src/security/cert/FSecCert_CertExtension.cpp

   1 //
   2 // Open Service Platform
   3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
   4 //
   5 // Licensed under the Apache License, Version 2.0 (the License);
   6 // you may not use this file except in compliance with the License.
   7 // You may obtain a copy of the License at
   8 //
   9 //     http://www.apache.org/licenses/LICENSE-2.0
  10 //
  11 // Unless required by applicable law or agreed to in writing, software
  12 // distributed under the License is distributed on an "AS IS" BASIS,
  13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14 // See the License for the specific language governing permissions and
  15 // limitations under the License.
  16 //
  17
  18 /**
  19  * @file                FSecCert_CertExtension.cpp
  20  * @brief               This file contains implementation of X509 Certificate Extensions.
  21 */
  22
  23 #include <stdio.h>
  24 #include <string.h>
  25 #include <stdlib.h>
  26 #include <error.h>
  27 #include <new>
  28 #include <unique_ptr.h>
  29 #include <sys/stat.h>
  30 #include <assert.h>
  31 #include <dirent.h>
  32 #include <FBaseSysLog.h>
  33 #include <FBaseByteBuffer.h>
  34 #include <FBaseResult.h>
  35 #include "FSecCert_CertExtension.h"
  36 #include "FSecCert_CertOidDef.h"
  37
  38 namespace Tizen { namespace Security { namespace Cert
  39 {
  40
  41 struct _ExtTable
  42 {
  43         _CertExt type;
  44         byte* pOid;
  45 }; //_ExtTable
  46
  47 const _ExtTable mExtTable[_MAX_EXT_TABLESIZE] =
  48 {
  49         {_CERT_EXT_BASIC_CONTRAINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_BASIC_CONSTRAINTS))},
  50         {_CERT_EXT_CRL_DISTRIBUTION_POINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_DISTRIBUTION_POINT))},
  51         {_CERT_EXT_KEY_USAGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_KEY_USAGE))},
  52         {_CERT_EXT_AUTHORITY_KEY_IDENTIFIER, reinterpret_cast< byte* >(const_cast< char* >(_OID_AUTHORITY_KEY_IDENTIFIER))},
  53         {_CERT_EXT_SUBJECT_KEY_IDENTIFIER, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_KEY_IDENTIFIER))},
  54         {_CERT_EXT_CERTIFICATE_POLICIES, reinterpret_cast< byte* >(const_cast< char* >(_OID_CERTIFICATE_POLICIES))},
  55         {_CERT_EXT_EXT_KEY_USAGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_EXT_KEY_USAGE))},
  56         {_CERT_EXT_OCSP_NONCE, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_NONCE))},
  57         {_CERT_EXT_OCSP_NO_CHECK, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_NO_CHECK))},
  58         {_CERT_EXT_OCSP, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP))},
  59         {_CERT_EXT_OCSP_SIGNING, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_SIGNING))},
  60         {_CERT_EXT_AUTHORITY_INFO_ACCESS, reinterpret_cast< byte* >(const_cast< char* >(_OID_AUTHORITY_INFO_ACCESS))},
  61         {_CERT_EXT_OMA_DRM_AGENT, reinterpret_cast< byte* >(const_cast< char* >(_OID_DRM_AGENT))},
  62         {_CERT_EXT_OMA_RIGHTS_ISSUER, reinterpret_cast< byte* >(const_cast< char* >(_OID_OMA_KP_RIGHTS_ISSUER))},
  63         {_CERT_EXT_REVOKED_CERTIFICATE_RANGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_REVOKED_CERTIFICATE_RANGE))},
  64         {_CERT_EXT_ISSUING_DISTRIBUTION_POINT, reinterpret_cast< byte* >(const_cast< char* >(_OID_ISSUING_DISTRIBUTION_POINT))},
  65         {_CERT_EXT_CRL_NUMBER, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_NUMBER))},
  66         {_CERT_EXT_CA_ISSUERS, reinterpret_cast< byte* >(const_cast< char* >(_OID_CA_ISSUERS))},
  67         {_CERT_EXT_SUB_ALT_NAME, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_ALT_NAME))},
  68         {_CERT_EXT_SUB_DIR_ATTR, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_DIRECTORY_ATTRIBUTES))},
  69         {_CERT_EXT_PRI_KEY_USAGE_PER, reinterpret_cast< byte* >(const_cast< char* >(_OID_PRIVATE_KEY_USAGE_PERIOD))},
  70         {_CERT_EXT_ISSUER_ALT_NAME, reinterpret_cast< byte* >(const_cast< char* >(_OID_ISSUER_ALT_NAME))},
  71         {_CERT_EXT_REASON_CODE, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_REASON_CODE))},
  72         {_CERT_EXT_INSTRUCTION_CODE, reinterpret_cast< byte* >(const_cast< char* >(_OID_INSTRUCTION_CODE))},
  73         {_CERT_EXT_INVALID_DATE, reinterpret_cast< byte* >(const_cast< char* >(_OID_INVALIDITY_DATE))},
  74         {_CERT_EXT_DELTA_CRL_INDI, reinterpret_cast< byte* >(const_cast< char* >(_OID_DELTA_CRL_INDICATOR))},
  75         {_CERT_EXT_CERTIFICATE_ISSUER, reinterpret_cast< byte* >(const_cast< char* >(_OID_CERTIFICATE_ISSUER))},
  76         {_CERT_EXT_NAME_CONSTRAINT, reinterpret_cast< byte* >(const_cast< char* >(_OID_NAME_CONSTRAINT))},
  77         {_CERT_EXT_POLICY_MAPPING, reinterpret_cast< byte* >(const_cast< char* >(_OID_POLICY_MAPPINGS))},
  78         {_CERT_EXT_POLICY_CONSTRAINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_POLICY_CONSTRAINTS))},
  79         {_CERT_EXT_UNKNOWN, reinterpret_cast< byte* >(const_cast< char* >(""))}
  80 };
  81
  82 //
  83 // _CertExtension class
  84 //
  85 _CertExtension::_CertExtension(void)
  86         : __pExts(null)
  87 {
  88
  89
  90 }
  91
  92 _CertExtension::~_CertExtension(void)
  93 {
  94         short num = 0;
  95         short getId = 0;
  96         _CertExtensionInfo* pTmpExt = __pExts;
  97         _CertExtensionInfo* pNextExt = __pExts;
  98         num = GetExtNum();
  99
 100         for (getId = 0; getId < num; getId++)
 101         {
 102                 if (pTmpExt != null)
 103                 {
 104                         pNextExt = pTmpExt->pCertExtNext;
 105                         delete[] pTmpExt->CertExtValue;
 106                         pTmpExt->CertExtValue = null;
 107                         delete pTmpExt;
 108                 }
 109                 pTmpExt = pNextExt;
 110         }
 111 }
 112
 113 void
 114 _CertExtension::AddExt(byte* pOid, bool critical, byte* pValue, int len)
 115 {
 116         SysTryReturnVoidResult(NID_SEC_CERT, pOid != null, E_INVALID_ARG, "Invalid input parameter.");
 117         SysTryReturnVoidResult(NID_SEC_CERT, pValue != null, E_INVALID_ARG, "Invalid input parameter.");
 118
 119         std::unique_ptr< _CertExtensionInfo > pAddExt(new (std::nothrow) _CertExtensionInfo());
 120         SysTryReturnVoidResult(NID_SEC_CERT, pAddExt != null, E_OUT_OF_MEMORY, "Failed to allocate memory");
 121
 122         // GetExtType
 123         pAddExt->CertExtType = GetExtType(pOid);
 124
 125         pAddExt->CertExtCritical = critical;
 126
 127         pAddExt->CertExtValue = new (std::nothrow) byte[len + 1];
 128         SysTryReturnVoidResult(NID_SEC_CERT, pAddExt->CertExtValue != null, E_OUT_OF_MEMORY, "Failed to allocate memory");
 129
 130         memset(pAddExt->CertExtValue, 0, len + 1);
 131         memcpy(pAddExt->CertExtValue, pValue, len);
 132         pAddExt->CertExtLength = len;
 133         pAddExt->pCertExtNext = null;
 134
 135         if (__pExts == null)
 136         {
 137                 __pExts = pAddExt.release();
 138         }
 139         else
 140         {
 141                 _CertExtensionInfo* pTmpExt = __pExts;
 142                 __pExts = pAddExt.release();
 143                 __pExts->pCertExtNext = pTmpExt;
 144         }
 145
 146         return;
 147 }
 148 _CertExtensionInfo*
 149 _CertExtension::GetExt(byte* pOid)
 150 {
 151         byte* pExtOid = null;
 152         SysTryReturn(NID_SEC_CERT, pOid != null, null, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input parameter.");
 153
 154         _CertExtensionInfo* pTmpExt = __pExts;
 155         while (pTmpExt)
 156         {
 157                 pExtOid = GetExtOid(pTmpExt->CertExtType);
 158                 if (pExtOid != null)
 159                 {
 160                         if (strcmp(reinterpret_cast< const char* >(pExtOid), reinterpret_cast< const char* >(pOid)) == 0)
 161                         {
 162                                 return pTmpExt;
 163                         }
 164                 }
 165                 pTmpExt = pTmpExt->pCertExtNext;
 166         }
 167
 168         return null;
 169 }
 170
 171 _CertExtensionInfo*
 172 _CertExtension::GetExt(_CertExt type)
 173 {
 174         _CertExtensionInfo* pTmpExt = __pExts;
 175         while (pTmpExt)
 176         {
 177                 if (pTmpExt->CertExtType == type)
 178                 {
 179                         return pTmpExt;
 180                 }
 181                 pTmpExt = pTmpExt->pCertExtNext;
 182         }
 183         return null;
 184 }
 185
 186 short
 187 _CertExtension::GetExtNum(void)
 188 {
 189         _CertExtensionInfo* pTmpExt = __pExts;
 190         short num = 0;
 191         while (pTmpExt)
 192         {
 193                 num++;
 194                 pTmpExt = pTmpExt->pCertExtNext;
 195         }
 196         return num;
 197 }
 198
 199 _CertExtensionInfo*
 200 _CertExtension::GetExtEntry(short getId)
 201 {
 202         _CertExtensionInfo* pTmpExt = __pExts;
 203         short index = 1;
 204
 205         for (index = 1; index < getId; index++)
 206         {
 207                 if (pTmpExt != null)
 208                 {
 209                         pTmpExt = pTmpExt->pCertExtNext;
 210                 }
 211         }
 212         return pTmpExt;
 213 }
 214
 215 _CertExt
 216 _CertExtension::GetExtType(byte* pOid)
 217 {
 218         short index = 0;
 219
 220         SysTryReturn(NID_SEC_CERT, pOid != null, _CERT_EXT_UNKNOWN, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input parameter.");
 221
 222         for (index = 0; index < _MAX_EXT_TABLESIZE; index++)
 223         {
 224                 if (strcmp(reinterpret_cast< const char* >(mExtTable[index].pOid), reinterpret_cast< const char* >(pOid)) == 0)
 225                 {
 226                         return mExtTable[index].type;
 227                 }
 228         }
 229         return _CERT_EXT_UNKNOWN;
 230 }
 231
 232 byte*
 233 _CertExtension::GetExtOid(_CertExt type)
 234 {
 235         short index = 0;
 236
 237         for (index = 0; index < _MAX_EXT_TABLESIZE; index++)
 238         {
 239                 if (mExtTable[index].type == type)
 240                 {
 241                         return mExtTable[index].pOid;
 242                 }
 243         }
 244         return null;
 245 }
 246
 247 } } } //Tizen::Security::Cert