2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSecCertCertificate.cpp
20 * @brief This is the implementation file for X509Certificate class.
22 * This header file contains the implementation of X509Certificate class.
28 #include <unique_ptr.h>
29 #include <FBaseResult.h>
30 #include <FSecCertTypes.h>
31 #include <FSecCertX509Certificate.h>
32 #include <FSecPublicKey.h>
33 #include <FBaseSysLog.h>
34 #include <FSecCert_CertService.h>
37 using namespace Tizen::Base;
39 namespace Tizen { namespace Security { namespace Cert
42 static const int _MAX_PUBLIC_KEY_BUFFER_SIZE = 4096;
43 static const int _MAX_SIGNATURE_BUFFER_SIZE = 1024;
45 X509Certificate::X509Certificate(void)
47 , __pX509CertificateImpl(null)
52 X509Certificate::~X509Certificate(void)
55 if (__certHandle != 0)
57 _CertService::CloseCertificate(&__certHandle);
64 X509Certificate::Construct(const Tizen::Base::ByteBuffer& input)
70 SysAssertf(__certHandle == 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class");
72 pBuffer = const_cast< byte* >(input.GetPointer());
73 SysTryReturnResult(NID_SEC_CERT, pBuffer != null, E_INVALID_ARG, "Invalid input argument passed.");
75 length = input.GetRemaining();
76 SysTryReturnResult(NID_SEC_CERT, length > 0, E_INVALID_ARG, "Input buffer length is not positive.");
78 r = _CertService::OpenCertificate(reinterpret_cast< char* >(pBuffer), length, &__certHandle);
79 SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "Failed to open certificates.");
81 __certFormat = L"X509";
87 X509Certificate::GetFormat(void) const
95 X509Certificate::GetType(void) const
98 CertificateType certType = UNKNOWN_TYPE;
99 _CaCertType type = _CERT_TYPE_NOT_BOUNDED;
103 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
105 r = _CertService::CheckCertType(__certHandle, &type);
106 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate type.");
110 case _CERT_TYPE_ROOT_CA:
112 case _CERT_TYPE_DEV_ROOT_CA:
114 case _CERT_TYPE_ROOT_CA_BY_USER:
118 case _CERT_TYPE_ROOT_DOMAIN1:
120 case _CERT_TYPE_SIM_ROOT_DOMAIN1:
122 case _CERT_TYPE_DEV_ROOT_DOMAIN1:
123 certType = OPERATOR_DOMAIN;
126 case _CERT_TYPE_ROOT_DOMAIN3:
128 case _CERT_TYPE_SIM_ROOT_DOMAIN3:
130 case _CERT_TYPE_DEV_ROOT_DOMAIN3:
131 certType = TRUSTED_THIRD_PARTY_DOMAIN;
135 certType = UNKNOWN_TYPE;
144 X509Certificate::GetEncodedDataN(void) const
146 result r = E_SUCCESS;
148 char* pBufferValue = null;
152 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
154 r = _CertService::GetCertBufferN(__certHandle, pBufferValue, &length);
156 std::unique_ptr< char[] > pBuffer(pBufferValue);
158 SysTryReturn(NID_SEC_CERT, pBuffer != null, null, E_SYSTEM, "[E_SYSTEM] Failed to get encoded data of certificate.");
159 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] Failed to get encoded data of certificate.");
160 SysTryReturn(NID_SEC_CERT, length > 0, null, E_SYSTEM, "[E_SYSTEM] Failed to get encoded data of certificate.");
162 std::unique_ptr< ByteBuffer > pEncCert(new (std::nothrow) ByteBuffer());
163 SysTryReturn(NID_SEC_CERT, pEncCert != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory");
165 r = pEncCert->Construct(length);
166 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
168 r = pEncCert->SetArray(reinterpret_cast< byte* >(pBuffer.get()), 0, length);
169 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
173 return pEncCert.release();
177 X509Certificate::Verify(const Tizen::Security::IPublicKey& publicKey)
179 result r = E_SUCCESS;
181 byte* pPublickey = null;
183 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
185 std::unique_ptr< ByteBuffer > pPubKeyBuffer(publicKey.GetEncodedN());
186 SysTryReturn(NID_SEC_CERT, pPubKeyBuffer != null, false, GetLastResult(), "[%s] Propagated.", GetErrorMessage(GetLastResult()));
188 pPublickey = const_cast< byte* >(pPubKeyBuffer->GetPointer());
189 SysTryReturn(NID_SEC_CERT, pPublickey != null, false, E_INVALID_ARG, "[E_INVALID_ARG] Invalid input argument passed.");
191 keyLen = pPubKeyBuffer->GetRemaining();
192 SysTryReturn(NID_SEC_CERT, keyLen > 0, false, E_INVALID_ARG, "[E_INVALID_ARG] Public key buffer length is not positive.");
194 r = _CertService::VerifyCert(__certHandle, pPublickey, keyLen);
195 SysTryReturn(NID_SEC_CERT, !IsFailed(r), false, E_SYSTEM, "[E_SYSTEM] Certificate verification failed.");
201 X509Certificate::GetSpecVersion(void) const
205 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
207 return _CertService::GetCertVersion(__certHandle);
212 X509Certificate::CheckValidityPeriod(void)
214 result r = E_SUCCESS;
215 _CertValidityType type = _CERT_VALIDITY_UNKNOWN;
216 ValidityPeriod validity = VALIDITY_PERIOD_EXPIRED;
220 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
222 r = _CertService::CheckCertValidity(__certHandle, &type);
223 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate validity information.");
227 case _CERT_VALIDITY_VALID:
228 validity = VALIDITY_PERIOD_VALID;
231 case _CERT_VALIDITY_EXPIRED:
232 validity = VALIDITY_PERIOD_EXPIRED;
235 case _CERT_VALIDITY_NOT_YET_VALID:
236 validity = VALIDITY_PERIOD_NOT_YET_VALID;
249 X509Certificate::GetSerialNumber(void) const
251 result r = E_SUCCESS;
252 _CertFieldInfos certInfo;
253 Tizen::Base::String dataString;
257 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
259 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_SERIAL, &certInfo);
260 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate serial number information.");
262 dataString = certInfo.serialNo;
269 X509Certificate::GetSignatureAlgorithm(void) const
271 result r = E_SUCCESS;
272 _CertFieldInfos certInfo;
273 Tizen::Base::String dataString;
277 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
279 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_SIGALGORITHM, &certInfo);
280 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate signature algorithm information.");
282 dataString = certInfo.sigAlgorithm;
289 X509Certificate::GetNotBefore(void) const
291 result r = E_SUCCESS;
292 _CertFieldInfos certInfo;
293 Tizen::Base::String dataString;
297 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
299 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_VALIDITY, &certInfo);
300 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate validity information.");
302 dataString = certInfo.validityFrom;
309 X509Certificate::GetNotAfter(void) const
311 result r = E_SUCCESS;
312 _CertFieldInfos certInfo;
313 Tizen::Base::String dataString;
317 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
319 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_VALIDITY, &certInfo);
320 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate validity information.");
322 dataString = certInfo.validityTo;
330 X509Certificate::GetSubject(void) const
332 result r = E_SUCCESS;
333 _CertFieldInfos certInfo;
334 Tizen::Base::String dataString;
338 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
340 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_SUBJECT, &certInfo);
341 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate issuer information.");
343 dataString = certInfo.subjectName;
350 X509Certificate::GetIssuer(void) const
352 result r = E_SUCCESS;
353 _CertFieldInfos certInfo;
354 Tizen::Base::String dataString;
358 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
360 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_ISSUER, &certInfo);
361 SysTryCatch(NID_SEC_CERT, !IsFailed(r), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed to get certificate issuer information.");
363 dataString = certInfo.issuerName;
371 X509Certificate::GetSignatureN(void) const
373 result r = E_SUCCESS;
374 byte buffer[_MAX_SIGNATURE_BUFFER_SIZE] = {0, };
375 int bufLen = sizeof(buffer);
379 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
381 r = _CertService::GetCertSignature(__certHandle, reinterpret_cast< char* >(buffer), &bufLen);
382 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] Failed to get certificate signature.");
384 std::unique_ptr< ByteBuffer > pSignatureBuffer(new (std::nothrow) ByteBuffer());
385 SysTryReturn(NID_SEC_CERT, pSignatureBuffer != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
387 r = pSignatureBuffer->Construct(bufLen);
388 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
390 r = pSignatureBuffer->SetArray(static_cast< const byte* >(buffer), 0, bufLen);
391 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
393 pSignatureBuffer->Flip();
395 return pSignatureBuffer.release();
399 X509Certificate::GetFingerprintN(void) const
401 result r = E_SUCCESS;
402 _CertFieldInfos certInfo;
406 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
408 r = _CertService::GetCertInfo(__certHandle, _CERT_FIELD_FINGERPRINT, &certInfo);
409 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] Failed To get certificate fingerprint information.");
411 std::unique_ptr< ByteBuffer > pFingerprint(new (std::nothrow) ByteBuffer());
412 SysTryReturn(NID_SEC_CERT, pFingerprint != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
414 r = pFingerprint->Construct(certInfo.fingerPrintLen);
415 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
417 r = pFingerprint->SetArray(reinterpret_cast< const byte* >(certInfo.fingerPrint), 0, certInfo.fingerPrintLen);
418 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
420 pFingerprint->Flip();
422 return pFingerprint.release();
425 Tizen::Security::IPublicKey*
426 X509Certificate::GetPublicKeyN(void) const
428 result r = E_SUCCESS;
429 ByteBuffer keyBuffer;
430 byte buffer[_MAX_PUBLIC_KEY_BUFFER_SIZE] = {0, };
431 int bufLen = sizeof(buffer);
435 SysAssertf(__certHandle != 0, "Not yet constructed. Construct() should be called before use.");
437 r = _CertService::GetCertPublicKey(__certHandle, reinterpret_cast< char* >(buffer), static_cast< int* >(&bufLen));
438 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_KEY_NOT_FOUND, "[E_KEY_NOT_FOUND] Failed to get certificate public key information.");
440 r = keyBuffer.Construct(bufLen);
441 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, r, "[%s] Propagated.", GetErrorMessage(r));
443 r = keyBuffer.SetArray(static_cast< const byte* >(buffer), 0, bufLen);
444 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
448 std::unique_ptr< IPublicKey > pPubKey(dynamic_cast< IPublicKey* >(new (std::nothrow) PublicKey()));
449 SysTryReturn(NID_SEC_CERT, pPubKey != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
451 r = pPubKey->SetKey(keyBuffer);
452 SysTryReturn(NID_SEC_CERT, !IsFailed(r), null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
454 return pPubKey.release();
457 } } } //Tizen::Security::Cert