2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSecCert_CertTypes.h
20 * @brief This header file contains the declarations of X509 Certificate defines.
22 * This file contains the declarations of X509 Certificate defines.
26 #ifndef _FSEC_INTERNAL_CERT_TYPES_H_
27 #define _FSEC_INTERNAL_CERT_TYPES_H_
30 #include <FBaseString.h>
32 namespace Tizen { namespace Security { namespace Cert
35 const int _MAX_CERTIFICATE_SIZE = 8192;
36 const int _MAX_CERT_PRIVATE_KEY_SIZE = 3072;
37 const int _MAX_CERT_PUBLIC_KEY_SIZE = 2048;
38 const int _MAX_CERTIFICATE_PATH_SIZE = 128;
39 const int _MAX_PRV_KEY_PATH_SIZE_SIZE = 128;
40 const int _MAX_ISSUER_SUBJECT_NAME_SIZE = 512;
41 const int _MAX_SERIAL_NUMBER_SIZE = 40;
42 const int _MAX_FILENAME_SIZE = 256;
43 const int _MAX_CERT_SHA1_DIGEST_SIZE = 20;
44 const int _MAX_BASE64_CERT_SIZE = 2000 * (4 / 3);
45 const int _MAX_TYPE_CONST_SIZE = 100;
46 const int _MAX_TYPE_RECORD_SIZE = 3;
47 const int _MAX_CERT_PUB_KEY_HASH_SIZE = 256;
48 const int _MAX_QUERY_LEN = 2000;
49 const int _MAX_CERT_TYPE = 32;
50 const int _MIN_CERT_TYPE = 0;
51 const int _MAX_HASH_SIZE = 256;
52 const int _MAX_CERT_VALIDITY_SIZE = 32;
53 const int _MAX_CERT_ALGORITHM_SIZE = 64;
54 const int _MAX_CERT_FINGERPRINT_SIZE = 40;
55 const int _MAX_CERT_TYPE_SIZE = 32;
56 const int _MAX_CERT_TIME_LEN = 15;
57 const int _MAX_CERT_OSP_CRITICAL1_COUNT = 1;
58 const int _MAX_CERT_OSP_CRITICAL2_COUNT = 2;
59 const int _MAX_CERT_OSP_CRITICAL3_COUNT = 0;
60 const int _MAX_CERT_OSP_CRITICAL4_COUNT = 1;
61 const int _MAX_CERT_OSP_CRITICAL5_COUNT = 0;
62 const int _MAX_CERT_OSP_PRELOAD_APP_COUNT = 1;
63 const int _MAX_OID_SIZE = 250;
64 const int _MAX_GAP = 1;
65 const int _MAX_EXT_TABLESIZE = 31;
66 const int _MAX_SUBJECT_OFFSET_SIZE = 50;
67 const int _MAX_ISSUER_OFFSET_SIZE = 30;
68 const int _MAX_OFFSET_CONST_SIZE = 90;
69 const int _MAX_CA_CONDITION_SIZE = 610;
70 const int _MAX_ISSUER_CONDITION_SIZE = 150;
71 const int _MAX_ISSUER_NAME_OFFSET = 70;
72 const int _MAX_CONDITION_CONST_SIZE = 700;
73 const int _MAX_PEM_HEADER = 54;
74 const int _MAX_CERT_TYPE_COUNT = 4;
76 extern const Tizen::Base::String _CERT_MGR_SYSTEM_DIRECTORY;
77 extern const Tizen::Base::String _CERT_MGR_BASE_DIRECTORY;
78 extern const Tizen::Base::String _CERT_MGR_CERTMGR_DIRECTORY;
79 extern const Tizen::Base::String _CERT_MGR_CERT_DIRECTORY;
80 extern const Tizen::Base::String _CERT_ROOT_CA_CERT_FILE_DIRECTORY;
81 extern const Tizen::Base::String _CERT_USER_CERT_FILE_DIRECTORY;
82 extern const Tizen::Base::String _CERT_USER_PRIVKEY_FILE_DIRECTORY;
84 extern const Tizen::Base::String _CERT_ROOT_CA_CERT_TABLE;
85 extern const Tizen::Base::String _CERT_USER_CERT_TABLE;
87 extern const Tizen::Base::String _CERT_DOMAIN1_CERT_FILE_PATH;
88 extern const Tizen::Base::String _CERT_DOMAIN2_CERT_FILE_PATH;
89 extern const Tizen::Base::String _CERT_SVC_DEFAULT_CERT_DIRECTORY;
90 extern const Tizen::Base::String _CERT_MGR_CRT_FILE_PATH;
91 extern const Tizen::Base::String _TEMP_CERT_MGR_CRT_FILE_PATH;
93 //Prefix definition for NAME Prefix
94 extern const char* _CERT_COMMON_NAME;
95 extern const char* _CERT_ORG_UNIT_NAME;
96 extern const char* _CERT_ORG_NAME;
97 extern const char* _CERT_LOCALITY_NAME;
98 extern const char* _CERT_STATE_OR_PROVINCE_NAME;
99 extern const char* _CERT_COUNTRY_NAME;
100 extern const char* _CERT_EMAIL_ADDRESS;
101 extern const char* _CERT_SERIAL_NUM;
102 extern const char* _CERT_GIVEN_NAME;
103 extern const char* _CERT_SUR_NAME;
104 extern const char* _CERT_STATE_OF_PROVINCE;
105 extern const char* _CERT_DC;
106 extern const char* _CERT_TK_ISSUER_NAME;
108 //Typedef for readability of code and distinguish between different types of handles and context
109 typedef void* CertificateHandle;
110 typedef void* CertChainCtx;
111 typedef void* PrivateKeyCtx;
112 typedef void* CertificateStoreCtx;
113 typedef int CertIdNo;
117 _CERT_TYPE_NOT_BOUNDED = 0,
118 _CERT_TYPE_PRIVATE = 1,
119 _CERT_TYPE_UNTRUSTED = 2,
120 _CERT_TYPE_TRUSTED_CA = 3,
121 _CERT_TYPE_ROOT_CA = 4,
122 _CERT_TYPE_ROOT_DOMAIN1 = 5,
123 _CERT_TYPE_ROOT_DOMAIN2 = 6,
124 _CERT_TYPE_ROOT_DOMAIN3 = 7,
125 _CERT_TYPE_SIM_ROOT_DOMAIN1 = 8,
126 _CERT_TYPE_SIM_ROOT_DOMAIN3 = 9,
127 _CERT_TYPE_DEV_ROOT_CA = 10,
128 _CERT_TYPE_DEV_ROOT_DOMAIN1 = 11,
129 _CERT_TYPE_DEV_ROOT_DOMAIN2 = 12,
130 _CERT_TYPE_DEV_ROOT_DOMAIN3 = 13,
131 _CERT_TYPE_ROOT_CA_BY_USER = 14,
132 _CERT_TYPE_INTERMIDIATE_CA = 15,
133 _CERT_TYPE_USER_CERT = 16,
134 _CERT_TYPE_OSP_CRITICAL1 = 17,
135 _CERT_TYPE_OSP_CRITICAL2 = 18,
136 _CERT_TYPE_OSP_CRITICAL3 = 19,
137 _CERT_TYPE_OSP_PRELOAD_APP = 20,
138 _CERT_TYPE_CSC_ROOT_CA = 21,
139 _CERT_TYPE_CSC_ROOT_DOMAIN1 = 22,
140 _CERT_TYPE_CSC_ROOT_DOMAIN2 = 23,
141 _CERT_TYPE_CSC_ROOT_DOMAIN3 = 24,
142 _CERT_TYPE_OSP_CRITICAL4 = 25,
143 _CERT_TYPE_OSP_CRITICAL5 = 26,
145 _CERT_TYPE_MAX = 9999,
156 _CERT_DOMAIN1_TRUSTED = 0,
157 _CERT_DOMAIN2_TRUSTED = 1,
158 _CERT_DOMAIN3_TRUSTED = 2,
159 _CERT_WRT_TRUSTED = 3,
160 _CERT_INVALID_DOMAIN = 9999,
164 enum _CertContextType
166 _CERT_CONTEXT_DOMAIN = 0,
167 _CERT_CONTEXT_DOMAIN_NO_VALIDITY = 1,
168 _CERT_CONTEXT_CERT = 2,
169 _CERT_CONTEXT_CERT_NO_VALIDITY = 3,
170 _CERT_CONTEXT_OSP_USER = 4,
171 _CERT_CONTEXT_OSP_USER_NO_VALIDITY = 5,
172 _CERT_CONTEXT_OSP_CRITICAL1 = 6,
173 _CERT_CONTEXT_OSP_CRITICAL1_NO_VALIDITY = 7,
174 _CERT_CONTEXT_OSP_CRITICAL2 = 8,
175 _CERT_CONTEXT_OSP_CRITICAL2_NO_VALIDITY = 9,
176 _CERT_CONTEXT_OSP_CRITICAL3 = 10,
177 _CERT_CONTEXT_OSP_CRITICAL3_NO_VALIDITY = 11,
178 _CERT_CONTEXT_OSP_CRITICAL4 = 12,
179 _CERT_CONTEXT_OSP_CRITICAL4_NO_VALIDITY = 13,
180 _CERT_CONTEXT_OSP_CRITICAL5 = 14,
181 _CERT_CONTEXT_OSP_CRITICAL5_NO_VALIDITY = 15,
182 _CERT_CONTEXT_OSP_PRELOAD_APP = 16,
183 _CERT_CONTEXT_OSP_PRELOAD_APP_NO_VALIDITY = 17,
184 _CERT_CONTEXT_SSL = 29,
185 _CERT_CONTEXT_MIDP = 30,
186 _CERT_CONTEXT_WRT = 31,
187 _CERT_CONTEXT_TK = 32,
188 }; //_CertContextType
192 _CERT_FIELD_SERIAL = 1,
193 _CERT_FIELD_SIGALGORITHM = 2,
194 _CERT_FIELD_VALIDITY = 4,
195 _CERT_FIELD_SUBJECT = 8,
196 _CERT_FIELD_ISSUER = 16,
197 _CERT_FIELD_FINGERPRINT = 32,
198 _CERT_FIELD_PUBLICKEY = 64,
199 _CERT_FIELD_VERSION = 128,
200 _CERT_FIELD_TYPE = 256,
201 _CERT_FIELD_ALL = 0xFFF,
204 enum _CertValidityType
206 _CERT_VALIDITY_VALID = 0, // valid
207 _CERT_VALIDITY_EXPIRED = 1, // expired
208 _CERT_VALIDITY_NOT_YET_VALID = 2, // not yet valid
209 _CERT_VALIDITY_UNKNOWN = 9999,
210 }; //_CertValidityType
213 * @enum _CertEncodingType
214 * Defines the type of encoding.
218 enum _CertEncodingType
220 _CERT_ENC_TYPE_BINARY = 0, /**< %Binary or DER Encoding */
221 _CERT_ENC_TYPE_BASE64 = 1, /**< %Base64 Encoding */
222 _CERT_ENC_TYPE_PEM = 2, /**< %PEM Encoding */
223 _CERT_ENC_TYPE_UNKNOWN = 9999,
224 }; //_CertEncodingType
228 _CERT_TRUST_NONE = 0,
229 _CERT_TRUST_PHONE_ROOT_CA = 1,
230 _CERT_TRUST_PHONE_DOMAIN = 2,
231 _CERT_TRUST_SIM_ROOT_CA = 4,
232 _CERT_TRUST_SIM_DOMAIN = 8,
233 _CERT_TRUST_DEV_ROOT_CA = 16,
234 _CERT_TRUST_DEV_DOMAIN = 32,
235 _CERT_TRUST_OSP_ROOT_CA = 64,
236 _CERT_TRUST_WRT_CA = 128,
237 _CERT_TRUST_CSC_CA = 256,
242 _CERT_EXT_BASIC_CONTRAINTS = 0, // critical
243 _CERT_EXT_CRL_DISTRIBUTION_POINTS = 1, // non-critical
244 _CERT_EXT_KEY_USAGE = 2, // critical
245 _CERT_EXT_AUTHORITY_KEY_IDENTIFIER = 3, // non-critical
246 _CERT_EXT_SUBJECT_KEY_IDENTIFIER = 4, // non-critical
247 _CERT_EXT_CERTIFICATE_POLICIES = 5, // not used
248 _CERT_EXT_EXT_KEY_USAGE = 6, // critical
249 _CERT_EXT_OCSP_NONCE = 7, // non-critical
250 _CERT_EXT_OCSP_NO_CHECK = 8, // non-critical
252 _CERT_EXT_OCSP_SIGNING = 10,
253 _CERT_EXT_AUTHORITY_INFO_ACCESS = 11, //OCSP Responder url
254 _CERT_EXT_OMA_DRM_AGENT = 12,
255 _CERT_EXT_OMA_RIGHTS_ISSUER = 13,
256 _CERT_EXT_REVOKED_CERTIFICATE_RANGE = 14,
257 _CERT_EXT_ISSUING_DISTRIBUTION_POINT = 15,
258 _CERT_EXT_CRL_NUMBER = 16,
259 _CERT_EXT_CA_ISSUERS = 17,
260 _CERT_EXT_SUB_ALT_NAME = 18,
261 _CERT_EXT_SUB_DIR_ATTR = 19,
262 _CERT_EXT_PRI_KEY_USAGE_PER = 20,
263 _CERT_EXT_ISSUER_ALT_NAME = 21,
264 _CERT_EXT_REASON_CODE = 22,
265 _CERT_EXT_INSTRUCTION_CODE = 23,
266 _CERT_EXT_INVALID_DATE = 24,
267 _CERT_EXT_DELTA_CRL_INDI = 25,
268 _CERT_EXT_CERTIFICATE_ISSUER = 26,
269 _CERT_EXT_NAME_CONSTRAINT = 27,
270 _CERT_EXT_POLICY_MAPPING = 28,
271 _CERT_EXT_POLICY_CONSTRAINTS = 29,
272 _CERT_EXT_UNKNOWN = 9999, // non-critical
277 _CERT_PATH_CA_CERT = 0,
278 _CERT_PATH_USER_CERT = 1,
279 _CERT_PATH_PRIVATE_KEY = 2,
280 _CERT_PATH_UNKNOWN = 9999
283 struct _CertExtensionInfo
285 _CertExt CertExtType;
286 bool CertExtCritical;
289 _CertExtensionInfo* pCertExtNext;
290 }; //_CertExtensionInfo
292 struct _CertFieldInfos
294 // SIM or Terminal Certificates
295 _CaCertType certType;
297 char serialNo[_MAX_SERIAL_NUMBER_SIZE + 1];
298 char sigAlgorithm[_MAX_CERT_ALGORITHM_SIZE + 1];
299 char validityFrom[_MAX_CERT_VALIDITY_SIZE + 1];
300 char validityTo[_MAX_CERT_VALIDITY_SIZE + 1];
301 char subjectName[_MAX_ISSUER_SUBJECT_NAME_SIZE + 2];
302 char issuerName[_MAX_ISSUER_SUBJECT_NAME_SIZE + 2];
303 char fingerPrint[_MAX_CERT_FINGERPRINT_SIZE + 1];
305 char publicKey[_MAX_CERT_PUBLIC_KEY_SIZE + 1];
306 char certTypeFormat[_MAX_CERT_TYPE_SIZE + 1];
308 char certTitle[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1];
309 char certSubTitle[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1];
316 byte certificate[_MAX_CERTIFICATE_SIZE];
317 _CertRootList* pNext;
322 struct _CertificateListInfo
326 _CaCertType certType;
328 int priKeyLen; //length of a private key
329 byte certificate[_MAX_CERTIFICATE_SIZE];
330 byte privatekey[_MAX_CERT_PRIVATE_KEY_SIZE]; // buffer with the private key
331 _CertificateListInfo* pNext;
333 }; //_CertificateListInfo;
337 * @brief This struct represent a certificate information.
342 int certId; /**< %Certificate id as in database */
343 _CertFormat certFormat; /**< %Certificate format */
344 _CaCertType certType; /**< %Certificate type */
345 int certLength; /**< %Certificate buffer length */
346 int privateKeyLen; /**< %Private key length */
347 byte certificate[_MAX_CERTIFICATE_SIZE]; /**< %Certificate buffer */
348 byte privatekey[_MAX_CERT_PRIVATE_KEY_SIZE]; /**< %Private key buffer */
352 struct _CertRootCaInfo
354 _CertRootList* pRootList;
355 _CertRootList* pCurrRootList;
360 } } } //Tizen::Security::Cert
362 #endif // _FSEC_INTERNAL_CERT_TYPES_H_