projects / platform / core / security / key-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add encryption service
[platform/core/security/key-manager.git] / src / manager / client / client-manager-impl.cpp
1 /* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
2  *
3  *  Licensed under the Apache License, Version 2.0 (the "License");
4  *  you may not use this file except in compliance with the License.
5  *  You may obtain a copy of the License at
6  *
7  *      http://www.apache.org/licenses/LICENSE-2.0
8  *
9  *  Unless required by applicable law or agreed to in writing, software
10  *  distributed under the License is distributed on an "AS IS" BASIS,
11  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  *  See the License for the specific language governing permissions and
13  *  limitations under the License
14  *
15  *
16  * @file        client-manager-impl.cpp
17  * @author      Bartlomiej Grzelewski (b.grzelewski@samsung.com)
18  * @version     1.0
19  * @brief       Manager implementation.
20  */
21 #include <openssl/evp.h>
22
23 #include <dpl/serialization.h>
24 #include <dpl/log/log.h>
25
26 #include <crypto-init.h>
27 #include <client-manager-impl.h>
28 #include <client-common.h>
29 #include <message-buffer.h>
30 #include <protocols.h>
31 #include <key-impl.h>
32 #include <key-aes-impl.h>
33 #include <certificate-impl.h>
34
35 namespace CKM {
36
37 namespace {
38 template <class T>
39 int getCertChain(
40     ServiceConnection & serviceConnection,
41     LogicCommand command,
42     int counter,
43     const CertificateShPtr &certificate,
44     const T &untrustedVector,
45     const T &trustedVector,
46     bool useTrustedSystemCertificates,
47     CertificateShPtrVector &certificateChainVector)
48 {
49     return try_catch([&] {
50
51         MessageBuffer recv;
52         auto send = MessageBuffer::Serialize(static_cast<int>(command),
53                                              counter,
54                                              certificate->getDER(),
55                                              untrustedVector,
56                                              trustedVector,
57                                              useTrustedSystemCertificates);
58
59         int retCode = serviceConnection.processRequest(send.Pop(), recv);
60         if (CKM_API_SUCCESS != retCode)
61             return retCode;
62
63         int retCommand;
64         int retCounter;
65         RawBufferVector rawBufferVector;
66         recv.Deserialize(retCommand, retCounter, retCode, rawBufferVector);
67
68         if ((counter != retCounter) || (static_cast<int>(command) != retCommand)) {
69             return CKM_API_ERROR_UNKNOWN;
70         }
71
72         if (retCode != CKM_API_SUCCESS) {
73             return retCode;
74         }
75
76         for (auto &e: rawBufferVector) {
77             CertificateShPtr cert(new CertificateImpl(e, DataFormat::FORM_DER));
78             if (cert->empty())
79                 return CKM_API_ERROR_BAD_RESPONSE;
80             certificateChainVector.push_back(cert);
81         }
82
83         return retCode;
84     });
85 }
86
87 } // namespace anonymous
88
89 ManagerImpl::ManagerImpl()
90   : m_counter(0),
91     m_storageConnection(SERVICE_SOCKET_CKM_STORAGE),
92     m_ocspConnection(SERVICE_SOCKET_OCSP),
93     m_encryptionConnection(SERVICE_SOCKET_ENCRYPTION)
94 {
95     initCryptoLib();
96 }
97
98
99 int ManagerImpl::saveBinaryData(
100     const Alias &alias,
101     DataType dataType,
102     const RawBuffer &rawData,
103     const Policy &policy)
104 {
105     int my_counter = ++m_counter;
106
107     return try_catch([&] {
108         if (alias.empty() || rawData.empty())
109             return CKM_API_ERROR_INPUT_PARAM;
110
111         MessageBuffer recv;
112         AliasSupport helper(alias);
113         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SAVE),
114                                              my_counter,
115                                              static_cast<int>(dataType),
116                                              helper.getName(),
117                                              helper.getLabel(),
118                                              rawData,
119                                              PolicySerializable(policy));
120
121         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
122         if (CKM_API_SUCCESS != retCode)
123             return retCode;
124
125         int command;
126         int counter;
127         int opType;
128         recv.Deserialize(command, counter, retCode, opType);
129
130         if (counter != my_counter)
131             return CKM_API_ERROR_UNKNOWN;
132
133         return retCode;
134     });
135 }
136
137 int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) {
138     if (key.get() == NULL)
139         return CKM_API_ERROR_INPUT_PARAM;
140     Try {
141         return saveBinaryData(alias, DataType(key->getType()), key->getDER(), policy);
142     } Catch (DataType::Exception::Base) {
143         LogError("Error in key conversion. Could not convert KeyType::NONE to DBDataType!");
144     }
145     return CKM_API_ERROR_INPUT_PARAM;
146 }
147
148 int ManagerImpl::saveCertificate(
149     const Alias &alias,
150     const CertificateShPtr &cert,
151     const Policy &policy)
152 {
153     if (cert.get() == NULL)
154         return CKM_API_ERROR_INPUT_PARAM;
155     return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy);
156 }
157
158 int ManagerImpl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) {
159     if (!policy.extractable)
160         return CKM_API_ERROR_INPUT_PARAM;
161     return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy);
162 }
163
164
165 int ManagerImpl::savePKCS12(
166     const Alias & alias,
167     const PKCS12ShPtr &pkcs,
168     const Policy &keyPolicy,
169     const Policy &certPolicy)
170 {
171     if (alias.empty() || pkcs.get()==NULL)
172         return CKM_API_ERROR_INPUT_PARAM;
173
174     int my_counter = ++m_counter;
175
176     return try_catch([&] {
177         MessageBuffer recv;
178         AliasSupport helper(alias);
179         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SAVE_PKCS12),
180                                              my_counter,
181                                              helper.getName(),
182                                              helper.getLabel(),
183                                              PKCS12Serializable(*pkcs.get()),
184                                              PolicySerializable(keyPolicy),
185                                              PolicySerializable(certPolicy));
186
187         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
188         if (CKM_API_SUCCESS != retCode)
189             return retCode;
190
191         int command;
192         int counter;
193         recv.Deserialize(command, counter, retCode);
194
195         if (counter != my_counter)
196             return CKM_API_ERROR_UNKNOWN;
197
198         return retCode;
199     });
200 }
201
202 int ManagerImpl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs)
203 {
204     return getPKCS12(alias, Password(), Password(), pkcs);
205 }
206
207 int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs)
208 {
209     if (alias.empty())
210         return CKM_API_ERROR_INPUT_PARAM;
211
212     int my_counter = ++m_counter;
213
214     return try_catch([&] {
215         MessageBuffer recv;
216         AliasSupport helper(alias);
217         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET_PKCS12),
218                                              my_counter,
219                                              helper.getName(),
220                                              helper.getLabel(),
221                                              keyPass,
222                                              certPass);
223
224         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
225         if (CKM_API_SUCCESS != retCode)
226             return retCode;
227
228         int command;
229         int counter;
230         PKCS12Serializable gotPkcs;
231         recv.Deserialize(command, counter, retCode, gotPkcs);
232
233         if (counter != my_counter)
234             return CKM_API_ERROR_UNKNOWN;
235
236         pkcs = std::make_shared<PKCS12Impl>(std::move(gotPkcs));
237
238         return retCode;
239     });
240 }
241
242
243 int ManagerImpl::removeAlias(const Alias &alias)
244 {
245     if (alias.empty())
246         return CKM_API_ERROR_INPUT_PARAM;
247
248     int my_counter = ++m_counter;
249
250     return try_catch([&] {
251         MessageBuffer recv;
252         AliasSupport helper(alias);
253         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::REMOVE),
254                                              my_counter,
255                                              helper.getName(),
256                                              helper.getLabel());
257
258         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
259         if (CKM_API_SUCCESS != retCode)
260             return retCode;
261
262         int command;
263         int counter;
264         recv.Deserialize(command, counter, retCode);
265
266         if (counter != my_counter)
267             return CKM_API_ERROR_UNKNOWN;
268
269         return retCode;
270     });
271 }
272
273 int ManagerImpl::getBinaryData(
274     const Alias &alias,
275     DataType sendDataType,
276     const Password &password,
277     DataType &recvDataType,
278     RawBuffer &rawData)
279 {
280     if (alias.empty())
281         return CKM_API_ERROR_INPUT_PARAM;
282
283     int my_counter = ++m_counter;
284
285     return try_catch([&] {
286         MessageBuffer recv;
287         AliasSupport helper(alias);
288         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET),
289                                              my_counter,
290                                              static_cast<int>(sendDataType),
291                                              helper.getName(),
292                                              helper.getLabel(),
293                                              password);
294
295         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
296         if (CKM_API_SUCCESS != retCode)
297             return retCode;
298
299         int command;
300         int counter;
301         int tmpDataType;
302         recv.Deserialize(command, counter, retCode, tmpDataType, rawData);
303         recvDataType = DataType(tmpDataType);
304
305         if (counter != my_counter)
306             return CKM_API_ERROR_UNKNOWN;
307
308         return retCode;
309     });
310 }
311
312 int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) {
313     DataType recvDataType;
314     RawBuffer rawData;
315
316     int retCode = getBinaryData(
317         alias,
318         DataType::KEY_RSA_PUBLIC,
319         password,
320         recvDataType,
321         rawData);
322
323     if (retCode != CKM_API_SUCCESS)
324         return retCode;
325
326     KeyShPtr keyParsed;
327     if(DataType::KEY_AES == recvDataType)
328         keyParsed = KeyShPtr(new KeyAESImpl(rawData));
329     else
330         keyParsed = KeyShPtr(new KeyImpl(rawData));
331
332     if (keyParsed->empty()) {
333         LogDebug("Key empty - failed to parse!");
334         return CKM_API_ERROR_BAD_RESPONSE;
335     }
336
337     key = keyParsed;
338
339     return CKM_API_SUCCESS;
340 }
341
342 int ManagerImpl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert)
343 {
344     DataType recvDataType;
345     RawBuffer rawData;
346
347     int retCode = getBinaryData(
348         alias,
349         DataType::CERTIFICATE,
350         password,
351         recvDataType,
352         rawData);
353
354     if (retCode != CKM_API_SUCCESS)
355         return retCode;
356
357     if (recvDataType != DataType::CERTIFICATE)
358         return CKM_API_ERROR_BAD_RESPONSE;
359
360     CertificateShPtr certParsed(new CertificateImpl(rawData, DataFormat::FORM_DER));
361
362     if (certParsed->empty())
363         return CKM_API_ERROR_BAD_RESPONSE;
364
365     cert = certParsed;
366
367     return CKM_API_SUCCESS;
368 }
369
370 int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer &rawData)
371 {
372     DataType recvDataType = DataType::BINARY_DATA;
373
374     int retCode = getBinaryData(
375         alias,
376         DataType::BINARY_DATA,
377         password,
378         recvDataType,
379         rawData);
380
381     if (retCode != CKM_API_SUCCESS)
382         return retCode;
383
384     if (recvDataType != DataType::BINARY_DATA)
385         return CKM_API_ERROR_BAD_RESPONSE;
386
387     return CKM_API_SUCCESS;
388 }
389
390 int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector)
391 {
392     int my_counter = ++m_counter;
393
394     return try_catch([&] {
395         MessageBuffer recv;
396         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::GET_LIST),
397                                              my_counter,
398                                              static_cast<int>(dataType));
399
400         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
401         if (CKM_API_SUCCESS != retCode)
402             return retCode;
403
404         int command;
405         int counter;
406         int tmpDataType;
407         LabelNameVector labelNameVector;
408         recv.Deserialize(command, counter, retCode, tmpDataType, labelNameVector);
409         if ((command != static_cast<int>(LogicCommand::GET_LIST)) || (counter != my_counter)) {
410             return CKM_API_ERROR_UNKNOWN;
411         }
412
413         for(const auto &it : labelNameVector)
414             aliasVector.push_back( AliasSupport::merge(it.first, it.second) );
415
416         return retCode;
417     });
418 }
419
420 int ManagerImpl::getKeyAliasVector(AliasVector &aliasVector) {
421     // in fact datatype has no meaning here - if not certificate or binary data
422     // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST
423     return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector);
424 }
425
426 int ManagerImpl::getCertificateAliasVector(AliasVector &aliasVector) {
427     return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector);
428 }
429
430 int ManagerImpl::getDataAliasVector(AliasVector &aliasVector) {
431     return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector);
432 }
433
434 int ManagerImpl::createKeyPairRSA(
435     const int size,
436     const Alias &privateKeyAlias,
437     const Alias &publicKeyAlias,
438     const Policy &policyPrivateKey,
439     const Policy &policyPublicKey)
440 {
441     return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
442 }
443
444 int ManagerImpl::createKeyPairDSA(
445     const int size,
446     const Alias &privateKeyAlias,
447     const Alias &publicKeyAlias,
448     const Policy &policyPrivateKey,
449     const Policy &policyPublicKey)
450 {
451     return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
452 }
453
454 int ManagerImpl::createKeyPairECDSA(
455     ElipticCurve type,
456     const Alias &privateKeyAlias,
457     const Alias &publicKeyAlias,
458     const Policy &policyPrivateKey,
459     const Policy &policyPublicKey)
460 {
461     return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, static_cast<int>(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey);
462 }
463
464 int ManagerImpl::createKeyAES(
465     const int size,
466     const Alias &keyAlias,
467     const Policy &policyKey)
468 {
469     // proceed with sending request
470     int my_counter = ++m_counter;
471
472     return try_catch([&] {
473
474         MessageBuffer recv;
475         AliasSupport aliasHelper(keyAlias);
476         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_KEY_AES),
477                                              my_counter,
478                                              static_cast<int>(size),
479                                              PolicySerializable(policyKey),
480                                              aliasHelper.getName(),
481                                              aliasHelper.getLabel());
482
483         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
484         if (CKM_API_SUCCESS != retCode)
485             return retCode;
486
487         int command;
488         int counter;
489         recv.Deserialize(command, counter, retCode);
490         if (counter != my_counter) {
491             return CKM_API_ERROR_UNKNOWN;
492         }
493
494         return retCode;
495     });
496 }
497
498
499 int ManagerImpl::createKeyPair(
500     const KeyType key_type,
501     const int     additional_param,
502     const Alias  &privateKeyAlias,
503     const Alias  &publicKeyAlias,
504     const Policy &policyPrivateKey,
505     const Policy &policyPublicKey)
506 {
507     // input type check
508     CryptoAlgorithm keyGenAlgorithm;
509     switch(key_type)
510     {
511         case KeyType::KEY_RSA_PUBLIC:
512         case KeyType::KEY_RSA_PRIVATE:
513             keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
514             keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
515             break;
516
517         case KeyType::KEY_DSA_PUBLIC:
518         case KeyType::KEY_DSA_PRIVATE:
519             keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
520             keyGenAlgorithm.setParam(ParamName::GEN_KEY_LEN, additional_param);
521             break;
522
523         case KeyType::KEY_ECDSA_PUBLIC:
524         case KeyType::KEY_ECDSA_PRIVATE:
525             keyGenAlgorithm.setParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
526             keyGenAlgorithm.setParam(ParamName::GEN_EC, additional_param);
527             break;
528
529         default:
530             return CKM_API_ERROR_INPUT_PARAM;
531     }
532
533     // proceed with sending request
534     int my_counter = ++m_counter;
535
536     return try_catch([&] {
537
538         MessageBuffer recv;
539         AliasSupport privateHelper(privateKeyAlias);
540         AliasSupport publicHelper(publicKeyAlias);
541         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_KEY_PAIR),
542                                              my_counter,
543                                              CryptoAlgorithmSerializable(keyGenAlgorithm),
544                                              PolicySerializable(policyPrivateKey),
545                                              PolicySerializable(policyPublicKey),
546                                              privateHelper.getName(),
547                                              privateHelper.getLabel(),
548                                              publicHelper.getName(),
549                                              publicHelper.getLabel());
550
551         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
552         if (CKM_API_SUCCESS != retCode)
553             return retCode;
554
555         int command;
556         int counter;
557         recv.Deserialize(command, counter, retCode);
558         if (counter != my_counter) {
559             return CKM_API_ERROR_UNKNOWN;
560         }
561
562         return retCode;
563     });
564 }
565
566 int ManagerImpl::getCertificateChain(
567     const CertificateShPtr &certificate,
568     const CertificateShPtrVector &untrustedCertificates,
569     const CertificateShPtrVector &trustedCertificates,
570     bool useTrustedSystemCertificates,
571     CertificateShPtrVector &certificateChainVector)
572 {
573     RawBufferVector untrustedVector;
574     RawBufferVector trustedVector;
575
576     for (auto &e: untrustedCertificates) {
577         untrustedVector.push_back(e->getDER());
578     }
579     for (auto &e: trustedCertificates) {
580         trustedVector.push_back(e->getDER());
581     }
582
583     return getCertChain(
584             m_storageConnection,
585             LogicCommand::GET_CHAIN_CERT,
586             ++m_counter,
587             certificate,
588             untrustedVector,
589             trustedVector,
590             useTrustedSystemCertificates,
591             certificateChainVector);
592 }
593
594 int ManagerImpl::getCertificateChain(
595     const CertificateShPtr &certificate,
596     const AliasVector &untrustedCertificates,
597     const AliasVector &trustedCertificates,
598     bool useTrustedSystemCertificates,
599     CertificateShPtrVector &certificateChainVector)
600 {
601     LabelNameVector untrustedVector;
602     LabelNameVector trustedVector;
603
604     for (auto &e: untrustedCertificates) {
605         AliasSupport helper(e);
606         untrustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
607     }
608     for (auto &e: trustedCertificates) {
609         AliasSupport helper(e);
610         trustedVector.push_back(std::make_pair(helper.getLabel(), helper.getName()));
611     }
612
613     return getCertChain(
614             m_storageConnection,
615             LogicCommand::GET_CHAIN_ALIAS,
616             ++m_counter,
617             certificate,
618             untrustedVector,
619             trustedVector,
620             useTrustedSystemCertificates,
621             certificateChainVector);
622 }
623
624 int ManagerImpl::createSignature(
625     const Alias &privateKeyAlias,
626     const Password &password,           // password for private_key
627     const RawBuffer &message,
628     const HashAlgorithm hash,
629     const RSAPaddingAlgorithm padding,
630     RawBuffer &signature)
631 {
632     int my_counter = ++m_counter;
633
634     return try_catch([&] {
635
636         MessageBuffer recv;
637         AliasSupport helper(privateKeyAlias);
638         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_SIGNATURE),
639                                              my_counter,
640                                              helper.getName(),
641                                              helper.getLabel(),
642                                              password,
643                                              message,
644                                              static_cast<int>(hash),
645                                              static_cast<int>(padding));
646
647         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
648         if (CKM_API_SUCCESS != retCode)
649             return retCode;
650
651         int command;
652         int counter;
653         recv.Deserialize(command, counter, retCode, signature);
654
655         if ((command != static_cast<int>(LogicCommand::CREATE_SIGNATURE))
656             || (counter != my_counter))
657         {
658             return CKM_API_ERROR_UNKNOWN;
659         }
660
661         return retCode;
662     });
663 }
664
665 int ManagerImpl::verifySignature(
666     const Alias &publicKeyOrCertAlias,
667     const Password &password,           // password for public_key (optional)
668     const RawBuffer &message,
669     const RawBuffer &signature,
670     const HashAlgorithm hash,
671     const RSAPaddingAlgorithm padding)
672 {
673     int my_counter = ++m_counter;
674
675     return try_catch([&] {
676         MessageBuffer recv;
677         AliasSupport helper(publicKeyOrCertAlias);
678         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::VERIFY_SIGNATURE),
679                                              my_counter,
680                                              helper.getName(),
681                                              helper.getLabel(),
682                                              password,
683                                              message,
684                                              signature,
685                                              static_cast<int>(hash),
686                                              static_cast<int>(padding));
687
688         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
689         if (CKM_API_SUCCESS != retCode)
690             return retCode;
691
692         int command;
693         int counter;
694         recv.Deserialize(command, counter, retCode);
695
696         if ((command != static_cast<int>(LogicCommand::VERIFY_SIGNATURE))
697             || (counter != my_counter))
698         {
699             return CKM_API_ERROR_UNKNOWN;
700         }
701
702         return retCode;
703     });
704 }
705
706 int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus)
707 {
708     return try_catch([&] {
709         int my_counter = ++m_counter;
710         MessageBuffer recv;
711
712         RawBufferVector rawCertChain;
713         for (auto &e: certChain) {
714             rawCertChain.push_back(e->getDER());
715         }
716
717         auto send = MessageBuffer::Serialize(my_counter, rawCertChain);
718
719         int retCode = m_ocspConnection.processRequest(send.Pop(), recv);
720         if (CKM_API_SUCCESS != retCode)
721             return retCode;
722
723         int counter;
724         recv.Deserialize(counter, retCode, ocspStatus);
725
726         if (my_counter != counter) {
727             return CKM_API_ERROR_UNKNOWN;
728         }
729
730         return retCode;
731     });
732 }
733
734 int ManagerImpl::setPermission(const Alias &alias,
735                                const Label &accessor,
736                                PermissionMask permissionMask)
737 {
738     int my_counter = ++m_counter;
739
740     return try_catch([&] {
741         MessageBuffer recv;
742         AliasSupport helper(alias);
743         auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::SET_PERMISSION),
744                                              my_counter,
745                                              helper.getName(),
746                                              helper.getLabel(),
747                                              accessor,
748                                              permissionMask);
749
750         int retCode = m_storageConnection.processRequest(send.Pop(), recv);
751         if (CKM_API_SUCCESS != retCode)
752             return retCode;
753
754         int command;
755         int counter;
756         recv.Deserialize(command, counter, retCode);
757
758         if (my_counter != counter) {
759             return CKM_API_ERROR_UNKNOWN;
760         }
761
762         return retCode;
763     });
764 }
765
766 int ManagerImpl::crypt(EncryptionCommand command,
767           const CryptoAlgorithm &algo,
768           const Alias &keyAlias,
769           const Password &password,
770           const RawBuffer& input,
771           RawBuffer& output)
772 {
773     int my_counter = ++m_counter;
774
775     return try_catch([&] {
776         MessageBuffer recv;
777         AliasSupport helper(keyAlias);
778         CryptoAlgorithmSerializable cas(algo);
779         auto send = MessageBuffer::Serialize(static_cast<int>(command),
780                                              my_counter,
781                                              cas,
782                                              helper.getName(),
783                                              helper.getLabel(),
784                                              password,
785                                              input);
786
787         int retCode = m_encryptionConnection.processRequest(send.Pop(), recv);
788         if (CKM_API_SUCCESS != retCode)
789             return retCode;
790
791         int command;
792         int counter;
793         recv.Deserialize(command, counter, retCode, output);
794
795         if (my_counter != counter) {
796             return CKM_API_ERROR_UNKNOWN;
797         }
798
799         return retCode;
800     });
801 }
802
803 int ManagerImpl::encrypt(const CryptoAlgorithm &algo,
804             const Alias &keyAlias,
805             const Password &password,
806             const RawBuffer& plain,
807             RawBuffer& encrypted)
808 {
809     return crypt(EncryptionCommand::ENCRYPT, algo, keyAlias, password, plain, encrypted);
810 }
811
812 int ManagerImpl::decrypt(const CryptoAlgorithm &algo,
813                          const Alias &keyAlias,
814                          const Password &password,
815                          const RawBuffer& encrypted,
816                          RawBuffer& decrypted)
817 {
818     return crypt(EncryptionCommand::DECRYPT, algo, keyAlias, password, encrypted, decrypted);
819 }
820
821 ManagerShPtr Manager::create() {
822     try {
823         return std::make_shared<ManagerImpl>();
824     } catch (const std::bad_alloc &) {
825         LogDebug("Bad alloc was caught during ManagerImpl creation.");
826     } catch (...) {
827         LogError("Critical error: Unknown exception was caught during ManagerImpl creation!");
828     }
829     return ManagerShPtr();
830 }
831
832 } // namespace CKM
Domain: Security / Utilities;