From 2af10d8e903692f1468917a39af4d88d1186fdc3 Mon Sep 17 00:00:00 2001 From: Bhanu Singh Rao Date: Tue, 19 Mar 2013 17:38:54 +0530 Subject: [PATCH] Implemented client-server model and code change for thread safety Change-Id: I770397ac4e919b556054f372955bdc38190220ea Signed-off-by: Bhanu Singh Rao --- inc/CertificateServiceStub.h | 10 +- src/CertificateService.cpp | 26 ++--- src/CertificateServiceStub.cpp | 232 ++++++++++++++++++++++++++++++----------- 3 files changed, 192 insertions(+), 76 deletions(-) diff --git a/inc/CertificateServiceStub.h b/inc/CertificateServiceStub.h index 47943fb..2d2a5a3 100644 --- a/inc/CertificateServiceStub.h +++ b/inc/CertificateServiceStub.h @@ -64,11 +64,11 @@ public: bool OnCloseCertificateStore(int certificateStoreCtx, result* pRet); - bool OnOpenCertificateStoreByType(int type, int* pCount, int* pRootHandle, result* pRet); + bool OnOpenCertificateStoreByType(int type, int* pCount, result* pRet); - bool OnGetCertificateCount(int certificateStoreCtx, int* pRootHandle, result* pRet); + bool OnGetCertificateCount(int type, int* pCertCount, result* pRet); - bool OnGetNextCertificate(int certificateStoreCtx, int length, Tizen::Io::_IpcBuffer* pCertBufferIpc, result* pRet); + bool OnGetNextCertificate(int type, int curPos, int length, Tizen::Io::_IpcBuffer* pCertBufferIpc, int* pNewPos, result* pRet); bool OnUpdateRootCa(int type, Tizen::Io::_IpcBuffer certOldBufferIpc, Tizen::Io::_IpcBuffer certNewBufferIpc, result* pRet); @@ -96,6 +96,8 @@ public: bool OnGetUserCertFieldInfoByCertId(int certId, _CertFieldInfos* pCertFieldInfos, result* pRet); + result UpdateCertStoreContext(int type); + private: _CertServiceStub(const _CertServiceStub& rhs); @@ -103,6 +105,8 @@ private: private: Tizen::Io::_IpcServer* __pIpcServer; + int __context[_MAX_CERT_TYPE_COUNT]; + int __refCount[_MAX_CERT_TYPE_COUNT]; }; // _CertServiceStub } } } // Tizen::Security::Cert diff --git a/src/CertificateService.cpp b/src/CertificateService.cpp index f58f22d..f8b7e11 100644 --- a/src/CertificateService.cpp +++ b/src/CertificateService.cpp @@ -38,7 +38,7 @@ #include #include #include -#include +#include "FSec_CertServer.h" #include #include "CertificateService.h" @@ -181,7 +181,7 @@ FileEventListenerCerts::OnFileEventOccured(const unsigned long events, const Tiz size = attr.GetFileSize(); - std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + std::unique_ptr< byte[] > pCertBuffer(new (std::nothrow) byte[size]); TryReturnVoidResult(pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); readCnt = file.Read(pCertBuffer.get(), size); @@ -194,7 +194,7 @@ FileEventListenerCerts::OnFileEventOccured(const unsigned long events, const Tiz switch (events) { case FILE_EVENT_TYPE_CLOSE_WRITE: - r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + r = _CertServer::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); TryReturnVoidResult(!IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); break; @@ -226,7 +226,7 @@ FileEventListenerCertsSim::OnFileEventOccured(const unsigned long events, const size = attr.GetFileSize(); - std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + std::unique_ptr< byte[] > pCertBuffer(new (std::nothrow) byte[size]); TryReturnVoidResult(pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); readCnt = file.Read(pCertBuffer.get(), size); @@ -238,7 +238,7 @@ FileEventListenerCertsSim::OnFileEventOccured(const unsigned long events, const switch (events) { case FILE_EVENT_TYPE_CLOSE_WRITE: - r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + r = _CertServer::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); TryReturnVoidResult(!IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); break; @@ -270,7 +270,7 @@ FileEventListenerCertsSimOperator::OnFileEventOccured(const unsigned long events size = attr.GetFileSize(); - std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + std::unique_ptr< byte[] > pCertBuffer(new (std::nothrow) byte[size]); TryReturnVoidResult(pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); readCnt = file.Read(pCertBuffer.get(), size); @@ -282,7 +282,7 @@ FileEventListenerCertsSimOperator::OnFileEventOccured(const unsigned long events switch (events) { case FILE_EVENT_TYPE_CLOSE_WRITE: - r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + r = _CertServer::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); TryReturnVoidResult(!IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); break; @@ -314,7 +314,7 @@ FileEventListenerCertsSimThirdparty::OnFileEventOccured(const unsigned long even size = attr.GetFileSize(); - std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + std::unique_ptr< byte[] > pCertBuffer(new (std::nothrow) byte[size]); TryReturnVoidResult(pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); readCnt = file.Read(pCertBuffer.get(), size); @@ -326,7 +326,7 @@ FileEventListenerCertsSimThirdparty::OnFileEventOccured(const unsigned long even switch (events) { case FILE_EVENT_TYPE_CLOSE_WRITE: - r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + r = _CertServer::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); TryReturnVoidResult(!IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); break; @@ -358,7 +358,7 @@ FileEventListenerCertsSsl::OnFileEventOccured(const unsigned long events, const size = attr.GetFileSize(); - std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + std::unique_ptr< byte[] > pCertBuffer(new (std::nothrow) byte[size]); TryReturnVoidResult(pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); readCnt = file.Read(pCertBuffer.get(), size); @@ -370,7 +370,7 @@ FileEventListenerCertsSsl::OnFileEventOccured(const unsigned long events, const switch (events) { case FILE_EVENT_TYPE_CLOSE_WRITE: - r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + r = _CertServer::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); TryReturnVoidResult(!IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); break; @@ -402,7 +402,7 @@ FileEventListenerUsrCaCerts::OnFileEventOccured(const unsigned long events, cons size = attr.GetFileSize(); - std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + std::unique_ptr< byte[] > pCertBuffer(new (std::nothrow) byte[size]); TryReturnVoidResult(pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); readCnt = file.Read(pCertBuffer.get(), size); @@ -414,7 +414,7 @@ FileEventListenerUsrCaCerts::OnFileEventOccured(const unsigned long events, cons switch (events) { case FILE_EVENT_TYPE_CLOSE_WRITE: - r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + r = _CertServer::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); TryReturnVoidResult(!IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); break; diff --git a/src/CertificateServiceStub.cpp b/src/CertificateServiceStub.cpp index 738821e..9b3aa9f 100644 --- a/src/CertificateServiceStub.cpp +++ b/src/CertificateServiceStub.cpp @@ -35,7 +35,7 @@ #include #include #include -#include +#include using namespace Tizen::Base; using namespace Tizen::Base::Collection; @@ -46,10 +46,41 @@ using namespace Tizen::Io; namespace Tizen { namespace Security { namespace Cert { +int +GetIndexFromCertType(int certType) +{ + int index = 0; + switch (certType) + { + case _CERT_TYPE_ROOT_CA: + index = 0; + break; + + case _CERT_TYPE_ROOT_DOMAIN1: + index = 1; + break; + + case _CERT_TYPE_ROOT_DOMAIN3: + index = 2; + break; + + case _CERT_TYPE_USER_CERT: + index = 3; + break; + + default: + SysTryReturnResult(NID_SEC_CERT, false, -1, "Invalid certificate type."); + break; + } + + return index; +} + _CertServiceStub::_CertServiceStub(void) : __pIpcServer(null) { - + memset(__context, 0, sizeof(__context)); + memset(__refCount, 0, sizeof(__refCount)); } _CertServiceStub::~_CertServiceStub(void) @@ -66,15 +97,15 @@ _CertServiceStub::Construct(void) { result r = E_SUCCESS; - std::unique_ptr<_IpcServer> pIpcServer(new (std::nothrow) _IpcServer()); + std::unique_ptr< _IpcServer > pIpcServer(new (std::nothrow) _IpcServer()); TryReturnResult(pIpcServer != null, E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); r = pIpcServer->Construct(L"osp.security.ipcserver.certmanager", *this); - TryReturnResult( !IsFailed(r), r, r, "[%s] Failed to create IPC server(%s)", GetErrorMessage(r), "CertService"); + TryReturnResult(!IsFailed(r), r, r, "[%s] Failed to create IPC server(%s)", GetErrorMessage(r), "CertService"); __pIpcServer = pIpcServer.release(); - _CertService::InitializeDb(); + _CertServer::InitializeDb(); return r; } @@ -82,11 +113,16 @@ _CertServiceStub::Construct(void) bool _CertServiceStub::OnUpdateRootCa(int type, Tizen::Io::_IpcBuffer certOldBufferIpc, Tizen::Io::_IpcBuffer certNewBufferIpc, result* pRet) { + result r = E_SUCCESS; + *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + + *pRet = _CertServer::UpdateCaCertificate(static_cast< _CaCertType >(type), static_cast< char* >(certOldBufferIpc.pBuffer), certOldBufferIpc.size, + static_cast< char* >(certNewBufferIpc.pBuffer), certNewBufferIpc.size); - *pRet = _CertService::UpdateCaCertificate(static_cast< _CaCertType >(type), static_cast< char* >(certOldBufferIpc.pBuffer), certOldBufferIpc.size, - static_cast< char* >(certNewBufferIpc.pBuffer), certNewBufferIpc.size); + r = UpdateCertStoreContext(_CERT_TYPE_ROOT_CA); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); CATCH: return true; @@ -95,11 +131,15 @@ CATCH: bool _CertServiceStub::OnRemoveRootCa(int type, Tizen::Io::_IpcBuffer certBufferIpc, int bufLen, result* pRet) { + result r = E_SUCCESS; *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + + *pRet = _CertServer::RemoveCaCertificate(static_cast< _CaCertType >(type), static_cast< char* >(certBufferIpc.pBuffer), bufLen); - *pRet = _CertService::RemoveCaCertificate(static_cast< _CaCertType >(type), static_cast< char* >(certBufferIpc.pBuffer), bufLen); + r = UpdateCertStoreContext(_CERT_TYPE_ROOT_CA); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); CATCH: return true; @@ -108,10 +148,16 @@ CATCH: bool _CertServiceStub::OnInsertCaCertificate(int type, int format, Tizen::Io::_IpcBuffer pCert, long certLen, result* pRet) { + result r = E_SUCCESS; + *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + + *pRet = _CertServer::InsertCaCertificate(static_cast< _CaCertType >(type), static_cast< _CertFormat >(format), static_cast< byte* >(pCert.pBuffer), certLen); + + r = UpdateCertStoreContext(type); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); - *pRet = _CertService::InsertCaCertificate(static_cast< _CaCertType >(type), static_cast< _CertFormat >(format), static_cast< byte* >(pCert.pBuffer), certLen); CATCH: return true; } @@ -119,7 +165,7 @@ CATCH: bool _CertServiceStub::OnInsertUserCaCertificate(int format, Tizen::Io::_IpcBuffer pCert, int certLen, result* pRet) { - *pRet = _CertService::InsertUserCaCertificate(static_cast< _CertFormat >(format), static_cast< char* >(pCert.pBuffer), certLen); + *pRet = _CertServer::InsertUserCaCertificate(static_cast< _CertFormat >(format), static_cast< char* >(pCert.pBuffer), certLen); return true; } @@ -127,7 +173,7 @@ _CertServiceStub::OnInsertUserCaCertificate(int format, Tizen::Io::_IpcBuffer pC bool _CertServiceStub::OnInstallUserRootCertificate(Tizen::Io::_IpcBuffer filePath, result* pRet) { - *pRet = _CertService::InsertUserCaCertificate(static_cast< byte* >(filePath.pBuffer)); + *pRet = _CertServer::InsertUserCaCertificate(static_cast< byte* >(filePath.pBuffer)); return true; } @@ -136,10 +182,15 @@ _CertServiceStub::OnInstallUserRootCertificate(Tizen::Io::_IpcBuffer filePath, r bool _CertServiceStub::OnInsertUserCertChainPrivateKey(Tizen::Io::_IpcBuffer certChainBufferIpc, int certSize, Tizen::Io::_IpcBuffer privateKeyBufferIpc, int userPriKeyLen, result* pRet) { + result r = E_SUCCESS; + *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + + *pRet = _CertServer::InsertUserCertChainPrivateKey(static_cast< char* >(certChainBufferIpc.pBuffer), certSize, static_cast< char* >(privateKeyBufferIpc.pBuffer), userPriKeyLen); - *pRet = _CertService::InsertUserCertChainPrivateKey(static_cast< char* >(certChainBufferIpc.pBuffer), certSize, static_cast< char* >(privateKeyBufferIpc.pBuffer), userPriKeyLen); + r = UpdateCertStoreContext(_CERT_TYPE_USER_CERT); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); CATCH: return true; @@ -148,7 +199,7 @@ CATCH: bool _CertServiceStub::OnInsertCertificateChainWithPrivateKey(Tizen::Io::_IpcBuffer certChainPrivateKeyBufferIpc, int certChainPrivateKeyLength, result* pRet) { - *pRet = _CertService::InsertCertificateChainWithPrivateKey(static_cast< char* >(certChainPrivateKeyBufferIpc.pBuffer), certChainPrivateKeyLength); + *pRet = _CertServer::InsertCertificateChainWithPrivateKey(static_cast< char* >(certChainPrivateKeyBufferIpc.pBuffer), certChainPrivateKeyLength); return true; } @@ -156,10 +207,18 @@ _CertServiceStub::OnInsertCertificateChainWithPrivateKey(Tizen::Io::_IpcBuffer c bool _CertServiceStub::OnInstallPkcs12Content(Tizen::Io::_IpcBuffer pkcs12FilePath, Tizen::Io::_IpcBuffer pkcs12ImportPassword, result* pRet) { + result r = E_SUCCESS; + *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); - *pRet = _CertService::InsertPkcs12Content(static_cast< char* >(pkcs12FilePath.pBuffer), static_cast< char* >(pkcs12ImportPassword.pBuffer)); + *pRet = _CertServer::InsertPkcs12Content(static_cast< char* >(pkcs12FilePath.pBuffer), static_cast< char* >(pkcs12ImportPassword.pBuffer)); + + r = UpdateCertStoreContext(_CERT_TYPE_ROOT_CA); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); + + r = UpdateCertStoreContext(_CERT_TYPE_USER_CERT); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); CATCH: return true; @@ -168,8 +227,14 @@ CATCH: bool _CertServiceStub::OnDeleteUserCertChainByCertId(int certId, result* pRet) { - *pRet = _CertService::RemoveUserCertChainByCertId(certId); + result r = E_SUCCESS; + *pRet = _CertServer::RemoveUserCertChainByCertId(certId); + + r = UpdateCertStoreContext(_CERT_TYPE_USER_CERT); + TryCatchResult(!IsFailed(r), , r, "[%s] Failed to update certificate store context.", GetErrorMessage(r), "_CertServer"); + +CATCH: return true; } @@ -177,9 +242,9 @@ bool _CertServiceStub::OnUninstallUserRootCertificateByCertId(int certId, result* pRet) { *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); - *pRet = _CertService::RemoveUserCaCertificateByCertId(certId); + *pRet = _CertServer::RemoveUserCaCertificateByCertId(certId); CATCH: return true; @@ -190,11 +255,11 @@ _CertServiceStub::OnGetUserCertChainByIssuerAndSubjectNameN(Tizen::Io::_IpcBuffe { _CertificateListInfo* pCertListIpc = null; - *pRet = _CertService::GetUserCertChainByIssuerAndSubjectNameN(static_cast< char* >(issuerBufferIpc.pBuffer), issuerNameLen, static_cast< char* >(subjectBufferIpc.pBuffer), subNameLen, pCertListIpc); + *pRet = _CertServer::GetUserCertChainByIssuerAndSubjectNameN(static_cast< char* >(issuerBufferIpc.pBuffer), issuerNameLen, static_cast< char* >(subjectBufferIpc.pBuffer), subNameLen, pCertListIpc); if (pCertListIpc != null) { - std::unique_ptr<_CertificateListInfo> pCertListAuto(pCertListIpc); + std::unique_ptr< _CertificateListInfo > pCertListAuto(pCertListIpc); pCertList->certFileId = pCertListIpc->certFileId; @@ -221,11 +286,11 @@ _CertServiceStub::OnGetUserCertificateByCertIdN(int certId, int encodingType, _C { _CertInfo* pUserCertificateInfoIpc = null; - *pRet = _CertService::GetUserCertificateByCertIdN(certId, static_cast< _CertEncodingType >(encodingType), pUserCertificateInfoIpc); + *pRet = _CertServer::GetUserCertificateByCertIdN(certId, static_cast< _CertEncodingType >(encodingType), pUserCertificateInfoIpc); if (pUserCertificateInfoIpc != null) { - std::unique_ptr<_CertInfo> pCertInfoAuto(pUserCertificateInfoIpc); + std::unique_ptr< _CertInfo > pCertInfoAuto(pUserCertificateInfoIpc); pUserCertificateList->certId = pUserCertificateInfoIpc->certId; pUserCertificateList->certFormat = pUserCertificateInfoIpc->certFormat; @@ -248,7 +313,7 @@ _CertServiceStub::OnGetUserCertFieldInfoByCertId(int certId, _CertFieldInfos* pC { _CertFieldInfos certInfo; - *pRet = _CertService::GetUserCertFieldInfoByCertId(certId, &certInfo); + *pRet = _CertServer::GetUserCertFieldInfoByCertId(certId, &certInfo); if (!IsFailed(*pRet)) { @@ -286,7 +351,7 @@ bool _CertServiceStub::OnGetName(result* pRet) { *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); *pRet = E_SUCCESS; @@ -295,28 +360,52 @@ CATCH: } bool -_CertServiceStub::OnCloseCertificateStore(int certificateStoreCtx, result* pRet) +_CertServiceStub::OnCloseCertificateStore(int type, result* pRet) { + int index = GetIndexFromCertType(type); + *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + + if (__refCount[index] > 0) + { + __refCount[index] -= 1; + + if (__refCount[index] == 0 && __context[index] != 0) + { + *pRet = _CertServer::CloseCertificateStore(reinterpret_cast< CertificateStoreCtx >(__context[index])); + __context[index] = 0; + } + } - *pRet = _CertService::CloseCertificateStore(reinterpret_cast< CertificateStoreCtx >(certificateStoreCtx)); + *pRet = E_SUCCESS; CATCH: return true; } bool -_CertServiceStub::OnOpenCertificateStoreByType(int type, int* pCount, int* pCertCtx, result* pRet) +_CertServiceStub::OnOpenCertificateStoreByType(int type, int* pCount, result* pRet) { void* pCertList = null; + int index = GetIndexFromCertType(type); *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); - pCertList = _CertService::OpenCertificateStoreByType(static_cast< _CaCertType >(type), pCount); + if (__context[index] == 0) + { + *pCount = 0; + pCertList = _CertServer::OpenCertificateStoreByType(static_cast< _CaCertType >(type), pCount); - *pCertCtx = reinterpret_cast< int >(pCertList); + __context[index] = reinterpret_cast< int >(pCertList); + } + else + { + *pCount = _CertServer::GetCertificateCount(reinterpret_cast< CertificateStoreCtx >(__context[index])); + } + + __refCount[index] += 1; *pRet = E_SUCCESS; @@ -325,12 +414,14 @@ CATCH: } bool -_CertServiceStub::OnGetCertificateCount(int certificateStoreCtx, int* pCertCount, result* pRet) +_CertServiceStub::OnGetCertificateCount(int type, int* pCertCount, result* pRet) { + int index = GetIndexFromCertType(type); + *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); - *pCertCount = _CertService::GetCertificateCount(reinterpret_cast< CertificateStoreCtx >(certificateStoreCtx)); + *pCertCount = _CertServer::GetCertificateCount(reinterpret_cast< CertificateStoreCtx >(__context[index])); *pRet = E_SUCCESS; @@ -339,17 +430,19 @@ CATCH: } bool -_CertServiceStub::OnGetNextCertificate(int certificateStoreCtx, int length, Tizen::Io::_IpcBuffer* pCertBufferIpc, result* pRet) +_CertServiceStub::OnGetNextCertificate(int type, int curPos, int length, Tizen::Io::_IpcBuffer* pCertBufferIpc, int* pNewPos, result* pRet) { char* pBuffer = null; + int index = GetIndexFromCertType(type); *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ); - TryCatchResult( !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); + TryCatchResult(!IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method."); pBuffer = new (std::nothrow) char[length]; - TryCatchResult( pBuffer, *pRet = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY]Allocation failed"); + TryCatchResult(pBuffer, *pRet = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY]Allocation failed"); - *pRet = _CertService::GetNextCertificate(reinterpret_cast< CertificateStoreCtx >(certificateStoreCtx), pBuffer, &length); + *pRet = _CertServer::GetNextCertificate(reinterpret_cast< CertificateStoreCtx >(__context[index]), curPos, pBuffer, &length); + *pNewPos = curPos; CATCH: if (!IsFailed(*pRet)) @@ -366,30 +459,49 @@ CATCH: return true; } +result +_CertServiceStub::UpdateCertStoreContext(int type) +{ + result r = E_SUCCESS; + result* pRet = E_SUCCESS; + void* pCertList = null; + + int index = GetIndexFromCertType(type); + int* pCount = 0; + + if (__refCount[index] > 0) + { + *pRet = _CertServer::CloseCertificateStore(reinterpret_cast< CertificateStoreCtx >(__context[index])); + pCertList = _CertServer::OpenCertificateStoreByType(static_cast< _CaCertType >(type), pCount); + __context[index] = reinterpret_cast< int >(pCertList); + } + return r; +} + void _CertServiceStub::OnIpcRequestReceived(_IpcServer& server, const IPC::Message& message) { IPC_BEGIN_MESSAGE_MAP(_CertServiceStub, message) - IPC_MESSAGE_HANDLER_EX(CertService_GetName, &server, OnGetName) - IPC_MESSAGE_HANDLER_EX(CertService_CloseCertificateStore, &server, OnCloseCertificateStore) - IPC_MESSAGE_HANDLER_EX(CertService_OpenCertificateStoreByType, &server, OnOpenCertificateStoreByType) - IPC_MESSAGE_HANDLER_EX(CertService_GetCertificateCount, &server, OnGetCertificateCount) - IPC_MESSAGE_HANDLER_EX(CertService_GetNextCertificate, &server, OnGetNextCertificate) - IPC_MESSAGE_HANDLER_EX(CertService_UpdateRootCa, &server, OnUpdateRootCa) - IPC_MESSAGE_HANDLER_EX(CertService_RemoveRootCa, &server, OnRemoveRootCa) - IPC_MESSAGE_HANDLER_EX(CertService_UninstallUserRootCertificateByCertId, &server, OnUninstallUserRootCertificateByCertId) - IPC_MESSAGE_HANDLER_EX(CertService_InsertCaCertificate, &server, OnInsertCaCertificate) - IPC_MESSAGE_HANDLER_EX(CertService_InsertUserCaCertificate, &server, OnInsertUserCaCertificate) - IPC_MESSAGE_HANDLER_EX(CertService_InstallUserRootCertificate, &server, OnInstallUserRootCertificate) + IPC_MESSAGE_HANDLER_EX(CertServer_GetName, &server, OnGetName) + IPC_MESSAGE_HANDLER_EX(CertServer_CloseCertificateStore, &server, OnCloseCertificateStore) + IPC_MESSAGE_HANDLER_EX(CertServer_OpenCertificateStoreByType, &server, OnOpenCertificateStoreByType) + IPC_MESSAGE_HANDLER_EX(CertServer_GetCertificateCount, &server, OnGetCertificateCount) + IPC_MESSAGE_HANDLER_EX(CertServer_GetNextCertificate, &server, OnGetNextCertificate) + IPC_MESSAGE_HANDLER_EX(CertServer_UpdateRootCa, &server, OnUpdateRootCa) + IPC_MESSAGE_HANDLER_EX(CertServer_RemoveRootCa, &server, OnRemoveRootCa) + IPC_MESSAGE_HANDLER_EX(CertServer_UninstallUserRootCertificateByCertId, &server, OnUninstallUserRootCertificateByCertId) + IPC_MESSAGE_HANDLER_EX(CertServer_InsertCaCertificate, &server, OnInsertCaCertificate) + IPC_MESSAGE_HANDLER_EX(CertServer_InsertUserCaCertificate, &server, OnInsertUserCaCertificate) + IPC_MESSAGE_HANDLER_EX(CertServer_InstallUserRootCertificate, &server, OnInstallUserRootCertificate) //User Certificates API - IPC_MESSAGE_HANDLER_EX(CertService_InsertUserCertChainPrivateKey, &server, OnInsertUserCertChainPrivateKey) - IPC_MESSAGE_HANDLER_EX(CertService_InsertCertificateChainWithPrivateKey, &server, OnInsertCertificateChainWithPrivateKey) - IPC_MESSAGE_HANDLER_EX(CertService_InstallPkcs12Content, &server, OnInstallPkcs12Content) - IPC_MESSAGE_HANDLER_EX(CertService_DeleteUserCertChainByCertId, &server, OnDeleteUserCertChainByCertId) - IPC_MESSAGE_HANDLER_EX(CertService_GetUserCertChainByIssuerAndSubjectNameN, &server, OnGetUserCertChainByIssuerAndSubjectNameN) - IPC_MESSAGE_HANDLER_EX(CertService_GetUserCertificateByCertIdN, &server, OnGetUserCertificateByCertIdN) - IPC_MESSAGE_HANDLER_EX(CertService_GetUserCertFieldInfoByCertId, &server, OnGetUserCertFieldInfoByCertId) + IPC_MESSAGE_HANDLER_EX(CertServer_InsertUserCertChainPrivateKey, &server, OnInsertUserCertChainPrivateKey) + IPC_MESSAGE_HANDLER_EX(CertServer_InsertCertificateChainWithPrivateKey, &server, OnInsertCertificateChainWithPrivateKey) + IPC_MESSAGE_HANDLER_EX(CertServer_InstallPkcs12Content, &server, OnInstallPkcs12Content) + IPC_MESSAGE_HANDLER_EX(CertServer_DeleteUserCertChainByCertId, &server, OnDeleteUserCertChainByCertId) + IPC_MESSAGE_HANDLER_EX(CertServer_GetUserCertChainByIssuerAndSubjectNameN, &server, OnGetUserCertChainByIssuerAndSubjectNameN) + IPC_MESSAGE_HANDLER_EX(CertServer_GetUserCertificateByCertIdN, &server, OnGetUserCertificateByCertIdN) + IPC_MESSAGE_HANDLER_EX(CertServer_GetUserCertFieldInfoByCertId, &server, OnGetUserCertFieldInfoByCertId) IPC_END_MESSAGE_MAP_EX(); } -- 2.7.4