key_config_manager.h File Reference

This API adds next certificate of chain to the storage.

The certificates should be added in the order from root of chain, followed by the certificates it signs and so on.

Parameters:

[in]	kcm_chain_handle	certificate chain handle.
[in]	kcm_cert_data	pointer to certificate data in DER format.
[in]	kcm_cert_data_size	size of certificate data buffer.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 549 of file key_config_manager.c.

The API releases the context and frees allocated resources.

When operation type is creation--> if total number of added/stored certificates is not equal to number of certificates in the chain, the API will return an error.

Parameters:

[in]

kcm_chain_handle

certificate chain handle.

Returns:

KCM_STATUS_SUCCESS in case of success. KCM_STATUS_CLOSE_INCOMPLETE_CHAIN in case of not all certificates were saved. In this case the chain will be deleted. Otherwise one of the `kcm_status_e` errors.

Definition at line 760 of file key_config_manager.c.

The API initializes chain context for write chain operation, This API should be called prior to kcm_cert_chain_add_certificate API.

Parameters:

[out]	kcm_chain_handle	pointer to certificate chain handle.
[in]	kcm_chain_name	pointer to certificate chain name.
[in]	kcm_chain_name_len	length of certificate name buffer.
[in]	kcm_chain_len	number of certificates in the chain.
[in]	kcm_chain_is_factory	True if the KCM chain is a factory item, otherwise false.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 406 of file key_config_manager.c.

The API deletes all certificates of the chain from the storage.

Parameters:

[in]	kcm_chain_name	pointer to certificate chain name.
[in]	kcm_chain_name_len	length of certificate chain name.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 607 of file key_config_manager.c.

The API returns data of the next certificate in the chain.

To get exact size of a next certificate use kcm_cert_chain_get_next_certificate_size. In the end of get data operation, chain context points to the next certificate of current chain.

Parameters:

[in]	kcm_chain_handle	certificate chain handle.
	in/out]	kcm_cert_data pointer to certificate data in DER format.
[in]	kcm_max_cert_data_size	max size of certificate data buffer.
[out]	kcm_actual_cert_data_size	actual size of certificate data.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 713 of file key_config_manager.c.

The API returns size of the next certificate in the chain.

This API should be called prior to kcm_cert_chain_get_next_data. This operation does not increase chain's context iterator.

Parameters:

[in]	kcm_chain_handle	certificate chain handle.
[out]	kcm_cert_data_size	pointer size of next certificate.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 671 of file key_config_manager.c.

The API initializes chain context for read chain operation.

This API should be called prior to kcm_cert_chain_get_next_certificate_size and kcm_cert_chain_get_next_certificate_data APIs

Parameters:

[out]	kcm_chain_handle	pointer to certificate chain handle.
[in]	kcm_chain_name	pointer to certificate chain name.
[in]	kcm_chain_name_len	size of certificate name buffer.
[out]	kcm_chain_len	length of certificate chain.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 471 of file key_config_manager.c.

Generate a general CSR from the given private and public keys.

Further design is needed

Parameters:

key_name	The key name to fetch from storage(public/private).
key_name_len	The key name len.
csr_out	Pointer to generated E2E CSR.
csr_size_out	Size of the E2E CSR.

Returns:

Operation status.

Reset the KCM secure storage to factory state.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 359 of file key_config_manager.c.

Finalize the KCM module.

Finalizes and frees file storage resources.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 122 of file key_config_manager.c.

Initiate the KCM module.

Allocates and initializes file storage resources.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 96 of file key_config_manager.c.

Delete a KCM item from a secure storage.

Parameters:

[in]	kcm_item_name	KCM item name.
[in]	kcm_item_name_len	KCM item name length.
[in]	kcm_item_type	KCM item type as defined in `kcm_item_type_e`

Returns:

KCM_STATUS_SUCCESS status in case of success or one of kcm_status_e errors otherwise.

Definition at line 322 of file key_config_manager.c.

Retrieve KCM item data from a secure storage.

Parameters:

[in]	kcm_item_name	KCM item name.
[in]	kcm_item_name_len	KCM item name length.
[in]	kcm_item_type	KCM item type as defined in `kcm_item_type_e`
[out]	kcm_item_data_out	KCM item data output buffer. Can be NULL if `kcm_item_data_size` is 0.
[in]	kcm_item_data_max_size	The maximum size of the KCM item data output buffer in bytes.
[out]	kcm_item_data_act_size_out	Actual KCM item data output buffer size in bytes.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 260 of file key_config_manager.c.

Retrieve the KCM item data size from a secure storage.

Parameters:

[in]	kcm_item_name	KCM item name.
[in]	kcm_item_name_len	KCM item name length.
[in]	kcm_item_type	KCM item type as defined in `kcm_item_type_e`
[out]	kcm_item_data_size_out	KCM item data size in bytes.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 215 of file key_config_manager.c.

Store the KCM item into a secure storage.

Parameters:

[in]	kcm_item_name	KCM item name.
[in]	kcm_item_name_len	KCM item name length.
[in]	kcm_item_type	KCM item type as defined in `kcm_item_type_e`
[in]	kcm_item_is_factory	True if the KCM item is a factory item, otherwise false.
[in]	kcm_item_data	KCM item data buffer. Can be NULL if `kcm_item_data_size` is 0.
[in]	kcm_item_data_size	KCM item data buffer size in bytes. Can be 0 if you wish to store an empty file.
[in]	security_desc	Security descriptor.

Returns:

KCM_STATUS_SUCCESS in case of success or one of the `kcm_status_e` errors otherwise.

Definition at line 147 of file key_config_manager.c.

Generate a key pair complying the given crypto scheme DER.

Saves the private key and exposes the public key.

Parameters:

key_scheme	The crypto scheme.
key_name	The key name for which a key pair is generated.
key_name_len	Key name length.
pub_key_der_out	Public key to generate in DER format.
pub_key_der_size	Public key size in bytes.
priv_key_sec_desc	Private key security descriptor.
pub_key_sec_desc	Public key security descriptor.

Returns:

Operation status.