2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file ckm-service.cpp
18 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
20 * @brief CKM service implementation.
23 #include <protocols.h>
25 #include <dpl/serialization.h>
26 #include <dpl/log/log.h>
28 #include <ckm-service.h>
29 #include <ckm-logic.h>
32 const CKM::InterfaceID SOCKET_ID_CONTROL = 0;
33 const CKM::InterfaceID SOCKET_ID_STORAGE = 1;
34 } // namespace anonymous
38 CKMService::CKMService()
39 : m_logic(new CKMLogic)
42 CKMService::~CKMService() {
46 void CKMService::Start() {
50 void CKMService::Stop() {
54 GenericSocketService::ServiceDescriptionVector CKMService::GetServiceDescription()
56 return ServiceDescriptionVector {
57 {SERVICE_SOCKET_CKM_CONTROL, "key-manager::api-control", SOCKET_ID_CONTROL},
58 {SERVICE_SOCKET_CKM_STORAGE, "key-manager::api-storage", SOCKET_ID_STORAGE}
62 bool CKMService::ProcessOne(
63 const ConnectionID &conn,
66 LogDebug ("process One");
70 if (!info.buffer.Ready())
73 if (info.interfaceID == SOCKET_ID_CONTROL)
74 response = ProcessControl(info.buffer);
76 response = ProcessStorage(info.credentials, info.buffer);
78 m_serviceManager->Write(conn, response);
81 } Catch (MessageBuffer::Exception::Base) {
82 LogError("Broken protocol. Closing socket.");
83 } Catch (Exception::BrokenProtocol) {
84 LogError("Broken protocol. Closing socket.");
85 } catch (const DataType::Exception::Base &e) {
86 LogError("Closing socket. DBDataType::Exception: " << e.DumpToString());
87 } catch (const std::string &e) {
88 LogError("String exception(" << e << "). Closing socket");
89 } catch (const std::exception &e) {
90 LogError("Std exception:: " << e.what());
92 LogError("Unknown exception. Closing socket.");
95 m_serviceManager->Close(conn);
99 RawBuffer CKMService::ProcessControl(MessageBuffer &buffer) {
103 Password newPass, oldPass;
106 buffer.Deserialize(command);
108 LogDebug("Process control. Command: " << command);
110 cc = static_cast<ControlCommand>(command);
113 case ControlCommand::UNLOCK_USER_KEY:
114 buffer.Deserialize(user, newPass);
115 return m_logic->unlockUserKey(user, newPass);
116 case ControlCommand::LOCK_USER_KEY:
117 buffer.Deserialize(user);
118 return m_logic->lockUserKey(user);
119 case ControlCommand::REMOVE_USER_DATA:
120 buffer.Deserialize(user);
121 return m_logic->removeUserData(user);
122 case ControlCommand::CHANGE_USER_PASSWORD:
123 buffer.Deserialize(user, oldPass, newPass);
124 return m_logic->changeUserPassword(user, oldPass, newPass);
125 case ControlCommand::RESET_USER_PASSWORD:
126 buffer.Deserialize(user, newPass);
127 return m_logic->resetUserPassword(user, newPass);
128 case ControlCommand::REMOVE_APP_DATA:
129 buffer.Deserialize(smackLabel);
130 return m_logic->removeApplicationData(smackLabel);
131 case ControlCommand::UPDATE_CC_MODE:
132 return m_logic->updateCCMode();
133 case ControlCommand::SET_PERMISSION:
138 PermissionMask permissionMask = 0;
140 buffer.Deserialize(user, name, label, accessorLabel, permissionMask);
142 Credentials cred(user, label);
143 return m_logic->setPermission(
153 Throw(Exception::BrokenProtocol);
157 RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer)
163 Label label, accessorLabel;
166 buffer.Deserialize(command);
167 buffer.Deserialize(msgID);
169 LogDebug("Process storage. Command: " << command);
171 switch(static_cast<LogicCommand>(command)) {
172 case LogicCommand::SAVE:
175 PolicySerializable policy;
176 buffer.Deserialize(tmpDataType, name, label, rawData, policy);
177 return m_logic->saveData(
183 DataType(tmpDataType),
186 case LogicCommand::SAVE_PKCS12:
189 PKCS12Serializable pkcs;
190 PolicySerializable keyPolicy, certPolicy;
191 buffer.Deserialize(name, label, pkcs, keyPolicy, certPolicy);
192 return m_logic->savePKCS12(
201 case LogicCommand::REMOVE:
203 buffer.Deserialize(name, label);
204 return m_logic->removeData(
210 case LogicCommand::GET:
213 buffer.Deserialize(tmpDataType, name, label, password);
214 return m_logic->getData(
217 DataType(tmpDataType),
222 case LogicCommand::GET_PKCS12:
226 buffer.Deserialize(name,
230 return m_logic->getPKCS12(
238 case LogicCommand::GET_LIST:
240 buffer.Deserialize(tmpDataType);
241 return m_logic->getDataList(
244 DataType(tmpDataType));
246 case LogicCommand::CREATE_KEY_AES:
251 PolicySerializable policyKey;
252 buffer.Deserialize(size,
256 return m_logic->createKeyAES(
264 case LogicCommand::CREATE_KEY_PAIR:
266 CryptoAlgorithmSerializable keyGenAlgorithm;
268 Label privateKeyLabel;
270 Label publicKeyLabel;
271 PolicySerializable policyPrivateKey;
272 PolicySerializable policyPublicKey;
273 buffer.Deserialize(keyGenAlgorithm,
280 return m_logic->createKeyPair(
291 case LogicCommand::GET_CHAIN_CERT:
293 RawBuffer certificate;
294 RawBufferVector untrustedVector;
295 RawBufferVector trustedVector;
297 buffer.Deserialize(certificate, untrustedVector, trustedVector, systemCerts);
298 return m_logic->getCertificateChain(
306 case LogicCommand::GET_CHAIN_ALIAS:
308 RawBuffer certificate;
309 LabelNameVector untrustedVector;
310 LabelNameVector trustedVector;
312 buffer.Deserialize(certificate, untrustedVector, trustedVector, systemCerts);
313 return m_logic->getCertificateChain(
321 case LogicCommand::CREATE_SIGNATURE:
323 Password password; // password for private_key
325 int padding = 0, hash = 0;
326 buffer.Deserialize(name, label, password, message, hash, padding);
327 return m_logic->createSignature(
332 password, // password for private_key
334 static_cast<HashAlgorithm>(hash),
335 static_cast<RSAPaddingAlgorithm>(padding));
337 case LogicCommand::VERIFY_SIGNATURE:
339 Password password; // password for public_key (optional)
342 //HashAlgorithm hash;
343 //RSAPaddingAlgorithm padding;
344 int padding = 0, hash = 0;
345 buffer.Deserialize(name,
352 return m_logic->verifySignature(
357 password, // password for public_key (optional)
360 static_cast<const HashAlgorithm>(hash),
361 static_cast<const RSAPaddingAlgorithm>(padding));
363 case LogicCommand::SET_PERMISSION:
365 PermissionMask permissionMask = 0;
366 buffer.Deserialize(name, label, accessorLabel, permissionMask);
367 return m_logic->setPermission(
377 Throw(Exception::BrokenProtocol);