AlexaClientSDK  1.26.0
A cross-platform, modular SDK for interacting with the Alexa Voice Service
PKCS11Key.h
Go to the documentation of this file.
1 /*
2  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License").
5  * You may not use this file except in compliance with the License.
6  * A copy of the License is located at
7  *
8  * http://aws.amazon.com/apache2.0/
9  *
10  * or in the "license" file accompanying this file. This file is distributed
11  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12  * express or implied. See the License for the specific language governing
13  * permissions and limitations under the License.
14  */
15 
16 #ifndef ACSDKPKCS11_PRIVATE_PKCS11KEY_H_
17 #define ACSDKPKCS11_PRIVATE_PKCS11KEY_H_
18 
19 #include <memory>
20 #include <string>
21 
22 #include <acsdkCryptoInterfaces/AlgorithmType.h>
23 #include <acsdkPkcs11/private/PKCS11API.h>
24 
25 namespace alexaClientSDK {
26 namespace acsdkPkcs11 {
27 
28 class PKCS11Session;
29 
30 using alexaClientSDK::acsdkCryptoInterfaces::AlgorithmType;
31 
38 class PKCS11Key {
39 public:
46  PKCS11Key(std::shared_ptr<PKCS11Session>&& session, CK_OBJECT_HANDLE keyHandle) noexcept;
47 
55  bool isCompatible(AlgorithmType type) noexcept;
56 
68  bool getAttributes(std::vector<unsigned char>& checksum, bool& neverExtractable) noexcept;
69 
82  bool encrypt(
83  AlgorithmType algorithmType,
84  const std::vector<unsigned char>& iv,
85  const std::vector<unsigned char>& aad,
86  const std::vector<unsigned char>& plaintext,
87  std::vector<unsigned char>& ciphertext,
88  std::vector<unsigned char>& tag) noexcept;
89 
102  bool decrypt(
103  AlgorithmType algorithmType,
104  const std::vector<unsigned char>& iv,
105  const std::vector<unsigned char>& aad,
106  const std::vector<unsigned char>& ciphertext,
107  const std::vector<unsigned char>& tag,
108  std::vector<unsigned char>& plaintext) noexcept;
109 
121  bool configureMechanism(
122  CK_MECHANISM_TYPE mechanismType,
123  const std::vector<unsigned char>& iv,
124  const std::vector<unsigned char>& aad,
125  CK_MECHANISM& params,
126  CK_GCM_PARAMS& gcmParams) noexcept;
127 
128 private:
130  std::shared_ptr<PKCS11Session> m_session;
131 
133  CK_OBJECT_HANDLE m_keyHandle;
134 };
135 
136 } // namespace acsdkPkcs11
137 } // namespace alexaClientSDK
138 
139 #endif // ACSDKPKCS11_PRIVATE_PKCS11KEY_H_
AlgorithmType.h
alexaClientSDK::acsdkPkcs11::PKCS11Key::getAttributes
bool getAttributes(std::vector< unsigned char > &checksum, bool &neverExtractable) noexcept
Method to query key attributes.
Definition: PKCS11Key.cpp:112
alexaClientSDK::acsdkPkcs11::PKCS11Key::configureMechanism
bool configureMechanism(CK_MECHANISM_TYPE mechanismType, const std::vector< unsigned char > &iv, const std::vector< unsigned char > &aad, CK_MECHANISM &params, CK_GCM_PARAMS &gcmParams) noexcept
Configure PKCS#11 mechanism according to parameters.
Definition: PKCS11Key.cpp:333
alexaClientSDK::acsdkPkcs11::PKCS11Key::decrypt
bool decrypt(AlgorithmType algorithmType, const std::vector< unsigned char > &iv, const std::vector< unsigned char > &aad, const std::vector< unsigned char > &ciphertext, const std::vector< unsigned char > &tag, std::vector< unsigned char > &plaintext) noexcept
Function to decrypt data with given parameters.
Definition: PKCS11Key.cpp:236
alexaClientSDK
Whether or not curl logs should be emitted.
Definition: AVSConnectionManager.h:36
PKCS11API.h
alexaClientSDK::acsdkPkcs11::PKCS11Key::encrypt
bool encrypt(AlgorithmType algorithmType, const std::vector< unsigned char > &iv, const std::vector< unsigned char > &aad, const std::vector< unsigned char > &plaintext, std::vector< unsigned char > &ciphertext, std::vector< unsigned char > &tag) noexcept
Function to encrypt data with given parameters.
Definition: PKCS11Key.cpp:138
alexaClientSDK::acsdkPkcs11::PKCS11Key
PKCS11 key object wrapper.
Definition: PKCS11Key.h:38
alexaClientSDK::acsdkPkcs11::PKCS11Key::PKCS11Key
PKCS11Key(std::shared_ptr< PKCS11Session > &&session, CK_OBJECT_HANDLE keyHandle) noexcept
Create key object with parameters.
Definition: PKCS11Key.cpp:44
alexaClientSDK::acsdkCryptoInterfaces::AlgorithmType
AlgorithmType
Enumeration of all supported encryption protocols.
Definition: AlgorithmType.h:31
alexaClientSDK::acsdkPkcs11::PKCS11Key::isCompatible
bool isCompatible(AlgorithmType type) noexcept
Method to check if key has a correct type and supports given algorithm type.
Definition: PKCS11Key.cpp:49

AlexaClientSDK 1.26.0 - Copyright 2016-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. Licensed under the Apache License, Version 2.0