* Remove ocsp/crl related legacy code : VCore.h APIs doesn't needed anymore.
* Remove unused scoped_gpointer header file
* Remove vcore APIs which store datas in file, not store. it's deprecated.
* secure-storage and glib dependency is useless because of deprecated API removed
* Use correct data types
Change-Id: Ie53ea68ee24f92e4135133de19872f9a7c31b101
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Name: cert-svc-vcore
Description: cert-svc-vcore
Version: @VERSION@
-Requires: cert-svc libxml-2.0 libxslt openssl libsoup-2.4 secure-storage xmlsec1 db-util
+Requires: cert-svc libxml-2.0 libxslt openssl libsoup-2.4 xmlsec1 db-util
Libs: -L${libdir} -lcert-svc-vcore
Cflags: -I${includedir}/cert-svc
/*********************************************************************************/
/* Function definitions */
/*********************************************************************************/
-int get_content_into_buf_PEM(unsigned char* content, cert_svc_mem_buff* cert);
-int get_content_into_buf_DER(unsigned char* content, cert_svc_mem_buff* cert);
-
int cert_svc_util_get_file_size(const char* filepath, unsigned long int* length);
int cert_svc_util_load_file_to_buffer(const char* filePath, cert_svc_mem_buff* certBuf);
int cert_svc_util_load_PFX_file_to_buffer(const char* filePath, cert_svc_mem_buff* certBuf, cert_svc_linked_list** certLink, unsigned char** privateKey, int* priKeyLen, char* passPhrase);
-int cert_svc_util_get_cert_path(const char* fileName, const char* location, char* retBuf);
int cert_svc_util_base64_encode(const unsigned char* in, int inLen, unsigned char* out, int* outLen);
int cert_svc_util_base64_decode(const unsigned char* in, int inLen, unsigned char* out, int* outLen);
-int cert_svc_util_get_extension(const char* filePath, cert_svc_mem_buff* certBuf);
-int push_cert_into_linked_list(cert_svc_linked_list** certLink, X509* popedCert);
int get_visibility_by_fingerprint(const char* fingerprint, int* visibility);
int get_visibility_by_certificate(const unsigned char* cert_data, int data_len, int* visibility);
int get_type_by_fingerprint(const char* fingerprint, int* cert_type);
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(libpcrecpp)
BuildRequires: pkgconfig(xmlsec1)
-BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(libxslt)
BuildRequires: pkgconfig(icu-i18n)
BuildRequires: pkgconfig(db-util)
BuildRequires: pkgconfig(libsystemd-daemon)
BuildRequires: pkgconfig(key-manager)
-BuildRequires: pkgconfig(secure-storage)
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: pkgconfig(libsystemd-journal)
BuildRequires: boost-devel
REQUIRED
openssl
dlog
- glib-2.0
libxml-2.0
- secure-storage
)
SET(CERT_SVC_PATH ${CMAKE_CURRENT_SOURCE_DIR})
#include <cert-svc/ccert.h>
-//#include <vcore/VCore.h>
-//#include <libsoup/soup.h> // includes headers with g_type_init
-
CertSvcInstance vinstance;
int main (int argc, char *argv[])
const char *ptr = "Samsung";
const char *buffer;
- int len;
+ size_t len;
certsvc_string_to_cstring(string, &buffer, &len);
RUNNER_ASSERT_MSG(CERTSVC_SUCCESS == result, "Error in reading ISSUER field.");
- int size;
+ size_t size;
const char *ptr;
certsvc_string_to_cstring(subject, &ptr, &size);
#include <dpl/test/test_runner.h>
#include <cert-svc/cinstance.h>
#include <cert-svc/ccert.h>
-#include <glib.h>
#include <cert-svc/cpkcs12.h>
#include <cert-svc/cerror.h>
#include <cert-svc/cprimitives.h>
CertStoreType storeType = SYSTEM_STORE;
CertSvcStoreCertList* certList = NULL;
CertSvcStoreCertList* tmpNode = NULL;
- int length = 0;
int result;
int count = 0;
CREATE_INSTANCE
//start time
clock_t tic = clock();
+ size_t length = 0;
result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length);
RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed");
clock_t toc = clock();
char *gname = "Certum_Root_CA.pem";
CertStoreType storeType = SYSTEM_STORE;
CertStatus Status;
- int status = -1;
+ CertStatus status;
int result;
CertSvcString Alias;
char* pass = NULL;
CertStoreType type;
int result;
- int length = 0;
+ size_t length = 0;
int count = 0;
CertSvcStoreCertList* certList1 = NULL;
CertStoreType type;
int result;
int count = 0;
- int length = 0;
+ size_t length = 0;
CREATE_INSTANCE
CertSvcString Alias, Path, Pass;
char *alias = "CRT-TestingCRT1";
CertStoreType type;
int result;
- int length = 0;
+ size_t length = 0;
int count = 0;
CertSvcStoreCertList* certList1 = NULL;
CertStoreType type;
int result;
int count = 0;
- int length = 0;
+ size_t length = 0;
CREATE_INSTANCE
CertSvcString Alias, Path, Pass;
char *alias = "P12-WifiUser";
CertStoreType storeType;
int result;
- int length = 0;
+ size_t length = 0;
int count = 0;
CREATE_INSTANCE
char *alias = "P12-WifiUser-all-store";
CertStoreType storeType;
int result;
- int length = 0;
+ size_t length = 0;
int count =0;
CREATE_INSTANCE
CertStoreType storeType;
int result;
int count = 0;
- int length = 0;
+ size_t length = 0;
CREATE_INSTANCE
CertSvcString Alias, Path, Pass;
CertSvcStoreCertList* certList = NULL;
CertSvcStoreCertList* tmpNode = NULL;
CertSvcStoreCertList* tmp = NULL;
- int length = 0;
+ size_t length = 0;
int count = 0;
int result;
CertSvcStoreCertList* tmpNode = NULL;
CertStoreType storeType = (CertStoreType) (WIFI_STORE);
int result;
- int length;
+ size_t length;
CREATE_INSTANCE
CertSvcStoreCertList* certList1 = NULL;
CertStoreType storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE);
int result;
- int length;
+ size_t length;
CertSvcString gname;
CREATE_INSTANCE
CertSvcStoreCertList* certList = NULL;
CertSvcStoreCertList* tmpNode = NULL;
CertSvcStoreCertList* tmp = NULL;
- int length = 0;
+ size_t length = 0;
int count = 0;
int result = -1;
gboolean exists = FALSE;
char *alias = "PFX-WifiServer-without-password";
CertStoreType storeType;
int result;
- gboolean exists = FALSE;
+ int exists;
CREATE_INSTANCE
CertSvcString Alias, Path, Pass;
CertSvcStoreCertList* certList1 = NULL;
CertStoreType storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE);
int result;
- int length;
+ size_t length;
CertSvcString buffer1, gname;
CertSvcString buffer2;
const char *temp = NULL;
CertSvcStoreCertList* certList1 = NULL;
CertStoreType storeType = (CertStoreType) (SYSTEM_STORE);
int result = CERTSVC_SUCCESS;
- int length = 0;
+ size_t length = 0;
int count = 0;
CertSvcString buffer1, gname;
CertSvcString buffer2;
CertSvcStoreCertList* certList1 = NULL;
CertSvcCertificate cert;
int result = CERTSVC_SUCCESS;
- int length = 0;
+ size_t length = 0;
int i=0;
- int certListlength = 0;
+ size_t certListlength = 0;
const char *temp = NULL;
CertSvcString buffer1,buffer2, gname;
CertSvcStoreCertList* certList1 = NULL;
FILE *fp = NULL;
int result = CERTSVC_SUCCESS;
- int length = 0;
+ size_t length = 0;
CertSvcString gname;
- gchar *privatekey_path = NULL;
+ char *privatekey_path = NULL;
EVP_PKEY *privatekey = NULL;
CREATE_INSTANCE
int result = CERTSVC_SUCCESS;
CertSvcString Alias;
CertStatus Status;
- int status = -1;
- int length = 0;
+ CertStatus status;
+ size_t length = 0;
int count = 0;
int i;
char* gname = "eb375c3e.0";
CertStoreType storeType = (CertStoreType) (DISABLED);
CertStatus Status;
- int status = -1;
+ CertStatus status;
int result;
CertSvcString Alias;
CertStoreType storeType = (CertStoreType) (0);
CertSvcStoreCertList* certList = NULL;
CertStatus Status;
- int status = -1;
- int length;
+ CertStatus status;
+ size_t length;
int result;
CertSvcString Alias;
CertStoreType storeType = (CertStoreType) (WIFI_STORE);
CertSvcStoreCertList* certList = NULL;
CertStatus Status;
- int status = -1;
- int length;
+ CertStatus status;
+ size_t length;
int result;
CertSvcString Alias;
CertSvcCertificateList cert_list;
CertSvcCertificate ca_certificate;
CertSvcCertificate *selected_certificate = NULL;
- int length;
+ size_t length;
int result;
int count=1;
int validity;
- int cert_counts = 0;
+ size_t cert_counts = 0;
CertSvcString Alias;
char *alias = NULL;
X509 *x509 = NULL;
FILE *fp = NULL;
EVP_PKEY *privatekey = NULL;
- gchar *privatekey_path = NULL;
- gchar *ca_cert_path = NULL;
- gchar *user_cert_path = NULL;
+ char *privatekey_path = NULL;
+ char *ca_cert_path = NULL;
+ char *user_cert_path = NULL;
int cert_index = 0;
CREATE_INSTANCE
int result = CERTSVC_SUCCESS;
CertSvcString Alias;
CertStatus Status;
- int status = -1;
- int length = 0;
+ CertStatus status;
+ size_t length = 0;
int count = 0;
int i;
*/
#include <dpl/test/test_runner.h>
-#include <vcore/VCore.h>
-
-#include <glib-object.h>
-
int main (int argc, char *argv[])
{
- ValidationCore::VCoreInit();
-
- ValidationCore::AttachToThreadRW();
DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
- ValidationCore::DetachFromThread();
-
- ValidationCore::VCoreDeinit();
return 0;
}
PKG_CHECK_MODULES(VCORE_DEPS
REQUIRED
- glib-2.0
libxml-2.0
libpcrecpp
openssl
xmlsec1
dlog
- secure-storage
icu-uc
libsoup-2.4
db-util
${VCORE_SRC_DIR}/CertificateConfigReader.cpp
${VCORE_SRC_DIR}/CertificateLoader.cpp
${VCORE_SRC_DIR}/CertStoreType.cpp
- ${VCORE_SRC_DIR}/Config.cpp
${VCORE_SRC_DIR}/CryptoHash.cpp
${VCORE_SRC_DIR}/OCSPCertMgrUtil.cpp
${VCORE_SRC_DIR}/ReferenceValidator.cpp
${VCORE_SRC_DIR}/TimeConversion.cpp
${VCORE_SRC_DIR}/VerificationStatus.cpp
${VCORE_SRC_DIR}/ValidatorFactories.cpp
- ${VCORE_SRC_DIR}/VCore.cpp
${VCORE_SRC_DIR}/WrtSignatureValidator.cpp
${VCORE_SRC_DIR}/SignatureValidator.cpp
${VCORE_SRC_DIR}/XmlsecAdapter.cpp
)
INSTALL(FILES
- ${VCORE_SRC_DIR}/VCore.h
${VCORE_SRC_DIR}/WrtSignatureValidator.h
${VCORE_SRC_DIR}/SignatureValidator.h
${VCORE_SRC_DIR}/SignatureFinder.h
#endif
typedef struct CertSvcCertificate_t {
- int privateHandler;
+ size_t privateHandler;
CertSvcInstance privateInstance;
} CertSvcCertificate;
typedef struct CertSvcCertificateList_t {
- int privateHandler;
+ size_t privateHandler;
CertSvcInstance privateInstance;
} CertSvcCertificateList;
ALL_STORE = VPN_STORE | WIFI_STORE | EMAIL_STORE | SYSTEM_STORE
} CertStoreType;
+typedef enum certStatus_t {
+ DISABLED = 0,
+ ENABLED = 1,
+} CertStatus;
+
typedef struct CertSvcStoreCertList_t{
- char* gname; // keyfile group name
- char* title; // common Name / Alias provided by the user
- int status; // enabled / disabled
- CertStoreType storeType; // Holds the storetype information
+ char *gname; // keyfile group name
+ char *title; // common Name / Alias provided by the user
+ CertStatus status;
+ CertStoreType storeType;
struct CertSvcStoreCertList_t *next;
}CertSvcStoreCertList;
INVALID_DATA = 1 << 5,
} CertType;
-typedef enum certStatus_t {
- DISABLED = 0,
- ENABLED = 1,
-} CertStatus;
-
typedef enum CertSvcCertificateForm_t {
/* CERTSVC_FORM_PEM, */
CERTSVC_FORM_DER,
} CertSvcCertificateField;
typedef enum CertSvcVisibility_t {
- CERTSVC_VISIBILITY_DEVELOPER = 1,
- CERTSVC_VISIBILITY_TEST = 1 << 1,
- CERTSVC_VISIBILITY_PUBLIC = 1 << 6,
- CERTSVC_VISIBILITY_PARTNER = 1 << 7,
- CERTSVC_VISIBILITY_PARTNER_OPERATOR = 1 << 8,
+ CERTSVC_VISIBILITY_DEVELOPER = 1,
+ CERTSVC_VISIBILITY_TEST = 1 << 1,
+ CERTSVC_VISIBILITY_PUBLIC = 1 << 6,
+ CERTSVC_VISIBILITY_PARTNER = 1 << 7,
+ CERTSVC_VISIBILITY_PARTNER_OPERATOR = 1 << 8,
CERTSVC_VISIBILITY_PARTNER_MANUFACTURER = 1 << 9,
- CERTSVC_VISIBILITY_PLATFORM = 1 << 10
+ CERTSVC_VISIBILITY_PLATFORM = 1 << 10
} CertSvcVisibility;
/**
*/
int certsvc_get_certificate(CertSvcInstance instance,
CertStoreType storeType,
- char *gname,
+ const char *gname,
CertSvcCertificate *certificate);
/**
*/
int certsvc_certificate_new_from_memory(CertSvcInstance instance,
const unsigned char *memory,
- int len,
+ size_t len,
CertSvcCertificateForm form,
CertSvcCertificate *certificate);
* @return CERTSVC_SUCCESS, CERTSVC_WRONG_ARGUMENT
*/
int certsvc_certificate_list_get_one(CertSvcCertificateList handler,
- int position,
+ size_t position,
CertSvcCertificate *certificate);
/**
* @return CERTSVC_SUCCESS, CERTSVC_WRONG_ARGUMENT
*/
int certsvc_certificate_list_get_length(CertSvcCertificateList handler,
- int *size);
+ size_t *size);
/**
* This function will free list. It will not free certificates on the list.
* @param[in] size Size of certificate_array
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC
*/
-int certsvc_certificate_chain_sort(CertSvcCertificate *unsortedChain, int size);
+int certsvc_certificate_chain_sort(CertSvcCertificate *unsortedChain, size_t size);
/**
* Base64 string will be connected with same instance as message.
*/
int certsvc_certificate_verify(
CertSvcCertificate certificate,
- CertSvcCertificate *trusted,
- int trustedSize,
- CertSvcCertificate *untrusted,
- int untrustedSize,
+ const CertSvcCertificate *trusted,
+ size_t trustedSize,
+ const CertSvcCertificate *untrusted,
+ size_t untrustedSize,
int *status);
/**
*/
int certsvc_certificate_verify_with_caflag(
CertSvcCertificate certificate,
- CertSvcCertificate *trusted,
- int trustedSize,
- CertSvcCertificate *untrusted,
- int untrustedSize,
+ const CertSvcCertificate *trusted,
+ size_t trustedSize,
+ const CertSvcCertificate *untrusted,
+ size_t untrustedSize,
int *status);
/**
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR
*
*/
-int certsvc_certificate_get_visibility(CertSvcCertificate certificate, int* visibility);
+int certsvc_certificate_get_visibility(CertSvcCertificate certificate, CertSvcVisibility *visibility);
#ifdef __cplusplus
#endif
/**
- * Query PKCS#12 storage to find out whenever new alias proposal is unique.
- *
- * @param[in] instance CertSvcInstance object.
- * @param[in] proposal Desired alias name.
- * @param[out] is_unique CERTSVC_TRUE (if there isn't such alias already) or CERTSVC_FALSE.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_WRONG_ARGUMENT
- */
-int certsvc_pkcs12_alias_exists(CertSvcInstance instance,
- CertSvcString alias,
- int *is_unique);
-
-/**
- * Import PKCS#12 container from file.
- *
- * @param[in] instance CertSvcInstance object.
- * @param[in] path Path to container file.
- * @param[in] password Container password (can be empty or NULL).
- * @param[in] alias Logical name for certificate bundle identification (can't be empty).
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_INVALID_PASSWORD, CERTSVC_WRONG_ARGUMENT, CERTSVC_DUPLICATED_ALIAS
- */
-int certsvc_pkcs12_import_from_file(CertSvcInstance instance,
- CertSvcString path,
- CertSvcString password,
- CertSvcString alias);
-
-/**
- * Get a list of PKCS#12 bundles from storage. This list could be freed by:
- * certsvc_string_list_free, certsvc_instance_reset, certsvc_instance_free.
- *
- * @param[in] instance CertSvcInstance object.
- * @param[out] pfxIdStringList List of PKCS#12 aliases.
- * @return CERTSVC_SUCCESS, CERTSVC_BAD_ALLOC, CERTSVC_FAIL
- */
-int certsvc_pkcs12_get_id_list(CertSvcInstance instance,
- CertSvcStringList *pfxIdStringList);
-
-/**
* Check whenever PKCS#12 container is password protected.
*
* @param[in] instance CertSvcInstance object.
int *has_password);
/**
- * Get a list of certificates from PKCS#12 bundle. You may free this list by:
- * certsvc_certificate_list_free. You may free certificates from list with:
- * certsvc_certificate_free.
- *
- * @param[in] instance CertSvcInstance object.
- * @param[in] pfxIdString Identification of pfx/pkcs file.
- * @param[out] certificateList List of certificates.
- * @return CERTSVC_SUCCESS, CERTSVC_BAD_ALLOC, CERTSVC_FAIL, CERTSVC_IO_ERROR
- */
-int certsvc_pkcs12_load_certificate_list(CertSvcInstance instance,
- CertSvcString alias,
- CertSvcCertificateList* certificateList);
-
-/**
- * This function will load to memory private file content. This functin will
- * not parse it in any way.
- * This memory must be freed by certsvc_private_key_free.
- *
- * @param[in] instance CertSvcInstance object.
- * @param[in] prfIdString Container bundle identifier.
- * @param[out] buffer Poiner to newly-allocated memory with private key data.
- * @param[out] size Size of the newly-allocated buffer. Zero means there is no key.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT
- */
-int certsvc_pkcs12_private_key_dup(CertSvcInstance instance,
- CertSvcString alias,
- char **buffer,
- size_t *size);
-
-/**
* Couter-routine for certsvc_pkcs12_private_key_dup.
*
* @param[in] pointer Memory claimed by private key.
void certsvc_pkcs12_private_key_free(char *buffer);
/**
- * Remove logical PKCS#12 container with associated certificates and private key.
- *
- * @param[in] instance CertSvcInstance object.
- * @param[in] alias Container bundle identifier.
- * @return CERTSVC_SUCCESS, CERTSVC_IO_ERROR, CERTSVC_BAD_ALLOC
- */
-int certsvc_pkcs12_delete(CertSvcInstance instance,
- CertSvcString alias);
-
-/**
* This function will load to memory private file content. This functin will
* not parse it in any way.
* This memory must be freed by certsvc_private_key_free.
int certsvc_pkcs12_get_certificate_status_from_store(CertSvcInstance instance,
CertStoreType storeType,
CertSvcString gname,
- int *status);
+ CertStatus *status);
/**
* This function will get the Alias name, Path to certificate, Certificate status of all
CertStoreType storeType,
int is_root_app,
CertSvcStoreCertList** certList,
- int* length);
+ size_t *length);
/**
* This function will get the Alias name, Path to certificate, Certificate status of all
int certsvc_pkcs12_get_end_user_certificate_list_from_store(CertSvcInstance instance,
CertStoreType storeType,
CertSvcStoreCertList** certList,
- int* length);
+ size_t* length);
/**
* This function will get the Alias name, Path to certificate, Certificate status of all
int certsvc_pkcs12_get_root_certificate_list_from_store(CertSvcInstance instance,
CertStoreType storeType,
CertSvcStoreCertList** certList,
- int* length);
+ size_t* length);
/**
* This function will free all the linked list of data structure holding the information about
*/
int certsvc_pkcs12_get_certificate_from_store(CertSvcInstance instance,
CertStoreType storeType,
- char *gname,
+ const char *gname,
CertSvcCertificate *certificate);
/**
* be release with function certsvc_pkcs12_free_evp_pkey
*
* @param[in] instance
- * @param[in] alias Pkcs12 identificator.
- * @param[out] pkey Duplicate of private key.
- * @return CERTSVC_SUCCESS, CERT_FAIL
- */
-
-int certsvc_pkcs12_dup_evp_pkey(CertSvcInstance instance,
- CertSvcString alias,
- EVP_PKEY** pkey);
-
-/**
- * This will return pointer to EVP_PKEY base openssl struct. This struct must
- * be release with function certsvc_pkcs12_free_evp_pkey
- *
- * @param[in] instance
* @param[in] storeType Refers to VPN_STORE / WIFI_STORE / EMAIL_STORE / SYSTEM_STORE / ALL_STORE.
* @param[in] gname Pkcs12 identificator.
* @param[out] pkey Duplicate of private key.
typedef struct CertSvcStringList_t {
- int privateHandler;
+ size_t privateHandler;
CertSvcInstance privateInstance;
} CertSvcStringList;
* implementation of strings and it may change at any time without notice!
* To extract data use certsvc_string_to_cstring function!
*/
- char* privateHandler;
- int privateLength;
+ char *privateHandler;
+ size_t privateLength;
CertSvcInstance privateInstance;
} CertSvcString;
int certsvc_string_new(
CertSvcInstance instance,
const char *input,
- int size,
+ size_t size,
CertSvcString *output);
/**
int certsvc_string_not_managed(
CertSvcInstance instance,
const char *input,
- int size,
+ size_t size,
CertSvcString *output);
/**
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC
*/
int certsvc_string_list_get_one(CertSvcStringList hander,
- int position,
+ size_t position,
CertSvcString *buffer);
/**
* @param[out] size Number of elements on the list.
* @return CERTSVC_SUCCESS, CERTSVC_WRONG_ARGUMENT
*/
-int certsvc_string_list_get_length(CertSvcStringList hander,int *size);
+int certsvc_string_list_get_length(CertSvcStringList hander, size_t *size);
/**
* Free data.
* @param[out] buffer cstring
* @param[out] len Length of cstring
*/
-void certsvc_string_to_cstring(CertSvcString string, const char **buffer, int *len);
+void certsvc_string_to_cstring(CertSvcString string, const char **buffer, size_t *len);
#ifdef __cplusplus
}
#include <db-util.h>
-int getCertificateDetailFromStore(sqlite3 *db_handle, int storeType, int certType, const char* pGname, char* pCertBuffer, size_t *certLength);
+int getCertificateDetailFromStore(sqlite3 *db_handle, CertStoreType storeType, CertType certType, const char* pGname, char* pCertBuffer, size_t *certLength);
int getCertificateDetailFromSystemStore(sqlite3 *db_handle, const char* pGname, char* pCertBuffer, size_t *certLength);
-int deleteCertificateFromStore(sqlite3 *db_handle, int storeType, const char* pGname);
+int deleteCertificateFromStore(sqlite3 *db_handle, CertStoreType storeType, const char* pGname);
-int getCertificateStatusFromStore(sqlite3 *db_handle, int storeType, const char* pGname, int *status);
+int getCertificateStatusFromStore(sqlite3 *db_handle, CertStoreType storeType, const char* pGname, CertStatus *status);
-int setCertificateStatusToStore(sqlite3 *db_handle, int storeType, int is_root_app, const char* pGname, int status);
+int setCertificateStatusToStore(sqlite3 *db_handle, CertStoreType storeType, int is_root_app, const char* pGname, CertStatus status);
-int checkAliasExistsInStore(sqlite3 *db_handle, int storeType, const char* alias, int *status);
+int checkAliasExistsInStore(sqlite3 *db_handle, CertStoreType storeType, const char* alias, int *isUnique);
-int installCertificateToStore(sqlite3 *db_handle, int storeType, const char* pGname, const char *common_name, const char *private_key_gname, const char *associated_gname, const char *pCertBuffer, size_t certLength, int certType);
+int installCertificateToStore(sqlite3 *db_handle, CertStoreType storeType, const char* pGname, const char *common_name, const char *private_key_gname, const char *associated_gname, const char *pCertBuffer, size_t certLength, CertType certType);
-int getCertificateListFromStore(sqlite3 *db_handle, int reqType, int storeType, int is_root_app, char **ppCertListBuffer, size_t *bufferLen, int *certCount);
+int getCertificateListFromStore(sqlite3 *db_handle, int reqType, CertStoreType storeType, int is_root_app, char **ppCertListBuffer, size_t *bufferLen, size_t *certCount);
-int getCertificateAliasFromStore(sqlite3 *db_handle, int storeType, const char* pGname, char* alias);
+int getCertificateAliasFromStore(sqlite3 *db_handle, CertStoreType storeType, const char* pGname, char* alias);
-int loadCertificatesFromStore(sqlite3 *db_handle, int storeType, const char* pGname, char **ppCertBlockBuffer, size_t *bufferLen, int *certBlockCount);
+int loadCertificatesFromStore(sqlite3 *db_handle, CertStoreType storeType, const char* pGname, char **ppCertBlockBuffer, size_t *bufferLen, size_t *certBlockCount);
int update_ca_certificate_file(sqlite3 *db_handle, char *certBuffer, size_t certLength);
#include <fcntl.h>
#include <errno.h>
#include <string.h>
-#include <glib.h>
#include <dirent.h>
#include <sys/smack.h>
#include <sys/socket.h>
#include <cert-server-logic.h>
+static CertStatus int_to_CertStatus(int intval)
+{
+ switch (intval) {
+ case 1:
+ return ENABLED;
+ case 0:
+ default:
+ return DISABLED;
+ }
+}
+
+static int CertStatus_to_int(CertStatus status)
+{
+ switch (status) {
+ case ENABLED:
+ return 1;
+ case DISABLED:
+ default:
+ return 0;
+ }
+}
+
char *add_shared_owner_prefix(const char *name)
{
size_t alias_len = strlen(name) + strlen(ckmc_label_shared_owner) + strlen(ckmc_label_name_separator);
if (is_root_app == ENABLED)
query = sqlite3_mprintf("update %Q set is_root_app_enabled=%d , enabled=%d where gname=%Q", ((storeType == WIFI_STORE)? "wifi" : \
- (storeType == VPN_STORE)? "vpn" : (storeType == EMAIL_STORE)? "email" : "ssl"), status, status, pGname);
+ (storeType == VPN_STORE)? "vpn" : (storeType == EMAIL_STORE)? "email" : "ssl"), CertStatus_to_int(status), status, pGname);
else
query = sqlite3_mprintf("update %Q set enabled=%d where gname=%Q", ((storeType == WIFI_STORE)? "wifi" : \
- (storeType == VPN_STORE)? "vpn" : (storeType == EMAIL_STORE)? "email" : "ssl"), status, pGname);
+ (storeType == VPN_STORE)? "vpn" : (storeType == EMAIL_STORE)? "email" : "ssl"), CertStatus_to_int(status), pGname);
if (!query) {
SLOGE("Failed to generate query");
int setCertificateStatusToStore(
sqlite3 *db_handle,
- int storeType,
+ CertStoreType storeType,
int is_root_app,
const char *pGname,
- int status)
+ CertStatus status)
{
if (!pGname) {
SLOGE("Invalid input parameter passed.");
int getCertificateStatusFromStore(
sqlite3 *db_handle,
- int storeType,
+ CertStoreType storeType,
const char* pGname,
- int *status)
+ CertStatus *status)
{
if (!pGname) {
SLOGE("Invalid input parameter passed.");
return CERTSVC_FAIL;
}
- *status = sqlite3_column_int(stmt, 2);
+ *status = int_to_CertStatus(sqlite3_column_int(stmt, 2));
sqlite3_finalize(stmt);
sqlite3 *db_handle,
CertStoreType storeType,
const char *alias,
- int *status)
+ int *isUnique)
{
sqlite3_stmt *stmt = NULL;
- if (!alias || !status) {
+ if (!alias || !isUnique) {
SLOGE("Invalid input parameter passed.");
return CERTSVC_WRONG_ARGUMENT;
}
result = sqlite3_step(stmt);
sqlite3_finalize(stmt);
- if (result != SQLITE_ROW) {
- SLOGD("No records found with the alias passed (%s).", alias);
- *status = CERTSVC_TRUE;
- } else {
- SLOGD("Records found with the alias passed (%s).", alias);
- *status = CERTSVC_FALSE;
- }
+ if (result != SQLITE_ROW)
+ *isUnique = CERTSVC_TRUE;
+ else
+ *isUnique = CERTSVC_FALSE;
return CERTSVC_SUCCESS;
}
int installCertificateToStore(
sqlite3 *db_handle,
- int storeType,
+ CertStoreType storeType,
const char *pGname,
const char *common_name,
const char *private_key_gname,
const char *associated_gname,
const char *dataBlock,
size_t dataBlockLen,
- int certType)
+ CertType certType)
{
if ((!pGname)
|| (certType == P12_END_USER && !common_name && !private_key_gname)
int checkAliasExistsInStore(
sqlite3 *db_handle,
- int storeType,
+ CertStoreType storeType,
const char* alias,
- int *status)
+ int *isUnique)
{
if (!alias) {
SLOGE("Invalid input parameter passed.");
return CERTSVC_WRONG_ARGUMENT;
}
- *status = CERTSVC_FAIL;
- int result = check_alias_exist_in_database(db_handle, storeType, alias, status);
+ *isUnique = CERTSVC_FAIL;
+ int result = check_alias_exist_in_database(db_handle, storeType, alias, isUnique);
if (result != CERTSVC_SUCCESS) {
SLOGE("Failed to check_alias_exist_in_database. err[%d]", result);
return CERTSVC_FAIL;
}
- if (*status == CERTSVC_TRUE) {
+ if (*isUnique == CERTSVC_TRUE) {
SLOGD("Alias (%s) does not exist in %s store.",
alias,
(storeType == VPN_STORE) ? "VPN" :
int getCertificateDetailFromStore(
sqlite3 *db_handle,
- int storeType,
- int certType,
+ CertStoreType storeType,
+ CertType certType,
const char *pGname,
char *pOutData,
size_t *size)
return CERTSVC_SUCCESS;
}
-int deleteCertificateFromStore(sqlite3 *db_handle, int storeType, const char* pGname) {
+int deleteCertificateFromStore(sqlite3 *db_handle, CertStoreType storeType, const char *pGname) {
int result = CERTSVC_SUCCESS;
int ckmc_result = CKMC_ERROR_UNKNOWN;
int getCertificateListFromStore(
sqlite3 *db_handle,
int reqType,
- int storeType,
+ CertStoreType storeType,
int is_root_app,
char **certListBuffer,
size_t *bufferLen,
- int *certCount)
+ size_t *certCount)
{
int result = CERTSVC_SUCCESS;
CertSvcStoreCertList *rootCertHead = NULL;
char *query = NULL;
int loopCount = 0;
int records = 0;
- int count = 0;
- int i = 0;
+ size_t count = 0;
+ size_t i = 0;
while (1) {
while (1) {
records = sqlite3_step(stmt);
if (records != SQLITE_ROW || records == SQLITE_DONE) {
- if (count < 0) {
+ if (count == 0) {
SLOGE("No records found");
result = CERTSVC_SUCCESS;
goto error;
}
}
- if (count <=0 ) {
+ if (count == 0) {
SLOGD("No entries found in database.");
result = CERTSVC_SUCCESS;
}
return result;
}
-int getCertificateAliasFromStore(sqlite3 *db_handle, int storeType, const char* gname, char* alias)
+int getCertificateAliasFromStore(sqlite3 *db_handle, CertStoreType storeType, const char *gname, char *alias)
{
int result = CERTSVC_SUCCESS;
int records = 0;
int loadCertificatesFromStore(
sqlite3 *db_handle,
- int storeType,
+ CertStoreType storeType,
const char* gname,
char **ppCertBlockBuffer,
size_t *bufferLen,
- int *certBlockCount)
+ size_t *certBlockCount)
{
int result = CERTSVC_SUCCESS;
- int count = 0;
+ size_t count = 0;
int records = 0;
sqlite3_stmt *stmt = NULL;
char *query = NULL;
char **certs = NULL;
const char *tmpText = NULL;
- int i = 0;
+ size_t i = 0;
query = sqlite3_mprintf("select associated_gname from %Q where gname=%Q", ((storeType==WIFI_STORE)? "wifi" : \
(storeType==VPN_STORE)? "vpn" : "email"), gname);
return CERTSVC_SUCCESS;
}
-int initialize_db(void) {
-
+int initialize_db(void)
+{
int result = CERTSVC_SUCCESS;
-// int i=0;
-// static int reentry = 1;
-// char *query = NULL;
-// char db_list[][6]={"wifi","vpn","email"};
-
- if (cert_store_db == NULL) {
- result = open_db(&cert_store_db, CERTSVC_SYSTEM_STORE_DB);
- if (result != CERTSVC_SUCCESS) {
- SLOGE("Certsvc store DB creation failed. result[%d]", result);
- return result;
- }
- }
-/*
- if (reentry == 1) {
- for (i=0; i<3; i++) {
- query = sqlite3_mprintf("create table if not exists %Q (gname text primary key not null, " \
- "common_name text key not null, private_key_gname text, " \
- "associated_gname text, is_root_cert integer, " \
- "enabled integer key not null,"
- "is_root_app_enabled integer key not null)", db_list[i]);
-
- result = evaluate_query(cert_store_db, query);
- if (result != CERTSVC_SUCCESS) {
- SLOGE("Certificate store database initialisation Failed.");
- result = CERTSVC_FAIL;
- }
- sqlite3_free(query); query=NULL;
- }
-
- query = sqlite3_mprintf("create table if not exists disabled_certs "\
- "(gname text primary key not null, certificate text key not null)");
-
- result = evaluate_query(cert_store_db, query);
- if (result != CERTSVC_SUCCESS) {
- SLOGE("wifi store DB initialisation Failed.");
- result = CERTSVC_FAIL;
- }
-
- sqlite3_free(query); query=NULL;
- result = CERTSVC_SUCCESS;
- reentry++;
- goto err;
- }
+ if (cert_store_db != NULL)
+ return CERTSVC_SUCCESS;
-err:
-*/
+ result = open_db(&cert_store_db, CERTSVC_SYSTEM_STORE_DB);
+ if (result != CERTSVC_SUCCESS)
+ SLOGE("Certsvc store DB creation failed. result[%d]", result);
- return CERTSVC_SUCCESS;
+ return result;
}
void CertSigHandler(int signo)
client_len = sizeof(clientaddr);
signal(SIGINT, (void*)CertSigHandler);
-/*
- if (!cert_store_db) {
- result = initialize_db();
- if (result != CERTSVC_SUCCESS) {
- SLOGE("Failed to initialize database.");
- result = CERTSVC_IO_ERROR;
- goto Error_close_exit;
- }
-
- if (cert_store_db) {
- sqlite3_close(cert_store_db);
- cert_store_db = NULL;
- }
+ result = initialize_db();
+ if (result != CERTSVC_SUCCESS) {
+ SLOGE("Failed to initialize database.");
+ result = CERTSVC_IO_ERROR;
+ goto Error_close_exit;
}
-*/
fd_set fd;
struct timeval tv;
goto Error_close_exit;
}
- if (!cert_store_db) {
- result = initialize_db();
- if (result != CERTSVC_SUCCESS) {
- SLOGE("Failed to initialize database.");
- result = CERTSVC_IO_ERROR;
- goto Error_close_exit;
- }
- }
-
SLOGD("revc request: reqType=%d", recv_data.reqType);
switch (recv_data.reqType) {
cert_store_db,
recv_data.storeType,
recv_data.gname,
- &send_data.certStatus);
+ &send_data.isAliasUnique);
result = send(client_sockfd, (char*)&send_data, sizeof(send_data), 0);
break;
}
//result = send(client_sockfd, (char*)&send_data, sizeof(send_data), 0);
//SLOGE("retry result :%d, errno %d", result, errno);
}
-
- close(client_sockfd);
- if (cert_store_db) {
- sqlite3_close(cert_store_db);
- cert_store_db = NULL;
- SLOGI("cert_store db was closed");
- }
}
Error_close_exit:
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <vcore/Config.h>
-
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(ValidationCore::Config)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _SRC_VALIDATION_CORE_VALIDATION_CORE_CONFIG_H_
-#define _SRC_VALIDATION_CORE_VALIDATION_CORE_CONFIG_H_
-
-#include <string>
-
-#include <dpl/singleton.h>
-
-namespace ValidationCore {
-class Config {
-public:
- /*
- * Set path to config file with certificate description.
- */
- bool setXMLConfigPath(const std::string& path) {
- if (!m_certificateXMLConfigPath.empty()) {
- return false;
- }
- m_certificateXMLConfigPath = path;
- return true;
- }
-
- /*
- * Set path to schema of config file.
- */
- bool setXMLSchemaPath(const std::string& path) {
- if (!m_certificateXMLSchemaPath.empty()) {
- return false;
- }
- m_certificateXMLSchemaPath = path;
- return true;
- }
-
- /*
- * Get path to config file with certificate description.
- */
- std::string getXMLConfigPath() {
- return m_certificateXMLConfigPath;
- }
-
- /*
- * Get path to schema of config file.
- */
- std::string getXMLSchemaPath() {
- return m_certificateXMLSchemaPath;
- }
-
-private:
- std::string m_certificateXMLConfigPath;
- std::string m_certificateXMLSchemaPath;
-};
-
-typedef VcoreDPL::Singleton<Config> ConfigSingleton;
-
-} // namespace ValidationCore
-
-#endif // _SRC_VALIDATION_CORE_VALIDATION_CORE_CONFIG_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file VCore.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @brief
- */
-
-#include <vcore/VCorePrivate.h>
-#include <vcore/Config.h>
-#include <openssl/ssl.h>
-#include <glib.h>
-#include <glib-object.h>
-
-#include <dpl/assert.h>
-#include <dpl/log/log.h>
-
-namespace ValidationCore {
-
-void AttachToThreadRO(void)
-{
-}
-
-void AttachToThreadRW(void)
-{
-}
-
-void DetachFromThread(void)
-{
-}
-
-void VCoreInit()
-{
- SSL_library_init();
-
- Config &globalConfig = ConfigSingleton::Instance();
-
- globalConfig.setXMLConfigPath(std::string(FINGERPRINT_LIST_PATH));
- globalConfig.setXMLSchemaPath(std::string(FINGERPRINT_LIST_SCHEMA_PATH));
-}
-
-void VCoreDeinit()
-{
-}
-
-} // namespace ValidationCore
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file VCore.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _VCORE_SRC_VCORE_VCORE_H_
-#define _VCORE_SRC_VCORE_VCORE_H_
-
-#include <string>
-
-namespace ValidationCore {
-/*
- * This function could be run only once. If you call it twice it will
- * return false and non data will be set.
- *
- * This function must be call before AttachToThread function.
- */
-void VCoreInit(void);
-
-/*
- * This function will free internal structures responsible for db connection.
- */
-void VCoreDeinit(void);
-
-/*
- * All thread with are using OCSP/CRL must call AttachToThread function before
- * it can call OCSP/CRL. More than one thread could be Attach with OCPS/CRL.
- *
- * You mast attach thread to OCSP/CRL because OCSP/CRL is using database
- * CertificateCachedDAO. For each thread that will be using this database
- * vcore must create internal structure (with connection info).
- *
- */
-void AttachToThreadRO(void);
-void AttachToThreadRW(void);
-void DetachFromThread(void);
-
-} // namespace ValidationCore
-
-#endif // _VCORE_SRC_VCORE_VCORE_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file VCore.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _VCORE_SRC_VCORE_VCOREPRIVATE_H_
-#define _VCORE_SRC_VCORE_VCOREPRIVATE_H_
-
-#include <string>
-#include <VCore.h>
-namespace ValidationCore {
-} // namespace ValidationCore
-
-#endif // _VCORE_SRC_VCORE_VCORE_H_
-
#include <vcore/Certificate.h>
#include <vcore/CertificateConfigReader.h>
-#include <vcore/Config.h>
#include <dpl/log/log.h>
#include <string>
static bool initialized = false;
if (!initialized) {
CertificateConfigReader reader;
- std::string file =
- ConfigSingleton::Instance().getXMLConfigPath();
+ std::string file(FINGERPRINT_LIST_PATH);
LogDebug("File with fingerprint list is : " << file);
- std::string schema =
- ConfigSingleton::Instance().getXMLSchemaPath();
+ std::string schema(FINGERPRINT_LIST_SCHEMA_PATH);
LogDebug("File with fingerprint list schema is : " << schema);
reader.initialize(file, schema);
reader.read(certificateIdentifier);
#include <string>
#include <vector>
-#include <glib-object.h>
-
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/x509v3.h>
m_allocatedStringSet.clear();
}
- inline int addCert(const CertificatePtr &cert) {
+ inline size_t addCert(const CertificatePtr &cert) {
m_certificateMap[m_certificateCounter] = cert;
return m_certificateCounter++;
}
inline int getCertFromList(
const CertSvcCertificateList &handler,
- int position,
+ size_t position,
CertSvcCertificate *certificate)
{
auto iter = m_idListMap.find(handler.privateHandler);
if (iter == m_idListMap.end()) {
return CERTSVC_WRONG_ARGUMENT;
}
- if (position >= static_cast<int>(iter->second.size())) {
+ if (position >= iter->second.size()) {
return CERTSVC_WRONG_ARGUMENT;
}
certificate->privateInstance = handler.privateInstance;
return CERTSVC_SUCCESS;
}
- inline int getCertListLen(const CertSvcCertificateList &handler, int *len) {
+ inline int getCertListLen(const CertSvcCertificateList &handler, size_t *len) {
auto iter = m_idListMap.find(handler.privateHandler);
if (iter == m_idListMap.end() || !len) {
return CERTSVC_WRONG_ARGUMENT;
return CERTSVC_SUCCESS;
}
- char *cstring = new char[result.size()+1];
+ char *cstring = new char[result.size() + 1];
if (cstring == NULL) {
buffer->privateHandler = NULL;
buffer->privateLength = 0;
return CERTSVC_BAD_ALLOC;
}
- strncpy(cstring, result.c_str(), result.size()+1);
+ strncpy(cstring, result.c_str(), result.size() + 1);
buffer->privateHandler = cstring;
buffer->privateLength = result.size();
inline int getStringFromList(
const CertSvcStringList &handler,
- int position,
+ size_t position,
CertSvcString *buffer)
{
buffer->privateHandler = NULL;
if (iter == m_stringListMap.end()) {
return CERTSVC_WRONG_ARGUMENT;
}
- if (position >= (int)iter->second.size()) {
+ if (position >= iter->second.size()) {
return CERTSVC_WRONG_ARGUMENT;
}
const std::string &data = iter->second.at(position);
- int size = data.size();
- char *cstring = new char[size+1];
+ size_t size = data.size();
+ char *cstring = new char[size + 1];
if (!cstring) {
return CERTSVC_FAIL;
}
- strncpy(cstring, data.c_str(), data.size()+1);
+ strncpy(cstring, data.c_str(), size + 1);
buffer->privateHandler = cstring;
- buffer->privateLength = data.size();
+ buffer->privateLength = size;
buffer->privateInstance = handler.privateInstance;
m_allocatedStringSet.insert(cstring);
inline int getStringListLen(
const CertSvcStringList &handler,
- int *size)
+ size_t *size)
{
auto iter = m_stringListMap.find(handler.privateHandler);
if (iter == m_stringListMap.end()) {
return CERTSVC_WRONG_ARGUMENT;
}
- *size = (int) iter->second.size();
+ *size = iter->second.size();
return CERTSVC_SUCCESS;
}
const char *value,
CertSvcCertificateList *handler)
{
- int result;
search_field fieldId = SEARCH_FIELD_END;
- switch(field){
+ switch (field) {
case CERTSVC_SUBJECT:
fieldId = SUBJECT_STR;
break;
}
LogDebug("Match string : " << value);
- result = cert_svc_search_certificate(ctx.get(), fieldId, const_cast<char*>(value));
+ int result = cert_svc_search_certificate(ctx.get(), fieldId, const_cast<char*>(value));
LogDebug("Search finished!");
if (CERT_SVC_ERR_NO_ERROR != result) {
return CERTSVC_FAIL;
}
- cert_svc_filename_list *fileList = ctx.get()->fileNames;
- int listId = m_idListCounter++;
- std::vector<int> &list = m_idListMap[listId];
+ size_t listId = m_idListCounter++;
+ std::vector<size_t> &list = m_idListMap[listId];
handler->privateHandler = listId;
handler->privateInstance = instance;
- for(;fileList != NULL; fileList = fileList->next) {
+ cert_svc_filename_list *fileList = ctx.get()->fileNames;
+ while (fileList) {
ScopedCertCtx ctx2(cert_svc_cert_context_init(),
cert_svc_cert_context_final);
if (ctx2.get() == NULL) {
LogWarning("Error in cert_svc_load_file_to_context");
return CERTSVC_FAIL;
}
- int certId = addCert(CertificatePtr(new Certificate(*(ctx2.get()->certBuf))));
- list.push_back(certId);
+
+ list.push_back(addCert(CertificatePtr(new Certificate(*(ctx2.get()->certBuf)))));
+
+ fileList = fileList->next;
}
return CERTSVC_SUCCESS;
}
- inline int sortCollection(CertSvcCertificate *certificate_array, int size) {
+ inline int sortCollection(CertSvcCertificate *certificate_array, size_t size) {
if (size < 2) {
return CERTSVC_WRONG_ARGUMENT;
}
- for(int i=1; i<size; ++i) {
- if (certificate_array[i-1].privateInstance.privatePtr
+ for (size_t i = 1; i < size; ++i) {
+ if (certificate_array[i - 1].privateInstance.privatePtr
!= certificate_array[i].privateInstance.privatePtr)
{
return CERTSVC_WRONG_ARGUMENT;
}
CertificateList certList;
- std::map<Certificate*,int> translator;
+ std::map<Certificate*, size_t> translator;
- for(int i=0; i<size; ++i) {
- int pos = certificate_array[i].privateHandler;
+ for (size_t i = 0; i < size; ++i) {
+ size_t pos = certificate_array[i].privateHandler;
auto cert = m_certificateMap.find(pos);
if (cert == m_certificateMap.end()) {
return CERTSVC_WRONG_ARGUMENT;
auto chain = collection.getChain();
- int i=0;
- for (auto iter = chain.begin(); iter != chain.end() && i<size; ++iter, ++i) {
- certificate_array[i].privateHandler = translator[iter->get()];
- }
+ size_t i = 0;
+ for (const auto &cert : collection.getChain())
+ certificate_array[i++].privateHandler = translator[cert.get()];
return CERTSVC_SUCCESS;
}
if (it == m_certificateMap.end()) {
return CERTSVC_WRONG_ARGUMENT;
}
- FILE *out;
- if (NULL == (out = fopen(location, "w"))) {
+ FILE *out = fopen(location, "w");
+ if (out == NULL) {
return CERTSVC_FAIL;
}
if (0 == i2d_X509_fp(out, it->second->getX509())) {
inline int stringNew(
CertSvcInstance &instance,
const char *str,
- int size,
+ size_t size,
CertSvcString *output)
{
- if (!output || size < 0) {
+ if (!output) {
return CERTSVC_WRONG_ARGUMENT;
}
- int allocSize = size;
+ size_t allocSize = size;
- if (allocSize == 0 || str[allocSize-1] != 0)
+ if (allocSize == 0 || str[allocSize - 1] != 0)
allocSize++;
char *ptr = new char[allocSize];
- if(ptr == NULL) {
+ if (ptr == NULL)
return CERTSVC_BAD_ALLOC;
- }
+
memcpy(ptr, str, size);
- ptr[allocSize-1] = 0;
+ ptr[allocSize - 1] = 0;
output->privateHandler = ptr;
output->privateLength = size;
inline int certificateVerify(
CertSvcCertificate certificate,
- CertSvcCertificate *trusted,
- int trustedSize,
- CertSvcCertificate *untrusted,
- int untrustedSize,
+ const CertSvcCertificate *trusted,
+ size_t trustedSize,
+ const CertSvcCertificate *untrusted,
+ size_t untrustedSize,
int checkCaFlag,
int *status)
{
X509_STORE *store = X509_STORE_new();
STACK_OF(X509) *ustore = sk_X509_new_null();
- for (int i=0; i<trustedSize; ++i) {
+ for (size_t i = 0; i < trustedSize; ++i) {
auto iter = m_certificateMap.find(trusted[i].privateHandler);
if (iter == m_certificateMap.end()) {
X509_STORE_free(store);
sk_X509_free(ustore);
return CERTSVC_WRONG_ARGUMENT;
}
+
X509_STORE_add_cert(store, iter->second->getX509());
}
- for (int i=0; i<untrustedSize; ++i) {
+ for (size_t i = 0; i < untrustedSize; ++i) {
auto iter = m_certificateMap.find(untrusted[i].privateHandler);
if (iter == m_certificateMap.end()) {
X509_STORE_free(store);
sk_X509_free(ustore);
return CERTSVC_WRONG_ARGUMENT;
}
+
if (sk_X509_push(ustore, iter->second->getX509()) == 0)
- {
break;
- }
}
+
X509_STORE_CTX context;
X509_STORE_CTX_init(&context, store, cert, ustore);
int result = X509_verify_cert(&context);
- if(result == 1 && checkCaFlag) { // check strictly
+ if (result == 1 && checkCaFlag) { // check strictly
STACK_OF(X509) *resultChain = X509_STORE_CTX_get1_chain(&context);
X509* tmpCert = NULL;
int caFlagValidity;
- while((tmpCert = sk_X509_pop(resultChain))) {
+ while ((tmpCert = sk_X509_pop(resultChain))) {
caFlagValidity = X509_check_ca(tmpCert);
- if(caFlagValidity != 1 && (tmpCert = sk_X509_pop(resultChain)) != NULL) { // the last one is not a CA.
+ if (caFlagValidity != 1 && (tmpCert = sk_X509_pop(resultChain)) != NULL) {
+ // the last one is not a CA.
result = 0;
break;
}
return CERTSVC_SUCCESS;
}
- int getVisibility(CertSvcCertificate certificate, int* visibility)
+ int getVisibility(CertSvcCertificate certificate, CertSvcVisibility *visibility)
{
int ret = CERTSVC_FAIL;
//xmlChar *xmlPathCertificateSet = (xmlChar*) "CertificateSet"; /*unused variable*/
return ret;
}
- inline int pkcsNameIsUnique(
- CertSvcString pfxIdString,
- int *is_unique)
- {
- gboolean exists;
- int result = c_certsvc_pkcs12_alias_exists(pfxIdString.privateHandler, &exists);
- *is_unique = !exists;
- return result;
- }
-
- inline int pkcsImport(
- CertSvcString path,
- CertSvcString pass,
- CertSvcString pfxIdString)
- {
- return c_certsvc_pkcs12_import(path.privateHandler, pass.privateHandler, pfxIdString.privateHandler);
- }
-
inline int pkcsNameIsUniqueInStore(
CertStoreType storeType,
CertSvcString pfxIdString,
int *is_unique)
{
- int result = c_certsvc_pkcs12_alias_exists_in_store(storeType, pfxIdString.privateHandler, is_unique);
- return result;
+ return c_certsvc_pkcs12_alias_exists_in_store(storeType, pfxIdString.privateHandler, is_unique);
}
inline int getCertDetailFromStore(CertStoreType storeType,
CertSvcString gname,
- char** certBuffer,
- size_t* certSize)
+ char **certBuffer,
+ size_t *certSize)
{
return c_certsvc_pkcs12_get_certificate_buffer_from_store(storeType, gname.privateHandler, certBuffer, certSize);
}
return c_certsvc_pkcs12_delete_certificate_from_store(storeType, gname.privateHandler);
}
- inline int getPkcsIdList(
- CertSvcInstance &instance,
- CertSvcStringList *handler)
- {
- gchar **aliases;
- gsize i, naliases;
- std::vector<std::string> output;
- int result;
-
- result = c_certsvc_pkcs12_aliases_load(&aliases, &naliases);
- if(result != CERTSVC_SUCCESS)
- return result;
- for(i = 0; i < naliases; i++)
- output.push_back(std::string(aliases[i]));
- c_certsvc_pkcs12_aliases_free(aliases);
-
- int position = m_stringListCounter++;
- m_stringListMap[position] = output;
-
- handler->privateHandler = position;
- handler->privateInstance = instance;
- return CERTSVC_SUCCESS;
- }
-
inline int pkcsHasPassword(
CertSvcString filepath,
int *has_password)
{
- return c_certsvc_pkcs12_has_password(filepath.privateHandler, has_password);
- }
-
- inline int getPkcsPrivateKey(
- CertSvcString pfxIdString,
- char **buffer,
- size_t *size)
- {
- return c_certsvc_pkcs12_private_key_load(pfxIdString.privateHandler, buffer, size);
- }
-
- inline int getPkcsCertificateList(
- CertSvcInstance &instance,
- CertSvcString &pfxIdString,
- CertSvcCertificateList *handler)
- {
- gchar **certs;
- gsize i, ncerts;
- std::vector<CertificatePtr> certPtrVector;
- std::vector<int> listId;
- int result;
-
- result = c_certsvc_pkcs12_load_certificates(pfxIdString.privateHandler, &certs, &ncerts);
- if(result != CERTSVC_SUCCESS)
- return result;
- for(i = 0; i < ncerts; i++) {
- ScopedCertCtx context(cert_svc_cert_context_init(), cert_svc_cert_context_final);
- if(cert_svc_load_file_to_context(context.get(), certs[i]) != CERT_SVC_ERR_NO_ERROR) {
- c_certsvc_pkcs12_free_certificates(certs);
- return CERTSVC_IO_ERROR;
- }
- else
- certPtrVector.push_back(CertificatePtr(new Certificate(*(context->certBuf))));
- }
- if(ncerts > 0)
- c_certsvc_pkcs12_free_certificates(certs);
-
- FOREACH(it, certPtrVector) {
- listId.push_back(addCert(*it));
- }
-
- int position = m_idListCounter++;
- m_idListMap[position] = listId;
-
- handler->privateInstance = instance;
- handler->privateHandler = position;
-
- return result;
- }
-
- inline int pkcsDelete(CertSvcString pfxIdString)
- {
- return c_certsvc_pkcs12_delete(pfxIdString.privateHandler);
+ return c_certsvc_pkcs12_has_password(filepath.privateHandler, has_password);
}
inline int pkcsImportToStore(
inline int pkcsGetCertStatusFromStore(
CertStoreType storeType,
CertSvcString gname,
- int *status)
+ CertStatus *status)
{
return c_certsvc_pkcs12_get_certificate_status_from_store(storeType, gname.privateHandler, status);
}
inline int getCertFromStore(CertSvcInstance instance,
CertStoreType storeType,
- char *gname,
+ const char *gname,
CertSvcCertificate *certificate)
{
return certsvc_get_certificate(instance, storeType, gname, certificate);
CertStoreType storeType,
int is_root_app,
CertSvcStoreCertList** certList,
- int* length)
+ size_t *length)
{
return c_certsvc_pkcs12_get_certificate_list_from_store(storeType, is_root_app, certList, length);
}
inline int getPkcsIdEndUserListFromStore(
CertStoreType storeType,
CertSvcStoreCertList** certList,
- int* length)
+ size_t *length)
{
return c_certsvc_pkcs12_get_end_user_certificate_list_from_store(storeType, certList, length);
}
inline int getPkcsIdRootListFromStore(
CertStoreType storeType,
CertSvcStoreCertList** certList,
- int* length)
+ size_t *length)
{
return c_certsvc_pkcs12_get_root_certificate_list_from_store(storeType, certList, length);
}
CertSvcString &pfxIdString,
CertSvcCertificateList *handler)
{
- char **certs;
- gsize i, ncerts;
- std::vector<CertificatePtr> certPtrVector;
- std::vector<int> listId;
- char *certBuffer = NULL;
- size_t certLength = 0;
- CertSvcString Alias;
- char* header = NULL;
- char* trailer = NULL;
- const char* headEnd = NULL;
- const char* tailEnd = NULL;
- int length = 0;
- int result;
-
- result = c_certsvc_pkcs12_load_certificates_from_store(storeType, pfxIdString.privateHandler, &certs, &ncerts);
+ char **certs = NULL;
+ size_t ncerts = 0;
+ int result = c_certsvc_pkcs12_load_certificates_from_store(storeType, pfxIdString.privateHandler, &certs, &ncerts);
if (result != CERTSVC_SUCCESS) {
LogError("Unable to load certificates from store.");
return result;
}
- for (i = 0; i < ncerts; i++) {
+ std::vector<CertificatePtr> certPtrVector;
+ CertSvcString Alias;
+ for (size_t i = 0; i < ncerts; i++) {
Alias.privateHandler = certs[i];
Alias.privateLength = strlen(certs[i]);
+ char *certBuffer = NULL;
+ size_t certLength = 0;
result = certsvc_pkcs12_get_certificate_info_from_store(instance, storeType, Alias, &certBuffer, &certLength);
if (result != CERTSVC_SUCCESS || !certBuffer) {
LogError("Failed to get certificate buffer.");
return CERTSVC_FAIL;
}
- header = strstr(certBuffer, START_CERT);
- headEnd = START_CERT;
+ const char *header = strstr(certBuffer, START_CERT);
+ const char *headEnd = START_CERT;
+ const char *trailer = NULL;
+ const char *tailEnd = NULL;
if (!header) {
// START_CERT not found. let's find START_TRUSTED.
header = strstr(certBuffer, START_TRUSTED);
return CERTSVC_FAIL;
}
- length = ((1 + strlen(header)) - (strlen(headEnd) + strlen(tailEnd) + 1));
+ size_t length = ((1 + strlen(header)) - (strlen(headEnd) + strlen(tailEnd) + 1));
std::string tmpBuffer(certBuffer);
- tmpBuffer = tmpBuffer.substr(strlen(headEnd),length);
+ tmpBuffer = tmpBuffer.substr(strlen(headEnd), length);
std::string binary(tmpBuffer.c_str(), length);
- Certificate::FormType formType = Certificate::FORM_BASE64;
- certPtrVector.push_back(CertificatePtr(new Certificate(binary, formType)));
+ certPtrVector.push_back(CertificatePtr(new Certificate(binary, Certificate::FORM_BASE64)));
free(certBuffer);
- certBuffer = NULL;
}
if (ncerts > 0)
c_certsvc_pkcs12_free_certificates(certs);
- FOREACH(it, certPtrVector) {
- listId.push_back(addCert(*it));
- }
+ std::vector<size_t> listId;
+ for (const auto &cert : certPtrVector)
+ listId.push_back(addCert(cert));
- int position = m_idListCounter++;
+ size_t position = m_idListCounter++;
m_idListMap[position] = listId;
handler->privateInstance = instance;
}
private:
- int m_certificateCounter;
- std::map<int, CertificatePtr> m_certificateMap;
+ size_t m_certificateCounter;
+ std::map<size_t, CertificatePtr> m_certificateMap;
- int m_idListCounter;
- std::map<int, std::vector<int> > m_idListMap;
+ size_t m_idListCounter;
+ std::map<size_t, std::vector<size_t> > m_idListMap;
- int m_stringListCounter;
- std::map<int, std::vector<std::string> > m_stringListMap;
+ size_t m_stringListCounter;
+ std::map<size_t, std::vector<std::string> > m_stringListMap;
std::set<char *> m_allocatedStringSet;
};
int certsvc_certificate_new_from_memory(
CertSvcInstance instance,
const unsigned char *memory,
- int len,
+ size_t len,
CertSvcCertificateForm form,
CertSvcCertificate *certificate)
{
int certsvc_certificate_list_get_one(
CertSvcCertificateList handler,
- int position,
+ size_t position,
CertSvcCertificate *certificate)
{
return impl(handler.privateInstance)->
- getCertFromList(handler,position, certificate);
+ getCertFromList(handler, position, certificate);
}
int certsvc_certificate_list_get_length(
CertSvcCertificateList handler,
- int *size)
+ size_t *size)
{
return impl(handler.privateInstance)->getCertListLen(handler, size);
}
int certsvc_string_list_get_one(
CertSvcStringList handler,
- int position,
+ size_t position,
CertSvcString *buffer)
{
try {
int certsvc_string_list_get_length(
CertSvcStringList handler,
- int *size)
+ size_t *size)
{
return impl(handler.privateInstance)->getStringListLen(handler, size);
}
void certsvc_string_to_cstring(
CertSvcString string,
const char **buffer,
- int *len)
+ size_t *len)
{
if (buffer) {
*buffer = string.privateHandler;
int certsvc_certificate_chain_sort(
CertSvcCertificate *certificate_array,
- int size)
+ size_t size)
{
try {
if (!certificate_array) {
X509_free(x509);
}
-int certsvc_pkcs12_dup_evp_pkey(
- CertSvcInstance instance,
- CertSvcString alias,
- EVP_PKEY** pkey)
-{
- char *buffer;
- size_t size;
-
- int result = certsvc_pkcs12_private_key_dup(
- instance,
- alias,
- &buffer,
- &size);
-
- if (result != CERTSVC_SUCCESS) {
- LogError("Error in certsvc_pkcs12_private_key_dup");
- return result;
- }
-
- BIO *b = BIO_new(BIO_s_mem());
-
- if ((int)size != BIO_write(b, buffer, size)) {
- LogError("Error in BIO_write");
- BIO_free_all(b);
- certsvc_pkcs12_private_key_free(buffer);
- return CERTSVC_FAIL;
- }
-
- certsvc_pkcs12_private_key_free(buffer);
-
- *pkey = PEM_read_bio_PrivateKey(b, NULL, NULL, NULL);
-
- BIO_free_all(b);
-
- if (*pkey) {
- return CERTSVC_SUCCESS;
- }
-
- LogError("Result is null. Openssl REASON code is : " << ERR_GET_REASON(ERR_peek_last_error()));
-
- return CERTSVC_FAIL;
-}
-
void certsvc_pkcs12_free_evp_pkey(EVP_PKEY* pkey)
{
EVP_PKEY_free(pkey);
int certsvc_string_new(
CertSvcInstance instance,
const char *url,
- int size,
+ size_t size,
CertSvcString *output)
{
try {
int certsvc_string_not_managed(
CertSvcInstance instance,
const char *url,
- int size,
+ size_t size,
CertSvcString *output)
{
if (!output) {
int certsvc_certificate_verify(
CertSvcCertificate certificate,
- CertSvcCertificate *trusted,
- int trustedSize,
- CertSvcCertificate *untrusted,
- int untrustedSize,
+ const CertSvcCertificate *trusted,
+ size_t trustedSize,
+ const CertSvcCertificate *untrusted,
+ size_t untrustedSize,
int *status)
{
try {
- int check_caflag_false = 0;
return impl(certificate.privateInstance)->certificateVerify(
certificate,
trusted,
trustedSize,
untrusted,
untrustedSize,
- check_caflag_false,
+ 0,
status);
} catch (...) {}
return CERTSVC_FAIL;
int certsvc_certificate_verify_with_caflag(
CertSvcCertificate certificate,
- CertSvcCertificate *trusted,
- int trustedSize,
- CertSvcCertificate *untrusted,
- int untrustedSize,
+ const CertSvcCertificate *trusted,
+ size_t trustedSize,
+ const CertSvcCertificate *untrusted,
+ size_t untrustedSize,
int *status)
{
try {
- int check_caflag_true = 1;
return impl(certificate.privateInstance)->certificateVerify(
certificate,
trusted,
trustedSize,
untrusted,
untrustedSize,
- check_caflag_true,
+ 1,
status);
} catch (...) {}
return CERTSVC_FAIL;
}
-int certsvc_certificate_get_visibility(CertSvcCertificate certificate, int* visibility)
+int certsvc_certificate_get_visibility(CertSvcCertificate certificate, CertSvcVisibility *visibility)
{
try {
return impl(certificate.privateInstance)->getVisibility(certificate, visibility);
return CERTSVC_FAIL;
}
-int certsvc_pkcs12_alias_exists(CertSvcInstance instance,
- CertSvcString pfxIdString,
- int *is_unique)
-{
- try {
- return impl(instance)->pkcsNameIsUnique(pfxIdString, is_unique);
- } catch (...) {}
- return CERTSVC_FAIL;
-}
-
-int certsvc_pkcs12_import_from_file(CertSvcInstance instance,
- CertSvcString path,
- CertSvcString password,
- CertSvcString pfxIdString)
-{
- try {
- return impl(instance)->pkcsImport(path, password, pfxIdString);
- } catch (...) {}
- return CERTSVC_FAIL;
-}
-
int certsvc_get_certificate(CertSvcInstance instance,
CertStoreType storeType,
- char *gname,
+ const char *gname,
CertSvcCertificate *certificate)
{
int result = CERTSVC_SUCCESS;
}
int certsvc_pkcs12_free_certificate_list_loaded_from_store(CertSvcInstance instance,
- CertSvcStoreCertList** certList)
+ CertSvcStoreCertList **certList)
{
- if (*certList == NULL) {
+ if (certList == NULL || *certList == NULL) {
LogError("Invalid input parameter.");
return CERTSVC_WRONG_ARGUMENT;
}
int certsvc_pkcs12_get_certificate_list_from_store(CertSvcInstance instance,
CertStoreType storeType,
int is_root_app,
- CertSvcStoreCertList** certList,
- int* length)
+ CertSvcStoreCertList **certList,
+ size_t *length)
{
- if (*certList != NULL) {
+ if (certList == NULL || *certList != NULL) {
LogError("Invalid input parameter.");
return CERTSVC_WRONG_ARGUMENT;
}
int certsvc_pkcs12_get_end_user_certificate_list_from_store(CertSvcInstance instance,
CertStoreType storeType,
- CertSvcStoreCertList** certList,
- int* length)
+ CertSvcStoreCertList **certList,
+ size_t *length)
{
- if (*certList != NULL) {
+ if (certList == NULL || *certList != NULL) {
LogError("Invalid input parameter.");
return CERTSVC_WRONG_ARGUMENT;
}
int certsvc_pkcs12_get_root_certificate_list_from_store(CertSvcInstance instance,
CertStoreType storeType,
- CertSvcStoreCertList** certList,
- int* length)
+ CertSvcStoreCertList **certList,
+ size_t *length)
{
- if (*certList != NULL) {
+ if (certList == NULL || *certList != NULL) {
LogError("Invalid input parameter.");
return CERTSVC_WRONG_ARGUMENT;
}
int certsvc_pkcs12_get_certificate_info_from_store(CertSvcInstance instance,
CertStoreType storeType,
CertSvcString gname,
- char** certBuffer,
- size_t* certSize)
+ char **certBuffer,
+ size_t *certSize)
{
- if (*certBuffer != NULL) {
+ if (certBuffer == NULL || *certBuffer != NULL) {
LogError("Invalid input parameter.");
return CERTSVC_WRONG_ARGUMENT;
}
CertSvcInstance instance,
CertStoreType storeType,
CertSvcString gname,
- int *status)
+ CertStatus *status)
{
try {
if (!impl(instance)->checkValidStoreType(storeType)) {
int certsvc_pkcs12_get_certificate_from_store(CertSvcInstance instance,
CertStoreType storeType,
- char *gname,
+ const char *gname,
CertSvcCertificate *certificate)
{
try {
return CERTSVC_FAIL;
}
-int certsvc_pkcs12_get_id_list(
- CertSvcInstance instance,
- CertSvcStringList *pfxIdStringList)
-{
- try {
- return impl(instance)->getPkcsIdList(
- instance,
- pfxIdStringList);
- } catch (...) {}
- return CERTSVC_FAIL;
-}
-
int certsvc_pkcs12_has_password(
CertSvcInstance instance,
CertSvcString filepath,
return CERTSVC_FAIL;
}
-int certsvc_pkcs12_load_certificate_list(
- CertSvcInstance instance,
- CertSvcString pfxIdString,
- CertSvcCertificateList *certificateList)
-{
- try {
- return impl(instance)->getPkcsCertificateList(
- instance,
- pfxIdString,
- certificateList);
- } catch (...) {}
- return CERTSVC_FAIL;
-}
-
-int certsvc_pkcs12_private_key_dup(
- CertSvcInstance instance,
- CertSvcString pfxIdString,
- char **buffer,
- size_t *size)
-{
- try {
- return impl(instance)->getPkcsPrivateKey(pfxIdString, buffer, size);
- } catch (...) {}
- return CERTSVC_FAIL;
-}
-
-void certsvc_pkcs12_private_key_free(
- char *buffer)
+void certsvc_pkcs12_private_key_free(char *buffer)
{
free(buffer);
}
-int certsvc_pkcs12_delete(
- CertSvcInstance instance,
- CertSvcString pfxIdString)
-{
- try {
- return impl(instance)->pkcsDelete(pfxIdString);
- } catch (...) {}
- return CERTSVC_FAIL;
-}
-
memset(pData->dataBlock, 0, VCORE_MAX_RECV_DATA_SIZE);
memset(pData->common_name, 0, VCORE_MAX_FILENAME_SIZE * 2 + 1);
pData->dataBlockLen = 0;
- pData->certStatus = 0;
+ pData->certStatus = DISABLED;
pData->result = 0;
+ pData->isAliasUnique = 0;
pData->certList = NULL;
pData->certCount = 0;
pData->certBlockList = NULL;
memset(pData->private_key_gname, 0, VCORE_MAX_FILENAME_SIZE+1);
memset(pData->associated_gname, 0, VCORE_MAX_FILENAME_SIZE+1);
memset(pData->dataBlock, 0, VCORE_MAX_SEND_DATA_SIZE);
- pData->certStatus = 0;
- pData->storeType = -1;
+ pData->certStatus = DISABLED;
+ pData->storeType = NONE_STORE;
pData->reqType = -1;
- pData->dataBlockLen = -1;
+ pData->dataBlockLen = 0;
pData->is_root_app = -1;
}
const char *pData,
size_t dataLen,
CertType certType,
- int certStatus)
+ CertStatus certStatus)
{
VcoreRequestData* pReqData = (VcoreRequestData*)malloc(sizeof(VcoreRequestData));
if (!pReqData) {
int clientLen = 0;
int tempSockLen = 0;
int read_len = 0;
- int i = 0;
+ size_t i = 0;
struct sockaddr_un clientaddr;
VcoreResponseData recvData;
initialize_res_data(&recvData);
return recvData.result;
}
-int vcore_client_get_certificate_status_from_store(CertStoreType storeType, const char* gname, int *status) {
+int vcore_client_get_certificate_status_from_store(CertStoreType storeType, const char* gname, CertStatus *status) {
VcoreRequestData* pSendData = NULL;
VcoreResponseData recvData;
return recvData.result;
}
-int vcore_client_check_alias_exist_in_store(CertStoreType storeType, const char* alias, int *status) {
+int vcore_client_check_alias_exist_in_store(CertStoreType storeType, const char* alias, int *isUnique) {
VcoreRequestData* pSendData = NULL;
VcoreResponseData recvData;
recvData = cert_svc_client_comm(pSendData);
free(pSendData);
- *status = recvData.certStatus;
+ *isUnique = recvData.isAliasUnique;
return recvData.result;
}
}
int _vcore_client_get_certificate_list_from_store(int reqType, CertStoreType storeType, int is_root_app,
- CertSvcStoreCertList** certList, int* length)
+ CertSvcStoreCertList **certList, size_t *length)
{
VcoreRequestData* pSendData = NULL;
VcoreResponseData recvData;
CertSvcStoreCertList* curr = NULL;
CertSvcStoreCertList* prev = NULL;
VcoreCertResponseData* cert = NULL;
- int tmplen = 0;
- int i=0;
+ size_t tmplen = 0;
+ size_t i=0;
initialize_res_data(&recvData);
}
int vcore_client_get_certificate_list_from_store(CertStoreType storeType, int is_root_app,
- CertSvcStoreCertList** certList, int* length)
+ CertSvcStoreCertList** certList, size_t *length)
{
return _vcore_client_get_certificate_list_from_store(CERTSVC_GET_CERTIFICATE_LIST, storeType, is_root_app,
certList, length);
}
int vcore_client_get_root_certificate_list_from_store(CertStoreType storeType,
- CertSvcStoreCertList** certList, int* length)
+ CertSvcStoreCertList **certList, size_t *length)
{
return _vcore_client_get_certificate_list_from_store(CERTSVC_GET_ROOT_CERTIFICATE_LIST, storeType, 0,
certList, length);
}
int vcore_client_get_end_user_certificate_list_from_store(CertStoreType storeType,
- CertSvcStoreCertList** certList, int* length)
+ CertSvcStoreCertList **certList, size_t *length)
{
return _vcore_client_get_certificate_list_from_store(CERTSVC_GET_USER_CERTIFICATE_LIST, storeType, 0,
certList, length);
return recvData.result;
}
-int vcore_client_load_certificates_from_store(CertStoreType storeType, const char *gname, char ***certs, int *ncerts)
+int vcore_client_load_certificates_from_store(CertStoreType storeType, const char *gname, char ***certs, size_t *ncerts)
{
VcoreRequestData* pSendData = NULL;
VcoreResponseData recvData;
ResponseCertBlock* cert = NULL;
- int i=0;
+ size_t i = 0;
initialize_res_data(&recvData);
pSendData = set_request_data(CERTSVC_LOAD_CERTIFICATES, storeType, DISABLED, gname, NULL, NULL, NULL, NULL, 0, 0, 0);
* @file cert-svc-client.h
* @author Madhan A K (madhan.ak@samsung.com)
* @version 1.0
- * @brief cert-svc client interface for cert-svc server present in secure-storage module.
+ * @brief cert-svc client interface for cert-server.
*/
#ifndef CERT_SVC_CLIENT_H_
char associated_gname[VCORE_MAX_FILENAME_SIZE * 2 + 1]; /* for associated_gname */
char dataBlock[VCORE_MAX_SEND_DATA_SIZE]; /* for cert & key buffer */
size_t dataBlockLen;
- int certStatus;
+ CertStatus certStatus;
int is_root_app;
CertType certType;
} VcoreRequestData;
typedef struct {
char gname[VCORE_MAX_FILENAME_SIZE * 2 + 1];
char title[VCORE_MAX_FILENAME_SIZE * 2 + 1];
- int status;
+ CertStatus status;
CertStoreType storeType;
} VcoreCertResponseData;
typedef struct {
char dataBlock[VCORE_MAX_RECV_DATA_SIZE];
size_t dataBlockLen;
- int certStatus;
+ CertStatus certStatus;
char common_name[VCORE_MAX_FILENAME_SIZE* 2 + 1]; /*for common_name*/
int result;
- int certCount;
+ int isAliasUnique;
+ size_t certCount;
VcoreCertResponseData* certList;
- int certBlockCount;
+ size_t certBlockCount;
ResponseCertBlock* certBlockList; // array
} VcoreResponseData;
-int vcore_client_set_certificate_status_to_store(CertStoreType storeType, int is_root_app, const char* gname, CertStatus status);
-int vcore_client_get_certificate_status_from_store(CertStoreType storeType, const char* gname, int *status);
-int vcore_client_check_alias_exist_in_store(CertStoreType storeType, const char* alias, int *status);
+int vcore_client_set_certificate_status_to_store(CertStoreType storeType, int is_root_app, const char *gname, CertStatus status);
+int vcore_client_get_certificate_status_from_store(CertStoreType storeType, const char *gname, CertStatus *status);
+int vcore_client_check_alias_exist_in_store(CertStoreType storeType, const char *alias, int *isUnique);
int vcore_client_install_certificate_to_store(CertStoreType storeType, const char *gname, const char *common_name, const char *private_key_gname, const char *associated_gname, const char *dataBlock, size_t dataBlockLen, CertType certType);
-int vcore_client_get_certificate_from_store(CertStoreType storeType, const char* gname, char** certData, size_t* certSize, CertType certType);
-int vcore_client_delete_certificate_from_store(CertStoreType storeType, const char* gname);
-VcoreResponseData cert_svc_client_comm(VcoreRequestData* client_data);
-int vcore_client_get_certificate_list_from_store(CertStoreType storeType, int is_root_app, CertSvcStoreCertList** certList, int* length);
-int vcore_client_get_root_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, int* length);
-int vcore_client_get_end_user_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, int* length);
+int vcore_client_get_certificate_from_store(CertStoreType storeType, const char *gname, char **certData, size_t *certSize, CertType certType);
+int vcore_client_delete_certificate_from_store(CertStoreType storeType, const char *gname);
+VcoreResponseData cert_svc_client_comm(VcoreRequestData *client_data);
+int vcore_client_get_certificate_list_from_store(CertStoreType storeType, int is_root_app, CertSvcStoreCertList **certList, size_t *length);
+int vcore_client_get_root_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList **certList, size_t *length);
+int vcore_client_get_end_user_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList **certList, size_t *length);
int vcore_client_get_certificate_alias_from_store(CertStoreType storeType, const char *gname, char **alias);
-int vcore_client_load_certificates_from_store(CertStoreType storeType, const char *gname, char ***certs, int *ncerts);
+int vcore_client_load_certificates_from_store(CertStoreType storeType, const char *gname, char ***certs, size_t *ncerts);
#ifdef __cplusplus
}
* limitations under the License.
*/
/*
- * @file pkcs12.h
+ * @file pkcs12.cpp
* @author Jacek Migacz (j.migacz@samsung.com)
+ * @author Kyungwook Tak (k.tak@samsung.com)
* @version 1.0
* @brief PKCS#12 container manipulation routines.
*/
#include <fcntl.h>
#include <errno.h>
#include <string.h>
-#include <dirent.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <openssl/err.h>
#include <openssl/sha.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
-#include <db-util.h>
-
-#include <ss_manager.h>
#include <cert-service.h>
-#include <cert-service-util.h>
#include <cert-service-debug.h>
#include <cert-svc/cerror.h>
#include <cert-svc-client.h>
#define START_KEY "-----BEGIN PRIVATE KEY-----"
#define END_KEY "-----END PRIVATE KEY-----"
-#define CERTSVC_PKCS12_STORAGE_FILE "storage"
-
-#define CERTSVC_PKCS12_STORAGE_PATH CERTSVC_PKCS12_STORAGE_DIR "/" CERTSVC_PKCS12_STORAGE_FILE
-
-#define MAX_BUFFER_SIZE 16;
#define _CERT_SVC_VERIFY_PKCS12
-static const char CERTSVC_PKCS12_STORAGE_KEY_PKEY[] = "pkey";
-static const char CERTSVC_PKCS12_STORAGE_KEY_CERTS[] = "certs";
-static const gchar CERTSVC_PKCS12_STORAGE_SEPARATOR = ';';
-static const char CERTSVC_PKCS12_UNIX_GROUP[] = "secure-storage::pkcs12";
-
-sqlite3 *cert_store_db = NULL;
-
-static gboolean keyfile_check(const char *pathname) {
- int result;
- if(access(pathname, F_OK | R_OK | W_OK) == 0)
- return TRUE;
- SYSCALL(result = creat(pathname, S_IRUSR | S_IWUSR));
- if (result != -1) {
- result = close(result);
- if(result == -1)
- SLOGD("Failed to close, errno : %d", errno);
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-static GKeyFile *keyfile_load(const char *pathname) {
- GKeyFile *keyfile;
- GError *error;
-
- if(!keyfile_check(pathname))
- return NULL;
- keyfile = g_key_file_new();
- error = NULL;
- if(!g_key_file_load_from_file(keyfile, pathname, G_KEY_FILE_KEEP_COMMENTS, &error)) {
- g_key_file_free(keyfile);
- return NULL;
- }
- return keyfile;
-}
-
-static int generate_random_filepath(char **filepath) {
+static int generate_random_filepath(char **filepath)
+{
int generator;
int64_t random;
SHA_CTX ctx;
return (result != -1) ? CERTSVC_SUCCESS : CERTSVC_BAD_ALLOC;
}
-static int unique_filename(char **filepath, gboolean with_secure_storage) {
- unsigned trial = 0x00U;
+static int unique_filename(char **filepath)
+{
int result;
- ssm_file_info_t sfi;
- int exists = 1;
- for (; trial < 0xFFU; ++trial) {
+ for (unsigned trial = 0x00U; trial < 0xFFU; ++trial) {
result = generate_random_filepath(filepath);
- if(result != CERTSVC_SUCCESS)
- return result;
-
- exists = (access(*filepath, F_OK) == 0);
-
- if (with_secure_storage)
- exists |= (ssm_getinfo(*filepath, &sfi, SSM_FLAG_DATA, CERTSVC_PKCS12_UNIX_GROUP) == 0);
+ if (result != CERTSVC_SUCCESS)
+ return result;
- /* find unique filename */
- if(!exists)
- return CERTSVC_SUCCESS;
+ result = access(*filepath, F_OK);
+ if (result != 0)
+ return CERTSVC_SUCCESS;
free(*filepath);
}
return CERTSVC_FAIL;
}
-static char *bare_filename(char *filepath) {
+static char *bare_filename(char *filepath)
+{
char *needle;
if(!filepath)
return NULL;
return *(++needle) ? needle : NULL;
}
-int read_from_file(const char *fileName, char **certBuffer, int *length) {
-
+int read_from_file(const char *fileName, char **certBuffer, int *length)
+{
int result = CERTSVC_SUCCESS;
FILE *fp_out = NULL;
int certLength = 0;
return result;
}
-int open_db(sqlite3 **db_handle, const char *db_path) {
-
- int result = -1;
- sqlite3 *handle;
-
- if (access(db_path, F_OK) == 0) {
- result = db_util_open(db_path, &handle, 0);
- if (result != SQLITE_OK) {
- SLOGE("connect to db [%s] failed!", db_path);
- return CERTSVC_FAIL;
- }
- *db_handle = handle;
- return CERTSVC_SUCCESS;
- }
- SLOGD("%s DB does not exists. Create one!!", db_path);
-
- result = db_util_open(db_path, &handle, 0);
- if (result != SQLITE_OK) {
- SLOGE("connect to db [%s] failed!", db_path);
- return CERTSVC_FAIL;
- }
- *db_handle = handle;
- return CERTSVC_SUCCESS;
-}
-
-int initialize_db() {
-
- int result = CERTSVC_SUCCESS;
- if (cert_store_db == NULL) {
- result = open_db(&cert_store_db, CERTSVC_SYSTEM_STORE_DB);
- if (result != CERTSVC_SUCCESS)
- SLOGE("Certsvc store DB creation failed");
- }
- return result;
-}
-
-int execute_select_query(char *query, sqlite3_stmt **stmt) {
-
- int result = CERTSVC_SUCCESS;
- sqlite3_stmt *stmts = NULL;
-
- if (cert_store_db != NULL) {
- sqlite3_close(cert_store_db);
- cert_store_db = NULL;
- }
-
- result = initialize_db();
- if (result != CERTSVC_SUCCESS) {
- SLOGE("Failed to initialise database.");
- result = CERTSVC_IO_ERROR;
- goto error;
- }
-
- result = sqlite3_prepare_v2(cert_store_db, query, strlen(query), &stmts, NULL);
- if (result != SQLITE_OK) {
- SLOGE("sqlite3_prepare_v2 failed [%s].", query);
- result = CERTSVC_FAIL;
- goto error;
- }
-
- *stmt = stmts;
- result = CERTSVC_SUCCESS;
-
-error:
- return result;
-}
-
-int c_certsvc_pkcs12_set_certificate_status_to_store(CertStoreType storeType, int is_root_app, char* gname, CertStatus status) {
-
+int c_certsvc_pkcs12_set_certificate_status_to_store(CertStoreType storeType, int is_root_app, const char* gname, CertStatus status)
+{
return vcore_client_set_certificate_status_to_store(storeType, is_root_app, gname, status);
}
-int c_certsvc_pkcs12_get_certificate_buffer_from_store(CertStoreType storeType, char* gname, char** certBuffer, size_t* certSize) {
-
+int c_certsvc_pkcs12_get_certificate_buffer_from_store(CertStoreType storeType, const char* gname, char** certBuffer, size_t* certSize)
+{
return vcore_client_get_certificate_from_store(storeType, gname, certBuffer, certSize, PEM_CRT);
}
-int c_certsvc_pkcs12_get_certificate_status_from_store(CertStoreType storeType, const gchar *gname, int *status) {
-
+int c_certsvc_pkcs12_get_certificate_status_from_store(CertStoreType storeType, const char *gname, CertStatus *status)
+{
return vcore_client_get_certificate_status_from_store(storeType, gname, status);
}
-int c_certsvc_pkcs12_alias_exists_in_store(CertStoreType storeType, const gchar *alias, gboolean *exists) {
-
- return vcore_client_check_alias_exist_in_store(storeType, alias, exists);
+int c_certsvc_pkcs12_alias_exists_in_store(CertStoreType storeType, const char *alias, int *isUnique)
+{
+ return vcore_client_check_alias_exist_in_store(storeType, alias, isUnique);
}
-int c_certsvc_pkcs12_private_key_load_from_store(CertStoreType storeType, const gchar *gname, char **certBuffer, size_t *certSize) {
-
+int c_certsvc_pkcs12_private_key_load_from_store(CertStoreType storeType, const char *gname, char **certBuffer, size_t *certSize)
+{
return vcore_client_get_certificate_from_store(storeType, gname, certBuffer, certSize, (CertType)P12_PKEY);
}
-int c_certsvc_pkcs12_delete_certificate_from_store(CertStoreType storeType, const char* gname) {
-
- int result = CERTSVC_SUCCESS;
-
- result = vcore_client_delete_certificate_from_store(storeType, gname);
- if(result == CERTSVC_SUCCESS)
- SLOG(LOG_INFO, "MDM_LOG_USER", "Object=certificate, AccessType=Uninstall, Result=Succeed");
- else
- SLOG(LOG_INFO, "MDM_LOG_USER", "Object=certificate, AccessType=Uninstall, Result=Failed");
-
- return result;
+int c_certsvc_pkcs12_delete_certificate_from_store(CertStoreType storeType, const char* gname)
+{
+ return vcore_client_delete_certificate_from_store(storeType, gname);
}
-int c_certsvc_pkcs12_get_certificate_alias_from_store(CertStoreType storeType, const gchar *gname, char **alias) {
-
+int c_certsvc_pkcs12_get_certificate_alias_from_store(CertStoreType storeType, const char *gname, char **alias)
+{
return vcore_client_get_certificate_alias_from_store(storeType, gname, alias);
}
-int c_certsvc_pkcs12_load_certificates_from_store(CertStoreType storeType, const gchar *gname, gchar ***certs, gsize *ncerts) {
- return vcore_client_load_certificates_from_store(storeType, gname, (char ***)certs, (int *)ncerts);
+int c_certsvc_pkcs12_load_certificates_from_store(CertStoreType storeType, const char *gname, char ***certs, size_t *ncerts)
+{
+ return vcore_client_load_certificates_from_store(storeType, gname, certs, ncerts);
}
-int c_certsvc_pkcs12_free_aliases_loaded_from_store(CertSvcStoreCertList** certList) {
+int c_certsvc_pkcs12_free_aliases_loaded_from_store(CertSvcStoreCertList** certList)
+{
int result = CERTSVC_SUCCESS;
CertSvcStoreCertList* tmpNode = NULL;
- while (*certList!=NULL) {
+ while (*certList) {
tmpNode = *certList;
- if(tmpNode->title != NULL) { free(tmpNode->title); }
- if(tmpNode->gname != NULL) { free(tmpNode->gname); }
- (*certList) = (*certList)->next;
+ if (tmpNode->title)
+ free(tmpNode->title);
+ if (tmpNode->gname)
+ free(tmpNode->gname);
+ *certList = (*certList)->next;
free(tmpNode);
}
-
- if (cert_store_db != NULL) {
- sqlite3_close(cert_store_db);
- cert_store_db = NULL;
- }
- certList = NULL;
return result;
}
-int c_certsvc_pkcs12_get_root_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, int* length) {
+int c_certsvc_pkcs12_get_root_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, size_t *length)
+{
return vcore_client_get_root_certificate_list_from_store(storeType, certList, length);
}
-int c_certsvc_pkcs12_get_end_user_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, int* length) {
+int c_certsvc_pkcs12_get_end_user_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, size_t *length)
+{
return vcore_client_get_end_user_certificate_list_from_store(storeType, certList, length);
}
-int c_certsvc_pkcs12_get_certificate_list_from_store(CertStoreType storeType, int is_root_app, CertSvcStoreCertList** certList, int* length) {
+int c_certsvc_pkcs12_get_certificate_list_from_store(CertStoreType storeType, int is_root_app, CertSvcStoreCertList** certList, size_t *length)
+{
return vcore_client_get_certificate_list_from_store(storeType, is_root_app, certList, length);
}
-int install_pem_file_format_to_store(CertStoreType storeType, const char* certBuffer, int certLength, \
- const gchar *alias, const char* path, char *private_key_gname, gchar *associated_gname, CertType decideCert) {
-
+int install_pem_file_format_to_store(CertStoreType storeType, const char *certBuffer, size_t certLength,
+ const char *alias, const char* path, char *private_key_gname, char *associated_gname, CertType decideCert)
+{
int result = CERTSVC_SUCCESS;
int readCount = 0;
char* fileName = NULL;
}
if (decideCert == PEM_CRT) {
- result = unique_filename(&unique, FALSE);
+ result = unique_filename(&unique);
if (result != CERTSVC_SUCCESS) {
SLOGE("Fail to generate unique filename.");
return result;
int install_crt_file(
const char *path,
CertStoreType storeType,
- const gchar *alias,
+ const char *alias,
char *private_key_gname,
- gchar *associated_gname,
+ char *associated_gname,
CertType decideCert)
{
int result = CERTSVC_SUCCESS;
return result;
}
-int handle_crt_pem_file_installation(CertStoreType storeType, const char *path, const gchar *alias) {
-
+int handle_crt_pem_file_installation(CertStoreType storeType, const char *path, const char *alias)
+{
int result = CERTSVC_SUCCESS;
if ((strstr(path, ".crt")) != NULL || (strstr(path, ".pem")) != NULL) {
return result;
}
-int verify_cert_details(X509** cert, STACK_OF(X509) **certv) {
-
+int verify_cert_details(X509** cert, STACK_OF(X509) **certv)
+{
int result = CERTSVC_SUCCESS;
char* pSubject = NULL;
char* pIssuerName = NULL;
return result;
}
-int c_certsvc_pkcs12_import_from_file_to_store(CertStoreType storeTypes, const char *path, const char *password, const gchar *alias) {
-
+int c_certsvc_pkcs12_import_from_file_to_store(CertStoreType storeTypes, const char *path, const char *password, const char *alias)
+{
int result = CERTSVC_SUCCESS;
int readLen = 0;
int tmpLen = 0;
- int nicerts = 0, i = 0, n = 0, ncerts = 0, wr_res;
+ int wr_res;
+ size_t nicerts = 0, i = 0, n = 0, ncerts = 0;
CertStoreType storeType = NONE_STORE;
FILE* stream = NULL;
PKCS12* container = NULL;
EVP_PKEY* key = NULL;
X509* cert = NULL;
STACK_OF(X509) *certv = NULL;
- gchar* bare = NULL;
- gchar* pkvalue = NULL;
- gchar** cvaluev = NULL;
- gchar **certs = NULL;
+ char* bare = NULL;
+ char* pkvalue = NULL;
+ char** cvaluev = NULL;
+ char **certs = NULL;
char* tmpPkValue = NULL;
char* unique = NULL;
char fileBuffer[4096] = {0,};
int loopCount = 0;
CertType decideCert = INVALID_DATA;
- gboolean exists = FALSE;
+ int exists = 0;
if ((!alias) || (strlen(alias) < 1) || (!path) || (strlen(path) < 1)) {
SLOGE("Invalid input parameter.");
}
}
- nicerts = 0;
- nicerts = certv ? sk_X509_num(certv) : 0;
+ if (certv) {
+ int tempCertNum = sk_X509_num(certv);
+ if (tempCertNum < 0)
+ nicerts = 0;
+ else
+ nicerts = static_cast<size_t>(tempCertNum);
+ } else {
+ nicerts = 0;
+ }
+
if (cvaluev != NULL) {
- for (i = 0; i < n; i++)
- g_free(cvaluev[i]);
- if (cvaluev) free(cvaluev);
- cvaluev = NULL;
+ for (i = 0; i < n; i++)
+ free(cvaluev[i]);
+ if (cvaluev) free(cvaluev);
+ cvaluev = NULL;
}
- n = 0;
- cvaluev = (gchar **)calloc(1 + nicerts, sizeof(gchar *));
+ cvaluev = (char **)calloc(1 + nicerts, sizeof(char *));
if (unique != NULL) { free(unique); unique = NULL; }
- result = unique_filename(&unique, FALSE);
+ result = unique_filename(&unique);
if (result != CERTSVC_SUCCESS || !unique) {
SLOGE("Unique filename generation failed.");
goto error;
bare = bare_filename(unique);
if (bare) {
- pkvalue = g_strdup(bare);
+ pkvalue = strdup(bare);
tmpLen = strlen((const char*)pkvalue);
tmpPkValue = (char*)malloc(sizeof(char) * (tmpLen + 1));
memset(tmpPkValue, 0x00, tmpLen+1);
unlink(unique);
if (unique!=NULL) { free(unique); unique=NULL; }
- result = unique_filename(&unique, FALSE);
+ result = unique_filename(&unique);
if (result != CERTSVC_SUCCESS || !unique) {
SLOGE("Unique filename generation failed.");
goto error;
goto error;
}
+ n = 0;
bare = bare_filename(unique);
if (bare)
- cvaluev[n++] = g_strdup(bare);
+ cvaluev[n++] = strdup(bare);
- wr_res = -1;
decideCert = P12_END_USER;
wr_res = install_crt_file(unique, storeType, alias, tmpPkValue, NULL, decideCert);
if (wr_res != CERTSVC_SUCCESS) {
unlink(unique);
for (i=nicerts; i>0; i--) {
- result = unique_filename(&unique, FALSE);
+ result = unique_filename(&unique);
if (result != CERTSVC_SUCCESS || !unique) {
SLOGE("Unique filename generation failed.");
goto error;
goto error;
}
- wr_res = -1;
if (i==nicerts)
decideCert = P12_INTERMEDIATE;
else
unlink(unique);
bare = bare_filename(unique);
if (bare)
- cvaluev[n++] = g_strdup(bare);
+ cvaluev[n++] = strdup(bare);
}
}
loopCount++;
nicerts = 0; i = 0;
/* cvaluev[0] holds the end user certificate identifier which will be associated
* to chain certs. Pull the cert chain based on end user cert and delete one by one. */
- if (c_certsvc_pkcs12_load_certificates_from_store(storeType, cvaluev[0], &certs, (gsize *)&ncerts) != CERTSVC_SUCCESS) {
+ if (c_certsvc_pkcs12_load_certificates_from_store(storeType, cvaluev[0], &certs, &ncerts) != CERTSVC_SUCCESS) {
SLOGE("Unable to load certificates from store.");
return result;
}
if (certs[i] != NULL) {
for (i=0; i<ncerts; i++)
- g_free(certs[i]);
+ free(certs[i]);
}
}
}
return result;
}
-
-int c_certsvc_pkcs12_alias_exists(const gchar *alias, gboolean *exists) {
- GKeyFile *keyfile;
-
- if(exists == NULL)
- return CERTSVC_WRONG_ARGUMENT;
- keyfile = keyfile_load(CERTSVC_PKCS12_STORAGE_PATH);
- if(!keyfile)
- return CERTSVC_IO_ERROR;
- *exists = g_key_file_has_group(keyfile, alias);
- g_key_file_free(keyfile);
- return CERTSVC_SUCCESS;
-}
-
-int c_certsvc_pkcs12_import(const char *path, const char *password, const gchar *alias) {
- int exists;
- FILE *stream;
- PKCS12 *container;
- EVP_PKEY *key;
- X509 *cert;
- STACK_OF(X509) *certv;
- int nicerts;
- char *unique;
- int result = 0;
- struct stat st;
- int wr_res;
- GKeyFile *keyfile;
- gchar *bare;
- gchar *pkvalue;
- gchar **cvaluev;
- gsize i, n;
- gchar *data;
- gsize length;
- int readLen = 0;
- char fileBuffer[4096] = {0,};
-
- certv = NULL;
- pkvalue = NULL;
- if(!alias || strlen(alias) < 1)
- return CERTSVC_WRONG_ARGUMENT;
- result = c_certsvc_pkcs12_alias_exists(alias, &exists);
- if(result != CERTSVC_SUCCESS)
- return result;
- if(exists == TRUE)
- return CERTSVC_DUPLICATED_ALIAS;
-
- keyfile = keyfile_load(CERTSVC_PKCS12_STORAGE_PATH);
- if(!keyfile)
- return CERTSVC_IO_ERROR;
- if(stat(CERTSVC_PKCS12_STORAGE_PATH, &st) == -1) {
- if(mkdir(CERTSVC_PKCS12_STORAGE_PATH, S_IRWXU | S_IRWXG | S_IRWXO) == -1) {
- result = CERTSVC_FAIL;
- goto free_keyfile;
- }
- }
-
- if((stream = fopen(path, "rb")) == NULL) {
- result = CERTSVC_IO_ERROR;
- goto free_keyfile;
- }
- container = d2i_PKCS12_fp(stream, NULL);
- fclose(stream);
- if(container == NULL) {
- result = CERTSVC_FAIL;
- goto free_keyfile;
- }
-
-
- result = PKCS12_parse(container, password, &key, &cert, &certv);
- PKCS12_free(container);
- if (result == 0)
- {
- SLOGD("Failed to parse PKCS12");
- result = CERTSVC_FAIL;
- goto free_keyfile;
- }
-
- result = verify_cert_details(&cert, &certv);
- if (result == CERTSVC_FAIL)
- {
- SLOGE("Failed to parse the file passed.");
- goto free_keyfile;
- }
-
- nicerts = certv ? sk_X509_num(certv) : 0;
- cvaluev = (gchar **)calloc(1 + nicerts, sizeof(gchar *));
- n = 0;
-
- result = unique_filename(&unique, TRUE);
- if(result != CERTSVC_SUCCESS)
- goto clean_cert_chain_and_pkey;
- if((stream = fopen(unique, "w+")) == NULL) {
- free(unique);
- result = CERTSVC_IO_ERROR;
- goto clean_cert_chain_and_pkey;
- }
- result = PEM_write_PrivateKey(stream, key, NULL, NULL, 0, NULL, NULL);
- if(result == 0) {
- result = CERTSVC_FAIL;
- fclose(stream);
- free(unique);
- goto clean_cert_chain_and_pkey;
- }
-
- fseek(stream, 0, SEEK_SET);
-
- readLen = fread(fileBuffer, sizeof(char), 4096, stream);
- fclose(stream);
- if(readLen <= 0){
- free(unique);
- result = CERTSVC_FAIL;
- SLOGE("failed to read key file");
- goto clean_cert_chain_and_pkey;
- }
-
- wr_res = ssm_write_file(unique, SSM_FLAG_DATA, CERTSVC_PKCS12_UNIX_GROUP);
- if(wr_res <= 0) {
- free(unique);
- result = CERTSVC_FAIL;
- SLOGE("ssm_write_file failed : %d", wr_res);
- goto clean_cert_chain_and_pkey;
- }
- unlink(unique);
-
- bare = bare_filename(unique);
- if(bare) {
- pkvalue = g_strdup(bare);
- g_key_file_set_string(keyfile, alias, CERTSVC_PKCS12_STORAGE_KEY_PKEY, pkvalue);
- }
- free(unique);
- result = unique_filename(&unique, TRUE);
- if(result != CERTSVC_SUCCESS)
- goto clean_cert_chain_and_pkey;
- if((stream = fopen(unique, "w")) == NULL) {
- free(unique);
- result = CERTSVC_IO_ERROR;
- goto clean_cert_chain_and_pkey;
- }
- result = PEM_write_X509(stream, cert);
- fclose(stream);
- if(result == 0) {
- result = CERTSVC_FAIL;
- goto clean_cert_chain_and_pkey;
- }
- bare = bare_filename(unique);
- if(bare)
- cvaluev[n++] = g_strdup(bare);
- free(unique);
- for(i = 0; i < (unsigned int)nicerts; i++) {
- result = unique_filename(&unique, TRUE);
- if(result != CERTSVC_SUCCESS)
- goto clean_cert_chain_and_pkey;
- if((stream = fopen(unique, "w")) == NULL) {
- free(unique);
- result = CERTSVC_IO_ERROR;
- goto clean_cert_chain_and_pkey;
- }
- result = PEM_write_X509_AUX(stream, sk_X509_value(certv, i));
- fclose(stream);
- if(result == 0) {
- result = CERTSVC_FAIL;
- goto clean_cert_chain_and_pkey;
- }
- bare = bare_filename(unique);
- if(bare)
- cvaluev[n++] = g_strdup(bare);
- free(unique);
- }
- g_key_file_set_list_separator(keyfile, CERTSVC_PKCS12_STORAGE_SEPARATOR);
- g_key_file_set_string_list(keyfile, alias, CERTSVC_PKCS12_STORAGE_KEY_CERTS, (const gchar * const *)cvaluev, n);
- data = g_key_file_to_data(keyfile, &length, NULL);
- if(data == NULL) {
- result = CERTSVC_BAD_ALLOC;
- goto clean_cert_chain_and_pkey;
- }
- if(!g_file_set_contents(CERTSVC_PKCS12_STORAGE_PATH, data, length, NULL)) {
- result = CERTSVC_IO_ERROR;
- goto free_data;
- }
- result = CERTSVC_SUCCESS;
-
- SLOGD("( %s, %s)", path, password);
-
- free_data:
- g_free(data);
-
- clean_cert_chain_and_pkey:
- EVP_PKEY_free(key);
- X509_free(cert);
- sk_X509_free(certv);
- free(pkvalue);
- for(i = 0; i < n; i++) {
- g_free(cvaluev[i]);
- }
- free(cvaluev);
- free_keyfile:
- g_key_file_free(keyfile);
- return result;
-}
-
-int c_certsvc_pkcs12_aliases_load(gchar ***aliases, gsize *naliases) {
- GKeyFile *keyfile;
-
- keyfile = keyfile_load(CERTSVC_PKCS12_STORAGE_PATH);
- if(!keyfile)
- return CERTSVC_IO_ERROR;
- *aliases = g_key_file_get_groups(keyfile, naliases);
- g_key_file_free(keyfile);
- return CERTSVC_SUCCESS;
-}
-
-void c_certsvc_pkcs12_aliases_free(gchar **aliases) {
- g_strfreev(aliases);
-}
-
-int c_certsvc_pkcs12_has_password(const char *filepath, gboolean *passworded) {
+int c_certsvc_pkcs12_has_password(const char *filepath, int *passworded)
+{
FILE *stream;
EVP_PKEY *pkey;
X509 *cert;
if(result == 1) {
EVP_PKEY_free(pkey);
X509_free(cert);
- *passworded = FALSE;
+ *passworded = 0;
return CERTSVC_SUCCESS;
}
else {
if(ERR_GET_REASON(ERR_peek_last_error()) == PKCS12_R_MAC_VERIFY_FAILURE) {
- *passworded = TRUE;
+ *passworded = 1;
return CERTSVC_SUCCESS;
}
else
}
}
-int c_certsvc_pkcs12_load_certificates(const gchar *alias, gchar ***certs, gsize *ncerts) {
- GKeyFile *keyfile;
- gchar **barev;
- gsize i;
- keyfile = keyfile_load(CERTSVC_PKCS12_STORAGE_PATH);
- if(!keyfile)
- return CERTSVC_IO_ERROR;
- g_key_file_set_list_separator(keyfile, CERTSVC_PKCS12_STORAGE_SEPARATOR);
- barev = g_key_file_get_string_list(keyfile, alias, CERTSVC_PKCS12_STORAGE_KEY_CERTS, ncerts, NULL);
- if(barev == NULL) {
- *ncerts = 0;
- goto free_keyfile;
- }
- *certs = (gchar **)g_malloc((*ncerts + 1) * sizeof(gchar *));
- for(i = 0; i < *ncerts; i++)
- (*certs)[i] = g_strdup_printf("%s/%s", CERTSVC_PKCS12_STORAGE_DIR, barev[i]);
- (*certs)[*ncerts] = NULL;
- g_strfreev(barev);
-free_keyfile:
- g_key_file_free(keyfile);
- return CERTSVC_SUCCESS;
-}
-
-void c_certsvc_pkcs12_free_certificates(gchar **certs) {
- gsize i = 0;
- if(certs == NULL)
- return;
- while(certs[i])
- g_free(certs[i++]);
- g_free(certs);
-}
-
-int c_certsvc_pkcs12_private_key_load(const gchar *alias, char **buffer, gsize *count) {
- GKeyFile *keyfile;
- gchar *pkey;
- GError *error;
- char *spkp;
- int result;
- ssm_file_info_t sfi;
-
- if(!buffer)
- return CERTSVC_WRONG_ARGUMENT;
- keyfile = keyfile_load(CERTSVC_PKCS12_STORAGE_PATH);
- if(!keyfile)
- return CERTSVC_IO_ERROR;
- error = NULL;
-
- result = CERTSVC_SUCCESS;
-
- pkey = g_key_file_get_string(keyfile, alias, CERTSVC_PKCS12_STORAGE_KEY_PKEY, &error);
- g_key_file_free(keyfile);
-
- if(error && error->code == G_KEY_FILE_ERROR_KEY_NOT_FOUND) {
- *count = 0;
- return CERTSVC_SUCCESS;
- }
-
- if(error)
- return CERTSVC_FAIL;
-
- if(asprintf(&spkp, "%s/%s", CERTSVC_PKCS12_STORAGE_DIR, pkey) == -1) {
- spkp = NULL;
- result = CERTSVC_BAD_ALLOC;
- goto out;
- }
-
- if(ssm_getinfo(spkp, &sfi, SSM_FLAG_DATA, CERTSVC_PKCS12_UNIX_GROUP) != 0) {
- //result = CERTSVC_FAIL;
- goto out;
- }
-
- if((*buffer = (char *)malloc(sfi.originSize))) {
- result = CERTSVC_BAD_ALLOC;
- goto out;
- }
-
- if(ssm_read(spkp, *buffer, sfi.originSize, count, SSM_FLAG_DATA, CERTSVC_PKCS12_UNIX_GROUP) != 0) {
- c_certsvc_pkcs12_private_key_free(*buffer);
- result = CERTSVC_FAIL;
- }
-
-out:
- free(spkp);
- g_free(pkey);
-
- return result;
-}
-
-void c_certsvc_pkcs12_private_key_free(char *buffer) {
- free(buffer);
-}
-
-int certsvc_load_file_to_buffer(const char* filePath, unsigned char** certBuf, int* length)
+void c_certsvc_pkcs12_free_certificates(char **certs)
{
- int ret = CERT_SVC_ERR_NO_ERROR;
- FILE* fp_in = NULL;
- unsigned long int fileSize = 0;
-
- /* get file size */
- if((ret = cert_svc_get_file_size(filePath, &fileSize)) != CERT_SVC_ERR_NO_ERROR) {
- SLOGE("[ERR][%s] Fail to get file size, [%s]", __func__, filePath);
- return CERT_SVC_ERR_FILE_IO;
- }
- /* open file and write to buffer */
- if(!(fp_in = fopen(filePath, "rb"))) {
- SLOGE("[ERR][%s] Fail to open file, [%s]", __func__, filePath);
- return CERT_SVC_ERR_FILE_IO;
- }
-
- if(!(*certBuf = (unsigned char*)malloc(sizeof(unsigned char) * (unsigned int)(fileSize + 1)))) {
- SLOGE("[ERR][%s] Fail to allocate memory.", __func__);
- ret = CERT_SVC_ERR_MEMORY_ALLOCATION;
- goto err;
- }
- memset(*certBuf, 0x00, (fileSize + 1));
- if(fread(*certBuf, sizeof(unsigned char), fileSize, fp_in) != fileSize) {
- SLOGE("[ERR][%s] Fail to read file, [%s]", __func__, filePath);
- ret = CERT_SVC_ERR_FILE_IO;
- goto err;
- }
-
- *length = fileSize;
-
-err:
- if(fp_in != NULL)
- fclose(fp_in);
- return ret;
-}
-
-int c_certsvc_pkcs12_delete(const gchar *alias) {
- gchar **certs;
- gsize ncerts;
- char *pkey = NULL;
- char *spkp = NULL;
- int result;
- GKeyFile *keyfile = NULL;
- gchar *data;
- gsize i, length;
-
- data = NULL;
- result = c_certsvc_pkcs12_load_certificates(alias, &certs, &ncerts);
- if(result != CERTSVC_SUCCESS)
- goto load_certificates_failed;
- keyfile = keyfile_load(CERTSVC_PKCS12_STORAGE_PATH);
- if(!keyfile) {
- result = CERTSVC_IO_ERROR;
- goto keyfile_load_failed;
- }
- pkey = g_key_file_get_string(keyfile, alias, CERTSVC_PKCS12_STORAGE_KEY_PKEY, NULL);
- if(g_key_file_remove_group(keyfile, alias, NULL)) {
- data = g_key_file_to_data(keyfile, &length, NULL);
- if(data == NULL) {
- result = CERTSVC_BAD_ALLOC;
- goto keyfile_free;
- }
- if(!g_file_set_contents(CERTSVC_PKCS12_STORAGE_PATH, data, length, NULL)) {
- result = CERTSVC_IO_ERROR;
- goto data_free;
- }
- }
-
- for(i = 0; i < ncerts; i++)
- {
- unlink(certs[i]);
- }
- if(pkey != NULL) {
- if(asprintf(&spkp, "%s/%s", CERTSVC_PKCS12_STORAGE_DIR, pkey) == -1) {
- result = CERTSVC_BAD_ALLOC;
- goto data_free;
- }
- ssm_delete_file(spkp, SSM_FLAG_DATA, CERTSVC_PKCS12_UNIX_GROUP);
- free(spkp);
- }
- data_free:
- g_free(data);
- keyfile_free:
- g_key_file_free(keyfile);
- keyfile_load_failed:
- if(ncerts != 0)
- c_certsvc_pkcs12_free_certificates(certs);
- load_certificates_failed:
- return result;
-}
-
-
-int cert_svc_get_file_size(const char* filepath, unsigned long int* length)
-{
- int ret = CERT_SVC_ERR_NO_ERROR;
- FILE* fp_in = NULL;
-
- if(!(fp_in = fopen(filepath, "r"))) {
- SLOGE("[ERR][%s] Fail to open file, [%s]", __func__, filepath);
- ret = CERT_SVC_ERR_FILE_IO;
- goto err;
- }
-
- fseek(fp_in, 0L, SEEK_END);
- (*length) = ftell(fp_in);
-
-err:
- if(fp_in != NULL)
- fclose(fp_in);
-
- return ret;
+ size_t i = 0;
+ if (!certs)
+ return;
+ while (certs[i])
+ free(certs[i++]);
+ free(certs);
}
#ifndef _PKCS12_H_
#define _PKCS12_H_
-#include <glib.h>
#include <cert-svc/ccert.h>
#ifdef __cplusplus
#endif
/**
- * Checks if the alias exist in the user store or not.
- *
- * @param[in] Alias Logical name for certificate bundle identification (can't be empty).
- * @param[out] exists A Boolean value which states if the alias exists or not.
- * @return CERTSVC_SUCCESS, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT.
- */
-int c_certsvc_pkcs12_alias_exists(const gchar *alias, gboolean *exists);
-
-/**
- * To import the p12/pfx file to user store.
- *
- * @param[in] path Path to file.
- * @param[in] password Password for opening the file.
- * @param[in] alias Logical name for certificate bundle identification (can't be empty).
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_DUPLICATED_ALIAS, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC.
- */
-int c_certsvc_pkcs12_import(const char *path, const char *password, const gchar *alias);
-
-/**
* To import the p12/pfx/crt/pem file to specified store (WIFI_STORE/VPN_STORE/EMAIL_STORE).
*
* @param[in] storeType Refers to WIFI_STORE / VPN_STORE / EMAIL_STORE / ALL_STORE.
* @param[in] alias Logical name for certificate bundle identification (can't be empty).
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_DUPLICATED_ALIAS, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC.
*/
-int c_certsvc_pkcs12_import_from_file_to_store(CertStoreType storeType, const char *path, const char *password, const gchar *alias);
+int c_certsvc_pkcs12_import_from_file_to_store(CertStoreType storeType, const char *path, const char *password, const char *alias);
/**
* To get the list of certificate information present in a store. User will be getting
* @param[out] length provides the length of the linked list.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
*/
-int c_certsvc_pkcs12_get_certificate_list_from_store(CertStoreType storeType, int is_root_app, CertSvcStoreCertList** certList, int* length);
+int c_certsvc_pkcs12_get_certificate_list_from_store(CertStoreType storeType, int is_root_app, CertSvcStoreCertList **certList, size_t *length);
/**
* To set the status for a specified certificate in a particular store to enabled / disabled.
* @param[in] status Allows to set the status of the certificate to enabled / disabled.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
*/
-int c_certsvc_pkcs12_set_certificate_status_to_store(CertStoreType storeType, int is_root_app, char* gname, CertStatus status);
+int c_certsvc_pkcs12_set_certificate_status_to_store(CertStoreType storeType, int is_root_app, const char *gname, CertStatus status);
/**
* To get the status (enabled/disabled) for the specified certificate in a particular store.
* @param[out] status Returns the status of the certificate. It will be set Disable=0, Enable=1, Fail=-1.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_ALIAS_DOES_NOT_EXIST, CERTSVC_IO_ERROR
*/
-int c_certsvc_pkcs12_get_certificate_status_from_store(CertStoreType storeType, const gchar *gname, int *status);
+int c_certsvc_pkcs12_get_certificate_status_from_store(CertStoreType storeType, const char *gname, CertStatus *status);
/**
* To get the encoded form of the specified certificate from the specified store.
* @param[out] certSize Which will be having the size of the buffer.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
*/
-int c_certsvc_pkcs12_get_certificate_buffer_from_store(CertStoreType storeType, char* gname, char** certBuffer, size_t* certSize);
+int c_certsvc_pkcs12_get_certificate_buffer_from_store(CertStoreType storeType, const char *gname, char **certBuffer, size_t *certSize);
/**
* To delete the certificate from the specified store (VPN_STORE, WIFI_STORE, EMAIL_STORE, SYSTEM_STORE, ALL_STORE).
* @param[in] certList Linked-list having all the information about each certificate present in a store.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL.
*/
-int c_certsvc_pkcs12_free_aliases_loaded_from_store(CertSvcStoreCertList** certList);
+int c_certsvc_pkcs12_free_aliases_loaded_from_store(CertSvcStoreCertList **certList);
/**
* Checks if the alias exist in the user store or not.
*
* @param[in] storeType Refers to VPN_STORE / WIFI_STORE / EMAIL_STORE / SYSTEM_STORE / ALL_STORE.
* @param[in] Alias Logical name for certificate bundle identification (can't be empty).
- * @param[out] exists A Boolean value which states if the alias exists or not.
+ * @param[out] isUnique A Boolean value which states if the alias is unique or not.
* @return CERTSVC_SUCCESS, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT.
*/
-int c_certsvc_pkcs12_alias_exists_in_store(CertStoreType storeType, const gchar *alias, gboolean *exists);
+int c_certsvc_pkcs12_alias_exists_in_store(CertStoreType storeType, const char *alias, int *isUnique);
/**
* Function to get the size of the file passed.
* @param[out] ncerts Provides the number of certs in certs.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
*/
-int c_certsvc_pkcs12_load_certificates_from_store(CertStoreType storeType, const gchar *gname, gchar ***certs, gsize *ncerts);
+int c_certsvc_pkcs12_load_certificates_from_store(CertStoreType storeType, const char *gname, char ***certs, size_t *ncerts);
/**
* To load the private key for the specified certificate mapped by an Alias.
* @param[out] count Will hold the siz of the private key buffer.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC.
*/
-int c_certsvc_pkcs12_private_key_load_from_store(CertStoreType storeType, const gchar *gname, char **pkey, gsize *count);
+int c_certsvc_pkcs12_private_key_load_from_store(CertStoreType storeType, const char *gname, char **pkey, size_t *count);
/**
* Gets the alias name for the gname passed.
* @param[out] alias Alias name for the given gname.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_WRONG_ARGUMENT
*/
-int c_certsvc_pkcs12_get_certificate_alias_from_store(CertStoreType storeType, const gchar *gname, char **alias);
+int c_certsvc_pkcs12_get_certificate_alias_from_store(CertStoreType storeType, const char *gname, char **alias);
/**
* To get the list of only end user certificate information present in a store. User will be getting
* @param[out] length provides the length of the linked list.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
*/
-int c_certsvc_pkcs12_get_end_user_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, int* length);
+int c_certsvc_pkcs12_get_end_user_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList **certList, size_t *length);
/**
* To get the list of only root/trusted certificate information present in a store. User will be getting
* @param[out] length provides the length of the linked list.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
*/
-int c_certsvc_pkcs12_get_root_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList** certList, int* length);
-
-/**
- * Function to load all the alias list present in the user store.
- *
- * @param[out] aliases Which holds all the list of aliases present in the store.
- * @param[out] naliases Provides the number of aliases present in the store.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR.
- */
-int c_certsvc_pkcs12_aliases_load(gchar ***aliases, gsize *naliases);
-
-/**
- * To free all the aliases which were loaded previously from
- * c_certsvc_pkcs12_aliases_load() function.
- *
- * @param[in] aliases Which holds all the list of aliases present in the store.
- */
-void c_certsvc_pkcs12_aliases_free(gchar **aliases);
+int c_certsvc_pkcs12_get_root_certificate_list_from_store(CertStoreType storeType, CertSvcStoreCertList **certList, size_t *length);
/**
* TO check if the p12/pfx file is protected by password or not.
* @param[out] passworded A boolean value to state if the file is protected by password or not.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT.
*/
-int c_certsvc_pkcs12_has_password(const char *filepath, gboolean *passworded);
-
-/**
- * To load all the certificates matching the given alias.
- *
- * @param[in] alias Logical name for certificate bundle identification (can't be empty).
- * @param[out] certificates The pointer holding all the certificates buffer in memory.
- * @param[out] ncertificates Holds the number of certificates returned.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT.
- */
-int c_certsvc_pkcs12_load_certificates(const gchar *alias, gchar ***certificates, gsize *ncertificates);
+int c_certsvc_pkcs12_has_password(const char *filepath, int *passworded);
/**
* To free the certificates from memory which was loaded by
* @param[in] certs A pointer holding all the certificates in memory.
* @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR.
*/
-void c_certsvc_pkcs12_free_certificates(gchar **certs);
-
-/**
- * To load the private key for the specified certificate mapped by an Alias.
- *
- * @param[in] alias Logical name for certificate bundle identification (can't be empty).
- * @param[out] pkey Will hold the private key value of the certificate.
- * @param[out] count Will hold the siz of the private key buffer.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC.
- */
-int c_certsvc_pkcs12_private_key_load(const gchar *alias, char **pkey, gsize *count);
-
-/**
- * To free the private key buffer previously loaded by
- * c_certsvc_pkcs12_private_key_load() function.
- *
- * @param[in] buffer Holding the private key values.
- */
-void c_certsvc_pkcs12_private_key_free(char *buffer);
-
-/**
- * Function to delete the certificate present in the user store.
- *
- * @param[in] alias Logical name for certificate bundle identification (can't be empty).
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_BAD_ALLOC.
- */
-int c_certsvc_pkcs12_delete(const gchar *alias);
-//static void _delete_from_osp_cert_mgr(const char* path);
-
-/**
- * Function to load the file to buffer.
- *
- * @param[in] filePath Which points to the location where the file is present.
- * @param[out] certBuf Which will hold the certificate information.
- * @param[out] length Which will hold the file size.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERT_SVC_ERR_FILE_IO, CERT_SVC_ERR_MEMORY_ALLOCATION.
- */
-int certsvc_load_file_to_buffer(const char* filePath, unsigned char** certBuf, int* length);
-
-/**
- * Function to get the size of the file passed.
- *
- * @param[in] filepath Which points to the location where the file is present.
- * @param[out] length Which will hold the file size.
- * @return CERTSVC_SUCCESS, CERTSVC_FAIL, CERTSVC_IO_ERROR, CERTSVC_WRONG_ARGUMENT, CERTSVC_INVALID_STORE_TYPE.
- */
-int cert_svc_get_file_size(const char* filepath, unsigned long int* length);
+void c_certsvc_pkcs12_free_certificates(char **certs);
#ifdef __cplusplus
}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @file scoped_fclose.h
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief This file is the implementation file of scoped fclose RAII
- */
-#ifndef WRT_ENGINE_SRC_COMMON_SCOPED_GPOINTER_H
-#define WRT_ENGINE_SRC_COMMON_SCOPED_GPOINTER_H
-
-#include <cstddef>
-#include <glib-object.h>
-
-#include <dpl/scoped_resource.h>
-#include <dpl/assert.h>
-
-namespace WRT {
-struct ScopedGPointerPolicy
-{
- typedef gpointer Type;
- static Type NullValue()
- {
- return NULL;
- }
- static void Destroy(Type pointer)
- {
- if (pointer != NULL) {
- g_object_unref(pointer);
- }
- }
-};
-
-template <typename Class>
-class ScopedGPointer : public VcoreDPL::ScopedResource<ScopedGPointerPolicy>
-{
- typedef ScopedGPointerPolicy Policy;
- typedef VcoreDPL::ScopedResource<Policy> BaseType;
-
- public:
- explicit ScopedGPointer(typename Policy::Type pointer =
- Policy::NullValue()) :
- BaseType(pointer)
- {
- }
-
- Class *operator->() const throw()
- {
- Assert(this->m_value != Policy::NullValue() &&
- "Dereference of scoped NULL pointer!");
- return static_cast<Class *>(this->m_value);
- }
-
- Class & operator *() const throw()
- {
- Assert(this->m_value != Policy::NullValue() &&
- "Dereference of scoped NULL pointer!");
- return *static_cast<Class *>(this->m_value);
- }
-};
-} // namespace WRT
-
-#endif // WRT_ENGINE_SRC_COMMON_SCOPED_GPOINTER_H
projects / platform / core / security / cert-svc.git / commitdiff