// check if save is possible
DB::Crypto::Transaction transaction(&handler.database);
int retCode = checkSaveConditions(rootCred, handler, name, CLIENT_ID_SYSTEM);
-
if (retCode != CKM_API_SUCCESS)
return retCode;
// use client id if not explicitly provided
const ClientId &owner = explicitOwner.empty() ? cred.client : explicitOwner;
- if (m_accessControl.isSystemService(cred) &&
- owner.compare(CLIENT_ID_SYSTEM) != 0) {
- LogError("System services can only use " << CLIENT_ID_SYSTEM << " as owner id") ;
- return CKM_API_ERROR_INPUT_PARAM;
- }
-
// check if save is possible
DB::Crypto::Transaction transaction(&handler.database);
int retCode = checkSaveConditions(cred, handler, name, owner);
-
if (retCode != CKM_API_SUCCESS)
return retCode;
// use client id if not explicitly provided
const ClientId &owner = explicitOwner.empty() ? cred.client : explicitOwner;
- if (m_accessControl.isSystemService(cred) &&
- owner.compare(CLIENT_ID_SYSTEM) != 0)
- return CKM_API_ERROR_INPUT_PARAM;
-
// check if save is possible
DB::Crypto::Transaction transaction(&handler.database);
int retCode = checkSaveConditions(cred, handler, name, owner);
-
if (retCode != CKM_API_SUCCESS)
return retCode;
// use client id if not explicitly provided
const ClientId &owner = explicitOwner.empty() ? cred.client : explicitOwner;
- if (m_accessControl.isSystemService(cred) &&
- owner.compare(CLIENT_ID_SYSTEM) != 0)
- return CKM_API_ERROR_INPUT_PARAM;
-
// check if save is possible
DB::Crypto::Transaction transaction(&handler.database);
int retCode = checkSaveConditions(cred, handler, name, owner);
-
if (retCode != CKM_API_SUCCESS)
return retCode;
const ClientId &ownerPrv = explicitOwnerPrivate.empty() ? cred.client :
explicitOwnerPrivate;
- if (m_accessControl.isSystemService(cred) &&
- ownerPrv.compare(CLIENT_ID_SYSTEM) != 0)
- return CKM_API_ERROR_INPUT_PARAM;
-
const ClientId &ownerPub = explicitOwnerPublic.empty() ? cred.client :
explicitOwnerPublic;
- if (m_accessControl.isSystemService(cred) &&
- ownerPub.compare(CLIENT_ID_SYSTEM) != 0)
- return CKM_API_ERROR_INPUT_PARAM;
-
bool exportable = policyPrivate.extractable || policyPublic.extractable;
Policy lessRestricted(Password(), exportable, policyPrivate.backend);
int retCode;
retCode = checkSaveConditions(cred, handlerPriv, namePrivate, ownerPrv);
-
if (CKM_API_SUCCESS != retCode)
return retCode;
retCode = checkSaveConditions(cred, handlerPub, namePublic, ownerPub);
-
if (CKM_API_SUCCESS != retCode)
return retCode;