2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
18 * @file SignatureManager.cpp
19 * @brief This is the implementation file for %SignatureManager class.
22 #include <FBase_StringConverter.h>
24 #include "SignatureManager.h"
26 using namespace Tizen::Base;
27 using namespace Tizen::Security::Cert;
28 using namespace Tizen::Base::Collection;
29 using namespace Tizen::Base::Utility;
31 SignatureManager::SignatureManager(void)
33 ,__pAuthorSignature(null)
34 ,__pDistributorSignature(null)
35 ,__pAuthorCertPath(null)
36 ,__pDistributorCertPath(null)
40 SignatureManager::~SignatureManager(void)
42 delete __pAuthorSignature;
43 delete __pDistributorSignature;
44 delete __pAuthorCertPath;
45 delete __pDistributorCertPath;
49 SignatureManager::Construct(InstallationContext* pContext)
51 __pContext = pContext;
57 SignatureManager::SetSignature()
59 TryReturn(__pContext, false, "__pContext is null.");
62 char* pSignaturePath = _StringConverter::CopyToCharArrayN(__pContext->GetSignatureXmlPath());
63 char* pAuthorSignaturePath = _StringConverter::CopyToCharArrayN(__pContext->GetAuthorSignatureXmlPath());
65 __pDistributorSignature = new (std::nothrow) SignatureHandler;
66 TryCatch(__pDistributorSignature, ret = false, "__pDistributorSignature is null");
68 ret = __pDistributorSignature->Construct(__pContext);
69 TryCatch(ret == true, ret = false, "__pDistributorSignature->Construct is failed.");
71 ret = __pDistributorSignature->Parse(pSignaturePath);
72 TryCatch(ret == true, ret = false, "__pDistributorSignature->Parse is failed.");
74 __pAuthorSignature = new (std::nothrow) SignatureHandler;
75 TryCatch(__pAuthorSignature, ret = false, "__pAuthorSignature is null");
77 ret = __pAuthorSignature->Construct(__pContext);
78 TryCatch(ret == true, ret = false, "__pAuthorSignature->Construct is failed.");
80 ret = __pAuthorSignature->Parse(pAuthorSignaturePath);
81 TryCatch(ret == true, ret = false, "__pAuthorSignature->Parse is failed.");
84 delete[] pSignaturePath;
85 delete[] pAuthorSignaturePath;
90 SignatureManager::AddCert()
92 TryReturn(__pAuthorSignature, false, "__pAuthorSignature is null.");
93 TryReturn(__pDistributorSignature, false, "__pDistributorSignature is null.");
96 IList* pAuthorCertChain = __pAuthorSignature->GetAuthorCertChain();
97 IList* pDistributorCertChain = __pDistributorSignature->GetDistributorCertChain();
101 AppLog("AddCertificate - AuthorCertChain");
103 __pAuthorCertPath = new (std::nothrow) X509CertificatePath();
104 TryCatch(__pAuthorCertPath, ret = false, "__pAuthorCertPath is null.");
106 ret = AddCertificate(__pAuthorCertPath, pAuthorCertChain);
107 TryCatch(ret == true, ret = false, "AddCertificate(AuthorCert) is failed.");
109 ret = AddAuthorRootCert(__pAuthorCertPath);
110 TryCatch(ret == true, ret = false, "AddAuthorRootCert(AuthorCertPath) is failed.");
113 if (pDistributorCertChain)
115 AppLog("AddCertificate - DistributorCert");
117 __pDistributorCertPath = new (std::nothrow) X509CertificatePath();
118 TryCatch(__pDistributorCertPath, ret = false, "__pDistributorCertPath is null.");
120 ret = AddCertificate(__pDistributorCertPath, pDistributorCertChain);
121 TryCatch(ret == true, ret = false, "AddCertificate(DistributorCert) is failed.");
123 ret = AddDistributorRootCert(__pDistributorCertPath);
124 TryCatch(ret == true, ret = false, "AddDistributorRootCert(DistributorCert) is failed.");
132 SignatureManager::VerifyChain()
134 TryReturn(__pAuthorCertPath, false, "__pAuthorCertPath is null.");
135 TryReturn(__pDistributorCertPath, false, "__pDistributorCertPath is null.");
139 AppLog("AuthorCert Validate - START");
140 ret = Validate(__pAuthorCertPath);
141 AppLog("AuthorCert Validate - END");
142 TryCatch(ret == true, ret = false, "Validate(AuthorCert) is failed.");
144 __pContext->SetAuthorCertPath(__pAuthorCertPath);
145 __pAuthorCertPath = null;
147 AppLog("DistributorCert Validate - START");
148 ret = Validate(__pDistributorCertPath);
149 AppLog("DistributorCert Validate - END");
150 TryCatch(ret == true, ret = false, "Validate(DistributorCert) is failed.");
152 __pContext->SetDistributorCertPath(__pDistributorCertPath);
153 __pDistributorCertPath = null;
156 delete __pAuthorCertPath;
157 __pAuthorCertPath = null;
158 delete __pDistributorCertPath;
159 __pDistributorCertPath = null;
165 SignatureManager::Validate(X509CertificatePath* pCertPath)
167 TryReturn(pCertPath, false, "pCertPath is null.");
169 AppLog("------------------------------------------");
170 AppLog("# signature.xml");
171 ValidationResult valResult = VALIDATION_SUCCESS;
172 valResult = pCertPath->Validate();
174 if (valResult != VALIDATION_SUCCESS)
176 AppLog("Validate() fail! - ValidationResult = [%d]", valResult);
177 AppLog("------------------------------------------");
182 int depth = pCertPath->GetLength();
189 AppLog("Validate() success!");
190 AppLog("------------------------------------------");
197 SignatureManager::AddCertificate(X509CertificatePath* pCertPath, IList* pCertChain)
199 TryReturn(pCertChain, false, "pCertChain is null.");
202 result r = E_SUCCESS;
203 X509Certificate* pCertificate = null;
205 for (int i = 0; i < pCertChain->GetCount(); i++)
207 Tizen::Base::ByteBuffer* pByteBuffer = dynamic_cast <ByteBuffer*>(pCertChain->GetAt(i));
211 AppLog("[cert][%d]", i);
213 pCertificate = new (std::nothrow) X509Certificate;
214 TryCatch(pCertificate, ret = false, "pCertificate is null.");
216 r = pCertificate->Construct(*pByteBuffer);
217 TryCatch(!IsFailed(r), ret = false, "pCertificate->Construct() is failed.");
219 r = pCertPath->AddCertificate(*pCertificate);
220 TryCatch(!IsFailed(r), ret = false, "AddCertificate is failed.");
233 SignatureManager::AddDistributorRootCert(X509CertificatePath* pCertPath)
235 TryReturn(pCertPath, false, "pCertPath is null.");
237 result r = E_SUCCESS;
239 ICertificate* pIntermediateCA = null;
242 pIntermediateCA = pCertPath->GetCertificateN(1);
243 TryCatch(pIntermediateCA, ret = false, "pIntermediateCA is null.");
245 issuer = pIntermediateCA->GetIssuer();
247 for(int certType = ROOT_CERTIFICATE_PUBLIC; certType <= ROOT_CERTIFICATE_PARTNER_MANUFACTURER; certType++)
249 const char* pRootCert = null;
250 ByteBuffer byteBuffer;
251 X509Certificate rootCert;
254 if (certType == ROOT_CERTIFICATE_PUBLIC)
256 pRootCert = "MIICozCCAgwCCQD9XW6kNg4bbjANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMC"
257 "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6"
258 "ZW4gVGVzdCBDQTEjMCEGA1UECwwaVFRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0Ex"
259 "KTAnBgNVBAMMIFRpemVuIFB1YmxpYyBEaXN0cmlidXRvciBSb290IENBMB4XDTEy"
260 "MTAyNjA4MDAyN1oXDTIyMTAyNDA4MDAyN1owgZUxCzAJBgNVBAYTAktSMQ4wDAYD"
261 "VQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3Qg"
262 "Q0ExIzAhBgNVBAsMGlRUaXplbiBEaXN0cmlidXRvciBUZXN0IENBMSkwJwYDVQQD"
263 "DCBUaXplbiBQdWJsaWMgRGlzdHJpYnV0b3IgUm9vdCBDQTCBnzANBgkqhkiG9w0B"
264 "AQEFAAOBjQAwgYkCgYEA8o0kPY1U9El1BbBUF1k4jCq6mH8a6MmDJdjgsz+hILAY"
265 "sPWimRTXUcW8GAUWhZWgm1Fbb49xWcasA8b4bIJabC/6hLb8uWiozzpRXyQJbe7k"
266 "//RocskRqDmFOky8ANFsCCww72/Xbq8BFK1sxlGdmOWQiGwDWBDlS2Lw1XOMqb0C"
267 "AwEAATANBgkqhkiG9w0BAQUFAAOBgQBUotZqTNFr+SNyqeZqhOToRsg3ojN1VJUa"
268 "07qdlVo5I1UObSE+UTJPJ0NtSj7OyTY7fF3E4xzUv/w8aUoabQP1erEmztY/AVD+"
269 "phHaPytkZ/Dx+zDZ1u5e9bKm5zfY4dQs/A53zDQta5a/NkZOEF97Dj3+bzAh2bP7"
272 else if (certType == ROOT_CERTIFICATE_PARTNER)
274 pRootCert = "MIICozCCAgwCCQD9IBoOxzq2hjANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMC"
275 "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6"
276 "ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEq"
277 "MCgGA1UEAwwhVGl6ZW4gUGFydG5lciBEaXN0cmlidXRvciBSb290IENBMB4XDTEy"
278 "MTAyNjA4MTIzMVoXDTIyMTAyNDA4MTIzMVowgZUxCzAJBgNVBAYTAktSMQ4wDAYD"
279 "VQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3Qg"
280 "Q0ExIjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKjAoBgNVBAMM"
281 "IVRpemVuIFBhcnRuZXIgRGlzdHJpYnV0b3IgUm9vdCBDQTCBnzANBgkqhkiG9w0B"
282 "AQEFAAOBjQAwgYkCgYEAnIBA2qQEaMzGalP0kzvwUxdCC6ybSC/fb+M9iGvt8QXp"
283 "ic2yARQB+bIhfbEu1XHwE1jCAGxKd6uT91b4FWr04YwnBPoRX4rBGIYlqo/dg+pS"
284 "rGyFjy7vfr0BOdWp2+WPlTe7SOS6bVauncrSoHxX0spiLaU5LU686BKr7YaABV0C"
285 "AwEAATANBgkqhkiG9w0BAQUFAAOBgQAX0Tcfmxcs1TUPBdr1U1dx/W/6Y4PcAF7n"
286 "DnMrR0ZNRPgeSCiVLax1bkHxcvW74WchdKIb24ZtAsFwyrsmUCRV842YHdfddjo6"
287 "xgUu7B8n7hQeV3EADh6ft/lE8nalzAl9tALTxAmLtYvEYA7thvDoKi1k7bN48izL"
290 else if (certType == ROOT_CERTIFICATE_PARTNER_OPERATOR)
292 pRootCert = "MIICzDCCAjWgAwIBAgIJAJrv22F9wyp/MA0GCSqGSIb3DQEBBQUAMIGeMQswCQYD"
293 "VQQGEwJLUjEOMAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQK"
294 "DA1UaXplbiBUZXN0IENBMSIwIAYDVQQLDBlUaXplbiBEaXN0cmlidXRvciBUZXN0"
295 "IENBMTMwMQYDVQQDDCpUaXplbiBQYXJ0bmVyLU9wZXJhdG9yIERpc3RyaWJ1dG9y"
296 "IFJvb3QgQ0EwHhcNMTIxMjEzMDUzOTMyWhcNMjIxMjExMDUzOTMyWjCBnjELMAkG"
297 "A1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UE"
298 "CgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVz"
299 "dCBDQTEzMDEGA1UEAwwqVGl6ZW4gUGFydG5lci1PcGVyYXRvciBEaXN0cmlidXRv"
300 "ciBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9X0Hw0EfAuagg"
301 "De9h6Jtvh8Df4fyVbvLm9VNea/iVP3/qTbG8tNqoQ32lu0SwzAZBnjpvpbxzsWs9"
302 "pSYo7Ys1fymHlu+gf+kmTGTVscBrAHWkr4O0m33x2FYfy/wmu+IImnRDYDud83rN"
303 "tjQmMO6BihN9Lb6kLiEtVIa8ITwdQwIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0G"
304 "CSqGSIb3DQEBBQUAA4GBAHS2M2UnfEsZf80/sT84xTcfASXgpFL/1M5HiAVpR+1O"
305 "UwLpLyqHiGQaASuADDeGEfcIqEf8gP1SzvnAZqLx9GchbOrOKRleooVFH7PRxFBS"
306 "VWJ5Fq46dJ1mCgTWSkrL6dN5j9hWCzzGfv0Wco+NAf61n9kVbCv7AScIJwQNltOy";
308 else // ROOT_CERTIFICATE_PARTNER_MANUFACTURER
310 pRootCert = "MIIC1DCCAj2gAwIBAgIJAJZH47dCtgPdMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD"
311 "VQQGEwJLUjEOMAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQK"
312 "DA1UaXplbiBUZXN0IENBMSIwIAYDVQQLDBlUaXplbiBEaXN0cmlidXRvciBUZXN0"
313 "IENBMTcwNQYDVQQDDC5UaXplbiBQYXJ0bmVyLU1hbnVmYWN0dXJlciBEaXN0cmli"
314 "dXRvciBSb290IENBMB4XDTEyMTIxMzA1NDQxN1oXDTIyMTIxMTA1NDQxN1owgaIx"
315 "CzAJBgNVBAYTAktSMQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAU"
316 "BgNVBAoMDVRpemVuIFRlc3QgQ0ExIjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9y"
317 "IFRlc3QgQ0ExNzA1BgNVBAMMLlRpemVuIFBhcnRuZXItTWFudWZhY3R1cmVyIERp"
318 "c3RyaWJ1dG9yIFJvb3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJG"
319 "0gq3XrDn7W7cIH58w7hSDMVENnXLmXm4Jl5teXXrgL/BgpORracGMgm0Fmxxq/Nq"
320 "8OEI2RfmtrlN5nWGiphs3XqLHtO+BAPY1BbZS6YVZjrVXrGWdzk12zQxd6sXJMiV"
321 "B08ECQiQ0qgKFbTDSEbH/p4eyKCMG9lnrBLPHTpJAgMBAAGjEDAOMAwGA1UdEwQF"
322 "MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJTJYCr9GhZ1xXwvxsWLGd9XV9wixo1zk"
323 "FV2+eJZbCc4xJyOSb0cZds8fYUuzw32oyElLvPhYfAHVTHu/WlkwSshZlKdI2hCT"
324 "Iy03/Up+JNfuom8JLgF7qc3YtbuJHzoVu1jJ/akXU6y52D/J5CkYy2JSsV0KZuh2"
328 length = strlen(pRootCert);
329 byteBuffer.Construct(length);
331 r = byteBuffer.SetArray((byte*)pRootCert, 0, length);
332 TryCatch(!IsFailed(r), ret = false, "SetArray() is failed.");
336 r = rootCert.Construct(byteBuffer);
337 TryCatch(!IsFailed(r), ret = false, "rootCert.Construct() is failed.");
339 String subject = rootCert.GetSubject();
340 AppLog("------------------------------------------");
341 AppLog("Issuer = [%ls]", issuer.GetPointer());
342 AppLog("Subject = [%ls]", subject.GetPointer());
343 AppLog("------------------------------------------");
345 if (subject == issuer)
347 AppLog("subject, issuer is matched.");
349 r = pCertPath->AddCertificate(rootCert);
350 TryCatch(!IsFailed(r), ret = false, "AddCertificate(DistributorRootCert) is failed.");
352 AppLog("AddCertificate() RootCert = [%d]", certType);
353 __pContext->__rootCertType = (RootCertificateType)certType;
361 AppLog("subject, issuer is not matched.");
367 delete pIntermediateCA;
372 SignatureManager::AddAuthorRootCert(X509CertificatePath* pCertPath)
374 TryReturn(pCertPath, false, "pCertPath is null.");
376 result r = E_SUCCESS;
378 ByteBuffer byteBuffer;
379 X509Certificate rootCert;
381 const char* pAuthorRootCert = "MIICnzCCAggCCQCn+GGT4zh+BjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC"
382 "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6"
383 "ZW4gVGVzdCBDQTElMCMGA1UECwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBD"
384 "QTElMCMGA1UEAwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBDQTAeFw0xMjEw"
385 "MjYwOTUwMTNaFw0yMjEwMjQwOTUwMTNaMIGTMQswCQYDVQQGEwJLUjEOMAwGA1UE"
386 "CAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENB"
387 "MSUwIwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQD"
388 "DBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUA"
389 "A4GNADCBiQKBgQDWT6ZH5JyGadTUK1QmNwU8j+py4WtuElJE+4/wPFP8/KBmvvmI"
390 "rGVjhUbKXToKIo8N6C/0SLxGEWuRAIoZHhg5JVbw1Ay7smgJJHizDUAqMTmV6LI9"
391 "yTFbBV+OlO2Dir4LVdQ/XDBiqqslr7pqXgsg1V2g7x+tOI/f3dn2kWoVZQIDAQAB"
392 "MA0GCSqGSIb3DQEBBQUAA4GBADGJYMtzUBDK+KKLZQ6zYmrKb+OWLlmEr/t/c2af"
393 "KjTKUtommcz8VeTPqrDBOwxlVPdxlbhisCYzzvwnWeZk1aeptxxU3kdW9N3/wocN"
394 "5nBzgqkkHJnj/ptqjrH2v/m0Z3hBuI4/akHIIfCBF8mUHwqcxYsRdcCIrkgp2Aiv"
397 length = strlen(pAuthorRootCert);
398 byteBuffer.Construct(length);
400 r = byteBuffer.SetArray((byte*)pAuthorRootCert, 0, length);
401 TryCatch(!IsFailed(r), ret = false, "SetArray() is failed.");
405 r = rootCert.Construct(byteBuffer);
406 TryCatch(!IsFailed(r), ret = false, "rootCert.Construct() is failed.");
408 r = pCertPath->AddCertificate(rootCert);
409 TryCatch(!IsFailed(r), ret = false, "AddCertificate(AuthorRootCert) is failed.");
projects / platform / framework / native / installer.git / blob