os/security/securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,379 @@
1.4 +/*
1.5 +* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include "filecertstore.h"
1.23 +#include "appuidmap.h"
1.24 +#include "logger.h"
1.25 +#include "stringconv.h"
1.26 +#include "utils.h"
1.27 +#include <iomanip>
1.28 +
1.29 +EncDecContainerItem *AppUidListEntry::Factory()
1.30 +{
1.31 + return new AppUidListEntry(AppUidMap::EnumEntries());
1.32 +}
1.33 +
1.34 +AppUidListEntry::AppUidListEntry(const EnumEntry *aEnumEntries)
1.35 + : EncDecContainerItem(), iUid("Application", aEnumEntries)
1.36 +{
1.37 +}
1.38 +
1.39 +AppUidListEntry::~AppUidListEntry()
1.40 +{
1.41 +}
1.42 +
1.43 +const char *AppUidListEntry::ItemType() const
1.44 +{
1.45 + return 0; // n/a
1.46 +}
1.47 +
1.48 +
1.49 +void AppUidListEntry::Encode(REncodeWriteStream &aWriteStream)
1.50 +{
1.51 + aWriteStream << iUid;
1.52 +}
1.53 +
1.54 +void AppUidListEntry::Decode(RDecodeReadStream &aReadStream)
1.55 +{
1.56 + aReadStream >> iUid;
1.57 +}
1.58 +
1.59 +
1.60 +EncDecContainerItem *CertStoreEntry::Factory()
1.61 +{
1.62 + return new CertStoreEntry;
1.63 +}
1.64 +
1.65 +
1.66 +static const EnumEntry enumDetailsForTBool[] =
1.67 +{
1.68 + { "false", 0x00},
1.69 + { "true", 0x01},
1.70 + { "EFalse", false},
1.71 + { "ETrue", true},
1.72 + { 0,0 }
1.73 +};
1.74 +
1.75 +
1.76 +CertStoreEntry::CertStoreEntry()
1.77 + : EncDecContainerItem(),
1.78 + iCertInfo(false),
1.79 + iCertApps("ApplicationList", AppUidListEntry::Factory),
1.80 + iTrusted("Trusted", enumDetailsForTBool),
1.81 + iReadDataStreamId("DataStreamId(read)", true),
1.82 + iWriteDataStreamId("DataStreamId(write)", false),
1.83 + iDataFileName("DataFileName"),
1.84 + iCertData(),
1.85 + iSwiMode(false)
1.86 +{
1.87 + // We only need to initialise EncDecObject members which wrap non-class types
1.88 + iReadDataStreamId.Value() = 0;
1.89 + iWriteDataStreamId.Value() = 0;
1.90 +}
1.91 +
1.92 +CertStoreEntry::CertStoreEntry(bool aSwiMode)
1.93 + : EncDecContainerItem(),
1.94 + iCertInfo(aSwiMode),
1.95 + iCertApps("ApplicationList", AppUidListEntry::Factory),
1.96 + iTrusted("Trusted", enumDetailsForTBool),
1.97 + iReadDataStreamId("DataStreamId(read)", true),
1.98 + iWriteDataStreamId("DataStreamId(write)", false),
1.99 + iDataFileName("DataFileName"),
1.100 + iCertData(),
1.101 + iSwiMode(aSwiMode)
1.102 +{
1.103 + // We only need to initialise EncDecObject members which wrap non-class types
1.104 + iReadDataStreamId.Value() = 0;
1.105 + iWriteDataStreamId.Value() = 0;
1.106 +}
1.107 +
1.108 +CertStoreEntry::~CertStoreEntry()
1.109 +{
1.110 +}
1.111 +
1.112 +const TCertLabel &CertStoreEntry::Label() const
1.113 +{
1.114 + return iCertInfo.Label();
1.115 +}
1.116 +
1.117 +CertInfo &CertStoreEntry::Info()
1.118 +{
1.119 + return iCertInfo;
1.120 +}
1.121 +
1.122 +const CertInfo &CertStoreEntry::Info() const
1.123 +{
1.124 + return iCertInfo;
1.125 +}
1.126 +
1.127 +
1.128 +
1.129 +const char *CertStoreEntry::ItemType() const
1.130 +{
1.131 + return "Entry";
1.132 +}
1.133 +
1.134 +std::string CertStoreEntry::ItemName() const
1.135 +{
1.136 + return stringFromUtf16(Label());
1.137 +}
1.138 +
1.139 +
1.140 +void CertStoreEntry::SetItemName(const std::string &aName)
1.141 +{
1.142 + TInt outputWords;
1.143 + TText *outputBuf = utf16FromUtf8((const TUint8 *)aName.data(), aName.size(), outputWords);
1.144 + iCertInfo.Label() = TPtrC16(outputBuf, outputWords);
1.145 + delete [] outputBuf;
1.146 +}
1.147 +
1.148 +
1.149 +void CertStoreEntry::Encode(REncodeWriteStream &aWriteStream)
1.150 +{
1.151 + iCertInfo.Encode(aWriteStream);
1.152 + aWriteStream << iCertApps;
1.153 + aWriteStream << iTrusted;
1.154 + if(aWriteStream.HumanReadable())
1.155 + {
1.156 + // Write data to a file
1.157 +
1.158 + // Generate a file name
1.159 + std::string certFileName = aWriteStream.CertFileName(iCertInfo.CertificateFormat(), iCertInfo.OutputCertificateId());
1.160 + iDataFileName.Value().Copy(TPtrC8((const TUint8*)certFileName.data(), certFileName.size()));
1.161 +
1.162 + // Write file name
1.163 + aWriteStream << iDataFileName;
1.164 +
1.165 + std::fstream certDataFile;
1.166 + OpenUtf8FStreamForWrite(certDataFile, certFileName.c_str());
1.167 + if(certDataFile.fail())
1.168 + {
1.169 + dbg << Log::Indent() << "Failed to open '" << certDataFile << "' for output!" << Log::Endl();
1.170 + FatalError();
1.171 + }
1.172 + if((iCertInfo.CertificateFormat() == EX509Certificate) && aWriteStream.PemOut())
1.173 + {
1.174 + std::string pemCert;
1.175 + Der2Pem(iCertData, pemCert);
1.176 + certDataFile.write(pemCert.data(), pemCert.size());
1.177 + }
1.178 + else
1.179 + {
1.180 + certDataFile.write(iCertData.data(), iCertData.size());
1.181 + }
1.182 +
1.183 + certDataFile.close();
1.184 + if(certDataFile.fail())
1.185 + {
1.186 + dbg << Log::Indent() << "Failed to write cert data to '" << certDataFile << Log::Endl();
1.187 + FatalError();
1.188 + }
1.189 + aWriteStream << iReadDataStreamId;
1.190 + }
1.191 + else
1.192 + {
1.193 + // Write to the store
1.194 + if(iCertData.size() != iCertInfo.CertSize())
1.195 + {
1.196 + dbg << Log::Indent() << "Internal error - cert data size does not match meta data" << Log::Endl();
1.197 + FatalError();
1.198 + }
1.199 +
1.200 + RStoreWriteStream dataStream;
1.201 + TStreamId dataStreamId = dataStream.CreateLC(*aWriteStream.StoreObject());
1.202 + prog << Log::Indent() << "Created store stream " << dataStreamId << " for certificate data" << Log::Endl();
1.203 + iWriteDataStreamId.Value() = dataStreamId;
1.204 +
1.205 + prog << Log::Indent() << "Writing " << iCertData.size() << " bytes of binary data" << Log::Endl();
1.206 + dataStream.WriteL((const TUint8 *)iCertData.data(), iCertData.size());
1.207 +
1.208 + CleanupStack::PopAndDestroy(&dataStream);
1.209 + aWriteStream << iWriteDataStreamId;
1.210 + }
1.211 +}
1.212 +
1.213 +void CertStoreEntry::Decode(RDecodeReadStream &aReadStream)
1.214 +{
1.215 + iCertInfo.Decode(aReadStream);
1.216 + aReadStream >> iCertApps;
1.217 + if((!aReadStream.HumanReadable()) ||
1.218 + (aReadStream.PeakToken() == iTrusted.Name()))
1.219 + {
1.220 + aReadStream >> iTrusted;
1.221 + }
1.222 + else
1.223 + {
1.224 + iTrusted.SetValue(true);
1.225 + }
1.226 + aReadStream >> iReadDataStreamId;
1.227 + if(aReadStream.HumanReadable())
1.228 + {
1.229 + aReadStream >> iDataFileName;
1.230 + // Read data from the specified file
1.231 + std::string nFileName = stringFromUtf16(iDataFileName.Value());
1.232 +
1.233 + std::fstream certDataFile;
1.234 + OpenUtf8FStreamForRead(certDataFile, nFileName.c_str());
1.235 + if(certDataFile.fail())
1.236 + {
1.237 + dbg << Log::Indent() << "Failed to open '" << nFileName << "' for input!" << Log::Endl();
1.238 + FatalError();
1.239 + }
1.240 +
1.241 + certDataFile.seekg(0, std::ios_base::end);
1.242 + TUint32 certSize = certDataFile.tellg();
1.243 +
1.244 + char *rawCertData = new char[certSize];
1.245 +
1.246 + certDataFile.seekg(0, std::ios_base::beg);
1.247 + certDataFile.read(rawCertData, certSize);
1.248 +
1.249 + certDataFile.close();
1.250 + if(certDataFile.fail())
1.251 + {
1.252 + dbg << Log::Indent() << "Failed to read cert data from '" << certDataFile << Log::Endl();
1.253 + FatalError();
1.254 + }
1.255 + iCertData.assign(rawCertData, certSize);
1.256 + delete [] rawCertData;
1.257 +
1.258 + if(iCertInfo.CertificateFormat() == EX509Certificate)
1.259 + {
1.260 + // It might be a PEM cert
1.261 + std::string derFromPem;
1.262 + if(Pem2Der(iCertData, derFromPem))
1.263 + {
1.264 + prog << Log::Indent() << "Converted PEM cert to DER" << Log::Endl();
1.265 + iCertData = derFromPem;
1.266 + certSize = iCertData.size();
1.267 + }
1.268 + }
1.269 + iCertInfo.SetCertSize(certSize);
1.270 + }
1.271 + else
1.272 + {
1.273 + // Read data from the store
1.274 + RStoreReadStream dataStream;
1.275 + dataStream.OpenLC(*aReadStream.iStore, iReadDataStreamId.Value());
1.276 +
1.277 + TUint32 certSize = iCertInfo.CertSize();
1.278 + TUint8 * certData = new TUint8[certSize];
1.279 +
1.280 + prog << Log::Indent() << "Reading " << certSize << " byte certificate from store stream " << iReadDataStreamId.Value() << Log::Endl();
1.281 +
1.282 + dataStream.ReadL(certData, certSize);
1.283 +
1.284 + iCertData.assign((const char *)certData, certSize);
1.285 +
1.286 + CleanupStack::PopAndDestroy(&dataStream);
1.287 + }
1.288 +
1.289 + if(iCertInfo.CertificateFormat() == EX509Certificate)
1.290 + {
1.291 + TKeyIdentifier subjectKeyId;
1.292 + bool isCA = ( iCertInfo.CertificateOwnerType() != EUserCertificate );
1.293 +
1.294 + // nb. If processing a swicertstore we ignore any SubjectKeyId in the extension.
1.295 + if(X509SubjectKeyId((iSwiMode)?(KIgnoreCertificateExtension) : (KUseCertificateExtension),
1.296 + false, isCA,
1.297 + iCertData,
1.298 + iCertSubject, subjectKeyId))
1.299 + {
1.300 + prog << Log::Indent() << "Subject = '" << iCertSubject << "'" << Log::Endl();
1.301 +
1.302 + prog << Log::Indent() << "Calculated SubjectKeyId is ";
1.303 + const TUint8 *p = subjectKeyId.Ptr();
1.304 + for(int i=0; i<subjectKeyId.Length(); ++i)
1.305 + {
1.306 + if(i) prog << ":";
1.307 + prog.Stream() << std::setfill('0') << std::setw(2) << int(p[i]);
1.308 + }
1.309 + prog.Stream() << std::setw(0);
1.310 + prog << Log::Endl();
1.311 +
1.312 + if(aReadStream.HumanReadable() && iCertInfo.SubjectKeyId().iAutoKey)
1.313 + {
1.314 + // Reading config file and auto set so copy generated
1.315 + // SubjectKeyId to value.
1.316 + prog << Log::Indent() << "Field set to auto so using calculated SubjectKeyId" << Log::Endl();;
1.317 + iCertInfo.SubjectKeyId().iHash = subjectKeyId;
1.318 + }
1.319 + else
1.320 + {
1.321 + // If the read value matches the calculated value then
1.322 + // set iAutoKey so we dump it as auto (with the value
1.323 + // as a comment).
1.324 + if(iCertInfo.SubjectKeyId().iHash == subjectKeyId)
1.325 + {
1.326 + prog << Log::Indent() << "Calculated SubjectKeyId matches value read from input so setting to auto" << Log::Endl();;
1.327 + iCertInfo.SubjectKeyId().iAutoKey = true;
1.328 + }
1.329 + else
1.330 + {
1.331 + prog << Log::Indent() << "Calculated SubjectKeyId does NOT match value read from input so setting to value read" << Log::Endl();;
1.332 + }
1.333 +
1.334 + }
1.335 + }
1.336 + }
1.337 +}
1.338 +
1.339 +CertStoreEntry& CertStoreEntry::operator= (const CertStoreEntry& aRhs)
1.340 +{
1.341 + if(this == &aRhs) return *this; // handle self assignment
1.342 +
1.343 + EncDecContainerItem::operator=(*static_cast<const EncDecContainerItem *>(&aRhs));
1.344 +
1.345 + iCertInfo = aRhs.iCertInfo;
1.346 +
1.347 + iCertApps.reset();
1.348 + for(TUint32 i=0; i<aRhs.iCertApps.size(); ++i)
1.349 + {
1.350 + AppUidListEntry *newApp = new AppUidListEntry(AppUidMap::EnumEntries());
1.351 + const AppUidListEntry *oldApp = static_cast<const AppUidListEntry *>(&aRhs.iCertApps[i]);
1.352 + *newApp = *oldApp;
1.353 + iCertApps.push_back(newApp);
1.354 + }
1.355 +
1.356 + iTrusted = aRhs.iTrusted;
1.357 + iReadDataStreamId = aRhs.iReadDataStreamId;
1.358 + iWriteDataStreamId = aRhs.iWriteDataStreamId;
1.359 + iDataFileName = aRhs.iDataFileName;
1.360 + iCertData = aRhs.iCertData;
1.361 +
1.362 + iCertSubject = aRhs.iCertSubject;
1.363 +
1.364 + iSwiMode = aRhs.iSwiMode;
1.365 +
1.366 + return *this;
1.367 +}
1.368 +
1.369 +const TUint8 * CertStoreEntry::CertData() const
1.370 +{
1.371 + return (const TUint8 *)iCertData.data();
1.372 +}
1.373 +
1.374 +
1.375 +const std::string &CertStoreEntry::CertSubject() const
1.376 +{
1.377 + return iCertSubject;
1.378 +}
1.379 +
1.380 +
1.381 +
1.382 +// End of file