public:
/** author_certificate */
Property<ValidationCore::CertificatePtr> author_certificate;
+ /** author_intermediate_certificate */
+ Property<ValidationCore::CertificatePtr> author_intermediate_certificate;
+ /** author_root_certificate */
+ Property<ValidationCore::CertificatePtr> author_root_certificate;
};
/**
}
const auto& cert = cert_info.author_certificate.get();
-
- // TODO(t.iwanek): set other certificates if needed
-
if (pkgmgr_installer_set_cert_value(handle, PM_SET_AUTHOR_SIGNER_CERT,
const_cast<char*>(cert->getBase64().c_str())) < 0) {
pkgmgr_installer_destroy_certinfo_set_handle(handle);
return false;
}
+ const auto& im_cert = cert_info.author_intermediate_certificate.get();
+ if (pkgmgr_installer_set_cert_value(handle, PM_SET_AUTHOR_INTERMEDIATE_CERT,
+ const_cast<char*>(im_cert->getBase64().c_str())) < 0) {
+ pkgmgr_installer_destroy_certinfo_set_handle(handle);
+ LOG(ERROR) << "pkgmgrInstallerSetCertValue fail";
+ return false;
+ }
+
+ const auto& root_cert = cert_info.author_root_certificate.get();
+ if (pkgmgr_installer_set_cert_value(handle, PM_SET_AUTHOR_ROOT_CERT,
+ const_cast<char*>(root_cert->getBase64().c_str())) < 0) {
+ pkgmgr_installer_destroy_certinfo_set_handle(handle);
+ LOG(ERROR) << "pkgmgrInstallerSetCertValue fail";
+ return false;
+ }
+
if (pkgmgr_installer_save_certinfo(pkgid.c_str(), handle, uid) < 0) {
pkgmgr_installer_destroy_certinfo_set_handle(handle);
LOG(ERROR) << "Failed to save certificate information";
#include <glib.h>
#include <privilege_manager.h>
+#include <vcore/Certificate.h>
#include <vcore/SignatureFinder.h>
#include <vcore/SignatureValidator.h>
#include <vcore/Error.h>
*level = CertStoreIdToPrivilegeLevel(data.getVisibilityLevel());
}
} else {
- // set author certificate to be saved in pkgmgr
- cert_info->author_certificate.set(data.getEndEntityCertificatePtr());
+ // set author certificates to be saved in pkgmgr
+ ValidationCore::CertificateList cert_list = data.getCertList();
+ ValidationCore::CertificateList::iterator it = cert_list.begin();
+ cert_info->author_certificate.set(*it);
+ // cert_list has at least 3 certificates: end-user, intermediate, root
+ // currently pkgmgr can store only one intermediate cert, so just set
+ // first intermediate cert here.
+ ++it;
+ cert_info->author_intermediate_certificate.set(*it);
+
+ cert_info->author_root_certificate.set(data.getRootCaCertificatePtr());
}
break;
default: