2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSecCert_CertTypes.h
19 * @brief This header file contains the declarations of X509 Certificate defines.
21 * This file contains the declarations of X509 Certificate defines.
25 #ifndef _FSEC_INTERNAL_CERT_TYPES_H_
26 #define _FSEC_INTERNAL_CERT_TYPES_H_
29 #include <FBaseString.h>
31 namespace Tizen { namespace Security { namespace Cert
34 const int _MAX_CERTIFICATE_SIZE = 12288;
35 const int _MAX_CERT_PRIVATE_KEY_SIZE = 3072;
36 const int _MAX_CERT_PUBLIC_KEY_SIZE = 2048;
37 const int _MAX_CERTIFICATE_PATH_SIZE = 128;
38 const int _MAX_PRV_KEY_PATH_SIZE_SIZE = 128;
39 const int _MAX_ISSUER_SUBJECT_NAME_SIZE = 512;
40 const int _MAX_SERIAL_NUMBER_SIZE = 40;
41 const int _MAX_FILENAME_SIZE = 256;
42 const int _MAX_CERT_SHA1_DIGEST_SIZE = 20;
43 const int _MAX_TYPE_CONST_SIZE = 100;
44 const int _MAX_TYPE_RECORD_SIZE = 3;
45 const int _MAX_CERT_PUB_KEY_HASH_SIZE = 256;
46 const int _MAX_QUERY_LEN = 2000;
47 const int _MAX_CERT_TYPE = 32;
48 const int _MIN_CERT_TYPE = 0;
49 const int _MAX_CERT_VALIDITY_SIZE = 64;
50 const int _MAX_CERT_ALGORITHM_SIZE = 64;
51 const int _MAX_CERT_FINGERPRINT_SIZE = 40;
52 const int _MAX_CERT_TYPE_SIZE = 32;
53 const int _MAX_CERT_TIME_LEN = 15;
54 const int _MAX_EXT_TABLESIZE = 31;
55 const int _MAX_SUBJECT_OFFSET_SIZE = 50;
56 const int _MAX_ISSUER_OFFSET_SIZE = 30;
57 const int _MAX_OFFSET_CONST_SIZE = 90;
58 const int _MAX_ISSUER_CONDITION_SIZE = 150;
59 const int _MAX_ISSUER_NAME_OFFSET = 70;
60 const int _MAX_CONDITION_CONST_SIZE = 700;
61 const int _MAX_PEM_HEADER = 54;
62 const int _MAX_CERT_TYPE_COUNT = 4;
64 extern const Tizen::Base::String _CERT_MGR_SYSTEM_DIRECTORY;
65 extern const Tizen::Base::String _CERT_MGR_BASE_DIRECTORY;
66 extern const Tizen::Base::String _CERT_MGR_CERTMGR_DIRECTORY;
67 extern const Tizen::Base::String _CERT_MGR_CERT_DIRECTORY;
68 extern const Tizen::Base::String _CERT_ROOT_CA_CERT_FILE_DIRECTORY;
69 extern const Tizen::Base::String _CERT_USER_CERT_FILE_DIRECTORY;
70 extern const Tizen::Base::String _CERT_USER_PRIVKEY_FILE_DIRECTORY;
72 extern const Tizen::Base::String _CERT_ROOT_CA_CERT_TABLE;
73 extern const Tizen::Base::String _CERT_USER_CERT_TABLE;
75 extern const Tizen::Base::String _CERT_DOMAIN1_CERT_FILE_PATH;
76 extern const Tizen::Base::String _CERT_DOMAIN2_CERT_FILE_PATH;
77 extern const Tizen::Base::String _CERT_SVC_DEFAULT_CERT_DIRECTORY;
78 extern const Tizen::Base::String _CERT_MGR_CRT_FILE_PATH;
79 extern const Tizen::Base::String _TEMP_CERT_MGR_CRT_FILE_PATH;
81 //Prefix definition for NAME Prefix
82 extern const char* _CERT_COMMON_NAME;
83 extern const char* _CERT_ORG_UNIT_NAME;
84 extern const char* _CERT_ORG_NAME;
85 extern const char* _CERT_EMAIL_ADDRESS;
86 extern const char* _CERT_TK_ISSUER_NAME;
88 //Typedef for readability of code and distinguish between different types of handles and context
89 typedef void* CertificateHandle;
90 typedef void* CertChainCtx;
91 typedef void* PrivateKeyCtx;
92 typedef void* CertificateStoreCtx;
97 _CERT_TYPE_NOT_BOUNDED = 0,
98 _CERT_TYPE_PRIVATE = 1,
99 _CERT_TYPE_UNTRUSTED = 2,
100 _CERT_TYPE_TRUSTED_CA = 3,
101 _CERT_TYPE_ROOT_CA = 4,
102 _CERT_TYPE_ROOT_DOMAIN1 = 5,
103 _CERT_TYPE_ROOT_DOMAIN2 = 6,
104 _CERT_TYPE_ROOT_DOMAIN3 = 7,
105 _CERT_TYPE_SIM_ROOT_DOMAIN1 = 8,
106 _CERT_TYPE_SIM_ROOT_DOMAIN3 = 9,
107 _CERT_TYPE_DEV_ROOT_CA = 10,
108 _CERT_TYPE_DEV_ROOT_DOMAIN1 = 11,
109 _CERT_TYPE_DEV_ROOT_DOMAIN2 = 12,
110 _CERT_TYPE_DEV_ROOT_DOMAIN3 = 13,
111 _CERT_TYPE_ROOT_CA_BY_USER = 14,
112 _CERT_TYPE_INTERMIDIATE_CA = 15,
113 _CERT_TYPE_USER_CERT = 16,
114 _CERT_TYPE_OSP_CRITICAL1 = 17,
115 _CERT_TYPE_OSP_CRITICAL2 = 18,
116 _CERT_TYPE_OSP_CRITICAL3 = 19,
117 _CERT_TYPE_OSP_PRELOAD_APP = 20,
118 _CERT_TYPE_CSC_ROOT_CA = 21,
119 _CERT_TYPE_CSC_ROOT_DOMAIN1 = 22,
120 _CERT_TYPE_CSC_ROOT_DOMAIN2 = 23,
121 _CERT_TYPE_CSC_ROOT_DOMAIN3 = 24,
122 _CERT_TYPE_OSP_CRITICAL4 = 25,
123 _CERT_TYPE_OSP_CRITICAL5 = 26,
125 _CERT_TYPE_MAX = 9999,
136 _CERT_DOMAIN1_TRUSTED = 0,
137 _CERT_DOMAIN2_TRUSTED = 1,
138 _CERT_DOMAIN3_TRUSTED = 2,
139 _CERT_WRT_TRUSTED = 3,
140 _CERT_INVALID_DOMAIN = 9999,
144 enum _CertContextType
146 _CERT_CONTEXT_DOMAIN = 0,
147 _CERT_CONTEXT_DOMAIN_NO_VALIDITY = 1,
148 _CERT_CONTEXT_CERT = 2,
149 _CERT_CONTEXT_CERT_NO_VALIDITY = 3,
150 _CERT_CONTEXT_OSP_USER = 4,
151 _CERT_CONTEXT_OSP_USER_NO_VALIDITY = 5,
152 _CERT_CONTEXT_OSP_CRITICAL1 = 6,
153 _CERT_CONTEXT_OSP_CRITICAL1_NO_VALIDITY = 7,
154 _CERT_CONTEXT_OSP_CRITICAL2 = 8,
155 _CERT_CONTEXT_OSP_CRITICAL2_NO_VALIDITY = 9,
156 _CERT_CONTEXT_OSP_CRITICAL3 = 10,
157 _CERT_CONTEXT_OSP_CRITICAL3_NO_VALIDITY = 11,
158 _CERT_CONTEXT_OSP_CRITICAL4 = 12,
159 _CERT_CONTEXT_OSP_CRITICAL4_NO_VALIDITY = 13,
160 _CERT_CONTEXT_OSP_CRITICAL5 = 14,
161 _CERT_CONTEXT_OSP_CRITICAL5_NO_VALIDITY = 15,
162 _CERT_CONTEXT_OSP_PRELOAD_APP = 16,
163 _CERT_CONTEXT_OSP_PRELOAD_APP_NO_VALIDITY = 17,
164 _CERT_CONTEXT_SSL = 29,
165 _CERT_CONTEXT_MIDP = 30,
166 _CERT_CONTEXT_WRT = 31,
167 _CERT_CONTEXT_TK = 32,
168 }; //_CertContextType
172 _CERT_FIELD_SERIAL = 1,
173 _CERT_FIELD_SIGALGORITHM = 2,
174 _CERT_FIELD_VALIDITY = 4,
175 _CERT_FIELD_SUBJECT = 8,
176 _CERT_FIELD_ISSUER = 16,
177 _CERT_FIELD_FINGERPRINT = 32,
178 _CERT_FIELD_PUBLICKEY = 64,
179 _CERT_FIELD_VERSION = 128,
180 _CERT_FIELD_TYPE = 256,
181 _CERT_FIELD_ALL = 0xFFF,
184 enum _CertValidityType
186 _CERT_VALIDITY_VALID = 0, // valid
187 _CERT_VALIDITY_EXPIRED = 1, // expired
188 _CERT_VALIDITY_NOT_YET_VALID = 2, // not yet valid
189 _CERT_VALIDITY_UNKNOWN = 9999,
190 }; //_CertValidityType
193 * @enum _CertEncodingType
194 * Defines the type of encoding.
198 enum _CertEncodingType
200 _CERT_ENC_TYPE_BINARY = 0, /**< %Binary or DER Encoding */
201 _CERT_ENC_TYPE_BASE64 = 1, /**< %Base64 Encoding */
202 _CERT_ENC_TYPE_PEM = 2, /**< %PEM Encoding */
203 _CERT_ENC_TYPE_UNKNOWN = 9999,
204 }; //_CertEncodingType
208 _CERT_TRUST_NONE = 0,
209 _CERT_TRUST_PHONE_ROOT_CA = 1,
210 _CERT_TRUST_PHONE_DOMAIN = 2,
211 _CERT_TRUST_SIM_ROOT_CA = 4,
212 _CERT_TRUST_SIM_DOMAIN = 8,
213 _CERT_TRUST_DEV_ROOT_CA = 16,
214 _CERT_TRUST_DEV_DOMAIN = 32,
215 _CERT_TRUST_OSP_ROOT_CA = 64,
216 _CERT_TRUST_WRT_CA = 128,
217 _CERT_TRUST_CSC_CA = 256,
222 _CERT_EXT_BASIC_CONTRAINTS = 0, // critical
223 _CERT_EXT_CRL_DISTRIBUTION_POINTS = 1, // non-critical
224 _CERT_EXT_KEY_USAGE = 2, // critical
225 _CERT_EXT_AUTHORITY_KEY_IDENTIFIER = 3, // non-critical
226 _CERT_EXT_SUBJECT_KEY_IDENTIFIER = 4, // non-critical
227 _CERT_EXT_CERTIFICATE_POLICIES = 5, // not used
228 _CERT_EXT_EXT_KEY_USAGE = 6, // critical
229 _CERT_EXT_OCSP_NONCE = 7, // non-critical
230 _CERT_EXT_OCSP_NO_CHECK = 8, // non-critical
232 _CERT_EXT_OCSP_SIGNING = 10,
233 _CERT_EXT_AUTHORITY_INFO_ACCESS = 11, //OCSP Responder url
234 _CERT_EXT_OMA_DRM_AGENT = 12,
235 _CERT_EXT_OMA_RIGHTS_ISSUER = 13,
236 _CERT_EXT_REVOKED_CERTIFICATE_RANGE = 14,
237 _CERT_EXT_ISSUING_DISTRIBUTION_POINT = 15,
238 _CERT_EXT_CRL_NUMBER = 16,
239 _CERT_EXT_CA_ISSUERS = 17,
240 _CERT_EXT_SUB_ALT_NAME = 18,
241 _CERT_EXT_SUB_DIR_ATTR = 19,
242 _CERT_EXT_PRI_KEY_USAGE_PER = 20,
243 _CERT_EXT_ISSUER_ALT_NAME = 21,
244 _CERT_EXT_REASON_CODE = 22,
245 _CERT_EXT_INSTRUCTION_CODE = 23,
246 _CERT_EXT_INVALID_DATE = 24,
247 _CERT_EXT_DELTA_CRL_INDI = 25,
248 _CERT_EXT_CERTIFICATE_ISSUER = 26,
249 _CERT_EXT_NAME_CONSTRAINT = 27,
250 _CERT_EXT_POLICY_MAPPING = 28,
251 _CERT_EXT_POLICY_CONSTRAINTS = 29,
252 _CERT_EXT_UNKNOWN = 9999, // non-critical
257 _CERT_PATH_CA_CERT = 0,
258 _CERT_PATH_USER_CERT = 1,
259 _CERT_PATH_PRIVATE_KEY = 2,
260 _CERT_PATH_UNKNOWN = 9999
263 struct _CertExtensionInfo
265 _CertExt CertExtType;
266 bool CertExtCritical;
269 _CertExtensionInfo* pCertExtNext;
270 }; //_CertExtensionInfo
272 struct _CertFieldInfos
274 // SIM or Terminal Certificates
275 _CaCertType certType;
277 char serialNo[_MAX_SERIAL_NUMBER_SIZE + 1];
278 char sigAlgorithm[_MAX_CERT_ALGORITHM_SIZE + 1];
279 char validityFrom[_MAX_CERT_VALIDITY_SIZE + 1];
280 char validityTo[_MAX_CERT_VALIDITY_SIZE + 1];
281 char subjectName[_MAX_ISSUER_SUBJECT_NAME_SIZE + 2];
282 char issuerName[_MAX_ISSUER_SUBJECT_NAME_SIZE + 2];
283 char fingerPrint[_MAX_CERT_FINGERPRINT_SIZE + 1];
285 char publicKey[_MAX_CERT_PUBLIC_KEY_SIZE + 1];
286 char certTypeFormat[_MAX_CERT_TYPE_SIZE + 1];
288 char certTitle[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1];
289 char certSubTitle[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1];
296 byte certificate[_MAX_CERTIFICATE_SIZE];
297 _CertRootList* pNext;
302 struct _CertificateListInfo
306 _CaCertType certType;
308 int priKeyLen; //length of a private key
309 byte certificate[_MAX_CERTIFICATE_SIZE];
310 byte privatekey[_MAX_CERT_PRIVATE_KEY_SIZE]; // buffer with the private key
311 _CertificateListInfo* pNext;
313 }; //_CertificateListInfo;
317 * @brief This struct represent a certificate information.
322 int certId; /**< %Certificate id as in database */
323 _CertFormat certFormat; /**< %Certificate format */
324 _CaCertType certType; /**< %Certificate type */
325 int certLength; /**< %Certificate buffer length */
326 int privateKeyLen; /**< %Private key length */
327 byte certificate[_MAX_CERTIFICATE_SIZE]; /**< %Certificate buffer */
328 byte privatekey[_MAX_CERT_PRIVATE_KEY_SIZE]; /**< %Private key buffer */
332 struct _CertRootCaInfo
334 _CertRootList* pRootList;
335 _CertRootList* pCurrRootList;
340 } } } //Tizen::Security::Cert
342 #endif // _FSEC_INTERNAL_CERT_TYPES_H_