2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSecCertICertificatePath.h
19 * @brief This is the header file for the %ICertificatePath interface.
21 * This header file contains the declarations of the %ICertificatePath interface.
23 #ifndef _FSEC_CERT_ICERTIFICATE_PATH_H_
24 #define _FSEC_CERT_ICERTIFICATE_PATH_H_
26 #include <FBaseString.h>
27 #include <FSecCertICertificate.h>
28 #include <FSecCertTypes.h>
30 namespace Tizen { namespace Security { namespace Cert
33 class ICertificatePathValidationResult;
35 * @interface ICertificatePath
36 * @brief This interface provides methods for validating the certificate path and get information about it.
40 * The %ICertificatePath interface provides methods for validating the certificate path and get information about it. @n
42 * For more information on the class features, see <a href="../org.tizen.native.appprogramming/html/guide/security/certificate_namespace.htm">Certificates</a>. @n
44 * The following example demonstrates how to use the %ICertificatePath interface.
49 * MyCertificatePath::Sample(void)
51 * X509Certificate *pCertificate1 = null;
52 * X509Certificate *pCertificate2 = null;
54 * ICertificate *pTrustCa = null;
55 * ByteBuffer input1, input2;
57 * ValidationResult valResult;
58 * result r = E_FAILURE;
60 * ICertificatePath *pCertPath = null;
62 * String fileName1(Tizen::App::App::GetInstance()->GetAppRootPath() + L"data/UTsSecurity/Security/Domain3Certs/TestCert1-1.der");
63 * String fileName2(Tizen::App::App::GetInstance()->GetAppRootPath() + L"data/UTsSecurity/Security/Domain3Certs/TestCert1-2.der");
65 * FileAttributes attribute1, attribute2;
67 * r = file1.Construct(fileName1, L"r");
73 * r = file1.GetAttributes(fileName1, attribute1);
79 * r = input1.Construct((int)attribute1.GetFileSize());
85 * r = file1.Read(input1);
93 * r = file2.Construct(fileName2, L"r");
99 * r = file2.GetAttributes(fileName2, attribute2);
105 * r = input2.Construct((int)attribute2.GetFileSize());
111 * r = file2.Read(input2);
120 * pCertificate1 = new X509Certificate;
121 * pCertificate1->Construct(input1);
124 * pCertificate2 = new X509Certificate;
125 * pCertificate2->Construct(input2);
127 * // Certificate Path
128 * pCertPath = new X509CertificatePath();
129 * if (pCertPath == null)
134 * r = pCertPath->AddCertificate(*pCertificate1);
140 * r = pCertPath->AddCertificate(*pCertificate2);
147 * // Certificate Path Validation Result
148 * valResult = pCertPath->Validate();
149 * if (valResult != VALIDATION_SUCCESS)
154 * depth = pCertPath->GetLength();
160 * for (int i = 0; i < depth; i++)
162 * ICertificate *pOutCert = pCertPath->GetCertificateN(i);
166 * String subjectName;
167 * subjectName = pOutCert->GetSubject();
173 * pTrustCa = pCertPath->GetTrustAnchorN();
176 * String subjectName;
177 * subjectName = pTrustCa->GetSubject();
185 * delete pCertificate1;
186 * delete pCertificate2;
194 class _OSP_EXPORT_ ICertificatePath
199 * This is the destructor for this class.
203 virtual ~ICertificatePath(void) {}
206 * Gets the format of the certificate path.
210 * @return The format of the certificate
212 virtual Tizen::Base::String GetFormat(void) const = 0;
215 * Adds the specified certificate to the certificate chain.
216 * The order of certificates should be as follows: @n
217 * 1. User certificate.
218 * 2. Intermediate certificate.
219 * 3. Root CA certificate.
223 * @return An error code
224 * @param[in] certificate A reference to the certificate to add
225 * @exception E_SUCCESS The method is successful.
226 * @exception E_INVALID_ARG The specified @c certificate or the certificate data is invalid.
227 * @exception E_OUT_OF_MEMORY The memory is insufficient.
228 * @exception E_SYSTEM Either of the following conditions has occurred:
229 * - A system error has occurred.
230 * - The certificate link list operation has failed.
232 virtual result AddCertificate(const Tizen::Security::Cert::ICertificate& certificate) = 0;
235 * Validates the specified certificate path.
239 * @return The result of the certificate path validation
240 * @exception E_SUCCESS The method is successful.
241 * @exception E_SYSTEM Either of the following conditions has occurred:
242 * - A system error has occurred.
243 * - The certificate link list operation has failed.
244 * @remarks The specific error code can be accessed using the GetLastResult() method.
246 virtual Tizen::Security::Cert::ValidationResult Validate(void) = 0;
249 * Validates the specified certificate path.
253 * @return The result of the certificate path validation
254 * @param[in] trustAnchor The trusted Certificate Authority (CA)
255 * @exception E_SUCCESS The method is successful.
256 * @exception E_OUT_OF_MEMORY The memory is insufficient.
257 * @exception E_INVALID_ARG The specified input parameter is invalid.
258 * @exception E_SYSTEM Either of the following conditions has occurred:
259 * - A system error has occurred.
260 * - The certificate link list operation has failed.
261 * @remarks The specific error code can be accessed using the GetLastResult() method.
263 virtual Tizen::Security::Cert::ValidationResult Validate(const Tizen::Security::Cert::ICertificate& trustAnchor) = 0;
266 * Gets the trust anchor for the certificate path.
270 * @return The root certificate, @n
271 * else @c null if an error occurs
272 * @exception E_SUCCESS The method is successful.
273 * @exception E_OUT_OF_MEMORY The memory is insufficient.
274 * @exception E_OBJ_NOT_FOUND The certificate is not found.
275 * @exception E_SYSTEM A system error has occurred. @n
276 * Either of the following conditions has occurred:
277 * - The certificate link list operation.
278 * - The Tizen::Base::ByteBuffer operation has failed.
279 * @remarks The specific error code can be accessed using the GetLastResult() method.
281 virtual Tizen::Security::Cert::ICertificate* GetTrustAnchorN(void) const = 0;
284 * Gets the length of the certificate path.
288 * @return The length of the certificate path, @n
289 * else @c -1 if an error occurs
290 * @exception E_SUCCESS The method is successful.
291 * @exception E_SYSTEM Either of the following conditions has occurred:
292 * - A system error has occurred.
293 * - The certificate list is empty.
295 virtual int GetLength(void) const = 0;
298 * Gets the list of certificates in this certificate path.
302 * @return A pointer to the ICertificate interface, @n
303 * else @c null if an error occurs
304 * @param[in] nth The nth certificate in the certificate path (starts from @c 0)
305 * @exception E_SUCCESS The method is successful.
306 * @exception E_OUT_OF_MEMORY The memory is insufficient.
307 * @exception E_INVALID_ARG The value of the specified @c nth is out of the valid range. @n
308 * It must be less than the value retrieved by the GetLength() method.
309 * @exception E_OBJ_NOT_FOUND The certificate is not found.
310 * @exception E_SYSTEM Either of the following conditions has occurred:
311 * - A system error has occurred.
312 * - The certificate list is empty.
313 * @remarks The specific error code can be accessed using the GetLastResult() method.
315 virtual Tizen::Security::Cert::ICertificate* GetCertificateN(int nth) const = 0;
319 // This method is for internal use only. Using this method can cause behavioral, security-related,
320 // and consistency-related issues in the application.
322 // This method is reserved and may change its name at any time without prior notice.
326 virtual void ICertificatePath_Reserved1(void) {}
329 // This method is for internal use only. Using this method can cause behavioral, security-related,
330 // and consistency-related issues in the application.
332 // This method is reserved and may change its name at any time without prior notice.
336 virtual void ICertificatePath_Reserved2(void) {}
339 // This method is for internal use only. Using this method can cause behavioral, security-related,
340 // and consistency-related issues in the application.
342 // This method is reserved and may change its name at any time without prior notice.
346 virtual void ICertificatePath_Reserved3(void) {}
348 }; //ICertificatePath
350 } } } //Tizen::Security::Cert
352 #endif //_FSEC_CERT_ICERTIFICATE_PATH_H_