2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSecCert_CertTypes.h
20 * @brief This header file contains the declarations of X509 Certificate defines.
22 * This file contains the declarations of X509 Certificate defines.
26 #ifndef _FSEC_INTERNAL_CERT_TYPES_H_
27 #define _FSEC_INTERNAL_CERT_TYPES_H_
30 #include <FBaseString.h>
32 namespace Tizen { namespace Security { namespace Cert
35 const int _MAX_CERTIFICATE_SIZE = 8192;
36 const int _MAX_CERT_PRIVATE_KEY_SIZE = 3072;
37 const int _MAX_CERT_PUBLIC_KEY_SIZE = 2048;
38 const int _MAX_CERTIFICATE_PATH_SIZE = 128;
39 const int _MAX_PRV_KEY_PATH_SIZE_SIZE = 128;
40 const int _MAX_ISSUER_SUBJECT_NAME_SIZE = 512;
41 const int _MAX_SERIAL_NUMBER_SIZE = 40;
42 const int _MAX_FILENAME_SIZE = 256;
43 const int _MAX_CERT_SHA1_DIGEST_SIZE = 20;
44 const int _MAX_BASE64_CERT_SIZE = 2000 * (4 / 3);
45 const int _MAX_TYPE_CONST_SIZE = 100;
46 const int _MAX_TYPE_RECORD_SIZE = 3;
47 const int _MAX_CERT_PUB_KEY_HASH_SIZE = 256;
48 const int _MAX_QUERY_LEN = 2000;
49 const int _MAX_CERT_TYPE = 32;
50 const int _MIN_CERT_TYPE = 0;
51 const int _MAX_HASH_SIZE = 256;
52 const int _MAX_CERT_VALIDITY_SIZE = 32;
53 const int _MAX_CERT_ALGORITHM_SIZE = 64;
54 const int _MAX_CERT_FINGERPRINT_SIZE = 40;
55 const int _MAX_CERT_TYPE_SIZE = 32;
56 const int _MAX_CERT_TIME_LEN = 15;
57 const int _MAX_CERT_OSP_CRITICAL1_COUNT = 1;
58 const int _MAX_CERT_OSP_CRITICAL2_COUNT = 2;
59 const int _MAX_CERT_OSP_CRITICAL3_COUNT = 0;
60 const int _MAX_CERT_OSP_CRITICAL4_COUNT = 1;
61 const int _MAX_CERT_OSP_CRITICAL5_COUNT = 0;
62 const int _MAX_CERT_OSP_PRELOAD_APP_COUNT = 1;
63 const int _MAX_OID_SIZE = 250;
64 const int _MAX_GAP = 1;
65 const int _MAX_EXT_TABLESIZE = 31;
66 const int _MAX_SUBJECT_OFFSET_SIZE = 50;
67 const int _MAX_ISSUER_OFFSET_SIZE = 30;
68 const int _MAX_OFFSET_CONST_SIZE = 90;
69 const int _MAX_CA_CONDITION_SIZE = 610;
70 const int _MAX_ISSUER_CONDITION_SIZE = 150;
71 const int _MAX_ISSUER_NAME_OFFSET = 70;
72 const int _MAX_CONDITION_CONST_SIZE = 700;
73 const int _MAX_PEM_HEADER = 54;
75 extern const Tizen::Base::String _CERT_MGR_SYSTEM_DIRECTORY;
76 extern const Tizen::Base::String _CERT_MGR_BASE_DIRECTORY;
77 extern const Tizen::Base::String _CERT_MGR_CERTMGR_DIRECTORY;
78 extern const Tizen::Base::String _CERT_MGR_CERT_DIRECTORY;
79 extern const Tizen::Base::String _CERT_ROOT_CA_CERT_FILE_DIRECTORY;
80 extern const Tizen::Base::String _CERT_USER_CERT_FILE_DIRECTORY;
81 extern const Tizen::Base::String _CERT_USER_PRIVKEY_FILE_DIRECTORY;
83 extern const Tizen::Base::String _CERT_ROOT_CA_CERT_TABLE;
84 extern const Tizen::Base::String _CERT_USER_CERT_TABLE;
86 extern const Tizen::Base::String _CERT_DOMAIN1_CERT_FILE_PATH;
87 extern const Tizen::Base::String _CERT_DOMAIN2_CERT_FILE_PATH;
88 extern const Tizen::Base::String _CERT_SVC_DEFAULT_CERT_DIRECTORY;
89 extern const Tizen::Base::String _CERT_MGR_CRT_FILE_PATH;
90 extern const Tizen::Base::String _TEMP_CERT_MGR_CRT_FILE_PATH;
92 //Prefix definition for NAME Prefix
93 extern const char* _CERT_COMMON_NAME;
94 extern const char* _CERT_ORG_UNIT_NAME;
95 extern const char* _CERT_ORG_NAME;
96 extern const char* _CERT_LOCALITY_NAME;
97 extern const char* _CERT_STATE_OR_PROVINCE_NAME;
98 extern const char* _CERT_COUNTRY_NAME;
99 extern const char* _CERT_EMAIL_ADDRESS;
100 extern const char* _CERT_SERIAL_NUM;
101 extern const char* _CERT_GIVEN_NAME;
102 extern const char* _CERT_SUR_NAME;
103 extern const char* _CERT_STATE_OF_PROVINCE;
104 extern const char* _CERT_DC;
105 extern const char* _CERT_TK_ISSUER_NAME;
107 //Typedef for readeablitiy of code and ditinguish between different types of handles and context
108 typedef void* CertificateHandle;
109 typedef void* CertChainCtx;
110 typedef void* PrivateKeyCtx;
111 typedef void* CertificateStoreCtx;
112 typedef int CertIdNo;
116 _CERT_TYPE_NOT_BOUNDED = 0,
117 _CERT_TYPE_PRIVATE = 1,
118 _CERT_TYPE_UNTRUSTED = 2,
119 _CERT_TYPE_TRUSTED_CA = 3,
120 _CERT_TYPE_ROOT_CA = 4,
121 _CERT_TYPE_ROOT_DOMAIN1 = 5,
122 _CERT_TYPE_ROOT_DOMAIN2 = 6,
123 _CERT_TYPE_ROOT_DOMAIN3 = 7,
124 _CERT_TYPE_SIM_ROOT_DOMAIN1 = 8,
125 _CERT_TYPE_SIM_ROOT_DOMAIN3 = 9,
126 _CERT_TYPE_DEV_ROOT_CA = 10,
127 _CERT_TYPE_DEV_ROOT_DOMAIN1 = 11,
128 _CERT_TYPE_DEV_ROOT_DOMAIN2 = 12,
129 _CERT_TYPE_DEV_ROOT_DOMAIN3 = 13,
130 _CERT_TYPE_ROOT_CA_BY_USER = 14,
131 _CERT_TYPE_INTERMIDIATE_CA = 15,
132 _CERT_TYPE_USER_CERT = 16,
133 _CERT_TYPE_OSP_CRITICAL1 = 17,
134 _CERT_TYPE_OSP_CRITICAL2 = 18,
135 _CERT_TYPE_OSP_CRITICAL3 = 19,
136 _CERT_TYPE_OSP_PRELOAD_APP = 20,
137 _CERT_TYPE_CSC_ROOT_CA = 21,
138 _CERT_TYPE_CSC_ROOT_DOMAIN1 = 22,
139 _CERT_TYPE_CSC_ROOT_DOMAIN2 = 23,
140 _CERT_TYPE_CSC_ROOT_DOMAIN3 = 24,
141 _CERT_TYPE_OSP_CRITICAL4 = 25,
142 _CERT_TYPE_OSP_CRITICAL5 = 26,
144 _CERT_TYPE_MAX = 9999,
155 _CERT_DOMAIN1_TRUSTED = 0,
156 _CERT_DOMAIN2_TRUSTED = 1,
157 _CERT_DOMAIN3_TRUSTED = 2,
158 _CERT_WRT_TRUSTED = 3,
159 _CERT_INVALID_DOMAIN = 9999,
163 enum _CertContextType
165 _CERT_CONTEXT_DOMAIN = 0,
166 _CERT_CONTEXT_DOMAIN_NO_VALIDITY = 1,
167 _CERT_CONTEXT_CERT = 2,
168 _CERT_CONTEXT_CERT_NO_VALIDITY = 3,
169 _CERT_CONTEXT_OSP_USER = 4,
170 _CERT_CONTEXT_OSP_USER_NO_VALIDITY = 5,
171 _CERT_CONTEXT_OSP_CRITICAL1 = 6,
172 _CERT_CONTEXT_OSP_CRITICAL1_NO_VALIDITY = 7,
173 _CERT_CONTEXT_OSP_CRITICAL2 = 8,
174 _CERT_CONTEXT_OSP_CRITICAL2_NO_VALIDITY = 9,
175 _CERT_CONTEXT_OSP_CRITICAL3 = 10,
176 _CERT_CONTEXT_OSP_CRITICAL3_NO_VALIDITY = 11,
177 _CERT_CONTEXT_OSP_CRITICAL4 = 12,
178 _CERT_CONTEXT_OSP_CRITICAL4_NO_VALIDITY = 13,
179 _CERT_CONTEXT_OSP_CRITICAL5 = 14,
180 _CERT_CONTEXT_OSP_CRITICAL5_NO_VALIDITY = 15,
181 _CERT_CONTEXT_OSP_PRELOAD_APP = 16,
182 _CERT_CONTEXT_OSP_PRELOAD_APP_NO_VALIDITY = 17,
183 _CERT_CONTEXT_SSL = 29,
184 _CERT_CONTEXT_MIDP = 30,
185 _CERT_CONTEXT_WRT = 31,
186 _CERT_CONTEXT_TK = 32,
187 }; //_CertContextType
191 _CERT_FIELD_SERIAL = 1,
192 _CERT_FIELD_SIGALGORITHM = 2,
193 _CERT_FIELD_VALIDITY = 4,
194 _CERT_FIELD_SUBJECT = 8,
195 _CERT_FIELD_ISSUER = 16,
196 _CERT_FIELD_FINGERPRINT = 32,
197 _CERT_FIELD_PUBLICKEY = 64,
198 _CERT_FIELD_VERSION = 128,
199 _CERT_FIELD_TYPE = 256,
200 _CERT_FIELD_ALL = 0xFFF,
203 enum _CertValidityType
205 _CERT_VALIDITY_VALID = 0, // valid
206 _CERT_VALIDITY_EXPIRED = 1, // expired
207 _CERT_VALIDITY_NOT_YET_VALID = 2, // not yet valid
208 _CERT_VALIDITY_UNKNOWN = 9999,
209 }; //_CertValidityType
212 * @enum _CertEncodingType
213 * Defines the type of encoding.
217 enum _CertEncodingType
219 _CERT_ENC_TYPE_BINARY = 0, /**< %Binary or DER Encoding */
220 _CERT_ENC_TYPE_BASE64 = 1, /**< %Base64 Encoding */
221 _CERT_ENC_TYPE_PEM = 2, /**< %PEM Encoding */
222 _CERT_ENC_TYPE_UNKNOWN = 9999,
223 }; //_CertEncodingType
227 _CERT_TRUST_NONE = 0,
228 _CERT_TRUST_PHONE_ROOT_CA = 1,
229 _CERT_TRUST_PHONE_DOMAIN = 2,
230 _CERT_TRUST_SIM_ROOT_CA = 4,
231 _CERT_TRUST_SIM_DOMAIN = 8,
232 _CERT_TRUST_DEV_ROOT_CA = 16,
233 _CERT_TRUST_DEV_DOMAIN = 32,
234 _CERT_TRUST_OSP_ROOT_CA = 64,
235 _CERT_TRUST_WRT_CA = 128,
236 _CERT_TRUST_CSC_CA = 256,
241 _CERT_EXT_BASIC_CONTRAINTS = 0, // critical
242 _CERT_EXT_CRL_DISTRIBUTION_POINTS = 1, // non-critical
243 _CERT_EXT_KEY_USAGE = 2, // critical
244 _CERT_EXT_AUTHORITY_KEY_IDENTIFIER = 3, // non-critical
245 _CERT_EXT_SUBJECT_KEY_IDENTIFIER = 4, // non-critical
246 _CERT_EXT_CERTIFICATE_POLICIES = 5, // not used
247 _CERT_EXT_EXT_KEY_USAGE = 6, // critical
248 _CERT_EXT_OCSP_NONCE = 7, // non-critical
249 _CERT_EXT_OCSP_NO_CHECK = 8, // non-critical
251 _CERT_EXT_OCSP_SIGNING = 10,
252 _CERT_EXT_AUTHORITY_INFO_ACCESS = 11, //OCSP Responder url
253 _CERT_EXT_OMA_DRM_AGENT = 12,
254 _CERT_EXT_OMA_RIGHTS_ISSUER = 13,
255 _CERT_EXT_REVOKED_CERTIFICATE_RANGE = 14,
256 _CERT_EXT_ISSUING_DISTRIBUTION_POINT = 15,
257 _CERT_EXT_CRL_NUMBER = 16,
258 _CERT_EXT_CA_ISSUERS = 17,
259 _CERT_EXT_SUB_ALT_NAME = 18,
260 _CERT_EXT_SUB_DIR_ATTR = 19,
261 _CERT_EXT_PRI_KEY_USAGE_PER = 20,
262 _CERT_EXT_ISSUER_ALT_NAME = 21,
263 _CERT_EXT_REASON_CODE = 22,
264 _CERT_EXT_INSTRUCTION_CODE = 23,
265 _CERT_EXT_INVALID_DATE = 24,
266 _CERT_EXT_DELTA_CRL_INDI = 25,
267 _CERT_EXT_CERTIFICATE_ISSUER = 26,
268 _CERT_EXT_NAME_CONSTRAINT = 27,
269 _CERT_EXT_POLICY_MAPPING = 28,
270 _CERT_EXT_POLICY_CONSTRAINTS = 29,
271 _CERT_EXT_UNKNOWN = 9999, // non-critical
276 _CERT_PATH_CA_CERT = 0,
277 _CERT_PATH_USER_CERT = 1,
278 _CERT_PATH_PRIVATE_KEY = 2,
279 _CERT_PATH_UNKNOWN = 9999
282 struct _CertExtensionInfo
284 _CertExt CertExtType;
285 bool CertExtCritical;
288 _CertExtensionInfo* pCertExtNext;
289 }; //_CertExtensionInfo
291 struct _CertFieldInfos
293 // SIM or Terminal Certificates
294 _CaCertType certType;
296 char serialNo[_MAX_SERIAL_NUMBER_SIZE + 1];
297 char sigAlgorithm[_MAX_CERT_ALGORITHM_SIZE + 1];
298 char validityFrom[_MAX_CERT_VALIDITY_SIZE + 1];
299 char validityTo[_MAX_CERT_VALIDITY_SIZE + 1];
300 char subjectName[_MAX_ISSUER_SUBJECT_NAME_SIZE + 2];
301 char issuerName[_MAX_ISSUER_SUBJECT_NAME_SIZE + 2];
302 char fingerPrint[_MAX_CERT_FINGERPRINT_SIZE + 1];
304 char publicKey[_MAX_CERT_PUBLIC_KEY_SIZE + 1];
305 char certTypeFormat[_MAX_CERT_TYPE_SIZE + 1];
307 char certTitle[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1];
308 char certSubTitle[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1];
315 byte certificate[_MAX_CERTIFICATE_SIZE];
316 _CertRootList* pNext;
321 struct _CertificateListInfo
325 _CaCertType certType;
327 int priKeyLen; //length of a private key
328 byte certificate[_MAX_CERTIFICATE_SIZE];
329 byte privatekey[_MAX_CERT_PRIVATE_KEY_SIZE]; // buffer with the private key
330 _CertificateListInfo* pNext;
332 }; //_CertificateListInfo;
336 * @brief This struct represent a certificate information.
341 int certId; /**< %Certificate id as in database */
342 _CertFormat certFormat; /**< %Certificate format */
343 _CaCertType certType; /**< %Certificate type */
344 int certLength; /**< %Certificate buffer length */
345 int privateKeyLen; /**< %Private key length */
346 byte certificate[_MAX_CERTIFICATE_SIZE]; /**< %Certificate buffer */
347 byte privatekey[_MAX_CERT_PRIVATE_KEY_SIZE]; /**< %Private key buffer */
351 struct _CertRootCaInfo
353 _CertRootList* pRootList;
354 _CertRootList* pCurrRootList;
359 } } } //Tizen::Security::Cert
361 #endif // _FSEC_INTERNAL_CERT_TYPES_H_