It defines data types used in these APIs and provides utility methods handling them.

Required Header

#include <ckmc/ckmc-type.h>

Overview

It defines data types for key, certificate,raw buffer, and linked list used in these APIs. It also provides new and free methods for them.

Functions
void	ckmc_key_free (ckmc_key_s *key)
	Destroys the ckmc_key_s handle and releases all its resources.
void	ckmc_buffer_free (ckmc_raw_buffer_s *buffer)
	Destroys the ckmc_raw_buffer_s handle and releases all its resources.
void	ckmc_cert_free (ckmc_cert_s *cert)
	Destroys the ckmc_cert handle and releases all its resources.
int	ckmc_load_cert_from_file (const char file_path, ckmc_cert_s *cert)
	Creates a new ckmc_cert_s handle from a given file and returns it.
int	ckmc_load_from_pkcs12_file (const char file_path, const char passphrase, ckmc_key_s private_key, ckmc_cert_s cert, ckmc_cert_list_s **ca_cert_list)
	Creates a new ckmc_key_s(private key), ckmc_cert_s(certificate), and ckmc_cert_list_s(CA certificates) handle from a given PKCS#12 file and returns them.
void	ckmc_alias_list_all_free (ckmc_alias_list_s *first)
	Destroys the ckmc_alias_list_s handle and releases all its resources from the provided first handle cascadingly.
void	ckmc_cert_list_all_free (ckmc_cert_list_s *first)
	Destroys the ckmc_cert_list_s handle and releases all its resources from the provided first handle cascadingly.
Typedefs
typedef enum __ckmc_key_type	ckmc_key_type_e
	Enumeration for key types of key manager.
typedef enum __ckmc_data_format	ckmc_data_format_e
	Enumeration for data format.
typedef enum __ckmc_ec_type	ckmc_ec_type_e
	Enumeration for elliptic curve.
typedef enum __ckmc_hash_algo	ckmc_hash_algo_e
	Enumeration for hash algorithm.
typedef enum __ckmc_rsa_padding_algo	ckmc_rsa_padding_algo_e
	Enumeration for RSA padding algorithm.
typedef enum __ckmc_access_right	ckmc_access_right_e
	Enumeration for database access rights.
typedef struct __ckmc_raw_buff	ckmc_raw_buffer_s
	the structure for binary buffer used in key manager CAPI.
typedef struct __ckmc_policy	ckmc_policy_s
	The structure for a policy for storing key/certificate/binary data.
typedef struct __ckmc_key	ckmc_key_s
	The structure for key used in key manager CAPI.
typedef struct __ckmc_cert	ckmc_cert_s
	The structure for certificate used in key manager CAPI.
typedef struct __ckmc_alias_list	ckmc_alias_list_s
	The structure for linked list of alias.
typedef struct __ckmc_cert_list	ckmc_cert_list_s
	The structure for linked list of ckmc_cert_s.

Typedef Documentation

typedef enum __ckmc_access_right ckmc_access_right_e

Enumeration for database access rights.

Since :: 2.3.1

typedef struct __ckmc_alias_list ckmc_alias_list_s

The structure for linked list of alias.

Since :: 2.3.1

typedef struct __ckmc_cert_list ckmc_cert_list_s

The structure for linked list of ckmc_cert_s.

Since :: 2.3.1

typedef struct __ckmc_cert ckmc_cert_s

The structure for certificate used in key manager CAPI.

Since :: 2.3.1

typedef enum __ckmc_data_format ckmc_data_format_e

Enumeration for data format.

Since :: 2.3.1

typedef enum __ckmc_ec_type ckmc_ec_type_e

Enumeration for elliptic curve.

Since :: 2.3.1

typedef enum __ckmc_hash_algo ckmc_hash_algo_e

Enumeration for hash algorithm.

Since :: 2.3.1

typedef struct __ckmc_key ckmc_key_s

The structure for key used in key manager CAPI.

Since :: 2.3.1

typedef enum __ckmc_key_type ckmc_key_type_e

Enumeration for key types of key manager.

Since :: 2.3.1

typedef struct __ckmc_policy ckmc_policy_s

The structure for a policy for storing key/certificate/binary data.

Since :: 2.3.1

typedef struct __ckmc_raw_buff ckmc_raw_buffer_s

the structure for binary buffer used in key manager CAPI.

Since :: 2.3.1

typedef enum __ckmc_rsa_padding_algo ckmc_rsa_padding_algo_e

Enumeration for RSA padding algorithm.

Since :: 2.3.1

Enumeration Type Documentation

enum __ckmc_access_right

Enumeration for database access rights.

Since :: 2.3.1

Enumerator:

CKMC_AR_READ	access right for read
CKMC_AR_READ_REMOVE	access right for read and remove

enum __ckmc_data_format

Enumeration for data format.

Since :: 2.3.1

Enumerator:

CKMC_FORM_DER_BASE64	DER format base64 encoded data
CKMC_FORM_DER	DER encoded data
CKMC_FORM_PEM	PEM encoded data. It consists of the DER format base64 encoded with additional header and footer lines.

enum __ckmc_ec_type

Enumeration for elliptic curve.

Since :: 2.3.1

Enumerator:

CKMC_EC_PRIME192V1	Elliptic curve domain "secp192r1" listed in "SEC 2" recommended elliptic curve domain
CKMC_EC_PRIME256V1	"SEC 2" recommended elliptic curve domain - secp256r1
CKMC_EC_SECP384R1	NIST curve P-384 (covers "secp384r1", the elliptic curve domain listed in See SEC 2

enum __ckmc_hash_algo

Enumeration for hash algorithm.

Since :: 2.3.1

Enumerator:

CKMC_HASH_NONE	No Hash Algorithm
CKMC_HASH_SHA1	Hash Algorithm SHA1
CKMC_HASH_SHA256	Hash Algorithm SHA256
CKMC_HASH_SHA384	Hash Algorithm SHA384
CKMC_HASH_SHA512	Hash Algorithm SHA512

enum __ckmc_key_type

Enumeration for key types of key manager.

Since :: 2.3.1

Enumerator:

CKMC_KEY_NONE	key type not specified
CKMC_KEY_RSA_PUBLIC	RSA public key
CKMC_KEY_RSA_PRIVATE	RSA private key
CKMC_KEY_ECDSA_PUBLIC	ECDSA public key
CKMC_KEY_ECDSA_PRIVATE	ECDSA private key
CKMC_KEY_DSA_PUBLIC	DSA public key
CKMC_KEY_DSA_PRIVATE	DSA private key
CKMC_KEY_AES	AES key

enum __ckmc_rsa_padding_algo

Enumeration for RSA padding algorithm.

Since :: 2.3.1

Enumerator:

CKMC_NONE_PADDING	No Padding
CKMC_PKCS1_PADDING	PKCS#1 Padding
CKMC_X931_PADDING	X9.31 padding

enum key_manager_error_e

Enumeration for Key Manager Errors.

Since :: 2.3.1

Enumerator:

CKMC_ERROR_NONE	Successful
CKMC_ERROR_INVALID_PARAMETER	Invalid function parameter
CKMC_ERROR_OUT_OF_MEMORY	Out of memory
CKMC_ERROR_PERMISSION_DENIED	Permission denied
CKMC_ERROR_SOCKET	Socket error between client and Central Key Manager
CKMC_ERROR_BAD_REQUEST	Invalid request from client
CKMC_ERROR_BAD_RESPONSE	Invalid response from Central Key Manager
CKMC_ERROR_SEND_FAILED	Transmitting request failed
CKMC_ERROR_RECV_FAILED	Receiving response failed
CKMC_ERROR_AUTHENTICATION_FAILED	Authentication between client and manager failed
CKMC_ERROR_BUFFER_TOO_SMALL	The output buffer size which is passed as parameter is too small
CKMC_ERROR_SERVER_ERROR	Central Key Manager has been failed for some reason
CKMC_ERROR_DB_LOCKED	The database was not unlocked - user did not login
CKMC_ERROR_DB_ERROR	An internal error inside the database
CKMC_ERROR_DB_ALIAS_EXISTS	Provided alias already exists in the database
CKMC_ERROR_DB_ALIAS_UNKNOWN	No data for given alias
CKMC_ERROR_VERIFICATION_FAILED	CA certificate(s) were unknown and chain could not be created
CKMC_ERROR_INVALID_FORMAT	A provided file or binary has not a valid format
CKMC_ERROR_FILE_ACCESS_DENIED	A provided file doesn't exist or cannot be accessed in the file system
CKMC_ERROR_NOT_EXPORTABLE	Key is not exportable. It could not be returned to client
CKMC_ERROR_FILE_SYSTEM	Save key/certificate/pkcs12 failed because of file system error
CKMC_ERROR_UNKNOWN	The error with unknown reason

Function Documentation

void ckmc_alias_list_all_free ( ckmc_alias_list_s * first )

Destroys the ckmc_alias_list_s handle and releases all its resources from the provided first handle cascadingly.

Since :: 2.3.1

Remarks:: It also destroys the alias in ckmc_alias_list_s.

Parameters:

[in] first The first ckmc_alias_list_s handle to destroy

See also:: ckmc_alias_list_s

void ckmc_buffer_free ( ckmc_raw_buffer_s * buffer )

Destroys the ckmc_raw_buffer_s handle and releases all its resources.

Since :: 2.3.1

Parameters:

[in] buffer The ckmc_raw_buffer_s handle to destroy

void ckmc_cert_free ( ckmc_cert_s * cert )

Destroys the ckmc_cert handle and releases all its resources.

Since :: 2.3.1

Parameters:

[in] cert The ckmc_cert_s handle to destroy

See also:: ckmc_load_cert_from_file(); ckmc_load_from_pkcs12_file()

void ckmc_cert_list_all_free ( ckmc_cert_list_s * first )

Destroys the ckmc_cert_list_s handle and releases all its resources from the provided first handle cascadingly.

Since :: 2.3.1

Remarks:: It also destroys ckmc_cert_s in ckmc_cert_list_s.

Parameters:

[in] first The first ckmc_cert_list_s handle to destroy

See also:: ckmc_cert_list_s

void ckmc_key_free ( ckmc_key_s * key )

Destroys the ckmc_key_s handle and releases all its resources.

Since :: 2.3.1

Parameters:

[in] key The ckmc_key_s handle to destroy

int ckmc_load_cert_from_file	(	const char *	file_path,
		ckmc_cert_s **	cert
	)

Creates a new ckmc_cert_s handle from a given file and returns it.

Since :: 2.3.1

Remarks:: You must destroy the newly created ckmc_cert_s by calling ckmc_cert_free() if it is no longer needed.

Parameters:

[in]	file_path	The path of certificate file to be loaded The only DER or PEM encoded certificate file is supported.
[out]	cert	The pointer of newly created ckmc_cert_s handle

Returns:: CKMC_ERROR_NONE on success, otherwise a negative error value

Return values:

CKMC_ERROR_NONE	Successful
CKMC_ERROR_OUT_OF_MEMORY	Not enough memory space
CKMC_ERROR_INVALID_FORMAT	Invalid certificate file format
CKMC_ERROR_FILE_ACCESS_DENIED	Provided file does not exist or cannot be accessed

See also:: ckmc_cert_free(); ckmc_load_from_pkcs12_file(); ckmc_cert_s

int ckmc_load_from_pkcs12_file	(	const char *	file_path,
		const char *	passphrase,
		ckmc_key_s **	private_key,
		ckmc_cert_s **	cert,
		ckmc_cert_list_s **	ca_cert_list
	)

Creates a new ckmc_key_s(private key), ckmc_cert_s(certificate), and ckmc_cert_list_s(CA certificates) handle from a given PKCS#12 file and returns them.

Since :: 2.3.1

Remarks:: You must destroy the newly created ckmc_key_s, ckmc_cert_s, and ckmc_cert_list_s by calling ckmc_key_free(), ckmc_cert_free(), and ckmc_cert_list_all_free() if they are no longer needed.

Parameters:

[in]	file_path	The path of PKCS12 file to be loaded
[in]	passphrase	The passphrase used to decrypt the PCKS12 file If PKCS12 file is not encrypted, passphrase can be null.
[out]	private_key	The pointer of newly created ckmc_key_s handle for a private key
[out]	cert	The pointer of newly created ckmc_cert_s handle for a certificate It is null if the PKCS12 file does not contain a certificate.
[out]	ca_cert_list	The pointer of newly created ckmc_cert_list_s handle for CA certificates It is null if the PKCS12 file does not contain CA certificates.

Returns:: CKMC_ERROR_NONE on success, otherwise a negative error value

Return values:

CKMC_ERROR_NONE	Successful
CKMC_ERROR_OUT_OF_MEMORY	Not enough memory space
CKMC_ERROR_INVALID_FORMAT	Invalid PKCS12 file format
CKMC_ERROR_FILE_ACCESS_DENIED	Provided file does not exist or cannot be accessed

See also:: ckmc_key_free(); ckmc_cert_free(); ckmc_cert_list_all_free(); ckmc_key_s; ckmc_cert_s; ckmc_cert_list_s

Variable Documentation

char const* const ckmc_label_name_separator

alias can be provided as an alias alone, or together with label - in this case, separator " " (space bar) is used to separate label and alias.

See also:: key-manager_doc.h

Required Header

Overview

Functions

Typedefs

Typedef Documentation

Enumeration Type Documentation

Function Documentation

Variable Documentation