From 6350c707508c9ac3fa63e96053d13d7078d3adb1 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Fri, 31 Mar 2023 12:14:39 +0200 Subject: [PATCH] Change code formatting in import/export wrapped key Change-Id: If8932f5f9b3a1f2cdb2003895b348b89b7a15321 --- src/include/ckm/ckm-manager.h | 6 ++-- src/manager/client-capi/ckmc-manager.cpp | 6 ++-- src/manager/client/client-manager-impl.cpp | 15 ++++----- src/manager/client/client-manager-impl.h | 2 +- src/manager/client/client-manager.cpp | 54 +++++++++++++++--------------- src/manager/crypto/sw-backend/obj.cpp | 17 ++++------ src/manager/crypto/sw-backend/obj.h | 2 +- src/manager/service/ckm-logic.cpp | 18 +++++----- src/manager/service/ckm-logic.h | 26 +++++++------- src/manager/service/ckm-service.cpp | 28 ++++++++-------- 10 files changed, 84 insertions(+), 90 deletions(-) diff --git a/src/include/ckm/ckm-manager.h b/src/include/ckm/ckm-manager.h index 8ce5dea..5eb3f17 100644 --- a/src/include/ckm/ckm-manager.h +++ b/src/include/ckm/ckm-manager.h @@ -176,13 +176,11 @@ public: const Alias &newKeyAlias, const Policy &newKeyPolicy); - static ManagerShPtr create(); - int importWrappedKey(const CryptoAlgorithm ¶ms, const Alias &wrappingKeyAlias, const Password &wrappingKeyPassword, const Alias &alias, - const RawBuffer &encryptedKey, + const RawBuffer &wrappedKey, const KeyType keyType, const Policy &policy); @@ -194,6 +192,8 @@ public: KeyType &keyType, RawBuffer &wrappedKey); + static ManagerShPtr create(); + private: std::unique_ptr m_impl; }; diff --git a/src/manager/client-capi/ckmc-manager.cpp b/src/manager/client-capi/ckmc-manager.cpp index e5fa0ec..083ee28 100644 --- a/src/manager/client-capi/ckmc-manager.cpp +++ b/src/manager/client-capi/ckmc-manager.cpp @@ -1083,11 +1083,9 @@ int ckmc_export_wrapped_key(const ckmc_param_list_h params, keyType, wrappedKey)); - - if (ret == CKMC_ERROR_NONE) { - ckmc_key_type_e ckmcKeyType = static_cast(keyType); - ret = ckmc_key_new(wrappedKey.data(), wrappedKey.size(), ckmcKeyType, nullptr, &wrapped_key); + ckmc_key_type_e key_type = static_cast(keyType); + ret = ckmc_key_new(wrappedKey.data(), wrappedKey.size(), key_type, nullptr, &wrapped_key); if (ret == CKMC_ERROR_NONE) *ppwrapped_key = wrapped_key; } diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp index d2d8534..8628daf 100644 --- a/src/manager/client/client-manager-impl.cpp +++ b/src/manager/client/client-manager-impl.cpp @@ -763,7 +763,7 @@ int Manager::Impl::importWrappedKey(const CryptoAlgorithm ¶ms, const Alias &wrappingKeyAlias, const Password &wrappingKeyPassword, const Alias &alias, - const RawBuffer &encryptedKey, + const RawBuffer &wrappedKey, const KeyType keyType, const Policy &policy) { @@ -776,15 +776,15 @@ int Manager::Impl::importWrappedKey(const CryptoAlgorithm ¶ms, LogicCommand::IMPORT_WRAPPED_KEY, m_storageConnection, CryptoAlgorithmSerializable(params), + wrapping_helper.getName(), + wrapping_helper.getOwner(), wrappingKeyPassword, - encryptedKey, - DataType(keyType), - PolicySerializable(policy), helper.getName(), helper.getOwner(), - wrapping_helper.getName(), - wrapping_helper.getOwner() - ).maybeDeserialize(); + wrappedKey, + DataType(keyType), + PolicySerializable(policy) + ).maybeDeserialize(); EXCEPTION_GUARD_END } @@ -831,5 +831,4 @@ int Manager::Impl::exportWrappedKey(const CryptoAlgorithm ¶ms, EXCEPTION_GUARD_END } - } // namespace CKM diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h index 91e5732..b63598c 100644 --- a/src/manager/client/client-manager-impl.h +++ b/src/manager/client/client-manager-impl.h @@ -145,7 +145,7 @@ public: const Alias &wrappingKeyAlias, const Password &wrappingKeyPassword, const Alias &alias, - const RawBuffer &encryptedKey, + const RawBuffer &wrappedKey, const KeyType keyType, const Policy &policy); diff --git a/src/manager/client/client-manager.cpp b/src/manager/client/client-manager.cpp index 8ef76bb..4d9fcd6 100644 --- a/src/manager/client/client-manager.cpp +++ b/src/manager/client/client-manager.cpp @@ -251,26 +251,6 @@ int Manager::verifySignature( cAlg); } -int Manager::importWrappedKey( - const CryptoAlgorithm ¶ms, - const Alias &wrappingKeyAlias, - const Password &wrappingKeyPassword, - const Alias &alias, - const RawBuffer &encryptedKey, - const KeyType keyType, - const Policy &policy) -{ - return m_impl->importWrappedKey( - params, - wrappingKeyAlias, - wrappingKeyPassword, - alias, - encryptedKey, - keyType, - policy - ); -} - int Manager::ocspCheck(const CertificateShPtrVector &certificateChainVector, int &ocspStatus) { @@ -314,14 +294,24 @@ int Manager::deriveKey(const CryptoAlgorithm &algo, return m_impl->deriveKey(algo, secretAlias, secretPassword, newKeyAlias, newKeyPolicy); } -ManagerShPtr Manager::create() +int Manager::importWrappedKey( + const CryptoAlgorithm ¶ms, + const Alias &wrappingKeyAlias, + const Password &wrappingKeyPassword, + const Alias &alias, + const RawBuffer &wrappedKey, + const KeyType keyType, + const Policy &policy) { - try { - return std::make_shared(); - } catch (...) { - LogError("Exception occured in Manager::create"); - throw; - } + return m_impl->importWrappedKey( + params, + wrappingKeyAlias, + wrappingKeyPassword, + alias, + wrappedKey, + keyType, + policy + ); } int Manager::exportWrappedKey( @@ -344,4 +334,14 @@ int Manager::exportWrappedKey( ); } +ManagerShPtr Manager::create() +{ + try { + return std::make_shared(); + } catch (...) { + LogError("Exception occured in Manager::create"); + throw; + } +} + } // namespace CKM diff --git a/src/manager/crypto/sw-backend/obj.cpp b/src/manager/crypto/sw-backend/obj.cpp index a120cc6..49d0616 100644 --- a/src/manager/crypto/sw-backend/obj.cpp +++ b/src/manager/crypto/sw-backend/obj.cpp @@ -67,18 +67,18 @@ Token BData::derive(const CryptoAlgorithm &alg, const Password &pass, const RawB } Token Key::unwrap(const CryptoAlgorithm ¶ms, - const Data &encryptedKey, + const Data &wrappedKey, const Password &pass, const RawBuffer &) { - auto decrypted = decrypt(params, encryptedKey.data); + auto decrypted = decrypt(params, wrappedKey.data); - if (!encryptedKey.type.isKey()) { + if (!wrappedKey.type.isKey()) { ThrowErr(Exc::Crypto::InputParam, "Wrapped data is not a key"); } // validate the decrypted key - if (encryptedKey.type.isSKey()) { + if (wrappedKey.type.isSKey()) { auto tmp = CKM::Key::createAES(decrypted); if (!tmp) ThrowErr(Exc::Crypto::InputParam, "Wrapped data is not a valid AES key"); @@ -87,18 +87,17 @@ Token Key::unwrap(const CryptoAlgorithm ¶ms, if (!tmp) ThrowErr(Exc::Crypto::InputParam, "Wrapped data is not a valid asymmetric key"); - if (encryptedKey.type != DataType(tmp->getType())) + if (wrappedKey.type != DataType(tmp->getType())) ThrowErr(Exc::Crypto::InputParam, "Wrapped key type does not match the required one"); } - return Token(backendId(), encryptedKey.type, Store::pack(decrypted, pass)); + return Token(backendId(), wrappedKey.type, Store::pack(decrypted, pass)); } RawBuffer Key::wrap(const CryptoAlgorithm ¶ms, const Token &keyToWrap, const Password &keyToWrapPass) { - RawBuffer data = Store::unpack(keyToWrap.data, keyToWrapPass); return encrypt(params, data); } @@ -233,9 +232,7 @@ Token Cert::unwrap(const CryptoAlgorithm &, const Data &, const Password &, cons ThrowErr(Exc::Crypto::OperationNotSupported); } -RawBuffer Cert::wrap(const CryptoAlgorithm &, - const Token &, - const Password &) +RawBuffer Cert::wrap(const CryptoAlgorithm &, const Token &, const Password &) { ThrowErr(Exc::Crypto::OperationNotSupported); } diff --git a/src/manager/crypto/sw-backend/obj.h b/src/manager/crypto/sw-backend/obj.h index 16b801a..945a85f 100644 --- a/src/manager/crypto/sw-backend/obj.h +++ b/src/manager/crypto/sw-backend/obj.h @@ -54,7 +54,7 @@ class Key : public BData { using BData::BData; Token unwrap(const CryptoAlgorithm ¶ms, - const Data &encryptedKey, + const Data &wrappedKey, const Password &pass, const RawBuffer &hash) override; diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index d931083..de74c47 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -1569,16 +1569,16 @@ RawBuffer CKMLogic::importWrappedKey( const Name &wrappingKeyName, const ClientId &wrappingKeyOwner, const Password &wrappingKeyPassword, - const Name &encryptedKeyName, - const ClientId &encryptedKeyOwner, - const RawBuffer &encryptedKey, - const CKM::DataType encryptedKeyType, - const PolicySerializable &encryptedKeyPolicy) + const Name &keyName, + const ClientId &keyOwner, + const RawBuffer &wrappedKey, + const CKM::DataType keyType, + const PolicySerializable &policy) { return SerializeMessage(msgId, tryRet([&] { Crypto::GObjUPtr wrappingKey; - auto [dbOp, digest, retCode] = beginSaveAndGetHash(cred, encryptedKeyName, encryptedKeyOwner); + auto [dbOp, digest, retCode] = beginSaveAndGetHash(cred, keyName, keyOwner); if (retCode != CKM_API_SUCCESS) return retCode; @@ -1588,11 +1588,11 @@ RawBuffer CKMLogic::importWrappedKey( return retCode; Token token = wrappingKey->unwrap(params, - Crypto::Data(encryptedKeyType, std::move(encryptedKey)), - encryptedKeyPolicy.password, + Crypto::Data(keyType, std::move(wrappedKey)), + policy.password, digest); - dbOp.finalize(std::move(token), encryptedKeyPolicy); + dbOp.finalize(std::move(token), policy); return retCode; })); diff --git a/src/manager/service/ckm-logic.h b/src/manager/service/ckm-logic.h index b87848b..933ba08 100644 --- a/src/manager/service/ckm-logic.h +++ b/src/manager/service/ckm-logic.h @@ -202,6 +202,19 @@ public: const ClientId &newKeyOwner, const Policy &newKeyPolicy); + RawBuffer importWrappedKey( + const Credentials &cred, + const int msgId, + const CryptoAlgorithm ¶ms, + const Name &wrappingKeyName, + const ClientId &wrappingKeyOwner, + const Password &wrappingKeyPassword, + const Name &keyName, + const ClientId &keyOwner, + const RawBuffer &wrappedKey, + const CKM::DataType keyType, + const PolicySerializable &policy); + RawBuffer exportWrappedKey( const Credentials &cred, const int msgID, @@ -242,19 +255,6 @@ public: int unlockSystemDB(); - RawBuffer importWrappedKey( - const Credentials &cred, - const int msgId, - const CryptoAlgorithm ¶ms, - const Name &wrappingKeyName, - const ClientId &wrappingKeyOwner, - const Password &wrappingKeyPassword, - const Name &encryptedKeyName, - const ClientId &encryptedKeyOwner, - const RawBuffer &encryptedKey, - const CKM::DataType encryptedKeyType, - const PolicySerializable &encryptedKeyPolicy); - private: // select private/system database depending on asking uid and owner id. // output: database handler for effective owner diff --git a/src/manager/service/ckm-service.cpp b/src/manager/service/ckm-service.cpp index 5c52e09..71899ab 100644 --- a/src/manager/service/ckm-service.cpp +++ b/src/manager/service/ckm-service.cpp @@ -463,20 +463,20 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer) Name wrappingKeyName; ClientId wrappingKeyOwner; Password wrappingKeyPassword; - Name encryptedKeyName; - RawBuffer encryptedKey; - CKM::DataType encryptedKeyType; - PolicySerializable encryptedKeyPolicy; + Name keyName; + RawBuffer wrappedKey; + CKM::DataType keyType; + PolicySerializable policy; buffer.Deserialize(params, + wrappingKeyName, + wrappingKeyOwner, wrappingKeyPassword, - encryptedKey, - encryptedKeyType, - encryptedKeyPolicy, - encryptedKeyName, + keyName, explicitOwner, - wrappingKeyName, - wrappingKeyOwner); + wrappedKey, + keyType, + policy); return m_logic->importWrappedKey( cred, @@ -485,11 +485,11 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer) wrappingKeyName, cred.effectiveOwner(wrappingKeyOwner), wrappingKeyPassword, - encryptedKeyName, + keyName, cred.effectiveOwner(explicitOwner), - encryptedKey, - encryptedKeyType, - encryptedKeyPolicy); + wrappedKey, + keyType, + policy); } case LogicCommand::EXPORT_WRAPPED_KEY: { -- 2.7.4