d21e8d2a77dd3b7c77e4a1615c4bcb61927344
kyungwook tak [Thu, 12 Jun 2014 12:14:56 +0000 (21:14 +0900)]
Make structure containers to handle memory in key-provider
Make WrappedKeyMaterialContainer class for handling memory for WrappedKeyMaterial structure
Replace space with tab
Change-Id: I2fdd44d9980fcb7a8f2992aaa3f4d3aaad6c5f19
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Zofia Abramowska [Thu, 12 Jun 2014 08:34:57 +0000 (10:34 +0200)]
Change return value for DBCrypto
Change from BAD_REQUEST to DB_BAD_REQUEST
Change-Id: I45ef7c1e2fe35e387b3d2f696f74fc608e7624e0
Zofia Abramowska [Wed, 11 Jun 2014 13:00:35 +0000 (15:00 +0200)]
Add table for storing keys per label
Change-Id: Ifb30bd2c70fe75e7c78d492c652797cbc74d29d9
kyungwook tak [Thu, 12 Jun 2014 01:26:42 +0000 (10:26 +0900)]
Modify key-provider API name 'unwrapDEK' to 'getPureDEK'
Fix key returned by 'getPureDEK' had wrong size
for the same reason with 'getPureDomainKEK'
Change-Id: I42df2cdacf580bb761242c046e8a532681196086
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Bartlomiej Grzelewski [Wed, 11 Jun 2014 13:24:02 +0000 (15:24 +0200)]
Add support for certificate.
Change-Id: I60d95bfa9ecc0741437de83c7964843fb9081f52
Sebastian Grabowski [Thu, 5 Jun 2014 14:47:41 +0000 (16:47 +0200)]
Added exceptions to DBCryptoModule and DBCMAlgType type for algorithmType
Change-Id: I1d1c66f45a79523da73d762f3b09abf1bb7dee41
Bartlomiej Grzelewski [Wed, 11 Jun 2014 13:53:57 +0000 (15:53 +0200)]
Fix: key returned by getDomainKEK had wrong size.
Change-Id: I7c1e0007425cae59cbd41795095230cfbfd81ab5
Sebastian Grabowski [Mon, 9 Jun 2014 11:01:39 +0000 (13:01 +0200)]
Typo fix: initailize to initialize in ocsp.
Change-Id: If2d3dc2ddc456094ac7002fb523653275722055d
Bartlomiej Grzelewski [Wed, 11 Jun 2014 13:47:45 +0000 (15:47 +0200)]
Add missing error descriptions in clinet-error.cpp
Change-Id: Ie4583fb14b6344ec0b382d12d453e1fe68a4b320
Bartlomiej Grzelewski [Mon, 9 Jun 2014 14:24:48 +0000 (16:24 +0200)]
Integration ckm-logic with database module.
* move db-module from common lib to service executeble.
* add function removeUserData.
* add function getKeyAliases.
* move DBRow struct to new file.
Change-Id: I70bbcd4672014c341f8a0bb476b5bde5f8a56ba5
Zofia Abramowska [Tue, 10 Jun 2014 10:28:06 +0000 (12:28 +0200)]
Change primary key for DBCrypto CKM main table
Alias won't be unique between labels. Changed primary key for pair
(alias, label).
Change-Id: I25c8220a0797a6b582dd02b9fdb8eb74e95d789b
Zofia Abramowska [Tue, 10 Jun 2014 10:15:45 +0000 (12:15 +0200)]
Change DBCrypto return type
Switch from custom enum to key-manager API error codes.
Change-Id: If0023d880c47516bbbc1d9ed911b19af4fee0c23
Zofia Abramowska [Tue, 10 Jun 2014 09:19:28 +0000 (11:19 +0200)]
Add delete method
Deleting the row by alias.
Change-Id: I37ccdaf1d9e4d54158f7d7457e216e6115b34094
Bartlomiej Grzelewski [Mon, 9 Jun 2014 14:23:41 +0000 (16:23 +0200)]
Add method const char* ErrorToString(int error)
Change-Id: I09d9a5e3cf13714efae7b272f52b2209f6d2d17a
Zofia Abramowska [Tue, 10 Jun 2014 09:19:28 +0000 (11:19 +0200)]
Fix DBCrypto class
Add isInit() method for checking DB status after constructor.
Fix missing destructor implementation.
Change-Id: I89f94314ae70ea8a7ab7c77b0b923d203a9ad341
Bartlomiej Grzelewski [Mon, 9 Jun 2014 09:18:42 +0000 (11:18 +0200)]
Add init to FileSystem class.
During first start ckm will create /opt/data/ckm directory.
Change-Id: I1b8bcbb2b3f933a1ebac562f9334a79a447bc687
kyungwook tak [Tue, 10 Jun 2014 05:29:38 +0000 (14:29 +0900)]
modify key-provider on TODO sections and add exception
Change-Id: I61c1c5213f655aae284a72f1a8dcb5626819d37b
Signed-off-by: kyungwook tak <k.tak@samsung.com>
kyungwook tak [Mon, 9 Jun 2014 11:09:05 +0000 (20:09 +0900)]
fix central-key-manager.service filename in .spec file
Change-Id: I21c9c8a35734f71db75c5e16489ec3d8c202d87b
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Zofia Abramowska [Mon, 9 Jun 2014 15:44:49 +0000 (17:44 +0200)]
Fix move operator in TransitoryString
Change-Id: I619c3d6b65defa1727c5a98814b0c261d88e9020
Zofia Abramowska [Mon, 9 Jun 2014 16:34:55 +0000 (18:34 +0200)]
Change SqlConnection behaviour on bad input
Changed assert to exception throw.
Change-Id: I561f47ade1b7b1e07424ed1933f16a592825cd0f
Zofia Abramowska [Mon, 9 Jun 2014 15:42:32 +0000 (17:42 +0200)]
Add encrypted database support layer
Adding DBCrypto class, which supports creating/inserting/querying
the encrypted database. Remove DBRow struct definition from Module
header.
Change-Id: I10f502b58b6912bdd1eff6563853f9d183ef59ed
Zofia Abramowska [Wed, 4 Jun 2014 14:16:00 +0000 (16:16 +0200)]
Adapt SqlConnection to TransitoryString
Add self wiping out string for wrapping sqlcipher database encryption
key.
Change-Id: I0d4efda89318e83eea7f3a607a2e80e00365a628
Zofia Abramowska [Wed, 4 Jun 2014 12:41:19 +0000 (14:41 +0200)]
Add self wiping out string
Add TransitoryString class implementation for self wiping out
string used for storing sensitive data (aka key/passwod)
Change-Id: I0c90ce443c93511bd82f1a29083d6b7ea0340809
Bartlomiej Grzelewski [Thu, 5 Jun 2014 16:10:17 +0000 (18:10 +0200)]
Implementation of Control::unlockUserKey
Change-Id: I18510e2c36b599f8bb7f486aad7b81bd9cd01647
Bartlomiej Grzelewski [Fri, 6 Jun 2014 12:26:08 +0000 (14:26 +0200)]
Build break fix.
Change-Id: Ic0f64b859f716a363462e35f2996fcb9939a2ea9
Bartlomiej Grzelewski [Thu, 5 Jun 2014 15:11:53 +0000 (17:11 +0200)]
Change user type identification from name to uid.
User name is not unique. We need to use kernel understanable value.
Change-Id: I747cb249e430f40104bee6fc694bfe55fe259e81
Zofia Abramowska [Thu, 5 Jun 2014 14:20:25 +0000 (16:20 +0200)]
Add blob support in SqlConnection
Change-Id: If78176992564ecf614570c00219135482c8c1c88
Radoslaw Bartosiak [Wed, 4 Jun 2014 16:33:21 +0000 (18:33 +0200)]
Service implementation.
* Add support for createKeyPairRSA, createKeyPairECDSA commands.
Change-Id: Ia92b6f80d85ea570ad7c7bb3ac61cc950eea36c3
Bartlomiej Grzelewski [Thu, 5 Jun 2014 09:59:09 +0000 (11:59 +0200)]
Fix KeyImpl implementation.
Current implementation may allocate too big memory buffer for key. If you
created key from PEM file the allocated size of the key weren't change
even if you write it in der format.
Change-Id: I631dac1ec367b8e7ee10677c8c2e876e6f9013e5
Bartlomiej Grzelewski [Wed, 4 Jun 2014 16:29:01 +0000 (18:29 +0200)]
Add FileSystem class.
Change-Id: I537bbf2ce8667a3920c2824c5ac0933744ee522f
Bartlomiej Grzelewski [Thu, 5 Jun 2014 13:22:11 +0000 (15:22 +0200)]
Remove cycle dependencies between common and client libraries.
* Moved client-certificate-impl and client-key-impl to common library.
* Changed client-certificate-impl into certificate-impl.
* Changed name client-key-impl int key-impl.
Change-Id: I2a49685f4a885300c6f438a284aac8d180ab752d
Bartlomiej Grzelewski [Thu, 5 Jun 2014 13:15:23 +0000 (15:15 +0200)]
Revert "key and cert impls are moved back to cient directory"
This reverts commit
50b4c2e86e67af5fe5e17de809bd14f487f8db7c.
Dongsun Lee [Thu, 5 Jun 2014 11:11:08 +0000 (20:11 +0900)]
key and cert impls are moved back to cient directory
Change-Id: I2a95487479ce444f39066e166df44d941519508e
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
yuseok.jeon [Thu, 5 Jun 2014 06:52:16 +0000 (15:52 +0900)]
Modify the supporting information for RSA padding algorithms
Change-Id: Ibca72aa01bfaea1ee6bebca9d3960d4b46b6b137
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
yuseok.jeon [Thu, 5 Jun 2014 06:03:33 +0000 (15:03 +0900)]
Add verify certificate chain function
Change-Id: Ia1a9dd562006757c88f1dc7e993372f2ac5a6a22
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
yuseok.jeon [Thu, 5 Jun 2014 02:25:28 +0000 (11:25 +0900)]
Initial Crypto Service Implementation
Change-Id: Id2936bcefaa027af91cc69964cb79536086fcd81
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
yuseok.jeon [Thu, 5 Jun 2014 01:15:38 +0000 (10:15 +0900)]
Bug fix
Change-Id: I1bb23b4d1cee0479926a0c521b59593fd43a5d3d
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Dongsun Lee [Thu, 5 Jun 2014 00:30:44 +0000 (09:30 +0900)]
initial ocsp implementation
Change-Id: Ifedc6c913fc09c1549243d3f8a1e6582ab9179cd
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Thu, 5 Jun 2014 00:25:46 +0000 (09:25 +0900)]
client-key, client-key-impl, client-certificate, and client-certificate-impl are used in service also. So they are moved to common directory
Change-Id: I85d74b5e5fd3c7a6a38da654b3c79ad2e86dcea7
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Bartlomiej Grzelewski [Wed, 4 Jun 2014 12:39:07 +0000 (14:39 +0200)]
Add support for credentials.
Change-Id: Iab89ed704ec7d86f71989fa25838d08bbabbf58b
Sebastian Grabowski [Tue, 3 Jun 2014 07:22:34 +0000 (09:22 +0200)]
Initial commit of DBCryptoModule
Change-Id: Id3c0714b86f4b49f0caa1c7cac18c00db81f3c23
Zofia Abramowska [Wed, 4 Jun 2014 12:52:17 +0000 (14:52 +0200)]
Fix assert.h file
Add missing <string> include
Change-Id: Id44ed232512b15e032a53cbec8c111f330980705
Zofia Abramowska [Thu, 29 May 2014 08:45:39 +0000 (10:45 +0200)]
Adapt SQLConnection to sqlcipher
Added public methods for key setting and resetting using
sqlcipher sqlite3_key and sqlite3_rekey functions.
Change-Id: I8a1136beb1bb9b962b72635c254eb211237fc851
Zofia Abramowska [Tue, 27 May 2014 14:45:11 +0000 (16:45 +0200)]
Add sqlcipher and SqlConnection
Change-Id: I546d89fb361dea033198cddc0a26fa1c847fb25c
Dongsun Lee [Wed, 4 Jun 2014 09:09:04 +0000 (18:09 +0900)]
remove not-used line
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dong Sun Lee [Mon, 2 Jun 2014 10:53:21 +0000 (19:53 +0900)]
Initial version of OCSP implementation
Change-Id: I5027fd53bac79248640b8052891ae35c768f7a12
Signed-off-by: Dong Sun Lee <ds73.lee@samsung.com>
kyungwook tak [Wed, 4 Jun 2014 06:57:34 +0000 (15:57 +0900)]
improve skmm dummy
Change-Id: I0ce6e5f8efc4a19993de2b984f515ec06d97a483
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Bartlomiej Grzelewski [Tue, 3 Jun 2014 16:16:47 +0000 (18:16 +0200)]
Add support for requestXXXAliasVector methods.
Change-Id: If2603c83f43586c400e3ff6750e0d88f61d32583
Bartlomiej Grzelewski [Tue, 3 Jun 2014 14:48:47 +0000 (16:48 +0200)]
All password are stored in std::string now.
Change-Id: I4032fc43493102d30d0c6d1c6f0edcbdd3f0f4de
Bartlomiej Grzelewski [Tue, 3 Jun 2014 14:05:16 +0000 (16:05 +0200)]
Replace RawData with RawBuffer.
Change-Id: Ie188a489c3b122bde1b725de2d21887bdd644a5a
Bartlomiej Grzelewski [Tue, 3 Jun 2014 12:26:06 +0000 (14:26 +0200)]
Move pc file to build directory.
Add dummy responses to Control protocol.
Change-Id: I76d44f1d0dc52daa455ea7283bfd2435715d3c7c
Bartlomiej Grzelewski [Tue, 3 Jun 2014 10:07:52 +0000 (12:07 +0200)]
Add support for UserData in client library.
Change-Id: Ibc4d261f20a85f019be4c1efac1fa4fd452c525f
Bartlomiej Grzelewski [Mon, 2 Jun 2014 15:16:59 +0000 (17:16 +0200)]
Add support for certificates.
* Implementation of Certificate.
* Implementation of CertificateImpl.
* Implementation of Manager.
* Port class Base64 from cert-svc.
Change-Id: I5d5a6c3ae3cdda15636f3876a9ee9e19f76b1e75
Bartlomiej Grzelewski [Mon, 2 Jun 2014 10:05:52 +0000 (12:05 +0200)]
Service implementation.
* Add support for ADD, GET, REMOVE commands.
* Rename StorageCommand to LogicCommand.
* Move KeyImpl from client library to common.
Change-Id: Icd86f5dd6f7442565e542d637bf6bda9fd389aa1
kyungwook tak [Mon, 2 Jun 2014 10:43:35 +0000 (19:43 +0900)]
remove \r tags added from windows editor
Change-Id: Ic07a5a843424a1db7b6f3fc2f3015593375b9e06
Signed-off-by: kyungwook tak <k.tak@samsung.com>
kyungwook tak [Mon, 2 Jun 2014 07:44:38 +0000 (16:44 +0900)]
key provider version alpha push
use ckm-key-provider-dummy instead of SKMM library.
dummy library uses xor to unwrap/wrap KEK/DEKs
It's for testing other modules, so it will be improved.
ckm-key-provider.h : SKMM header.
ckm-key-provider-dummy.c : implementation of SKMM dummy
key-provider.cpp : implementation of key-provider
key-aes empty constructor empty implementation added for key-provider
one of key-provider API member function name changed
(decryptDEK -> unwrapDEK)
please feedback at any points.
Change-Id: I5dea33d9bacc2c944ae14e77fd0c00c35bd136e1
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Bartlomiej Grzelewski [Fri, 30 May 2014 14:31:19 +0000 (16:31 +0200)]
Add Manager Implementation.
Change-Id: I12db0dc94a111eef089a2ad4d4ed2a5f3023e6ea
Bartlomiej Grzelewski [Fri, 30 May 2014 14:30:10 +0000 (16:30 +0200)]
Move KeyType to ckm-type.h header.
Change-Id: Ie64f36d6be132b84969bab9fe228be717d20de99
Bartlomiej Grzelewski [Fri, 30 May 2014 13:11:02 +0000 (15:11 +0200)]
Add replace /usr/include with %{_includedir} in spec file.
Change-Id: I4389b0cd3647aa50742bf4ca26b5d415877012ab
Bartlomiej Grzelewski [Fri, 30 May 2014 09:01:12 +0000 (11:01 +0200)]
Implementation of Key class.
Change-Id: Ie9b404a8fb5e5fc60f2c4e475337dc34b3b4860b
Bartlomiej Grzelewski [Tue, 27 May 2014 15:06:04 +0000 (17:06 +0200)]
Add service for control operations.
Change-Id: I3e33a962cbeddab29b9dcb61096e5896a2cc8946
Zofia Abramowska [Wed, 28 May 2014 10:52:22 +0000 (12:52 +0200)]
Fix domain name in spec
Change requested domain name from "Security" to "_"
due to segmentation fault in rpm.
Change-Id: I3734a03dc0aa43c48c67da044a8ec9e0de28c906
Zofia Abramowska [Mon, 26 May 2014 14:04:56 +0000 (16:04 +0200)]
Change namespace
Changing namespace CentralKeyManager to shorter version.
Change-Id: If0ce82ee574a0bb77c4c3e014cec60a2a37240ad
Zofia Abramowska [Mon, 26 May 2014 13:30:56 +0000 (15:30 +0200)]
Fix common library smack dependency
Missing smack dependency in CMakeLists for commons library
Change-Id: Ia1db61e20729f8fe16b316ffde2098aab99ea94e
kyungwook tak [Tue, 27 May 2014 00:36:15 +0000 (09:36 +0900)]
fix build error about include file name
Change-Id: Iddd3a9a4891a3e2cdb50b91ba2538247f8edb152
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Bartlomiej Grzelewski [Mon, 26 May 2014 14:44:59 +0000 (16:44 +0200)]
Add header files.
Add main header with api. Fix spec file. Add file with error codes.
Change-Id: Idca98151ee80e54b2a0cf2ac86c0f96188ddee73
Zofia Abramowska [Tue, 20 May 2014 14:15:10 +0000 (16:15 +0200)]
Add Echo service
Adding an example service for key-manager.
Change-Id: I72b30bed332785683fb104850a11b61c062ba8d1
Zofia Abramowska [Wed, 14 May 2014 16:39:57 +0000 (18:39 +0200)]
Initial commit
Change-Id: I4e7b15fdcfdc4f4fe6c0b9401d30b9dea038866f
SLP System [Wed, 14 May 2014 08:54:54 +0000 (17:54 +0900)]
Initial empty repository