Merge "Revert "Fix prevent defect for locales"" into devel_3.0_main

[platform/framework/native/appfw.git] / src / security / pkcs / FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp

//
// Copyright (c) 2013 Samsung Electronics Co., Ltd.
//
// Licensed under the Apache License, Version 2.0 (the License);
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

/**
 * @file                FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp
 * @brief               This is the implementation file for _Pkcs08EncryptedPrivateKeyInfoImpl class.
 *
 * This header file contains the implementation of _Pkcs08EncryptedPrivateKeyInfoImpl class.
 *
 */


#include <new>
#include <openssl/evp.h>
#include <openssl/bn.h>
#include <openssl/x509.h>
#include <openssl/crypto.h>
#include <openssl/asn1t.h>
#include <openssl/asn1.h>
#include <openssl/objects.h>
#include <unique_ptr.h>
#include <FBaseSysLog.h>
#include <FBaseByteBuffer.h>
#include <FBaseResult.h>
#include <FSecPkcsPkcs08PrivateKeyInfo.h>
#include <FSecPkcsPkcs08EncryptedPrivateKeyInfo.h>
#include <FSecPkcsIAlgorithmParameters.h>
#include <FSecPkcsAlgorithmIdentifier.h>
#include <FSecPkcsTypes.h>

#include "FSecPkcs_PkcsUtility.h"
#include "FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.h"

using namespace Tizen::Base;

namespace Tizen { namespace Security { namespace Pkcs
{

//EncryptedPrivateKeyInfo Class Life cycle

//Default Constructor
_Pkcs08EncryptedPrivateKeyInfoImpl::_Pkcs08EncryptedPrivateKeyInfoImpl(void)
{
}

//Default Destructor
_Pkcs08EncryptedPrivateKeyInfoImpl::~_Pkcs08EncryptedPrivateKeyInfoImpl(void)
{
        //do nothing
}

result
_Pkcs08EncryptedPrivateKeyInfoImpl::Construct(const Tizen::Base::ByteBuffer& encodedData)
{
        result r = E_SUCCESS;

        X509_SIG* pPkcs8Key = null;
        Tizen::Base::String prfOid = null;
        std::unique_ptr< IAlgorithmParameters > pEncParam;
        Tizen::Base::ByteBuffer encryptedKeyBuffer;
        const byte* pBuffer = null;
        byte* pDigestValue = null;
        int bufferLen = 0;
        int digestLength = 0;
        int prf_nid = 0;

        SysAssertf(__encryptedData.GetRemaining() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class.");

        pBuffer = encodedData.GetPointer();
        SysTryReturnResult(NID_SEC_CRYPTO, pBuffer != null, E_INVALID_ARG, "The specified input parameter is invalid.");

        bufferLen = encodedData.GetRemaining();
        SysTryReturnResult(NID_SEC_CRYPTO, bufferLen > 0, E_INVALID_ARG, "The specified input parameter is invalid.");

        pPkcs8Key = d2i_X509_SIG(null, reinterpret_cast< const unsigned char** >(&pBuffer), bufferLen);
        SysTryReturnResult(NID_SEC_CRYPTO, pPkcs8Key != null, E_INVALID_ARG, "The specified input parameter is invalid.");

        SysTryCatch(NID_SEC_CRYPTO, pPkcs8Key->digest->type == V_ASN1_OCTET_STRING, r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid.");

        if (pPkcs8Key->algor)
        {
                prf_nid = OBJ_obj2nid(pPkcs8Key->algor->algorithm);
                prfOid = _PkcsUtility::ConvertToOid(prf_nid);

                r = GetLastResult();
                SysTryCatch(NID_SEC_CRYPTO, r != E_UNSUPPORTED_ALGORITHM, r = E_UNSUPPORTED_ALGORITHM, E_UNSUPPORTED_ALGORITHM, "[E_UNSUPPORTED_ALGORITHM] The input algorithm is not supported.");

                pEncParam = std::unique_ptr< IAlgorithmParameters >(_PkcsUtility::GernerateParametersFromOidN(prfOid, pPkcs8Key->algor));
                SysTryCatch(NID_SEC_CRYPTO, pEncParam, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

                r = __encryptionAlgorithm.Construct(prfOid, pEncParam.get());
                SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        }

        pDigestValue = pPkcs8Key->digest->data;
        SysTryCatch(NID_SEC_CRYPTO, pDigestValue, r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid.");

        digestLength = pPkcs8Key->digest->length;
        SysTryCatch(NID_SEC_CRYPTO, digestLength > 0, r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid.");

        r = encryptedKeyBuffer.Construct(digestLength);
        SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = encryptedKeyBuffer.SetArray(pDigestValue, 0, digestLength);
        SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid.");

        encryptedKeyBuffer.Flip();
        r = __encryptedData.Construct(encryptedKeyBuffer);
        SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

CATCH:

        X509_SIG_free(pPkcs8Key);
        return r;

}

// Encrypted Private Key Info Class Operations
result
_Pkcs08EncryptedPrivateKeyInfoImpl::Construct(const AlgorithmIdentifier& algorithmId, const Tizen::Base::ByteBuffer& encryptedData)
{
        result r = E_SUCCESS;

        SysAssertf(__encryptedData.GetRemaining() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class.");

        SysTryReturn(NID_SEC_CRYPTO, encryptedData.GetRemaining() > 0, r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid.");

        std::unique_ptr< IAlgorithmParameters > pParam(algorithmId.GetParametersN());
        SysTryReturn(NID_SEC_CRYPTO, pParam != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = __encryptionAlgorithm.Construct(algorithmId.GetAlgorithmObjectId(), pParam.get());
        SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct the algorithm identifier instance for encryption algorithm.", GetErrorMessage(r));

        r = __encryptedData.Construct(encryptedData);
        SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        return r;

}


result
_Pkcs08EncryptedPrivateKeyInfoImpl::Construct(const AlgorithmIdentifier& algorithmId, const Tizen::Base::ByteBuffer& key, const Tizen::Base::ByteBuffer& encodedPrivateKeyInfoBuffer)
{
        result r = E_SUCCESS;

        SysAssertf(__encryptedData.GetRemaining() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class.");

        SysTryReturnResult(NID_SEC_CRYPTO, key.GetRemaining() > 0, E_INVALID_ARG, "The specified input parameter is invalid.");
        SysTryReturnResult(NID_SEC_CRYPTO, encodedPrivateKeyInfoBuffer.GetRemaining() > 0, E_INVALID_ARG, "The specified input parameter is invalid.");

        std::unique_ptr< IAlgorithmParameters > pParam(algorithmId.GetParametersN());
        SysTryReturnResult(NID_SEC_CRYPTO, pParam, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = __encryptionAlgorithm.Construct(algorithmId.GetAlgorithmObjectId(), pParam.get());
        SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct algorithm identifier instance for encryption algorithm..", GetErrorMessage(r));

        std::unique_ptr< ByteBuffer > pEncData(_PkcsUtility::EncryptDecryptN(algorithmId, key, encodedPrivateKeyInfoBuffer, 1));
        SysTryReturnResult(NID_SEC_CRYPTO, pEncData, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = __encryptedData.Construct(*pEncData);
        SysTryReturnResult(NID_SEC_CRYPTO, !IsFailed(r), E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        return r;
}

const AlgorithmIdentifier&
_Pkcs08EncryptedPrivateKeyInfoImpl::GetAlgorithm(void) const
{
        ClearLastResult();
        return __encryptionAlgorithm;
}

ByteBuffer*
_Pkcs08EncryptedPrivateKeyInfoImpl::GetEncryptedDataN(void) const
{
        result r = E_SUCCESS;

        ClearLastResult();

        SysAssertf(__encryptedData.GetRemaining() > 0, "Not yet constructed. Construct () should be called before use.");
        SysAssertf(__encryptionAlgorithm.GetAlgorithmObjectId().GetLength() > 0, "Not yet constructed. Construct () should be called before use.");

        std::unique_ptr< ByteBuffer > pEncryptedData(new (std::nothrow) ByteBuffer());
        SysTryReturn(NID_SEC_CRYPTO, pEncryptedData, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = pEncryptedData->Construct(__encryptedData);
        SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        return pEncryptedData.release();

}

ByteBuffer*
_Pkcs08EncryptedPrivateKeyInfoImpl::DecryptN(const Tizen::Base::ByteBuffer& key)
{
        std::unique_ptr< ByteBuffer > pDecryptedData;

        ClearLastResult();

        SysAssertf(__encryptedData.GetRemaining() > 0, "Not yet constructed. Construct () should be called before use.");
        SysAssertf(__encryptionAlgorithm.GetAlgorithmObjectId().GetLength() > 0, "Not yet constructed. Construct () should be called before use.");

        SysTryReturn(NID_SEC_CRYPTO, key.GetRemaining() > 0, null, E_INVALID_ARG, "[E_INVALID_ARG]  The specified input parameter is invalid.");

        pDecryptedData = std::unique_ptr< ByteBuffer >(_PkcsUtility::EncryptDecryptN(__encryptionAlgorithm, key, __encryptedData, 0));
        SysTryReturn(NID_SEC_CRYPTO, pDecryptedData, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        return pDecryptedData.release();
}

ByteBuffer*
_Pkcs08EncryptedPrivateKeyInfoImpl::GetEncodedDataN(void) const
{

        result r = E_SUCCESS;
        X509_SIG* sig = null;
        ASN1_OCTET_STRING* pDigest = null;
        std::unique_ptr< ByteBuffer > pEncPrivKey;
        int digestLength = 0;
        int prf_nid = 0;
        int value = 0;
        byte* pDigestData = null;
        byte* pTemp = null;

        std::unique_ptr< IAlgorithmParameters > pParam;

        ClearLastResult();

        SysAssertf(__encryptedData.GetRemaining() > 0, "Not yet constructed. Construct () should be called before use.");
        SysAssertf(__encryptionAlgorithm.GetAlgorithmObjectId().GetLength() > 0, "Not yet constructed. Construct () should be called before use.");

        sig = X509_SIG_new();
        SysTryReturn(NID_SEC_CRYPTO, sig != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        pDigest = M_ASN1_OCTET_STRING_new();
        SysTryReturn(NID_SEC_CRYPTO, pDigest != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        digestLength = __encryptedData.GetRemaining();

        pDigest->data = static_cast< unsigned char* >(OPENSSL_malloc(digestLength));
        SysTryReturn(NID_SEC_CRYPTO, pDigest->data != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        pDigest->length = digestLength;

        pDigestData = const_cast< byte* >(__encryptedData.GetPointer());
        memcpy(pDigest->data, pDigestData, digestLength);

        sig->digest = pDigest;

        prf_nid = _PkcsUtility::ConvertToNid(__encryptionAlgorithm.GetAlgorithmObjectId());

        sig->algor = X509_ALGOR_new();
        SysTryReturn(NID_SEC_CRYPTO, sig->algor != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        pParam = std::unique_ptr< IAlgorithmParameters >(__encryptionAlgorithm.GetParametersN());
        SysTryCatch(NID_SEC_CRYPTO, pParam, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        sig->algor = _PkcsUtility::GenerateAlgorithmIdentifierStructureN(__encryptionAlgorithm.GetAlgorithmObjectId(), pParam.get());
        SysTryCatch(NID_SEC_CRYPTO, sig->algor != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] The method cannot proceed due to a severe system error.");

        value = i2d_X509_SIG(sig, &pTemp);
        SysTryCatch(NID_SEC_CRYPTO, value > 0, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] The method cannot proceed due to a severe system error.");

        pEncPrivKey = std::unique_ptr< ByteBuffer >(new (std::nothrow) ByteBuffer());
        SysTryCatch(NID_SEC_CRYPTO, pEncPrivKey, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = pEncPrivKey->Construct(value);
        SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");

        r = pEncPrivKey->SetArray(pTemp, 0, value);
        SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] The method cannot proceed due to a severe system error.");

        pEncPrivKey->Flip();

CATCH:

        if (IsFailed(r))
        {
                pEncPrivKey.reset(null);
        }
        X509_SIG_free(sig);
        SetLastResult(r);
        return pEncPrivKey.release();

}

_Pkcs08EncryptedPrivateKeyInfoImpl*
_Pkcs08EncryptedPrivateKeyInfoImpl::GetInstance(Pkcs08EncryptedPrivateKeyInfo& pkcs08EncryptedPrivateKeyInfo)
{
        return pkcs08EncryptedPrivateKeyInfo.__pPkcs08EncryptedPrivateKeyInfoImpl;
}

const _Pkcs08EncryptedPrivateKeyInfoImpl*
_Pkcs08EncryptedPrivateKeyInfoImpl::GetInstance(const Pkcs08EncryptedPrivateKeyInfo& pkcs08EncryptedPrivateKeyInfo)
{
        return pkcs08EncryptedPrivateKeyInfo.__pPkcs08EncryptedPrivateKeyInfoImpl;
}

} } }