2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSecCertCertificate.cpp
19 * @brief This is the implementation file for X509Certificate class.
21 * This header file contains the implementation of X509Certificate class.
27 #include <unique_ptr.h>
28 #include <FBaseResult.h>
29 #include <FSecCertTypes.h>
30 #include <FSecCertX509Certificate.h>
31 #include <FSecPublicKey.h>
32 #include <FBaseSysLog.h>
33 #include <FSecCert_CertService.h>
36 using namespace Tizen::Base;
38 namespace Tizen { namespace Security { namespace Cert
41 static const int _MAX_PUBLIC_KEY_BUFFER_SIZE = 4096;
42 static const int _MAX_SIGNATURE_BUFFER_SIZE = 1024;
44 X509Certificate::X509Certificate(void)
46 , __pX509CertificateImpl(null)
51 X509Certificate::~X509Certificate(void)
54 if (__certHandle != 0)
56 _CertService::CloseCertificate(&__certHandle);
63 X509Certificate::Construct(const Tizen::Base::ByteBuffer& input)
69 SysAssertf(__certHandle == 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class");
71 pBuffer = const_cast< byte* >(input.GetPointer());
72 SysTryReturnResult(NID_SEC_CERT, pBuffer != null, E_INVALID_ARG, "Invalid input argument passed.");
74 length = input.GetRemaining();
75 SysTryReturnResult(NID_SEC_CERT, length > 0, E_INVALID_ARG, "Input buffer length is not positive.");
77 r = _CertService::OpenCertificate(reinterpret_cast< char* >(pBuffer), length, &__certHandle);
78 SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "Failed to open certificates.");
80 __certFormat = L"X509";
86 X509Certificate::GetFormat(void) const
94 X509Certificate::GetType(void) const
97 CertificateType certType = UNKNOWN_TYPE;
98 _CaCertType type = _CERT_TYPE_NOT_BOUNDED;
102 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
104 r = _CertService::CheckCertType(__certHandle, &type);
105 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate type.");
109 case _CERT_TYPE_ROOT_CA:
111 case _CERT_TYPE_DEV_ROOT_CA:
113 case _CERT_TYPE_ROOT_CA_BY_USER:
117 case _CERT_TYPE_ROOT_DOMAIN1:
119 case _CERT_TYPE_SIM_ROOT_DOMAIN1:
121 case _CERT_TYPE_DEV_ROOT_DOMAIN1:
122 certType = OPERATOR_DOMAIN;
125 case _CERT_TYPE_ROOT_DOMAIN3:
127 case _CERT_TYPE_SIM_ROOT_DOMAIN3:
129 case _CERT_TYPE_DEV_ROOT_DOMAIN3:
130 certType = TRUSTED_THIRD_PARTY_DOMAIN;
134 certType = UNKNOWN_TYPE;
143 X509Certificate::GetEncodedDataN(void) const
145 result r = E_SUCCESS;
147 char* pBufferValue = null;
151 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
153 r = _CertService::GetCertBufferN(__certHandle, pBufferValue, &length);
155 std::unique_ptr< char[] > pBuffer(pBufferValue);
157 SysTryReturn(NID_SEC_CERT, pBuffer != null, null, E_SYSTEM, "[E_SYSTEM] Failed to get encoded data of certificate.");
158 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] Failed to get encoded data of certificate.");
159 SysTryReturn(NID_SEC_CERT, length > 0, null, E_SYSTEM, "[E_SYSTEM] Failed to get encoded data of certificate.");
161 std::unique_ptr< ByteBuffer > pEncCert(new (std::nothrow) ByteBuffer());
162 SysTryReturn(NID_SEC_CERT, pEncCert != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory");
164 r = pEncCert->Construct(length);
165 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
167 r = pEncCert->SetArray(reinterpret_cast< byte* >(pBuffer.get()), 0, length);
168 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
172 return pEncCert.release();
176 X509Certificate::Verify(const Tizen::Security::IPublicKey& publicKey)
178 result r = E_SUCCESS;
180 byte* pPublickey = null;
182 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
184 std::unique_ptr< ByteBuffer > pPubKeyBuffer(publicKey.GetEncodedN());
185 SysTryReturn(NID_SEC_CERT, pPubKeyBuffer != null, false, GetLastResult(), "[%s] Propagated.", GetErrorMessage(GetLastResult()));
187 pPublickey = const_cast< byte* >(pPubKeyBuffer->GetPointer());
188 SysTryReturn(NID_SEC_CERT, pPublickey != null, false, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input argument passed.");
190 keyLen = pPubKeyBuffer->GetRemaining();
191 SysTryReturn(NID_SEC_CERT, keyLen > 0, false, E_INVALID_ARG, "[E_INVALID_ARG] Public key buffer length is not positive.");
193 r = _CertService::VerifyCert(__certHandle, pPublickey, keyLen);
194 SysTryReturn(NID_SEC_CERT, !IsFailed(r), false, E_SYSTEM, "[E_SYSTEM] Certificate verification failed.");
200 X509Certificate::GetSpecVersion(void) const
204 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
206 return _CertService::GetCertVersion(__certHandle);
211 X509Certificate::CheckValidityPeriod(void)
213 result r = E_SUCCESS;
214 _CertValidityType type = _CERT_VALIDITY_UNKNOWN;
215 ValidityPeriod validity = VALIDITY_PERIOD_EXPIRED;
219 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
221 r = _CertService::CheckCertValidity(__certHandle, &type);
222 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate validity information.");
226 case _CERT_VALIDITY_VALID:
227 validity = VALIDITY_PERIOD_VALID;
230 case _CERT_VALIDITY_EXPIRED:
231 validity = VALIDITY_PERIOD_EXPIRED;
234 case _CERT_VALIDITY_NOT_YET_VALID:
235 validity = VALIDITY_PERIOD_NOT_YET_VALID;
248 X509Certificate::GetSerialNumber(void) const
250 result r = E_SUCCESS;
251 _CertFieldInfos certInfo;
252 Tizen::Base::String dataString;
256 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
258 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_SERIAL, &certInfo);
259 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate serial number information.");
261 dataString = certInfo.serialNo;
268 X509Certificate::GetSignatureAlgorithm(void) const
270 result r = E_SUCCESS;
271 _CertFieldInfos certInfo;
272 Tizen::Base::String dataString;
276 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
278 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_SIGALGORITHM, &certInfo);
279 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate signature algorithm information.");
281 dataString = certInfo.sigAlgorithm;
288 X509Certificate::GetNotBefore(void) const
290 result r = E_SUCCESS;
291 _CertFieldInfos certInfo;
292 Tizen::Base::String dataString;
296 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
298 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_VALIDITY, &certInfo);
299 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate validity information.");
301 dataString = certInfo.validityFrom;
308 X509Certificate::GetNotAfter(void) const
310 result r = E_SUCCESS;
311 _CertFieldInfos certInfo;
312 Tizen::Base::String dataString;
316 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
318 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_VALIDITY, &certInfo);
319 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate validity information.");
321 dataString = certInfo.validityTo;
329 X509Certificate::GetSubject(void) const
331 result r = E_SUCCESS;
332 _CertFieldInfos certInfo;
333 Tizen::Base::String dataString;
337 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
339 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_SUBJECT, &certInfo);
340 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate issuer information.");
342 dataString = certInfo.subjectName;
349 X509Certificate::GetIssuer(void) const
351 result r = E_SUCCESS;
352 _CertFieldInfos certInfo;
353 Tizen::Base::String dataString;
357 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
359 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_ISSUER, &certInfo);
360 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate issuer information.");
362 dataString = certInfo.issuerName;
370 X509Certificate::GetSignatureN(void) const
372 result r = E_SUCCESS;
373 byte buffer[_MAX_SIGNATURE_BUFFER_SIZE] = {0, };
374 int bufLen = sizeof(buffer);
378 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
380 r = _CertService::GetCertSignature(__certHandle, reinterpret_cast< char* >(buffer), &bufLen);
381 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] Failed to get certificate signature.");
383 std::unique_ptr< ByteBuffer > pSignatureBuffer(new (std::nothrow) ByteBuffer());
384 SysTryReturn(NID_SEC_CERT, pSignatureBuffer != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
386 r = pSignatureBuffer->Construct(bufLen);
387 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
389 r = pSignatureBuffer->SetArray(static_cast< const byte* >(buffer), 0, bufLen);
390 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
392 pSignatureBuffer->Flip();
394 return pSignatureBuffer.release();
398 X509Certificate::GetFingerprintN(void) const
400 result r = E_SUCCESS;
401 _CertFieldInfos certInfo;
405 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
407 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_FINGERPRINT, &certInfo);
408 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] Failed To get certificate fingerprint information.");
410 std::unique_ptr< ByteBuffer > pFingerprint(new (std::nothrow) ByteBuffer());
411 SysTryReturn(NID_SEC_CERT, pFingerprint != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
413 r = pFingerprint->Construct(certInfo.fingerPrintLen);
414 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
416 r = pFingerprint->SetArray(reinterpret_cast< const byte* >(certInfo.fingerPrint), 0, certInfo.fingerPrintLen);
417 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
419 pFingerprint->Flip();
421 return pFingerprint.release();
424 Tizen::Security::IPublicKey*
425 X509Certificate::GetPublicKeyN(void) const
427 result r = E_SUCCESS;
428 ByteBuffer keyBuffer;
429 byte buffer[_MAX_PUBLIC_KEY_BUFFER_SIZE] = {0, };
430 int bufLen = sizeof(buffer);
434 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
436 r = _CertService::GetCertPublicKey(__certHandle, reinterpret_cast< char* >(buffer), static_cast< int* >(&bufLen));
437 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_KEY_NOT_FOUND, "[E_KEY_NOT_FOUND] Failed to get certificate public key information.");
439 r = keyBuffer.Construct(bufLen);
440 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
442 r = keyBuffer.SetArray(static_cast< const byte* >(buffer), 0, bufLen);
443 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
447 std::unique_ptr< IPublicKey > pPubKey(dynamic_cast< IPublicKey* >(new (std::nothrow) PublicKey()));
448 SysTryReturn(NID_SEC_CERT, pPubKey != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
450 r = pPubKey->SetKey(keyBuffer);
451 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
453 return pPubKey.release();
456 } } } //Tizen::Security::Cert