Developer's Guide
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
p6keystore.h
Go to the documentation of this file.
1 
10 #ifndef P6KEYSTORE_H__
11 #define P6KEYSTORE_H__ 1
12 
13 #include "p6crypto.h"
14 #include "p6sign.h"
15 #include "p6cert.h"
16 #include "p6cryptokey.h"
17 #include "p6symmetric.h"
18 #include "p6enumwstr.h"
19 
20 
21 
22 namespace P6R {
23 
24 #ifdef __cplusplus
25 extern "C" {
26 #endif
27 
41 const P6KEYSTOREFLAGS P6KEYSTORE_NOFLAGS = 0x00000000;
42 const P6KEYSTOREFLAGS P6KEYSTORE_RECOVERBADSIG = 0x00000001;
43 const P6KEYSTOREFLAGS P6KEYSTORE_NOLOADMETA = 0x00000002;
44 
56 typedef enum {
57  ENTRY_NULL = 0x00,
58  ENTRY_KEY = 0x01,
59  ENTRY_CERT = 0x02,
60  ENTRY_BLOB = 0x03
62 
63 
65 const P6UINT32 P6KSMAXNAME = 500;
79 typedef struct
80 {
82  P6WCHAR szNamespace[ P6KSMAXNAMESPACE ];
83  P6WCHAR szName[ P6KSMAXNAME ];
86 
87 
95 {
110  P6COMMETHOD next( P6UINT32 cElements, P6KEYSTORE_ENTRY* parElements, P6UINT32* pcReturned ) = 0;
111 
120  P6COMMETHOD reset() = 0;
121 };
122 // {2FEA7C69-C0CF-4a80-842F-01974B79EBDA}
123 #define IF_p6IEnumKeystore {0x2fea7c69,0xc0cf,0x4a80,{0x84,0x2f,0x1,0x97,0x4b,0x79,0xeb,0xda}}
124 
125 
133 {
153  P6COMMETHOD enumKeyBySize( P6UINT32 size, P6INT8 comparator, p6IEnumKeystore** ppEnum ) = 0;
154 
171 
188 
205 
221  P6COMMETHOD enumKeyByExpired( P6TIME expired, p6IEnumKeystore** ppEnum ) = 0;
222 
238  P6COMMETHOD enumKeyByRenewal( P6TIME expired, p6IEnumKeystore** ppEnum ) = 0;
239 
260  P6COMMETHOD enumKeyBySizeByCipher( P6UINT32 size, P6INT8 comparator, P6CRYPTOCIPHER cipher, p6IEnumKeystore** ppEnum ) = 0;
261 
282  P6COMMETHOD enumKeyBySizeByClass( P6UINT32 size, P6INT8 comparator, P6CRYPTOKEYCLASS keyClass, p6IEnumKeystore** ppEnum ) = 0;
283 
304  P6COMMETHOD enumKeyLikeCipher( const P6WCHAR* pCipher, p6IEnumKeystore** ppEnum ) = 0;
305 
323  P6COMMETHOD enumKeyLikeDescriptiveLabel( const P6WCHAR* pDescription, p6IEnumKeystore** ppEnum ) = 0;
324 
342  P6COMMETHOD enumKeyLikeUse( const P6WCHAR* pUse, p6IEnumKeystore** ppEnum ) = 0;
343 
358  P6COMMETHOD enumCertBySubject( const P6WCHAR* pSubject, p6IEnumKeystore** ppEnum ) = 0;
359 };
360 // {B3541C2E-703E-416d-B0CD-3035A7B76098}
361 #define IF_p6IKeystoreQuery {0xb3541c2e,0x703e,0x416d,{0xb0,0xcd,0x30,0x35,0xa7,0xb7,0x60,0x98}}
362 
374 {
375 
396  P6COMMETHOD initialize( P6KEYSTOREFLAGS flags,
397  p6ISymmetricCrypto* pEncryptKey,
398  P6SIGNHMAC signAlg,
399  p6ICryptoKey* pSignKey ) = 0;
400 
428  P6COMMETHOD openSigned( const P6WCHAR* pPath, const P6WCHAR* pKeystoreName ) = 0;
429 
450  P6COMMETHOD open( const P6WCHAR* pURI ) = 0;
451 
461  P6COMMETHOD close() = 0;
462 
473  P6COMMETHOD resetStore() = 0;
474 };
475 
476 /*{CE121684-4E87-63FD-BFA6-AF86BE5C6DA5}*/
477 #define IF_p6IKeystoreInit {0xCE121684,0x4E87,0x63FD,{0xBF,0xA6,0xAF,0x86,0xBE,0x5C,0x6D,0xA5}}
478 
487 interface p6IKeystore : public p6ICom
488 {
506  P6COMMETHOD getKey( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICryptoKey** pKey ) = 0;
507 
522  P6COMMETHOD getKeyByUUID( P6UUID* pUUID, p6ICryptoKey** pKey ) = 0;
523 
541  P6COMMETHOD getCertificate( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICert** pCert ) = 0;
542 
557  P6COMMETHOD getCertificateByUUID( P6UUID* pUUID, p6ICert** pCert ) = 0;
558 
575  P6COMMETHOD getCertificateByFingerprint( P6WCHAR* pFingerprint, P6DIGESTS digest, p6ICert** pCert ) = 0;
576 
598  P6COMMETHOD getCertificateChain( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICert** pCertChain, P6UINT32 numChain, P6UINT32* pNumWritten ) = 0;
599 
618  P6COMMETHOD getCertificateChainByUUID( P6UUID* pUUID, p6ICert** pCertChain, P6UINT32 numChain, P6UINT32* pNumWritten ) = 0;
619 
638  P6COMMETHOD getBlob( const P6WCHAR* pNamespace, const P6WCHAR* pName, P6BSTR* pBlob ) = 0;
639 
654  P6COMMETHOD getBlobByUUID( P6UUID* pUUID, P6BSTR* pBlob ) = 0;
655 
670  P6COMMETHOD getType( P6UUID* pUUID, P6KEYSTORE_ENTRY* pType ) = 0;
671 
692  P6COMMETHOD setKey( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICryptoKey* pKey, p6ICert** pCertChain, P6UINT32 numChain, P6UUID* pUUID ) = 0;
693 
712  P6COMMETHOD setCertificate( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICert* pCert, P6UUID* pUUID ) = 0;
713 
732  P6COMMETHOD setBlob( const P6WCHAR* pNamespace, const P6WCHAR* pName, P6BSTR blob, P6UUID* pUUID ) = 0;
733 
750  P6COMMETHOD deleteKey( const P6WCHAR* pNamespace, const P6WCHAR* pName ) = 0;
751 
768  P6COMMETHOD deleteCertificate( const P6WCHAR* pNamespace, const P6WCHAR* pName ) = 0;
769 
786  P6COMMETHOD deleteBlob( const P6WCHAR* pNamespace, const P6WCHAR* pName ) = 0;
787 
800  P6COMMETHOD deleteItem( P6UUID* pUUID ) = 0;
801 
822  P6COMMETHOD replaceKey( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICryptoKey* pKey, p6ICert** pCertChain, P6UINT32 numChain ) = 0;
823 
841  P6COMMETHOD replaceKeyByUUID( P6UUID* pUUID, p6ICryptoKey* pKey, p6ICert** pCertChain, P6UINT32 numChain ) = 0;
842 
860  P6COMMETHOD replaceCertificate( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICert* pCert ) = 0;
861 
876  P6COMMETHOD replaceCertificateByUUID( P6UUID* pUUID, p6ICert* pCert ) = 0;
877 
895  P6COMMETHOD replaceBlob( const P6WCHAR* pNamespace, const P6WCHAR* pName, P6BSTR blob ) = 0;
896 
911  P6COMMETHOD replaceBlobByUUID( P6UUID* pUUID, P6BSTR blob ) = 0;
912 
933  P6COMMETHOD updateKeyMetaData( const P6WCHAR* pNamespace, const P6WCHAR* pName, p6ICryptoKey* pKey ) = 0;
934 
953 
970  P6COMMETHOD enumEntries( P6KEYSTORE_TYPE byType, const P6WCHAR* pNamespace, p6IEnumKeystore** ppEnum ) = 0;
971 
986  P6COMMETHOD enumNamespaces( p6IEnumWStr** ppEnum ) = 0;
987 };
988 
989 // {6ECB5D85-2751-49ad-99DA-2AA173FC2737}
990 #define IF_p6IKeystore {0x6ecb5d85,0x2751,0x49ad,{0x99,0xda,0x2a,0xa1,0x73,0xfc,0x27,0x37}}
991 
992 // {C65CDFF1-4E4A-4bba-9E38-1273C8895E0F}
993 #define COMP_p6Keystore {0xc65cdff1,0x4e4a,0x4bba,{0x9e,0x38,0x12,0x73,0xc8,0x89,0x5e,0xf}}
994 
999 #define P6_KEYSTORE_SERVICE_INTERFACE "p6r.com.p6IKeystore.Global"
1000 
1001 #ifdef __cplusplus
1002 }
1003 #endif
1004 
1005 } // namespace
1006 
1007 
1008 #endif
1009 
1010 
1011 
1012 
1013 
1014 
P6SIGNHMAC
Supported HMAC algorthms for signing:
Definition: p6sign.h:46
virtual P6R::P6ERR updateKeyMetaData(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey *pKey)=0
Allows the modification of the meta data associated with an existing key.
virtual P6R::P6ERR getCertificateByFingerprint(P6WCHAR *pFingerprint, P6DIGESTS digest, p6ICert **pCert)=0
Finds and returns an existing certificate with the matching fingerprint.
This interface allows the caller to find an existing key, certificate, or blob (e.g., password) by a namespace and name pair.
Definition: p6keystore.h:487
virtual P6R::P6ERR replaceCertificateByUUID(P6UUID *pUUID, p6ICert *pCert)=0
Deletes an existing certificate matching the global unique identifer, and then creates a new certific...
virtual P6R::P6ERR replaceCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert *pCert)=0
Deletes an existing certificate matching the 'pNamespace pName' identifer, and then creates a new cer...
virtual P6R::P6ERR deleteBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName)=0
Deletes the blob defined by the 'pNamespace pName' from the keystore.
virtual P6R::P6ERR getKeyByUUID(P6UUID *pUUID, p6ICryptoKey **pKey)=0
Finds and returns an existing key with the matching global unique identifer.
Cryptography component definitions.
This interface provides key metadata infrormation and key access.
Definition: p6cryptokey.h:787
unsigned int P6UINT32
Definition: p6types.h:40
This is an often used construct where an application needs to provide an unknown number of wide strin...
virtual P6R::P6ERR replaceBlobByUUID(P6UUID *pUUID, P6BSTR blob)=0
Deletes an existing blob matching the global unique identifer, and then creates a new blob (with the ...
virtual P6R::P6ERR enumKeyLikeCipher(const P6WCHAR *pCipher, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
P6UINT32 P6KEYSTOREFLAGS
P6KEYSTOREFLAGS.
Definition: p6keystore.h:40
const P6KEYSTOREFLAGS P6KEYSTORE_NOFLAGS
Definition: p6keystore.h:41
virtual P6R::P6ERR getCertificateChainByUUID(P6UUID *pUUID, p6ICert **pCertChain, P6UINT32 numChain, P6UINT32 *pNumWritten)=0
Finds and returns a certificate chain associated with an existing key.
This interface allows the user to enumerate keys or certificates based on different sets of meta data...
Definition: p6keystore.h:132
P6CRYPTOKEYCLASS
Used to categorize keys:
Definition: p6cryptokey.h:49
virtual P6R::P6ERR openSigned(const P6WCHAR *pPath, const P6WCHAR *pKeystoreName)=0
Allows the caller access to the contents of a keystore.
virtual P6R::P6ERR setKey(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey *pKey, p6ICert **pCertChain, P6UINT32 numChain, P6UUID *pUUID)=0
Creates a new key in the keystore with the matching 'pNamespace pName' identifier.
char P6INT8
Definition: p6types.h:31
P6KEYSTORE_TYPE
Value indicates the type of data returned in a P6R::p6IEnumKeystore enumerator.
Definition: p6keystore.h:56
virtual P6R::P6ERR getType(P6UUID *pUUID, P6KEYSTORE_ENTRY *pType)=0
Given the UUID return the objects type, Namespace, and Name parameters.
virtual P6R::P6ERR deleteItem(P6UUID *pUUID)=0
Deletes an entry in the keystore by its global unique identifer.
virtual P6R::P6ERR replaceKey(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey *pKey, p6ICert **pCertChain, P6UINT32 numChain)=0
Deletes an existing key matching the 'pNamespace pName' identifer, and then creates a new key (with t...
virtual P6R::P6ERR resetStore()=0
Deletes all entries in the openned keystore (i.e., setting the keystore to its initial empty state)...
virtual P6R::P6ERR enumEntries(P6KEYSTORE_TYPE byType, const P6WCHAR *pNamespace, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the entries in a keystore...
virtual P6R::P6ERR next(P6UINT32 cElements, P6KEYSTORE_ENTRY *parElements, P6UINT32 *pcReturned)=0
This method is used to iterate by identifer and type the defined entires in a keystore.
const P6UINT32 P6KSMAXNAME
Definition: p6keystore.h:65
virtual P6R::P6ERR replaceBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName, P6BSTR blob)=0
Deletes an existing blob matching the 'pNamespace pName' identifer, and then creates a new blob (with...
P6CRYPTOCIPHER
Cipher Type.
Definition: p6crypto.h:99
virtual P6R::P6ERR setBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName, P6BSTR blob, P6UUID *pUUID)=0
Creates a new blob in the keystore with the matching 'pNamespace pName' identifier.
virtual P6R::P6ERR enumKeyBySizeByCipher(P6UINT32 size, P6INT8 comparator, P6CRYPTOCIPHER cipher, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
const P6KEYSTOREFLAGS P6KEYSTORE_RECOVERBADSIG
Definition: p6keystore.h:42
const P6KEYSTOREFLAGS P6KEYSTORE_NOLOADMETA
Definition: p6keystore.h:43
wchar_t P6WCHAR
Wide character type see p6i18n.h.
Definition: p6types.h:76
Interface definitions for symmetric key encryption.
virtual P6R::P6ERR getCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert **pCert)=0
Finds and returns an existing certificate with the matching 'pNamespace pName' identifier.
The base interface all [p6]COM components must derive from and implement.
Definition: p6comdef.h:96
virtual P6R::P6ERR deleteKey(const P6WCHAR *pNamespace, const P6WCHAR *pName)=0
Deletes the key defined by the 'pNamespace pName' identifer from the keystore.
virtual P6R::P6ERR open(const P6WCHAR *pURI)=0
Allows the caller access to the contents of a keystore.
virtual P6R::P6ERR enumKeyByExpired(P6TIME expired, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR initialize(P6KEYSTOREFLAGS flags, p6ISymmetricCrypto *pEncryptKey, P6SIGNHMAC signAlg, p6ICryptoKey *pSignKey)=0
Sets up the component to run properly.
virtual P6R::P6ERR reset()=0
This method is used to re-start the enumerator at the beginning.
P6KEYSTORE_TYPE type
Definition: p6keystore.h:81
The p6IEnumKeystore returns this type in order to distinguish between the keys, certs, and blobs that can all be stored in the same keystore.
Definition: p6keystore.h:79
virtual P6R::P6ERR replaceKeyByUUID(P6UUID *pUUID, p6ICryptoKey *pKey, p6ICert **pCertChain, P6UINT32 numChain)=0
Deletes an existing key matching the global unique identifer, and then creates a new key (with the sa...
This interface is a general purpose string enumerator.
Definition: p6enumwstr.h:28
Binary string.
Definition: p6types.h:154
virtual P6R::P6ERR updateKeyMetaDataByUUID(P6UUID *pUUID, p6ICryptoKey *pKey)=0
Allows the modification of the meta data associated with an existing key.
P6CRYPTOKEYSTATE
The current state of the key as defined in: NIST DRAFT Special Publication 800-130, A Framework for Designing Cryptographic Key Management Systems, June 15, 2010.
Definition: p6cryptokey.h:356
Interface definition for X509 V3 Certificates.
A universally unique indentifier (UUID).
Definition: p6types.h:131
virtual P6R::P6ERR setCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert *pCert, P6UUID *pUUID)=0
Creates a new certificate in the keystore with the matching 'pNamespace pName' identifier.
virtual P6R::P6ERR getCertificateChain(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert **pCertChain, P6UINT32 numChain, P6UINT32 *pNumWritten)=0
Finds and returns a certificate chain associated with an existing key.
virtual P6R::P6ERR getKey(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey **pKey)=0
Finds and returns an existing key with the matching 'pNamespace pName' identifer (e.g., 'SSH host_key' )
const P6UINT32 P6KSMAXNAMESPACE
Definition: p6keystore.h:64
This enumerator allows the caller to get a list of all defined entries that exist in the openned keys...
Definition: p6keystore.h:94
This interface allows the caller to access parts of an X509 V3 certificate for use in protocols and i...
Definition: p6cert.h:180
virtual P6R::P6ERR enumCertBySubject(const P6WCHAR *pSubject, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to find one or more certificates with the given subject...
virtual P6R::P6ERR getBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName, P6BSTR *pBlob)=0
Finds and returns an existing array of untyped bytes (i.e., a blob) with the matching 'pNamespace pNa...
virtual P6R::P6ERR enumKeyBySizeByClass(P6UINT32 size, P6INT8 comparator, P6CRYPTOKEYCLASS keyClass, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumKeyByCipher(P6CRYPTOCIPHER cipher, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
#define P6COMMETHOD
Definition: p6types.h:863
This interface provides symmetric key encryption/decryption using AES, Blowfish, CAST5 DES and varian...
Definition: p6symmetric.h:62
P6INT64 P6TIME
The wallclock time represented as the number of microseconds since midnight January 1 1970 UTC...
Definition: p6types.h:228
virtual P6R::P6ERR deleteCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName)=0
Deletes the certificate defined by the 'pNamespace pName' identifier from the keystore.
virtual P6R::P6ERR enumKeyByRenewal(P6TIME expired, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumKeyBySize(P6UINT32 size, P6INT8 comparator, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
Interface definition for the cryptographic signature generation and verification. ...
virtual P6R::P6ERR getBlobByUUID(P6UUID *pUUID, P6BSTR *pBlob)=0
Finds and returns an existing array of untyped bytes (i.e., a blob) with the matching global unique i...
virtual P6R::P6ERR enumKeyByState(P6CRYPTOKEYSTATE state, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumKeyByClass(P6CRYPTOKEYCLASS keyClass, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumNamespaces(p6IEnumWStr **ppEnum)=0
The returned enumerator can be used to get a list of all namespaces defined in a keystore.
virtual P6R::P6ERR getCertificateByUUID(P6UUID *pUUID, p6ICert **pCert)=0
Finds and returns an existing certificate with the matching global unique identifier.
virtual P6R::P6ERR enumKeyLikeDescriptiveLabel(const P6WCHAR *pDescription, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR close()=0
Closes access to keystore contents.
virtual P6R::P6ERR enumKeyLikeUse(const P6WCHAR *pUse, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
P6DIGESTS
Definition: p6digest.h:295
This interface is used to create/open/manage the keystore.
Definition: p6keystore.h:373
P6R Cryptographic key interface definitions.