From: Pawel Andruszkiewicz Date: Wed, 1 Jul 2015 06:03:51 +0000 (+0200) Subject: [KeyManager] Implementation of loadFromPKCS12File() method. X-Git-Tag: submit/tizen/20150702.103311^2~1^2~43 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c6c9203361616f73301880dc064c6127ff37f836;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git [KeyManager] Implementation of loadFromPKCS12File() method. Change-Id: Id2ea30f6f9eb124045217382d0ad855f5895b86d Signed-off-by: Pawel Andruszkiewicz --- diff --git a/src/keymanager/keymanager_instance.cc b/src/keymanager/keymanager_instance.cc index ea0c06b6..7b1dce6e 100755 --- a/src/keymanager/keymanager_instance.cc +++ b/src/keymanager/keymanager_instance.cc @@ -405,6 +405,98 @@ void KeyManagerInstance::VerifySignature(const picojson::value& args, void KeyManagerInstance::LoadFromPKCS12File(const picojson::value& args, picojson::object& out) { LoggerD("Enter"); + + const auto& file_uri = args.get("fileURI").get(); + const auto& key_alias = args.get("privKeyName").get(); + const auto& cert_alias = args.get("certificateName").get(); + const auto& password_value = args.get("password"); + double callback_id = args.get("callbackId").get(); + + std::string password; + + if (password_value.is()) { + password = password_value.get(); + } + + auto load_file = [file_uri, password, cert_alias, key_alias](const std::shared_ptr& result) { + LoggerD("Enter load_file"); + std::string file = VirtualFs::GetInstance().GetRealPath(file_uri); + ckmc_pkcs12_s* pkcs12 = nullptr; + + int ret = ckmc_pkcs12_load(file.c_str(), password.c_str(), &pkcs12); + + if (CKMC_ERROR_NONE == ret) { + SCOPE_EXIT { + ckmc_pkcs12_free(pkcs12); + }; + ckmc_policy_s policy { const_cast(password.c_str()), true }; + + // it's safer to use ckmc_save_pkcs12() here, however JS API specifies + // two different aliases for private key and certificate + if (pkcs12->cert) { + ret = ckmc_save_cert(cert_alias.c_str(), *pkcs12->cert, policy); + if (CKMC_ERROR_NONE != ret) { + LoggerE("Failed to save certificate: %d", ret); + } + } + + if (CKMC_ERROR_NONE == ret && pkcs12->priv_key) { + ret = ckmc_save_key(key_alias.c_str(), *pkcs12->priv_key, policy); + if (CKMC_ERROR_NONE != ret) { + LoggerE("Failed to save private key: %d", ret); + // rollback + if (pkcs12->cert) { + ckmc_remove_cert(cert_alias.c_str()); + } + } + } + } else { + LoggerE("Failed to load PKCS12 file: %d", ret); + } + + PlatformResult success(ErrorCode::NO_ERROR); + + switch (ret) { + case CKMC_ERROR_NONE: + break; + + case CKMC_ERROR_FILE_ACCESS_DENIED: + success = PlatformResult(ErrorCode::NOT_FOUND_ERR, "Certificate file not found"); + break; + + case CKMC_ERROR_INVALID_FORMAT: + case CKMC_ERROR_INVALID_PARAMETER: + success = PlatformResult(ErrorCode::INVALID_VALUES_ERR, "Certificate file has wrong format"); + break; + + case CKMC_ERROR_PERMISSION_DENIED: + success = PlatformResult(ErrorCode::IO_ERR, "Permission has been denied"); + break; + + default: + success = PlatformResult(ErrorCode::UNKNOWN_ERR, "Failed to open certificate file"); + break; + } + + if (success) { + common::tools::ReportSuccess(result->get()); + } else { + common::tools::ReportError(success, &result->get()); + } + }; + + auto load_file_result = [this, callback_id](const std::shared_ptr& result) { + LoggerD("Enter load_file_result"); + result->get()["callbackId"] = picojson::value{callback_id}; + this->PostMessage(result->serialize().c_str()); + }; + + TaskQueue::GetInstance().Queue( + load_file, + load_file_result, + std::shared_ptr{new picojson::value{picojson::object()}}); + + ReportSuccess(out); } void KeyManagerInstance::AllowAccessControl(const picojson::value& args,