2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSecCert_CertExtension.cpp
19 * @brief This file contains implementation of X509 Certificate Extensions.
27 #include <unique_ptr.h>
31 #include <FBaseSysLog.h>
32 #include <FBaseByteBuffer.h>
33 #include <FBaseResult.h>
34 #include "FSecCert_CertExtension.h"
35 #include "FSecCert_CertOidDef.h"
37 namespace Tizen { namespace Security { namespace Cert
46 const _ExtTable mExtTable[_MAX_EXT_TABLESIZE] =
48 {_CERT_EXT_BASIC_CONTRAINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_BASIC_CONSTRAINTS))},
49 {_CERT_EXT_CRL_DISTRIBUTION_POINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_DISTRIBUTION_POINT))},
50 {_CERT_EXT_KEY_USAGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_KEY_USAGE))},
51 {_CERT_EXT_AUTHORITY_KEY_IDENTIFIER, reinterpret_cast< byte* >(const_cast< char* >(_OID_AUTHORITY_KEY_IDENTIFIER))},
52 {_CERT_EXT_SUBJECT_KEY_IDENTIFIER, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_KEY_IDENTIFIER))},
53 {_CERT_EXT_CERTIFICATE_POLICIES, reinterpret_cast< byte* >(const_cast< char* >(_OID_CERTIFICATE_POLICIES))},
54 {_CERT_EXT_EXT_KEY_USAGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_EXT_KEY_USAGE))},
55 {_CERT_EXT_OCSP_NONCE, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_NONCE))},
56 {_CERT_EXT_OCSP_NO_CHECK, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_NO_CHECK))},
57 {_CERT_EXT_OCSP, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP))},
58 {_CERT_EXT_OCSP_SIGNING, reinterpret_cast< byte* >(const_cast< char* >(_OID_OCSP_SIGNING))},
59 {_CERT_EXT_AUTHORITY_INFO_ACCESS, reinterpret_cast< byte* >(const_cast< char* >(_OID_AUTHORITY_INFO_ACCESS))},
60 {_CERT_EXT_OMA_DRM_AGENT, reinterpret_cast< byte* >(const_cast< char* >(_OID_DRM_AGENT))},
61 {_CERT_EXT_OMA_RIGHTS_ISSUER, reinterpret_cast< byte* >(const_cast< char* >(_OID_OMA_KP_RIGHTS_ISSUER))},
62 {_CERT_EXT_REVOKED_CERTIFICATE_RANGE, reinterpret_cast< byte* >(const_cast< char* >(_OID_REVOKED_CERTIFICATE_RANGE))},
63 {_CERT_EXT_ISSUING_DISTRIBUTION_POINT, reinterpret_cast< byte* >(const_cast< char* >(_OID_ISSUING_DISTRIBUTION_POINT))},
64 {_CERT_EXT_CRL_NUMBER, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_NUMBER))},
65 {_CERT_EXT_CA_ISSUERS, reinterpret_cast< byte* >(const_cast< char* >(_OID_CA_ISSUERS))},
66 {_CERT_EXT_SUB_ALT_NAME, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_ALT_NAME))},
67 {_CERT_EXT_SUB_DIR_ATTR, reinterpret_cast< byte* >(const_cast< char* >(_OID_SUBJECT_DIRECTORY_ATTRIBUTES))},
68 {_CERT_EXT_PRI_KEY_USAGE_PER, reinterpret_cast< byte* >(const_cast< char* >(_OID_PRIVATE_KEY_USAGE_PERIOD))},
69 {_CERT_EXT_ISSUER_ALT_NAME, reinterpret_cast< byte* >(const_cast< char* >(_OID_ISSUER_ALT_NAME))},
70 {_CERT_EXT_REASON_CODE, reinterpret_cast< byte* >(const_cast< char* >(_OID_CRL_REASON_CODE))},
71 {_CERT_EXT_INSTRUCTION_CODE, reinterpret_cast< byte* >(const_cast< char* >(_OID_INSTRUCTION_CODE))},
72 {_CERT_EXT_INVALID_DATE, reinterpret_cast< byte* >(const_cast< char* >(_OID_INVALIDITY_DATE))},
73 {_CERT_EXT_DELTA_CRL_INDI, reinterpret_cast< byte* >(const_cast< char* >(_OID_DELTA_CRL_INDICATOR))},
74 {_CERT_EXT_CERTIFICATE_ISSUER, reinterpret_cast< byte* >(const_cast< char* >(_OID_CERTIFICATE_ISSUER))},
75 {_CERT_EXT_NAME_CONSTRAINT, reinterpret_cast< byte* >(const_cast< char* >(_OID_NAME_CONSTRAINT))},
76 {_CERT_EXT_POLICY_MAPPING, reinterpret_cast< byte* >(const_cast< char* >(_OID_POLICY_MAPPINGS))},
77 {_CERT_EXT_POLICY_CONSTRAINTS, reinterpret_cast< byte* >(const_cast< char* >(_OID_POLICY_CONSTRAINTS))},
78 {_CERT_EXT_UNKNOWN, reinterpret_cast< byte* >(const_cast< char* >(""))}
82 // _CertExtension class
84 _CertExtension::_CertExtension(void)
91 _CertExtension::~_CertExtension(void)
95 _CertExtensionInfo* pTmpExt = __pExts;
96 _CertExtensionInfo* pNextExt = __pExts;
99 for (getId = 0; getId < num; getId++)
103 pNextExt = pTmpExt->pCertExtNext;
104 delete[] pTmpExt->CertExtValue;
105 pTmpExt->CertExtValue = null;
113 _CertExtension::AddExt(byte* pOid, bool critical, byte* pValue, int len)
115 SysTryReturnVoidResult(NID_SEC_CERT, pOid != null, E_INVALID_ARG, "Invalid input parameter.");
116 SysTryReturnVoidResult(NID_SEC_CERT, pValue != null, E_INVALID_ARG, "Invalid input parameter.");
118 std::unique_ptr< _CertExtensionInfo > pAddExt(new (std::nothrow) _CertExtensionInfo());
119 SysTryReturnVoidResult(NID_SEC_CERT, pAddExt != null, E_OUT_OF_MEMORY, "Failed to allocate memory");
122 pAddExt->CertExtType = GetExtType(pOid);
124 pAddExt->CertExtCritical = critical;
126 pAddExt->CertExtValue = new (std::nothrow) byte[len + 1];
127 SysTryReturnVoidResult(NID_SEC_CERT, pAddExt->CertExtValue != null, E_OUT_OF_MEMORY, "Failed to allocate memory");
129 memset(pAddExt->CertExtValue, 0, len + 1);
130 memcpy(pAddExt->CertExtValue, pValue, len);
131 pAddExt->CertExtLength = len;
132 pAddExt->pCertExtNext = null;
136 __pExts = pAddExt.release();
140 _CertExtensionInfo* pTmpExt = __pExts;
141 __pExts = pAddExt.release();
142 __pExts->pCertExtNext = pTmpExt;
148 _CertExtension::GetExt(byte* pOid)
150 byte* pExtOid = null;
151 SysTryReturn(NID_SEC_CERT, pOid != null, null, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input parameter.");
153 _CertExtensionInfo* pTmpExt = __pExts;
156 pExtOid = GetExtOid(pTmpExt->CertExtType);
159 if (strcmp(reinterpret_cast< const char* >(pExtOid), reinterpret_cast< const char* >(pOid)) == 0)
164 pTmpExt = pTmpExt->pCertExtNext;
171 _CertExtension::GetExt(_CertExt type)
173 _CertExtensionInfo* pTmpExt = __pExts;
176 if (pTmpExt->CertExtType == type)
180 pTmpExt = pTmpExt->pCertExtNext;
186 _CertExtension::GetExtNum(void)
188 _CertExtensionInfo* pTmpExt = __pExts;
193 pTmpExt = pTmpExt->pCertExtNext;
199 _CertExtension::GetExtEntry(short getId)
201 _CertExtensionInfo* pTmpExt = __pExts;
204 for (index = 1; index < getId; index++)
208 pTmpExt = pTmpExt->pCertExtNext;
215 _CertExtension::GetExtType(byte* pOid)
219 SysTryReturn(NID_SEC_CERT, pOid != null, _CERT_EXT_UNKNOWN, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input parameter.");
221 for (index = 0; index < _MAX_EXT_TABLESIZE; index++)
223 if (strcmp(reinterpret_cast< const char* >(mExtTable[index].pOid), reinterpret_cast< const char* >(pOid)) == 0)
225 return mExtTable[index].type;
228 return _CERT_EXT_UNKNOWN;
232 _CertExtension::GetExtOid(_CertExt type)
236 for (index = 0; index < _MAX_EXT_TABLESIZE; index++)
238 if (mExtTable[index].type == type)
240 return mExtTable[index].pOid;
246 } } } //Tizen::Security::Cert