278 iCertsMetadataPath = "C"; |
278 iCertsMetadataPath = "C"; |
279 java::util::JavaOsLayer::getJavaCaptainRoot(iCertsMetadataPath, true); |
279 java::util::JavaOsLayer::getJavaCaptainRoot(iCertsMetadataPath, true); |
280 iCertsMetadataPath.append(KJavaCertsStateDir); |
280 iCertsMetadataPath.append(KJavaCertsStateDir); |
281 iCertsMetadataPath.append(1, KFileSeparator); |
281 iCertsMetadataPath.append(1, KFileSeparator); |
282 no_certs = 0; |
282 no_certs = 0; |
283 loadCertsMetadata(iPrimaryCertsPath); |
283 loadCertsMetadata(iPrimaryCertsPath, true); |
284 loadCertsMetadata(iSecondaryCertsPath); |
284 loadCertsMetadata(iSecondaryCertsPath, false); |
285 |
285 |
286 // loads the metadata of the smart card certificates |
286 // loads the metadata of the smart card certificates |
287 vector<TrustedCertificate> trustedCerts; |
287 vector<TrustedCertificate> trustedCerts; |
288 JavaSmartCardCertificatesReader::retrieveTrustedCertificates(trustedCerts); |
288 JavaSmartCardCertificatesReader::retrieveTrustedCertificates(trustedCerts); |
289 for (int i=0; i<trustedCerts.size(); i++) |
289 for (int i=0; i<trustedCerts.size(); i++) |
332 // reset the changes flag |
332 // reset the changes flag |
333 metadata->changes = false; |
333 metadata->changes = false; |
334 } |
334 } |
335 } |
335 } |
336 |
336 |
337 bool JavaCertStore::readMetadataFromFiles(const std::string& cert_file_name, CERT_METADATA * metadata) |
337 bool JavaCertStore::readMetadataFromFiles(const std::string& aCertsLocation, const std::string& cert_file_name, CERT_METADATA * metadata) |
338 { |
338 { |
339 // there are two types of metadata: |
339 // there are two types of metadata: |
340 // 1) read-only metadata (this metadata resides into file with the same name than |
340 // 1) read-only metadata (this metadata resides into file with the same name than |
341 // certificate file, but with KMetadataSuffix as extension) |
341 // certificate file, but with KMetadataSuffix as extension) |
342 // 2) read-write metadata (this metadata resides into file with the same name than |
342 // 2) read-write metadata (this metadata resides into file with the same name than |
345 size_t ext = cert_file_name.rfind('.'); |
345 size_t ext = cert_file_name.rfind('.'); |
346 if (ext != string::npos) |
346 if (ext != string::npos) |
347 { |
347 { |
348 std::string file_name_without_extension = string(cert_file_name, 0, ext); |
348 std::string file_name_without_extension = string(cert_file_name, 0, ext); |
349 // read-only metadata |
349 // read-only metadata |
350 std::string read_only_metadata_file_name = iPrimaryCertsPath |
350 std::string read_only_metadata_file_name = aCertsLocation |
351 + file_name_without_extension |
351 + file_name_without_extension |
352 + KMetadataSuffix; |
352 + KMetadataSuffix; |
353 std::string read_write_metadata_file_name = iCertsMetadataPath |
353 std::string read_write_metadata_file_name = iCertsMetadataPath |
354 + file_name_without_extension |
354 + file_name_without_extension |
355 + KStateSuffix; |
355 + KStateSuffix; |
356 // read the read-only metadata file */ |
356 // read the read-only metadata file */ |
357 FILE * read_only_metadata_file = fopen(read_only_metadata_file_name.c_str(),"r"); |
357 FILE * read_only_metadata_file = fopen(read_only_metadata_file_name.c_str(),"r"); |
358 if (read_only_metadata_file == NULL) |
|
359 { |
|
360 read_only_metadata_file_name = iSecondaryCertsPath |
|
361 + file_name_without_extension |
|
362 + KMetadataSuffix; |
|
363 read_only_metadata_file = fopen(read_only_metadata_file_name.c_str(),"r"); |
|
364 } |
|
365 if (read_only_metadata_file != NULL) |
358 if (read_only_metadata_file != NULL) |
366 { |
359 { |
367 // save the name of the metadata_file for later use |
360 // save the name of the metadata_file for later use |
368 metadata->file_name = read_write_metadata_file_name; |
361 metadata->file_name = read_write_metadata_file_name; |
369 |
362 |
490 if (state == STATE_UNDEFINED) |
483 if (state == STATE_UNDEFINED) |
491 { |
484 { |
492 // create the file and initialize it with |
485 // create the file and initialize it with |
493 metadata->state = STATE_ENABLED; |
486 metadata->state = STATE_ENABLED; |
494 // create the directory (if it doesn't exist) |
487 // create the directory (if it doesn't exist) |
495 if (mkDirAll(KJavaCertsStateDir)) |
488 std::string certsStateBaseDir = "C"; |
|
489 java::util::JavaOsLayer::getJavaCaptainRoot(certsStateBaseDir, true); |
|
490 if (mkDirAll(KJavaCertsStateDir, certsStateBaseDir)) |
496 { |
491 { |
497 // force the writing |
492 // force the writing |
498 metadata->changes = true; |
493 metadata->changes = true; |
499 writeMetadataIntoFile(metadata); |
494 writeMetadataIntoFile(metadata); |
500 } |
495 } |
698 && strcmp(tmp + (strlen(dirent->d_name) - strlen(KCertSuffix2)),KCertSuffix2) == 0); |
693 && strcmp(tmp + (strlen(dirent->d_name) - strlen(KCertSuffix2)),KCertSuffix2) == 0); |
699 if (strcmp(dirent->d_name,".") |
694 if (strcmp(dirent->d_name,".") |
700 && strcmp(dirent->d_name,"..") |
695 && strcmp(dirent->d_name,"..") |
701 && cert_file) |
696 && cert_file) |
702 { |
697 { |
703 CERT_METADATA * metadata = new CERT_METADATA(); |
698 readCert(aCertsLocation, dirent->d_name); |
704 if (readMetadataFromFiles(dirent->d_name, metadata)) |
699 } |
705 { |
700 } |
706 int len = aCertsLocation.size() + strlen(dirent->d_name) + 1; |
701 closedir(dirp); |
707 metadata->full_path = aCertsLocation + string(dirent->d_name); |
702 } |
708 metadata->data = readCert(metadata->full_path, |
703 } |
709 &(metadata->len)); |
704 |
710 // if the cert already exists, overwrite it: since the primary location is Z and |
705 void JavaCertStore::loadCertsMetadata(std::string aCertsLocation, bool primaryPath) |
711 // the secondary is C, this is a way to update certificates |
706 { |
712 addCertMetadataToCache(metadata, true /* overwrite*/); |
707 if (primaryPath || no_certs == 0) |
|
708 { |
|
709 loadCertsMetadata(aCertsLocation); |
|
710 } |
|
711 else |
|
712 { |
|
713 // secondary path: read only the roots listed into the rootslist |
|
714 std::string rootsListDir = ""; |
|
715 std::string rootsListName = ""; |
|
716 rootsListDir = "C"; |
|
717 java::util::JavaOsLayer::getResRoot(rootsListDir, true); |
|
718 rootsListDir.append(KJavaRootsListDir); |
|
719 rootsListDir.append(1, KFileSeparator); |
|
720 rootsListName.append(KJavaRootsListName); |
|
721 FILE * rootslist = fopen((rootsListDir + rootsListName).c_str(),"r"); |
|
722 if (rootslist != NULL) |
|
723 { |
|
724 // root_file_name |
|
725 int root_file_name_index = 0; |
|
726 char root_file_name[50]; |
|
727 int retval; |
|
728 while ((int)(retval = getc(rootslist))!= EOF) |
|
729 { |
|
730 if (retval == 10 || retval == 13 /* CR or LF */) |
|
731 { |
|
732 if (root_file_name_index > 0) |
|
733 { |
|
734 string rootFileName = string(root_file_name, root_file_name_index); |
|
735 // reset the root file name for the next iteration |
|
736 root_file_name_index = 0; |
|
737 root_file_name[root_file_name_index] = '\0'; |
|
738 readCert(rootsListDir, rootFileName); |
|
739 } |
713 } |
740 } |
714 else |
741 else |
715 { |
742 { |
716 delete metadata; |
743 root_file_name[root_file_name_index] = (char)retval; |
717 metadata = NULL; |
744 root_file_name_index++; |
718 } |
745 root_file_name[root_file_name_index] = '\0'; |
719 } |
746 } |
720 } |
747 } |
721 closedir(dirp); |
748 if (root_file_name_index > 0) |
722 } |
749 { |
723 } |
750 string rootFileName = string(root_file_name, root_file_name_index); |
|
751 // read the root |
|
752 readCert(rootsListDir, rootFileName); |
|
753 } |
|
754 fclose(rootslist); |
|
755 } |
|
756 } |
|
757 } |
|
758 |
|
759 void JavaCertStore::readCert(const std::string& aCertsLocation, const std::string& aCertFileName) |
|
760 { |
|
761 CERT_METADATA * metadata = new CERT_METADATA(); |
|
762 if (readMetadataFromFiles(aCertsLocation, aCertFileName, metadata)) |
|
763 { |
|
764 int len = aCertsLocation.size() + aCertFileName.size() + 1; |
|
765 metadata->full_path = aCertsLocation + aCertFileName; |
|
766 metadata->data = readCert(metadata->full_path, |
|
767 &(metadata->len)); |
|
768 // if the cert already exists, overwrite it: since the primary location is Z and |
|
769 // the secondary is C, this is a way to update certificates |
|
770 addCertMetadataToCache(metadata, true /* overwrite*/); |
|
771 } |
|
772 else |
|
773 { |
|
774 delete metadata; |
|
775 metadata = NULL; |
|
776 } |
|
777 } |
|
778 |
724 |
779 |
725 void JavaCertStore::addCertMetadataToCache(CERT_METADATA* metadata, bool overwrite) |
780 void JavaCertStore::addCertMetadataToCache(CERT_METADATA* metadata, bool overwrite) |
726 { |
781 { |
727 vector<CERT_METADATA *>::iterator startIterator; |
782 vector<CERT_METADATA *>::iterator startIterator; |
728 startIterator = iCertsMetadata.begin(); |
783 startIterator = iCertsMetadata.begin(); |
765 int startPos = 0; |
820 int startPos = 0; |
766 int endPos = dirPath.find(KFileSeparator); |
821 int endPos = dirPath.find(KFileSeparator); |
767 while (endPos > startPos) |
822 while (endPos > startPos) |
768 { |
823 { |
769 currentDirPath += dirPath.substr(startPos, endPos - startPos) + KFileSeparator; |
824 currentDirPath += dirPath.substr(startPos, endPos - startPos) + KFileSeparator; |
770 int mkdir_result = mkdir(currentDirPath.c_str(), 0666); |
825 int mkdir_result = mkdir((aBaseDir + currentDirPath).c_str(), 0666); |
771 if (mkdir_result != 0 && errno != EEXIST) |
826 if (mkdir_result != 0 && errno != EEXIST) |
772 { |
827 { |
773 return false; |
828 return false; |
774 } |
829 } |
775 startPos = endPos + 1; |
830 startPos = endPos + 1; |
776 endPos = dirPath.find(KFileSeparator, startPos); |
831 endPos = dirPath.find(KFileSeparator, startPos); |
777 } |
832 } |
778 // the last round |
833 // the last round |
779 currentDirPath += dirPath.substr(startPos, dirPath.size() - startPos); |
834 currentDirPath += dirPath.substr(startPos, dirPath.size() - startPos); |
780 int mkdir_result = mkdir(currentDirPath.c_str(), 0666); |
835 int mkdir_result = mkdir((aBaseDir + currentDirPath).c_str(), 0666); |
781 if (mkdir_result != 0 && errno != EEXIST) |
836 if (mkdir_result != 0 && errno != EEXIST) |
782 { |
837 { |
783 return false; |
838 return false; |
784 } |
839 } |
785 return true; |
840 return true; |