return CKMC_ERROR_INVALID_FORMAT;
}
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy);
return to_ckmc_error(ret);
return CKMC_ERROR_INVALID_FORMAT;
}
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
CKM::ManagerShPtr mgr = CKM::Manager::create();
int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy);
}
CKM::RawBuffer buffer(data.data, data.data + data.size);
- CKM::Policy storePolicy(_tostring(policy.password), policy.extractable, policy.restricted);
+ CKM::Policy storePolicy(_tostring(policy.password), policy.extractable);
CKM::ManagerShPtr mgr = CKM::Manager::create();
int ret = mgr->saveData(ckmAlias, buffer, storePolicy);
CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
ret = mgr->createKeyPairRSA(size, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
return to_ckmc_error(ret);
CKM::ElipticCurve ckmType = static_cast<CKM::ElipticCurve>(static_cast<int>(type));
CKM::Alias ckmPrivakeKeyAlias(private_key_alias);
CKM::Alias ckmPublicKeyAlias(public_key_alias);
- CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable, policy_private_key.restricted);
- CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable, policy_public_key.restricted);
+ CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable);
+ CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable);
int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy);
return to_ckmc_error(ret);
"CREATE TABLE CKM_TABLE("
" alias TEXT NOT NULL,"
" label TEXT NOT NULL,"
- " restricted INTEGER NOT NULL,"
" exportable INTEGER NOT NULL,"
" dataType INTEGER NOT NULL,"
" algorithmType INTEGER NOT NULL,"
" data BLOB NOT NULL,"
" tag BLOB NOT NULL,"
" PRIMARY KEY(alias, label),"
- " UNIQUE(alias, restricted)"
+ " UNIQUE(alias)"
");";
const char *insert_main_cmd =
"INSERT INTO CKM_TABLE("
- // 1 2 3 4
- " alias, label, restricted, exportable,"
- // 5 6 7
+ // 1 2 3
+ " alias, label, exportable,"
+ // 4 5 6
" dataType, algorithmType, encryptionScheme,"
- // 8 9 10 11
+ // 7 8 9 10
" iv, dataSize, data, tag) "
"VALUES("
- " ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);";
+ " ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);";
const char *select_alias_cmd =
- // 1 2 3
- "SELECT * FROM CKM_TABLE WHERE alias=? AND dataType=? AND restricted=1 AND label=? "
- " UNION ALL "
- // 4 5
- " SELECT * FROM CKM_TABLE WHERE alias=? AND dataType=? AND restricted=0;";
+ // 1 2 3
+ "SELECT * FROM CKM_TABLE WHERE alias=? AND dataType=? AND label=?; ";
const char *select_check_alias_cmd =
// 1 2
- "SELECT dataType FROM CKM_TABLE WHERE alias=? AND label=? AND restricted=1; ";
+ "SELECT dataType FROM CKM_TABLE WHERE alias=? AND label=?; ";
const char *select_check_global_alias_cmd =
// 1
- "SELECT label FROM CKM_TABLE WHERE alias=? AND restricted=0;";
+ "SELECT label FROM CKM_TABLE WHERE alias=? ;";
const char *select_count_rows_cmd =
// 1 2
"SELECT * FROM CKM_TABLE WHERE alias=?"
// 2 3
" AND dataType BETWEEN ? AND ? "
- // 4
- " AND (restricted=0 OR label=?);";
+ // 4
+ " AND label=? ;";
const char *select_key_type_cmd =
"SELECT alias FROM CKM_TABLE WHERE "
" dataType >= ? AND "
// 2
" dataType <= ? AND "
- // 3
- " (restricted=0 OR label=?)";
+ // 3
+ " label=?;";
const char *select_type_cmd =
- // 1
- "SELECT alias FROM CKM_TABLE WHERE dataType=? AND restricted=0 "
- "UNION ALL "
- // 2 3
- "SELECT alias FROM CKM_TABLE WHERE dataType=? AND restricted=1 AND label=?;";
+ // 1 2
+ "SELECT alias FROM CKM_TABLE WHERE dataType=? AND label=?;";
const char *delete_alias_cmd =
// 1 2
//Sqlite does not support partial index in our version,
//so we do it by hand
Transaction transaction(this);
- if((row.restricted == 1 && checkAliasExist(row.alias, row.smackLabel)) ||
- (row.restricted == 0 && checkGlobalAliasExist(row.alias))) {
+ if(checkAliasExist(row.alias, row.smackLabel)) {
ThrowMsg(DBCrypto::Exception::AliasExists,
"Alias exists for alias: " << row.alias
<< ", label: " << row.smackLabel);
m_connection->PrepareDataCommand(insert_main_cmd);
insertCommand->BindString(1, row.alias.c_str());
insertCommand->BindString(2, row.smackLabel.c_str());
- insertCommand->BindInteger(3, row.restricted);
- insertCommand->BindInteger(4, row.exportable);
- insertCommand->BindInteger(5, static_cast<int>(row.dataType));
- insertCommand->BindInteger(6, static_cast<int>(row.algorithmType));
- insertCommand->BindInteger(7, row.encryptionScheme);
- insertCommand->BindBlob(8, row.iv);
- insertCommand->BindInteger(9, row.dataSize);
- insertCommand->BindBlob(10, row.data);
- insertCommand->BindBlob(11, row.tag);
+ insertCommand->BindInteger(3, row.exportable);
+ insertCommand->BindInteger(4, static_cast<int>(row.dataType));
+ insertCommand->BindInteger(5, static_cast<int>(row.algorithmType));
+ insertCommand->BindInteger(6, row.encryptionScheme);
+ insertCommand->BindBlob(7, row.iv);
+ insertCommand->BindInteger(8, row.dataSize);
+ insertCommand->BindBlob(9, row.data);
+ insertCommand->BindBlob(10, row.tag);
insertCommand->Step();
transaction.commit();
DBRow row;
row.alias = selectCommand->GetColumnString(0);
row.smackLabel = selectCommand->GetColumnString(1);
- row.restricted = selectCommand->GetColumnInteger(2);
- row.exportable = selectCommand->GetColumnInteger(3);
- row.dataType = static_cast<DBDataType>(selectCommand->GetColumnInteger(4));
- row.algorithmType = static_cast<DBCMAlgType>(selectCommand->GetColumnInteger(5));
- row.encryptionScheme = selectCommand->GetColumnInteger(6);
- row.iv = selectCommand->GetColumnBlob(7);
- row.dataSize = selectCommand->GetColumnInteger(8);
- row.data = selectCommand->GetColumnBlob(9);
- row.tag = selectCommand->GetColumnBlob(10);
+ row.exportable = selectCommand->GetColumnInteger(2);
+ row.dataType = static_cast<DBDataType>(selectCommand->GetColumnInteger(3));
+ row.algorithmType = static_cast<DBCMAlgType>(selectCommand->GetColumnInteger(4));
+ row.encryptionScheme = selectCommand->GetColumnInteger(5);
+ row.iv = selectCommand->GetColumnBlob(6);
+ row.dataSize = selectCommand->GetColumnInteger(7);
+ row.data = selectCommand->GetColumnBlob(8);
+ row.tag = selectCommand->GetColumnBlob(9);
return row;
}
selectCommand->BindString(1, alias.c_str());
selectCommand->BindInteger(2, static_cast<int>(type));
selectCommand->BindString(3, label.c_str());
- selectCommand->BindString(4, alias.c_str());
- selectCommand->BindInteger(5, static_cast<int>(type));
if(selectCommand->Step()) {
transaction.commit();
SqlConnection::DataCommandUniquePtr selectCommand =
m_connection->PrepareDataCommand(select_type_cmd);
selectCommand->BindInteger(1, static_cast<int>(type));
- selectCommand->BindInteger(2, static_cast<int>(type));
- selectCommand->BindString(3, label.c_str());
+ selectCommand->BindString(2, label.c_str());
while(selectCommand->Step()) {
Alias alias;
const int restricted_local = 1;
const int restricted_global = 0;
-DBRow createDefaultRow(int restricted = restricted_local,
- DBDataType type = DBDataType::BINARY_DATA) {
+DBRow createDefaultRow(DBDataType type = DBDataType::BINARY_DATA) {
DBRow row;
row.alias = default_alias;
row.smackLabel = default_label;
row.exportable = 1;
- row.restricted = restricted;
row.algorithmType = DBCMAlgType::AES_GCM_256;
row.dataType = type;
row.iv = createDefaultPass();
"smackLabel didn't match! Got: " << rhs.smackLabel
<< " , expected : " << lhs.smackLabel);
- BOOST_CHECK_MESSAGE(lhs.restricted == rhs.restricted,
- "restricted didn't match! Got: " << rhs.restricted
- << " , expected : " << lhs.restricted);
-
BOOST_CHECK_MESSAGE(lhs.exportable == rhs.exportable,
"exportable didn't match! Got: " << rhs.exportable
<< " , expected : " << lhs.exportable);
DBCrypto db;
BOOST_REQUIRE_NO_THROW(db = DBCrypto(crypto_db, defaultPass));
- DBRow rowPattern = createDefaultRow(restricted_global);
+ DBRow rowPattern = createDefaultRow();
rowPattern.data = RawBuffer(1024, 2);
rowPattern.dataSize = rowPattern.data.size();
DBCrypto db;
BOOST_REQUIRE_NO_THROW(db = DBCrypto(crypto_db, defaultPass));
- DBRow rowPattern = createDefaultRow(0);
+ DBRow rowPattern = createDefaultRow();
rowPattern.data = RawBuffer(100, 20);
rowPattern.dataSize = rowPattern.data.size();
DBCrypto::Transaction transaction(&db);