Protocol changed: single command to generate all types of asymetric keys.
Change-Id: Iafe2b593c3945ff0e3fcc31241faea3a542aca65
virtual void ReceivedCertificateAliasVector(AliasVector &&) {}
virtual void ReceivedDataAliasVector(AliasVector &&) {}
- virtual void ReceivedCreateKeyPairRSA() {}
- virtual void ReceivedCreateKeyPairDSA() {}
- virtual void ReceivedCreateKeyPairECDSA() {}
+ virtual void ReceivedCreateKeyPair() {}
virtual void ReceivedGetCertificateChain(CertificateShPtrVector &&) {}
return;
}
// input type check
- LogicCommand cmd_type;
+ CryptoAlgorithm keyGenAlgorithm;
switch(key_type)
{
case KeyType::KEY_RSA_PUBLIC:
case KeyType::KEY_RSA_PRIVATE:
- cmd_type = LogicCommand::CREATE_KEY_PAIR_RSA;
+ keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
+ keyGenAlgorithm.addParam(ParamName::GEN_KEY_LEN, additional_param);
break;
case KeyType::KEY_DSA_PUBLIC:
case KeyType::KEY_DSA_PRIVATE:
- cmd_type = LogicCommand::CREATE_KEY_PAIR_DSA;
+ keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
+ keyGenAlgorithm.addParam(ParamName::GEN_KEY_LEN, additional_param);
break;
case KeyType::KEY_ECDSA_PUBLIC:
case KeyType::KEY_ECDSA_PRIVATE:
- cmd_type = LogicCommand::CREATE_KEY_PAIR_ECDSA;
+ keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
+ keyGenAlgorithm.addParam(ParamName::GEN_EC, additional_param);
break;
default:
AliasSupport prvHelper(privateKeyAlias);
AliasSupport pubHelper(publicKeyAlias);
sendToStorage(observer,
- static_cast<int>(cmd_type),
+ static_cast<int>(LogicCommand::CREATE_KEY_PAIR),
m_counter,
- static_cast<int>(additional_param),
+ CryptoAlgorithmSerializable(keyGenAlgorithm),
PolicySerializable(policyPrivateKey),
PolicySerializable(policyPublicKey),
prvHelper.getName(),
case LogicCommand::REMOVE:
parseRemoveCommand();
break;
- case LogicCommand::CREATE_KEY_PAIR_RSA:
- parseRetCode(&ManagerAsync::Observer::ReceivedCreateKeyPairRSA);
- break;
- case LogicCommand::CREATE_KEY_PAIR_ECDSA:
- parseRetCode(&ManagerAsync::Observer::ReceivedCreateKeyPairECDSA);
+ case LogicCommand::CREATE_KEY_PAIR:
+ parseRetCode(&ManagerAsync::Observer::ReceivedCreateKeyPair);
break;
case LogicCommand::GET_CHAIN_CERT:
case LogicCommand::GET_CHAIN_ALIAS:
case LogicCommand::VERIFY_SIGNATURE:
parseRetCode(&ManagerAsync::Observer::ReceivedVerifySignature);
break;
- case LogicCommand::CREATE_KEY_PAIR_DSA:
- parseRetCode(&ManagerAsync::Observer::ReceivedCreateKeyPairDSA);
- break;
case LogicCommand::SET_PERMISSION:
parseRetCode(&ManagerAsync::Observer::ReceivedSetPermission);
break;
const Policy &policyPublicKey)
{
// input type check
- LogicCommand cmd_type;
+ CryptoAlgorithm keyGenAlgorithm;
switch(key_type)
{
case KeyType::KEY_RSA_PUBLIC:
case KeyType::KEY_RSA_PRIVATE:
- cmd_type = LogicCommand::CREATE_KEY_PAIR_RSA;
+ keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
+ keyGenAlgorithm.addParam(ParamName::GEN_KEY_LEN, additional_param);
break;
case KeyType::KEY_DSA_PUBLIC:
case KeyType::KEY_DSA_PRIVATE:
- cmd_type = LogicCommand::CREATE_KEY_PAIR_DSA;
+ keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
+ keyGenAlgorithm.addParam(ParamName::GEN_KEY_LEN, additional_param);
break;
case KeyType::KEY_ECDSA_PUBLIC:
case KeyType::KEY_ECDSA_PRIVATE:
- cmd_type = LogicCommand::CREATE_KEY_PAIR_ECDSA;
+ keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
+ keyGenAlgorithm.addParam(ParamName::GEN_EC, additional_param);
break;
default:
MessageBuffer recv;
AliasSupport privateHelper(privateKeyAlias);
AliasSupport publicHelper(publicKeyAlias);
- auto send = MessageBuffer::Serialize(static_cast<int>(cmd_type),
+ auto send = MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_KEY_PAIR),
my_counter,
- static_cast<int>(additional_param),
+ CryptoAlgorithmSerializable(keyGenAlgorithm),
PolicySerializable(policyPrivateKey),
PolicySerializable(policyPublicKey),
privateHelper.getName(),
}
}
+DataType::DataType(AlgoType algorithmType) {
+ switch(algorithmType) {
+ case AlgoType::AES_CTR:
+ case AlgoType::AES_CBC:
+ case AlgoType::AES_GCM:
+ case AlgoType::AES_CFB: m_dataType = DataType::KEY_AES; break;
+ case AlgoType::RSA_GEN: m_dataType = DataType::KEY_RSA_PUBLIC; break;
+ case AlgoType::DSA_GEN: m_dataType = DataType::KEY_DSA_PUBLIC; break;
+ case AlgoType::ECDSA_GEN: m_dataType = DataType::KEY_ECDSA_PUBLIC; break;
+ default:
+ ThrowMsg(Exception::OutOfRange, "Invalid conversion from AlgoType to DBDataType");
+ }
+}
+
DataType::DataType(int data)
: m_dataType(static_cast<Type>(data))
{
DataType(Type data);
explicit DataType(int data);
explicit DataType(KeyType key);
+ explicit DataType(AlgoType algorithmType);
DataType(const DataType &) = default;
DataType& operator=(const DataType &) = default;
REMOVE_APP_DATA,
UPDATE_CC_MODE,
SET_PERMISSION
- // for backward compatibility append new at the end
};
enum class LogicCommand : int {
GET_LIST,
SAVE,
REMOVE,
- CREATE_KEY_PAIR_RSA,
- CREATE_KEY_PAIR_ECDSA,
+ CREATE_KEY_PAIR,
GET_CHAIN_CERT,
GET_CHAIN_ALIAS,
CREATE_SIGNATURE,
VERIFY_SIGNATURE,
- CREATE_KEY_PAIR_DSA,
SET_PERMISSION,
SAVE_PKCS12,
GET_PKCS12
- // for backward compatibility append new at the end
};
enum class EncryptionCommand : int {
int CKMLogic::createKeyPairHelper(
const Credentials &cred,
- const KeyType key_type,
- const int additional_param,
+ const CryptoAlgorithmSerializable & keyGenParams,
const Name &namePrivate,
const Label &labelPrivate,
const Name &namePublic,
const PolicySerializable &policyPrivate,
const PolicySerializable &policyPublic)
{
- CryptoAlgorithm keyGenAlgorithm;
- switch(key_type)
- {
- case KeyType::KEY_RSA_PUBLIC:
- case KeyType::KEY_RSA_PRIVATE:
- keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::RSA_GEN);
- keyGenAlgorithm.addParam(ParamName::GEN_KEY_LEN, additional_param);
- break;
-
- case KeyType::KEY_DSA_PUBLIC:
- case KeyType::KEY_DSA_PRIVATE:
- keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::DSA_GEN);
- keyGenAlgorithm.addParam(ParamName::GEN_KEY_LEN, additional_param);
- break;
-
- case KeyType::KEY_ECDSA_PUBLIC:
- case KeyType::KEY_ECDSA_PRIVATE:
- keyGenAlgorithm.addParam(ParamName::ALGO_TYPE, AlgoType::ECDSA_GEN);
- keyGenAlgorithm.addParam(ParamName::GEN_EC, additional_param);
- break;
-
- default:
- LogError("Invalid key_type for asymetric key generation: " << (int)key_type);
- return CKM_API_ERROR_INPUT_PARAM;
- }
-
auto &handlerPriv = selectDatabase(cred, labelPrivate);
auto &handlerPub = selectDatabase(cred, labelPublic);
+ AlgoType keyType = AlgoType::RSA_GEN;
+ if(!keyGenParams.getParam(ParamName::ALGO_TYPE, keyType))
+ ThrowMsg(Crypto::Exception::InputParam, "Error, parameter ALGO_TYPE not found.");
+ DataType dt(keyType);
+ if(!dt.isKey())
+ ThrowMsg(Crypto::Exception::InputParam, "Error, parameter ALGO_TYPE with wrong value.");
+
bool exportable = policyPrivate.extractable || policyPublic.extractable;
- TokenPair keys = m_decider.getStore(DataType(key_type), exportable).generateAKey(keyGenAlgorithm);
+ TokenPair keys = m_decider.getStore(dt, exportable).generateAKey(keyGenParams);
DB::Crypto::Transaction transactionPriv(&handlerPriv.database);
// in case the same database is used for private and public - the second
RawBuffer CKMLogic::createKeyPair(
const Credentials &cred,
- LogicCommand protocol_cmd,
int commandId,
- const int additional_param,
+ const CryptoAlgorithmSerializable & keyGenParams,
const Name &namePrivate,
const Label &labelPrivate,
const Name &namePublic,
{
int retCode = CKM_API_SUCCESS;
- KeyType key_type = KeyType::KEY_NONE;
- switch(protocol_cmd)
- {
- case LogicCommand::CREATE_KEY_PAIR_RSA:
- key_type = KeyType::KEY_RSA_PUBLIC;
- break;
- case LogicCommand::CREATE_KEY_PAIR_DSA:
- key_type = KeyType::KEY_DSA_PUBLIC;
- break;
- case LogicCommand::CREATE_KEY_PAIR_ECDSA:
- key_type = KeyType::KEY_ECDSA_PUBLIC;
- break;
- default:
- break;
- }
-
try {
retCode = createKeyPairHelper(
cred,
- key_type,
- additional_param,
+ keyGenParams,
namePrivate,
labelPrivate,
namePublic,
retCode = CKM_API_ERROR_SERVER_ERROR;
}
- return MessageBuffer::Serialize(static_cast<int>(protocol_cmd), commandId, retCode).Pop();
+ return MessageBuffer::Serialize(static_cast<int>(LogicCommand::CREATE_KEY_PAIR),
+ commandId, retCode).Pop();
}
int CKMLogic::readCertificateHelper(
RawBuffer createKeyPair(
const Credentials &cred,
- LogicCommand protocol_cmd,
int commandId,
- const int additional_param,
+ const CryptoAlgorithmSerializable & keyGenParams,
const Name &namePrivate,
const Label &labelPrivate,
const Name &namePublic,
int createKeyPairHelper(
const Credentials &cred,
- const KeyType key_type,
- const int additional_param,
+ const CryptoAlgorithmSerializable & keyGenParams,
const Name &namePrivate,
const Label &labelPrivate,
const Name &namePublic,
msgID,
DataType(tmpDataType));
}
- case LogicCommand::CREATE_KEY_PAIR_RSA:
- case LogicCommand::CREATE_KEY_PAIR_DSA:
- case LogicCommand::CREATE_KEY_PAIR_ECDSA:
+ case LogicCommand::CREATE_KEY_PAIR:
{
- int additional_param = 0;
+ CryptoAlgorithmSerializable keyGenAlgorithm;
Name privateKeyName;
Label privateKeyLabel;
Name publicKeyName;
Label publicKeyLabel;
PolicySerializable policyPrivateKey;
PolicySerializable policyPublicKey;
- buffer.Deserialize(additional_param,
+ buffer.Deserialize(keyGenAlgorithm,
policyPrivateKey,
policyPublicKey,
privateKeyName,
publicKeyLabel);
return m_logic->createKeyPair(
cred,
- static_cast<LogicCommand>(command),
msgID,
- additional_param,
+ keyGenAlgorithm,
privateKeyName,
privateKeyLabel,
publicKeyName,
projects / platform / core / security / key-manager.git / commitdiff