diff options
author | Bartlomiej Grzelewski <b.grzelewski@samsung.com> | 2015-05-11 18:05:28 +0200 |
---|---|---|
committer | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2015-05-15 15:54:19 +0200 |
commit | 628af4028faa241f1d60bca19028765c9c4961d5 (patch) | |
tree | a6edbc410a7ed728776e1604379a2fae17f6d761 /src/manager | |
parent | bd34d28ea0a8158c61471b7f0564d7b7abca7324 (diff) | |
download | key-manager-628af4028faa241f1d60bca19028765c9c4961d5.tar.gz key-manager-628af4028faa241f1d60bca19028765c9c4961d5.tar.bz2 key-manager-628af4028faa241f1d60bca19028765c9c4961d5.zip |
Move Token from CKM::Crypto to CKM namespace.
Token is used in database and crypto module. It should not be hidden in
CKM::Crypto namespace.
Change-Id: I6d000c05deda8f0027ce3afbdeb3bd0a793f0f78
Diffstat (limited to 'src/manager')
21 files changed, 354 insertions, 270 deletions
diff --git a/src/manager/CMakeLists.txt b/src/manager/CMakeLists.txt index 9cfea7ee..1d6501b0 100644 --- a/src/manager/CMakeLists.txt +++ b/src/manager/CMakeLists.txt @@ -16,6 +16,7 @@ SET(COMMON_SOURCES ${COMMON_PATH}/common/algo-param.cpp ${COMMON_PATH}/common/base64.cpp ${COMMON_PATH}/common/crypto-init.cpp + ${COMMON_PATH}/common/data-type.cpp ${COMMON_PATH}/common/protocols.cpp ${COMMON_PATH}/common/message-buffer.cpp ${COMMON_PATH}/common/certificate-impl.cpp diff --git a/src/manager/client-async/ocsp-receiver.cpp b/src/manager/client-async/ocsp-receiver.cpp index c6193946..f07883e7 100644 --- a/src/manager/client-async/ocsp-receiver.cpp +++ b/src/manager/client-async/ocsp-receiver.cpp @@ -20,7 +20,6 @@ */ #include <ocsp-receiver.h> -#include <protocols.h> #include <dpl/log/log.h> namespace CKM { diff --git a/src/manager/client/client-common.cpp b/src/manager/client/client-common.cpp index dc306091..1d61e670 100644 --- a/src/manager/client/client-common.cpp +++ b/src/manager/client/client-common.cpp @@ -38,7 +38,6 @@ #include <ckm/ckm-error.h> #include <ckmc/ckmc-type.h> -#include <protocols.h> #include <client-common.h> namespace { diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h index 8111150f..0fdb21af 100644 --- a/src/manager/client/client-manager-impl.h +++ b/src/manager/client/client-manager-impl.h @@ -20,7 +20,7 @@ */ #pragma once -#include <protocols.h> +#include <data-type.h> #include <client-common.h> #include <ckm/ckm-type.h> #include <ckm/ckm-key.h> diff --git a/src/manager/common/data-type.cpp b/src/manager/common/data-type.cpp new file mode 100644 index 00000000..d724001e --- /dev/null +++ b/src/manager/common/data-type.cpp @@ -0,0 +1,141 @@ +/* + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file data-type.cpp + * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) + * @version 1.0 + */ + +#include <data-type.h> + +namespace CKM +{ + +DataType::DataType() + : m_dataType(BINARY_DATA) +{} + +DataType::DataType(Type data) + : m_dataType(data) +{ + if (!isInRange(data)) + ThrowMsg(Exception::OutOfRange, "Invalid conversion from DataType to DBDataType"); +} + +DataType::DataType(KeyType key) { + switch(key) { + case KeyType::KEY_RSA_PUBLIC: m_dataType = DataType::KEY_RSA_PUBLIC; break; + case KeyType::KEY_RSA_PRIVATE: m_dataType = DataType::KEY_RSA_PRIVATE; break; + case KeyType::KEY_DSA_PUBLIC: m_dataType = DataType::KEY_DSA_PUBLIC; break; + case KeyType::KEY_DSA_PRIVATE: m_dataType = DataType::KEY_DSA_PRIVATE; break; + case KeyType::KEY_ECDSA_PUBLIC: m_dataType = DataType::KEY_ECDSA_PUBLIC; break; + case KeyType::KEY_ECDSA_PRIVATE: m_dataType = DataType::KEY_ECDSA_PRIVATE; break; + case KeyType::KEY_AES: m_dataType = DataType::KEY_AES; break; + default: + ThrowMsg(Exception::OutOfRange, "Invalid conversion from KeyType to DBDataType"); + } +} + +DataType::DataType(int data) + : m_dataType(static_cast<Type>(data)) +{ + if (!isInRange(data)) + ThrowMsg(Exception::OutOfRange, "Invalid conversion from int to DBDataType"); +} + +DataType::operator int () const { + return static_cast<int>(m_dataType); +} + +DataType::operator KeyType () const { + switch(m_dataType) { + case DataType::KEY_RSA_PUBLIC: return KeyType::KEY_RSA_PUBLIC; + case DataType::KEY_RSA_PRIVATE: return KeyType::KEY_RSA_PRIVATE; + case DataType::KEY_DSA_PUBLIC: return KeyType::KEY_DSA_PUBLIC; + case DataType::KEY_DSA_PRIVATE: return KeyType::KEY_DSA_PRIVATE; + case DataType::KEY_ECDSA_PRIVATE: return KeyType::KEY_ECDSA_PRIVATE; + case DataType::KEY_ECDSA_PUBLIC: return KeyType::KEY_ECDSA_PUBLIC; + case DataType::KEY_AES: return KeyType::KEY_AES; + default: + ThrowMsg(Exception::OutOfRange, "Invalid conversion from DBDataType to KeyType"); + } +} + +bool DataType::operator==(const DataType &second) const { + return m_dataType == second.m_dataType; +} + +bool DataType::isKey() const { + if (DB_KEY_FIRST <= m_dataType && DB_KEY_LAST >= m_dataType) + return true; + return false; +} + +bool DataType::isChainCert() const { + if (DB_CHAIN_FIRST <= m_dataType && DB_CHAIN_LAST >= m_dataType) + return true; + return false; +} + +bool DataType::isKeyPrivate() const { + switch (m_dataType) { + case KEY_RSA_PRIVATE: + case KEY_DSA_PRIVATE: + case KEY_ECDSA_PRIVATE: + return true; + default: + return false; + } +} + +bool DataType::isKeyPublic() const { + switch (m_dataType) { + case KEY_RSA_PUBLIC: + case KEY_DSA_PUBLIC: + case KEY_ECDSA_PUBLIC: + return true; + default: + return false; + } +} + +bool DataType::isCertificate() const { + return m_dataType == CERTIFICATE; +} + +bool DataType::isBinaryData() const { + return m_dataType == BINARY_DATA; +} + +bool DataType::isInRange(int data) { + if (data < static_cast<int>(DB_FIRST)) + return false; + if (data > static_cast<int>(DB_LAST)) + return false; + return true; +} + +DataType DataType::getChainDatatype(unsigned int index) +{ + DataType result(static_cast<int>(index) + DB_CHAIN_FIRST); + + if ( !result.isChainCert() ) + ThrowMsg(Exception::OutOfRange, "Certificate number is out of range"); + + return result; +} + +} // namespace CKM diff --git a/src/manager/common/data-type.h b/src/manager/common/data-type.h new file mode 100644 index 00000000..2f5f008f --- /dev/null +++ b/src/manager/common/data-type.h @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file data-type.h + * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) + * @version 1.0 + */ + +#pragma once + +#include <ckm/ckm-type.h> +#include <dpl/exception.h> +#include <symbol-visibility.h> + +namespace CKM { + +class COMMON_API DataType { +public: + class Exception { + public: + DECLARE_EXCEPTION_TYPE(CKM::Exception, Base) + DECLARE_EXCEPTION_TYPE(Base, OutOfRange) + }; + + enum Type { + KEY_RSA_PUBLIC, + KEY_RSA_PRIVATE, + KEY_ECDSA_PUBLIC, + KEY_ECDSA_PRIVATE, + KEY_DSA_PUBLIC, + KEY_DSA_PRIVATE, + KEY_AES, + CERTIFICATE, + BINARY_DATA, + + CHAIN_CERT_0, + CHAIN_CERT_1, + CHAIN_CERT_2, + CHAIN_CERT_3, + CHAIN_CERT_4, + CHAIN_CERT_5, + CHAIN_CERT_6, + CHAIN_CERT_7, + CHAIN_CERT_8, + CHAIN_CERT_9, + CHAIN_CERT_10, + CHAIN_CERT_11, + CHAIN_CERT_12, + CHAIN_CERT_13, + CHAIN_CERT_14, + CHAIN_CERT_15, + + // Special types to support database, + DB_KEY_FIRST = KEY_RSA_PUBLIC, + DB_KEY_LAST = KEY_AES, + DB_CHAIN_FIRST = CHAIN_CERT_0, + DB_CHAIN_LAST = CHAIN_CERT_15, + DB_FIRST = KEY_RSA_PUBLIC, + DB_LAST = CHAIN_CERT_15, + }; + + DataType(); + DataType(Type data); + explicit DataType(int data); + explicit DataType(KeyType key); + DataType(const DataType &) = default; + DataType& operator=(const DataType &) = default; + + operator int () const; + operator KeyType () const; + bool operator==(const DataType &second) const; + + bool isKey() const; + bool isChainCert() const; + bool isKeyPrivate() const; + bool isKeyPublic() const; + bool isCertificate() const; + bool isBinaryData() const; + + static bool isInRange(int data); + static DataType getChainDatatype(unsigned int index); + + // it's not virtual for a reason! + ~DataType(){} + +private: + Type m_dataType; +}; + +} // namespace CKM diff --git a/src/manager/common/protocols.h b/src/manager/common/protocols.h index 607192eb..f2baa9de 100644 --- a/src/manager/common/protocols.h +++ b/src/manager/common/protocols.h @@ -31,6 +31,7 @@ #include <dpl/exception.h> #include <dpl/serialization.h> #include <symbol-visibility.h> +#include <data-type.h> namespace CKM { @@ -69,175 +70,6 @@ enum class LogicCommand : int { // for backward compatibility append new at the end }; -class COMMON_API DataType { -public: - class Exception { - public: - DECLARE_EXCEPTION_TYPE(CKM::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, OutOfRange) - }; - - enum Type { - KEY_RSA_PUBLIC, - KEY_RSA_PRIVATE, - KEY_ECDSA_PUBLIC, - KEY_ECDSA_PRIVATE, - KEY_DSA_PUBLIC, - KEY_DSA_PRIVATE, - KEY_AES, - CERTIFICATE, - BINARY_DATA, - - CHAIN_CERT_0, - CHAIN_CERT_1, - CHAIN_CERT_2, - CHAIN_CERT_3, - CHAIN_CERT_4, - CHAIN_CERT_5, - CHAIN_CERT_6, - CHAIN_CERT_7, - CHAIN_CERT_8, - CHAIN_CERT_9, - CHAIN_CERT_10, - CHAIN_CERT_11, - CHAIN_CERT_12, - CHAIN_CERT_13, - CHAIN_CERT_14, - CHAIN_CERT_15, - - // Special types to support database, - DB_KEY_FIRST = KEY_RSA_PUBLIC, - DB_KEY_LAST = KEY_AES, - DB_CHAIN_FIRST = CHAIN_CERT_0, - DB_CHAIN_LAST = CHAIN_CERT_15, - DB_FIRST = KEY_RSA_PUBLIC, - DB_LAST = CHAIN_CERT_15, - }; - - DataType() - : m_dataType(BINARY_DATA) - {} - - DataType(Type data) - : m_dataType(data) - { - if (!isInRange(data)) - ThrowMsg(Exception::OutOfRange, "Invalid conversion from DataType to DBDataType"); - } - - explicit DataType(KeyType key) { - switch(key) { - case KeyType::KEY_RSA_PUBLIC: m_dataType = DataType::KEY_RSA_PUBLIC; break; - case KeyType::KEY_RSA_PRIVATE: m_dataType = DataType::KEY_RSA_PRIVATE; break; - case KeyType::KEY_DSA_PUBLIC: m_dataType = DataType::KEY_DSA_PUBLIC; break; - case KeyType::KEY_DSA_PRIVATE: m_dataType = DataType::KEY_DSA_PRIVATE; break; - case KeyType::KEY_ECDSA_PUBLIC: m_dataType = DataType::KEY_ECDSA_PUBLIC; break; - case KeyType::KEY_ECDSA_PRIVATE: m_dataType = DataType::KEY_ECDSA_PRIVATE; break; - case KeyType::KEY_AES: m_dataType = DataType::KEY_AES; break; - default: - ThrowMsg(Exception::OutOfRange, "Invalid conversion from KeyType to DBDataType"); - } - } - - explicit DataType(int data) - : m_dataType(static_cast<Type>(data)) - { - if (!isInRange(data)) - ThrowMsg(Exception::OutOfRange, "Invalid conversion from int to DBDataType"); - } - - DataType(const DataType &) = default; - DataType& operator=(const DataType &) = default; - - operator int () const { - return static_cast<int>(m_dataType); - } - - operator KeyType () const { - switch(m_dataType) { - case DataType::KEY_RSA_PUBLIC: return KeyType::KEY_RSA_PUBLIC; - case DataType::KEY_RSA_PRIVATE: return KeyType::KEY_RSA_PRIVATE; - case DataType::KEY_DSA_PUBLIC: return KeyType::KEY_DSA_PUBLIC; - case DataType::KEY_DSA_PRIVATE: return KeyType::KEY_DSA_PRIVATE; - case DataType::KEY_ECDSA_PRIVATE: return KeyType::KEY_ECDSA_PRIVATE; - case DataType::KEY_ECDSA_PUBLIC: return KeyType::KEY_ECDSA_PUBLIC; - case DataType::KEY_AES: return KeyType::KEY_AES; - default: - ThrowMsg(Exception::OutOfRange, "Invalid conversion from DBDataType to KeyType"); - } - } - - bool operator==(const DataType &second) const { - return m_dataType == second.m_dataType; - } - - bool isKey() const { - if (DB_KEY_FIRST <= m_dataType && DB_KEY_LAST >= m_dataType) - return true; - return false; - } - - bool isChainCert() const { - if (DB_CHAIN_FIRST <= m_dataType && DB_CHAIN_LAST >= m_dataType) - return true; - return false; - } - - static DataType getChainDatatype(unsigned int index) - { - DataType result(static_cast<int>(index) + DB_CHAIN_FIRST); - - if ( !result.isChainCert() ) - ThrowMsg(Exception::OutOfRange, "Certificate number is out of range"); - - return result; - } - - bool isKeyPrivate() const { - switch (m_dataType) { - case KEY_RSA_PRIVATE: - case KEY_DSA_PRIVATE: - case KEY_ECDSA_PRIVATE: - return true; - default: - return false; - } - } - - bool isKeyPublic() const { - switch (m_dataType) { - case KEY_RSA_PUBLIC: - case KEY_DSA_PUBLIC: - case KEY_ECDSA_PUBLIC: - return true; - default: - return false; - } - } - - bool isCertificate() const { - return m_dataType == CERTIFICATE; - } - - bool isBinaryData() const { - return m_dataType == BINARY_DATA; - } - - static bool isInRange(int data) { - if (data < static_cast<int>(DB_FIRST)) - return false; - if (data > static_cast<int>(DB_LAST)) - return false; - return true; - } - - // it's not virtual for a reason! - ~DataType(){} - -private: - Type m_dataType; -}; - // (client side) Alias = (service side) Label::Name COMMON_API extern char const * const LABEL_NAME_SEPARATOR; COMMON_API extern char const * const LABEL_SYSTEM_DB; diff --git a/src/manager/crypto/generic-backend/gstore.h b/src/manager/crypto/generic-backend/gstore.h index a3c76fdb..c7b796c5 100644 --- a/src/manager/crypto/generic-backend/gstore.h +++ b/src/manager/crypto/generic-backend/gstore.h @@ -24,24 +24,26 @@ #include <generic-backend/exception.h> #include <generic-backend/gkey.h> -#include <generic-backend/id.h> -#include <generic-backend/token.h> #include <ckm/ckm-type.h> +#include <crypto-backend.h> +#include <token.h> namespace CKM { namespace Crypto { class GStore { -protected: - GStore(){} public: - virtual Id getBackendId() const { Throw(Exception::OperationNotSupported); } virtual GKeyShPtr getKey(const Token &) { Throw(Exception::OperationNotSupported); } virtual TokenPair generateAKey(const CryptoAlgorithm &) { Throw(Exception::OperationNotSupported); } virtual Token generateSKey(const CryptoAlgorithm &) { Throw(Exception::OperationNotSupported); } - virtual Token import(KeyType, const RawBuffer &) { Throw(Exception::OperationNotSupported); } + virtual Token import(DataType, const RawBuffer &) { Throw(Exception::OperationNotSupported); } virtual void destroy(const Token &) { Throw(Exception::OperationNotSupported); } virtual ~GStore() {} + +protected: + explicit GStore(CryptoBackend backendId) : m_backendId(backendId) {} + + CryptoBackend m_backendId; }; typedef std::shared_ptr<GStore> GStoreShPtr; diff --git a/src/manager/crypto/generic-backend/token.h b/src/manager/crypto/generic-backend/token.h deleted file mode 100644 index a91dfdbb..00000000 --- a/src/manager/crypto/generic-backend/token.h +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file gstore.h - * @author Bartłomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - */ -#pragma once - -#include <utility> - -#include <ckm/ckm-raw-buffer.h> -#include <ckm/ckm-type.h> - -#include <generic-backend/id.h> - -namespace CKM { -namespace Crypto { - -struct Token { - RawBuffer buffer; - Id backendId; - KeyType keyType; -}; - -typedef std::pair<Token,Token> TokenPair; - -} // namespace Crypto -} // namespace CKM - diff --git a/src/manager/crypto/platform/decider.cpp b/src/manager/crypto/platform/decider.cpp index 995a6e72..b3e44138 100644 --- a/src/manager/crypto/platform/decider.cpp +++ b/src/manager/crypto/platform/decider.cpp @@ -6,7 +6,7 @@ namespace CKM { namespace Crypto { Decider::Decider() - : m_store(new SW::Store) + : m_store(new SW::Store(CryptoBackend::OpenSSL)) {} GStoreShPtr Decider::getStore(const Token &) { diff --git a/src/manager/crypto/platform/decider.h b/src/manager/crypto/platform/decider.h index 535722a0..aec56c1c 100644 --- a/src/manager/crypto/platform/decider.h +++ b/src/manager/crypto/platform/decider.h @@ -3,7 +3,7 @@ #include <memory> #include <generic-backend/gstore.h> -#include <generic-backend/token.h> +#include <token.h> namespace CKM { namespace Crypto { diff --git a/src/manager/crypto/sw-backend/key.h b/src/manager/crypto/sw-backend/key.h index 9a9338c7..fb0a36ee 100644 --- a/src/manager/crypto/sw-backend/key.h +++ b/src/manager/crypto/sw-backend/key.h @@ -24,6 +24,7 @@ #include <openssl/evp.h> #include <generic-backend/gkey.h> +#include <data-type.h> namespace CKM { namespace Crypto { @@ -34,20 +35,20 @@ typedef std::shared_ptr<EVP_PKEY> EvpShPtr; class SKey : public GKey { public: - SKey(RawBuffer buffer, KeyType keyType) + SKey(RawBuffer buffer, DataType keyType) : m_key(std::move(buffer)) , m_type(keyType) {} protected: RawBuffer m_key; - KeyType m_type; + DataType m_type; }; class AKey : public GKey { public: - AKey(RawBuffer buffer, KeyType keyType) + AKey(RawBuffer buffer, DataType dataType = DataType::KEY_AES) : m_key(std::move(buffer)) - , m_type(keyType) + , m_type(dataType) {} virtual RawBuffer sign(const CryptoAlgorithm &alg, const RawBuffer &message); virtual bool verify(const CryptoAlgorithm &alg, const RawBuffer &message, const RawBuffer &sign); @@ -57,7 +58,7 @@ protected: EvpShPtr m_evp; RawBuffer m_key; - KeyType m_type; + DataType m_type; }; } // namespace SW diff --git a/src/manager/crypto/sw-backend/store.cpp b/src/manager/crypto/sw-backend/store.cpp index 38d36c37..2bc374eb 100644 --- a/src/manager/crypto/sw-backend/store.cpp +++ b/src/manager/crypto/sw-backend/store.cpp @@ -30,39 +30,28 @@ namespace CKM { namespace Crypto { namespace SW { -Id Store::getBackendId() const { return Id::OpenSSL; } - GKeyShPtr Store::getKey(const Token &token) { - if (token.backendId != getBackendId()) { + if (token.backendId != m_backendId) { LogDebug("Decider choose wrong backend!"); ThrowMsg(Exception::WrongBackend, "Decider choose wrong backend!"); } - switch (token.keyType) { - case KeyType::KEY_RSA_PUBLIC: - case KeyType::KEY_RSA_PRIVATE: - case KeyType::KEY_DSA_PUBLIC: - case KeyType::KEY_DSA_PRIVATE: - case KeyType::KEY_ECDSA_PUBLIC: - case KeyType::KEY_ECDSA_PRIVATE: - return std::make_shared<AKey>(token.buffer, token.keyType); - case KeyType::KEY_AES: - return std::make_shared<SKey>(token.buffer, token.keyType); - default: - LogDebug( - "This type of key is not supported by openssl backend: " << (int)token.keyType); - ThrowMsg(Exception::KeyNotSupported, - "This type of key is not supported by openssl backend: " << (int)token.keyType); + if (token.dataType.isKeyPrivate() || token.dataType.isKeyPublic()) { + return std::make_shared<AKey>(token.data, token.dataType); + } + + if (token.dataType == DataType(DataType::KEY_AES)) { + return std::make_shared<SKey>(token.data, token.dataType); } + LogDebug( + "This type of data is not supported by openssl backend: " << (int)token.dataType); + ThrowMsg(Exception::KeyNotSupported, + "This type of data is not supported by openssl backend: " << (int)token.dataType); } -Token Store::import(KeyType keyType, const RawBuffer &buffer) { - Token token; - token.buffer = buffer; - token.keyType = keyType; - token.backendId = getBackendId(); - return token; +Token Store::import(DataType dataType, const RawBuffer &buffer) { + return Token(m_backendId, dataType, buffer); } } // namespace SW diff --git a/src/manager/crypto/sw-backend/store.h b/src/manager/crypto/sw-backend/store.h index 31247ab7..dc7a78c1 100644 --- a/src/manager/crypto/sw-backend/store.h +++ b/src/manager/crypto/sw-backend/store.h @@ -22,7 +22,6 @@ #include <generic-backend/gkey.h> #include <generic-backend/gstore.h> -#include <generic-backend/id.h> namespace CKM { namespace Crypto { @@ -30,9 +29,10 @@ namespace SW { class Store : public GStore { public: - virtual Id getBackendId() const; + explicit Store(CryptoBackend backendId) : GStore(backendId) {} + virtual GKeyShPtr getKey(const Token &token); - virtual Token import(KeyType keyType, const RawBuffer &buffer); + virtual Token import(DataType dataType, const RawBuffer &buffer); virtual void destroy(const Token &){} }; diff --git a/src/manager/main/generic-event.h b/src/manager/main/generic-event.h index 9cf60f89..7b98f7c5 100644 --- a/src/manager/main/generic-event.h +++ b/src/manager/main/generic-event.h @@ -16,7 +16,7 @@ * limitations under the License */ /* - * @file protocols.h + * @file generic-event.h * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) * @author Zofia Abramowska (z.abramowska@samsung.com) * @version 1.0 diff --git a/src/manager/main/generic-socket-manager.h b/src/manager/main/generic-socket-manager.h index 5018c4ad..f1d20af4 100644 --- a/src/manager/main/generic-socket-manager.h +++ b/src/manager/main/generic-socket-manager.h @@ -32,9 +32,9 @@ #include <sys/types.h> #include <dpl/exception.h> -#include <protocols.h> #include <generic-event.h> #include <dpl/raw-buffer.h> +#include <ckm/ckm-type.h> extern "C" { struct msghdr; diff --git a/src/manager/service/access-control.h b/src/manager/service/access-control.h index 32bfb666..75297c42 100644 --- a/src/manager/service/access-control.h +++ b/src/manager/service/access-control.h @@ -24,7 +24,6 @@ #include <string> #include <ckm/ckm-type.h> #include <ckm/ckm-raw-buffer.h> -#include <protocols.h> #include <db-row.h> #include <permission.h> #include <generic-socket-manager.h> diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index 89fa59cd..99f60d92 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -389,8 +389,7 @@ DB::Row CKMLogic::createEncryptedRow( const RawBuffer &data, const Policy &policy) const { - DB::Row row = { name, label, policy.extractable, dataType, DBCMAlgType::NONE, - 0, RawBuffer(), static_cast<int>(data.size()), data, RawBuffer() }; + DB::Row row(name, label, static_cast<int>(policy.extractable), dataType, data, static_cast<int>(data.size())); // do not encrypt data with password during cc_mode on if(m_accessControl.isCCMode()) { diff --git a/src/manager/crypto/generic-backend/id.h b/src/manager/service/crypto-backend.h index 4086d577..def25a7f 100644 --- a/src/manager/crypto/generic-backend/id.h +++ b/src/manager/service/crypto-backend.h @@ -14,20 +14,19 @@ * limitations under the License */ /* - * @file id.h + * @file crypto-backend.h * @author Bartłomiej Grzelewski (b.grzelewski@samsung.com) * @version 1.0 */ #pragma once namespace CKM { -namespace Crypto { -enum class Id { - OpenSSL = 0, - TrustZone = 1 +enum class CryptoBackend { + None = 0, + OpenSSL = 1, + TrustZone = 2 }; -} // namespace Crypto } // namespace CKM diff --git a/src/manager/service/db-row.h b/src/manager/service/db-row.h index a64237ad..333f5ccc 100644 --- a/src/manager/service/db-row.h +++ b/src/manager/service/db-row.h @@ -24,24 +24,40 @@ #include <vector> #include <ckm/ckm-type.h> #include <protocols.h> +#include <token.h> namespace CKM { namespace DB { -struct Row { +struct Row : public Token { + Row() = default; + + Row(const Name &pName, + const Label &pLabel, + int pExportable, + DataType pDataType, + const RawBuffer &pData, + int pDataSize) : + Token(CryptoBackend::None, pDataType, pData) + , name(pName) + , ownerLabel(pLabel) + , exportable(pExportable) + , algorithmType(DBCMAlgType::NONE) + , encryptionScheme(0) + , dataSize(pDataSize) + {} + Name name; Label ownerLabel; int exportable; - DataType dataType; // cert/key/data DBCMAlgType algorithmType; // Algorithm type used for row data encryption int encryptionScheme; // for example: (ENCR_BASE64 | ENCR_PASSWORD) RawBuffer iv; // encoded in base64 int dataSize; // size of information without hash and padding - RawBuffer data; RawBuffer tag; // tag for Aes Gcm algorithm }; -typedef std::vector<Row> RowVector; +typedef std::vector<Row> RowVector; } // namespace DB } // namespace CKM diff --git a/src/manager/service/token.h b/src/manager/service/token.h new file mode 100644 index 00000000..f6940377 --- /dev/null +++ b/src/manager/service/token.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file token.h + * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) + * @version 1.0 + * @brief OBJECT_TABLE entry enhanced with corresponding NAME_TABLE identifier + */ +#pragma once + +#include <utility> + +#include <data-type.h> +#include <crypto-backend.h> + +namespace CKM { + +struct Token { + Token() + : backendId(CryptoBackend::None) + {} + Token(CryptoBackend pBackendId, DataType pDataType, const RawBuffer &pData) + : backendId(pBackendId) + , dataType(pDataType) + , data(pData) + {} + CryptoBackend backendId; + DataType dataType; + RawBuffer data; +}; + +typedef std::pair<Token,Token> TokenPair; + +} // namespace CKM |