First public contribution.
2 * Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
22 #include <ecom/ecom.h>
23 #include <ecom/implementationproxy.h>
25 #include "CertRecog.h"
27 #include "x509certext.h"
31 const TInt KCertificateRecognizerValue = 0x101F4A71;
32 const TUid KUidMimeCertRecognizer = { KCertificateRecognizerValue };
35 _LIT8( KDataTypeWAPCertificateResponse, "application/vnd.wap.cert-response" );
36 _LIT8( KDataTypeX509_USER_Certificate, "application/x-x509-user-cert" );
39 _LIT8( KDataTypeX509_CA_Certificate, "application/x-x509-ca-cert" );
40 _LIT8( KDataTypeWAP_WTLS_CA_Certificate, "application/vnd.wap.wtls-ca-certificate" );
42 const TInt KSupportedDataTypesTotal = 3;
44 const TInt KX509MinBufferLength = 30;
45 const TInt KCertRecMaxBufferLength = 80;
47 const TInt KASN1SequenceTagValue = 0x30;
48 const TInt KASN1SequenceTwoBytesLength = 0x82;
49 const TInt KASN1SequenceThreeBytesLength = 0x83;
50 const TInt KASN1VersionWrapperTagValue = 0xA0;
51 const TInt KASN1VersionWrapperLengthValue = 0x03;
52 const TInt KASN1VersionLengthValue = 0x01;
53 enum { EX509VersionValue1 = 0x00, EX509VersionValue2 = 0x01, EX509VersionValue3 = 0x02 };
54 const TInt KWTLSCertificateVersionValue = 0x01;
58 // ----------------------------------------------------------------------------
59 // CApaCertificateRecognizer
62 CApaCertificateRecognizer::CApaCertificateRecognizer()
63 : CApaDataRecognizerType( KUidMimeCertRecognizer, CApaDataRecognizerType::ENormal )
65 iCountDataTypes = KSupportedDataTypesTotal;
70 TUint CApaCertificateRecognizer::PreferredBufSize()
72 return KCertRecMaxBufferLength;
77 TDataType CApaCertificateRecognizer::SupportedDataTypeL( TInt aIndex ) const
79 __ASSERT_DEBUG( aIndex >= 0 && aIndex < KSupportedDataTypesTotal,
80 User::Panic( _L("RECCERT"), 0 ) );
84 return TDataType( KDataTypeX509_CA_Certificate );
86 return TDataType( KDataTypeWAP_WTLS_CA_Certificate );
87 // Used to prevent warning about return paths not all returning a value
89 return TDataType( KDataTypeWAPCertificateResponse );
95 void CApaCertificateRecognizer::DoRecognizeL( const TDesC& aName, const TDesC8& aBuffer )
98 RFile* filePtr = FilePassedByHandleL();
101 ReadFileAndRecognizeL(*filePtr);
105 //Connect to file server
107 User::LeaveIfError(fs.Connect());
108 CleanupClosePushL(fs);
110 // See if the data is passed by filename
112 TInt ret = fileToRead.Open(fs, aName, EFileRead | EFileShareReadersOnly | EFileStream);
113 CleanupClosePushL(fileToRead);
116 //Try the preferred buffer size first
117 ReadFileAndRecognizeL(fileToRead);
120 // If not passed by file name, can try to recognize buffer.
122 DoRecognizeBufferL(aBuffer, EFalse, fileToRead);
125 CleanupStack::PopAndDestroy(2); //fileToRead, fs
129 void CApaCertificateRecognizer::ReadFileAndRecognizeL(RFile& aFileToRead)
131 TInt size=PreferredBufSize();
132 HBufC8* memForFile = HBufC8::NewLC(size);
133 TPtr8 preferredBuffer(memForFile->Des());
134 User::LeaveIfError(aFileToRead.Read(preferredBuffer, size));
135 DoRecognizeBufferL(preferredBuffer, ETrue, aFileToRead);
136 CleanupStack::PopAndDestroy(memForFile); //memForFile
139 void CApaCertificateRecognizer::DoRecognizeBufferL(const TDesC8& aBuffer, TBool aIsFile, RFile& aFile)
141 // Ensure length is sufficient for checking type
142 if ( aBuffer.Size() >= 1 )
144 // First byte of X.509 certificate is an ANS.1 SEQUENCE tag
145 if ( aBuffer[0] == KASN1SequenceTagValue )
147 RecognizeX509CertL( aBuffer, aIsFile, aFile);
149 // First byte of WTLS certificate is version == 1
150 else if ( aBuffer[0] == KWTLSCertificateVersionValue )
152 RecognizeWTLSCertOrCertResponse( aBuffer, aIsFile, aFile);
158 void CApaCertificateRecognizer::RecognizeX509CertL( const TDesC8& aBuffer, TBool aIsFile, RFile& aFile )
161 //Basic check if this is a X509 certificate
162 TBool isCertV1orV2(EFalse);
163 TInt bufferSize = aBuffer.Size();
164 if ( bufferSize < KX509MinBufferLength )
169 // Check first sequence length byte and skip over the length value bytes
170 if ( aBuffer[index] == KASN1SequenceTwoBytesLength )
174 else if ( aBuffer[index] == KASN1SequenceThreeBytesLength )
182 // Check next byte that is another sequence start
183 if ( aBuffer[index] != KASN1SequenceTagValue )
188 // Check second sequence length byte and skip over the length value bytes
189 if ( aBuffer[index] == KASN1SequenceTwoBytesLength )
193 else if ( aBuffer[index] == KASN1SequenceThreeBytesLength )
201 // Check for VERSION field
202 if ( aBuffer[index] == KASN1VersionWrapperTagValue )
205 if ( aBuffer[index] != KASN1VersionWrapperLengthValue )
210 if ( aBuffer[index] != EASN1Integer )
215 if ( aBuffer[index] != KASN1VersionLengthValue )
221 // The cert is X509 v1 or v2
222 if (aBuffer[index] == EX509VersionValue1 ||
223 aBuffer[index] == EX509VersionValue2)
228 // The cert is neither X509 v1 nor v2
230 // The cert is not v3 as well
231 if (aBuffer[index] != EX509VersionValue3)
243 // Check for SerialNumber field
244 if ( aBuffer[index] != EASN1Integer )
249 TInt serialNumberSize = aBuffer[index];
251 index += serialNumberSize;
252 // 1 is added for the next increments of index
253 if((index + 1) >= bufferSize)
257 // Check for SIGNATURE field
258 if ( aBuffer[index] != KASN1SequenceTagValue )
263 TInt signatureSize = aBuffer[index];
265 index += signatureSize;
266 if(index >= bufferSize)
271 // if the certificate is passed by the buffer, but not file name
274 // Check only the starting TAG byte of the NAME field
275 if ( aBuffer[index] == KASN1SequenceTagValue )
277 iDataType = TDataType( KDataTypeX509_CA_Certificate );
278 iConfidence = EProbable;
282 // if the certificate is passed by file name
284 if (!isCertV1orV2) // x509 V3 certificate
288 User::LeaveIfError(aFile.Size(size));
289 HBufC8* memForFile = HBufC8::NewLC(size);
290 TPtr8 fileContent(memForFile->Des());
292 aFile.Seek(ESeekStart, pos);
293 User::LeaveIfError(aFile.Read(fileContent, size));
294 RecognizeWholeX509CertificateL(fileContent);
295 CleanupStack::PopAndDestroy(memForFile);//memForFile
297 else // x509 V1 or V2 certificate
299 iDataType = TDataType( KDataTypeX509_CA_Certificate );
300 iConfidence = EProbable;
306 void CApaCertificateRecognizer::RecognizeWholeX509CertificateL(const TDesC8& aBuffer)
308 CX509Certificate* cert = CX509Certificate::NewLC(aBuffer);
311 const CX509CertExtension* certExt = cert->Extension(KBasicConstraints);
314 CX509BasicConstraintsExt* basic = CX509BasicConstraintsExt::NewLC(certExt->Data());
317 iDataType = TDataType( KDataTypeX509_CA_Certificate );
318 iConfidence = EProbable;
322 iDataType = TDataType( KDataTypeX509_USER_Certificate );
323 iConfidence = EProbable;
325 CleanupStack::PopAndDestroy(basic); //basic
329 iDataType = TDataType( KDataTypeX509_USER_Certificate );
330 iConfidence = EProbable;
333 CleanupStack::PopAndDestroy(cert); //cert
338 void CApaCertificateRecognizer::RecognizeWTLSCertOrCertResponse( const TDesC8& aBuffer, TBool /*aIsFile*/, RFile& /*aFile*/ )
340 if ( aBuffer.Size() >= 3 )
342 // Check next byte is signature algorithm value from 0 - 2
343 if ( aBuffer[1] == 0x00 || aBuffer[1] == 0x01 || aBuffer[1] == 0x02 )
345 // Check Identifier Type for Issuer Identifier
346 if ( aBuffer[2] == 0x01 )
348 iDataType = TDataType( KDataTypeWAP_WTLS_CA_Certificate );
352 iDataType = TDataType( KDataTypeWAPCertificateResponse );
354 iConfidence = EPossible;
359 CApaDataRecognizerType* CApaCertificateRecognizer::CreateRecognizerL()
361 return new (ELeave) CApaCertificateRecognizer();
364 const TImplementationProxy ImplementationTable[] =
366 IMPLEMENTATION_PROXY_ENTRY(0x102034A2, CApaCertificateRecognizer::CreateRecognizerL)
369 EXPORT_C const TImplementationProxy* ImplementationGroupProxy(TInt& aTableCount)
371 aTableCount = sizeof(ImplementationTable) / sizeof(TImplementationProxy);
372 return ImplementationTable;