CKMC API: Add option to list aliases with information about password protection

Change-Id: I02ff75a9f6c60bdcd4b3450a135a4047bbbc05f0
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>

5 files changed, 310 insertions, 9 deletions

diff --git a/src/include/ckmc/ckmc-manager.h b/src/include/ckmc/ckmc-manager.h
index 86ee07fe..22a295ce 100644
--- a/src/include/ckmc/ckmc-manager.h
+++ b/src/include/ckmc/ckmc-manager.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -151,6 +151,31 @@ int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **ppkey);
 int ckmc_get_key_alias_list(ckmc_alias_list_s **ppalias_list);
 
 
+/**
+ * @brief Gets the information about all the aliases of keys that the client can access.
+ * @since_tizen 5.5
+ * @remarks A client can access only data stored by the client and the entries from system database
+ * if it was explicitly permitted to.
+ * @remarks You must destroy the newly created @a ppalias_list by calling ckmc_alias_info_list_all_free()
+ *          if it is no longer needed.
+ * @param[out] ppalias_list The pointer to a newly created ckmc_alias_info_list_s handle containing
+ *                          information about all key aliases \n
+ *                          If there is no available key alias, *ppalias_list will be null
+ * @return @c 0 on success,
+ *         otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ * @see ckmc_save_key()
+ * @see ckmc_remove_alias()
+ * @see ckmc_get_key()
+ */
+int ckmc_get_key_alias_info_list(ckmc_alias_info_list_s **ppalias_list);
+
 
 /**
  * @brief Stores a certificate inside key manager based on the provided policy.
@@ -258,6 +283,32 @@ int ckmc_get_cert_alias_list(ckmc_alias_list_s **ppalias_list);
 
 
 /**
+ * @brief Gets the information about all the aliases of certificates that the client can access.
+ * @since_tizen 5.5
+ * @remarks A client can access only data stored by the client and the entries from system database
+ * if it was explicitly permitted to.
+ * @remarks You must destroy the newly created @a ppalias_list by calling ckmc_alias_info_list_all_free()
+ *          if it is no longer needed.
+ * @param[out] ppalias_list The pointer to a newly created ckmc_alias_info_list_s handle containing
+ *                          information about all certificate aliases \n
+ *                          If there is no available certificate alias, *ppalias_list will be null
+ * @return @c 0 on success,
+ *         otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR Failed due to a database error
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ * @see ckmc_save_cert()
+ * @see ckmc_remove_alias()
+ * @see ckmc_get_cert()
+ */
+int ckmc_get_cert_alias_info_list(ckmc_alias_info_list_s **ppalias_list);
+
+
+/**
  * @brief Stores PKCS12's contents inside key manager based on the provided policies. All items from the PKCS12 will use the same alias.
  * @since_tizen @if MOBILE 2.4 @elseif WEARABLE 3.0 @endif
  * @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to use this API since 3.0.
@@ -413,6 +464,32 @@ int ckmc_get_data_alias_list(ckmc_alias_list_s **ppalias_list);
 
 
 /**
+ * @brief Gets the information about all the aliases of data that the client can access.
+ * @since_tizen 5.5
+ * @remarks A client can access only data stored by the client and the entries from system database
+ * if it was explicitly permitted to.
+ * @remarks You must destroy the newly created @a ppalias_list by calling ckmc_alias_info_list_all_free()
+ * if it is no longer needed.
+ * @param[out] ppalias_list The pointer to a newly created ckmc_alias_info_list_s handle containing
+ *                          information about all data aliases \n
+ *                          If there is no available data alias, *ppalias_list will be null
+ * @return @c 0 on success,
+ *         otherwise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @retval #CKMC_ERROR_DB_LOCKED A user key is not loaded in memory (a user is not logged in)
+ * @retval #CKMC_ERROR_DB_ERROR Failed due to the error with unknown reason
+ * @retval #CKMC_ERROR_DB_ALIAS_UNKNOWN Alias does not exist
+ * @retval #CKMC_ERROR_PERMISSION_DENIED Failed to access key manager
+ * @pre User is already logged in and the user key is already loaded into memory in plain text form.
+ * @see ckmc_save_data()
+ * @see ckmc_remove_alias()
+ * @see ckmc_get_data()
+ */
+int ckmc_get_data_alias_info_list(ckmc_alias_info_list_s **ppalias_list);
+
+
+/**
  * @brief Creates RSA private/public key pair and stores them inside key manager based on each policy.
  * @since_tizen 2.3
  * @remarks %http://tizen.org/privilege/keymanager (public level privilege) is no longer required to use this API since 3.0.
diff --git a/src/include/ckmc/ckmc-type.h b/src/include/ckmc/ckmc-type.h
index 8a4217b6..da0c05e4 100644
--- a/src/include/ckmc/ckmc-type.h
+++ b/src/include/ckmc/ckmc-type.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -227,6 +227,25 @@ typedef struct __ckmc_alias_list {
 		*next; /**< The pointer pointing to the next ckmc_alias_list_s */
 } ckmc_alias_list_s;
 
+struct ckmc_alias_info_s;
+
+/**
+ * @brief The structure of alias and additional information about it.
+ * @since_tizen 5.0
+ */
+typedef struct ckmc_alias_info_s ckmc_alias_info_s;
+
+/**
+ * @brief The structure for linked list of alias with additional information.
+ * @since_tizen 5.0
+ */
+typedef struct __ckmc_alias_info_list_s {
+	struct ckmc_alias_info_s* info; /**< The pointer pointing to the alias structure
+					  with additional information */
+	struct __ckmc_alias_info_list_s*
+		next; /**< The pointer pointing to the next ckmc_alias_info_list_s */
+} ckmc_alias_info_list_s;
+
 
 /**
  * @brief The structure for linked list of ckmc_cert_s
@@ -341,6 +360,41 @@ typedef enum __ckmc_algo_type {
                        (optional, not supported at the moment) */
 } ckmc_algo_type_e;
 
+/**
+ * @brief Gets the alias from #ckmc_alias_info_s structure.
+ * @since_tizen 5.0
+ * @remarks The @a alias should not be released.
+ *          The @a alias can be used until #ckmc_alias_info_s is released.
+ * @param[in] info The pointer to the #ckmc_alias_info_s structure
+ * @param[out] alias The pointer to the alias
+ * @return #CKMC_ERROR_NONE on success,
+ *         othervise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @see #ckmc_alias_info_s
+ */
+int ckmc_alias_info_get_alias(const ckmc_alias_info_s* info, char** alias);
+
+/**
+ * @brief Gets the password protection status from #ckmc_alias_info_s structure.
+ * @since_tizen 5.0
+ * @param[in] info The pointer to the #ckmc_alias_info_s structure
+ * @param[out] is_password_protected The pointer to the password protection flag
+ * @return #CKMC_ERROR_NONE on success,
+ *         othervise a negative error value
+ * @retval #CKMC_ERROR_NONE Successful
+ * @retval #CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
+ * @see #ckmc_alias_info_s
+ */
+int ckmc_alias_info_is_password_protected(const ckmc_alias_info_s* info, bool* is_password_protected);
+
+/**
+ * @brief Destroys the #ckmc_alias_info_list_s handle and releases resources of #ckmc_alias_info_list_s from the provided first handle cascadingly.
+ * @since_tizen 5.0
+ * @param[in] first The first #ckmc_alias_info_list_s handle to destroy
+ * @see #ckmc_alias_info_list_s
+ */
+void ckmc_alias_info_list_all_free(ckmc_alias_info_list_s *first);
 
 /**
  * @brief Creates a new full alias which is a concatenation of @a owner_id and @a alias.
diff --git a/src/manager/client-capi/ckmc-manager.cpp b/src/manager/client-capi/ckmc-manager.cpp
index 37dd14fc..a765f3a0 100644
--- a/src/manager/client-capi/ckmc-manager.cpp
+++ b/src/manager/client-capi/ckmc-manager.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright (c) 2000 - 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *  Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -28,6 +28,7 @@
 #include <ckmc/ckmc-error.h>
 #include <ckmc-type-converter.h>
 #include <client-common.h>
+#include <functional>
 #include <iostream>
 #include <string.h>
 
@@ -35,6 +36,30 @@ namespace {
 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
 
+int _ckmc_alias_info_new(const char* alias, bool is_password_protected, ckmc_alias_info_s** info)
+{
+	if (alias == NULL)
+		return CKMC_ERROR_SERVER_ERROR;
+	if (info == NULL)
+		return CKMC_ERROR_UNKNOWN;
+
+	ckmc_alias_info_s* _info = NULL;
+	_info = static_cast<ckmc_alias_info_s*>(malloc(sizeof(ckmc_alias_info_s)));
+
+	if (_info == NULL)
+		return CKMC_ERROR_OUT_OF_MEMORY;
+
+	_info->alias = strdup(alias);
+	if (_info->alias == NULL)
+	{
+		free(_info);
+		return CKMC_ERROR_OUT_OF_MEMORY;
+	}
+	_info->is_password_protected = is_password_protected;
+	*info = _info;
+	return CKMC_ERROR_NONE;
+}
+
 inline CKM::Password _tostring(const char *str)
 {
 	return (str == nullptr) ? CKM::Password() : CKM::Password(str);
@@ -180,8 +205,84 @@ int _cryptoOperation(cryptoFn operation,
 	return ckmc_buffer_new(outBuffer.data(), outBuffer.size(), ppout);
 }
 
+int _toNewCkmcAliasInfoList(const CKM::AliasPwdVector &aliasPwdVector,
+		ckmc_alias_info_list_s **alias_info_list)
+{
+	int ret = CKMC_ERROR_NONE;
+
+	if (alias_info_list == nullptr)
+		return CKMC_ERROR_UNKNOWN;
+
+	if (aliasPwdVector.size() == 0)
+		return CKMC_ERROR_DB_ALIAS_UNKNOWN;
+
+	ckmc_alias_info_list_s *start = nullptr;
+	ckmc_alias_info_list_s *plist = nullptr;
+	ckmc_alias_info_list_s *previous = nullptr;
+
+	for (const auto &it : aliasPwdVector) {
+
+		previous = plist;
+
+		plist = static_cast<ckmc_alias_info_list_s*>(calloc(1, sizeof(ckmc_alias_info_list_s)));
+
+		if (plist == nullptr)
+		{
+			ret = CKMC_ERROR_OUT_OF_MEMORY;
+			break;
+		}
+
+		if (start == nullptr)
+			start = plist;
+
+		if (previous != nullptr)
+			previous->next = plist;
+
+		if ((ret = _ckmc_alias_info_new(std::get<0>(it).c_str(), std::get<1>(it),
+						&plist->info) != CKMC_ERROR_NONE))
+		{
+			break;
+		}
+
+	}
+
+	if (ret != CKMC_ERROR_NONE)
+	{
+		ckmc_alias_info_list_all_free(start);
+		return ret;
+	}
+
+	*alias_info_list = start;
+
+	return CKMC_ERROR_NONE;
 }
 
+int ckmc_generic_get_alias_info_list_helper(ckmc_alias_info_list_s **alias_info_list,
+		int(CKM::Manager::*func)(CKM::AliasPwdVector&))
+{
+	EXCEPTION_GUARD_START_CAPI
+
+	auto mgr = CKM::Manager::create();
+	int ret;
+
+	if (alias_info_list == nullptr)
+		return CKMC_ERROR_INVALID_PARAMETER;
+
+	CKM::AliasPwdVector aliasPwdVector;
+
+	if ((ret = ((*mgr).*func)(aliasPwdVector)) != CKM_API_SUCCESS)
+		return to_ckmc_error(ret);
+
+	if ((ret = _toNewCkmcAliasInfoList(aliasPwdVector, alias_info_list)) != CKM_API_SUCCESS)
+		return ret;
+
+	return CKMC_ERROR_NONE;
+
+	EXCEPTION_GUARD_END
+}
+
+} // namespace anonymous
+
 KEY_MANAGER_CAPI
 int ckmc_save_key(const char *alias, const ckmc_key_s key,
 				  const ckmc_policy_s policy)
@@ -296,6 +397,15 @@ int ckmc_get_key_alias_list(ckmc_alias_list_s **alias_list)
 	EXCEPTION_GUARD_END
 }
 
+
+KEY_MANAGER_CAPI
+int ckmc_get_key_alias_info_list(ckmc_alias_info_list_s **alias_info_list)
+{
+
+	return ckmc_generic_get_alias_info_list_helper(alias_info_list,
+			&CKM::Manager::getKeyAliasPwdVector);
+}
+
 KEY_MANAGER_CAPI
 int ckmc_save_cert(const char *alias, const ckmc_cert_s cert,
 				   const ckmc_policy_s policy)
@@ -391,6 +501,13 @@ int ckmc_get_cert_alias_list(ckmc_alias_list_s **alias_list)
 }
 
 KEY_MANAGER_CAPI
+int ckmc_get_cert_alias_info_list(ckmc_alias_info_list_s **alias_info_list)
+{
+	return ckmc_generic_get_alias_info_list_helper(alias_info_list,
+			&CKM::Manager::getCertificateAliasPwdVector);
+}
+
+KEY_MANAGER_CAPI
 int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs,
 					 const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy)
 {
@@ -581,6 +698,13 @@ int ckmc_get_data_alias_list(ckmc_alias_list_s **alias_list)
 }
 
 KEY_MANAGER_CAPI
+int ckmc_get_data_alias_info_list(ckmc_alias_info_list_s **alias_info_list)
+{
+	return ckmc_generic_get_alias_info_list_helper(alias_info_list,
+			&CKM::Manager::getDataAliasPwdVector);
+}
+
+KEY_MANAGER_CAPI
 int ckmc_create_key_pair_rsa(const size_t size,
 							 const char *private_key_alias,
 							 const char *public_key_alias,
diff --git a/src/manager/client-capi/ckmc-type.cpp b/src/manager/client-capi/ckmc-type.cpp
index a613d8d6..6567c97a 100644
--- a/src/manager/client-capi/ckmc-type.cpp
+++ b/src/manager/client-capi/ckmc-type.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *  Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -28,6 +28,7 @@
 #include <ckmc/ckmc-type.h>
 #include <ckmc/ckmc-error.h>
 #include <ckmc-type-converter.h>
+#include <client-common.h>
 #include <protocols.h>
 #include <openssl/x509v3.h>
 #include <openssl/pkcs12.h>
@@ -65,8 +66,15 @@ int _ckmc_load_cert_from_x509(X509 *xCert, ckmc_cert_s **cert)
 	return ckmc_cert_new(output.data(), output.size(), CKMC_FORM_DER, cert);
 }
 
-} // namespace anonymous
+void _ckmc_alias_info_free(ckmc_alias_info_s *info)
+{
+	if (info == NULL)
+		return;
+	free(info->alias);
+	free(info);
+}
 
+} // namespace anonymous
 
 const char *const ckmc_label_name_separator    = CKM::ALIAS_SEPARATOR;
 const char *const ckmc_owner_id_separator      = CKM::ALIAS_SEPARATOR;
@@ -591,6 +599,40 @@ void ckmc_alias_list_all_free(ckmc_alias_list_s *first)
 }
 
 KEY_MANAGER_CAPI
+int ckmc_alias_info_get_alias(const ckmc_alias_info_s* info, char** alias)
+{
+	if (info == NULL || alias == NULL)
+		return CKMC_ERROR_INVALID_PARAMETER;
+
+	*alias = info->alias;
+	return CKMC_ERROR_NONE;
+}
+
+KEY_MANAGER_CAPI
+int ckmc_alias_info_is_password_protected(const ckmc_alias_info_s* info, bool* is_password_protected)
+{
+	if (info == NULL || is_password_protected == NULL)
+		return CKMC_ERROR_INVALID_PARAMETER;
+
+	*is_password_protected = info->is_password_protected;
+	return CKMC_ERROR_NONE;
+}
+
+
+KEY_MANAGER_CAPI
+void ckmc_alias_info_list_all_free(ckmc_alias_info_list_s *first)
+{
+	ckmc_alias_info_list_s *next = first;
+
+	while (next) {
+		ckmc_alias_info_list_s *current = next;
+		next = current->next;
+		_ckmc_alias_info_free(current->info);
+		free(current);
+	}
+}
+
+KEY_MANAGER_CAPI
 int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list)
 {
 	ckmc_cert_list_s *previous = NULL;
@@ -599,7 +641,7 @@ int ckmc_cert_list_new(ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list)
 
 KEY_MANAGER_CAPI
 int ckmc_cert_list_add(ckmc_cert_list_s *previous, ckmc_cert_s *cert,
-					   ckmc_cert_list_s **pplast)
+						ckmc_cert_list_s **pplast)
 {
 	ckmc_cert_list_s *plist;
 
diff --git a/src/manager/client/client-common.h b/src/manager/client/client-common.h
index cedb50ed..032f2f92 100644
--- a/src/manager/client/client-common.h
+++ b/src/manager/client/client-common.h
@@ -1,7 +1,5 @@
 /*
- *  Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *  Contact: Bumjin Im <bj.im@samsung.com>
+ *  Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -43,6 +41,12 @@
 
 extern "C" {
 	struct msghdr;
+
+	struct ckmc_alias_info_s {
+		char* alias;
+		bool is_password_protected;
+	};
+
 }
 
 namespace CKM {