2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSecCert_CertServiceProxy.h
19 * @brief This is the header file for the _CertServiceProxy class.
21 * This file contains the declarations of _CertServiceProxy.
24 #ifndef _FSEC_CERT_INTERNAL_CERT_SERVICE_PROXY_H_
25 #define _FSEC_CERT_INTERNAL_CERT_SERVICE_PROXY_H_
27 #include <FBaseResult.h>
28 #include <FBaseObject.h>
29 #include <FBaseString.h>
30 #include "FSecCert_CertTypes.h"
32 namespace Tizen { namespace Io
37 namespace Tizen { namespace Base { namespace Runtime
42 namespace Tizen { namespace Security { namespace Cert
46 * @class _CertServiceProxy
47 * @brief This class is provide IPC API for Certificate Management.
50 * The %_CertServiceProxy class is used for to provide Certificate Management's IPC API.
52 * For more information on the class features, see <a href="../com.osp.cppappprogramming.help/html/dev_guide/security/certificate_namespace.htm">Certificates</a>.
55 class _OSP_EXPORT_ _CertServiceProxy
60 * Creates and intialize the instance of _CertServiceProxy class.
63 * @return An error code.
64 * @exception E_SUCCESS The method is successful.
65 * @exception E_OUT_OF_MEMORY The memory is insufficient.
66 * @exception E_SYSTEM A system error has occurred.
67 * - IPC operation failed.
69 static _CertServiceProxy* GetInstance(void);
72 * This function returns name of root Certificate store.
75 * @return An error code.
76 * @exception E_SUCCESS The method is successful.
77 * @exception E_OUT_OF_MEMORY The memory is insufficient.
78 * @exception E_SYSTEM A system error has occurred.
79 * - IPC operation failed.
84 * This function closes root Certificate Handle.
87 * @return An error code.
88 * @param[in] certType CertificateType Type info.
89 * @exception E_SUCCESS The method is successful.
90 * @exception E_OUT_OF_MEMORY The memory is insufficient.
91 * @exception E_SYSTEM A system error has occurred.
92 * - IPC operation failed.
94 result CloseCertificateStore(int certType);
97 * This function provides handle of the required Certificate type.
100 * @return An error code.
101 * @param[in] certType CertificateType Type info.
102 * @param[out] count Number of certificates in store.
103 * @exception E_SUCCESS The method is successful.
104 * @exception E_OUT_OF_MEMORY The memory is insufficient.
105 * @exception E_INVALID_ARG The specified input parameter is invalid.
106 * @exception E_SYSTEM A system error has occurred.
107 * - IPC operation failed.
109 result OpenCertificateStoreByType(int certType, int& count);
112 * This function counts Root CA.
115 * @return An error code.
116 * @param[in] certType CertificateType Type info.
117 * @param[out] count Count of certificates in store.
118 * @exception E_SUCCESS The method is successful.
119 * @exception E_INVALID_ARG The specified input parameter is invalid.
120 * @exception E_OUT_OF_MEMORY The memory is insufficient.
121 * @exception E_SYSTEM A system error has occurred.
122 * - IPC operation failed.
124 result GetCertificateCount(int certType, int& count);
127 * This function returns the next root CA pBuffer.
130 * @return An error code.
131 * @param[in] certType CertificateType Type info.
132 * @param[in] curPos CertificateType count position.
133 * @param[out] pBuffer Output buffer.
134 * @param[out] bufferLen Buffer length.
135 * @exception E_SUCCESS The method is successful.
136 * @exception E_INVALID_ARG The specified input parameter is invalid.
137 * @exception E_OUT_OF_MEMORY The memory is insufficient.
138 * @exception E_SYSTEM A system error has occurred.
139 * - IPC operation failed.
141 result GetNextCertificate(int certType, int& curPos, byte* pBuffer, int& bufferLen);
144 * This function updates Root CA certificate.
147 * @return An error code.
148 * @param[in] type CA Cert Type.
149 * @param[in] pOldCert Old Certificate Buffer.
150 * @param[in] oldCertLen Old Certificate length.
151 * @param[in] pNewCert New Certificate Buffer.
152 * @param[in] newCertLen New Certificate length.
153 * @exception E_SUCCESS The method is successful.
154 * @exception E_OUT_OF_MEMORY The memory is insufficient.
155 * @exception E_INVALID_ARG The specified input parameter is invalid.
156 * @exception E_SYSTEM A system error has occurred.
157 * - IPC operation failed.
159 result UpdateCaCertificate(int type, byte* pOldCert, int oldCertLen, byte* pNewCert, int newCertLen);
162 * This function deletes the root certificate
165 * @return An error code.
166 * @param[in] type CA Cert Type.
167 * @param[in] pBuffer Input Buffer.
168 * @param[in] bufLen Buffer length.
169 * @exception E_SUCCESS The method is successful.
170 * @exception E_OUT_OF_MEMORY The memory is insufficient.
171 * @exception E_INVALID_ARG The specified input parameter is invalid.
172 * @exception E_SYSTEM A system error has occurred.
173 * - IPC operation failed.
174 * - File operation failed.
175 * - DB operation failed.
177 result RemoveCaCertificate(int type, byte* pBuffer, int bufLen);
180 * This function uninstalls User Root Certificate given by a certificate ID.
183 * @return An error code.
184 * @param[in] certId Certificate Id.
185 * @exception E_SUCCESS The method is successful.
186 * @exception E_INVALID_ARG The specified input parameter is invalid.
187 * @exception E_OUT_OF_MEMORY The memory is insufficient.
188 * @exception E_SYSTEM A system error has occurred.
189 * - IPC operation failed.
190 * - File operation failed.
191 * - DB operation failed.
193 result RemoveUserCaCertificateByCertId(int certId);
196 * This function installs the root certificate from pBuffer into Db table identified by type and format of the certificate.
199 * @return An error code.
200 * @param[in] type Type of the certificate to install in Db table.
201 * @param[in] format Format of input certificate pBuffer (X.509)
202 * @param[in] pCert Input certificate pBuffer.
203 * @param[in] certLen Input certificate pBuffer length.
204 * @exception E_SUCCESS The method is successful.
205 * @exception E_OUT_OF_MEMORY The memory is insufficient.
206 * @exception E_INVALID_ARG The specified input parameter is invalid.
207 * @exception E_SYSTEM A system error has occurred.
208 * - IPC operation failed.
209 * - File operation failed.
210 * - DB operation failed.
212 result InsertCaCertificate(int type, int format, byte* pCert, long certLen);
215 * This function installs the user root certificate from buffer into Db table identified by format of the certificate.
218 * @return An error code.
219 * @param[in] format Format of input certificate buffer (X.509).
220 * @param[in] pCert Input certificate buffer.
221 * @param[in] certLen Length of input certificate buffer.
222 * @exception E_SUCCESS The method is successful.
223 * @exception E_INVALID_ARG The specified input parameter is invalid.
224 * @exception E_OUT_OF_MEMORY The memory is insufficient.
225 * @exception E_SYSTEM A system error has occurred.
226 * - IPC operation failed.
227 * - File operation failed.
228 * - DB operation failed.
230 result InsertUserCaCertificate(int format, char* pCert, int certLen);
233 * This function installs User Root Certificate given by a certificate file path.
236 * @return An error code.
237 * @param[in] pFilePath Certificate file path where the certificate file is located.
238 * @exception E_SUCCESS The method is successful.
239 * @exception E_INVALID_ARG The specified input parameter is invalid.
240 * @exception E_OUT_OF_MEMORY The memory is insufficient.
241 * @exception E_SYSTEM A system error has occurred.
242 * - IPC operation failed.
243 * - File operation failed.
244 * - DB operation failed.
246 result InsertUserCaCertificate(byte* pFilePath);
249 * This function inserts user certificate chain into DB and store certificate and private key(encrypted) in file system.
250 * The certificate chain should contain chain of certificate, be in order "DeviceCertificate||CA(n)Certificate||.....". Excluding/including Root CA.
251 * If CA is not present in chain then it should be previously installed. Format of Certificate chain/key should be DER encoded.
252 * Only one private key must be supplied in private key parameter.
255 * @return An error code.
256 * @param[in] pCertchainBuffer User certificate chain buffer.
257 * @param[in] certChainLen Certificate chain buffer lenth.
258 * @param[in] pUserPrivateKey User private Key buffer.
259 * @param[in] userPrivateKeyLen User private key length.
260 * @exception E_SUCCESS The method is successful.
261 * @exception E_INVALID_ARG The specified input parameter is invalid.
262 * @exception E_OUT_OF_MEMORY The memory is insufficient.
263 * @exception E_SYSTEM A system error has occurred.
264 * - IPC operation failed.
265 * - File operation failed.
266 * - DB operation failed.
268 result InsertUserCertChainPrivateKey(char* pCertchainBuffer, int certChainLen, char* pUserPrivateKey, int userPrivateKeyLen);
271 * This function inserts user certificate chain including private key into DB and store certificate and private key(encrypted) in file system.
272 * The certificate chain should contain chain of certificate, be in order "user key || DeviceCertificate||CA(n)Certificate||.....". Excluding/including Root CA.
273 * If CA is not present in chain then it should be previously installed. Format of Certificate chain/key buffer should be DER encoded.
274 * Only one private key must be supplied in private key parameter.
277 * @return An error code.
278 * @param[in] pCertchainPrivateKeyBuffer User private key and certificate chain buffer.
279 * @param[in] certChainPrivateKeyLength Private key and certificate chain buffer length.
280 * @exception E_SUCCESS The method is successful.
281 * @exception E_INVALID_ARG The specified input parameter is invalid.
282 * @exception E_OUT_OF_MEMORY The memory is insufficient.
283 * @exception E_SYSTEM A system error has occurred.
284 * - IPC operation failed.
285 * - File operation failed.
286 * - DB operation failed.
288 result InsertCertificateChainWithPrivateKey(char* pCertchainPrivateKeyBuffer, int certChainPrivateKeyLength);
291 * This function installs PKCS#12 contents into certificate DB and store certificate and private key(encrypted) in file system.
292 * Identified by filename and password provided by user.
295 * @return An error code.
296 * @param[in] pPkcs12FilePath Filename of PKCS#12 content.
297 * @param[in] pPkcs12ImportPassword Password of the PKCS#12 content.
298 * @exception E_SUCCESS The method is successful.
299 * @exception E_INVALID_ARG The specified input parameter is invalid.
300 * @exception E_OUT_OF_MEMORY The memory is insufficient.
301 * @exception E_SYSTEM A system error has occurred.
302 * - IPC operation failed.
303 * - File operation failed.
304 * - DB operation failed.
305 * - OpenSSL operation failed.
307 result InsertPkcs12Content(char* pPkcs12FilePath, char* pPkcs12ImportPassword, bool checkPrivilege);
310 * This function deletes user certificate chain on the basis of Certificate ID.
313 * @return An error code.
314 * @param[in] certId ID of certificate as in DB.
315 * @exception E_SUCCESS The method is successful.
316 * @exception E_INVALID_ARG The specified input parameter is invalid.
317 * @exception E_OUT_OF_MEMORY The memory is insufficient.
318 * @exception E_SYSTEM A system error has occurred.
319 * - IPC operation failed.
320 * - File operation failed.
321 * - DB operation failed.
323 result RemoveUserCertChainByCertId(int certId);
326 * This function retrieves the user certificate chain on the basis of Subject name of any Intermediate CA and
327 * subject name of user Certificate. Subject name of Device certificate is optional parameter.
328 * Subject name of any intermediate Certificate is compulsory parameter.
329 * This function will retrieve the certificate chain on the basis of Subject name of any intermediate CA taken as
330 * issuer name in function parameters. It can also extract Certificate chain on the basis of Subject name of device
331 * certificate including chain containing the Intermediate Certificate Subject name.
332 * If there are multiple cert chain from the same issuer, it will get all the cert chain and check with subject name
333 * to decide which chain is need to be returned. For input parameter it takes subject name of any intermediate CA as
334 * issuer name, and subject name of user certificate as optional parameter. Format of Subject and Issuer name will
338 * @return An error code.
339 * @param[in] pIssuerName Pointer to Issuer name.
340 * @param[in] issuerNameLength Length of Issuer name.
341 * @param[in] pSubjectName pointer to Subject name.
342 * @param[in] subjectNameLength Length of Subject name.
343 * @param[out] pUserCertListInfoTypesRef Pointer to certificate list.
344 * @exception E_SUCCESS The method is successful.
345 * @exception E_INVALID_ARG The specified input parameter is invalid.
346 * @exception E_OUT_OF_MEMORY The memory is insufficient.
347 * @exception E_SYSTEM A system error has occurred.
348 * - IPC operation failed.
349 * - File operation failed.
350 * - DB operation failed.
352 result GetUserCertChainByIssuerAndSubjectNameN(char* pIssuerName, int issuerNameLength, char* pSubjectName, int subjectNameLength, _CertificateListInfo*& pUserCertListInfoTypesRef);
355 * This function gets the user certificate list information by requested certificate ID. It give info of certificate only.
358 * @return User certificate information containing certificate buffer, private key buffer etc.
359 * @param[in] certId Certificate ID as in DB.
360 * @param[in] encodingType Required encoding type of output buffer (PEM, Base64 or DER).
361 * @exception E_SUCCESS The method is successful.
362 * @exception E_INVALID_ARG The specified input parameter is invalid.
363 * @exception E_OUT_OF_MEMORY The memory is insufficient.
364 * @exception E_SYSTEM A system error has occurred.
365 * - IPC operation error.
366 * - File operation error.
367 * - DB operation error.
369 _CertInfo* GetUserCertificateByCertIdN(int certId, int encodingType);
372 * This function retrieves user certificate information by requested certificate ID.
375 * @return An error code.
376 * @param[in] certId Certificate id of requested user certificates as in DB.
377 * @param[out] pCertFieldInfos Pointer to ponter of Certificate infos structure.
378 * @exception E_SUCCESS The method is successful.
379 * @exception E_OUT_OF_MEMORY The memory is insufficient.
380 * @exception E_INVALID_ARG The specified input parameter is invalid.
381 * @exception E_SYSTEM A system error has occurred.
382 * - IPC operation failed.
383 * - File operation failed.
384 * - DB operation failed.
386 result GetUserCertFieldInfoByCertId(int certId, _CertFieldInfos* pCertFieldInfos);
389 * This function restores the root CA certificate DB.
392 * @exception E_SUCCESS The method is successful.
393 * @exception E_OUT_OF_MEMORY The memory is insufficient.
394 * @exception E_SYSTEM A system error has occurred.
395 * - IPC operation failed.
396 * - File operation failed.
397 * - DB operation failed.
399 void RestoreRootCaIntegrity(void);
402 // This default constructor is intentionally declared as private to
403 // implement the Singleton semantic.
404 _CertServiceProxy(void);
406 // This destructor is intentionally declared as private to
407 // implement the Singleton semantic.
408 ~_CertServiceProxy(void);
410 _CertServiceProxy(const _CertServiceProxy& rhs);
412 _CertServiceProxy& operator =(const _CertServiceProxy& rhs);
414 //This construct function initialises the _CertServiceProxt instance
415 static void Construct(void);
418 static Tizen::Io::_IpcClient* __pIpcClient; //singleton
419 static _CertServiceProxy* __pCertServiceProxy; //singleton
420 }; // _CertServiceProxy
423 } } } //Tizen::Security::Cert
425 #endif // _FSEC_CERT_INTERNAL_CERT_SERVICE_PROXY_H_