2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSecCert_CertService.h
20 * @brief This header file contains the declarations of CertService APIs.
22 * This header file contains the declarations of CertService APIs.
25 #ifndef _FSEC_CERT_INTERNAL_CERT_SERVICE_H_
26 #define _FSEC_CERT_INTERNAL_CERT_SERVICE_H_
28 #include <FOspConfig.h>
30 #include "FSecCert_CertTypes.h"
32 namespace Tizen { namespace Security { namespace Cert
37 * @brief This class is provide Services API for Certificate Management.
40 * The %_CertService class is used for to provide Certificate Management's Services API.
42 * For more information on the class features, see <a href="../com.osp.cppappprogramming.help/html/dev_guide/security/certificate_namespace.htm">Certificates</a>.
45 class _OSP_EXPORT_ _CertService
49 * This function initializes the Db tables and removes and installs certificates .
52 * @return An error code.
53 * @exception E_SUCCESS The method is successful.
54 * @exception E_OUT_OF_MEMORY The memory is insufficient.
55 * @exception E_SYSTEM A system error has occurred.
56 * - File operation failed.
58 static result InitializeDb(void);
61 * This function initializes the Db tables. If tables are not created already, this function creates the Db tables.
64 * @return An error code.
65 * @exception E_SUCCESS The method is successful.
66 * @exception E_OUT_OF_MEMORY The memory is insufficient.
67 * @exception E_SYSTEM A system error has occurred.
68 * - File operation failed.
70 static result Initialize(void);
73 * This function drops the tables and removes all certificate files from the storage.
76 * @return An error code.
77 * @exception E_SUCCESS The method is successful.
78 * @exception E_SYSTEM A system error has occurred.
79 * - File operation failed.
81 static result DropTables(void);
84 * This function resets (deletes and creates) db tables.
87 * @return An error code.
88 * @exception E_SUCCESS The method is successful.
89 * @exception E_SYSTEM A system error has occurred.
90 * - File operation error.
91 * - DB operation failed.
93 static result ResetTables(void);
96 * This function removes all certificates.
99 * @return An error code.
100 * @exception E_SUCCESS The method is successful.
101 * @exception E_SYSTEM A system error has occurred.
102 * - File operation error.
103 * - DB operation failed.
105 static result MasterReset(void);
108 * This function reinstall Db.
111 * @return An error code.
112 * @exception E_SUCCESS The method is successful.
113 * @exception E_SYSTEM A system error has occurred.
114 * - File operation error.
115 * - DB operation failed.
117 static result ReInitializeDb(void);
120 * This function installs the certificates into the Db table identified by input type.
123 * @return If success this function returns number of certificates installed in Db tables,
124 * -1 in case of failure, 0 in case of no certificates present in directory.
125 * @param[in] type Type of certificates to install in Db table.
126 * @exception E_SUCCESS The method is successful.
127 * @exception E_INVALID_ARG The specified input parameter is invalid.
128 * @exception E_OUT_OF_MEMORY The memory is insufficient.
129 * @exception E_SYSTEM A system error has occurred.
130 * - File operation failed.
131 * - DB operation failed.
132 * @remarks The specific error code can be accessed using the GetLastResult() method.
134 static int InsertCert(_CaCertType type);
137 * This function installs all certificates identified by a given certificate type.
140 * @return An error code.
141 * @param[in] certTrustTypes Certificate type.
142 * @param[out] pCertCount Number of installed certificates by this function.
143 * @exception E_SUCCESS The method is successful.
144 * @exception E_INVALID_ARG The specified input parameter is invalid.
145 * @exception E_OUT_OF_MEMORY The memory is insufficient.
146 * @exception E_SYSTEM A system error has occurred.
147 * - File operation failed.
148 * - DB operation failed.
150 static result InsertCerts(int certTrustTypes, int* pCertCount);
153 * This function installs the Default root certificate from pBuffer into Db table identified by type and format of the certificate.
156 * @return An error code.
157 * @param[in] type Type of the certificate to install in Db table.
158 * @param[in] format Format of input certificate pBuffer (X.509).
159 * @param[in] pCertBuf Input certificate pBuffer.
160 * @param[in] certLen Input certificate pBuffer length.
161 * @exception E_SUCCESS The method is successful.
162 * @exception E_INVALID_ARG The specified input parameter is invalid.
163 * @exception E_OUT_OF_MEMORY The memory is insufficient.
164 * @exception E_SYSTEM A system error has occurred.
165 * - File operation failed.
166 * - DB operation failed.
168 static result InsertDefaultCaCertificate(_CaCertType type, _CertFormat format, byte* pCertBuf, int certLen);
171 * This function installs the root certificate from pBuffer into Db table identified by type and format of the certificate.
174 * @return An error code.
175 * @param[in] type Type of the certificate to install in Db table.
176 * @param[in] format Format of input certificate pBuffer (X.509).
177 * @param[in] pCertBuf Input certificate pBuffer.
178 * @param[in] certLen Input certificate pBuffer length.
179 * @exception E_SUCCESS The method is successful.
180 * @exception E_INVALID_ARG The specified input parameter is invalid.
181 * @exception E_OUT_OF_MEMORY The memory is insufficient.
182 * @exception E_SYSTEM A system error has occurred.
183 * - File operation failed.
184 * - DB operation failed.
186 static result InsertCaCertificate(_CaCertType type, _CertFormat format, byte* pCertBuf, int certLen);
189 * This function installs the user root certificate from buffer into Db table identified by format of the certificate.
192 * @return An error code.
193 * @param[in] format Format of input certificate buffer (X.509).
194 * @param[in] pCert Input certificate buffer.
195 * @param[in] certLen Length of input certificate buffer.
196 * @exception E_SUCCESS The method is successful.
197 * @exception E_INVALID_ARG The specified input parameter is invalid.
198 * @exception E_OUT_OF_MEMORY The memory is insufficient.
200 static result InsertUserCaCertificate(_CertFormat format, char* pCert, int certLen);
203 * This function installs User Root Certificate given by a certificate file path.
206 * @return An error code.
207 * @param[in] pFilePath Certificate file path where the certificate file is located.
208 * @exception E_SUCCESS The method is successful.
209 * @exception E_INVALID_ARG The specified input parameter is invalid.
210 * @exception E_OUT_OF_MEMORY The memory is insufficient.
211 * @exception E_SYSTEM A system error has occurred.
212 * - File operation failed.
213 * - DB operation failed.
215 static result InsertUserCaCertificate(byte* pFilePath);
218 * This function installs the Default user CA certificates from storage identified.
221 * @return This function returns count of installed Device certificates.
222 * @remarks The specific error code can be accessed using the GetLastResult() method.
224 static int InsertUserCaCertificatesToRootDb(void);
227 * This function inserts user certificate chain into DB and store certificate and private key(encrypted) in file system.
228 * The certificate chain should contain chain of certificate, be in order "DeviceCertificate||CA(n)Certificate||.....". Excluding/including Root CA.
229 * If CA is not present in chain then it should be previously installed. Format of Certificate chain/key should be DER encoded.
230 * Only one private key must be supplied in private key parameter.
233 * @return An error code.
234 * @param[in] pCertChainBuffer User certificate chain buffer.
235 * @param[in] certChainLength Certificate chain buffer length.
236 * @param[in] pUserPrivateKey User private Key buffer.
237 * @param[in] userPrivateKeyLength User private key length.
238 * @exception E_SUCCESS The method is successful.
239 * @exception E_INVALID_ARG The specified input parameter is invalid.
240 * @exception E_OUT_OF_MEMORY The memory is insufficient.
241 * @exception E_SYSTEM A system error has occurred.
242 * - File operation failed.
243 * - DB operation failed.
245 static result InsertUserCertChainPrivateKey(char* pCertChainBuffer, int certChainLength, char* pUserPrivateKey, int userPrivateKeyLength);
248 * This function inserts user certificate chain including private key into DB and store certificate and private key(encrypted) in file system.
249 * The certificate chain should contain chain of certificate, be in order "user key || DeviceCertificate||CA(n)Certificate||.....". Excluding/including Root CA.
250 * If CA is not present in chain then it should be previously installed. Format of Certificate chain/key buffer should be DER encoded.
251 * Only one private key must be supplied in private key parameter.
254 * @return An error code.
255 * @param[in] pCertChainPrivateKeyBuffer User private key and certificate chain buffer.
256 * @param[in] certChainPrivateKeyLength Private key and certificate chain buffer length.
257 * @exception E_SUCCESS The method is successful.
258 * @exception E_INVALID_ARG The specified input parameter is invalid.
259 * @exception E_OUT_OF_MEMORY The memory is insufficient.
260 * @exception E_SYSTEM A system error has occurred.
261 * - File operation failed.
262 * - DB operation failed.
264 static result InsertCertificateChainWithPrivateKey(char* pCertChainPrivateKeyBuffer, int certChainPrivateKeyLength);
267 * This function verify certificate chain using DB.
268 * Note : It is a certificate chain which contains User certificate without private key.
269 * Chain can contain multiple certificate including Device, Intermediate and CA Certificate.
270 * If Root CA/Intermediate CA is not present in DB then it should be provided with chain, to be able to verify the certificate.
273 * @return An error code.
274 * @param[in] pCertCtx Certificate chain context.
275 * @exception E_SUCCESS The method is successful.
276 * @exception E_INVALID_ARG The specified input parameter is invalid.
277 * @exception E_OUT_OF_MEMORY The memory is insufficient.
278 * @exception E_SYSTEM A system error has occurred.
279 * - File operation failed.
280 * - DB operation failed.
282 static result InsertCertificateChainContext(CertChainCtx pCertCtx);
285 * This function installs PKCS#12 contents into certificate DB and store certificate and private key(encrypted) in file system.
286 * Identified by filename and password provided by user.
289 * @return An error code.
290 * @param[in] pPkcs12FilePath Filename of PKCS#12 content.
291 * @param[in] pPkcs12ImportPassword Password of the PKCS#12 content.
292 * @exception E_SUCCESS The method is successful.
293 * @exception E_INVALID_ARG The specified input parameter is invalid.
294 * @exception E_OUT_OF_MEMORY The memory is insufficient.
295 * @exception E_SYSTEM A system error has occurred.
296 * - File operation failed.
297 * - DB operation error.
298 * - OpenSSL operation error.
300 static result InsertPkcs12Content(char* pPkcs12FilePath, char* pPkcs12ImportPassword);
303 * This function removes the certificates from storage identified by input certificate type.
306 * @return An error code.
307 * @param[in] type Type of certificates to remove.
308 * @exception E_SUCCESS The method is successful.
309 * @exception E_INVALID_ARG The specified input parameter is invalid.
310 * @exception E_SYSTEM A system error has occurred.
311 * - File operation error.
312 * - DB operation error.
314 static result RemoveCert(_CaCertType type);
317 * This function removes all certificates identified by a given certificate type.
320 * @return An error code.
321 * @param[in] certTrustTypes Certificate types.
322 * @exception E_SUCCESS The method is successful.
323 * @exception E_INVALID_ARG The specified input parameter is invalid.
324 * @exception E_SYSTEM A system error has occurred.
325 * - File operation error.
326 * - DB operation error.
328 static result RemoveCerts(int certTrustTypes);
331 * This function deletes the root certificate
334 * @return An error code.
335 * @param[in] type Ca Cert Type.
336 * @param[in] pBuffer Input Buffer.
337 * @param[in] bufLen Buffer length.
338 * @exception E_SUCCESS The method is successful.
339 * @exception E_INVALID_ARG The specified input parameter is invalid.
340 * @exception E_SYSTEM A system error has occurred.
341 * - File operation error.
342 * - DB operation error.
344 static result RemoveCaCertificate(_CaCertType type, char* pBuffer, int bufLen); // if same certificate is in Db, remove the certificate.
347 * This function un-installs User Root Certificate given by a certificate ID.
350 * @return An error code.
351 * @param[in] certId Certificate Id.
352 * @exception E_SUCCESS The method is successful.
353 * @exception E_INVALID_ARG The specified input parameter is invalid.
354 * @exception E_OUT_OF_MEMORY The memory is insufficient.
355 * @exception E_SYSTEM A system error has occurred.
356 * - File operation error.
357 * - DB operation error.
359 static result RemoveUserCaCertificateByCertId(int certId);
362 * This function removes the Default user CA certificates from the storage identified.
365 * @return An error code.
366 * @exception E_SUCCESS The method is successful.
367 * @exception E_SYSTEM A system error has occurred.
368 * - File operation error.
369 * - DB operation error.
371 static result RemoveUserCaCertificatesFromRootDb(void);
374 * This function deletes user certificate chain on the basis of Certificate ID.
377 * @return An error code.
378 * @param[in] certId Id of certificate as in DB.
379 * @exception E_SUCCESS The method is successful.
380 * @exception E_INVALID_ARG The specified input parameter is invalid.
381 * @exception E_OUT_OF_MEMORY The memory is insufficient.
382 * @exception E_SYSTEM A system error has occurred.
383 * - File operation error.
384 * - DB operation error.
386 static result RemoveUserCertChainByCertId(int certId);
389 * This function opens the context identified by calling application.
392 * @return An error code.
393 * @param[in] type Calling application type.
394 * @param[out] pCertCtx Pointer to context as out parameter.
395 * @exception E_SUCCESS The method is successful.
396 * @exception E_INVALID_ARG The specified input parameter is invalid.
397 * @exception E_OUT_OF_MEMORY The memory is insufficient.
399 static result OpenContext(_CertContextType type, CertChainCtx* pCertCtx);
402 * This function adds the input certificate in the opened certificate context.
405 * @return An error code.
406 * @param[in] certCtx Handle to the certificate context.
407 * @param[in] pCertBuf Certificate pBuffer.
408 * @param[in] certLen Certificate pBuffer length.
409 * @exception E_SUCCESS The method is successful.
410 * @exception E_INVALID_ARG The specified input parameter is invalid.
411 * @exception E_OUT_OF_MEMORY The memory is insufficient.
412 * @exception E_SYSTEM A system error has occurred.
413 * - Certificate Link list operation error.
415 static result AddCertificate(CertChainCtx certCtx, byte* pCertBuf, int certLen);
418 * This function verifies the certificate chain in certificate context with respect to installed root certificates in the device.
421 * @return An error code.
422 * @param[in] certCtx Handle to certificate chain context.
423 * @param[out] pDomain Root certificate domain type.
424 * @exception E_SUCCESS The method is successful.
425 * @exception E_INVALID_ARG The specified input parameter is invalid.
426 * @exception E_SYSTEM A system error has occurred.
427 * - Certificate Link list operation error.
429 static result VerifyChain(CertChainCtx certCtx, _CertDomainType* pDomain);
432 * This function verifies a certificate using given Public key.
435 * @return An error code.
436 * @param[in] certHandle Handle to certificate.
437 * @param[in] pPublickey Certificate Public Key.
438 * @param[in] keyLen Certificate Public Key length.
439 * @exception E_SUCCESS The method is successful.
440 * @exception E_INVALID_ARG The specified input parameter is invalid.
441 * @exception E_SYSTEM A system error has occurred.
442 * - Certificate Link list operation error.
444 static result VerifyCert(CertificateHandle certHandle, byte* pPublickey, int keyLen);
447 * This function gets number of certificates in certificate chain represented by context.
450 * @return An error code.
451 * @param[in] certCtx Handle to certificate context.
452 * @param[out] pDepth Chain depth information.
453 * @exception E_SUCCESS The method is successful.
454 * @exception E_INVALID_ARG The specified input parameter is invalid.
456 static result GetChainDepth(CertChainCtx certCtx, int* pDepth);
459 * This function gets nth certificate handle of the chain represented by input context
462 * @return An error code.
463 * @param[in] certCtx Handle to certificate context.
464 * @param[in] nth Position of certificate.
465 * @param[out] phCerticate Pointer to handle of certificate.
466 * @exception E_SUCCESS The method is successful.
467 * @exception E_INVALID_ARG The specified input parameter is invalid.
468 * @exception E_SYSTEM An unexpected system error has occurred.
470 static result GetNthCert(CertChainCtx certCtx, int nth, CertificateHandle* phCerticate);
473 * This function gets certificate pBuffer using the certificate handle.
476 * @return An error code.
477 * @param[in] certHandle Handle to certificate.
478 * @param[out] pBuffer Pointer to certificate pBuffer.
479 * @param[out] certLen Output pBuffer length of certificate.
480 * @exception E_SUCCESS The method is successful.
481 * @exception E_INVALID_ARG The specified input parameter is invalid.
482 * @exception E_OUT_OF_MEMORY The memory is insufficient.
483 * @exception E_SYSTEM An unexpected system error has occurred.
485 static result GetCertBufferN(CertificateHandle certHandle, char*& pBuffer, int* certLen);
488 * This function returns the handle of certificate of input binary or base64 certificate pBuffer.
491 * @return An error code.
492 * @param[in] pBuffer Buffer of certificate.
493 * @param[in] bufLen Length of input pBuffer.
494 * @param[out] pCertHandle Handle to the certificate out.
495 * @exception E_SUCCESS The method is successful.
496 * @exception E_INVALID_ARG The specified input parameter is invalid.
497 * @exception E_OUT_OF_MEMORY The memory is insufficient.
498 * @exception E_SYSTEM An unexpected system error has occurred.
500 static result OpenCertificate(char* pBuffer, int bufLen, CertificateHandle* pCertHandle);
503 * This function closes the opened context.
506 * @return An error code.
507 * @param[in] certCtx Handle to certificate context.
508 * @exception E_SUCCESS The method is successful.
509 * @exception E_INVALID_ARG The specified input parameter is invalid.
511 static result CloseContext(CertChainCtx certCtx);
514 * This function returns database Id of Ca certificate for given certificate handle.
517 * @return An error code.
518 * @param[in] certHandle Handle to the certificate.
519 * @param[in] certType Type of certificate store.
520 * @param[out] certId Reference to integer to get certificate data Id.
521 * @exception E_SUCCESS The method is successful.
522 * @exception E_INVALID_ARG The specified input parameter is invalid.
523 * @exception E_OUT_OF_MEMORY The memory is insufficient.
524 * @exception E_SYSTEM An unexpected system error has occurred.
526 static result GetCaCertificateId(CertificateHandle certHandle, _CaCertType certType, int& certId);
529 * This function returns database Id of User certificate for given certificate handle.
532 * @return An error code.
533 * @param[in] certHandle Handle to the certificate.
534 * @param[out] certId Reference to integer to get certificate data Id.
535 * @exception E_SUCCESS The method is successful.
536 * @exception E_INVALID_ARG The specified input parameter is invalid.
537 * @exception E_OUT_OF_MEMORY The memory is insufficient.
538 * @exception E_SYSTEM An unexpected system error has occurred.
540 static result GetUserCertificateId(CertificateHandle certHandle, int& certId);
543 * This function returns information of certificate requested by _CertFieldType parameter.
546 * @return An error code.
547 * @param[in] certHandle Handle to the certificate.
548 * @param[in] field Type of combination of information required.
549 * @param[out] pCertInfo Pointer to certificate information structure.
550 * @exception E_SUCCESS The method is successful.
551 * @exception E_INVALID_ARG The specified input parameter is invalid.
552 * @exception E_OUT_OF_MEMORY The memory is insufficient.
553 * @exception E_SYSTEM An unexpected system error has occurred.
555 static result GetCertInfo(CertificateHandle certHandle, _CertFieldType field, _CertFieldInfos* pCertInfo);
558 * This function closes the handle of certificate .
561 * @return An error code.
562 * @param[in] pCertHandle Handle to the certificate to close.
563 * @exception E_SUCCESS The method is successful.
564 * @exception E_INVALID_ARG The specified input parameter is invalid.
565 * @exception E_SYSTEM An unexpected system error has occurred.
566 * @remarks This function is not applicable to handle which is received by context APIs.
568 static result CloseCertificate(CertificateHandle* pCertHandle);
571 * This function gets the certificate list information by requested format.
574 * @return An error code.
575 * @param[in] certFormat Format of requested certificates.
576 * @param[in,out] pCertList Pointer to pointer of Certificate list structure.
577 * @param[out] count Number of certificates in the list.
578 * @exception E_SUCCESS The method is successful.
579 * @exception E_INVALID_ARG The specified input parameter is invalid.
580 * @exception E_SYSTEM An unexpected system error has occurred.
582 static result GetCertListByFormatN(_CertFormat certFormat, _CertificateListInfo*& pCertList, int* count);
585 * This function gets the root certificate list information by requested certificate ID
588 * @return An error code.
589 * @param[in] certId Format of requested device certificates.
590 * @param[out] pCertList Pointer to pointer of Certificate list structure.
591 * @exception E_SUCCESS The method is successful.
592 * @exception E_INVALID_ARG The specified input parameter is invalid.
593 * @exception E_SYSTEM An unexpected system error has occurred.
595 static result GetCaCertListByCertIdN(int certId, _CertificateListInfo*& pCertList);
598 * This function frees the certificate list given by a certificate list.
601 * @return An error code.
602 * @param[in] pCertList Pointer to certificate link list.
603 * @exception E_SUCCESS The method is successful.
604 * @exception E_INVALID_ARG The specified input parameter is invalid.
606 static result FreeCertList(_CertificateListInfo* pCertList);
609 * This function frees the certificate info given by a struct _CertInfo.
612 * @return An error code.
613 * @param[in] pCertInfo Pointer to certificate info.
614 * @exception E_SUCCESS The method is successful.
616 static result FreeCertificateInfo(_CertInfo* pCertInfo);
619 * This function provides list of installed certificate by type.
622 * @return If success give handle of root cert, null in case of failure.
623 * @param[in] type _CaCertType, Type of certificate.
624 * @param[out] count Number of installed certificate.
625 * @remarks The specific error code can be accessed using the GetLastResult() method.
627 static CertificateStoreCtx OpenCertificateStoreByType(_CaCertType type, int* pCount);
630 * This function counts Root CA.
633 * @return Count of Root CA, -1 in case of failure.
634 * @param[in] certificateStoreCtx Certificate store context, can be get using OpenCertificateStoreByType function.
635 * @remarks The specific error code can be accessed using the GetLastResult() method.
637 static int GetCertificateCount(CertificateStoreCtx certificateStoreCtx);
640 * This function returns the next root CA pBuffer.
643 * @return An error code.
644 * @param[in] certificateStoreCtx Certificate store context, can be get using OpenCertificateStoreByType function..
645 * @param[out] pBuffer Output Buffer.
646 * @param[in,out] pBufferLen Buffer length.
647 * @exception E_SUCCESS The method is successful.
648 * @exception E_INVALID_ARG The specified input parameter is invalid.
650 static result GetNextCertificate(CertificateStoreCtx certificateStoreCtx, char* pBuffer, int* pBufferLen);
653 * This function updates Root CA certificate.
656 * @return An error code.
657 * @param[in] type CA Cert Type.
658 * @param[in] pOldCert Old Certificate Buffer.
659 * @param[in] oldCertLen Old Certificate length.
660 * @param[in] pNewCert New Certificate Buffer.
661 * @param[in] newCertLen New Certificate length.
662 * @exception E_SUCCESS The method is successful.
663 * @exception E_INVALID_ARG The specified input parameter is invalid.
664 * @exception E_OUT_OF_MEMORY The memory is insufficient.
665 * @exception E_SYSTEM An unexpected system error has occurred.
667 static result UpdateCaCertificate(_CaCertType type, char* pOldCert, int oldCertLen, char* pNewCert, int newCertLen); // if same certificate is in Db, replace the certificate using buffer2 and bufferLen2.
670 * This function closes root Certificate Handle.
673 * @return An error code.
674 * @param[in] certificateStoreCtx Certificate store context, can be get using OpenCertificateStoreByType function..
675 * @exception E_SUCCESS The method is successful.
676 * @exception E_INVALID_ARG The specified input parameter is invalid.
678 static result CloseCertificateStore(CertificateStoreCtx certificateStoreCtx);
681 * This function returns Public key of certificate in DER format.
684 * @return An error code.
685 * @param[in] certHandle Handle to the certificate.
686 * @param[out] pBuffer Buffer to contain public key.
687 * @param[in,out] pBufLen Length of Public Key.
688 * @exception E_SUCCESS The method is successful.
689 * @exception E_INVALID_ARG The specified input parameter is invalid.
690 * @exception E_SYSTEM An unexpected system error has occurred.
692 static result GetCertPublicKey(CertificateHandle certHandle, char* pBuffer, int* pBufLen);
695 * This function returns Signature of certificate.
698 * @return An error code.
699 * @param[in] certHandle Handle to the certificate.
700 * @param[out] pBuffer Buffer to contain Signature.
701 * @param[in,out] bufLen Length of Signature.
702 * @exception E_SUCCESS The method is successful.
703 * @exception E_INVALID_ARG The specified input parameter is invalid.
704 * @exception E_SYSTEM An unexpected system error has occurred.
706 static result GetCertSignature(CertificateHandle certHandle, char* pBuffer, int* pBufLen);
709 * This function returns Version of X509 certificate.
712 * @return certificate version number as integer, -1 in case of failure.
713 * @param[in] certHandle Handle to the certificate.
714 * @remarks The specific error code can be accessed using the GetLastResult() method.
716 static int GetCertVersion(CertificateHandle certHandle);
719 * This function checks certificates validity.
722 * @return An error code.
723 * @param[in] certHandle Handle to the certificate.
724 * @param[out] pValidity Validity of certificate; Valid, Expired or Validity Yet to start.
725 * @exception E_SUCCESS The method is successful.
726 * @exception E_INVALID_ARG The specified input parameter is invalid.
727 * @exception E_SYSTEM An unexpected system error has occurred.
729 static result CheckCertValidity(CertificateHandle certHandle, _CertValidityType* pValidity);
732 * This function checks certificate type.
735 * @return An error code.
736 * @param[in] certHandle Handle to the certificate.
737 * @param[out] pCertType Type of certificate.
738 * @exception E_SUCCESS The method is successful.
739 * @exception E_INVALID_ARG The specified input parameter is invalid.
740 * @exception E_SYSTEM An unexpected system error has occurred.
742 static result CheckCertType(CertificateHandle certHandle, _CaCertType* pCertType);
745 * This function retrieves domain certificate information.
748 * @return If success this function returns certId installed certificates, -1 in case of failure.
749 * @param[out] ppDcInfo information about domain certificate.
750 * @remarks The specific error code can be accessed using the GetLastResult() method.
752 static int GetDomainCertInfoN(_CertFieldInfos*& prDcInfo);
755 * This function retrieves certificate information given by a certificate ID.
758 * @return An error code.
759 * @param[in] certId Certificate ID.
760 * @param[out] pDcInfo Pointer to certificate information structure.
761 * @exception E_SUCCESS The method is successful.
762 * @exception E_INVALID_ARG The specified input parameter is invalid.
763 * @exception E_SYSTEM An unexpected system error has occurred.
765 static result GetCaCertInfoByCertId(int certId, _CertFieldInfos* pDcInfo);
768 * This function breaks certificate chain buffer into individual certificate.
769 * It is assumed here that there is no Private Key in the Chain.
770 * Chain can contain multiple certificate including Device, Intermediate and CA Certificate.
771 * This will return a Structure HCertChainCtx containing all the certificates.
774 * @return An error code.
775 * @param[in] pCertChainBuffer Certificate chain buffer.
776 * @param[in] certChainLength Certificate chain buffer length.
777 * @param[out] pCertCtx Certificate chain list containing individual certificate.
778 * @exception E_SUCCESS The method is successful.
779 * @exception E_INVALID_ARG The specified input parameter is invalid.
780 * @exception E_OUT_OF_MEMORY The memory is insufficient.
781 * @exception E_SYSTEM An unexpected system error has occurred.
783 static result GetParsedCertificateChainN(char* pCertChainBuffer, int certChainLength, CertChainCtx* pCertCtx);
786 * This function verifies the certificate chain in certificate context with respect to installed root certificates in the DB.
789 * @return An error code.
790 * @param[in] pCertCtx Handle to certificate chain context.
791 * @exception E_SUCCESS The method is successful.
792 * @exception E_INVALID_ARG The specified input parameter is invalid.
793 * @exception E_OUT_OF_MEMORY The memory is insufficient.
794 * @exception E_SYSTEM An unexpected system error has occurred.
796 static result VerifyCertificateChain(CertChainCtx pCertCtx);
799 * This function breaks certificate chain buffer into individual certificate.
800 * It is assumed here that there is no Private Key in the Chain.
801 * Chain can contain multiple certificate including Device, Intermediate and CA Certificate.
802 * This will return a Structure ppCertChainList containing all the certificates.
805 * @return An error code.
806 * @param[in] pCertChainBuffer Certificate chain buffer.
807 * @param[in] certChainLength Certificate chain buffer length.
808 * @param[out] ppCertChainListRef Certificate chain list containing individual certificate.
809 * @exception E_SUCCESS The method is successful.
810 * @exception E_INVALID_ARG The specified input parameter is invalid.
811 * @exception E_OUT_OF_MEMORY The memory is insufficient.
812 * @exception E_SYSTEM An unexpected system error has occurred.
814 static result MakeCertChainFromBufferN(char* pCertChainBuffer, int certChainLength, _CertRootList*& ppCertChainListRef);
817 * This function retrieves the user certificate chain on the basis of Subject name of any Intermediate CA and
818 * subject name of user Certificate. Subject name of Device certificate is optional parameter.
819 * Subject name of any intermediate Certificate is compulsory parameter.
820 * This function will retrieve the certificate chain on the basis of Subject name of any intermediate CA taken as
821 * issuer name in function parameters. It can also extract Certificate chain on the basis of Subject name of device
822 * certificate including chain containing the Intermediate Certificate Subject name.
823 * If there are multiple cert chain from the same issuer, it will get all the cert chain and check with subject name
824 * to decide which chain is need to be returned. For input parameter it takes subject name of any intermediate CA as
825 * issuer name, and subject name of user certificate as optional parameter. Format of Subject and Issuer name will
829 * @return An error code.
830 * @param[in] pIssuerName Pointer to Issuer name.
831 * @param[in] issuerNameLength Length of Issuer name.
832 * @param[in] pSubjectName pointer to Subject name.
833 * @param[in] subjectNameLength Length of Subject name.
834 * @param[out] pUserCertListInfoTypesRef Pointer to certificate list.
835 * @exception E_SUCCESS The method is successful.
836 * @exception E_INVALID_ARG The specified input parameter is invalid.
837 * @exception E_OUT_OF_MEMORY The memory is insufficient.
838 * @exception E_SYSTEM An unexpected system error has occurred.
840 static result GetUserCertChainByIssuerAndSubjectNameN(char* pIssuerName, int issuerNameLength, char* pSubjectName, int subjectNameLength, _CertificateListInfo*& pUserCertListInfoTypesRef);
843 * This function retrieves the device certificate chain on the basis of Subject name of Device Certificate.
844 * This function retrieves the certificate chain on the basis of Subject name of Device Certificate as function
845 * parameters. If there are multiple cert chain from the same issuer, it will get all the cert chain and check
846 * with subject name to decide which chain is need to be returned.
849 * @return An error code.
850 * @param[in] pSubjectName Pointer to Subject name.
851 * @param[in] subjectNameLength Length of Subject name.
852 * @param[out] pCertChainCtx Pointer to certificate chain.
853 * @param[out] pPrivateKeyCtx Pointer to private key info.
854 * @exception E_SUCCESS The method is successful.
855 * @exception E_INVALID_ARG The specified input parameter is invalid.
856 * @exception E_OUT_OF_MEMORY The memory is insufficient.
857 * @exception E_SYSTEM An unexpected system error has occurred.
859 static result GetUserCertChainBySubjectName(char* pSubjectName, int subjectNameLength, CertChainCtx* pCertChainCtx, PrivateKeyCtx* pPrivateKeyCtx);
862 * This function gets the user certificate list information by requested format.
865 * @return An error code.
866 * @param[in] certFormat Format of requested user certificates.
867 * @param[out] pUserCertListInfoTypesRef Pointer to pointer of Certificate list structure.
868 * @param[out] pCount Number of certificates in the list.
869 * @exception E_SUCCESS The method is successful.
870 * @exception E_INVALID_ARG The specified input parameter is invalid.
871 * @exception E_OUT_OF_MEMORY The memory is insufficient.
872 * @exception E_SYSTEM An unexpected system error has occurred.
874 static result GetUserCertListInfoTypesByFormatN(_CertFormat certFormat, _CertificateListInfo*& pUserCertListInfoTypesRef, int* pCount);
877 * This function gets the user certificate list information by requested certificate ID. It give info of certificate only.
880 * @return An error code.
881 * @param[in] certId Certificate Id as in Db.
882 * @param[in] encodingType Required encoding type of output buffer (PEM, Base64 or DER).
883 * @param[out] ppUserCertificateListInfoTypes Pointer to pointer of Certificate list structure.
884 * @exception E_SUCCESS The method is successful.
885 * @exception E_INVALID_ARG The specified input parameter is invalid.
886 * @exception E_OUT_OF_MEMORY The memory is insufficient.
887 * @exception E_SYSTEM An unexpected system error has occurred.
889 static result GetUserCertificateByCertIdN(int certId, _CertEncodingType encodingType, _CertInfo*& pUserCertificateInfoRef);
892 * This function retrieves all user certificate information.
895 * @return This function returns certId of installed user certificates.
896 * @param[out] pCertFieldInfosRef User certificate information.
897 * @remarks The specific error code can be accessed using the GetLastResult() method.
899 static int GetUserCertFieldInfoN(_CertFieldInfos*& pCertFieldInfosRef);
902 * This function retrieves user certificate information by requested certificate ID.
905 * @return An error code.
906 * @param[in] certId Certificate id of requested user certificates as in DB.
907 * @param[out] pCertFieldInfos Pointer to pointer of Certificate infos structure.
908 * @exception E_SUCCESS The method is successful.
909 * @exception E_INVALID_ARG The specified input parameter is invalid.
910 * @exception E_SYSTEM An unexpected system error has occurred.
912 static result GetUserCertFieldInfoByCertId(int certId, _CertFieldInfos* pCertFieldInfos);
915 * This function provides certificate subject name given by a certificate handlder. It is complete certificate subject name buffer.
918 * @return An error code.
919 * @param[in] certificateHandle Handle to certificate.
920 * @param[out] ppSubjectNameRef Subject name buffer.
921 * @param[out] pSubjectNameLength Subject name length.
922 * @exception E_SUCCESS The method is successful.
923 * @exception E_INVALID_ARG The specified input parameter is invalid.
924 * @exception E_SYSTEM An unexpected system error has occurred.
926 static result GetSubjectNameN(CertificateHandle certificateHandle, byte*& ppSubjectNameRef, int* pSubjectNameLength);
929 * This function provides certificate issuer name given by a certificate handlder. It is complete certificate issuer name buffer.
932 * @return An error code.
933 * @param[in] certificateHandle Handle to certificate.
934 * @param[out] pIssuerNameRef Issuer name buffer.
935 * @param[out] pIssuerNameLength Subject name length.
936 * @exception E_SUCCESS The method is successful.
937 * @exception E_INVALID_ARG The specified input parameter is invalid.
938 * @exception E_SYSTEM An unexpected system error has occurred.
940 static result GetIssuerNameN(CertificateHandle certificateHandle, byte*& pIssuerNameRef, int* pIssuerNameLength);
944 * This function provides the path of CRT file, which contains all the installed certificate in PEM format.
947 * @return Path of CRT file containing all certificates in PEM format.
949 static Tizen::Base::String GetCertificateCrtFilePath(void);
952 * This function frees the root certificate list.
955 * @return An error code.
956 * @param[in] pRootCertList Pointer to root certificate link list.
957 * @exception E_SUCCESS The method is successful.
958 * @exception E_INVALID_ARG The specified input parameter is invalid.
960 static result FreeRootCertList(_CertRootList* pRootCertList);
963 * This function closes the opened private key context.
966 * @return An error code.
967 * @param[in] certCtx Handle to private key context.
968 * @exception E_SUCCESS The method is successful.
969 * @exception E_INVALID_ARG The specified input parameter is invalid.
971 static result ClosePrivateKeyContext(PrivateKeyCtx privateKeyCtx);
976 _CertService(const _CertService& rhs);
980 _CertService& operator =(const _CertService& rhs);
984 } } } //Tizen::Security::Cert
986 #endif // _FSEC_CERT_INTERNAL_CERT_SERVICE_H_