summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBartlomiej Grzelewski <b.grzelewski@samsung.com>2015-10-26 13:10:50 +0100
committerBartlomiej Grzelewski <b.grzelewski@samsung.com>2015-10-28 16:31:01 +0100
commitc1fe1e83ca540a1290f73dc077a0f8dcc0e67360 (patch)
treeb12c9b1a4db88f2d913841b1345fed94d33c358e
parentd31fd54fd0a5edc0b1049ab4394a9dedbf13b72e (diff)
downloadkey-manager-c1fe1e83ca540a1290f73dc077a0f8dcc0e67360.tar.gz
key-manager-c1fe1e83ca540a1290f73dc077a0f8dcc0e67360.tar.bz2
key-manager-c1fe1e83ca540a1290f73dc077a0f8dcc0e67360.zip
Protocol refactoring.
Introduce CryptoAlgorithm in internal socket protocol. Change-Id: I70000a05e0a47d2b12af9b11324adf67da0f5e22
Diffstat
-rw-r--r--src/manager/client-async/client-manager-async-impl.cpp12
-rw-r--r--src/manager/client-async/client-manager-async-impl.h6
-rw-r--r--src/manager/client-async/client-manager-async.cpp10
-rw-r--r--src/manager/client/client-manager-impl.cpp12
-rw-r--r--src/manager/client/client-manager-impl.h6
-rw-r--r--src/manager/client/client-manager.cpp12
-rw-r--r--src/manager/service/ckm-logic.cpp13
-rw-r--r--src/manager/service/ckm-logic.h6
-rw-r--r--src/manager/service/ckm-service.cpp21
9 files changed, 42 insertions, 56 deletions
diff --git a/src/manager/client-async/client-manager-async-impl.cpp b/src/manager/client-async/client-manager-async-impl.cpp
index fb7bc8ad..269ef134 100644
--- a/src/manager/client-async/client-manager-async-impl.cpp
+++ b/src/manager/client-async/client-manager-async-impl.cpp
@@ -187,8 +187,7 @@ void ManagerAsync::Impl::createSignature(const ObserverPtr& observer,
const Alias& privateKeyAlias,
const Password& password,
const RawBuffer& message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &cAlg)
{
observerCheck(observer);
if (privateKeyAlias.empty() || message.empty()) {
@@ -204,8 +203,7 @@ void ManagerAsync::Impl::createSignature(const ObserverPtr& observer,
helper.getLabel(),
password,
message,
- static_cast<int>(hash),
- static_cast<int>(padding));
+ CryptoAlgorithmSerializable(cAlg));
}, [&observer](int error) {observer->ReceivedError(error);});
}
@@ -214,8 +212,7 @@ void ManagerAsync::Impl::verifySignature(const ObserverPtr& observer,
const Password& password,
const RawBuffer& message,
const RawBuffer& signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &cAlg)
{
observerCheck(observer);
if (publicKeyOrCertAlias.empty() || message.empty() || signature.empty()) {
@@ -232,8 +229,7 @@ void ManagerAsync::Impl::verifySignature(const ObserverPtr& observer,
password,
message,
signature,
- static_cast<int>(hash),
- static_cast<int>(padding));
+ CryptoAlgorithmSerializable(cAlg));
}, [&observer](int error){ observer->ReceivedError(error); } );
}
diff --git a/src/manager/client-async/client-manager-async-impl.h b/src/manager/client-async/client-manager-async-impl.h
index 02c132dc..21013fc5 100644
--- a/src/manager/client-async/client-manager-async-impl.h
+++ b/src/manager/client-async/client-manager-async-impl.h
@@ -65,16 +65,14 @@ public:
const Alias& privateKeyAlias,
const Password& password,
const RawBuffer& message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding);
+ const CryptoAlgorithm& cAlgorithm);
void verifySignature(
const ObserverPtr& observer,
const Alias& publicKeyOrCertAlias,
const Password& password,
const RawBuffer& message,
const RawBuffer& signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding);
+ const CryptoAlgorithm& cAlgorithm);
void ocspCheck(
const ObserverPtr& observer,
diff --git a/src/manager/client-async/client-manager-async.cpp b/src/manager/client-async/client-manager-async.cpp
index f79d12b7..92eb2073 100644
--- a/src/manager/client-async/client-manager-async.cpp
+++ b/src/manager/client-async/client-manager-async.cpp
@@ -230,7 +230,10 @@ void ManagerAsync::createSignature(const ObserverPtr& observer,
const HashAlgorithm hash,
const RSAPaddingAlgorithm padding)
{
- m_impl->createSignature(observer, privateKeyAlias, password, message, hash, padding);
+ CryptoAlgorithm cAlg;
+ cAlg.setParam(ParamName::SV_HASH_ALGO, hash);
+ cAlg.setParam(ParamName::SV_RSA_PADDING, padding);
+ m_impl->createSignature(observer, privateKeyAlias, password, message, cAlg);
}
void ManagerAsync::verifySignature(const ObserverPtr& observer,
@@ -241,7 +244,10 @@ void ManagerAsync::verifySignature(const ObserverPtr& observer,
const HashAlgorithm hash,
const RSAPaddingAlgorithm padding)
{
- m_impl->verifySignature(observer, publicKeyOrCertAlias, password, message, signature, hash, padding);
+ CryptoAlgorithm cAlg;
+ cAlg.setParam(ParamName::SV_HASH_ALGO, hash);
+ cAlg.setParam(ParamName::SV_RSA_PADDING, padding);
+ m_impl->verifySignature(observer, publicKeyOrCertAlias, password, message, signature, cAlg);
}
void ManagerAsync::ocspCheck(const ObserverPtr& observer,
diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp
index da199d71..790e5413 100644
--- a/src/manager/client/client-manager-impl.cpp
+++ b/src/manager/client/client-manager-impl.cpp
@@ -631,8 +631,7 @@ int Manager::Impl::createSignature(
const Alias &privateKeyAlias,
const Password &password, // password for private_key
const RawBuffer &message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding,
+ const CryptoAlgorithm &cAlgorithm,
RawBuffer &signature)
{
int my_counter = ++m_counter;
@@ -647,8 +646,7 @@ int Manager::Impl::createSignature(
helper.getLabel(),
password,
message,
- static_cast<int>(hash),
- static_cast<int>(padding));
+ CryptoAlgorithmSerializable(cAlgorithm));
int retCode = m_storageConnection.processRequest(send.Pop(), recv);
if (CKM_API_SUCCESS != retCode)
@@ -673,8 +671,7 @@ int Manager::Impl::verifySignature(
const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &cAlg)
{
int my_counter = ++m_counter;
@@ -688,8 +685,7 @@ int Manager::Impl::verifySignature(
password,
message,
signature,
- static_cast<int>(hash),
- static_cast<int>(padding));
+ CryptoAlgorithmSerializable(cAlg));
int retCode = m_storageConnection.processRequest(send.Pop(), recv);
if (CKM_API_SUCCESS != retCode)
diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h
index eebb7fdc..29d381dd 100644
--- a/src/manager/client/client-manager-impl.h
+++ b/src/manager/client/client-manager-impl.h
@@ -99,8 +99,7 @@ public:
const Alias &privateKeyAlias,
const Password &password, // password for private_key
const RawBuffer &message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding,
+ const CryptoAlgorithm &cAlgorithm,
RawBuffer &signature);
int verifySignature(
@@ -108,8 +107,7 @@ public:
const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding);
+ const CryptoAlgorithm &cAlgorithm);
int ocspCheck(const CertificateShPtrVector &certificateChain, int &ocspCheck);
diff --git a/src/manager/client/client-manager.cpp b/src/manager/client/client-manager.cpp
index 14927e73..6d8ed4bb 100644
--- a/src/manager/client/client-manager.cpp
+++ b/src/manager/client/client-manager.cpp
@@ -174,12 +174,14 @@ int Manager::createSignature(
const RSAPaddingAlgorithm padding,
RawBuffer &signature)
{
+ CryptoAlgorithm cAlg;
+ cAlg.setParam(ParamName::SV_HASH_ALGO, hash);
+ cAlg.setParam(ParamName::SV_RSA_PADDING, padding);
return m_impl->createSignature(
privateKeyAlias,
password,
message,
- hash,
- padding,
+ cAlg,
signature);
}
@@ -191,13 +193,15 @@ int Manager::verifySignature(
const HashAlgorithm hash,
const RSAPaddingAlgorithm padding)
{
+ CryptoAlgorithm cAlg;
+ cAlg.setParam(ParamName::SV_HASH_ALGO, hash);
+ cAlg.setParam(ParamName::SV_RSA_PADDING, padding);
return m_impl->verifySignature(
publicKeyOrCertAlias,
password,
message,
signature,
- hash,
- padding);
+ cAlg);
}
int Manager::ocspCheck(const CertificateShPtrVector &certificateChainVector, int &ocspStatus) {
diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp
index 0e33727f..2dc20a74 100644
--- a/src/manager/service/ckm-logic.cpp
+++ b/src/manager/service/ckm-logic.cpp
@@ -1574,14 +1574,10 @@ RawBuffer CKMLogic::createSignature(
const Label & ownerLabel,
const Password &password, // password for private_key
const RawBuffer &message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &cryptoAlg)
{
DB::Row row;
RawBuffer signature;
- CryptoAlgorithm cryptoAlg;
- cryptoAlg.setParam(ParamName::SV_HASH_ALGO, hash);
- cryptoAlg.setParam(ParamName::SV_RSA_PADDING, padding);
int retCode = CKM_API_SUCCESS;
@@ -1616,18 +1612,13 @@ RawBuffer CKMLogic::verifySignature(
const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &params)
{
int retCode = CKM_API_ERROR_VERIFICATION_FAILED;
try {
DB::Row row;
- CryptoAlgorithm params;
- params.setParam(ParamName::SV_HASH_ALGO, hash);
- params.setParam(ParamName::SV_RSA_PADDING, padding);
-
// try certificate first - looking for a public key.
// in case of PKCS, pub key from certificate will be found first
// rather than private key from the same PKCS.
diff --git a/src/manager/service/ckm-logic.h b/src/manager/service/ckm-logic.h
index d3f0c402..472fea2c 100644
--- a/src/manager/service/ckm-logic.h
+++ b/src/manager/service/ckm-logic.h
@@ -162,8 +162,7 @@ public:
const Label & ownerLabel,
const Password &password, // password for private_key
const RawBuffer &message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding);
+ const CryptoAlgorithm &cryptoAlgorithm);
RawBuffer verifySignature(
const Credentials &cred,
@@ -173,8 +172,7 @@ public:
const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding);
+ const CryptoAlgorithm &cryptoAlgorithm);
RawBuffer updateCCMode();
diff --git a/src/manager/service/ckm-service.cpp b/src/manager/service/ckm-service.cpp
index 6a744bd5..47fef2bb 100644
--- a/src/manager/service/ckm-service.cpp
+++ b/src/manager/service/ckm-service.cpp
@@ -338,8 +338,10 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer)
{
Password password; // password for private_key
RawBuffer message;
- int padding = 0, hash = 0;
- buffer.Deserialize(name, label, password, message, hash, padding);
+
+ CryptoAlgorithmSerializable cAlgorithm;
+ buffer.Deserialize(name, label, password, message, cAlgorithm);
+
return m_logic->createSignature(
cred,
msgID,
@@ -347,24 +349,22 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer)
label,
password, // password for private_key
message,
- static_cast<HashAlgorithm>(hash),
- static_cast<RSAPaddingAlgorithm>(padding));
+ cAlgorithm);
}
case LogicCommand::VERIFY_SIGNATURE:
{
Password password; // password for public_key (optional)
RawBuffer message;
RawBuffer signature;
- //HashAlgorithm hash;
- //RSAPaddingAlgorithm padding;
- int padding = 0, hash = 0;
+ CryptoAlgorithmSerializable cAlg;
+
buffer.Deserialize(name,
label,
password,
message,
signature,
- hash,
- padding);
+ cAlg);
+
return m_logic->verifySignature(
cred,
msgID,
@@ -373,8 +373,7 @@ RawBuffer CKMService::ProcessStorage(Credentials &cred, MessageBuffer &buffer)
password, // password for public_key (optional)
message,
signature,
- static_cast<const HashAlgorithm>(hash),
- static_cast<const RSAPaddingAlgorithm>(padding));
+ cAlg);
}
case LogicCommand::SET_PERMISSION:
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 15:41:47 +0000