From c1fe1e83ca540a1290f73dc077a0f8dcc0e67360 Mon Sep 17 00:00:00 2001 From: Bartlomiej Grzelewski Date: Mon, 26 Oct 2015 13:10:50 +0100 Subject: [PATCH] Protocol refactoring. Introduce CryptoAlgorithm in internal socket protocol. Change-Id: I70000a05e0a47d2b12af9b11324adf67da0f5e22 --- .../client-async/client-manager-async-impl.cpp | 12 ++++-------- .../client-async/client-manager-async-impl.h | 6 ++---- src/manager/client-async/client-manager-async.cpp | 10 ++++++++-- src/manager/client/client-manager-impl.cpp | 12 ++++-------- src/manager/client/client-manager-impl.h | 6 ++---- src/manager/client/client-manager.cpp | 12 ++++++++---- src/manager/service/ckm-logic.cpp | 13 ++----------- src/manager/service/ckm-logic.h | 6 ++---- src/manager/service/ckm-service.cpp | 21 ++++++++++----------- 9 files changed, 42 insertions(+), 56 deletions(-) diff --git a/src/manager/client-async/client-manager-async-impl.cpp b/src/manager/client-async/client-manager-async-impl.cpp index fb7bc8a..269ef13 100644 --- a/src/manager/client-async/client-manager-async-impl.cpp +++ b/src/manager/client-async/client-manager-async-impl.cpp @@ -187,8 +187,7 @@ void ManagerAsync::Impl::createSignature(const ObserverPtr& observer, const Alias& privateKeyAlias, const Password& password, const RawBuffer& message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) + const CryptoAlgorithm &cAlg) { observerCheck(observer); if (privateKeyAlias.empty() || message.empty()) { @@ -204,8 +203,7 @@ void ManagerAsync::Impl::createSignature(const ObserverPtr& observer, helper.getLabel(), password, message, - static_cast(hash), - static_cast(padding)); + CryptoAlgorithmSerializable(cAlg)); }, [&observer](int error) {observer->ReceivedError(error);}); } @@ -214,8 +212,7 @@ void ManagerAsync::Impl::verifySignature(const ObserverPtr& observer, const Password& password, const RawBuffer& message, const RawBuffer& signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) + const CryptoAlgorithm &cAlg) { observerCheck(observer); if (publicKeyOrCertAlias.empty() || message.empty() || signature.empty()) { @@ -232,8 +229,7 @@ void ManagerAsync::Impl::verifySignature(const ObserverPtr& observer, password, message, signature, - static_cast(hash), - static_cast(padding)); + CryptoAlgorithmSerializable(cAlg)); }, [&observer](int error){ observer->ReceivedError(error); } ); } diff --git a/src/manager/client-async/client-manager-async-impl.h b/src/manager/client-async/client-manager-async-impl.h index 02c132d..21013fc 100644 --- a/src/manager/client-async/client-manager-async-impl.h +++ b/src/manager/client-async/client-manager-async-impl.h @@ -65,16 +65,14 @@ public: const Alias& privateKeyAlias, const Password& password, const RawBuffer& message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding); + const CryptoAlgorithm& cAlgorithm); void verifySignature( const ObserverPtr& observer, const Alias& publicKeyOrCertAlias, const Password& password, const RawBuffer& message, const RawBuffer& signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding); + const CryptoAlgorithm& cAlgorithm); void ocspCheck( const ObserverPtr& observer, diff --git a/src/manager/client-async/client-manager-async.cpp b/src/manager/client-async/client-manager-async.cpp index f79d12b..92eb207 100644 --- a/src/manager/client-async/client-manager-async.cpp +++ b/src/manager/client-async/client-manager-async.cpp @@ -230,7 +230,10 @@ void ManagerAsync::createSignature(const ObserverPtr& observer, const HashAlgorithm hash, const RSAPaddingAlgorithm padding) { - m_impl->createSignature(observer, privateKeyAlias, password, message, hash, padding); + CryptoAlgorithm cAlg; + cAlg.setParam(ParamName::SV_HASH_ALGO, hash); + cAlg.setParam(ParamName::SV_RSA_PADDING, padding); + m_impl->createSignature(observer, privateKeyAlias, password, message, cAlg); } void ManagerAsync::verifySignature(const ObserverPtr& observer, @@ -241,7 +244,10 @@ void ManagerAsync::verifySignature(const ObserverPtr& observer, const HashAlgorithm hash, const RSAPaddingAlgorithm padding) { - m_impl->verifySignature(observer, publicKeyOrCertAlias, password, message, signature, hash, padding); + CryptoAlgorithm cAlg; + cAlg.setParam(ParamName::SV_HASH_ALGO, hash); + cAlg.setParam(ParamName::SV_RSA_PADDING, padding); + m_impl->verifySignature(observer, publicKeyOrCertAlias, password, message, signature, cAlg); } void ManagerAsync::ocspCheck(const ObserverPtr& observer, diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp index da199d7..790e541 100644 --- a/src/manager/client/client-manager-impl.cpp +++ b/src/manager/client/client-manager-impl.cpp @@ -631,8 +631,7 @@ int Manager::Impl::createSignature( const Alias &privateKeyAlias, const Password &password, // password for private_key const RawBuffer &message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding, + const CryptoAlgorithm &cAlgorithm, RawBuffer &signature) { int my_counter = ++m_counter; @@ -647,8 +646,7 @@ int Manager::Impl::createSignature( helper.getLabel(), password, message, - static_cast(hash), - static_cast(padding)); + CryptoAlgorithmSerializable(cAlgorithm)); int retCode = m_storageConnection.processRequest(send.Pop(), recv); if (CKM_API_SUCCESS != retCode) @@ -673,8 +671,7 @@ int Manager::Impl::verifySignature( const Password &password, // password for public_key (optional) const RawBuffer &message, const RawBuffer &signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) + const CryptoAlgorithm &cAlg) { int my_counter = ++m_counter; @@ -688,8 +685,7 @@ int Manager::Impl::verifySignature( password, message, signature, - static_cast(hash), - static_cast(padding)); + CryptoAlgorithmSerializable(cAlg)); int retCode = m_storageConnection.processRequest(send.Pop(), recv); if (CKM_API_SUCCESS != retCode) diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h index eebb7fd..29d381d 100644 --- a/src/manager/client/client-manager-impl.h +++ b/src/manager/client/client-manager-impl.h @@ -99,8 +99,7 @@ public: const Alias &privateKeyAlias, const Password &password, // password for private_key const RawBuffer &message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding, + const CryptoAlgorithm &cAlgorithm, RawBuffer &signature); int verifySignature( @@ -108,8 +107,7 @@ public: const Password &password, // password for public_key (optional) const RawBuffer &message, const RawBuffer &signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding); + const CryptoAlgorithm &cAlgorithm); int ocspCheck(const CertificateShPtrVector &certificateChain, int &ocspCheck); diff --git a/src/manager/client/client-manager.cpp b/src/manager/client/client-manager.cpp index 14927e7..6d8ed4b 100644 --- a/src/manager/client/client-manager.cpp +++ b/src/manager/client/client-manager.cpp @@ -174,12 +174,14 @@ int Manager::createSignature( const RSAPaddingAlgorithm padding, RawBuffer &signature) { + CryptoAlgorithm cAlg; + cAlg.setParam(ParamName::SV_HASH_ALGO, hash); + cAlg.setParam(ParamName::SV_RSA_PADDING, padding); return m_impl->createSignature( privateKeyAlias, password, message, - hash, - padding, + cAlg, signature); } @@ -191,13 +193,15 @@ int Manager::verifySignature( const HashAlgorithm hash, const RSAPaddingAlgorithm padding) { + CryptoAlgorithm cAlg; + cAlg.setParam(ParamName::SV_HASH_ALGO, hash); + cAlg.setParam(ParamName::SV_RSA_PADDING, padding); return m_impl->verifySignature( publicKeyOrCertAlias, password, message, signature, - hash, - padding); + cAlg); } int Manager::ocspCheck(const CertificateShPtrVector &certificateChainVector, int &ocspStatus) { diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index 0e33727..2dc20a7 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -1574,14 +1574,10 @@ RawBuffer CKMLogic::createSignature( const Label & ownerLabel, const Password &password, // password for private_key const RawBuffer &message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) + const CryptoAlgorithm &cryptoAlg) { DB::Row row; RawBuffer signature; - CryptoAlgorithm cryptoAlg; - cryptoAlg.setParam(ParamName::SV_HASH_ALGO, hash); - cryptoAlg.setParam(ParamName::SV_RSA_PADDING, padding); int retCode = CKM_API_SUCCESS; @@ -1616,18 +1612,13 @@ RawBuffer CKMLogic::verifySignature( const Password &password, // password for public_key (optional) const RawBuffer &message, const RawBuffer &signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) + const CryptoAlgorithm ¶ms) { int retCode = CKM_API_ERROR_VERIFICATION_FAILED; try { DB::Row row; - CryptoAlgorithm params; - params.setParam(ParamName::SV_HASH_ALGO, hash); - params.setParam(ParamName::SV_RSA_PADDING, padding); - // try certificate first - looking for a public key. // in case of PKCS, pub key from certificate will be found first // rather than private key from the same PKCS. diff --git a/src/manager/service/ckm-logic.h b/src/manager/service/ckm-logic.h index d3f0c40..472fea2 100644 --- a/src/manager/service/ckm-logic.h +++ b/src/manager/service/ckm-logic.h @@ -162,8 +162,7 @@ public: const Label & ownerLabel, const Password &password, // password for private_key const RawBuffer &message, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding); + const CryptoAlgorithm &cryptoAlgorithm); RawBuffer verifySignature( const Credentials &cred, @@ -173,8 +172,7 @@ public: const Password &password, // password for public_key (optional) const RawBuffer &message, const RawBuffer &signature, - const HashAlgorithm hash, - const RSAPaddingAlgorithm padding); + const CryptoAlgorithm &cryptoAlgorithm); RawBuffer updateCCMode(); diff --git a/src/manager/service/ckm-service.cpp b/src/manager/service/ckm-service.cpp index 6a744bd..47fef2b 100644 --- a/src/manager/service/ckm-service.cpp +++ b/src/manager/service/ckm-service.cpp @@ -338,8 +338,10 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer) { Password password; // password for private_key RawBuffer message; - int padding = 0, hash = 0; - buffer.Deserialize(name, label, password, message, hash, padding); + + CryptoAlgorithmSerializable cAlgorithm; + buffer.Deserialize(name, label, password, message, cAlgorithm); + return m_logic->createSignature( cred, msgID, @@ -347,24 +349,22 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer) label, password, // password for private_key message, - static_cast(hash), - static_cast(padding)); + cAlgorithm); } case LogicCommand::VERIFY_SIGNATURE: { Password password; // password for public_key (optional) RawBuffer message; RawBuffer signature; - //HashAlgorithm hash; - //RSAPaddingAlgorithm padding; - int padding = 0, hash = 0; + CryptoAlgorithmSerializable cAlg; + buffer.Deserialize(name, label, password, message, signature, - hash, - padding); + cAlg); + return m_logic->verifySignature( cred, msgID, @@ -373,8 +373,7 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer) password, // password for public_key (optional) message, signature, - static_cast(hash), - static_cast(padding)); + cAlg); } case LogicCommand::SET_PERMISSION: { -- 2.7.4