src/security/cert/FSecCert_CertExtension.cpp

   1 //
   2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
   3 //
   4 // Licensed under the Apache License, Version 2.0 (the License);
   5 // you may not use this file except in compliance with the License.
   6 // You may obtain a copy of the License at
   7 //
   8 //     http://www.apache.org/licenses/LICENSE-2.0
   9 //
  10 // Unless required by applicable law or agreed to in writing, software
  11 // distributed under the License is distributed on an "AS IS" BASIS,
  12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 // See the License for the specific language governing permissions and
  14 // limitations under the License.
  15 //
  16
  17 /**
  18  * @file                FSecCert_CertExtension.cpp
  19  * @brief               This file contains implementation of X509 Certificate Extensions.
  20 */
  21
  22 #include <stdio.h>
  23 #include <string.h>
  24 #include <stdlib.h>
  25 #include <error.h>
  26 #include <new>
  27 #include <unique_ptr.h>
  28 #include <sys/stat.h>
  29 #include <assert.h>
  30 #include <dirent.h>
  31 #include <FBaseSysLog.h>
  32 #include <FBaseByteBuffer.h>
  33 #include <FBaseResult.h>
  34 #include "FSecCert_CertExtension.h"
  35 #include "FSecCert_CertOidDef.h"
  36
  37 namespace Tizen { namespace Security { namespace Cert
  38 {
  39
  40 struct _ExtTable
  41 {
  42         _CertExt type;
  43         byte* pOid;
  44 }; //_ExtTable
  45
  46 const _ExtTable mExtTable[_MAX_EXT_TABLESIZE] =
  47 {
  48         {_CERT_EXT_BASIC_CONTRAINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_BASIC_CONSTRAINTS))},
  49         {_CERT_EXT_CRL_DISTRIBUTION_POINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_DISTRIBUTION_POINT))},
  50         {_CERT_EXT_KEY_USAGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_KEY_USAGE))},
  51         {_CERT_EXT_AUTHORITY_KEY_IDENTIFIER, reinterpret_cast< byte* >(const_cast< char* >(_OID_AUTHORITY_KEY_IDENTIFIER))},
  52         {_CERT_EXT_SUBJECT_KEY_IDENTIFIER, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_KEY_IDENTIFIER))},
  53         {_CERT_EXT_CERTIFICATE_POLICIES, reinterpret_cast< byte* >(const_cast< char* >(_OID_CERTIFICATE_POLICIES))},
  54         {_CERT_EXT_EXT_KEY_USAGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_EXT_KEY_USAGE))},
  55         {_CERT_EXT_OCSP_NONCE, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_NONCE))},
  56         {_CERT_EXT_OCSP_NO_CHECK, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_NO_CHECK))},
  57         {_CERT_EXT_OCSP, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP))},
  58         {_CERT_EXT_OCSP_SIGNING, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_SIGNING))},
  59         {_CERT_EXT_AUTHORITY_INFO_ACCESS, reinterpret_cast< byte* >(const_cast< char* >(_OID_AUTHORITY_INFO_ACCESS))},
  60         {_CERT_EXT_OMA_DRM_AGENT, reinterpret_cast< byte* >(const_cast< char* >(_OID_DRM_AGENT))},
  61         {_CERT_EXT_OMA_RIGHTS_ISSUER, reinterpret_cast< byte* >(const_cast< char* >(_OID_OMA_KP_RIGHTS_ISSUER))},
  62         {_CERT_EXT_REVOKED_CERTIFICATE_RANGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_REVOKED_CERTIFICATE_RANGE))},
  63         {_CERT_EXT_ISSUING_DISTRIBUTION_POINT, reinterpret_cast< byte* >(const_cast< char* >(_OID_ISSUING_DISTRIBUTION_POINT))},
  64         {_CERT_EXT_CRL_NUMBER, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_NUMBER))},
  65         {_CERT_EXT_CA_ISSUERS, reinterpret_cast< byte* >(const_cast< char* >(_OID_CA_ISSUERS))},
  66         {_CERT_EXT_SUB_ALT_NAME, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_ALT_NAME))},
  67         {_CERT_EXT_SUB_DIR_ATTR, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_DIRECTORY_ATTRIBUTES))},
  68         {_CERT_EXT_PRI_KEY_USAGE_PER, reinterpret_cast< byte* >(const_cast< char* >(_OID_PRIVATE_KEY_USAGE_PERIOD))},
  69         {_CERT_EXT_ISSUER_ALT_NAME, reinterpret_cast< byte* >(const_cast< char* >(_OID_ISSUER_ALT_NAME))},
  70         {_CERT_EXT_REASON_CODE, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_REASON_CODE))},
  71         {_CERT_EXT_INSTRUCTION_CODE, reinterpret_cast< byte* >(const_cast< char* >(_OID_INSTRUCTION_CODE))},
  72         {_CERT_EXT_INVALID_DATE, reinterpret_cast< byte* >(const_cast< char* >(_OID_INVALIDITY_DATE))},
  73         {_CERT_EXT_DELTA_CRL_INDI, reinterpret_cast< byte* >(const_cast< char* >(_OID_DELTA_CRL_INDICATOR))},
  74         {_CERT_EXT_CERTIFICATE_ISSUER, reinterpret_cast< byte* >(const_cast< char* >(_OID_CERTIFICATE_ISSUER))},
  75         {_CERT_EXT_NAME_CONSTRAINT, reinterpret_cast< byte* >(const_cast< char* >(_OID_NAME_CONSTRAINT))},
  76         {_CERT_EXT_POLICY_MAPPING, reinterpret_cast< byte* >(const_cast< char* >(_OID_POLICY_MAPPINGS))},
  77         {_CERT_EXT_POLICY_CONSTRAINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_POLICY_CONSTRAINTS))},
  78         {_CERT_EXT_UNKNOWN, reinterpret_cast< byte* >(const_cast< char* >(""))}
  79 };
  80
  81 //
  82 // _CertExtension class
  83 //
  84 _CertExtension::_CertExtension(void)
  85         : __pExts(null)
  86 {
  87
  88
  89 }
  90
  91 _CertExtension::~_CertExtension(void)
  92 {
  93         short num = 0;
  94         short getId = 0;
  95         _CertExtensionInfo* pTmpExt = __pExts;
  96         _CertExtensionInfo* pNextExt = __pExts;
  97         num = GetExtNum();
  98
  99         for (getId = 0; getId < num; getId++)
 100         {
 101                 if (pTmpExt != null)
 102                 {
 103                         pNextExt = pTmpExt->pCertExtNext;
 104                         delete[] pTmpExt->CertExtValue;
 105                         pTmpExt->CertExtValue = null;
 106                         delete pTmpExt;
 107                 }
 108                 pTmpExt = pNextExt;
 109         }
 110 }
 111
 112 void
 113 _CertExtension::AddExt(byte* pOid, bool critical, byte* pValue, int len)
 114 {
 115         SysTryReturnVoidResult(NID_SEC_CERT, pOid != null, E_INVALID_ARG, "Invalid input parameter.");
 116         SysTryReturnVoidResult(NID_SEC_CERT, pValue != null, E_INVALID_ARG, "Invalid input parameter.");
 117
 118         std::unique_ptr< _CertExtensionInfo > pAddExt(new (std::nothrow) _CertExtensionInfo());
 119         SysTryReturnVoidResult(NID_SEC_CERT, pAddExt != null, E_OUT_OF_MEMORY, "Failed to allocate memory");
 120
 121         // GetExtType
 122         pAddExt->CertExtType = GetExtType(pOid);
 123
 124         pAddExt->CertExtCritical = critical;
 125
 126         pAddExt->CertExtValue = new (std::nothrow) byte[len + 1];
 127         SysTryReturnVoidResult(NID_SEC_CERT, pAddExt->CertExtValue != null, E_OUT_OF_MEMORY, "Failed to allocate memory");
 128
 129         memset(pAddExt->CertExtValue, 0, len + 1);
 130         memcpy(pAddExt->CertExtValue, pValue, len);
 131         pAddExt->CertExtLength = len;
 132         pAddExt->pCertExtNext = null;
 133
 134         if (__pExts == null)
 135         {
 136                 __pExts = pAddExt.release();
 137         }
 138         else
 139         {
 140                 _CertExtensionInfo* pTmpExt = __pExts;
 141                 __pExts = pAddExt.release();
 142                 __pExts->pCertExtNext = pTmpExt;
 143         }
 144
 145         return;
 146 }
 147 _CertExtensionInfo*
 148 _CertExtension::GetExt(byte* pOid)
 149 {
 150         byte* pExtOid = null;
 151         SysTryReturn(NID_SEC_CERT, pOid != null, null, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input parameter.");
 152
 153         _CertExtensionInfo* pTmpExt = __pExts;
 154         while (pTmpExt)
 155         {
 156                 pExtOid = GetExtOid(pTmpExt->CertExtType);
 157                 if (pExtOid != null)
 158                 {
 159                         if (strcmp(reinterpret_cast< const char* >(pExtOid), reinterpret_cast< const char* >(pOid)) == 0)
 160                         {
 161                                 return pTmpExt;
 162                         }
 163                 }
 164                 pTmpExt = pTmpExt->pCertExtNext;
 165         }
 166
 167         return null;
 168 }
 169
 170 _CertExtensionInfo*
 171 _CertExtension::GetExt(_CertExt type)
 172 {
 173         _CertExtensionInfo* pTmpExt = __pExts;
 174         while (pTmpExt)
 175         {
 176                 if (pTmpExt->CertExtType == type)
 177                 {
 178                         return pTmpExt;
 179                 }
 180                 pTmpExt = pTmpExt->pCertExtNext;
 181         }
 182         return null;
 183 }
 184
 185 short
 186 _CertExtension::GetExtNum(void)
 187 {
 188         _CertExtensionInfo* pTmpExt = __pExts;
 189         short num = 0;
 190         while (pTmpExt)
 191         {
 192                 num++;
 193                 pTmpExt = pTmpExt->pCertExtNext;
 194         }
 195         return num;
 196 }
 197
 198 _CertExtensionInfo*
 199 _CertExtension::GetExtEntry(short getId)
 200 {
 201         _CertExtensionInfo* pTmpExt = __pExts;
 202         short index = 1;
 203
 204         for (index = 1; index < getId; index++)
 205         {
 206                 if (pTmpExt != null)
 207                 {
 208                         pTmpExt = pTmpExt->pCertExtNext;
 209                 }
 210         }
 211         return pTmpExt;
 212 }
 213
 214 _CertExt
 215 _CertExtension::GetExtType(byte* pOid)
 216 {
 217         short index = 0;
 218
 219         SysTryReturn(NID_SEC_CERT, pOid != null, _CERT_EXT_UNKNOWN, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input parameter.");
 220
 221         for (index = 0; index < _MAX_EXT_TABLESIZE; index++)
 222         {
 223                 if (strcmp(reinterpret_cast< const char* >(mExtTable[index].pOid), reinterpret_cast< const char* >(pOid)) == 0)
 224                 {
 225                         return mExtTable[index].type;
 226                 }
 227         }
 228         return _CERT_EXT_UNKNOWN;
 229 }
 230
 231 byte*
 232 _CertExtension::GetExtOid(_CertExt type)
 233 {
 234         short index = 0;
 235
 236         for (index = 0; index < _MAX_EXT_TABLESIZE; index++)
 237         {
 238                 if (mExtTable[index].type == type)
 239                 {
 240                         return mExtTable[index].pOid;
 241                 }
 242         }
 243         return null;
 244 }
 245
 246 } } } //Tizen::Security::Cert