Search tizen CA dir first when get issuer cert

Change-Id: I86b749de466aaa3feb54ff957186c388cc59dd38
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 44d7cbc..5fabfad 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -38,6 +38,7 @@ ADD_DEFINITIONS("-DCERTSVC_CRT_FILE_PATH=\"${TZ_SYS_SHARE}/cert-svc/ca-certifica
 ADD_DEFINITIONS("-DFINGERPRINT_LIST_PATH=\"${TZ_SYS_SHARE}/ca-certificates/fingerprint/fingerprint_list.xml\"")
 ADD_DEFINITIONS("-DFINGERPRINT_LIST_SCHEMA_PATH=\"${TZ_SYS_SHARE}/ca-certificates/fingerprint/fingerprint_list.xsd\"")
 ADD_DEFINITIONS("-DROOT_CA_CERTS_DIR=\"${TZ_SYS_SHARE}/ca-certificates/\"")
+ADD_DEFINITIONS("-DROOT_CA_CERTS_TIZEN_DIR=\"${TZ_SYS_SHARE}/ca-certificates/tizen/\"")
 ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${TZ_SYS_RO_WRT_ENGINE}/schema.xsd\"")
 
 ADD_DEFINITIONS("-DCERTSVC_DIR=\"${TZ_SYS_SHARE}/cert-svc/certs/\"")

diff --git a/vcore/vcore/CertificateCollection.cpp b/vcore/vcore/CertificateCollection.cpp
index 7223b4e..eaa2e99 100644 (file)
--- a/vcore/vcore/CertificateCollection.cpp
+++ b/vcore/vcore/CertificateCollection.cpp
@@ -54,7 +54,25 @@ inline std::string toBinaryString(int data)
     return std::string(buffer, sizeof(int));
 }
 
-CertificatePtr searchCertByHash(const std::string &dir, const CertificatePtr &certPtr)
+bool isHashMatchedName(const std::string &name, const std::string &hash)
+{
+       if (name.compare(0, 8, hash) != 0)
+               return false;
+
+       return true;
+}
+
+bool isHashMatchedFile(const std::string &path, const std::string &hash)
+{
+       CertificatePtr certPtr = Certificate::createFromFile(path);
+       std::string name = certPtr->getNameHash(Certificate::FIELD_SUBJECT);
+
+       LogDebug("candidate file path[" << path << "] name[" << name << "] hash[" << hash << "]");
+
+       return isHashMatchedName(name, hash);
+}
+
+CertificatePtr searchCert(const std::string &dir, const CertificatePtr &certPtr, bool withHash)
 {
        try {
                std::string hash = certPtr->getNameHash(Certificate::FIELD_ISSUER);
@@ -75,12 +93,13 @@ CertificatePtr searchCertByHash(const std::string &dir, const CertificatePtr &ce
                        if (dirp->d_type == DT_DIR)
                                continue;
 
-                       /* filename length should be 10. ex) 1a2b3c4d.1 */
-                       if (strlen(dirp->d_name) != 10)
-                               continue;
-
-                       if (strncmp(dirp->d_name, hash.c_str(), 8) != 0)
-                               continue;
+                       if (withHash) {
+                               if (!isHashMatchedName(dirp->d_name, hash))
+                                       continue;
+                       } else {
+                               if (!isHashMatchedFile(dir + dirp->d_name, hash))
+                                       continue;
+                       }
 
                        LogDebug("Found hash matched file! : " << (dir + dirp->d_name));
 
@@ -112,13 +131,17 @@ CertificatePtr searchCertByHash(const std::string &dir, const CertificatePtr &ce
                        CertificateCollection::Exception::InternalError,
                        "Unknown exception in CertificateCollection.");
        }
-
-
 }
 
 CertificatePtr getIssuerCertFromStore(const CertificatePtr &certPtr)
 {
-       return searchCertByHash(SYSTEM_CERT_DIR, certPtr);
+       CertificatePtr found = searchCert(ROOT_CA_CERTS_TIZEN_DIR, certPtr, false);
+       if (found.get() != NULL) {
+               LogDebug("Found issuer cert in tizen root CA dir");
+               return found;
+       }
+
+       return searchCert(SYSTEM_CERT_DIR, certPtr, true);
 }
 
 } // namespace