From f276ff47c33de7fa301be35ed743d1a4a9313e93 Mon Sep 17 00:00:00 2001 From: Przemyslaw Ciezkowski Date: Mon, 4 May 2015 12:25:43 +0200 Subject: [PATCH] [KeyManager] createSignature and verifySiganture [Verification] var privpsswd = "priv_password"; var privKeyAlias = "priv20"; var pubKeyAlias = "pub20"; var myPrivKey = new tizen.Key(privKeyAlias, privpsswd, false); var myPubKey = new tizen.Key(pubKeyAlias, null, true); var testMessage = "MTIzNDU2Nzg5MA=="; function onCreateSignatureSuccess(signature) { console.log("Successfully created signature: " + signature); tizen.keymanager.verifySignature(signature, testMessage, pubKeyAlias, "HASH_SHA1", "PADDING_PKCS1", null, function() { console.log('ok'); },function(e) { console.log(e.code); console.log(e.message); }); } function onGenerateSuccess() { tizen.keymanager.createSignature(testMessage, privKeyAlias, "HASH_SHA1", "PADDING_PKCS1", privpsswd, onCreateSignatureSuccess, function(e) { console.log(e.code); console.log(e.message); }); } tizen.keymanager.generateKeyPair(myPrivKey, myPubKey, "RSA", "2048", onGenerateSuccess); Change-Id: I51207ceeab690cfae74745f01414dcadef9d43f8 Signed-off-by: Przemyslaw Ciezkowski --- src/keymanager/keymanager_instance.cc | 132 ++++++++++++++++++++++--- src/keymanager/keymanager_instance.h | 4 + src/keymanager/keymanager_observers.cc | 47 +++++++++ src/keymanager/keymanager_observers.h | 15 +++ 4 files changed, 183 insertions(+), 15 deletions(-) diff --git a/src/keymanager/keymanager_instance.cc b/src/keymanager/keymanager_instance.cc index d421c1f8..35f1b90e 100644 --- a/src/keymanager/keymanager_instance.cc +++ b/src/keymanager/keymanager_instance.cc @@ -54,6 +54,10 @@ KeyManagerInstance::KeyManagerInstance() { std::bind(&KeyManagerInstance::RemoveData, this, _1, _2)); RegisterSyncHandler("KeyManager_getData", std::bind(&KeyManagerInstance::GetData, this, _1, _2)); + RegisterSyncHandler("KeyManager_createSignature", + std::bind(&KeyManagerInstance::CreateSignature, this, _1, _2)); + RegisterSyncHandler("KeyManager_verifySignature", + std::bind(&KeyManagerInstance::VerifySignature, this, _1, _2)); } KeyManagerInstance::~KeyManagerInstance() { @@ -105,6 +109,15 @@ void KeyManagerInstance::GetDataAliasList(const picojson::value& args, out); } +CKM::RawBuffer Base64ToRawBuffer(const std::string base64) { + gsize len = 0; + guchar* raw_data = g_base64_decode(base64.c_str(), &len); + CKM::RawBuffer rawBuffer; + rawBuffer.assign(raw_data, raw_data + len); + g_free(raw_data); + return rawBuffer; +} + void KeyManagerInstance::SaveKey(const picojson::value& args, picojson::object& out) { LoggerD("Enter"); @@ -120,11 +133,7 @@ void KeyManagerInstance::SaveKey(const picojson::value& args, opt.set_multiline(true); //remove first line and last line pcrecpp::RE("-----[^-]*-----", opt).GlobalReplace("", &base64); - gsize len = 0; - guchar* raw_data = g_base64_decode(base64.c_str(), &len); - CKM::RawBuffer raw_buffer; - raw_buffer.assign(raw_data, raw_data + len); - g_free(raw_data); + CKM::RawBuffer raw_buffer = Base64ToRawBuffer(base64); CKM::Password pass(password.c_str()); CKM::KeyShPtr key = CKM::Key::create(raw_buffer, pass); CKM::Policy policy(pass, key_object.get("extractable").get()); @@ -374,11 +383,7 @@ void KeyManagerInstance::SaveCert(std::string &base64, opt.set_multiline(true); //remove first line and last line pcrecpp::RE("-----[^-]*-----", opt).GlobalReplace("", &base64); - gsize len = 0; - guchar* rawData = g_base64_decode(base64.c_str(), &len); - CKM::RawBuffer rawBuffer; - rawBuffer.assign(rawData, rawData + len); - g_free(rawData); + CKM::RawBuffer rawBuffer = Base64ToRawBuffer(base64); CKM::Password pass(password.c_str()); CKM::CertificateShPtr cert = CKM::Certificate::create(rawBuffer, CKM::DataFormat::FORM_DER); @@ -465,11 +470,7 @@ void KeyManagerInstance::SaveData(const picojson::value& args, } std::string base64 = args.get("rawData").get(); - gsize len = 0; - guchar* raw_data = g_base64_decode(base64.c_str(), &len); - CKM::RawBuffer raw_buffer; - raw_buffer.assign(raw_data, raw_data + len); - g_free(raw_data); + CKM::RawBuffer raw_buffer = Base64ToRawBuffer(base64); CKM::Password pass(password.c_str()); CKM::Policy policy(pass, data.get("extractable").get()); CKM::ManagerAsync::ObserverPtr observer(new SaveDataObserver(this, @@ -540,5 +541,106 @@ void KeyManagerInstance::GetData(const picojson::value& args, } } +CKM::HashAlgorithm StringToHashAlgorithm(const std::string &hashAlgorithmType) { + using CKM::HashAlgorithm; + if (hashAlgorithmType == "HASH_SHA1") { + return HashAlgorithm::SHA1; + } else if (hashAlgorithmType == "HASH_SHA256") { + return HashAlgorithm::SHA256; + } else if (hashAlgorithmType == "HASH_SHA384") { + return HashAlgorithm::SHA384; + } else if (hashAlgorithmType == "HASH_SHA512") { + return HashAlgorithm::SHA512; + } + return HashAlgorithm::NONE; +} + +CKM::RSAPaddingAlgorithm StringToRSAPadding(const std::string &padding) { + if (padding == "PADDING_PKCS1") { + return CKM::RSAPaddingAlgorithm::PKCS1; + } + return CKM::RSAPaddingAlgorithm::X931; +} + +void KeyManagerInstance::CreateSignature(const picojson::value& args, + picojson::object& out) { + LoggerD("Enter"); + + using CKM::HashAlgorithm; + using CKM::RSAPaddingAlgorithm; + const std::string& alias = args.get("privKeyAlias").get(); + std::string base64 = args.get("message").get(); + CKM::Password pass; + if (args.get("password").is()) { + pass = args.get("password").get().c_str(); + } + CKM::RawBuffer raw_buffer = Base64ToRawBuffer(base64); + HashAlgorithm hash = StringToHashAlgorithm( + args.get("hashAlgorithmType").get()); + RSAPaddingAlgorithm alg = StringToRSAPadding( + args.get("padding").get()); + CKM::ManagerAsync::ObserverPtr observer(new CreateSignatureObserver(this, + args.get("callbackId").get())); + m_manager.createSignature(observer, alias, pass, raw_buffer, hash, alg); + + ReportSuccess(out); +} + +void KeyManagerInstance::OnCreateSignature(double callbackId, + const common::PlatformResult& result, CKM::RawBuffer buffer) { + LoggerD("Enter"); + + picojson::value::object dict; + dict["callbackId"] = picojson::value(callbackId); + if (result.IsError()) { + LoggerE("There was an error"); + ReportError(result, &dict); + } else { + dict["result"] = picojson::value(RawBufferToBase64(buffer)); + } + picojson::value res(dict); + PostMessage(res.serialize().c_str()); +} + +void KeyManagerInstance::VerifySignature(const picojson::value& args, picojson::object& out) { + LoggerD("Enter"); + using CKM::HashAlgorithm; + using CKM::RSAPaddingAlgorithm; + + const std::string& alias = args.get("pubKeyAlias").get(); + const std::string& message_string = args.get("message").get(); + const std::string& signature_string = args.get("signature").get(); + CKM::Password pass; + if (args.get("password").is()) { + pass = args.get("password").get().c_str(); + } + CKM::RawBuffer message = Base64ToRawBuffer(message_string); + CKM::RawBuffer signature = Base64ToRawBuffer(signature_string); + + HashAlgorithm hash = StringToHashAlgorithm( + args.get("hashAlgorithmType").get()); + RSAPaddingAlgorithm alg = StringToRSAPadding( + args.get("padding").get()); + CKM::ManagerAsync::ObserverPtr observer(new VerifySignatureObserver(this, + args.get("callbackId").get())); + m_manager.verifySignature(observer, alias, pass, message, signature, hash, alg); + + ReportSuccess(out); +} + +void KeyManagerInstance::OnVerifySignature(double callbackId, + const common::PlatformResult& result) { + LoggerD("Enter"); + + picojson::value::object dict; + dict["callbackId"] = picojson::value(callbackId); + if (result.IsError()) { + LoggerE("There was an error"); + ReportError(result, &dict); + } + picojson::value res(dict); + PostMessage(res.serialize().c_str()); +} + } // namespace keymanager } // namespace extension diff --git a/src/keymanager/keymanager_instance.h b/src/keymanager/keymanager_instance.h index c25377de..fa15037e 100644 --- a/src/keymanager/keymanager_instance.h +++ b/src/keymanager/keymanager_instance.h @@ -25,6 +25,8 @@ class KeyManagerInstance : void OnCertFileLoaded(LoadFileCert* reader, const common::PlatformResult& result); void OnSaveData(double callbackId, const common::PlatformResult& result); + void OnCreateSignature(double callbackId, const common::PlatformResult& result, CKM::RawBuffer buffer); + void OnVerifySignature(double callbackId, const common::PlatformResult& result); private: void GetAliasList(std::function coreFunc, picojson::object& out); @@ -49,6 +51,8 @@ class KeyManagerInstance : void SaveData(const picojson::value& args, picojson::object& out); void RemoveData(const picojson::value& args, picojson::object& out); void GetData(const picojson::value& args, picojson::object& out); + void CreateSignature(const picojson::value& args, picojson::object& out); + void VerifySignature(const picojson::value& args, picojson::object& out); CKM::ManagerAsync m_manager; }; diff --git a/src/keymanager/keymanager_observers.cc b/src/keymanager/keymanager_observers.cc index ee0642a8..9509de91 100644 --- a/src/keymanager/keymanager_observers.cc +++ b/src/keymanager/keymanager_observers.cc @@ -210,5 +210,52 @@ void SaveDataObserver::ReceivedSaveData() { PlatformResult(ErrorCode::NO_ERROR))); } +CreateSignatureObserver::CreateSignatureObserver(KeyManagerListener* listener, double callbackId): + CommonObserver(listener, callbackId) { +} + +void CreateSignatureObserver::ReceivedError(int error) { + LoggerD("Enter, error: %d", error); + ErrorCode code = ErrorCode::UNKNOWN_ERR; + if (error == CKM_API_ERROR_INPUT_PARAM) { + code = ErrorCode::INVALID_VALUES_ERR; + } + CKM::RawBuffer empty; + common::TaskQueue::GetInstance().Async(std::bind( + &KeyManagerListener::OnCreateSignature, listener, callbackId, + PlatformResult(code, "Failed to create signature"), empty)); +} + +void CreateSignatureObserver::ReceivedCreateSignature(CKM::RawBuffer&& buffer) { + LoggerD("Enter"); + common::TaskQueue::GetInstance().Async(std::bind( + &KeyManagerListener::OnCreateSignature, listener, callbackId, + PlatformResult(ErrorCode::NO_ERROR), buffer)); +} + +VerifySignatureObserver::VerifySignatureObserver(KeyManagerListener* listener, double callbackId): + CommonObserver(listener, callbackId) { +} + +void VerifySignatureObserver::ReceivedError(int error) { + LoggerD("Enter, error: %d", error); + ErrorCode code = ErrorCode::UNKNOWN_ERR; + if (error == CKM_API_ERROR_INPUT_PARAM) { + code = ErrorCode::INVALID_VALUES_ERR; + } else if (error == CKM_API_ERROR_VERIFICATION_FAILED) { + code = ErrorCode::VALIDATION_ERR; + } + common::TaskQueue::GetInstance().Async(std::bind( + &KeyManagerListener::OnVerifySignature, listener, callbackId, + PlatformResult(code, "Siganture verification failed"))); +} + +void VerifySignatureObserver::ReceivedVerifySignature() { + LoggerD("Enter"); + common::TaskQueue::GetInstance().Async(std::bind( + &KeyManagerListener::OnVerifySignature, listener, callbackId, + PlatformResult(ErrorCode::NO_ERROR))); +} + } // namespace keymanager } // namespace extension diff --git a/src/keymanager/keymanager_observers.h b/src/keymanager/keymanager_observers.h index 68a6ef08..912e2e73 100644 --- a/src/keymanager/keymanager_observers.h +++ b/src/keymanager/keymanager_observers.h @@ -7,6 +7,7 @@ #include #include +#include #include "common/platform_result.h" namespace extension { @@ -22,6 +23,8 @@ public: virtual void OnCertFileLoaded(LoadFileCert* reader, const common::PlatformResult& result) = 0; virtual void OnSaveData(double callbackId, const common::PlatformResult& result) = 0; + virtual void OnCreateSignature(double callbackId, const common::PlatformResult& result, CKM::RawBuffer buffer) = 0; + virtual void OnVerifySignature(double callbackId, const common::PlatformResult& result) = 0; virtual ~KeyManagerListener() {} }; @@ -89,6 +92,18 @@ struct SaveDataObserver: public CommonObserver { void ReceivedSaveData(); }; +struct CreateSignatureObserver: public CommonObserver { + CreateSignatureObserver(KeyManagerListener* listener, double callbackId); + void ReceivedError(int error); + void ReceivedCreateSignature(CKM::RawBuffer&&); +}; + +struct VerifySignatureObserver: public CommonObserver { + VerifySignatureObserver(KeyManagerListener* listener, double callbackId); + void ReceivedError(int error); + void ReceivedVerifySignature(); +}; + } // namespace keymanager } // namespace extension -- 2.34.1