Tizen Native API
7.0
|
It defines data types used in these APIs and provides utility methods handling them.
Required Header
#include <ckmc/ckmc-type.h>
Overview
It defines data types for key, certificate, raw buffer, and linked list used in these APIs. It also provides new and free methods for them.
Functions | |
int | ckmc_alias_info_get_alias (const ckmc_alias_info_s *info, char **alias) |
Gets the alias from ckmc_alias_info_s structure. | |
int | ckmc_alias_info_is_password_protected (const ckmc_alias_info_s *info, bool *is_password_protected) |
Gets the password protection status from ckmc_alias_info_s structure. | |
int | ckmc_alias_info_get_backend (const ckmc_alias_info_s *info, ckmc_backend_id_e *backend) |
Gets the backend identifier from ckmc_alias_info_s structure. | |
void | ckmc_alias_info_list_all_free (ckmc_alias_info_list_s *first) |
Destroys the ckmc_alias_info_list_s handle and releases resources of ckmc_alias_info_list_s from the provided first handle cascadingly. | |
int | ckmc_alias_new (const char *owner_id, const char *alias, char **full_alias) |
Creates a new full alias which is a concatenation of owner_id and alias. | |
int | ckmc_key_new (unsigned char *raw_key, size_t key_size, ckmc_key_type_e key_type, char *password, ckmc_key_s **ppkey) |
Creates a new ckmc_key_s handle and returns it. | |
void | ckmc_key_free (ckmc_key_s *key) |
Destroys the ckmc_key_s handle and releases all its resources. | |
int | ckmc_buffer_new (unsigned char *data, size_t size, ckmc_raw_buffer_s **ppbuffer) |
Creates a new ckmc_raw_buffer_s handle and returns it. | |
void | ckmc_buffer_free (ckmc_raw_buffer_s *buffer) |
Destroys the ckmc_raw_buffer_s handle and releases all its resources. | |
int | ckmc_cert_new (unsigned char *raw_cert, size_t cert_size, ckmc_data_format_e data_format, ckmc_cert_s **ppcert) |
Creates a new ckmc_cert_s handle and returns it. | |
void | ckmc_cert_free (ckmc_cert_s *cert) |
Destroys the ckmc_cert_s handle and releases all its resources. | |
int | ckmc_load_cert_from_file (const char *file_path, ckmc_cert_s **cert) |
Creates a new ckmc_cert_s handle from a given file and returns it. | |
int | ckmc_pkcs12_new (ckmc_key_s *private_key, ckmc_cert_s *cert, ckmc_cert_list_s *ca_cert_list, ckmc_pkcs12_s **pkcs12_bundle) |
Creates a new ckmc_pkcs12_s handle and returns it. | |
int | ckmc_load_from_pkcs12_file (const char *file_path, const char *passphrase, ckmc_key_s **private_key, ckmc_cert_s **cert, ckmc_cert_list_s **ca_cert_list) TIZEN_DEPRECATED_API |
Creates a new ckmc_key_s (private_key), ckmc_cert_s (cert), and ckmc_cert_list_s (ca_cert_list) handle from a given PKCS#12 file and returns them. | |
int | ckmc_pkcs12_load (const char *file_path, const char *passphrase, ckmc_pkcs12_s **pkcs12_bundle) |
Creates a new ckmc_pkcs12_s handle from a given PKCS#12 file and returns it. | |
void | ckmc_pkcs12_free (ckmc_pkcs12_s *pkcs12) |
Destroys the ckmc_pkcs12_s handle and releases all its resources. | |
int | ckmc_alias_list_new (char *alias, ckmc_alias_list_s **ppalias_list) |
Creates a new ckmc_alias_list_s handle and returns it. The alias pointer in the returned ckmc_alias_list_s handle points to the provided characters and next is NULL. | |
int | ckmc_alias_list_add (ckmc_alias_list_s *previous, char *alias, ckmc_alias_list_s **pplast) |
Creates a new ckmc_alias_list_s handle, adds it to a previous ckmc_alias_list_s and returns it. The alias pointer in the returned ckmc_alias_list_s handle points to the provided characters and next is NULL. | |
void | ckmc_alias_list_free (ckmc_alias_list_s *first) |
Destroys the ckmc_alias_list_s handle and releases resources of ckmc_alias_list_s from the provided first handle cascadingly. | |
void | ckmc_alias_list_all_free (ckmc_alias_list_s *first) |
Destroys the ckmc_alias_list_s handle and releases all its resources from the provided first handle cascadingly. | |
int | ckmc_cert_list_new (ckmc_cert_s *cert, ckmc_cert_list_s **ppalias_list) |
Creates a new ckmc_cert_list_s handle and returns it. The cert pointer in the returned ckmc_cert_list_s handle points to the provided ckmc_cert_s and next is NULL. | |
int | ckmc_cert_list_add (ckmc_cert_list_s *previous, ckmc_cert_s *cert, ckmc_cert_list_s **pplast) |
Creates a new ckmc_cert_list_s handle, adds it to a previous ckmc_cert_list_s and returns it. The cert pointer in the returned ckmc_alias_list_s handle points to the provided ckmc_cert_s and next is NULL. | |
void | ckmc_cert_list_free (ckmc_cert_list_s *first) |
Destroys the ckmc_cert_list_s handle and releases resources of ckmc_cert_list_s from the provided first handle cascadingly. | |
void | ckmc_cert_list_all_free (ckmc_cert_list_s *first) |
Destroys the ckmc_cert_list_s handle and releases all its resources from the provided first handle cascadingly. | |
int | ckmc_param_list_new (ckmc_param_list_h *pparams) |
Creates new parameter list. | |
int | ckmc_param_list_set_integer (ckmc_param_list_h params, ckmc_param_name_e name, uint64_t value) |
Sets integer parameter to the list. | |
int | ckmc_param_list_set_buffer (ckmc_param_list_h params, ckmc_param_name_e name, const ckmc_raw_buffer_s *buffer) |
Sets buffer parameter to the list. | |
int | ckmc_param_list_get_integer (ckmc_param_list_h params, ckmc_param_name_e name, uint64_t *pvalue) |
Gets integer parameter from the list. | |
int | ckmc_param_list_get_buffer (ckmc_param_list_h params, ckmc_param_name_e name, ckmc_raw_buffer_s **ppbuffer) |
Gets buffer parameter from the list. | |
void | ckmc_param_list_free (ckmc_param_list_h params) |
Frees previously allocated list of algorithm params. | |
int | ckmc_generate_new_params (ckmc_algo_type_e type, ckmc_param_list_h *pparams) |
Generates algorithm parameters for a given algorithm type and set them to the list. | |
int | ckmc_backend_get_max_chunk_size (const ckmc_backend_info_h info, size_t *size) |
Retrieves maximum data chunk size in bytes that can be passed to given backend. This is the maximum size of data passed as encryption/decryption input, AAD or IV. | |
void | ckmc_backend_info_free (ckmc_backend_info_h info) |
Destroys the backend information handle and releases all its resources. | |
Typedefs | |
typedef enum __ckmc_key_type | ckmc_key_type_e |
Enumeration for key types of key manager. | |
typedef enum __ckmc_data_format | ckmc_data_format_e |
Enumeration for data format. | |
typedef enum __ckmc_ec_type | ckmc_ec_type_e |
Enumeration for elliptic curve. | |
typedef enum __ckmc_hash_algo | ckmc_hash_algo_e |
Enumeration for hash algorithm. | |
typedef enum __ckmc_rsa_padding_algo | ckmc_rsa_padding_algo_e |
Enumeration for RSA padding algorithm. | |
typedef enum __ckmc_access_right | ckmc_access_right_e |
Enumeration for database access rights. | |
typedef enum __ckmc_permission | ckmc_permission_e |
Enumeration for permissions to access/modify alias. | |
typedef struct __ckmc_raw_buff | ckmc_raw_buffer_s |
The structure for binary buffer used in key manager CAPI. | |
typedef struct __ckmc_policy | ckmc_policy_s |
The structure for a policy for storing key/certificate/binary data. | |
typedef struct __ckmc_key | ckmc_key_s |
The structure for key used in key manager CAPI. | |
typedef struct __ckmc_cert | ckmc_cert_s |
The structure for certificate used in key manager CAPI. | |
typedef struct __ckmc_alias_list | ckmc_alias_list_s |
The structure for linked list of alias. | |
typedef struct ckmc_alias_info_s | ckmc_alias_info_s |
The structure of alias and additional information about it. | |
typedef struct __ckmc_alias_info_list_s | ckmc_alias_info_list_s |
The structure for linked list of alias with additional information. | |
typedef struct __ckmc_cert_list | ckmc_cert_list_s |
The structure for linked list of ckmc_cert_s. | |
typedef enum __ckmc_ocsp_status | ckmc_ocsp_status_e |
Enumeration for OCSP status. | |
typedef struct __ckmc_pkcs12 | ckmc_pkcs12_s |
The structure for PKCS12 used in key manager CAPI. | |
typedef enum __ckmc_param_name | ckmc_param_name_e |
Enumeration for crypto algorithm parameters. | |
typedef enum __ckmc_kdf_prf | ckmc_kdf_prf_e |
Enumeration for key derivation function pseudo-random function parameter. | |
typedef enum __ckmc_kbkdf_mode | ckmc_kbkdf_mode_e |
Enumeration for key based key derivation function mode. | |
typedef enum __ckmc_kbkdf_counter_location | ckmc_kbkdf_counter_location_e |
Enumeration for KBKDF counter location relative to fixed input. | |
typedef struct __ckmc_param_list * | ckmc_param_list_h |
Algorithm parameter list handle. | |
typedef enum __ckmc_algo_type | ckmc_algo_type_e |
Enumeration for crypto algorithm types. | |
typedef enum __ckmc_backend_id | ckmc_backend_id_e |
Enumeration for backend identifiers. | |
typedef struct __ckmc_backend_info_s * | ckmc_backend_info_h |
Backend information handle. | |
typedef struct __ckmc_cipher_ctx * | ckmc_cipher_ctx_h |
Encryption/decryption context handle. |
Typedef Documentation
typedef enum __ckmc_access_right ckmc_access_right_e |
Enumeration for database access rights.
- Deprecated:
- Deprecated since 2.4. [Use ckmc_permission_e instead]
- Since :
- 2.3
typedef enum __ckmc_algo_type ckmc_algo_type_e |
typedef struct __ckmc_alias_info_list_s ckmc_alias_info_list_s |
The structure for linked list of alias with additional information.
- Since :
- 5.5
typedef struct ckmc_alias_info_s ckmc_alias_info_s |
The structure of alias and additional information about it.
- Since :
- 5.5
typedef struct __ckmc_alias_list ckmc_alias_list_s |
The structure for linked list of alias.
- Since :
- 2.3
typedef enum __ckmc_backend_id ckmc_backend_id_e |
Enumeration for backend identifiers.
- Since :
- 6.0
typedef struct __ckmc_backend_info_s* ckmc_backend_info_h |
Backend information handle.
- Since :
- 6.0
typedef struct __ckmc_cert_list ckmc_cert_list_s |
The structure for linked list of ckmc_cert_s.
- Since :
- 2.3
typedef struct __ckmc_cert ckmc_cert_s |
The structure for certificate used in key manager CAPI.
- Since :
- 2.3
typedef struct __ckmc_cipher_ctx* ckmc_cipher_ctx_h |
Encryption/decryption context handle.
- Since :
- 6.0
typedef enum __ckmc_data_format ckmc_data_format_e |
Enumeration for data format.
- Since :
- 2.3
typedef enum __ckmc_ec_type ckmc_ec_type_e |
Enumeration for elliptic curve.
- Since :
- 2.3
typedef enum __ckmc_hash_algo ckmc_hash_algo_e |
Enumeration for hash algorithm.
- Since :
- 2.3
Enumeration for KBKDF counter location relative to fixed input.
- Since :
- 6.0
- See also:
- ckmc_key_derive()
- ckmc_param_name_e
typedef enum __ckmc_kbkdf_mode ckmc_kbkdf_mode_e |
Enumeration for key based key derivation function mode.
- Since :
- 6.0
- See also:
- ckmc_key_derive()
- ckmc_param_name_e
typedef enum __ckmc_kdf_prf ckmc_kdf_prf_e |
Enumeration for key derivation function pseudo-random function parameter.
- Since :
- 6.0
- See also:
- ckmc_key_derive()
- ckmc_param_name_e
typedef struct __ckmc_key ckmc_key_s |
The structure for key used in key manager CAPI.
- Since :
- 2.3
typedef enum __ckmc_key_type ckmc_key_type_e |
Enumeration for key types of key manager.
- Since :
- 2.3
typedef enum __ckmc_ocsp_status ckmc_ocsp_status_e |
Enumeration for OCSP status.
- Since :
- 2.4
typedef struct __ckmc_param_list* ckmc_param_list_h |
Algorithm parameter list handle.
- Since :
- 3.0
- Remarks:
- Each parameter list must have at least one CKMC_PARAM_ALGO_TYPE parameter that identifies the algorithm. See ckmc_algo_type_e for available algorithms and additional parameters they support.
typedef enum __ckmc_param_name ckmc_param_name_e |
typedef enum __ckmc_permission ckmc_permission_e |
Enumeration for permissions to access/modify alias.
- Since :
- 2.4
typedef struct __ckmc_pkcs12 ckmc_pkcs12_s |
The structure for PKCS12 used in key manager CAPI.
- Since :
- 2.4
typedef struct __ckmc_policy ckmc_policy_s |
The structure for a policy for storing key/certificate/binary data.
- Since :
- 2.3
typedef struct __ckmc_raw_buff ckmc_raw_buffer_s |
The structure for binary buffer used in key manager CAPI.
- Since :
- 2.3
typedef enum __ckmc_rsa_padding_algo ckmc_rsa_padding_algo_e |
Enumeration for RSA padding algorithm.
- Since :
- 2.3
Enumeration Type Documentation
enum __ckmc_access_right |
Enumeration for database access rights.
- Deprecated:
- Deprecated since 2.4. [Use ckmc_permission_e instead]
- Since :
- 2.3
enum __ckmc_algo_type |
Enumeration for crypto algorithm types.
- Since :
- 3.0
- See also:
- ckmc_param_name_e
- Enumerator:
CKMC_ALGO_AES_CTR AES-CTR algorithm Supported parameters:
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_AES_CTR (mandatory),
- CKMC_PARAM_ED_IV = 16-byte initialization vector (mandatory)
- CKMC_PARAM_ED_CTR_LEN = length of counter block in bits (optional, only 128b is supported at the moment)
CKMC_ALGO_AES_CBC AES-CBC algorithm Supported parameters:
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_AES_CBC (mandatory),
- CKMC_PARAM_ED_IV = 16-byte initialization vector (mandatory)
CKMC_ALGO_AES_GCM AES-GCM algorithm Supported parameters:
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_AES_GCM (mandatory),
- CKMC_PARAM_ED_IV = 1 to (2^64-1) bytes long initialization vector. Note that the backend may impose additional limit on the maximum size (ckmc_backend_get_max_chunk_size()). Recommended length is 12B (mandatory)
- CKMC_PARAM_ED_TAG_LEN = GCM tag length in bits. One of {32, 64, 96, 104, 112, 120, 128} (optional, if not present, the length 128 is used; since Tizen 5.0, if TrustZone backend is used, 32 and 64 lengths are not supported)
- CKMC_PARAM_ED_AAD = additional authentication data. Note that the backend may impose limit on the maximum size (ckmc_backend_get_max_chunk_size()) (optional)
CKMC_ALGO_AES_CFB AES-CFB algorithm Supported parameters:
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_AES_CFB (mandatory),
- CKMC_PARAM_ED_IV = 16-byte initialization vector (mandatory)
CKMC_ALGO_RSA_OAEP RSA-OAEP algorithm (EME-OAEP as defined in PKCS #1 with MGF1) Supported parameters:
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_RSA_OAEP (mandatory),
- CKMC_PARAM_ED_LABEL = label (encoding parameter) to be associated with the message (optional, not supported at the moment)
- CKMC_PARAM_ED_OAEP_HASH = hash algorithm to be used in OAEP padding (see __ckmc_hash_algo). (optional)
CKMC_ALGO_KBKDF Key based key derivation algorithm Supported parameters:
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_KBKDF (mandatory),
- CKMC_PARAM_KDF_PRF = pseudo-random function (see ckmc_kdf_prf_e) (mandatory),
- CKMC_PARAM_KBKDF_MODE = KDF mode (see ckmc_kbkdf_mode_e) (mandatory),
- CKMC_PARAM_KBKDF_LABEL = the purpose for the derived key (optional),
- CKMC_PARAM_KBKDF_CONTEXT = information related to the derived key (optional),
- CKMC_PARAM_KDF_LEN = length of the derived key (mandatory)
- CKMC_PARAM_KBKDF_FIXED_INPUT = replacement for context and label (optional),
- CKMC_PARAM_KBKDF_COUNTER_LOCATION = counter location (see ckmc_kbkdf_counter_location_e) (mandatory),
- CKMC_PARAM_KBKDF_RLEN = length of the counter representation (optional),
- CKMC_PARAM_KBKDF_LLEN = length of the length suffix representation (optional),
- CKMC_PARAM_KBKDF_NO_SEPARATOR = existence of zero separator (optional)
CKMC_ALGO_ECDH ECDH shared secret key agreement protocol Supported parameters (all are required):
- CKMC_PARAM_ALGO_TYPE = CKMC_ALGO_ECDH,
- CKMC_PARAM_ECDH_PUBKEY = peer's public key (see ckmc_key_s)
enum __ckmc_backend_id |
Enumeration for backend identifiers.
- Since :
- 6.0
enum __ckmc_data_format |
enum __ckmc_ec_type |
Enumeration for elliptic curve.
- Since :
- 2.3
enum __ckmc_hash_algo |
Enumeration for KBKDF counter location relative to fixed input.
- Since :
- 6.0
- See also:
- ckmc_key_derive()
- ckmc_param_name_e
- Enumerator:
CKMC_KBKDF_COUNTER_BEFORE_FIXED Counter is located before fixed input
CKMC_KBKDF_COUNTER_AFTER_FIXED Counter is located after fixed input
CKMC_KBKDF_COUNTER_MIDDLE_FIXED Counter is located in the middle of the fixed input (between context and label). This setting requires setting CKMC_PARAM_KBKDF_LABEL and CKMC_PARAM_KBKDF_CONTEXT and conflicts with CKMC_PARAM_KBKDF_FIXED_INPUT. If this location is used the separator will be skipped regardless of the CKMC_PARAM_KBKDF_NO_SEPARATOR parameter
enum __ckmc_kbkdf_mode |
Enumeration for key based key derivation function mode.
- Since :
- 6.0
- See also:
- ckmc_key_derive()
- ckmc_param_name_e
enum __ckmc_kdf_prf |
Enumeration for key derivation function pseudo-random function parameter.
- Since :
- 6.0
- See also:
- ckmc_key_derive()
- ckmc_param_name_e
enum __ckmc_key_type |
Enumeration for key types of key manager.
- Since :
- 2.3
enum __ckmc_ocsp_status |
Enumeration for OCSP status.
- Since :
- 2.4
- Enumerator:
enum __ckmc_param_name |
Enumeration for crypto algorithm parameters.
- Since :
- 3.0
- See also:
- ckmc_algo_type_e
- Enumerator:
CKMC_PARAM_ALGO_TYPE integer - type of algorithm (see ckmc_algo_type_e)
CKMC_PARAM_ED_IV buffer - initialization vector
CKMC_PARAM_ED_CTR_LEN integer - ctr length in bits
CKMC_PARAM_ED_AAD buffer - Additional Authentication Data for AES GCM
CKMC_PARAM_ED_TAG_LEN integer - tag length in bits
CKMC_PARAM_ED_LABEL buffer - RSA OAEP label (not supported at the moment)
CKMC_PARAM_ED_OAEP_HASH integer - function to be used both as Label and MGF hash function in OAEP padding (see __ckmc_hash_algo). Currently only CKMC_HASH_SHA1 and CKMC_HASH_SHA256 are supported. If not given, the default CKMC_HASH_SHA1 is used. (Since 6.0)
CKMC_PARAM_KDF_PRF integer - pseudo-random function number (see ckmc_kdf_prf_e) (Since 6.0)
CKMC_PARAM_KDF_LEN integer - length of the derived key in bytes. The value must be one of {16, 24, 32} (Since 6.0)
CKMC_PARAM_KBKDF_MODE integer - KDF mode number (see ckmc_kbkdf_mode_e) (Since 6.0)
CKMC_PARAM_KBKDF_LABEL buffer - the purpose for the derived key. Conflicts with CKMC_PARAM_KBKDF_FIXED_INPUT (Since 6.0)
CKMC_PARAM_KBKDF_CONTEXT buffer - information related to the derived key. Conflicts with CKMC_PARAM_KBKDF_FIXED_INPUT (Since 6.0)
CKMC_PARAM_KBKDF_FIXED_INPUT buffer - KBKDF fixed input replacing context and label (Since 6.0). Conflicts with:
CKMC_PARAM_KBKDF_COUNTER_LOCATION integer - specifies location of the counter in KBKDF (see ckmc_kbkdf_counter_location_e) (Since 6.0)
CKMC_PARAM_KBKDF_RLEN integer - specifies the length of the counter representation in bits in KBKDF. The value must be one of {8, 16, 24, 32}. If not set, the default value = 32 will be used. (Since 6.0)
CKMC_PARAM_KBKDF_LLEN integer - specifies the length of the length suffix representation in bits in KBKDF. The value must be one of {0, 8, 16, 24, 32}. If set to 0 the length suffix will be skipped. If not set, the default value = 32 will be used. The length suffix is skipped if CKMC_PARAM_KBKDF_FIXED_INPUT is passed and this parameter conflicts with it. (Since 6.0)
CKMC_PARAM_KBKDF_NO_SEPARATOR integer - presence of this parameter will skip the zero octet separator between label and context in KBKDF. All values are allowed. This parameter conflicts with CKMC_PARAM_KBKDF_FIXED_INPUT. (Since 6.0)
CKMC_PARAM_ECDH_PUBKEY buffer - EC public key in DER form (see ckmc_key_s) (Since 6.0)
enum __ckmc_permission |
enum key_manager_error_e |
Enumeration for Key Manager Errors.
- Since :
- 2.3
- Enumerator:
Function Documentation
int ckmc_alias_info_get_alias | ( | const ckmc_alias_info_s * | info, |
char ** | alias | ||
) |
Gets the alias from ckmc_alias_info_s structure.
- Since :
- 5.5
- Remarks:
- The alias should not be released. The alias can be used until ckmc_alias_info_s is released.
- Parameters:
-
[in] info The pointer to the ckmc_alias_info_s structure [out] alias The pointer to the alias
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
- See also:
- ckmc_alias_info_s
int ckmc_alias_info_get_backend | ( | const ckmc_alias_info_s * | info, |
ckmc_backend_id_e * | backend | ||
) |
Gets the backend identifier from ckmc_alias_info_s structure.
- Since :
- 6.0
- Parameters:
-
[in] info The pointer to the ckmc_alias_info_s structure [out] backend The pointer to the backend identifier
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
int ckmc_alias_info_is_password_protected | ( | const ckmc_alias_info_s * | info, |
bool * | is_password_protected | ||
) |
Gets the password protection status from ckmc_alias_info_s structure.
- Since :
- 5.5
- Parameters:
-
[in] info The pointer to the ckmc_alias_info_s structure [out] is_password_protected The pointer to the password protection flag
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
- See also:
- ckmc_alias_info_s
void ckmc_alias_info_list_all_free | ( | ckmc_alias_info_list_s * | first | ) |
Destroys the ckmc_alias_info_list_s handle and releases resources of ckmc_alias_info_list_s from the provided first handle cascadingly.
- Since :
- 5.5
- Parameters:
-
[in] first The first ckmc_alias_info_list_s handle to destroy
- See also:
- ckmc_alias_info_list_s
int ckmc_alias_list_add | ( | ckmc_alias_list_s * | previous, |
char * | alias, | ||
ckmc_alias_list_s ** | pplast | ||
) |
Creates a new ckmc_alias_list_s handle, adds it to a previous ckmc_alias_list_s and returns it. The alias pointer in the returned ckmc_alias_list_s handle points to the provided characters and next is NULL.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created pplast using ckmc_alias_list_free()
- Parameters:
-
[in] previous The last ckmc_alias_list_s handle to which a newly created ckmc_alias_list_s is added [in] alias The item to be set in the newly created ckmc_alias_list_s [out] pplast The pointer to a newly created and added ckmc_alias_list_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
void ckmc_alias_list_all_free | ( | ckmc_alias_list_s * | first | ) |
Destroys the ckmc_alias_list_s handle and releases all its resources from the provided first handle cascadingly.
- Since :
- 2.4
- Remarks:
- It also destroys the alias in ckmc_alias_list_s.
- Parameters:
-
[in] first The first ckmc_alias_list_s handle to destroy
- See also:
- ckmc_alias_list_s
void ckmc_alias_list_free | ( | ckmc_alias_list_s * | first | ) |
Destroys the ckmc_alias_list_s handle and releases resources of ckmc_alias_list_s from the provided first handle cascadingly.
- Since :
- 2.4
- Remarks:
- It does not destroy an alias itself in ckmc_alias_list_s.
- Parameters:
-
[in] first The first ckmc_alias_list_s handle to destroy
int ckmc_alias_list_new | ( | char * | alias, |
ckmc_alias_list_s ** | ppalias_list | ||
) |
Creates a new ckmc_alias_list_s handle and returns it. The alias pointer in the returned ckmc_alias_list_s handle points to the provided characters and next is NULL.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_alias_list_s by calling ckmc_alias_list_free() or ckmc_alias_list_all_free() if it is no longer needed.
- Parameters:
-
[in] alias The first item to be set in the newly created ckmc_alias_list_s [out] ppalias_list The pointer to a newly created ckmc_alias_list_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
int ckmc_alias_new | ( | const char * | owner_id, |
const char * | alias, | ||
char ** | full_alias | ||
) |
Creates a new full alias which is a concatenation of owner_id and alias.
- Since :
- 3.0
- Remarks:
- full_alias should be freed with free() after use.
- Returns CKMC_ERROR_INVALID_PARAMETER if any of parameter is NULL.
- Returns CKMC_ERROR_INVALID_PARAMETER if owner_id is empty.
- Parameters:
-
[in] owner_id Data owner's id. This should be package id if data owner is application. If you want to access data stored by system services, it should be ckmc_owner_id_system [in] alias Data alias [out] full_alias The newly created alias which is a concatenation of owner_id, ckmc_owner_id_separator and alias. Destroy by free() after use
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
int ckmc_backend_get_max_chunk_size | ( | const ckmc_backend_info_h | info, |
size_t * | size | ||
) |
Retrieves maximum data chunk size in bytes that can be passed to given backend. This is the maximum size of data passed as encryption/decryption input, AAD or IV.
- Since :
- 6.0
- Parameters:
-
[in] info Backend info handle [out] size Maximum chunk size. Equal to 0 if there's no backend specific limitation beside available memory
- Returns:
0
on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid (info is invalid, size = NULL)
void ckmc_backend_info_free | ( | ckmc_backend_info_h | info | ) |
Destroys the backend information handle and releases all its resources.
- Since :
- 6.0
- Parameters:
-
[in] info Backend information handle created with ckmc_get_backend_info()
void ckmc_buffer_free | ( | ckmc_raw_buffer_s * | buffer | ) |
Destroys the ckmc_raw_buffer_s handle and releases all its resources.
- Since :
- 2.3
- Parameters:
-
[in] buffer The ckmc_raw_buffer_s structure to destroy
int ckmc_buffer_new | ( | unsigned char * | data, |
size_t | size, | ||
ckmc_raw_buffer_s ** | ppbuffer | ||
) |
Creates a new ckmc_raw_buffer_s handle and returns it.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_raw_buffer_s by calling ckmc_buffer_free() if it is no longer needed.
- Parameters:
-
[in] data The byte array of buffer [in] size The byte size of buffer [out] ppbuffer The pointer to a newly created ckmc_raw_buffer_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
- See also:
- ckmc_buffer_free()
- ckmc_raw_buffer_s
void ckmc_cert_free | ( | ckmc_cert_s * | cert | ) |
Destroys the ckmc_cert_s handle and releases all its resources.
- Since :
- 2.3
- Parameters:
-
[in] cert The ckmc_cert_s handle to destroy
- See also:
- ckmc_load_cert_from_file()
int ckmc_cert_list_add | ( | ckmc_cert_list_s * | previous, |
ckmc_cert_s * | cert, | ||
ckmc_cert_list_s ** | pplast | ||
) |
Creates a new ckmc_cert_list_s handle, adds it to a previous ckmc_cert_list_s and returns it. The cert pointer in the returned ckmc_alias_list_s handle points to the provided ckmc_cert_s and next is NULL.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created pplast using ckmc_cert_list_free()
- Parameters:
-
[in] previous The last ckmc_cert_list_s handle to which a newly created ckmc_cert_list_s is added [in] cert The item to be set in the newly created ckmc_cert_list_s [out] pplast The pointer to a newly created and added ckmc_alias_list_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
void ckmc_cert_list_all_free | ( | ckmc_cert_list_s * | first | ) |
Destroys the ckmc_cert_list_s handle and releases all its resources from the provided first handle cascadingly.
- Since :
- 2.3
- Remarks:
- It also destroys ckmc_cert_s in ckmc_cert_list_s.
- Parameters:
-
[in] first The first ckmc_cert_list_s handle to destroy
- See also:
- ckmc_cert_list_s
void ckmc_cert_list_free | ( | ckmc_cert_list_s * | first | ) |
Destroys the ckmc_cert_list_s handle and releases resources of ckmc_cert_list_s from the provided first handle cascadingly.
- Since :
- 2.4
- Remarks:
- It does not destroy ckmc_cert_s itself in ckmc_cert_list_s.
- Parameters:
-
[in] first The first ckmc_cert_list_s handle to destroy
int ckmc_cert_list_new | ( | ckmc_cert_s * | cert, |
ckmc_cert_list_s ** | ppalias_list | ||
) |
Creates a new ckmc_cert_list_s handle and returns it. The cert pointer in the returned ckmc_cert_list_s handle points to the provided ckmc_cert_s and next is NULL.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_cert_list_s by calling ckmc_cert_list_free() or ckmc_cert_list_all_free() if it is no longer needed.
- Parameters:
-
[in] cert The first item to be set in the newly created ckmc_cert_list_s [out] ppalias_list The pointer to a newly created ckmc_alias_list_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
int ckmc_cert_new | ( | unsigned char * | raw_cert, |
size_t | cert_size, | ||
ckmc_data_format_e | data_format, | ||
ckmc_cert_s ** | ppcert | ||
) |
Creates a new ckmc_cert_s handle and returns it.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_cert_s by calling ckmc_cert_free() if it is no longer needed.
- Parameters:
-
[in] raw_cert The byte array of certificate [in] cert_size The byte size of raw_cert [in] data_format The encoding format of raw_cert [out] ppcert The pointer to a newly created ckmc_cert_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
int ckmc_generate_new_params | ( | ckmc_algo_type_e | type, |
ckmc_param_list_h * | pparams | ||
) |
Generates algorithm parameters for a given algorithm type and set them to the list.
- Since :
- 3.0
- Remarks:
- Caller is responsible for ckmc_param_list_h destruction.
- Algorithm parameters are set to default values. Optional fields are left empty. Initialization vectors are left empty (they have to be set manually). Caller is responsible for freeing the list with ckmc_param_list_free().
- If the function returns error, provided param list may contain some of default parameters.
- Parameters:
-
[in] type Type of the algorithm [out] pparams Newly generated handle of param list which should be freed by caller after use
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
void ckmc_key_free | ( | ckmc_key_s * | key | ) |
Destroys the ckmc_key_s handle and releases all its resources.
- Since :
- 2.3
- Parameters:
-
[in] key The ckmc_key_s handle to destroy
int ckmc_key_new | ( | unsigned char * | raw_key, |
size_t | key_size, | ||
ckmc_key_type_e | key_type, | ||
char * | password, | ||
ckmc_key_s ** | ppkey | ||
) |
Creates a new ckmc_key_s handle and returns it.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_key_s by calling ckmc_key_free() if it is no longer needed.
- Parameters:
-
[in] raw_key The byte array of key. The raw_key may be encrypted with password. [in] key_size The byte size of raw_key [in] key_type The type of raw_key [in] password The byte array used to decrypt raw_key inside key manager. If raw_key is not encrypted, password can be NULL [out] ppkey The pointer to a newly created ckmc_key_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory
- See also:
- ckmc_key_free()
- ckmc_key_s
int ckmc_load_cert_from_file | ( | const char * | file_path, |
ckmc_cert_s ** | cert | ||
) |
Creates a new ckmc_cert_s handle from a given file and returns it.
- Since :
- 2.3
- Remarks:
- You must destroy the newly created ckmc_cert_s by calling ckmc_cert_free() if it is no longer needed.
- Parameters:
-
[in] file_path The path of certificate file to be loaded. Only DER or PEM encoded certificate file is supported [out] cert The pointer of newly created ckmc_cert_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_OUT_OF_MEMORY Not enough memory space CKMC_ERROR_INVALID_FORMAT Invalid certificate file format CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
- See also:
- ckmc_cert_free()
- ckmc_cert_s
int ckmc_load_from_pkcs12_file | ( | const char * | file_path, |
const char * | passphrase, | ||
ckmc_key_s ** | private_key, | ||
ckmc_cert_s ** | cert, | ||
ckmc_cert_list_s ** | ca_cert_list | ||
) |
Creates a new ckmc_key_s (private_key), ckmc_cert_s (cert), and ckmc_cert_list_s (ca_cert_list) handle from a given PKCS#12 file and returns them.
- Deprecated:
- Deprecated since 2.4. [Use ckmc_pkcs12_load() instead]
- Since :
- 2.3
- Remarks:
- You must destroy the newly created private_key, cert and ca_cert_list by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are no longer needed.
- Parameters:
-
[in] file_path The path of PKCS12 file to be loaded [in] passphrase The passphrase used to decrypt the PCKS12 file. If PKCS12 file is not encrypted, passphrase can be NULL [out] private_key The pointer of newly created ckmc_key_s handle for a private key [out] cert The pointer of newly created ckmc_cert_s handle for a certificate. It is NULL if the PKCS12 file does not contain a certificate [out] ca_cert_list The pointer of newly created ckmc_cert_list_s handle for CA certificates. It is NULL if the PKCS12 file does not contain CA certificates
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_OUT_OF_MEMORY Not enough memory space CKMC_ERROR_INVALID_FORMAT Invalid PKCS12 file format CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
void ckmc_param_list_free | ( | ckmc_param_list_h | params | ) |
Frees previously allocated list of algorithm params.
- Since :
- 3.0
- Parameters:
-
[in] params First element of the list to be freed
int ckmc_param_list_get_buffer | ( | ckmc_param_list_h | params, |
ckmc_param_name_e | name, | ||
ckmc_raw_buffer_s ** | ppbuffer | ||
) |
Gets buffer parameter from the list.
- Since :
- 3.0
- Remarks:
- Caller is responsible for ckmc_param_list_h creation.
- You must destroy the ppbuffer using ckmc_buffer_free()
- Parameters:
-
[in] params Algorithm param list handle created with ckmc_param_list_new() or ckmc_generate_new_params() which contains param with name [in] name Name of parameter to get [out] ppbuffer Value of the parameter in form of a buffer
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
int ckmc_param_list_get_integer | ( | ckmc_param_list_h | params, |
ckmc_param_name_e | name, | ||
uint64_t * | pvalue | ||
) |
Gets integer parameter from the list.
- Since :
- 3.0
- Remarks:
- Caller is responsible for ckmc_param_list_h creation.
- Parameters:
-
[in] params Algorithm param list handle created with ckmc_param_list_new() or ckmc_generate_new_params() which contains param with name [in] name Name of parameter to get [out] pvalue Value of the parameter in form of a integer
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
int ckmc_param_list_new | ( | ckmc_param_list_h * | pparams | ) |
Creates new parameter list.
- Since :
- 3.0
- Remarks:
- Caller is responsible for freeing it with ckmc_param_list_free().
- Parameters:
-
[in] pparams Double pointer to the handle of param list to which the newly created algorithm param list will be assigned
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
int ckmc_param_list_set_buffer | ( | ckmc_param_list_h | params, |
ckmc_param_name_e | name, | ||
const ckmc_raw_buffer_s * | buffer | ||
) |
Sets buffer parameter to the list.
- Since :
- 3.0
- Remarks:
- Caller is responsible for ckmc_param_list_h creation.
- Parameters:
-
[in] params Algorithm param list handle created with ckmc_param_list_new() or ckmc_generate_new_params(). New param with name and buffer will be set here [in] name Name of parameter to set. Existing parameter will be overwritten. Passing invalid parameter name will result in an error [in] buffer Value of the parameter in form of a buffer. Caller is responsible for creating and freeing the buffer
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
int ckmc_param_list_set_integer | ( | ckmc_param_list_h | params, |
ckmc_param_name_e | name, | ||
uint64_t | value | ||
) |
Sets integer parameter to the list.
- Since :
- 3.0
- Remarks:
- Caller is responsible for ckmc_param_list_h creation.
- Parameters:
-
[in] params Algorithm param list handle created with ckmc_param_list_new() or ckmc_generate_new_params(). New param with name and value will be set here [in] name Name of parameter to set. Existing parameter will be overwritten. Passing invalid parameter name will result in an error [in] value Value of the parameter in form of a integer
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid
void ckmc_pkcs12_free | ( | ckmc_pkcs12_s * | pkcs12 | ) |
Destroys the ckmc_pkcs12_s handle and releases all its resources.
- Since :
- 2.4
- Parameters:
-
[in] pkcs12 The ckmc_pkcs12_s handle to destroy
- See also:
- ckmc_pkcs12_new()
- ckmc_pkcs12_load()
int ckmc_pkcs12_load | ( | const char * | file_path, |
const char * | passphrase, | ||
ckmc_pkcs12_s ** | pkcs12_bundle | ||
) |
Creates a new ckmc_pkcs12_s handle from a given PKCS#12 file and returns it.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_pkcs12_s by calling ckmc_pkcs12_free() if they are no longer needed.
- Parameters:
-
[in] file_path The path of PKCS12 file to be loaded [in] passphrase The passphrase used to decrypt the PCKS12 file. If PKCS12 file is not encrypted, passphrase can be NULL [out] pkcs12_bundle The pointer of newly created ckmc_cert_list_s handle for CA certificates. It is NULL if the PKCS12 file does not contain CA certificates
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid CKMC_ERROR_OUT_OF_MEMORY Not enough memory space CKMC_ERROR_INVALID_FORMAT Invalid PKCS12 file format CKMC_ERROR_FILE_ACCESS_DENIED Provided file does not exist or cannot be accessed
- See also:
- ckmc_pkcs12_free()
- ckmc_pkcs12_s
int ckmc_pkcs12_new | ( | ckmc_key_s * | private_key, |
ckmc_cert_s * | cert, | ||
ckmc_cert_list_s * | ca_cert_list, | ||
ckmc_pkcs12_s ** | pkcs12_bundle | ||
) |
Creates a new ckmc_pkcs12_s handle and returns it.
- Since :
- 2.4
- Remarks:
- You must destroy the newly created ckmc_pkcs12_s by calling ckmc_pkcs12_free() if it is no longer needed.
- On success, private_key, cert && ca_cert_list ownership is transferred into newly returned pkcs12_bundle.
- Parameters:
-
[in] private_key ckmc_key_s handle to the private key (optional) [in] cert ckmc_cert_s handle to the certificate (optional) [in] ca_cert_list ckmc_cert_list_s list of chain certificate handles (optional) [out] pkcs12_bundle The pointer to a newly created ckmc_pkcs12_s handle
- Returns:
- CKMC_ERROR_NONE on success, otherwise a negative error value
- Return values:
-
CKMC_ERROR_NONE Successful CKMC_ERROR_INVALID_PARAMETER Input parameter is invalid or private_key, cert and ca_cert_list all are NULL CKMC_ERROR_OUT_OF_MEMORY Not enough memory
Variable Documentation
char const* const ckmc_label_name_separator |
Separator between alias and label.
- Deprecated:
- Deprecated since 3.0. [Use ckmc_owner_id_separator instead]
- Since :
- 2.3
- Remarks:
- Alias can be provided as an alias alone, or together with label - in this case, separator " " (space bar) is used to separate label and alias.
- See also:
- ckmc_owner_id_separator
char const* const ckmc_owner_id_separator |
Separator between alias and owner id.
- Since :
- 3.0
- Remarks:
- Alias can be provided as an alias alone, or together with owner id. In this case, separator " " (space bar) is used to separate id and alias.
- See also:
- ckmc_alias_new()
char const* const ckmc_owner_id_system |
The owner of system database.
- Since :
- 3.0
- Remarks:
- ckmc_owner_id_system contains id connected with all system applications that run with uid less than 5000. Client should use ckmc_owner_id_system to access data owned by system application and stored in system database. Client must have permission to access proper row.
- See also:
- ckmc_alias_new()