2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 * @file SignatureValidator.h
18 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
20 * @brief Implementatin of tizen signature validation protocol.
22 #ifndef _VALIDATION_CORE_SIGNATUREVALIDATOR_H_
23 #define _VALIDATION_CORE_SIGNATUREVALIDATOR_H_
29 #include <vcore/Certificate.h>
30 #include <vcore/SignatureData.h>
31 #include <vcore/SignatureFinder.h>
32 #include <vcore/Error.h>
34 namespace ValidationCore {
36 using UriList = std::list<std::string>;
39 * Types of Reference checking
41 * 1. XmlSec validate (default)
42 * - check reference based on Reference tag on signature xml.
43 * - Get URI from Reference tag, generate digest value and compare it with value written
44 * - If value with calculated and written isn't same, validate fail returned.
45 * * What if file doesn't exist which is written on Reference tag?
46 * * What if Reference tag doesn't exist for existing file? -> cannot checked.
48 * 2. checkObjectReferences (default on check function, not checkList)
49 * - check Reference of 'Object' tag.
50 * - it's mutual-exclusive check with 1. XmlSec validate.
52 * 3. ReferenceValidator (enabled when flag on)
53 * - check file based on content path from parameter
54 * - check is all existing file is on the Reference tag list on signature xml
55 * - If file path(URI) cannot found on reference set, validate fail returned.
58 * Signature validation disregarded case
60 * 1. author signature: store id contains TIZEN_DEVELOPER
62 * 2. distributor signature: signature number is 1
63 * and doesn't contain visibility in store id set
67 * Error code defined on vcore/Error.h
69 class SignatureValidator {
71 SignatureValidator(const SignatureFileInfo &info);
72 virtual ~SignatureValidator();
74 SignatureValidator() = delete;
75 SignatureValidator(const SignatureValidator &) = delete;
76 const SignatureValidator &operator=(const SignatureValidator &) = delete;
79 const std::string &contentPath,
82 SignatureData &outData);
86 const UriList &uriList,
87 SignatureData &outData);
90 * @Remarks : cert list isn't completed with self-signed root CA system cert
91 * if completeWithSystemCert is false.
93 VCerr makeChainBySignature(
94 bool completeWithSystemCert,
95 CertificateList &certList);
97 std::string errorToString(int code);
101 std::unique_ptr<Impl> m_pImpl;
104 } // namespace ValidationCore
106 #endif // _VALIDATION_CORE_SIGNATUREVALIDATOR_H_