diff options
author | Bartlomiej Grzelewski <b.grzelewski@samsung.com> | 2015-09-21 13:17:00 +0200 |
---|---|---|
committer | Bartlomiej Grzelewski <b.grzelewski@samsung.com> | 2015-09-23 12:49:58 +0200 |
commit | bcdad83f6ef44ca43988ce706996d85130e65f84 (patch) | |
tree | 07d05f9dede4aa3509c3d836315d06afdc97a41d | |
parent | 7795141a24786f58eb30f1ebefb8a39f82276b53 (diff) | |
download | key-manager-bcdad83f6ef44ca43988ce706996d85130e65f84.tar.gz key-manager-bcdad83f6ef44ca43988ce706996d85130e65f84.tar.bz2 key-manager-bcdad83f6ef44ca43988ce706996d85130e65f84.zip |
API refactoring.
CKM::Manager uses private implementation pattern.
Remove most of virtual methods from CKM::Manager.
Change-Id: I171083a6f81716dc78155242989dd97528079554
-rw-r--r-- | src/CMakeLists.txt | 1 | ||||
-rw-r--r-- | src/include/ckm/ckm-manager.h | 92 | ||||
-rw-r--r-- | src/manager/client/client-manager-impl.cpp | 73 | ||||
-rw-r--r-- | src/manager/client/client-manager-impl.h | 6 | ||||
-rw-r--r-- | src/manager/client/client-manager.cpp | 247 |
5 files changed, 332 insertions, 87 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index a9da875d..affdc96b 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -130,6 +130,7 @@ INCLUDE_DIRECTORIES( SET(KEY_MANAGER_CLIENT_SOURCES ${KEY_MANAGER_CLIENT_SRC_PATH}/client-common.cpp ${KEY_MANAGER_CLIENT_SRC_PATH}/client-error.cpp + ${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager.cpp ${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager-impl.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/client-manager-async.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/client-manager-async-impl.cpp diff --git a/src/include/ckm/ckm-manager.h b/src/include/ckm/ckm-manager.h index 920953b8..e5c2043f 100644 --- a/src/include/ckm/ckm-manager.h +++ b/src/include/ckm/ckm-manager.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ * * @file ckm-manager.h * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 + * @version 2.0 * @brief Main header file for client library. */ #pragma once @@ -38,119 +38,127 @@ typedef std::shared_ptr<Manager> ManagerShPtr; class KEY_MANAGER_API Manager { public: - virtual ~Manager(){} + class Impl; - virtual int saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) = 0; - virtual int saveCertificate(const Alias &alias, const CertificateShPtr &cert, const Policy &policy) = 0; - virtual int savePKCS12( + Manager(); + Manager(const Manager &) = delete; + Manager& operator=(const Manager&) = delete; + + virtual ~Manager(); + + int saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy); + int saveCertificate(const Alias &alias, const CertificateShPtr &cert, const Policy &policy); + int savePKCS12( const Alias &alias, const PKCS12ShPtr &pkcs, const Policy &keyPolicy, - const Policy &certPolicy) = 0; + const Policy &certPolicy); /* * Data must be extractable. If you set extractable bit to false function will * return ERROR_INPUT_PARAM. */ - virtual int saveData(const Alias &alias, const RawBuffer &data, const Policy &policy) = 0; + int saveData(const Alias &alias, const RawBuffer &data, const Policy &policy); - virtual int removeAlias(const Alias &alias) = 0; + int removeAlias(const Alias &alias); - virtual int getKey(const Alias &alias, const Password &password, KeyShPtr &key) = 0; - virtual int getCertificate( + int getKey(const Alias &alias, const Password &password, KeyShPtr &key); + int getCertificate( const Alias &alias, const Password &password, - CertificateShPtr &certificate) = 0; - virtual int getData(const Alias &alias, const Password &password, RawBuffer &data) = 0; - virtual int getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs) = 0; - virtual int getPKCS12( + CertificateShPtr &certificate); + int getData(const Alias &alias, const Password &password, RawBuffer &data); + int getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs); + int getPKCS12( const Alias &alias, const Password &keyPass, const Password &certPass, - PKCS12ShPtr &pkcs) = 0; + PKCS12ShPtr &pkcs); // send request for list of all keys/certificates/data that application/user may use - virtual int getKeyAliasVector(AliasVector &aliasVector) = 0; - virtual int getCertificateAliasVector(AliasVector &aliasVector) = 0; - virtual int getDataAliasVector(AliasVector &aliasVector) = 0; + int getKeyAliasVector(AliasVector &aliasVector); + int getCertificateAliasVector(AliasVector &aliasVector); + int getDataAliasVector(AliasVector &aliasVector); - virtual int createKeyPairRSA( + int createKeyPairRSA( const int size, // size in bits [1024, 2048, 4096] const Alias &privateKeyAlias, const Alias &publicKeyAlias, const Policy &policyPrivateKey = Policy(), - const Policy &policyPublicKey = Policy()) = 0; + const Policy &policyPublicKey = Policy()); - virtual int createKeyPairDSA( + int createKeyPairDSA( const int size, // size in bits [1024, 2048, 3072, 4096] const Alias &privateKeyAlias, const Alias &publicKeyAlias, const Policy &policyPrivateKey = Policy(), - const Policy &policyPublicKey = Policy()) = 0; + const Policy &policyPublicKey = Policy()); - virtual int createKeyPairECDSA( + int createKeyPairECDSA( const ElipticCurve type, const Alias &privateKeyAlias, const Alias &publicKeyAlias, const Policy &policyPrivateKey = Policy(), - const Policy &policyPublicKey = Policy()) = 0; + const Policy &policyPublicKey = Policy()); - virtual int createKeyAES( + int createKeyAES( const int size, // size in bits [128, 192, 256] const Alias &keyAlias, - const Policy &policyKey = Policy()) = 0; + const Policy &policyKey = Policy()); - virtual int getCertificateChain( + int getCertificateChain( const CertificateShPtr &certificate, const CertificateShPtrVector &untrustedCertificates, const CertificateShPtrVector &trustedCertificates, bool useTrustedSystemCertificates, - CertificateShPtrVector &certificateChainVector) = 0; + CertificateShPtrVector &certificateChainVector); - virtual int getCertificateChain( + int getCertificateChain( const CertificateShPtr &certificate, const AliasVector &untrustedCertificates, const AliasVector &trustedCertificates, bool useTrustedSystemCertificates, - CertificateShPtrVector &certificateChainVector) = 0; + CertificateShPtrVector &certificateChainVector); - virtual int createSignature( + int createSignature( const Alias &privateKeyAlias, const Password &password, // password for private_key const RawBuffer &message, const HashAlgorithm hash, const RSAPaddingAlgorithm padding, - RawBuffer &signature) = 0; + RawBuffer &signature); - virtual int verifySignature( + int verifySignature( const Alias &publicKeyOrCertAlias, const Password &password, // password for public_key (optional) const RawBuffer &message, const RawBuffer &signature, const HashAlgorithm hash, - const RSAPaddingAlgorithm padding) = 0; + const RSAPaddingAlgorithm padding); // This function will check all certificates in chain except Root CA. // This function will delegate task to service. You may use this even // if application does not have permission to use network. - virtual int ocspCheck(const CertificateShPtrVector &certificateChainVector, int &ocspStatus) = 0; + int ocspCheck(const CertificateShPtrVector &certificateChainVector, int &ocspStatus); - virtual int setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask) = 0; + int setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask); - virtual int encrypt(const CryptoAlgorithm &algo, + int encrypt(const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, const RawBuffer& plain, - RawBuffer& encrypted) = 0; + RawBuffer& encrypted); - virtual int decrypt(const CryptoAlgorithm &algo, + int decrypt(const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, const RawBuffer& encrypted, - RawBuffer& decrypted) = 0; + RawBuffer& decrypted); static ManagerShPtr create(); -// static ManagerShPtr getManager(int uid); // TODO + +private: + std::unique_ptr<Impl> m_impl; }; } // namespace CKM diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp index 17c2361b..da199d71 100644 --- a/src/manager/client/client-manager-impl.cpp +++ b/src/manager/client/client-manager-impl.cpp @@ -86,7 +86,7 @@ int getCertChain( } // namespace anonymous -ManagerImpl::ManagerImpl() +Manager::Impl::Impl() : m_counter(0), m_storageConnection(SERVICE_SOCKET_CKM_STORAGE), m_ocspConnection(SERVICE_SOCKET_OCSP), @@ -96,7 +96,7 @@ ManagerImpl::ManagerImpl() } -int ManagerImpl::saveBinaryData( +int Manager::Impl::saveBinaryData( const Alias &alias, DataType dataType, const RawBuffer &rawData, @@ -134,7 +134,7 @@ int ManagerImpl::saveBinaryData( }); } -int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) { +int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) { if (key.get() == NULL) return CKM_API_ERROR_INPUT_PARAM; Try { @@ -145,7 +145,7 @@ int ManagerImpl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy & return CKM_API_ERROR_INPUT_PARAM; } -int ManagerImpl::saveCertificate( +int Manager::Impl::saveCertificate( const Alias &alias, const CertificateShPtr &cert, const Policy &policy) @@ -155,14 +155,14 @@ int ManagerImpl::saveCertificate( return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy); } -int ManagerImpl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) { +int Manager::Impl::saveData(const Alias &alias, const RawBuffer &rawData, const Policy &policy) { if (!policy.extractable) return CKM_API_ERROR_INPUT_PARAM; return saveBinaryData(alias, DataType::BINARY_DATA, rawData, policy); } -int ManagerImpl::savePKCS12( +int Manager::Impl::savePKCS12( const Alias & alias, const PKCS12ShPtr &pkcs, const Policy &keyPolicy, @@ -199,12 +199,12 @@ int ManagerImpl::savePKCS12( }); } -int ManagerImpl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs) +int Manager::Impl::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs) { return getPKCS12(alias, Password(), Password(), pkcs); } -int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs) +int Manager::Impl::getPKCS12(const Alias &alias, const Password &keyPass, const Password &certPass, PKCS12ShPtr &pkcs) { if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; @@ -240,7 +240,7 @@ int ManagerImpl::getPKCS12(const Alias &alias, const Password &keyPass, const Pa } -int ManagerImpl::removeAlias(const Alias &alias) +int Manager::Impl::removeAlias(const Alias &alias) { if (alias.empty()) return CKM_API_ERROR_INPUT_PARAM; @@ -270,7 +270,7 @@ int ManagerImpl::removeAlias(const Alias &alias) }); } -int ManagerImpl::getBinaryData( +int Manager::Impl::getBinaryData( const Alias &alias, DataType sendDataType, const Password &password, @@ -309,7 +309,7 @@ int ManagerImpl::getBinaryData( }); } -int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) { +int Manager::Impl::getKey(const Alias &alias, const Password &password, KeyShPtr &key) { DataType recvDataType; RawBuffer rawData; @@ -339,7 +339,7 @@ int ManagerImpl::getKey(const Alias &alias, const Password &password, KeyShPtr & return CKM_API_SUCCESS; } -int ManagerImpl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert) +int Manager::Impl::getCertificate(const Alias &alias, const Password &password, CertificateShPtr &cert) { DataType recvDataType; RawBuffer rawData; @@ -367,7 +367,7 @@ int ManagerImpl::getCertificate(const Alias &alias, const Password &password, Ce return CKM_API_SUCCESS; } -int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer &rawData) +int Manager::Impl::getData(const Alias &alias, const Password &password, RawBuffer &rawData) { DataType recvDataType = DataType::BINARY_DATA; @@ -387,7 +387,7 @@ int ManagerImpl::getData(const Alias &alias, const Password &password, RawBuffer return CKM_API_SUCCESS; } -int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector) +int Manager::Impl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasVector) { int my_counter = ++m_counter; @@ -417,21 +417,21 @@ int ManagerImpl::getBinaryDataAliasVector(DataType dataType, AliasVector &aliasV }); } -int ManagerImpl::getKeyAliasVector(AliasVector &aliasVector) { +int Manager::Impl::getKeyAliasVector(AliasVector &aliasVector) { // in fact datatype has no meaning here - if not certificate or binary data // then manager decides to list all between DB_KEY_FIRST and DB_KEY_LAST return getBinaryDataAliasVector(DataType::DB_KEY_LAST, aliasVector); } -int ManagerImpl::getCertificateAliasVector(AliasVector &aliasVector) { +int Manager::Impl::getCertificateAliasVector(AliasVector &aliasVector) { return getBinaryDataAliasVector(DataType::CERTIFICATE, aliasVector); } -int ManagerImpl::getDataAliasVector(AliasVector &aliasVector) { +int Manager::Impl::getDataAliasVector(AliasVector &aliasVector) { return getBinaryDataAliasVector(DataType::BINARY_DATA, aliasVector); } -int ManagerImpl::createKeyPairRSA( +int Manager::Impl::createKeyPairRSA( const int size, const Alias &privateKeyAlias, const Alias &publicKeyAlias, @@ -441,7 +441,7 @@ int ManagerImpl::createKeyPairRSA( return this->createKeyPair(CKM::KeyType::KEY_RSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); } -int ManagerImpl::createKeyPairDSA( +int Manager::Impl::createKeyPairDSA( const int size, const Alias &privateKeyAlias, const Alias &publicKeyAlias, @@ -451,7 +451,7 @@ int ManagerImpl::createKeyPairDSA( return this->createKeyPair(CKM::KeyType::KEY_DSA_PUBLIC, size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); } -int ManagerImpl::createKeyPairECDSA( +int Manager::Impl::createKeyPairECDSA( ElipticCurve type, const Alias &privateKeyAlias, const Alias &publicKeyAlias, @@ -461,7 +461,7 @@ int ManagerImpl::createKeyPairECDSA( return this->createKeyPair(CKM::KeyType::KEY_ECDSA_PUBLIC, static_cast<int>(type), privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); } -int ManagerImpl::createKeyAES( +int Manager::Impl::createKeyAES( const int size, const Alias &keyAlias, const Policy &policyKey) @@ -496,7 +496,7 @@ int ManagerImpl::createKeyAES( } -int ManagerImpl::createKeyPair( +int Manager::Impl::createKeyPair( const KeyType key_type, const int additional_param, const Alias &privateKeyAlias, @@ -563,7 +563,7 @@ int ManagerImpl::createKeyPair( }); } -int ManagerImpl::getCertificateChain( +int Manager::Impl::getCertificateChain( const CertificateShPtr &certificate, const CertificateShPtrVector &untrustedCertificates, const CertificateShPtrVector &trustedCertificates, @@ -594,7 +594,7 @@ int ManagerImpl::getCertificateChain( certificateChainVector); } -int ManagerImpl::getCertificateChain( +int Manager::Impl::getCertificateChain( const CertificateShPtr &certificate, const AliasVector &untrustedCertificates, const AliasVector &trustedCertificates, @@ -627,7 +627,7 @@ int ManagerImpl::getCertificateChain( certificateChainVector); } -int ManagerImpl::createSignature( +int Manager::Impl::createSignature( const Alias &privateKeyAlias, const Password &password, // password for private_key const RawBuffer &message, @@ -668,7 +668,7 @@ int ManagerImpl::createSignature( }); } -int ManagerImpl::verifySignature( +int Manager::Impl::verifySignature( const Alias &publicKeyOrCertAlias, const Password &password, // password for public_key (optional) const RawBuffer &message, @@ -709,7 +709,7 @@ int ManagerImpl::verifySignature( }); } -int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus) +int Manager::Impl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspStatus) { return try_catch([&] { int my_counter = ++m_counter; @@ -741,7 +741,7 @@ int ManagerImpl::ocspCheck(const CertificateShPtrVector &certChain, int &ocspSta }); } -int ManagerImpl::setPermission(const Alias &alias, +int Manager::Impl::setPermission(const Alias &alias, const Label &accessor, PermissionMask permissionMask) { @@ -773,7 +773,7 @@ int ManagerImpl::setPermission(const Alias &alias, }); } -int ManagerImpl::crypt(EncryptionCommand command, +int Manager::Impl::crypt(EncryptionCommand command, const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, @@ -810,7 +810,7 @@ int ManagerImpl::crypt(EncryptionCommand command, }); } -int ManagerImpl::encrypt(const CryptoAlgorithm &algo, +int Manager::Impl::encrypt(const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, const RawBuffer& plain, @@ -819,7 +819,7 @@ int ManagerImpl::encrypt(const CryptoAlgorithm &algo, return crypt(EncryptionCommand::ENCRYPT, algo, keyAlias, password, plain, encrypted); } -int ManagerImpl::decrypt(const CryptoAlgorithm &algo, +int Manager::Impl::decrypt(const CryptoAlgorithm &algo, const Alias &keyAlias, const Password &password, const RawBuffer& encrypted, @@ -828,15 +828,4 @@ int ManagerImpl::decrypt(const CryptoAlgorithm &algo, return crypt(EncryptionCommand::DECRYPT, algo, keyAlias, password, encrypted, decrypted); } -ManagerShPtr Manager::create() { - try { - return std::make_shared<ManagerImpl>(); - } catch (const std::bad_alloc &) { - LogDebug("Bad alloc was caught during ManagerImpl creation."); - } catch (...) { - LogError("Critical error: Unknown exception was caught during ManagerImpl creation!"); - } - return ManagerShPtr(); -} - } // namespace CKM diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h index e9df1700..eebb7fdc 100644 --- a/src/manager/client/client-manager-impl.h +++ b/src/manager/client/client-manager-impl.h @@ -28,10 +28,10 @@ namespace CKM { -class ManagerImpl : public Manager { +class Manager::Impl { public: - ManagerImpl(); - virtual ~ManagerImpl(){} + Impl(); + virtual ~Impl(){} int saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy); int getKey(const Alias &alias, const Password &password, KeyShPtr &key); diff --git a/src/manager/client/client-manager.cpp b/src/manager/client/client-manager.cpp new file mode 100644 index 00000000..14927e73 --- /dev/null +++ b/src/manager/client/client-manager.cpp @@ -0,0 +1,247 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + * + * + * @file ckm-manager.cpp + * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) + * @version 1.0 + * @brief Manager implementation for client library. + */ +#include <dpl/log/log.h> + +#include <ckm/ckm-manager.h> +#include <client-manager-impl.h> + +namespace CKM { + +Manager::Manager() + : m_impl(new Impl()) +{} + +Manager::~Manager(){} + +int Manager::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) { + return m_impl->saveKey(alias, key, policy); +} + +int Manager::saveCertificate(const Alias &alias, const CertificateShPtr &cert, const Policy &policy) { + return m_impl->saveCertificate(alias, cert, policy); +} + +int Manager::savePKCS12( + const Alias &alias, + const PKCS12ShPtr &pkcs, + const Policy &keyPolicy, + const Policy &certPolicy) +{ + return m_impl->savePKCS12(alias, pkcs, keyPolicy, certPolicy); +} + +int Manager::saveData(const Alias &alias, const RawBuffer &data, const Policy &policy) { + return m_impl->saveData(alias, data, policy); +} + +int Manager::removeAlias(const Alias &alias) { + return m_impl->removeAlias(alias); +} + +int Manager::getKey(const Alias &alias, const Password &password, KeyShPtr &key) { + return m_impl->getKey(alias, password, key); +} + +int Manager::getCertificate( + const Alias &alias, + const Password &password, + CertificateShPtr &certificate) +{ + return m_impl->getCertificate(alias, password, certificate); +} + +int Manager::getData(const Alias &alias, const Password &password, RawBuffer &data) { + return m_impl->getData(alias, password, data); +} + +int Manager::getPKCS12(const Alias &alias, PKCS12ShPtr &pkcs) { + return m_impl->getPKCS12(alias, pkcs); +} + +int Manager::getPKCS12( + const Alias &alias, + const Password &keyPass, + const Password &certPass, + PKCS12ShPtr &pkcs) +{ + return m_impl->getPKCS12(alias, keyPass, certPass, pkcs); +} + +int Manager::getKeyAliasVector(AliasVector &aliasVector) { + return m_impl->getKeyAliasVector(aliasVector); +} + +int Manager::getCertificateAliasVector(AliasVector &aliasVector) { + return m_impl->getCertificateAliasVector(aliasVector); +} + +int Manager::getDataAliasVector(AliasVector &aliasVector) { + return m_impl->getDataAliasVector(aliasVector); +} + +int Manager::createKeyPairRSA( + const int size, // size in bits [1024, 2048, 4096] + const Alias &privateKeyAlias, + const Alias &publicKeyAlias, + const Policy &policyPrivateKey, + const Policy &policyPublicKey) +{ + return m_impl->createKeyPairRSA(size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); +} + +int Manager::createKeyPairDSA( + const int size, // size in bits [1024, 2048, 3072, 4096] + const Alias &privateKeyAlias, + const Alias &publicKeyAlias, + const Policy &policyPrivateKey, + const Policy &policyPublicKey) +{ + return m_impl->createKeyPairDSA(size, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); +} + +int Manager::createKeyPairECDSA( + const ElipticCurve type, + const Alias &privateKeyAlias, + const Alias &publicKeyAlias, + const Policy &policyPrivateKey, + const Policy &policyPublicKey) +{ + return m_impl->createKeyPairECDSA(type, privateKeyAlias, publicKeyAlias, policyPrivateKey, policyPublicKey); +} + +int Manager::createKeyAES( + const int size, + const Alias &keyAlias, + const Policy &policyKey) +{ + return m_impl->createKeyAES(size, keyAlias, policyKey); +} + +int Manager::getCertificateChain( + const CertificateShPtr &certificate, + const CertificateShPtrVector &untrustedCertificates, + const CertificateShPtrVector &trustedCertificates, + bool useTrustedSystemCertificates, + CertificateShPtrVector &certificateChainVector) +{ + return m_impl->getCertificateChain( + certificate, + untrustedCertificates, + trustedCertificates, + useTrustedSystemCertificates, + certificateChainVector); +} + +int Manager::getCertificateChain( + const CertificateShPtr &certificate, + const AliasVector &untrustedCertificates, + const AliasVector &trustedCertificates, + bool useTrustedSystemCertificates, + CertificateShPtrVector &certificateChainVector) +{ + return m_impl->getCertificateChain( + certificate, + untrustedCertificates, + trustedCertificates, + useTrustedSystemCertificates, + certificateChainVector); +} + +int Manager::createSignature( + const Alias &privateKeyAlias, + const Password &password, + const RawBuffer &message, + const HashAlgorithm hash, + const RSAPaddingAlgorithm padding, + RawBuffer &signature) +{ + return m_impl->createSignature( + privateKeyAlias, + password, + message, + hash, + padding, + signature); +} + +int Manager::verifySignature( + const Alias &publicKeyOrCertAlias, + const Password &password, // password for public_key (optional) + const RawBuffer &message, + const RawBuffer &signature, + const HashAlgorithm hash, + const RSAPaddingAlgorithm padding) +{ + return m_impl->verifySignature( + publicKeyOrCertAlias, + password, + message, + signature, + hash, + padding); +} + +int Manager::ocspCheck(const CertificateShPtrVector &certificateChainVector, int &ocspStatus) { + return m_impl->ocspCheck(certificateChainVector, ocspStatus); +} + +int Manager::setPermission( + const Alias &alias, + const Label &accessor, + PermissionMask permissionMask) +{ + return m_impl->setPermission(alias, accessor, permissionMask); +} + +int Manager::encrypt( + const CryptoAlgorithm &algo, + const Alias &keyAlias, + const Password &password, + const RawBuffer& plain, + RawBuffer& encrypted) +{ + return m_impl->encrypt(algo, keyAlias, password, plain, encrypted); +} + +int Manager::decrypt( + const CryptoAlgorithm &algo, + const Alias &keyAlias, + const Password &password, + const RawBuffer& encrypted, + RawBuffer& decrypted) +{ + return m_impl->decrypt(algo, keyAlias, password, encrypted, decrypted); +} + +ManagerShPtr Manager::create() { + try { + return std::make_shared<Manager>(); + } catch (const std::bad_alloc &) { + LogDebug("Bad alloc was caught during Manager::Impl creation."); + } catch (...) { + LogError("Critical error: Unknown exception was caught during Manager::Impl creation!"); + } + return ManagerShPtr(); +} + +} // namespace CKM + |