diff options
Diffstat (limited to 'src/manager/service/ckm-logic.h')
| -rw-r--r-- | src/manager/service/ckm-logic.h | 89 |
1 files changed, 76 insertions, 13 deletions
diff --git a/src/manager/service/ckm-logic.h b/src/manager/service/ckm-logic.h index 0cbbb2b0..853be0eb 100644 --- a/src/manager/service/ckm-logic.h +++ b/src/manager/service/ckm-logic.h @@ -45,13 +45,6 @@ struct UserData { class CKMLogic { public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(CKM::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, InputDataInvalid); - }; - CKMLogic(); CKMLogic(const CKMLogic &) = delete; CKMLogic(CKMLogic &&) = delete; @@ -80,12 +73,21 @@ public: RawBuffer saveData( const Credentials &cred, int commandId, - DBDataType dataType, const Name &name, const Label &label, - const RawBuffer &key, + const RawBuffer &data, + DBDataType dataType, const PolicySerializable &policy); + RawBuffer savePKCS12( + const Credentials &cred, + int commandId, + const Name &name, + const Label &label, + const PKCS12Serializable &pkcs, + const PolicySerializable &keyPolicy, + const PolicySerializable &certPolicy); + RawBuffer removeData( const Credentials &cred, int commandId, @@ -100,6 +102,12 @@ public: const Label &label, const Password &password); + RawBuffer getPKCS12( + const Credentials &cred, + int commandId, + const Name &name, + const Label &label); + RawBuffer getDataList( const Credentials &cred, int commandId, @@ -163,30 +171,75 @@ public: private: - void verifyBinaryData( + int verifyBinaryData( DBDataType dataType, const RawBuffer &input_data) const; + int checkSaveConditions( + const Credentials &cred, + UserData &handler, + const Name &name, + const Label &label); + int saveDataHelper( const Credentials &cred, - DBDataType dataType, const Name &name, const Label &label, - const RawBuffer &key, + DBDataType dataType, + const RawBuffer &data, const PolicySerializable &policy); + int saveDataHelper( + const Credentials &cred, + const Name &name, + const Label &label, + const PKCS12Serializable &pkcs, + const PolicySerializable &keyPolicy, + const PolicySerializable &certPolicy); + + DBRow createEncryptedDBRow( + CryptoLogic &crypto, + const Name &name, + const Label &label, + DBDataType dataType, + const RawBuffer &data, + const Policy &policy) const; + + int getPKCS12Helper( + const Credentials &cred, + const Name &name, + const Label &label, + KeyShPtr & privKey, + CertificateShPtr & cert, + CertificateShPtrVector & caChain); + + int extractPKCS12Data( + CryptoLogic &crypto, + const Name &name, + const Label &ownerLabel, + const PKCS12Serializable &pkcs, + const PolicySerializable &keyPolicy, + const PolicySerializable &certPolicy, + DBRowVector &output) const; + int removeDataHelper( const Credentials &cred, const Name &name, const Label &ownerLabel); - int readDataRowHelper( + int readSingleRow( const Name &name, const Label &ownerLabel, DBDataType dataType, DBCrypto & database, DBRow &row); + int readMultiRow(const Name &name, + const Label &ownerLabel, + DBDataType dataType, + DBCrypto & database, + DBRowVector &output); + int checkDataPermissionsHelper( const Name &name, const Label &ownerLabel, @@ -204,6 +257,15 @@ private: const Password &password, DBRow &row); + int readDataHelper( + bool exportFlag, + const Credentials &cred, + DBDataType dataType, + const Name &name, + const Label &label, + const Password &password, + DBRowVector &rows); + int createKeyPairHelper( const Credentials &cred, const KeyType key_type, @@ -228,6 +290,7 @@ private: const Label &accessorLabel, const Permission newPermission); + std::map<uid_t, UserData> m_userDataMap; CertificateStore m_certStore; AccessControl m_accessControl; |