2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 // @file FSecCert_CertServiceStub.cpp
20 // @brief This is the implementation file for the _CertServiceStub class.
23 #include <unique_ptr.h>
33 #include <FBaseByteBuffer.h>
34 #include <FBaseResult.h>
35 #include <FBaseSysLog.h>
36 #include <FBaseRt_EventDispatcher.h>
37 #include <FIo_IpcServer.h>
38 #include <FSec_AccessController.h>
39 #include <FSec_AccessControlTypes.h>
40 #include <FApp_AppInfo.h>
41 #include "FSecCert_CertServiceStub.h"
42 #include "FSecCert_CertMgrMessages.h"
43 #include "FSecCert_CertService.h"
45 using namespace Tizen::Base;
46 using namespace Tizen::Base::Collection;
47 using namespace Tizen::Base::Runtime;
48 using namespace Tizen::App;
49 using namespace Tizen::Io;
51 namespace Tizen { namespace Security { namespace Cert
54 _CertServiceStub::_CertServiceStub(void)
60 _CertServiceStub::~_CertServiceStub(void)
62 if (__pIpcServer != null)
70 _CertServiceStub::Construct(void)
74 std::unique_ptr<_IpcServer> pIpcServer(new (std::nothrow) _IpcServer());
75 SysTryReturnResult(NID_SEC_CERT, pIpcServer != null, E_OUT_OF_MEMORY, "Failed to allocate memory.");
77 r = pIpcServer->Construct(L"osp.security.ipcserver.certmanager", *this);
78 SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to create IPC server(%s)", GetErrorMessage(r), "CertService");
80 __pIpcServer = pIpcServer.release();
82 _CertService::InitializeDb();
88 _CertServiceStub::OnUpdateRootCa(int type, Tizen::Io::_IpcBuffer certOldBufferIpc, Tizen::Io::_IpcBuffer certNewBufferIpc, result* pRet)
90 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE);
91 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
93 *pRet = _CertService::UpdateCaCertificate(static_cast< _CaCertType >(type), static_cast< char* >(certOldBufferIpc.pBuffer), certOldBufferIpc.size,
94 static_cast< char* >(certNewBufferIpc.pBuffer), certNewBufferIpc.size);
101 _CertServiceStub::OnRemoveRootCa(int type, Tizen::Io::_IpcBuffer certBufferIpc, int bufLen, result* pRet)
104 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE);
105 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
107 *pRet = _CertService::RemoveCaCertificate(static_cast< _CaCertType >(type), static_cast< char* >(certBufferIpc.pBuffer), bufLen);
114 _CertServiceStub::OnInsertCaCertificate(int type, int format, Tizen::Io::_IpcBuffer pCert, long certLen, result* pRet)
116 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE);
117 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
119 *pRet = _CertService::InsertCaCertificate(static_cast< _CaCertType >(type), static_cast< _CertFormat >(format), static_cast< byte* >(pCert.pBuffer), certLen);
125 _CertServiceStub::OnInsertUserCaCertificate(int format, Tizen::Io::_IpcBuffer pCert, int certLen, result* pRet)
127 *pRet = _CertService::InsertUserCaCertificate(static_cast< _CertFormat >(format), static_cast< char* >(pCert.pBuffer), certLen);
133 _CertServiceStub::OnInstallUserRootCertificate(Tizen::Io::_IpcBuffer filePath, result* pRet)
135 *pRet = _CertService::InsertUserCaCertificate(static_cast< byte* >(filePath.pBuffer));
140 //User Certificate APIs
142 _CertServiceStub::OnInsertUserCertChainPrivateKey(Tizen::Io::_IpcBuffer certChainBufferIpc, int certSize, Tizen::Io::_IpcBuffer privateKeyBufferIpc, int userPriKeyLen, result* pRet)
144 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE);
145 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
147 *pRet = _CertService::InsertUserCertChainPrivateKey(static_cast< char* >(certChainBufferIpc.pBuffer), certSize, static_cast< char* >(privateKeyBufferIpc.pBuffer), userPriKeyLen);
154 _CertServiceStub::OnInsertCertificateChainWithPrivateKey(Tizen::Io::_IpcBuffer certChainPrivateKeyBufferIpc, int certChainPrivateKeyLength, result* pRet)
156 *pRet = _CertService::InsertCertificateChainWithPrivateKey(static_cast< char* >(certChainPrivateKeyBufferIpc.pBuffer), certChainPrivateKeyLength);
162 _CertServiceStub::OnInstallPkcs12Content(Tizen::Io::_IpcBuffer pkcs12FilePath, Tizen::Io::_IpcBuffer pkcs12ImportPassword, result* pRet)
164 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE);
165 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
167 *pRet = _CertService::InsertPkcs12Content(static_cast< char* >(pkcs12FilePath.pBuffer), static_cast< char* >(pkcs12ImportPassword.pBuffer));
174 _CertServiceStub::OnDeleteUserCertificateByCertId(int certId, result* pRet)
176 *pRet = _CertService::RemoveUserCertificateByCertId(certId);
182 _CertServiceStub::OnDeleteUserCertChainByCertId(int certId, result* pRet)
184 *pRet = _CertService::RemoveUserCertChainByCertId(certId);
190 _CertServiceStub::OnUninstallUserRootCertificateByCertId(int certId, result* pRet)
192 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_WRITE);
193 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
195 *pRet = _CertService::RemoveUserCaCertificateByCertId(certId);
202 _CertServiceStub::OnGetUserCertChainByIssuerAndSubjectNameN(Tizen::Io::_IpcBuffer issuerBufferIpc, int issuerNameLen, Tizen::Io::_IpcBuffer subjectBufferIpc, int subNameLen, _CertificateListInfo* pCertList, result* pRet)
204 _CertificateListInfo* pCertListIpc = null;
206 *pRet = _CertService::GetUserCertChainByIssuerAndSubjectNameN(static_cast< char* >(issuerBufferIpc.pBuffer), issuerNameLen, static_cast< char* >(subjectBufferIpc.pBuffer), subNameLen, pCertListIpc);
208 if (pCertListIpc != null)
210 std::unique_ptr<_CertificateListInfo> pCertListAuto(pCertListIpc);
212 pCertList->certFileId = pCertListIpc->certFileId;
214 pCertList->format = pCertListIpc->format;
215 pCertList->certType = pCertListIpc->certType;
216 pCertList->length = pCertListIpc->length;
217 pCertList->priKeyLen = pCertListIpc->priKeyLen;
219 memcpy(pCertList->certificate, pCertListIpc->certificate, _MAX_CERTIFICATE_SIZE);
220 memcpy(pCertList->privatekey, pCertListIpc->privatekey, _MAX_CERT_PRIVATE_KEY_SIZE);
222 pCertList->pNext = pCertListIpc->pNext;
226 memset(pCertList, 0, sizeof(*pCertList));
233 _CertServiceStub::OnGetUserCertificateByCertIdN(int certId, int encodingType, _CertInfo* pUserCertificateList, result* pRet)
235 _CertInfo* pUserCertificateInfoIpc = null;
237 *pRet = _CertService::GetUserCertificateByCertIdN(certId, static_cast< _CertEncodingType >(encodingType), pUserCertificateInfoIpc);
239 if (pUserCertificateInfoIpc != null)
241 std::unique_ptr<_CertInfo> pCertInfoAuto(pUserCertificateInfoIpc);
243 pUserCertificateList->certId = pUserCertificateInfoIpc->certId;
244 pUserCertificateList->certFormat = pUserCertificateInfoIpc->certFormat;
245 pUserCertificateList->certType = pUserCertificateInfoIpc->certType;
246 pUserCertificateList->certLength = pUserCertificateInfoIpc->certLength;
247 pUserCertificateList->privateKeyLen = pUserCertificateInfoIpc->privateKeyLen;
249 memcpy(pUserCertificateList->certificate, pUserCertificateInfoIpc->certificate, _MAX_CERTIFICATE_SIZE);
250 memcpy(pUserCertificateList->privatekey, pUserCertificateInfoIpc->privatekey, _MAX_CERT_PRIVATE_KEY_SIZE);
254 memset(pUserCertificateList, 0, sizeof(*pUserCertificateList));
260 _CertServiceStub::OnGetUserCertFieldInfoByCertId(int certId, _CertFieldInfos* pCertInfoBufferIpc, result* pRet)
262 _CertFieldInfos certInfo;
264 *pRet = _CertService::GetUserCertFieldInfoByCertId(certId, &certInfo);
266 if (!IsFailed(*pRet))
268 pCertInfoBufferIpc->certType = certInfo.certType;
269 pCertInfoBufferIpc->certFileId = certInfo.certFileId;
271 memcpy(pCertInfoBufferIpc->serialNo, certInfo.serialNo, _MAX_SERIAL_NUMBER_SIZE + 1);
272 memcpy(pCertInfoBufferIpc->sigAlgorithm, certInfo.sigAlgorithm, _MAX_CERT_ALGORITHM_SIZE + 1);
273 memcpy(pCertInfoBufferIpc->validityFrom, certInfo.validityFrom, _MAX_CERT_VALIDITY_SIZE + 1);
274 memcpy(pCertInfoBufferIpc->validityTo, certInfo.validityTo, _MAX_CERT_VALIDITY_SIZE + 1);
275 memcpy(pCertInfoBufferIpc->subjectName, certInfo.subjectName, _MAX_ISSUER_SUBJECT_NAME_SIZE + 1);
276 memcpy(pCertInfoBufferIpc->issuerName, certInfo.issuerName, _MAX_ISSUER_SUBJECT_NAME_SIZE + 1);
277 memcpy(pCertInfoBufferIpc->fingerPrint, certInfo.fingerPrint, _MAX_CERT_FINGERPRINT_SIZE + 1);
279 pCertInfoBufferIpc->fingerPrintLen = certInfo.fingerPrintLen;
281 memcpy(pCertInfoBufferIpc->publicKey, certInfo.publicKey, _MAX_CERT_PUBLIC_KEY_SIZE + 1);
282 memcpy(static_cast< void* >(pCertInfoBufferIpc->certTypeFormat), static_cast< const void* >(certInfo.certTypeFormat), _MAX_CERT_TYPE_SIZE + 1);
284 pCertInfoBufferIpc->certVersion = certInfo.certVersion;
286 memcpy(pCertInfoBufferIpc->certTitle, certInfo.certTitle, _MAX_ISSUER_SUBJECT_NAME_SIZE + 1);
287 memcpy(pCertInfoBufferIpc->certSubTitle, certInfo.certSubTitle, _MAX_ISSUER_SUBJECT_NAME_SIZE + 1);
292 memset(pCertInfoBufferIpc, 0, sizeof(*pCertInfoBufferIpc));
299 _CertServiceStub::OnGetName(result* pRet)
301 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ);
302 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
311 _CertServiceStub::OnCloseCertificateStore(int certificateStoreCtx, result* pRet)
313 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ);
314 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
316 *pRet = _CertService::CloseCertificateStore(reinterpret_cast< CertificateStoreCtx >(certificateStoreCtx));
323 _CertServiceStub::OnOpenCertificateStoreByType(int type, int* pCount, int* pCertCtx, result* pRet)
325 void* pCertList = null;
327 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ);
328 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
330 pCertList = _CertService::OpenCertificateStoreByType(static_cast< _CaCertType >(type), pCount);
332 *pCertCtx = reinterpret_cast< int >(pCertList);
341 _CertServiceStub::OnGetCertificateCount(int certificateStoreCtx, int* pCertCount, result* pRet)
343 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ);
344 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
346 *pCertCount = _CertService::GetCertificateCount(reinterpret_cast< CertificateStoreCtx >(certificateStoreCtx));
355 _CertServiceStub::OnGetNextCertificate(int certificateStoreCtx, int length, Tizen::Io::_IpcBuffer* pCertBufferIpc, result* pRet)
357 char* pBuffer = null;
359 *pRet = _AccessController::CheckSystemPrivilege(__pIpcServer->GetClientAppId(), _PRV_CERTIFICATE_READ);
360 SysTryCatch(NID_SEC_CERT, !IsFailed(*pRet), *pRet = E_PRIVILEGE_DENIED, E_PRIVILEGE_DENIED, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
362 pBuffer = new (std::nothrow) char[length];
363 SysTryCatch(NID_SEC_CERT, pBuffer, *pRet = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY]Allocation failed");
365 *pRet = _CertService::GetNextCertificate(reinterpret_cast< CertificateStoreCtx >(certificateStoreCtx), pBuffer, &length);
368 if (!IsFailed(*pRet))
370 pCertBufferIpc->size = length;
371 pCertBufferIpc->pBuffer = pBuffer;
375 pCertBufferIpc->size = 0;
376 pCertBufferIpc->pBuffer = null;
383 _CertServiceStub::OnIpcRequestReceived(_IpcServer& server, const IPC::Message& message)
385 IPC_BEGIN_MESSAGE_MAP(_CertServiceStub, message)
386 IPC_MESSAGE_HANDLER_EX(CertService_GetName, &server, OnGetName)
387 IPC_MESSAGE_HANDLER_EX(CertService_CloseCertificateStore, &server, OnCloseCertificateStore)
388 IPC_MESSAGE_HANDLER_EX(CertService_OpenCertificateStoreByType, &server, OnOpenCertificateStoreByType)
389 IPC_MESSAGE_HANDLER_EX(CertService_GetCertificateCount, &server, OnGetCertificateCount)
390 IPC_MESSAGE_HANDLER_EX(CertService_GetNextCertificate, &server, OnGetNextCertificate)
391 IPC_MESSAGE_HANDLER_EX(CertService_UpdateRootCa, &server, OnUpdateRootCa)
392 IPC_MESSAGE_HANDLER_EX(CertService_RemoveRootCa, &server, OnRemoveRootCa)
393 IPC_MESSAGE_HANDLER_EX(CertService_UninstallUserRootCertificateByCertId, &server, OnUninstallUserRootCertificateByCertId)
394 IPC_MESSAGE_HANDLER_EX(CertService_InsertCaCertificate, &server, OnInsertCaCertificate)
395 IPC_MESSAGE_HANDLER_EX(CertService_InsertUserCaCertificate, &server, OnInsertUserCaCertificate)
396 IPC_MESSAGE_HANDLER_EX(CertService_InstallUserRootCertificate, &server, OnInstallUserRootCertificate)
398 //User Certificates API
399 IPC_MESSAGE_HANDLER_EX(CertService_InsertUserCertChainPrivateKey, &server, OnInsertUserCertChainPrivateKey)
400 IPC_MESSAGE_HANDLER_EX(CertService_InsertCertificateChainWithPrivateKey, &server, OnInsertCertificateChainWithPrivateKey)
401 IPC_MESSAGE_HANDLER_EX(CertService_InstallPkcs12Content, &server, OnInstallPkcs12Content)
402 IPC_MESSAGE_HANDLER_EX(CertService_DeleteUserCertChainByCertId, &server, OnDeleteUserCertChainByCertId)
403 IPC_MESSAGE_HANDLER_EX(CertService_DeleteUserCertificateByCertId, &server, OnDeleteUserCertificateByCertId)
404 IPC_MESSAGE_HANDLER_EX(CertService_GetUserCertChainByIssuerAndSubjectNameN, &server, OnGetUserCertChainByIssuerAndSubjectNameN)
405 IPC_MESSAGE_HANDLER_EX(CertService_GetUserCertificateByCertIdN, &server, OnGetUserCertificateByCertIdN)
406 IPC_MESSAGE_HANDLER_EX(CertService_GetUserCertFieldInfoByCertId, &server, OnGetUserCertFieldInfoByCertId)
408 IPC_END_MESSAGE_MAP_EX();
413 _CertServiceStub::OnIpcServerStarted(const _IpcServer& server)
419 _CertServiceStub::OnIpcServerStopped(const _IpcServer& server)
425 _CertServiceStub::OnIpcClientConnected(const _IpcServer& server, int clientId)
431 _CertServiceStub::OnIpcClientDisconnected(const _IpcServer& server, int clientId)